- Added extra regression and coverage tests for ASN parsing of CRL and Key data
This commit is contained in:
Paul Bakker
parent
635f4b4cf9
commit
6b0fa4f33b
2 changed files with 126 additions and 6 deletions
|
|
@ -59,13 +59,13 @@ X509 CRL Information SHA512 Digest
|
|||
x509_crl_info:"data_files/crl_sha512.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA+SHA512\n"
|
||||
|
||||
X509 Parse Key #1 (No password when required)
|
||||
x509parse_key:"data_files/test-ca.key":NULL:POLARSSL_ERR_X509_KEY_PASSWORD_REQUIRED
|
||||
x509parse_keyfile:"data_files/test-ca.key":NULL:POLARSSL_ERR_X509_KEY_PASSWORD_REQUIRED
|
||||
|
||||
X509 Parse Key #2 (Correct password)
|
||||
x509parse_key:"data_files/test-ca.key":"PolarSSLTest":0
|
||||
x509parse_keyfile:"data_files/test-ca.key":"PolarSSLTest":0
|
||||
|
||||
X509 Parse Key #3 (Wrong password)
|
||||
x509parse_key:"data_files/test-ca.key":"PolarSSLWRONG":POLARSSL_ERR_X509_KEY_PASSWORD_MISMATCH
|
||||
x509parse_keyfile:"data_files/test-ca.key":"PolarSSLWRONG":POLARSSL_ERR_X509_KEY_PASSWORD_MISMATCH
|
||||
|
||||
X509 Get Distinguished Name #1
|
||||
x509_dn_gets:"data_files/server1.crt":subject:"C=NL, O=PolarSSL, CN=PolarSSL Server 1"
|
||||
|
|
@ -337,3 +337,74 @@ x509parse_crt:"30819f308189a0030201008204deadbeef300d06092a864886f70d01010205003
|
|||
X509 Certificate ASN1 (Name with unknown PKCS9 part)
|
||||
x509parse_crt:"30819f308189a0030201008204deadbeef300d06092a864886f70d010102050030153113301106092a864886f70d0109ab130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: 0xAB=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA+MD2\nRSA key size \: 128 bits\n":0
|
||||
|
||||
X509 CRL ASN1 (Incorrect first tag)
|
||||
x509parse_crl:"":"":POLARSSL_ERR_X509_CERT_INVALID_FORMAT
|
||||
|
||||
X509 CRL ASN1 (Correct first tag, data length does not match)
|
||||
x509parse_crl:"300000":"":POLARSSL_ERR_X509_CERT_INVALID_FORMAT | POLARSSL_ERR_ASN1_LENGTH_MISMATCH
|
||||
|
||||
X509 CRL ASN1 (TBSCertList, tag missing)
|
||||
x509parse_crl:"3000":"":POLARSSL_ERR_X509_CERT_INVALID_FORMAT | POLARSSL_ERR_ASN1_OUT_OF_DATA
|
||||
|
||||
X509 CRL ASN1 (TBSCertList, version tag len missing)
|
||||
x509parse_crl:"30033001a0":"":POLARSSL_ERR_ASN1_OUT_OF_DATA
|
||||
|
||||
X509 CRL ASN1 (TBSCertList, version correct, alg missing)
|
||||
x509parse_crl:"30073005a003020100":"":POLARSSL_ERR_X509_CERT_INVALID_ALG | POLARSSL_ERR_ASN1_OUT_OF_DATA
|
||||
|
||||
X509 CRL ASN1 (TBSCertList, alg correct, incorrect version)
|
||||
x509parse_crl:"300d300ba003020102300406000500":"":POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION
|
||||
|
||||
X509 CRL ASN1 (TBSCertList, correct version, sig_oid1 unknown)
|
||||
x509parse_crl:"300d300ba003020100300406000500":"":POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG
|
||||
|
||||
X509 CRL ASN1 (TBSCertList, sig_oid1 id unknown)
|
||||
