diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-01-22 20:29:06 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-01-22 20:30:35 +0100 |
commit | 7fc5737356c15c3e1aa6c89e54e2492b4cbd3a54 (patch) | |
tree | 1ca8f06183d5265f81ebe2e8cd12f75563b0f5f5 /tests/cert-tests | |
parent | afc7d48d87326160d3d7381614cb7882f48bcf8b (diff) | |
download | gnutls-7fc5737356c15c3e1aa6c89e54e2492b4cbd3a54.tar.gz |
Certtool completely relies on libopts. As a side-effect the syntax of dn_oid and key_purpose_oids has changed.
Diffstat (limited to 'tests/cert-tests')
-rw-r--r-- | tests/cert-tests/Makefile.am | 7 | ||||
-rwxr-xr-x | tests/cert-tests/template-test | 46 | ||||
-rw-r--r-- | tests/cert-tests/template-test.key | 86 | ||||
-rw-r--r-- | tests/cert-tests/template-test.pem | 22 | ||||
-rw-r--r-- | tests/cert-tests/template-test.tmpl | 97 |
5 files changed, 255 insertions, 3 deletions
diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am index 81042b9f0a..f338f07ef8 100644 --- a/tests/cert-tests/Makefile.am +++ b/tests/cert-tests/Makefile.am @@ -19,10 +19,11 @@ # along with this file; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -EXTRA_DIST = ca-no-pathlen.pem no-ca-or-pathlen.pem aki-cert.pem +EXTRA_DIST = ca-no-pathlen.pem no-ca-or-pathlen.pem aki-cert.pem \ + template-test.key template-test.pem -dist_check_SCRIPTS = pathlen aki +dist_check_SCRIPTS = pathlen aki template-test -TESTS = pathlen aki +TESTS = pathlen aki template-test TESTS_ENVIRONMENT = EXEEXT=$(EXEEXT) diff --git a/tests/cert-tests/template-test b/tests/cert-tests/template-test new file mode 100755 index 0000000000..55921526c1 --- /dev/null +++ b/tests/cert-tests/template-test @@ -0,0 +1,46 @@ +#!/bin/sh + +# Copyright (C) 2006-2008, 2010, 2012 Free Software Foundation, Inc. +# +# Author: Simon Josefsson +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +set -e + +srcdir=${srcdir:-.} +CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT} + +if ! test -x /usr/bin/datefudge;then + echo "You need datefudge to run this test" + exit 77 +fi + +datefudge "2007-04-22" $CERTTOOL --generate-self-signed --load-privkey $srcdir/template-test.key \ + --template template-test.tmpl --outfile tmp-tt.pem 2>/dev/null + +diff $srcdir/template-test.pem tmp-tt.pem +rc=$? + +rm -f tmp-tt.pem + +# We're done. +if test "$rc" != "0"; then + exit $rc +fi + +exit 0 diff --git a/tests/cert-tests/template-test.key b/tests/cert-tests/template-test.key new file mode 100644 index 0000000000..3b5886d5c6 --- /dev/null +++ b/tests/cert-tests/template-test.key @@ -0,0 +1,86 @@ +Public Key Info: + Public Key Algorithm: RSA + Key Security Level: Low + +modulus: + 00:a5:c6:ce:75:43:84:bf:64:9e:02:27:13:f1:03: + 59:f7:79:2d:92:ed:7c:2f:50:a4:03:f1:2d:79:b9: + 86:8b:05:7e:3a:bb:44:aa:af:84:cf:13:98:1e:1c: + 4a:38:f7:33:2d:7a:9f:72:d4:6b:6d:26:b0:31:37: + 70:10:fb:42:e9:d8:9d:18:65:7e:19:49:fc:05:96: + 04:68:83:1e:77:86:bf:ed:f5:e5:12:3b:13:fe:33: + 18:9c:1a:7a:1d:69:af:47:02:60:7a:1f:b9:e8:cf: + db:c8:34:30:51:96:3d:8c:96:5c:00:bc:61:de:08: + 0f:b1:36:21:7f:a9:00:e3:05: +public exponent: + 01:00:01: +private exponent: + 00:a0:b7:b2:57:6b:83:1a:4f:01:05:53:3f:79:0c: + e7:bf:0e:03:4a:0b:e5:b6:b5:76:9d:bf:c7:77:d8: + 8f:00:de:ed:77:21:31:3c:4d:77:f3:8e:aa:8e:9e: + 9c:b2:c7:ae:1d:2c:61:c3:60:ff:59:4e:05:c9:61: + 