From aa5950abab56b011331ad4331409b6ff8efb8aeb Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Mon, 24 Apr 2023 12:39:42 +0900 Subject: build: re-indent code Signed-off-by: Daiki Ueno --- tests/aead-cipher-vec.c | 18 +- tests/alerts.c | 62 +- tests/alpn-server-prec.c | 70 +- tests/anonself.c | 54 +- tests/atfork.c | 10 +- tests/auto-verify.c | 333 +- tests/base64-raw.c | 146 +- tests/base64.c | 169 +- tests/buffer.c | 37 +- tests/cert-common.h | 3223 ++++++++------- tests/cert-repro-20170915.h | 749 ++-- tests/cert-status.c | 57 +- tests/cert.c | 15 +- tests/cert_verify_inv_utf8.c | 43 +- tests/certificate_set_x509_crl.c | 38 +- tests/certuniqueid.c | 213 +- tests/chainverify-unsorted.c | 1099 +++-- tests/chainverify.c | 87 +- tests/cipher-alignment.c | 263 +- tests/cipher-neg-common.c | 42 +- tests/cipher-padding.c | 40 +- tests/ciphersuite-name.c | 17 +- tests/client-fastopen.c | 60 +- tests/client-secrets.h | 520 +-- tests/client-sign-md5-rep.c | 1106 +++-- tests/client_dsa_key.c | 36 +- tests/cmocka-common.h | 18 +- tests/common-cert-key-exchange.c | 164 +- tests/common-cert-key-exchange.h | 154 +- tests/common-key-tests.h | 110 +- tests/conv-utf8.c | 132 +- tests/crl-basic.c | 179 +- tests/crl_apis.c | 117 +- tests/crlverify.c | 295 +- tests/crq-basic.c | 122 +- tests/crq_apis.c | 163 +- tests/crq_key_id.c | 47 +- tests/crt_apis.c | 107 +- tests/crt_inv_write.c | 28 +- tests/crt_type-neg-common.c | 178 +- tests/custom-urls-override.c | 72 +- tests/custom-urls.c | 81 +- tests/cve-2008-4989.c | 217 +- tests/cve-2009-1415.c | 54 +- tests/cve-2009-1416.c | 2 +- tests/dane-strcodes.c | 5 +- tests/dane.c | 865 ++-- tests/datefudge-check.c | 2 +- tests/dh-compute.c | 131 +- tests/dh-params.c | 13 +- tests/dhepskself.c | 50 +- tests/dhex509self.c | 77 +- tests/dn.c | 93 +- tests/dn2.c | 72 +- tests/dss-sig-val.c | 223 +- tests/dtls-client-with-seccomp.c | 58 +- tests/dtls-etm.c | 81 +- tests/dtls-handshake-versions.c | 17 +- tests/dtls-max-record.c | 24 +- tests/dtls-pthread.c | 57 +- tests/dtls-rehandshake-anon.c | 93 +- tests/dtls-rehandshake-cert-2.c | 87 +- tests/dtls-rehandshake-cert-3.c | 81 +- tests/dtls-rehandshake-cert.c | 87 +- tests/dtls-repro-20170915.c | 14 +- tests/dtls-session-ticket-lost.c | 46 +- tests/dtls-sliding-window.c | 8 +- tests/dtls-with-seccomp.c | 58 +- tests/dtls/dtls-stress.c | 645 +-- tests/dtls1-2-mtu-check.c | 406 +- tests/dtls10-cert-key-exchange.c | 11 +- tests/dtls12-cert-key-exchange.c | 62 +- tests/duplicate-extensions.c | 79 +- tests/eagain-auto-auth.c | 57 +- tests/eagain-common.h | 422 +- tests/eagain.c | 26 +- tests/ecdh-compute.c | 202 +- tests/empty_retrieve_function.c | 37 +- tests/fallback-scsv.c | 59 +- tests/fips-mode-pthread.c | 46 +- tests/fips-rsa-sizes.c | 23 +- tests/fips-test.c | 112 +- tests/global-init-override.c | 7 +- tests/global-init.c | 2 +- tests/gnutls-ids.c | 2 +- tests/gnutls-strcodes.c | 39 +- tests/gnutls_ext_raw_parse.c | 69 +- tests/gnutls_ext_raw_parse_dtls.c | 73 +- tests/gnutls_hmac_fast.c | 50 +- tests/gnutls_ktls.c | 67 +- tests/gnutls_ocsp_resp_list_import2.c | 335 +- tests/gnutls_record_overhead.c | 61 +- tests/gnutls_session_set_id.c | 22 +- tests/gnutls_x509_crq_sign.c | 57 +- tests/gnutls_x509_crt_list_import.c | 504 ++- tests/gnutls_x509_crt_sign.c | 62 +- tests/gnutls_x509_privkey_import.c | 85 +- tests/handshake-false-start.c | 65 +- tests/handshake-large-cert.c | 89 +- tests/handshake-large-packet.c | 54 +- tests/handshake-timeout.c | 43 +- tests/handshake-versions.c | 12 +- tests/handshake-write.c | 29 +- tests/hex.c | 114 +- tests/hex.h | 10 +- tests/hostname-check-utf8.c | 113 +- tests/hostname-check.c | 1470 +++---- tests/id-on-xmppAddr.c | 21 +- tests/infoaccess.c | 120 +- tests/init_roundtrip.c | 2 +- tests/insecure_key.c | 34 +- tests/iov.c | 227 +- tests/ip-check.c | 235 +- tests/ip-utils.c | 88 +- tests/kdf-api.c | 58 +- tests/key-export-pkcs8.c | 119 +- tests/key-import-export.c | 322 +- tests/key-material-dtls.c | 90 +- tests/key-material-set-dtls.c | 68 +- tests/key-openssl.c | 163 +- tests/key-usage-ecdhe-rsa.c | 169 +- tests/key-usage-rsa.c | 241 +- tests/keylog-env.c | 27 +- tests/keylog-func.c | 84 +- tests/ktls_keyupdate.c | 197 +- tests/long-session-id.c | 113 +- tests/mini-alpn.c | 65 +- tests/mini-chain-unsorted.c | 279 +- tests/mini-dtls-discard.c | 63 +- tests/mini-dtls-fork.c | 107 +- tests/mini-dtls-heartbeat.c | 96 +- tests/mini-dtls-hello-verify-48.c | 89 +- tests/mini-dtls-hello-verify.c | 80 +- tests/mini-dtls-large.c | 105 +- tests/mini-dtls-lowmtu.c | 100 +- tests/mini-dtls-mtu.c | 91 +- tests/mini-dtls-record-asym.c | 106 +- tests/mini-dtls-record.c | 137 +- tests/mini-dtls-srtp.c | 90 +- tests/mini-dtls0-9.c | 72 +- tests/mini-eagain-dtls.c | 24 +- tests/mini-emsgsize-dtls.c | 36 +- tests/mini-global-load.c | 78 +- tests/mini-key-material.c | 87 +- tests/mini-loss-time.c | 51 +- tests/mini-overhead.c | 136 +- tests/mini-record-2.c | 174 +- tests/mini-record-failure.c | 91 +- tests/mini-record-range.c | 65 +- tests/mini-record.c | 83 +- tests/mini-server-name.c | 74 +- tests/mini-session-verify-function.c | 107 +- tests/mini-termination.c | 117 +- tests/mini-tls-nonblock.c | 123 +- tests/mini-x509-2.c | 287 +- tests/mini-x509-callbacks-intr.c | 87 +- tests/mini-x509-callbacks.c | 97 +- tests/mini-x509-cas.c | 15 +- tests/mini-x509-ipaddr.c | 36 +- tests/mini-x509.c | 35 +- tests/missingissuer.c | 38 +- tests/missingissuer_aia.c | 42 +- tests/mpi.c | 2 +- tests/multi-alerts.c | 114 +- tests/naked-alerts.c | 37 +- tests/name-constraints-ip.c | 514 ++- tests/name-constraints-merge.c | 219 +- tests/name-constraints.c | 201 +- tests/no-extensions.c | 21 +- tests/no-signal.c | 60 +- tests/no-status-request.c | 67 +- tests/nul-in-x509-names.c | 110 +- tests/null_retrieve_function.c | 37 +- tests/ocsp-common.h | 1000 ++--- tests/ocsp-filename-memleak.c | 10 +- tests/ocsp.c | 926 +++-- tests/oids.c | 20 +- tests/openconnect-dtls12.c | 62 +- tests/openssl.c | 8 +- tests/parse_ca.c | 53 +- tests/pcert-list.c | 465 ++- tests/pkcs1-digest-info.c | 150 +- tests/pkcs11/distrust-after.c | 174 +- tests/pkcs11/gnutls_pcert_list_import_x509_file.c | 48 +- tests/pkcs11/gnutls_x509_crt_list_import_url.c | 44 +- tests/pkcs11/list-objects.c | 13 +- tests/pkcs11/list-tokens.c | 27 +- tests/pkcs11/pkcs11-cert-import-url-exts.c | 23 +- tests/pkcs11/pkcs11-cert-import-url4-exts.c | 26 +- tests/pkcs11/pkcs11-chainverify.c | 85 +- tests/pkcs11/pkcs11-combo.c | 306 +- tests/pkcs11/pkcs11-ec-privkey-test.c | 116 +- tests/pkcs11/pkcs11-eddsa-privkey-test.c | 108 +- tests/pkcs11/pkcs11-get-exts.c | 20 +- tests/pkcs11/pkcs11-get-issuer.c | 49 +- tests/pkcs11/pkcs11-get-raw-issuer-exts.c | 24 +- tests/pkcs11/pkcs11-import-url-privkey.c | 25 +- tests/pkcs11/pkcs11-import-with-pin.c | 64 +- tests/pkcs11/pkcs11-is-known.c | 621 ++- tests/pkcs11/pkcs11-mechanisms.c | 22 +- tests/pkcs11/pkcs11-mock-ext.h | 8 +- tests/pkcs11/pkcs11-mock.c | 1496 ++++--- tests/pkcs11/pkcs11-mock.h | 6 +- tests/pkcs11/pkcs11-mock2.c | 22 +- tests/pkcs11/pkcs11-mock3.c | 30 +- tests/pkcs11/pkcs11-obj-import.c | 93 +- tests/pkcs11/pkcs11-obj-raw.c | 45 +- tests/pkcs11/pkcs11-pin-func.c | 8 +- tests/pkcs11/pkcs11-privkey-always-auth.c | 31 +- tests/pkcs11/pkcs11-privkey-export.c | 23 +- tests/pkcs11/pkcs11-privkey-fork-reinit.c | 38 +- tests/pkcs11/pkcs11-privkey-fork.c | 38 +- tests/pkcs11/pkcs11-privkey-generate.c | 57 +- tests/pkcs11/pkcs11-privkey-pthread.c | 52 +- tests/pkcs11/pkcs11-privkey-safenet-always-auth.c | 25 +- tests/pkcs11/pkcs11-privkey.c | 138 +- tests/pkcs11/pkcs11-pubkey-import-ecdsa.c | 4 +- tests/pkcs11/pkcs11-pubkey-import-rsa.c | 4 +- tests/pkcs11/pkcs11-pubkey-import.c | 89 +- tests/pkcs11/pkcs11-rsa-pss-privkey-test.c | 100 +- tests/pkcs11/pkcs11-token-raw.c | 42 +- tests/pkcs11/softhsm.h | 61 +- tests/pkcs11/tls-neg-pkcs11-key.c | 352 +- tests/pkcs11/tls-neg-pkcs11-no-key.c | 136 +- tests/pkcs12_encode.c | 65 +- tests/pkcs12_s2k.c | 115 +- tests/pkcs12_s2k_pem.c | 398 +- tests/pkcs12_simple.c | 19 +- tests/pkcs7-cat-parse.c | 93 +- tests/pkcs7-gen.c | 113 +- tests/pkcs7-verify-double-free.c | 255 +- tests/pkcs7.c | 15 +- tests/pkcs8-key-decode-encrypted.c | 21 +- tests/pkcs8-key-decode.c | 44 +- tests/post-client-hello-change-prio.c | 28 +- tests/prf.c | 316 +- tests/priorities-groups.c | 20 +- tests/priorities.c | 35 +- tests/priority-init2.c | 100 +- tests/priority-mix.c | 23 +- tests/priority-set.c | 14 +- tests/priority-set2.c | 14 +- tests/privkey-keygen.c | 54 +- tests/privkey-verify-broken.c | 26 +- tests/protocol-set-allowlist.c | 29 +- tests/psk-file.c | 289 +- tests/pskself.c | 55 +- tests/pskself2.c | 78 +- tests/pubkey-import-export.c | 126 +- tests/random-art.c | 109 +- tests/rawpk-api.c | 59 +- tests/record-pad.c | 173 +- tests/record-retvals.c | 159 +- tests/record-sendfile.c | 70 +- tests/record-sizes-range.c | 34 +- tests/record-sizes.c | 24 +- tests/record-timeouts.c | 7 +- tests/recv-data-before-handshake.c | 52 +- tests/rehandshake-ext-secret.c | 27 +- tests/rehandshake-switch-cert-allow.c | 30 +- tests/rehandshake-switch-cert-client-allow.c | 42 +- tests/rehandshake-switch-cert-client.c | 42 +- tests/rehandshake-switch-cert.c | 30 +- tests/rehandshake-switch-psk-id.c | 10 +- tests/rehandshake-switch-srp-id.c | 79 +- tests/resume-dtls.c | 106 +- tests/resume-lifetime.c | 34 +- tests/resume-with-false-start.c | 18 +- tests/resume-with-previous-stek.c | 73 +- tests/resume-with-record-size-limit.c | 94 +- tests/resume-with-stek-expiration.c | 81 +- tests/resume.c | 599 ++- tests/rfc7633-missing.c | 123 +- tests/rfc7633-ok.c | 72 +- tests/rng-fork.c | 12 +- tests/rng-no-onload.c | 6 +- tests/rng-op-key.c | 4 +- tests/rng-op-nonce.c | 4 +- tests/rng-op-random.c | 4 +- tests/rng-op.c | 9 +- tests/rng-pthread.c | 28 +- tests/rng-sigint.c | 36 +- tests/rsa-encrypt-decrypt.c | 107 +- tests/rsa-illegal-import.c | 101 +- tests/rsa-psk-cb.c | 65 +- tests/rsa-psk.c | 58 +- tests/rsa-rsa-pss.c | 76 +- tests/safe-renegotiation/srn0.c | 104 +- tests/safe-renegotiation/srn1.c | 101 +- tests/safe-renegotiation/srn2.c | 112 +- tests/safe-renegotiation/srn3.c | 105 +- tests/safe-renegotiation/srn4.c | 113 +- tests/safe-renegotiation/srn5.c | 114 +- tests/sec-params.c | 2 +- tests/seccomp.c | 39 +- tests/send-client-cert.c | 22 +- tests/send-data-before-handshake.c | 52 +- tests/server-kx-neg-common.c | 120 +- tests/server-secrets.h | 586 +-- tests/server-sign-md5-rep.c | 96 +- tests/server_ecdsa_key.c | 35 +- tests/session-export-funcs.c | 19 +- tests/session-rdn-read.c | 34 +- tests/session-tickets-missing.c | 63 +- tests/session-tickets-ok.c | 52 +- tests/set-default-prio.c | 100 +- tests/set_key.c | 79 +- tests/set_key_utf8.c | 47 +- tests/set_known_dh_params_anon.c | 48 +- tests/set_known_dh_params_psk.c | 52 +- tests/set_known_dh_params_x509.c | 39 +- tests/set_pkcs12_cred.c | 29 +- tests/set_x509_key.c | 38 +- tests/set_x509_key_file-late.c | 30 +- tests/set_x509_key_file.c | 37 +- tests/set_x509_key_file_der.c | 21 +- tests/set_x509_key_file_legacy.c | 37 +- tests/set_x509_key_file_ocsp.c | 399 +- tests/set_x509_key_file_ocsp_multi2.c | 135 +- tests/set_x509_key_mem.c | 36 +- tests/set_x509_key_utf8.c | 58 +- tests/set_x509_ocsp_multi_cli.c | 89 +- tests/set_x509_ocsp_multi_invalid.c | 140 +- tests/set_x509_ocsp_multi_pem.c | 82 +- tests/set_x509_ocsp_multi_unknown.c | 111 +- tests/set_x509_pkcs12_key.c | 37 +- tests/setcredcrash.c | 2 +- tests/sign-is-secure.c | 60 +- tests/sign-pk-api.c | 12 +- tests/sign-verify-data-newapi.c | 79 +- tests/sign-verify-data.c | 79 +- tests/sign-verify-deterministic.c | 183 +- tests/sign-verify-ed25519-rfc8080.c | 46 +- tests/sign-verify-ext.c | 143 +- tests/sign-verify-ext4.c | 152 +- tests/sign-verify-newapi.c | 156 +- tests/sign-verify.c | 166 +- tests/simple.c | 88 +- tests/slow/cipher-api-test.c | 73 +- tests/slow/cipher-openssl-compat.c | 105 +- tests/slow/cipher-test.c | 2 +- tests/slow/gendh.c | 2 +- tests/slow/hash-large.c | 38 +- tests/spki-abstract.c | 28 +- tests/spki.c | 31 +- tests/srp.c | 144 +- tests/srpbase64.c | 87 +- tests/ssl2-hello.c | 40 +- tests/ssl30-cert-key-exchange.c | 2 +- tests/ssl30-cipher-neg.c | 142 +- tests/ssl30-server-kx-neg.c | 192 +- tests/status-request-ext.c | 83 +- tests/status-request-ok.c | 123 +- tests/status-request-revoked.c | 339 +- tests/status-request.c | 67 +- tests/str-idna.c | 66 +- tests/str-unicode.c | 78 +- tests/strict-der.c | 63 +- tests/suite/eagain-cli.c | 43 +- tests/suite/mini-record-timing.c | 305 +- tests/suite/prime-check.c | 2 +- tests/suite/rng.c | 2 +- tests/system-override-curves-allowlist.c | 7 +- tests/system-override-hash.c | 2 +- tests/system-override-sig-tls.c | 62 +- tests/system-override-sig.c | 16 +- tests/system-prio-file.c | 9 +- tests/test-chains-issuer-aia.h | 6 +- tests/test-chains-issuer.h | 367 +- tests/test-chains.h | 4585 +++++++++++---------- tests/time.c | 29 +- tests/tls-channel-binding.c | 63 +- tests/tls-client-with-seccomp.c | 56 +- tests/tls-crt_type-neg.c | 425 +- tests/tls-etm.c | 81 +- tests/tls-ext-not-in-dtls.c | 109 +- tests/tls-ext-register.c | 148 +- tests/tls-force-ems.c | 16 +- tests/tls-force-etm.c | 154 +- tests/tls-neg-ext-key.c | 228 +- tests/tls-neg-ext4-key.c | 392 +- tests/tls-pthread.c | 56 +- tests/tls-record-size-limit-asym.c | 14 +- tests/tls-record-size-limit.c | 367 +- tests/tls-session-ext-override.c | 96 +- tests/tls-session-ext-register.c | 135 +- tests/tls-session-supplemental.c | 76 +- tests/tls-supplemental.c | 85 +- tests/tls-with-seccomp.c | 58 +- tests/tls10-cert-key-exchange.c | 9 +- tests/tls10-cipher-neg.c | 150 +- tests/tls10-prf.c | 79 +- tests/tls10-server-kx-neg.c | 655 ++- tests/tls11-cert-key-exchange.c | 19 +- tests/tls11-cipher-neg.c | 150 +- tests/tls11-server-kx-neg.c | 655 ++- tests/tls12-anon-upgrade.c | 216 +- tests/tls12-cert-key-exchange.c | 406 +- tests/tls12-cipher-neg.c | 384 +- tests/tls12-ffdhe.c | 478 +-- tests/tls12-invalid-key-exchanges.c | 50 +- tests/tls12-max-record.c | 25 +- tests/tls12-prf.c | 115 +- tests/tls12-rehandshake-cert-2.c | 113 +- tests/tls12-rehandshake-cert-3.c | 75 +- tests/tls12-rehandshake-cert-auto.c | 64 +- tests/tls12-rehandshake-cert.c | 19 +- tests/tls12-rehandshake-set-prio.c | 22 +- tests/tls12-rehandshake-ticket.c | 42 +- tests/tls12-server-kx-neg.c | 909 ++-- tests/tls13-cert-key-exchange.c | 342 +- tests/tls13-cipher-neg.c | 258 +- tests/tls13-compat-mode.c | 31 +- tests/tls13-early-data-neg.c | 164 +- tests/tls13-early-data-neg2.c | 98 +- tests/tls13-early-data.c | 379 +- tests/tls13-early-start.c | 82 +- tests/tls13-rehandshake-cert.c | 18 +- tests/tls13-server-kx-neg.c | 503 ++- tests/tls13-without-timeout-func.c | 20 +- tests/tls13/anti_replay.c | 27 +- tests/tls13/change_cipher_spec.c | 85 +- tests/tls13/compress-cert-cli.c | 81 +- tests/tls13/compress-cert-neg.c | 104 +- tests/tls13/compress-cert-neg2.c | 76 +- tests/tls13/compress-cert.c | 109 +- tests/tls13/cookie.c | 76 +- tests/tls13/ext-parse.h | 76 +- tests/tls13/hello_retry_request.c | 65 +- tests/tls13/hello_retry_request_resume.c | 76 +- tests/tls13/key_limits.c | 42 +- tests/tls13/key_share.c | 33 +- tests/tls13/key_update.c | 32 +- tests/tls13/key_update_multiple.c | 33 +- tests/tls13/multi-ocsp.c | 94 +- tests/tls13/no-auto-send-ticket.c | 81 +- tests/tls13/no-psk-exts.c | 56 +- tests/tls13/ocsp-client.c | 84 +- tests/tls13/post-handshake-with-cert-auto.c | 103 +- tests/tls13/post-handshake-with-cert-pkcs11.c | 151 +- tests/tls13/post-handshake-with-cert-ticket.c | 99 +- tests/tls13/post-handshake-with-cert.c | 109 +- tests/tls13/post-handshake-with-psk.c | 101 +- tests/tls13/post-handshake-without-cert.c | 60 +- tests/tls13/prf-early.c | 154 +- tests/tls13/prf.c | 174 +- tests/tls13/psk-dumbfw.c | 71 +- tests/tls13/psk-ext.c | 207 +- tests/tls13/psk-ke-modes.c | 23 +- tests/tls13/rnd-check-rollback-val.c | 83 +- tests/tls13/rnd-rollback-detection.c | 81 +- tests/tls13/supported_versions.c | 109 +- tests/tls13/tls12-no-tls13-exts.c | 48 +- tests/tlsext-decoding.c | 58 +- tests/tlsfeature-crt.c | 34 +- tests/tlsfeature-ext.c | 52 +- tests/trust-store.c | 2 +- tests/trustdb-tofu.c | 123 +- tests/urls.c | 2 +- tests/utils-adv.c | 88 +- tests/utils.c | 79 +- tests/utils.h | 164 +- tests/version-checks.c | 20 +- tests/virt-time.h | 38 +- tests/win-certopenstore.c | 4 +- tests/windows/cng-windows.c | 122 +- tests/windows/crypt32.c | 118 +- tests/windows/ncrypt-int.h | 2 +- tests/windows/ncrypt.c | 89 +- tests/x509-cert-callback-legacy.c | 69 +- tests/x509-cert-callback-ocsp.c | 39 +- tests/x509-cert-callback.c | 69 +- tests/x509-dn-decode-compat.c | 101 +- tests/x509-dn-decode.c | 253 +- tests/x509-dn.c | 35 +- tests/x509-extensions.c | 207 +- tests/x509-server-verify.c | 49 +- tests/x509-upnconstraint.c | 153 +- tests/x509-verify-duplicate.c | 273 +- tests/x509-verify-with-crl.c | 128 +- tests/x509_altname.c | 69 +- tests/x509cert-ct.c | 181 +- tests/x509cert-dntypes.c | 89 +- tests/x509cert-invalid.c | 85 +- tests/x509cert-tl.c | 320 +- tests/x509cert.c | 111 +- tests/x509dn.c | 79 +- tests/x509self.c | 68 +- tests/x509sign-verify-common.h | 134 +- tests/x509sign-verify-ecdsa.c | 12 +- tests/x509sign-verify-error.c | 162 +- tests/x509sign-verify-gost.c | 12 +- tests/x509sign-verify-rsa.c | 16 +- tests/x509sign-verify.c | 85 +- tests/xts-key-check.c | 5 +- 495 files changed, 31677 insertions(+), 33855 deletions(-) (limited to 'tests') diff --git a/tests/aead-cipher-vec.c b/tests/aead-cipher-vec.c index ff9085f2cd..6f13f39758 100644 --- a/tests/aead-cipher-vec.c +++ b/tests/aead-cipher-vec.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -83,18 +83,16 @@ static void start(const char *name, int algo) fail("gnutls_cipher_init: %s\n", gnutls_strerror(ret)); for (i = 0; i < 2; i++) { - ret = gnutls_aead_cipher_encryptv2(ch, - iv.data, iv.size, - auth_iov, 2, - iov, i + 1, tag, &tag_size); + ret = gnutls_aead_cipher_encryptv2(ch, iv.data, iv.size, + auth_iov, 2, iov, i + 1, tag, + &tag_size); if (ret < 0) fail("could not encrypt data: %s\n", gnutls_strerror(ret)); - ret = gnutls_aead_cipher_decryptv2(ch, - iv.data, iv.size, - auth_iov, 2, - iov, i + 1, tag, tag_size); + ret = gnutls_aead_cipher_decryptv2(ch, iv.data, iv.size, + auth_iov, 2, iov, i + 1, tag, + tag_size); if (ret < 0) fail("could not decrypt data: %s\n", gnutls_strerror(ret)); @@ -113,7 +111,7 @@ void doit(void) ret = global_init(); if (ret < 0) { - fail("Cannot initialize library\n"); /*errcode 1 */ + fail("Cannot initialize library\n"); /*errcode 1 */ } start("aes-128-gcm", GNUTLS_CIPHER_AES_128_GCM); diff --git a/tests/alerts.c b/tests/alerts.c index 53ed541e39..13c18ff5dd 100644 --- a/tests/alerts.c +++ b/tests/alerts.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -36,19 +36,19 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include "cert-common.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "cert-common.h" -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -105,8 +105,7 @@ static void client(int fd, const char *prio, int ign) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client (%s): Handshake has failed (%s)\n\n", prio, @@ -119,20 +118,19 @@ static void client(int fd, const char *prio, int ign) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); - ret = - gnutls_alert_send(session, GNUTLS_AL_WARNING, - GNUTLS_A_USER_CANCELED); + ret = gnutls_alert_send(session, GNUTLS_AL_WARNING, + GNUTLS_A_USER_CANCELED); if (ret < 0) { fail("server: Error sending user cancelled alert: %s\n", gnutls_strerror(ret)); exit(1); } - ret = - gnutls_alert_send(session, GNUTLS_AL_FATAL, GNUTLS_A_DECRYPT_ERROR); + ret = gnutls_alert_send(session, GNUTLS_AL_FATAL, + GNUTLS_A_DECRYPT_ERROR); if (ret < 0) { fail("server: Error sending decrypt error alert: %s\n", gnutls_strerror(ret)); @@ -197,8 +195,7 @@ static void server(int fd, const char *prio, int ign) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -211,13 +208,13 @@ static void server(int fd, const char *prio, int ign) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { do { - ret = - gnutls_record_recv(session, buffer, sizeof(buffer)); + ret = gnutls_record_recv(session, buffer, + sizeof(buffer)); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret > 0) fail("error receiving alert: ret: %d\n", ret); @@ -230,8 +227,8 @@ static void server(int fd, const char *prio, int ign) do { do { - ret = - gnutls_record_recv(session, buffer, sizeof(buffer)); + ret = gnutls_record_recv(session, buffer, + sizeof(buffer)); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret > 0) fail("error receiving alert: ret: %d\n", ret); @@ -282,7 +279,8 @@ static void start(const char *prio, int ign) } } -# define AES_GCM "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" +#define AES_GCM \ + "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" static void ch_handler(int sig) { @@ -299,4 +297,4 @@ void doit(void) start(AES_GCM, 0); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/alpn-server-prec.c b/tests/alpn-server-prec.c index b795e583a5..1069530308 100644 --- a/tests/alpn-server-prec.c +++ b/tests/alpn-server-prec.c @@ -22,7 +22,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -37,18 +37,18 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -88,9 +88,10 @@ static void client(int fd, const char *protocol0, const char *protocol1, gnutls_init(&session, GNUTLS_CLIENT); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); if (protocol1) { gnutls_datum_t t[3]; t[0].data = (void *)protocol0; @@ -117,8 +118,7 @@ static void client(int fd, const char *protocol0, const char *protocol1, */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -131,8 +131,8 @@ static void client(int fd, const char *protocol0, const char *protocol1, if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); ret = gnutls_alpn_get_selected_protocol(session, &proto); if (ret < 0) { @@ -141,8 +141,8 @@ static void client(int fd, const char *protocol0, const char *protocol1, } if (debug) { - fprintf(stderr, "selected protocol: %.*s\n", - (int)proto.size, proto.data); + fprintf(stderr, "selected protocol: %.*s\n", (int)proto.size, + proto.data); } gnutls_bye(session, GNUTLS_SHUT_WR); @@ -190,18 +190,18 @@ static void server(int fd, const char *protocol1, const char *protocol2, /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); t[0].data = (void *)protocol1; t[0].size = strlen(protocol1); t[1].data = (void *)protocol2; t[1].size = strlen(protocol2); - ret = - gnutls_alpn_set_protocols(session, t, 2, - GNUTLS_ALPN_SERVER_PRECEDENCE); + ret = gnutls_alpn_set_protocols(session, t, 2, + GNUTLS_ALPN_SERVER_PRECEDENCE); if (ret < 0) { gnutls_perror(ret); exit(1); @@ -213,8 +213,7 @@ static void server(int fd, const char *protocol1, const char *protocol2, do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -227,8 +226,8 @@ static void server(int fd, const char *protocol1, const char *protocol2, if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); ret = gnutls_alpn_get_selected_protocol(session, &selected); if (ret < 0) { @@ -240,9 +239,10 @@ static void server(int fd, const char *protocol1, const char *protocol2, success("Protocol: %.*s\n", (int)selected.size, selected.data); } - if (selected.size != strlen(expected) - || memcmp(selected.data, expected, selected.size) != 0) { - fail("did not select the expected protocol (selected %.*s, expected %s)\n", selected.size, selected.data, expected); + if (selected.size != strlen(expected) || + memcmp(selected.data, expected, selected.size) != 0) { + fail("did not select the expected protocol (selected %.*s, expected %s)\n", + selected.size, selected.data, expected); exit(1); } @@ -311,4 +311,4 @@ void doit(void) start("h2", "http/1.1", "http/1.1", "h3", "http/1.1"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/anonself.c b/tests/anonself.c index f33f563ea2..5a6bdce7ed 100644 --- a/tests/anonself.c +++ b/tests/anonself.c @@ -22,7 +22,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,26 +40,26 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include -# if !defined(_WIN32) -# include -# endif -# include -# include -# include +#include +#include +#include +#include +#if !defined(_WIN32) +#include +#endif +#include +#include +#include -# include "utils.h" +#include "utils.h" static void tls_log_func(int level, const char *str) { fprintf(stderr, "|<%d>| %s", level, str); } -# define MSG "Hello TLS" -# define MAX_BUF 1024 +#define MSG "Hello TLS" +#define MAX_BUF 1024 static void client(int sd, const char *prio) { @@ -108,8 +108,8 @@ static void client(int sd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); ret = gnutls_record_send(session, MSG, sizeof(MSG) - 1); if (ret != sizeof(MSG) - 1) { @@ -128,7 +128,8 @@ static void client(int sd, const char *prio) } if (ret != sizeof(MSG) - 1 || memcmp(buffer, MSG, ret) != 0) { - fail("client: received data of different size! (expected: %d, have: %d)\n", (int)strlen(MSG), ret); + fail("client: received data of different size! (expected: %d, have: %d)\n", + (int)strlen(MSG), ret); goto end; } @@ -142,7 +143,7 @@ static void client(int sd, const char *prio) gnutls_bye(session, GNUTLS_SHUT_RDWR); - end: +end: close(sd); @@ -153,7 +154,7 @@ static void client(int sd, const char *prio) gnutls_global_deinit(); } -# define DH_BITS 1024 +#define DH_BITS 1024 static void server(int sd, const char *prio) { @@ -206,8 +207,8 @@ static void server(int sd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (debug) print_dh_params_info(session); @@ -218,11 +219,11 @@ static void server(int sd, const char *prio) if (ret == 0) { gnutls_packet_deinit(packet); if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { - fail("server: Received corrupted data(%d). Closing...\n", ret); + fail("server: Received corrupted data(%d). Closing...\n", + ret); break; } else if (ret > 0) { gnutls_datum_t pdata; @@ -251,8 +252,7 @@ static void server(int sd, const char *prio) success("server: finished\n"); } -static -void start(const char *name, const char *prio) +static void start(const char *name, const char *prio) { pid_t child; int sockets[2], err; @@ -300,4 +300,4 @@ void doit(void) start("default anon-ecdh", "NORMAL:-KX-ALL:+ANON-ECDH"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/atfork.c b/tests/atfork.c index 235a855bfd..654519dc7c 100644 --- a/tests/atfork.c +++ b/tests/atfork.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -29,7 +29,7 @@ #include #include #if !defined(_WIN32) -# include +#include #endif #include @@ -42,12 +42,12 @@ void doit(void) } #else -# include "../lib/atfork.h" -# include "../lib/atfork.c" +#include "../lib/atfork.h" +#include "../lib/atfork.c" /* utils.h must be loaded after gnutls_int.h, as it redefines some * macros from gnulib */ -# include "utils.h" +#include "utils.h" void doit(void) { diff --git a/tests/auto-verify.c b/tests/auto-verify.c index d2c614db5e..7d04259b78 100644 --- a/tests/auto-verify.c +++ b/tests/auto-verify.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -44,138 +44,135 @@ static void tls_log_func(int level, const char *str) } static unsigned char ca_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwNDA5MDgwMjM0WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuLSye8pe3yWKZ\n" - "Yp7tLQ4ImwLqqh1aN7x9pc5spLDj6krVArzkyyYDcWvtQNDjErEfLUrZZrCc4aIl\n" - "oU1Ghb92kI8ofZnHFbj3z5zdcWqiPppj5Y+hRdc4LszTWb+itrD9Ht/D67EK+m7W\n" - "ev6xxUdyiBYUmb2O3CnPZpUVshMRtEe45EDGI5hUgL2n4Msj41htTq8hATYPXgoq\n" - "gQUyXFpKAX5XDCyOG+FC6jmEys7UCRYv3SCl7TPWJ4cm+lHcFI2/OTOCBvMlKN2J\n" - "mWCdfnudZldqthin+8fR9l4nbuutOfPNt1Dj9InDzWZ1W/o4LrjKa7fsvszj2Z5A\n" - "Fn+xN/4zAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" - "ADAdBgNVHQ4EFgQUwRHwbXyPosKNNkBiZduEwL5ZCwswDQYJKoZIhvcNAQELBQAD\n" - "ggEBAEKr0b7WoJL+L8St/LEITU/i7FwFrCP6DkbaNo0kgzPmwnvNmw88MLI6UKwE\n" - "JecnjFhurRBBZ4FA85ucNyizeBnuXqFcyJ20+XziaXGPKV/ugKyYv9KBoTYkQOCh\n" - "nbOthmDqjvy2UYQj0BU2dOywkjUKWhYHEZLBpZYck0Orynxydwil5Ncsz4t3smJw\n" - "ahzCW8SzBFTiO99qQBCH2RH1PbUYzfAnJxZS2VScpcqlu9pr+Qv7r8E3p9qHxnQM\n" - "gO5laWO6lc13rNsbZRrtlCvacsiDSuDnS8EVXm0ih4fAntpRHacPbXZbOPQqJ/+1\n" - "G7/qJ6cDC/9aW+fU80ogTkAoFg4=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t ca_cert = { ca_cert_pem, - sizeof(ca_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwNDA5MDgwMjM0WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuLSye8pe3yWKZ\n" + "Yp7tLQ4ImwLqqh1aN7x9pc5spLDj6krVArzkyyYDcWvtQNDjErEfLUrZZrCc4aIl\n" + "oU1Ghb92kI8ofZnHFbj3z5zdcWqiPppj5Y+hRdc4LszTWb+itrD9Ht/D67EK+m7W\n" + "ev6xxUdyiBYUmb2O3CnPZpUVshMRtEe45EDGI5hUgL2n4Msj41htTq8hATYPXgoq\n" + "gQUyXFpKAX5XDCyOG+FC6jmEys7UCRYv3SCl7TPWJ4cm+lHcFI2/OTOCBvMlKN2J\n" + "mWCdfnudZldqthin+8fR9l4nbuutOfPNt1Dj9InDzWZ1W/o4LrjKa7fsvszj2Z5A\n" + "Fn+xN/4zAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQUwRHwbXyPosKNNkBiZduEwL5ZCwswDQYJKoZIhvcNAQELBQAD\n" + "ggEBAEKr0b7WoJL+L8St/LEITU/i7FwFrCP6DkbaNo0kgzPmwnvNmw88MLI6UKwE\n" + "JecnjFhurRBBZ4FA85ucNyizeBnuXqFcyJ20+XziaXGPKV/ugKyYv9KBoTYkQOCh\n" + "nbOthmDqjvy2UYQj0BU2dOywkjUKWhYHEZLBpZYck0Orynxydwil5Ncsz4t3smJw\n" + "ahzCW8SzBFTiO99qQBCH2RH1PbUYzfAnJxZS2VScpcqlu9pr+Qv7r8E3p9qHxnQM\n" + "gO5laWO6lc13rNsbZRrtlCvacsiDSuDnS8EVXm0ih4fAntpRHacPbXZbOPQqJ/+1\n" + "G7/qJ6cDC/9aW+fU80ogTkAoFg4=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t ca_cert = { ca_cert_pem, sizeof(ca_cert_pem) }; static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDOjCCAiKgAwIBAgIMU0T+mwoDu5uVLKeeMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTEwIhgPMjAxNDA0MDkwODAyMzVaGA85OTk5MTIzMTIzNTk1OVow\n" - "EzERMA8GA1UEAxMIc2VydmVyLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" - "AoIBAQDXfvgsMWXHNf3iUaEoZSNztZZr6+UdBkoUhbdWJDR+GwR+GHfnYaYHsuqb\n" - "bNEl/QFI+8Jeth0SmG7TNB+b/AlHFoBm8TwBt7H+Mn6AQIdo872Vs262UkHgbZN6\n" - "dEQeRCgiXmlsOVe+MVpf79Xi32MYz1FZ/ueS6tr8sIDhECThIZkq2eulVjAV86N2\n" - "zQ72Ml1k8rPw4SdK5OFhcXNdXr6CsAol8MmiORKDF0iAZxwtFVc00nBGqQC5rwrN\n" - "3A8czH5TsvyvrcW0mwV2XOVvZM5kFM1T/X0jF6RQHiGGFBYK4s6JZxSSOhJMFYYh\n" - "koPEKsuVZdmBJ2yTTdGumHZfG9LDAgMBAAGjgY0wgYowDAYDVR0TAQH/BAIwADAU\n" - "BgNVHREEDTALgglsb2NhbGhvc3QwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0P\n" - "AQH/BAUDAwegADAdBgNVHQ4EFgQURXiN5VD5vgqAprhd/37ldGKv4/4wHwYDVR0j\n" - "BBgwFoAU8MUzmkotjSmVa5r1ejMkMQ6BiZYwDQYJKoZIhvcNAQELBQADggEBABSU\n" - "cmMX0nGeg43itPnLjSTIUuYEamRhfsFDwgRYQn5w+BcFG1p0scBRxLAShUEb9A2A\n" - "oEJV4rQDpCn9bcMrMHhTCR5sOlLh/2o9BROjK0+DjQLDkooQK5xa+1GYEiy6QYCx\n" - "QjdCCnMhHh24oP2/vUggRKhevvD2QQFKcCDT6n13RFYm+HX82gIh6SAtRs0oahY5\n" - "k9CM9TYRPzXy+tQqhZisJzc8BLTW/XA97kAJW6+hUhPir7AYR6BKJhNeIxcN/yMy\n" - "jsHzWDLezip/8q+kzw658V5e40hne7ZaJycGUaUdLVnJcpNtBgGE82TRS/XZSQKF\n" - "fpy8FLGcJynqlIOzdKs=\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIDATCCAemgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwNDA5MDgwMjM0WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZq3sA+mjFadII\n" - "EMDHfj1fYh+UOUSa8c814E9NfCdYZ9Z11BmPpBeR5mXV12j1DKjkTlqTUL7s4lVR\n" - "RKfyAdCpQIfeXHDeTYYUq2uBnbi5YMG5Y+WbCiYacgRU3IypYrSzaeh1mY7GiEFe\n" - "U/NaImHLCf+TdAvTJ3Fo0QPe5QN2Lrv6l//cqOv7enZ91KRWxClDMM6EAr+C/7dk\n" - "rOTXRrCuH/e/KVBXEJ/YeSYPmBIwolGktRrGdsVagdqYArr4dhJ7VThIVRUX1Ijl\n" - "THCLstI/LuD8WkDccU3ZSdm47f2U43p/+rSO0MiNOXiaskeK56G/9DbJEeETUbzm\n" - "/B2712MVAgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" - "ADAdBgNVHQ4EFgQU8MUzmkotjSmVa5r1ejMkMQ6BiZYwHwYDVR0jBBgwFoAUwRHw\n" - "bXyPosKNNkBiZduEwL5ZCwswDQYJKoZIhvcNAQELBQADggEBACKxBPj9u1t52uIF\n" - "eQ2JPb8/u+MBttvSLo0qPKXwpc4q8hNclh66dpqGWiF0iSumsKyKU54r6CIF9Ikm\n" - "t1V1GR9Ll4iTnz3NdIt1w3ns8rSlU5O/dgKysK/1C/5xJWEUYtEO5mnyi4Zaf8FB\n" - "hKmQ1aWF5dTB81PVAQxyCiFEnH7YumK7pJeIpnCOPIqLZLUHfrTUeL8zONF4i5Sb\n" - "7taZ8SQ6b7IaioU+NJ50uT2wy34lsyvCWf76Azezv9bggkdNDo/7ktMgsfRrSyM8\n" - "+MVob5ePGTjKx5yMy/sy2vUkkefwW3RiEss/y2JRb8Hw7nDlA9ttilYKFwGFwRvw\n" - "KRsXqo8=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIIDOjCCAiKgAwIBAgIMU0T+mwoDu5uVLKeeMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTEwIhgPMjAxNDA0MDkwODAyMzVaGA85OTk5MTIzMTIzNTk1OVow\n" + "EzERMA8GA1UEAxMIc2VydmVyLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQDXfvgsMWXHNf3iUaEoZSNztZZr6+UdBkoUhbdWJDR+GwR+GHfnYaYHsuqb\n" + "bNEl/QFI+8Jeth0SmG7TNB+b/AlHFoBm8TwBt7H+Mn6AQIdo872Vs262UkHgbZN6\n" + "dEQeRCgiXmlsOVe+MVpf79Xi32MYz1FZ/ueS6tr8sIDhECThIZkq2eulVjAV86N2\n" + "zQ72Ml1k8rPw4SdK5OFhcXNdXr6CsAol8MmiORKDF0iAZxwtFVc00nBGqQC5rwrN\n" + "3A8czH5TsvyvrcW0mwV2XOVvZM5kFM1T/X0jF6RQHiGGFBYK4s6JZxSSOhJMFYYh\n" + "koPEKsuVZdmBJ2yTTdGumHZfG9LDAgMBAAGjgY0wgYowDAYDVR0TAQH/BAIwADAU\n" + "BgNVHREEDTALgglsb2NhbGhvc3QwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0P\n" + "AQH/BAUDAwegADAdBgNVHQ4EFgQURXiN5VD5vgqAprhd/37ldGKv4/4wHwYDVR0j\n" + "BBgwFoAU8MUzmkotjSmVa5r1ejMkMQ6BiZYwDQYJKoZIhvcNAQELBQADggEBABSU\n" + "cmMX0nGeg43itPnLjSTIUuYEamRhfsFDwgRYQn5w+BcFG1p0scBRxLAShUEb9A2A\n" + "oEJV4rQDpCn9bcMrMHhTCR5sOlLh/2o9BROjK0+DjQLDkooQK5xa+1GYEiy6QYCx\n" + "QjdCCnMhHh24oP2/vUggRKhevvD2QQFKcCDT6n13RFYm+HX82gIh6SAtRs0oahY5\n" + "k9CM9TYRPzXy+tQqhZisJzc8BLTW/XA97kAJW6+hUhPir7AYR6BKJhNeIxcN/yMy\n" + "jsHzWDLezip/8q+kzw658V5e40hne7ZaJycGUaUdLVnJcpNtBgGE82TRS/XZSQKF\n" + "fpy8FLGcJynqlIOzdKs=\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIDATCCAemgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwNDA5MDgwMjM0WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZq3sA+mjFadII\n" + "EMDHfj1fYh+UOUSa8c814E9NfCdYZ9Z11BmPpBeR5mXV12j1DKjkTlqTUL7s4lVR\n" + "RKfyAdCpQIfeXHDeTYYUq2uBnbi5YMG5Y+WbCiYacgRU3IypYrSzaeh1mY7GiEFe\n" + "U/NaImHLCf+TdAvTJ3Fo0QPe5QN2Lrv6l//cqOv7enZ91KRWxClDMM6EAr+C/7dk\n" + "rOTXRrCuH/e/KVBXEJ/YeSYPmBIwolGktRrGdsVagdqYArr4dhJ7VThIVRUX1Ijl\n" + "THCLstI/LuD8WkDccU3ZSdm47f2U43p/+rSO0MiNOXiaskeK56G/9DbJEeETUbzm\n" + "/B2712MVAgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQU8MUzmkotjSmVa5r1ejMkMQ6BiZYwHwYDVR0jBBgwFoAUwRHw\n" + "bXyPosKNNkBiZduEwL5ZCwswDQYJKoZIhvcNAQELBQADggEBACKxBPj9u1t52uIF\n" + "eQ2JPb8/u+MBttvSLo0qPKXwpc4q8hNclh66dpqGWiF0iSumsKyKU54r6CIF9Ikm\n" + "t1V1GR9Ll4iTnz3NdIt1w3ns8rSlU5O/dgKysK/1C/5xJWEUYtEO5mnyi4Zaf8FB\n" + "hKmQ1aWF5dTB81PVAQxyCiFEnH7YumK7pJeIpnCOPIqLZLUHfrTUeL8zONF4i5Sb\n" + "7taZ8SQ6b7IaioU+NJ50uT2wy34lsyvCWf76Azezv9bggkdNDo/7ktMgsfRrSyM8\n" + "+MVob5ePGTjKx5yMy/sy2vUkkefwW3RiEss/y2JRb8Hw7nDlA9ttilYKFwGFwRvw\n" + "KRsXqo8=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIEpAIBAAKCAQEA1374LDFlxzX94lGhKGUjc7WWa+vlHQZKFIW3ViQ0fhsEfhh3\n" - "52GmB7Lqm2zRJf0BSPvCXrYdEphu0zQfm/wJRxaAZvE8Abex/jJ+gECHaPO9lbNu\n" - "tlJB4G2TenREHkQoIl5pbDlXvjFaX+/V4t9jGM9RWf7nkura/LCA4RAk4SGZKtnr\n" - "pVYwFfOjds0O9jJdZPKz8OEnSuThYXFzXV6+grAKJfDJojkSgxdIgGccLRVXNNJw\n" - "RqkAua8KzdwPHMx+U7L8r63FtJsFdlzlb2TOZBTNU/19IxekUB4hhhQWCuLOiWcU\n" - "kjoSTBWGIZKDxCrLlWXZgSdsk03Rrph2XxvSwwIDAQABAoIBAB7trDS7ij4DM8MN\n" - "sDGaAnKS91nZ63I0+uDjKCMG4znOKuDmJh9hVnD4bs+L2KC5JTwSVh09ygJnOlC5\n" - "xGegzrwTMK6VpOUiNjujh6BkooqfoPAhZpxoReguEeKbWUN2yMPWBQ9xU3SKpMvs\n" - "IiiDozdmWeiuuxHM/00REA49QO3Gnx2logeB+fcvXXD1UiZV3x0xxSApiJt1sr2r\n" - "NmqSyGdNUgpmnTP8zbKnDaRe5Wj4tj1TCTLE/HZ0tzdRuwlkIqvcpGg1LMtKm5N8\n" - "xIWjTGMFwGjG+OF8LGqHLH+28pI3iMB6QqO2YLwOp+WZKImKP3+Dp3s8lCw8t8cm\n" - "q5/Qc9ECgYEA2xwxm+pFkrFmZNLCakP/6S5AZqpfSBRUlF/uX2pBKO7o6I6aOV9o\n" - "zq2QWYIZfdyD+9MvAFUQ36sWfTVWpGA34WGtsGtcRRygKKTigpJHvBldaPxiuYuk\n" - "xbS54nWUdix/JzyQAy22xJXlp4XJvtFJjHhA2td0XA7tfng9n8jmvEUCgYEA+8cA\n" - "uFIQFbaZ2y6pnOvlVj8OH0f1hZa9M+3q01fWy1rnDAsLrIzJy8TZnBtpDwy9lAun\n" - "Sa6wzu6qeHmF17xwk5U7BCyK2Qj/9KhRLg1mnDebQ/CiLSAaJVnrYFp9Du96fTkN\n" - "ollvbFiGF92QwPTDf2f1gHZQEPwa+f/ox37ad2cCgYEAwMgXpfUD7cOEMeV2BQV7\n" - "XnDBXRM97i9lE38sPmtAlYFPD36Yly4pCt+PCBH9181zmtf+nK47wG/Jw7RwXQQD\n" - "ZpwItBZiArTi/Z/FY9jMoOU4WKznOBVzjjgq7ONDEo6n+Z/BnepUyraQb0q5bNi7\n" - "e4o6ldHHoU/JCeNFZRbgXHkCgYA6vJU9at+XwS6phHxLQHkTIsivoYD0tlLTX4it\n" - "30sby8wk8hq6GWomYHkHwxlCSo2bkRBozxkuXV1ll6wSxUJaG7FV6vJFaaUUtYOi\n" - "w7uRbCOLuQKMlnWjCxQvOUz9g/7GYd39ZvHoi8pUnPrdGPzWpzEN1AwfukCs2/e5\n" - "Oq3KtwKBgQCkHmDU8h0kOfN28f8ZiyjJemQMNoOGiJqnGexaKvsRd+bt4H+7DsWQ\n" - "OnyKm/oR0wCCSmFM5aQc6GgzPD7orueKVYHChbY7HLTWKRHNs6Rlk+6hXJvOld0i\n" - "Cl7KqL2x2ibGMtt4LtSntdzWqa87N7vCWMSTmvd8uLgflBs33xUIiQ==\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIEpAIBAAKCAQEA1374LDFlxzX94lGhKGUjc7WWa+vlHQZKFIW3ViQ0fhsEfhh3\n" + "52GmB7Lqm2zRJf0BSPvCXrYdEphu0zQfm/wJRxaAZvE8Abex/jJ+gECHaPO9lbNu\n" + "tlJB4G2TenREHkQoIl5pbDlXvjFaX+/V4t9jGM9RWf7nkura/LCA4RAk4SGZKtnr\n" + "pVYwFfOjds0O9jJdZPKz8OEnSuThYXFzXV6+grAKJfDJojkSgxdIgGccLRVXNNJw\n" + "RqkAua8KzdwPHMx+U7L8r63FtJsFdlzlb2TOZBTNU/19IxekUB4hhhQWCuLOiWcU\n" + "kjoSTBWGIZKDxCrLlWXZgSdsk03Rrph2XxvSwwIDAQABAoIBAB7trDS7ij4DM8MN\n" + "sDGaAnKS91nZ63I0+uDjKCMG4znOKuDmJh9hVnD4bs+L2KC5JTwSVh09ygJnOlC5\n" + "xGegzrwTMK6VpOUiNjujh6BkooqfoPAhZpxoReguEeKbWUN2yMPWBQ9xU3SKpMvs\n" + "IiiDozdmWeiuuxHM/00REA49QO3Gnx2logeB+fcvXXD1UiZV3x0xxSApiJt1sr2r\n" + "NmqSyGdNUgpmnTP8zbKnDaRe5Wj4tj1TCTLE/HZ0tzdRuwlkIqvcpGg1LMtKm5N8\n" + "xIWjTGMFwGjG+OF8LGqHLH+28pI3iMB6QqO2YLwOp+WZKImKP3+Dp3s8lCw8t8cm\n" + "q5/Qc9ECgYEA2xwxm+pFkrFmZNLCakP/6S5AZqpfSBRUlF/uX2pBKO7o6I6aOV9o\n" + "zq2QWYIZfdyD+9MvAFUQ36sWfTVWpGA34WGtsGtcRRygKKTigpJHvBldaPxiuYuk\n" + "xbS54nWUdix/JzyQAy22xJXlp4XJvtFJjHhA2td0XA7tfng9n8jmvEUCgYEA+8cA\n" + "uFIQFbaZ2y6pnOvlVj8OH0f1hZa9M+3q01fWy1rnDAsLrIzJy8TZnBtpDwy9lAun\n" + "Sa6wzu6qeHmF17xwk5U7BCyK2Qj/9KhRLg1mnDebQ/CiLSAaJVnrYFp9Du96fTkN\n" + "ollvbFiGF92QwPTDf2f1gHZQEPwa+f/ox37ad2cCgYEAwMgXpfUD7cOEMeV2BQV7\n" + "XnDBXRM97i9lE38sPmtAlYFPD36Yly4pCt+PCBH9181zmtf+nK47wG/Jw7RwXQQD\n" + "ZpwItBZiArTi/Z/FY9jMoOU4WKznOBVzjjgq7ONDEo6n+Z/BnepUyraQb0q5bNi7\n" + "e4o6ldHHoU/JCeNFZRbgXHkCgYA6vJU9at+XwS6phHxLQHkTIsivoYD0tlLTX4it\n" + "30sby8wk8hq6GWomYHkHwxlCSo2bkRBozxkuXV1ll6wSxUJaG7FV6vJFaaUUtYOi\n" + "w7uRbCOLuQKMlnWjCxQvOUz9g/7GYd39ZvHoi8pUnPrdGPzWpzEN1AwfukCs2/e5\n" + "Oq3KtwKBgQCkHmDU8h0kOfN28f8ZiyjJemQMNoOGiJqnGexaKvsRd+bt4H+7DsWQ\n" + "OnyKm/oR0wCCSmFM5aQc6GgzPD7orueKVYHChbY7HLTWKRHNs6Rlk+6hXJvOld0i\n" + "Cl7KqL2x2ibGMtt4LtSntdzWqa87N7vCWMSTmvd8uLgflBs33xUIiQ==\n" + "-----END