- Added test coverage for X509parse
- Fixed segfault in rsa_check_privkey() and rsa_check_pubkey() and added test
This commit is contained in:
parent
7d8a100783
commit
37940d9ff6
@ -4,11 +4,16 @@ PolarSSL ChangeLog
|
||||
Features
|
||||
* Added CMake makefiles as alternative to regular Makefiles.
|
||||
* Added preliminary Code Coverage tests for AES, ARC4,
|
||||
Base64, MPI, SHA-family, MD-family and HMAC-SHA-family.
|
||||
Base64, MPI, SHA-family, MD-family, HMAC-SHA-family,
|
||||
Camellia, DES, 3-DES, RSA PKCS#1, XTEA, Diffie-Hellman
|
||||
and X509parse.
|
||||
|
||||
Bug fixes
|
||||
* Fixed incorrect handling of negative strings in
|
||||
mpi_read_string() (found by code coverage tests).
|
||||
* Fixed segfault on handling empty rsa_context in
|
||||
rsa_check_pubkey() and rsa_check_privkey() (found by
|
||||
code coverage tests).
|
||||
* Fixed incorrect handling of one single negative input
|
||||
value in mpi_add_abs() (found by code coverage tests).
|
||||
* Fixed incorrect handling of negative first input
|
||||
|
@ -133,6 +133,9 @@ cleanup:
|
||||
*/
|
||||
int rsa_check_pubkey( rsa_context *ctx )
|
||||
{
|
||||
if( !ctx->N.p || !ctx->E.p )
|
||||
return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
|
||||
|
||||
if( ( ctx->N.p[0] & 1 ) == 0 ||
|
||||
( ctx->E.p[0] & 1 ) == 0 )
|
||||
return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
|
||||
@ -159,6 +162,9 @@ int rsa_check_privkey( rsa_context *ctx )
|
||||
if( ( ret = rsa_check_pubkey( ctx ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
if( !ctx->P.p || !ctx->Q.p || !ctx->D.p )
|
||||
return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
|
||||
|
||||
mpi_init( &PQ, &DE, &P1, &Q1, &H, &I, &G, NULL );
|
||||
|
||||
MPI_CHK( mpi_mul_mpi( &PQ, &ctx->P, &ctx->Q ) );
|
||||
|
@ -24,3 +24,4 @@ add_test_suite(des)
|
||||
add_test_suite(rsa)
|
||||
add_test_suite(xtea)
|
||||
add_test_suite(dhm)
|
||||
add_test_suite(x509parse)
|
||||
|
11
tests/data_files/crl_expired.pem
Normal file
11
tests/data_files/crl_expired.pem
Normal file
@ -0,0 +1,11 @@
|
||||
-----BEGIN X509 CRL-----
|
||||
MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI
|
||||
UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTA5MDIwOTIxMTIz
|
||||
NloXDTA5MDQxMDIxMTIzNlowKDASAgEBFw0wOTAyMDkyMTEyMzZaMBICAQMXDTA5
|
||||
MDIwOTIxMTIzNlowDQYJKoZIhvcNAQEFBQADggEBAH/piRNs4o4kJlPHZekStROf
|
||||
JGgE5SRH+jb7kAaKoTKIYImfx6Nn662cj24Uuq7JLAJowaUhA2HNM+VYXaoGu9Fx
|
||||
9cdrceHqLiloZ7OgrGDchC4MqtT43s8wAiBkjG/RMeOtOKvgD4xEsx1AVItzNIbF
|
||||
v7yPA/kstR2zUAYMLAJiklkBpYiRejpMU5tDGYOw+lF8lZaRems2eyjvb1SzsGDO
|
||||
6tURVHPNJIfAAwcMVTQOtKJwZ97j3RAJo0j5IcaOnboq4xYiBjzMOr28bu9X3KHt
|
||||
Zu9T0GFz7n7yh6Qdc4qXjJ6U9bM4YmAW32wPHObXe2qc1GaTVsiyTY2v5BLosR4=
|
||||
-----END X509 CRL-----
|
77
tests/data_files/server1.crt
Normal file
77
tests/data_files/server1.crt
Normal file
@ -0,0 +1,77 @@
|
||||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 1 (0x1)
|
||||
Signature Algorithm: sha1WithRSAEncryption
|
||||
Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA
|
||||
Validity
|
||||
Not Before: Feb 9 21:12:35 2009 GMT
|
||||
