summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@redhat.com>2017-04-07 14:42:10 +0200
committerNikos Mavrogiannopoulos <nmav@gnutls.org>2018-02-07 06:56:24 +0100
commitca0e38b5fd97def8bd379d260bf476c3d7aed4f3 (patch)
tree6cd53b6f90c4a7d44087735c360db0df7d751ea6
parent79492f334662f8159f56e52a0ee14915c338e299 (diff)
downloadgnutls-tmp-gnutls_3_5_x-backport-time-checks.tar.gz
tests: added checks with certificates that contain invalid time fieldtmp-gnutls_3_5_x-backport-time-checks
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat
-rw-r--r--tests/cert-tests/Makefile.am6
-rwxr-xr-xtests/cert-tests/cert-time46
-rw-r--r--tests/cert-tests/data/invalid-date-day.derbin0 -> 1063 bytes
-rw-r--r--tests/cert-tests/data/invalid-date-hour.derbin0 -> 1063 bytes
-rw-r--r--tests/cert-tests/data/invalid-date-mins.derbin0 -> 1063 bytes
-rw-r--r--tests/cert-tests/data/invalid-date-month.derbin0 -> 1063 bytes
-rw-r--r--tests/cert-tests/data/invalid-date-secs.derbin0 -> 1063 bytes
7 files changed, 50 insertions, 2 deletions
diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am
index f6addc2528..9dd08920a4 100644
--- a/tests/cert-tests/Makefile.am
+++ b/tests/cert-tests/Makefile.am
@@ -70,7 +70,9 @@ EXTRA_DIST = data/ca-no-pathlen.pem data/no-ca-or-pathlen.pem data/aki-cert.pem
data/openpgp-invalid7.pub data/openpgp-invalid8.pub \
data/key-corpus-rc2-1.p12 data/key-corpus-rc2-2.p12 data/key-corpus-rc2-3.p12 \
data/pkcs7-chain.pem data/pkcs7-chain-root.pem \
- data/pkcs7-chain-endcert-key.pem data/openssl-invalid-time-format.pem
+ data/pkcs7-chain-endcert-key.pem data/openssl-invalid-time-format.pem \
+ data/invalid-date-hour.der data/invalid-date-mins.der \
+ data/invalid-date-secs.der data/invalid-date-month.der data/invalid-date-day.der
dist_check_SCRIPTS = pathlen aki certtool invalid-sig email crq \
pkcs7 pkcs7-broken-sigs privkey-import name-constraints certtool-long-cn crl provable-privkey \
@@ -78,7 +80,7 @@ dist_check_SCRIPTS = pathlen aki certtool invalid-sig email crq \
provable-dh userid sha2-test sha2-dsa-test provable-privkey-dsa2048 \
provable-privkey-rsa2048 provable-privkey-gen-default pkcs7-constraints \
pkcs7-constraints2 certtool-long-oids pkcs7-cat pkcs12-corner-cases \
- pkcs7-list-sign
+ pkcs7-list-sign cert-time
if WANT_TEST_SUITE
dist_check_SCRIPTS += provable-dh-default
diff --git a/tests/cert-tests/cert-time b/tests/cert-tests/cert-time
new file mode 100755
index 0000000000..6ee2a226e6
--- /dev/null
+++ b/tests/cert-tests/cert-time
@@ -0,0 +1,46 @@
+#!/bin/sh
+
+# Copyright (C) 2017 Red Hat, Inc.
+#
+# This file is part of GnuTLS.
+#
+# GnuTLS is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GnuTLS; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+#set -e
+
+srcdir="${srcdir:-.}"
+CERTTOOL="${CERTTOOL:-../../src/certtool${EXEEXT}}"
+DIFF="${DIFF:-diff -b -B}"
+
+if ! test -x "${CERTTOOL}"; then
+ exit 77
+fi
+
+if ! test -z "${VALGRIND}"; then
+ VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND}"
+fi
+
+# Check whether certificates with invalid time fields are accepted
+for file in invalid-date-hour.der invalid-date-mins.der invalid-date-secs.der invalid-date-month.der invalid-date-day.der;do
+ ${VALGRIND} "${CERTTOOL}" --inder -i --infile "${srcdir}/data/$file"
+ rc=$?
+
+ if test "${rc}" = "0";then
+ echo "file $file was accepted"
+ exit 1
+ fi
+done
+
+exit 0
diff --git a/tests/cert-tests/data/invalid-date-day.der b/tests/cert-tests/data/invalid-date-day.der
new file mode 100644
index 0000000000..76e7ec1c9b
--- /dev/null
+++ b/tests/cert-tests/data/invalid-date-day.der
Binary files differ
diff --git a/tests/cert-tests/data/invalid-date-hour.der b/tests/cert-tests/data/invalid-date-hour.der
new file mode 100644
index 0000000000..5bdf8ebda8
--- /dev/null
+++ b/tests/cert-tests/data/invalid-date-hour.der
Binary files differ
diff --git a/tests/cert-tests/data/invalid-date-mins.der b/tests/cert-tests/data/invalid-date-mins.der
new file mode 100644
index 0000000000..47054ddd34
--- /dev/null
+++ b/tests/cert-tests/data/invalid-date-mins.der
Binary files differ
diff --git a/tests/cert-tests/data/invalid-date-month.der b/tests/cert-tests/data/invalid-date-month.der
new file mode 100644
index 0000000000..e3cbf73d36
--- /dev/null
+++ b/tests/cert-tests/data/invalid-date-month.der
Binary files differ
diff --git a/tests/cert-tests/data/invalid-date-secs.der b/tests/cert-tests/data/invalid-date-secs.der
new file mode 100644
index 0000000000..f796a30dbc
--- /dev/null
+++ b/tests/cert-tests/data/invalid-date-secs.der
Binary files differ
View Lorry Controller Status