RSA PRIVATE KEY-----\n"; static unsigned char cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" - "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" - "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" - "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" - "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" - "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" - "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" - "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" - "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" - "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" - "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" + "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" + "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" + "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" + "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" + "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" + "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" + "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" + "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" + "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" + "dc8Siq5JojruiMizAf0pA7in\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t cli_cert = { cert_pem, sizeof(cert_pem) - 1 }; static unsigned char key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" - "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" - "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" - "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" - "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" - "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" - "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" - "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" - "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" - "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" - "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" - "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" - "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" + "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" + "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" + "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" + "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" + "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" + "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" + "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" + "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" + "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" + "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" + "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" + "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" + "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t cli_key = { key_pem, sizeof(key_pem) - 1 }; -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; static void print_verification_res(unsigned int output) { @@ -188,10 +185,8 @@ static void print_verification_res(unsigned int output) success("Verified."); } - ret = - gnutls_certificate_verification_status_print(output, - GNUTLS_CRT_X509, - &pout, 0); + ret = gnutls_certificate_verification_status_print( + output, GNUTLS_CRT_X509, &pout, 0); if (ret < 0) { fprintf(stderr, "error: %s\n", gnutls_strerror(ret)); exit(1); @@ -218,8 +213,7 @@ static const char *get_signature_algo(gnutls_x509_crt_t crt) return gnutls_sign_get_name(ret); } -static int cert_out_callback(gnutls_x509_crt_t cert, - gnutls_x509_crt_t issuer, +static int cert_out_callback(gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, gnutls_x509_crl_t crl, unsigned int verification_output) { @@ -257,8 +251,7 @@ static int cert_out_callback(gnutls_x509_crt_t cert, gnutls_free(issuer_name.data); ret = gnutls_x509_crt_get_dn3(issuer, &issuer_name, 0); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_get_issuer_dn: %s\n", + fprintf(stderr, "gnutls_x509_crt_get_issuer_dn: %s\n", gnutls_strerror(ret)); exit(1); } @@ -274,8 +267,7 @@ static int cert_out_callback(gnutls_x509_crt_t cert, ret = gnutls_x509_crl_get_issuer_dn3(crl, &issuer_name, 0); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crl_get_issuer_dn: %s\n", + fprintf(stderr, "gnutls_x509_crl_get_issuer_dn: %s\n", gnutls_strerror(ret)); exit(1); } @@ -295,8 +287,8 @@ static int cert_out_callback(gnutls_x509_crt_t cert, exit(1); } } - success("\tChecked against CRL[%s] of: %s\n", - serial.data, issuer_name.data); + success("\tChecked against CRL[%s] of: %s\n", serial.data, + issuer_name.data); } success("\tOutput: "); @@ -311,8 +303,7 @@ static int cert_out_callback(gnutls_x509_crt_t cert, return 0; } -static -void test_failure(const char *name, const char *prio) +static void test_failure(const char *name, const char *prio) { int ret; /* Server stuff. */ @@ -335,10 +326,9 @@ void test_failure(const char *name, const char *prio) to_server_len = 0; to_client_len = 0; - ret = - gnutls_x509_crt_list_import2(&crts, &crts_size, &server_cert, - GNUTLS_X509_FMT_PEM, - GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); + ret = gnutls_x509_crt_list_import2( + &crts, &crts_size, &server_cert, GNUTLS_X509_FMT_PEM, + GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); if (ret < 0) { fprintf(stderr, "error: %s\n", gnutls_strerror(ret)); exit(1); @@ -350,8 +340,8 @@ void test_failure(const char *name, const char *prio) exit(1); } - ret = - gnutls_x509_privkey_import(pkey, &server_key, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import(pkey, &server_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fprintf(stderr, "error: %s\n", gnutls_strerror(ret)); exit(1); @@ -379,15 +369,13 @@ void test_failure(const char *name, const char *prio) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); - ret = gnutls_certificate_set_x509_key_mem(clientx509cred, - &cli_cert, &cli_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + clientx509cred, &cli_cert, &cli_key, GNUTLS_X509_FMT_PEM); ret = gnutls_init(&client, GNUTLS_CLIENT); if (ret < 0) @@ -433,8 +421,7 @@ void test_failure(const char *name, const char *prio) gnutls_certificate_free_credentials(clientx509cred); } -static -void test_success1(const char *name, const char *prio) +static void test_success1(const char *name, const char *prio) { int ret; /* Server stuff. */ @@ -457,10 +444,9 @@ void test_success1(const char *name, const char *prio) to_server_len = 0; to_client_len = 0; - ret = - gnutls_x509_crt_list_import2(&crts, &crts_size, &server_cert, - GNUTLS_X509_FMT_PEM, - GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); + ret = gnutls_x509_crt_list_import2( + &crts, &crts_size, &server_cert, GNUTLS_X509_FMT_PEM, + GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); if (ret < 0) { fprintf(stderr, "error: %s\n", gnutls_strerror(ret)); exit(1); @@ -472,8 +458,8 @@ void test_success1(const char *name, const char *prio) exit(1); } - ret = - gnutls_x509_privkey_import(pkey, &server_key, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import(pkey, &server_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fprintf(stderr, "error: %s\n", gnutls_strerror(ret)); exit(1); @@ -501,15 +487,13 @@ void test_success1(const char *name, const char *prio) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); - ret = gnutls_certificate_set_x509_key_mem(clientx509cred, - &cli_cert, &cli_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + clientx509cred, &cli_cert, &cli_key, GNUTLS_X509_FMT_PEM); ret = gnutls_init(&client, GNUTLS_CLIENT); if (ret < 0) @@ -552,8 +536,7 @@ void test_success1(const char *name, const char *prio) gnutls_certificate_free_credentials(clientx509cred); } -static -void test_success2(const char *name, const char *prio) +static void test_success2(const char *name, const char *prio) { int ret; /* Server stuff. */ @@ -575,10 +558,9 @@ void test_success2(const char *name, const char *prio) to_server_len = 0; to_client_len = 0; - ret = - gnutls_x509_crt_list_import2(&crts, &crts_size, &server_cert, - GNUTLS_X509_FMT_PEM, - GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); + ret = gnutls_x509_crt_list_import2( + &crts, &crts_size, &server_cert, GNUTLS_X509_FMT_PEM, + GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); if (ret < 0) { fprintf(stderr, "error: %s\n", gnutls_strerror(ret)); exit(1); @@ -590,8 +572,8 @@ void test_success2(const char *name, const char *prio) exit(1); } - ret = - gnutls_x509_privkey_import(pkey, &server_key, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import(pkey, &server_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fprintf(stderr, "error: %s\n", gnutls_strerror(ret)); exit(1); @@ -619,15 +601,13 @@ void test_success2(const char *name, const char *prio) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); - ret = gnutls_certificate_set_x509_key_mem(clientx509cred, - &cli_cert, &cli_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + clientx509cred, &cli_cert, &cli_key, GNUTLS_X509_FMT_PEM); ret = gnutls_init(&client, GNUTLS_CLIENT); if (ret < 0) @@ -678,5 +658,4 @@ void doit(void) test_success2("tls1.3", "NORMAL:-VERS-ALL:+VERS-TLS1.3"); gnutls_global_deinit(); - } diff --git a/tests/base64-raw.c b/tests/base64-raw.c index ab525b81b1..75149f8ed0 100644 --- a/tests/base64-raw.c +++ b/tests/base64-raw.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,7 +35,7 @@ /* This checks base64 raw encoding without PEM headers */ -static void encode(const char *test_name, const gnutls_datum_t * raw, +static void encode(const char *test_name, const gnutls_datum_t *raw, const char *expected) { int ret; @@ -49,12 +49,14 @@ static void encode(const char *test_name, const gnutls_datum_t * raw, } if (strlen(expected) != out.size) { - fail("%s: gnutls_pem_base64_encode2: output has incorrect size (%d, expected %d)\n", test_name, (int)out.size, (int)strlen(expected)); + fail("%s: gnutls_pem_base64_encode2: output has incorrect size (%d, expected %d)\n", + test_name, (int)out.size, (int)strlen(expected)); exit(1); } if (strncasecmp(expected, (char *)out.data, out.size) != 0) { - fail("%s: gnutls_pem_base64_encode2: output does not match the expected\n", test_name); + fail("%s: gnutls_pem_base64_encode2: output does not match the expected\n", + test_name); exit(1); } @@ -68,12 +70,14 @@ static void encode(const char *test_name, const gnutls_datum_t * raw, } if (strlen(expected) != out.size) { - fail("%s: gnutls_base64_encode2: output has incorrect size (%d, expected %d)\n", test_name, (int)out.size, (int)strlen(expected)); + fail("%s: gnutls_base64_encode2: output has incorrect size (%d, expected %d)\n", + test_name, (int)out.size, (int)strlen(expected)); exit(1); } if (strncasecmp(expected, (char *)out.data, out.size) != 0) { - fail("%s: gnutls_base64_encode2: output does not match the expected\n", test_name); + fail("%s: gnutls_base64_encode2: output does not match the expected\n", + test_name); exit(1); } @@ -82,7 +86,7 @@ static void encode(const char *test_name, const gnutls_datum_t * raw, return; } -static void encode_new(const char *test_name, const gnutls_datum_t * raw, +static void encode_new(const char *test_name, const gnutls_datum_t *raw, const char *expected) { int ret; @@ -96,12 +100,14 @@ static void encode_new(const char *test_name, const gnutls_datum_t * raw, } if (strlen(expected) != out.size) { - fail("%s: gnutls_base64_encode2: output has incorrect size (%d, expected %d)\n", test_name, (int)out.size, (int)strlen(expected)); + fail("%s: gnutls_base64_encode2: output has incorrect size (%d, expected %d)\n", + test_name, (int)out.size, (int)strlen(expected)); exit(1); } if (strncasecmp(expected, (char *)out.data, out.size) != 0) { - fail("%s: gnutls_base64_encode2: output does not match the expected\n", test_name); + fail("%s: gnutls_base64_encode2: output does not match the expected\n", + test_name); exit(1); } @@ -115,12 +121,14 @@ static void encode_new(const char *test_name, const gnutls_datum_t * raw, } if (strlen(expected) != out.size) { - fail("%s: gnutls_base64_encode2: output has incorrect size (%d, expected %d)\n", test_name, (int)out.size, (int)strlen(expected)); + fail("%s: gnutls_base64_encode2: output has incorrect size (%d, expected %d)\n", + test_name, (int)out.size, (int)strlen(expected)); exit(1); } if (strncasecmp(expected, (char *)out.data, out.size) != 0) { - fail("%s: gnutls_base64_encode2: output does not match the expected\n", test_name); + fail("%s: gnutls_base64_encode2: output does not match the expected\n", + test_name); exit(1); } @@ -136,12 +144,14 @@ static void encode_new(const char *test_name, const gnutls_datum_t * raw, } if (raw->size != out.size) { - fail("%s: gnutls_base64_decode2: output has incorrect size (%d, expected %d)\n", test_name, out.size, raw->size); + fail("%s: gnutls_base64_decode2: output has incorrect size (%d, expected %d)\n", + test_name, out.size, raw->size); exit(1); } if (memcmp(raw->data, out.data, out.size) != 0) { - fail("%s: gnutls_base64_decode2: output does not match the expected\n", test_name); + fail("%s: gnutls_base64_decode2: output does not match the expected\n", + test_name); exit(1); } @@ -150,7 +160,7 @@ static void encode_new(const char *test_name, const gnutls_datum_t * raw, return; } -static void decode_new(const char *test_name, const gnutls_datum_t * raw, +static void decode_new(const char *test_name, const gnutls_datum_t *raw, const char *hex, int res) { int ret; @@ -160,7 +170,7 @@ static void decode_new(const char *test_name, const gnutls_datum_t * raw, in.size = strlen(hex); ret = gnutls_base64_decode2(&in, &out); if (ret < 0) { - if (res == ret) /* expected */ + if (res == ret) /* expected */ return; fail("%s: gnutls_base64_decode2: %d/%s\n", test_name, ret, gnutls_strerror(ret)); @@ -168,17 +178,20 @@ static void decode_new(const char *test_name, const gnutls_datum_t * raw, } if (res != 0) { - fail("%s: gnutls_base64_decode2: expected failure, but succeeded!\n", test_name); + fail("%s: gnutls_base64_decode2: expected failure, but succeeded!\n", + test_name); exit(1); } if (raw->size != out.size) { - fail("%s: gnutls_base64_decode2: output has incorrect size (%d, expected %d)\n", test_name, out.size, raw->size); + fail("%s: gnutls_base64_decode2: output has incorrect size (%d, expected %d)\n", + test_name, out.size, raw->size); exit(1); } if (memcmp(raw->data, out.data, out.size) != 0) { - fail("%s: gnutls_base64_decode2: output does not match the expected\n", test_name); + fail("%s: gnutls_base64_decode2: output does not match the expected\n", + test_name); exit(1); } @@ -194,20 +207,14 @@ struct encode_tests_st { }; struct encode_tests_st encode_tests[] = { - { - .name = "rnd1", - .pem = "9ppGioRpeiiD2lLNYC85eA==", - .raw = {(void *) - "\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78", - 16} - }, - { - .name = "rnd2", - .pem = "LJ/7hUZ3TtPIz2dlc5+YvELe+Q==", - .raw = {(void *) - "\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", - 19} - } + { .name = "rnd1", + .pem = "9ppGioRpeiiD2lLNYC85eA==", + .raw = { (void *)"\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78", + 16 } }, + { .name = "rnd2", + .pem = "LJ/7hUZ3TtPIz2dlc5+YvELe+Q==", + .raw = { (void *)"\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", + 19 } } }; struct decode_tests_st { @@ -218,51 +225,36 @@ struct decode_tests_st { }; struct decode_tests_st decode_tests[] = { - { - .name = "empty", - .pem = "", - .raw = {(void *)"", 0}, - .res = 0}, - { - .name = "dec-rnd1", - .pem = "9ppGioRpeiiD2lLNYC85eA==", - .raw = {(void *) - "\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78", - 16}, - .res = 0}, - { - .name = "dec-rnd2", - .pem = "LJ/7hUZ3TtPIz2dlc5+YvELe+Q==", - .raw = {(void *) - "\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", - 19}, - .res = 0}, - { - .name = "dec-extra-chars", - .pem = "\n\n LJ/7hUZ3TtPIz2dlc5+YvELe+Q== \n", - .raw = {(void *) - "\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", - 19}, - .res = 0}, - { - .name = "dec-spaces", - .pem = " ", - .raw = {(void *)"", 0}, - .res = GNUTLS_E_BASE64_DECODING_ERROR}, - { - .name = "dec-invalid-data", - .pem = "XLJ/7hUZ3TtPIz2dlc5+YvELe+Q==", - .raw = {(void *) - "\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", - 19}, - .res = GNUTLS_E_BASE64_DECODING_ERROR}, - { - .name = "dec-invalid-suffix", - .pem = "LJ/7hUZ3TtPIz2dlc5+YvELe+Q==XXX", - .raw = {(void *) - "\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", - 19}, - .res = GNUTLS_E_BASE64_DECODING_ERROR} + { .name = "empty", .pem = "", .raw = { (void *)"", 0 }, .res = 0 }, + { .name = "dec-rnd1", + .pem = "9ppGioRpeiiD2lLNYC85eA==", + .raw = { (void *)"\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78", + 16 }, + .res = 0 }, + { .name = "dec-rnd2", + .pem = "LJ/7hUZ3TtPIz2dlc5+YvELe+Q==", + .raw = { (void *)"\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", + 19 }, + .res = 0 }, + { .name = "dec-extra-chars", + .pem = "\n\n LJ/7hUZ3TtPIz2dlc5+YvELe+Q== \n", + .raw = { (void *)"\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", + 19 }, + .res = 0 }, + { .name = "dec-spaces", + .pem = " ", + .raw = { (void *)"", 0 }, + .res = GNUTLS_E_BASE64_DECODING_ERROR }, + { .name = "dec-invalid-data", + .pem = "XLJ/7hUZ3TtPIz2dlc5+YvELe+Q==", + .raw = { (void *)"\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", + 19 }, + .res = GNUTLS_E_BASE64_DECODING_ERROR }, + { .name = "dec-invalid-suffix", + .pem = "LJ/7hUZ3TtPIz2dlc5+YvELe+Q==XXX", + .raw = { (void *)"\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", + 19 }, + .res = GNUTLS_E_BASE64_DECODING_ERROR } }; void doit(void) diff --git a/tests/base64.c b/tests/base64.c index 1d6ccbd732..9ff7cf24ab 100644 --- a/tests/base64.c +++ b/tests/base64.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,7 +33,7 @@ #include "utils.h" -static void encode(const char *test_name, const gnutls_datum_t * raw, +static void encode(const char *test_name, const gnutls_datum_t *raw, const char *expected) { int ret; @@ -47,12 +47,14 @@ static void encode(const char *test_name, const gnutls_datum_t * raw, } if (strlen(expected) != out.size) { - fail("%s: gnutls_pem_base64_encode2: output has incorrect size (%d, expected %d)\n", test_name, (int)out.size, (int)strlen(expected)); + fail("%s: gnutls_pem_base64_encode2: output has incorrect size (%d, expected %d)\n", + test_name, (int)out.size, (int)strlen(expected)); exit(1); } if (strncasecmp(expected, (char *)out.data, out.size) != 0) { - fail("%s: gnutls_pem_base64_encode2: output does not match the expected\n", test_name); + fail("%s: gnutls_pem_base64_encode2: output does not match the expected\n", + test_name); exit(1); } @@ -68,12 +70,14 @@ static void encode(const char *test_name, const gnutls_datum_t * raw, } if (raw->size != out.size) { - fail("%s: gnutls_pem_base64_decode2: output has incorrect size (%d, expected %d)\n", test_name, out.size, raw->size); + fail("%s: gnutls_pem_base64_decode2: output has incorrect size (%d, expected %d)\n", + test_name, out.size, raw->size); exit(1); } if (memcmp(raw->data, out.data, out.size) != 0) { - fail("%s: gnutls_pem_base64_decode2: output does not match the expected\n", test_name); + fail("%s: gnutls_pem_base64_decode2: output does not match the expected\n", + test_name); exit(1); } @@ -82,7 +86,7 @@ static void encode(const char *test_name, const gnutls_datum_t * raw, return; } -static void decode(const char *test_name, const gnutls_datum_t * raw, +static void decode(const char *test_name, const gnutls_datum_t *raw, const char *hex, unsigned hex_size, int res) { int ret; @@ -96,7 +100,7 @@ static void decode(const char *test_name, const gnutls_datum_t * raw, ret = gnutls_pem_base64_decode2(test_name, &in, &out); if (ret < 0) { - if (res == ret) /* expected */ + if (res == ret) /* expected */ return; fail("%s: gnutls_pem_base64_decode2: %d/%s\n", test_name, ret, gnutls_strerror(ret)); @@ -104,17 +108,20 @@ static void decode(const char *test_name, const gnutls_datum_t * raw, } if (res != 0) { - fail("%s: gnutls_pem_base64_decode2: expected failure, but succeeded!\n", test_name); + fail("%s: gnutls_pem_base64_decode2: expected failure, but succeeded!\n", + test_name); exit(1); } if (raw->size != out.size) { - fail("%s: gnutls_pem_base64_decode2: output has incorrect size (%d, expected %d)\n", test_name, out.size, raw->size); + fail("%s: gnutls_pem_base64_decode2: output has incorrect size (%d, expected %d)\n", + test_name, out.size, raw->size); exit(1); } if (memcmp(raw->data, out.data, out.size) != 0) { - fail("%s: gnutls_pem_base64_decode2: output does not match the expected\n", test_name); + fail("%s: gnutls_pem_base64_decode2: output does not match the expected\n", + test_name); exit(1); } @@ -125,7 +132,7 @@ static void decode(const char *test_name, const gnutls_datum_t * raw, in.size = strlen(hex); ret = gnutls_pem_base64_decode2(NULL, &in, &out); if (ret < 0) { - if (res == ret) /* expected */ + if (res == ret) /* expected */ return; fail("%s: gnutls_pem_base64_decode2: %d/%s\n", test_name, ret, gnutls_strerror(ret)); @@ -133,17 +140,20 @@ static void decode(const char *test_name, const gnutls_datum_t * raw, } if (res != 0) { - fail("%s: gnutls_pem_base64_decode2: expected failure, but succeeded!\n", test_name); + fail("%s: gnutls_pem_base64_decode2: expected failure, but succeeded!\n", + test_name); exit(1); } if (raw->size != out.size) { - fail("%s: gnutls_pem_base64_decode2: output has incorrect size (%d, expected %d)\n", test_name, out.size, raw->size); + fail("%s: gnutls_pem_base64_decode2: output has incorrect size (%d, expected %d)\n", + test_name, out.size, raw->size); exit(1); } if (memcmp(raw->data, out.data, out.size) != 0) { - fail("%s: gnutls_pem_base64_decode2: output does not match the expected\n", test_name); + fail("%s: gnutls_pem_base64_decode2: output does not match the expected\n", + test_name); exit(1); } @@ -159,22 +169,18 @@ struct encode_tests_st { }; struct encode_tests_st encode_tests[] = { - { - .name = "rnd1", - .pem = "-----BEGIN rnd1-----\n" - "9ppGioRpeiiD2lLNYC85eA==\n" "-----END rnd1-----\n", - .raw = {(void *) - "\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78", - 16} - }, - { - .name = "rnd2", - .pem = "-----BEGIN rnd2-----\n" - "LJ/7hUZ3TtPIz2dlc5+YvELe+Q==\n" "-----END rnd2-----\n", - .raw = {(void *) - "\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", - 19} - } + { .name = "rnd1", + .pem = "-----BEGIN rnd1-----\n" + "9ppGioRpeiiD2lLNYC85eA==\n" + "-----END rnd1-----\n", + .raw = { (void *)"\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78", + 16 } }, + { .name = "rnd2", + .pem = "-----BEGIN rnd2-----\n" + "LJ/7hUZ3TtPIz2dlc5+YvELe+Q==\n" + "-----END rnd2-----\n", + .raw = { (void *)"\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", + 19 } } }; struct decode_tests_st { @@ -186,60 +192,53 @@ struct decode_tests_st { }; struct decode_tests_st decode_tests[] = { - { - .name = "dec-rnd1", - .pem = "-----BEGIN dec-rnd1-----\n" - "9ppGioRpeiiD2lLNYC85eA==\n" "-----END rnd1-----\n", - .raw = {(void *) - "\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78", - 16}, - .res = 0}, - { - .name = "dec-rnd2", - .pem = "-----BEGIN dec-rnd2-----\n" - "LJ/7hUZ3TtPIz2dlc5+YvELe+Q==\n" "-----END rnd2-----\n", - .raw = {(void *) - "\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", - 19}, - .res = 0}, - { - .name = "dec-extra-chars", - .pem = "-----BEGIN dec-extra-chars----- \n\n" - "\n\n LJ/7hUZ3TtPIz2dlc5+YvELe+Q== \n" " -----END rnd2----- \n ", - .raw = {(void *) - "\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", - 19}, - .res = 0}, - { - .name = "dec-invalid-header", - .pem = "-----BEGIN dec-xxx-----\n" - "LJ/7hUZ3TtPIz2dlc5+YvELe+Q==\n" "-----END rnd2-----\n", - .raw = {(void *) - "\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", - 19}, - .res = GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR}, - { - .name = "dec-invalid-data", - .pem = "-----BEGIN dec-invalid-data-----\n" - "XLJ/7hUZ3TtPIz2dlc5+YvELe+Q==\n" "-----END rnd2-----\n", - .raw = {(void *) - "\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", - 19}, - .res = GNUTLS_E_BASE64_DECODING_ERROR}, - { - .name = "leak1", - .pem = "-----BEGIN leak1-----E-\x00\x00-----END ", - .pem_size = 34, - .raw = {(void *)"", 0}, - .res = GNUTLS_E_BASE64_DECODING_ERROR}, - { - .name = "dec-invalid-suffix", - .pem = "-----BEGIN dec-invalid-suffix-----\n" - "LJ/7hUZ3TtPIz2dlc5+YvELe+Q==XXX\n" "-----END rnd2-----\n", - .raw = {(void *) - "\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", - 19}, - .res = GNUTLS_E_BASE64_DECODING_ERROR} + { .name = "dec-rnd1", + .pem = "-----BEGIN dec-rnd1-----\n" + "9ppGioRpeiiD2lLNYC85eA==\n" + "-----END rnd1-----\n", + .raw = { (void *)"\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78", + 16 }, + .res = 0 }, + { .name = "dec-rnd2", + .pem = "-----BEGIN dec-rnd2-----\n" + "LJ/7hUZ3TtPIz2dlc5+YvELe+Q==\n" + "-----END rnd2-----\n", + .raw = { (void *)"\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", + 19 }, + .res = 0 }, + { .name = "dec-extra-chars", + .pem = "-----BEGIN dec-extra-chars----- \n\n" + "\n\n LJ/7hUZ3TtPIz2dlc5+YvELe+Q== \n" + " -----END rnd2----- \n ", + .raw = { (void *)"\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", + 19 }, + .res = 0 }, + { .name = "dec-invalid-header", + .pem = "-----BEGIN dec-xxx-----\n" + "LJ/7hUZ3TtPIz2dlc5+YvELe+Q==\n" + "-----END rnd2-----\n", + .raw = { (void *)"\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", + 19 }, + .res = GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR }, + { .name = "dec-invalid-data", + .pem = "-----BEGIN dec-invalid-data-----\n" + "XLJ/7hUZ3TtPIz2dlc5+YvELe+Q==\n" + "-----END rnd2-----\n", + .raw = { (void *)"\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", + 19 }, + .res = GNUTLS_E_BASE64_DECODING_ERROR }, + { .name = "leak1", + .pem = "-----BEGIN leak1-----E-\x00\x00-----END ", + .pem_size = 34, + .raw = { (void *)"", 0 }, + .res = GNUTLS_E_BASE64_DECODING_ERROR }, + { .name = "dec-invalid-suffix", + .pem = "-----BEGIN dec-invalid-suffix-----\n" + "LJ/7hUZ3TtPIz2dlc5+YvELe+Q==XXX\n" + "-----END rnd2-----\n", + .raw = { (void *)"\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", + 19 }, + .res = GNUTLS_E_BASE64_DECODING_ERROR } }; void doit(void) diff --git a/tests/buffer.c b/tests/buffer.c index e41e65e037..59a6829c17 100644 --- a/tests/buffer.c +++ b/tests/buffer.c @@ -18,7 +18,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -34,12 +34,30 @@ void doit(void) const char *input; const char *output; } test_data[] = { - {"%20%20", " ",}, - {"%20", " ",}, - {"%2z", "%2z",}, - {"%2", "%2",}, - {"%", "%",}, - {"", "",}, + { + "%20%20", + " ", + }, + { + "%20", + " ", + }, + { + "%2z", + "%2z", + }, + { + "%2", + "%2", + }, + { + "%", + "%", + }, + { + "", + "", + }, }; for (unsigned it = 0; it < countof(test_data); it++) { @@ -49,9 +67,8 @@ void doit(void) _gnutls_buffer_init(&str); - ret = - _gnutls_buffer_append_data(&str, t->input, - strlen(t->input)); + ret = _gnutls_buffer_append_data(&str, t->input, + strlen(t->input)); if (ret < 0) fail("_gnutls_buffer_append_str: %s\n", gnutls_strerror(ret)); diff --git a/tests/cert-common.h b/tests/cert-common.h index 619216e433..33b3ee3b68 100644 --- a/tests/cert-common.h +++ b/tests/cert-common.h @@ -20,9 +20,9 @@ */ #ifndef GNUTLS_TESTS_CERT_COMMON_H -# define GNUTLS_TESTS_CERT_COMMON_H +#define GNUTLS_TESTS_CERT_COMMON_H -# include +#include /* This file contains a lot of common parameters used by legacy and new * tests. The recommended to use for new tests are: @@ -52,1217 +52,1226 @@ */ static char ecc_key[] = - "-----BEGIN EC PRIVATE KEY-----\n" - "MHgCAQEEIQD9KwCA8zZfETJl440wMztH9c74E+VMws/96AVqyslBsaAKBggqhkjO\n" - "PQMBB6FEA0IABDwVbx1IPmRZEyxtBBo4DTBc5D9Vy9kXFUZycZLB+MYzPQQuyMEP\n" - "wFAEe5/JSLVA+m+TgllhXnJXy4MGvcyClME=\n" "-----END EC PRIVATE KEY-----\n"; + "-----BEGIN EC PRIVATE KEY-----\n" + "MHgCAQEEIQD9KwCA8zZfETJl440wMztH9c74E+VMws/96AVqyslBsaAKBggqhkjO\n" + "PQMBB6FEA0IABDwVbx1IPmRZEyxtBBo4DTBc5D9Vy9kXFUZycZLB+MYzPQQuyMEP\n" + "wFAEe5/JSLVA+m+TgllhXnJXy4MGvcyClME=\n" + "-----END EC PRIVATE KEY-----\n"; static char ecc_cert[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIC4DCCAoagAwIBAgIBBzAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0G\n" - "A1UEChMGR251VExTMSUwIwYDVQQLExxHbnVUTFMgY2VydGlmaWNhdGUgYXV0aG9y\n" - "aXR5MQ8wDQYDVQQIEwZMZXV2ZW4xJTAjBgNVBAMTHEdudVRMUyBjZXJ0aWZpY2F0\n" - "ZSBhdXRob3JpdHkwIhgPMjAxMjA5MDEwOTIyMzZaGA8yMDE5MTAwNTA5MjIzNlow\n" - "gbgxCzAJBgNVBAYTAkdSMRIwEAYDVQQKEwlLb2tvIGluYy4xFzAVBgNVBAsTDnNs\n" - "ZWVwaW5nIGRlcHQuMQ8wDQYDVQQIEwZBdHRpa2kxFTATBgNVBAMTDENpbmR5IExh\n" - "dXBlcjEXMBUGCgmSJomT8ixkAQETB2NsYXVwZXIxDDAKBgNVBAwTA0RyLjEPMA0G\n" - "A1UEQRMGamFja2FsMRwwGgYJKoZIhvcNAQkBFg1ub25lQG5vbmUub3JnMFkwEwYH\n" - "KoZIzj0CAQYIKoZIzj0DAQcDQgAEPBVvHUg+ZFkTLG0EGjgNMFzkP1XL2RcVRnJx\n" - "ksH4xjM9BC7IwQ/AUAR7n8lItUD6b5OCWWFeclfLgwa9zIKUwaOBtjCBszAMBgNV\n" - "HRMBAf8EAjAAMD0GA1UdEQQ2MDSCDHd3dy5ub25lLm9yZ4ITd3d3Lm1vcmV0aGFu\n" - "b25lLm9yZ4IJbG9jYWxob3N0hwTAqAEBMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8G\n" - "A1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFKz6R2fGG0F5Elf3rAXBUOKO0A5bMB8G\n" - "A1UdIwQYMBaAFPC0gf6YEr+1KLlkQAPLzB9mTigDMAoGCCqGSM49BAMCA0gAMEUC\n" - "ICgq4CTInkRQ1DaFoI8wmu2KP8445NWRXKouag2WJSFzAiEAx4KxaoZJNVfBBSc4\n" - "bA9XTz/2OnpgAZutUohNNb/tmRE=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_ecc_cert = - { (unsigned char *)ecc_cert, sizeof(ecc_cert) - 1 }; - -const gnutls_datum_t server_ecc_key = - { (unsigned char *)ecc_key, sizeof(ecc_key) - 1 }; + "-----BEGIN CERTIFICATE-----\n" + "MIIC4DCCAoagAwIBAgIBBzAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0G\n" + "A1UEChMGR251VExTMSUwIwYDVQQLExxHbnVUTFMgY2VydGlmaWNhdGUgYXV0aG9y\n" + "aXR5MQ8wDQYDVQQIEwZMZXV2ZW4xJTAjBgNVBAMTHEdudVRMUyBjZXJ0aWZpY2F0\n" + "ZSBhdXRob3JpdHkwIhgPMjAxMjA5MDEwOTIyMzZaGA8yMDE5MTAwNTA5MjIzNlow\n" + "gbgxCzAJBgNVBAYTAkdSMRIwEAYDVQQKEwlLb2tvIGluYy4xFzAVBgNVBAsTDnNs\n" + "ZWVwaW5nIGRlcHQuMQ8wDQYDVQQIEwZBdHRpa2kxFTATBgNVBAMTDENpbmR5IExh\n" + "dXBlcjEXMBUGCgmSJomT8ixkAQETB2NsYXVwZXIxDDAKBgNVBAwTA0RyLjEPMA0G\n" + "A1UEQRMGamFja2FsMRwwGgYJKoZIhvcNAQkBFg1ub25lQG5vbmUub3JnMFkwEwYH\n" + "KoZIzj0CAQYIKoZIzj0DAQcDQgAEPBVvHUg+ZFkTLG0EGjgNMFzkP1XL2RcVRnJx\n" + "ksH4xjM9BC7IwQ/AUAR7n8lItUD6b5OCWWFeclfLgwa9zIKUwaOBtjCBszAMBgNV\n" + "HRMBAf8EAjAAMD0GA1UdEQQ2MDSCDHd3dy5ub25lLm9yZ4ITd3d3Lm1vcmV0aGFu\n" + "b25lLm9yZ4IJbG9jYWxob3N0hwTAqAEBMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8G\n" + "A1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFKz6R2fGG0F5Elf3rAXBUOKO0A5bMB8G\n" + "A1UdIwQYMBaAFPC0gf6YEr+1KLlkQAPLzB9mTigDMAoGCCqGSM49BAMCA0gAMEUC\n" + "ICgq4CTInkRQ1DaFoI8wmu2KP8445NWRXKouag2WJSFzAiEAx4KxaoZJNVfBBSc4\n" + "bA9XTz/2OnpgAZutUohNNb/tmRE=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_ecc_cert = { (unsigned char *)ecc_cert, + sizeof(ecc_cert) - 1 }; + +const gnutls_datum_t server_ecc_key = { (unsigned char *)ecc_key, + sizeof(ecc_key) - 1 }; /* A cert-key pair */ static char pem1_cert[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" - "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" - "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" - "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" - "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" - "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" - "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" - "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" - "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" - "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" - "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" + "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" + "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" + "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" + "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" + "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" + "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" + "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" + "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" + "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" + "dc8Siq5JojruiMizAf0pA7in\n" + "-----END CERTIFICATE-----\n"; static char pem1_key[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" - "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" - "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" - "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" - "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" - "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" - "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" - "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" - "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" - "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" - "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" - "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" - "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t cert_dat = - { (unsigned char *)pem1_cert, sizeof(pem1_cert) - 1 }; - -const gnutls_datum_t key_dat = - { (unsigned char *)pem1_key, sizeof(pem1_key) - 1 }; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" + "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" + "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" + "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" + "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" + "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" + "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" + "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" + "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" + "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" + "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" + "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" + "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t cert_dat = { (unsigned char *)pem1_cert, + sizeof(pem1_cert) - 1 }; + +const gnutls_datum_t key_dat = { (unsigned char *)pem1_key, + sizeof(pem1_key) - 1 }; /* A server cert/key pair with CA */ static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDIzCCAgugAwIBAgIMUz8PCR2sdRK56V6OMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTEwIhgPMjAxNDA0MDQxOTU5MDVaGA85OTk5MTIzMTIzNTk1OVow\n" - "EzERMA8GA1UEAxMIc2VydmVyLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" - "AoIBAQDZ3dCzh9gOTOiOb2dtrPu91fYYgC/ey0ACYjQxaru7FZwnuXPhQK9KHsIV\n" - "YRIyo49wjKZddkHet2sbpFAAeETZh8UUWLRb/mupyaSJMycaYCNjLZCUJTztvXxJ\n" - "CCNfbtgvKC+Vu1mu94KBPatslgvnsamH7AiL5wmwRRqdH/Z93XaEvuRG6Zk0Sh9q\n" - "ZMdCboGfjtmGEJ1V+z5CR+IyH4sckzd8WJW6wBSEwgliGaXnc75xKtFWBZV2njNr\n" - "8V1TOYOdLEbiF4wduVExL5TKq2ywNkRpUfK2I1BcWS5D9Te/QT7aSdE08rL6ztmZ\n" - "IhILSrMOfoLnJ4lzXspz3XLlEuhnAgMBAAGjdzB1MAwGA1UdEwEB/wQCMAAwFAYD\n" - "VR0RBA0wC4IJbG9jYWxob3N0MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFJXR\n" - "raRS5MVhEqaRE42A3S2BIj7UMB8GA1UdIwQYMBaAFP6S7AyMRO2RfkANgo8YsCl8\n" - "JfJkMA0GCSqGSIb3DQEBCwUAA4IBAQCQ62+skMVZYrGbpab8RI9IG6xH8kEndvFj\n" - "J7wBBZCOlcjOj+HQ7a2buF5zGKRwAOSznKcmvZ7l5DPdsd0t5/VT9LKSbQ6+CfGr\n" - "Xs5qPaDJnRhZkOILCvXJ9qyO+79WNMsg9pWnxkTK7aWR5OYE+1Qw1jG681HMkWTm\n" - "nt7et9bdiNNpvA+L55569XKbdtJLs3hn5gEQFgS7EaEj59aC4vzSTFcidowCoa43\n" - "7JmfSfC9YaAIFH2vriyU0QNf2y7cG5Hpkge+U7uMzQrsT77Q3SDB9WkyPAFNSB4Q\n" - "B/r+OtZXOnQhLlMV7h4XGlWruFEaOBVjFHSdMGUh+DtaLvd1bVXI\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIDATCCAemgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwNDA0MTk1OTA1WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvhyQfsUm3T0xK\n" - "jiBXO3H6Y27b7lmCRYZQCmXCl2sUsGDL7V9biavTt3+sorWtH542/cTGDh5n8591\n" - "7rVxAB/VASmN55O3fjZyFGrjusjhXBla0Yxe5rZ/7/Pjrq84T7gc/IXiX9Sums/c\n" - "o9AeoykfhsjV2ubhh4h+8uPsHDTcAFTxq3mQaoldwnW2nmjDFzaKLtQdnyFf41o6\n" - "nsJCK/J9PtpdCID5Zb+eQfu5Yhk1iUHe8a9TOstCHtgBq61YzufDHUQk3zsT+VZM\n" - "20lDvSBnHdWLjxoea587JbkvtH8xRR8ThwABSb98qPnhJ8+A7mpO89QO1wxZM85A\n" - "xEweQlMHAgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" - "ADAdBgNVHQ4EFgQU/pLsDIxE7ZF+QA2CjxiwKXwl8mQwHwYDVR0jBBgwFoAUGD0R\n" - "Yr2H7kfjQUcBMxSTCDQnhu0wDQYJKoZIhvcNAQELBQADggEBANEXLUV+Z1PGTn7M\n" - "3rPT/m/EamcrZJ3vFWrnfN91ws5llyRUKNhx6222HECh3xRSxH9YJONsbv2zY6sd\n" - "ztY7lvckL4xOgWAjoCVTx3hqbZjDxpLRsvraw1PlqBHlRQVWLKlEQ55+tId2zgMX\n" - "Z+wxM7FlU/6yWVPODIxrqYQd2KqaEp4aLIklw6Hi4HD6DnQJikjsJ6Noe0qyX1Tx\n" - "uZ8mgP/G47Fe2d2H29kJ1iJ6hp1XOqyWrVIh/jONcnTvWS8aMqS3MU0EJH2Pb1Qa\n" - "KGIvbd/3H9LykFTP/b7Imdv2fZxXIK8jC+jbF1w6rdBCVNA0p30X/jonoC3vynEK\n" - "5cK0cgs=\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIDIzCCAgugAwIBAgIMUz8PCR2sdRK56V6OMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTEwIhgPMjAxNDA0MDQxOTU5MDVaGA85OTk5MTIzMTIzNTk1OVow\n" + "EzERMA8GA1UEAxMIc2VydmVyLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQDZ3dCzh9gOTOiOb2dtrPu91fYYgC/ey0ACYjQxaru7FZwnuXPhQK9KHsIV\n" + "YRIyo49wjKZddkHet2sbpFAAeETZh8UUWLRb/mupyaSJMycaYCNjLZCUJTztvXxJ\n" + "CCNfbtgvKC+Vu1mu94KBPatslgvnsamH7AiL5wmwRRqdH/Z93XaEvuRG6Zk0Sh9q\n" + "ZMdCboGfjtmGEJ1V+z5CR+IyH4sckzd8WJW6wBSEwgliGaXnc75xKtFWBZV2njNr\n" + "8V1TOYOdLEbiF4wduVExL5TKq2ywNkRpUfK2I1BcWS5D9Te/QT7aSdE08rL6ztmZ\n" + "IhILSrMOfoLnJ4lzXspz3XLlEuhnAgMBAAGjdzB1MAwGA1UdEwEB/wQCMAAwFAYD\n" + "VR0RBA0wC4IJbG9jYWxob3N0MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFJXR\n" + "raRS5MVhEqaRE42A3S2BIj7UMB8GA1UdIwQYMBaAFP6S7AyMRO2RfkANgo8YsCl8\n" + "JfJkMA0GCSqGSIb3DQEBCwUAA4IBAQCQ62+skMVZYrGbpab8RI9IG6xH8kEndvFj\n" + "J7wBBZCOlcjOj+HQ7a2buF5zGKRwAOSznKcmvZ7l5DPdsd0t5/VT9LKSbQ6+CfGr\n" + "Xs5qPaDJnRhZkOILCvXJ9qyO+79WNMsg9pWnxkTK7aWR5OYE+1Qw1jG681HMkWTm\n" + "nt7et9bdiNNpvA+L55569XKbdtJLs3hn5gEQFgS7EaEj59aC4vzSTFcidowCoa43\n" + "7JmfSfC9YaAIFH2vriyU0QNf2y7cG5Hpkge+U7uMzQrsT77Q3SDB9WkyPAFNSB4Q\n" + "B/r+OtZXOnQhLlMV7h4XGlWruFEaOBVjFHSdMGUh+DtaLvd1bVXI\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIDATCCAemgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwNDA0MTk1OTA1WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvhyQfsUm3T0xK\n" + "jiBXO3H6Y27b7lmCRYZQCmXCl2sUsGDL7V9biavTt3+sorWtH542/cTGDh5n8591\n" + "7rVxAB/VASmN55O3fjZyFGrjusjhXBla0Yxe5rZ/7/Pjrq84T7gc/IXiX9Sums/c\n" + "o9AeoykfhsjV2ubhh4h+8uPsHDTcAFTxq3mQaoldwnW2nmjDFzaKLtQdnyFf41o6\n" + "nsJCK/J9PtpdCID5Zb+eQfu5Yhk1iUHe8a9TOstCHtgBq61YzufDHUQk3zsT+VZM\n" + "20lDvSBnHdWLjxoea587JbkvtH8xRR8ThwABSb98qPnhJ8+A7mpO89QO1wxZM85A\n" + "xEweQlMHAgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQU/pLsDIxE7ZF+QA2CjxiwKXwl8mQwHwYDVR0jBBgwFoAUGD0R\n" + "Yr2H7kfjQUcBMxSTCDQnhu0wDQYJKoZIhvcNAQELBQADggEBANEXLUV+Z1PGTn7M\n" + "3rPT/m/EamcrZJ3vFWrnfN91ws5llyRUKNhx6222HECh3xRSxH9YJONsbv2zY6sd\n" + "ztY7lvckL4xOgWAjoCVTx3hqbZjDxpLRsvraw1PlqBHlRQVWLKlEQ55+tId2zgMX\n" + "Z+wxM7FlU/6yWVPODIxrqYQd2KqaEp4aLIklw6Hi4HD6DnQJikjsJ6Noe0qyX1Tx\n" + "uZ8mgP/G47Fe2d2H29kJ1iJ6hp1XOqyWrVIh/jONcnTvWS8aMqS3MU0EJH2Pb1Qa\n" + "KGIvbd/3H9LykFTP/b7Imdv2fZxXIK8jC+jbF1w6rdBCVNA0p30X/jonoC3vynEK\n" + "5cK0cgs=\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) - 1 -}; + sizeof(server_cert_pem) - 1 }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIEpQIBAAKCAQEA2d3Qs4fYDkzojm9nbaz7vdX2GIAv3stAAmI0MWq7uxWcJ7lz\n" - "4UCvSh7CFWESMqOPcIymXXZB3rdrG6RQAHhE2YfFFFi0W/5rqcmkiTMnGmAjYy2Q\n" - "lCU87b18SQgjX27YLygvlbtZrveCgT2rbJYL57Gph+wIi+cJsEUanR/2fd12hL7k\n" - "RumZNEofamTHQm6Bn47ZhhCdVfs+QkfiMh+LHJM3fFiVusAUhMIJYhml53O+cSrR\n" - "VgWVdp4za/FdUzmDnSxG4heMHblRMS+UyqtssDZEaVHytiNQXFkuQ/U3v0E+2knR\n" - "NPKy+s7ZmSISC0qzDn6C5yeJc17Kc91y5RLoZwIDAQABAoIBAQCRXAu5HPOsZufq\n" - "0K2DYZz9BdqSckR+M8HbVUZZiksDAeIUJwoHyi6qF2eK+B86JiK4Bz+gsBw2ys3t\n" - "vW2bQqM9N/boIl8D2fZfbCgZWkXGtUonC+mgzk+el4Rq/cEMFVqr6/YDwuKNeJpc\n" - "PJc5dcsvpTvlcjgpj9bJAvJEz2SYiIUpvtG4WNMGGapVZZPDvWn4/isY+75T5oDf\n" - "1X5jG0lN9uoUjcuGuThN7gxjwlRkcvEOPHjXc6rxfrWIDdiz/91V46PwpqVDpRrg\n" - "ig6U7+ckS0Oy2v32x0DaDhwAfDJ2RNc9az6Z+11lmY3LPkjG/p8Klcmgvt4/lwkD\n" - "OYRC5QGRAoGBAPFdud6nmVt9h1DL0o4R6snm6P3K81Ds765VWVmpzJkK3+bwe4PQ\n" - "GQQ0I0zN4hXkDMwHETS+EVWllqkK/d4dsE3volYtyTti8zthIATlgSEJ81x/ChAQ\n" - "vvXxgx+zPUnb1mUwy+X+6urTHe4bxN2ypg6ROIUmT+Hx1ITG40LRRiPTAoGBAOcT\n" - "WR8DTrj42xbxAUpz9vxJ15ZMwuIpk3ShE6+CWqvaXHF22Ju4WFwRNlW2zVLH6UMt\n" - "nNfOzyDoryoiu0+0mg0wSmgdJbtCSHoI2GeiAnjGn5i8flQlPQ8bdwwmU6g6I/EU\n" - "QRbGK/2XLmlrGN52gVy9UX0NsAA5fEOsAJiFj1CdAoGBAN9i3nbq6O2bNVSa/8mL\n" - "XaD1vGe/oQgh8gaIaYSpuXlfbjCAG+C4BZ81XgJkfj3CbfGbDNqimsqI0fKsAJ/F\n" - "HHpVMgrOn3L+Np2bW5YMj0Fzwy+1SCvsQ8C+gJwjOLMV6syGp/+6udMSB55rRv3k\n" - "rPnIf+YDumUke4tTw9wAcgkPAoGASHMkiji7QfuklbjSsslRMyDj21gN8mMevH6U\n" - "cX7pduBsA5dDqu9NpPAwnQdHsSDE3i868d8BykuqQAfLut3hPylY6vPYlLHfj4Oe\n" - "dj+xjrSX7YeMBE34qvfth32s1R4FjtzO25keyc/Q2XSew4FcZftlxVO5Txi3AXC4\n" - "bxnRKXECgYEAva+og7/rK+ZjboJVNxhFrwHp9bXhz4tzrUaWNvJD2vKJ5ZcThHcX\n" - "zCig8W7eXHLPLDhi9aWZ3kUZ1RLhrFc/6dujtVtU9z2w1tmn1I+4Zi6D6L4DzKdg\n" - "nMRLFoXufs/qoaJTqa8sQvKa+ceJAF04+gGtw617cuaZdZ3SYRLR2dk=\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIEpQIBAAKCAQEA2d3Qs4fYDkzojm9nbaz7vdX2GIAv3stAAmI0MWq7uxWcJ7lz\n" + "4UCvSh7CFWESMqOPcIymXXZB3rdrG6RQAHhE2YfFFFi0W/5rqcmkiTMnGmAjYy2Q\n" + "lCU87b18SQgjX27YLygvlbtZrveCgT2rbJYL57Gph+wIi+cJsEUanR/2fd12hL7k\n" + "RumZNEofamTHQm6Bn47ZhhCdVfs+QkfiMh+LHJM3fFiVusAUhMIJYhml53O+cSrR\n" + "VgWVdp4za/FdUzmDnSxG4heMHblRMS+UyqtssDZEaVHytiNQXFkuQ/U3v0E+2knR\n" + "NPKy+s7ZmSISC0qzDn6C5yeJc17Kc91y5RLoZwIDAQABAoIBAQCRXAu5HPOsZufq\n" + "0K2DYZz9BdqSckR+M8HbVUZZiksDAeIUJwoHyi6qF2eK+B86JiK4Bz+gsBw2ys3t\n" + "vW2bQqM9N/boIl8D2fZfbCgZWkXGtUonC+mgzk+el4Rq/cEMFVqr6/YDwuKNeJpc\n" + "PJc5dcsvpTvlcjgpj9bJAvJEz2SYiIUpvtG4WNMGGapVZZPDvWn4/isY+75T5oDf\n" + "1X5jG0lN9uoUjcuGuThN7gxjwlRkcvEOPHjXc6rxfrWIDdiz/91V46PwpqVDpRrg\n" + "ig6U7+ckS0Oy2v32x0DaDhwAfDJ2RNc9az6Z+11lmY3LPkjG/p8Klcmgvt4/lwkD\n" + "OYRC5QGRAoGBAPFdud6nmVt9h1DL0o4R6snm6P3K81Ds765VWVmpzJkK3+bwe4PQ\n" + "GQQ0I0zN4hXkDMwHETS+EVWllqkK/d4dsE3volYtyTti8zthIATlgSEJ81x/ChAQ\n" + "vvXxgx+zPUnb1mUwy+X+6urTHe4bxN2ypg6ROIUmT+Hx1ITG40LRRiPTAoGBAOcT\n" + "WR8DTrj42xbxAUpz9vxJ15ZMwuIpk3ShE6+CWqvaXHF22Ju4WFwRNlW2zVLH6UMt\n" + "nNfOzyDoryoiu0+0mg0wSmgdJbtCSHoI2GeiAnjGn5i8flQlPQ8bdwwmU6g6I/EU\n" + "QRbGK/2XLmlrGN52gVy9UX0NsAA5fEOsAJiFj1CdAoGBAN9i3nbq6O2bNVSa/8mL\n" + "XaD1vGe/oQgh8gaIaYSpuXlfbjCAG+C4BZ81XgJkfj3CbfGbDNqimsqI0fKsAJ/F\n" + "HHpVMgrOn3L+Np2bW5YMj0Fzwy+1SCvsQ8C+gJwjOLMV6syGp/+6udMSB55rRv3k\n" + "rPnIf+YDumUke4tTw9wAcgkPAoGASHMkiji7QfuklbjSsslRMyDj21gN8mMevH6U\n" + "cX7pduBsA5dDqu9NpPAwnQdHsSDE3i868d8BykuqQAfLut3hPylY6vPYlLHfj4Oe\n" + "dj+xjrSX7YeMBE34qvfth32s1R4FjtzO25keyc/Q2XSew4FcZftlxVO5Txi3AXC4\n" + "bxnRKXECgYEAva+og7/rK+ZjboJVNxhFrwHp9bXhz4tzrUaWNvJD2vKJ5ZcThHcX\n" + "zCig8W7eXHLPLDhi9aWZ3kUZ1RLhrFc/6dujtVtU9z2w1tmn1I+4Zi6D6L4DzKdg\n" + "nMRLFoXufs/qoaJTqa8sQvKa+ceJAF04+gGtw617cuaZdZ3SYRLR2dk=\n" + "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) - 1 -}; + sizeof(server_key_pem) - 1 }; static unsigned char ca_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwNDA0MTk1OTA1WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD46JAPKrTsNTHl\n" - "zD06eIYBF/8Z+TR0wukp9Cdh8Sw77dODLjy/QrVKiDgDZZdyUc8Agsdr86i95O0p\n" - "w19Np3a0wja0VC9uwppZrpuHsrWukwxIBXoViyBc20Y6Ce8j0scCbR10SP565qXC\n" - "i8vr86S4xmQMRZMtwohP/GWQzt45jqkHPYHjdKzwo2b2XI7joDq0dvbr3MSONkGs\n" - "z7A/1Bl3iH5keDTWjqpJRWqXE79IhGOhELy+gG4VLJDGHWCr2mq24b9Kirp+TTxl\n" - "lUwJRbchqUqerlFdt1NgDoGaJyd73Sh0qcZzmEiOI2hGvBtG86tdQ6veC9dl05et\n" - "pM+6RMABAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" - "ADAdBgNVHQ4EFgQUGD0RYr2H7kfjQUcBMxSTCDQnhu0wDQYJKoZIhvcNAQELBQAD\n" - "ggEBALnHMubZ6WJ/XOFyDuo0imwg2onrPas3MuKT4+y0aHY943BgAOEc3jKitRjc\n" - "qhb0IUD+NS7itRwNtCgI3v5Ym5nnQoVk+aOD/D724TjJ9XaPQJzOnuGaZX99VN2F\n" - "sgwAtDXedlDQ+I6KLzLd6VW+UyWTG4qiRjOGDnG2kM1wAEOM27TzHV/YWleGjhtA\n" - "bRHxkioOni5goNlTzazxF4v9VD2uinWrIFyZmF6vQuMm6rKFgq6higAU8uesFo7+\n" - "3qpeRjNrPC4fNJUBvv+PC0WnP0PLnD/rY/ZcTYjLb/vJp1fiMJ5fU7jJklBhX2TE\n" - "tstcP7FUV5HA/s9BxgAh0Z2wyyY=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t ca_cert = { ca_cert_pem, - sizeof(ca_cert_pem) - 1 -}; + "-----BEGIN CERTIFICATE-----\n" + "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwNDA0MTk1OTA1WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD46JAPKrTsNTHl\n" + "zD06eIYBF/8Z+TR0wukp9Cdh8Sw77dODLjy/QrVKiDgDZZdyUc8Agsdr86i95O0p\n" + "w19Np3a0wja0VC9uwppZrpuHsrWukwxIBXoViyBc20Y6Ce8j0scCbR10SP565qXC\n" + "i8vr86S4xmQMRZMtwohP/GWQzt45jqkHPYHjdKzwo2b2XI7joDq0dvbr3MSONkGs\n" + "z7A/1Bl3iH5keDTWjqpJRWqXE79IhGOhELy+gG4VLJDGHWCr2mq24b9Kirp+TTxl\n" + "lUwJRbchqUqerlFdt1NgDoGaJyd73Sh0qcZzmEiOI2hGvBtG86tdQ6veC9dl05et\n" + "pM+6RMABAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQUGD0RYr2H7kfjQUcBMxSTCDQnhu0wDQYJKoZIhvcNAQELBQAD\n" + "ggEBALnHMubZ6WJ/XOFyDuo0imwg2onrPas3MuKT4+y0aHY943BgAOEc3jKitRjc\n" + "qhb0IUD+NS7itRwNtCgI3v5Ym5nnQoVk+aOD/D724TjJ9XaPQJzOnuGaZX99VN2F\n" + "sgwAtDXedlDQ+I6KLzLd6VW+UyWTG4qiRjOGDnG2kM1wAEOM27TzHV/YWleGjhtA\n" + "bRHxkioOni5goNlTzazxF4v9VD2uinWrIFyZmF6vQuMm6rKFgq6higAU8uesFo7+\n" + "3qpeRjNrPC4fNJUBvv+PC0WnP0PLnD/rY/ZcTYjLb/vJp1fiMJ5fU7jJklBhX2TE\n" + "tstcP7FUV5HA/s9BxgAh0Z2wyyY=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t ca_cert = { ca_cert_pem, sizeof(ca_cert_pem) - 1 }; /* A server cert/key pair with CA */ static unsigned char server2_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEITCCAomgAwIBAgIMVmajOA3Gh2967f62MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTAwIBcNMTUxMjA4MDkzMDMyWhgPOTk5OTEyMzEyMzU5NTlaMBMx\n" - "ETAPBgNVBAMTCHNlcnZlci0xMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC\n" - "AYEApk9rgAWlVEGy9t5Nn9RsvupM3JATJe2ONeGgMjAT++rgjsENwjqNNmEFLZjx\n" - "8VfRjnHoVEIWvMJqeaAeBwP7GiKiDiLkHEK4ZwjJZ7aqy0KIRktDLWvJrZdoJryt\n" - "yMikKVhPHQ9qwh6JRA3qx1FiEcW7ahU2U4/r/fydiUC0wec2UhBd4AJyXzYvFO7o\n" - "SKPkQfzlGBNT55z/Wp9zfOO1w2x/++I+1AoKFFJ1dRI3hyrL/DfOUMoeVkJ6knyZ\n" - "N3TQo+ZjbSkLZlpnAoxGSN8uNcX9q91AuM2zQOg1xPD0ZJvLP3j9BOtYQ7rvkX0U\n" - "3efJXXO+Gq4oCKiPU4ZY6u43BquipzEaeZiSWPS6Xj2Ipn+KO0v77NBxhNP3lpfQ\n" - "YDwZbw1AjnViE+WUS8r2DyM47daTGafqUCXM08kSTCrSWSte96P0jHFnyjtPGrwC\n" - "0KQw1ug4nJxFi9FHZyU+IhczvFthocPuKOAq44//zsKKuPKsJIhA4QXfdVVvm4m+\n" - "RoTZAgMBAAGjdzB1MAwGA1UdEwEB/wQCMAAwFAYDVR0RBA0wC4IJbG9jYWxob3N0\n" - "MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFCWcdf+x5Ge4ec8WGfoWYcNlaEQF\n" - "MB8GA1UdIwQYMBaAFEt2/L3oAu29JvNzjKv/Xavvp0ufMA0GCSqGSIb3DQEBCwUA\n" - "A4IBgQC/vXr2ecuGhAHJaBxWqay3IxyBgoQUxOMkXcXLMILxXGtIKheVZOJnilvU\n" - "K9/fBy7N3ygUemvblNBfDJG+fA5jTmUQC8UEgeStp0iena3iAJxsGikCIAJKGzBk\n" - "LHiPls2z9uLQXO+ZRlK1E+XfB0/3Mu4dPAPM50TLL8jYLfYzZZchgfhCX51dmic/\n" - "EW4LL+K6LzIHoLV32YEFL9ea4y46Ub0dAX+WEwZYKu5Fu/hk+n34lBYBW1uWzPhK\n" - "JjXVbQQUE4nirzjWr6ch5rDXz1JhhNuuex29EqA3reWtQWnHySU43/uoFxN1jD0r\n" - "bMjyE5li2WU796vKyB0hYBKcOauWJPDdrKFvVs45GH6r84hjAacMq4RKm4P9esuQ\n" - "0GXVaUCLGHP1ss+glFB/k5DJO1nb6hZPOCKsdaO/VbXl5kmcxgvzAoedDTiUJiC5\n" - "URF3vuETfLwew2gE38NrTEPT54S5rYLsp/F6+5nIIhqG0BtaOwIx1VbBlrMnbsx+\n" - "pFLp6h0=\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIID8zCCAlugAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCAXDTE1MTIwODA5MzAzMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0wMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA0Q82wj5Dk/me634j\n" - "DnFBbAJ5FGNNeXnBgprRo2tQv8oJYMN/osSVd/03XiWBQnXk7v2aSkfXMqgEAzfv\n" - "0fzWZYyhKSwTvDG48LfnIuF7UrnvnC3xdAOjcQ+E3zUdYYonSn3gRBwIjOK4wFbG\n" - "Q4oelFnPOjWGeasLh++yBNfCa506jgFd9Y1rU5o0r/EIYSQi2aj71E+x3EdkS0Tx\n" - "iKpIGHseuP2ARmmZPLy4YglFBvPiDRi0jdgdWd6UbNk7XJ+xnKa9gVtk3TX7vy5E\n" - "7R1686F66bIe9T1N2Wyf3huJkgwUB2UPpG9rNiOvRLGFxkONeATwiJyzJG9DmtGw\n" - "GbKsyMDU9Rq9Z694tBCnlWlPrQKsZEsnivPIn/2VaANArT1QtsS+EdaXzuIWmIM0\n" - "cdQXf1U1VhzACFpHnFZ6XsOe40qwzj+6RQprHcWnIGP992qiQ6zPF8QPkycTrbhi\n" - "TG7hX59sTTBJva5DNjZnx4H/hOiQub04CMD501JiLQ1ALXGfAgMBAAGjWDBWMA8G\n" - "A1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUD\n" - "AwcGADAdBgNVHQ4EFgQUS3b8vegC7b0m83OMq/9dq++nS58wDQYJKoZIhvcNAQEL\n" - "BQADggGBALJv0DUD3Ujb0a9zcgKQIjljFMoA0v5A6+ZoLeHmRTU5udNV9G2AsdSx\n" - "PEH/D7v/GyoR0jApgA0TiAqRuvlc3NsdHBx9tFvgrAFyC7bbJRrf9lP9QlTqkmb7\n" - "a85OYmdiDhtQSyKdtSZpAfP7jVGJqQz5UWbV3CjYfubU+HLIZXEb6m8YCKBFb7l9\n" - "GNrcKK+gFyrQr6KmojzMkJd5PxVBUsYleaf/0QxC7nRbTH/qomJvooI2nLBLA7U3\n" - "VGLL3Og6rpjIWu2dwkvepcnesdrnPq4hJQ+uSfDkthP/qCs/3Nj9bvL73DIAYUc2\n" - "6FUmOK40BRhBhcAIYj+9JDtHncykj0RBjH6eq+goDTSd4gTXmfbzb8p1jjLal8xZ\n" - "PcNzShMpUqkmWe3Otzd98zkOzqiHeO03tBgfA5u+4gInSdQp5eUpE3Uivp9IcNaC\n" - "TMSfIA6roY+p7j1ISlmzXUZuEz9dkJumV0TMmOv6nd+ZufwaDOIuDPad5bG2JFji\n" - "KvV1dLfOfg==\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIEITCCAomgAwIBAgIMVmajOA3Gh2967f62MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTAwIBcNMTUxMjA4MDkzMDMyWhgPOTk5OTEyMzEyMzU5NTlaMBMx\n" + "ETAPBgNVBAMTCHNlcnZlci0xMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC\n" + "AYEApk9rgAWlVEGy9t5Nn9RsvupM3JATJe2ONeGgMjAT++rgjsENwjqNNmEFLZjx\n" + "8VfRjnHoVEIWvMJqeaAeBwP7GiKiDiLkHEK4ZwjJZ7aqy0KIRktDLWvJrZdoJryt\n" + "yMikKVhPHQ9qwh6JRA3qx1FiEcW7ahU2U4/r/fydiUC0wec2UhBd4AJyXzYvFO7o\n" + "SKPkQfzlGBNT55z/Wp9zfOO1w2x/++I+1AoKFFJ1dRI3hyrL/DfOUMoeVkJ6knyZ\n" + "N3TQo+ZjbSkLZlpnAoxGSN8uNcX9q91AuM2zQOg1xPD0ZJvLP3j9BOtYQ7rvkX0U\n" + "3efJXXO+Gq4oCKiPU4ZY6u43BquipzEaeZiSWPS6Xj2Ipn+KO0v77NBxhNP3lpfQ\n" + "YDwZbw1AjnViE+WUS8r2DyM47daTGafqUCXM08kSTCrSWSte96P0jHFnyjtPGrwC\n" + "0KQw1ug4nJxFi9FHZyU+IhczvFthocPuKOAq44//zsKKuPKsJIhA4QXfdVVvm4m+\n" + "RoTZAgMBAAGjdzB1MAwGA1UdEwEB/wQCMAAwFAYDVR0RBA0wC4IJbG9jYWxob3N0\n" + "MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFCWcdf+x5Ge4ec8WGfoWYcNlaEQF\n" + "MB8GA1UdIwQYMBaAFEt2/L3oAu29JvNzjKv/Xavvp0ufMA0GCSqGSIb3DQEBCwUA\n" + "A4IBgQC/vXr2ecuGhAHJaBxWqay3IxyBgoQUxOMkXcXLMILxXGtIKheVZOJnilvU\n" + "K9/fBy7N3ygUemvblNBfDJG+fA5jTmUQC8UEgeStp0iena3iAJxsGikCIAJKGzBk\n" + "LHiPls2z9uLQXO+ZRlK1E+XfB0/3Mu4dPAPM50TLL8jYLfYzZZchgfhCX51dmic/\n" + "EW4LL+K6LzIHoLV32YEFL9ea4y46Ub0dAX+WEwZYKu5Fu/hk+n34lBYBW1uWzPhK\n" + "JjXVbQQUE4nirzjWr6ch5rDXz1JhhNuuex29EqA3reWtQWnHySU43/uoFxN1jD0r\n" + "bMjyE5li2WU796vKyB0hYBKcOauWJPDdrKFvVs45GH6r84hjAacMq4RKm4P9esuQ\n" + "0GXVaUCLGHP1ss+glFB/k5DJO1nb6hZPOCKsdaO/VbXl5kmcxgvzAoedDTiUJiC5\n" + "URF3vuETfLwew2gE38NrTEPT54S5rYLsp/F6+5nIIhqG0BtaOwIx1VbBlrMnbsx+\n" + "pFLp6h0=\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIID8zCCAlugAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCAXDTE1MTIwODA5MzAzMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0wMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA0Q82wj5Dk/me634j\n" + "DnFBbAJ5FGNNeXnBgprRo2tQv8oJYMN/osSVd/03XiWBQnXk7v2aSkfXMqgEAzfv\n" + "0fzWZYyhKSwTvDG48LfnIuF7UrnvnC3xdAOjcQ+E3zUdYYonSn3gRBwIjOK4wFbG\n" + "Q4oelFnPOjWGeasLh++yBNfCa506jgFd9Y1rU5o0r/EIYSQi2aj71E+x3EdkS0Tx\n" + "iKpIGHseuP2ARmmZPLy4YglFBvPiDRi0jdgdWd6UbNk7XJ+xnKa9gVtk3TX7vy5E\n" + "7R1686F66bIe9T1N2Wyf3huJkgwUB2UPpG9rNiOvRLGFxkONeATwiJyzJG9DmtGw\n" + "GbKsyMDU9Rq9Z694tBCnlWlPrQKsZEsnivPIn/2VaANArT1QtsS+EdaXzuIWmIM0\n" + "cdQXf1U1VhzACFpHnFZ6XsOe40qwzj+6RQprHcWnIGP992qiQ6zPF8QPkycTrbhi\n" + "TG7hX59sTTBJva5DNjZnx4H/hOiQub04CMD501JiLQ1ALXGfAgMBAAGjWDBWMA8G\n" + "A1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUD\n" + "AwcGADAdBgNVHQ4EFgQUS3b8vegC7b0m83OMq/9dq++nS58wDQYJKoZIhvcNAQEL\n" + "BQADggGBALJv0DUD3Ujb0a9zcgKQIjljFMoA0v5A6+ZoLeHmRTU5udNV9G2AsdSx\n" + "PEH/D7v/GyoR0jApgA0TiAqRuvlc3NsdHBx9tFvgrAFyC7bbJRrf9lP9QlTqkmb7\n" + "a85OYmdiDhtQSyKdtSZpAfP7jVGJqQz5UWbV3CjYfubU+HLIZXEb6m8YCKBFb7l9\n" + "GNrcKK+gFyrQr6KmojzMkJd5PxVBUsYleaf/0QxC7nRbTH/qomJvooI2nLBLA7U3\n" + "VGLL3Og6rpjIWu2dwkvepcnesdrnPq4hJQ+uSfDkthP/qCs/3Nj9bvL73DIAYUc2\n" + "6FUmOK40BRhBhcAIYj+9JDtHncykj0RBjH6eq+goDTSd4gTXmfbzb8p1jjLal8xZ\n" + "PcNzShMpUqkmWe3Otzd98zkOzqiHeO03tBgfA5u+4gInSdQp5eUpE3Uivp9IcNaC\n" + "TMSfIA6roY+p7j1ISlmzXUZuEz9dkJumV0TMmOv6nd+ZufwaDOIuDPad5bG2JFji\n" + "KvV1dLfOfg==\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t server2_cert = { server2_cert_pem, - sizeof(server2_cert_pem) - 1 -}; + sizeof(server2_cert_pem) - 1 }; static unsigned char server2_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIG4wIBAAKCAYEApk9rgAWlVEGy9t5Nn9RsvupM3JATJe2ONeGgMjAT++rgjsEN\n" - "wjqNNmEFLZjx8VfRjnHoVEIWvMJqeaAeBwP7GiKiDiLkHEK4ZwjJZ7aqy0KIRktD\n" - "LWvJrZdoJrytyMikKVhPHQ9qwh6JRA3qx1FiEcW7ahU2U4/r/fydiUC0wec2UhBd\n" - "4AJyXzYvFO7oSKPkQfzlGBNT55z/Wp9zfOO1w2x/++I+1AoKFFJ1dRI3hyrL/DfO\n" - "UMoeVkJ6knyZN3TQo+ZjbSkLZlpnAoxGSN8uNcX9q91AuM2zQOg1xPD0ZJvLP3j9\n" - "BOtYQ7rvkX0U3efJXXO+Gq4oCKiPU4ZY6u43BquipzEaeZiSWPS6Xj2Ipn+KO0v7\n" - "7NBxhNP3lpfQYDwZbw1AjnViE+WUS8r2DyM47daTGafqUCXM08kSTCrSWSte96P0\n" - "jHFnyjtPGrwC0KQw1ug4nJxFi9FHZyU+IhczvFthocPuKOAq44//zsKKuPKsJIhA\n" - "4QXfdVVvm4m+RoTZAgMBAAECggGAS5YpC6SFQcgiaKUcrpnDWvnuOQiaS1Cuo7qK\n" - "LoU/b+2OZhNEB5TI/YAW9GRhAgmhypXmu/TVlLDf56toOlQK2hQHh1lAR7/jQ6Dw\n" - "uNyCv6LbgOdP/uLQZL89rO1wJqNaSRhDzLdnFBcA2BdjL3fDlMRDq7E8Ybo1zdf0\n" - "WZ85CC/ntmCN6fPyu2dK+r6if/FNGtiv3sNaDRiDzlJOEOMFh25WtMpdN83gSuA3\n" - "ViATcLF4yIcsk/do1leckdtjX5sNRIl6b53V0LoXd62BOs9KmrvpZt4MOx8XjPnw\n" - "8P+gvqTA6U7zYGPdIbE6Ri+YJ/NKCND2U02XPdHF2N1TSDafZ7McjHZf53Dr+U2M\n" - "nqLz6wY3SzLR9Puhn9FJHgyBcEaobEDFqWJC3cqNxn1u90bk9XxRflAO99vKb341\n" - "qZXpN+/s9t0z6uL5G6q6s8ta9W0WKuiYelZam91+c6j8BXh1nntfFo7H6UvI8gSl\n" - "axaTwxD3+tEgmpNj9f5+tP75rE1JAoHBAN1vJvnTISX7UEQfgytOszdl90viaSj4\n" - "3gqD0M80OVaYk9ocffIIL/Dv66Wi5Ur9LgEOAfOlA/T67sCKEJ3D227czT0kj17f\n" - "GCWLLlJgNeJ/zbs4eB11ysKPFgW92/NABtyOJBaRHlf2GuGwRGv64kBBdcteg5zQ\n" - "ylNGpgjgf8SGtwIhoOScE9cdpdLO0AeRU/s/bQEnEpAlF08GjuCPjdHPuTVn9/EW\n" - "zlc73WoKUyT6wJsvXMDoiiqDhFvT/C4kvwKBwQDARW4v2SAvxHPPARBCHxre90FL\n" - "B+V+B3MUCP/pySkmVvdmUzm4ftPpIJ5E16ONzH3LYUpSoOIcBgR0ouWawjp3azyf\n" - "U+1k8NT1VCWl745uCMIKT7x3sTqFznkp8UAsE7x2mvD+yze35qSIjaSwDP0IXYQT\n" - "OmsVoY0WkP1OyyqiUObzced/9rWl5ysFa7R9MyXPNS98dViBYx0ORnadBjh7KuuZ\n" - "f9lW2aemW1MGMh2+3dokjpQGo958N9QDaafNRGcCgcAYXvxuMJOMZ52M8d7w7EeD\n" - "SGCwZGnojYN6qslXlMrewgo7zjj6Y3ZLUUyhPU15NGZUzWLfmwDVfKy8WjW792t2\n" - "Ryz7lsOE0I8Kyse9X0Nu+1v8SBnIPEelpDPrS9siaaCXs7k7Fpu9WKPaxRiyvbkb\n" - "E1lQmcVog/5QrgzmGzdUvPL1dBgOMTNp0KSIkCSLQK56j5+Cqfc8ECkBlJozEvmr\n" - "5u3ed+PtD/KD3V3gJuTBxCtgqRTPUoiqZzExHiK6PWcCgcEAguWBy29tWzfKg+48\n" - "bFeSyqLYP8WDdpaJwOUTnMzHiAOC8JXOYQ1vJXKAbWvFPD8wkOqOV8yRwvRRyjow\n" - "SHjcpvpJzkqr/qF6yf5clyiM9dpeh/ia3X250uirUmOdBaT2FGUNltkw+LE76H9N\n" - "1FEzXqOTzCdkSdivHeLdoOvt/Y1IfgpYyaRjLCxB/LHDsczFe9jAmGGnPIcGe/Z6\n" - "wBJBF5Ezzk/c3iTV3wqjbj9mQs/0uBidLBwZ1sWHQD+I7tUXAoHAHXjrwCI5AJTS\n" - "OyK0/85F5x5cbbeWZvU9bgni6IN51j9r12J13qt1bBQE+jQkOKRkvyRtEeQW3Zod\n" - "+zcBcCqU9HSQa7BH7beT6ChEz+lx/OZ+b34MOxwE6BJdQCu1048fD9/xHq8xoQQf\n" - "E+1aSEFaNRfxIOdqNUvyKy+WgWKoMDU96Uw6LU4z9lzOLwKb4LTZhE+qp2lMJ2Ws\n" - "9lH//6DGC2Z42m0Do2uqdxjBclumwqvzdozgsAwKSNkDUMAqPKI5\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIG4wIBAAKCAYEApk9rgAWlVEGy9t5Nn9RsvupM3JATJe2ONeGgMjAT++rgjsEN\n" + "wjqNNmEFLZjx8VfRjnHoVEIWvMJqeaAeBwP7GiKiDiLkHEK4ZwjJZ7aqy0KIRktD\n" + "LWvJrZdoJrytyMikKVhPHQ9qwh6JRA3qx1FiEcW7ahU2U4/r/fydiUC0wec2UhBd\n" + "4AJyXzYvFO7oSKPkQfzlGBNT55z/Wp9zfOO1w2x/++I+1AoKFFJ1dRI3hyrL/DfO\n" + "UMoeVkJ6knyZN3TQo+ZjbSkLZlpnAoxGSN8uNcX9q91AuM2zQOg1xPD0ZJvLP3j9\n" + "BOtYQ7rvkX0U3efJXXO+Gq4oCKiPU4ZY6u43BquipzEaeZiSWPS6Xj2Ipn+KO0v7\n" + "7NBxhNP3lpfQYDwZbw1AjnViE+WUS8r2DyM47daTGafqUCXM08kSTCrSWSte96P0\n" + "jHFnyjtPGrwC0KQw1ug4nJxFi9FHZyU+IhczvFthocPuKOAq44//zsKKuPKsJIhA\n" + "4QXfdVVvm4m+RoTZAgMBAAECggGAS5YpC6SFQcgiaKUcrpnDWvnuOQiaS1Cuo7qK\n" + "LoU/b+2OZhNEB5TI/YAW9GRhAgmhypXmu/TVlLDf56toOlQK2hQHh1lAR7/jQ6Dw\n" + "uNyCv6LbgOdP/uLQZL89rO1wJqNaSRhDzLdnFBcA2BdjL3fDlMRDq7E8Ybo1zdf0\n" + "WZ85CC/ntmCN6fPyu2dK+r6if/FNGtiv3sNaDRiDzlJOEOMFh25WtMpdN83gSuA3\n" + "ViATcLF4yIcsk/do1leckdtjX5sNRIl6b53V0LoXd62BOs9KmrvpZt4MOx8XjPnw\n" + "8P+gvqTA6U7zYGPdIbE6Ri+YJ/NKCND2U02XPdHF2N1TSDafZ7McjHZf53Dr+U2M\n" + "nqLz6wY3SzLR9Puhn9FJHgyBcEaobEDFqWJC3cqNxn1u90bk9XxRflAO99vKb341\n" + "qZXpN+/s9t0z6uL5G6q6s8ta9W0WKuiYelZam91+c6j8BXh1nntfFo7H6UvI8gSl\n" + "axaTwxD3+tEgmpNj9f5+tP75rE1JAoHBAN1vJvnTISX7UEQfgytOszdl90viaSj4\n" + "3gqD0M80OVaYk9ocffIIL/Dv66Wi5Ur9LgEOAfOlA/T67sCKEJ3D227czT0kj17f\n" + "GCWLLlJgNeJ/zbs4eB11ysKPFgW92/NABtyOJBaRHlf2GuGwRGv64kBBdcteg5zQ\n" + "ylNGpgjgf8SGtwIhoOScE9cdpdLO0AeRU/s/bQEnEpAlF08GjuCPjdHPuTVn9/EW\n" + "zlc73WoKUyT6wJsvXMDoiiqDhFvT/C4kvwKBwQDARW4v2SAvxHPPARBCHxre90FL\n" + "B+V+B3MUCP/pySkmVvdmUzm4ftPpIJ5E16ONzH3LYUpSoOIcBgR0ouWawjp3azyf\n" + "U+1k8NT1VCWl745uCMIKT7x3sTqFznkp8UAsE7x2mvD+yze35qSIjaSwDP0IXYQT\n" + "OmsVoY0WkP1OyyqiUObzced/9rWl5ysFa7R9MyXPNS98dViBYx0ORnadBjh7KuuZ\n" + "f9lW2aemW1MGMh2+3dokjpQGo958N9QDaafNRGcCgcAYXvxuMJOMZ52M8d7w7EeD\n" + "SGCwZGnojYN6qslXlMrewgo7zjj6Y3ZLUUyhPU15NGZUzWLfmwDVfKy8WjW792t2\n" + "Ryz7lsOE0I8Kyse9X0Nu+1v8SBnIPEelpDPrS9siaaCXs7k7Fpu9WKPaxRiyvbkb\n" + "E1lQmcVog/5QrgzmGzdUvPL1dBgOMTNp0KSIkCSLQK56j5+Cqfc8ECkBlJozEvmr\n" + "5u3ed+PtD/KD3V3gJuTBxCtgqRTPUoiqZzExHiK6PWcCgcEAguWBy29tWzfKg+48\n" + "bFeSyqLYP8WDdpaJwOUTnMzHiAOC8JXOYQ1vJXKAbWvFPD8wkOqOV8yRwvRRyjow\n" + "SHjcpvpJzkqr/qF6yf5clyiM9dpeh/ia3X250uirUmOdBaT2FGUNltkw+LE76H9N\n" + "1FEzXqOTzCdkSdivHeLdoOvt/Y1IfgpYyaRjLCxB/LHDsczFe9jAmGGnPIcGe/Z6\n" + "wBJBF5Ezzk/c3iTV3wqjbj9mQs/0uBidLBwZ1sWHQD+I7tUXAoHAHXjrwCI5AJTS\n" + "OyK0/85F5x5cbbeWZvU9bgni6IN51j9r12J13qt1bBQE+jQkOKRkvyRtEeQW3Zod\n" + "+zcBcCqU9HSQa7BH7beT6ChEz+lx/OZ+b34MOxwE6BJdQCu1048fD9/xHq8xoQQf\n" + "E+1aSEFaNRfxIOdqNUvyKy+WgWKoMDU96Uw6LU4z9lzOLwKb4LTZhE+qp2lMJ2Ws\n" + "9lH//6DGC2Z42m0Do2uqdxjBclumwqvzdozgsAwKSNkDUMAqPKI5\n" + "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t server2_key = { server2_key_pem, - sizeof(server2_key_pem) - 1 -}; + sizeof(server2_key_pem) - 1 }; static unsigned char ca2_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIID8zCCAlugAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCAXDTE1MTIwODA5MzAzMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0wMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA0Q82wj5Dk/me634j\n" - "DnFBbAJ5FGNNeXnBgprRo2tQv8oJYMN/osSVd/03XiWBQnXk7v2aSkfXMqgEAzfv\n" - "0fzWZYyhKSwTvDG48LfnIuF7UrnvnC3xdAOjcQ+E3zUdYYonSn3gRBwIjOK4wFbG\n" - "Q4oelFnPOjWGeasLh++yBNfCa506jgFd9Y1rU5o0r/EIYSQi2aj71E+x3EdkS0Tx\n" - "iKpIGHseuP2ARmmZPLy4YglFBvPiDRi0jdgdWd6UbNk7XJ+xnKa9gVtk3TX7vy5E\n" - "7R1686F66bIe9T1N2Wyf3huJkgwUB2UPpG9rNiOvRLGFxkONeATwiJyzJG9DmtGw\n" - "GbKsyMDU9Rq9Z694tBCnlWlPrQKsZEsnivPIn/2VaANArT1QtsS+EdaXzuIWmIM0\n" - "cdQXf1U1VhzACFpHnFZ6XsOe40qwzj+6RQprHcWnIGP992qiQ6zPF8QPkycTrbhi\n" - "TG7hX59sTTBJva5DNjZnx4H/hOiQub04CMD501JiLQ1ALXGfAgMBAAGjWDBWMA8G\n" - "A1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUD\n" - "AwcGADAdBgNVHQ4EFgQUS3b8vegC7b0m83OMq/9dq++nS58wDQYJKoZIhvcNAQEL\n" - "BQADggGBALJv0DUD3Ujb0a9zcgKQIjljFMoA0v5A6+ZoLeHmRTU5udNV9G2AsdSx\n" - "PEH/D7v/GyoR0jApgA0TiAqRuvlc3NsdHBx9tFvgrAFyC7bbJRrf9lP9QlTqkmb7\n" - "a85OYmdiDhtQSyKdtSZpAfP7jVGJqQz5UWbV3CjYfubU+HLIZXEb6m8YCKBFb7l9\n" - "GNrcKK+gFyrQr6KmojzMkJd5PxVBUsYleaf/0QxC7nRbTH/qomJvooI2nLBLA7U3\n" - "VGLL3Og6rpjIWu2dwkvepcnesdrnPq4hJQ+uSfDkthP/qCs/3Nj9bvL73DIAYUc2\n" - "6FUmOK40BRhBhcAIYj+9JDtHncykj0RBjH6eq+goDTSd4gTXmfbzb8p1jjLal8xZ\n" - "PcNzShMpUqkmWe3Otzd98zkOzqiHeO03tBgfA5u+4gInSdQp5eUpE3Uivp9IcNaC\n" - "TMSfIA6roY+p7j1ISlmzXUZuEz9dkJumV0TMmOv6nd+ZufwaDOIuDPad5bG2JFji\n" - "KvV1dLfOfg==\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t ca2_cert = { ca2_cert_pem, - sizeof(ca2_cert_pem) - 1 -}; + "-----BEGIN CERTIFICATE-----\n" + "MIID8zCCAlugAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCAXDTE1MTIwODA5MzAzMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0wMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA0Q82wj5Dk/me634j\n" + "DnFBbAJ5FGNNeXnBgprRo2tQv8oJYMN/osSVd/03XiWBQnXk7v2aSkfXMqgEAzfv\n" + "0fzWZYyhKSwTvDG48LfnIuF7UrnvnC3xdAOjcQ+E3zUdYYonSn3gRBwIjOK4wFbG\n" + "Q4oelFnPOjWGeasLh++yBNfCa506jgFd9Y1rU5o0r/EIYSQi2aj71E+x3EdkS0Tx\n" + "iKpIGHseuP2ARmmZPLy4YglFBvPiDRi0jdgdWd6UbNk7XJ+xnKa9gVtk3TX7vy5E\n" + "7R1686F66bIe9T1N2Wyf3huJkgwUB2UPpG9rNiOvRLGFxkONeATwiJyzJG9DmtGw\n" + "GbKsyMDU9Rq9Z694tBCnlWlPrQKsZEsnivPIn/2VaANArT1QtsS+EdaXzuIWmIM0\n" + "cdQXf1U1VhzACFpHnFZ6XsOe40qwzj+6RQprHcWnIGP992qiQ6zPF8QPkycTrbhi\n" + "TG7hX59sTTBJva5DNjZnx4H/hOiQub04CMD501JiLQ1ALXGfAgMBAAGjWDBWMA8G\n" + "A1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUD\n" + "AwcGADAdBgNVHQ4EFgQUS3b8vegC7b0m83OMq/9dq++nS58wDQYJKoZIhvcNAQEL\n" + "BQADggGBALJv0DUD3Ujb0a9zcgKQIjljFMoA0v5A6+ZoLeHmRTU5udNV9G2AsdSx\n" + "PEH/D7v/GyoR0jApgA0TiAqRuvlc3NsdHBx9tFvgrAFyC7bbJRrf9lP9QlTqkmb7\n" + "a85OYmdiDhtQSyKdtSZpAfP7jVGJqQz5UWbV3CjYfubU+HLIZXEb6m8YCKBFb7l9\n" + "GNrcKK+gFyrQr6KmojzMkJd5PxVBUsYleaf/0QxC7nRbTH/qomJvooI2nLBLA7U3\n" + "VGLL3Og6rpjIWu2dwkvepcnesdrnPq4hJQ+uSfDkthP/qCs/3Nj9bvL73DIAYUc2\n" + "6FUmOK40BRhBhcAIYj+9JDtHncykj0RBjH6eq+goDTSd4gTXmfbzb8p1jjLal8xZ\n" + "PcNzShMpUqkmWe3Otzd98zkOzqiHeO03tBgfA5u+4gInSdQp5eUpE3Uivp9IcNaC\n" + "TMSfIA6roY+p7j1ISlmzXUZuEz9dkJumV0TMmOv6nd+ZufwaDOIuDPad5bG2JFji\n" + "KvV1dLfOfg==\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t ca2_cert = { ca2_cert_pem, sizeof(ca2_cert_pem) - 1 }; static unsigned char cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" - "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" - "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" - "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" - "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" - "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" - "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" - "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" - "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" - "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" - "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" + "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" + "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" + "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" + "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" + "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" + "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" + "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" + "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" + "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" + "dc8Siq5JojruiMizAf0pA7in\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t cli_cert = { cert_pem, sizeof(cert_pem) - 1 }; static unsigned char key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" - "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" - "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" - "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" - "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" - "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" - "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" - "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" - "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" - "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" - "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" - "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" - "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" + "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" + "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" + "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" + "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" + "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" + "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" + "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" + "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" + "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" + "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" + "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" + "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" + "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t cli_key = { key_pem, sizeof(key_pem) - 1 }; static char dsa_key_pem[] = - "-----BEGIN DSA PRIVATE KEY-----\n" - "MIIBugIBAAKBgQC5hPVagb4aDcWKc48Mmy+btg5Lw3Qaf2StnfMoxaBHvJtXVvGX\n" - "1X43A+nyTPTji38wo10vu6GiN8LqNY8fsV+mol8B8SM2K+RPLy3dndU6pjmvelF8\n" - "0iWOl3TPHsV7S3ZDgQcfBhS4blgS4ZDiN2/SG+xoxVji5jDgal4sY3jsBwIVAJ9W\n" - "jEhkL/6NqnptltsEXRbvCKVxAoGAYgZ+5Fx2CLdGGl3Xl9QqIfsfMcnS9Po52CfR\n" - "m/wnXacKpxr8U8EvQ8I3yIV/PUyrXYEy+x1eHlQRFiDGgFrZjJtD8N1roPTD8oqc\n" - "OdIcew/v+iiTj9KhIuvc4IqLrSgOz+8Jhek2vYt6UNV79yUNbGARxO9wkM/WG+u7\n" - "jsY+OpcCgYAPiodX8tHC3KzfS4sPi7op9+ED5FX6spgH1v0SsYC89bq0UNR/oA5D\n" - "55/JeBFf5eQMLGtqpDXcvVTlYDaaMdGKWW5rHLq9LrrrfIfv2sjdoeukg+aLrfr6\n" - "jlvXN8gyPpbCPvRD2n2RAg+3vPjvj/dBAF6W3w8IltzqsukGgq/SLwIUS5/r/2ya\n" - "AoNBXjeBjgCGMei2m8E=\n" "-----END DSA PRIVATE KEY-----\n"; + "-----BEGIN DSA PRIVATE KEY-----\n" + "MIIBugIBAAKBgQC5hPVagb4aDcWKc48Mmy+btg5Lw3Qaf2StnfMoxaBHvJtXVvGX\n" + "1X43A+nyTPTji38wo10vu6GiN8LqNY8fsV+mol8B8SM2K+RPLy3dndU6pjmvelF8\n" + "0iWOl3TPHsV7S3ZDgQcfBhS4blgS4ZDiN2/SG+xoxVji5jDgal4sY3jsBwIVAJ9W\n" + "jEhkL/6NqnptltsEXRbvCKVxAoGAYgZ+5Fx2CLdGGl3Xl9QqIfsfMcnS9Po52CfR\n" + "m/wnXacKpxr8U8EvQ8I3yIV/PUyrXYEy+x1eHlQRFiDGgFrZjJtD8N1roPTD8oqc\n" + "OdIcew/v+iiTj9KhIuvc4IqLrSgOz+8Jhek2vYt6UNV79yUNbGARxO9wkM/WG+u7\n" + "jsY+OpcCgYAPiodX8tHC3KzfS4sPi7op9+ED5FX6spgH1v0SsYC89bq0UNR/oA5D\n" + "55/JeBFf5eQMLGtqpDXcvVTlYDaaMdGKWW5rHLq9LrrrfIfv2sjdoeukg+aLrfr6\n" + "jlvXN8gyPpbCPvRD2n2RAg+3vPjvj/dBAF6W3w8IltzqsukGgq/SLwIUS5/r/2ya\n" + "AoNBXjeBjgCGMei2m8E=\n" + "-----END DSA PRIVATE KEY-----\n"; const gnutls_datum_t dsa_key = { (unsigned char *)dsa_key_pem, - sizeof(dsa_key_pem) - 1 -}; + sizeof(dsa_key_pem) - 1 }; static char ca3_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIID+jCCAmKgAwIBAgIIVzGgXgSsTYwwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" - "AxMEQ0EtMzAgFw0xNjA1MTAwODQ4MzBaGA85OTk5MTIzMTIzNTk1OVowDzENMAsG\n" - "A1UEAxMEQ0EtMzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALbdxniG\n" - "+2wP/ONeZfvR7AJakVo5deFKIHVTiiBWwhg+HSjd4nfDa+vyTt/wIdldP1PriD1R\n" - "igc8z68+RxPpGfAc197pKlKpO08I0L1RDKnjBWr4fGdCzE6uZ/ZsKVifoIZpdC8M\n" - "2IYpAIMajEtnH53XZ1hTEviXTsneuiCTtap73OeSkL71SrIMkgBmAX17gfX3SxFj\n" - "QUzOs6QMMOa3+8GW7RI+E/SyS1QkOO860dj9XYgOnTL20ibGcWF2XmTiQASI+KmH\n" - "vYJCNJF/8pvmyJRyBHGZO830aBY0+DcS2bLKcyMiWfOJw7WnpaO7zSEC5WFgo4jd\n" - "qroUBQdjQNCSSdrt1yYrAl1Sj2PMxYFX4H545Pr2sMpwC9AnPk9+uucT1Inj9615\n" - "qbuXgFwhkgpK5pnPjzKaHp7ESlJj4/dIPTmhlt5BV+CLh7tSLzVLrddGU+os8Jin\n" - "T42radJ5V51Hn0C1CHIaFAuBCd5XRHXtrKb7WcnwCOxlcvux9h5/847F4wIDAQAB\n" - "o1gwVjAPBgNVHRMBAf8EBTADAQH/MBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GA1Ud\n" - "DwEB/wQFAwMHBgAwHQYDVR0OBBYEFPmohhljtqQUE2B2DwGaNTbv8bSvMA0GCSqG\n" - "SIb3DQEBCwUAA4IBgQBhBi8dXQMtXH2oqcuHuEj9JkxraAsaJvc1WAoxbiqVcJKc\n" - "VSC0gvoCY3q+NQvuePzw5dzd5JBfkoIsP5U6ATWAUPPqCP+/jRnFqDQlH626mhDG\n" - "VS8W7Ee8z1KWqnKWGv5nkrZ6r3y9bVaNUmY7rytzuct1bI9YkX1kM66vgnU2xeMI\n" - "jDe36/wTtBRVFPSPpE3KL9hxCg3KgPSeSmmIhmQxJ1M6xe00314/GX3lTDt55UdM\n" - "gmldl2LHV+0i1NPCgnuOEFVOiz2nHAnw2LNmvHEDDpPauz2Meeh9aaDeefIh2u/w\n" - "g39WRPhU1mYvmxvYZqA/jwSctiEhuKEBBZSOHxeTjplH1THlIziVnYyVW4sPMiGU\n" - "ajXhTi47H219hx87+bldruOtirbDIslL9RGWqWAkMeGP+hUl1R2zvDukaqIKqIN8\n" - "1/A/EeMoI6/IHb1BpgY2rGs/I/QTb3VTKqQUYv09Hi+itPCdKqamSm8dZMKKaPA0\n" - "fD9yskUMFPBhfj8BvXg=\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIID+jCCAmKgAwIBAgIIVzGgXgSsTYwwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" + "AxMEQ0EtMzAgFw0xNjA1MTAwODQ4MzBaGA85OTk5MTIzMTIzNTk1OVowDzENMAsG\n" + "A1UEAxMEQ0EtMzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALbdxniG\n" + "+2wP/ONeZfvR7AJakVo5deFKIHVTiiBWwhg+HSjd4nfDa+vyTt/wIdldP1PriD1R\n" + "igc8z68+RxPpGfAc197pKlKpO08I0L1RDKnjBWr4fGdCzE6uZ/ZsKVifoIZpdC8M\n" + "2IYpAIMajEtnH53XZ1hTEviXTsneuiCTtap73OeSkL71SrIMkgBmAX17gfX3SxFj\n" + "QUzOs6QMMOa3+8GW7RI+E/SyS1QkOO860dj9XYgOnTL20ibGcWF2XmTiQASI+KmH\n" + "vYJCNJF/8pvmyJRyBHGZO830aBY0+DcS2bLKcyMiWfOJw7WnpaO7zSEC5WFgo4jd\n" + "qroUBQdjQNCSSdrt1yYrAl1Sj2PMxYFX4H545Pr2sMpwC9AnPk9+uucT1Inj9615\n" + "qbuXgFwhkgpK5pnPjzKaHp7ESlJj4/dIPTmhlt5BV+CLh7tSLzVLrddGU+os8Jin\n" + "T42radJ5V51Hn0C1CHIaFAuBCd5XRHXtrKb7WcnwCOxlcvux9h5/847F4wIDAQAB\n" + "o1gwVjAPBgNVHRMBAf8EBTADAQH/MBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GA1Ud\n" + "DwEB/wQFAwMHBgAwHQYDVR0OBBYEFPmohhljtqQUE2B2DwGaNTbv8bSvMA0GCSqG\n" + "SIb3DQEBCwUAA4IBgQBhBi8dXQMtXH2oqcuHuEj9JkxraAsaJvc1WAoxbiqVcJKc\n" + "VSC0gvoCY3q+NQvuePzw5dzd5JBfkoIsP5U6ATWAUPPqCP+/jRnFqDQlH626mhDG\n" + "VS8W7Ee8z1KWqnKWGv5nkrZ6r3y9bVaNUmY7rytzuct1bI9YkX1kM66vgnU2xeMI\n" + "jDe36/wTtBRVFPSPpE3KL9hxCg3KgPSeSmmIhmQxJ1M6xe00314/GX3lTDt55UdM\n" + "gmldl2LHV+0i1NPCgnuOEFVOiz2nHAnw2LNmvHEDDpPauz2Meeh9aaDeefIh2u/w\n" + "g39WRPhU1mYvmxvYZqA/jwSctiEhuKEBBZSOHxeTjplH1THlIziVnYyVW4sPMiGU\n" + "ajXhTi47H219hx87+bldruOtirbDIslL9RGWqWAkMeGP+hUl1R2zvDukaqIKqIN8\n" + "1/A/EeMoI6/IHb1BpgY2rGs/I/QTb3VTKqQUYv09Hi+itPCdKqamSm8dZMKKaPA0\n" + "fD9yskUMFPBhfj8BvXg=\n" + "-----END CERTIFICATE-----\n"; static char ca3_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIG4gIBAAKCAYEAtt3GeIb7bA/8415l+9HsAlqRWjl14UogdVOKIFbCGD4dKN3i\n" - "d8Nr6/JO3/Ah2V0/U+uIPVGKBzzPrz5HE+kZ8BzX3ukqUqk7TwjQvVEMqeMFavh8\n" - "Z0LMTq5n9mwpWJ+ghml0LwzYhikAgxqMS2cfnddnWFMS+JdOyd66IJO1qnvc55KQ\n" - "vvVKsgySAGYBfXuB9fdLEWNBTM6zpAww5rf7wZbtEj4T9LJLVCQ47zrR2P1diA6d\n" - "MvbSJsZxYXZeZOJABIj4qYe9gkI0kX/ym+bIlHIEcZk7zfRoFjT4NxLZsspzIyJZ\n" - "84nDtaelo7vNIQLlYWCjiN2quhQFB2NA0JJJ2u3XJisCXVKPY8zFgVfgfnjk+vaw\n" - "ynAL0Cc+T3665xPUieP3rXmpu5eAXCGSCkrmmc+PMpoensRKUmPj90g9OaGW3kFX\n" - "4IuHu1IvNUut10ZT6izwmKdPjatp0nlXnUefQLUIchoUC4EJ3ldEde2spvtZyfAI\n" - "7GVy+7H2Hn/zjsXjAgMBAAECggGASjfywKJQUwieJA4BKFaICmCF0++0V07Fo7jX\n" - "O87akgpLvXVo4CDRoX7D4oHMyzLcbAwRTInWkp9sz3xgTsVyAJFEUDWkNs52wtoa\n" - "FmxZzm3UmhjmLObgkyKYEVzO3yhSd5s/S4VUMAdeLNfOjx/4phBx4lg9P+XxVV9v\n" - "fZ9VwS7qdpZ25voZafBOJZlBC5PgKFtI/XKiYzEVmgRUqJ+Nr4G5EIlfghYHGsxk\n" - "yzu9Ret3VaxQwwmIO7KY++yV3S4yC4H2A8kmInp+95IeNXND2GEgZJyp0z/7bkd0\n" - "lOtSbYZKEaMZob2IM9gcbAHvG+Oq1349zNtC5d8KyjYcJ4W2BkeHrNiSWHiHq5zA\n" - "dMbvgWs2ydjmpU5DacsP974lDsrt5TO+Cn16ETxDIqklkOqkLInuVmgssjWMbG0F\n" - "qxjM6XgnO6xUizxDJywzWg05J5CCGWydbj/m6Cfns0+jokuCTSuqcAsKBhe6YD4o\n" - "KOdws1egC7Bh+JqCTU1FtazU+THJAoHBAMz+FZrYOJVIhBOHQdttCPtYL3kglPwx\n" - "Tvtryvct7ui76LFCtwsDclQl5wcCl89NQF+9hVpW5t3kSHuM05mFHxvFlx2fTw01\n" - "6z4aXiLiccuc4QZQuTnfSW9OeX285So5rRbEHc8A9Pfa3Mi1OHYCt3jD92r6JGfD\n" - "NQd06vJRgUjjLSBtWvY4usamNWY/lOCJPjSJG8x3TqRyS4e0KtD1rHgJ8I9L2+a1\n" - "MT6E8qy8lf1+5H4hnHfYjSi9/URuYtoVNQKBwQDkXkNaJi30D/6abhdcqm9/Vitr\n" - "bzmhkxDOTTmkaZ/9YH8lfhcbANFuIYvBb+1DSOGtXWy02pidxc3DC1QbxHpjjmd4\n" - "fCe4TCVffMuLZDE+SofbltyQ84mVhEJS3iH0QB5ESS0M+MNn9v92Ah98UK58wWFS\n" - "UUmBvEqVWGDlBoSiyQ0H+B2uWI1h24F7WQYGZppdFCs8YE6ZS0pmEklQ4DrnGd/J\n" - "urXANEa6XE+BG9KF8x0sAM0YH1gHfLmyZrJXybcCgcB2v0kspcxBTfyUg2m2/naR\n" - "gwgdFq63WKj0JAEzJryavR+Sb58xFhIIhNxLx0jBoXKFA3hYWLbsGu2SBIYfDGp0\n" - "4AUl978HXBClrQiTFLHuzTXdPq3NxHb5r2/ZUq89wqNt6LWL0HYXjgUPj0rhsbku\n" - "j/anVbf5E6+IXkYrkONfoZnmivKCZ2Jq6KVOUc6gM2CBdltQGlzIDh2Kwud6nJYI\n" - "A1oC6GK+Rn/8Q2+AeM46RmN+XWISWrOKwmQQXBGPW3ECgcB3pk/Bjtlq02qBPQcu\n" - "fPnYDKzJKEhYuHYIsPtvggvaNFHJsgunEUGpYxgXLG5yX2Amdhl7lEB8AWQyOeBC\n" - "gCnjuXvK67nf3L2EDx2SFdebHG+cBKnhpEfEt7wMMOg3UdTJ0FEzR68R7J6iFLCs\n" - "cJVLNgKon4BU4fNt1hVGSaj6pT4Xm87pRuokiF6J4vW+Ksnb1LJmessTlBgR7KjP\n" - "H/yckrjmt9V8M6ePAsiBC7O8jMkPAghzCBEWMyoUJ6xvRHcCgcAWZFAbb0kCiebN\n" - "twTeVJ53V3hdFpanX1bDCOD+B7QFGqkNpEiF4WqHioSrXVhL9yLROLFUo43eqH4u\n" - "3m1cny0hwWDrkDbuMIMrjHtQRYsDX/0XbwPFr1jxNHggzC6uZXeSKih7xoVFFL/e\n" - "AbsLJbTvoXgn6abfY5JlN45G+P9L23j3/B5PYQUTLllXQxgFGIpnWL0RFCHQuNX6\n" - "xkwfZG91IiOdKlKEddraZb3OppP1j7HsiyaYmwIMtsPc9wa2EsU=\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIG4gIBAAKCAYEAtt3GeIb7bA/8415l+9HsAlqRWjl14UogdVOKIFbCGD4dKN3i\n" + "d8Nr6/JO3/Ah2V0/U+uIPVGKBzzPrz5HE+kZ8BzX3ukqUqk7TwjQvVEMqeMFavh8\n" + "Z0LMTq5n9mwpWJ+ghml0LwzYhikAgxqMS2cfnddnWFMS+JdOyd66IJO1qnvc55KQ\n" + "vvVKsgySAGYBfXuB9fdLEWNBTM6zpAww5rf7wZbtEj4T9LJLVCQ47zrR2P1diA6d\n" + "MvbSJsZxYXZeZOJABIj4qYe9gkI0kX/ym+bIlHIEcZk7zfRoFjT4NxLZsspzIyJZ\n" + "84nDtaelo7vNIQLlYWCjiN2quhQFB2NA0JJJ2u3XJisCXVKPY8zFgVfgfnjk+vaw\n" + "ynAL0Cc+T3665xPUieP3rXmpu5eAXCGSCkrmmc+PMpoensRKUmPj90g9OaGW3kFX\n" + "4IuHu1IvNUut10ZT6izwmKdPjatp0nlXnUefQLUIchoUC4EJ3ldEde2spvtZyfAI\n" + "7GVy+7H2Hn/zjsXjAgMBAAECggGASjfywKJQUwieJA4BKFaICmCF0++0V07Fo7jX\n" + "O87akgpLvXVo4CDRoX7D4oHMyzLcbAwRTInWkp9sz3xgTsVyAJFEUDWkNs52wtoa\n" + "FmxZzm3UmhjmLObgkyKYEVzO3yhSd5s/S4VUMAdeLNfOjx/4phBx4lg9P+XxVV9v\n" + "fZ9VwS7qdpZ25voZafBOJZlBC5PgKFtI/XKiYzEVmgRUqJ+Nr4G5EIlfghYHGsxk\n" + "yzu9Ret3VaxQwwmIO7KY++yV3S4yC4H2A8kmInp+95IeNXND2GEgZJyp0z/7bkd0\n" + "lOtSbYZKEaMZob2IM9gcbAHvG+Oq1349zNtC5d8KyjYcJ4W2BkeHrNiSWHiHq5zA\n" + "dMbvgWs2ydjmpU5DacsP974lDsrt5TO+Cn16ETxDIqklkOqkLInuVmgssjWMbG0F\n" + "qxjM6XgnO6xUizxDJywzWg05J5CCGWydbj/m6Cfns0+jokuCTSuqcAsKBhe6YD4o\n" + "KOdws1egC7Bh+JqCTU1FtazU+THJAoHBAMz+FZrYOJVIhBOHQdttCPtYL3kglPwx\n" + "Tvtryvct7ui76LFCtwsDclQl5wcCl89NQF+9hVpW5t3kSHuM05mFHxvFlx2fTw01\n" + "6z4aXiLiccuc4QZQuTnfSW9OeX285So5rRbEHc8A9Pfa3Mi1OHYCt3jD92r6JGfD\n" + "NQd06vJRgUjjLSBtWvY4usamNWY/lOCJPjSJG8x3TqRyS4e0KtD1rHgJ8I9L2+a1\n" + "MT6E8qy8lf1+5H4hnHfYjSi9/URuYtoVNQKBwQDkXkNaJi30D/6abhdcqm9/Vitr\n" + "bzmhkxDOTTmkaZ/9YH8lfhcbANFuIYvBb+1DSOGtXWy02pidxc3DC1QbxHpjjmd4\n" + "fCe4TCVffMuLZDE+SofbltyQ84mVhEJS3iH0QB5ESS0M+MNn9v92Ah98UK58wWFS\n" + "UUmBvEqVWGDlBoSiyQ0H+B2uWI1h24F7WQYGZppdFCs8YE6ZS0pmEklQ4DrnGd/J\n" + "urXANEa6XE+BG9KF8x0sAM0YH1gHfLmyZrJXybcCgcB2v0kspcxBTfyUg2m2/naR\n" + "gwgdFq63WKj0JAEzJryavR+Sb58xFhIIhNxLx0jBoXKFA3hYWLbsGu2SBIYfDGp0\n" + "4AUl978HXBClrQiTFLHuzTXdPq3NxHb5r2/ZUq89wqNt6LWL0HYXjgUPj0rhsbku\n" + "j/anVbf5E6+IXkYrkONfoZnmivKCZ2Jq6KVOUc6gM2CBdltQGlzIDh2Kwud6nJYI\n" + "A1oC6GK+Rn/8Q2+AeM46RmN+XWISWrOKwmQQXBGPW3ECgcB3pk/Bjtlq02qBPQcu\n" + "fPnYDKzJKEhYuHYIsPtvggvaNFHJsgunEUGpYxgXLG5yX2Amdhl7lEB8AWQyOeBC\n" + "gCnjuXvK67nf3L2EDx2SFdebHG+cBKnhpEfEt7wMMOg3UdTJ0FEzR68R7J6iFLCs\n" + "cJVLNgKon4BU4fNt1hVGSaj6pT4Xm87pRuokiF6J4vW+Ksnb1LJmessTlBgR7KjP\n" + "H/yckrjmt9V8M6ePAsiBC7O8jMkPAghzCBEWMyoUJ6xvRHcCgcAWZFAbb0kCiebN\n" + "twTeVJ53V3hdFpanX1bDCOD+B7QFGqkNpEiF4WqHioSrXVhL9yLROLFUo43eqH4u\n" + "3m1cny0hwWDrkDbuMIMrjHtQRYsDX/0XbwPFr1jxNHggzC6uZXeSKih7xoVFFL/e\n" + "AbsLJbTvoXgn6abfY5JlN45G+P9L23j3/B5PYQUTLllXQxgFGIpnWL0RFCHQuNX6\n" + "xkwfZG91IiOdKlKEddraZb3OppP1j7HsiyaYmwIMtsPc9wa2EsU=\n" + "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t