diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-05-10 11:23:02 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-05-10 11:32:59 +0200 |
| commit | e5a6b244859aa0f876e8a7be8b173999819ad8fe (patch) | |
| tree | 8c00734fd40a57e1172805b2eddf59fe52184c26 /tests/set_x509_key_mem.c | |
| parent | 39e3da0521211badc3080672e90b7a12d76cef35 (diff) | |
| download | gnutls-e5a6b244859aa0f876e8a7be8b173999819ad8fe.tar.gz | |
tests: enhanced set_x509*_key to verify that connections succeed with creds
That is the tests no only verify that credentials are set as expected
but also whether sessions are established with the credentials provided.
Diffstat (limited to 'tests/set_x509_key_mem.c')
| -rw-r--r-- | tests/set_x509_key_mem.c | 57 |
1 files changed, 16 insertions, 41 deletions
diff --git a/tests/set_x509_key_mem.c b/tests/set_x509_key_mem.c index 672ac0f325..32df0a4ef8 100644 --- a/tests/set_x509_key_mem.c +++ b/tests/set_x509_key_mem.c @@ -41,6 +41,7 @@ #include <gnutls/x509.h> #include "utils.h" +#include "cert-common.h" /* Test for memory allocations in a non-matching key-cert pair loading. * @@ -51,43 +52,6 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "<%d>| %s", level, str); } -static unsigned char cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" - "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" - "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" - "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" - "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" - "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" - "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" - "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" - "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" - "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" - "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n"; -const gnutls_datum_t cert = { cert_pem, sizeof(cert_pem) - 1}; - -static unsigned char key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t key = { key_pem, - sizeof(key_pem) - 1 -}; - void doit(void) { gnutls_certificate_credentials_t x509_cred; @@ -103,8 +67,8 @@ void doit(void) gnutls_certificate_allocate_credentials(&x509_cred); - ret = gnutls_certificate_set_x509_key_mem(x509_cred, &cert, - &key, + ret = gnutls_certificate_set_x509_key_mem(x509_cred, &cli_cert, + &server_key, GNUTLS_X509_FMT_PEM); if (ret != GNUTLS_E_CERTIFICATE_KEY_MISMATCH) { fail("error in error code\n"); @@ -117,14 +81,25 @@ void doit(void) gnutls_certificate_allocate_credentials(&x509_cred); gnutls_certificate_set_flags(x509_cred, GNUTLS_CERTIFICATE_SKIP_KEY_CERT_MATCH); - ret = gnutls_certificate_set_x509_key_mem(x509_cred, &cert, - &key, + ret = gnutls_certificate_set_x509_key_mem(x509_cred, &server_ca3_localhost6_cert, + &server_ca3_key, + GNUTLS_X509_FMT_PEM); + if (ret < 0) { + fail("error in error code\n"); + exit(1); + } + + ret = gnutls_certificate_set_x509_key_mem(x509_cred, &server_ca3_localhost_cert, + &server_ca3_key, GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in error code\n"); exit(1); } + test_cli_serv(x509_cred, "NORMAL", &ca3_cert, "localhost"); + test_cli_serv(x509_cred, "NORMAL", &ca3_cert, "localhost6"); + gnutls_certificate_free_credentials(x509_cred); gnutls_global_deinit(); |