Commit graph

253 commits

Author SHA1 Message Date
Andres Amaya Garcia
7067f812f8 Add tests for (named) bitstring to suite_asn1write 2019-02-28 09:36:30 +00:00
Jaeden Amero
001626e44e Fix typo in data_file generator code
The file to generate is `server10_int3-bs.pem`, not
`server10-bs_int3-bs.pem`.
2019-02-27 17:17:02 +00:00
Hanno Becker
462c3e5210 Add test for mbedtls_x509_parse_file() with DER encoded CRT 2019-02-08 14:24:58 +00:00
Simon Butcher
8e763329ad Merge remote-tracking branch 'public/pr/2040' into development 2019-01-23 10:28:25 +01:00
Hanno Becker
710f203541 Merge branch 'iotssl-1770' into development_thomas_dee 2018-11-02 10:52:49 +00:00
Hanno Becker
6e1adee42b Regenerate test files
Previous commits have added or modified build instructions for
server1*, server2*, server5*, test-ca*, cli-rsa* in the Makefile
tests/data_files/Makefile, or the apps they invoke have been changed.

This commit regenerates those files to make sure they are in match with
the build instructions.
2018-11-02 10:52:38 +00:00
Hanno Becker
52acdb5926 Add tests for relaxed CRL-CA name comparison
This commit introduces variants test-ca_utf8.crt,
test-ca_printablestring.crt and test-ca_uppercase.crt
of tests/data_files/test-ca.crt which differ from
test-ca.crt in their choice of string encoding and
upper and lower case letters in the DN field. These
changes should be immaterial to the recovation check,
and three tests are added that crl.pem, which applies
to test-ca.crt, is also considered as applying to
test-ca_*.crt.
2018-11-02 10:49:05 +00:00
Hanno Becker
b963081df1 Generate tests/data_files/test-ca_cat[12|21].crt from Makefile 2018-11-02 09:01:52 +00:00
Hanno Becker
386f99c65c Generate cli-rsa* CSRs and CRTs through Mbed TLS applications 2018-11-02 09:01:52 +00:00
Hanno Becker
0dd11396d4 Generate server5.req.ku.sha1 through Mbed TLS application 2018-11-02 09:01:52 +00:00
Hanno Becker
ebc1f40aa0 Generate server2* CSRs and CRTs through Mbed TLS applications 2018-11-02 09:01:52 +00:00
Hanno Becker
b83777532a Generate test-ca* CSRs and CRTs through Mbed TLS applications 2018-11-02 09:01:52 +00:00
Hanno Becker
50cb93a04c Generate server1* CRTs and CSRs through Mbed TLS applications
Previously, CSRs and CRTs from the server1* family in testa/data_files
were generated through OpenSSL. This commit changes the build instructions
to use Mbed TLS' example applications programs/x509/cert_write and
programs/x509/cert_req instead.
2018-11-02 09:01:49 +00:00
Simon Butcher
03de21059d Add additional test case for alternative CSR headers
Add a test case for alternative headers possible for CSR's, as defined in
RFC7468.
2018-10-06 17:19:31 +01:00
Gilles Peskine
e082c18389 pk_write test cases with short/long private key
Add pk_write test cases where the ASN.1 INTEGER encoding of the
private value would not have the mandatory size for the OCTET STRING
that contains the value.

ec_256_long_prv.pem is a random secp256r1 private key, selected so
that the private value is >= 2^255, i.e. the top bit of the first byte
is set (which would cause the INTEGER encoding to have an extra
leading 0 byte).

ec_521_short_prv.pem is a random secp521r1 private key, selected so
that the private value is < 2^519, i.e. the first byte is 0 and the
top bit of the second byte is 0 (which would cause the INTEGER
encoding to have one less 0 byte at the start).
2018-09-05 17:26:31 +02:00
Manuel Pégourié-Gonnard
da19f4c79f Merge branch 'development' into iotssl-1260-non-blocking-ecc-restricted
Summary of merge conflicts:

include/mbedtls/ecdh.h -> documentation style
include/mbedtls/ecdsa.h -> documentation style
include/mbedtls/ecp.h -> alt style, new error codes, documentation style
include/mbedtls/error.h -> new error codes
library/error.c -> new error codes (generated anyway)
library/ecp.c:
    - code of an extracted function was changed
library/ssl_cli.c:
    - code addition on one side near code change on the other side
      (ciphersuite validation)
library/x509_crt.c -> various things
    - top fo file: helper structure added near old zeroize removed
    - documentation of find_parent_in()'s signature: improved on one side,
      added arguments on the other side
    - documentation of find_parent()'s signature: same as above
    - verify_chain(): variables initialised later to give compiler an
      opportunity to warn us if not initialised on a code path
    - find_parent(): funcion structure completely changed, for some reason git
      tried to insert a paragraph of the old structure...
    - merge_flags_with_cb(): data structure changed, one line was fixed with a
      cast to keep MSVC happy, this cast is already in the new version
    - in verify_restratable(): adjacent independent changes (function
      signature on one line, variable type on the next)
programs/ssl/ssl_client2.c:
    - testing for IN_PROGRESS return code near idle() (event-driven):
      don't wait for data in the the socket if ECP_IN_PROGRESS
tests/data_files/Makefile: adjacent independent additions
tests/suites/test_suite_ecdsa.data: adjacent independent additions
tests/suites/test_suite_x509parse.data: adjacent independent additions