ca3_key = { (unsigned char *)ca3_key_pem, - sizeof(ca3_key_pem) - 1 -}; + sizeof(ca3_key_pem) - 1 }; const gnutls_datum_t ca3_cert = { (unsigned char *)ca3_cert_pem, - sizeof(ca3_cert_pem) - 1 -}; + sizeof(ca3_cert_pem) - 1 }; static char subca3_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEDTCCAnWgAwIBAgIMV6MdMjWzT9C59ec8MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTMwIBcNMTYwNTEwMDg0ODMwWhgPOTk5OTEyMzEyMzU5NTlaMBIx\n" - "EDAOBgNVBAMTB3N1YkNBLTMwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIB\n" - "gQCgOcNXzStOnRFoi05aMRLeMB45X4a2srSBul3ULxDSGjIP0EEl//X2WLiope/x\n" - "NL8bPCRpI1sSVXl8Hb1cK3qWNGazVmC7xW07NxL26I86e3/BVRnq8ioVtvPQwEpv\n" - "uI8F97x1vL/n+cfcdkN77NScr5C9jHMVioRvC+qKz9bUBx5DSySV66PR5+wGsJDv\n" - "kfsmjVOgqiTlSWQS5G3nMMq0Rixsc5dP5Wygkbdh9+45UCtObcnHABJrP+GtLiG0\n" - "AOUx6oPzPteZL13erWXg7zYusTarj9rTcdsgR/Im1mIzmD2i7GhJo4Gj0Sk3Rq93\n" - "JyeA+Ay5UPmqcm+dqX00b49MTTv4GtO53kLQSCXYFJ96jcMiXMzBFJD1ROsdk4WU\n" - "ed/tJMHffttDz9j3WcuX9M2nzTT2xlauokjbEAhRDRw5fxCFZh7TbmaH4vysDO9U\n" - "ZXVEXSLKonQ2Lmyso48s/G30VmlSjtPtJqRsv/oPpCO/c0D6BrkHV55B48xfmyIF\n" - "jgECAwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwYAMB0G\n" - "A1UdDgQWBBQtMwQbJ3+UBHzH4zVP6SWklOG3oTAfBgNVHSMEGDAWgBT5qIYZY7ak\n" - "FBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAMii5Gx3/d/58oDRy5a0o\n" - "PvQhkU0dKa61NfjjOz9uqxNSilLJE7jGJPaG2tKtC/XU1Ybql2tqQY68kogjKs31\n" - "QC6RFkoZAFouTJt11kzbgVWKewCk3/OrA0/ZkRrAfE0Pma/NITRwTHmTsQOdv/bz\n" - "R+xIPhjKxKrKyJFMG5xb+Q0OKSbd8kDpgYWKob5x2jsNYgEDp8nYSRT45SGw7c7F\n" - "cumkXz2nA6r5NwbnhELvNFK8fzsY+QJKHaAlJ9CclliP1PiiAcl2LQo2gaygWNiD\n" - "+ggnqzy7nqam9rieOOMHls1kKFAFrWy2g/cBhTfS+/7Shpex7NK2GAiujgUV0TZH\n" - "EyEZt6um4gLS9vwUKs/R4XS9VL/bBlfAy2hAVTeUejiRBGeTJkqBu7+c4FdrCByV\n" - "haeQASMYu/lga8eaGL1zJbJe2BQWI754KDYDT9qKNqGlgysr4AVje7z1Y1MQ72Sn\n" - "frzYSQw6BB85CurB6iou3Q+eM4o4g/+xGEuDo0Ne/8ir\n" - "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIEDTCCAnWgAwIBAgIMV6MdMjWzT9C59ec8MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTMwIBcNMTYwNTEwMDg0ODMwWhgPOTk5OTEyMzEyMzU5NTlaMBIx\n" + "EDAOBgNVBAMTB3N1YkNBLTMwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIB\n" + "gQCgOcNXzStOnRFoi05aMRLeMB45X4a2srSBul3ULxDSGjIP0EEl//X2WLiope/x\n" + "NL8bPCRpI1sSVXl8Hb1cK3qWNGazVmC7xW07NxL26I86e3/BVRnq8ioVtvPQwEpv\n" + "uI8F97x1vL/n+cfcdkN77NScr5C9jHMVioRvC+qKz9bUBx5DSySV66PR5+wGsJDv\n" + "kfsmjVOgqiTlSWQS5G3nMMq0Rixsc5dP5Wygkbdh9+45UCtObcnHABJrP+GtLiG0\n" + "AOUx6oPzPteZL13erWXg7zYusTarj9rTcdsgR/Im1mIzmD2i7GhJo4Gj0Sk3Rq93\n" + "JyeA+Ay5UPmqcm+dqX00b49MTTv4GtO53kLQSCXYFJ96jcMiXMzBFJD1ROsdk4WU\n" + "ed/tJMHffttDz9j3WcuX9M2nzTT2xlauokjbEAhRDRw5fxCFZh7TbmaH4vysDO9U\n" + "ZXVEXSLKonQ2Lmyso48s/G30VmlSjtPtJqRsv/oPpCO/c0D6BrkHV55B48xfmyIF\n" + "jgECAwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwYAMB0G\n" + "A1UdDgQWBBQtMwQbJ3+UBHzH4zVP6SWklOG3oTAfBgNVHSMEGDAWgBT5qIYZY7ak\n" + "FBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAMii5Gx3/d/58oDRy5a0o\n" + "PvQhkU0dKa61NfjjOz9uqxNSilLJE7jGJPaG2tKtC/XU1Ybql2tqQY68kogjKs31\n" + "QC6RFkoZAFouTJt11kzbgVWKewCk3/OrA0/ZkRrAfE0Pma/NITRwTHmTsQOdv/bz\n" + "R+xIPhjKxKrKyJFMG5xb+Q0OKSbd8kDpgYWKob5x2jsNYgEDp8nYSRT45SGw7c7F\n" + "cumkXz2nA6r5NwbnhELvNFK8fzsY+QJKHaAlJ9CclliP1PiiAcl2LQo2gaygWNiD\n" + "+ggnqzy7nqam9rieOOMHls1kKFAFrWy2g/cBhTfS+/7Shpex7NK2GAiujgUV0TZH\n" + "EyEZt6um4gLS9vwUKs/R4XS9VL/bBlfAy2hAVTeUejiRBGeTJkqBu7+c4FdrCByV\n" + "haeQASMYu/lga8eaGL1zJbJe2BQWI754KDYDT9qKNqGlgysr4AVje7z1Y1MQ72Sn\n" + "frzYSQw6BB85CurB6iou3Q+eM4o4g/+xGEuDo0Ne/8ir\n" + "-----END CERTIFICATE-----\n"; static char subca3_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIG5AIBAAKCAYEAoDnDV80rTp0RaItOWjES3jAeOV+GtrK0gbpd1C8Q0hoyD9BB\n" - "Jf/19li4qKXv8TS/GzwkaSNbElV5fB29XCt6ljRms1Zgu8VtOzcS9uiPOnt/wVUZ\n" - "6vIqFbbz0MBKb7iPBfe8dby/5/nH3HZDe+zUnK+QvYxzFYqEbwvqis/W1AceQ0sk\n" - "leuj0efsBrCQ75H7Jo1ToKok5UlkEuRt5zDKtEYsbHOXT+VsoJG3YffuOVArTm3J\n" - "xwASaz/hrS4htADlMeqD8z7XmS9d3q1l4O82LrE2q4/a03HbIEfyJtZiM5g9ouxo\n" - "SaOBo9EpN0avdycngPgMuVD5qnJvnal9NG+PTE07+BrTud5C0Egl2BSfeo3DIlzM\n" - "wRSQ9UTrHZOFlHnf7STB337bQ8/Y91nLl/TNp8009sZWrqJI2xAIUQ0cOX8QhWYe\n" - "025mh+L8rAzvVGV1RF0iyqJ0Ni5srKOPLPxt9FZpUo7T7SakbL/6D6Qjv3NA+ga5\n" - "B1eeQePMX5siBY4BAgMBAAECggGAW56MIBHW+L4B7VjzNcmn81tqfP4txxzK8P+D\n" - "lchQAwQtqjM4faUunW5AMVepq7Cwsr8iRuiLtCEiNaG/3QuTrn5KV7RF3jlXa6vj\n" - "cUKsXBGwjPm/t0RAYmhaZPz/04CicBQoNN74kYqYCW2qyxsyvGH8DxdX23J4phMX\n" - "S8brHhTv7iTyx7OV2nqW0YB3cDZ2eaYIsu9355Ce49qxKakR0CHsVxuF447aHbsV\n" - "NLUUCLvZ95/56IwW/DLsNh4R8Z8siEDde8imHyJOVihqrxvoQ7pL0+qB8amsMEVd\n" - "YcUr0ln56Ob5MuO5vD5lAASbOgGUcI/3OWsd2KzquNxKzZaZu+nC1Yh150E1jDEi\n" - "dZIgTtAr39sCx2EwovYwOWrVz66afzN05/0QxuXaoR5IuqbAt7mmaC5wSUGfuAyA\n" - "oy94+JEAb6bb1RPdzcLE5AC6n1zdcOwtuHAajFIppR3He4n4cODaPyqf8pqoCE7s\n" - "fqCa43LLUbPNIEh+E0jFy2lBlqRNAoHBAMY4REQIAUP9PEVtGKi+fvqlBjEn2hzx\n" - "7GuVscvro2U4xk7ZwM1ZffDM9Skuf10+QK15fT4sC4WknJ5MNDY6lkkuPAAaE+Wh\n" - "O6w9Dkz264n2xiGCOEignsAbTkOOZCiWVh9xq4N3o6C9uWUWPOW5bnBx9BzMRi59\n" - "SK5qLTOlJur8fczV/1/sFTUEwBiahERUFqGlOD3t4/z5YuWdFjoXhOh3s60hro8C\n" - "57E4mDuk5sgIh2/i0L9Aob1fnN/Hkl89hwKBwQDO7kNJcRgzbtnK4bX3QWiZVI42\n" - "91YfWtHGqJuqymi8a/4oNBzlBqJECtd0fYcCudadXGtjmf68/BbfwZjZzPOVrnpM\n" - "3XvMgvJgwuppW+Uovvk7eStUGqz1YzEZQZlVSc6p3sB0Lv9EGU5hCejnJmzF36s2\n" - "+KWuzyjkBg4o7fqYAeE2y4tZzGOwRjlOLJQQKQANTv24fOHXCaWBwrkgPloFqkrx\n" - "QPe6Dm7iWdi4xGB3zFZxSZbr0rZ1SmSTn3kbejcCgcEAvoTwYG9NQBsTpitA61gF\n" - "1kVtWSvTwcRpl9KOzNCVAUJ7oOg9H2Ln4N4uucFeW7HtGo/N6EcPYAmjG6dk+8Z+\n" - "EqKkuvhVrX22TEt3BlTCeZ2+PBDcpjnzu/PC2r3u2O/+oURxNPB2TpZsrpOcPrVn\n" - "SB7PIirZPe/fPv0Aq0YOzQeYppv9VCYnEAmb1UoW3VHxWrbiAuw3GTxeaRH+fiGC\n" - "9qmvAjaAgCarqTQbZiCOTS+dddYNC/ZEPy+6KYC52F7bAoHBAJLp5EnDCpyRif0Z\n" - "jLhz7tBVkPaDWdi/AQqa8JIsTHnh7jsa7JzJvfCzBc7FxFHyIOXuFKxNS+deztqj\n" - "t2KCuTm++0ORR/Cl03FRUV3mCWeJVqeb2mBG5B8AAn7c7QD5esltxZN3PnJZySTq\n" - "BTn/NOCzcPqBRBg9KdniVrFGbFD5nKzrjA8AJpKi+NKAocprYYcRWt9dgnXKeoAL\n" - "AKZcvkshYT2xk2+8CYuYoF5lxdun7oNV7NmW60WQwKFyamhQtwKBwE6OM6v8BOL2\n" - "8SkAd0qj0UFMyzJCOhlW5cypdcvvEpiR4H/8m2c8U4iemful3YJ/Hc+KH165KeQM\n" - "3ZBX1w2rwei6cQNtIptMYFBapUzE1Wd0Uyh8OjpHnCYvv/53cZYNSrVtqCD5GE87\n" - "c/snzezAEzWGNm5wl0X+Y3g/mZaYX2rXUgr/dxVGhNHzOodEMz3Sk/Z8ER5n8m5N\n" - "CLo/c/+F0N4e0F7P+haq+Ccj6MNM99HnuJALc1Ke9971YxrNfniGvA==\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIG5AIBAAKCAYEAoDnDV80rTp0RaItOWjES3jAeOV+GtrK0gbpd1C8Q0hoyD9BB\n" + "Jf/19li4qKXv8TS/GzwkaSNbElV5fB29XCt6ljRms1Zgu8VtOzcS9uiPOnt/wVUZ\n" + "6vIqFbbz0MBKb7iPBfe8dby/5/nH3HZDe+zUnK+QvYxzFYqEbwvqis/W1AceQ0sk\n" + "leuj0efsBrCQ75H7Jo1ToKok5UlkEuRt5zDKtEYsbHOXT+VsoJG3YffuOVArTm3J\n" + "xwASaz/hrS4htADlMeqD8z7XmS9d3q1l4O82LrE2q4/a03HbIEfyJtZiM5g9ouxo\n" + "SaOBo9EpN0avdycngPgMuVD5qnJvnal9NG+PTE07+BrTud5C0Egl2BSfeo3DIlzM\n" + "wRSQ9UTrHZOFlHnf7STB337bQ8/Y91nLl/TNp8009sZWrqJI2xAIUQ0cOX8QhWYe\n" + "025mh+L8rAzvVGV1RF0iyqJ0Ni5srKOPLPxt9FZpUo7T7SakbL/6D6Qjv3NA+ga5\n" + "B1eeQePMX5siBY4BAgMBAAECggGAW56MIBHW+L4B7VjzNcmn81tqfP4txxzK8P+D\n" + "lchQAwQtqjM4faUunW5AMVepq7Cwsr8iRuiLtCEiNaG/3QuTrn5KV7RF3jlXa6vj\n" + "cUKsXBGwjPm/t0RAYmhaZPz/04CicBQoNN74kYqYCW2qyxsyvGH8DxdX23J4phMX\n" + "S8brHhTv7iTyx7OV2nqW0YB3cDZ2eaYIsu9355Ce49qxKakR0CHsVxuF447aHbsV\n" + "NLUUCLvZ95/56IwW/DLsNh4R8Z8siEDde8imHyJOVihqrxvoQ7pL0+qB8amsMEVd\n" + "YcUr0ln56Ob5MuO5vD5lAASbOgGUcI/3OWsd2KzquNxKzZaZu+nC1Yh150E1jDEi\n" + "dZIgTtAr39sCx2EwovYwOWrVz66afzN05/0QxuXaoR5IuqbAt7mmaC5wSUGfuAyA\n" + "oy94+JEAb6bb1RPdzcLE5AC6n1zdcOwtuHAajFIppR3He4n4cODaPyqf8pqoCE7s\n" + "fqCa43LLUbPNIEh+E0jFy2lBlqRNAoHBAMY4REQIAUP9PEVtGKi+fvqlBjEn2hzx\n" + "7GuVscvro2U4xk7ZwM1ZffDM9Skuf10+QK15fT4sC4WknJ5MNDY6lkkuPAAaE+Wh\n" + "O6w9Dkz264n2xiGCOEignsAbTkOOZCiWVh9xq4N3o6C9uWUWPOW5bnBx9BzMRi59\n" + "SK5qLTOlJur8fczV/1/sFTUEwBiahERUFqGlOD3t4/z5YuWdFjoXhOh3s60hro8C\n" + "57E4mDuk5sgIh2/i0L9Aob1fnN/Hkl89hwKBwQDO7kNJcRgzbtnK4bX3QWiZVI42\n" + "91YfWtHGqJuqymi8a/4oNBzlBqJECtd0fYcCudadXGtjmf68/BbfwZjZzPOVrnpM\n" + "3XvMgvJgwuppW+Uovvk7eStUGqz1YzEZQZlVSc6p3sB0Lv9EGU5hCejnJmzF36s2\n" + "+KWuzyjkBg4o7fqYAeE2y4tZzGOwRjlOLJQQKQANTv24fOHXCaWBwrkgPloFqkrx\n" + "QPe6Dm7iWdi4xGB3zFZxSZbr0rZ1SmSTn3kbejcCgcEAvoTwYG9NQBsTpitA61gF\n" + "1kVtWSvTwcRpl9KOzNCVAUJ7oOg9H2Ln4N4uucFeW7HtGo/N6EcPYAmjG6dk+8Z+\n" + "EqKkuvhVrX22TEt3BlTCeZ2+PBDcpjnzu/PC2r3u2O/+oURxNPB2TpZsrpOcPrVn\n" + "SB7PIirZPe/fPv0Aq0YOzQeYppv9VCYnEAmb1UoW3VHxWrbiAuw3GTxeaRH+fiGC\n" + "9qmvAjaAgCarqTQbZiCOTS+dddYNC/ZEPy+6KYC52F7bAoHBAJLp5EnDCpyRif0Z\n" + "jLhz7tBVkPaDWdi/AQqa8JIsTHnh7jsa7JzJvfCzBc7FxFHyIOXuFKxNS+deztqj\n" + "t2KCuTm++0ORR/Cl03FRUV3mCWeJVqeb2mBG5B8AAn7c7QD5esltxZN3PnJZySTq\n" + "BTn/NOCzcPqBRBg9KdniVrFGbFD5nKzrjA8AJpKi+NKAocprYYcRWt9dgnXKeoAL\n" + "AKZcvkshYT2xk2+8CYuYoF5lxdun7oNV7NmW60WQwKFyamhQtwKBwE6OM6v8BOL2\n" + "8SkAd0qj0UFMyzJCOhlW5cypdcvvEpiR4H/8m2c8U4iemful3YJ/Hc+KH165KeQM\n" + "3ZBX1w2rwei6cQNtIptMYFBapUzE1Wd0Uyh8OjpHnCYvv/53cZYNSrVtqCD5GE87\n" + "c/snzezAEzWGNm5wl0X+Y3g/mZaYX2rXUgr/dxVGhNHzOodEMz3Sk/Z8ER5n8m5N\n" + "CLo/c/+F0N4e0F7P+haq+Ccj6MNM99HnuJALc1Ke9971YxrNfniGvA==\n" + "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t subca3_key = { (unsigned char *)subca3_key_pem, - sizeof(subca3_key_pem) - 1 -}; + sizeof(subca3_key_pem) - 1 }; const gnutls_datum_t subca3_cert = { (unsigned char *)subca3_cert_pem, - sizeof(subca3_cert_pem) - 1 -}; + sizeof(subca3_cert_pem) - 1 }; static char cli_ca3_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIERjCCAq6gAwIBAgIMV6MdMjZaLvmhsFpSMA0GCSqGSIb3DQEBCwUAMBIxEDAO\n" - "BgNVBAMTB3N1YkNBLTMwIBcNMTYwNTEwMDg1NjM5WhgPOTk5OTEyMzEyMzU5NTla\n" - "MBYxFDASBgNVBAMTC1Rlc3QgY2xpZW50MIIBojANBgkqhkiG9w0BAQEFAAOCAY8A\n" - "MIIBigKCAYEA4QAezvLHuNtTlTQSn1vNaYBrZ5+CzS8/tB2L5G+wWy3Yqqqh1kB+\n" - "gcWN9Ftqv21B1WgRWtjrn4rTJgxl+ogLiLgLIZ6iG/Ye1POFKxxVYYxPXI7spAYa\n" - "CW6/+QjS/18M6NCAHsvhJEMkOY6clIqEqCpLTyaWzJULBBwtpA84pkcLTiNpmfIJ\n" - "Wos9OsYH0hSK2xE/5qu+DkkaKrfS2Cyp61wdhURrX1fdlkBUBt9XH8S5A2bWuQEY\n" - "82GgXxl8HpehkB2RLgpkZQzxopzhoqG2P8IZFQmtOySzRPWtdpy0RJbvmLfZqaEw\n" - "sq3g1jZFXhqUjc5y3vbHta2Xg5/zx0X/FB69j2KZsgUmklYVFG9te7UtSVDgz3U6\n" - "9ed16AULxNqAF2LGhuIEI5+4PikXb+QxaOx/hw1BtEqMzLMbNphILSPBRI+NpTZ2\n" - "PCSedGsQzxsgns/iaLB7q1AIrKLUQlVpy+JNfauYqzvlMNXwMaoNQZDf9oOoFkdT\n" - "P5P8t/gGk2rlAgMBAAGjgZUwgZIwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggr\n" - "BgEFBQcDAjAcBgNVHREEFTATgRFoZWxsb0BleGFtcGxlLm9yZzAPBgNVHQ8BAf8E\n" - "BQMDB4AAMB0GA1UdDgQWBBRdXorh31ji3Vx07Tm7u9jZMbKBajAfBgNVHSMEGDAW\n" - "gBQtMwQbJ3+UBHzH4zVP6SWklOG3oTANBgkqhkiG9w0BAQsFAAOCAYEAPjXZC89d\n" - "2lkc33p5qBTneqXAAZeseBZlSF9Rd798NofXTw0oi235UWCdmPOS4l0z8PBh0ICA\n" - "MY7iUrv5MJeEcvGOq1NFZObsEP+gcpDi3s1otSif9n3ZSR9gDqG1kAlvwOxDW1As\n" - "KuGgwE2vRZN3T20USkcSXvtJ3QD+tIroD9z/Auh2H6LsqOMwSwBo9Alzj7DWLk8G\n" - "mdpQtQU+l/+3pa5MY4MBQM3T3PpK4TdjMVKzKc8lMUeFH/VJSbyQ2kgL7OqavMsH\n" - "jGrm0JCWi2M188EobKVqt2nhQQA7SIogYe4cqx8Q2/7v6RDXZ11QifFKupQ2vXLb\n" - "DZxa4j7YQz4F2m7+PbYbSAs1y4/oiJ32O3BjQC7Oa3OaGFpkipUtrozaa1TM4tab\n" - "kZSyKmSvKG2RxDphl71OZ28tgWjjzJbyG3dbnI3HF1L7YVwHUGFUPhUGuiS7H/b4\n" - "6Zd8Y0P6Cxn/4rUEZZPDpCVt92cjQsWXL45JXpmqwDlaRdSXXoIB2l2D\n" - "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIERjCCAq6gAwIBAgIMV6MdMjZaLvmhsFpSMA0GCSqGSIb3DQEBCwUAMBIxEDAO\n" + "BgNVBAMTB3N1YkNBLTMwIBcNMTYwNTEwMDg1NjM5WhgPOTk5OTEyMzEyMzU5NTla\n" + "MBYxFDASBgNVBAMTC1Rlc3QgY2xpZW50MIIBojANBgkqhkiG9w0BAQEFAAOCAY8A\n" + "MIIBigKCAYEA4QAezvLHuNtTlTQSn1vNaYBrZ5+CzS8/tB2L5G+wWy3Yqqqh1kB+\n" + "gcWN9Ftqv21B1WgRWtjrn4rTJgxl+ogLiLgLIZ6iG/Ye1POFKxxVYYxPXI7spAYa\n" + "CW6/+QjS/18M6NCAHsvhJEMkOY6clIqEqCpLTyaWzJULBBwtpA84pkcLTiNpmfIJ\n" + "Wos9OsYH0hSK2xE/5qu+DkkaKrfS2Cyp61wdhURrX1fdlkBUBt9XH8S5A2bWuQEY\n" + "82GgXxl8HpehkB2RLgpkZQzxopzhoqG2P8IZFQmtOySzRPWtdpy0RJbvmLfZqaEw\n" + "sq3g1jZFXhqUjc5y3vbHta2Xg5/zx0X/FB69j2KZsgUmklYVFG9te7UtSVDgz3U6\n" + "9ed16AULxNqAF2LGhuIEI5+4PikXb+QxaOx/hw1BtEqMzLMbNphILSPBRI+NpTZ2\n" + "PCSedGsQzxsgns/iaLB7q1AIrKLUQlVpy+JNfauYqzvlMNXwMaoNQZDf9oOoFkdT\n" + "P5P8t/gGk2rlAgMBAAGjgZUwgZIwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggr\n" + "BgEFBQcDAjAcBgNVHREEFTATgRFoZWxsb0BleGFtcGxlLm9yZzAPBgNVHQ8BAf8E\n" + "BQMDB4AAMB0GA1UdDgQWBBRdXorh31ji3Vx07Tm7u9jZMbKBajAfBgNVHSMEGDAW\n" + "gBQtMwQbJ3+UBHzH4zVP6SWklOG3oTANBgkqhkiG9w0BAQsFAAOCAYEAPjXZC89d\n" + "2lkc33p5qBTneqXAAZeseBZlSF9Rd798NofXTw0oi235UWCdmPOS4l0z8PBh0ICA\n" + "MY7iUrv5MJeEcvGOq1NFZObsEP+gcpDi3s1otSif9n3ZSR9gDqG1kAlvwOxDW1As\n" + "KuGgwE2vRZN3T20USkcSXvtJ3QD+tIroD9z/Auh2H6LsqOMwSwBo9Alzj7DWLk8G\n" + "mdpQtQU+l/+3pa5MY4MBQM3T3PpK4TdjMVKzKc8lMUeFH/VJSbyQ2kgL7OqavMsH\n" + "jGrm0JCWi2M188EobKVqt2nhQQA7SIogYe4cqx8Q2/7v6RDXZ11QifFKupQ2vXLb\n" + "DZxa4j7YQz4F2m7+PbYbSAs1y4/oiJ32O3BjQC7Oa3OaGFpkipUtrozaa1TM4tab\n" + "kZSyKmSvKG2RxDphl71OZ28tgWjjzJbyG3dbnI3HF1L7YVwHUGFUPhUGuiS7H/b4\n" + "6Zd8Y0P6Cxn/4rUEZZPDpCVt92cjQsWXL45JXpmqwDlaRdSXXoIB2l2D\n" + "-----END CERTIFICATE-----\n"; static char cli_ca3_cert_chain_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIERjCCAq6gAwIBAgIMV6MdMjZaLvmhsFpSMA0GCSqGSIb3DQEBCwUAMBIxEDAO\n" - "BgNVBAMTB3N1YkNBLTMwIBcNMTYwNTEwMDg1NjM5WhgPOTk5OTEyMzEyMzU5NTla\n" - "MBYxFDASBgNVBAMTC1Rlc3QgY2xpZW50MIIBojANBgkqhkiG9w0BAQEFAAOCAY8A\n" - "MIIBigKCAYEA4QAezvLHuNtTlTQSn1vNaYBrZ5+CzS8/tB2L5G+wWy3Yqqqh1kB+\n" - "gcWN9Ftqv21B1WgRWtjrn4rTJgxl+ogLiLgLIZ6iG/Ye1POFKxxVYYxPXI7spAYa\n" - "CW6/+QjS/18M6NCAHsvhJEMkOY6clIqEqCpLTyaWzJULBBwtpA84pkcLTiNpmfIJ\n" - "Wos9OsYH0hSK2xE/5qu+DkkaKrfS2Cyp61wdhURrX1fdlkBUBt9XH8S5A2bWuQEY\n" - "82GgXxl8HpehkB2RLgpkZQzxopzhoqG2P8IZFQmtOySzRPWtdpy0RJbvmLfZqaEw\n" - "sq3g1jZFXhqUjc5y3vbHta2Xg5/zx0X/FB69j2KZsgUmklYVFG9te7UtSVDgz3U6\n" - "9ed16AULxNqAF2LGhuIEI5+4PikXb+QxaOx/hw1BtEqMzLMbNphILSPBRI+NpTZ2\n" - "PCSedGsQzxsgns/iaLB7q1AIrKLUQlVpy+JNfauYqzvlMNXwMaoNQZDf9oOoFkdT\n" - "P5P8t/gGk2rlAgMBAAGjgZUwgZIwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggr\n" - "BgEFBQcDAjAcBgNVHREEFTATgRFoZWxsb0BleGFtcGxlLm9yZzAPBgNVHQ8BAf8E\n" - "BQMDB4AAMB0GA1UdDgQWBBRdXorh31ji3Vx07Tm7u9jZMbKBajAfBgNVHSMEGDAW\n" - "gBQtMwQbJ3+UBHzH4zVP6SWklOG3oTANBgkqhkiG9w0BAQsFAAOCAYEAPjXZC89d\n" - "2lkc33p5qBTneqXAAZeseBZlSF9Rd798NofXTw0oi235UWCdmPOS4l0z8PBh0ICA\n" - "MY7iUrv5MJeEcvGOq1NFZObsEP+gcpDi3s1otSif9n3ZSR9gDqG1kAlvwOxDW1As\n" - "KuGgwE2vRZN3T20USkcSXvtJ3QD+tIroD9z/Auh2H6LsqOMwSwBo9Alzj7DWLk8G\n" - "mdpQtQU+l/+3pa5MY4MBQM3T3PpK4TdjMVKzKc8lMUeFH/VJSbyQ2kgL7OqavMsH\n" - "jGrm0JCWi2M188EobKVqt2nhQQA7SIogYe4cqx8Q2/7v6RDXZ11QifFKupQ2vXLb\n" - "DZxa4j7YQz4F2m7+PbYbSAs1y4/oiJ32O3BjQC7Oa3OaGFpkipUtrozaa1TM4tab\n" - "kZSyKmSvKG2RxDphl71OZ28tgWjjzJbyG3dbnI3HF1L7YVwHUGFUPhUGuiS7H/b4\n" - "6Zd8Y0P6Cxn/4rUEZZPDpCVt92cjQsWXL45JXpmqwDlaRdSXXoIB2l2D\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIEDTCCAnWgAwIBAgIMV6MdMjWzT9C59ec8MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTMwIBcNMTYwNTEwMDg0ODMwWhgPOTk5OTEyMzEyMzU5NTlaMBIx\n" - "EDAOBgNVBAMTB3N1YkNBLTMwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIB\n" - "gQCgOcNXzStOnRFoi05aMRLeMB45X4a2srSBul3ULxDSGjIP0EEl//X2WLiope/x\n" - "NL8bPCRpI1sSVXl8Hb1cK3qWNGazVmC7xW07NxL26I86e3/BVRnq8ioVtvPQwEpv\n" - "uI8F97x1vL/n+cfcdkN77NScr5C9jHMVioRvC+qKz9bUBx5DSySV66PR5+wGsJDv\n" - "kfsmjVOgqiTlSWQS5G3nMMq0Rixsc5dP5Wygkbdh9+45UCtObcnHABJrP+GtLiG0\n" - "AOUx6oPzPteZL13erWXg7zYusTarj9rTcdsgR/Im1mIzmD2i7GhJo4Gj0Sk3Rq93\n" - "JyeA+Ay5UPmqcm+dqX00b49MTTv4GtO53kLQSCXYFJ96jcMiXMzBFJD1ROsdk4WU\n" - "ed/tJMHffttDz9j3WcuX9M2nzTT2xlauokjbEAhRDRw5fxCFZh7TbmaH4vysDO9U\n" - "ZXVEXSLKonQ2Lmyso48s/G30VmlSjtPtJqRsv/oPpCO/c0D6BrkHV55B48xfmyIF\n" - "jgECAwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwYAMB0G\n" - "A1UdDgQWBBQtMwQbJ3+UBHzH4zVP6SWklOG3oTAfBgNVHSMEGDAWgBT5qIYZY7ak\n" - "FBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAMii5Gx3/d/58oDRy5a0o\n" - "PvQhkU0dKa61NfjjOz9uqxNSilLJE7jGJPaG2tKtC/XU1Ybql2tqQY68kogjKs31\n" - "QC6RFkoZAFouTJt11kzbgVWKewCk3/OrA0/ZkRrAfE0Pma/NITRwTHmTsQOdv/bz\n" - "R+xIPhjKxKrKyJFMG5xb+Q0OKSbd8kDpgYWKob5x2jsNYgEDp8nYSRT45SGw7c7F\n" - "cumkXz2nA6r5NwbnhELvNFK8fzsY+QJKHaAlJ9CclliP1PiiAcl2LQo2gaygWNiD\n" - "+ggnqzy7nqam9rieOOMHls1kKFAFrWy2g/cBhTfS+/7Shpex7NK2GAiujgUV0TZH\n" - "EyEZt6um4gLS9vwUKs/R4XS9VL/bBlfAy2hAVTeUejiRBGeTJkqBu7+c4FdrCByV\n" - "haeQASMYu/lga8eaGL1zJbJe2BQWI754KDYDT9qKNqGlgysr4AVje7z1Y1MQ72Sn\n" - "frzYSQw6BB85CurB6iou3Q+eM4o4g/+xGEuDo0Ne/8ir\n" - "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIERjCCAq6gAwIBAgIMV6MdMjZaLvmhsFpSMA0GCSqGSIb3DQEBCwUAMBIxEDAO\n" + "BgNVBAMTB3N1YkNBLTMwIBcNMTYwNTEwMDg1NjM5WhgPOTk5OTEyMzEyMzU5NTla\n" + "MBYxFDASBgNVBAMTC1Rlc3QgY2xpZW50MIIBojANBgkqhkiG9w0BAQEFAAOCAY8A\n" + "MIIBigKCAYEA4QAezvLHuNtTlTQSn1vNaYBrZ5+CzS8/tB2L5G+wWy3Yqqqh1kB+\n" + "gcWN9Ftqv21B1WgRWtjrn4rTJgxl+ogLiLgLIZ6iG/Ye1POFKxxVYYxPXI7spAYa\n" + "CW6/+QjS/18M6NCAHsvhJEMkOY6clIqEqCpLTyaWzJULBBwtpA84pkcLTiNpmfIJ\n" + "Wos9OsYH0hSK2xE/5qu+DkkaKrfS2Cyp61wdhURrX1fdlkBUBt9XH8S5A2bWuQEY\n" + "82GgXxl8HpehkB2RLgpkZQzxopzhoqG2P8IZFQmtOySzRPWtdpy0RJbvmLfZqaEw\n" + "sq3g1jZFXhqUjc5y3vbHta2Xg5/zx0X/FB69j2KZsgUmklYVFG9te7UtSVDgz3U6\n" + "9ed16AULxNqAF2LGhuIEI5+4PikXb+QxaOx/hw1BtEqMzLMbNphILSPBRI+NpTZ2\n" + "PCSedGsQzxsgns/iaLB7q1AIrKLUQlVpy+JNfauYqzvlMNXwMaoNQZDf9oOoFkdT\n" + "P5P8t/gGk2rlAgMBAAGjgZUwgZIwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggr\n" + "BgEFBQcDAjAcBgNVHREEFTATgRFoZWxsb0BleGFtcGxlLm9yZzAPBgNVHQ8BAf8E\n" + "BQMDB4AAMB0GA1UdDgQWBBRdXorh31ji3Vx07Tm7u9jZMbKBajAfBgNVHSMEGDAW\n" + "gBQtMwQbJ3+UBHzH4zVP6SWklOG3oTANBgkqhkiG9w0BAQsFAAOCAYEAPjXZC89d\n" + "2lkc33p5qBTneqXAAZeseBZlSF9Rd798NofXTw0oi235UWCdmPOS4l0z8PBh0ICA\n" + "MY7iUrv5MJeEcvGOq1NFZObsEP+gcpDi3s1otSif9n3ZSR9gDqG1kAlvwOxDW1As\n" + "KuGgwE2vRZN3T20USkcSXvtJ3QD+tIroD9z/Auh2H6LsqOMwSwBo9Alzj7DWLk8G\n" + "mdpQtQU+l/+3pa5MY4MBQM3T3PpK4TdjMVKzKc8lMUeFH/VJSbyQ2kgL7OqavMsH\n" + "jGrm0JCWi2M188EobKVqt2nhQQA7SIogYe4cqx8Q2/7v6RDXZ11QifFKupQ2vXLb\n" + "DZxa4j7YQz4F2m7+PbYbSAs1y4/oiJ32O3BjQC7Oa3OaGFpkipUtrozaa1TM4tab\n" + "kZSyKmSvKG2RxDphl71OZ28tgWjjzJbyG3dbnI3HF1L7YVwHUGFUPhUGuiS7H/b4\n" + "6Zd8Y0P6Cxn/4rUEZZPDpCVt92cjQsWXL45JXpmqwDlaRdSXXoIB2l2D\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIEDTCCAnWgAwIBAgIMV6MdMjWzT9C59ec8MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTMwIBcNMTYwNTEwMDg0ODMwWhgPOTk5OTEyMzEyMzU5NTlaMBIx\n" + "EDAOBgNVBAMTB3N1YkNBLTMwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIB\n" + "gQCgOcNXzStOnRFoi05aMRLeMB45X4a2srSBul3ULxDSGjIP0EEl//X2WLiope/x\n" + "NL8bPCRpI1sSVXl8Hb1cK3qWNGazVmC7xW07NxL26I86e3/BVRnq8ioVtvPQwEpv\n" + "uI8F97x1vL/n+cfcdkN77NScr5C9jHMVioRvC+qKz9bUBx5DSySV66PR5+wGsJDv\n" + "kfsmjVOgqiTlSWQS5G3nMMq0Rixsc5dP5Wygkbdh9+45UCtObcnHABJrP+GtLiG0\n" + "AOUx6oPzPteZL13erWXg7zYusTarj9rTcdsgR/Im1mIzmD2i7GhJo4Gj0Sk3Rq93\n" + "JyeA+Ay5UPmqcm+dqX00b49MTTv4GtO53kLQSCXYFJ96jcMiXMzBFJD1ROsdk4WU\n" + "ed/tJMHffttDz9j3WcuX9M2nzTT2xlauokjbEAhRDRw5fxCFZh7TbmaH4vysDO9U\n" + "ZXVEXSLKonQ2Lmyso48s/G30VmlSjtPtJqRsv/oPpCO/c0D6BrkHV55B48xfmyIF\n" + "jgECAwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwYAMB0G\n" + "A1UdDgQWBBQtMwQbJ3+UBHzH4zVP6SWklOG3oTAfBgNVHSMEGDAWgBT5qIYZY7ak\n" + "FBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAMii5Gx3/d/58oDRy5a0o\n" + "PvQhkU0dKa61NfjjOz9uqxNSilLJE7jGJPaG2tKtC/XU1Ybql2tqQY68kogjKs31\n" + "QC6RFkoZAFouTJt11kzbgVWKewCk3/OrA0/ZkRrAfE0Pma/NITRwTHmTsQOdv/bz\n" + "R+xIPhjKxKrKyJFMG5xb+Q0OKSbd8kDpgYWKob5x2jsNYgEDp8nYSRT45SGw7c7F\n" + "cumkXz2nA6r5NwbnhELvNFK8fzsY+QJKHaAlJ9CclliP1PiiAcl2LQo2gaygWNiD\n" + "+ggnqzy7nqam9rieOOMHls1kKFAFrWy2g/cBhTfS+/7Shpex7NK2GAiujgUV0TZH\n" + "EyEZt6um4gLS9vwUKs/R4XS9VL/bBlfAy2hAVTeUejiRBGeTJkqBu7+c4FdrCByV\n" + "haeQASMYu/lga8eaGL1zJbJe2BQWI754KDYDT9qKNqGlgysr4AVje7z1Y1MQ72Sn\n" + "frzYSQw6BB85CurB6iou3Q+eM4o4g/+xGEuDo0Ne/8ir\n" + "-----END CERTIFICATE-----\n"; static char cli_ca3_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIG5QIBAAKCAYEA4QAezvLHuNtTlTQSn1vNaYBrZ5+CzS8/tB2L5G+wWy3Yqqqh\n" - "1kB+gcWN9Ftqv21B1WgRWtjrn4rTJgxl+ogLiLgLIZ6iG/Ye1POFKxxVYYxPXI7s\n" - "pAYaCW6/+QjS/18M6NCAHsvhJEMkOY6clIqEqCpLTyaWzJULBBwtpA84pkcLTiNp\n" - "mfIJWos9OsYH0hSK2xE/5qu+DkkaKrfS2Cyp61wdhURrX1fdlkBUBt9XH8S5A2bW\n" - "uQEY82GgXxl8HpehkB2RLgpkZQzxopzhoqG2P8IZFQmtOySzRPWtdpy0RJbvmLfZ\n" - "qaEwsq3g1jZFXhqUjc5y3vbHta2Xg5/zx0X/FB69j2KZsgUmklYVFG9te7UtSVDg\n" - "z3U69ed16AULxNqAF2LGhuIEI5+4PikXb+QxaOx/hw1BtEqMzLMbNphILSPBRI+N\n" - "pTZ2PCSedGsQzxsgns/iaLB7q1AIrKLUQlVpy+JNfauYqzvlMNXwMaoNQZDf9oOo\n" - "FkdTP5P8t/gGk2rlAgMBAAECggGBALedC4dC5O3cPodiKVhW6HiSThQQPgQH7Oql\n" - "ugW/h6HA9jHAcbWQiCyK9V9WQvTYyoLHHHKQ1ygpeEpyj741y4PU/XCALja3UU3j\n" - "NOeLhbnHcPRNxpvMRu8vrAYkx1uTS8uqawO2yZJ4IFXAJdOqfrtlWHPNP/7QGl9O\n" - "R4i8yzQWgglQKNtyg2OagWs3NCaikPZZS1aJDN5Hlc0KmkvDlx702zpoLV9vKut0\n" - "r520ITtRpNI72Dq9xIjJQMCa4Yltnuj1OmeJ2C5tTDL8gF/UwsALy01JOaZ9ekCD\n" - "bx/q4DBHXo5OOL4aKCVum8FOFrcaHALeWD1F19VVMuQMjLTAApv2eDL6NMORkrpK\n" - "bEEPfC4mjAtGOzwCkXe+53gXrKxMl+87IPC/FV/YuQRzWGZBCj052ELWqPbzJ9E7\n" - "QybGnSOw8Unoauz76aF0IMiiMu0u7pSp0LVQ+9SVYHhyTdYJfJPburssA3X4UuOX\n" - "KNI7gdOkb0yE883jcGQT+B2fdfrygQKBwQDkajgK6lsTChMeriPy++2MPpto64zW\n" - "2CNMPya5IC23ZFyRXs8UuMbGNTtXd9TXfISXYuGexbPCMXXLA272Bum/wkbf0NBu\n" - "DUVDYr0D4mIrjNb6NdTtFwHHfWCvQlhuVdS3kL9rSDoGO3mgedRpRpVR4Py+1emi\n" - "mMYGHN+UMwPzXmlhmvmONr6ObWebH14DdKyohkBuHVO/2HkET69F0zDOhbM+Wd8V\n" - "hK4PYo2MYV/n4CIf/UbBHjVXx4+EDWGhrNECgcEA/CxWuwr5+RjFGz66o+VM1nt7\n" - "LZgf1oDZKNlf+x6SlGYYCrk1t6yAtc3VbdkGSPsBHBR0WcpU8sMPMNhn5lU/pMp/\n" - "ntBx3LphNWJh3FH4jRkJvhQEZZI/TBIbnxp3C5xOCQr1njMk07vpse4xVhYgNcZf\n" - "9e8V6Ola/1xq+WYjWXVJXBj2cHoF8YZNlPAB38E9gFyU0dUQDjtF4Hfz2EvLniJu\n" - "p92nsT/jsxvEtUAoGAkNBhzXqhRcTAxuzbHbeNHVAoHBAITqKmJvrT+PBUE9JD4o\n" - "yzpo1BZhuzrp2uBrfyUKzI+DHzqYaPgt7b05DKcBXCFom99b8t5pPQkrrtfLz63q\n" - "p+qmKofjAuaHYl6r/kFcYrPk6NQArz6nvKlRFAnoGX1bBMUsvba3+MvXoBb5zdjU\n" - "8d8LhQengqTTMags9Q1QAmSD896QR9exk4FduIRT5GkuY6pNNQDen/VrCkCv/dYr\n" - "5qLGul71/RKQepkJSEUABMbxbeofgCSwZ2oE/kZhYwapgQKBwQD2TySj65PAYBZe\n" - "h0XsQlNsCA6HuVgXv6DdSn16niEUPChtiPxUHHVXnuZCNkHyVOF/mOcQsRWKTUZw\n" - "MmBB1bCleHlxGS6uJ4o9h4wIlDRPNU6Tz59/ynpzBhjerg3rVE/Qe1jvngrxmVEp\n" - "T3v3FwN9IvemE1J2PkB4vr9qPP54KZxvDZ7gu/9EKydqO4fJE0nMMCHYVuEo1XJq\n" - "Tx/pfBc1rXIiGtnpwnrY/l2DoFfJKkYDW3a3lM2WJmqwFXJGr8UCgcArtSJU3ewE\n" - "62J00pX8HJWvOVPrjKfgJvqUmpjLT4/AXNzEEFqij/L98DZU/b1GKGgdSFt3oIii\n" - "8Poeaas8GvtlyRZXONXC1TNzC+dzheF3MQ2euvAwulimvcp/rT1/Dw6ID2PWpthE\n" - "VBpijtoHZ3F2dCYHbYLVlrXC7G4IQ31XUZOujH5xOcZQob815J2+mFsdg/9UBm7c\n" - "uiyti3689G0RW9DM/F+NeJkoEo0D15JweVkSfDcsVTdvNsbeA1Pzzds=\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIG5QIBAAKCAYEA4QAezvLHuNtTlTQSn1vNaYBrZ5+CzS8/tB2L5G+wWy3Yqqqh\n" + "1kB+gcWN9Ftqv21B1WgRWtjrn4rTJgxl+ogLiLgLIZ6iG/Ye1POFKxxVYYxPXI7s\n" + "pAYaCW6/+QjS/18M6NCAHsvhJEMkOY6clIqEqCpLTyaWzJULBBwtpA84pkcLTiNp\n" + "mfIJWos9OsYH0hSK2xE/5qu+DkkaKrfS2Cyp61wdhURrX1fdlkBUBt9XH8S5A2bW\n" + "uQEY82GgXxl8HpehkB2RLgpkZQzxopzhoqG2P8IZFQmtOySzRPWtdpy0RJbvmLfZ\n" + "qaEwsq3g1jZFXhqUjc5y3vbHta2Xg5/zx0X/FB69j2KZsgUmklYVFG9te7UtSVDg\n" + "z3U69ed16AULxNqAF2LGhuIEI5+4PikXb+QxaOx/hw1BtEqMzLMbNphILSPBRI+N\n" + "pTZ2PCSedGsQzxsgns/iaLB7q1AIrKLUQlVpy+JNfauYqzvlMNXwMaoNQZDf9oOo\n" + "FkdTP5P8t/gGk2rlAgMBAAECggGBALedC4dC5O3cPodiKVhW6HiSThQQPgQH7Oql\n" + "ugW/h6HA9jHAcbWQiCyK9V9WQvTYyoLHHHKQ1ygpeEpyj741y4PU/XCALja3UU3j\n" + "NOeLhbnHcPRNxpvMRu8vrAYkx1uTS8uqawO2yZJ4IFXAJdOqfrtlWHPNP/7QGl9O\n" + "R4i8yzQWgglQKNtyg2OagWs3NCaikPZZS1aJDN5Hlc0KmkvDlx702zpoLV9vKut0\n" + "r520ITtRpNI72Dq9xIjJQMCa4Yltnuj1OmeJ2C5tTDL8gF/UwsALy01JOaZ9ekCD\n" + "bx/q4DBHXo5OOL4aKCVum8FOFrcaHALeWD1F19VVMuQMjLTAApv2eDL6NMORkrpK\n" + "bEEPfC4mjAtGOzwCkXe+53gXrKxMl+87IPC/FV/YuQRzWGZBCj052ELWqPbzJ9E7\n" + "QybGnSOw8Unoauz76aF0IMiiMu0u7pSp0LVQ+9SVYHhyTdYJfJPburssA3X4UuOX\n" + "KNI7gdOkb0yE883jcGQT+B2fdfrygQKBwQDkajgK6lsTChMeriPy++2MPpto64zW\n" + "2CNMPya5IC23ZFyRXs8UuMbGNTtXd9TXfISXYuGexbPCMXXLA272Bum/wkbf0NBu\n" + "DUVDYr0D4mIrjNb6NdTtFwHHfWCvQlhuVdS3kL9rSDoGO3mgedRpRpVR4Py+1emi\n" + "mMYGHN+UMwPzXmlhmvmONr6ObWebH14DdKyohkBuHVO/2HkET69F0zDOhbM+Wd8V\n" + "hK4PYo2MYV/n4CIf/UbBHjVXx4+EDWGhrNECgcEA/CxWuwr5+RjFGz66o+VM1nt7\n" + "LZgf1oDZKNlf+x6SlGYYCrk1t6yAtc3VbdkGSPsBHBR0WcpU8sMPMNhn5lU/pMp/\n" + "ntBx3LphNWJh3FH4jRkJvhQEZZI/TBIbnxp3C5xOCQr1njMk07vpse4xVhYgNcZf\n" + "9e8V6Ola/1xq+WYjWXVJXBj2cHoF8YZNlPAB38E9gFyU0dUQDjtF4Hfz2EvLniJu\n" + "p92nsT/jsxvEtUAoGAkNBhzXqhRcTAxuzbHbeNHVAoHBAITqKmJvrT+PBUE9JD4o\n" + "yzpo1BZhuzrp2uBrfyUKzI+DHzqYaPgt7b05DKcBXCFom99b8t5pPQkrrtfLz63q\n" + "p+qmKofjAuaHYl6r/kFcYrPk6NQArz6nvKlRFAnoGX1bBMUsvba3+MvXoBb5zdjU\n" + "8d8LhQengqTTMags9Q1QAmSD896QR9exk4FduIRT5GkuY6pNNQDen/VrCkCv/dYr\n" + "5qLGul71/RKQepkJSEUABMbxbeofgCSwZ2oE/kZhYwapgQKBwQD2TySj65PAYBZe\n" + "h0XsQlNsCA6HuVgXv6DdSn16niEUPChtiPxUHHVXnuZCNkHyVOF/mOcQsRWKTUZw\n" + "MmBB1bCleHlxGS6uJ4o9h4wIlDRPNU6Tz59/ynpzBhjerg3rVE/Qe1jvngrxmVEp\n" + "T3v3FwN9IvemE1J2PkB4vr9qPP54KZxvDZ7gu/9EKydqO4fJE0nMMCHYVuEo1XJq\n" + "Tx/pfBc1rXIiGtnpwnrY/l2DoFfJKkYDW3a3lM2WJmqwFXJGr8UCgcArtSJU3ewE\n" + "62J00pX8HJWvOVPrjKfgJvqUmpjLT4/AXNzEEFqij/L98DZU/b1GKGgdSFt3oIii\n" + "8Poeaas8GvtlyRZXONXC1TNzC+dzheF3MQ2euvAwulimvcp/rT1/Dw6ID2PWpthE\n" + "VBpijtoHZ3F2dCYHbYLVlrXC7G4IQ31XUZOujH5xOcZQob815J2+mFsdg/9UBm7c\n" + "uiyti3689G0RW9DM/F+NeJkoEo0D15JweVkSfDcsVTdvNsbeA1Pzzds=\n" + "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t cli_ca3_key = { (unsigned char *)cli_ca3_key_pem, - sizeof(cli_ca3_key_pem) - 1 -}; + sizeof(cli_ca3_key_pem) - 1 }; const gnutls_datum_t cli_ca3_cert = { (unsigned char *)cli_ca3_cert_pem, - sizeof(cli_ca3_cert_pem) - 1 -}; + sizeof(cli_ca3_cert_pem) - 1 }; -const gnutls_datum_t cli_ca3_cert_chain = - { (unsigned char *)cli_ca3_cert_chain_pem, +const gnutls_datum_t cli_ca3_cert_chain = { + (unsigned char *)cli_ca3_cert_chain_pem, sizeof(cli_ca3_cert_chain_pem) - 1 }; static char clidsa_ca3_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEMzCCApugAwIBAgIIV+OL0jeIUYkwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" - "AxMEQ0EtMzAgFw0xNjA5MjIwNzQ0MjBaGA85OTk5MTIzMTIzNTk1OVowFTETMBEG\n" - "A1UEAxMKRFNBIGNsaWVudDCCAbcwggErBgcqhkjOOAQBMIIBHgKBgQD6BQw6J3GB\n" - "Lv8xjTjq6flgCLUYf9wNQO1osjl8F3mP3P0ggZd101pwDG34Kdffby+PTB5rpe8Z\n" - "SUx83ozzCiCcxf+kM4B0B0JP7mlqLrdTyPbWTap8sCMtabKnuR7UWdhsB8WU2Ct9\n" - "/IcCEG2dYcmzzWXE6/Pdo45iCd7lv+fl/wIVAM8gQzNh7394wHpNStxbGq9Xe+7z\n" - "AoGAJuUzfmL64dwFgQDmow8BjA5jI4mPiXc9+HDlUG0xXT65tUqHyg5fTSVm8p+q\n" - "WaklZeWTvuDc7KYofGZolG3LxhBKvIXHiUrD5hJ/cE/qcx89oczD7mChHG8k4a+Y\n" - "sr9/gXMFp8/TUsiTXrPLvEedBiAL9isDGC+ibRswfFYqGKYDgYUAAoGBAOFzLEe4\n" - "9nHYysKSgx6o7LadjsWAcLLHvI4EcmRZf7cHW/S/FCHgpnMn7GvnD4xiaysDFA8A\n" - "XEh9QJutRiLcpp14bVkPd0E+1z3v3LDhwVaJ1DofWEMnAsGoRVkAuEBkND6aNoKI\n" - "AuUMvFlnpU8SD5SZrUQkP22jyMj+mxsJntK9o3YwdDAMBgNVHRMBAf8EAjAAMBMG\n" - "A1UdJQQMMAoGCCsGAQUFBwMCMA8GA1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFCnQ\n" - "ScP7Ao3G+SjKY0a5DEmNF5X+MB8GA1UdIwQYMBaAFPmohhljtqQUE2B2DwGaNTbv\n" - "8bSvMA0GCSqGSIb3DQEBCwUAA4IBgQArAfKJgKd6Sz7BW0m46T4DxXWsrlYVc76M\n" - "metxnSBDZdWzRbP6dGXGkKH1J2Oftv3kVrRL8amDz7DLRE6pBAUDx+5Es/dheTNA\n" - "juIVZuKzSYoRPtuiO1gHvRPvyV/2HUpnLl+w2qW/Df4ZWlHz6ujuYFzhdWueon+t\n" - "7/JtabcuBxK6gFyNs+A0fHjszpWtZxUXuik1t4y9IcEV6Ig+vWk+GNwVAs5lQenv\n" - "7IhIg1EWxBNiRF3yKINAiyFkM4FcFEPqlbijX9xDorCK2Xn4HLIN2oUQJFYDqVOV\n" - "KGg0rMmeJ8rRZI0ELK89SdPyALe4HQzKnQtzxy45oq+Vv7A8B0lorTMPIq3WKxo4\n" - "mXJdEF2aYxeUsMYBDZOOslBc8UMaUAF8ncrk6eNqJoDZCxElfgDXx4CfM8Lh0V2c\n" - "MDBXeiNUf1HWcCkvnMPGLXZXez/5abnhNIFqDsmRxuhUqlTbarq3CxjAWMjQRb9c\n" - "SWUGHPlOkmEGRv5JB6djjpRFRwtHLNc=\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIEMzCCApugAwIBAgIIV+OL0jeIUYkwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" + "AxMEQ0EtMzAgFw0xNjA5MjIwNzQ0MjBaGA85OTk5MTIzMTIzNTk1OVowFTETMBEG\n" + "A1UEAxMKRFNBIGNsaWVudDCCAbcwggErBgcqhkjOOAQBMIIBHgKBgQD6BQw6J3GB\n" + "Lv8xjTjq6flgCLUYf9wNQO1osjl8F3mP3P0ggZd101pwDG34Kdffby+PTB5rpe8Z\n" + "SUx83ozzCiCcxf+kM4B0B0JP7mlqLrdTyPbWTap8sCMtabKnuR7UWdhsB8WU2Ct9\n" + "/IcCEG2dYcmzzWXE6/Pdo45iCd7lv+fl/wIVAM8gQzNh7394wHpNStxbGq9Xe+7z\n" + "AoGAJuUzfmL64dwFgQDmow8BjA5jI4mPiXc9+HDlUG0xXT65tUqHyg5fTSVm8p+q\n" + "WaklZeWTvuDc7KYofGZolG3LxhBKvIXHiUrD5hJ/cE/qcx89oczD7mChHG8k4a+Y\n" + "sr9/gXMFp8/TUsiTXrPLvEedBiAL9isDGC+ibRswfFYqGKYDgYUAAoGBAOFzLEe4\n" + "9nHYysKSgx6o7LadjsWAcLLHvI4EcmRZf7cHW/S/FCHgpnMn7GvnD4xiaysDFA8A\n" + "XEh9QJutRiLcpp14bVkPd0E+1z3v3LDhwVaJ1DofWEMnAsGoRVkAuEBkND6aNoKI\n" + "AuUMvFlnpU8SD5SZrUQkP22jyMj+mxsJntK9o3YwdDAMBgNVHRMBAf8EAjAAMBMG\n" + "A1UdJQQMMAoGCCsGAQUFBwMCMA8GA1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFCnQ\n" + "ScP7Ao3G+SjKY0a5DEmNF5X+MB8GA1UdIwQYMBaAFPmohhljtqQUE2B2DwGaNTbv\n" + "8bSvMA0GCSqGSIb3DQEBCwUAA4IBgQArAfKJgKd6Sz7BW0m46T4DxXWsrlYVc76M\n" + "metxnSBDZdWzRbP6dGXGkKH1J2Oftv3kVrRL8amDz7DLRE6pBAUDx+5Es/dheTNA\n" + "juIVZuKzSYoRPtuiO1gHvRPvyV/2HUpnLl+w2qW/Df4ZWlHz6ujuYFzhdWueon+t\n" + "7/JtabcuBxK6gFyNs+A0fHjszpWtZxUXuik1t4y9IcEV6Ig+vWk+GNwVAs5lQenv\n" + "7IhIg1EWxBNiRF3yKINAiyFkM4FcFEPqlbijX9xDorCK2Xn4HLIN2oUQJFYDqVOV\n" + "KGg0rMmeJ8rRZI0ELK89SdPyALe4HQzKnQtzxy45oq+Vv7A8B0lorTMPIq3WKxo4\n" + "mXJdEF2aYxeUsMYBDZOOslBc8UMaUAF8ncrk6eNqJoDZCxElfgDXx4CfM8Lh0V2c\n" + "MDBXeiNUf1HWcCkvnMPGLXZXez/5abnhNIFqDsmRxuhUqlTbarq3CxjAWMjQRb9c\n" + "SWUGHPlOkmEGRv5JB6djjpRFRwtHLNc=\n" + "-----END CERTIFICATE-----\n"; static char clidsa_ca3_key_pem[] = - "-----BEGIN DSA PRIVATE KEY-----\n" - "MIIBuwIBAAKBgQD6BQw6J3GBLv8xjTjq6flgCLUYf9wNQO1osjl8F3mP3P0ggZd1\n" - "01pwDG34Kdffby+PTB5rpe8ZSUx83ozzCiCcxf+kM4B0B0JP7mlqLrdTyPbWTap8\n" - "sCMtabKnuR7UWdhsB8WU2Ct9/IcCEG2dYcmzzWXE6/Pdo45iCd7lv+fl/wIVAM8g\n" - "QzNh7394wHpNStxbGq9Xe+7zAoGAJuUzfmL64dwFgQDmow8BjA5jI4mPiXc9+HDl\n" - "UG0xXT65tUqHyg5fTSVm8p+qWaklZeWTvuDc7KYofGZolG3LxhBKvIXHiUrD5hJ/\n" - "cE/qcx89oczD7mChHG8k4a+Ysr9/gXMFp8/TUsiTXrPLvEedBiAL9isDGC+ibRsw\n" - "fFYqGKYCgYEA4XMsR7j2cdjKwpKDHqjstp2OxYBwsse8jgRyZFl/twdb9L8UIeCm\n" - "cyfsa+cPjGJrKwMUDwBcSH1Am61GItymnXhtWQ93QT7XPe/csOHBVonUOh9YQycC\n" - "wahFWQC4QGQ0Ppo2gogC5Qy8WWelTxIPlJmtRCQ/baPIyP6bGwme0r0CFDUW6VNf\n" - "FgAdB5hhtag7oTw45a72\n" "-----END DSA PRIVATE KEY-----\n"; + "-----BEGIN DSA PRIVATE KEY-----\n" + "MIIBuwIBAAKBgQD6BQw6J3GBLv8xjTjq6flgCLUYf9wNQO1osjl8F3mP3P0ggZd1\n" + "01pwDG34Kdffby+PTB5rpe8ZSUx83ozzCiCcxf+kM4B0B0JP7mlqLrdTyPbWTap8\n" + "sCMtabKnuR7UWdhsB8WU2Ct9/IcCEG2dYcmzzWXE6/Pdo45iCd7lv+fl/wIVAM8g\n" + "QzNh7394wHpNStxbGq9Xe+7zAoGAJuUzfmL64dwFgQDmow8BjA5jI4mPiXc9+HDl\n" + "UG0xXT65tUqHyg5fTSVm8p+qWaklZeWTvuDc7KYofGZolG3LxhBKvIXHiUrD5hJ/\n" + "cE/qcx89oczD7mChHG8k4a+Ysr9/gXMFp8/TUsiTXrPLvEedBiAL9isDGC+ibRsw\n" + "fFYqGKYCgYEA4XMsR7j2cdjKwpKDHqjstp2OxYBwsse8jgRyZFl/twdb9L8UIeCm\n" + "cyfsa+cPjGJrKwMUDwBcSH1Am61GItymnXhtWQ93QT7XPe/csOHBVonUOh9YQycC\n" + "wahFWQC4QGQ0Ppo2gogC5Qy8WWelTxIPlJmtRCQ/baPIyP6bGwme0r0CFDUW6VNf\n" + "FgAdB5hhtag7oTw45a72\n" + "-----END DSA PRIVATE KEY-----\n"; const gnutls_datum_t clidsa_ca3_key = { (unsigned char *)clidsa_ca3_key_pem, - sizeof(clidsa_ca3_key_pem) - 1 -}; + sizeof(clidsa_ca3_key_pem) - 1 }; const gnutls_datum_t clidsa_ca3_cert = { (unsigned char *)clidsa_ca3_cert_pem, - sizeof(clidsa_ca3_cert_pem) - 1 -}; + sizeof(clidsa_ca3_cert_pem) - 1 }; static char cligost01_ca3_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIC4zCCAUugAwIBAgIIWcZXXAz6FbgwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" - "AxMEQ0EtMzAgFw0xNzA5MjMxMjQ1MTdaGA85OTk5MTIzMTIzNTk1OVowGzEZMBcG\n" - "A1UEAxMQR09TVC0yMDAxIGNsaWVudDBjMBwGBiqFAwICEzASBgcqhQMCAiQABgcq\n" - "hQMCAh4BA0MABEBuvOEDe9xPJY9jsnFckLyQ6B5XeDi4Wo2E4c05im/3iI+rlWGI\n" - "rTc6hMmWca0BVDL0lObZ0ZHb4Vhy0XREgvtro3YwdDAMBgNVHRMBAf8EAjAAMBMG\n" - "A1UdJQQMMAoGCCsGAQUFBwMCMA8GA1UdDwEB/wQFAwMHsAAwHQYDVR0OBBYEFCck\n" - "yCTDt+A6zS8SnMRrgbyjeQmoMB8GA1UdIwQYMBaAFPmohhljtqQUE2B2DwGaNTbv\n" - "8bSvMA0GCSqGSIb3DQEBCwUAA4IBgQACkq/DQhHMEZPL0NwPFpnf2+RDviEuRE+C\n" - "xaOMTbHgxIUSy6xQAaHXK5hNr9xk87OFPPXmNKPl1nVBXrDF0aj+YUVBT2QeJIpA\n" - "APfyjnPtdZpRl3MXrJbQ/VBCdShvmKhspiOkGO6K8ETDeqE57qtPsUaGApfNK7oL\n" - "WgevmnkaQqNTVJglOoB5o5IDNv0JuFEkKSEvCgS25OV+gl0rRHmWDaIdQtDJLQjV\n" - "24b99/woYj0Ql8WfvMUUUYqTX03zmV56k5DgoNusTxKG+r71WQwbeb3XiVjof6I7\n" - "ll3ANTdyf/KrysLx/tk1pNgfangArpAZzbCRejTQVYdVfCf3KDdwXvKlTHy9Jv+p\n" - "ZUSf7kMnBqcUHpbceiyHFCXNAKIdrMDkTJAeee7ktpeYMfdO9oBki+6a8RJjNHIr\n" - "wHe0DcExV7UsokG6jMl8kH7gb7EW0UphL3ncWyY8C4jbtf/q1kci6SZDcapXBpGp\n" - "adJdx9bycdOUm1cGiboUMMPiCA5bO+Q=\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIC4zCCAUugAwIBAgIIWcZXXAz6FbgwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" + "AxMEQ0EtMzAgFw0xNzA5MjMxMjQ1MTdaGA85OTk5MTIzMTIzNTk1OVowGzEZMBcG\n" + "A1UEAxMQR09TVC0yMDAxIGNsaWVudDBjMBwGBiqFAwICEzASBgcqhQMCAiQABgcq\n" + "hQMCAh4BA0MABEBuvOEDe9xPJY9jsnFckLyQ6B5XeDi4Wo2E4c05im/3iI+rlWGI\n" + "rTc6hMmWca0BVDL0lObZ0ZHb4Vhy0XREgvtro3YwdDAMBgNVHRMBAf8EAjAAMBMG\n" + "A1UdJQQMMAoGCCsGAQUFBwMCMA8GA1UdDwEB/wQFAwMHsAAwHQYDVR0OBBYEFCck\n" + "yCTDt+A6zS8SnMRrgbyjeQmoMB8GA1UdIwQYMBaAFPmohhljtqQUE2B2DwGaNTbv\n" + "8bSvMA0GCSqGSIb3DQEBCwUAA4IBgQACkq/DQhHMEZPL0NwPFpnf2+RDviEuRE+C\n" + "xaOMTbHgxIUSy6xQAaHXK5hNr9xk87OFPPXmNKPl1nVBXrDF0aj+YUVBT2QeJIpA\n" + "APfyjnPtdZpRl3MXrJbQ/VBCdShvmKhspiOkGO6K8ETDeqE57qtPsUaGApfNK7oL\n" + "WgevmnkaQqNTVJglOoB5o5IDNv0JuFEkKSEvCgS25OV+gl0rRHmWDaIdQtDJLQjV\n" + "24b99/woYj0Ql8WfvMUUUYqTX03zmV56k5DgoNusTxKG+r71WQwbeb3XiVjof6I7\n" + "ll3ANTdyf/KrysLx/tk1pNgfangArpAZzbCRejTQVYdVfCf3KDdwXvKlTHy9Jv+p\n" + "ZUSf7kMnBqcUHpbceiyHFCXNAKIdrMDkTJAeee7ktpeYMfdO9oBki+6a8RJjNHIr\n" + "wHe0DcExV7UsokG6jMl8kH7gb7EW0UphL3ncWyY8C4jbtf/q1kci6SZDcapXBpGp\n" + "adJdx9bycdOUm1cGiboUMMPiCA5bO+Q=\n" + "-----END CERTIFICATE-----\n"; static char cligost01_ca3_key_pem[] = - "-----BEGIN PRIVATE KEY-----\n" - "MEUCAQAwHAYGKoUDAgITMBIGByqFAwICJAAGByqFAwICHgEEIgQgVPdBJeLrp/Zh\n" - "2tiV6qz9N6HraKTFTKz4alNuGhK2iLM=\n" "-----END PRIVATE KEY-----\n"; + "-----BEGIN PRIVATE KEY-----\n" + "MEUCAQAwHAYGKoUDAgITMBIGByqFAwICJAAGByqFAwICHgEEIgQgVPdBJeLrp/Zh\n" + "2tiV6qz9N6HraKTFTKz4alNuGhK2iLM=\n" + "-----END PRIVATE KEY-----\n"; -const gnutls_datum_t cligost01_ca3_key = - { (unsigned char *)cligost01_ca3_key_pem, +const gnutls_datum_t cligost01_ca3_key = { + (unsigned char *)cligost01_ca3_key_pem, sizeof(cligost01_ca3_key_pem) - 1 }; -const gnutls_datum_t cligost01_ca3_cert = - { (unsigned char *)cligost01_ca3_cert_pem, +const gnutls_datum_t cligost01_ca3_cert = { + (unsigned char *)cligost01_ca3_cert_pem, sizeof(cligost01_ca3_cert_pem) - 1 }; static char cligost12_256_ca3_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIC6jCCAVKgAwIBAgIIWcalgS6c0DMwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" - "AxMEQ0EtMzAgFw0xNzA5MjMxODE4NDJaGA85OTk5MTIzMTIzNTk1OVowHzEdMBsG\n" - "A1UEAxMUR09TVCAyMDEyLzI1NiBjbGllbnQwZjAfBggqhQMHAQEBATATBgcqhQMC\n" - "AiQABggqhQMHAQECAgNDAARArjme5Fb62BC4uPT8vQVim3xTjYY/RVvvUtAfYluY\n" - "o+8Zjz8A8VTFejK0Zok5f1dssbzrrHtRODJZsCuAjypIXqN2MHQwDAYDVR0TAQH/\n" - "BAIwADATBgNVHSUEDDAKBggrBgEFBQcDAjAPBgNVHQ8BAf8EBQMDB7AAMB0GA1Ud\n" - "DgQWBBTzHDVZRnSgaq4M3B7NdLResyKgajAfBgNVHSMEGDAWgBT5qIYZY7akFBNg\n" - "dg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAtAGi0lQdBC9Mp/TdqYFuMIDr\n" - "o/xGbie6Eq33BiqXo6B5DOiPZcE1Mi+y4htefvrEBkN4OLy4PbUHlfEC/ATs3X9S\n" - "cUHucm6gkyzUxTLPYPfTmXD24MRFDAJQKMvX8Pklbi7HyFZVYIQaJfEohaQZmuYR\n" - "S7Z03MW0Cbz6j7LGQl1Pyix78BLKeyLyAzQz63+hCuO46xp7TaGDKGI79Dd6Od0p\n" - "oY/B/MxfuP3RXhHrpjgp+Ev08dYoCH3Snps+TYWSyhkN0VhGRJgE5Tnhdly8XMW3\n" - "WKZqGYmWG+rBtiTgA6FZrw0qYwAsmN3yCo5pE+Ukd0Q5L0tugc0a9HK53AftG/zV\n" - "qf0DI+E4dEnUkVhdEQbW+rujGpAR0sgjgar5Zvwuu92BaV+AFucj7hVP1fqDySmp\n" - "E52EzrFcnCYrZb19aDJKgWevG5Vh6OEcu8Vx/zVFOoTx9ZCXniVLm7PaXyKXdhLv\n" - "Vhg3mi7koFAPGlTiKldJ/LKKPW0yti3I8L/p2F5+\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIC6jCCAVKgAwIBAgIIWcalgS6c0DMwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" + "AxMEQ0EtMzAgFw0xNzA5MjMxODE4NDJaGA85OTk5MTIzMTIzNTk1OVowHzEdMBsG\n" + "A1UEAxMUR09TVCAyMDEyLzI1NiBjbGllbnQwZjAfBggqhQMHAQEBATATBgcqhQMC\n" + "AiQABggqhQMHAQECAgNDAARArjme5Fb62BC4uPT8vQVim3xTjYY/RVvvUtAfYluY\n" + "o+8Zjz8A8VTFejK0Zok5f1dssbzrrHtRODJZsCuAjypIXqN2MHQwDAYDVR0TAQH/\n" + "BAIwADATBgNVHSUEDDAKBggrBgEFBQcDAjAPBgNVHQ8BAf8EBQMDB7AAMB0GA1Ud\n" + "DgQWBBTzHDVZRnSgaq4M3B7NdLResyKgajAfBgNVHSMEGDAWgBT5qIYZY7akFBNg\n" + "dg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAtAGi0lQdBC9Mp/TdqYFuMIDr\n" + "o/xGbie6Eq33BiqXo6B5DOiPZcE1Mi+y4htefvrEBkN4OLy4PbUHlfEC/ATs3X9S\n" + "cUHucm6gkyzUxTLPYPfTmXD24MRFDAJQKMvX8Pklbi7HyFZVYIQaJfEohaQZmuYR\n" + "S7Z03MW0Cbz6j7LGQl1Pyix78BLKeyLyAzQz63+hCuO46xp7TaGDKGI79Dd6Od0p\n" + "oY/B/MxfuP3RXhHrpjgp+Ev08dYoCH3Snps+TYWSyhkN0VhGRJgE5Tnhdly8XMW3\n" + "WKZqGYmWG+rBtiTgA6FZrw0qYwAsmN3yCo5pE+Ukd0Q5L0tugc0a9HK53AftG/zV\n" + "qf0DI+E4dEnUkVhdEQbW+rujGpAR0sgjgar5Zvwuu92BaV+AFucj7hVP1fqDySmp\n" + "E52EzrFcnCYrZb19aDJKgWevG5Vh6OEcu8Vx/zVFOoTx9ZCXniVLm7PaXyKXdhLv\n" + "Vhg3mi7koFAPGlTiKldJ/LKKPW0yti3I8L/p2F5+\n" + "-----END