Merge pull request #7441 from gilles-peskine-arm/mbedtls_x509_crt_parse_path-qemu-bug
More mbedtls_x509_crt_parse_path() tests, and note qemu-user bug when 32-bit code run on 64-bit host
This commit is contained in:
commit
7dbd2bf90c
2 changed files with 50 additions and 10 deletions
|
@ -2051,11 +2051,11 @@ x509parse_crt:"3081b030819aa0030201028204deadbeef300d06092a864886f70d01010b05003
|
|||
|
||||
X509 CRT ASN1 (inv extBasicConstraint, pathlen is INT_MAX)
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1
|
||||
x509parse_crt_file:"data_files/parse_input/server1_pathlen_int_max.crt":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH
|
||||
mbedtls_x509_crt_parse_file:"data_files/parse_input/server1_pathlen_int_max.crt":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH:0
|
||||
|
||||
X509 CRT ASN1 (pathlen is INT_MAX-1)
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1
|
||||
x509parse_crt_file:"data_files/parse_input/server1_pathlen_int_max-1.crt":0
|
||||
mbedtls_x509_crt_parse_file:"data_files/parse_input/server1_pathlen_int_max-1.crt":0:1
|
||||
|
||||
X509 CRT ASN1 (TBS, inv extBasicConstraint, pathlen inv length encoding)
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256
|
||||
|
@ -2575,15 +2575,29 @@ X509 CRL ASN1 (extension not critical explicit, crl-idp.pem byte 129)
|
|||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO
|
||||
x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c010100041f301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2018-03-14 07\:31\:48\nnext update \: 2028-03-14 07\:31\:48\nRevoked certificates\:\nsigned using \: RSA with SHA-256\n":0
|
||||
|
||||
X509 CRT parse path #2 (one cert)
|
||||
X509 CRT parse file dir3/Readme
|
||||
mbedtls_x509_crt_parse_file:"data_files/dir3/Readme":MBEDTLS_ERR_X509_INVALID_FORMAT:0
|
||||
|
||||
X509 CRT parse file dir3/test-ca.crt
|
||||
depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C
|
||||
mbedtls_x509_crt_parse_file:"data_files/dir3/test-ca.crt":0:1
|
||||
|
||||
X509 CRT parse file dir3/test-ca2.crt
|
||||
depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
mbedtls_x509_crt_parse_file:"data_files/dir3/test-ca2.crt":0:1
|
||||
|
||||
# The parse_path tests are known to fail when compiled for a 32-bit architecture
|
||||
# and run via qemu-user on Linux on a 64-bit host. This is due to a known
|
||||
# bug in Qemu: https://gitlab.com/qemu-project/qemu/-/issues/263
|
||||
X509 CRT parse path #1 (one cert)
|
||||
depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C
|
||||
mbedtls_x509_crt_parse_path:"data_files/dir1":0:1
|
||||
|
||||
X509 CRT parse path #3 (two certs)
|
||||
X509 CRT parse path #2 (two certs)
|
||||
depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
mbedtls_x509_crt_parse_path:"data_files/dir2":0:2
|
||||
|
||||
X509 CRT parse path #4 (two certs, one non-cert)
|
||||
X509 CRT parse path #3 (two certs, one non-cert)
|
||||
depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
mbedtls_x509_crt_parse_path:"data_files/dir3":1:2
|
||||
|
||||
|
@ -3083,23 +3097,23 @@ mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_ex
|
|||
|
||||
X509 File parse (no issues)
|
||||
depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C
|
||||
x509parse_crt_file:"data_files/parse_input/server7_int-ca.crt":0
|
||||
mbedtls_x509_crt_parse_file:"data_files/parse_input/server7_int-ca.crt":0:2
|
||||
|
||||
X509 File parse (extra space in one certificate)
|
||||
depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C
|
||||
x509parse_crt_file:"data_files/parse_input/server7_pem_space.crt":1
|
||||
mbedtls_x509_crt_parse_file:"data_files/parse_input/server7_pem_space.crt":1:1
|
||||
|
||||
X509 File parse (all certificates fail)
|
||||
depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_RSA_C
|
||||
x509parse_crt_file:"data_files/parse_input/server7_all_space.crt":MBEDTLS_ERR_PEM_INVALID_DATA + MBEDTLS_ERR_BASE64_INVALID_CHARACTER
|
||||
mbedtls_x509_crt_parse_file:"data_files/parse_input/server7_all_space.crt":MBEDTLS_ERR_PEM_INVALID_DATA + MBEDTLS_ERR_BASE64_INVALID_CHARACTER:0
|
||||
|
||||
X509 File parse (trailing spaces, OK)
|
||||
depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C
|
||||
x509parse_crt_file:"data_files/parse_input/server7_trailing_space.crt":0
|
||||
mbedtls_x509_crt_parse_file:"data_files/parse_input/server7_trailing_space.crt":0:2
|
||||
|
||||
X509 File parse (Algorithm Params Tag mismatch)
|
||||
depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C
|
||||
x509parse_crt_file:"data_files/parse_input/cli-rsa-sha256-badalg.crt.der":MBEDTLS_ERR_X509_SIG_MISMATCH
|
||||
mbedtls_x509_crt_parse_file:"data_files/parse_input/cli-rsa-sha256-badalg.crt.der":MBEDTLS_ERR_X509_SIG_MISMATCH:0
|
||||
|
||||
X509 Get time (UTC no issues)
|
||||
depends_on:MBEDTLS_X509_USE_C
|
||||
|
|
|
@ -1277,6 +1277,32 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
|
||||
void mbedtls_x509_crt_parse_file(char *crt_path, int ret, int nb_crt)
|
||||
{
|
||||
mbedtls_x509_crt chain, *cur;
|
||||
int i;
|
||||
|
||||
mbedtls_x509_crt_init(&chain);
|
||||
USE_PSA_INIT();
|
||||
|
||||
TEST_EQUAL(mbedtls_x509_crt_parse_file(&chain, crt_path), ret);
|
||||
|
||||
/* Check how many certs we got */
|
||||
for (i = 0, cur = &chain; cur != NULL; cur = cur->next) {
|
||||
if (cur->raw.p != NULL) {
|
||||
i++;
|
||||
}
|
||||
}
|
||||
|
||||
TEST_EQUAL(i, nb_crt);
|
||||
|
||||
exit:
|
||||
mbedtls_x509_crt_free(&chain);
|
||||
USE_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
|
||||
void mbedtls_x509_crt_parse_path(char *crt_path, int ret, int nb_crt)
|
||||
{
|
||||
|
|
Loading…
Reference in a new issue