diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-01-21 11:33:37 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-01-21 11:36:36 +0100 |
commit | c1cbb1c9dff9468adad6f6f5915ae887a703229c (patch) | |
tree | bf35383efba217ee797997354f2e7c5480f4a2fe /tests/cert-tests | |
parent | 558bd61dd76c064be9aff0be8ef5c7240bd81747 (diff) | |
download | gnutls-c1cbb1c9dff9468adad6f6f5915ae887a703229c.tar.gz |
Added functions to parse authority key identifiers when stored as a 'general name' and serial combo.
Diffstat (limited to 'tests/cert-tests')
-rw-r--r-- | tests/cert-tests/Makefile.am | 28 | ||||
-rwxr-xr-x | tests/cert-tests/aki | 41 | ||||
-rw-r--r-- | tests/cert-tests/aki-cert.pem | 117 | ||||
-rw-r--r-- | tests/cert-tests/ca-no-pathlen.pem | 57 | ||||
-rw-r--r-- | tests/cert-tests/no-ca-or-pathlen.pem | 92 | ||||
-rwxr-xr-x | tests/cert-tests/pathlen | 44 |
6 files changed, 379 insertions, 0 deletions
diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am new file mode 100644 index 0000000000..81042b9f0a --- /dev/null +++ b/tests/cert-tests/Makefile.am @@ -0,0 +1,28 @@ +## Process this file with automake to produce Makefile.in +# Copyright (C) 2007-2008, 2010, 2012 Free Software Foundation, Inc. +# +# Author: Simon Josefsson +# +# This file is part of GnuTLS. +# +# This file is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This file is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this file; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +EXTRA_DIST = ca-no-pathlen.pem no-ca-or-pathlen.pem aki-cert.pem + +dist_check_SCRIPTS = pathlen aki + +TESTS = pathlen aki + +TESTS_ENVIRONMENT = EXEEXT=$(EXEEXT) diff --git a/tests/cert-tests/aki b/tests/cert-tests/aki new file mode 100755 index 0000000000..e0722a0532 --- /dev/null +++ b/tests/cert-tests/aki @@ -0,0 +1,41 @@ +#!/bin/sh + +# Copyright (C) 2006-2008, 2010, 2012 Free Software Foundation, Inc. +# +# Author: Simon Josefsson +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +set -e + +srcdir=${srcdir:-.} +CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT} + +$CERTTOOL --certificate-info --infile $srcdir/aki-cert.pem \ + --outfile tmp-aki.pem + +diff $srcdir/aki-cert.pem tmp-aki.pem +rc=$? + +rm -f tmp-aki.pem + +# We're done. +if test "$rc" != "0"; then + exit $rc +fi + +exit 0 diff --git a/tests/cert-tests/aki-cert.pem b/tests/cert-tests/aki-cert.pem new file mode 100644 index 0000000000..b7a4c324c4 --- /dev/null +++ b/tests/cert-tests/aki-cert.pem @@ -0,0 +1,117 @@ +X.509 Certificate Information: + Version: 3 + Serial Number (hex): 6e4ffab3c5e669c4d167c992abe858c4 + Issuer: C=US,O=VeriSign\, Inc.,OU=Class 3 Public Primary Certification Authority - G2,OU=(c) 1998 VeriSign\, Inc. - For authorized