diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-06-30 10:16:25 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2017-07-01 11:00:56 +0200 |
| commit | 19de1b73ecc549618935a5d42a2ae0383930cde1 (patch) | |
| tree | 1ea6d487c02d89f47c1a45f8c9cd3789be51c468 | |
| parent | eea88981b71d7b2fb7fe07ef2ef4b566d587424e (diff) | |
| download | gnutls-19de1b73ecc549618935a5d42a2ae0383930cde1.tar.gz | |
tests: added ECDSA OCSP response verification
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| -rw-r--r-- | tests/ocsp-tests/Makefile.am | 6 | ||||
| -rw-r--r-- | tests/ocsp-tests/certs/cert-akamai.com.pem | 26 | ||||
| -rw-r--r-- | tests/ocsp-tests/certs/ocsp-akamai.com.der | bin | 0 -> 1033 bytes | |||
| -rwxr-xr-x | tests/ocsp-tests/ocsp-ecdsa-test | 52 |
4 files changed, 82 insertions, 2 deletions
diff --git a/tests/ocsp-tests/Makefile.am b/tests/ocsp-tests/Makefile.am index 460018ae42..f0a616eac6 100644 --- a/tests/ocsp-tests/Makefile.am +++ b/tests/ocsp-tests/Makefile.am @@ -22,12 +22,14 @@ EXTRA_DIST = certs/ca.key certs/ca.pem certs/ocsp-server.key certs/ocsp-server.pem response1.der \ response2.der certs/ocsp_index.txt certs/ocsp_index.txt.attr \ certs/server_good.key certs/server_bad.key certs/server_good.template \ - certs/server_bad.template certs/ocsp-staple-unrelated.der suppressions.valgrind + certs/server_bad.template certs/ocsp-staple-unrelated.der suppressions.valgrind \ + certs/ocsp-akamai.com.der certs/cert-akamai.com.pem dist_check_SCRIPTS = if !WINDOWS -dist_check_SCRIPTS += ocsp-tls-connection ocsp-must-staple-connection ocsp-test +dist_check_SCRIPTS += ocsp-tls-connection ocsp-must-staple-connection ocsp-test \ + ocsp-ecdsa-test endif TESTS = $(dist_check_SCRIPTS) diff --git a/tests/ocsp-tests/certs/cert-akamai.com.pem b/tests/ocsp-tests/certs/cert-akamai.com.pem new file mode 100644 index 0000000000..4b9604af52 --- /dev/null +++ b/tests/ocsp-tests/certs/cert-akamai.com.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEajCCA1KgAwIBAgIQP5KHvp0dpKN6nfYoLndaxDANBgkqhkiG9w0BAQsFADCB +yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL +ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp +U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW +ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0 +aG9yaXR5IC0gRzUwHhcNMTUwNTEyMDAwMDAwWhcNMjUwNTExMjM1OTU5WjCBgDEL +MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD +VQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMTEwLwYDVQQDEyhTeW1hbnRlYyBD +bGFzcyAzIEVDQyAyNTYgYml0IFNTTCBDQSAtIEcyMFkwEwYHKoZIzj0CAQYIKoZI +zj0DAQcDQgAEDxukkdfnrOfRTk63ZFvhj39uBNOrONtEt0Bcbb2WljffeYmGZ/ex +Hwie/WM7RoyfvVPoFdyXPiuBRq2Gfw4BOaOCAV0wggFZMC4GCCsGAQUFBwEBBCIw +IDAeBggrBgEFBQcwAYYSaHR0cDovL3Muc3ltY2QuY29tMBIGA1UdEwEB/wQIMAYB +Af8CAQAwZQYDVR0gBF4wXDBaBgpghkgBhvhFAQc2MEwwIwYIKwYBBQUHAgEWF2h0 +dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5z +eW1jYi5jb20vcnBhMC8GA1UdHwQoMCYwJKAioCCGHmh0dHA6Ly9zLnN5bWNiLmNv +bS9wY2EzLWc1LmNybDAOBgNVHQ8BAf8EBAMCAQYwKwYDVR0RBCQwIqQgMB4xHDAa +BgNVBAMTE1NZTUMtRUNDLUNBLXAyNTYtMjIwHQYDVR0OBBYEFCXwiuFLetkBlQrt +xlPxjHgf2fP4MB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqG +SIb3DQEBCwUAA4IBAQAMMGUXBaWTdaLxsTGtcB/naqjIQrLvoV9NG+7MoHpGd/69 +dZ/h2zOy7sGFUHoG/0HGRA9rxT/5w5GkEVIVkxtWyIWWq6rs4CTZt8Bej/KHYRbo +jtEDUkCTZSTLiCvguPyvinXgxy+LHT+PmdtEfXsvcdbeBSWUYpOsDYvD2hNtz9dw +Od5nBosMApmdxt+z7LQyZu8wMnfI1U6IMO+RWowxZ8uy0oswdFYd32l9xe+aAE/k +y9alLu/M9pvxiUKufqHJRgDBKA6uDjHLMPX+/nxXaNCPX3SI4KVZ1stHQ/U5oNlM +dHN9umAvlU313g0IgJrjsQ2nIdf9dsdP+6lrmP7s +-----END CERTIFICATE----- diff --git a/tests/ocsp-tests/certs/ocsp-akamai.com.der b/tests/ocsp-tests/certs/ocsp-akamai.com.der Binary files differnew file mode 100644 index 0000000000..0687207178 --- /dev/null +++ b/tests/ocsp-tests/certs/ocsp-akamai.com.der diff --git a/tests/ocsp-tests/ocsp-ecdsa-test b/tests/ocsp-tests/ocsp-ecdsa-test new file mode 100755 index 0000000000..8febb4b0da --- /dev/null +++ b/tests/ocsp-tests/ocsp-ecdsa-test @@ -0,0 +1,52 @@ +#!/bin/sh + +# Copyright (C) 2016 Nikos Mavrogiannopoulos +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +#set -e + +srcdir="${srcdir:-.}" +OCSPTOOL="${OCSPTOOL:-../../src/ocsptool${EXEEXT}}" +DIFF="${DIFF:-diff}" + +if ! test -x "${OCSPTOOL}"; then + exit 77 +fi + +export TZ="UTC" + +# Check for datefudge +TSTAMP=`datefudge "2006-09-23" date -u +%s || true` +if test "$TSTAMP" != "1158969600"; then + echo $TSTAMP + echo "You need datefudge to run this test" + exit 77 +fi + +datefudge -s "2017-06-29" \ + "${OCSPTOOL}" -e --load-signer "${srcdir}/certs/cert-akamai.com.pem" --infile "${srcdir}/certs/ocsp-akamai.com.der" -d 4 +rc=$? + +# We're done. +if test "${rc}" != "0"; then + echo "Test 1 - failed" + exit ${rc} +fi + + +exit 0 |