Not After : Feb 9 21:12:35 2011 GMT
|
||||
Subject: C=NL, O=PolarSSL, CN=PolarSSL Server 1
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
RSA Public Key: (2048 bit)
|
||||
Modulus (2048 bit):
|
||||
00:ae:92:63:59:74:68:a4:aa:89:50:42:f2:e7:27:
|
||||
09:2c:a5:86:99:09:28:52:5d:6e:32:f5:93:18:35:
|
||||
0e:2b:28:6d:11:20:49:f2:21:0d:d6:fc:e6:dc:de:
|
||||
40:93:7b:29:ee:4b:4c:28:4f:e4:8c:38:12:de:10:
|
||||
69:f7:ba:40:e8:74:80:a6:19:36:63:e0:37:93:39:
|
||||
f6:00:8e:3c:5a:fd:dc:8e:50:c1:41:7c:bf:ff:c9:
|
||||
bb:e2:ad:7c:8d:b1:a4:1a:8b:3e:1f:1a:28:9b:e6:
|
||||
93:4b:74:c3:e9:ab:2c:c8:93:cf:f6:02:a1:c9:4b:
|
||||
9e:f9:f6:fa:a6:95:98:6c:32:85:c0:f4:e7:b0:ec:
|
||||
50:af:17:52:49:21:80:9f:0d:c8:37:73:74:42:3e:
|
||||
06:7f:29:29:1d:6a:9a:71:0f:70:ea:c8:49:0d:d7:
|
||||
3b:7e:c2:ed:9b:33:dd:64:e9:8f:df:85:81:c3:b1:
|
||||
c5:50:b6:55:2c:c8:88:ed:fd:c4:cf:14:4f:49:d8:
|
||||
76:5c:1d:95:ef:34:e8:d7:74:aa:1e:d2:ff:1d:19:
|
||||
27:19:de:af:b5:7a:71:c3:fb:38:11:ca:da:78:2c:
|
||||
9b:32:3e:5f:31:eb:c9:6e:43:eb:3d:a5:c1:36:e2:
|
||||
86:49:1c:68:d7:5b:f1:01:d0:29:16:d0:3a:44:36:
|
||||
5c:77
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Basic Constraints:
|
||||
CA:FALSE
|
||||
X509v3 Subject Key Identifier:
|
||||
81:10:4A:56:11:3A:A2:FD:28:DE:80:54:BC:21:6E:64:28:6F:E7:05
|
||||
X509v3 Authority Key Identifier:
|
||||
keyid:CF:22:31:27:91:D8:C2:54:FF:1E:DA:D9:EE:8A:C5:89:32:AD:0C:21
|
||||
|
||||
Signature Algorithm: sha1WithRSAEncryption
|
||||
64:48:d7:f4:06:42:fd:9b:7d:f4:c3:81:26:ff:1d:c3:f9:0b:
|
||||
dc:be:5d:78:45:e5:48:1a:f7:07:cb:35:2b:7f:b6:50:22:cf:
|
||||
a6:24:f5:e3:a5:5d:a7:d0:55:d3:c1:f4:a9:6e:f2:4c:f7:2b:
|
||||
02:0f:d0:c8:62:82:93:a6:86:07:f3:fb:14:c8:db:f2:df:fb:
|
||||
06:2c:7f:ad:39:89:78:ed:cb:b6:70:0d:7a:b8:ba:48:ae:13:
|
||||
46:b0:e0:7b:e8:fc:31:eb:4e:97:2b:96:bf:6b:7b:ae:f2:3e:
|
||||
9f:f9:c2:96:59:49:f3:90:34:15:e3:2e:cb:38:9c:33:a3:4a:
|
||||
4e:00:9e:97:7d:3d:2e:d7:1f:23:4b:5e:db:62:a5:3c:ca:4e:
|
||||
b7:a6:83:79:24:9c:ce:08:e4:8b:e7:9a:b1:ca:9f:03:9c:a8:
|
||||
6c:81:4e:5b:fb:53:19:a1:9f:b5:07:64:85:57:01:2c:95:3c:
|
||||
3c:7e:87:0d:43:c6:08:d5:26:7a:5b:d3:2b:bb:0e:92:fc:be:
|
||||
85:88:16:c8:98:2d:75:23:9d:95:c5:4a:a5:95:be:77:81:cd:
|
||||
46:14:cc:96:2f:90:2a:84:04:51:80:d1:e3:39:5f:de:d4:c2:
|
||||
2c:bd:a7:23:3a:8d:b3:83:73:62:b0:7b:92:14:53:a1:e3:c4:
|
||||
3c:68:cc:ab
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDPzCCAiegAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
|
||||
MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
|
||||
MDkwMjA5MjExMjM1WhcNMTEwMjA5MjExMjM1WjA8MQswCQYDVQQGEwJOTDERMA8G
|
||||
A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN
|
||||
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpJjWXRopKqJUELy5ycJLKWGmQko
|
||||
Ul1uMvWTGDUOKyhtESBJ8iEN1vzm3N5Ak3sp7ktMKE/kjDgS3hBp97pA6HSAphk2
|
||||
Y+A3kzn2AI48Wv3cjlDBQXy//8m74q18jbGkGos+Hxoom+aTS3TD6assyJPP9gKh
|
||||
yUue+fb6ppWYbDKFwPTnsOxQrxdSSSGAnw3IN3N0Qj4GfykpHWqacQ9w6shJDdc7
|
||||
fsLtmzPdZOmP34WBw7HFULZVLMiI7f3EzxRPSdh2XB2V7zTo13SqHtL/HRknGd6v
|
||||
tXpxw/s4EcraeCybMj5fMevJbkPrPaXBNuKGSRxo11vxAdApFtA6RDZcdwIDAQAB
|
||||