CERTIFICATE-----\n"; static char cligost12_256_ca3_key_pem[] = - "-----BEGIN PRIVATE KEY-----\n" - "MEgCAQAwHwYIKoUDBwEBAQEwEwYHKoUDAgIkAAYIKoUDBwEBAgIEIgQgnA1XIfe2\n" - "V3D0UVFQTRCHolA9v+r5cDt2tlr1gTZbDC8=\n" "-----END PRIVATE KEY-----\n"; + "-----BEGIN PRIVATE KEY-----\n" + "MEgCAQAwHwYIKoUDBwEBAQEwEwYHKoUDAgIkAAYIKoUDBwEBAgIEIgQgnA1XIfe2\n" + "V3D0UVFQTRCHolA9v+r5cDt2tlr1gTZbDC8=\n" + "-----END PRIVATE KEY-----\n"; -const gnutls_datum_t cligost12_256_ca3_key = - { (unsigned char *)cligost12_256_ca3_key_pem, +const gnutls_datum_t cligost12_256_ca3_key = { + (unsigned char *)cligost12_256_ca3_key_pem, sizeof(cligost12_256_ca3_key_pem) - 1 }; -const gnutls_datum_t cligost12_256_ca3_cert = - { (unsigned char *)cligost12_256_ca3_cert_pem, +const gnutls_datum_t cligost12_256_ca3_cert = { + (unsigned char *)cligost12_256_ca3_cert_pem, sizeof(cligost12_256_ca3_cert_pem) - 1 }; static char cligost12_512_ca3_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDLzCCAZegAwIBAgIIWcalYA16syEwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" - "AxMEQ0EtMzAgFw0xNzA5MjMxODE4MDhaGA85OTk5MTIzMTIzNTk1OVowHzEdMBsG\n" - "A1UEAxMUR09TVCAyMDEyLzUxMiBjbGllbnQwgaowIQYIKoUDBwEBAQIwFQYJKoUD\n" - "BwECAQIBBggqhQMHAQECAwOBhAAEgYCyAdmv9viBTnemLvULAZ9RyaEf37ZAydKj\n" - "E3qLbZ5tTxgLAYhIIGApVPVb5SZxge3u2qY/ekkHjz9Asn5cPQ69wCvce87+2u1f\n" - "XcATUzYvR3UIL25C5BbNjDjGnufhjYAwT6uZ5xQ7j8/Wfr0MZU04O2CSUquKqfrB\n" - "DA81M2HvUqN2MHQwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEFBQcDAjAP\n" - "BgNVHQ8BAf8EBQMDB7AAMB0GA1UdDgQWBBRYXgWHcQazcPFyxKrgRdfd2IPBozAf\n" - "BgNVHSMEGDAWgBT5qIYZY7akFBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOC\n" - "AYEAUOpvomUtaFQm5O8bEQk/d3ghZLzwfMKRngSq0XbXDi8t+TV+kFvkzJ/hrAOP\n" - "/HPCQdnEvdV2HyZzDb9b8cVegRHPPooKSV8+HCTNVXNKZPRSlE42S5kFIAnAxbs5\n" - "vzGfipp6jQe9dqlCYseikxnE31o3AX7QAlNBaXELu0JnEY5BoJeKoja8XS40b1k9\n" - "kKRwAGkdh1OcAy6pW8AH4m61RMDWFzmPGgcb0JiDNp+9HQDSkG904niU8AlvmoQD\n" - "Q2AVd9mam4NIjmA0hkVuSh+7Tn2XnoGoGxN/+u72qaSUA6ybkbtkIKpMeJ8vciI1\n" - "6GRhBYpI0OuRiAIbDA9WhfCCKwj9ZaIsSSHC7qADRz3bR/89Et1mM40v5jbYNDkV\n" - "1cvlca3+pK3DxNP7y/q3QoUz8++z9VXzsdVHc4wNUyg4E8mjMcdLlRsZbST0WjX+\n" - "IhxAkfOexMu3nJ3EVbjgvox6eIxjiTWr2DP6x666UztrnFSBhhypwKHb8jW7PYJ2\n" - "lWlI\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIDLzCCAZegAwIBAgIIWcalYA16syEwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" + "AxMEQ0EtMzAgFw0xNzA5MjMxODE4MDhaGA85OTk5MTIzMTIzNTk1OVowHzEdMBsG\n" + "A1UEAxMUR09TVCAyMDEyLzUxMiBjbGllbnQwgaowIQYIKoUDBwEBAQIwFQYJKoUD\n" + "BwECAQIBBggqhQMHAQECAwOBhAAEgYCyAdmv9viBTnemLvULAZ9RyaEf37ZAydKj\n" + "E3qLbZ5tTxgLAYhIIGApVPVb5SZxge3u2qY/ekkHjz9Asn5cPQ69wCvce87+2u1f\n" + "XcATUzYvR3UIL25C5BbNjDjGnufhjYAwT6uZ5xQ7j8/Wfr0MZU04O2CSUquKqfrB\n" + "DA81M2HvUqN2MHQwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEFBQcDAjAP\n" + "BgNVHQ8BAf8EBQMDB7AAMB0GA1UdDgQWBBRYXgWHcQazcPFyxKrgRdfd2IPBozAf\n" + "BgNVHSMEGDAWgBT5qIYZY7akFBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOC\n" + "AYEAUOpvomUtaFQm5O8bEQk/d3ghZLzwfMKRngSq0XbXDi8t+TV+kFvkzJ/hrAOP\n" + "/HPCQdnEvdV2HyZzDb9b8cVegRHPPooKSV8+HCTNVXNKZPRSlE42S5kFIAnAxbs5\n" + "vzGfipp6jQe9dqlCYseikxnE31o3AX7QAlNBaXELu0JnEY5BoJeKoja8XS40b1k9\n" + "kKRwAGkdh1OcAy6pW8AH4m61RMDWFzmPGgcb0JiDNp+9HQDSkG904niU8AlvmoQD\n" + "Q2AVd9mam4NIjmA0hkVuSh+7Tn2XnoGoGxN/+u72qaSUA6ybkbtkIKpMeJ8vciI1\n" + "6GRhBYpI0OuRiAIbDA9WhfCCKwj9ZaIsSSHC7qADRz3bR/89Et1mM40v5jbYNDkV\n" + "1cvlca3+pK3DxNP7y/q3QoUz8++z9VXzsdVHc4wNUyg4E8mjMcdLlRsZbST0WjX+\n" + "IhxAkfOexMu3nJ3EVbjgvox6eIxjiTWr2DP6x666UztrnFSBhhypwKHb8jW7PYJ2\n" + "lWlI\n" + "-----END CERTIFICATE-----\n"; static char cligost12_512_ca3_key_pem[] = - "-----BEGIN PRIVATE KEY-----\n" - "MGoCAQAwIQYIKoUDBwEBAQIwFQYJKoUDBwECAQIBBggqhQMHAQECAwRCBEA9uga7\n" - "LIPp1heDZYj5EozNtbrmsKYMXrFasBIVAFFVQVFd6/+YjttV6Vmx16OFWrM+/ydX\n" - "rB0aUqYPU8w5DUyk\n" "-----END PRIVATE KEY-----\n"; - -const gnutls_datum_t cligost12_512_ca3_key = - { (unsigned char *)cligost12_512_ca3_key_pem, + "-----BEGIN PRIVATE KEY-----\n" + "MGoCAQAwIQYIKoUDBwEBAQIwFQYJKoUDBwECAQIBBggqhQMHAQECAwRCBEA9uga7\n" + "LIPp1heDZYj5EozNtbrmsKYMXrFasBIVAFFVQVFd6/+YjttV6Vmx16OFWrM+/ydX\n" + "rB0aUqYPU8w5DUyk\n" + "-----END PRIVATE KEY-----\n"; + +const gnutls_datum_t cligost12_512_ca3_key = { + (unsigned char *)cligost12_512_ca3_key_pem, sizeof(cligost12_512_ca3_key_pem) - 1 }; -const gnutls_datum_t cligost12_512_ca3_cert = - { (unsigned char *)cligost12_512_ca3_cert_pem, +const gnutls_datum_t cligost12_512_ca3_cert = { + (unsigned char *)cligost12_512_ca3_cert_pem, sizeof(cligost12_512_ca3_cert_pem) - 1 }; static char server_ca3_ecc_key_pem[] = - "-----BEGIN EC PRIVATE KEY-----\n" - "MHgCAQEEIQDn1XFX7QxTKXl2ekfSrEARsq+06ySEeeOB+N0igwcNLqAKBggqhkjO\n" - "PQMBB6FEA0IABG1J5VZy+PMTNJSuog4R3KmhbmIejOZZgPNtxkJcIubJIIO68kkd\n" - "GK04pl/ReivZAwibv+85lpT4sm/9RBVhLZM=\n" "-----END EC PRIVATE KEY-----\n"; - -const gnutls_datum_t server_ca3_ecc_key = - { (unsigned char *)server_ca3_ecc_key_pem, + "-----BEGIN EC PRIVATE KEY-----\n" + "MHgCAQEEIQDn1XFX7QxTKXl2ekfSrEARsq+06ySEeeOB+N0igwcNLqAKBggqhkjO\n" + "PQMBB6FEA0IABG1J5VZy+PMTNJSuog4R3KmhbmIejOZZgPNtxkJcIubJIIO68kkd\n" + "GK04pl/ReivZAwibv+85lpT4sm/9RBVhLZM=\n" + "-----END EC PRIVATE KEY-----\n"; + +const gnutls_datum_t server_ca3_ecc_key = { + (unsigned char *)server_ca3_ecc_key_pem, sizeof(server_ca3_ecc_key_pem) - 1 }; static char server_ca3_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIG5AIBAAKCAYEA2T14maos98C7s/geGZybgqYSxF+5NeTXKWpi9/vXmuIF8n3h\n" - "Uh20mooT2rgVHAzFWy/8H5IcWIiUQl+8KhyJCSuBJ+WhM0gw2uqSPwiOZUm4l3TQ\n" - "xmxS4eW/Brr4X88svJQ4xTTct2m5H1Nu9LZ8xWOZpGMGII7jf0YD6odG/DHE/sVH\n" - "jfceD7kl15jAta97+8uCbjMRPGcxg4VtmkCuSLOkGL9FhC0uYVbwfBnT+V0MEycO\n" - "Bx+Yv2BEu0xDVdkQcs0WPIRUPUmyuWBxxqLM1SSJSLsZub/DdiINXFure7dx57mW\n" - "w2EQwhETIhIoAc/LxGWchbDC4OWeyYjSkhv3/hEfQswyVx4MQXLVfRBHNipkU9T/\n" - "SXiP8WVDpfZSpY3PrfJtFJtwLMeXblpuLXGZuxXnJ2iYk1w/7RBuuKkylrQ7qCO/\n" - "l/TIx3uZb39oCCU9wqCltuEZ+jtX3PaAgp1QItFehSzOF2hudF/TQuuukVRBZF4o\n" - "fExwNYAvZvTSTKw9AgMBAAECggGAel8TMVRYMlOCKJWqtvit7QGJ7s6RMRewUCca\n" - "iuB1ikyp1vgr1argEnGXT4yEb6GOBpjYKByRFRoSkfUFtJ8QXncAMS48CPwwcRDT\n" - "wugZ9lp5ve9Sr4NTiOZ3Hd5yjN3SMIQ6GnR1pGfMnSXNidHGJRa+9IfHas2yvv38\n" - "tL7xMJ0EgBM3BHRgnbDI7VKhs3afm63+0f64RdNHY/PkUpD+2/s9g6czDIq65qAn\n" - "pXCTJJPSenN0hnS5AYzECtGh2JkFjXpF5B7/2pvZjqsy8eyjZURoQFLA5wWhLVr5\n" - "AQDJzeK//D6OMAd6kuLKezQxVIN0F0eC6XKEhEvq96xegQk3aMXk2jCHz6IYV6pm\n" - "zdnfIvP5fIP1HsL8JPiCQqBp7/MoSKlz/DCHH/6iQgQkIhxw/nYJd1+kjhHpm969\n" - "fw6WzzCA7om0CbKhuHjRnnwk1OylqKhTrgfO1mcaEoH90NIszE3j5pwqiPMdv+J0\n" - "k25pjaMDgeOd3bO8SW/oWQEH5LbBAoHBAP7QAaYg4Fsm0zr1Jvup6MsJdsI+2aTh\n" - "4E+hrx/MKsd78mQpRNXvEVIeopp214rzqW/dv/4vMBoV9tRCuw5cJCZCHaeGZ4JF\n" - "pU/+nBliukanL3XMN5Fp74vVthuQp69u3fa6YHHvL2L6EahSrHrbSE4+C5VYOV+Z\n" - "nfKDHD9Vo1zH8Fjxl7JJWI/LgSXCChm6Y9Vq7LviL7hZc4BdCbGJfAfv56oGHavE\n" - "zxU639fBbdhavNl6b9i7AeTD4Ad1KbsFrQKBwQDaQKP0eegbnHfHOdE+mb2aMtVN\n" - "f3BI25VsBoNWD2A0VEFMQClUPMH17OyS2YidYeVbcneef3VlgrIJZvlRsr76LHxP\n" - "vVtEug6ZgX5WS/DiJiZWESVJrGZ+gaeUIONGFObGO+Evvoe5bqSwm2Bu05HONb56\n" - "Q5qx7gfo+kfxHm2vjOOKpc/ceEz2QeJ3rOGoetocmaObHcgFOFO0UC2oyAJ3MAtY\n" - "8SkyiUJ/jDdCZbkVegT9kGe9OLKMpenG058uctECgcEAozqgM8mPrxR576SnakN3\n" - "isjvOJOGXGcNiDVst5PUO6Gcrqj5HYpdsBtL0mMaxDo+ahjFKpET4UH8shBlP1er\n" - "GI717CDfIcZ3lXzmhiSGa0gh0PYXCqGwAAXQ+Gt735fHvIu7yICN/Htw4EDFmJXs\n" - "BaMdTHgNmL4RPg7bA39afM7fmjp5EI6HmuWkP4nDaqPJ3Cb4q4rDQvaaVLpEwWPu\n" - "/i6iWno8e5JBjbn/NnkEYroNi8sw5sc0+VS4qE5XgySpAoHBAMB9bF0tu4nGqVl7\n" - "49FrdO7v0HLGZ/jKOfIJmIIpk3bzrJecqxbRc1v79vbZhwUPl2LdBSU0Uw0RhQaH\n" - "3HKyzH8HByio4DswQbofnJZt6ej7LqqP+qwMsmT24x7hFrHzs0m4/DXIvBnOvM/K\n" - "afW1AY62leVthJ1TS4SuYQ8HAERpZTIeZcKUE4TJvPxB7NBUcdPxqXsgfA4mjKSm\n" - "Zm7K4GnQZOGv6N7aclzeBMq5vtBzSr18RBJ+U/N6TUH/2Q/1UQKBwEPgS+LJCJAs\n" - "qaeBPTgiuzv2a6umQpezxjCispnU5e0sOFHV/f5NVuEZDrdH7WDHAX8nAU8TdDZM\n" - "/fqM4oOZJOY9yVsyXK9dN7YcG6lxlNbC8S4FatDorDr3DxmbeYqEMUfOR+H4VvgR\n" - "OHw+G5gmNHBAh30wDR+bxepSNBAexjo18zbMgNJsdyjU8s562Q7/ejcTgqZYt4nZ\n" - "r6wql68K+fJ1W38b+ENQ46bZZMvAh8z4MZyzBvS8M/grD0WBBwrWLA==\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIG5AIBAAKCAYEA2T14maos98C7s/geGZybgqYSxF+5NeTXKWpi9/vXmuIF8n3h\n" + "Uh20mooT2rgVHAzFWy/8H5IcWIiUQl+8KhyJCSuBJ+WhM0gw2uqSPwiOZUm4l3TQ\n" + "xmxS4eW/Brr4X88svJQ4xTTct2m5H1Nu9LZ8xWOZpGMGII7jf0YD6odG/DHE/sVH\n" + "jfceD7kl15jAta97+8uCbjMRPGcxg4VtmkCuSLOkGL9FhC0uYVbwfBnT+V0MEycO\n" + "Bx+Yv2BEu0xDVdkQcs0WPIRUPUmyuWBxxqLM1SSJSLsZub/DdiINXFure7dx57mW\n" + "w2EQwhETIhIoAc/LxGWchbDC4OWeyYjSkhv3/hEfQswyVx4MQXLVfRBHNipkU9T/\n" + "SXiP8WVDpfZSpY3PrfJtFJtwLMeXblpuLXGZuxXnJ2iYk1w/7RBuuKkylrQ7qCO/\n" + "l/TIx3uZb39oCCU9wqCltuEZ+jtX3PaAgp1QItFehSzOF2hudF/TQuuukVRBZF4o\n" + "fExwNYAvZvTSTKw9AgMBAAECggGAel8TMVRYMlOCKJWqtvit7QGJ7s6RMRewUCca\n" + "iuB1ikyp1vgr1argEnGXT4yEb6GOBpjYKByRFRoSkfUFtJ8QXncAMS48CPwwcRDT\n" + "wugZ9lp5ve9Sr4NTiOZ3Hd5yjN3SMIQ6GnR1pGfMnSXNidHGJRa+9IfHas2yvv38\n" + "tL7xMJ0EgBM3BHRgnbDI7VKhs3afm63+0f64RdNHY/PkUpD+2/s9g6czDIq65qAn\n" + "pXCTJJPSenN0hnS5AYzECtGh2JkFjXpF5B7/2pvZjqsy8eyjZURoQFLA5wWhLVr5\n" + "AQDJzeK//D6OMAd6kuLKezQxVIN0F0eC6XKEhEvq96xegQk3aMXk2jCHz6IYV6pm\n" + "zdnfIvP5fIP1HsL8JPiCQqBp7/MoSKlz/DCHH/6iQgQkIhxw/nYJd1+kjhHpm969\n" + "fw6WzzCA7om0CbKhuHjRnnwk1OylqKhTrgfO1mcaEoH90NIszE3j5pwqiPMdv+J0\n" + "k25pjaMDgeOd3bO8SW/oWQEH5LbBAoHBAP7QAaYg4Fsm0zr1Jvup6MsJdsI+2aTh\n" + "4E+hrx/MKsd78mQpRNXvEVIeopp214rzqW/dv/4vMBoV9tRCuw5cJCZCHaeGZ4JF\n" + "pU/+nBliukanL3XMN5Fp74vVthuQp69u3fa6YHHvL2L6EahSrHrbSE4+C5VYOV+Z\n" + "nfKDHD9Vo1zH8Fjxl7JJWI/LgSXCChm6Y9Vq7LviL7hZc4BdCbGJfAfv56oGHavE\n" + "zxU639fBbdhavNl6b9i7AeTD4Ad1KbsFrQKBwQDaQKP0eegbnHfHOdE+mb2aMtVN\n" + "f3BI25VsBoNWD2A0VEFMQClUPMH17OyS2YidYeVbcneef3VlgrIJZvlRsr76LHxP\n" + "vVtEug6ZgX5WS/DiJiZWESVJrGZ+gaeUIONGFObGO+Evvoe5bqSwm2Bu05HONb56\n" + "Q5qx7gfo+kfxHm2vjOOKpc/ceEz2QeJ3rOGoetocmaObHcgFOFO0UC2oyAJ3MAtY\n" + "8SkyiUJ/jDdCZbkVegT9kGe9OLKMpenG058uctECgcEAozqgM8mPrxR576SnakN3\n" + "isjvOJOGXGcNiDVst5PUO6Gcrqj5HYpdsBtL0mMaxDo+ahjFKpET4UH8shBlP1er\n" + "GI717CDfIcZ3lXzmhiSGa0gh0PYXCqGwAAXQ+Gt735fHvIu7yICN/Htw4EDFmJXs\n" + "BaMdTHgNmL4RPg7bA39afM7fmjp5EI6HmuWkP4nDaqPJ3Cb4q4rDQvaaVLpEwWPu\n" + "/i6iWno8e5JBjbn/NnkEYroNi8sw5sc0+VS4qE5XgySpAoHBAMB9bF0tu4nGqVl7\n" + "49FrdO7v0HLGZ/jKOfIJmIIpk3bzrJecqxbRc1v79vbZhwUPl2LdBSU0Uw0RhQaH\n" + "3HKyzH8HByio4DswQbofnJZt6ej7LqqP+qwMsmT24x7hFrHzs0m4/DXIvBnOvM/K\n" + "afW1AY62leVthJ1TS4SuYQ8HAERpZTIeZcKUE4TJvPxB7NBUcdPxqXsgfA4mjKSm\n" + "Zm7K4GnQZOGv6N7aclzeBMq5vtBzSr18RBJ+U/N6TUH/2Q/1UQKBwEPgS+LJCJAs\n" + "qaeBPTgiuzv2a6umQpezxjCispnU5e0sOFHV/f5NVuEZDrdH7WDHAX8nAU8TdDZM\n" + "/fqM4oOZJOY9yVsyXK9dN7YcG6lxlNbC8S4FatDorDr3DxmbeYqEMUfOR+H4VvgR\n" + "OHw+G5gmNHBAh30wDR+bxepSNBAexjo18zbMgNJsdyjU8s562Q7/ejcTgqZYt4nZ\n" + "r6wql68K+fJ1W38b+ENQ46bZZMvAh8z4MZyzBvS8M/grD0WBBwrWLA==\n" + "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t server_ca3_key = { (unsigned char *)server_ca3_key_pem, - sizeof(server_ca3_key_pem) - 1 -}; + sizeof(server_ca3_key_pem) - 1 }; static char server_ca3_rsa_pss_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIEowIBAAKCAQEAvxOfMAZbqIuVqkPt5s5fyNeuYD09r80oDEN54MS7/tMy+2yk\n" - "rwsX3a1zGLqn47Q59E0QAlheFP5ZXcQgFXVdQwWCn00YtYyGn5uGrzT80PlIAnaG\n" - "yVpjLGci7mU13IpHlLKqQbBaCdiDU1qV/fyy03t0KVdlyzTi3RJoKDU3XTG/eJmy\n" - "bPHuBGzBjtXn4IJkbbe9FL090YJbgu0EqgcVhaon9JOs5cVNGsHZ4zdRo1d9/5zK\n" - "tqaAVCPYECL/OYwTBS0O8kTrkoHwXo08bR0sUhb7enfI827mOOiIyokkzUu1YVyP\n" - "6GMnggmoUa8LaSeO3bsWU9rx1ngWBUQ5hBG5JQIDAQABAoIBAAkoYpfFpjz0u66W\n" - "ZN+MApE4rRXVuZAkcAfub/fy1ePHsYjVUytEh9dLCdokkAlcyO5JhzvlilTNP/E7\n" - "hiIhJuAgcns6EbYZzxX1OUZKbteBKw9bKOibmWc2Zjkwxp0UT4vz6C8PybDxHJIx\n" - "JEExDE0QfKfClZFgroLT8AQFUOr5cy8dY2edh17+rMMeBvJ5Yit3L6hlHjO+5eJA\n" - "E0WzxPrZWIFfAJl484HbZL/kBT8UXqYDTR7MB+qOq8mdKQSLcHwyjvItgvgklEPu\n" - "0Rl626K+R6841FmrXjUEBVtfkS8Osw/+CJDYw6YZwB7W8oLRRhcB7PjMWU5RHAIW\n" - "nZKFWn0CgYEA0qsP7FUemy7kG7cA8qMErt7oWV/DYIMpKaCJC+17vk37OmJbUpbo\n" - "UkfEIY9iT8hcPjP1jAnQf2d0A37zn9B7DTYPhbjbRtNrOSkdrE/u5FeWd4tr9uc7\n" - "JdYhRc6dkPKbVbFFyo7bdHwU0ZLtfhJYKpTYJ3oNvjsiLqBjIHaj2v8CgYEA6DFV\n" - "FKlQL9OnzTnQtu5oDvqHFiaHD1wdPTN9MeNWEFdcf/kd3eVvcRmpenGZaud7jn72\n" - "nhtXXyzc9GlVoKL6R+/1GVexwu477dr2Ci5MwPYGtyh2tJWjgHTad0bT0Jq4Bneu\n" - "ZuXZ0EszfxTmHkUkPlzvUrbPjoJxgb57P0Qfn9sCgYEAnYrTg5c8Jizw5VD74nfK\n" - "nsOP2pZk054CgGDPXB4i9fP3Nngrdx3navDEWZySlrttUA8nR6xnQX+qIJslsZQF\n" - "EaImBYhyYwrkGoEG8b9tFVHy8j9PY/sUHn19sGiNKMJlK7ZATPR8ZSYNo5RPCoLJ\n" - "cD6TTyJVeLdcHqZOuw4+Bx0CgYAvP5qokauXj+JdiJ5IG0thgOlsQHrLTVtF0Oxw\n" - "8mnY+W4BPJgvRzjeMvKhz+wALQqffIaCtd2ZqG9t7OFXxtJXQSUG+ylZGVFonV3j\n" - "xHgp6+aB7uH47VpQEXdDPk5r7I/2APSkS7F/CU55Va9eCYPOjOrGUhz6SuD+HdzG\n" - "iv5EcQKBgDyt221UUieb1sWhCHaKaQ3z8/aJlzs+ge6kSLqoVjcfr5uOKM1O5O72\n" - "bfy00r7B8ky77qXNTtzv2xt9Km/hRptqnCHsgly5OXW8pMcFnf7Kdh3Q+c5UzVlc\n" - "ODwZlaKK2fjp9xr2dNpYjRqyEb1gkC9FJMaxab9OAf+AoQifxncv\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_ca3_rsa_pss_key = - { (unsigned char *)server_ca3_rsa_pss_key_pem, + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIEowIBAAKCAQEAvxOfMAZbqIuVqkPt5s5fyNeuYD09r80oDEN54MS7/tMy+2yk\n" + "rwsX3a1zGLqn47Q59E0QAlheFP5ZXcQgFXVdQwWCn00YtYyGn5uGrzT80PlIAnaG\n" + "yVpjLGci7mU13IpHlLKqQbBaCdiDU1qV/fyy03t0KVdlyzTi3RJoKDU3XTG/eJmy\n" + "bPHuBGzBjtXn4IJkbbe9FL090YJbgu0EqgcVhaon9JOs5cVNGsHZ4zdRo1d9/5zK\n" + "tqaAVCPYECL/OYwTBS0O8kTrkoHwXo08bR0sUhb7enfI827mOOiIyokkzUu1YVyP\n" + "6GMnggmoUa8LaSeO3bsWU9rx1ngWBUQ5hBG5JQIDAQABAoIBAAkoYpfFpjz0u66W\n" + "ZN+MApE4rRXVuZAkcAfub/fy1ePHsYjVUytEh9dLCdokkAlcyO5JhzvlilTNP/E7\n" + "hiIhJuAgcns6EbYZzxX1OUZKbteBKw9bKOibmWc2Zjkwxp0UT4vz6C8PybDxHJIx\n" + "JEExDE0QfKfClZFgroLT8AQFUOr5cy8dY2edh17+rMMeBvJ5Yit3L6hlHjO+5eJA\n" + "E0WzxPrZWIFfAJl484HbZL/kBT8UXqYDTR7MB+qOq8mdKQSLcHwyjvItgvgklEPu\n" + "0Rl626K+R6841FmrXjUEBVtfkS8Osw/+CJDYw6YZwB7W8oLRRhcB7PjMWU5RHAIW\n" + "nZKFWn0CgYEA0qsP7FUemy7kG7cA8qMErt7oWV/DYIMpKaCJC+17vk37OmJbUpbo\n" + "UkfEIY9iT8hcPjP1jAnQf2d0A37zn9B7DTYPhbjbRtNrOSkdrE/u5FeWd4tr9uc7\n" + "JdYhRc6dkPKbVbFFyo7bdHwU0ZLtfhJYKpTYJ3oNvjsiLqBjIHaj2v8CgYEA6DFV\n" + "FKlQL9OnzTnQtu5oDvqHFiaHD1wdPTN9MeNWEFdcf/kd3eVvcRmpenGZaud7jn72\n" + "nhtXXyzc9GlVoKL6R+/1GVexwu477dr2Ci5MwPYGtyh2tJWjgHTad0bT0Jq4Bneu\n" + "ZuXZ0EszfxTmHkUkPlzvUrbPjoJxgb57P0Qfn9sCgYEAnYrTg5c8Jizw5VD74nfK\n" + "nsOP2pZk054CgGDPXB4i9fP3Nngrdx3navDEWZySlrttUA8nR6xnQX+qIJslsZQF\n" + "EaImBYhyYwrkGoEG8b9tFVHy8j9PY/sUHn19sGiNKMJlK7ZATPR8ZSYNo5RPCoLJ\n" + "cD6TTyJVeLdcHqZOuw4+Bx0CgYAvP5qokauXj+JdiJ5IG0thgOlsQHrLTVtF0Oxw\n" + "8mnY+W4BPJgvRzjeMvKhz+wALQqffIaCtd2ZqG9t7OFXxtJXQSUG+ylZGVFonV3j\n" + "xHgp6+aB7uH47VpQEXdDPk5r7I/2APSkS7F/CU55Va9eCYPOjOrGUhz6SuD+HdzG\n" + "iv5EcQKBgDyt221UUieb1sWhCHaKaQ3z8/aJlzs+ge6kSLqoVjcfr5uOKM1O5O72\n" + "bfy00r7B8ky77qXNTtzv2xt9Km/hRptqnCHsgly5OXW8pMcFnf7Kdh3Q+c5UzVlc\n" + "ODwZlaKK2fjp9xr2dNpYjRqyEb1gkC9FJMaxab9OAf+AoQifxncv\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_ca3_rsa_pss_key = { + (unsigned char *)server_ca3_rsa_pss_key_pem, sizeof(server_ca3_rsa_pss_key_pem) - 1 }; static char server_ca3_rsa_pss_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEAjCCAjqgAwIBAgIMWSa+iBMb7BVvI0GIMD0GCSqGSIb3DQEBCjAwoA0wCwYJ\n" - "YIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIDAgEgMA8xDTAL\n" - "BgNVBAMTBENBLTMwHhcNMTkwNDE1MDkyMjIwWhcNNDkxMjMxMDkyMjIwWjANMQsw\n" - "CQYDVQQGEwJHUjCCAVIwPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAY\n" - "BgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCASADggEPADCCAQoCggEBAL8TnzAG\n" - "W6iLlapD7ebOX8jXrmA9Pa/NKAxDeeDEu/7TMvtspK8LF92tcxi6p+O0OfRNEAJY\n" - "XhT+WV3EIBV1XUMFgp9NGLWMhp+bhq80/ND5SAJ2hslaYyxnIu5lNdyKR5SyqkGw\n" - "WgnYg1Nalf38stN7dClXZcs04t0SaCg1N10xv3iZsmzx7gRswY7V5+CCZG23vRS9\n" - "PdGCW4LtBKoHFYWqJ/STrOXFTRrB2eM3UaNXff+cyramgFQj2BAi/zmMEwUtDvJE\n" - "65KB8F6NPG0dLFIW+3p3yPNu5jjoiMqJJM1LtWFcj+hjJ4IJqFGvC2knjt27FlPa\n" - "8dZ4FgVEOYQRuSUCAwEAAaNQME4wDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUjFqe\n" - "vO9heHT9V24WV1ovs7pvUvMwHwYDVR0jBBgwFoAU+aiGGWO2pBQTYHYPAZo1Nu/x\n" - "tK8wPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgw\n" - "CwYJYIZIAWUDBAIBogMCASADggGBAAgVZdGqSwhaa8c/KuqsnELoK5QlzdSUNZ0O\n" - "J31nVQyOmIJtqR14nMndU0y1iowAoj0osZFYjxjN6e2AqUF7R22uhtxmG6rr0YEi\n" - "XS+rNpbs7+gY/3hK30vo376QL85+U4v4HuTCd+yX8bY9VPqwZBMYO5rcDyXG82xC\n" - "ZKXT/Tr7XD80iMFjyR2cvRAjoZQeXbWzNE4AEm0jNz2F5Qnl6uSgtpDkHYKgr9xq\n" - "yUhm/WNKG86pzBxfcFju4prqBLiwUZh068b6znBAS0wMflrF/lznu01QqDhK6mz3\n" - "cSn5LlzoKjuouAWdZRieqokr1mNiWggmX5n2qKM9FJtDQctsvntCf/freAfy+Xmu\n" - "Tm055R9UzX76mL89eXY92U++HR8Y5IO5lqY1f13rzWK5rJB9qjz/Mamj9xR6Egoa\n" - "hh1ysRItcTCFJI5xKb/i3hHv94U12EH1IfFHofptr1pyCtAeOhJytWPndCiB2m1q\n" - "M2k3tl6cHvlUz7DpgnxNniuQ/dQ4MA==\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_ca3_rsa_pss_cert = - { (unsigned char *)server_ca3_rsa_pss_cert_pem, + "-----BEGIN CERTIFICATE-----\n" + "MIIEAjCCAjqgAwIBAgIMWSa+iBMb7BVvI0GIMD0GCSqGSIb3DQEBCjAwoA0wCwYJ\n" + "YIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIDAgEgMA8xDTAL\n" + "BgNVBAMTBENBLTMwHhcNMTkwNDE1MDkyMjIwWhcNNDkxMjMxMDkyMjIwWjANMQsw\n" + "CQYDVQQGEwJHUjCCAVIwPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAY\n" + "BgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCASADggEPADCCAQoCggEBAL8TnzAG\n" + "W6iLlapD7ebOX8jXrmA9Pa/NKAxDeeDEu/7TMvtspK8LF92tcxi6p+O0OfRNEAJY\n" + "XhT+WV3EIBV1XUMFgp9NGLWMhp+bhq80/ND5SAJ2hslaYyxnIu5lNdyKR5SyqkGw\n" + "WgnYg1Nalf38stN7dClXZcs04t0SaCg1N10xv3iZsmzx7gRswY7V5+CCZG23vRS9\n" + "PdGCW4LtBKoHFYWqJ/STrOXFTRrB2eM3UaNXff+cyramgFQj2BAi/zmMEwUtDvJE\n" + "65KB8F6NPG0dLFIW+3p3yPNu5jjoiMqJJM1LtWFcj+hjJ4IJqFGvC2knjt27FlPa\n" + "8dZ4FgVEOYQRuSUCAwEAAaNQME4wDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUjFqe\n" + "vO9heHT9V24WV1ovs7pvUvMwHwYDVR0jBBgwFoAU+aiGGWO2pBQTYHYPAZo1Nu/x\n" + "tK8wPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgw\n" + "CwYJYIZIAWUDBAIBogMCASADggGBAAgVZdGqSwhaa8c/KuqsnELoK5QlzdSUNZ0O\n" + "J31nVQyOmIJtqR14nMndU0y1iowAoj0osZFYjxjN6e2AqUF7R22uhtxmG6rr0YEi\n" + "XS+rNpbs7+gY/3hK30vo376QL85+U4v4HuTCd+yX8bY9VPqwZBMYO5rcDyXG82xC\n" + "ZKXT/Tr7XD80iMFjyR2cvRAjoZQeXbWzNE4AEm0jNz2F5Qnl6uSgtpDkHYKgr9xq\n" + "yUhm/WNKG86pzBxfcFju4prqBLiwUZh068b6znBAS0wMflrF/lznu01QqDhK6mz3\n" + "cSn5LlzoKjuouAWdZRieqokr1mNiWggmX5n2qKM9FJtDQctsvntCf/freAfy+Xmu\n" + "Tm055R9UzX76mL89eXY92U++HR8Y5IO5lqY1f13rzWK5rJB9qjz/Mamj9xR6Egoa\n" + "hh1ysRItcTCFJI5xKb/i3hHv94U12EH1IfFHofptr1pyCtAeOhJytWPndCiB2m1q\n" + "M2k3tl6cHvlUz7DpgnxNniuQ/dQ4MA==\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_ca3_rsa_pss_cert = { + (unsigned char *)server_ca3_rsa_pss_cert_pem, sizeof(server_ca3_rsa_pss_cert_pem) - 1 }; static char server_ca3_rsa_pss2_key_pem[] = - "-----BEGIN PRIVATE KEY-----\n" - "MIIE7AIBADA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3\n" - "DQEBCDALBglghkgBZQMEAgGiAwIBIASCBKYwggSiAgEAAoIBAQCte+3f4Sgy89/R\n" - "LNfx/NazlTgHxL6IXJuL44tutdhxA91vCJt0+ZSShWibsuyF+H09it3G0+3LvE2W\n" - "vkU58ha7ljvCWckPf2+YpsFynNQc0Lw6BThRMQdJpJvI54OdxfhoPjhDnTui/EEj\n" - "/n9MbLo5rAX5ZDIpWa3Vgpl37Q8czjFINCgQ/f8qsD4WabBSbuSnrYDvuASGez4O\n" - "YDAFvM51+4U4GxN7ZKbrDTQcAySU0Fjy+I5eW/BIXd9TeHb6XYJudMQY7rozTijm\n" - "6qbZieahke+FUCgm8BnRXghfcVSswUZEJQkCvF+SdUl3iAYlY/UBzVFsGDSFbID2\n" - "XRtEvrnvAgMBAAECggEATj8COCL+lZSnU1oNgAiQ8eiQn/heE3TpdzvHLMT5/WdH\n" - "3YedTjIvj7J6TxdxVK+SFUrn4oC91VF2EVJ6OLt3A16sT2ldpQ7OT6SOxdn0VZbT\n" - "/rtR/lTFu7JxzTiWhXfAJYxCpkRpnIZ3/vsPgXHcwJxVCXnmof3fyNghzhRu54de\n" - "V5GUwJ6TT3MMYLYKf5ii8Yt9WqeekQF7Hy/kIwz+4CbgR3fDdRXFnRwdNmA4RG3w\n" - "TbwvqR9ApyAictYz4HpZWgYL+cXsH6Fm+/ChZiV9/zvdVVOo+dOAcxx2cWahm/NL\n" - "tksGD7hI5kqD9moi2wiAsGHPa+/rkLxIBm0xvF1veQKBgQDVFKujtQyfzJw5DUPL\n" - "kTCLp+370ZBTK01daKZrpfgw6QrylYljcIq8n1izauElYm5cZ9krMGzvL5ceg49p\n" - "obl1tdCOQJQACrJmLZSuvVfw8TSwHPyOGtRWxhF4miX+ym3yMFqRyN2nXx1iAo5I\n" - "Cz+aGmTfT1zSZkLnfQSjYWZFgwKBgQDQbX2wPavLI+1yWARStqrwVWO1mU0Nixbo\n" - "jHrRlzrKYqtV+0ea6550LtDG5A/zf9MP6439NNHPqs4rnY910odd+xmLdQj2gocB\n" - "IS4nPBE4o1k3L9m+bSw9nyDdJWRkASq4uem6QvyVsQpWUoxzmg5/fwRUlOU8X3pP\n" - "ZLSSpz06JQKBgF4b6AbAwtedFe54tlWlRWyY+Zn7n6Or/1pfCwmGXwyzEJu9gdWC\n" - "cjQGqLVtYg0R4S48y4SwuZwWR8c5UdDUlcWwTHFXgkZWcx5/ySg4BiwrTBrwYncc\n" - "0GWWy0aZxmg23cJWqtmyfnsani6YdGDLXwbf22dpdNSUR75X0AGc1f+jAoGADha4\n" - "nkcs66hcDpSghi7O0zwSZ14bdUTnoYSNcMl2MeQFjORVbMVsipH3jtovsdf8HmFf\n" - "0bPWUuFK2mvmHKLEf7fPfDvHBVLBaXQiuIg46ckw6KgVYefjS68L+6bhaFkj2CTJ\n" - "BcwtYrj65+bgk5fgTwH4+vatoC0cCW3XPuqLGvkCgYAj2NGQAEQ4HkmF55otDocZ\n" - "SkAJFfibyrkKEK+PsQ7dRR/HEc93hvkI0PHpsLx8A3FZ370FAPtiKmnmfabHxEsK\n" - "TWA2DTacq//MzXQrjsx0CpvGId1dOyVZIrwIFM17KmW5HHE37fY4PFZTZVXHAKf6\n" - "nQyUF7m3FUJjavm46KJIhw==\n" "-----END PRIVATE KEY-----\n"; - -const gnutls_datum_t server_ca3_rsa_pss2_key = - { (unsigned char *)server_ca3_rsa_pss2_key_pem, + "-----BEGIN PRIVATE KEY-----\n" + "MIIE7AIBADA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3\n" + "DQEBCDALBglghkgBZQMEAgGiAwIBIASCBKYwggSiAgEAAoIBAQCte+3f4Sgy89/R\n" + "LNfx/NazlTgHxL6IXJuL44tutdhxA91vCJt0+ZSShWibsuyF+H09it3G0+3LvE2W\n" + "vkU58ha7ljvCWckPf2+YpsFynNQc0Lw6BThRMQdJpJvI54OdxfhoPjhDnTui/EEj\n" + "/n9MbLo5rAX5ZDIpWa3Vgpl37Q8czjFINCgQ/f8qsD4WabBSbuSnrYDvuASGez4O\n" + "YDAFvM51+4U4GxN7ZKbrDTQcAySU0Fjy+I5eW/BIXd9TeHb6XYJudMQY7rozTijm\n" + "6qbZieahke+FUCgm8BnRXghfcVSswUZEJQkCvF+SdUl3iAYlY/UBzVFsGDSFbID2\n" + "XRtEvrnvAgMBAAECggEATj8COCL+lZSnU1oNgAiQ8eiQn/heE3TpdzvHLMT5/WdH\n" + "3YedTjIvj7J6TxdxVK+SFUrn4oC91VF2EVJ6OLt3A16sT2ldpQ7OT6SOxdn0VZbT\n" + "/rtR/lTFu7JxzTiWhXfAJYxCpkRpnIZ3/vsPgXHcwJxVCXnmof3fyNghzhRu54de\n" + "V5GUwJ6TT3MMYLYKf5ii8Yt9WqeekQF7Hy/kIwz+4CbgR3fDdRXFnRwdNmA4RG3w\n" + "TbwvqR9ApyAictYz4HpZWgYL+cXsH6Fm+/ChZiV9/zvdVVOo+dOAcxx2cWahm/NL\n" + "tksGD7hI5kqD9moi2wiAsGHPa+/rkLxIBm0xvF1veQKBgQDVFKujtQyfzJw5DUPL\n" + "kTCLp+370ZBTK01daKZrpfgw6QrylYljcIq8n1izauElYm5cZ9krMGzvL5ceg49p\n" + "obl1tdCOQJQACrJmLZSuvVfw8TSwHPyOGtRWxhF4miX+ym3yMFqRyN2nXx1iAo5I\n" + "Cz+aGmTfT1zSZkLnfQSjYWZFgwKBgQDQbX2wPavLI+1yWARStqrwVWO1mU0Nixbo\n" + "jHrRlzrKYqtV+0ea6550LtDG5A/zf9MP6439NNHPqs4rnY910odd+xmLdQj2gocB\n" + "IS4nPBE4o1k3L9m+bSw9nyDdJWRkASq4uem6QvyVsQpWUoxzmg5/fwRUlOU8X3pP\n" + "ZLSSpz06JQKBgF4b6AbAwtedFe54tlWlRWyY+Zn7n6Or/1pfCwmGXwyzEJu9gdWC\n" + "cjQGqLVtYg0R4S48y4SwuZwWR8c5UdDUlcWwTHFXgkZWcx5/ySg4BiwrTBrwYncc\n" + "0GWWy0aZxmg23cJWqtmyfnsani6YdGDLXwbf22dpdNSUR75X0AGc1f+jAoGADha4\n" + "nkcs66hcDpSghi7O0zwSZ14bdUTnoYSNcMl2MeQFjORVbMVsipH3jtovsdf8HmFf\n" + "0bPWUuFK2mvmHKLEf7fPfDvHBVLBaXQiuIg46ckw6KgVYefjS68L+6bhaFkj2CTJ\n" + "BcwtYrj65+bgk5fgTwH4+vatoC0cCW3XPuqLGvkCgYAj2NGQAEQ4HkmF55otDocZ\n" + "SkAJFfibyrkKEK+PsQ7dRR/HEc93hvkI0PHpsLx8A3FZ370FAPtiKmnmfabHxEsK\n" + "TWA2DTacq//MzXQrjsx0CpvGId1dOyVZIrwIFM17KmW5HHE37fY4PFZTZVXHAKf6\n" + "nQyUF7m3FUJjavm46KJIhw==\n" + "-----END PRIVATE KEY-----\n"; + +const gnutls_datum_t server_ca3_rsa_pss2_key = { + (unsigned char *)server_ca3_rsa_pss2_key_pem, sizeof(server_ca3_rsa_pss2_key_pem) - 1 }; static char server_ca3_rsa_pss2_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIID0TCCAjmgAwIBAgIIWXYEJjkAauMwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" - "AxMEQ0EtMzAgFw0xNzA3MjQxNDI4NTVaGA85OTk5MTIzMTIzNTk1OVowADCCAVIw\n" - "PQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJ\n" - "YIZIAWUDBAIBogMCASADggEPADCCAQoCggEBAK177d/hKDLz39Es1/H81rOVOAfE\n" - "vohcm4vji2612HED3W8Im3T5lJKFaJuy7IX4fT2K3cbT7cu8TZa+RTnyFruWO8JZ\n" - "yQ9/b5imwXKc1BzQvDoFOFExB0mkm8jng53F+Gg+OEOdO6L8QSP+f0xsujmsBflk\n" - "MilZrdWCmXftDxzOMUg0KBD9/yqwPhZpsFJu5KetgO+4BIZ7Pg5gMAW8znX7hTgb\n" - "E3tkpusNNBwDJJTQWPL4jl5b8Ehd31N4dvpdgm50xBjuujNOKObqptmJ5qGR74VQ\n" - "KCbwGdFeCF9xVKzBRkQlCQK8X5J1SXeIBiVj9QHNUWwYNIVsgPZdG0S+ue8CAwEA\n" - "AaOBjTCBijAMBgNVHRMBAf8EAjAAMBQGA1UdEQQNMAuCCWxvY2FsaG9zdDATBgNV\n" - "HSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB4AAMB0GA1UdDgQWBBQCiLaK\n" - "LrqB0vaCnoNP1V8QVLlA8jAfBgNVHSMEGDAWgBT5qIYZY7akFBNgdg8BmjU27/G0\n" - "rzANBgkqhkiG9w0BAQsFAAOCAYEANgnTu4nYiv1nH6Iqpnn48CNrGK25ax6FuPvc\n" - "HxOyFFa9jomP8KjyNv3EsmmoBcQBkbRdAX8sFdtbyjILqRLoRMFO7D60BmCitGYH\n" - "MDjEIkG9QjcCo03YIT93SORwnt1qrWh6paOH7Nme+CsgRyXN7iNNur2LgGSilQ7P\n" - "Rs/vr0DdxmlUxUQHDa5GRIvU3FFs4NLC/9sQd3+JGqzDbY7UqLnP5fzn6/PSMKIw\n" - "Gc4IzbJrqjFsyfjQkblM2eBwmkUD3SnTFWqYwUsohGlSxBwKSIyVzlyuoD1FXop7\n" - "lgG8/a1D/ZFa34q8tj24Wnd9zdr/Jrv2g51OSf0VIbQdP92l2kDouobPS/7DTgPI\n" - "D7h52NLVm8cbV1RqxbeS3spZ2OAQn8tLiTwz+abNdsikFjMvfXq61iIv3QASUyUB\n" - "VydSB7stwAUd6wys2H7crmeiMMtgxSjZJtB4GDUCb24a+/a4IgpqxFzGDLE9Ur69\n" - "D8aQbKGJzzih56a2wwc0ZqA0ilGm\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_ca3_rsa_pss2_cert = - { (unsigned char *)server_ca3_rsa_pss2_cert_pem, + "-----BEGIN CERTIFICATE-----\n" + "MIID0TCCAjmgAwIBAgIIWXYEJjkAauMwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" + "AxMEQ0EtMzAgFw0xNzA3MjQxNDI4NTVaGA85OTk5MTIzMTIzNTk1OVowADCCAVIw\n" + "PQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJ\n" + "YIZIAWUDBAIBogMCASADggEPADCCAQoCggEBAK177d/hKDLz39Es1/H81rOVOAfE\n" + "vohcm4vji2612HED3W8Im3T5lJKFaJuy7IX4fT2K3cbT7cu8TZa+RTnyFruWO8JZ\n" + "yQ9/b5imwXKc1BzQvDoFOFExB0mkm8jng53F+Gg+OEOdO6L8QSP+f0xsujmsBflk\n" + "MilZrdWCmXftDxzOMUg0KBD9/yqwPhZpsFJu5KetgO+4BIZ7Pg5gMAW8znX7hTgb\n" + "E3tkpusNNBwDJJTQWPL4jl5b8Ehd31N4dvpdgm50xBjuujNOKObqptmJ5qGR74VQ\n" + "KCbwGdFeCF9xVKzBRkQlCQK8X5J1SXeIBiVj9QHNUWwYNIVsgPZdG0S+ue8CAwEA\n" + "AaOBjTCBijAMBgNVHRMBAf8EAjAAMBQGA1UdEQQNMAuCCWxvY2FsaG9zdDATBgNV\n" + "HSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB4AAMB0GA1UdDgQWBBQCiLaK\n" + "LrqB0vaCnoNP1V8QVLlA8jAfBgNVHSMEGDAWgBT5qIYZY7akFBNgdg8BmjU27/G0\n" + "rzANBgkqhkiG9w0BAQsFAAOCAYEANgnTu4nYiv1nH6Iqpnn48CNrGK25ax6FuPvc\n" + "HxOyFFa9jomP8KjyNv3EsmmoBcQBkbRdAX8sFdtbyjILqRLoRMFO7D60BmCitGYH\n" + "MDjEIkG9QjcCo03YIT93SORwnt1qrWh6paOH7Nme+CsgRyXN7iNNur2LgGSilQ7P\n" + "Rs/vr0DdxmlUxUQHDa5GRIvU3FFs4NLC/9sQd3+JGqzDbY7UqLnP5fzn6/PSMKIw\n" + "Gc4IzbJrqjFsyfjQkblM2eBwmkUD3SnTFWqYwUsohGlSxBwKSIyVzlyuoD1FXop7\n" + "lgG8/a1D/ZFa34q8tj24Wnd9zdr/Jrv2g51OSf0VIbQdP92l2kDouobPS/7DTgPI\n" + "D7h52NLVm8cbV1RqxbeS3spZ2OAQn8tLiTwz+abNdsikFjMvfXq61iIv3QASUyUB\n" + "VydSB7stwAUd6wys2H7crmeiMMtgxSjZJtB4GDUCb24a+/a4IgpqxFzGDLE9Ur69\n" + "D8aQbKGJzzih56a2wwc0ZqA0ilGm\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_ca3_rsa_pss2_cert = { + (unsigned char *)server_ca3_rsa_pss2_cert_pem, sizeof(server_ca3_rsa_pss2_cert_pem) - 1 }; static char cli_ca3_rsa_pss_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEAjCCAjqgAwIBAgIMWSa+VhOfC8uEpb/cMD0GCSqGSIb3DQEBCjAwoA0wCwYJ\n" - "YIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIDAgEgMA8xDTAL\n" - "BgNVBAMTBENBLTMwHhcNMDQwMjI5MTUyMTQyWhcNMjQwMjI5MTUyMTQxWjANMQsw\n" - "CQYDVQQGEwJHUjCCAVIwPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAY\n" - "BgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCASADggEPADCCAQoCggEBAL8TnzAG\n" - "W6iLlapD7ebOX8jXrmA9Pa/NKAxDeeDEu/7TMvtspK8LF92tcxi6p+O0OfRNEAJY\n" - "XhT+WV3EIBV1XUMFgp9NGLWMhp+bhq80/ND5SAJ2hslaYyxnIu5lNdyKR5SyqkGw\n" - "WgnYg1Nalf38stN7dClXZcs04t0SaCg1N10xv3iZsmzx7gRswY7V5+CCZG23vRS9\n" - "PdGCW4LtBKoHFYWqJ/STrOXFTRrB2eM3UaNXff+cyramgFQj2BAi/zmMEwUtDvJE\n" - "65KB8F6NPG0dLFIW+3p3yPNu5jjoiMqJJM1LtWFcj+hjJ4IJqFGvC2knjt27FlPa\n" - "8dZ4FgVEOYQRuSUCAwEAAaNQME4wDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUjFqe\n" - "vO9heHT9V24WV1ovs7pvUvMwHwYDVR0jBBgwFoAU+aiGGWO2pBQTYHYPAZo1Nu/x\n" - "tK8wPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgw\n" - "CwYJYIZIAWUDBAIBogMCASADggGBAI435L6mZnGnCtQdtUBGgypMP2g5VuSBu2lP\n" - "5msLYuK2vPZTCtCLAg2JSsQhVaDDK+V7wtyXIgnEtQWrDE3RQBmWtCWpVrrP7kh3\n" - "ZN751l6+z1UTEg8sVQ7MODbEZCB9+2XXAb50Oh4cO65IfUI5Sqnn2+k3ZPLp280s\n" - "KdlaA4ZzmQSZcgEDWtoch8QiO+HvlXGqjejQUFh1ObBJXpXX5Q7NP5K7ChI82LPJ\n" - "T+rdqTopIgM3nAg9Je7gqsHiPdEdpArKwQq9wMxTmtQECK6KInueaDXuoDs5xg6k\n" - "XYQ1fiS0SI/pJ9xn0SCc6BNmkbfTpmKVwF9MWIyGyzWBhkSSWxsKbh5OuUCWJsyG\n" - "eLOrPK9fVKv/YQCfDHC3F1WI6xtHg7CCD7vvyJv5bFH8LN8YGoZNt1ZfU1lNw7rP\n" - "sRecz45/okiAbk9/SgnpzHInNBBzYu2Ym+yGVO/tIeErPXrnkM7uF9Di/K1n2+zF\n" - "vXOeamGsi2jyiC5LbreWecbMnzi3vQ==\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t cli_ca3_rsa_pss_cert = - { (unsigned char *)cli_ca3_rsa_pss_cert_pem, + "-----BEGIN CERTIFICATE-----\n" + "MIIEAjCCAjqgAwIBAgIMWSa+VhOfC8uEpb/cMD0GCSqGSIb3DQEBCjAwoA0wCwYJ\n" + "YIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIDAgEgMA8xDTAL\n" + "BgNVBAMTBENBLTMwHhcNMDQwMjI5MTUyMTQyWhcNMjQwMjI5MTUyMTQxWjANMQsw\n" + "CQYDVQQGEwJHUjCCAVIwPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAY\n" + "BgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCASADggEPADCCAQoCggEBAL8TnzAG\n" + "W6iLlapD7ebOX8jXrmA9Pa/NKAxDeeDEu/7TMvtspK8LF92tcxi6p+O0OfRNEAJY\n" + "XhT+WV3EIBV1XUMFgp9NGLWMhp+bhq80/ND5SAJ2hslaYyxnIu5lNdyKR5SyqkGw\n" + "WgnYg1Nalf38stN7dClXZcs04t0SaCg1N10xv3iZsmzx7gRswY7V5+CCZG23vRS9\n" + "PdGCW4LtBKoHFYWqJ/STrOXFTRrB2eM3UaNXff+cyramgFQj2BAi/zmMEwUtDvJE\n" + "65KB8F6NPG0dLFIW+3p3yPNu5jjoiMqJJM1LtWFcj+hjJ4IJqFGvC2knjt27FlPa\n" + "8dZ4FgVEOYQRuSUCAwEAAaNQME4wDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUjFqe\n" + "vO9heHT9V24WV1ovs7pvUvMwHwYDVR0jBBgwFoAU+aiGGWO2pBQTYHYPAZo1Nu/x\n" + "tK8wPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgw\n" + "CwYJYIZIAWUDBAIBogMCASADggGBAI435L6mZnGnCtQdtUBGgypMP2g5VuSBu2lP\n" + "5msLYuK2vPZTCtCLAg2JSsQhVaDDK+V7wtyXIgnEtQWrDE3RQBmWtCWpVrrP7kh3\n" + "ZN751l6+z1UTEg8sVQ7MODbEZCB9+2XXAb50Oh4cO65IfUI5Sqnn2+k3ZPLp280s\n" + "KdlaA4ZzmQSZcgEDWtoch8QiO+HvlXGqjejQUFh1ObBJXpXX5Q7NP5K7ChI82LPJ\n" + "T+rdqTopIgM3nAg9Je7gqsHiPdEdpArKwQq9wMxTmtQECK6KInueaDXuoDs5xg6k\n" + "XYQ1fiS0SI/pJ9xn0SCc6BNmkbfTpmKVwF9MWIyGyzWBhkSSWxsKbh5OuUCWJsyG\n" + "eLOrPK9fVKv/YQCfDHC3F1WI6xtHg7CCD7vvyJv5bFH8LN8YGoZNt1ZfU1lNw7rP\n" + "sRecz45/okiAbk9/SgnpzHInNBBzYu2Ym+yGVO/tIeErPXrnkM7uF9Di/K1n2+zF\n" + "vXOeamGsi2jyiC5LbreWecbMnzi3vQ==\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t cli_ca3_rsa_pss_cert = { + (unsigned char *)cli_ca3_rsa_pss_cert_pem, sizeof(cli_ca3_rsa_pss_cert_pem) - 1 }; -# define cli_ca3_rsa_pss_key server_ca3_rsa_pss_key +#define cli_ca3_rsa_pss_key server_ca3_rsa_pss_key /* server EdDSA key */ static char server_ca3_eddsa_key_pem[] = - "-----BEGIN PRIVATE KEY-----\n" - "MC4CAQAwBQYDK2VwBCIEIBypI9w1qP3WLaiYuWB7zhA99GTG5UsKZVZqPHNlUaIv\n" - "-----END PRIVATE KEY-----\n"; + "-----BEGIN PRIVATE KEY-----\n" + "MC4CAQAwBQYDK2VwBCIEIBypI9w1qP3WLaiYuWB7zhA99GTG5UsKZVZqPHNlUaIv\n" + "-----END PRIVATE KEY-----\n"; -const gnutls_datum_t server_ca3_eddsa_key = - { (unsigned char *)server_ca3_eddsa_key_pem, +const gnutls_datum_t server_ca3_eddsa_key = { + (unsigned char *)server_ca3_eddsa_key_pem, sizeof(server_ca3_eddsa_key_pem) - 1 }; static char server_ca3_eddsa_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIBEzCBxqADAgECAgxZLBvYDjrxFhfqLoIwBQYDK2VwMA0xCzAJBgNVBAYTAkdS\n" - "MB4XDTA0MDIyOTE1MjE0MloXDTI0MDIyOTE1MjE0MVowDTELMAkGA1UEBhMCR1Iw\n" - "KjAFBgMrZXADIQCrr5izw0GNQSIhwYanuHD7RG7HfiCHe9kipF3SlwnVSKNAMD4w\n" - "DAYDVR0TAQH/BAIwADAPBgNVHQ8BAf8EBQMDB4AAMB0GA1UdDgQWBBSJg0wiKtJf\n" - "jqv1BmHV8w0JD5X2BjAFBgMrZXADQQB94NbYtwGCvyI6EvBZk5xgOyWNdKVy9peh\n" - "KKn/PNiAq4fPNEupyzC3AzE1xLzKLRArAFFDDUjPCwy3OR4js3MF\n" - "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_ca3_eddsa_cert = - { (unsigned char *)server_ca3_eddsa_cert_pem, + "-----BEGIN CERTIFICATE-----\n" + "MIIBEzCBxqADAgECAgxZLBvYDjrxFhfqLoIwBQYDK2VwMA0xCzAJBgNVBAYTAkdS\n" + "MB4XDTA0MDIyOTE1MjE0MloXDTI0MDIyOTE1MjE0MVowDTELMAkGA1UEBhMCR1Iw\n" + "KjAFBgMrZXADIQCrr5izw0GNQSIhwYanuHD7RG7HfiCHe9kipF3SlwnVSKNAMD4w\n" + "DAYDVR0TAQH/BAIwADAPBgNVHQ8BAf8EBQMDB4AAMB0GA1UdDgQWBBSJg0wiKtJf\n" + "jqv1BmHV8w0JD5X2BjAFBgMrZXADQQB94NbYtwGCvyI6EvBZk5xgOyWNdKVy9peh\n" + "KKn/PNiAq4fPNEupyzC3AzE1xLzKLRArAFFDDUjPCwy3OR4js3MF\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_ca3_eddsa_cert = { + (unsigned char *)server_ca3_eddsa_cert_pem, sizeof(server_ca3_eddsa_cert_pem) - 1 }; static char server_ca3_gost01_key_pem[] = - "-----BEGIN PRIVATE KEY-----\n" - "MEUCAQAwHAYGKoUDAgITMBIGByqFAwICJAAGByqFAwICHgEEIgQgR1lBLIr4WBpn\n" - "4MOCH8oxGWb52EPNL3gjNJiQuBQuf6U=\n" "-----END PRIVATE KEY-----\n"; + "-----BEGIN PRIVATE KEY-----\n" + "MEUCAQAwHAYGKoUDAgITMBIGByqFAwICJAAGByqFAwICHgEEIgQgR1lBLIr4WBpn\n" + "4MOCH8oxGWb52EPNL3gjNJiQuBQuf6U=\n" + "-----END PRIVATE KEY-----\n"; -const gnutls_datum_t server_ca3_gost01_key = - { (unsigned char *)server_ca3_gost01_key_pem, +const gnutls_datum_t server_ca3_gost01_key = { + (unsigned char *)server_ca3_gost01_key_pem, sizeof(server_ca3_gost01_key_pem) - 1 }; static char server_ca3_gost01_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIC7TCCAVWgAwIBAgIIWcZJ7xuHksUwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" - "AxMEQ0EtMzAgFw0xOTEwMDgxMDQ2NDBaGA85OTk5MTIzMTIzNTk1OVowDTELMAkG\n" - "A1UEAxMCR1IwYzAcBgYqhQMCAhMwEgYHKoUDAgIkAAYHKoUDAgIeAQNDAARA0Lvp\n" - "9MaoYDxzkURVz71Q3Sw9Wrwa2F483xDd0mOID8CK7JY8C8gz/1dfZniUObT1JMa6\n" - "hkGsQyFvPLD6Vr1bN6OBjTCBijAMBgNVHRMBAf8EAjAAMBQGA1UdEQQNMAuCCWxv\n" - "Y2FsaG9zdDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB4AAMB0G\n" - "A1UdDgQWBBSGUfwGWchcx3r3TNANllOEOFkTWDAfBgNVHSMEGDAWgBT5qIYZY7ak\n" - "FBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEACdzEVIyFvPlx2J7Ab4Hq\n" - "Oz0IGk2QaZ4cJkWZxjrPc7u6XCeBah8TEtF12LJ6vXBS+Cf9IF50YIMK/8GjJjs1\n" - "Allwdx79RuWFS2TdnsAjsAWwyKBQITkmv/kXULtExC9ospdGVIeYbdcmufgk023Q\n" - "PJh5LAMXHZ1lrsI1DgBhihgZx86wTAGd8yRC+dratvSbawC0sFan8X1n9R/Fxkzt\n" - "YuLEulh7FZpTWPYu30fyUrpEZVCWPlCzCrSijhCVBhAnT4eEGd7qmU0Oj+khHFNn\n" - "iVJ40/3JG21Yln2t/8uY1YIM2+ISTk4n2gkmXHrRAfNi3bXupdQQyAqRRT7b/Y/y\n" - "jhYzWekGLAvz0qrS78Ls8Kp7TfhIVEcWz9pfo77SmURxT6SDTiet7W5VD+VaS+hW\n" - "jl4L+IGxCsBIY5mWlT8KYTNHG34ln+5W+TfZMGARZFf4ZfQi2lgs3p0oqn6f9c+w\n" - "AdMyo73YqtbmVT2eGB05ezMeRl2Anjfwvj9JinhHMC04\n" - "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_ca3_gost01_cert = - { (unsigned char *)server_ca3_gost01_cert_pem, + "-----BEGIN CERTIFICATE-----\n" + "MIIC7TCCAVWgAwIBAgIIWcZJ7xuHksUwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" + "AxMEQ0EtMzAgFw0xOTEwMDgxMDQ2NDBaGA85OTk5MTIzMTIzNTk1OVowDTELMAkG\n" + "A1UEAxMCR1IwYzAcBgYqhQMCAhMwEgYHKoUDAgIkAAYHKoUDAgIeAQNDAARA0Lvp\n" + "9MaoYDxzkURVz71Q3Sw9Wrwa2F483xDd0mOID8CK7JY8C8gz/1dfZniUObT1JMa6\n" + "hkGsQyFvPLD6Vr1bN6OBjTCBijAMBgNVHRMBAf8EAjAAMBQGA1UdEQQNMAuCCWxv\n" + "Y2FsaG9zdDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB4AAMB0G\n" + "A1UdDgQWBBSGUfwGWchcx3r3TNANllOEOFkTWDAfBgNVHSMEGDAWgBT5qIYZY7ak\n" + "FBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEACdzEVIyFvPlx2J7Ab4Hq\n" + "Oz0IGk2QaZ4cJkWZxjrPc7u6XCeBah8TEtF12LJ6vXBS+Cf9IF50YIMK/8GjJjs1\n" + "Allwdx79RuWFS2TdnsAjsAWwyKBQITkmv/kXULtExC9ospdGVIeYbdcmufgk023Q\n" + "PJh5LAMXHZ1lrsI1DgBhihgZx86wTAGd8yRC+dratvSbawC0sFan8X1n9R/Fxkzt\n" + "YuLEulh7FZpTWPYu30fyUrpEZVCWPlCzCrSijhCVBhAnT4eEGd7qmU0Oj+khHFNn\n" + "iVJ40/3JG21Yln2t/8uY1YIM2+ISTk4n2gkmXHrRAfNi3bXupdQQyAqRRT7b/Y/y\n" + "jhYzWekGLAvz0qrS78Ls8Kp7TfhIVEcWz9pfo77SmURxT6SDTiet7W5VD+VaS+hW\n" + "jl4L+IGxCsBIY5mWlT8KYTNHG34ln+5W+TfZMGARZFf4ZfQi2lgs3p0oqn6f9c+w\n" + "AdMyo73YqtbmVT2eGB05ezMeRl2Anjfwvj9JinhHMC04\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_ca3_gost01_cert = { + (unsigned char *)server_ca3_gost01_cert_pem, sizeof(server_ca3_gost01_cert_pem) - 1 }; static char server_ca3_gost12_256_key_pem[] = - "-----BEGIN PRIVATE KEY-----\n" - "MEgCAQAwHwYIKoUDBwEBAQEwEwYHKoUDAgIkAAYIKoUDBwEBAgIEIgQg0+JttJEV\n" - "Ud+XBzX9q13ByKK+j2b+mEmNIo1yB0wGleo=\n" "-----END PRIVATE KEY-----\n"; + "-----BEGIN PRIVATE KEY-----\n" + "MEgCAQAwHwYIKoUDBwEBAQEwEwYHKoUDAgIkAAYIKoUDBwEBAgIEIgQg0+JttJEV\n" + "Ud+XBzX9q13ByKK+j2b+mEmNIo1yB0wGleo=\n" + "-----END PRIVATE KEY-----\n"; -const gnutls_datum_t server_ca3_gost12_256_key = - { (unsigned char *)server_ca3_gost12_256_key_pem, +const gnutls_datum_t server_ca3_gost12_256_key = { + (unsigned char *)server_ca3_gost12_256_key_pem, sizeof(server_ca3_gost12_256_key_pem) - 1 }; static char server_ca3_gost12_256_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIC8DCCAVigAwIBAgIIWcZKgxkCMvcwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" - "AxMEQ0EtMzAgFw0xOTEwMDgxMDQ4MTZaGA85OTk5MTIzMTIzNTk1OVowDTELMAkG\n" - "A1UEAxMCR1IwZjAfBggqhQMHAQEBATATBgcqhQMCAiQABggqhQMHAQECAgNDAARA\n" - "J9sMEEx0JW9QsT5bDqyc0TNcjVg9ZSdp4GkMtShM+OOgyBGrWK3zLP5IzHYSXja8\n" - "373QrJOUvdX7T7TUk5yU5aOBjTCBijAMBgNVHRMBAf8EAjAAMBQGA1UdEQQNMAuC\n" - "CWxvY2FsaG9zdDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB4AA\n" - "MB0GA1UdDgQWBBQYSEtdwsYrtnOq6Ya3nt8DgFPCQjAfBgNVHSMEGDAWgBT5qIYZ\n" - "Y7akFBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAR0xtx7MWEP1KyIzM\n" - "4lXKdTyU4Nve5RcgqF82yR/0odqT5MPoaZDvLuRWEcQryztZD3kmRUmPmn1ujSfc\n" - "BbPfRnSutDXcf6imq0/U1/TV/BF3vpS1plltzetvibf8MYetHVFQHUBJDZJHh9h7\n" - "PGwA9SnmnGKFIxFdV6bVOLkPR54Gob9zN3E17KslL19lNtht1pxk9pshwTn35oRY\n" - "uOdxof9F4XjpI/4WbC8kp15QeG8XyZd5JWSl+niNOqYK31+ilQdVBr4RiZSDIcAg\n" - "twS5yV9Ap+R8rM8TLbeT2io4rhdUgmDllUf49zV3t6AbVvbsQfkqXmHXW8uW2WBu\n" - "A8FiXEbIIOb+QIW0ZGwk3BVQ7wdiw1M5w6kYtz5kBtNPxBmc+eu1+e6EAfYbFNr3\n" - "pkxtMk3veYWHb5s3dHZ4/t2Rn85hWqh03CWwCkKTN3qmEs4/XpybbXE/UE49e7u1\n" - "FkpM1bT/0gUNsNt5h3pyUzQZdiB0XbdGGFta3tB3+inIO45h\n" - "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_ca3_gost12_256_cert = - { (unsigned char *)server_ca3_gost12_256_cert_pem, + "-----BEGIN CERTIFICATE-----\n" + "MIIC8DCCAVigAwIBAgIIWcZKgxkCMvcwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" + "AxMEQ0EtMzAgFw0xOTEwMDgxMDQ4MTZaGA85OTk5MTIzMTIzNTk1OVowDTELMAkG\n" + "A1UEAxMCR1IwZjAfBggqhQMHAQEBATATBgcqhQMCAiQABggqhQMHAQECAgNDAARA\n" + "J9sMEEx0JW9QsT5bDqyc0TNcjVg9ZSdp4GkMtShM+OOgyBGrWK3zLP5IzHYSXja8\n" + "373QrJOUvdX7T7TUk5yU5aOBjTCBijAMBgNVHRMBAf8EAjAAMBQGA1UdEQQNMAuC\n" + "CWxvY2FsaG9zdDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB4AA\n" + "MB0GA1UdDgQWBBQYSEtdwsYrtnOq6Ya3nt8DgFPCQjAfBgNVHSMEGDAWgBT5qIYZ\n" + "Y7akFBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAR0xtx7MWEP1KyIzM\n" + "4lXKdTyU4Nve5RcgqF82yR/0odqT5MPoaZDvLuRWEcQryztZD3kmRUmPmn1ujSfc\n" + "BbPfRnSutDXcf6imq0/U1/TV/BF3vpS1plltzetvibf8MYetHVFQHUBJDZJHh9h7\n" + "PGwA9SnmnGKFIxFdV6bVOLkPR54Gob9zN3E17KslL19lNtht1pxk9pshwTn35oRY\n" + "uOdxof9F4XjpI/4WbC8kp15QeG8XyZd5JWSl+niNOqYK31+ilQdVBr4RiZSDIcAg\n" + "twS5yV9Ap+R8rM8TLbeT2io4rhdUgmDllUf49zV3t6AbVvbsQfkqXmHXW8uW2WBu\n" + "A8FiXEbIIOb+QIW0ZGwk3BVQ7wdiw1M5w6kYtz5kBtNPxBmc+eu1+e6EAfYbFNr3\n" + "pkxtMk3veYWHb5s3dHZ4/t2Rn85hWqh03CWwCkKTN3qmEs4/XpybbXE/UE49e7u1\n" + "FkpM1bT/0gUNsNt5h3pyUzQZdiB0XbdGGFta3tB3+inIO45h\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_ca3_gost12_256_cert = { + (unsigned char *)server_ca3_gost12_256_cert_pem, sizeof(server_ca3_gost12_256_cert_pem) - 1 }; static char server_ca3_gost12_512_key_pem[] = - "-----BEGIN PRIVATE KEY-----\n" - "MGACAQAwFwYIKoUDBwEBAQIwCwYJKoUDBwECAQIBBEIEQJLtsCFM/m6blvHOJoqS\n" - "FvrFIjlYFAJKVqIc8FoxuCaAmIXxG5sXuTRgx5+m3T6wDca9UYAqMvsIsEREObti\n" - "+W8=\n" "-----END PRIVATE KEY-----\n"; - -const gnutls_datum_t server_ca3_gost12_512_key = - { (unsigned char *)server_ca3_gost12_512_key_pem, + "-----BEGIN PRIVATE KEY-----\n" + "MGACAQAwFwYIKoUDBwEBAQIwCwYJKoUDBwECAQIBBEIEQJLtsCFM/m6blvHOJoqS\n" + "FvrFIjlYFAJKVqIc8FoxuCaAmIXxG5sXuTRgx5+m3T6wDca9UYAqMvsIsEREObti\n" + "+W8=\n" + "-----END PRIVATE KEY-----\n"; + +const gnutls_datum_t server_ca3_gost12_512_key = { + (unsigned char *)server_ca3_gost12_512_key_pem, sizeof(server_ca3_gost12_512_key_pem) - 1 }; static char server_ca3_gost12_512_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDKzCCAZOgAwIBAgIIWcZKvSvigz0wDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" - "AxMEQ0EtMzAgFw0xOTEwMDgxMTAwNDRaGA85OTk5MTIzMTIzNTk1OVowDTELMAkG\n" - "A1UEAxMCR1IwgaAwFwYIKoUDBwEBAQIwCwYJKoUDBwECAQIBA4GEAASBgDIyIpfh\n" - "R0umZWQl6GEhjjhjZ6cWlYJ41JHo6hx8cLxHopOjSrHEQRxabnfI07e9IjlK0MZu\n" - "oS8ngfbyAEI0LycgiOgDTriO8l10NEM/Yr1l+A5qHsZ9Oh46ijUlPTT6WEZzK/yU\n" - "RQmjg0TQFQUPQrwSfkW8lJzbINwaHCWWqSdxo4GNMIGKMAwGA1UdEwEB/wQCMAAw\n" - "FAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1Ud\n" - "DwEB/wQFAwMHgAAwHQYDVR0OBBYEFF7gSAq4EPp6G8FYvT+ECRRVrGTcMB8GA1Ud\n" - "IwQYMBaAFPmohhljtqQUE2B2DwGaNTbv8bSvMA0GCSqGSIb3DQEBCwUAA4IBgQAO\n" - "kFNTy9UqIkG5tDiW+O8QuV8A+Xvw2CLiIqDvkLhR1FQnXYs5OFquNBLyA2NSR5bk\n" - "OO+68sXj6iB9tGJWhHXo6efwsxR4maxHv7R8Gp6fFysEGtVV1MG+vpNOjoQNreVh\n" - "41D9/FU7eVqe6oSw5DtuUQvwrk3jooT4b9dpk2g1ihY33BrpA+vg9XnvN3+7dDNd\n" - "0xfRXKR9aGhWZsschps9xJqfzx63CZrH14+jHKxYPupSL7d/Akm3MDOf9XLa+vnY\n" - "WG6lHpkvGl0b8A6yxHHqDCctnE+aJGK6lMyZ1cd8GiStgcihussKGKvKsKygAM4J\n" - "zPxBQtTv11qjuyMksq5Gw6ctq/GO/M7eUoi/xf/O9+QOwDO/urocBJYY0BmsQWlR\n" - "VFjuOouE2GN7UPo6VyMiXpe75Wi9CNX/szNF+HnS4hCJGV5kz4ULaJnFxPE/oQwa\n" - "nlFDKO1feGQG0gOyf2jMzY1OD35SYss4Falc18iB3YQKigGkyqb+VeGyE8kq1UY=\n" - "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_ca3_gost12_512_cert = - { (unsigned char *)server_ca3_gost12_512_cert_pem, + "-----BEGIN CERTIFICATE-----\n" + "MIIDKzCCAZOgAwIBAgIIWcZKvSvigz0wDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" + "AxMEQ0EtMzAgFw0xOTEwMDgxMTAwNDRaGA85OTk5MTIzMTIzNTk1OVowDTELMAkG\n" + "A1UEAxMCR1IwgaAwFwYIKoUDBwEBAQIwCwYJKoUDBwECAQIBA4GEAASBgDIyIpfh\n" + "R0umZWQl6GEhjjhjZ6cWlYJ41JHo6hx8cLxHopOjSrHEQRxabnfI07e9IjlK0MZu\n" + "oS8ngfbyAEI0LycgiOgDTriO8l10NEM/Yr1l+A5qHsZ9Oh46ijUlPTT6WEZzK/yU\n" + "RQmjg0TQFQUPQrwSfkW8lJzbINwaHCWWqSdxo4GNMIGKMAwGA1UdEwEB/wQCMAAw\n" + "FAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1Ud\n" + "DwEB/wQFAwMHgAAwHQYDVR0OBBYEFF7gSAq4EPp6G8FYvT+ECRRVrGTcMB8GA1Ud\n" + "IwQYMBaAFPmohhljtqQUE2B2DwGaNTbv8bSvMA0GCSqGSIb3DQEBCwUAA4IBgQAO\n" + "kFNTy9UqIkG5tDiW+O8QuV8A+Xvw2CLiIqDvkLhR1FQnXYs5OFquNBLyA2NSR5bk\n" + "OO+68sXj6iB9tGJWhHXo6efwsxR4maxHv7R8Gp6fFysEGtVV1MG+vpNOjoQNreVh\n" + "41D9/FU7eVqe6oSw5DtuUQvwrk3jooT4b9dpk2g1ihY33BrpA+vg9XnvN3+7dDNd\n" + "0xfRXKR9aGhWZsschps9xJqfzx63CZrH14+jHKxYPupSL7d/Akm3MDOf9XLa+vnY\n" + "WG6lHpkvGl0b8A6yxHHqDCctnE+aJGK6lMyZ1cd8GiStgcihussKGKvKsKygAM4J\n" + "zPxBQtTv11qjuyMksq5Gw6ctq/GO/M7eUoi/xf/O9+QOwDO/urocBJYY0BmsQWlR\n" + "VFjuOouE2GN7UPo6VyMiXpe75Wi9CNX/szNF+HnS4hCJGV5kz4ULaJnFxPE/oQwa\n" + "nlFDKO1feGQG0gOyf2jMzY1OD35SYss4Falc18iB3YQKigGkyqb+VeGyE8kq1UY=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_ca3_gost12_512_cert = { + (unsigned char *)server_ca3_gost12_512_cert_pem, sizeof(server_ca3_gost12_512_cert_pem) - 1 }; /* shares server_ca3 key */ static char server_localhost6_ca3_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIENzCCAp+gAwIBAgIMV6MdMjdkWPp7Um/XMA0GCSqGSIb3DQEBCwUAMBIxEDAO\n" - "BgNVBAMTB3N1YkNBLTMwIBcNMTYwNTEwMDg1MTU1WhgPOTk5OTEyMzEyMzU5NTla\n" - "MAAwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDZPXiZqiz3wLuz+B4Z\n" - "nJuCphLEX7k15NcpamL3+9ea4gXyfeFSHbSaihPauBUcDMVbL/wfkhxYiJRCX7wq\n" - "HIkJK4En5aEzSDDa6pI/CI5lSbiXdNDGbFLh5b8Guvhfzyy8lDjFNNy3abkfU270\n" - "tnzFY5mkYwYgjuN/RgPqh0b8McT+xUeN9x4PuSXXmMC1r3v7y4JuMxE8ZzGDhW2a\n" - "QK5Is6QYv0WELS5hVvB8GdP5XQwTJw4HH5i/YES7TENV2RByzRY8hFQ9SbK5YHHG\n" - "oszVJIlIuxm5v8N2Ig1cW6t7t3HnuZbDYRDCERMiEigBz8vEZZyFsMLg5Z7JiNKS\n" - "G/f+ER9CzDJXHgxBctV9EEc2KmRT1P9JeI/xZUOl9lKljc+t8m0Um3Asx5duWm4t\n" - "cZm7FecnaJiTXD/tEG64qTKWtDuoI7+X9MjHe5lvf2gIJT3CoKW24Rn6O1fc9oCC\n" - "nVAi0V6FLM4XaG50X9NC666RVEFkXih8THA1gC9m9NJMrD0CAwEAAaOBnDCBmTAM\n" - "BgNVHRMBAf8EAjAAMCMGA1UdEQQcMBqCCmxvY2FsaG9zdDaCDHd3dy5ub25lLm9y\n" - "ZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQW\n" - "BBQzneEn04vV/OsF/LXHgWlPXjvZ1jAfBgNVHSMEGDAWgBQtMwQbJ3+UBHzH4zVP\n" - "6SWklOG3oTANBgkqhkiG9w0BAQsFAAOCAYEALXeJO70urguPXDXTPPfqOVZb9NOh\n" - "+1rHRtt1LIr6WxGMLDIuUwwjhExSR/XDnhzgy1G6Zxodsm1FV5aEmDhU9cz0MpkF\n" - "G1ndhGK+Y3Qey9L/8x7yuHoqLfcqiqe5Kxpq9zVfy87M1JC8FuFpRXgnXkbjnPRm\n" - "rDA7d0KtJfU93mmoI1yPDqYcJK6I62waIfRn5AcgGiMr8tT5oreIXPhjxiU15Say\n" - "ETqT0nSx3kB1VTm0K4mByIueGclnb5epUQ/suq9S++QW7Z9DD/8bfehXZaB1lb7r\n" - "jTMFQAzmrR7x53ZwKWry5iu6MXxFnWKTpBdGcgztbj34NM4VLqrdC15c0lj+OJ/3\n" - "0sbJ1YU3XCh6GZ96t3RPevSvimxMZfVquoBrr7/79PKxOnBY+amJYILqjzqvqIvr\n" - "LoPj0OuKmN7XiWINFAgz5/oj8Bq/4vu8Bsu4fwbgMeHt5Z0eIo8XtqblxnCASFDZ\n" - "yrRp0uKt24DKjSiJWnoqc+VjuvFECgGUzdts\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIENzCCAp+gAwIBAgIMV6MdMjdkWPp7Um/XMA0GCSqGSIb3DQEBCwUAMBIxEDAO\n" + "BgNVBAMTB3N1YkNBLTMwIBcNMTYwNTEwMDg1MTU1WhgPOTk5OTEyMzEyMzU5NTla\n" + "MAAwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDZPXiZqiz3wLuz+B4Z\n" + "nJuCphLEX7k15NcpamL3+9ea4gXyfeFSHbSaihPauBUcDMVbL/wfkhxYiJRCX7wq\n" + "HIkJK4En5aEzSDDa6pI/CI5lSbiXdNDGbFLh5b8Guvhfzyy8lDjFNNy3abkfU270\n" + "tnzFY5mkYwYgjuN/RgPqh0b8McT+xUeN9x4PuSXXmMC1r3v7y4JuMxE8ZzGDhW2a\n" + "QK5Is6QYv0WELS5hVvB8GdP5XQwTJw4HH5i/YES7TENV2RByzRY8hFQ9SbK5YHHG\n" + "oszVJIlIuxm5v8N2Ig1cW6t7t3HnuZbDYRDCERMiEigBz8vEZZyFsMLg5Z7JiNKS\n" + "G/f+ER9CzDJXHgxBctV9EEc2KmRT1P9JeI/xZUOl9lKljc+t8m0Um3Asx5duWm4t\n" + "cZm7FecnaJiTXD/tEG64qTKWtDuoI7+X9MjHe5lvf2gIJT3CoKW24Rn6O1fc9oCC\n" + "nVAi0V6FLM4XaG50X9NC666RVEFkXih8THA1gC9m9NJMrD0CAwEAAaOBnDCBmTAM\n" + "BgNVHRMBAf8EAjAAMCMGA1UdEQQcMBqCCmxvY2FsaG9zdDaCDHd3dy5ub25lLm9y\n" + "ZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQW\n" + "BBQzneEn04vV/OsF/LXHgWlPXjvZ1jAfBgNVHSMEGDAWgBQtMwQbJ3+UBHzH4zVP\n" + "6SWklOG3oTANBgkqhkiG9w0BAQsFAAOCAYEALXeJO70urguPXDXTPPfqOVZb9NOh\n" + "+1rHRtt1LIr6WxGMLDIuUwwjhExSR/XDnhzgy1G6Zxodsm1FV5aEmDhU9cz0MpkF\n" + "G1ndhGK+Y3Qey9L/8x7yuHoqLfcqiqe5Kxpq9zVfy87M1JC8FuFpRXgnXkbjnPRm\n" + "rDA7d0KtJfU93mmoI1yPDqYcJK6I62waIfRn5AcgGiMr8tT5oreIXPhjxiU15Say\n" + "ETqT0nSx3kB1VTm0K4mByIueGclnb5epUQ/suq9S++QW7Z9DD/8bfehXZaB1lb7r\n" + "jTMFQAzmrR7x53ZwKWry5iu6MXxFnWKTpBdGcgztbj34NM4VLqrdC15c0lj+OJ/3\n" + "0sbJ1YU3XCh6GZ96t3RPevSvimxMZfVquoBrr7/79PKxOnBY+amJYILqjzqvqIvr\n" + "LoPj0OuKmN7XiWINFAgz5/oj8Bq/4vu8Bsu4fwbgMeHt5Z0eIo8XtqblxnCASFDZ\n" + "yrRp0uKt24DKjSiJWnoqc+VjuvFECgGUzdts\n" + "-----END CERTIFICATE-----\n"; static char server_localhost6_ca3_cert_chain_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIENzCCAp+gAwIBAgIMV6MdMjdkWPp7Um/XMA0GCSqGSIb3DQEBCwUAMBIxEDAO\n" - "BgNVBAMTB3N1YkNBLTMwIBcNMTYwNTEwMDg1MTU1WhgPOTk5OTEyMzEyMzU5NTla\n" - "MAAwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDZPXiZqiz3wLuz+B4Z\n" - "nJuCphLEX7k15NcpamL3+9ea4gXyfeFSHbSaihPauBUcDMVbL/wfkhxYiJRCX7wq\n" - "HIkJK4En5aEzSDDa6pI/CI5lSbiXdNDGbFLh5b8Guvhfzyy8lDjFNNy3abkfU270\n" - "tnzFY5mkYwYgjuN/RgPqh0b8McT+xUeN9x4PuSXXmMC1r3v7y4JuMxE8ZzGDhW2a\n" - "QK5Is6QYv0WELS5hVvB8GdP5XQwTJw4HH5i/YES7TENV2RByzRY8hFQ9SbK5YHHG\n" - "oszVJIlIuxm5v8N2Ig1cW6t7t3HnuZbDYRDCERMiEigBz8vEZZyFsMLg5Z7JiNKS\n" - "G/f+ER9CzDJXHgxBctV9EEc2KmRT1P9JeI/xZUOl9lKljc+t8m0Um3Asx5duWm4t\n" - "cZm7FecnaJiTXD/tEG64qTKWtDuoI7+X9MjHe5lvf2gIJT3CoKW24Rn6O1fc9oCC\n" - "nVAi0V6FLM4XaG50X9NC666RVEFkXih8THA1gC9m9NJMrD0CAwEAAaOBnDCBmTAM\n" - "BgNVHRMBAf8EAjAAMCMGA1UdEQQcMBqCCmxvY2FsaG9zdDaCDHd3dy5ub25lLm9y\n" - "ZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQW\n" - "BBQzneEn04vV/OsF/LXHgWlPXjvZ1jAfBgNVHSMEGDAWgBQtMwQbJ3+UBHzH4zVP\n" - "6SWklOG3oTANBgkqhkiG9w0BAQsFAAOCAYEALXeJO70urguPXDXTPPfqOVZb9NOh\n" - "+1rHRtt1LIr6WxGMLDIuUwwjhExSR/XDnhzgy1G6Zxodsm1FV5aEmDhU9cz0MpkF\n" - "G1ndhGK+Y3Qey9L/8x7yuHoqLfcqiqe5Kxpq9zVfy87M1JC8FuFpRXgnXkbjnPRm\n" - "rDA7d0KtJfU93mmoI1yPDqYcJK6I62waIfRn5AcgGiMr8tT5oreIXPhjxiU15Say\n" - "ETqT0nSx3kB1VTm0K4mByIueGclnb5epUQ/suq9S++QW7Z9DD/8bfehXZaB1lb7r\n" - "jTMFQAzmrR7x53ZwKWry5iu6MXxFnWKTpBdGcgztbj34NM4VLqrdC15c0lj+OJ/3\n" - "0sbJ1YU3XCh6GZ96t3RPevSvimxMZfVquoBrr7/79PKxOnBY+amJYILqjzqvqIvr\n" - "LoPj0OuKmN7XiWINFAgz5/oj8Bq/4vu8Bsu4fwbgMeHt5Z0eIo8XtqblxnCASFDZ\n" - "yrRp0uKt24DKjSiJWnoqc+VjuvFECgGUzdts\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIEDTCCAnWgAwIBAgIMV6MdMjWzT9C59ec8MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTMwIBcNMTYwNTEwMDg0ODMwWhgPOTk5OTEyMzEyMzU5NTlaMBIx\n" - "EDAOBgNVBAMTB3N1YkNBLTMwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIB\n" - "gQCgOcNXzStOnRFoi05aMRLeMB45X4a2srSBul3ULxDSGjIP0EEl//X2WLiope/x\n" - "NL8bPCRpI1sSVXl8Hb1cK3qWNGazVmC7xW07NxL26I86e3/BVRnq8ioVtvPQwEpv\n" - "uI8F97x1vL/n+cfcdkN77NScr5C9jHMVioRvC+qKz9bUBx5DSySV66PR5+wGsJDv\n" - "kfsmjVOgqiTlSWQS5G3nMMq0Rixsc5dP5Wygkbdh9+45UCtObcnHABJrP+GtLiG0\n" - "AOUx6oPzPteZL13erWXg7zYusTarj9rTcdsgR/Im1mIzmD2i7GhJo4Gj0Sk3Rq93\n" - "JyeA+Ay5UPmqcm+dqX00b49MTTv4GtO53kLQSCXYFJ96jcMiXMzBFJD1ROsdk4WU\n" - "ed/tJMHffttDz9j3WcuX9M2nzTT2xlauokjbEAhRDRw5fxCFZh7TbmaH4vysDO9U\n" - "ZXVEXSLKonQ2Lmyso48s/G30VmlSjtPtJqRsv/oPpCO/c0D6BrkHV55B48xfmyIF\n" - "jgECAwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwYAMB0G\n" - "A1UdDgQWBBQtMwQbJ3+UBHzH4zVP6SWklOG3oTAfBgNVHSMEGDAWgBT5qIYZY7ak\n" - "FBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAMii5Gx3/d/58oDRy5a0o\n" - "PvQhkU0dKa61NfjjOz9uqxNSilLJE7jGJPaG2tKtC/XU1Ybql2tqQY68kogjKs31\n" - "QC6RFkoZAFouTJt11kzbgVWKewCk3/OrA0/ZkRrAfE0Pma/NITRwTHmTsQOdv/bz\n" - "R+xIPhjKxKrKyJFMG5xb+Q0OKSbd8kDpgYWKob5x2jsNYgEDp8nYSRT45SGw7c7F\n" - "cumkXz2nA6r5NwbnhELvNFK8fzsY+QJKHaAlJ9CclliP1PiiAcl2LQo2gaygWNiD\n" - "+ggnqzy7nqam9rieOOMHls1kKFAFrWy2g/cBhTfS+/7Shpex7NK2GAiujgUV0TZH\n" - "EyEZt6um4gLS9vwUKs/R4XS9VL/bBlfAy2hAVTeUejiRBGeTJkqBu7+c4FdrCByV\n" - "haeQASMYu/lga8eaGL1zJbJe2BQWI754KDYDT9qKNqGlgysr4AVje7z1Y1MQ72Sn\n" - "frzYSQw6BB85CurB6iou3Q+eM4o4g/+xGEuDo0Ne/8ir\n" - "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_ca3_localhost6_cert = - { (unsigned char *)server_localhost6_ca3_cert_pem, + "-----BEGIN CERTIFICATE-----\n" + "MIIENzCCAp+gAwIBAgIMV6MdMjdkWPp7Um/XMA0GCSqGSIb3DQEBCwUAMBIxEDAO\n" + "BgNVBAMTB3N1YkNBLTMwIBcNMTYwNTEwMDg1MTU1WhgPOTk5OTEyMzEyMzU5NTla\n" + "MAAwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDZPXiZqiz3wLuz+B4Z\n" + "nJuCphLEX7k15NcpamL3+9ea4gXyfeFSHbSaihPauBUcDMVbL/wfkhxYiJRCX7wq\n" + "HIkJK4En5aEzSDDa6pI/CI5lSbiXdNDGbFLh5b8Guvhfzyy8lDjFNNy3abkfU270\n" + "tnzFY5mkYwYgjuN/RgPqh0b8McT+xUeN9x4PuSXXmMC1r3v7y4JuMxE8ZzGDhW2a\n" + "QK5Is6QYv0WELS5hVvB8GdP5XQwTJw4HH5i/YES7TENV2RByzRY8hFQ9SbK5YHHG\n" + "oszVJIlIuxm5v8N2Ig1cW6t7t3HnuZbDYRDCERMiEigBz8vEZZyFsMLg5Z7JiNKS\n" + "G/f+ER9CzDJXHgxBctV9EEc2KmRT1P9JeI/xZUOl9lKljc+t8m0Um3Asx5duWm4t\n" + "cZm7FecnaJiTXD/tEG64qTKWtDuoI7+X9MjHe5lvf2gIJT3CoKW24Rn6O1fc9oCC\n" + "nVAi0V6FLM4XaG50X9NC666RVEFkXih8THA1gC9m9NJMrD0CAwEAAaOBnDCBmTAM\n" + "BgNVHRMBAf8EAjAAMCMGA1UdEQQcMBqCCmxvY2FsaG9zdDaCDHd3dy5ub25lLm9y\n" + "ZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQW\n" + "BBQzneEn04vV/OsF/LXHgWlPXjvZ1jAfBgNVHSMEGDAWgBQtMwQbJ3+UBHzH4zVP\n" + "6SWklOG3oTANBgkqhkiG9w0BAQsFAAOCAYEALXeJO70urguPXDXTPPfqOVZb9NOh\n" + "+1rHRtt1LIr6WxGMLDIuUwwjhExSR/XDnhzgy1G6Zxodsm1FV5aEmDhU9cz0MpkF\n" + "G1ndhGK+Y3Qey9L/8x7yuHoqLfcqiqe5Kxpq9zVfy87M1JC8FuFpRXgnXkbjnPRm\n" + "rDA7d0KtJfU93mmoI1yPDqYcJK6I62waIfRn5AcgGiMr8tT5oreIXPhjxiU15Say\n" + "ETqT0nSx3kB1VTm0K4mByIueGclnb5epUQ/suq9S++QW7Z9DD/8bfehXZaB1lb7r\n" + "jTMFQAzmrR7x53ZwKWry5iu6MXxFnWKTpBdGcgztbj34NM4VLqrdC15c0lj+OJ/3\n" + "0sbJ1YU3XCh6GZ96t3RPevSvimxMZfVquoBrr7/79PKxOnBY+amJYILqjzqvqIvr\n" + "LoPj0OuKmN7XiWINFAgz5/oj8Bq/4vu8Bsu4fwbgMeHt5Z0eIo8XtqblxnCASFDZ\n" + "yrRp0uKt24DKjSiJWnoqc+VjuvFECgGUzdts\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIEDTCCAnWgAwIBAgIMV6MdMjWzT9C59ec8MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTMwIBcNMTYwNTEwMDg0ODMwWhgPOTk5OTEyMzEyMzU5NTlaMBIx\n" + "EDAOBgNVBAMTB3N1YkNBLTMwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIB\n" + "gQCgOcNXzStOnRFoi05aMRLeMB45X4a2srSBul3ULxDSGjIP0EEl//X2WLiope/x\n" + "NL8bPCRpI1sSVXl8Hb1cK3qWNGazVmC7xW07NxL26I86e3/BVRnq8ioVtvPQwEpv\n" + "uI8F97x1vL/n+cfcdkN77NScr5C9jHMVioRvC+qKz9bUBx5DSySV66PR5+wGsJDv\n" + "kfsmjVOgqiTlSWQS5G3nMMq0Rixsc5dP5Wygkbdh9+45UCtObcnHABJrP+GtLiG0\n" + "AOUx6oPzPteZL13erWXg7zYusTarj9rTcdsgR/Im1mIzmD2i7GhJo4Gj0Sk3Rq93\n" + "JyeA+Ay5UPmqcm+dqX00b49MTTv4GtO53kLQSCXYFJ96jcMiXMzBFJD1ROsdk4WU\n" + "ed/tJMHffttDz9j3WcuX9M2nzTT2xlauokjbEAhRDRw5fxCFZh7TbmaH4vysDO9U\n" + "ZXVEXSLKonQ2Lmyso48s/G30VmlSjtPtJqRsv/oPpCO/c0D6BrkHV55B48xfmyIF\n" + "jgECAwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwYAMB0G\n" + "A1UdDgQWBBQtMwQbJ3+UBHzH4zVP6SWklOG3oTAfBgNVHSMEGDAWgBT5qIYZY7ak\n" + "FBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAMii5Gx3/d/58oDRy5a0o\n" + "PvQhkU0dKa61NfjjOz9uqxNSilLJE7jGJPaG2tKtC/XU1Ybql2tqQY68kogjKs31\n" + "QC6RFkoZAFouTJt11kzbgVWKewCk3/OrA0/ZkRrAfE0Pma/NITRwTHmTsQOdv/bz\n" + "R+xIPhjKxKrKyJFMG5xb+Q0OKSbd8kDpgYWKob5x2jsNYgEDp8nYSRT45SGw7c7F\n" + "cumkXz2nA6r5NwbnhELvNFK8fzsY+QJKHaAlJ9CclliP1PiiAcl2LQo2gaygWNiD\n" + "+ggnqzy7nqam9rieOOMHls1kKFAFrWy2g/cBhTfS+/7Shpex7NK2GAiujgUV0TZH\n" + "EyEZt6um4gLS9vwUKs/R4XS9VL/bBlfAy2hAVTeUejiRBGeTJkqBu7+c4FdrCByV\n" + "haeQASMYu/lga8eaGL1zJbJe2BQWI754KDYDT9qKNqGlgysr4AVje7z1Y1MQ72Sn\n" + "frzYSQw6BB85CurB6iou3Q+eM4o4g/+xGEuDo0Ne/8ir\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_ca3_localhost6_cert = { + (unsigned char *)server_localhost6_ca3_cert_pem, sizeof(server_localhost6_ca3_cert_pem) - 1 }; @@ -1273,82 +1282,83 @@ const gnutls_datum_t server_ca3_localhost6_cert_chain = { /* shares server_ca3 key */ static char server_ipaddr_ca3_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEAzCCAmugAwIBAgIMWNI1ISkCpEsFglgfMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTMwHhcNMDQwMjI5MTUyMTQyWhcNMjQwMjI5MTUyMTQxWjANMQsw\n" - "CQYDVQQGEwJHUjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANk9eJmq\n" - "LPfAu7P4Hhmcm4KmEsRfuTXk1ylqYvf715riBfJ94VIdtJqKE9q4FRwMxVsv/B+S\n" - "HFiIlEJfvCociQkrgSfloTNIMNrqkj8IjmVJuJd00MZsUuHlvwa6+F/PLLyUOMU0\n" - "3LdpuR9TbvS2fMVjmaRjBiCO439GA+qHRvwxxP7FR433Hg+5JdeYwLWve/vLgm4z\n" - "ETxnMYOFbZpArkizpBi/RYQtLmFW8HwZ0/ldDBMnDgcfmL9gRLtMQ1XZEHLNFjyE\n" - "VD1JsrlgccaizNUkiUi7Gbm/w3YiDVxbq3u3cee5lsNhEMIREyISKAHPy8RlnIWw\n" - "wuDlnsmI0pIb9/4RH0LMMlceDEFy1X0QRzYqZFPU/0l4j/FlQ6X2UqWNz63ybRSb\n" - "cCzHl25abi1xmbsV5ydomJNcP+0QbripMpa0O6gjv5f0yMd7mW9/aAglPcKgpbbh\n" - "Gfo7V9z2gIKdUCLRXoUszhdobnRf00LrrpFUQWReKHxMcDWAL2b00kysPQIDAQAB\n" - "o2EwXzAMBgNVHRMBAf8EAjAAMA8GA1UdEQQIMAaHBH8AAAEwHQYDVR0OBBYEFDOd\n" - "4SfTi9X86wX8tceBaU9eO9nWMB8GA1UdIwQYMBaAFPmohhljtqQUE2B2DwGaNTbv\n" - "8bSvMA0GCSqGSIb3DQEBCwUAA4IBgQCNwaCnuNcrSpKjNI99kwuS2/LRnt40yN0B\n" - "LvN4wnkfEh02LXg2ylXCYZZw59m3w7Cefr1BGLXJjbJTNHASjSOvmurJVEX5sqdX\n" - "zGQs9HzysDvTVHQh1VUWXyj612DUWZoAYYaUg+CiAZLA/ShT+zN/OC8kWa1RXZPt\n" - "BfTM7REBxAOxUEDuL1aa/KkFqXgy3cr795TWqdt0lZ/dk7kHxqZKR7nJ2TcOmYK9\n" - "UdJWnmebDgjlRvXS4CgG8JNzyJtukogSjmp7qsxX9QZ1umUw3Lf7StSdXZT1oIDI\n" - "evLJCTohtE3/ocRlHfQ9l+B8V+8z7YE+0liFwjwUyrYVUpJ2YuPmHHfauTI2JyVX\n" - "Kk9dJopvnkhA6rIvNjkd3N3iWE3ftSkk/PV9Iu7PQ2jtR8JXkPMJfgq0owbxhn5N\n" - "oqQW/zQU7pq4Y9+rvH2qPFSxHGmecBhxetXoAPT66hHJCUTAspF/5DgT6TVMu+Gs\n" - "hiRt+POJ1lVlGUHsF9Z7IE/d+NCESwU=\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIEAzCCAmugAwIBAgIMWNI1ISkCpEsFglgfMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTMwHhcNMDQwMjI5MTUyMTQyWhcNMjQwMjI5MTUyMTQxWjANMQsw\n" + "CQYDVQQGEwJHUjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANk9eJmq\n" + "LPfAu7P4Hhmcm4KmEsRfuTXk1ylqYvf715riBfJ94VIdtJqKE9q4FRwMxVsv/B+S\n" + "HFiIlEJfvCociQkrgSfloTNIMNrqkj8IjmVJuJd00MZsUuHlvwa6+F/PLLyUOMU0\n" + "3LdpuR9TbvS2fMVjmaRjBiCO439GA+qHRvwxxP7FR433Hg+5JdeYwLWve/vLgm4z\n" + "ETxnMYOFbZpArkizpBi/RYQtLmFW8HwZ0/ldDBMnDgcfmL9gRLtMQ1XZEHLNFjyE\n" + "VD1JsrlgccaizNUkiUi7Gbm/w3YiDVxbq3u3cee5lsNhEMIREyISKAHPy8RlnIWw\n" + "wuDlnsmI0pIb9/4RH0LMMlceDEFy1X0QRzYqZFPU/0l4j/FlQ6X2UqWNz63ybRSb\n" + "cCzHl25abi1xmbsV5ydomJNcP+0QbripMpa0O6gjv5f0yMd7mW9/aAglPcKgpbbh\n" + "Gfo7V9z2gIKdUCLRXoUszhdobnRf00LrrpFUQWReKHxMcDWAL2b00kysPQIDAQAB\n" + "o2EwXzAMBgNVHRMBAf8EAjAAMA8GA1UdEQQIMAaHBH8AAAEwHQYDVR0OBBYEFDOd\n" + "4SfTi9X86wX8tceBaU9eO9nWMB8GA1UdIwQYMBaAFPmohhljtqQUE2B2DwGaNTbv\n" + "8bSvMA0GCSqGSIb3DQEBCwUAA4IBgQCNwaCnuNcrSpKjNI99kwuS2/LRnt40yN0B\n" + "LvN4wnkfEh02LXg2ylXCYZZw59m3w7Cefr1BGLXJjbJTNHASjSOvmurJVEX5sqdX\n" + "zGQs9HzysDvTVHQh1VUWXyj612DUWZoAYYaUg+CiAZLA/ShT+zN/OC8kWa1RXZPt\n" + "BfTM7REBxAOxUEDuL1aa/KkFqXgy3cr795TWqdt0lZ/dk7kHxqZKR7nJ2TcOmYK9\n" + "UdJWnmebDgjlRvXS4CgG8JNzyJtukogSjmp7qsxX9QZ1umUw3Lf7StSdXZT1oIDI\n" + "evLJCTohtE3/ocRlHfQ9l+B8V+8z7YE+0liFwjwUyrYVUpJ2YuPmHHfauTI2JyVX\n" + "Kk9dJopvnkhA6rIvNjkd3N3iWE3ftSkk/PV9Iu7PQ2jtR8JXkPMJfgq0owbxhn5N\n" + "oqQW/zQU7pq4Y9+rvH2qPFSxHGmecBhxetXoAPT66hHJCUTAspF/5DgT6TVMu+Gs\n" + "hiRt+POJ1lVlGUHsF9Z7IE/d+NCESwU=\n" + "-----END CERTIFICATE-----\n"; static char server_ipaddr_ca3_cert_chain_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEAzCCAmugAwIBAgIMWNI1ISkCpEsFglgfMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTMwHhcNMDQwMjI5MTUyMTQyWhcNMjQwMjI5MTUyMTQxWjANMQsw\n" - "CQYDVQQGEwJHUjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANk9eJmq\n" - "LPfAu7P4Hhmcm4KmEsRfuTXk1ylqYvf715riBfJ94VIdtJqKE9q4FRwMxVsv/B+S\n" - "HFiIlEJfvCociQkrgSfloTNIMNrqkj8IjmVJuJd00MZsUuHlvwa6+F/PLLyUOMU0\n" - "3LdpuR9TbvS2fMVjmaRjBiCO439GA+qHRvwxxP7FR433Hg+5JdeYwLWve/vLgm4z\n" - "ETxnMYOFbZpArkizpBi/RYQtLmFW8HwZ0/ldDBMnDgcfmL9gRLtMQ1XZEHLNFjyE\n" - "VD1JsrlgccaizNUkiUi7Gbm/w3YiDVxbq3u3cee5lsNhEMIREyISKAHPy8RlnIWw\n" - "wuDlnsmI0pIb9/4RH0LMMlceDEFy1X0QRzYqZFPU/0l4j/FlQ6X2UqWNz63ybRSb\n" - "cCzHl25abi1xmbsV5ydomJNcP+0QbripMpa0O6gjv5f0yMd7mW9/aAglPcKgpbbh\n" - "Gfo7V9z2gIKdUCLRXoUszhdobnRf00LrrpFUQWReKHxMcDWAL2b00kysPQIDAQAB\n" - "o2EwXzAMBgNVHRMBAf8EAjAAMA8GA1UdEQQIMAaHBH8AAAEwHQYDVR0OBBYEFDOd\n" - "4SfTi9X86wX8tceBaU9eO9nWMB8GA1UdIwQYMBaAFPmohhljtqQUE2B2DwGaNTbv\n" - "8bSvMA0GCSqGSIb3DQEBCwUAA4IBgQCNwaCnuNcrSpKjNI99kwuS2/LRnt40yN0B\n" - "LvN4wnkfEh02LXg2ylXCYZZw59m3w7Cefr1BGLXJjbJTNHASjSOvmurJVEX5sqdX\n" - "zGQs9HzysDvTVHQh1VUWXyj612DUWZoAYYaUg+CiAZLA/ShT+zN/OC8kWa1RXZPt\n" - "BfTM7REBxAOxUEDuL1aa/KkFqXgy3cr795TWqdt0lZ/dk7kHxqZKR7nJ2TcOmYK9\n" - "UdJWnmebDgjlRvXS4CgG8JNzyJtukogSjmp7qsxX9QZ1umUw3Lf7StSdXZT1oIDI\n" - "evLJCTohtE3/ocRlHfQ9l+B8V+8z7YE+0liFwjwUyrYVUpJ2YuPmHHfauTI2JyVX\n" - "Kk9dJopvnkhA6rIvNjkd3N3iWE3ftSkk/PV9Iu7PQ2jtR8JXkPMJfgq0owbxhn5N\n" - "oqQW/zQU7pq4Y9+rvH2qPFSxHGmecBhxetXoAPT66hHJCUTAspF/5DgT6TVMu+Gs\n" - "hiRt+POJ1lVlGUHsF9Z7IE/d+NCESwU=\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIEDTCCAnWgAwIBAgIMV6MdMjWzT9C59ec8MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTMwIBcNMTYwNTEwMDg0ODMwWhgPOTk5OTEyMzEyMzU5NTlaMBIx\n" - "EDAOBgNVBAMTB3N1YkNBLTMwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIB\n" - "gQCgOcNXzStOnRFoi05aMRLeMB45X4a2srSBul3ULxDSGjIP0EEl//X2WLiope/x\n" - "NL8bPCRpI1sSVXl8Hb1cK3qWNGazVmC7xW07NxL26I86e3/BVRnq8ioVtvPQwEpv\n" - "uI8F97x1vL/n+cfcdkN77NScr5C9jHMVioRvC+qKz9bUBx5DSySV66PR5+wGsJDv\n" - "kfsmjVOgqiTlSWQS5G3nMMq0Rixsc5dP5Wygkbdh9+45UCtObcnHABJrP+GtLiG0\n" - "AOUx6oPzPteZL13erWXg7zYusTarj9rTcdsgR/Im1mIzmD2i7GhJo4Gj0Sk3Rq93\n" - "JyeA+Ay5UPmqcm+dqX00b49MTTv4GtO53kLQSCXYFJ96jcMiXMzBFJD1ROsdk4WU\n" - "ed/tJMHffttDz9j3WcuX9M2nzTT2xlauokjbEAhRDRw5fxCFZh7TbmaH4vysDO9U\n" - "ZXVEXSLKonQ2Lmyso48s/G30VmlSjtPtJqRsv/oPpCO/c0D6BrkHV55B48xfmyIF\n" - "jgECAwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwYAMB0G\n" - "A1UdDgQWBBQtMwQbJ3+UBHzH4zVP6SWklOG3oTAfBgNVHSMEGDAWgBT5qIYZY7ak\n" - "FBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAMii5Gx3/d/58oDRy5a0o\n" - "PvQhkU0dKa61NfjjOz9uqxNSilLJE7jGJPaG2tKtC/XU1Ybql2tqQY68kogjKs31\n" - "QC6RFkoZAFouTJt11kzbgVWKewCk3/OrA0/ZkRrAfE0Pma/NITRwTHmTsQOdv/bz\n" - "R+xIPhjKxKrKyJFMG5xb+Q0OKSbd8kDpgYWKob5x2jsNYgEDp8nYSRT45SGw7c7F\n" - "cumkXz2nA6r5NwbnhELvNFK8fzsY+QJKHaAlJ9CclliP1PiiAcl2LQo2gaygWNiD\n" - "+ggnqzy7nqam9rieOOMHls1kKFAFrWy2g/cBhTfS+/7Shpex7NK2GAiujgUV0TZH\n" - "EyEZt6um4gLS9vwUKs/R4XS9VL/bBlfAy2hAVTeUejiRBGeTJkqBu7+c4FdrCByV\n" - "haeQASMYu/lga8eaGL1zJbJe2BQWI754KDYDT9qKNqGlgysr4AVje7z1Y1MQ72Sn\n" - "frzYSQw6BB85CurB6iou3Q+eM4o4g/+xGEuDo0Ne/8ir\n" - "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_ca3_ipaddr_cert = - { (unsigned char *)server_ipaddr_ca3_cert_pem, + "-----BEGIN CERTIFICATE-----\n" + "MIIEAzCCAmugAwIBAgIMWNI1ISkCpEsFglgfMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTMwHhcNMDQwMjI5MTUyMTQyWhcNMjQwMjI5MTUyMTQxWjANMQsw\n" + "CQYDVQQGEwJHUjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANk9eJmq\n" + "LPfAu7P4Hhmcm4KmEsRfuTXk1ylqYvf715riBfJ94VIdtJqKE9q4FRwMxVsv/B+S\n" + "HFiIlEJfvCociQkrgSfloTNIMNrqkj8IjmVJuJd00MZsUuHlvwa6+F/PLLyUOMU0\n" + "3LdpuR9TbvS2fMVjmaRjBiCO439GA+qHRvwxxP7FR433Hg+5JdeYwLWve/vLgm4z\n" + "ETxnMYOFbZpArkizpBi/RYQtLmFW8HwZ0/ldDBMnDgcfmL9gRLtMQ1XZEHLNFjyE\n" + "VD1JsrlgccaizNUkiUi7Gbm/w3YiDVxbq3u3cee5lsNhEMIREyISKAHPy8RlnIWw\n" + "wuDlnsmI0pIb9/4RH0LMMlceDEFy1X0QRzYqZFPU/0l4j/FlQ6X2UqWNz63ybRSb\n" + "cCzHl25abi1xmbsV5ydomJNcP+0QbripMpa0O6gjv5f0yMd7mW9/aAglPcKgpbbh\n" + "Gfo7V9z2gIKdUCLRXoUszhdobnRf00LrrpFUQWReKHxMcDWAL2b00kysPQIDAQAB\n" + "o2EwXzAMBgNVHRMBAf8EAjAAMA8GA1UdEQQIMAaHBH8AAAEwHQYDVR0OBBYEFDOd\n" + "4SfTi9X86wX8tceBaU9eO9nWMB8GA1UdIwQYMBaAFPmohhljtqQUE2B2DwGaNTbv\n" + "8bSvMA0GCSqGSIb3DQEBCwUAA4IBgQCNwaCnuNcrSpKjNI99kwuS2/LRnt40yN0B\n" + "LvN4wnkfEh02LXg2ylXCYZZw59m3w7Cefr1BGLXJjbJTNHASjSOvmurJVEX5sqdX\n" + "zGQs9HzysDvTVHQh1VUWXyj612DUWZoAYYaUg+CiAZLA/ShT+zN/OC8kWa1RXZPt\n" + "BfTM7REBxAOxUEDuL1aa/KkFqXgy3cr795TWqdt0lZ/dk7kHxqZKR7nJ2TcOmYK9\n" + "UdJWnmebDgjlRvXS4CgG8JNzyJtukogSjmp7qsxX9QZ1umUw3Lf7StSdXZT1oIDI\n" + "evLJCTohtE3/ocRlHfQ9l+B8V+8z7YE+0liFwjwUyrYVUpJ2YuPmHHfauTI2JyVX\n" + "Kk9dJopvnkhA6rIvNjkd3N3iWE3ftSkk/PV9Iu7PQ2jtR8JXkPMJfgq0owbxhn5N\n" + "oqQW/zQU7pq4Y9+rvH2qPFSxHGmecBhxetXoAPT66hHJCUTAspF/5DgT6TVMu+Gs\n" + "hiRt+POJ1lVlGUHsF9Z7IE/d+NCESwU=\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIEDTCCAnWgAwIBAgIMV6MdMjWzT9C59ec8MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTMwIBcNMTYwNTEwMDg0ODMwWhgPOTk5OTEyMzEyMzU5NTlaMBIx\n" + "EDAOBgNVBAMTB3N1YkNBLTMwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIB\n" + "gQCgOcNXzStOnRFoi05aMRLeMB45X4a2srSBul3ULxDSGjIP0EEl//X2WLiope/x\n" + "NL8bPCRpI1sSVXl8Hb1cK3qWNGazVmC7xW07NxL26I86e3/BVRnq8ioVtvPQwEpv\n" + "uI8F97x1vL/n+cfcdkN77NScr5C9jHMVioRvC+qKz9bUBx5DSySV66PR5+wGsJDv\n" + "kfsmjVOgqiTlSWQS5G3nMMq0Rixsc5dP5Wygkbdh9+45UCtObcnHABJrP+GtLiG0\n" + "AOUx6oPzPteZL13erWXg7zYusTarj9rTcdsgR/Im1mIzmD2i7GhJo4Gj0Sk3Rq93\n" + "JyeA+Ay5UPmqcm+dqX00b49MTTv4GtO53kLQSCXYFJ96jcMiXMzBFJD1ROsdk4WU\n" + "ed/tJMHffttDz9j3WcuX9M2nzTT2xlauokjbEAhRDRw5fxCFZh7TbmaH4vysDO9U\n" + "ZXVEXSLKonQ2Lmyso48s/G30VmlSjtPtJqRsv/oPpCO/c0D6BrkHV55B48xfmyIF\n" + "jgECAwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwYAMB0G\n" + "A1UdDgQWBBQtMwQbJ3+UBHzH4zVP6SWklOG3oTAfBgNVHSMEGDAWgBT5qIYZY7ak\n" + "FBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAMii5Gx3/d/58oDRy5a0o\n" + "PvQhkU0dKa61NfjjOz9uqxNSilLJE7jGJPaG2tKtC/XU1Ybql2tqQY68kogjKs31\n" + "QC6RFkoZAFouTJt11kzbgVWKewCk3/OrA0/ZkRrAfE0Pma/NITRwTHmTsQOdv/bz\n" + "R+xIPhjKxKrKyJFMG5xb+Q0OKSbd8kDpgYWKob5x2jsNYgEDp8nYSRT45SGw7c7F\n" + "cumkXz2nA6r5NwbnhELvNFK8fzsY+QJKHaAlJ9CclliP1PiiAcl2LQo2gaygWNiD\n" + "+ggnqzy7nqam9rieOOMHls1kKFAFrWy2g/cBhTfS+/7Shpex7NK2GAiujgUV0TZH\n" + "EyEZt6um4gLS9vwUKs/R4XS9VL/bBlfAy2hAVTeUejiRBGeTJkqBu7+c4FdrCByV\n" + "haeQASMYu/lga8eaGL1zJbJe2BQWI754KDYDT9qKNqGlgysr4AVje7z1Y1MQ72Sn\n" + "frzYSQw6BB85CurB6iou3Q+eM4o4g/+xGEuDo0Ne/8ir\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_ca3_ipaddr_cert = { + (unsigned char *)server_ipaddr_ca3_cert_pem, sizeof(server_ipaddr_ca3_cert_pem) - 1 }; @@ -1359,274 +1369,278 @@ const gnutls_datum_t server_ca3_ipaddr_cert_chain = { /* shares server_ca3 key - uses IDNA2003 encoding */ static char server_localhost_utf8_ca3_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIESDCCArCgAwIBAgIMWElUMBlK8XImg3gXMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTMwHhcNMDQwMjI5MTUyMTQyWhcNMjQwMjI5MTUyMTQxWjANMQsw\n" - "CQYDVQQGEwJHUjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANk9eJmq\n" - "LPfAu7P4Hhmcm4KmEsRfuTXk1ylqYvf715riBfJ94VIdtJqKE9q4FRwMxVsv/B+S\n" - "HFiIlEJfvCociQkrgSfloTNIMNrqkj8IjmVJuJd00MZsUuHlvwa6+F/PLLyUOMU0\n" - "3LdpuR9TbvS2fMVjmaRjBiCO439GA+qHRvwxxP7FR433Hg+5JdeYwLWve/vLgm4z\n" - "ETxnMYOFbZpArkizpBi/RYQtLmFW8HwZ0/ldDBMnDgcfmL9gRLtMQ1XZEHLNFjyE\n" - "VD1JsrlgccaizNUkiUi7Gbm/w3YiDVxbq3u3cee5lsNhEMIREyISKAHPy8RlnIWw\n" - "wuDlnsmI0pIb9/4RH0LMMlceDEFy1X0QRzYqZFPU/0l4j/FlQ6X2UqWNz63ybRSb\n" - "cCzHl25abi1xmbsV5ydomJNcP+0QbripMpa0O6gjv5f0yMd7mW9/aAglPcKgpbbh\n" - "Gfo7V9z2gIKdUCLRXoUszhdobnRf00LrrpFUQWReKHxMcDWAL2b00kysPQIDAQAB\n" - "o4GlMIGiMAwGA1UdEwEB/wQCMAAwUgYDVR0RBEswSYITd3d3LnhuLS1reGF3aGt1\n" - "LmNvbYIieG4tLWZpcXUxYXowM2MxOHQueG4tLW14YWgxYW1vLmNvbYIObG9jYWxo\n" - "b3N0LXV0ZjgwHQYDVR0OBBYEFDOd4SfTi9X86wX8tceBaU9eO9nWMB8GA1UdIwQY\n" - "MBaAFPmohhljtqQUE2B2DwGaNTbv8bSvMA0GCSqGSIb3DQEBCwUAA4IBgQBHHhTy\n" - "X3AjFcrDa27yN5lnfZfrJ1QGdjoxbcGlWuwI5+EsRInxZSvXQVyh+P9YTphdqAMj\n" - "YsGCrzqD6+2SkBhrd7/KbmGZF3zFpqe9IcqS2m2u3Z0q4oNjhai86PIRlTSl+Dm/\n" - "V0T98Fsx/Ec/T509E+HCSYhZgX1A1wCw0jrPJ4UcT9S0jwmP3q8KIXrVAC88tmX3\n" - "eeVOoVI+lccju++fDaSQJFtZ8PVo8Yd8XDb/xu9ijRQNVom+1x70YvRo6jaSsX4k\n" - "Y5gM1w3xTObKvo0YI/ot29DE0gE5xPYuiJOzooTNMBSklsB4sXS3Ehwpp+zuUAHQ\n" - "h9I3os365QeRyB1IaWbO/7WK/zKPFbc3cyQLg8iGGeecH26CJ7vRlxDkvNvhscuh\n" - "6Z3YK5DJdisRx5W3fW+JapAjsTXpYd/Aj4xMFoNXqvU3WaejB1TfQqxgBHw9Tapy\n" - "PexWtASNmu1xcO13LdgN4Oa1OL4P4U9TQVwoCpkjlDSVNLqBC0N5kPmGkOY=\n" - "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_ca3_localhost_utf8_cert = - { (unsigned char *)server_localhost_utf8_ca3_cert_pem, + "-----BEGIN CERTIFICATE-----\n" + "MIIESDCCArCgAwIBAgIMWElUMBlK8XImg3gXMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTMwHhcNMDQwMjI5MTUyMTQyWhcNMjQwMjI5MTUyMTQxWjANMQsw\n" + "CQYDVQQGEwJHUjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANk9eJmq\n" + "LPfAu7P4Hhmcm4KmEsRfuTXk1ylqYvf715riBfJ94VIdtJqKE9q4FRwMxVsv/B+S\n" + "HFiIlEJfvCociQkrgSfloTNIMNrqkj8IjmVJuJd00MZsUuHlvwa6+F/PLLyUOMU0\n" + "3LdpuR9TbvS2fMVjmaRjBiCO439GA+qHRvwxxP7FR433Hg+5JdeYwLWve/vLgm4z\n" + "ETxnMYOFbZpArkizpBi/RYQtLmFW8HwZ0/ldDBMnDgcfmL9gRLtMQ1XZEHLNFjyE\n" + "VD1JsrlgccaizNUkiUi7Gbm/w3YiDVxbq3u3cee5lsNhEMIREyISKAHPy8RlnIWw\n" + "wuDlnsmI0pIb9/4RH0LMMlceDEFy1X0QRzYqZFPU/0l4j/FlQ6X2UqWNz63ybRSb\n" + "cCzHl25abi1xmbsV5ydomJNcP+0QbripMpa0O6gjv5f0yMd7mW9/aAglPcKgpbbh\n" + "Gfo7V9z2gIKdUCLRXoUszhdobnRf00LrrpFUQWReKHxMcDWAL2b00kysPQIDAQAB\n" + "o4GlMIGiMAwGA1UdEwEB/wQCMAAwUgYDVR0RBEswSYITd3d3LnhuLS1reGF3aGt1\n" + "LmNvbYIieG4tLWZpcXUxYXowM2MxOHQueG4tLW14YWgxYW1vLmNvbYIObG9jYWxo\n" + "b3N0LXV0ZjgwHQYDVR0OBBYEFDOd4SfTi9X86wX8tceBaU9eO9nWMB8GA1UdIwQY\n" + "MBaAFPmohhljtqQUE2B2DwGaNTbv8bSvMA0GCSqGSIb3DQEBCwUAA4IBgQBHHhTy\n" + "X3AjFcrDa27yN5lnfZfrJ1QGdjoxbcGlWuwI5+EsRInxZSvXQVyh+P9YTphdqAMj\n" + "YsGCrzqD6+2SkBhrd7/KbmGZF3zFpqe9IcqS2m2u3Z0q4oNjhai86PIRlTSl+Dm/\n" + "V0T98Fsx/Ec/T509E+HCSYhZgX1A1wCw0jrPJ4UcT9S0jwmP3q8KIXrVAC88tmX3\n" + "eeVOoVI+lccju++fDaSQJFtZ8PVo8Yd8XDb/xu9ijRQNVom+1x70YvRo6jaSsX4k\n" + "Y5gM1w3xTObKvo0YI/ot29DE0gE5xPYuiJOzooTNMBSklsB4sXS3Ehwpp+zuUAHQ\n" + "h9I3os365QeRyB1IaWbO/7WK/zKPFbc3cyQLg8iGGeecH26CJ7vRlxDkvNvhscuh\n" + "6Z3YK5DJdisRx5W3fW+JapAjsTXpYd/Aj4xMFoNXqvU3WaejB1TfQqxgBHw9Tapy\n" + "PexWtASNmu1xcO13LdgN4Oa1OL4P4U9TQVwoCpkjlDSVNLqBC0N5kPmGkOY=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_ca3_localhost_utf8_cert = { + (unsigned char *)server_localhost_utf8_ca3_cert_pem, sizeof(server_localhost_utf8_ca3_cert_pem) - 1 }; /* shared the server_ca3 key, uses raw UTF8 on DnsName */ static char server_localhost_inv_utf8_ca3_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEQDCCAqigAwIBAgIMV9ZyrTt30lJ2pYe6MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTMwHhcNMDQwMjI5MTUyMTQyWhcNMjQwMjI5MTUyMTQxWjANMQsw\n" - "CQYDVQQGEwJHUjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANk9eJmq\n" - "LPfAu7P4Hhmcm4KmEsRfuTXk1ylqYvf715riBfJ94VIdtJqKE9q4FRwMxVsv/B+S\n" - "HFiIlEJfvCociQkrgSfloTNIMNrqkj8IjmVJuJd00MZsUuHlvwa6+F/PLLyUOMU0\n" - "3LdpuR9TbvS2fMVjmaRjBiCO439GA+qHRvwxxP7FR433Hg+5JdeYwLWve/vLgm4z\n" - "ETxnMYOFbZpArkizpBi/RYQtLmFW8HwZ0/ldDBMnDgcfmL9gRLtMQ1XZEHLNFjyE\n" - "VD1JsrlgccaizNUkiUi7Gbm/w3YiDVxbq3u3cee5lsNhEMIREyISKAHPy8RlnIWw\n" - "wuDlnsmI0pIb9/4RH0LMMlceDEFy1X0QRzYqZFPU/0l4j/FlQ6X2UqWNz63ybRSb\n" - "cCzHl25abi1xmbsV5ydomJNcP+0QbripMpa0O6gjv5f0yMd7mW9/aAglPcKgpbbh\n" - "Gfo7V9z2gIKdUCLRXoUszhdobnRf00LrrpFUQWReKHxMcDWAL2b00kysPQIDAQAB\n" - "o4GdMIGaMAwGA1UdEwEB/wQCMAAwSgYDVR0RBEMwQYISd3d3Ls69zq/Ous6/z4Iu\n" - "Y29tghvnroDkvZPkuK3mlocuzrXOvs+Ez4HOsS5jb22CDmxvY2FsaG9zdC11dGY4\n" - "MB0GA1UdDgQWBBQzneEn04vV/OsF/LXHgWlPXjvZ1jAfBgNVHSMEGDAWgBT5qIYZ\n" - "Y7akFBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAkUgmFO2bdws049Nz\n" - "w55UaF7XxG8ER7kKzLCWgw8tuYjcIDKQ+/gD0hUuKBxCbuISdT32gfZTf+ZNKtEg\n" - "7f9Lhr935ZoDCvyYnal1ploqAOu0ZDEXz+cU+OzreJ58J95LYX2we1lPqCYz0qo0\n" - "6FeWrP6H6+azis2ee5XN+b20l/nRl3bNGZDnkl6+b3wPR6rIFaILcEZDl15SMgiW\n" - "PlzJ0s97szWAO2ywLvNPdB66ugOvJY34ivTQOkCDi9css5faN1LcwmqDAeAq4DZt\n" - "mZ8/504D1AUD9szneb2UgD9ZnPr4r45+qzE3lCtvmFGEddJ3c9zQVjnqEKljgG6S\n" - "FdlAVVfxbwoAc24kN6UUEpLiabFoL071pZt1WoHOFA68yBxnC6CO/3vfVSF9Ftg3\n" - "oUPldkvMs8+33YhojDKYXP5USoES2OPdofmq8LnTZj7c6ex+SvlRdOgHg4pd9lX2\n" - "Efwe6rFJaNbKv9C9tWpPIPHRk/YkUIe29VUQR2m7UUpToBca\n" - "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_ca3_localhost_inv_utf8_cert = - { (unsigned char *)server_localhost_inv_utf8_ca3_cert_pem, + "-----BEGIN CERTIFICATE-----\n" + "MIIEQDCCAqigAwIBAgIMV9ZyrTt30lJ2pYe6MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTMwHhcNMDQwMjI5MTUyMTQyWhcNMjQwMjI5MTUyMTQxWjANMQsw\n" + "CQYDVQQGEwJHUjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANk9eJmq\n" + "LPfAu7P4Hhmcm4KmEsRfuTXk1ylqYvf715riBfJ94VIdtJqKE9q4FRwMxVsv/B+S\n" + "HFiIlEJfvCociQkrgSfloTNIMNrqkj8IjmVJuJd00MZsUuHlvwa6+F/PLLyUOMU0\n" + "3LdpuR9TbvS2fMVjmaRjBiCO439GA+qHRvwxxP7FR433Hg+5JdeYwLWve/vLgm4z\n" + "ETxnMYOFbZpArkizpBi/RYQtLmFW8HwZ0/ldDBMnDgcfmL9gRLtMQ1XZEHLNFjyE\n" + "VD1JsrlgccaizNUkiUi7Gbm/w3YiDVxbq3u3cee5lsNhEMIREyISKAHPy8RlnIWw\n" + "wuDlnsmI0pIb9/4RH0LMMlceDEFy1X0QRzYqZFPU/0l4j/FlQ6X2UqWNz63ybRSb\n" + "cCzHl25abi1xmbsV5ydomJNcP+0QbripMpa0O6gjv5f0yMd7mW9/aAglPcKgpbbh\n" + "Gfo7V9z2gIKdUCLRXoUszhdobnRf00LrrpFUQWReKHxMcDWAL2b00kysPQIDAQAB\n" + "o4GdMIGaMAwGA1UdEwEB/wQCMAAwSgYDVR0RBEMwQYISd3d3Ls69zq/Ous6/z4Iu\n" + "Y29tghvnroDkvZPkuK3mlocuzrXOvs+Ez4HOsS5jb22CDmxvY2FsaG9zdC11dGY4\n" + "MB0GA1UdDgQWBBQzneEn04vV/OsF/LXHgWlPXjvZ1jAfBgNVHSMEGDAWgBT5qIYZ\n" + "Y7akFBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAkUgmFO2bdws049Nz\n" + "w55UaF7XxG8ER7kKzLCWgw8tuYjcIDKQ+/gD0hUuKBxCbuISdT32gfZTf+ZNKtEg\n" + "7f9Lhr935ZoDCvyYnal1ploqAOu0ZDEXz+cU+OzreJ58J95LYX2we1lPqCYz0qo0\n" + "6FeWrP6H6+azis2ee5XN+b20l/nRl3bNGZDnkl6+b3wPR6rIFaILcEZDl15SMgiW\n" + "PlzJ0s97szWAO2ywLvNPdB66ugOvJY34ivTQOkCDi9css5faN1LcwmqDAeAq4DZt\n" + "mZ8/504D1AUD9szneb2UgD9ZnPr4r45+qzE3lCtvmFGEddJ3c9zQVjnqEKljgG6S\n" + "FdlAVVfxbwoAc24kN6UUEpLiabFoL071pZt1WoHOFA68yBxnC6CO/3vfVSF9Ftg3\n" + "oUPldkvMs8+33YhojDKYXP5USoES2OPdofmq8LnTZj7c6ex+SvlRdOgHg4pd9lX2\n" + "Efwe6rFJaNbKv9C9tWpPIPHRk/YkUIe29VUQR2m7UUpToBca\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_ca3_localhost_inv_utf8_cert = { + (unsigned char *)server_localhost_inv_utf8_ca3_cert_pem, sizeof(server_localhost_inv_utf8_ca3_cert_pem) - 1 }; /* server_ca3_ecc_key */ static char server_localhost_ca3_ecc_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIC8zCCAVugAwIBAgIIV+OO5zqFDkowDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" - "AxMEQ0EtMzAgFw0xNjA5MjIwNzU3MjhaGA85OTk5MTIzMTIzNTk1OVowHTEbMBkG\n" - "A1UEAxMSc2VydmVyIGNlcnRpZmljYXRlMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD\n" - "QgAEbUnlVnL48xM0lK6iDhHcqaFuYh6M5lmA823GQlwi5skgg7rySR0YrTimX9F6\n" - "K9kDCJu/7zmWlPiyb/1EFWEtk6OBjTCBijAMBgNVHRMBAf8EAjAAMBQGA1UdEQQN\n" - "MAuCCWxvY2FsaG9zdDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMD\n" - "B4AAMB0GA1UdDgQWBBTaH7JGYwVXx31AqONpQsb3l20EqDAfBgNVHSMEGDAWgBT5\n" - "qIYZY7akFBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEATWsYCToPsxxU\n" - "f1zJv3+FKcIGI+8U7akTlnJEk3l9/Gkmkp0tsudtpZb+//rXIem9XVMKDYBEzRxQ\n" - "du3YleqR0Yj13S7piDHPl52PHJGvSHtLg4ooU74ZQcPFxoRxxNahYPb2Mhn0XqKh\n" - "Yc7JHkW53UVusanRmBCQIxI6tVuDO3rB/tQM4ygD9wDeT16xnDhfwemKaskHKM44\n" - "SMJJ9pY2zK1MvX5AZePTikMQqvc3aVfoE8Lv+4SGE/GyzvzaDOSzlwzNM6KBxerw\n" - "1qwnVO/lphUG09X4oXXtOqlAHaIfUmRMqgMPZEtWMszIQo9XimPfoLW3xKVqDWjN\n" - "EhHRLE0CCA/ip3lQ1bUt5EXhC1efPiOdEEYS5mHW7WAMAVi5aS1TzNLoJ4nahBwu\n" - "EeGtmSH4rDZlHTNsiXwvxV3XqWc39TqlgY+NGToyU1tA4+tVtalJ08Q37sFxSUvJ\n" - "Li9LPzU70EyX6WF+9FM45E4/Gt9Oh8btrYyjbyH/K2VI8qPRz5cW\n" - "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_ca3_localhost_ecc_cert = - { (unsigned char *)server_localhost_ca3_ecc_cert_pem, + "-----BEGIN CERTIFICATE-----\n" + "MIIC8zCCAVugAwIBAgIIV+OO5zqFDkowDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" + "AxMEQ0EtMzAgFw0xNjA5MjIwNzU3MjhaGA85OTk5MTIzMTIzNTk1OVowHTEbMBkG\n" + "A1UEAxMSc2VydmVyIGNlcnRpZmljYXRlMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD\n" + "QgAEbUnlVnL48xM0lK6iDhHcqaFuYh6M5lmA823GQlwi5skgg7rySR0YrTimX9F6\n" + "K9kDCJu/7zmWlPiyb/1EFWEtk6OBjTCBijAMBgNVHRMBAf8EAjAAMBQGA1UdEQQN\n" + "MAuCCWxvY2FsaG9zdDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMD\n" + "B4AAMB0GA1UdDgQWBBTaH7JGYwVXx31AqONpQsb3l20EqDAfBgNVHSMEGDAWgBT5\n" + "qIYZY7akFBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEATWsYCToPsxxU\n" + "f1zJv3+FKcIGI+8U7akTlnJEk3l9/Gkmkp0tsudtpZb+//rXIem9XVMKDYBEzRxQ\n" + "du3YleqR0Yj13S7piDHPl52PHJGvSHtLg4ooU74ZQcPFxoRxxNahYPb2Mhn0XqKh\n" + "Yc7JHkW53UVusanRmBCQIxI6tVuDO3rB/tQM4ygD9wDeT16xnDhfwemKaskHKM44\n" + "SMJJ9pY2zK1MvX5AZePTikMQqvc3aVfoE8Lv+4SGE/GyzvzaDOSzlwzNM6KBxerw\n" + "1qwnVO/lphUG09X4oXXtOqlAHaIfUmRMqgMPZEtWMszIQo9XimPfoLW3xKVqDWjN\n" + "EhHRLE0CCA/ip3lQ1bUt5EXhC1efPiOdEEYS5mHW7WAMAVi5aS1TzNLoJ4nahBwu\n" + "EeGtmSH4rDZlHTNsiXwvxV3XqWc39TqlgY+NGToyU1tA4+tVtalJ08Q37sFxSUvJ\n" + "Li9LPzU70EyX6WF+9FM45E4/Gt9Oh8btrYyjbyH/K2VI8qPRz5cW\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_ca3_localhost_ecc_cert = { + (unsigned char *)server_localhost_ca3_ecc_cert_pem, sizeof(server_localhost_ca3_ecc_cert_pem) - 1 }; /* shares server_ca3 key */ static char