diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-03-08 13:22:59 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-03-08 13:29:50 +0100 |
commit | 6bf451cd8ea58dda183254c3192a6bdadbe45662 (patch) | |
tree | 3b9b43c36ebc7f5d1d299696539513694a1510da | |
parent | 1ce37197cd52b3060c73a79a6e2c950d984fff26 (diff) | |
download | gnutls-6bf451cd8ea58dda183254c3192a6bdadbe45662.tar.gz |
tests: x509-verify: print the keys on failure
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | tests/x509sign-verify-common.h | 67 |
1 files changed, 51 insertions, 16 deletions
diff --git a/tests/x509sign-verify-common.h b/tests/x509sign-verify-common.h index 1b1f4b8e0c..1aaf3dce65 100644 --- a/tests/x509sign-verify-common.h +++ b/tests/x509sign-verify-common.h @@ -33,7 +33,34 @@ const gnutls_datum_t raw_data = { 5 }; -#define ERR(x) fail("Failure at %d: %s (%s-%s) (iter: %d)\n", __LINE__, gnutls_sign_get_name(sign_algo), gnutls_pk_get_name(pk), gnutls_digest_get_name(hash), j); + +static void print_keys(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey) +{ + gnutls_x509_privkey_t xkey; + gnutls_datum_t out; + int ret = gnutls_privkey_export_x509(privkey, &xkey); + + if (ret < 0) + fail("error in privkey export\n"); + + ret = gnutls_x509_privkey_export2(xkey, GNUTLS_X509_FMT_PEM, &out); + if (ret < 0) + fail("error in privkey export\n"); + + fprintf(stderr, "%s\n", out.data); + gnutls_free(out.data); + + ret = gnutls_pubkey_export2(pubkey, GNUTLS_X509_FMT_PEM, &out); + if (ret < 0) + fail("error in pubkey export\n"); + + fprintf(stderr, "%s\n", out.data); + gnutls_free(out.data); + + gnutls_x509_privkey_deinit(xkey); +} + +#define ERR fail("Failure at: %s (%s-%s) (iter: %d)\n", gnutls_sign_get_name(sign_algo), gnutls_pk_get_name(pk), gnutls_digest_get_name(hash), j); static void test_sig(gnutls_pk_algorithm_t pk, unsigned hash, unsigned bits) { @@ -58,33 +85,35 @@ void test_sig(gnutls_pk_algorithm_t pk, unsigned hash, unsigned bits) for (j = 0; j < 100; j++) { ret = gnutls_pubkey_init(&pubkey); if (ret < 0) - ERR(__LINE__); + ERR; ret = gnutls_privkey_init(&privkey); if (ret < 0) - ERR(__LINE__); + ERR; ret = gnutls_privkey_generate(privkey, pk, bits, 0); if (ret < 0) - ERR(__LINE__); + ERR; ret = gnutls_privkey_sign_hash(privkey, hash, 0, hash_data, &signature); if (ret < 0) - ERR(__LINE__); + ERR; ret = gnutls_pubkey_import_privkey(pubkey, privkey, GNUTLS_KEY_DIGITAL_SIGNATURE, 0); if (ret < 0) - ERR(__LINE__); + ERR; ret = gnutls_pubkey_verify_hash2(pubkey, sign_algo, 0, hash_data, &signature); - if (ret < 0) - ERR(__LINE__); + if (ret < 0) { + print_keys(privkey, pubkey); + ERR; + } /* should fail */ ret = @@ -92,8 +121,10 @@ void test_sig(gnutls_pk_algorithm_t pk, unsigned hash, unsigned bits) sign_algo, 0, &invalid_hash_data, &signature); - if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) - ERR(__LINE__); + if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) { + print_keys(privkey, pubkey); + ERR; + } sign_algo = gnutls_pk_to_sign(gnutls_pubkey_get_pk_algorithm @@ -103,15 +134,17 @@ void test_sig(gnutls_pk_algorithm_t pk, unsigned hash, unsigned bits) gnutls_pubkey_verify_hash2(pubkey, sign_algo, 0, hash_data, &signature); if (ret < 0) - ERR(__LINE__); + ERR; /* should fail */ ret = gnutls_pubkey_verify_hash2(pubkey, sign_algo, 0, &invalid_hash_data, &signature); - if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) - ERR(__LINE__); + if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) { + print_keys(privkey, pubkey); + ERR; + } /* test the raw interface */ gnutls_free(signature.data); @@ -125,7 +158,7 @@ void test_sig(gnutls_pk_algorithm_t pk, unsigned hash, unsigned bits) hash_data, &signature); if (ret < 0) - ERR(__LINE__); + ERR; sign_algo = gnutls_pk_to_sign @@ -138,8 +171,10 @@ void test_sig(gnutls_pk_algorithm_t pk, unsigned hash, unsigned bits) GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, hash_data, &signature); - if (ret < 0) - ERR(__LINE__); + if (ret < 0) { + print_keys(privkey, pubkey); + ERR; + } } gnutls_free(signature.data); |