o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBSBEEpWETqi/SjegFS8IW5kKG/nBTAf
|
||||
BgNVHSMEGDAWgBTPIjEnkdjCVP8e2tnuisWJMq0MITANBgkqhkiG9w0BAQUFAAOC
|
||||
AQEAZEjX9AZC/Zt99MOBJv8dw/kL3L5deEXlSBr3B8s1K3+2UCLPpiT146Vdp9BV
|
||||
08H0qW7yTPcrAg/QyGKCk6aGB/P7FMjb8t/7Bix/rTmJeO3LtnANeri6SK4TRrDg
|
||||
e+j8MetOlyuWv2t7rvI+n/nClllJ85A0FeMuyzicM6NKTgCel309LtcfI0te22Kl
|
||||
PMpOt6aDeSSczgjki+eascqfA5yobIFOW/tTGaGftQdkhVcBLJU8PH6HDUPGCNUm
|
||||
elvTK7sOkvy+hYgWyJgtdSOdlcVKpZW+d4HNRhTMli+QKoQEUYDR4zlf3tTCLL2n
|
||||
IzqNs4NzYrB7khRToePEPGjMqw==
|
||||
-----END CERTIFICATE-----
|
77
tests/data_files/server2.crt
Normal file
77
tests/data_files/server2.crt
Normal file
@ -0,0 +1,77 @@
|
||||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 9 (0x9)
|
||||
Signature Algorithm: sha1WithRSAEncryption
|
||||
Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA
|
||||
Validity
|
||||
Not Before: Feb 10 22:15:12 2009 GMT
|
||||
Not After : Feb 10 22:15:12 2011 GMT
|
||||
Subject: C=NL, O=PolarSSL, CN=localhost
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
RSA Public Key: (2048 bit)
|
||||
Modulus (2048 bit):
|
||||
00:b0:19:1d:43:4a:e1:f1:67:80:7b:44:3f:25:b9:
|
||||
10:f0:f1:ac:af:59:fb:5c:e3:e7:32:49:f3:b7:a0:
|
||||
c1:90:27:83:04:2c:0b:1b:f8:3d:1e:d8:c2:40:67:
|
||||
7a:4a:c0:cd:ab:51:77:34:ee:ae:ac:09:6b:7a:cb:
|
||||
20:23:b3:44:b1:7e:78:a0:95:50:59:36:97:04:57:
|
||||
9a:76:65:e0:08:7a:09:5e:61:16:59:c2:35:eb:e0:
|
||||
a1:fd:92:f5:d5:76:c3:57:f3:64:19:25:ff:a9:e3:
|
||||
48:5a:c9:b7:ad:77:c5:81:24:2d:c7:99:d5:a5:15:
|
||||
12:67:69:00:2a:cd:4e:4f:46:40:51:78:36:b5:26:
|
||||
15:9c:73:9c:dc:bd:f9:fe:ac:62:dc:0a:c8:a0:9e:
|
||||
aa:06:e9:e5:94:c2:bd:2f:46:d4:54:08:d7:d6:98:
|
||||
69:1f:de:63:fc:09:70:f2:99:c8:63:27:f7:00:96:
|
||||
1e:ad:c3:ee:ce:80:e8:75:ce:50:6b:6c:49:c8:c4:
|
||||
92:04:a0:25:7c:19:6e:d6:e0:43:45:2a:d7:2a:44:
|
||||
4a:03:b9:72:17:a4:c7:01:b9:4e:88:8c:82:63:0f:
|
||||
bb:c2:89:98:86:8e:6d:d5:5e:bb:0b:bf:8c:d0:6f:
|
||||
97:15:39:fe:11:c9:cb:de:c5:5b:2c:47:65:07:20:
|
||||
b6:cf
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Basic Constraints:
|
||||
CA:FALSE
|
||||
X509v3 Subject Key Identifier:
|
||||
92:0C:8B:3F:E9:D3:EE:6F:08:23:62:0B:D1:68:FD:AC:A6:11:8F:5F
|
||||
X509v3 Authority Key Identifier:
|
||||
keyid:CF:22:31:27:91:D8:C2:54:FF:1E:DA:D9:EE:8A:C5:89:32:AD:0C:21
|
||||
|
||||
Signature Algorithm: sha1WithRSAEncryption
|
||||
69:51:68:d7:42:cc:0c:ba:7d:28:6b:0a:36:75:81:ce:56:a7:
|
||||
9a:84:80:f7:69:14:33:56:1c:f0:b4:7d:a1:37:53:f1:7b:ec:
|
||||
4c:41:81:be:d4:3c:ed:01:63:61:a4:78:2c:f9:c3:03:d2:ab:
|
||||
07:5b:22:b6:7b:63:6a:f9:24:f9:4f:d8:97:71:4d:82:f4:1a:
|
||||
59:20:2b:9a:b1:cb:88:65:fa:93:bb:aa:f4:e7:50:31:d0:c8:
|
||||
b1:e0:b8:cc:a6:5f:7e:ff:54:25:de:89:df:12:c5:fe:0f:0e:
|
||||
c0:14:bb:3f:97:b7:b5:68:af:ab:05:73:6d:62:d0:c4:2b:ab:
|
||||
2d:c2:bc:2f:d3:be:0b:e7:55:8a:25:c2:ac:1c:f6:40:88:8f:
|
||||
21:8c:bd:21:db:b9:9f:b7:b3:44:5b:cb:8c:cc:a5:08:f7:ee:
|
||||
f9:1f:92:bd:0f:f5:2e:c1:73:6c:98:7a:9d:4b:93:4e:b1:ec:
|
||||
7e:b7:4b:7f:d3:c4:2c:0d:01:fe:ba:67:63:6a:a5:ec:29:bd:
|
||||
00:3a:46:b5:43:5b:f8:27:94:e5:7b:a2:80:9a:96:1b:7b:4b:
|
||||
73:fb:3b:c6:22:dc:11:7e:27:a6:95:be:3b:10:de:ea:81:6d:
|
||||
3b:71:df:07:13:9c:2c:23:a6:27:d6:06:b9:f8:c7:42:93:5a:
|
||||
92:0f:32:97
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDNzCCAh+gAwIBAgIBCTANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
|
||||
MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
|
||||
MDkwMjEwMjIxNTEyWhcNMTEwMjEwMjIxNTEyWjA0MQswCQYDVQQGEwJOTDERMA8G
|
||||
A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
|
||||
AQEBBQADggEPADCCAQoCggEBALAZHUNK4fFngHtEPyW5EPDxrK9Z+1zj5zJJ87eg
|
||||
wZAngwQsCxv4PR7YwkBnekrAzatRdzTurqwJa3rLICOzRLF+eKCVUFk2lwRXmnZl
|
||||
4Ah6CV5hFlnCNevgof2S9dV2w1fzZBkl/6njSFrJt613xYEkLceZ1aUVEmdpACrN
|
||||
Tk9GQFF4NrUmFZxznNy9+f6sYtwKyKCeqgbp5ZTCvS9G1FQI19aYaR/eY/wJcPKZ
|
||||
yGMn9wCWHq3D7s6A6HXOUGtsScjEkgSgJXwZbtbgQ0Uq1ypESgO5chekxwG5ToiM
|
||||
gmMPu8KJmIaObdVeuwu/jNBvlxU5/hHJy97FWyxHZQcgts8CAwEAAaNNMEswCQYD
|
||||
VR0TBAIwADAdBgNVHQ4EFgQUkgyLP+nT7m8II2IL0Wj9rKYRj18wHwYDVR0jBBgw
|
||||
FoAUzyIxJ5HYwlT/HtrZ7orFiTKtDCEwDQYJKoZIhvcNAQEFBQADggEBAGlRaNdC
|
||||
zAy6fShrCjZ1gc5Wp5qEgPdpFDNWHPC0faE3U/F77ExBgb7UPO0BY2GkeCz5wwPS
|
||||
qwdbIrZ7Y2r5JPlP2JdxTYL0GlkgK5qxy4hl+pO7qvTnUDHQyLHguMymX37/VCXe
|
||||
id8Sxf4PDsAUuz+Xt7Vor6sFc21i0MQrqy3CvC/TvgvnVYolwqwc9kCIjyGMvSHb
|
||||
uZ+3s0Rby4zMpQj37vkfkr0P9S7Bc2yYep1Lk06x7H63S3/TxCwNAf66Z2Nqpewp
|
||||
vQA6RrVDW/gnlOV7ooCalht7S3P7O8Yi3BF+J6aVvjsQ3uqBbTtx3wcTnCwjpifW
|
||||
Brn4x0KTWpIPMpc=
|
||||
-----END CERTIFICATE-----
|
80
tests/data_files/test-ca.crt
Normal file
80
tests/data_files/test-ca.crt
Normal file
@ -0,0 +1,80 @@
|
||||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 0 (0x0)
|
||||
Signature Algorithm: sha1WithRSAEncryption
|
||||
Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA
|
||||
Validity
|
||||
Not Before: Feb 9 21:12:25 2009 GMT
|
||||
Not After : Feb 10 21:12:25 2019 GMT
|
||||
Subject: C=NL, O=PolarSSL, CN=PolarSSL Test CA
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
RSA Public Key: (2048 bit)
|
||||
Modulus (2048 bit):
|
||||
00:b0:c7:44:7a:99:90:ef:25:b5:dc:0d:9f:95:14:
|
||||
1f:b1:a6:77:b0:b9:9f:d7:a9:fe:b6:68:98:e5:50:
|
||||
4d:33:9e:a1:d3:bf:1e:fb:71:b3:e0:35:aa:79:e0:
|
||||
0f:d0:6f:27:3a:8c:b3:2b:01:69:f4:98:26:47:b7:
|
||||
ba:40:30:d6:15:2f:0c:e4:9a:bf:3b:1e:e0:97:b6:
|
||||
ae:99:d3:a2:89:05:e6:82:3f:5b:ed:8d:3d:ba:ce:
|
||||
8b:a6:f9:e7:0d:8a:89:2d:0f:07:03:52:40:6b:ac:
|
||||
fa:21:9c:28:f2:e0:63:6e:dd:45:68:c6:37:9c:75:
|
||||
bc:78:74:9c:e1:f3:ea:b4:2a:d5:a6:f8:a3:e6:a2:
|
||||
be:4c:5a:31:b2:c0:1d:12:80:fb:33:be:2a:8c:a8:
|
||||
09:c1:05:0e:0b:71:2e:fb:7b:ae:d2:bc:c0:5b:f5:
|
||||
3a:59:d3:a2:3a:d6:f4:9f:e5:55:c4:37:0f:49:45:
|
||||
3d:aa:88:6a:7b:b1:b0:33:82:0f:07:17:94:56:af:
|
||||
af:e1:5f:1f:d2:c0:3f:f5:4d:16:e1:b6:99:28:46:
|
||||
43:67:e0:5f:63:a2:44:c1:26:84:01:89:73:c8:53:
|
||||
a0:24:da:20:97:08:09:8e:d5:77:43:1e:3a:6d:92:
|
||||
40:55:87:12:5c:8d:79:4e:f0:8d:a9:65:d1:9e:60:
|
||||
e7:eb
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Basic Constraints:
|
||||
CA:TRUE
|
||||
X509v3 Subject Key Identifier:
|
||||
CF:22:31:27:91:D8:C2:54:FF:1E:DA:D9:EE:8A:C5:89:32:AD:0C:21
|
||||
