summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--tests/Makefile.am2
-rw-r--r--tests/cert-common.h98
-rw-r--r--tests/set_x509_pkcs12_key.c104
3 files changed, 203 insertions, 1 deletions
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 60bd75e07f..f11057366a 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -103,7 +103,7 @@ ctests = mini-record-2 simple gc set_pkcs12_cred certder certuniqueid \
system-prio-file name-constraints-merge crl-basic crq-basic \
send-client-cert custom-urls-override hex rehandshake-switch-psk-id \
rehandshake-switch-srp-id base64 srpbase64 pkcs1-digest-info set_x509_key \
- set_x509_key_file_der
+ set_x509_key_file_der set_x509_pkcs12_key
if HAVE_SECCOMP_TESTS
ctests += dtls-with-seccomp tls-with-seccomp dtls-client-with-seccomp tls-client-with-seccomp
diff --git a/tests/cert-common.h b/tests/cert-common.h
index 69f44ae760..0b51e22e8f 100644
--- a/tests/cert-common.h
+++ b/tests/cert-common.h
@@ -634,3 +634,101 @@ static char unknown_ca_cert_pem[] =
const gnutls_datum_t unknown_ca_cert = { (void*)unknown_ca_cert_pem,
sizeof(unknown_ca_cert_pem)
};
+
+static const char server_ca3_pkcs12_pem[] =
+ "-----BEGIN PKCS12-----\n"
+ "MIIQvwIBAzCCEIcGCSqGSIb3DQEHAaCCEHgEghB0MIIQcDCCBOcGCSqGSIb3DQEH\n"
+ "BqCCBNgwggTUAgEAMIIEzQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIGlbZ\n"
+ "V1qak5wCAhTsgIIEoLClLTWuG7yxoUp9Jw34KHHgK5jun/kkUN8RcUDDCOWUsuJG\n"
+ "HPV9TPAG2LpS39Leg+Uo4NpTTUp8RVnbo2I+jR9Bl/cL6zqG0Y+bpaGKsFwZqYQu\n"
+ "wbKctXL/yJhPKJ13paJB2W6kvU05KbC/6Zq69zYxfMkm0fPGnruGBenMUYbP/BKM\n"
+ "6xXmqztGCMHrh9dGyGsGTWN9rJgmNkA/Hh77uIkBdliJHFoS1Rbw7uNbV+3vQcoN\n"
+ "i66aaZa7SftoudwOOGCLCAY9wz34d2Ni8xLfO9PasqtjkXTAllXqEmh0IzK6E63W\n"
+ "VUIp/Ea2312LZQ4kkUKm4MzpRpDoOJf2tAUHHbpsSLLBzPUGP8pOZKp73OzQR+PW\n"
+ "eJhY7sbRcI11qfRD9hteEMEOHU1gJ2dBka7HHvg2bMMArKbtZ3C8Dw6iU42b37xv\n"
+ "+tKtZrZNYILE4sVTy2bwhupraMkScv90Z4fIfuCZEdzlIaP73CTjp6pe2AqEBKBR\n"
+ "h+zf/VhonEsoaCSrQ2Ew5BWk1JjBAyHj2WS8vuhrGvqP/k0k0f5Ji0xoqOW9yM6q\n"
+ "clsfVswsaWR8FuYxKfsuD3styPxW1nHPKET2tWVwSX7WQEwyfSjNAj4EqQGcukpr\n"