use only,OU=VeriSign Trust Network + Validity: + Not Before: Wed Mar 25 00:00:00 UTC 2009 + Not After: Sun Mar 24 23:59:59 UTC 2019 + Subject: C=US,O=VeriSign\, Inc.,OU=VeriSign Trust Network,OU=Terms of use at https://www.verisign.com/rpa (c)09,CN=VeriSign Class 3 Secure Server CA - G2 + Subject Public Key Algorithm: RSA + Certificate Security Level: Legacy (2048 bits) + Modulus (bits 2048): + 00:d4:56:8f:57:3b:37:28:a6:40:63:d2:95:d5:05:74 + da:b5:19:6a:96:d6:71:57:2f:e2:c0:34:8c:a0:95:b3 + 8c:e1:37:24:f3:2e:ed:43:45:05:8e:89:d7:fa:da:4a + b5:f8:3e:8d:4e:c7:f9:49:50:45:37:40:9f:74:aa:a0 + 51:55:61:f1:60:84:89:a5:9e:80:8d:2f:b0:21:aa:45 + 82:c4:cf:b4:14:7f:47:15:20:28:82:b0:68:12:c0:ae + 5c:07:d7:f6:59:cc:cb:62:56:5c:4d:49:ff:26:88:ab + 54:51:3a:2f:4a:da:0e:98:e2:89:72:b9:fc:f7:68:3c + c4:1f:39:7a:cb:17:81:f3:0c:ad:0f:dc:61:62:1b:10 + 0b:04:1e:29:18:71:5e:62:cb:43:de:be:31:ba:71:02 + 19:4e:26:a9:51:da:8c:64:69:03:de:9c:fd:7d:fd:7b + 61:bc:fc:84:7c:88:5c:b4:c3:7b:ed:5f:2b:46:12:f1 + fd:00:01:9a:8b:5b:e9:a3:05:2e:8f:2e:5b:de:f3:1b + 78:f8:66:91:08:c0:5e:ce:d5:b0:36:ca:d4:a8:7b:a0 + 7d:f9:30:7a:bf:f8:dd:19:51:2b:20:ba:fe:a7:cf:a1 + 4e:b0:67:f5:80:aa:2b:83:2e:d2:8e:54:89:8e:1e:29 + 0b + Exponent (bits 24): + 01:00:01 + Extensions: + Authority Information Access (not critical): + Access Method: 1.3.6.1.5.5.7.48.1 (id-ad-ocsp) + Access Location URI: http://ocsp.verisign.com + Basic Constraints (critical): + Certificate Authority (CA): TRUE + Path Length Constraint: 0 + Unknown extension 2.5.29.32 (not critical): + ASCII: 0g0e..`.H...E....0V0(..+.........https://www.verisign.com/cps0*..+.......0...https://www.verisign.com/rpa + Hexdump: 30673065060b6086480186f845010717033056302806082b06010505070201161c68747470733a2f2f7777772e766572697369676e2e636f6d2f637073302a06082b06010505070202301e1a1c68747470733a2f2f7777772e766572697369676e2e636f6d2f727061 + CRL Distribution points (not critical): + URI: http://crl.verisign.com/pca3-g2.crl + Key Usage (critical): + Certificate signing. + CRL signing. + Unknown extension 1.3.6.1.5.5.7.1.12 (not critical): + ASCII: 0_.].[0Y0W0U..image/gif0!0.0...+..............k...j.H.,{..0%.#http://logo.verisign.com/vslogo.gif + Hexdump: 305fa15da05b3059305730551609696d6167652f6769663021301f300706052b0e03021a04148fe5d31a86ac8d8e6bc3cf806ad448182c7b192e30251623687474703a2f2f6c6f676f2e766572697369676e2e636f6d2f76736c6f676f2e676966 + Subject Alternative Name (not critical): + directoryName: CN=Class3CA2048-1-52 + Subject Key Identifier (not critical): + a5ef0b11cec04103a34a659048b21ce0572d7d47 + Authority Key Identifier (not critical): +error: get_authority_key_id: Unsupported extension in X.509 certificate. + Signature Algorithm: RSA-SHA1 + Signature: + 