X509v3 Authority Key Identifier:
|
||||
keyid:CF:22:31:27:91:D8:C2:54:FF:1E:DA:D9:EE:8A:C5:89:32:AD:0C:21
|
||||
DirName:/C=NL/O=PolarSSL/CN=PolarSSL Test CA
|
||||
serial:00
|
||||
|
||||
Signature Algorithm: sha1WithRSAEncryption
|
||||
1c:15:97:39:41:00:07:a3:07:3a:30:82:cb:9e:01:c8:09:f3:
|
||||
e9:5f:40:fc:31:f5:81:98:6c:21:a5:88:59:5f:98:5c:4d:9c:
|
||||
6c:4e:f5:0b:9b:c4:04:e1:16:6f:59:08:4d:57:fe:0e:4f:53:
|
||||
c2:10:6c:d0:0d:1d:e7:b9:84:79:1f:94:94:a9:84:83:f8:c9:
|
||||
2f:1c:4f:df:92:19:1e:66:10:8e:37:d5:7c:14:ef:d9:c5:c8:
|
||||
c8:b2:c1:1e:b7:ea:b6:ca:ba:68:c4:63:72:e9:ea:3b:96:1f:
|
||||
10:27:1a:2d:52:0f:68:7b:ea:80:05:ef:7d:b6:f7:50:e8:84:
|
||||
f3:57:38:0d:6a:59:98:c8:fb:c9:56:1f:a1:fa:f9:94:29:80:
|
||||
4c:97:00:8d:ad:40:61:68:ce:cd:7d:63:ec:e3:d0:18:5b:ac:
|
||||
95:f8:95:a8:24:f2:50:f2:f2:8d:57:e8:e3:aa:86:8c:fd:8a:
|
||||
9e:5c:02:7b:85:9f:37:87:70:75:b4:14:3d:1e:76:49:0f:ef:
|
||||
6a:ef:95:a3:ac:af:51:ac:60:4c:69:cf:aa:13:3f:a1:7d:d8:
|
||||
9f:9a:7e:35:9c:b5:69:70:68:69:cd:4a:28:4b:b7:8f:31:ee:
|
||||
07:d7:92:f5:54:5d:b5:c9:78:e1:a6:e6:15:37:f7:dd:3d:38:
|
||||
47:44:b1:e2
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
|
||||
MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
|
||||
MDkwMjA5MjExMjI1WhcNMTkwMjEwMjExMjI1WjA7MQswCQYDVQQGEwJOTDERMA8G
|
||||
A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G
|
||||
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwx0R6mZDvJbXcDZ+VFB+xpnewuZ/X
|
||||
qf62aJjlUE0znqHTvx77cbPgNap54A/Qbyc6jLMrAWn0mCZHt7pAMNYVLwzkmr87
|
||||
HuCXtq6Z06KJBeaCP1vtjT26zoum+ecNioktDwcDUkBrrPohnCjy4GNu3UVoxjec
|
||||
dbx4dJzh8+q0KtWm+KPmor5MWjGywB0SgPszviqMqAnBBQ4LcS77e67SvMBb9TpZ
|
||||
06I61vSf5VXENw9JRT2qiGp7sbAzgg8HF5RWr6/hXx/SwD/1TRbhtpkoRkNn4F9j
|
||||
okTBJoQBiXPIU6Ak2iCXCAmO1XdDHjptkkBVhxJcjXlO8I2pZdGeYOfrAgMBAAGj
|
||||
gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUzyIxJ5HYwlT/HtrZ7orFiTKt
|
||||
DCEwYwYDVR0jBFwwWoAUzyIxJ5HYwlT/HtrZ7orFiTKtDCGhP6Q9MDsxCzAJBgNV
|
||||
BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz
|
||||
dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAHBWXOUEAB6MHOjCCy54ByAnz6V9A
|
||||
/DH1gZhsIaWIWV+YXE2cbE71C5vEBOEWb1kITVf+Dk9TwhBs0A0d57mEeR+UlKmE
|
||||
g/jJLxxP35IZHmYQjjfVfBTv2cXIyLLBHrfqtsq6aMRjcunqO5YfECcaLVIPaHvq
|
||||
gAXvfbb3UOiE81c4DWpZmMj7yVYfofr5lCmATJcAja1AYWjOzX1j7OPQGFuslfiV
|
||||
qCTyUPLyjVfo46qGjP2KnlwCe4WfN4dwdbQUPR52SQ/vau+Vo6yvUaxgTGnPqhM/
|
||||
oX3Yn5p+NZy1aXBoac1KKEu3jzHuB9eS9VRdtcl44abmFTf33T04R0Sx4g==
|
||||
-----END CERTIFICATE-----
|
30
tests/data_files/test-ca.key
Normal file
30
tests/data_files/test-ca.key
Normal file
@ -0,0 +1,30 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
Proc-Type: 4,ENCRYPTED
|
||||
DEK-Info: DES-EDE3-CBC,EB254D9A7718A8E2
|
||||
|
||||
IOUSKEqvYM6tDkyyoAIxiDjZ/lzwCJAbONOxPnvNWL1bxMNYOMcwJxTh7P/EoC6Z
|
||||
L+ubHlAAUystPRi+h63aZh8qBEai1KOixy5PjqbEKYczagBi5kTIyhCFwwiTiKzB
|
||||
ygfFjC69wpkgWufKKJQ5skCYF8Pc7RlwKQeAnoPx/3xOFJUK3AHjHAbUhYWrDrqE
|
||||
CywZYdnaGc9TiXNPcGmwLlgBLjp2zUOS2+lSt+rOjVh3BcaK9z1PRZSXsp20zC8D
|
||||
1V3gRpbMPly+6BTOrxNuiiQzPK66Mn5g6BCyheanY3ArkM9PVZHmdFe4hvj/cu1L
|
||||
