diff options
author | Karl Tarbe <karl.tarbe@cyber.ee> | 2017-05-08 15:06:33 +0300 |
---|---|---|
committer | Karl Tarbe <karl.tarbe@cyber.ee> | 2017-05-15 15:57:46 +0300 |
commit | 59ed6b4371bfcdcc12b300e26e5fa1d084208864 (patch) | |
tree | a85cf686dbc24e95ac6be4c0e79a1698fb719686 | |
parent | 3fb751fe5711f710e993051992c4eadff53f471d (diff) | |
download | gnutls-59ed6b4371bfcdcc12b300e26e5fa1d084208864.tar.gz |
tests: add test for signing with certificate list
Signing with one certificate, but includes the other certificates
inside the PKCS#7 structure.
Signed-off-by: Karl Tarbe <karl.tarbe@cyber.ee>
-rw-r--r-- | tests/cert-tests/Makefile.am | 5 | ||||
-rw-r--r-- | tests/cert-tests/data/pkcs7-chain-endcert-key.pem | 182 | ||||
-rw-r--r-- | tests/cert-tests/data/pkcs7-chain-root.pem | 23 | ||||
-rw-r--r-- | tests/cert-tests/data/pkcs7-chain.pem | 72 | ||||
-rwxr-xr-x | tests/cert-tests/pkcs7-list-sign | 81 |
5 files changed, 361 insertions, 2 deletions
diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am index 47a2e1ec3b..e155fef509 100644 --- a/tests/cert-tests/Makefile.am +++ b/tests/cert-tests/Makefile.am @@ -75,7 +75,8 @@ EXTRA_DIST = data/ca-no-pathlen.pem data/no-ca-or-pathlen.pem data/aki-cert.pem data/pkcs7.smime data/invalid-date-hour.der data/invalid-date-mins.der \ data/invalid-date-secs.der data/invalid-date-month.der data/invalid-date-day.der \ data/mem-leak.p12 data/alt-chain-new-ca.pem data/alt-chain-old-ca.pem \ - data/alt-chain.pem + data/alt-chain.pem data/pkcs7-chain.pem data/pkcs7-chain-root.pem \ + data/pkcs7-chain-endcert-key.pem dist_check_SCRIPTS = pathlen aki certtool invalid-sig email \ pkcs7 pkcs7-broken-sigs privkey-import name-constraints certtool-long-cn crl provable-privkey \ @@ -83,7 +84,7 @@ dist_check_SCRIPTS = pathlen aki certtool invalid-sig email \ provable-privkey-rsa2048 provable-privkey-gen-default pkcs7-constraints \ pkcs7-constraints2 certtool-long-oids pkcs7-cat cert-sanity cert-critical \ pkcs12 certtool-crl-decoding pkcs12-encode pkcs12-corner-cases inhibit-anypolicy \ - smime cert-time alt-chain + smime cert-time alt-chain pkcs7-list-sign if WANT_TEST_SUITE dist_check_SCRIPTS += provable-dh-default diff --git a/tests/cert-tests/data/pkcs7-chain-endcert-key.pem b/tests/cert-tests/data/pkcs7-chain-endcert-key.pem new file mode 100644 index 0000000000..c68464589e --- /dev/null +++ b/tests/cert-tests/data/pkcs7-chain-endcert-key.pem @@ -0,0 +1,182 @@ +Public Key Info: + Public Key Algorithm: RSA + Key Security Level: High (3072 bits) + +modulus: + 00:cf:4d:4a:09:00:a6:0d:58:ac:03:1d:60:d5:fc:5e + b7:e7:04:42:09:27:eb:01:f3:a5:52:6d:1d:d9:2b:87 + 2e:d2:7f:58:f9:d9:8e:34:51:a7:cd:82:80:d9:ae:a2 + e8:5c:61:7c:d1:e6:1e:ee:21:3d:1f:8f:5f:03:1d:d9 + 50:03:2e:d9:92:fb:fc:db:3d:38:c0:68:de:a0:4e:7a + 88:12:3f:e2:50:5a:97:ab:1b:bc:ab:37:b8:8c:dc:03 + 7f:b3:44:53:0e:59:da:81:7a:6b:3f:fb:48:6a:cb:06 + 53:7d:49:41:60:69:2d:0b:3c:fb:85:28:c6:0a:3e:f9 + 94:f6:b1:05:c9:9b:87:ce:e0:8b:d1:bd:d4:10:ff:ab + a0:22:dd:c4:c9:62:eb:09:8d:4b:30:03:3c:e8:96:d3 + bc:cf:40:6d:e2:d3:c6:15:97:57:61:b6:9c:01:d4:60 + 1c:23:a8:f7:18:82:a4:41:86:5d:3e:1c:b8:e2:6b:e4 + a5:ca:83:40:14:a3:8a:ea:7e:21:c0:85:3b:0d:b0:b0 + 6e:00:d9:fc:53:34:c5:b9:ab:3b:18:89:5c:4d:3b:6b + 91:0b:6d:57:d6:58:e2:08:6d:eb:74:9b:bf:c1:01:89 + a2:f5:f3:32:5e:86:6e:9d:26:21:3b:b5:36:b1:e5:f8 + 68:d2:df:12:4a:5b:4d:7f:71:b7:4c:04:cf:b2:17:fa + cf:b7:4b:9f:fb:59:01:60:ee:93:6f:c8:20:df:ad:d0 + 17:0c:e6:03:90:10:5c:26:dc:33:a0:15:ac:1d:49:1c + 63:03:36:fd:b5:d7:36:10:a0:57:3f:dd:64:22:22:37 + fb:bd:8c:2a:b7:12:bf:b5:9b:3c:ac:5c:9d:a9:b9:f1 + ae:ae:a1:12:e7:af:5f:c4:c7:f2:66:cf:b5:a9:f2:74 + 1c:26:f7:bb:44:85:00:d1:8e:35:73:27:98:05:cd:97 + b8:4e:fb:f7:3c:56:49:de:e2:3b:18:62:0c:34:b7:b8 + 0d: + +public exponent: + 01:00:01: + +private exponent: + 00:c2:c9:10:e3:dc:a4:2a:ae:43:12:ba:2c:1f:65:7f + 6a:b5:bb:9e:81:13:ed:12:6c:69:cf:45:90:62:5b:30 + 2e:a2:c3:de:4b:06:4d:44:83:e5:74:89:47:a1:43:22 + f7:ca:b6:1f:9e:ea:e7:ed:41:76:39:8d:71:ed:6f:c2 + 9e:18:1f:91:79:37:25:a4:ab:a6:03:c5:86:4a:82:f3 + 47:a0:3e:3e:dc:da:02:e1:58:b2:b2:ff:2c:7d:ce:cd + ca:d4:1b:43:1f:9c:f6:5f:eb:33:93:6e:fd:e0:ba:dc + 3a:de:e2:52:77:d0:db:ee:4f:62:d7:00:34:f5:b3:ae + b8:76:04:68:37:c3:d8:9c:5f:09:82:0f:28:90:c0:6b + f7:90:4b:69:79:01:65:70:18:3f:a9:e1:a0:fd:bb:9b + 41:32:4c:8b:f4:32:a1:51:f0:5e:bf:05:e3:19:25:01 + 19:ef:b7:f8:56:23:8b:4b:b6:81:2e:b7:b6:51:aa:a7 + b0:1e:c6:7c:01:b6:3f:93:37:e2:87:7f:45:57:46:7a + 4f:a9:d3:3c:8b:fc:27:34:79:bd:60:da:0d:f8:c6:2a + a8:95:5e:62:51:ea:40:95:0f:da:18:02:0c:91:0a:0d + fd:dd:13:36:36:45:d7:f6:bb:db:f6:54:fb:f6:31:b4 + 8f:1f:a5:65:70:bf:60:12:b2:bb:a4:9c:d0:a5:9d:70 + 2f:e9:22:f3:83:e3:4c:4d:5a:50:d3:37:ce:77:4b:9b + 98:4c:8d:7b:48:85:01:2c:48:eb:cd:6d:80:1b:26:b5 + bc:9f:a9:ae:df:36:a8:f6:ad:31:7f:9f:f5:cf:7a:fb + d3:99:5d:97:f7:37:ba:4b:df:89:e4:1f:57:a1:f5:dc + f0:7a:44:48:4b:2a:c9:b7:f5:96:4a:85:f2:5a:be:f8 + b1:9b:c9:da:1c:e8:65:54:7a:66:e4:68:33:f8:be:1f + 4e:17:b1:2d:b7:1c:63:ac:cf:7a:a3:4b:5c:57:3c:b7 + 51: + +prime1: + 00:f7:ab:33:e9:01:38:02:87:49:0c:56:8f:8e:f7:35 + e5:88:97:cf:7b:d0:2b:84:28:b4:4f:b3:17:fd:b2:27 + 1c:10:7b:1e:0b:bb:3a:ac:4d:de:87:fe:e1:0e:f3:33 + 3c:28:3d:f5:be:a1:ee:be:51:09:2f:d7:91:80:07:6c + c9:82:cd:91:26:73:0a:3f:3c:e8:01:8c:89:fb:60:9e + 67:c0:6d:84:3d:25:2a:88:0d:1a:b1:c0:6b:26:81:13 + 10:2e:01:85:75:70:de:01:0f:47:49:b0:d7:3c:e0:e9 + cf:1e:de:a8:bb:67:4f:26:ec:c3:5e:f2:90:28:1c:8b + 43:f5:33:0e:f3:a2:92:3c:e3:5e:ca:94:a6:4d:f7:a9 + 84:7b:11:03:cb:34:1a:d9:c1:54:37:d3:a3:06:49:bd + 43:16:52:6d:c5:44:db:e4:cf:90:48:13:7d:18:cd:f6 + db:1c:80:95:0a:b4:bf:ff:78:ef:c0:66:69:0e:c9:4e + 7f: + +prime2: + 00:d6:46:77:b9:7c:1b:06:fe:eb:ba:cf:48:a4:9b:0a + 98:8c:99:9d:b4:40:e3:1b:61:d3:9d:85:78:f6:56:c0 + 65:7b:6c:a5:e9:18:10:7d:65:c7:48:95:ff:f4:f5:94 + cf:49:38:d7:04:3f:3b:c1:ae:d1:e5:a6:20:ff:dc:12 + a9:41:84:1a:ff:56:53:3d:33:91:c8:a5:a5:a2:91:f4 + 92:07:95:92:29:4b:f7:80:de:d1:91:1c:f8:97:64:a1 + df:57:ed:0e:9d:ca:23:77:30:8b:bb:2c:eb:52:9e:4d + cd:41:63:dc:9d:8f:1d:0c:f6:4e:e6:26:38:55:69:1e + 1d:8b:b6:f0:68:a9:b9:38:b0:97:b5:be:34:c7:9b:60 + 08:b6:e0:83:d8:f8:f6:62:b4:be:be:01:fd:2f:6f:5d + 2a:a0:8d:aa:52:f5:2c:23:56:8d:3a:50:73:0d:ea:31 + 95:59:32:60:9c:e9:3f:34:5a:c7:99:57:a5:55:16:0b + 73: + +coefficient: + 00:88:98:51:9a:a6:1c:ce:44:54:5d:c7:f5:df:a7:0a + db:39:c3:d8:6b:ec:5d:ee:89:64:bf:25:2e:9a:25:a6 + ee:dc:e5:cb:01:13:9a:19:9f:7f:24:52:b6:e7:40:e1 + 21:8d:8f:9f:69:92:e4:3d:a4:25:db:2d:0a:74:bc:ea + 44:d6:81:90:d5:59:3f:6a:63:cd:2c:0e:7f:83:ce:0c + e7:7b:bb:22:c8:6d:f8:15:5d:7b:52:be:e1:c6:1f:c5 + 55:5a:76:8a:b4:ae:18:29:55:86:e0:a7:40:23:28:c0 + c7:6d:dc:a3:a8:6b:56:97:b4:64:88:a1:7b:f1:5f:b4 + f0:bf:1b:9e:b3:b7:db:59:a3:01:49:40:2d:df:2b:bb + f4:e3:84:e8:b9:0c:c5:31:f6:05:38:4c:7f:8e:b6:2e + 8b:7f:fc:69:c2:57:e5:f5:10:3e:4e:47:3a:3d:d2:57 + a7:5f:73:54:8d:9a:60:90:d6:10:b7:e3:31:57:83:40 + 87: + +exp1: + 00:f4:cd:e1:da:9f:5c:c8:8b:06:76:4e:9d:49:d8:2b + 0a:fd:cf:e8:c3:5e:49:95:31:52:c1:30:aa:37:16:c0 + 37:aa:46:b7:b5:2a:d4:dc:f9:7f:4b:77:70:e8:01:16 + 14:91:46:65:40:8f:f9:57:5e:ec:30:c0:e8:4d:df:88 + f5:49:f8:7d:4f:bf:08:52:e7:95:ff:e9:f5:7d:66:cc + 4c:8b:54:f5:10:27:4b:79:fd:51:f4:7e:d8:aa:cf:8c + 