* development: (1059 commits)
  Change symlink to hardlink to avoid permission issues
  Fix out-of-tree testing symlinks on Windows
  Updated version number to 2.10.0 for release
  Add a disabled CMAC define in the no-entropy configuration
  Adapt the ARIA test cases for new ECB function
  Fix file permissions for ssl.h
  Add ChangeLog entry for PR#1651
  Fix MicroBlaze register typo.
  Fix typo in doc and copy missing warning
  Fix edit mistake in cipher_wrap.c
  Update CTR doc for the 64-bit block cipher
  Update CTR doc for other 128-bit block ciphers
  Slightly tune ARIA CTR documentation
  Remove double declaration of mbedtls_ssl_list_ciphersuites
  Update CTR documentation
  Use zeroize function from new platform_util
  Move to new header style for ALT implementations
  Add ifdef for selftest in header file
  Fix typo in comments
  Use more appropriate type for local variable
  ...
2018-06-13 09:52:54 +02:00
Jaeden Amero
78a03ec230 Merge remote-tracking branch 'upstream-public/pr/1379' into development-proposed 2018-03-29 10:57:57 +01:00
Gilles Peskine
15ad579895 Merge tag 'mbedtls-2.8.0' into iotssl-1381-x509-verify-refactor-restricted
Conflict resolution:

* ChangeLog
* tests/data_files/Makefile: concurrent additions, order irrelevant
* tests/data_files/test-ca.opensslconf: concurrent additions, order irrelevant
* tests/scripts/all.sh: one comment change conflicted with a code
  addition. In addition some of the additions in the
  iotssl-1381-x509-verify-refactor-restricted branch need support for
  keep-going mode, this will be added in a subsequent commit.
2018-03-23 02:16:22 +01:00
Jethro Beekman
d2df936e67 Fix parsing of PKCS#8 encoded Elliptic Curve keys.
The relevant ASN.1 definitions for a PKCS#8 encoded Elliptic Curve key are:

PrivateKeyInfo ::= SEQUENCE {
  version                   Version,
  privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
  privateKey                PrivateKey,
  attributes           [0]  IMPLICIT Attributes OPTIONAL
}

AlgorithmIdentifier  ::=  SEQUENCE  {
  algorithm   OBJECT IDENTIFIER,
  parameters  ANY DEFINED BY algorithm OPTIONAL
}

ECParameters ::= CHOICE {
  namedCurve         OBJECT IDENTIFIER
  -- implicitCurve   NULL
  -- specifiedCurve  SpecifiedECDomain
}

ECPrivateKey ::= SEQUENCE {
  version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
  privateKey     OCTET STRING,
  parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
  publicKey  [1] BIT STRING OPTIONAL
}

Because of the two optional fields, there are 4 possible variants that need to
be parsed: no optional fields, only parameters, only public key, and both
optional fields. Previously mbedTLS was unable to parse keys with "only
parameters". Also, only "only public key" was tested. There was a test for "no
optional fields", but it was labelled incorrectly as SEC.1 and not run because
of a great renaming mixup.
2018-03-22 18:01:18 -07:00
Manuel Pégourié-Gonnard
47a98d4e2c fixup previous commit: add forgotten file 2018-03-14 14:08:57 +01:00
Manuel Pégourié-Gonnard
a63305d134 x509: CRL: add tests for non-critical extension
The 'critical' boolean can be set to false in two ways:
- by leaving it implicit (test data generated by openssl)
- by explicitly setting it to false (generated by hand)
2018-03-14 12:44:54 +01:00
Manuel Pégourié-Gonnard
fd3e4fbae7 x509: CRL: reject unsupported critical extensions 2018-03-14 09:15:02 +01:00
Manuel Pégourié-Gonnard
05e464dff7 Merge branch 'development' into iotssl-1381-x509-verify-refactor-restricted
* development: (557 commits)
  Add attribution for #1351 report
  Adapt version_features.c
  Note incompatibility of truncated HMAC extension in ChangeLog
  Add LinkLibraryDependencies to VS2010 app template
  Add ChangeLog entry for PR #1382
  MD: Make deprecated functions not inline
  Add ChangeLog entry for PR #1384
  Have Visual Studio handle linking to mbedTLS.lib internally
  Mention in ChangeLog that this fixes #1351
  Add issue number to ChangeLog
  Note in the changelog that this fixes an interoperability issue.
  Style fix in ChangeLog
  Add ChangeLog entries for PR #1168 and #1362
  Add ChangeLog entry for PR #1165
  ctr_drbg: Typo fix in the file description comment.
  dhm: Fix typo in RFC 5114 constants
  tests_suite_pkparse: new PKCS8-v2 keys with PRF != SHA1
  data_files/pkcs8-v2: add keys generated with PRF != SHA1
  tests/pkcs5/pbkdf2_hmac: extend array to accommodate longer results
  tests/pkcs5/pbkdf2_hmac: add unit tests for additional SHA algorithms
  ...
2018-03-05 11:55:38 +01:00
Gilles Peskine
e6844ccf2b Merge branch 'pr_1135' into development-proposed 2018-02-14 17:20:42 +01:00
Antonio Quartulli
f476b9d98c
data_files/pkcs8-v2: add keys generated with PRF != SHA1
We now have support for the entire SHA family to be used as
PRF in PKCS#5 v2.0, therefore we need to add new keys to test
these new functionalities.