+ "3+bgLJciZxLCmNbXAouZKSO05tH5aLPENclXoeuT4ODn5Hzfjd/xT3wnXPNZN+3+\n"
+ "+a87CClzqOG892q2mGGOpTmcuDwy20XHiM47hpxIavOn/jKBYH+zJ5GpYV8B4AkD\n"
+ "WfwnAlPFFZ3Af9Xrc+TpYJ2TE7FRG9Y5XWymhGGkvpyxif8n+QyZAn31lPIiGNPH\n"
+ "1qcWUmF446wQv9jpbuQswAjQNX4vzTGezPVLLZg/n1dDzzCvG4pDGFqyU7iwjCuh\n"
+ "vLH+Zuk/3fGMyvXgNj89xZQIqfclWT2AvFOTclTqylz6Toe/zj45rixZ3bFG8hME\n"
+ "UuEVs3Bz2qRz+JdMSu33qQ4SRUNIePqSMRD8q5aVbZmenNXQtciszBTofSvd8qsu\n"
+ "S7LaiX3M+VVOxyQaB9c6Ely9hrFNT24iarHFEk5ZYgpUToBTLUDEBqfWr0AhZHCB\n"
+ "RwTdP4WFmAaOC2/ZINSQE0bxGqo79lyPP0Ysp2dpPxjlAYX0myccuqnBo0rLtV/7\n"
+ "Sl/9xNj1I7T9qhWzC/WvAjnrlxp4QYgcCLiRe6TaDO1qP47khRyAaxIbLPwYQ6cJ\n"
+ "TDDu1x9iYTCntmRu5pbzokcpajMIepHVzI7FbpLh2BK/fVFTgHKp5XmemLyN5A47\n"
+ "itZvz89gxp6304nqW2z8JpKZ/RDCHyA/6H+PwgvnrAmS+hDKJ58OksfRESlyN619\n"
+ "k9rHtzBoYIlwkhf29pYCaWZ6KWJlgsTG6FKXej6fC7Q94hPkXJRez8Pd8MJR6X+x\n"
+ "XdYbmGVOSEEujg8Ak4Zf+caQ8iawuHTeMr7h2WNr7xH06Ddw12J4t0LdRKDECMJS\n"
+ "C9Jb/tICcjJVxKt4QBlXmy2s2R9i2BUkcyPwUNdE6VORBazQ5sXzOGOcl2ef0OHF\n"
+ "PpE0P9esuXUs9MOqfEe3FnsgFiNjUdPKH5q8mrDDTDGs46RcnJOCwtv6YFrqMIID\n"
+ "3wYJKoZIhvcNAQcGoIID0DCCA8wCAQAwggPFBgkqhkiG9w0BBwEwHAYKKoZIhvcN\n"
+ "AQwBAzAOBAis+k2GAXZlEQICFLWAggOYF7BBapV1GKPSkJeC9dgjEL6AdreDBCyh\n"
+ "LOHoMUKf9AVH4XzgkAtsa1FAomHQscfQKGe3G6vaSi2ugZ0qduasoPlQjldBy+ml\n"
+ "m7QcBh/0p72XcsC6t6se7UcmWvrnp3Nk3rwAQdeOCMVJvljFq0a+83XcZ8a6XuH2\n"
+ "7O0EjUQVWfo1cn6ZFo8l6dBuNNPc32XLwdcIXuPTnScGsxZawufbAprbK/yEf3Dn\n"
+ "IN4POP5KlNdTcv6ko7eGfr2fsOLkDwXWdy42D+oMVc3dj6XTH74FgYv5z8GyELFT\n"
+ "r8mcSKUsbSHVXcUigv9KMDJ+bMzM9feNhiTzEr45OfGDLgBHLsqCcbhpJeN/rpv5\n"
+ "1/KKHIRJmO9GU5Qvk97+1MZr3+PDCqJK4qhiIJhvOKfnYAf9ToSat7lHVdFa6ToH\n"
+ "JK2E7YaFXaMUNii/ZeDZ1n4WcPSkvLJscVk8AhG3emXja96EmJs5aWkKzcJ0ihLX\n"
+ "vDehuZ7JFBNesHrKcC0IM1KhHCkSd/ijcAG+LOmbdl5KMx0KOepJHIkDrpFfiwwq\n"
+ "GkANh9u9FIhqvXjDCtmUkp8mI38FBcAtN1X6cQjy1BzPfyecazA5vkzt6CGKalK6\n"
+ "lTEQjmEftu782r+WhpRw/a7fBM5BDN7QVrvequOtbWRgwFg9xjsSGGw8syO90DxU\n"
+ "aundXXXfgCvqIIWxciQZ57Cvno88TWPpQCrBZ3XZD/Ajr4PTI+Spe6olJlnskOFW\n"