x509parse_crl:"30163014a003020100300d06092a864886f70d01010f0500":"":POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG
|
||||
|
||||
X509 CRL ASN1 (TBSCertList, sig_oid1 correct, issuer missing)
|
||||
x509parse_crl:"30163014a003020100300d06092a864886f70d01010e0500":"":POLARSSL_ERR_X509_CERT_INVALID_FORMAT | POLARSSL_ERR_ASN1_OUT_OF_DATA
|
||||
|
||||
X509 CRL ASN1 (TBSCertList, issuer set missing)
|
||||
x509parse_crl:"30183016a003020100300d06092a864886f70d01010e05003000":"":POLARSSL_ERR_X509_CERT_INVALID_NAME | POLARSSL_ERR_ASN1_OUT_OF_DATA
|
||||
|
||||
X509 CRL ASN1 (TBSCertList, correct issuer, thisUpdate missing)
|
||||
x509parse_crl:"30273025a003020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344":"":POLARSSL_ERR_X509_CERT_INVALID_DATE | POLARSSL_ERR_ASN1_OUT_OF_DATA
|
||||
|
||||
X509 CRL ASN1 (TBSCertList, correct thisUpdate, nextUpdate missing, entries length missing)
|
||||
x509parse_crl:"30363034a003020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c30393031303130303030303030":"":POLARSSL_ERR_ASN1_OUT_OF_DATA
|
||||
|
||||
X509 CRL ASN1 (TBSCertList, entries present, invalid sig_alg)
|
||||
x509parse_crl:"304c3049a003020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c30383132333132333539353900":"":POLARSSL_ERR_X509_CERT_INVALID_ALG | POLARSSL_ERR_ASN1_UNEXPECTED_TAG
|
||||
|
||||
X509 CRL ASN1 (TBSCertList, entries present, date in entry invalid)
|
||||
x509parse_crl:"304c3049a003020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd180c30383132333132333539353900":"":POLARSSL_ERR_X509_CERT_INVALID_DATE | POLARSSL_ERR_ASN1_UNEXPECTED_TAG
|
||||
|
||||
X509 CRL ASN1 (TBSCertList, sig_alg present, sig_alg does not match)
|
||||
x509parse_crl:"305a3049a003020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010d0500":"":POLARSSL_ERR_X509_CERT_SIG_MISMATCH
|
||||
|
||||
X509 CRL ASN1 (TBSCertList, sig present)
|
||||
x509parse_crl:"305f3049a003020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e05000302000100":"":POLARSSL_ERR_X509_CERT_INVALID_FORMAT | POLARSSL_ERR_ASN1_LENGTH_MISMATCH
|
||||
|
||||
X509 CRL ASN1 (TBSCertList, sig present)
|
||||
x509parse_crl:"305e3049a003020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"CRL version \: 1\nissuer name \: CN=ABCD\nthis update \: 2009-01-01 00\:00\:00\nnext update \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nserial number\: AB\:CD revocation date\: 2008-12-31 23\:59\:59\nsigned using \: RSA+SHA224\n":0
|
||||
|
||||
X509 Key ASN1 (Incorrect first tag)
|
||||
x509parse_key:"":"":POLARSSL_ERR_X509_KEY_INVALID_FORMAT | POLARSSL_ERR_ASN1_OUT_OF_DATA
|
||||
|
||||
X509 Key ASN1 (RSAPrivateKey, incorrect version tag)
|
||||
x509parse_key:"300100":"":POLARSSL_ERR_X509_KEY_INVALID_FORMAT | POLARSSL_ERR_ASN1_UNEXPECTED_TAG
|
||||
|
||||
X509 Key ASN1 (RSAPrivateKey, version tag missing)
|
||||
x509parse_key:"3000":"":POLARSSL_ERR_X509_KEY_INVALID_FORMAT | POLARSSL_ERR_ASN1_OUT_OF_DATA
|
||||