This patch adds the new keys in `tests/data_files` and
commands to generate them in `tests/data_files/Makefile`.

Note that the pkcs8 command in OpenSSL 1.0 called with
the -v2 argument generates keys using PKCS#5 v2.0 with SHA1
as PRF by default.

(This behaviour has changed in OpenSSL 1.1, where the exact same
command instead uses PKCS#5 v2.0 with SHA256)

The new keys are generated by specifying different PRFs with
-v2prf.

Signed-off-by: Antonio Quartulli <antonio@openvpn.net>
2018-02-08 17:18:19 +08:00
Gilles Peskine
7fb29b17c7 Merge branch 'development' into development-restricted 2017-11-28 18:46:09 +01:00
Gilles Peskine
ea8d697fa2 Merge remote-tracking branch 'upstream-public/pr/1089' into development
Resolve trivial conflict due to additions in the same place in
tests/data_files/Makefile; minor comment/whitespace presentation
improvements.
2017-11-28 17:32:32 +01:00
Gilles Peskine
2507267cd4 Merge branch 'development' into development-restricted 2017-11-24 16:05:49 +01:00
Gilles Peskine
e7707228b4 Merge remote-tracking branch 'upstream-public/pr/1062' into development 2017-11-24 15:35:50 +01:00
Gilles Peskine
28a0c72795 RSA: Fix buffer overflow in PSS signature verification
Fix buffer overflow in RSA-PSS signature verification when the hash is
too large for the key size. Found by Seth Terashima, Qualcomm.

Added a non-regression test and a positive test with the smallest
permitted key size for a SHA-512 hash.
2017-10-17 19:01:38 +02:00
Ron Eldor
3f2da84bca Resolve PR review comments
1) Fix style comments
2) Fix typo in Makefile
3) Remove the `MBEDTLS_MD5_C` dependency from test data file,
as the used keys are not encrypted
2017-10-17 15:53:32 +03:00
Ron Eldor
b006518289 Resolve PR review comments
1) use `pk_get_rsapubkey` instead of reimplementing the parsing
2) rename the key files, according to their type and key size
3) comment in the data_files/Makefile hoe the keys were generated
4) Fix issue of failure parsing pkcs#1 DER format parsing, missed in previous commit
2017-10-16 12:40:27 +03:00
Ron Eldor
d0c56de934 Add support for public keys encoded with PKCS#1
1) Add support for public keys encoded with PKCS#1
2) Add tests for PKCS#1 PEM and DER, and PKCS#8 DER
2017-10-10 17:12:07 +03:00
Hanno Becker
08a36dde80 Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
Hanno Becker
cc56628117 Don't use all_final as a target in tests/data_files/Makefile
The `neat` target in that Makefile assumes all_final to be a concatenation of
file names.
2017-09-26 16:21:19 +01:00
Hanno Becker
81535d0011 Minor style and typo corrections 2017-09-14 07:51:54 +01:00
Hanno Becker
476986547b Omit version from X.509 v1 certificates
The version field in an X.509 certificate is optional and defaults to v1, so it
may be omitted in this case.
2017-09-14 07:51:54 +01:00
Hanno Becker
418a62242b Extend tests/data_files/Makefile to include CRT's for CRT write test 2017-09-14 07:51:28 +01:00
Hanno Becker
5a4f172522 Add suffix for 1024-bit RSA key files
Previously, 2048-bit and 4096-bit RSA key files had their bitsize indicated in their filename, while the original
1024-bit keys hadn't. This commit unifies the naming scheme by always indicating the bitsize in the filename.
2017-09-07 15:40:30 +01:00
Hanno Becker
c8063c58f0 Correct Makefile in tests/data_files
The documentation of the target `all_final` was no longer accurate, and numerous non-file targets were missing in the
.PHONY section.
2017-09-07 15:30:12 +01:00
Hanno Becker
8fdfc98676 Update keyfiles
This commit replaces the previous keyfiles with those generated by the commands added in the previous commit.
2017-09-05 10:08:37 +01:00
Hanno Becker
d16f6126c7 Add RSA key generation commands to test Makefile
This commit adds the commands used to generate the various RSA keys to tests/Makefile so that they can be easily
regenerated or modified, e.g. if larger key sizes or other encryption algorithms need to be tested in the future.
2017-09-05 10:08:37 +01:00
Hanno Becker
37c6b6b339 Add tests for encrypted 2048 and 4096-bit RSA keys 2017-08-26 09:22:14 +01:00
Manuel Pégourié-Gonnard
5faafa76cf Update X.509 test certs' Readme 2017-08-17 10:13:00 +02:00
Manuel Pégourié-Gonnard
8b59049407 Make verify() actually restartable 2017-08-15 10:45:09 +02:00
Manuel Pégourié-Gonnard
d19a41d9aa Add tests for verify_restartable()
For selection of test cases, see comments added in the commit.