+ "MYRrcHQuuH1N/NUVZCxBqOwh7A53TCGoTnCOeU9l4UHTIP1MOsf29G8dCo9RGcrU\n"
+ "sRx2vgkifOkomUY3+qfjwwipyqWZbuH64ewCbpprPqI7/PVVS+tKqLpLvFJqFrEp\n"
+ "wPlm+7QlbNUnQSaJ6wIav1Z2VKeeu5BewW9BbHjyadrxYOz893ttBZc3ExewX5Uh\n"
+ "lPJXj5CXV5tojUJdvDnXNLsFMn+0ksY3i8xAQpeQJsnrYao0k14w14UGhCgylusl\n"
+ "Z+ogDuWySxyknp/lUN/gE1DbRfZs5o+meg5sMD1DNxeJHPrweB8jT4xKqI0MBYy/\n"
+ "7zkA/BcN6XYhxMXRSwA7f5NUxmUMrOvbLA9GyGj+Mx0/8YFdKr3WbugzD+c1A1kD\n"
+ "hzNgkuM2Qgy13MiEmPp0XAPwr0F3bqjgzL13zgfl1XnR0/U5I0kVnAnw1aa6Cckj\n"
+ "UM2wnEmBYkRhnqA3avOXngrOHuVVJV3lj1Kqu2MaXfYwggeeBgkqhkiG9w0BBwGg\n"
+ "ggePBIIHizCCB4cwggeDBgsqhkiG9w0BDAoBAqCCBy4wggcqMBwGCiqGSIb3DQEM\n"
+ "AQMwDgQIQjy2fTdgBPACAhQkBIIHCIB73qFkUGPoMG34/S4Vm/MdLEOwZDDdeOZJ\n"
+ "Nr8xTnWWAg1Txjxo67TTzx2p/knFsMdqcJBXfKOBu0aK8+wy/EbTtXNB545fuDxD\n"
+ "a8lPJWIVU1zYR69DE2AGJibatwPLO35u1mQ6+NMclCpM838CqFfFdQVdqtrlBFdM\n"
+ "Yxwzxt4rJ/uSxhi7dnjU6UH2w25/feLrcCLLbnLMo68HSqmwyg6hoTc5bmUu02j2\n"
+ "eSvy9cFR2M9kZluli7SFiHysbjlHQD2ahBJM0KEICjIdKkH2D4Qn2mWs+myzCLwA\n"
+ "9yfBxEnRYosBFYLcBc41thruTNKjj+GoZpqfkfNX4gqxBjMjl6+eIW/fVOxSDVTO\n"
+ "U1BVb58kdKOQnxVovXrd3LCYQIHxMfHu3MxzG9jc/5p89qZV7UJLsC2yNxlnq4+L\n"
+ "gXPjEdMhSxr7dteWcqSXlZLZj29KRplo04ZoTVyrfIxi8gEBkuql5uMJrf9TPeNA\n"
+ "f/Lfasfm95IiujD4RQPlxacUAZSAkKtKG85gvopoiAPiAT6+8igVD6WS1jdKTuY8\n"
+ "+Zo4N4s/uK6Ey5ck+EpOF+pCrHkIQdGhqLN/CFRxYTogpDBwdmgbv4IBeKEOE5jZ\n"
+ "jxd9RZvenwumYM5VZjj+SnJ4OoRVO8ZqdbIFWJ71bvuk4e1OnnyDqnsDPkG0Y/zc\n"
+ "drrMWL6MjfrbefanOE8idnyXwqeEuEhktYkW1Pqn57/ckR+ugx1VLhUmOkKYakbo\n"
+ "HGdWibIjY/MxsD+83y/x+QT0avN168GpaSd2mNyktUlpH+wuaUj1jZJIl4/mEnpq\n"
+ "NNkZrDtwwla7iUcwUApVvQli3FAiNYq1ieqpxmz/YPB2Ge9OEVSW4liHro+bPpmZ\n"
+ "h+S2mzkAesDM/nYAWzRFxsK6C0du2wOHh2IgRjwl1w1aoxrKaw8NYUJwFuFRyiIf\n"
+ "7/cxfQW9PlIQwwkZ/gBM0q6rDZEbPnO0vuwisV01HUnJ8eeVbunlwRTZDE0BZpCx\n"
+ "yY7ZG24n0nogQnFsIADT86KhxyOsS6+UKYbYeyQ44ZIakkMTVA1zdb7wMEWT0v93\n"
+ "KVXQ3oYyoLrdgAWHVAVjVshuNyL0w7toOa6IbuM3FUZQG94A6HQs5mNQUXoBncA7\n"
+ "F8iVTB16YHyhWRLZrpUVNhOmx9+sZ6mK4Ll2+XJ0sZhCdCNtDtnrb7KPMHeWK3We\n"
+ "jsdUB48/Wc6WN2tX9CquUXFqHBgY/pHxFG8gNw5+OEpM3OXdPFdMjTFfcUzz5sbs\n"