|
||||
X509 Key ASN1 (RSAPrivateKey, invalid version)
|
||||
x509parse_key:"3003020101":"":POLARSSL_ERR_X509_KEY_INVALID_VERSION
|
||||
|
||||
X509 Key ASN1 (RSAPrivateKey, correct version, incorrect tag)
|
||||
x509parse_key:"300402010000":"":POLARSSL_ERR_X509_KEY_INVALID_FORMAT | POLARSSL_ERR_ASN1_UNEXPECTED_TAG
|
||||
|
||||
X509 Key ASN1 (RSAPrivateKey, values present, length mismatch)
|
||||
x509parse_key:"301c02010002010102010102010102010102010102010102010102010100":"":POLARSSL_ERR_X509_KEY_INVALID_FORMAT | POLARSSL_ERR_ASN1_LENGTH_MISMATCH
|
||||
|
||||
X509 Key ASN1 (RSAPrivateKey, values present, check_privkey fails)
|
||||
x509parse_key:"301b020100020101020101020101020101020101020101020101020101":"":POLARSSL_ERR_RSA_KEY_CHECK_FAILED
|
||||
|
|
|
|||
|
|
@ -105,7 +105,7 @@ x509_time_expired:crt_file:entity:result
|
|||
END_CASE
|
||||
|
||||
BEGIN_CASE
|
||||
x509parse_key:key_file:password:result
|
||||
x509parse_keyfile:key_file:password:result
|
||||
{
|
||||
rsa_context rsa;
|
||||
int res;
|
||||
|
|
@ -137,8 +137,6 @@ x509parse_crt:crt_data:result_str:result
|
|||
|
||||
data_len = unhexify( buf, {crt_data} );
|
||||
|
||||
res = x509parse_crt( &crt, buf, data_len );
|
||||
|
||||
TEST_ASSERT( x509parse_crt( &crt, buf, data_len ) == ( {result} ) );
|
||||
if( ( {result} ) == 0 )
|
||||
{
|
||||
|
|
@ -152,6 +150,57 @@ x509parse_crt:crt_data:result_str:result
|
|||
}
|
||||
END_CASE
|
||||
|
||||
BEGIN_CASE
|
||||
x509parse_crl:crl_data:result_str:result
|
||||
{
|
||||
x509_crl crl;
|
||||
unsigned char buf[2000];
|
||||
unsigned char output[2000];
|
||||
int data_len, res;
|
||||
|
||||
memset( &crl, 0, sizeof( x509_crl ) );
|
||||
memset( buf, 0, 2000 );
|
||||
memset( output, 0, 2000 );
|
||||
|
||||
data_len = unhexify( buf, {crl_data} );
|
||||
|
||||
TEST_ASSERT( x509parse_crl( &crl, buf, data_len ) == ( {result} ) );
|
||||
if( ( {result} ) == 0 )
|
||||
{
|
||||
res = x509parse_crl_info( (char *) output, 2000, "", &crl );
|
||||
|
||||
TEST_ASSERT( res != -1 );
|
||||
TEST_ASSERT( res != -2 );
|
||||
|
||||
TEST_ASSERT( strcmp( (char *) output, {result_str} ) == 0 );
|
||||
}
|
||||
}
|
||||
END_CASE
|
||||
|
||||
BEGIN_CASE
|
||||
x509parse_key:key_data:result_str:result
|
||||
{
|
||||
rsa_context rsa;
|
||||
unsigned char buf[2000];
|
||||
unsigned char output[2000];
|
||||
int data_len, res;
|
||||
|
||||
memset( &rsa, 0, sizeof( rsa_context ) );
|
||||
memset( buf, 0, 2000 );
|
||||
memset( output, 0, 2000 );
|
||||
|
||||
data_len = unhexify( buf, {key_data} );
|
||||
|
||||
res = x509parse_key( &rsa, buf, data_len, NULL, 0 );
|
||||
|
||||
TEST_ASSERT( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( {result} ) );
|
||||
if( ( {result} ) == 0 )
|
||||
{
|
||||
TEST_ASSERT( 1 );
|
||||
}
|
||||
}
|
||||
END_CASE
|
||||
|
||||
BEGIN_CASE
|
||||
x509_selftest:
|
||||
{
|
||||
|
|
|
|||
Loading…
Reference in a new issue