Added test case for pathlen constrains in intermediate certificates

This commit is contained in:
Janos Follath 2015-10-11 10:25:22 +02:00
parent c4e7d8a381
commit 822b2c33b9
6 changed files with 104 additions and 0 deletions

View file

@ -0,0 +1,18 @@
-----BEGIN CERTIFICATE-----
MIIC9zCCAd+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0
IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMBYxFDASBgNV
BAMTC1Rlc3Qgcm9vdCAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
hqLw+KDH8+tkX9hphnydOZFoueGTY5v8WdYI6KZXoIln9IAu4Rmb6M59uLziXurg
VKuwBqOkbUZsIY0NOA6C8FpdjZL1di8Viq669vBBs9c+x9hKpx8/VVcZfTaGgqni
h5XiivQynBQ4E2KOxEQ+VjUMDqIBHYG1VXWs4KMkAeJsqDYHtmS4XsC9TXTIri5S
9IX4mE5A9+ngSTo0/6Sjwcd27uO2IQHXDC7jkxX5OH5jFPAqsVKTYDeWlCU7bvbr
iy1H9Z9uCl+M7unbAl8BKQ8leOnno3KO3lQQAPGP2EFRT0XMuUXJnfydPbzMa9FY
ufB1I8zCBZviPvO/Of3yrwIDAQABo1AwTjAMBgNVHRMEBTADAQEBMB0GA1UdDgQW
BBSUHSH6gjrYFZnS1gDvk7BpfwTKwDAfBgNVHSMEGDAWgBSUHSH6gjrYFZnS1gDv
k7BpfwTKwDANBgkqhkiG9w0BAQsFAAOCAQEATLqZGFEBO+2IiHjkn7pBkAuktmHm
jkkuFLONwe0vlxZFaabaFqSgkoS5eZ50D0dmuUkpJRNMnGK1B/ja5RewtAdxD6us
VT8JpeWYkhxaSIHjUW95jJLMVr17it8jHawI05tD26nqDjTq3C2rM4ExpAaK/Dgv
83ZHe4IdvenkXckDMIjmSsK0GfomZmKvmnfxhg4FnQvZGI48JJUqPA2dHxRhUyr4
ohBmH5Xi5oLICd85GRi8YqD00agKL99EjGulaKNEdsQkrC4ZvY6QDV0EEnbu8b4R
GfiA42UWN2dKNSqNhBOrP9g5yTcIWXh1Dwpd1Z9vhBCwmBegPqqM5IM1dQ==
-----END CERTIFICATE-----

View file

@ -0,0 +1,19 @@
-----BEGIN CERTIFICATE-----
MIIDCjCCAfKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0
IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMCYxJDAiBgNV
BAMTG1Rlc3QgaW50ZXJtZWRpYXRlIG1heHBhdGggMTCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBANJrP7/Y+KjupvlgaOmQYArfGuoh3CzcdPe/mlhq+fxD
8U9qzgSVuVR+FpNZi9DyMljMBrWV1OnZI+cVCDYYkNMa3IkV+AkzJGqwcSBKE+6N
RXZvv+I4xbGymdSSaT6Kh1PgPVk/EYNfLFF30pBsycjM81aMtZgW6aA9xCSp0r8W
XkZodsrJUQerDh/7VmDVEeKanZog8auvrvs/ENiA8d4p/75lOIER4nLz6SSn5Eqy
uXzNCwmT5PVwWStXbDD7EBs3rOtR2VNWQ9o6QdfKQOe/SkIddZr1IWGEJ8JHjtNo
jxcYO67A+Jgp1Jwjk+83eRICs0hlWyeHWfBlbOVIKLcCAwEAAaNTMFEwDwYDVR0T
BAgwBgEBAQIBADAdBgNVHQ4EFgQUyw8Phy/FAvifGQ+G6HWkMiWzyqUwHwYDVR0j
BBgwFoAUlB0h+oI62BWZ0tYA75OwaX8EysAwDQYJKoZIhvcNAQELBQADggEBACFS
6tFy9TpVMUfh1mkr3rFEVtho0NJkRhJW8z2PTmKQa069S9gS+U6+CsqwvM1y3yyh
Pt2q34fhhhbQ+gS8iAm+zvQtBsys3frfVkeKmRzxWDh2LnT+tJi/xtqdlULua5NB
21So46HdlceDTuv2vUbrHgxUS/IEjIL6OZZ0Sc6S6YybvGSioGsRUHO2k2IiOnUa
C+hpBvOkXScnItfdMKAAce71CsZeN97sbxeNIMBDiX9bSy+dZLscEhRwBUABiNr/
sYdYvIpbrFXowjMtBdac+vvhcem7dkCrCdsGylGINWhE2tC9hKmFkFXo4mu/AGDS
M4/59TlMeK8X+WZ9zBs=
-----END CERTIFICATE-----