+ "iNC9AWgCsINv+MV7qg3m/prNNgrwrMkOtsxHYKwJAZqlc3Y9XVzKfGlNIK9KfbKA\n"
+ "3VoQenbNV1dst1Nrxl4vuNvbm5II8XDl8bkHWuS1snbxELRLFOSZlYsIw3Yw4sbZ\n"
+ "V/qqJix11yhpWRrW3/TdxEvEp5MZVuciJp6CS8rNpdAvzSenDQ8XfA2mLXNY5NgM\n"
+ "NOvBc/XBi9QqGJo20DCeKrOtYXbo7dsVDJrJqRdZT4ftoQQvK22uBW6CmO5cUGkE\n"
+ "8fP/9Ym5yJEFrHNROsbUqfp+KPPaoVuUNsJDor3evcdAHKOSDldPfbmBLV7sFNEP\n"
+ "33p5ejwvszAaJEWRf48Y2fRKzfbkyDPYO+5we9XaKhcRvbp6NR0EQl1JLFw2/1nn\n"
+ "lmDVMc/XJGL6VE7rmM79vTxq4C7YSzWcD+2FM9nWrzweYEKtleHOPdjl2vOziNu0\n"
+ "f396VtmEho8BHV80A06j+GYlENzodfjsTtcFycCGS3j1dvnBJitD//jqX0p56YsL\n"
+ "vCjCnn0Isl9WXvooC63ntf2jdcP0xwbQbKEYB0v4ai17AM99WFbzMnw4Hk79MvcE\n"
+ "85THHdQSceJhFGXhku6MUuWIU1CjTByiiaBZirtBS0da3s2RfyChHlAnMW1vQXRl\n"
+ "2388E8B3+VCLzfOYqflW983xCzCQONBn6pPQkTIE4y7LyQphZVIWOklqV4HDqSM9\n"
+ "Nd8u6Lgub6vrEH8qN3ExsmA/zb8uKr82PaXq+TB0KIOixy3ynjWRdVPAvF+ASmR+\n"
+ "whTJxkfH5mRO1/0/kgtSH/J37HtkAQC7OAUMycdrEC8r2+TKk/CMV00UIEzfCEo1\n"
+ "kfdSiRB+oBDStE1TJ8X6l0slr7BUNjuinU3Waq5FtybC2cI6MkGq0Dj+1qQflqs6\n"
+ "eT2SM8MN2v/9ktqDqGqWGuIByxMHJTRcithOhdClCfj2VYWQsp4L6lWtE5EDgEbG\n"
+ "d3UjaRGUPH58peE3vOziC1sruMN9hEbQU1JYRWerQlBYjt2RAHuSzQhSbu3GKJNV\n"
+ "1KVDTxVxIpuTcdqKenGTJvA79TPnM/fCVbwgW18DAUhFruqgfCTU8EVMLgqDecnR\n"
+ "v4YzX3weMpYuhnPqhcOkgImvRJv7C0b/yjV/0ctW0uQxtTD8nAN0wmQyCfY4RTFC\n"
+ "MBsGCSqGSIb3DQEJFDEOHgwAcwBlAHIAdgBlAHIwIwYJKoZIhvcNAQkVMRYEFDOd\n"
+ "4SfTi9X86wX8tceBaU9eO9nWMC8wHzAHBgUrDgMCGgQUSrnTiqr47JA4mCEpQDQX\n"
+ "JMU7QdMECJJR3+yAuOeDAgIoAA==\n"
+ "-----END PKCS12-----\n";
+
+const gnutls_datum_t server_ca3_pkcs12 = { (void*)server_ca3_pkcs12_pem,
+ sizeof(server_ca3_pkcs12_pem)-1
+};
diff --git a/tests/set_x509_pkcs12_key.c b/tests/set_x509_pkcs12_key.c
new file mode 100644
index 0000000000..110404d117
--- /dev/null
+++ b/tests/set_x509_pkcs12_key.c
@@ -0,0 +1,104 @@
+/*
+ * Copyright (C) 2014-2016 Nikos Mavrogiannopoulos
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * GnuTLS is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuTLS is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GnuTLS; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+#include "cert-common.h"