63:74:2f:3d:53:aa:2f:97:ec:26:11:66:1a:fe:f1:de + 41:27:19:d2:7f:d8:c1:1c:f9:e2:38:56:3a:1f:90:ae + 39:c5:20:75:ab:f8:6c:2d:67:1f:29:c2:21:d7:14:88 + 63:4b:b0:9b:27:63:91:f8:f0:a3:01:24:b6:fb:8f:e3 + 3d:02:0b:6f:54:fe:d4:cc:db:d6:85:bf:7c:95:1e:5e + 62:11:c1:d9:09:9c:42:b9:b2:d4:aa:2d:98:3a:23:60 + cc:a2:9a:f1:6e:e8:cf:8e:d1:1a:3c:5e:19:c5:d7:9b + 35:b0:02:23:24:e5:05:b8:d5:88:e3:e0:fa:b9:f4:5f +Other Information: + SHA-1 fingerprint: + 62f3c89771da4ce01a91fc13e02b6057b4547a1d + Public Key Id: + df622ed0fe6a65a8df5b62840c826ac5b372235f + Public key's random art: + +--[ RSA 2048]----+ + | | + | .. | + | .+. . | + | .. o. o . | + |.+ + E .S.. | + |. = o . ooo. | + | . + o* o | + | . += + | + | oo+=. | + +-----------------+ + +-----BEGIN CERTIFICATE----- +MIIGLDCCBZWgAwIBAgIQbk/6s8XmacTRZ8mSq+hYxDANBgkqhkiG9w0BAQUFADCB +wTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTwwOgYDVQQL +EzNDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 +IC0gRzIxOjA4BgNVBAsTMShjKSAxOTk4IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1 +dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv +cmswHhcNMDkwMzI1MDAwMDAwWhcNMTkwMzI0MjM1OTU5WjCBtTELMAkGA1UEBhMC +VVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBU +cnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93 +d3cudmVyaXNpZ24uY29tL3JwYSAoYykwOTEvMC0GA1UEAxMmVmVyaVNpZ24gQ2xh +c3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQDUVo9XOzcopkBj0pXVBXTatRlqltZxVy/iwDSMoJWzjOE3JPMu +7UNFBY6J1/raSrX4Po1Ox/lJUEU3QJ90qqBRVWHxYISJpZ6AjS+wIapFgsTPtBR/ +RxUgKIKwaBLArlwH1/ZZzMtiVlxNSf8miKtUUTovStoOmOKJcrn892g8xB85essX +gfMMrQ/cYWIbEAsEHikYcV5iy0PevjG6cQIZTiapUdqMZGkD3pz9ff17Ybz8hHyI +XLTDe+1fK0YS8f0AAZqLW+mjBS6PLlve8xt4+GaRCMBeztWwNsrUqHugffkwer/4 +3RlRKyC6/qfPoU6wZ/WAqiuDLtKOVImOHikLAgMBAAGjggKpMIICpTA0BggrBgEF +BQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLnZlcmlzaWduLmNvbTAS +BgNVHRMBAf8ECDAGAQH/AgEAMHAGA1UdIARpMGcwZQYLYIZIAYb4RQEHFwMwVjAo +BggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczAqBggrBgEF +BQcCAjAeGhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDQGA1UdHwQtMCsw +KaAnoCWGI2h0dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMtZzIuY3JsMA4GA1Ud +DwEB/wQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFnZS9naWYw +ITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRwOi8vbG9n +by52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjApBgNVHREEIjAgpB4wHDEaMBgGA1UE +AxMRQ2xhc3MzQ0EyMDQ4LTEtNTIwHQYDVR0OBBYEFKXvCxHOwEEDo0plkEiyHOBX +LX1HMIHnBgNVHSMEgd8wgdyhgcekgcQwgcExCzAJBgNVBAYTAlVTMRcwFQYDVQQK +Ew5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMyBQdWJsaWMgUHJpbWFy +eSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEoYykgMTk5 +OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYD +VQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrghB92f4Hz6getxB5Z/uniTTGMA0G +CSqGSIb3DQEBBQUAA4GBAGN0Lz1Tqi+X7CYRZhr+8d5BJxnSf9jBHPniOFY6H5Cu +OcUgdav4bC1nHynCIdcUiGNLsJsnY5H48KMBJLb7j+M9AgtvVP7UzNvWhb98lR5e +YhHB2QmcQrmy1KotmDojYMyimvFu6M+O0Ro8XhnF15s1sAIjJOUFuNWI4+D6ufRf +-----END CERTIFICATE----- diff --git a/tests/cert-tests/ca-no-pathlen.pem b/tests/cert-tests/ca-no-pathlen.pem new file mode 100644 index 0000000000..76ec72bde2 --- /dev/null +++ b/tests/cert-tests/ca-no-pathlen.pem @@ -0,0 +1,57 @@ +X.509 Certificate Information: + Version: 3 + Serial Number (hex): 00 + Issuer: O=GnuTLS test certificate + Validity: + Not Before: Fri Jan 26 10:00:04 UTC 2007 + Not After: Sat Jan 27 10:00:06 UTC 2007 + Subject: O=GnuTLS test certificate + Subject Public Key Algorithm: RSA + Certificate Security Level: Weak (512 bits) + Modulus (bits 512): + 00:a1:63:53:6b:54:95:ac:3c:a4:4b:4b:6a:ba:c0:9c + 11:ad:28:dd:03:a8:c0:f4:17:bf:18:cd:9f:b3:5a:d1 + de:21:41:db:a3:d2:6c:f9:66:87:69:7c:50:07:81:66 + 41:28:c9:99:e2:eb:cc:57:53:9d:0c:b1:94:6f:ef:eb + 17 + Exponent (bits 24): + 01:00:01 + Extensions: + Basic Constraints (critical): + Certificate Authority (CA): TRUE + Subject Key Identifier (not critical): + 3f00012df1304b60a3b0306cab0e93fe0158801b + Signature Algorithm: RSA-SHA1 + Signature: + 9b:c1:b6:d9:df:2c:b1:1d:dd:da:14:19:94:b3:7c:12 + e9:33:a5:2e:b5:c0:82:1d:45:7a:bf:73:b9:30:74:9d + f3:6e:7e:4c:f3:8d:ed:2a:f8:3f:39:04:ef:a4:fd:e3 + fc:cb:ba:1f:2a:1d:ad:f3:f9:68:39:f4:6d:1f:6a:15 +Other Information: + SHA-1 fingerprint: + f3ddd5478b80b142200b50c9eb2ee37061b09ed6 + Public Key Id: + f268df0e814c0302ed338e146f57421dba44f06c + Public key's random art: + +--[ RSA 512]----+ + |.o..+o... | + | ...+o.o | + | .o E= | + | .+oo+.o | + |.o.o..+ S | + |. . + . | + | o o | + | . . o | + | ..o | + +-----------------+ + +-----BEGIN CERTIFICATE----- +MIIBYDCCAQygAwIBAgIBADALBgkqhkiG9w0BAQUwIjEgMB4GA1UEChMXR251VExT +IHRlc3QgY2VydGlmaWNhdGUwHhcNMDcwMTI2MTAwMDA0WhcNMDcwMTI3MTAwMDA2 +WjAiMSAwHgYDVQQKExdHbnVUTFMgdGVzdCBjZXJ0aWZpY2F0ZTBZMAsGCSqGSIb3 +DQEBAQNKADBHAkChY1NrVJWsPKRLS2q6wJwRrSjdA6jA9Be/GM2fs1rR3iFB26PS +bPlmh2l8UAeBZkEoyZni68xXU50MsZRv7+sXAgMBAAGjMjAwMA8GA1UdEwEB/wQF +MAMBAf8wHQYDVR0OBBYEFD8AAS3xMEtgo7AwbKsOk/4BWIAbMAsGCSqGSIb3DQEB +BQNBAJvBttnfLLEd3doUGZSzfBLpM6UutcCCHUV6v3O5MHSd825+TPON7Sr4PzkE +76T94/zLuh8qHa3z+Wg59G0fahU= +-----END CERTIFICATE----- diff --git a/tests/cert-tests/no-ca-or-pathlen.pem b/tests/cert-tests/no-ca-or-pathlen.pem new file mode 100644 index 0000000000..086feb45ca --- /dev/null +++ b/tests/cert-tests/no-ca-or-pathlen.pem @@ -0,0 +1,92 @@ +X.509 Certificate Information: + Version: 3 + Serial Number (hex): 2e103703df46859d7a550da659618538 + Issuer: O=VeriSign\, Inc.,OU=VeriSign Trust Network,OU=www.verisign.com/repository/RPA Incorp. By Ref.