It makes the most sense to test with chains using ECC only, so for the chain
of length 2 we use server10 -> int-ca3 -> int-ca2 and trust int-ca2 directly.

Note: server10.crt was created by copying server10_int3_int-ca2.crt and
manually truncating it to remove the intermediates. That base can now be used
to create derived certs (without or with a chain) in a programmatic way.
2017-08-15 10:44:08 +02:00
Manuel Pégourié-Gonnard
7ff243a87c Add missing dependency in test-certs Makefile 2017-08-08 18:54:13 +02:00
Manuel Pégourié-Gonnard
2d825d42bb Add test for same CA with different keys
When a trusted CA is rolling its root keys, it could happen that for some
users the list of trusted roots contains two versions of the same CA with the
same name but different keys. Currently this is supported but wasn't tested.

Note: the intermediate file test-ca-alt.csr is commited on purpose, as not
commiting intermediate files causes make to regenerate files that we don't
want it to touch.
2017-08-08 11:06:50 +02:00
Manuel Pégourié-Gonnard
c10afdb322 Add test for CA forgery attempt
As we accept EE certs that are explicitly trusted (in the list of trusted
roots) and usually look for parent by subject, and in the future we might want
to avoid checking the self-signature on trusted certs, there could a risk that we
incorrectly accept a cert that looks like a trusted root except it doesn't
have the same key. This test ensures this will never happen.
2017-08-08 11:06:50 +02:00
Manuel Pégourié-Gonnard
bc313017a5 Add tests for flags passed to f_vrfy
The tests cover chains of length 0, 1 and 2, with one error, located at any of
the available levels in the chain. This exercises all three call sites of
f_vrfy (two in verify_top, one in verify_child). Chains of greater length
would not cover any new code path or behaviour that I can see.
2017-08-08 11:06:49 +02:00
Manuel Pégourié-Gonnard
b341dd58c5 Add tests for spurious certs in the chain
We have code to skip them but didn't have explicit tests ensuring they are
(the corresponding branch was never taken).

While at it, remove extra copy of the chain in server10*.crt, which was
duplicated for no reason.
2017-08-08 11:00:46 +02:00
Manuel Pégourié-Gonnard
4dfc04a66f Add test for bad signature with longer chain
This is one line that wasn't covered in verify_child()
2017-08-08 11:00:46 +02:00
Manuel Pégourié-Gonnard
29d60fb85f Add test for expired cert in longer chain
That's two lines that were not covered in verify_child()
2017-08-08 11:00:46 +02:00
Hanno Becker
e908c3de67 Improve Readme for long test certificate chains 2017-07-26 13:49:38 +01:00
Janos Follath
745bcf454f Fix typos 2017-07-21 14:04:31 +01:00
Manuel Pégourié-Gonnard
5be13d8fd1 Make test script more portable
seq isn't POSIX and isn't present by default on BSDs
2017-07-06 14:31:54 +02:00
Manuel Pégourié-Gonnard
1beb048316 Add test for limit on intermediate certificates
Inspired by test code provided by Nicholas Wilson in PR #351.

The test will fail if someone sets MAX_INTERMEDIATE_CA to a value larger than
18 (default is 8), which is hopefully unlikely and can easily be fixed by
running long.sh again with a larger value if it ever happens.