Ps82XShxEF1IZ1XtqH3gtsJdpAJ7lp6f7/tvjDOokfw+tId3omT7iJJtRKBqYV/u
|
||||
ujalWa4BU6Ek7yzexBfAe3C82xcn3TDoyXTCdJ3Jgz51cKO+22wTn/CsKh7excBM
|
||||
ecl0hwhJumunc+Ftmf81qAAZuN4EPF/SxpwQgfBypZ+OqTWBTAvmIwg5dMq2U8Mj
|
||||
iIXphhA7xbXiMS/yL+aK0vo8GbWVE7Qpwo1BiMfhxc2wxv/W8UpHH2O2WoWTfhUk
|
||||
wpK2Nm9jteU3SHg76plc5Qf6JqiF7wVuW6mrs8hut0s+q352waAHkOocVA/3xy2A
|
||||
qL99o/EkzniepORBFhHAJmYx9BolsVP5GQzokfRZkCkLRDm5b7rjx8J1kbWkiy7o
|
||||
NqyLVfvOjdDBi8cgU1g1K1BVukCD3bL1TNFjfT55xccCYrsosLb7BJFOX8c38DKF
|
||||
mXV9fQALqna0SKXoMRdU45JMVYQUp8CoLxWq9cCktzI7BCb0cWkTCwhgW3gOwSlO
|
||||
zDXXzX9iJhb8ZTYIw53Fbi8+shG3DMoixqv8GvFqU3MmxeLEjde+eFHn/kdDugxF
|
||||
CM6GLRJTf7URUr/H7ILLRxfgrbAk8XlT9CA8ykK+GKIbat0Q8NchW3k2PPNHo+s0
|
||||
ya65JH6GfDWP29lM1WFxMC0e6Zxjs/ArId2IWCKXLiEjEnzcuAhYZ9d/e6nPbuSQ
|
||||
oFEA1OfzGcmHJxWMuSX+boF02K/3Eun+fTQjUmD13qQza36MZVRfhlmcg/ztQy4R
|
||||
JSwr/wJUu/gZql1T+S4sWBq/TZEW7TaAcBs/TE4mqHHrJH2jKmwPswvl58RE2GKS
|
||||
JHa3CIpAiyqh09dSOsVS+inEISLgRoKQKHuscL0NhRYxB1Nv1sY5OTU8up2fRe4l
|
||||
LUYwJ57/pEb2//W2XQRW3nUdV5kYTOdIZPaK4T+diK5LhpA2QydXx5aC9GBLEr7r
|
||||
E+jO7IOJeESxOwjnreYJR2mNgT7QYch227iichheQ0OKRB+vKqnG/6uelH2QH4vJ
|
||||
NhvEtLZfyrpC3/dEClbDA9akSxOEyzSx1B/t6K43qZe2IZejLGW8nhsi2ZPDxHjz
|
||||
qrBef1sd91ySRAevsdsGHzCBiC8Ht0H4G76BLj3s611ww8vsOapJlpH2FrFKQo8R
|
||||
LAdnwehGccL2rJtq1cb9nxwe1xKUQ2K6iew9ITImDup6q0YA9dvFLtoZAtfxMf4R
|
||||
7qq3iAZUX0ZftEsM6sioiDhI/HBkUQOQd/2oxaYcEc480cMxf1DueA==
|
||||
-----END RSA PRIVATE KEY-----
|
@ -121,5 +121,8 @@ rsa_pkcs1_encrypt:"4E636AF98E40F3ADCFCCB698F4E80B9F":2048:16:"b38ac65c8141f7f5c9
|
||||
RSA PKCS1 Decrypt #1 (Verify)
|
||||
rsa_pkcs1_decrypt:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"4E636AF98E40F3ADCFCCB698F4E80B9F"
|
||||
|
||||
RSA Check empty private key
|
||||
rsa_check_privkey_null:
|
||||
|
||||
RSA Selftest
|
||||
rsa_selftest:
|
||||
|
@ -179,6 +179,16 @@ rsa_pkcs1_decrypt:message_hex_string:mod:radix_P:input_P:radix_Q:input_Q:radix_N
|
||||
}
|
||||
END_CASE
|
||||
|
||||
BEGIN_CASE
|
||||
rsa_check_privkey_null:
|
||||
{
|
||||
rsa_context ctx;
|
||||
memset( &ctx, 0x00, sizeof( rsa_context ) );
|
||||
|
||||
TEST_ASSERT( rsa_check_privkey( &ctx ) == POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
|
||||
}
|
||||
END_CASE
|
||||
|
||||
BEGIN_CASE
|
||||
rsa_selftest:
|
||||
{
|
||||
|
68
tests/suites/test_suite_x509parse.data
Normal file
68
tests/suites/test_suite_x509parse.data
Normal file
@ -0,0 +1,68 @@
|
||||
X509 Certificate information #1
|
||||
x509_cert_info:"data_files/server1.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2009-02-09 21\:12\:35\nexpires on \: 2011-02-09 21\:12\:35\nsigned using \: RSA+SHA1\nRSA key size \: 2048 bits\n"
|
||||
|
||||
X509 Certificate information #2
|
||||
x509_cert_info:"data_files/server2.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2009-02-10 22\:15\:12\nexpires on \: 2011-02-10 22\:15\:12\nsigned using \: RSA+SHA1\nRSA key size \: 2048 bits\n"
|
||||
|
||||
X509 Certificate information #2
|
||||
x509_cert_info:"data_files/test-ca.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2009-02-09 21\:12\:25\nexpires on \: 2019-02-10 21\:12\:25\nsigned using \: RSA+SHA1\nRSA key size \: 2048 bits\n"
