diff options
| author | Martin Sucha <anty.sk+git@gmail.com> | 2018-05-18 10:31:30 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-05-19 11:55:59 +0200 |
| commit | 663f6cb738a50d165221f5f09bccc9d5d44d6d1b (patch) | |
| tree | 0888bf525ea3becee23e648c027c73401b5a64ca | |
| parent | d870611eb03831d79f263c8cda32fe0996ad5ffd (diff) | |
| download | gnutls-663f6cb738a50d165221f5f09bccc9d5d44d6d1b.tar.gz | |
tests: add negative tests for certtool crl numbers
Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>
| -rwxr-xr-x | tests/cert-tests/crl | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/tests/cert-tests/crl b/tests/cert-tests/crl index 8f819feffc..767b3d7430 100755 --- a/tests/cert-tests/crl +++ b/tests/cert-tests/crl @@ -206,6 +206,69 @@ if test "${ac_cv_sizeof_unsigned_long_int}" = 8 && test "${datefudge_ok}" = 0;th fi fi +# Check large decimal CRL number +echo "crl_next_update = 43" >$TMPFILE +echo "crl_number = 1234567890123456789012345678" >>$TMPFILE + +${VALGRIND} "${CERTTOOL}" --generate-crl --load-ca-privkey "${srcdir}/data/template-test.key" --load-ca-certificate \ + "${srcdir}/data/template-test.pem" --load-certificate "${srcdir}/data/ca-certs.pem" --template \ + "${TMPFILE}" >${OUTFILE} 2>${INFOFILE} +rc=$? + +# We're done. +if test "${rc}" = "0"; then + echo "CRL large decimal number succeeded when shouldn't" + exit ${rc} +fi + +sed 's/\r$//' <"${INFOFILE}" | grep "error parsing number: 1234567890123456789012345678" >/dev/null 2>&1 +if test "$?" != "0"; then + echo "CRL large number didn't fail as expected" + exit 1 +fi + +# Check invalid hex number +echo "crl_next_update = 43" >$TMPFILE +echo "crl_number = 0xsomething" >>$TMPFILE + +${VALGRIND} "${CERTTOOL}" --generate-crl --load-ca-privkey "${srcdir}/data/template-test.key" --load-ca-certificate \ + "${srcdir}/data/template-test.pem" --load-certificate "${srcdir}/data/ca-certs.pem" --template \ + "${TMPFILE}" >${OUTFILE} 2>${INFOFILE} +rc=$? + +# We're done. +if test "${rc}" = "0"; then + echo "CRL invalid hex number succeeded when shouldn't" + exit ${rc} +fi + +sed 's/\r$//' <"${INFOFILE}" | grep "error parsing number: 0xsomething" >/dev/null 2>&1 +if test "$?" != "0"; then + echo "CRL invalid hex number didn't fail as expected" + exit 1 +fi + +# Check invalid number +echo "crl_next_update = 43" >$TMPFILE +echo "crl_number = something" >>$TMPFILE + +${VALGRIND} "${CERTTOOL}" --generate-crl --load-ca-privkey "${srcdir}/data/template-test.key" --load-ca-certificate \ + "${srcdir}/data/template-test.pem" --load-certificate "${srcdir}/data/ca-certs.pem" --template \ + "${TMPFILE}" >${OUTFILE} 2>${INFOFILE} +rc=$? + +# We're done. +if test "${rc}" = "0"; then + echo "CRL invalid number succeeded when shouldn't" + exit ${rc} +fi + +sed 's/\r$//' <"${INFOFILE}" | grep "error parsing number: something" >/dev/null 2>&1 +if test "$?" != "0"; then + echo "CRL invalid number didn't fail as expected" + exit 1 +fi + rm -f "${OUTFILE}" rm -f "${INFOFILE}" rm -f "${OUTFILE2}" |