Current behaviour is suboptimal as flags are not set, but currently the goal
is only to document/test existing behaviour.
2017-07-06 11:57:31 +02:00
Gilles Peskine
fd14bca6dc Document test data makefile 2017-06-06 18:44:14 +02:00
Gilles Peskine
bc70a1836b Test that SHA-1 defaults off
Added tests to validate that certificates signed using SHA-1 are
rejected by default, but accepted if SHA-1 is explicitly enabled.
2017-06-06 18:44:14 +02:00
Gilles Peskine
f040a17604 Added SHA256 test certificates
With SHA-1 deprecation, we need a few certificates using algorithms in
the default support list. Most tests still use SHA-1 though.

The generation process for the new certificates is recorded in the makefile.
2017-06-06 18:44:13 +02:00
Simon Butcher
fc794ff2b7 Merge branch 'iotssl-1071-ca-flags'
Fixes a regression introduced by an earlier commit that modified
x509_crt_verify_top() to ensure that valid certificates that are after past or
future valid in the chain are processed. However the change introduced a change
in behaviour that caused the verification flags MBEDTLS_X509_BADCERT_EXPIRED and
MBEDTLS_BADCERT_FUTURE to always be set whenever there is a failure in the
verification regardless of the cause.

The fix maintains both behaviours:

 * Ensure that valid certificates after future and past are verified
 * Ensure that the correct verification flags are set.
2017-02-27 19:06:05 +00:00
Andres AG
9f430c15d8 Add tests for out flags from x509_crt_verify_top()
The tests load certificate chains from files. The CA chains contain a
past or future certificate and an invalid certificate. The test then
checks that the flags set are MBEDTLS_X509_BADCERT_EXPIRED or
MBEDTLS_X509_BADCERT_FUTURE.
2017-01-20 13:52:01 +00:00
Andres AG
a39db394db Add test for infinite loop in CRL parse 2017-01-19 17:10:51 +00:00
Simon Butcher
4b852db299 Merge branch 'iotssl-629-der-trailing-bytes'
Fixes bug in mbedtls_x509_crt_parse that caused trailing extra data in the
buffer following DER certificates to be included in the raw representation.
2016-03-12 23:28:26 +00:00
Simon Butcher
f59e66ba24 Remove redundant test certificates and clarify ChangeLog 2016-03-09 19:32:10 +00:00
Janos Follath
df4bca2029 X509: Future CA among trusted: add more tests 2016-03-09 19:32:10 +00:00
Janos Follath
12c868c5d6 X509: Future CA among trusted: add unit tests 2016-03-09 19:32:10 +00:00
Janos Follath
0b2423403c x509: trailing bytes in DER: add integration tests 2016-02-17 10:11:21 +00:00
Manuel Pégourié-Gonnard
8b4331aa56 Add test case for root with max_pathlen=0
This was already working but not tested so far

(Test case from previous commit still failing.)

Test certificates generated with:

programs/pkey/gen_key type=ec ec_curve=secp256r1 filename=cert91.key
programs/pkey/gen_key type=ec ec_curve=secp256r1 filename=cert92.key

programs/x509/cert_write serial=91 output_file=cert91.crt is_ca=1 \
    issuer_key=cert91.key issuer_name="CN=Root 9,O=mbed TLS,C=UK" \
    selfsign=1 max_pathlen=0
programs/x509/cert_write serial=92 output_file=cert92.crt \
    issuer_key=cert91.key issuer_name="CN=Root 9,O=mbed TLS,C=UK" \
    subject_key=cert92.key subject_name="CN=EE 92,O=mbed TLS,C=UK"

mv cert9?.crt tests/data_files/dir4
rm cert9?.key
2015-11-19 11:10:33 +01:00
Manuel Pégourié-Gonnard
a3aa43da5f Add test case for first intermediate max_pathlen=0
!!! This test case is currently failing !!!
(See fix in next-next commit.)

Test certificates generated with the following script:

programs/pkey/gen_key type=ec ec_curve=secp256r1 filename=cert81.key
programs/pkey/gen_key type=ec ec_curve=secp256r1 filename=cert82.key
programs/pkey/gen_key type=ec ec_curve=secp256r1 filename=cert83.key

programs/x509/cert_write serial=81 output_file=cert81.crt is_ca=1 \
    issuer_key=cert81.key issuer_name="CN=Root 8,O=mbed TLS,C=UK" \
    selfsign=1
programs/x509/cert_write serial=82 output_file=cert82.crt is_ca=1 \
    issuer_key=cert81.key issuer_name="CN=Root 8,O=mbed TLS,C=UK" \
    subject_key=cert82.key subject_name="CN=Int 82,O=mbed TLS,C=UK" \
    max_pathlen=0
programs/x509/cert_write serial=83 output_file=cert83.crt \
    issuer_key=cert82.key issuer_name="CN=Int 82,O=mbed TLS,C=UK" \
    subject_key=cert83.key subject_name="CN=EE 83,O=mbed TLS,C=UK"