server_localhost_ca3_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEKDCCApCgAwIBAgIMV6MdMjbIDKHKsL32MA0GCSqGSIb3DQEBCwUAMBIxEDAO\n" - "BgNVBAMTB3N1YkNBLTMwIBcNMTYwNTEwMDg1MTE4WhgPOTk5OTEyMzEyMzU5NTla\n" - "MAAwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDZPXiZqiz3wLuz+B4Z\n" - "nJuCphLEX7k15NcpamL3+9ea4gXyfeFSHbSaihPauBUcDMVbL/wfkhxYiJRCX7wq\n" - "HIkJK4En5aEzSDDa6pI/CI5lSbiXdNDGbFLh5b8Guvhfzyy8lDjFNNy3abkfU270\n" - "tnzFY5mkYwYgjuN/RgPqh0b8McT+xUeN9x4PuSXXmMC1r3v7y4JuMxE8ZzGDhW2a\n" - "QK5Is6QYv0WELS5hVvB8GdP5XQwTJw4HH5i/YES7TENV2RByzRY8hFQ9SbK5YHHG\n" - "oszVJIlIuxm5v8N2Ig1cW6t7t3HnuZbDYRDCERMiEigBz8vEZZyFsMLg5Z7JiNKS\n" - "G/f+ER9CzDJXHgxBctV9EEc2KmRT1P9JeI/xZUOl9lKljc+t8m0Um3Asx5duWm4t\n" - "cZm7FecnaJiTXD/tEG64qTKWtDuoI7+X9MjHe5lvf2gIJT3CoKW24Rn6O1fc9oCC\n" - "nVAi0V6FLM4XaG50X9NC666RVEFkXih8THA1gC9m9NJMrD0CAwEAAaOBjTCBijAM\n" - "BgNVHRMBAf8EAjAAMBQGA1UdEQQNMAuCCWxvY2FsaG9zdDATBgNVHSUEDDAKBggr\n" - "BgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBQzneEn04vV/OsF/LXH\n" - "gWlPXjvZ1jAfBgNVHSMEGDAWgBQtMwQbJ3+UBHzH4zVP6SWklOG3oTANBgkqhkiG\n" - "9w0BAQsFAAOCAYEASbEdRkK44GUb0Y+80JdYGFV1YuHUAq4QYSwCdrT0hwJrFYI2\n" - "s8+9/ncyzeyY00ryg6tPlKyE5B7ss29l8zcj0WJYsUk5kjV6uCWuo9/rqqPHK6Lc\n" - "Qx1cONR4Vt+gD5TX0nRNuKaHVbBJARZ3YOl2F3nApcR/8boq+WNKGhGkzFMaKV+i\n" - "IDpB0ziBUcb+q257lQGKrBuXl5nCd+PZswB//pZCsIkTF5jFdjeXvOvGDjYAr8rG\n" - "KpoMTskNcBqgi59sJc8djWMbNt+15qH4mSvTUW1caukeJAr4mwHfrSK5k9ezSSp1\n" - "EpbQ2Rp3xpbCgklhtsKHSJZ43sghZvCOxk8G3bRZ1/lW6sXvIPmLkvoeetTLvqYq\n" - "t/+gfv4NJuyZhzuJHbxrxBJ3C9QjqTbpiUumeRQHXLa+vZJUKX7ak1KVubKiOC+x\n" - "wyfgmq6quk5jPgOgMJWLwpA2Rm30wqX4OehXov3stSXFb+qASNOHlEtQdgKzIEX/\n" - "6TXY44pCGHMFO6Kr\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIEKDCCApCgAwIBAgIMV6MdMjbIDKHKsL32MA0GCSqGSIb3DQEBCwUAMBIxEDAO\n" + "BgNVBAMTB3N1YkNBLTMwIBcNMTYwNTEwMDg1MTE4WhgPOTk5OTEyMzEyMzU5NTla\n" + "MAAwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDZPXiZqiz3wLuz+B4Z\n" + "nJuCphLEX7k15NcpamL3+9ea4gXyfeFSHbSaihPauBUcDMVbL/wfkhxYiJRCX7wq\n" + "HIkJK4En5aEzSDDa6pI/CI5lSbiXdNDGbFLh5b8Guvhfzyy8lDjFNNy3abkfU270\n" + "tnzFY5mkYwYgjuN/RgPqh0b8McT+xUeN9x4PuSXXmMC1r3v7y4JuMxE8ZzGDhW2a\n" + "QK5Is6QYv0WELS5hVvB8GdP5XQwTJw4HH5i/YES7TENV2RByzRY8hFQ9SbK5YHHG\n" + "oszVJIlIuxm5v8N2Ig1cW6t7t3HnuZbDYRDCERMiEigBz8vEZZyFsMLg5Z7JiNKS\n" + "G/f+ER9CzDJXHgxBctV9EEc2KmRT1P9JeI/xZUOl9lKljc+t8m0Um3Asx5duWm4t\n" + "cZm7FecnaJiTXD/tEG64qTKWtDuoI7+X9MjHe5lvf2gIJT3CoKW24Rn6O1fc9oCC\n" + "nVAi0V6FLM4XaG50X9NC666RVEFkXih8THA1gC9m9NJMrD0CAwEAAaOBjTCBijAM\n" + "BgNVHRMBAf8EAjAAMBQGA1UdEQQNMAuCCWxvY2FsaG9zdDATBgNVHSUEDDAKBggr\n" + "BgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBQzneEn04vV/OsF/LXH\n" + "gWlPXjvZ1jAfBgNVHSMEGDAWgBQtMwQbJ3+UBHzH4zVP6SWklOG3oTANBgkqhkiG\n" + "9w0BAQsFAAOCAYEASbEdRkK44GUb0Y+80JdYGFV1YuHUAq4QYSwCdrT0hwJrFYI2\n" + "s8+9/ncyzeyY00ryg6tPlKyE5B7ss29l8zcj0WJYsUk5kjV6uCWuo9/rqqPHK6Lc\n" + "Qx1cONR4Vt+gD5TX0nRNuKaHVbBJARZ3YOl2F3nApcR/8boq+WNKGhGkzFMaKV+i\n" + "IDpB0ziBUcb+q257lQGKrBuXl5nCd+PZswB//pZCsIkTF5jFdjeXvOvGDjYAr8rG\n" + "KpoMTskNcBqgi59sJc8djWMbNt+15qH4mSvTUW1caukeJAr4mwHfrSK5k9ezSSp1\n" + "EpbQ2Rp3xpbCgklhtsKHSJZ43sghZvCOxk8G3bRZ1/lW6sXvIPmLkvoeetTLvqYq\n" + "t/+gfv4NJuyZhzuJHbxrxBJ3C9QjqTbpiUumeRQHXLa+vZJUKX7ak1KVubKiOC+x\n" + "wyfgmq6quk5jPgOgMJWLwpA2Rm30wqX4OehXov3stSXFb+qASNOHlEtQdgKzIEX/\n" + "6TXY44pCGHMFO6Kr\n" + "-----END CERTIFICATE-----\n"; /* shares server_ca3 key with tlsfeature=5 */ static char server_ca3_tlsfeat_cert_pem[] = - "-----BEGIN CERTIFICATE-----" - "MIIEOjCCAqKgAwIBAgIUYBRfAcvgBUU4jCb8W89sQcPLqswwDQYJKoZIhvcNAQEL" - "BQAwDzENMAsGA1UEAxMEQ0EtMzAgFw0xOTA2MDcyMTA4NDFaGA85OTk5MTIzMTIz" - "NTk1OVowIjEgMB4GA1UEAxMXR251VExTIHRlc3QgY2VydGlmaWNhdGUwggGiMA0G" - "CSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDZPXiZqiz3wLuz+B4ZnJuCphLEX7k1" - "5NcpamL3+9ea4gXyfeFSHbSaihPauBUcDMVbL/wfkhxYiJRCX7wqHIkJK4En5aEz" - "SDDa6pI/CI5lSbiXdNDGbFLh5b8Guvhfzyy8lDjFNNy3abkfU270tnzFY5mkYwYg" - "juN/RgPqh0b8McT+xUeN9x4PuSXXmMC1r3v7y4JuMxE8ZzGDhW2aQK5Is6QYv0WE" - "LS5hVvB8GdP5XQwTJw4HH5i/YES7TENV2RByzRY8hFQ9SbK5YHHGoszVJIlIuxm5" - "v8N2Ig1cW6t7t3HnuZbDYRDCERMiEigBz8vEZZyFsMLg5Z7JiNKSG/f+ER9CzDJX" - "HgxBctV9EEc2KmRT1P9JeI/xZUOl9lKljc+t8m0Um3Asx5duWm4tcZm7FecnaJiT" - "XD/tEG64qTKWtDuoI7+X9MjHe5lvf2gIJT3CoKW24Rn6O1fc9oCCnVAi0V6FLM4X" - "aG50X9NC666RVEFkXih8THA1gC9m9NJMrD0CAwEAAaN5MHcwEQYIKwYBBQUHARgE" - "BTADAgEFMAwGA1UdEwEB/wQCMAAwFAYDVR0RBA0wC4IJbG9jYWxob3N0MB0GA1Ud" - "DgQWBBQzneEn04vV/OsF/LXHgWlPXjvZ1jAfBgNVHSMEGDAWgBT5qIYZY7akFBNg" - "dg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEASMVR+C1x3pBRSRaaIYbFTC0X" - "VXc66iQWDfpTSokLIEN/UVZzLsQw5p1PntPqnRRudDnXS77rNQSZcc4NTFYrzSqW" - "WwdhIXtl3igLg5HMxU80dsr3LfGkzJ1iDS1RR0EGSvFjOE9ZUK0IBdsUvINqpj+l" - "6qxL36yfxamuELIxvgmecIMvLzbe7tUjRXneNvLGsLAJcq5QQmNMCWiyywtHbFa0" - "zbpxKMJmHMk0SbgZHUuFaASlAqVez19rJdzqQcJiw/YrMbbj/b2me1duLQ64dqGL" - "5gKTyDMhk5td53R5uPnr7F6+1u8zRzqA6mBvTfEk4wJ6YmvqdBfC47xT+Ksba6dX" - "Ugz+So2iu0rQxaLEBTZJ/gTXJEUafxUN4wF1ZOnUyltoqLJymhQoceoSwjYobOal" - "FUZEJgFNA7j8tR7J3MtFUaJqFosuPtxhF8/CCPukKV7bRokqh7zK+F21iaQOYvJn" - "AfuOg2g0ZMurGyS/yg8mVsGjh4bho9zPOlhPtFNM" "-----END CERTIFICATE-----"; + "-----BEGIN CERTIFICATE-----" + "MIIEOjCCAqKgAwIBAgIUYBRfAcvgBUU4jCb8W89sQcPLqswwDQYJKoZIhvcNAQEL" + "BQAwDzENMAsGA1UEAxMEQ0EtMzAgFw0xOTA2MDcyMTA4NDFaGA85OTk5MTIzMTIz" + "NTk1OVowIjEgMB4GA1UEAxMXR251VExTIHRlc3QgY2VydGlmaWNhdGUwggGiMA0G" + "CSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDZPXiZqiz3wLuz+B4ZnJuCphLEX7k1" + "5NcpamL3+9ea4gXyfeFSHbSaihPauBUcDMVbL/wfkhxYiJRCX7wqHIkJK4En5aEz" + "SDDa6pI/CI5lSbiXdNDGbFLh5b8Guvhfzyy8lDjFNNy3abkfU270tnzFY5mkYwYg" + "juN/RgPqh0b8McT+xUeN9x4PuSXXmMC1r3v7y4JuMxE8ZzGDhW2aQK5Is6QYv0WE" + "LS5hVvB8GdP5XQwTJw4HH5i/YES7TENV2RByzRY8hFQ9SbK5YHHGoszVJIlIuxm5" + "v8N2Ig1cW6t7t3HnuZbDYRDCERMiEigBz8vEZZyFsMLg5Z7JiNKSG/f+ER9CzDJX" + "HgxBctV9EEc2KmRT1P9JeI/xZUOl9lKljc+t8m0Um3Asx5duWm4tcZm7FecnaJiT" + "XD/tEG64qTKWtDuoI7+X9MjHe5lvf2gIJT3CoKW24Rn6O1fc9oCCnVAi0V6FLM4X" + "aG50X9NC666RVEFkXih8THA1gC9m9NJMrD0CAwEAAaN5MHcwEQYIKwYBBQUHARgE" + "BTADAgEFMAwGA1UdEwEB/wQCMAAwFAYDVR0RBA0wC4IJbG9jYWxob3N0MB0GA1Ud" + "DgQWBBQzneEn04vV/OsF/LXHgWlPXjvZ1jAfBgNVHSMEGDAWgBT5qIYZY7akFBNg" + "dg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEASMVR+C1x3pBRSRaaIYbFTC0X" + "VXc66iQWDfpTSokLIEN/UVZzLsQw5p1PntPqnRRudDnXS77rNQSZcc4NTFYrzSqW" + "WwdhIXtl3igLg5HMxU80dsr3LfGkzJ1iDS1RR0EGSvFjOE9ZUK0IBdsUvINqpj+l" + "6qxL36yfxamuELIxvgmecIMvLzbe7tUjRXneNvLGsLAJcq5QQmNMCWiyywtHbFa0" + "zbpxKMJmHMk0SbgZHUuFaASlAqVez19rJdzqQcJiw/YrMbbj/b2me1duLQ64dqGL" + "5gKTyDMhk5td53R5uPnr7F6+1u8zRzqA6mBvTfEk4wJ6YmvqdBfC47xT+Ksba6dX" + "Ugz+So2iu0rQxaLEBTZJ/gTXJEUafxUN4wF1ZOnUyltoqLJymhQoceoSwjYobOal" + "FUZEJgFNA7j8tR7J3MtFUaJqFosuPtxhF8/CCPukKV7bRokqh7zK+F21iaQOYvJn" + "AfuOg2g0ZMurGyS/yg8mVsGjh4bho9zPOlhPtFNM" + "-----END CERTIFICATE-----"; /* Marked as decrypt-only */ static char server_localhost_ca3_rsa_decrypt_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEITCCAomgAwIBAgIIWU+IEie6JrYwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" - "AxMEQ0EtMzAgFw0xNzA2MjUwOTUzMjNaGA85OTk5MTIzMTIzNTk1OVowADCCAaIw\n" - "DQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANk9eJmqLPfAu7P4Hhmcm4KmEsRf\n" - "uTXk1ylqYvf715riBfJ94VIdtJqKE9q4FRwMxVsv/B+SHFiIlEJfvCociQkrgSfl\n" - "oTNIMNrqkj8IjmVJuJd00MZsUuHlvwa6+F/PLLyUOMU03LdpuR9TbvS2fMVjmaRj\n" - "BiCO439GA+qHRvwxxP7FR433Hg+5JdeYwLWve/vLgm4zETxnMYOFbZpArkizpBi/\n" - "RYQtLmFW8HwZ0/ldDBMnDgcfmL9gRLtMQ1XZEHLNFjyEVD1JsrlgccaizNUkiUi7\n" - "Gbm/w3YiDVxbq3u3cee5lsNhEMIREyISKAHPy8RlnIWwwuDlnsmI0pIb9/4RH0LM\n" - "MlceDEFy1X0QRzYqZFPU/0l4j/FlQ6X2UqWNz63ybRSbcCzHl25abi1xmbsV5ydo\n" - "mJNcP+0QbripMpa0O6gjv5f0yMd7mW9/aAglPcKgpbbhGfo7V9z2gIKdUCLRXoUs\n" - "zhdobnRf00LrrpFUQWReKHxMcDWAL2b00kysPQIDAQABo4GNMIGKMAwGA1UdEwEB\n" - "/wQCMAAwFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMB\n" - "MA8GA1UdDwEB/wQFAwMHIAAwHQYDVR0OBBYEFDOd4SfTi9X86wX8tceBaU9eO9nW\n" - "MB8GA1UdIwQYMBaAFPmohhljtqQUE2B2DwGaNTbv8bSvMA0GCSqGSIb3DQEBCwUA\n" - "A4IBgQAaq4+vai/FwYQ2fAjOsHsVV0nR5Zq55tT8Fexrj2/e9gr+bMV4HVxETByy\n" - "fLtMHGYv+8BENDaI2EOHTyKp5O2DNbITJSN7/ZIO4Rsk+N5m2FyF7DV/sAoxhN7R\n" - "mDy/jDtZyeIqKLptOQZbkRv3lf+vtJL3eakpgh5T/j14kT0QjLyJEZB1D9jurUsV\n" - "+fxYxQUpv4YInDeEk5aKfvZNdkEpbv56GYNc15mNiKryXoszdm+TKmHSVFH9wUj3\n" - "KAXBsQdMmZbd0ZFAEi7QV42Pr2x9+PrSE26bE6K31r02/RcxFQdL9E/3O+85S8eN\n" - "yOZoC/PIrm0mKIPn2NBGSKtCG8V1sTHHJyCwqQERp3pkaB7A9biCKExQN1d3Gsbe\n" - "C0R9bYimdbkYM6o7qi7OiLRKpYFgdVYaYEG3DRBpB3R3+EAKk91809tc9ow5xzkx\n" - "lWryqIzutm6rcClAnqeBIZEZIIvqZH8RcPBQEUajNCWRpBsbwF1xdWvIhP2R3y69\n" - "5dOfcuY=\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIEITCCAomgAwIBAgIIWU+IEie6JrYwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" + "AxMEQ0EtMzAgFw0xNzA2MjUwOTUzMjNaGA85OTk5MTIzMTIzNTk1OVowADCCAaIw\n" + "DQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANk9eJmqLPfAu7P4Hhmcm4KmEsRf\n" + "uTXk1ylqYvf715riBfJ94VIdtJqKE9q4FRwMxVsv/B+SHFiIlEJfvCociQkrgSfl\n" + "oTNIMNrqkj8IjmVJuJd00MZsUuHlvwa6+F/PLLyUOMU03LdpuR9TbvS2fMVjmaRj\n" + "BiCO439GA+qHRvwxxP7FR433Hg+5JdeYwLWve/vLgm4zETxnMYOFbZpArkizpBi/\n" + "RYQtLmFW8HwZ0/ldDBMnDgcfmL9gRLtMQ1XZEHLNFjyEVD1JsrlgccaizNUkiUi7\n" + "Gbm/w3YiDVxbq3u3cee5lsNhEMIREyISKAHPy8RlnIWwwuDlnsmI0pIb9/4RH0LM\n" + "MlceDEFy1X0QRzYqZFPU/0l4j/FlQ6X2UqWNz63ybRSbcCzHl25abi1xmbsV5ydo\n" + "mJNcP+0QbripMpa0O6gjv5f0yMd7mW9/aAglPcKgpbbhGfo7V9z2gIKdUCLRXoUs\n" + "zhdobnRf00LrrpFUQWReKHxMcDWAL2b00kysPQIDAQABo4GNMIGKMAwGA1UdEwEB\n" + "/wQCMAAwFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMB\n" + "MA8GA1UdDwEB/wQFAwMHIAAwHQYDVR0OBBYEFDOd4SfTi9X86wX8tceBaU9eO9nW\n" + "MB8GA1UdIwQYMBaAFPmohhljtqQUE2B2DwGaNTbv8bSvMA0GCSqGSIb3DQEBCwUA\n" + "A4IBgQAaq4+vai/FwYQ2fAjOsHsVV0nR5Zq55tT8Fexrj2/e9gr+bMV4HVxETByy\n" + "fLtMHGYv+8BENDaI2EOHTyKp5O2DNbITJSN7/ZIO4Rsk+N5m2FyF7DV/sAoxhN7R\n" + "mDy/jDtZyeIqKLptOQZbkRv3lf+vtJL3eakpgh5T/j14kT0QjLyJEZB1D9jurUsV\n" + "+fxYxQUpv4YInDeEk5aKfvZNdkEpbv56GYNc15mNiKryXoszdm+TKmHSVFH9wUj3\n" + "KAXBsQdMmZbd0ZFAEi7QV42Pr2x9+PrSE26bE6K31r02/RcxFQdL9E/3O+85S8eN\n" + "yOZoC/PIrm0mKIPn2NBGSKtCG8V1sTHHJyCwqQERp3pkaB7A9biCKExQN1d3Gsbe\n" + "C0R9bYimdbkYM6o7qi7OiLRKpYFgdVYaYEG3DRBpB3R3+EAKk91809tc9ow5xzkx\n" + "lWryqIzutm6rcClAnqeBIZEZIIvqZH8RcPBQEUajNCWRpBsbwF1xdWvIhP2R3y69\n" + "5dOfcuY=\n" + "-----END CERTIFICATE-----\n"; /* Marked as sign-only */ static char server_localhost_ca3_rsa_sign_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEITCCAomgAwIBAgIIWU+LoyEYfBYwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" - "AxMEQ0EtMzAgFw0xNzA2MjUxMDA4MzZaGA85OTk5MTIzMTIzNTk1OVowADCCAaIw\n" - "DQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANk9eJmqLPfAu7P4Hhmcm4KmEsRf\n" - "uTXk1ylqYvf715riBfJ94VIdtJqKE9q4FRwMxVsv/B+SHFiIlEJfvCociQkrgSfl\n" - "oTNIMNrqkj8IjmVJuJd00MZsUuHlvwa6+F/PLLyUOMU03LdpuR9TbvS2fMVjmaRj\n" - "BiCO439GA+qHRvwxxP7FR433Hg+5JdeYwLWve/vLgm4zETxnMYOFbZpArkizpBi/\n" - "RYQtLmFW8HwZ0/ldDBMnDgcfmL9gRLtMQ1XZEHLNFjyEVD1JsrlgccaizNUkiUi7\n" - "Gbm/w3YiDVxbq3u3cee5lsNhEMIREyISKAHPy8RlnIWwwuDlnsmI0pIb9/4RH0LM\n" - "MlceDEFy1X0QRzYqZFPU/0l4j/FlQ6X2UqWNz63ybRSbcCzHl25abi1xmbsV5ydo\n" - "mJNcP+0QbripMpa0O6gjv5f0yMd7mW9/aAglPcKgpbbhGfo7V9z2gIKdUCLRXoUs\n" - "zhdobnRf00LrrpFUQWReKHxMcDWAL2b00kysPQIDAQABo4GNMIGKMAwGA1UdEwEB\n" - "/wQCMAAwFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMB\n" - "MA8GA1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFDOd4SfTi9X86wX8tceBaU9eO9nW\n" - "MB8GA1UdIwQYMBaAFPmohhljtqQUE2B2DwGaNTbv8bSvMA0GCSqGSIb3DQEBCwUA\n" - "A4IBgQC1cJd/z1CQSyDfUd2uuNDTvA3WXWxNhqHMLitT1GJS6nUez+wCaWT9UfVy\n" - "+56z/eMaVasZPQ8dOKYdPRuzL2l65DKUUaKFOyD+NGvOS08qKY+oVGN1Qbmaxbvt\n" - "6rvzpW9UHn75zLDOUOMrGDkW5L36mMP8I0Y5AcNBrO5yFBvH8MAHr3zO2VvTSt6T\n" - "ZHFrDlV/nL5E+swzrmF6MZXO1mupk/gtelYfRtigwSr51RY+Me3uaGNEQe30JLu6\n" - "0gp6/otBns9qJjSgX9qWIj9iTHq4A2CiHZkb4j3+/TNNGB8dkBV+EvV8I4Bqdk33\n" - "mz4hSjJBLqg2NYZ4TaztWFsgTvGOYncLGl5e4dIqB94ICEFIrWN32JzS61Mu5xlt\n" - "qBh/JOUSdMe6csZrDIw//UhUgLj7KdFO5FhSW3DXEl9PZGWVR+LJ+T3HjomHf+Bb\n" - "ATbBQk+9MkHTiDWxD4FbmPuSC/h4Vh+G1VkyrlClTLW6K/+0DmE2LPJvRV5udpux\n" - "Ar7fYYU=\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIEITCCAomgAwIBAgIIWU+LoyEYfBYwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" + "AxMEQ0EtMzAgFw0xNzA2MjUxMDA4MzZaGA85OTk5MTIzMTIzNTk1OVowADCCAaIw\n" + "DQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANk9eJmqLPfAu7P4Hhmcm4KmEsRf\n" + "uTXk1ylqYvf715riBfJ94VIdtJqKE9q4FRwMxVsv/B+SHFiIlEJfvCociQkrgSfl\n" + "oTNIMNrqkj8IjmVJuJd00MZsUuHlvwa6+F/PLLyUOMU03LdpuR9TbvS2fMVjmaRj\n" + "BiCO439GA+qHRvwxxP7FR433Hg+5JdeYwLWve/vLgm4zETxnMYOFbZpArkizpBi/\n" + "RYQtLmFW8HwZ0/ldDBMnDgcfmL9gRLtMQ1XZEHLNFjyEVD1JsrlgccaizNUkiUi7\n" + "Gbm/w3YiDVxbq3u3cee5lsNhEMIREyISKAHPy8RlnIWwwuDlnsmI0pIb9/4RH0LM\n" + "MlceDEFy1X0QRzYqZFPU/0l4j/FlQ6X2UqWNz63ybRSbcCzHl25abi1xmbsV5ydo\n" + "mJNcP+0QbripMpa0O6gjv5f0yMd7mW9/aAglPcKgpbbhGfo7V9z2gIKdUCLRXoUs\n" + "zhdobnRf00LrrpFUQWReKHxMcDWAL2b00kysPQIDAQABo4GNMIGKMAwGA1UdEwEB\n" + "/wQCMAAwFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMB\n" + "MA8GA1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFDOd4SfTi9X86wX8tceBaU9eO9nW\n" + "MB8GA1UdIwQYMBaAFPmohhljtqQUE2B2DwGaNTbv8bSvMA0GCSqGSIb3DQEBCwUA\n" + "A4IBgQC1cJd/z1CQSyDfUd2uuNDTvA3WXWxNhqHMLitT1GJS6nUez+wCaWT9UfVy\n" + "+56z/eMaVasZPQ8dOKYdPRuzL2l65DKUUaKFOyD+NGvOS08qKY+oVGN1Qbmaxbvt\n" + "6rvzpW9UHn75zLDOUOMrGDkW5L36mMP8I0Y5AcNBrO5yFBvH8MAHr3zO2VvTSt6T\n" + "ZHFrDlV/nL5E+swzrmF6MZXO1mupk/gtelYfRtigwSr51RY+Me3uaGNEQe30JLu6\n" + "0gp6/otBns9qJjSgX9qWIj9iTHq4A2CiHZkb4j3+/TNNGB8dkBV+EvV8I4Bqdk33\n" + "mz4hSjJBLqg2NYZ4TaztWFsgTvGOYncLGl5e4dIqB94ICEFIrWN32JzS61Mu5xlt\n" + "qBh/JOUSdMe6csZrDIw//UhUgLj7KdFO5FhSW3DXEl9PZGWVR+LJ+T3HjomHf+Bb\n" + "ATbBQk+9MkHTiDWxD4FbmPuSC/h4Vh+G1VkyrlClTLW6K/+0DmE2LPJvRV5udpux\n" + "Ar7fYYU=\n" + "-----END CERTIFICATE-----\n"; static char server_localhost_ca3_cert_chain_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEKDCCApCgAwIBAgIMV6MdMjbIDKHKsL32MA0GCSqGSIb3DQEBCwUAMBIxEDAO\n" - "BgNVBAMTB3N1YkNBLTMwIBcNMTYwNTEwMDg1MTE4WhgPOTk5OTEyMzEyMzU5NTla\n" - "MAAwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDZPXiZqiz3wLuz+B4Z\n" - "nJuCphLEX7k15NcpamL3+9ea4gXyfeFSHbSaihPauBUcDMVbL/wfkhxYiJRCX7wq\n" - "HIkJK4En5aEzSDDa6pI/CI5lSbiXdNDGbFLh5b8Guvhfzyy8lDjFNNy3abkfU270\n" - "tnzFY5mkYwYgjuN/RgPqh0b8McT+xUeN9x4PuSXXmMC1r3v7y4JuMxE8ZzGDhW2a\n" - "QK5Is6QYv0WELS5hVvB8GdP5XQwTJw4HH5i/YES7TENV2RByzRY8hFQ9SbK5YHHG\n" - "oszVJIlIuxm5v8N2Ig1cW6t7t3HnuZbDYRDCERMiEigBz8vEZZyFsMLg5Z7JiNKS\n" - "G/f+ER9CzDJXHgxBctV9EEc2KmRT1P9JeI/xZUOl9lKljc+t8m0Um3Asx5duWm4t\n" - "cZm7FecnaJiTXD/tEG64qTKWtDuoI7+X9MjHe5lvf2gIJT3CoKW24Rn6O1fc9oCC\n" - "nVAi0V6FLM4XaG50X9NC666RVEFkXih8THA1gC9m9NJMrD0CAwEAAaOBjTCBijAM\n" - "BgNVHRMBAf8EAjAAMBQGA1UdEQQNMAuCCWxvY2FsaG9zdDATBgNVHSUEDDAKBggr\n" - "BgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBQzneEn04vV/OsF/LXH\n" - "gWlPXjvZ1jAfBgNVHSMEGDAWgBQtMwQbJ3+UBHzH4zVP6SWklOG3oTANBgkqhkiG\n" - "9w0BAQsFAAOCAYEASbEdRkK44GUb0Y+80JdYGFV1YuHUAq4QYSwCdrT0hwJrFYI2\n" - "s8+9/ncyzeyY00ryg6tPlKyE5B7ss29l8zcj0WJYsUk5kjV6uCWuo9/rqqPHK6Lc\n" - "Qx1cONR4Vt+gD5TX0nRNuKaHVbBJARZ3YOl2F3nApcR/8boq+WNKGhGkzFMaKV+i\n" - "IDpB0ziBUcb+q257lQGKrBuXl5nCd+PZswB//pZCsIkTF5jFdjeXvOvGDjYAr8rG\n" - "KpoMTskNcBqgi59sJc8djWMbNt+15qH4mSvTUW1caukeJAr4mwHfrSK5k9ezSSp1\n" - "EpbQ2Rp3xpbCgklhtsKHSJZ43sghZvCOxk8G3bRZ1/lW6sXvIPmLkvoeetTLvqYq\n" - "t/+gfv4NJuyZhzuJHbxrxBJ3C9QjqTbpiUumeRQHXLa+vZJUKX7ak1KVubKiOC+x\n" - "wyfgmq6quk5jPgOgMJWLwpA2Rm30wqX4OehXov3stSXFb+qASNOHlEtQdgKzIEX/\n" - "6TXY44pCGHMFO6Kr\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIEDTCCAnWgAwIBAgIMV6MdMjWzT9C59ec8MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTMwIBcNMTYwNTEwMDg0ODMwWhgPOTk5OTEyMzEyMzU5NTlaMBIx\n" - "EDAOBgNVBAMTB3N1YkNBLTMwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIB\n" - "gQCgOcNXzStOnRFoi05aMRLeMB45X4a2srSBul3ULxDSGjIP0EEl//X2WLiope/x\n" - "NL8bPCRpI1sSVXl8Hb1cK3qWNGazVmC7xW07NxL26I86e3/BVRnq8ioVtvPQwEpv\n" - "uI8F97x1vL/n+cfcdkN77NScr5C9jHMVioRvC+qKz9bUBx5DSySV66PR5+wGsJDv\n" - "kfsmjVOgqiTlSWQS5G3nMMq0Rixsc5dP5Wygkbdh9+45UCtObcnHABJrP+GtLiG0\n" - "AOUx6oPzPteZL13erWXg7zYusTarj9rTcdsgR/Im1mIzmD2i7GhJo4Gj0Sk3Rq93\n" - "JyeA+Ay5UPmqcm+dqX00b49MTTv4GtO53kLQSCXYFJ96jcMiXMzBFJD1ROsdk4WU\n" - "ed/tJMHffttDz9j3WcuX9M2nzTT2xlauokjbEAhRDRw5fxCFZh7TbmaH4vysDO9U\n" - "ZXVEXSLKonQ2Lmyso48s/G30VmlSjtPtJqRsv/oPpCO/c0D6BrkHV55B48xfmyIF\n" - "jgECAwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwYAMB0G\n" - "A1UdDgQWBBQtMwQbJ3+UBHzH4zVP6SWklOG3oTAfBgNVHSMEGDAWgBT5qIYZY7ak\n" - "FBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAMii5Gx3/d/58oDRy5a0o\n" - "PvQhkU0dKa61NfjjOz9uqxNSilLJE7jGJPaG2tKtC/XU1Ybql2tqQY68kogjKs31\n" - "QC6RFkoZAFouTJt11kzbgVWKewCk3/OrA0/ZkRrAfE0Pma/NITRwTHmTsQOdv/bz\n" - "R+xIPhjKxKrKyJFMG5xb+Q0OKSbd8kDpgYWKob5x2jsNYgEDp8nYSRT45SGw7c7F\n" - "cumkXz2nA6r5NwbnhELvNFK8fzsY+QJKHaAlJ9CclliP1PiiAcl2LQo2gaygWNiD\n" - "+ggnqzy7nqam9rieOOMHls1kKFAFrWy2g/cBhTfS+/7Shpex7NK2GAiujgUV0TZH\n" - "EyEZt6um4gLS9vwUKs/R4XS9VL/bBlfAy2hAVTeUejiRBGeTJkqBu7+c4FdrCByV\n" - "haeQASMYu/lga8eaGL1zJbJe2BQWI754KDYDT9qKNqGlgysr4AVje7z1Y1MQ72Sn\n" - "frzYSQw6BB85CurB6iou3Q+eM4o4g/+xGEuDo0Ne/8ir\n" - "-----END CERTIFICATE-----\n"; - -# define server_ca3_cert server_ca3_localhost_cert -# define server_ca3_cert_chain server_ca3_localhost_cert_chain -const gnutls_datum_t server_ca3_localhost_cert = - { (unsigned char *)server_localhost_ca3_cert_pem, + "-----BEGIN CERTIFICATE-----\n" + "MIIEKDCCApCgAwIBAgIMV6MdMjbIDKHKsL32MA0GCSqGSIb3DQEBCwUAMBIxEDAO\n" + "BgNVBAMTB3N1YkNBLTMwIBcNMTYwNTEwMDg1MTE4WhgPOTk5OTEyMzEyMzU5NTla\n" + "MAAwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDZPXiZqiz3wLuz+B4Z\n" + "nJuCphLEX7k15NcpamL3+9ea4gXyfeFSHbSaihPauBUcDMVbL/wfkhxYiJRCX7wq\n" + "HIkJK4En5aEzSDDa6pI/CI5lSbiXdNDGbFLh5b8Guvhfzyy8lDjFNNy3abkfU270\n" + "tnzFY5mkYwYgjuN/RgPqh0b8McT+xUeN9x4PuSXXmMC1r3v7y4JuMxE8ZzGDhW2a\n" + "QK5Is6QYv0WELS5hVvB8GdP5XQwTJw4HH5i/YES7TENV2RByzRY8hFQ9SbK5YHHG\n" + "oszVJIlIuxm5v8N2Ig1cW6t7t3HnuZbDYRDCERMiEigBz8vEZZyFsMLg5Z7JiNKS\n" + "G/f+ER9CzDJXHgxBctV9EEc2KmRT1P9JeI/xZUOl9lKljc+t8m0Um3Asx5duWm4t\n" + "cZm7FecnaJiTXD/tEG64qTKWtDuoI7+X9MjHe5lvf2gIJT3CoKW24Rn6O1fc9oCC\n" + "nVAi0V6FLM4XaG50X9NC666RVEFkXih8THA1gC9m9NJMrD0CAwEAAaOBjTCBijAM\n" + "BgNVHRMBAf8EAjAAMBQGA1UdEQQNMAuCCWxvY2FsaG9zdDATBgNVHSUEDDAKBggr\n" + "BgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBQzneEn04vV/OsF/LXH\n" + "gWlPXjvZ1jAfBgNVHSMEGDAWgBQtMwQbJ3+UBHzH4zVP6SWklOG3oTANBgkqhkiG\n" + "9w0BAQsFAAOCAYEASbEdRkK44GUb0Y+80JdYGFV1YuHUAq4QYSwCdrT0hwJrFYI2\n" + "s8+9/ncyzeyY00ryg6tPlKyE5B7ss29l8zcj0WJYsUk5kjV6uCWuo9/rqqPHK6Lc\n" + "Qx1cONR4Vt+gD5TX0nRNuKaHVbBJARZ3YOl2F3nApcR/8boq+WNKGhGkzFMaKV+i\n" + "IDpB0ziBUcb+q257lQGKrBuXl5nCd+PZswB//pZCsIkTF5jFdjeXvOvGDjYAr8rG\n" + "KpoMTskNcBqgi59sJc8djWMbNt+15qH4mSvTUW1caukeJAr4mwHfrSK5k9ezSSp1\n" + "EpbQ2Rp3xpbCgklhtsKHSJZ43sghZvCOxk8G3bRZ1/lW6sXvIPmLkvoeetTLvqYq\n" + "t/+gfv4NJuyZhzuJHbxrxBJ3C9QjqTbpiUumeRQHXLa+vZJUKX7ak1KVubKiOC+x\n" + "wyfgmq6quk5jPgOgMJWLwpA2Rm30wqX4OehXov3stSXFb+qASNOHlEtQdgKzIEX/\n" + "6TXY44pCGHMFO6Kr\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIEDTCCAnWgAwIBAgIMV6MdMjWzT9C59ec8MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTMwIBcNMTYwNTEwMDg0ODMwWhgPOTk5OTEyMzEyMzU5NTlaMBIx\n" + "EDAOBgNVBAMTB3N1YkNBLTMwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIB\n" + "gQCgOcNXzStOnRFoi05aMRLeMB45X4a2srSBul3ULxDSGjIP0EEl//X2WLiope/x\n" + "NL8bPCRpI1sSVXl8Hb1cK3qWNGazVmC7xW07NxL26I86e3/BVRnq8ioVtvPQwEpv\n" + "uI8F97x1vL/n+cfcdkN77NScr5C9jHMVioRvC+qKz9bUBx5DSySV66PR5+wGsJDv\n" + "kfsmjVOgqiTlSWQS5G3nMMq0Rixsc5dP5Wygkbdh9+45UCtObcnHABJrP+GtLiG0\n" + "AOUx6oPzPteZL13erWXg7zYusTarj9rTcdsgR/Im1mIzmD2i7GhJo4Gj0Sk3Rq93\n" + "JyeA+Ay5UPmqcm+dqX00b49MTTv4GtO53kLQSCXYFJ96jcMiXMzBFJD1ROsdk4WU\n" + "ed/tJMHffttDz9j3WcuX9M2nzTT2xlauokjbEAhRDRw5fxCFZh7TbmaH4vysDO9U\n" + "ZXVEXSLKonQ2Lmyso48s/G30VmlSjtPtJqRsv/oPpCO/c0D6BrkHV55B48xfmyIF\n" + "jgECAwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwYAMB0G\n" + "A1UdDgQWBBQtMwQbJ3+UBHzH4zVP6SWklOG3oTAfBgNVHSMEGDAWgBT5qIYZY7ak\n" + "FBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAMii5Gx3/d/58oDRy5a0o\n" + "PvQhkU0dKa61NfjjOz9uqxNSilLJE7jGJPaG2tKtC/XU1Ybql2tqQY68kogjKs31\n" + "QC6RFkoZAFouTJt11kzbgVWKewCk3/OrA0/ZkRrAfE0Pma/NITRwTHmTsQOdv/bz\n" + "R+xIPhjKxKrKyJFMG5xb+Q0OKSbd8kDpgYWKob5x2jsNYgEDp8nYSRT45SGw7c7F\n" + "cumkXz2nA6r5NwbnhELvNFK8fzsY+QJKHaAlJ9CclliP1PiiAcl2LQo2gaygWNiD\n" + "+ggnqzy7nqam9rieOOMHls1kKFAFrWy2g/cBhTfS+/7Shpex7NK2GAiujgUV0TZH\n" + "EyEZt6um4gLS9vwUKs/R4XS9VL/bBlfAy2hAVTeUejiRBGeTJkqBu7+c4FdrCByV\n" + "haeQASMYu/lga8eaGL1zJbJe2BQWI754KDYDT9qKNqGlgysr4AVje7z1Y1MQ72Sn\n" + "frzYSQw6BB85CurB6iou3Q+eM4o4g/+xGEuDo0Ne/8ir\n" + "-----END CERTIFICATE-----\n"; + +#define server_ca3_cert server_ca3_localhost_cert +#define server_ca3_cert_chain server_ca3_localhost_cert_chain +const gnutls_datum_t server_ca3_localhost_cert = { + (unsigned char *)server_localhost_ca3_cert_pem, sizeof(server_localhost_ca3_cert_pem) - 1 }; -const gnutls_datum_t server_ca3_localhost_rsa_decrypt_cert = - { (unsigned char *)server_localhost_ca3_rsa_decrypt_cert_pem, +const gnutls_datum_t server_ca3_localhost_rsa_decrypt_cert = { + (unsigned char *)server_localhost_ca3_rsa_decrypt_cert_pem, sizeof(server_localhost_ca3_rsa_decrypt_cert_pem) - 1 }; -const gnutls_datum_t server_ca3_localhost_rsa_sign_cert = - { (unsigned char *)server_localhost_ca3_rsa_sign_cert_pem, +const gnutls_datum_t server_ca3_localhost_rsa_sign_cert = { + (unsigned char *)server_localhost_ca3_rsa_sign_cert_pem, sizeof(server_localhost_ca3_rsa_sign_cert_pem) - 1 }; -const gnutls_datum_t server_ca3_tlsfeat_cert = - { (unsigned char *)server_ca3_tlsfeat_cert_pem, +const gnutls_datum_t server_ca3_tlsfeat_cert = { + (unsigned char *)server_ca3_tlsfeat_cert_pem, sizeof(server_ca3_tlsfeat_cert_pem) - 1 }; @@ -1637,192 +1651,193 @@ const gnutls_datum_t server_ca3_localhost_cert_chain = { /* shares server_ca3 key */ static char server_localhost_insecure_ca3_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDFzCCAX+gAwIBAgIIV90eOyTzpOcwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" - "AxMEQ0EtMzAgFw0xNjA5MTcxMDQzMDhaGA85OTk5MTIzMTIzNTk1OVowHjEcMBoG\n" - "A1UEAxMTSW5zZWN1cmUgKDc2OCBiaXRzKTB8MA0GCSqGSIb3DQEBAQUAA2sAMGgC\n" - "YQCuxKP0RG8KHAp7HnqaFpcWnPVl72vmkLvBgC0h3gnVUO3a41//kkLOG0HGUOi6\n" - "77cLNOzRRll9NPi1RwMNTKayA0cv+pJBsoNq/byOeWKJkKOgwTZD6Vi6X3MDtj7e\n" - "3SECAwEAAaOBjTCBijAMBgNVHRMBAf8EAjAAMBQGA1UdEQQNMAuCCWxvY2FsaG9z\n" - "dDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQW\n" - "BBS4eSAgXUnLYP8HfA9SmoXjOAYLoDAfBgNVHSMEGDAWgBT5qIYZY7akFBNgdg8B\n" - "mjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAFa7J4+vJ7V+4y+CaaATD/WATc9ZV\n" - "ZUITpI6irjWneRPz0u0/3BLprKoCbO0m5QjoBaji1wUbVWpJir+N7QS577ufjwh0\n" - "ViGFn1b3eU0wGPgz8n0B0vo6NifaQl1Df5PBN3Mfa+r0aUK3QYxnlHsXxanYaKzj\n" - "9lpXUq57fpJJFSFASSzGSwkg8xiwlFBre/9jJ8sf1Blhu8M50NkOCdRdwpg/rbMI\n" - "Oukh0pvJQYQfQsgxc/hySWfEtN0TThXLRFMRRcFFeRHK2LXyAo/sNzWJMIou7hBQ\n" - "p1LNlCoUc3TGRKMQToEi+GIgjJx17zADze+1hHHE3aEEVGU9n3Gkj+hxy46LN5ke\n" - "hDox4AzBf4+KaA/vdHGRvZjzhajaMdL6w8FJgmUc26L+kH/rsTuev+PrvqXuuy1W\n" - "c2QqW3gu7oUy+g99TQFeXgyJHqv/cu/M0vhUV9wwHQJdj1bFCEaFW40MmQArXz5D\n" - "F92lL9akoGYmyehqQHeRQsrVRKcCOiv8lgVF\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_ca3_localhost_insecure_cert = - { (unsigned char *)server_localhost_insecure_ca3_cert_pem, + "-----BEGIN CERTIFICATE-----\n" + "MIIDFzCCAX+gAwIBAgIIV90eOyTzpOcwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" + "AxMEQ0EtMzAgFw0xNjA5MTcxMDQzMDhaGA85OTk5MTIzMTIzNTk1OVowHjEcMBoG\n" + "A1UEAxMTSW5zZWN1cmUgKDc2OCBiaXRzKTB8MA0GCSqGSIb3DQEBAQUAA2sAMGgC\n" + "YQCuxKP0RG8KHAp7HnqaFpcWnPVl72vmkLvBgC0h3gnVUO3a41//kkLOG0HGUOi6\n" + "77cLNOzRRll9NPi1RwMNTKayA0cv+pJBsoNq/byOeWKJkKOgwTZD6Vi6X3MDtj7e\n" + "3SECAwEAAaOBjTCBijAMBgNVHRMBAf8EAjAAMBQGA1UdEQQNMAuCCWxvY2FsaG9z\n" + "dDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQW\n" + "BBS4eSAgXUnLYP8HfA9SmoXjOAYLoDAfBgNVHSMEGDAWgBT5qIYZY7akFBNgdg8B\n" + "mjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAFa7J4+vJ7V+4y+CaaATD/WATc9ZV\n" + "ZUITpI6irjWneRPz0u0/3BLprKoCbO0m5QjoBaji1wUbVWpJir+N7QS577ufjwh0\n" + "ViGFn1b3eU0wGPgz8n0B0vo6NifaQl1Df5PBN3Mfa+r0aUK3QYxnlHsXxanYaKzj\n" + "9lpXUq57fpJJFSFASSzGSwkg8xiwlFBre/9jJ8sf1Blhu8M50NkOCdRdwpg/rbMI\n" + "Oukh0pvJQYQfQsgxc/hySWfEtN0TThXLRFMRRcFFeRHK2LXyAo/sNzWJMIou7hBQ\n" + "p1LNlCoUc3TGRKMQToEi+GIgjJx17zADze+1hHHE3aEEVGU9n3Gkj+hxy46LN5ke\n" + "hDox4AzBf4+KaA/vdHGRvZjzhajaMdL6w8FJgmUc26L+kH/rsTuev+PrvqXuuy1W\n" + "c2QqW3gu7oUy+g99TQFeXgyJHqv/cu/M0vhUV9wwHQJdj1bFCEaFW40MmQArXz5D\n" + "F92lL9akoGYmyehqQHeRQsrVRKcCOiv8lgVF\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_ca3_localhost_insecure_cert = { + (unsigned char *)server_localhost_insecure_ca3_cert_pem, sizeof(server_localhost_insecure_ca3_cert_pem) - 1 }; static char server_ca3_localhost_insecure_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIBywIBAAJhAK7Eo/REbwocCnseepoWlxac9WXva+aQu8GALSHeCdVQ7drjX/+S\n" - "Qs4bQcZQ6Lrvtws07NFGWX00+LVHAw1MprIDRy/6kkGyg2r9vI55YomQo6DBNkPp\n" - "WLpfcwO2Pt7dIQIDAQABAmBd9Md0Dcpoc/TKhfNBnb1yYcWoHJQ0q0DVYXRiDb3Z\n" - "mZ2WHMFCY75YkdzFoj/MKAyrl+n6SJy5V2gwqEEW84pHH2AaAseWsF16rSRz958b\n" - "7seVpNi304tOk4PS7B6+RAUCMQDXiT23wggUir6uVrx0UfHJUcsRltK0qco6Q7o3\n" - "b+uwrIAbaNNg+aAqAXXU5XWdBpcCMQDPlBKn42C/XkAZ11zflbzjrq22ie0gaLKZ\n" - "j92rCaU0/qX4VR8KK6J9PL6ZLoTWqQcCMQCzazhoLmoBh5nBkMxh3BD08FSluLJ/\n" - "19NS+ywZl95P/NjLeFB1qnbsYLjQ1443f9MCMDE/w3FbzC97MCAxbZKKl0c5wXNG\n" - "pCEFViKC9KfI4Q6CwGP75iJmmeW2zM3RMKkxbwIxAIAViD0cQjNL9keUVjtN68pK\n" - "dD2lxHfq5Q1QxCSjl8EnBnjnbFJN9WmK9ztkK00Avg==\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_ca3_localhost_insecure_key = - { (unsigned char *)server_ca3_localhost_insecure_key_pem, + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIBywIBAAJhAK7Eo/REbwocCnseepoWlxac9WXva+aQu8GALSHeCdVQ7drjX/+S\n" + "Qs4bQcZQ6Lrvtws07NFGWX00+LVHAw1MprIDRy/6kkGyg2r9vI55YomQo6DBNkPp\n" + "WLpfcwO2Pt7dIQIDAQABAmBd9Md0Dcpoc/TKhfNBnb1yYcWoHJQ0q0DVYXRiDb3Z\n" + "mZ2WHMFCY75YkdzFoj/MKAyrl+n6SJy5V2gwqEEW84pHH2AaAseWsF16rSRz958b\n" + "7seVpNi304tOk4PS7B6+RAUCMQDXiT23wggUir6uVrx0UfHJUcsRltK0qco6Q7o3\n" + "b+uwrIAbaNNg+aAqAXXU5XWdBpcCMQDPlBKn42C/XkAZ11zflbzjrq22ie0gaLKZ\n" + "j92rCaU0/qX4VR8KK6J9PL6ZLoTWqQcCMQCzazhoLmoBh5nBkMxh3BD08FSluLJ/\n" + "19NS+ywZl95P/NjLeFB1qnbsYLjQ1443f9MCMDE/w3FbzC97MCAxbZKKl0c5wXNG\n" + "pCEFViKC9KfI4Q6CwGP75iJmmeW2zM3RMKkxbwIxAIAViD0cQjNL9keUVjtN68pK\n" + "dD2lxHfq5Q1QxCSjl8EnBnjnbFJN9WmK9ztkK00Avg==\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_ca3_localhost_insecure_key = { + (unsigned char *)server_ca3_localhost_insecure_key_pem, sizeof(server_ca3_localhost_insecure_key_pem) - 1 }; static char unknown_ca_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIID4DCCAkigAwIBAgIIVyG62RARjncwDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE\n" - "AxMKVW5rbm93biBDQTAgFw0xNjA0MjgwNzI1MTNaGA85OTk5MTIzMTIzNTk1OVow\n" - "FTETMBEGA1UEAxMKVW5rbm93biBDQTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCC\n" - "AYoCggGBALbdxniG+2wP/ONeZfvR7AJakVo5deFKIHVTiiBWwhg+HSjd4nfDa+vy\n" - "Tt/wIdldP1PriD1Rigc8z68+RxPpGfAc197pKlKpO08I0L1RDKnjBWr4fGdCzE6u\n" - "Z/ZsKVifoIZpdC8M2IYpAIMajEtnH53XZ1hTEviXTsneuiCTtap73OeSkL71SrIM\n" - "kgBmAX17gfX3SxFjQUzOs6QMMOa3+8GW7RI+E/SyS1QkOO860dj9XYgOnTL20ibG\n" - "cWF2XmTiQASI+KmHvYJCNJF/8pvmyJRyBHGZO830aBY0+DcS2bLKcyMiWfOJw7Wn\n" - "paO7zSEC5WFgo4jdqroUBQdjQNCSSdrt1yYrAl1Sj2PMxYFX4H545Pr2sMpwC9An\n" - "Pk9+uucT1Inj9615qbuXgFwhkgpK5pnPjzKaHp7ESlJj4/dIPTmhlt5BV+CLh7tS\n" - "LzVLrddGU+os8JinT42radJ5V51Hn0C1CHIaFAuBCd5XRHXtrKb7WcnwCOxlcvux\n" - "9h5/847F4wIDAQABozIwMDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBT5qIYZ\n" - "Y7akFBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAsCXvBLMc1YvZGBbM\n" - "w2YalL7Gyw7t5TIbOhpIhsoWNrE8JNvwfU+xA0/hxA/UkbwwJOjntXFZ9eRIrjHU\n" - "ULhqDZ1fAd7QnUQWuQjImU8XxnPjwgLG/tau9N3jdzJZy482vpytX94KdIQ+hPtC\n" - "xA3fikG5F4cJCfu2RfaTskqikTO5XPzPdSNJiPk01jjh9ICc7cvS9smGxfTuZZOb\n" - "+T1N8SV8uYkvPsiQ4uvO+ksxEdZ/z1jCjLyhnLXPgKdrjIgOb5wPxZUgwrg1n5fM\n" - "Un72D43cnv5ykB2O9lXvPOLXlBz07ZwaiRsXDhh1/kmubOLERaw88bVUydYhE7SU\n" - "eI34cw1eTtlKgFD+r+pPwRAzAkO/aCXVY6CsSLL4GyeXXvpxgngBiT8ArnntLHWd\n" - "U1rpodAAdMBHDZf7Q8CXawI0EAIq0HpHCj3x2brKSf8eFMtl9FuaJ3KvM3ioXKYc\n" - "nva6xGbu1R8UP4+fXCOFdiVixHEQR5k+mqd65vGGxovALAfY\n" - "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIID4DCCAkigAwIBAgIIVyG62RARjncwDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE\n" + "AxMKVW5rbm93biBDQTAgFw0xNjA0MjgwNzI1MTNaGA85OTk5MTIzMTIzNTk1OVow\n" + "FTETMBEGA1UEAxMKVW5rbm93biBDQTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCC\n" + "AYoCggGBALbdxniG+2wP/ONeZfvR7AJakVo5deFKIHVTiiBWwhg+HSjd4nfDa+vy\n" + "Tt/wIdldP1PriD1Rigc8z68+RxPpGfAc197pKlKpO08I0L1RDKnjBWr4fGdCzE6u\n" + "Z/ZsKVifoIZpdC8M2IYpAIMajEtnH53XZ1hTEviXTsneuiCTtap73OeSkL71SrIM\n" + "kgBmAX17gfX3SxFjQUzOs6QMMOa3+8GW7RI+E/SyS1QkOO860dj9XYgOnTL20ibG\n" + "cWF2XmTiQASI+KmHvYJCNJF/8pvmyJRyBHGZO830aBY0+DcS2bLKcyMiWfOJw7Wn\n" + "paO7zSEC5WFgo4jdqroUBQdjQNCSSdrt1yYrAl1Sj2PMxYFX4H545Pr2sMpwC9An\n" + "Pk9+uucT1Inj9615qbuXgFwhkgpK5pnPjzKaHp7ESlJj4/dIPTmhlt5BV+CLh7tS\n" + "LzVLrddGU+os8JinT42radJ5V51Hn0C1CHIaFAuBCd5XRHXtrKb7WcnwCOxlcvux\n" + "9h5/847F4wIDAQABozIwMDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBT5qIYZ\n" + "Y7akFBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAsCXvBLMc1YvZGBbM\n" + "w2YalL7Gyw7t5TIbOhpIhsoWNrE8JNvwfU+xA0/hxA/UkbwwJOjntXFZ9eRIrjHU\n" + "ULhqDZ1fAd7QnUQWuQjImU8XxnPjwgLG/tau9N3jdzJZy482vpytX94KdIQ+hPtC\n" + "xA3fikG5F4cJCfu2RfaTskqikTO5XPzPdSNJiPk01jjh9ICc7cvS9smGxfTuZZOb\n" + "+T1N8SV8uYkvPsiQ4uvO+ksxEdZ/z1jCjLyhnLXPgKdrjIgOb5wPxZUgwrg1n5fM\n" + "Un72D43cnv5ykB2O9lXvPOLXlBz07ZwaiRsXDhh1/kmubOLERaw88bVUydYhE7SU\n" + "eI34cw1eTtlKgFD+r+pPwRAzAkO/aCXVY6CsSLL4GyeXXvpxgngBiT8ArnntLHWd\n" + "U1rpodAAdMBHDZf7Q8CXawI0EAIq0HpHCj3x2brKSf8eFMtl9FuaJ3KvM3ioXKYc\n" + "nva6xGbu1R8UP4+fXCOFdiVixHEQR5k+mqd65vGGxovALAfY\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t unknown_ca_cert = { (unsigned char *)unknown_ca_cert_pem, - sizeof(unknown_ca_cert_pem) - 1 -}; + sizeof(unknown_ca_cert_pem) - 1 }; static const char server_ca3_pkcs12_pem[] = - "-----BEGIN PKCS12-----\n" - "MIIRSgIBAzCCERAGCSqGSIb3DQEHAaCCEQEEghD9MIIQ+TCCCT8GCSqGSIb3DQEH\n" - "BqCCCTAwggksAgEAMIIJJQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQI0Bv/\n" - "MLNNeX0CAggAgIII+PugAg+ZArNedgnhMh2kM1tVj1os+8i0BPh9kQMT4h7qes6e\n" - "Z6c+W4xCnL89p7Bz35riiK2KlJ6YzcTYXzONnmVR8gIEHsvYWwRSB++IE/jx9pCq\n" - "TxN5GIH1tt467EKdc+Y+f4WBXmtk5hF4gTmHG2t3o4HoniNXzcRd+ZSsFj4HGE/c\n" - "iXQY8lXN2PD1/XJsuwpYssKhJ+gI9iLREoyFdd+vG6KhzDvdgdvjWBQY/X5Q5pgF\n" - "kepe9jjokbLqLj+S8eHBQ8KF9B2FKB+RTyYep9zqn5qbN7TOt3+yMH+u+/Jj/GzH\n" - "ZjJNpee45G9CtPgjVS1t2fKjz9SaaKfOjHsH9WD5Sci9aqLRqFs84FlilRl6PyiG\n" - "5g89MiXL5Iu6WFoTM41eIezcyQf0ndakj2clVEfX2pX+e1bXWFzvnc5a933N2loK\n" - "OqJElti6h+T30M2CKEUX6FT5ihaowo5DwCXU3jTFcPMY0htvc4QuZQjBfyb/hGqf\n" - "UqjLGh+VZCmNPSmSkoqZScl8N2Db/DPvIu+cga2jSkFtvMEZVd9O5lN53drU8ONE\n" - "GMgdmJO43j/cnlICy+XpUyPrv055TXUo1gouyg5T1G/imtt0L265VTCxIqRVEsjR\n" - "EQdacLCOPvMohukJAbUTADh/vd3vf/qMINse/y/fPMoLpmtmmZsnZnr1zmIcIXLg\n" - "fLLBVhOz3Vl9RRl1qGbZQBleUUVAabYXbsK1UQHpZ7h2dSWF6ibm13DWRGkJRAVl\n" - "R1dvpwAzR1bhb7rOgTMhmxqADCWh8lcqFt/4ReZofdHmWoxZEopW4m3CghZQM+Ee\n" - "Kz4dYtLGk7W1rg8jnycAtxDwVGh9jMVsvCGypxkgEx+aQ7R+y9t0nu7l61GEnZBt\n" - "uP2EVrChWdFVyH9+YnRRCNaX7lbDtCdOnIrgGeEtNYwzbxUq/kSzllljrkYWQItK\n" - "W+vvMf9NVjTxyJr4kIXenm9ojPO3i485RWECIupdasel2YnPZYjcAKJc4p6nFGVB\n" - "YDs/U32f1BVEXp7pPZOuuzU+ocTswSluwQ0NskuYnDT9w8+LauaqpILRQpCtIIZC\n" - "TEqa7aS7S+f85Jeyt3yGsTNwUuQJZaG5D3Eh7iOB+rJaq3wEwoPlVLURVd8f6Z4H\n" - "t1i0fM2iQA9+FXVkj2B5zr19no0Q8hr/Bb20u9YTT48CfXA7I2IwXSprb8kql0M8\n" - "JmBv6FIDWzXLbGyRR39fX9kKlYMy0eq0ZxXKLLKEnZ1GUwtIeHTYKXG7ezliNaUl\n" - "7UEp3V+bYOddL6uRafEsemdskHtl10RIi3Q3ZX2OksPueMQ5YSOVh4CSPpHsHYGA\n" - "9KWt/PSja+zRGHsGEPX1jic2vHUTxOxI2sOZssnYCYWj/4MDk0xs7M0zdSXEEl5L\n" - "97i5Qx+zv5MPM3yLexG+FllSD6nbPswzG8rHelfRSaK/+AHd0gigrUHqGFOp8B/P\n" - "ml8obqs/LroKVzA109u3LfFlm+JFYeJgqsuoSuLYmJwFe6LNFkmhgGPwhyntqKEx\n" - "zSxgZl91XrgYYuJwn7+CgQx6Dkv7I+SCfJGLBNeAp0Rr+hpYqk0OU9yHBrTLe8T+\n" - "AQhHs4/ScZzRXu5F3dbjZ0PFwOYLo4t/NwUqkL8rCDtn45c1z5oyWhwk7nZMDCT3\n" - "gIpVLf5XDD9f6eXV216oNIL1vxOw0B5GXXsT1KIKTCbBrNl920+GBu3xB44AN7Ik\n" - "A+FhVKT1ZiaoEUKkUIy6I410GprvqDjRGp+Qs2Xitfk/E/3aoZ97cDBLEQOnF/lZ\n" - "mqsczn9XnI+Jp+E8rhTxOMACR2Oa3XuL0+um7Qk+rkS2jcmJy9WniedO2E1EUHoj\n" - "FRwWNjTQQR04Spv3qAc6IP1i8otUzKFkSx6SxH0a5zcm0ERNa6ZyU/jYvRrIGgZC\n" - "kUxtTZbNNIggP3xqU+meRdRUeiOpqL8W3WCJ2FcjpR1FhXZ1sU1/u8pAgMMOhTBZ\n" - "ICHmSjOGZ24kGgWNcLxYQG+qtIH7r6ihd9x/dv0s/Q9DAISv6G8z2YXcBb5EMZW4\n" - "/59z0XL8HFx0/esjB9mHUD/4/Kzp169sJQOvDdmijNaZcDanUa8niBhruuS2KnUB\n" - "iW2SrV6DBx32bjVIPbDJoDmcQWRDsuwpMqRAVtAWrmY5JeNp3zgII0Nr4rUAojWE\n" - "x937fOdIMJu8K1Nst+78DVA4h6jdnUHv5bvOcsVKejjRvSot5vQ/XQPppHlQ73v6\n" - "+Jro0bstYkMpfsbBXHt8tsB6nmZ9i5bv2x7P1nISKgMA4NzzdHFSpwFCmxrBaJen\n" - "XmkoTdQId1O6YlYHJS7fMntNbi60E01bReAVjtY5Q77kqVab/LQI6yJHz01/1KjH\n" - "2MiLixUV6a58FhKOI8Ea/yWSJti549Dqs+AMnwUu56GGT7lBLdT3x4r+SwThUWN2\n" - "aCQoy6rJ5wrsa2OGoO6I5CWHzIov1zlP+oWdKueuGRGTwJdnWm9ZQxTbDJ3QHeBn\n" - "OQXcWNcnQm2lcNfm297EGsClrrKTqmHBR8awpnnMdqzp0+vKiTzrfzGMVWQKoMM/\n" - "74bzAts3+a+sBa5Y34YY+VLPqpXcVR9gY5+xxgYTzI7Ppggn5pNI+lng8B0hjFUU\n" - "o2GNw8uKDVbjWf+ewULWKcCgAaBXXCAOo291TrURABmyR6XnybZwsg9a4yh/kcyk\n" - "aXYLsrmEhfW17ChcGE5LLMzHEeSCUgy+z3yiiP6tD0g/6RFt9Nt57bVndJFqMVcS\n" - "78VdEtQEI11Ty2oeN/+e8XhkZeicvgqgdrDb5jmfGN/F1la0FBnXnJG1fG8qnMMv\n" - "C8V/eRxYanKWr/UwpsC6r/pn+1iTOO3hByg9rWgGSALbgnUFvIfQiSccVoD/lkbh\n" - "TZlsuxhdKXnimi22RO50+0L99TnECu0psQXBDvCzzHSwi3MjPcvrQSPb/ZPSPqd2\n" - "ock7nRDXFn+E04XAOFEuF1Bb5SfEbWHLx0d7uCSieAF9YMBZWvETTOOnDgH3Pe93\n" - "+46a0tp4IdWrZEdUcU+/UpwuKyMGCCAfwKMFCA6i/In/cJAcrpRQJGWVsBERMaVQ\n" - "6Ke/ZwIwggeyBgkqhkiG9w0BBwGgggejBIIHnzCCB5swggeXBgsqhkiG9w0BDAoB\n" - "AqCCBy4wggcqMBwGCiqGSIb3DQEMAQMwDgQIT0kvLiNCahwCAggABIIHCM453Rnc\n" - "ggHPk7un7VHebwwtckSBn7qntGhILQfJ+0xoPHPMHMUoDQ7DRbkcyuqtP0+VoZKa\n" - "yLb2WDpyir/f8cyhZdDSnlb/WK16UaBguYmw8ppN09Lsok9KKNJxdWaHz65kABAh\n" - "pHAX6BpdVFv8dOiWuE/+v0TGsaPpvRvwAy1qNNlErcIgGFs2GCgdVadblKw0lR3p\n" - "t/6lhTRF4xqaPtUx4am2cQlmJyUCxy/XSetSFYaKIUdP5pEbesmYs5SuosCwokkB\n" - "q3fzstm94dIzjoPz/XJp2Ek5lpmoHUO0SOGfSDdmMuCPoICQN+xcR0oD6Kso5MrS\n" - "PepHrrG6KqX9fIR2Y2stEJsuaRYA/1h5CEnHnOWEbr2DBbuXB3HY6a5CrwV3xSCK\n" - "Ek0LcWe6c/+ceBcpIUjte8oaM6jPO0WeknNtDQLz+YNnvIqiT/3u3P8pA6DomJrw\n" - "0NoTm/SNMaKPz5IIBBNIzjMXWopgJ9+/bktwbENA/lO5gQvxLGRuaAZpvQpEbmhB\n" - "9W5ofFelsN/BF0zminlL8w8rFc8AKMKEBg85z/EqDkl02cUQa5XDKe3i0Td04xeZ\n" - "KOzsVqBm42rvCh2OgbNcbXBPqUTklRRKzzCgL/Ej645oTkzRfZxUmLaly5bkjyDm\n" - "vXdLdp2doVQlXboCZDK5hmxkirviYPsrjNzAPd5Uz+4rVB5qrxYTsY+0Rtdpb+J0\n" - "RqM2XFqJnA8ElIljsx7wugEEXt1wwey1JhS/+qybnDCP4f6OCaM5t8TTql2o6Eoh\n" - "DntWfAiq8A8mP43HP3FrGyI/3cpgOEF67Q/nLJFnaf6vwfm15xdq20iOIDZtoGJ7\n" - "VahRpOXNed2Xnv/HFwfPvGZM3lInEOEkC6vKWWDoOrE6kAu739X9lm+lLR0l1ihE\n" - "X8gtilgYU5xzM0ZmRjepLn19jdb18nGEUg2pMNkhEakiDyxLmYBBU43IDRzdYgTe\n" - "GJzakTDw/gNO6buVy+emr+IIW0f8hRSbXFHuw5/lpLZoXNCXuHRyEcGa4RhubrVe\n" - "ycuauZYFSp0JhJe+0OtKkBUHSTkoj1aaOByylq8b38ovbFTZ/JiCsYGsmwOfDiSu\n" - "21Fe1mv8+GtFf+t+H+IQBDv2/SHHWwVExW8hwYwXXZ8wodfpLrF7FWQvEa62/DvN\n" - "nQ4sy+z3IJtoPoGBfKMgLSJaNyuavRpbhy1fYuhUwhnbrH1M3YVgi+CnW8lIn44e\n" - "KoSPf11qTlgXBNVezXPYh6cw0FOObkiiuqSL7/ax34Lbz8vWs1yDs6ni9M7l8VUa\n" - "j0MhBEQDTinzz2L7U/uRGkcHYVNsCAIOaStbKxNx2bnEmFL2TShs6eH1kPAyDJ9N\n" - "SFuqmrboF92KNM1wKjIcthbJxPVJVlI1M0B8HVuU00QTIaJyJoQZuNQ6lyzTudwS\n" - "5F69zmQCaRIN2b04m/237Z4/SXuUwFDdDojoFxJ6m1yA86uUigyOzKGavtZz4tgw\n" - "BTCYcxaoCB2ebqNl3L4oE+gaAweAjtivNbAJswCkQF+LPEbAt8m2BZDo1bI4wAg+\n" - "Mjzs83PkzE3bn6q6Rk8HslnOCS55M6gTPu2zvz/FSaLY29X/5D7QtKJPAw30xUA1\n" - "Wjm3K0tkY/wqWntmJW9zVAaLzvW4iA61D9EuRoY/NChyF6HsLL8BjUEktNBItQ/h\n" - "2kUQnrJeoaaW4nIZz/apiryaFekWWpjudO8zxhxHquK8KpwdXK4c6LCMycTio42J\n" - "rw0/Tbe4noTfxPTJoaG9CaJXTq0rIMWxQprUONdjVih3cADI9V6/aO7/fSU+awFG\n" - "0inoNW6HmAT9ztYsUgRJ+JfiZCc7+h8WY/rrDb15Jj0Jjl4pe2B3S57c5zJ7TgHd\n" - "Zm8ED5uagqAcUIsBIlkNABAuia78tLewFFfCV5mYQUp3fHT6MU9EmPFI3YOuwvhk\n" - "NhscLr0qGIdxK9fS190Al3W5VZiCZ3g6bTwRLkjVChNC6e8u2gxGy6Rx0uxW3c73\n" - "/Spk4oYJ4PAT8GAgO4DJyRg52dFMBSBz4ZLAVR1eVVvPRbV7CSSaGLBLvAp/GFbz\n" - "pZ7sfEeGuiSb0GzcdU7anf+xvmSK/rxHfQPjqZ5EcGG3xhONG/SYwUlrp4GlP6Qs\n" - "ZlRSxsfy9YdIzmf3JhDvVtqK5Uj/wGXlX29NDh+X7mhvCOxCPM19AynXtGWgGFkb\n" - "zd8oaGXbIt/FldsQidEx9UINjtmozl/pB03lFL8wbEF/wBuLx+E1Ite2NCspOJTk\n" - "unw8CZJdUXmdVGo23iOrAziQFrlyPKawoX5iOYot47PQ6vcKiV2fnE5XHUqU2l6K\n" - "DHZbSGfz8vjC9LsAJzhhyZvjxi0LIDwxyt+RqV24cxcz7Qecu4DEy0E/xmYIkdyZ\n" - "SW97f3kIsAgQlku1LesNIk4dyzFWMCMGCSqGSIb3DQEJFTEWBBT9j7rrTvF9BQIR\n" - "akEUSP09N/PaYzAvBgkqhkiG9w0BCRQxIh4gAHMAZQByAHYAZQByAC0AbABvAGMA\n" - "YQBsAGgAbwBzAHQwMTAhMAkGBSsOAwIaBQAEFNeGPUIUl4cjhFet09N6VSCxmfSY\n" - "BAjXfJCHoHZI2QICCAA=\n" "-----END PKCS12-----\n"; - -const gnutls_datum_t server_ca3_pkcs12 = - { (unsigned char *)server_ca3_pkcs12_pem, + "-----BEGIN