View file

@ -0,0 +1,19 @@
-----BEGIN CERTIFICATE-----
MIIDFzCCAf+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0
IGludGVybWVkaWF0ZSBtYXhwYXRoIDEwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx
MjM1OTU5WjAmMSQwIgYDVQQDExtUZXN0IGludGVybWVkaWF0ZSBtYXhwYXRoIDIw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs0qdKXytu/GTKpa2H0CE3
OPSIMM2hiYbavzUroyL+hFv9XVoxh5CGnVUxK7B9ifVvzyElrcV7tjuIlGwp1hLH
tx/YU22xksI/n5/NS/qrxkK5xjwEWB9lx93rwLK0QnfjYRZrir7yySoBKi6IlHOv
GOwl0V/JAslMWwUZlFmvYvoCWSWGrDAkxWVnHq+HoZ7YoM/bdJdsIIJYe3tt7L8D
cJVP5dQ8jSs8/Ehm8BbG339r3B7v/KdK8zuoMig9ag/YOu9jOb0QvYC2HdZoL4WV
N+7aasTQmDGWGOt7fk7AEl0EI8lDvr2O/5q6ad9jRCkxyq3lJwRy+M3MdVKgA1On
AgMBAAGjUDBOMAwGA1UdEwQFMAMBAQEwHQYDVR0OBBYEFM6u5Gkjkxb8PDdQIGKD
D8t1Zv/9MB8GA1UdIwQYMBaAFMsPD4cvxQL4nxkPhuh1pDIls8qlMA0GCSqGSIb3
DQEBCwUAA4IBAQCLpKATt01DUM8wCiDFVSpmpiCBqxnLRfQuY+ta1p+f15LME+cT
94lwaYCfCBtXQYwiuVFYdK8ztWEStPg6BecMLPB2K9gO/talxUoVDumsmR83p+2y
8YJmFHyjr+BShsjP9paCjUQkJiMOiWRpNFNpScv0IOHmb8NLER3vX/tCmxyVHPg/
7tBpDXRD6jOyajYH4KUx6wddcYWb63N9sApVpRHNaqpUKjuiQwfUFZjA7AyK/FUS
/cO3++uq+CkZhBu8vupaznXD4h0E28GbZgvu/F0edB7f0Q5DpnuDJ6HFMYl3A2mM
m8pqKNnRYGCtQwppBYVsoBisga2ymtNud7K+
-----END CERTIFICATE-----

View file

@ -0,0 +1,19 @@
-----BEGIN CERTIFICATE-----
MIIDDDCCAfSgAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0
IGludGVybWVkaWF0ZSBtYXhwYXRoIDIwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx
MjM1OTU5WjAeMRwwGgYDVQQDExNUZXN0IGxlYWYgaW52YWxpZCAzMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6Vc/T2GYTWj7nGZcy2voZyeWkFyfDIy
oexyJe8eyuWX+YqaSCra1JMcww0Jy8e9/6/aI9ezd1d73eZDcW5h61tagCpBki+W
dYh+FJfCdDdPnSkitWOBLKBK21AQ9dxePvkQBEanDdAk2IwasydCoHEiSCqwXNEz
jVJPL38ibbLf9sNO3kk6zOFA3QqVSTJ4BddNh9bHL7y106ekfMhrfyTzSpo3Wj0V
20ThmJZ1NuwYRl3j1XHALP0t8Cp2ZLbXuFsTWqTFNzXj+gWM8b2IfZqmqcew5poZ
4aDkjXXOizRxDPxCHp7rLz9xv1pIIBxady0YWp+w9vxLxFF6rYBLtQIDAQABo00w
SzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQoF/qrn9WnKV3zOnCwMl99Uhmx8DAfBgNV
HSMEGDAWgBTOruRpI5MW/Dw3UCBigw/LdWb//TANBgkqhkiG9w0BAQsFAAOCAQEA
VUnlX//h3T5Ajc85WNkyTuirhSZtIr6+X/AxH4kR/QG5NiaDxP9H0FzMs5FcMni8
3Rs4d2H3CBs+QB7lm/b+xy26vpORwlVFXScHeTEanuXSVsmGPkn7TAQrPoyZgVUN
uy4TGi8Mlkso4gmgehvgTklIV+Emxy32Abd1lRfI8/vOQ1xTdA7f3X98AfWStTya
DGRsQLZE/Q4/Gh57xNqF0ftBIRwt9TbGlu8AyZiIilVECGvE/gtTwuqpQPOhJQmi
NdYTErgD2Wkw9ohifQFo46AMMU1seehtqijW2pC2UjmV5nboPs0eGQmWrfNCjDOr
sZfh98BafcaFGjz605V36g==
-----END CERTIFICATE-----

View file

@ -1128,6 +1128,10 @@ X509 CRT parse path #4 (two certs, one non-cert)
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
mbedtls_x509_crt_parse_path:"data_files/dir3":1:2
X509 CRT verify path (4 certs)
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert14.crt data_files/dir4/cert13.crt data_files/dir4/cert12.crt":"data_files/dir4/cert11.crt":8
X509 OID description #1
x509_oid_desc:"2B06010505070301":"TLS Web Server Authentication"

View file

@ -427,6 +427,31 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
void mbedtls_x509_crt_verify_chain( char *chain_paths, char *trusted_ca, int ret )
{
char* act;
uint32_t flags;
int res;
mbedtls_x509_crt trusted, chain;
mbedtls_x509_crt_init( &chain );
mbedtls_x509_crt_init( &trusted );
while( (act = strsep( &chain_paths, " " )) )
TEST_ASSERT( mbedtls_x509_crt_parse_file( &chain, act ) == 0 );
TEST_ASSERT( mbedtls_x509_crt_parse_file( &trusted, trusted_ca ) == 0 );
res = mbedtls_x509_crt_verify( &chain, &trusted, NULL, NULL, &flags, NULL, NULL );
TEST_ASSERT( ret == res );
exit:
mbedtls_x509_crt_free( &trusted );
mbedtls_x509_crt_free( &chain );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */
void x509_oid_desc( char *oid_str, char *ref_desc )
{