From 9b289ae390cf7b605ae765d779a504b6924dfb49 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Mon, 2 Jan 2017 13:32:41 +0100 Subject: tests: added test for invalid private keys Also force asan to return an error code other than one (the normally expected for invalid keys). --- tests/key-tests/Makefile.am | 5 ++-- tests/key-tests/data/key-invalid1.der | Bin 0 -> 118 bytes tests/key-tests/key-invalid | 51 ++++++++++++++++++++++++++++++++++ 3 files changed, 54 insertions(+), 2 deletions(-) create mode 100644 tests/key-tests/data/key-invalid1.der create mode 100755 tests/key-tests/key-invalid diff --git a/tests/key-tests/Makefile.am b/tests/key-tests/Makefile.am index cbfbe65bff..84f761e2d9 100644 --- a/tests/key-tests/Makefile.am +++ b/tests/key-tests/Makefile.am @@ -29,11 +29,11 @@ EXTRA_DIST = data/key-ca.pem data/key-user.pem \ data/cert.dsa.1024.pem data/cert.dsa.2048.pem data/cert.dsa.3072.pem \ data/dsa.1024.pem data/dsa.2048.pem data/dsa.3072.pem data/dsa-pubkey-1018.pem \ data/bad-key.pem data/p8key-illegal.pem data/key-illegal.pem data/pkcs8-pbes2-sha256.pem \ - data/pkcs8-pbes1-des-md5.pem data/pkcs8-invalid8.der + data/pkcs8-pbes1-des-md5.pem data/pkcs8-invalid8.der data/key-invalid1.der dist_check_SCRIPTS = key-id pkcs8 pkcs8-decode dsa ecdsa illegal-rsa pkcs8-invalid -TESTS = key-id pkcs8 pkcs8-decode ecdsa pkcs8-invalid +TESTS = key-id pkcs8 pkcs8-decode ecdsa pkcs8-invalid key-invalid if !WITH_OLD_NETTLE TESTS += illegal-rsa @@ -44,6 +44,7 @@ TESTS += dsa endif TESTS_ENVIRONMENT = EXEEXT=$(EXEEXT) \ + ASAN_OPTIONS="exitcode=6" \ LC_ALL="C" \ VALGRIND="$(VALGRIND)" \ top_builddir="$(top_builddir)" \ diff --git a/tests/key-tests/data/key-invalid1.der b/tests/key-tests/data/key-invalid1.der new file mode 100644 index 0000000000..909ee82a7a Binary files /dev/null and b/tests/key-tests/data/key-invalid1.der differ diff --git a/tests/key-tests/key-invalid b/tests/key-tests/key-invalid new file mode 100755 index 0000000000..43315a64e3 --- /dev/null +++ b/tests/key-tests/key-invalid @@ -0,0 +1,51 @@ +#!/bin/sh + +# Copyright (C) 2004-2006, 2010, 2012 Free Software Foundation, Inc. +# Copyright (C) 2016 Red Hat, Inc. +# +# Author: Nikos Mavrogiannopoulos +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +srcdir="${srcdir:-.}" +CERTTOOL="${CERTTOOL:-../../src/certtool${EXEEXT}}" +DIFF="${DIFF:-diff -b -B}" +TMPFILE=key-invalid.$$.tmp + +if ! test -z "${VALGRIND}"; then + VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND}" +fi + +ret=0 +for p8 in "key-invalid1.der";do + set -- ${p8} + file="$1" + ${VALGRIND} "${CERTTOOL}" --inder --key-info \ + --infile "${srcdir}/data/${file}" + rc=$? + if test ${rc} != 1; then + echo "FATAL ${p8} - errno ${rc}" + ret=1 + else + echo "OK ${p8} - errno ${rc}" + fi +done + +rm -f $TMPFILE + +echo "DONE (rc $ret)" +exit $ret -- cgit v1.2.1