|
||||
|
||||
X509 CRL information #1
|
||||
x509_crl_info:"data_files/crl_expired.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-02-09 21\:12\:36\nnext update \: 2009-04-10 21\:12\:36\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA+SHA1"
|
||||
|
||||
X509 Parse Key #1 (No password when required)
|
||||
x509parse_key:"data_files/test-ca.key":NULL:POLARSSL_ERR_X509_KEY_PASSWORD_REQUIRED
|
||||
|
||||
X509 Parse Key #2 (Correct password)
|
||||
x509parse_key:"data_files/test-ca.key":"PolarSSLTest":0
|
||||
|
||||
X509 Parse Key #3 (Wrong password)
|
||||
x509parse_key:"data_files/test-ca.key":"PolarSSLWRONG":POLARSSL_ERR_X509_KEY_PASSWORD_MISMATCH
|
||||
|
||||
X509 Get Distinguished Name #1
|
||||
x509_dn_gets:"data_files/server1.crt":subject:"C=NL, O=PolarSSL, CN=PolarSSL Server 1"
|
||||
|
||||
X509 Get Distinguished Name #2
|
||||
x509_dn_gets:"data_files/server1.crt":issuer:"C=NL, O=PolarSSL, CN=PolarSSL Test CA"
|
||||
|
||||
X509 Get Distinguished Name #3
|
||||
x509_dn_gets:"data_files/server2.crt":subject:"C=NL, O=PolarSSL, CN=localhost"
|
||||
|
||||
X509 Get Distinguished Name #4
|
||||
x509_dn_gets:"data_files/server2.crt":issuer:"C=NL, O=PolarSSL, CN=PolarSSL Test CA"
|
||||
|
||||
X509 Time Expired #1
|
||||
x509_time_expired:"data_files/server1.crt":valid_from:1
|
||||
|
||||
X509 Time Expired #2
|
||||
x509_time_expired:"data_files/server1.crt":valid_to:0
|
||||
|
||||
X509 Time Expired #3
|
||||
x509_time_expired:"data_files/server2.crt":valid_from:1
|
||||
|
||||
X509 Time Expired #4
|
||||
x509_time_expired:"data_files/server2.crt":valid_to:0
|
||||
|
||||
X509 Time Expired #5
|
||||
x509_time_expired:"data_files/test-ca.crt":valid_from:1
|
||||
|
||||
X509 Time Expired #6
|
||||
x509_time_expired:"data_files/test-ca.crt":valid_to:0
|
||||
|
||||
X509 Certificate verification #1 (Revoked Cert, Revoked CRL)
|
||||
x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":NULL:BADCERT_REVOKED | BADCRL_EXPIRED
|
||||
|
||||
X509 Certificate verification #2 (Revoked Cert, Revoked CRL)
|
||||
x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":"PolarSSL Server 1":BADCERT_REVOKED | BADCRL_EXPIRED
|
||||
|
||||
X509 Certificate verification #3 (Revoked Cert, Revoked CRL, CN Mismatch)
|
||||
x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":"PolarSSL Wrong CN":BADCERT_REVOKED | BADCRL_EXPIRED | BADCERT_CN_MISMATCH
|
||||
|
||||
X509 Certificate verification #4 (Valid Cert, Revoked CRL)
|
||||
x509_verify:"data_files/server2.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":NULL:BADCRL_EXPIRED
|
||||
|
||||
X509 Certificate verification #5 (Not trusted Cert)
|
||||
x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl_expired.pem":NULL:BADCERT_NOT_TRUSTED
|
||||
|
||||
X509 Parse Selftest
|
||||
x509_selftest:
|
126
tests/suites/test_suite_x509parse.function
Normal file
126
tests/suites/test_suite_x509parse.function
Normal file
@ -0,0 +1,126 @@
|
||||
BEGIN_HEADER
|
||||
#include <polarssl/x509.h>
|
||||
END_HEADER
|
||||
|
||||
BEGIN_CASE
|
||||
x509_cert_info:crt_file:result_str
|
||||
{
|
||||