93:42:96:38:5f:94:37:ac:5e:78:bd:6b:31:e5:37:ff + 83:bd:e4:a2:6d:d2:b8:d7:25:d2:1b:68:b1:7b:24:73 + b7:b1:87:4d:71:1e:b1:63:c3:ee:af:58:ed:65:45:b6 + e6:7f:6a:9b:10:61:29:65:32:06:57:c4:36:71:01:b4 + 34:ba:bc:b1:49:fb:3d:4b:56:ab:2b:c3:2f:b4:b3:e9 + 1c:3d:79:0f:58:ec:be:96:fb:e8:27:8a:52:af:cd:e5 + 6b: + +exp2: + 50:8c:54:dd:49:25:ef:cf:4c:56:01:2d:d1:92:e6:bc + c9:bd:c5:66:c9:2d:96:51:83:f7:27:01:7d:b8:c6:c2 + 5f:4f:4c:5e:ff:48:d3:9a:ba:fb:32:47:f1:91:8f:cb + 0c:3f:6d:b4:8f:00:ab:a2:48:0d:08:12:47:9c:36:f7 + a1:45:43:d0:d0:66:a2:0f:0c:b2:5c:72:93:56:42:95 + d2:7c:0b:61:b2:c8:eb:8c:d7:42:b1:9d:51:6b:e6:dd + ca:73:b6:96:e2:31:ca:d0:58:f6:97:c0:2e:62:8b:e4 + a8:bc:1d:66:ad:31:c2:79:a4:d7:27:6e:ed:cc:82:21 + a1:2f:b7:d7:e0:55:5c:56:25:f1:8f:fa:cf:3e:3d:2f + 89:6f:84:a0:bf:95:ff:2c:ea:b7:0a:90:5e:90:82:79 + 4f:b9:71:59:96:08:6d:90:4f:ae:a8:27:58:07:bd:73 + e2:ff:e9:09:93:34:cb:3d:84:e2:c3:eb:c6:bc:6e:b9 + + + +Public Key PIN: + pin-sha256:bQF0mUATY710KqQP8ajdnqREqJUPc/Z4II4Fn33CZL8= +Public Key ID: + sha256:6d017499401363bd742aa40ff1a8dd9ea444a8950f73f678208e059f7dc264bf + sha1:9612983dbe342ee129ce2aaa5be249c695676212 + +-----BEGIN RSA PRIVATE KEY----- +MIIG5QIBAAKCAYEAz01KCQCmDVisAx1g1fxet+cEQgkn6wHzpVJtHdkrhy7Sf1j5 +2Y40UafNgoDZrqLoXGF80eYe7iE9H49fAx3ZUAMu2ZL7/Ns9OMBo3qBOeogSP+JQ +WperG7yrN7iM3AN/s0RTDlnagXprP/tIassGU31JQWBpLQs8+4Uoxgo++ZT2sQXJ +m4fO4IvRvdQQ/6ugIt3EyWLrCY1LMAM86JbTvM9AbeLTxhWXV2G2nAHUYBwjqPcY +gqRBhl0+HLjia+SlyoNAFKOK6n4hwIU7DbCwbgDZ/FM0xbmrOxiJXE07a5ELbVfW +WOIIbet0m7/BAYmi9fMyXoZunSYhO7U2seX4aNLfEkpbTX9xt0wEz7IX+s+3S5/7 +WQFg7pNvyCDfrdAXDOYDkBBcJtwzoBWsHUkcYwM2/bXXNhCgVz/dZCIiN/u9jCq3 +Er+1mzysXJ2pufGurqES569fxMfyZs+1qfJ0HCb3u0SFANGONXMnmAXNl7hO+/c8 +Vkne4jsYYgw0t7gNAgMBAAECggGBAMLJEOPcpCquQxK6LB9lf2q1u56BE+0SbGnP +RZBiWzAuosPeSwZNRIPldIlHoUMi98q2H57q5+1BdjmNce1vwp4YH5F5NyWkq6YD +xYZKgvNHoD4+3NoC4Viysv8sfc7NytQbQx+c9l/rM5Nu/eC63Dre4lJ30NvuT2LX +ADT1s664dgRoN8PYnF8Jgg8okMBr95BLaXkBZXAYP6nhoP27m0EyTIv0MqFR8F6/ +BeMZJQEZ77f4ViOLS7aBLre2UaqnsB7GfAG2P5M34od/RVdGek+p0zyL/Cc0eb1g +2g34xiqolV5iUepAlQ/aGAIMkQoN/d0TNjZF1/a72/ZU+/YxtI8fpWVwv2ASsruk +nNClnXAv6SLzg+NMTVpQ0zfOd0ubmEyNe0iFASxI681tgBsmtbyfqa7fNqj2rTF/ +n/XPevvTmV2X9ze6S9+J5B9XofXc8HpESEsqybf1lkqF8lq++LGbydoc6GVUembk +aDP4vh9OF7EttxxjrM96o0tcVzy3UQKBwQD3qzPpATgCh0kMVo+O9zXliJfPe9Ar +hCi0T7MX/bInHBB7Hgu7OqxN3of+4Q7zMzwoPfW+oe6+UQkv15GAB2zJgs2RJnMK +PzzoAYyJ+2CeZ8BthD0lKogNGrHAayaBExAuAYV1cN4BD0dJsNc84OnPHt6ou2dP +JuzDXvKQKByLQ/UzDvOikjzjXsqUpk33qYR7EQPLNBrZwVQ306MGSb1DFlJtxUTb +5M+QSBN9GM322xyAlQq0v/9478BmaQ7JTn8CgcEA1kZ3uXwbBv7rus9IpJsKmIyZ +nbRA4xth052FePZWwGV7bKXpGBB9ZcdIlf/09ZTPSTjXBD87wa7R5aYg/9wSqUGE +Gv9WUz0zkcilpaKR9JIHlZIpS/eA3tGRHPiXZKHfV+0OncojdzCLuyzrUp5NzUFj +3J2PHQz2TuYmOFVpHh2LtvBoqbk4sJe1vjTHm2AItuCD2Pj2YrS+vgH9L29dKqCN +qlL1LCNWjTpQcw3qMZVZMmCc6T80WseZV6VVFgtzAoHBAPTN4dqfXMiLBnZOnUnY +Kwr9z+jDXkmVMVLBMKo3FsA3qka3tSrU3Pl/S3dw6AEWFJFGZUCP+Vde7DDA6E3f +iPVJ+H1PvwhS55X/6fV9ZsxMi1T1ECdLef1R9H7Yqs+Mk0KWOF+UN6xeeL1rMeU3 +/4O95KJt0rjXJdIbaLF7JHO3sYdNcR6xY8Pur1jtZUW25n9qmxBhKWUyBlfENnEB +tDS6vLFJ+z1LVqsrwy+0s+kcPXkPWOy+lvvoJ4pSr83lawKBwFCMVN1JJe/PTFYB +LdGS5rzJvcVmyS2WUYP3JwF9uMbCX09MXv9I05q6+zJH8ZGPyww/bbSPAKuiSA0I +EkecNvehRUPQ0GaiDwyyXHKTVkKV0nwLYbLI64zXQrGdUWvm3cpztpbiMcrQWPaX +wC5ii+SovB1mrTHCeaTXJ27tzIIhoS+31+BVXFYl8Y/6zz49L4lvhKC/lf8s6rcK +kF6QgnlPuXFZlghtkE+uqCdYB71z4v/pCZM0yz2E4sPrxrxuuQKBwQCImFGaphzO +RFRdx/XfpwrbOcPYa+xd7olkvyUumiWm7tzlywETmhmffyRStudA4SGNj59pkuQ9 +pCXbLQp0vOpE1oGQ1Vk/amPNLA5/g84M53u7Isht+BVde1K+4cYfxVVadoq0rhgp +VYbgp0AjKMDHbdyjqGtWl7RkiKF78V+08L8bnrO321mjAUlALd8ru/TjhOi5DMUx +9gU4TH+Oti6Lf/xpwlfl9RA+Tkc6PdJXp19zVI2aYJDWELfjMVeDQIc= +-----END RSA PRIVATE KEY----- diff --git a/tests/cert-tests/data/pkcs7-chain-root.pem b/tests/cert-tests/data/pkcs7-chain-root.pem new file mode 100644 index 0000000000..3a4be5ec36 --- /dev/null +++ b/tests/cert-tests/data/pkcs7-chain-root.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID6TCCAlGgAwIBAgIMWRVcZxmAWkc1Mhq3MA0GCSqGSIb3DQEBCwUAMA8xDTAL +BgNVBAMTBENBLTAwIBcNMTcwNTEyMDY1NTM1WhgPOTk5OTEyMzEyMzU5NTlaMA8x +DTALBgNVBAMTBENBLTAwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDk +fS4dWnVZWp/e3SPUjXDvGmg0c/kcXCAmVq7jqgn18LA7p6Bp+hW79NXYATUz133b +z7XK8RJWm+XcDB2qVT1HC4bxlRpc2G6nBmc5qyRTOFV2VTHcO8Aqg9C4rkbmsofZ +ixJ+1HEseTM63yySmP7SiALwj55wvSDbpAcgfU92hC8jjUQNB4fAbc92byg82MPF +PT+4FBCCBZVGHV6X1t5CBL8n9yq8Z8ufkBI1K6J/dNSXLhja3m5Q3J+WZpv445do +88U1csw3G38frq6RFVHbb0Pusrdbj6+BAJsF5ZGbacPzcuobosVyb5OmNhpiwSzb +yxD7rNUsVis8ClDSDTT4EP6Qxs7rnF/5UyWtVEnUg15xEqtj3CFlgY2mkI0v7YIO +GAf3uo8iXHE0vaQHlQ2DMp8/IL3rRTujxXukjO1SH/4h9VXnNjGMrOpQRSajhMx2 +aHw/tPnNLTMqGfDV/rUFMGzJbhe1ZPH6L9kGFJzwDSd78D6ho/jWa/bH5306L4kC +AwEAAaNDMEEwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwYAMB0GA1Ud +DgQWBBTZfEXSOVCPbOBHkMnezrD5wKsxpTANBgkqhkiG9w0BAQsFAAOCAYEALDBQ +V/cMcuhDVChs5JICijycvZpxlxzxY34bQ3dm0NWeMjL+6dIyOQ5ThF6joG3nIScl +oACurHcrZgrCTbw3LWXll0Hbwb0FRASCKgsg3a5BuRqc33A3vyQAOiyTiN+bje8e +LpuhJNlAVFYu52+ywObwd1pf6CN4IqbXWlJ6j9rYY6Trquar3uYc1dHLy/RBsatQ +CqurVTcZ+/2R1itHFfvT2fJ+pOw/kgAg62Tkkj2Ck0PaNcplbgQY0RUALV3V1Db5 +lnNCYcr5Iyl/ag5Unf1QD16Tp0SYI0+670xqq7Q4U6xQroZbMgPTI+DaCUFINOE5 +/2XiHxuWhM8N9fgfw8u9RyMKe7bgiQzeJkb3CKbsf9ytF8yUSK6nJc+/9Lqnh0Z0 +tf2yIpNKC2gc93dM1W1yVSuLLU5jwEkcMwh7JQJLofUgkfenKLOleNQ5UsHuAmy4 +LJS7OTnwtTfqtnszZGGmKqOS6HKE7rP1jI9AZgqRfGLIYoRY0skYtFsgZwzy +-----END CERTIFICATE----- diff --git a/tests/cert-tests/data/pkcs7-chain.pem b/tests/cert-tests/data/pkcs7-chain.pem new file mode 100644 index 0000000000..4800eb5629 --- /dev/null +++ b/tests/cert-tests/data/pkcs7-chain.pem @@ -0,0 +1,72 @@ +-----BEGIN CERTIFICATE----- +MIIEITCCAomgAwIBAgIMWRVcaAigQxpHMLElMA0GCSqGSIb3DQEBCwUAMA8xDTAL +BgNVBAMTBENBLTEwIBcNMTcwNTEyMDY1NTM2WhgPOTk5OTEyMzEyMzU5NTlaMBMx +ETAPBgNVBAMTCHNlcnZlci0yMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC +AYEAz01KCQCmDVisAx1g1fxet+cEQgkn6wHzpVJtHdkrhy7Sf1j52Y40UafNgoDZ +rqLoXGF80eYe7iE9H49fAx3ZUAMu2ZL7/Ns9OMBo3qBOeogSP+JQWperG7yrN7iM +3AN/s0RTDlnagXprP/tIassGU31JQWBpLQs8+4Uoxgo++ZT2sQXJm4fO4IvRvdQQ +/6ugIt3EyWLrCY1LMAM86JbTvM9AbeLTxhWXV2G2nAHUYBwjqPcYgqRBhl0+HLji +a+SlyoNAFKOK6n4hwIU7DbCwbgDZ/FM0xbmrOxiJXE07a5ELbVfWWOIIbet0m7/B +AYmi9fMyXoZunSYhO7U2seX4aNLfEkpbTX9xt0wEz7IX+s+3S5/7WQFg7pNvyCDf +rdAXDOYDkBBcJtwzoBWsHUkcYwM2/bXXNhCgVz/dZCIiN/u9jCq3Er+1mzysXJ2p +ufGurqES569fxMfyZs+1qfJ0HCb3u0SFANGONXMnmAXNl7hO+/c8Vkne4jsYYgw0 +t7gNAgMBAAGjdzB1MAwGA1UdEwEB/wQCMAAwFAYDVR0RBA0wC4IJbG9jYWxob3N0 +MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFJYSmD2+NC7hKc4qqlviScaVZ2IS +MB8GA1UdIwQYMBaAFFRxDgQyZHU8liZv3WQ/ksokQCSpMA0GCSqGSIb3DQEBCwUA +A4IBgQAN1f7NR1o0JV2IgEDO+ahN5sx/ad+SYvSaRth8TogKjRMY9C/w13rwzs6M +Y8qaipz2D5Nso2FHysveW3IoEtqS9UB2wYmfh97P3cePz9FEvmGA+8SdL+rCLTpi +u6eioKk04C56cMsf7cFls1MZ1iCbbU/HlXoqjg4mJZeVW443MlmT/xyZLuqNhnke +b5C0MHJ0Y/dBtRzdE1yrphLurpC39RLqAj1K3U/iWt9ZXbIYPioPXKpWcEdXgFsE +Pboe4Aj1ZweK6siijaEZ1HdyRdEvi77MaMTuL5i42JzV8j9OoKA8IVdf4FJgIGOo +yHW9oBVzYmEIzQ7+lpp68Fk8w+esk5WafPRdP5AQNRXN4KFJmdYZe2K7BSEArc4c +iIB+gNjFOiAbXnlW+URHiOMPZCXza7Fxae33B5lMBcpi1yDSa2XOO/xPu5z9vA1L +9ugcdi3EqBmVEf1h4MQuXP0rKp85L4Bd8qqIbXz6pE85Yz5AjcXU/VD/y4ugJV6V +oVNlbsQ= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIECjCCAnKgAwIBAgIMWRVcZzdMb3w6rL9cMA0GCSqGSIb3DQEBCwUAMA8xDTAL +BgNVBAMTBENBLTAwIBcNMTcwNTEyMDY1NTM1WhgPOTk5OTEyMzEyMzU5NTlaMA8x +DTALBgNVBAMTBENBLTEwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDK +VudX96t79AYqJxe0I9D5d1QAS2UOQ04A/brEmdZ0gMNdXT99cesrPy9dIOq2Vtyq +dr5HEqCmEGZUnB9882OosNCwM8qMu+xkPlDdApLfM1UV8tyPMTLDyKDYcGxBcx1B +x/vYDSHQ9OZZaHOkaK8qjWN1G7ZZk+7j+fKsFee+VVaY/LNZVtNjA6PQC8/fQeEF +6NdKFFNZGA6xOjPAdfcpidJAAqhs0nCwlZocLSTrlAplLtXj3jjIpWZA9pnqZTQB +dk2dSukhbBqbjOaRcAoS96CNB9BPTfiYoBFIrO18CeDuyqNhriAKS4wLKhUOtB0C +vkuJC77NLeYFPXLI/8RbUD9M2BBeveswX5S9oEqghrsJuehHPy3Uces6oK9nipIN +9Uj/mkemgXjZqfIUcLMJisk3WBG4JZEcFCrLRKHbEMhQ1borBexi+y0qE0tKpc6k +pq6SvSkmyAoy8yURtcyw43AgULp7RaS0F6kLkyuY4WbVDkZHT/6zqD8178kig8EC +AwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwQAMB0GA1Ud +DgQWBBRUcQ4EMmR1PJYmb91kP5LKJEAkqTAfBgNVHSMEGDAWgBTZfEXSOVCPbOBH +kMnezrD5wKsxpTANBgkqhkiG9w0BAQsFAAOCAYEAD9S9gNKUzT4CpHZ1WZ+TMlJN +0uVwchW5ivsimghmD3T2e+7rSwpxsvQAKb1ifZS5H4L2We6e4Rq5KjfaZZxBy0F4 +TziK6Vy6KRPqtyH2YZwiqpgoJ/kCzdmiPwIuSagZYkXebgzRESAXJHxmANk8WuBT +fuTWlN9WhqUsubB/b5CLKwYx99k5W55VKld44bqWWG9b9qma42+7tllKV1ctOHUz +W/tZDWFDTZlMi4NoDnHlciGuNKM2rN37kwmjE2oVUQc1FVQhmdlbdGj/kO14Ur0u +dlTWO1ApZ+0bGmcB+QOHbM5wwnH2yyqBf2ipS9jjxqo2Xi2mb8GuSj4zXuB3sbSm +ms11RUNZdBUe56SO/mflywXfxYBslr56+n4uFtKo/LS/HQbGbURDLxRCbNual8tb +CqdvPriHx9No3EmZEF9fVLy4PQ1k8oau1eQYgTA14aRkkchCJEnPnzVQgUKuHZTC +79Ek2RkRK1p2o5rB/C+Bg2IyhQlWSqPjua1dmM54 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIID6TCCAlGgAwIBAgIMWRVcZxmAWkc1Mhq3MA0GCSqGSIb3DQEBCwUAMA8xDTAL +BgNVBAMTBENBLTAwIBcNMTcwNTEyMDY1NTM1WhgPOTk5OTEyMzEyMzU5NTlaMA8x +DTALBgNVBAMTBENBLTAwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDk +fS4dWnVZWp/e3SPUjXDvGmg0c/kcXCAmVq7jqgn18LA7p6Bp+hW79NXYATUz133b +z7XK8RJWm+XcDB2qVT1HC4bxlRpc2G6nBmc5qyRTOFV2VTHcO8Aqg9C4rkbmsofZ +ixJ+1HEseTM63yySmP7SiALwj55wvSDbpAcgfU92hC8jjUQNB4fAbc92byg82MPF +PT+4FBCCBZVGHV6X1t5CBL8n9yq8Z8ufkBI1K6J/dNSXLhja3m5Q3J+WZpv445do +88U1csw3G38frq6RFVHbb0Pusrdbj6+BAJsF5ZGbacPzcuobosVyb5OmNhpiwSzb +yxD7rNUsVis8ClDSDTT4EP6Qxs7rnF/5UyWtVEnUg15xEqtj3CFlgY2mkI0v7YIO +GAf3uo8iXHE0vaQHlQ2DMp8/IL3rRTujxXukjO1SH/4h9VXnNjGMrOpQRSajhMx2 +aHw/tPnNLTMqGfDV/rUFMGzJbhe1ZPH6L9kGFJzwDSd78D6ho/jWa/bH5306L4kC +AwEAAaNDMEEwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwYAMB0GA1Ud +DgQWBBTZfEXSOVCPbOBHkMnezrD5wKsxpTANBgkqhkiG9w0BAQsFAAOCAYEALDBQ +V/cMcuhDVChs5JICijycvZpxlxzxY34bQ3dm0NWeMjL+6dIyOQ5ThF6joG3nIScl +oACurHcrZgrCTbw3LWXll0Hbwb0FRASCKgsg3a5BuRqc33A3vyQAOiyTiN+bje8e +LpuhJNlAVFYu52+ywObwd1pf6CN4IqbXWlJ6j9rYY6Trquar3uYc1dHLy/RBsatQ +CqurVTcZ+/2R1itHFfvT2fJ+pOw/kgAg62Tkkj2Ck0PaNcplbgQY0RUALV3V1Db5 +lnNCYcr5Iyl/ag5Unf1QD16Tp0SYI0+670xqq7Q4U6xQroZbMgPTI+DaCUFINOE5 +/2XiHxuWhM8N9fgfw8u9RyMKe7bgiQzeJkb3CKbsf9ytF8yUSK6nJc+/9Lqnh0Z0 +tf2yIpNKC2gc93dM1W1yVSuLLU5jwEkcMwh7JQJLofUgkfenKLOleNQ5UsHuAmy4 +LJS7OTnwtTfqtnszZGGmKqOS6HKE7rP1jI9AZgqRfGLIYoRY0skYtFsgZwzy +-----END CERTIFICATE----- diff --git a/tests/cert-tests/pkcs7-list-sign b/tests/cert-tests/pkcs7-list-sign new file mode 100755 index 0000000000..1c4e930e5b --- /dev/null +++ b/tests/cert-tests/pkcs7-list-sign @@ -0,0 +1,81 @@ +#!/bin/sh + +# Copyright (C) 2017 Karl Tarbe +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +#set -e + +srcdir="${srcdir:-.}" +CERTTOOL="${CERTTOOL:-../../src/certtool${EXEEXT}}" +DIFF="${DIFF:-diff -b -B}" + +if ! test -x "${CERTTOOL}"; then + exit 77 +fi + +if ! test -z "${VALGRIND}"; then + VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND} --error-exitcode=15" +fi + +OUTFILE=out-pkcs7.$$.tmp +OUTFILE2=out2-pkcs7.$$.tmp + +. ${srcdir}/../scripts/common.sh + +check_for_datefudge +# Test signing +FILE="signing-with-cert-list" +${VALGRIND} "${CERTTOOL}" --p7-sign --load-certificate "${srcdir}/data/pkcs7-chain.pem" --load-privkey "${srcdir}/data/pkcs7-chain-endcert-key.pem" --infile "${srcdir}/data/pkcs7-detached.txt" >"${OUTFILE}" +rc=$? + +if test "${rc}" != "0"; then + echo "${FILE}: PKCS7 struct signing failed" + exit ${rc} +fi + +#test chain verification +FILE="signing-verify" +${VALGRIND} "${CERTTOOL}" --p7-verify --load-ca-certificate "${srcdir}/data/pkcs7-chain-root.pem" <"${OUTFILE}" +rc=$? + +if test "${rc}" != "0"; then + echo "${FILE}: PKCS7 struct signing failed verification" + exit ${rc} +fi + +#check extraction of embedded data in signature +FILE="signing-cert-list-verify-data" +${VALGRIND} "${CERTTOOL}" --p7-verify --p7-show-data --load-ca-certificate "${srcdir}/data/pkcs7-chain-root.pem" --outfile "${OUTFILE2}" <"${OUTFILE}" +rc=$? + +if test "${rc}" != "0"; then + echo "${FILE}: PKCS7 struct signing failed verification with data" + exit ${rc} +fi + +cmp "${OUTFILE2}" "${srcdir}/data/pkcs7-detached.txt" +rc=$? +if test "${rc}" != "0"; then + echo "${FILE}: PKCS7 data detaching failed" + exit ${rc} +fi + +rm -f "${OUTFILE}" +rm -f "${OUTFILE2}" + +exit 0 |