\,LIAB.LTD(c)98,CN=VeriSign Class 1 CA Individual Subscriber-Persona Not Validated + Validity: + Not Before: Mon Jun 26 00:00:00 UTC 2000 + Not After: Fri Aug 25 23:59:59 UTC 2000 + Subject: O=VeriSign\, Inc.,OU=VeriSign Trust Network,OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98,OU=Persona Not Validated,OU=Digital ID Class 1 - Netscape,CN=Simon Josefsson,EMAIL=simon@josefsson.org + Subject Public Key Algorithm: RSA + Certificate Security Level: Weak (1024 bits) + Modulus (bits 1024): + 00:c9:0c:ce:8a:fe:71:46:9b:ca:1d:e5:90:12:a5:11 + 0b:c6:2d:c4:33:c6:19:e8:60:59:4e:3f:64:3d:e4:f7 + 7b:b0:be:f9:10:07:e9:7c:a6:c6:5a:51:33:24:97:7b + a3:e1:08:b4:52:b6:06:10:7d:65:df:6e:52:bd:81:3f + 39:ad:b3:ad:17:13:88:22:e7:43:8c:39:b7:c2:c4:ba + 4a:8b:54:15:49:55:a4:4d:cc:00:56:7b:c8:63:4e:37 + de:fb:79:0f:45:dc:e9:5c:cd:70:f0:64:42:35:84:db + e6:59:a4:cb:4b:fe:0f:47:28:0c:35:11:a9:40:fc:ba + a5 + Exponent (bits 24): + 01:00:01 + Extensions: + Basic Constraints (not critical): + Certificate Authority (CA): FALSE + Unknown extension 2.5.29.32 (not critical): + ASCII: 0;09..`.H...E....0*0(..+.........https://www.verisign.com/rpa + Hexdump: 303b3039060b6086480186f84501070108302a302806082b06010505070201161c68747470733a2f2f7777772e766572697369676e2e636f6d2f727061 + Unknown extension 2.16.840.1.113730.1.1 (not critical): + ASCII: .... + Hexdump: 03020780 + Unknown extension 2.16.840.1.113733.1.6.3 (not critical): + ASCII: .vd4652bd63f2047029298763c9d2f275069c7359bed1b059da75bc4bc9701747da5d5e4141beadb2bd2e88317af7bf5d5114997a3bf45f8f3ea450c + Hexdump: 167664343635326264363366323034373032393239383736336339643266323735303639633733353962656431623035396461373562633462633937303137343764613564356534313431626561646232626432653838333137616637626635643531313439393761336266343566386633656134353063 + CRL Distribution points (not critical): + URI: http://crl.verisign.com/class1.crl + Signature Algorithm: RSA-MD5 +warning: signed using a broken signature algorithm that can be forged. + Signature: + 09:38:2f:57:9e:91:a4:d2:42:d9:d7:44:c1:d8:17:14 + 49:00:69:9f:6b:e4:95:93:35:fd:96:76:ff:8b:bf:9e + dd:05:6b:82:b2:f3:af:0f:f8:a0:2f:8d:65:08:27:54 + d4:8f:47:79:c9:be:d9:f9:ce:af:7f:2a:06:17:26:f3 + b9:e6:74:ba:b9:35:3e:36:56:5d:41:9c:ce:68:fc:db + c5:31:42:09:32:37:e7:b7:2e:a4:c5:51:e5:fe:e5:45 + 59:0c:44:ca:ce:ad:77:24:52:b4:78:5f:cc:4f:15:a7 + 8f:20:81:56:65:08:50:37:75:bc:a2:11:82:72:48:76 +Other Information: + SHA-1 fingerprint: + 8f735c5ddefd723f59b6a3bb2ac0522470c0182f + Public Key Id: + 1e09d707d4e3651b84dcb6c68a828d2affef7ec3 + Public key's random art: + +--[ RSA 1024]----+ + | .oo +. | + | . .= * | + | . . ...