x509_cert crt;
|
||||
char buf[2000];
|
||||
|
||||
memset( &crt, 0, sizeof( x509_cert ) );
|
||||
memset( buf, 0, 2000 );
|
||||
|
||||
TEST_ASSERT( x509parse_crtfile( &crt, {crt_file} ) == 0 );
|
||||
int res = x509parse_cert_info( buf, 2000, "", &crt );
|
||||
|
||||
TEST_ASSERT( res != -1 );
|
||||
TEST_ASSERT( res != -2 );
|
||||
|
||||
TEST_ASSERT( strcmp( buf, {result_str} ) == 0 );
|
||||
}
|
||||
END_CASE
|
||||
|
||||
BEGIN_CASE
|
||||
x509_crl_info:crl_file:result_str
|
||||
{
|
||||
x509_crl crl;
|
||||
char buf[2000];
|
||||
|
||||
memset( &crl, 0, sizeof( x509_crl ) );
|
||||
memset( buf, 0, 2000 );
|
||||
|
||||
TEST_ASSERT( x509parse_crlfile( &crl, {crl_file} ) == 0 );
|
||||
int res = x509parse_crl_info( buf, 2000, "", &crl );
|
||||
|
||||
TEST_ASSERT( res != -1 );
|
||||
TEST_ASSERT( res != -2 );
|
||||
|
||||
TEST_ASSERT( strcmp( buf, {result_str} ) == 0 );
|
||||
}
|
||||
END_CASE
|
||||
|
||||
BEGIN_CASE
|
||||
x509_verify:crt_file:ca_file:crl_file:cn_name:result
|
||||
{
|
||||
x509_cert crt;
|
||||
x509_cert ca;
|
||||
x509_crl crl;
|
||||
int flags = 0;
|
||||
|
||||
memset( &crt, 0, sizeof( x509_cert ) );
|
||||
memset( &ca, 0, sizeof( x509_cert ) );
|
||||
memset( &crl, 0, sizeof( x509_crl ) );
|
||||
|
||||
TEST_ASSERT( x509parse_crtfile( &crt, {crt_file} ) == 0 );
|
||||
TEST_ASSERT( x509parse_crtfile( &ca, {ca_file} ) == 0 );
|
||||
TEST_ASSERT( x509parse_crlfile( &crl, {crl_file} ) == 0 );
|
||||
|
||||
int res = x509parse_verify( &crt, &ca, &crl, {cn_name}, &flags );
|
||||
|
||||
if( res == 0 )
|
||||
{
|
||||
TEST_ASSERT( res == ( {result} ) );
|
||||
}
|
||||
else
|
||||
{
|
||||
TEST_ASSERT( flags == ( {result} ) );
|
||||
}
|
||||
}
|
||||
END_CASE
|
||||
|
||||
BEGIN_CASE
|
||||
x509_dn_gets:crt_file:entity:result_str
|
||||
{
|
||||
x509_cert crt;
|
||||
char buf[2000];
|
||||
|
||||
memset( &crt, 0, sizeof( x509_cert ) );
|
||||
memset( buf, 0, 2000 );
|
||||
|
||||
TEST_ASSERT( x509parse_crtfile( &crt, {crt_file} ) == 0 );
|
||||
int res = x509parse_dn_gets( buf, 2000, &crt.{entity} );
|
||||
|
||||
TEST_ASSERT( res != -1 );
|
||||
TEST_ASSERT( res != -2 );
|
||||
|
||||
TEST_ASSERT( strcmp( buf, {result_str} ) == 0 );
|
||||
}
|
||||
END_CASE
|
||||
|
||||
BEGIN_CASE
|
||||
x509_time_expired:crt_file:entity:result
|
||||
{
|
||||
x509_cert crt;
|
||||
|
||||
memset( &crt, 0, sizeof( x509_cert ) );
|
||||
|
||||
TEST_ASSERT( x509parse_crtfile( &crt, {crt_file} ) == 0 );
|
||||
TEST_ASSERT( x509parse_time_expired( &crt.{entity} ) == {result} );
|
||||
}
|
||||
END_CASE
|
||||
|
||||
BEGIN_CASE
|
||||
x509parse_key:key_file:password:result
|
||||
{
|
||||
rsa_context rsa;
|
||||
|
||||
memset( &rsa, 0, sizeof( rsa_context ) );
|
||||
|
||||
int res = x509parse_keyfile( &rsa, {key_file}, {password} );
|
||||
|
||||
TEST_ASSERT( res == {result} );
|
||||
|
||||
if( res == 0 )
|
||||
{
|
||||
TEST_ASSERT( rsa_check_privkey( &rsa ) == 0 );
|
||||
}
|
||||
}
|
||||
END_CASE
|
||||
|
||||
BEGIN_CASE
|
||||
x509_selftest:
|
||||
{
|
||||
TEST_ASSERT( x509_self_test( 0 ) == 0 );
|
||||
}
|
||||
END_CASE
|
Loading…
Reference in New Issue
Block a user