mv cert8?.crt tests/data_files/dir4
rm cert8?.key
2015-11-19 10:56:30 +01:00
Manuel Pégourié-Gonnard
0a543a8bc5 Merge pull request #320 from Inikup/fix-issue-318
Fix boolean values according to DER specs
2015-11-02 05:52:42 +09:00
Jonathan Leroy
00ee6eee54
Test certificate "Server1 SHA1, key_usage" reissued. 2015-10-14 13:15:22 +02:00
Janos Follath
ef4f2588f3 Additional corner cases for testing pathlen constrains. Just in case. 2015-10-11 16:17:27 +02:00
Janos Follath
822b2c33b9 Added test case for pathlen constrains in intermediate certificates 2015-10-11 10:39:15 +02:00
Manuel Pégourié-Gonnard
560fea3767 Add tests for verify callback
As we're about to change the chain construction logic, we want to make sure
the callback will still be called exactly when it should, and not on the
(upcoming) ignored certs in the chain.
2015-09-01 17:24:42 +02:00
Manuel Pégourié-Gonnard
052d10c9d5 Accept a trailing space at end of PEM lines
With certs being copy-pasted from webmails and all, this will probably become
more and more common.

closes #226
2015-07-31 11:11:26 +02:00
Manuel Pégourié-Gonnard
9a702255f4 Add parsing/printing for new X.509 keyUsage flags 2015-06-23 13:09:10 +02:00
Manuel Pégourié-Gonnard
6ea831dcf4 Add tests for mbedtls_set_hs_ca_chain() 2015-06-22 17:30:18 +02:00
Manuel Pégourié-Gonnard
7a010aabde Add tests for dhm_min_bitlen 2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard
5119df2022 Add test case for dh params with privateValueLength 2015-04-15 13:50:29 +02:00
Manuel Pégourié-Gonnard
e6c8366b46 Fix bug in pk_parse_key() 2015-04-15 11:21:24 +02:00
Paul Bakker
6152b0267c Fixed typos 2015-04-14 15:00:09 +02:00
Manuel Pégourié-Gonnard
39ead3ef2f Add test certificate for bitstring in DN 2015-03-27 13:11:33 +01:00
Manuel Pégourié-Gonnard
57a5d60abb Add tests for concatenated CRLs 2014-11-19 16:08:34 +01:00
Manuel Pégourié-Gonnard
4be3449dbc Add Readme about X.509 test files 2014-11-19 14:03:59 +01:00
Manuel Pégourié-Gonnard
9c911da68f Add tests for X.509 name encoding mismatch 2014-10-17 12:42:31 +02:00
Manuel Pégourié-Gonnard
64938c63f0 Accept spaces at end of line/buffer in base64 2014-10-15 23:53:33 +02:00
Manuel Pégourié-Gonnard
da1b4de0e4 Increase MPI_MAX_BYTES to allow RSA 8192 2014-10-15 22:06:46 +02:00
Paul Bakker
5a5fa92bfe x509_crt_parse() did not increase total_failed on PEM error
Result was that PEM errors in files with multiple certificates were not
detectable by the user.
2014-10-03 15:47:13 +02:00
Manuel Pégourié-Gonnard
192253aaa9 Fix buffer size in pk_write_*_pem() 2014-08-14 11:34:35 +02:00
Manuel Pégourié-Gonnard
d249b7ab9a Restore ability to trust non-CA selfsigned EE cert 2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard
c4eff16516 Restore ability to use v1 CA if trusted locally 2014-06-25 11:26:12 +02:00
Manuel Pégourié-Gonnard
5873b00b7f Add pathological RSASSA-PSS test certificates
Certificates announcing different PSS options than the ones actually used for
the signature. Makes sure the options are correctly passed to the verification
function.
2014-06-07 11:21:52 +02:00
Manuel Pégourié-Gonnard
eacccb7fb9 Add RSASSA-PSS certificate with all defaults 2014-06-05 18:00:08 +02:00
Manuel Pégourié-Gonnard
53882023e7 Also verify CRLs signed with RSASSA-PSS 2014-06-05 17:59:55 +02:00
Manuel Pégourié-Gonnard
920e1cd5e2 Add basic PSS cert verification
Still todo:
- handle MGF-hash != sign-hash
- check effective salt len == announced salt len
- add support in the PK layer so that we don't have to bypass it here
2014-06-04 12:09:08 +02:00
Manuel Pégourié-Gonnard
39868ee301 Parse CSRs signed with RSASSA-PSS 2014-06-02 16:10:30 +02:00
Manuel Pégourié-Gonnard
2a8d7fd76e Add tests for parsing CSRs 2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard
8e42ff6bde Parse CRLs signed with RSASSA-PSS 2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard
e76b750b69 Finish parsing RSASSA-PSS parameters 2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard
59a75d5b9d Basic parsing of certs signed with RSASSA-PSS 2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard
7afb8a0dca Add x509_crt_check_extended_key_usage() 2014-04-11 11:09:00 +02:00
Manuel Pégourié-Gonnard
99d4f19111 Add keyUsage checking for CAs 2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard
7f2a07d7b2 Check keyUsage in SSL client and server 2014-04-09 15:50:57 +02:00
Manuel Pégourié-Gonnard
3fec220a33 Add test for dhm_parse_dhmfile 2014-04-04 16:42:44 +02:00
Manuel Pégourié-Gonnard
6c1a73e061 Improve x509xrite_csr testing: extensions, version 2014-04-04 16:33:01 +02:00
Manuel Pégourié-Gonnard
c5ce83a3b8 Improve x509xrite_csr testing: extensions, ECDSA 2014-04-04 16:33:01 +02:00
Manuel Pégourié-Gonnard
6c33a16dae Add previously forgotten test files... oops! 2014-04-04 16:23:29 +02:00
Manuel Pégourié-Gonnard
f6f4ab40d3 Print extended key usage in x509_crt_info() 2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard
76b8ab73cd ssl-opt.sh: address some robustness issues 2014-03-26 14:21:34 +01:00
Manuel Pégourié-Gonnard
a11a77f316 Add test for SpecifiedECDomain 2014-03-19 16:50:59 +01:00
Manuel Pégourié-Gonnard
5b2d776d2a GnuTLS in compat.sh: server-side 2014-03-14 08:41:02 +01:00
Manuel Pégourié-Gonnard
9533765b25 Reject certs and CRLs from the future 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
6304f786e0 Add x509_time_future() 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
c9093085ed Revert "Merged RSA-PSS support in Certificate, CSR and CRL"
This reverts commit ab50d8d30c, reversing
changes made to e31b1d992a.
2014-02-12 09:39:59 +01:00
Manuel Pégourié-Gonnard
41cae8e1f9 Parse CSRs signed with RSASSA-PSS 2014-01-25 12:48:58 +01:00
Manuel Pégourié-Gonnard
d4fd57dda4 Add tests for parsing CSRs 2014-01-25 12:48:58 +01:00
Manuel Pégourié-Gonnard
5eeb32b552 Parse CRLs signed with RSASSA-PSS 2014-01-25 12:48:58 +01:00
Manuel Pégourié-Gonnard
3c1e8b539c Finish parsing RSASSA-PSS parameters 2014-01-25 12:48:58 +01:00
Manuel Pégourié-Gonnard
b1d4eb16e4 Basic parsing of certs signed with RSASSA-PSS 2014-01-25 12:48:58 +01:00
Paul Bakker
5862eee4ca Merged RIPEMD-160 support 2014-01-22 14:18:34 +01:00
Manuel Pégourié-Gonnard
83a7fdd47b Replace expired test certificate 2014-01-22 13:03:42 +01:00
Manuel Pégourié-Gonnard
e4d47a655b Add RIPEMD-160 to the generic MD layer 2014-01-17 20:41:32 +01:00
Manuel Pégourié-Gonnard
fbae2a1f53 Add tests for x509_crt_parse_path() 2013-11-28 18:07:39 +01:00
Manuel Pégourié-Gonnard
48ac3db551 Add OIDs for brainpool curves 2013-10-10 15:11:33 +02:00
Manuel Pégourié-Gonnard
6a987f4a90 Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
Paul Bakker
c27c4e2efb Support faulty X509 v1 certificates with extensions
(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3)
2013-09-23 15:01:36 +02:00
Paul Bakker
77e23fb0e0 Move *_pemify() function to PEM module 2013-09-15 20:03:26 +02:00
Manuel Pégourié-Gonnard
33250b0461 Add test for x509write_pubkey_pem() 2013-09-12 11:57:01 +02:00
Manuel Pégourié-Gonnard
b4e9ca9650 Add some more x509_verify tests
- trust chain of depth 0
- invalid signature
- trust chain of depth 2
- multiple trusted CA's
2013-08-20 20:46:03 +02:00
Manuel Pégourié-Gonnard
20e9fad4c1 Add test files for EC cert & crl validation 2013-08-20 20:21:02 +02:00
Manuel Pégourié-Gonnard
b03de8bcbe Add test for EC keys with all curves.
(Made possible by the OID fix.)
2013-08-16 14:00:52 +02:00
Manuel Pégourié-Gonnard
893879adbd Adapt debug_print_crt() for EC keys 2013-07-17 15:59:42 +02:00
Manuel Pégourié-Gonnard
a9e54129b5 Adapt test files to supported PKCS#8 modes
openssl pkcs8 -topk8 -in ec_prv.sec1.pem -passout pass:polar \
    -v1 PBE-SHA1-RC4-128 -outform der -out ec_prv.pk8.pw.der
openssl pkcs8 -topk8 -in ec_prv.sec1.pem -passout pass:polar \
    -v1 PBE-SHA1-RC4-128 -outform pem -out ec_prv.pk8.pw.pem
2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard
2b9252cd8f Add tests for x509parse_key_ec()
Test files were generated as follows:

openssl ecparam -name prime192v1 -genkey > key.pem

openssl ec -in key.pem -pubout -outform PEM > pub.pem
openssl ec -in key.pem -pubout -outform DER > pub.der

openssl ec -in key.pem -outform pem > prv.sec1.pem
openssl ec -in key.pem -outform der > prv.sec1.der
openssl ec -in key.pem -des -passout pass:polar -outform pem > prv.sec1.pw.pem

openssl pkcs8 -topk8 -in key.pem -nocrypt -outform pem > prv.pk8.pem
openssl pkcs8 -topk8 -in key.pem -nocrypt -outform der > prv.pk8.der
openssl pkcs8 -topk8 -in key.pem -passout pass:polar -outform der \
    > prv.pk8.pw.der
openssl pkcs8 -topk8 -in key.pem -passout pass:polar -outform pem \
    > prv.pk8.pw.pem
2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard
73c0cda346 Complete x509parse_public_key_ec()
Warning: due to a bug in oid_descriptor_from_buf(), keys associated to some
curves (secp224r1, secp384r1, secp521r1) are incorrectly rejected,
since their namedCurve OID contains a nul byte.
2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard
1bc6931f8c Add test for x509parse_public_keyfile_ec 2013-07-08 15:31:19 +02:00
Paul Bakker
28144decef PKCS#5 v2 PBES2 support and use in PKCS#8 encrypted certificates
The error code POLARSSL_ERR_X509_PASSWORD_MISMATCH is now properly
returned in case of an encryption failure in the padding. The
POLARSSL_ERR_X509_PASSWORD_REQUIRED error code is only returned for PEM
formatted private keys as for DER formatted ones it is impossible to
distinguish if a DER blob is PKCS#8 encrypted or not.
(cherry picked from commit 1fd4321ba2016dfaff2b48c11f731fc9ccbd7ccf)

Conflicts:
	include/polarssl/error.h
	scripts/generate_errors.pl
2013-06-25 15:06:52 +02:00
Paul Bakker
f1f21fe825 Parsing of PKCS#8 encrypted private key files added and PKCS#12 basis
PKCS#8 encrypted key file support has been added to x509parse_key() with
support for some PCKS#12 PBE functions (pbeWithSHAAnd128BitRC4,
pbeWithSHAAnd3-KeyTripleDES-CBC and pbeWithSHAAnd2-KeyTripleDES-CBC)
(cherry picked from commit cf6e95d9a81c7b22271beb58a09b5c756148e62a)

Conflicts:
	scripts/generate_errors.pl
2013-06-25 15:06:51 +02:00
Paul Bakker
9195662a4c - Added test for no-subject certificates with altSubjectNames 2012-08-23 10:46:54 +00:00
Paul Bakker
4d2c1243b1 - Changed certificate verify behaviour to comply with RFC 6125 section 6.3 to not match CN if subjectAltName extension is present. 2012-05-10 14:12:46 +00:00
Paul Bakker
6d6205091b - First tests for x509_write_cert_req() compat with OpenSSL output 2012-02-16 14:09:13 +00:00
Paul Bakker
57b12982b3 - Multi-domain certificates support wildcards as well 2012-02-11 17:38:38 +00:00
Paul Bakker
a8cd239d6b - Added support for wildcard certificates
- Added support for multi-domain certificates through the X509 Subject Alternative Name extension
2012-02-11 16:09:32 +00:00
Paul Bakker
cb37aa5912 - Better buffer handling in mpi_read_file() 2011-11-30 16:00:20 +00:00
Paul Bakker
ed56b224de - Added support for PKCS#8 wrapper on reading private keys (Fixes ticket #20) 2011-07-13 11:26:43 +00:00
Paul Bakker
400ff6f0fd - Corrected parsing of UTCTime dates before 1990 and after 1950
- Support more exotic OID's when parsing certificates
 - Support more exotic name representations when parsing certificates
 - Replaced the expired test certificates
2011-02-20 10:40:16 +00:00
Paul Bakker
96743fc5f5 - Parsing of PEM files moved to separate module (Fixes ticket #13). Also possible to remove PEM support for systems only using DER encoding
- Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5)
 - Added tests for encrypted keyfiles
2011-02-12 14:30:57 +00:00
Paul Bakker
c26a189189 - Added extra X509 regression and coverage tests 2009-07-19 20:30:14 +00:00
Paul Bakker
4d6b31a999 - Added extra certificates and tests 2009-07-12 11:11:06 +00:00