* + | + | o . .. = | + | +S . o | + | o.o.. . | + | . .o | + | . . E | + | o...++. . | + +-----------------+ + +-----BEGIN CERTIFICATE----- +MIIEhDCCA+2gAwIBAgIQLhA3A99GhZ16VQ2mWWGFODANBgkqhkiG9w0BAQQFADCB +zDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy +dXN0IE5ldHdvcmsxRjBEBgNVBAsTPXd3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9y +eS9SUEEgSW5jb3JwLiBCeSBSZWYuLExJQUIuTFREKGMpOTgxSDBGBgNVBAMTP1Zl +cmlTaWduIENsYXNzIDEgQ0EgSW5kaXZpZHVhbCBTdWJzY3JpYmVyLVBlcnNvbmEg +Tm90IFZhbGlkYXRlZDAeFw0wMDA2MjYwMDAwMDBaFw0wMDA4MjUyMzU5NTlaMIIB +CDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy +dXN0IE5ldHdvcmsxRjBEBgNVBAsTPXd3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9y +eS9SUEEgSW5jb3JwLiBieSBSZWYuLExJQUIuTFREKGMpOTgxHjAcBgNVBAsTFVBl +cnNvbmEgTm90IFZhbGlkYXRlZDEmMCQGA1UECxMdRGlnaXRhbCBJRCBDbGFzcyAx +IC0gTmV0c2NhcGUxGDAWBgNVBAMUD1NpbW9uIEpvc2Vmc3NvbjEiMCAGCSqGSIb3 +DQEJARYTc2ltb25Aam9zZWZzc29uLm9yZzCBnzANBgkqhkiG9w0BAQEFAAOBjQAw +gYkCgYEAyQzOiv5xRpvKHeWQEqURC8YtxDPGGehgWU4/ZD3k93uwvvkQB+l8psZa +UTMkl3uj4Qi0UrYGEH1l325SvYE/Oa2zrRcTiCLnQ4w5t8LEukqLVBVJVaRNzABW +e8hjTjfe+3kPRdzpXM1w8GRCNYTb5lmky0v+D0coDDURqUD8uqUCAwEAAaOCASYw +ggEiMAkGA1UdEwQCMAAwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcBCDAqMCgGCCsG +AQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMBEGCWCGSAGG+EIB +AQQEAwIHgDCBhgYKYIZIAYb4RQEGAwR4FnZkNDY1MmJkNjNmMjA0NzAyOTI5ODc2 +M2M5ZDJmMjc1MDY5YzczNTliZWQxYjA1OWRhNzViYzRiYzk3MDE3NDdkYTVkNWU0 +MTQxYmVhZGIyYmQyZTg4MzE3YWY3YmY1ZDUxMTQ5OTdhM2JmNDVmOGYzZWE0NTBj +MDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwudmVyaXNpZ24uY29tL2NsYXNz +MS5jcmwwDQYJKoZIhvcNAQEEBQADgYEACTgvV56RpNJC2ddEwdgXFEkAaZ9r5JWT +Nf2Wdv+Lv57dBWuCsvOvD/igL41lCCdU1I9Hecm+2fnOr38qBhcm87nmdLq5NT42 +Vl1BnM5o/NvFMUIJMjfnty6kxVHl/uVFWQxEys6tdyRStHhfzE8Vp48ggVZlCFA3 +dbyiEYJySHY= +-----END CERTIFICATE----- diff --git a/tests/cert-tests/pathlen b/tests/cert-tests/pathlen new file mode 100755 index 0000000000..c7d994cc57 --- /dev/null +++ b/tests/cert-tests/pathlen @@ -0,0 +1,44 @@ +#!/bin/sh + +# Copyright (C) 2006-2008, 2010, 2012 Free Software Foundation, Inc. +# +# Author: Simon Josefsson +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +set -e + +srcdir=${srcdir:-.} +CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT} + +$CERTTOOL --certificate-info --infile $srcdir/ca-no-pathlen.pem \ + --outfile new-ca-no-pathlen.pem +$CERTTOOL --certificate-info --infile $srcdir/no-ca-or-pathlen.pem \ + --outfile new-no-ca-or-pathlen.pem + +diff $srcdir/ca-no-pathlen.pem new-ca-no-pathlen.pem +rc1=$? +diff $srcdir/no-ca-or-pathlen.pem new-no-ca-or-pathlen.pem +rc2=$? + +rm -f new-ca-no-pathlen.pem new-no-ca-or-pathlen.pem + +# We're done. +if test "$rc1" != "0"; then + exit $rc1 +fi +exit $rc2 |