56:cb:8f:dd:58:eb:b0:40:f8:dd:8d:02:c5:aa:19: + 3d:fd:b5:89:6f:f8:88:5a:5d:fd:69:8a:21:76:76: + 9e:c9:fa:50:5f:95:50:3e:b1:79:0d:ce:40:52:e6: + 08:83:13:ee:a0:a5:69:8d:4c:3e:43:e5:4e:94:82: + a1:10:51:a6:92:fc:d3:f9:ad: +prime1: + 00:d3:29:62:57:21:b8:17:ad:3e:22:d1:1c:ce:8f: + 66:f7:67:8d:fd:47:64:99:96:5f:e0:0f:3c:cf:5d: + 48:3f:17:94:72:4d:5e:d4:eb:4e:41:41:dd:62:56: + 13:08:86:e8:94:1e:66:04:18:68:44:39:cc:60:6e: + 90:b0:b6:cb:07: +prime2: + 00:c8:fa:51:7c:f2:60:97:41:5c:d0:9f:b6:55:a7: + db:a7:3f:b4:6e:cc:bf:a7:b1:09:3a:bb:55:52:23: + 57:15:60:32:2a:c4:49:8b:ad:02:12:8d:df:aa:4e: + bf:b6:37:b9:41:59:d8:17:f5:08:b2:f9:aa:35:30: + b1:55:99:c2:93: +coefficient: + 56:f4:fd:a3:36:0a:fc:f8:79:7e:86:84:69:b9:6e: + 51:6f:11:bb:d7:7e:ba:0a:aa:9a:3f:22:70:5c:42: + a4:fe:96:3f:6d:61:db:0e:56:50:a9:ad:53:a5:a8: + d4:e2:8f:ca:5c:5d:0c:88:7d:b5:17:7d:58:73:37: + 7d:1e:1e:04: +exp1: + 00:90:ec:5f:3c:f3:bc:78:2b:83:70:bb:da:2c:7e: + 49:29:d5:9d:a2:ce:43:e2:11:4d:9d:e6:77:52:ce: + 6f:ce:35:6d:c1:81:0e:6b:cd:4f:39:04:6e:5f:96: + 39:9b:e9:93:68:4c:f0:b1:30:db:26:b0:10:6f:c2: + 92:75:66:0f:33: +exp2: + 23:54:a5:f8:a2:1f:4a:d7:c9:ba:3f:29:6d:9b:69: + a8:d8:31:1e:fd:4d:7f:ec:46:64:15:c4:a5:00:e3: + 71:35:8c:fc:29:af:88:27:6c:e2:d8:20:06:af:7b: + 52:4c:2f:7c:06:90:4f:7d:da:fe:a3:97:41:6c:82: + f0:3a:6c:93: + +Public Key ID: 5D:40:AD:F0:CE:94:40:95:8B:7E:99:94:1D:92:54:22:CA:72:36:5F +Public key's random art: ++--[ RSA 1032]----+ +| .o+*=. | +| . .o.+oo | +| . * =EB.. | +| + o.oO.. | +| .S=.o | +| . * | +| . | +| | +| | ++-----------------+ + +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQClxs51Q4S/ZJ4CJxPxA1n3eS2S7XwvUKQD8S15uYaLBX46u0Sq +r4TPE5geHEo49zMtep9y1GttJrAxN3AQ+0Lp2J0YZX4ZSfwFlgRogx53hr/t9eUS +OxP+MxicGnodaa9HAmB6H7noz9vINDBRlj2MllwAvGHeCA+xNiF/qQDjBQIDAQAB +AoGBAKC3sldrgxpPAQVTP3kM578OA0oL5ba1dp2/x3fYjwDe7XchMTxNd/OOqo6e +nLLHrh0sYcNg/1lOBclhVsuP3VjrsED43Y0CxaoZPf21iW/4iFpd/WmKIXZ2nsn6 +UF+VUD6xeQ3OQFLmCIMT7qClaY1MPkPlTpSCoRBRppL80/mtAkEA0yliVyG4F60+ +ItEczo9m92eN/UdkmZZf4A88z11IPxeUck1e1OtOQUHdYlYTCIbolB5mBBhoRDnM +YG6QsLbLBwJBAMj6UXzyYJdBXNCftlWn26c/tG7Mv6exCTq7VVIjVxVgMirESYut +AhKN36pOv7Y3uUFZ2Bf1CLL5qjUwsVWZwpMCQQCQ7F8887x4K4Nwu9osfkkp1Z2i +zkPiEU2d5ndSzm/ONW3BgQ5rzU85BG5fljmb6ZNoTPCxMNsmsBBvwpJ1Zg8zAkAj +VKX4oh9K18m6Pyltm2mo2DEe/U1/7EZkFcSlAONxNYz8Ka+IJ2zi2CAGr3tSTC98 +BpBPfdr+o5dBbILwOmyTAkBW9P2jNgr8+Hl+hoRpuW5RbxG71366CqqaPyJwXEKk +/pY/bWHbDlZQqa1TpajU4o/KXF0MiH21F31Yczd9Hh4E +-----END RSA PRIVATE KEY----- diff --git a/tests/cert-tests/template-test.pem b/tests/cert-tests/template-test.pem new file mode 100644 index 0000000000..a03f76af1f --- /dev/null +++ b/tests/cert-tests/template-test.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDnDCCAwWgAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBuDELMAkGA1UEBhMCR1Ix +EjAQBgNVBAoTCUtva28gaW5jLjEXMBUGA1UECxMOc2xlZXBpbmcgZGVwdC4xDzAN +BgNVBAgTBkF0dGlraTEVMBMGA1UEAxMMQ2luZHkgTGF1cGVyMRcwFQYKCZImiZPy +LGQBARMHY2xhdXBlcjEMMAoGA1UEDBMDRHIuMQ8wDQYDVQRBEwZqYWNrYWwxHDAa +BgkqhkiG9w0BCQEWDW5vbmVAbm9uZS5vcmcwHhcNMDcwNDIxMjIwMDAwWhcNMTQw +NTI0MjIwMDAwWjCBuDELMAkGA1UEBhMCR1IxEjAQBgNVBAoTCUtva28gaW5jLjEX +MBUGA1UECxMOc2xlZXBpbmcgZGVwdC4xDzANBgNVBAgTBkF0dGlraTEVMBMGA1UE +AxMMQ2luZHkgTGF1cGVyMRcwFQYKCZImiZPyLGQBARMHY2xhdXBlcjEMMAoGA1UE +DBMDRHIuMQ8wDQYDVQRBEwZqYWNrYWwxHDAaBgkqhkiG9w0BCQEWDW5vbmVAbm9u +ZS5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKXGznVDhL9kngInE/ED +Wfd5LZLtfC9QpAPxLXm5hosFfjq7RKqvhM8TmB4cSjj3My16n3LUa20msDE3cBD7 +QunYnRhlfhlJ/AWWBGiDHneGv+315RI7E/4zGJwaeh1pr0cCYHofuejP28g0MFGW +PYyWXAC8Yd4ID7E2IX+pAOMFAgMBAAGjgbMwgbAwDwYDVR0TAQH/BAUwAwEB/zAo +BgNVHREEITAfgQ1ub25lQG5vbmUub3JngQ53aGVyZUBub25lLm9yZzATBgNVHSUE +DDAKBggrBgEFBQcDCTAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBRdQK3wzpRA +lYt+mZQdklQiynI2XzAuBgNVHR8EJzAlMCOgIaAfhh1odHRwOi8vd3d3LmdldGNy +bC5jcmwvZ2V0Y3JsLzANBgkqhkiG9w0BAQsFAAOBgQAsb5CiRDrbnjVVdYf61tit +YvgVHbGvJF+Pfh7wjCVI0fccI5utg4Db6BMcIsmApEiuPyT6zg3/rbfHjeI7ECsA +dYElh+vchUfG/O7vF93rPx0SuAy1vyQNSsva4LrfI/85QurlQHXPeWzoze9QsPuw +vY5pG1TfOd68ezbj+k3J0Q== +-----END CERTIFICATE----- diff --git a/tests/cert-tests/template-test.tmpl b/tests/cert-tests/template-test.tmpl new file mode 100644 index 0000000000..8acbd05396 --- /dev/null +++ b/tests/cert-tests/template-test.tmpl @@ -0,0 +1,97 @@ +# X.509 Certificate options +# +# DN options + +# The organization of the subject. +organization = "Koko inc." + +# The organizational unit of the subject. +unit = "sleeping dept." + +# The locality of the subject. +# locality = + +# The state of the certificate owner. +state = "Attiki" + +# The country of the subject. Two letter code. +country = GR + +# The common name of the certificate owner. +cn = "Cindy Lauper" + +# A user id of the certificate owner. +uid = "clauper" + +# If the supported DN OIDs are not adequate you can set +# any OID here. +# For example set the X.520 Title and the X.520 Pseudonym +# by using OID and string pairs. +dn_oid = 2.5.4.12 Dr. +dn_oid = 2.5.4.65 jackal + +# This is deprecated and should not be used in new +# certificates. +pkcs9_email = "none@none.org" + +# The serial number of the certificate +serial = 7 + +# In how many days, counting from today, this certificate will expire. +expiration_days = 2590 + +# X.509 v3 extensions + +# A dnsname in case of a WWW server. +dns_name = "www.none.org" +dns_name = "www.morethanone.org" + +# An IP address in case of a server. +ip_address = "192.168.1.1" + +dns_name = "www.evenmorethanone.org" + +# An email in case of a person +email = "none@none.org" + +# An URL that has CRLs (certificate revocation lists) +# available. Needed in CA certificates. +crl_dist_points = "http://www.getcrl.crl/getcrl/" + +email = "where@none.org" + +# Whether this is a CA certificate or not +ca + +# Whether this certificate will be used for a TLS client +#tls_www_client + +# Whether this certificate will be used for a TLS server +#tls_www_server + +# Whether this certificate will be used to sign data (needed +# in TLS DHE ciphersuites). +signing_key + +# Whether this certificate will be used to encrypt data (needed +# in TLS RSA ciphersuites). Note that it is preferred to use different +# keys for encryption and signing. +#encryption_key + +# Whether this key will be used to sign other certificates. +cert_signing_key + +# Whether this key will be used to sign CRLs. +#crl_signing_key + +# Whether this key will be used to sign code. +#code_signing_key + +# Whether this key will be used to sign OCSP data. +ocsp_signing_key + +# Whether this key will be used for time stamping. +#time_stamping_key + +# Whether this key will be used for IPsec IKE operations. +#ipsec_ike_key |