+#include "utils.h"
+
+static void compare(const gnutls_datum_t *der, const void *ipem)
+{
+ gnutls_datum_t pem = {(void*)ipem, strlen((char*)ipem)};
+ gnutls_datum_t new_der;
+ int ret;
+
+ ret = gnutls_pem_base64_decode2("CERTIFICATE", &pem, &new_der);
+ if (ret < 0) {
+ fail("error: %s\n", gnutls_strerror(ret));
+ }
+
+ if (der->size != new_der.size || memcmp(der->data, new_der.data, der->size) != 0) {
+ fail("error in %d: %s\n", __LINE__, "cert don't match");
+ exit(1);
+ }
+ gnutls_free(new_der.data);
+ return;
+}
+
+void doit(void)
+{
+ int ret;
+ gnutls_certificate_credentials_t xcred;
+ const char *certfile = "does-not-exist.pem";
+ gnutls_datum_t tcert;
+ FILE *fp;
+
+ global_init();
+ assert(gnutls_certificate_allocate_credentials(&xcred) >= 0);
+
+ /* this will fail */
+ ret = gnutls_certificate_set_x509_simple_pkcs12_file(xcred, certfile,
+ GNUTLS_X509_FMT_PEM, "1234");
+ if (ret != GNUTLS_E_FILE_ERROR)
+ fail("gnutls_certificate_set_x509_simple_pkcs12_file failed: %s\n", gnutls_strerror(ret));
+
+ gnutls_certificate_free_credentials(xcred);
+
+ assert(gnutls_certificate_allocate_credentials(&xcred) >= 0);
+
+ certfile = tmpnam(NULL);
+
+ fp = fopen(certfile, "w");
+ if (fp == NULL)
+ fail("error in fopen\n");
+
+ assert(fwrite(server_ca3_pkcs12_pem, 1, strlen((char*)server_ca3_pkcs12_pem), fp)>0);
+ fclose(fp);
+
+ ret = gnutls_certificate_set_x509_simple_pkcs12_file(xcred, certfile,
+ GNUTLS_X509_FMT_PEM, "1234");
+ if (ret < 0)
+ fail("gnutls_certificate_set_x509_simple_pkcs12_file failed: %s\n", gnutls_strerror(ret));
+
+ /* verify whether the stored certificate match the ones we have */
+ ret = gnutls_certificate_get_crt_raw(xcred, 0, 0, &tcert);
+ if (ret < 0) {
+ fail("error in %d: %s\n", __LINE__, gnutls_strerror(ret));
+ exit(1);
+ }
+
+ compare(&tcert, server_ca3_cert_pem);
+
+ remove(certfile);
+
+ gnutls_certificate_free_credentials(xcred);
+ gnutls_global_deinit();
+}
View Lorry Controller Status