PKCS12-----\n" + "MIIRSgIBAzCCERAGCSqGSIb3DQEHAaCCEQEEghD9MIIQ+TCCCT8GCSqGSIb3DQEH\n" + "BqCCCTAwggksAgEAMIIJJQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQI0Bv/\n" + "MLNNeX0CAggAgIII+PugAg+ZArNedgnhMh2kM1tVj1os+8i0BPh9kQMT4h7qes6e\n" + "Z6c+W4xCnL89p7Bz35riiK2KlJ6YzcTYXzONnmVR8gIEHsvYWwRSB++IE/jx9pCq\n" + "TxN5GIH1tt467EKdc+Y+f4WBXmtk5hF4gTmHG2t3o4HoniNXzcRd+ZSsFj4HGE/c\n" + "iXQY8lXN2PD1/XJsuwpYssKhJ+gI9iLREoyFdd+vG6KhzDvdgdvjWBQY/X5Q5pgF\n" + "kepe9jjokbLqLj+S8eHBQ8KF9B2FKB+RTyYep9zqn5qbN7TOt3+yMH+u+/Jj/GzH\n" + "ZjJNpee45G9CtPgjVS1t2fKjz9SaaKfOjHsH9WD5Sci9aqLRqFs84FlilRl6PyiG\n" + "5g89MiXL5Iu6WFoTM41eIezcyQf0ndakj2clVEfX2pX+e1bXWFzvnc5a933N2loK\n" + "OqJElti6h+T30M2CKEUX6FT5ihaowo5DwCXU3jTFcPMY0htvc4QuZQjBfyb/hGqf\n" + "UqjLGh+VZCmNPSmSkoqZScl8N2Db/DPvIu+cga2jSkFtvMEZVd9O5lN53drU8ONE\n" + "GMgdmJO43j/cnlICy+XpUyPrv055TXUo1gouyg5T1G/imtt0L265VTCxIqRVEsjR\n" + "EQdacLCOPvMohukJAbUTADh/vd3vf/qMINse/y/fPMoLpmtmmZsnZnr1zmIcIXLg\n" + "fLLBVhOz3Vl9RRl1qGbZQBleUUVAabYXbsK1UQHpZ7h2dSWF6ibm13DWRGkJRAVl\n" + "R1dvpwAzR1bhb7rOgTMhmxqADCWh8lcqFt/4ReZofdHmWoxZEopW4m3CghZQM+Ee\n" + "Kz4dYtLGk7W1rg8jnycAtxDwVGh9jMVsvCGypxkgEx+aQ7R+y9t0nu7l61GEnZBt\n" + "uP2EVrChWdFVyH9+YnRRCNaX7lbDtCdOnIrgGeEtNYwzbxUq/kSzllljrkYWQItK\n" + "W+vvMf9NVjTxyJr4kIXenm9ojPO3i485RWECIupdasel2YnPZYjcAKJc4p6nFGVB\n" + "YDs/U32f1BVEXp7pPZOuuzU+ocTswSluwQ0NskuYnDT9w8+LauaqpILRQpCtIIZC\n" + "TEqa7aS7S+f85Jeyt3yGsTNwUuQJZaG5D3Eh7iOB+rJaq3wEwoPlVLURVd8f6Z4H\n" + "t1i0fM2iQA9+FXVkj2B5zr19no0Q8hr/Bb20u9YTT48CfXA7I2IwXSprb8kql0M8\n" + "JmBv6FIDWzXLbGyRR39fX9kKlYMy0eq0ZxXKLLKEnZ1GUwtIeHTYKXG7ezliNaUl\n" + "7UEp3V+bYOddL6uRafEsemdskHtl10RIi3Q3ZX2OksPueMQ5YSOVh4CSPpHsHYGA\n" + "9KWt/PSja+zRGHsGEPX1jic2vHUTxOxI2sOZssnYCYWj/4MDk0xs7M0zdSXEEl5L\n" + "97i5Qx+zv5MPM3yLexG+FllSD6nbPswzG8rHelfRSaK/+AHd0gigrUHqGFOp8B/P\n" + "ml8obqs/LroKVzA109u3LfFlm+JFYeJgqsuoSuLYmJwFe6LNFkmhgGPwhyntqKEx\n" + "zSxgZl91XrgYYuJwn7+CgQx6Dkv7I+SCfJGLBNeAp0Rr+hpYqk0OU9yHBrTLe8T+\n" + "AQhHs4/ScZzRXu5F3dbjZ0PFwOYLo4t/NwUqkL8rCDtn45c1z5oyWhwk7nZMDCT3\n" + "gIpVLf5XDD9f6eXV216oNIL1vxOw0B5GXXsT1KIKTCbBrNl920+GBu3xB44AN7Ik\n" + "A+FhVKT1ZiaoEUKkUIy6I410GprvqDjRGp+Qs2Xitfk/E/3aoZ97cDBLEQOnF/lZ\n" + "mqsczn9XnI+Jp+E8rhTxOMACR2Oa3XuL0+um7Qk+rkS2jcmJy9WniedO2E1EUHoj\n" + "FRwWNjTQQR04Spv3qAc6IP1i8otUzKFkSx6SxH0a5zcm0ERNa6ZyU/jYvRrIGgZC\n" + "kUxtTZbNNIggP3xqU+meRdRUeiOpqL8W3WCJ2FcjpR1FhXZ1sU1/u8pAgMMOhTBZ\n" + "ICHmSjOGZ24kGgWNcLxYQG+qtIH7r6ihd9x/dv0s/Q9DAISv6G8z2YXcBb5EMZW4\n" + "/59z0XL8HFx0/esjB9mHUD/4/Kzp169sJQOvDdmijNaZcDanUa8niBhruuS2KnUB\n" + "iW2SrV6DBx32bjVIPbDJoDmcQWRDsuwpMqRAVtAWrmY5JeNp3zgII0Nr4rUAojWE\n" + "x937fOdIMJu8K1Nst+78DVA4h6jdnUHv5bvOcsVKejjRvSot5vQ/XQPppHlQ73v6\n" + "+Jro0bstYkMpfsbBXHt8tsB6nmZ9i5bv2x7P1nISKgMA4NzzdHFSpwFCmxrBaJen\n" + "XmkoTdQId1O6YlYHJS7fMntNbi60E01bReAVjtY5Q77kqVab/LQI6yJHz01/1KjH\n" + "2MiLixUV6a58FhKOI8Ea/yWSJti549Dqs+AMnwUu56GGT7lBLdT3x4r+SwThUWN2\n" + "aCQoy6rJ5wrsa2OGoO6I5CWHzIov1zlP+oWdKueuGRGTwJdnWm9ZQxTbDJ3QHeBn\n" + "OQXcWNcnQm2lcNfm297EGsClrrKTqmHBR8awpnnMdqzp0+vKiTzrfzGMVWQKoMM/\n" + "74bzAts3+a+sBa5Y34YY+VLPqpXcVR9gY5+xxgYTzI7Ppggn5pNI+lng8B0hjFUU\n" + "o2GNw8uKDVbjWf+ewULWKcCgAaBXXCAOo291TrURABmyR6XnybZwsg9a4yh/kcyk\n" + "aXYLsrmEhfW17ChcGE5LLMzHEeSCUgy+z3yiiP6tD0g/6RFt9Nt57bVndJFqMVcS\n" + "78VdEtQEI11Ty2oeN/+e8XhkZeicvgqgdrDb5jmfGN/F1la0FBnXnJG1fG8qnMMv\n" + "C8V/eRxYanKWr/UwpsC6r/pn+1iTOO3hByg9rWgGSALbgnUFvIfQiSccVoD/lkbh\n" + "TZlsuxhdKXnimi22RO50+0L99TnECu0psQXBDvCzzHSwi3MjPcvrQSPb/ZPSPqd2\n" + "ock7nRDXFn+E04XAOFEuF1Bb5SfEbWHLx0d7uCSieAF9YMBZWvETTOOnDgH3Pe93\n" + "+46a0tp4IdWrZEdUcU+/UpwuKyMGCCAfwKMFCA6i/In/cJAcrpRQJGWVsBERMaVQ\n" + "6Ke/ZwIwggeyBgkqhkiG9w0BBwGgggejBIIHnzCCB5swggeXBgsqhkiG9w0BDAoB\n" + "AqCCBy4wggcqMBwGCiqGSIb3DQEMAQMwDgQIT0kvLiNCahwCAggABIIHCM453Rnc\n" + "ggHPk7un7VHebwwtckSBn7qntGhILQfJ+0xoPHPMHMUoDQ7DRbkcyuqtP0+VoZKa\n" + "yLb2WDpyir/f8cyhZdDSnlb/WK16UaBguYmw8ppN09Lsok9KKNJxdWaHz65kABAh\n" + "pHAX6BpdVFv8dOiWuE/+v0TGsaPpvRvwAy1qNNlErcIgGFs2GCgdVadblKw0lR3p\n" + "t/6lhTRF4xqaPtUx4am2cQlmJyUCxy/XSetSFYaKIUdP5pEbesmYs5SuosCwokkB\n" + "q3fzstm94dIzjoPz/XJp2Ek5lpmoHUO0SOGfSDdmMuCPoICQN+xcR0oD6Kso5MrS\n" + "PepHrrG6KqX9fIR2Y2stEJsuaRYA/1h5CEnHnOWEbr2DBbuXB3HY6a5CrwV3xSCK\n" + "Ek0LcWe6c/+ceBcpIUjte8oaM6jPO0WeknNtDQLz+YNnvIqiT/3u3P8pA6DomJrw\n" + "0NoTm/SNMaKPz5IIBBNIzjMXWopgJ9+/bktwbENA/lO5gQvxLGRuaAZpvQpEbmhB\n" + "9W5ofFelsN/BF0zminlL8w8rFc8AKMKEBg85z/EqDkl02cUQa5XDKe3i0Td04xeZ\n" + "KOzsVqBm42rvCh2OgbNcbXBPqUTklRRKzzCgL/Ej645oTkzRfZxUmLaly5bkjyDm\n" + "vXdLdp2doVQlXboCZDK5hmxkirviYPsrjNzAPd5Uz+4rVB5qrxYTsY+0Rtdpb+J0\n" + "RqM2XFqJnA8ElIljsx7wugEEXt1wwey1JhS/+qybnDCP4f6OCaM5t8TTql2o6Eoh\n" + "DntWfAiq8A8mP43HP3FrGyI/3cpgOEF67Q/nLJFnaf6vwfm15xdq20iOIDZtoGJ7\n" + "VahRpOXNed2Xnv/HFwfPvGZM3lInEOEkC6vKWWDoOrE6kAu739X9lm+lLR0l1ihE\n" + "X8gtilgYU5xzM0ZmRjepLn19jdb18nGEUg2pMNkhEakiDyxLmYBBU43IDRzdYgTe\n" + "GJzakTDw/gNO6buVy+emr+IIW0f8hRSbXFHuw5/lpLZoXNCXuHRyEcGa4RhubrVe\n" + "ycuauZYFSp0JhJe+0OtKkBUHSTkoj1aaOByylq8b38ovbFTZ/JiCsYGsmwOfDiSu\n" + "21Fe1mv8+GtFf+t+H+IQBDv2/SHHWwVExW8hwYwXXZ8wodfpLrF7FWQvEa62/DvN\n" + "nQ4sy+z3IJtoPoGBfKMgLSJaNyuavRpbhy1fYuhUwhnbrH1M3YVgi+CnW8lIn44e\n" + "KoSPf11qTlgXBNVezXPYh6cw0FOObkiiuqSL7/ax34Lbz8vWs1yDs6ni9M7l8VUa\n" + "j0MhBEQDTinzz2L7U/uRGkcHYVNsCAIOaStbKxNx2bnEmFL2TShs6eH1kPAyDJ9N\n" + "SFuqmrboF92KNM1wKjIcthbJxPVJVlI1M0B8HVuU00QTIaJyJoQZuNQ6lyzTudwS\n" + "5F69zmQCaRIN2b04m/237Z4/SXuUwFDdDojoFxJ6m1yA86uUigyOzKGavtZz4tgw\n" + "BTCYcxaoCB2ebqNl3L4oE+gaAweAjtivNbAJswCkQF+LPEbAt8m2BZDo1bI4wAg+\n" + "Mjzs83PkzE3bn6q6Rk8HslnOCS55M6gTPu2zvz/FSaLY29X/5D7QtKJPAw30xUA1\n" + "Wjm3K0tkY/wqWntmJW9zVAaLzvW4iA61D9EuRoY/NChyF6HsLL8BjUEktNBItQ/h\n" + "2kUQnrJeoaaW4nIZz/apiryaFekWWpjudO8zxhxHquK8KpwdXK4c6LCMycTio42J\n" + "rw0/Tbe4noTfxPTJoaG9CaJXTq0rIMWxQprUONdjVih3cADI9V6/aO7/fSU+awFG\n" + "0inoNW6HmAT9ztYsUgRJ+JfiZCc7+h8WY/rrDb15Jj0Jjl4pe2B3S57c5zJ7TgHd\n" + "Zm8ED5uagqAcUIsBIlkNABAuia78tLewFFfCV5mYQUp3fHT6MU9EmPFI3YOuwvhk\n" + "NhscLr0qGIdxK9fS190Al3W5VZiCZ3g6bTwRLkjVChNC6e8u2gxGy6Rx0uxW3c73\n" + "/Spk4oYJ4PAT8GAgO4DJyRg52dFMBSBz4ZLAVR1eVVvPRbV7CSSaGLBLvAp/GFbz\n" + "pZ7sfEeGuiSb0GzcdU7anf+xvmSK/rxHfQPjqZ5EcGG3xhONG/SYwUlrp4GlP6Qs\n" + "ZlRSxsfy9YdIzmf3JhDvVtqK5Uj/wGXlX29NDh+X7mhvCOxCPM19AynXtGWgGFkb\n" + "zd8oaGXbIt/FldsQidEx9UINjtmozl/pB03lFL8wbEF/wBuLx+E1Ite2NCspOJTk\n" + "unw8CZJdUXmdVGo23iOrAziQFrlyPKawoX5iOYot47PQ6vcKiV2fnE5XHUqU2l6K\n" + "DHZbSGfz8vjC9LsAJzhhyZvjxi0LIDwxyt+RqV24cxcz7Qecu4DEy0E/xmYIkdyZ\n" + "SW97f3kIsAgQlku1LesNIk4dyzFWMCMGCSqGSIb3DQEJFTEWBBT9j7rrTvF9BQIR\n" + "akEUSP09N/PaYzAvBgkqhkiG9w0BCRQxIh4gAHMAZQByAHYAZQByAC0AbABvAGMA\n" + "YQBsAGgAbwBzAHQwMTAhMAkGBSsOAwIaBQAEFNeGPUIUl4cjhFet09N6VSCxmfSY\n" + "BAjXfJCHoHZI2QICCAA=\n" + "-----END PKCS12-----\n"; + +const gnutls_datum_t server_ca3_pkcs12 = { + (unsigned char *)server_ca3_pkcs12_pem, sizeof(server_ca3_pkcs12_pem) - 1 }; /* Raw public-key key material for testing */ static char rawpk_public_key_pem1[] = - "-----BEGIN PUBLIC KEY-----\n" - "MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAyAeBq7Ti7oVExeVT1PqH\n" - "GBXzC+johdeVnZgZRLhDTIaIGODV5F5JhE4NNb1O/DYLlAy5IIO8tfAE2KIxlarN\n" - "H/+AcfV6ZJQSG4SSmhoIGzfdcdjuBmFfdfhO+z/cgqiewh53/fFCQlaJweHhpmim\n" - "/LVL/M/1Rd6Urskv/5jXGG4FVUNfhXKQag0uzWsqcztCPX7Lrqr2BSOmkA1nWzdo\n" - "h5oBuxdooaH9/kwphqJAp03LwtaSStX/yz6Mh+ZqEbBuM4mWw/xKzbEbs7zA+d8s\n" - "ryHXkC8nsdA+h+IRd8bPa/KuWQNfjxXKNPzgmsZddHmHtYtWvAcoIMvtyO23Y2Nh\n" - "N4V0/7fwFLbZtfUBg4pqUl2ktkdwsNguTT1qzJCsYhsHXaqqvHy+5HR2D0w07y2X\n" - "1qCVmfHzBZCM5OhxoeoauE+xu+5nvYrgsgPE0y5Nty0y2MrApg3digaiKUXrI+mE\n" - "VKn9vsQeaVvw9D6PgNQM99HkbGhRMGPOzcHjS/ZeLd1zAgMBAAE=\n" - "-----END PUBLIC KEY-----"; + "-----BEGIN PUBLIC KEY-----\n" + "MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAyAeBq7Ti7oVExeVT1PqH\n" + "GBXzC+johdeVnZgZRLhDTIaIGODV5F5JhE4NNb1O/DYLlAy5IIO8tfAE2KIxlarN\n" + "H/+AcfV6ZJQSG4SSmhoIGzfdcdjuBmFfdfhO+z/cgqiewh53/fFCQlaJweHhpmim\n" + "/LVL/M/1Rd6Urskv/5jXGG4FVUNfhXKQag0uzWsqcztCPX7Lrqr2BSOmkA1nWzdo\n" + "h5oBuxdooaH9/kwphqJAp03LwtaSStX/yz6Mh+ZqEbBuM4mWw/xKzbEbs7zA+d8s\n" + "ryHXkC8nsdA+h+IRd8bPa/KuWQNfjxXKNPzgmsZddHmHtYtWvAcoIMvtyO23Y2Nh\n" + "N4V0/7fwFLbZtfUBg4pqUl2ktkdwsNguTT1qzJCsYhsHXaqqvHy+5HR2D0w07y2X\n" + "1qCVmfHzBZCM5OhxoeoauE+xu+5nvYrgsgPE0y5Nty0y2MrApg3digaiKUXrI+mE\n" + "VKn9vsQeaVvw9D6PgNQM99HkbGhRMGPOzcHjS/ZeLd1zAgMBAAE=\n" + "-----END PUBLIC KEY-----"; const gnutls_datum_t rawpk_public_key1 = { (unsigned char *)rawpk_public_key_pem1, @@ -1830,45 +1845,45 @@ const gnutls_datum_t rawpk_public_key1 = { }; static char rawpk_private_key_pem1[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIG4wIBAAKCAYEAyAeBq7Ti7oVExeVT1PqHGBXzC+johdeVnZgZRLhDTIaIGODV\n" - "5F5JhE4NNb1O/DYLlAy5IIO8tfAE2KIxlarNH/+AcfV6ZJQSG4SSmhoIGzfdcdju\n" - "BmFfdfhO+z/cgqiewh53/fFCQlaJweHhpmim/LVL/M/1Rd6Urskv/5jXGG4FVUNf\n" - "hXKQag0uzWsqcztCPX7Lrqr2BSOmkA1nWzdoh5oBuxdooaH9/kwphqJAp03LwtaS\n" - "StX/yz6Mh+ZqEbBuM4mWw/xKzbEbs7zA+d8sryHXkC8nsdA+h+IRd8bPa/KuWQNf\n" - "jxXKNPzgmsZddHmHtYtWvAcoIMvtyO23Y2NhN4V0/7fwFLbZtfUBg4pqUl2ktkdw\n" - "sNguTT1qzJCsYhsHXaqqvHy+5HR2D0w07y2X1qCVmfHzBZCM5OhxoeoauE+xu+5n\n" - "vYrgsgPE0y5Nty0y2MrApg3digaiKUXrI+mEVKn9vsQeaVvw9D6PgNQM99HkbGhR\n" - "MGPOzcHjS/ZeLd1zAgMBAAECggGBALHiAw3Yscqd11gJpbCMDqF7u4VG3alQ26un\n" - "PClhl++w380H/Q62TriK1LKKpHgj8834NpXUsXg2d4jTTDcmCn6/L9GoFOzmxOeV\n" - "0O2b4sOZvaNl397qrwLxDAPhec7z9yL4B4tcBqmJ3b3+izX6cS3gaC/uG9fDpgN9\n" - "xOKPYBFInhOB86twAz9cc9eXysto0nJvlODDBj/xwUjvso9qydl1Or7PhWvf7Ek+\n" - "H9ur5MUjqOWe/b/xaSWsfTrJzF/ovbRnGbXLIpozIx609TZS4wYSqU5FUjkL0zTB\n" - "bTdb3jgFm/5SHnnThD67zbZavCxiN9wiTs3zeGlxYf8hMeaTkOYiAOR4/1bOTe2J\n" - "ttRA1EcY+i6H0+JOtLkqwj5ka0m3lrH2KD3E/mHs1yfERQx7VVjw9IpeAKmi5lzQ\n" - "v1lhIXiv75Mb0NMsCknGYPLHCyOY5aA2dhR8Wnr67gOYu3ssexLzMKczk5OTzl5c\n" - "PRHJRXDpJqgOYWujF99uCYhnxonO4QKBwQDUQB0s4shWTyOylq7j4rCSbHf2zHDf\n" - "HBYC75wyjQECNQXNk6hp5jJz2BC0XvnO7PYSRXaVauMc/S3V7V7GMsry3uugfwLy\n" - "XNnyRVY4voe5SNt/WAArybNsPNPEIPzgkZmeWvcpoY8ESufPfVW54BvGHt3YjPjI\n" - "gYmFUkpPRUWXfji91NpTlIrsP6jtBTYXGV4kVm+TawP06a6FdCjJQaI7Nm2dwUiX\n" - "Cmf4oFSo8mGxi0wimX+BiLJep2bYnUF2gqMCgcEA8UKESDX3jBpyz59vpSjmfpw1\n" - "AnlEfR6s83W92m0HfEYLulfxq9xA2zaQjy4GbaKVRfLrO2Pj3bZWs89RGXTQVGgq\n" - "ztCLIRsL+M1SQ883e8yx4jwFaqIM+pPpvAjOOOTdpgY33h7w20tgrbzVKeOl1ghC\n" - "IZ+K8C/tIGZXI5/TYppl7csIOoYRtzuRpyDE0tmwy658RfyxzEtfLxJoaLiFXOE0\n" - "zFFrEvT/jto4jN+cwsdnHhxrY9+bVNUNyb9ZH7bxAoHARvcIyjEo+nKLZPKsltT8\n" - "ZHiPw5ynQHGLin/CocQzSiGgRxPPg1jMFZ9wNl5q95ySyZkgBOUv+klMQfKTdYEW\n" - "Cg4uigLtYUtaM36rTV2m03RgrzslE37k1pOf2juNUShdTGztpqW1w6Gnz+AAAZ3E\n" - "q4E2e2jm5WMqL8FLxyVKF1TEc/Pu63MG3+aI/HZ5l0+MAmpD8+4b7I8VItmrqV6g\n" - "d1vDWrN9KcL48E/q/nHL6CjC0+6uiwjBWpRt9o7djFoxAoHAJzK/e1wJVGIXtVQa\n" - "N6Nlj7yhgD1ju1B4mTXQGuUMCkz3KtePFHU8tGExK5I2ySlZR3wobAXWx/cQLzbH\n" - "3nL0RkKGcgPAFyjl0Q7LBulsAllHrZJC7whVQ4E0wLBNkUDeIlNwUE6Go5qjopbD\n" - "q4KpNxUwaXYahNvEkzcNgWQ+XA7p8LDELX4K8tJi39ybHgbwiqdW2ags2xyD4ooD\n" - "HMCeKnEMuwWfd/0GaJdcCMdsGNl9D49eg2OZQTc8fkLwoA6BAoHATQdk3VZwGGn/\n" - "93p9vu189alkshTmir+SOo/ufH5U+j7t8cPeT7psuYAPZWS+Z6KEzvHxj54pAvcp\n" - "mlAngD3+AfHDn/VAtYv5HVcpZ+K2K0X4v8N5HGIubgaebs2oVNz+RAWnd8K2drDG\n" - "NcJV3C+zLziTCwvpGCIy3T/lHjKe+YczjGfhg2e6PgfwhTqPAjuhUZ8wScYo7l7V\n" - "zAhlSL0665IXJ32zX+3LyQFDbkB6pbKy5TU+rX3DmDyj3MSbc3kR\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIG4wIBAAKCAYEAyAeBq7Ti7oVExeVT1PqHGBXzC+johdeVnZgZRLhDTIaIGODV\n" + "5F5JhE4NNb1O/DYLlAy5IIO8tfAE2KIxlarNH/+AcfV6ZJQSG4SSmhoIGzfdcdju\n" + "BmFfdfhO+z/cgqiewh53/fFCQlaJweHhpmim/LVL/M/1Rd6Urskv/5jXGG4FVUNf\n" + "hXKQag0uzWsqcztCPX7Lrqr2BSOmkA1nWzdoh5oBuxdooaH9/kwphqJAp03LwtaS\n" + "StX/yz6Mh+ZqEbBuM4mWw/xKzbEbs7zA+d8sryHXkC8nsdA+h+IRd8bPa/KuWQNf\n" + "jxXKNPzgmsZddHmHtYtWvAcoIMvtyO23Y2NhN4V0/7fwFLbZtfUBg4pqUl2ktkdw\n" + "sNguTT1qzJCsYhsHXaqqvHy+5HR2D0w07y2X1qCVmfHzBZCM5OhxoeoauE+xu+5n\n" + "vYrgsgPE0y5Nty0y2MrApg3digaiKUXrI+mEVKn9vsQeaVvw9D6PgNQM99HkbGhR\n" + "MGPOzcHjS/ZeLd1zAgMBAAECggGBALHiAw3Yscqd11gJpbCMDqF7u4VG3alQ26un\n" + "PClhl++w380H/Q62TriK1LKKpHgj8834NpXUsXg2d4jTTDcmCn6/L9GoFOzmxOeV\n" + "0O2b4sOZvaNl397qrwLxDAPhec7z9yL4B4tcBqmJ3b3+izX6cS3gaC/uG9fDpgN9\n" + "xOKPYBFInhOB86twAz9cc9eXysto0nJvlODDBj/xwUjvso9qydl1Or7PhWvf7Ek+\n" + "H9ur5MUjqOWe/b/xaSWsfTrJzF/ovbRnGbXLIpozIx609TZS4wYSqU5FUjkL0zTB\n" + "bTdb3jgFm/5SHnnThD67zbZavCxiN9wiTs3zeGlxYf8hMeaTkOYiAOR4/1bOTe2J\n" + "ttRA1EcY+i6H0+JOtLkqwj5ka0m3lrH2KD3E/mHs1yfERQx7VVjw9IpeAKmi5lzQ\n" + "v1lhIXiv75Mb0NMsCknGYPLHCyOY5aA2dhR8Wnr67gOYu3ssexLzMKczk5OTzl5c\n" + "PRHJRXDpJqgOYWujF99uCYhnxonO4QKBwQDUQB0s4shWTyOylq7j4rCSbHf2zHDf\n" + "HBYC75wyjQECNQXNk6hp5jJz2BC0XvnO7PYSRXaVauMc/S3V7V7GMsry3uugfwLy\n" + "XNnyRVY4voe5SNt/WAArybNsPNPEIPzgkZmeWvcpoY8ESufPfVW54BvGHt3YjPjI\n" + "gYmFUkpPRUWXfji91NpTlIrsP6jtBTYXGV4kVm+TawP06a6FdCjJQaI7Nm2dwUiX\n" + "Cmf4oFSo8mGxi0wimX+BiLJep2bYnUF2gqMCgcEA8UKESDX3jBpyz59vpSjmfpw1\n" + "AnlEfR6s83W92m0HfEYLulfxq9xA2zaQjy4GbaKVRfLrO2Pj3bZWs89RGXTQVGgq\n" + "ztCLIRsL+M1SQ883e8yx4jwFaqIM+pPpvAjOOOTdpgY33h7w20tgrbzVKeOl1ghC\n" + "IZ+K8C/tIGZXI5/TYppl7csIOoYRtzuRpyDE0tmwy658RfyxzEtfLxJoaLiFXOE0\n" + "zFFrEvT/jto4jN+cwsdnHhxrY9+bVNUNyb9ZH7bxAoHARvcIyjEo+nKLZPKsltT8\n" + "ZHiPw5ynQHGLin/CocQzSiGgRxPPg1jMFZ9wNl5q95ySyZkgBOUv+klMQfKTdYEW\n" + "Cg4uigLtYUtaM36rTV2m03RgrzslE37k1pOf2juNUShdTGztpqW1w6Gnz+AAAZ3E\n" + "q4E2e2jm5WMqL8FLxyVKF1TEc/Pu63MG3+aI/HZ5l0+MAmpD8+4b7I8VItmrqV6g\n" + "d1vDWrN9KcL48E/q/nHL6CjC0+6uiwjBWpRt9o7djFoxAoHAJzK/e1wJVGIXtVQa\n" + "N6Nlj7yhgD1ju1B4mTXQGuUMCkz3KtePFHU8tGExK5I2ySlZR3wobAXWx/cQLzbH\n" + "3nL0RkKGcgPAFyjl0Q7LBulsAllHrZJC7whVQ4E0wLBNkUDeIlNwUE6Go5qjopbD\n" + "q4KpNxUwaXYahNvEkzcNgWQ+XA7p8LDELX4K8tJi39ybHgbwiqdW2ags2xyD4ooD\n" + "HMCeKnEMuwWfd/0GaJdcCMdsGNl9D49eg2OZQTc8fkLwoA6BAoHATQdk3VZwGGn/\n" + "93p9vu189alkshTmir+SOo/ufH5U+j7t8cPeT7psuYAPZWS+Z6KEzvHxj54pAvcp\n" + "mlAngD3+AfHDn/VAtYv5HVcpZ+K2K0X4v8N5HGIubgaebs2oVNz+RAWnd8K2drDG\n" + "NcJV3C+zLziTCwvpGCIy3T/lHjKe+YczjGfhg2e6PgfwhTqPAjuhUZ8wScYo7l7V\n" + "zAhlSL0665IXJ32zX+3LyQFDbkB6pbKy5TU+rX3DmDyj3MSbc3kR\n" + "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t rawpk_private_key1 = { (unsigned char *)rawpk_private_key_pem1, @@ -1876,17 +1891,17 @@ const gnutls_datum_t rawpk_private_key1 = { }; const char rawpk_public_key_pem2[] = - "-----BEGIN PUBLIC KEY-----\n" - "MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA0tQAiQ13zWGZMV9YxFo2\n" - "H15yERrkr8KD7z6QheVeatc2+5X0m5/+/o95nmnt6Mlwa27U78QwkHBccOaNkSi7\n" - "HGMopaxatEsF/S30MDmhqOi9R2VtMwDaa2zWH/s2wPHn8efn2/zG0jeXCzNsXFs4\n" - "zNApaZmTJCHaDRUE12adwP5i6GvUb978f27Cm0gnkSWBH9OdVnMunQkm/L16NI3E\n" - "lvcDEEJbqhX2eswHenbhw//LiR1EKRtHEjWywAq5AeHeYNH+2zjff59SGD6Bn+W2\n" - "vPKBhSWCyFDPGRfcYeCX2LFM7+Xx0j+GLzBnkjBhEgdsdLJ7Bt8aDToUJScLxeeP\n" - "oOmL9e0bec20debwF0G/7QMlwRgDjV3sd3u+5RxRCeOh8Xqfbs/tij7tnU93orhc\n" - "MzGjcn5XZ6WicyimuTruNznhKhNp6vmizCpwQAroimaZGV7F/8nvHInTZfpNH/+b\n" - "++gYbddkH+MouxOXcAEUku6vN0JzDgA4qj4Tw7dffXSDAgMBAAE=\n" - "-----END PUBLIC KEY-----\n"; + "-----BEGIN PUBLIC KEY-----\n" + "MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA0tQAiQ13zWGZMV9YxFo2\n" + "H15yERrkr8KD7z6QheVeatc2+5X0m5/+/o95nmnt6Mlwa27U78QwkHBccOaNkSi7\n" + "HGMopaxatEsF/S30MDmhqOi9R2VtMwDaa2zWH/s2wPHn8efn2/zG0jeXCzNsXFs4\n" + "zNApaZmTJCHaDRUE12adwP5i6GvUb978f27Cm0gnkSWBH9OdVnMunQkm/L16NI3E\n" + "lvcDEEJbqhX2eswHenbhw//LiR1EKRtHEjWywAq5AeHeYNH+2zjff59SGD6Bn+W2\n" + "vPKBhSWCyFDPGRfcYeCX2LFM7+Xx0j+GLzBnkjBhEgdsdLJ7Bt8aDToUJScLxeeP\n" + "oOmL9e0bec20debwF0G/7QMlwRgDjV3sd3u+5RxRCeOh8Xqfbs/tij7tnU93orhc\n" + "MzGjcn5XZ6WicyimuTruNznhKhNp6vmizCpwQAroimaZGV7F/8nvHInTZfpNH/+b\n" + "++gYbddkH+MouxOXcAEUku6vN0JzDgA4qj4Tw7dffXSDAgMBAAE=\n" + "-----END PUBLIC KEY-----\n"; const gnutls_datum_t rawpk_public_key2 = { (unsigned char *)rawpk_public_key_pem2, @@ -1894,49 +1909,49 @@ const gnutls_datum_t rawpk_public_key2 = { }; const char rawpk_private_key_pem2[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIG4wIBAAKCAYEA0tQAiQ13zWGZMV9YxFo2H15yERrkr8KD7z6QheVeatc2+5X0\n" - "m5/+/o95nmnt6Mlwa27U78QwkHBccOaNkSi7HGMopaxatEsF/S30MDmhqOi9R2Vt\n" - "MwDaa2zWH/s2wPHn8efn2/zG0jeXCzNsXFs4zNApaZmTJCHaDRUE12adwP5i6GvU\n" - "b978f27Cm0gnkSWBH9OdVnMunQkm/L16NI3ElvcDEEJbqhX2eswHenbhw//LiR1E\n" - "KRtHEjWywAq5AeHeYNH+2zjff59SGD6Bn+W2vPKBhSWCyFDPGRfcYeCX2LFM7+Xx\n" - "0j+GLzBnkjBhEgdsdLJ7Bt8aDToUJScLxeePoOmL9e0bec20debwF0G/7QMlwRgD\n" - "jV3sd3u+5RxRCeOh8Xqfbs/tij7tnU93orhcMzGjcn5XZ6WicyimuTruNznhKhNp\n" - "6vmizCpwQAroimaZGV7F/8nvHInTZfpNH/+b++gYbddkH+MouxOXcAEUku6vN0Jz\n" - "DgA4qj4Tw7dffXSDAgMBAAECggGAVD3oFNtv0n48I1FQ++x8Ed7AP3t6g4x7AX8D\n" - "aq0zJAfo7XCG9CRjVL5pv1XefZT4OcVoioHfUefD2E0XpjgbRAWPOVv8Rmxv8TGK\n" - "kDaHFSIid8PcdXPS0vgDO3Y686/1mWCr8eg4XclerlgW5XSB5r0KvyphdB+erHmI\n" - "nLVhNbuwM+TaVvVH+Xd9hWS4grP0u43oIaIWryL4FCd2DEfVlOkQrU+GpxjtizW5\n" - "i0KzhYjRgHFUSgSfSnRwf3IJaOoiIpOma2p7R4dVoQkVGS6bStqPcqSUGVxH2CLu\n" - "TC7B0xZZs2xq6pLVWYXh/J79Ziw76+7qeMwFatzsUPtB6smQvR7016BThY6Cj+ui\n" - "KgTCZGpbb30MCn9/px8P2jXagA9fnPzf31WkdbsnjrYPNe6kkP5snJtz6k3cYex2\n" - "P8WulCS23qjCdVoUcoSDzPiaFtnPR/HcZDpTYuxKuUMoQrqsmRHeF/QRvbXkKFQC\n" - "Kudpfna5CAIT5IaIWwXQp0NfpnNBAoHBAPcnqz2uZaVZO7LiZEMc3cDfiPTp2vhf\n" - "VRYNyvTZIYgAox8k49waEQq6MyD5N2oWyRjWsQ0ta/BqJgMLoG42oyDntp/HGhZC\n" - "SxLQEu4ursFsCE32I4nyt7DD5erzX+H6folRq2BelL6ISwdr1g1wJZ3cCrwGbG/P\n" - "7MUYtSo026K9iXCqv9t7Q3TYe7yECVrxqbOu++C2df8IodehUm5wQZTsysBDfCHZ\n" - "PT9m4Qfaryq/u4N5w8nCt/Ep3JkjqyJL4wKBwQDaX4WbwL6ipyt6k4NZ6dEe0aLT\n" - "yKowO0rAWckr6WbA6kFBV2JWPswdV7gCqSOaae+UVc6cpw07jc39vsFNFGDL6OfC\n" - "HvmjQ2HQ/Mf4RjNTSt1rYpiB7DTqtLCys454OHFxo0UinXUc20+timroLEJbZJ23\n" - "upgAvico9zgCyjiwHoEVCpwZerLcLJk44mSGANiBLMo6YfyWj+PfLOeXu5rs4vhC\n" - "K0JBPdIzXHKwv996qFpy8xBatfO/+CH2NR/D1uECgcB8mATdbWNUfa14umQs6Qpp\n" - "Rsb2IEYA2547Jezgje03cIrLEn/D32gj7kYEI15qHt51pRVQPUuiwQA0nNHdfbGy\n" - "ztzjoy1ldzn9W+OPKv1yCJIPKzwzOKadd8QaM2Jsuyi69O7eABAgFPkt3pDj6Vst\n" - "P1Yx/1L+8uS7X39ErazjV4VHxOw/Kt6Qsul92VoV/Km+KUJUv+awEJv15h92CSUm\n" - "fFChp+OV9LvJkIV0vit783gGCYZH2d98tcu9b5vACF0CgcAZM0rM5ZpaVOZcl+dh\n" - "me0LHHAo9pBFTqJavkHL8nxsKNxs+POdNlQB0tymWfSE3lLKkHhudYy+Yafy72+J\n" - "QJ/HCFKugTqXz6/bGUDOcvN7WjlhKhilbafRqhZ2GOiJESJuVcQlsXwRX3G7eizK\n" - "LElgGKVmzX67HzaPsK/jCokuMeb9kaLgAdvgMrlf6ihlmnVhutR/lk065tIKMDlt\n" - "tjWzvqGdqTZVJxg52yJVKV9V3VXKzCgH/9VoQu9QZWMMC6ECgcEAu2lYMEfbrTYS\n" - "u2ukovL69EnxUfQ76f8/cs3gVsOWRxPN6MFe8pR7lC03orHckGdwVF0uUSbek4F7\n" - "vmZxewPQvVWntGfyL3uhln+xyJbfd/a4YThTDzXIy++jdrKGCVPc9Z+XPWJyc5qM\n" - "fA7FxB9uBfVyHKa3LIsuvyFtSKF38pEVMrL4kTnB++Eg536AOZbYB351dMi0qXzN\n" - "Ljyi36ud0J5l00OZAanLPw7dklZOTYNguCDRhi6k7qpayV7ywLSB\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIG4wIBAAKCAYEA0tQAiQ13zWGZMV9YxFo2H15yERrkr8KD7z6QheVeatc2+5X0\n" + "m5/+/o95nmnt6Mlwa27U78QwkHBccOaNkSi7HGMopaxatEsF/S30MDmhqOi9R2Vt\n" + "MwDaa2zWH/s2wPHn8efn2/zG0jeXCzNsXFs4zNApaZmTJCHaDRUE12adwP5i6GvU\n" + "b978f27Cm0gnkSWBH9OdVnMunQkm/L16NI3ElvcDEEJbqhX2eswHenbhw//LiR1E\n" + "KRtHEjWywAq5AeHeYNH+2zjff59SGD6Bn+W2vPKBhSWCyFDPGRfcYeCX2LFM7+Xx\n" + "0j+GLzBnkjBhEgdsdLJ7Bt8aDToUJScLxeePoOmL9e0bec20debwF0G/7QMlwRgD\n" + "jV3sd3u+5RxRCeOh8Xqfbs/tij7tnU93orhcMzGjcn5XZ6WicyimuTruNznhKhNp\n" + "6vmizCpwQAroimaZGV7F/8nvHInTZfpNH/+b++gYbddkH+MouxOXcAEUku6vN0Jz\n" + "DgA4qj4Tw7dffXSDAgMBAAECggGAVD3oFNtv0n48I1FQ++x8Ed7AP3t6g4x7AX8D\n" + "aq0zJAfo7XCG9CRjVL5pv1XefZT4OcVoioHfUefD2E0XpjgbRAWPOVv8Rmxv8TGK\n" + "kDaHFSIid8PcdXPS0vgDO3Y686/1mWCr8eg4XclerlgW5XSB5r0KvyphdB+erHmI\n" + "nLVhNbuwM+TaVvVH+Xd9hWS4grP0u43oIaIWryL4FCd2DEfVlOkQrU+GpxjtizW5\n" + "i0KzhYjRgHFUSgSfSnRwf3IJaOoiIpOma2p7R4dVoQkVGS6bStqPcqSUGVxH2CLu\n" + "TC7B0xZZs2xq6pLVWYXh/J79Ziw76+7qeMwFatzsUPtB6smQvR7016BThY6Cj+ui\n" + "KgTCZGpbb30MCn9/px8P2jXagA9fnPzf31WkdbsnjrYPNe6kkP5snJtz6k3cYex2\n" + "P8WulCS23qjCdVoUcoSDzPiaFtnPR/HcZDpTYuxKuUMoQrqsmRHeF/QRvbXkKFQC\n" + "Kudpfna5CAIT5IaIWwXQp0NfpnNBAoHBAPcnqz2uZaVZO7LiZEMc3cDfiPTp2vhf\n" + "VRYNyvTZIYgAox8k49waEQq6MyD5N2oWyRjWsQ0ta/BqJgMLoG42oyDntp/HGhZC\n" + "SxLQEu4ursFsCE32I4nyt7DD5erzX+H6folRq2BelL6ISwdr1g1wJZ3cCrwGbG/P\n" + "7MUYtSo026K9iXCqv9t7Q3TYe7yECVrxqbOu++C2df8IodehUm5wQZTsysBDfCHZ\n" + "PT9m4Qfaryq/u4N5w8nCt/Ep3JkjqyJL4wKBwQDaX4WbwL6ipyt6k4NZ6dEe0aLT\n" + "yKowO0rAWckr6WbA6kFBV2JWPswdV7gCqSOaae+UVc6cpw07jc39vsFNFGDL6OfC\n" + "HvmjQ2HQ/Mf4RjNTSt1rYpiB7DTqtLCys454OHFxo0UinXUc20+timroLEJbZJ23\n" + "upgAvico9zgCyjiwHoEVCpwZerLcLJk44mSGANiBLMo6YfyWj+PfLOeXu5rs4vhC\n" + "K0JBPdIzXHKwv996qFpy8xBatfO/+CH2NR/D1uECgcB8mATdbWNUfa14umQs6Qpp\n" + "Rsb2IEYA2547Jezgje03cIrLEn/D32gj7kYEI15qHt51pRVQPUuiwQA0nNHdfbGy\n" + "ztzjoy1ldzn9W+OPKv1yCJIPKzwzOKadd8QaM2Jsuyi69O7eABAgFPkt3pDj6Vst\n" + "P1Yx/1L+8uS7X39ErazjV4VHxOw/Kt6Qsul92VoV/Km+KUJUv+awEJv15h92CSUm\n" + "fFChp+OV9LvJkIV0vit783gGCYZH2d98tcu9b5vACF0CgcAZM0rM5ZpaVOZcl+dh\n" + "me0LHHAo9pBFTqJavkHL8nxsKNxs+POdNlQB0tymWfSE3lLKkHhudYy+Yafy72+J\n" + "QJ/HCFKugTqXz6/bGUDOcvN7WjlhKhilbafRqhZ2GOiJESJuVcQlsXwRX3G7eizK\n" + "LElgGKVmzX67HzaPsK/jCokuMeb9kaLgAdvgMrlf6ihlmnVhutR/lk065tIKMDlt\n" + "tjWzvqGdqTZVJxg52yJVKV9V3VXKzCgH/9VoQu9QZWMMC6ECgcEAu2lYMEfbrTYS\n" + "u2ukovL69EnxUfQ76f8/cs3gVsOWRxPN6MFe8pR7lC03orHckGdwVF0uUSbek4F7\n" + "vmZxewPQvVWntGfyL3uhln+xyJbfd/a4YThTDzXIy++jdrKGCVPc9Z+XPWJyc5qM\n" + "fA7FxB9uBfVyHKa3LIsuvyFtSKF38pEVMrL4kTnB++Eg536AOZbYB351dMi0qXzN\n" + "Ljyi36ud0J5l00OZAanLPw7dklZOTYNguCDRhi6k7qpayV7ywLSB\n" + "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t rawpk_private_key2 = { (unsigned char *)rawpk_private_key_pem2, sizeof(rawpk_private_key_pem2) - 1 }; -#endif /* GNUTLS_TESTS_CERT_COMMON_H */ +#endif /* GNUTLS_TESTS_CERT_COMMON_H */ diff --git a/tests/cert-repro-20170915.h b/tests/cert-repro-20170915.h index 66d7f87fd9..77a94f084e 100644 --- a/tests/cert-repro-20170915.h +++ b/tests/cert-repro-20170915.h @@ -1,384 +1,387 @@ #ifndef GNUTLS_TESTS_CERT_REPRO_20170915_H -# define GNUTLS_TESTS_CERT_REPRO_20170915_H +#define GNUTLS_TESTS_CERT_REPRO_20170915_H static char client_cert_repro_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIILITCCBiegAwIBAgIJAMHDrh3rcjmCMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\n" - "BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX\n" - "aWRnaXRzIFB0eSBMdGQwHhcNMTcwOTEzMDkzOTE1WhcNMTcwOTE0MDkzOTE1WjBF\n" - "MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50\n" - "ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIFBDANBgkqhkiG9w0BAQEFAAOCBPEAMIIE\n" - "7AKCBOMAxa5Is252x+Q0JMEZoU2DTZVqTPQMFfkv9bLjFCrbtUQCjEB187oPh9HE\n" - "vEqkuC5hVl2H+kPa7u2sYrthPNCdMXd/kVAmSE9iS7sKuV8Z9UERHerP0tp06948\n" - "WpsuDe4iUsKzDLkQwT3x3pnzj0f7WjQkLBx7nr533JEoKpU0Kq6Zh5UHSapJdZ8j\n" - "0y6sAZ9QDYIHvBkXM+L6gsZUOV7dqE5+71e+o+upUZoRkpwowckIjvttCKmoaUSf\n" - "swBm8p9c/8Gwaw+TW90/NiAgjllcu+ON0cFEG/OecmtnfYpIzF14M8eW2QjOA7K5\n" - "1PP2EIYM6sJzZ6EUnCUkLHg8tVyluGNIU+0/pcCK3PK0APahKCLQy0KINcYS8omP\n" - "HUgiXWZLns2WrvJinkhcDqDhIDd5F3cGLdzaps5NKmgRNpZJFGC4qAOj0MFqkU+3\n" - "Lyq81fEKcmrhsATjVptvNDp3/gFiJqNry0YCmS3QnbokugCKPeWcJZyXf9QzVlC/\n" - "NGZGQXN0ncMUkCDEbQcsbYz079Tu4h+/PMFrIoFTqc4DnwbTNOpgnlMHdOZIhwl5\n" - "2lSRjnp/VjyJePpj3Z17eVboVZPs2qcukdCtjUPBZ8+ycIVeDf8aHtu69duS0nCI\n" - "D3zXb7vOtdqcQ4tHY/SmNEVK2wAXZh0e2TUM2PT3OpCce/TBf+u2Rh9t9btv75XI\n" - "8QbY68SlZUTnFZELsE7IPDgdwIERXiIOMfmTL6XNBAkmWEsVQBfHiP55d5B4b/3p\n" - "niQ3RhBr0X8pYh8m0HAZyFGKIU/8egHPEH6EVFQlbzmG/ubNb8JGNwfiATjbr6BW\n" - "L/aF/4lxqL1/gOQ9dtZvK4tys5dIXcSN//CRE/rhUCCl+kg7DuXd9h/xg1QcnnkI\n" - "GymUb67lNFXZx/all9H08ApB9ldufcwaFvWhc37sGWTnaLpEnxNNqlPAr9G9BHZA\n" - "tUezrGSx7+YRJKH61xevuomTeMX+T1HlO/YSKoX2R3Qk9ClWQzrT73cCYhEai5bD\n" - "FO9MX00hRUfXBKl2u8GEzMzwN/1oSWuXMYQbW5NP+UAchBi82ihR2zg2S+Wzl4NC\n" - "Wr7vjwNXaj0e1UKwCxk2ypGx7dX/URe9skttZgr9va8NrW6aNokiTgG6BKq4sfjv\n" - "bqZ3+uAiPg6QnnjLEGizfVGno4+ufky3y5yc3MIgLvrxo8IhHp7iXqf5ebPBdyYo\n" - "BuAhERp7CDBcIDoOFW2xyljwTwpadMCmC2rmJmuwNvxKT1r9EZ/jiqwiVw8zuhYc\n" - "P0LTM5B+OlDrOFVBW9zRF4lSKX30/cR7XaPlGS6WbYTsuuJeUnWsS42jrQiOQH88\n" - "x4zrLcqwkchLl5SBw6ywS0RAszBI8OkHzFmbBIr6Q0vgmfy+ugd6ssv5Ec8Imfg1\n" - "UQdBWclzgWppb8JFBTjY8keqt9bgVfZfV+cOjuMTqOdHP/eu4n2h/6fECwd4sk12\n" - "fyesKgVbtMkMXOkTUCeGIstsrvRX7BAupRISXbl+gAK/Ew0kB4YioXI51FNVO7eI\n" - "kEkZIdWLfr9J2iSxiOuOlghYc4v+CJOFW6/DIBhK96Ih0ygteztuJ4D+GBXXx7h4\n" - "mHygdAk6zPQtZ+nbz9qPOl0rS3F6XOmR7GgcXX6Zxfpj4Afd/7XFR3IntqlHbqNv\n" - "SkkZcIpiiwkCAwEAAaNQME4wHQYDVR0OBBYEFPfXnI4wJZG2AzoMj5AbZHoiTHp9\n" - "MB8GA1UdIwQYMBaAFPfXnI4wJZG2AzoMj5AbZHoiTHp9MAwGA1UdEwQFMAMBAf8w\n" - "DQYJKoZIhvcNAQELBQADggTjACd/BFFw29X5lkQA+o+NqQlkoKhFMjReZgkt9ou8\n" - "zSEhAbbrVMdljUjRAbs0FevIV23MJRv4st//JWl/H/OcUHYfHwTkYD0SZNJ2BDvM\n" - "9K4ItGvwBlYilPxcwQmFCErjJuI164bXDHWEcc69XXK9cfKhV4g8JxEQptE5mHPi\n" - "RcFCvN+Z2h80+c+M6xUGHRUIUHLdih9pOimhwT8msKcLBT3IcFcaBj8KO2Lr6aLK\n" - "/rADUMObkfBF1rMMOUo07GX/bJjt7V4Jj7v7G9OhIh+//a9LVE8sYWzoqAf/hBDE\n" - "vrX/5JRToUIQl6bxaVyDnCGdrUh9qfiRC3sNVKnWksGdPked2V2hUonr2UZZy4E4\n" - "feDcICkeZ9cUvIBmi+oPfWJnQ7Hb3HBToZG4lvsO1EIRJDNv3vXz9HcRFNNkvLE4\n" - "Xidvs/v1e2nTemGFzDyV1hUIevXza4eydgFDrjhWdHFj6HMNaJ0WXINBQ4Vl9AW0\n" - "X3BuPZC9TbLQlUKfJz9GdRjuj9eQtA0pEeToB6ySYePeyQmqTEdO9ufYoa1L0Sdt\n" - "ueOGqQW9BD55sb2lbh53TsyHPgklYKYJ/fJd6Df1ox4DIeFZ/sCTp7GMtgPizcA0\n" - "OYOtamtFL3upLQsr8hu1NWmdX3/qXYUycpt0W0g4F3bKILk6O4gqNYA7AOEWPY7B\n" - "hRD84fU3jHjDfAc2TbL/Zc/54F33SM/NA1WmkYKThlTRy2VQ7yhZKkiluapQ94BL\n" - "umMfyRPSUSNnWJzPLKoZ7701pR2Pc0AWY15zcCuUsNtB1vAnmAeOggBvzwc4xshc\n" - "g1E/VSYXID0Fmn0IF4ZLJdOK8pA9ae5dGj2kmk8Spw/wSSHe+dGDL708L2/q19Za\n" - "rtDOAXLTzjUB/tinQuEk27LhrVKV7TY5mS/HR22glH8PVIZ2X86+9Ad/d2CqWJSV\n" - "ukuuXfzsUuO2ElDz74dH9U7jOYsulo0/0OKR9pjVmmDtAji+Hc1TlSjEOKyuCfqI\n" - "7A+3SorkrEFqWxmOb9Kv2Z+hE/+RF80k3CvNfD8taxIkGUyj8dSlytMitnzS/PA4\n" - "6EwE2Vxsm39CvcWgqSTAaYzC5pLZy3W5ATna0gU6em8bMpliNo4HrIKB6c27/ScY\n" - "OTYc0DK/cpREOFxz3C20agiRVCn7Vt+vdnBqh4yj/l5hhrlZXrn0iDyr67g5E8iL\n" - "enXeGhuOzIJw70OfB/WdVXkmopgBm9J0yVgL7UR8uN0Y5SQCy/4L26YOdxk/fmbE\n" - "bGfsS2AvFZZ4dP0hYmHQO2F0UfQ1iYe9R/cF6TqhtRLuVAXz9wbwNf+pCjJuhg91\n" - "WY9Lpo5onkoUal4e325xAASnsWAMoFnpS+D/VOPmOuWmnjAj8001ueXFCPKb8VK0\n" - "G1dxTZrZs0KPi4xrLSF/5L6n5H7VM6yRnX1BUun96lBzV45P3rAhCy+7r6IHMAqJ\n" - "VuM0+G/s9ZHRnmm3RwM4ufRGF+uSVzcBaVB0iPTXKWPDizBTgowa2CqVGmFalEIm\n" - "XPWqyhXwgctDCre4P0QYKSqoSaZ0aQaoPGZ10K3m12Pq69gmi6aRKhse7MkfQtho\n" - "+3Gix3f5m0hgDjp/v3UApfP+bAObOODGG+MhJJOBJlmZE/B1jwyJpV/YjHi2VRsm\n" - "GkcJOt7A+6vGf1zPNNoB+/fAd6B+\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIILITCCBiegAwIBAgIJAMHDrh3rcjmCMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\n" + "BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX\n" + "aWRnaXRzIFB0eSBMdGQwHhcNMTcwOTEzMDkzOTE1WhcNMTcwOTE0MDkzOTE1WjBF\n" + "MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50\n" + "ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIFBDANBgkqhkiG9w0BAQEFAAOCBPEAMIIE\n" + "7AKCBOMAxa5Is252x+Q0JMEZoU2DTZVqTPQMFfkv9bLjFCrbtUQCjEB187oPh9HE\n" + "vEqkuC5hVl2H+kPa7u2sYrthPNCdMXd/kVAmSE9iS7sKuV8Z9UERHerP0tp06948\n" + "WpsuDe4iUsKzDLkQwT3x3pnzj0f7WjQkLBx7nr533JEoKpU0Kq6Zh5UHSapJdZ8j\n" + "0y6sAZ9QDYIHvBkXM+L6gsZUOV7dqE5+71e+o+upUZoRkpwowckIjvttCKmoaUSf\n" + "swBm8p9c/8Gwaw+TW90/NiAgjllcu+ON0cFEG/OecmtnfYpIzF14M8eW2QjOA7K5\n" + "1PP2EIYM6sJzZ6EUnCUkLHg8tVyluGNIU+0/pcCK3PK0APahKCLQy0KINcYS8omP\n" + "HUgiXWZLns2WrvJinkhcDqDhIDd5F3cGLdzaps5NKmgRNpZJFGC4qAOj0MFqkU+3\n" + "Lyq81fEKcmrhsATjVptvNDp3/gFiJqNry0YCmS3QnbokugCKPeWcJZyXf9QzVlC/\n" + "NGZGQXN0ncMUkCDEbQcsbYz079Tu4h+/PMFrIoFTqc4DnwbTNOpgnlMHdOZIhwl5\n" + "2lSRjnp/VjyJePpj3Z17eVboVZPs2qcukdCtjUPBZ8+ycIVeDf8aHtu69duS0nCI\n" + "D3zXb7vOtdqcQ4tHY/SmNEVK2wAXZh0e2TUM2PT3OpCce/TBf+u2Rh9t9btv75XI\n" + "8QbY68SlZUTnFZELsE7IPDgdwIERXiIOMfmTL6XNBAkmWEsVQBfHiP55d5B4b/3p\n" + "niQ3RhBr0X8pYh8m0HAZyFGKIU/8egHPEH6EVFQlbzmG/ubNb8JGNwfiATjbr6BW\n" + "L/aF/4lxqL1/gOQ9dtZvK4tys5dIXcSN//CRE/rhUCCl+kg7DuXd9h/xg1QcnnkI\n" + "GymUb67lNFXZx/all9H08ApB9ldufcwaFvWhc37sGWTnaLpEnxNNqlPAr9G9BHZA\n" + "tUezrGSx7+YRJKH61xevuomTeMX+T1HlO/YSKoX2R3Qk9ClWQzrT73cCYhEai5bD\n" + "FO9MX00hRUfXBKl2u8GEzMzwN/1oSWuXMYQbW5NP+UAchBi82ihR2zg2S+Wzl4NC\n" + "Wr7vjwNXaj0e1UKwCxk2ypGx7dX/URe9skttZgr9va8NrW6aNokiTgG6BKq4sfjv\n" + "bqZ3+uAiPg6QnnjLEGizfVGno4+ufky3y5yc3MIgLvrxo8IhHp7iXqf5ebPBdyYo\n" + "BuAhERp7CDBcIDoOFW2xyljwTwpadMCmC2rmJmuwNvxKT1r9EZ/jiqwiVw8zuhYc\n" + "P0LTM5B+OlDrOFVBW9zRF4lSKX30/cR7XaPlGS6WbYTsuuJeUnWsS42jrQiOQH88\n" + "x4zrLcqwkchLl5SBw6ywS0RAszBI8OkHzFmbBIr6Q0vgmfy+ugd6ssv5Ec8Imfg1\n" + "UQdBWclzgWppb8JFBTjY8keqt9bgVfZfV+cOjuMTqOdHP/eu4n2h/6fECwd4sk12\n" + "fyesKgVbtMkMXOkTUCeGIstsrvRX7BAupRISXbl+gAK/Ew0kB4YioXI51FNVO7eI\n" + "kEkZIdWLfr9J2iSxiOuOlghYc4v+CJOFW6/DIBhK96Ih0ygteztuJ4D+GBXXx7h4\n" + "mHygdAk6zPQtZ+nbz9qPOl0rS3F6XOmR7GgcXX6Zxfpj4Afd/7XFR3IntqlHbqNv\n" + "SkkZcIpiiwkCAwEAAaNQME4wHQYDVR0OBBYEFPfXnI4wJZG2AzoMj5AbZHoiTHp9\n" + "MB8GA1UdIwQYMBaAFPfXnI4wJZG2AzoMj5AbZHoiTHp9MAwGA1UdEwQFMAMBAf8w\n" + "DQYJKoZIhvcNAQELBQADggTjACd/BFFw29X5lkQA+o+NqQlkoKhFMjReZgkt9ou8\n" + "zSEhAbbrVMdljUjRAbs0FevIV23MJRv4st//JWl/H/OcUHYfHwTkYD0SZNJ2BDvM\n" + "9K4ItGvwBlYilPxcwQmFCErjJuI164bXDHWEcc69XXK9cfKhV4g8JxEQptE5mHPi\n" + "RcFCvN+Z2h80+c+M6xUGHRUIUHLdih9pOimhwT8msKcLBT3IcFcaBj8KO2Lr6aLK\n" + "/rADUMObkfBF1rMMOUo07GX/bJjt7V4Jj7v7G9OhIh+//a9LVE8sYWzoqAf/hBDE\n" + "vrX/5JRToUIQl6bxaVyDnCGdrUh9qfiRC3sNVKnWksGdPked2V2hUonr2UZZy4E4\n" + "feDcICkeZ9cUvIBmi+oPfWJnQ7Hb3HBToZG4lvsO1EIRJDNv3vXz9HcRFNNkvLE4\n" + "Xidvs/v1e2nTemGFzDyV1hUIevXza4eydgFDrjhWdHFj6HMNaJ0WXINBQ4Vl9AW0\n" + "X3BuPZC9TbLQlUKfJz9GdRjuj9eQtA0pEeToB6ySYePeyQmqTEdO9ufYoa1L0Sdt\n" + "ueOGqQW9BD55sb2lbh53TsyHPgklYKYJ/fJd6Df1ox4DIeFZ/sCTp7GMtgPizcA0\n" + "OYOtamtFL3upLQsr8hu1NWmdX3/qXYUycpt0W0g4F3bKILk6O4gqNYA7AOEWPY7B\n" + "hRD84fU3jHjDfAc2TbL/Zc/54F33SM/NA1WmkYKThlTRy2VQ7yhZKkiluapQ94BL\n" + "umMfyRPSUSNnWJzPLKoZ7701pR2Pc0AWY15zcCuUsNtB1vAnmAeOggBvzwc4xshc\n" + "g1E/VSYXID0Fmn0IF4ZLJdOK8pA9ae5dGj2kmk8Spw/wSSHe+dGDL708L2/q19Za\n" + "rtDOAXLTzjUB/tinQuEk27LhrVKV7TY5mS/HR22glH8PVIZ2X86+9Ad/d2CqWJSV\n" + "ukuuXfzsUuO2ElDz74dH9U7jOYsulo0/0OKR9pjVmmDtAji+Hc1TlSjEOKyuCfqI\n" + "7A+3SorkrEFqWxmOb9Kv2Z+hE/+RF80k3CvNfD8taxIkGUyj8dSlytMitnzS/PA4\n" + "6EwE2Vxsm39CvcWgqSTAaYzC5pLZy3W5ATna0gU6em8bMpliNo4HrIKB6c27/ScY\n" + "OTYc0DK/cpREOFxz3C20agiRVCn7Vt+vdnBqh4yj/l5hhrlZXrn0iDyr67g5E8iL\n" + "enXeGhuOzIJw70OfB/WdVXkmopgBm9J0yVgL7UR8uN0Y5SQCy/4L26YOdxk/fmbE\n" + "bGfsS2AvFZZ4dP0hYmHQO2F0UfQ1iYe9R/cF6TqhtRLuVAXz9wbwNf+pCjJuhg91\n" + "WY9Lpo5onkoUal4e325xAASnsWAMoFnpS+D/VOPmOuWmnjAj8001ueXFCPKb8VK0\n" + "G1dxTZrZs0KPi4xrLSF/5L6n5H7VM6yRnX1BUun96lBzV45P3rAhCy+7r6IHMAqJ\n" + "VuM0+G/s9ZHRnmm3RwM4ufRGF+uSVzcBaVB0iPTXKWPDizBTgowa2CqVGmFalEIm\n" + "XPWqyhXwgctDCre4P0QYKSqoSaZ0aQaoPGZ10K3m12Pq69gmi6aRKhse7MkfQtho\n" + "+3Gix3f5m0hgDjp/v3UApfP+bAObOODGG+MhJJOBJlmZE/B1jwyJpV/YjHi2VRsm\n" + "GkcJOt7A+6vGf1zPNNoB+/fAd6B+\n" + "-----END CERTIFICATE-----\n"; static char client_key_repro_pem[] = - "-----BEGIN PRIVATE KEY-----\n" - "MIIWOwIBADANBgkqhkiG9w0BAQEFAASCFiUwghYhAgEAAoIE4wDFrkizbnbH5DQk\n" - "wRmhTYNNlWpM9AwV+S/1suMUKtu1RAKMQHXzug+H0cS8SqS4LmFWXYf6Q9ru7axi\n" - "u2E80J0xd3+RUCZIT2JLuwq5Xxn1QREd6s/S2nTr3jxamy4N7iJSwrMMuRDBPfHe\n" - "mfOPR/taNCQsHHuevnfckSgqlTQqrpmHlQdJqkl1nyPTLqwBn1ANgge8GRcz4vqC\n" - "xlQ5Xt2oTn7vV76j66lRmhGSnCjByQiO+20IqahpRJ+zAGbyn1z/wbBrD5Nb3T82\n" - "ICCOWVy7443RwUQb855ya2d9ikjMXXgzx5bZCM4DsrnU8/YQhgzqwnNnoRScJSQs\n" - "eDy1XKW4Y0hT7T+lwIrc8rQA9qEoItDLQog1xhLyiY8dSCJdZkuezZau8mKeSFwO\n" - "oOEgN3kXdwYt3Nqmzk0qaBE2lkkUYLioA6PQwWqRT7cvKrzV8QpyauGwBONWm280\n" - "Onf+AWImo2vLRgKZLdCduiS6AIo95ZwlnJd/1DNWUL80ZkZBc3SdwxSQIMRtByxt\n" - "jPTv1O7iH788wWsigVOpzgOfBtM06mCeUwd05kiHCXnaVJGOen9WPIl4+mPdnXt5\n" - "VuhVk+zapy6R0K2NQ8Fnz7JwhV4N/xoe27r125LScIgPfNdvu8612pxDi0dj9KY0\n" - "RUrbABdmHR7ZNQzY9Pc6kJx79MF/67ZGH231u2/vlcjxBtjrxKVlROcVkQuwTsg8\n" - "OB3AgRFeIg4x+ZMvpc0ECSZYSxVAF8eI/nl3kHhv/emeJDdGEGvRfyliHybQcBnI\n" - "UYohT/x6Ac8QfoRUVCVvOYb+5s1vwkY3B+IBONuvoFYv9oX/iXGovX+A5D121m8r\n" - "i3Kzl0hdxI3/8JET+uFQIKX6SDsO5d32H/GDVByeeQgbKZRvruU0VdnH9qWX0fTw\n" - "CkH2V259zBoW9aFzfuwZZOdoukSfE02qU8Cv0b0EdkC1R7OsZLHv5hEkofrXF6+6\n" - "iZN4xf5PUeU79hIqhfZHdCT0KVZDOtPvdwJiERqLlsMU70xfTSFFR9cEqXa7wYTM\n" - "zPA3/WhJa5cxhBtbk0/5QByEGLzaKFHbODZL5bOXg0Javu+PA1dqPR7VQrALGTbK\n" - "kbHt1f9RF72yS21mCv29rw2tbpo2iSJOAboEqrix+O9upnf64CI+DpCeeMsQaLN9\n" - "Uaejj65+TLfLnJzcwiAu+vGjwiEenuJep/l5s8F3JigG4CERGnsIMFwgOg4VbbHK\n" - "WPBPClp0wKYLauYma7A2/EpPWv0Rn+OKrCJXDzO6Fhw/QtMzkH46UOs4VUFb3NEX\n" - "iVIpffT9xHtdo+UZLpZthOy64l5SdaxLjaOtCI5AfzzHjOstyrCRyEuXlIHDrLBL\n" - "RECzMEjw6QfMWZsEivpDS+CZ/L66B3qyy/kRzwiZ+DVRB0FZyXOBamlvwkUFONjy\n" - "R6q31uBV9l9X5w6O4xOo50c/967ifaH/p8QLB3iyTXZ/J6wqBVu0yQxc6RNQJ4Yi\n" - "y2yu9FfsEC6lEhJduX6AAr8TDSQHhiKhcjnUU1U7t4iQSRkh1Yt+v0naJLGI646W\n" - "CFhzi/4Ik4Vbr8MgGEr3oiHTKC17O24ngP4YFdfHuHiYfKB0CTrM9C1n6dvP2o86\n" - "XStLcXpc6ZHsaBxdfpnF+mPgB93/tcVHcie2qUduo29KSRlwimKLCQIDAQABAoIE\n" - "4itvYAoM+4xwWAS7aSZIIdGqQvElroIlfqQ96idEQ4JQrz6h60jiWQc+0DuPKyJN\n" - "DpYrdvVGc5SMJJSNF5CFRgTYfO8w7Th2OOLq9jBE9S8uXNR2A7QQzCAHdLtz3Wqy\n" - "KFiG71CcWVIcikifCyUwa8omKsyGdaMrtqqAOpMgtZWrR5DC7hcBk6KElRqR5rl0\n" - "h+Jv78MkwDRmayTQ7zCr54hTtxBf90ONRGbps3LDXTE3Ouov1IVSwe5fZbevHu+w\n" - "lH6d0GW1xmso8fqylHSyre2a0k6EaLK7lNUPRG4RNG2zG/ZEpKCLjrjBTJO+BxMa\n" - "YTwz/aeHfT/R6WDcCnrPIJqjNgE64AFLjTd/HI4Zos9u1vHSbJtkKkWgdBG7B9H9\n" - "6B+8jJ9kIscknxWXw9+QUMsXHAR3wpNkQRBQTXfxDZ2souZH5na4CPJk0ZtLiLJ5\n" - "hBIf6fcDG/CrtoODVVo6c5aJ0eWYPHnr1yrQ+8Di3X08NlMNVTyBI8aTd2/MCSPY\n" - "eocvlhUVHhPWv6xSjH8mClclIp/239N1Fyz4V1NZ7I5z8UbYd4r4DnedXWjbrB/i\n" - "SphoNMygN9E6CSdgMSyclC53DYR8laW0fYqR2GNg6omow9SD81CSLnCOyVad17h1\n" - "S7YpkqxErisIVnylvQzhuEJ3o4+WWHxTVv9HRxr1bI7u+93sify0cqPyBXTwTDmB\n" - "u9XEjgHvHOJgbR7ONbtWoLpOQVA5xl1x0NpSKFq+JK0wjGdNguMCm3QAFpTo4DxE\n" - "32voxO8KaTzjZMbfI7quGIu2WgkFw43D73XA7iiUDg/AYC03TjF2jM7KLCXdxROg\n" - "35gRFl1AFRfTV39VwxN/pMGNx5mVgxsQDtwPmrbv+rMlTOgn9gBAXw+9P5ClV6bl\n" - "I6BdmNVx2RLf1EnTBYeq8FqEcSX+AkG5+TdP5Oaq/pNdP5s0UzoxI2NyzqZF24kH\n" - "F8ixnTQma8Q0s6TapR0OqLaNCj4EN/jnb4FbKS8h9oGmJTUy6J8lxraChQkUhA5t\n" - "yBOM++NmiaUJQc88uZMAI7+6kBDEUPjZlhJTO3iaWJVZm7i0IErySHQ+Jj12sPuo\n" - "nFtSh3GTjWDGZANufiTy0KJDopTYZp3m+iv3/5KhkbLT/gdM+SoP4mGRVC7ZYbqd\n" - "ibszOv0lbN6zLcQjd7MEMMk4U5N3hDzo+Jfg8zbC/Q3A0GhgDDVhmywL7uyMCj+D\n" - "+JW0T+bqsxbCUHJARSgZMR1tE61GJWJ8M8Nj+7WLeYAnzo8PrrDS1rHTsav6YBUh\n" - "3sjg12UG5nAhMUC+jiL75OOTpzqkzSvcB7nGhLo+0DERtkKuNeUOnfKnEA4W/p5b\n" - "QtEdTlTPMPiaFWLaQ6iw5i+rMJgNJp5oUxe5NILf4aMI3OgjX3yZwqo/vo66EqZG\n" - "9qo6isHr4fj8jy9De5XnECeJyEQMl6Yv4KjuX8t2aGJnAWEUMCEtVJw3Zi+0O7wE\n" - "OPoRBp8noSfPsNNww1nsK85IoaYdcS0fmisom36TOo3pKTZc6ZcpQ4sPUrMJ9aW1\n" - "/UC7lptQcTKgH4FORICXNV/xojIPCFQD3GTZofCFlvebGanv7pzgGp1N6fzuO2eI\n" - "b5bjvy4BNRiV106ltidEZXG2+o6zVNsdNI5zvNNDceFx8mf7EJaVaWOrpp9LEFLS\n" - "ESUBAoICcgDrL2cZ1Om4iMgIAS00cYO9nchWx5s/MdDF7vZgBACjNmEBZoqMpNZb\n" - "NYjbGcIfj1WnWrp7jMoyyWbqoAaQAMyUWTvnD4ftsOAASVbWUpv1FdiqTRlBZVva\n" - "Gqy8rSyZa2H8Pq97mWA9w1zlZOrJMtybpk28iyjRy5TZSV58OM5qO6KlhCy+HHlP\n" - "UCOQZ+AFLOB1BPI4D64uKp9kzadN1g4EQMvF8WnAupU0k20h8CDIUdctxnny62X0\n" - "J5aPhsq04ci1TU+n6WAM/yStTcUAd+JZua4kXymlpDr2zSsqtgz0Axcbe0FVYJG3\n" - "uvDco/fgyAEa9M4gQt3oatQ0LeqqzLM1761JbnGQikExQM8KoCrfGQ6MUzYyL7KU\n" - "VXzuXNvvZHyT5NzKrxaGTcDlY0vvqrxei17kSjfBdss7eH+Tqytzg4SyQab0NvnN\n" - "W5+Rw0opol4El+LRFARERXp+HerFaU3Er8pZqlpnDA/XSlEy5jXJcwCMWABTuuvw\n" - "5nuTw9l1SEpnYm7x/x+P73gCUdOMeGX06w7k2Y3JnUvifJUrh9axMjCIXAMLJM7a\n" - "1EF7reOoJtVN/7slxh1eTAx3xFAZ+iDte5yEqNK375SlVWMm2BnbvG3H50fCx9Lz\n" - "KZ8cOKYKNZ5Q7iImNQ06jjoQzHAI4oJdvjutvm0TZSjDFUBHgcFTgVdZZIXweJSi\n" - "63QRDQdjyoaB3jowDRwP/AWI2o2QzapmG8zEB7gDafbam5IROf0gcj+/rUo9Dlor\n" - "QMI07d0qpHhL+VAcn3b8MI69rv4moB8Kf9RqdRyVJ3hua7pQ24B72KjC93noUrW0\n" - "lILbi65C4AufAoICcgDXLSTE9lkyrSr1Lamb3ag0SWbernBtkkTJPktloD6drQg7\n" - "lsXAFaV62SazBmg2ZtayB9D9HUU276F0sWQbxBD9hO/WGnVOMT7rgu5WMuUKid+H\n" - "oWj5oT+KMPccoPjrsBZHlXvpgtb8M5dp+l1HyRR1YN4J6y6oEhRDoWAApDgA1B29\n" - "nuICrMlMFE0TkNFz7YsiMMkDYAVGbjjPhCJu4eD698Ktopl1BUAKJwfI+6mxDDSu\n" - "+F6z2/0alJYo5Qb6+YsUSOpjCyRwQbahO/3drb4Gv1B5DmiHDhSZ5UwzUQbHdBAE\n" - "9PeColcWJtW5msRuxwZkbE4QGuWzQyBGgmy8bF0hpcaE0nbn0RQEqHHngcrTuu1l\n" - "zte9k8z6BLwYnVFcJyfTjGWqEr0Z5M8gpVNY0OHxuqHTpXMwFigzwEqH5+EHtGGZ\n" - "NN/daeUTyJgU+OFnEtoHfDCRoGrNbW2LgifJeOxvGvczVcF111jfuSehoVvJG1kl\n" - "1iQXwj22HHaDvJFQRDgEMRXnz98UikQwLolfSJF4qKENPdhWq3jmVCjdFLPuvxq4\n" - "q0fGLa19XWPfLZ/Fw0Oyy54Fq8Lm67EkeLouAB3RbSg9fwBNJw0p5XTiHykR5pBa\n" - "b7mkch/+GPrhuA/tsO1U1bFn1ykGswSTiUzdtBbYRXuczX6SoIuJgCqwI2RIZ9cS\n" - "k4bwnAHEcLHlZ2pzaGNRfEjKUnNgXsUo6txi57UXwaugvQ8eQiDQgYXKlj6jNden\n" - "2RwXhBHPFF+FRh0PGcGKOpqjptb3r/EUl2C7RDsXLClhJUpDDWb/0nnn175ODSeM\n" - "DKcHf6d+CBh28n1mumhXAoICcTAiOoKx7cfDztS8kOjr1p+nPEpufdqYMndgKfKK\n" - "vyqoRYBI4VBZqDlwonrdMbrN1iTzT7lbnkJ4r+STLeSpFTXDcZwftJ00FxRX7jrd\n" - "G2g0uWxZbTLSMNNZpELVWoxnyt0aY0XzpRve8RNN7TOSgk4k4kIVZRxTAzrZZkoc\n" - "QjrBy87+Vz3ti/Jsn2q9p77HaYTppz1MEEUImijCYlxu092Q+WOgvhkg1sq05aAN\n" - "ilgVT+nhdjH+dZZbx9fGKZSNpUtd8FCYVf0y9um1Qf2Pi7b7ZqWxCFALZbn/Ubdj\n" - "HRGP1FnehweXRRuKWiN+N4w8wuUmd01pAgvAWX/4ac/dJ0yBqkCeJwYDFcaj0fwF\n" - "veB9O1oC6dOpqW3sdS4/uQ+szEZkj7+3x+9i2HjaMr9xfS4Ibjpg6jphOsUIK2wo\n" - "mzMAFtd40lenLMcX2ne1tWcCASYFg/lwlFL4uVI4g0U2ASGhLNPfJrNyZ4eTgTze\n" - "muGI9PLETATW+9UJBv++FLKJQhkYr0Y+BdKqmzA2WQql1ZAjz5+M2xUJaW+IOet3\n" - "2LvZXs95rXHJbcChsmlCtJZEpGFbVo0rl/UlsWONvSsj4ztXkjggaUgV86FG8Y0Q\n" - "q3IqhXllX22BAi6cNSFMgscSJD3CDyEsuHFkjIPFo6Rd33qaJZKwp5hRmt8aaVZ5\n" - "Ov0BOsRj63nE4/7YG6Alv35wA8lulxAgjr7CwMs6l8CsJxTQ2b7BKashM9GYB3QZ\n" - "HzJVz7BGIiyO1GuHzHeSuzIwCSLbesbw6CRDN+OgfgmfudqnQO0s3NW2B1LqH27P\n" - "DePK+vc0OTIQQ3oa7xFJ7DdprVcCggJyAM8itfKk8tjFukSq4Esa5YDv6AcVBUV1\n" - "OKJBRXNe/ufqWbKDQXnXXKUVxRsxX8B+3s4imBwQwUBRDau32Baid3iVMAt7DNFo\n" - "tpkgQS7Zb4LlljiKOPOVNgVhfYAhtX2s1MW0MMRpH2tIfsmWKZWhDACybww9SXyh\n" - "asBv6Gq1qvOhPb/74rWQf3atVEUxc2+VjAotzFNja7CRCj85g6wZ5Omy98UOcYsk\n" - "srETQXtIR+IXTd/hV8jsTIn531MepcmTzz6HspoFb95gY95yUb/EMNlt8ZmXNShN\n" - "dadwBBqiNVRrdcBP0LQAcrTwTW2OfunkzVJ+r+bw/Y3DYJ5/jw0Tg9OQMbpKoAwo\n" - "SIzzWjLxzr5jg4QtyaDFVtyXEjrftiJvzvbmgDdoMoFqsblLbSBidB6u+nkzG99+\n" - "dNTcluKdZRJ1oj5Jl/ccqViSEVSfANyoWRo7gsWtFyMJ5BoYARUBQxjxbGYOd11p\n" - "IDS9mFkPa7v8h6TUr4nvglh8rdnC/F+4S/Q9DElK4gRz1ZBMPBFtWhw8uEx27HsC\n" - "NjADdBLeixeY/7AlscIk1o2ICUweL1/AyLqlKEltPwHsgWoKja8ajZm86q/IQhID\n" - "NbjPGeVS+cYxnWRxiNO0yPdiNKB0/2BgoRa5Xz4G8YdxbUZZNZV2d0daG9SmPOIJ\n" - "ikmjB3TnnPHWhENtoMieZVUk5xteoirWokUezzN0i3yJvmHVNLJBOyLTXNQvKw6F\n" - "ufD9vj12xHV4r1D0vwYkLMCbbBhvlimjMZxPLe27/dQRmpGn54Zd+EQmTu8lZoeF\n" - "r1E03AVCuf+IyjkXNPMS/7ljManPZMgvSaECggJxdDsg+VIkO4id44ATLjZ006oB\n" - "C2S+xktCmj1/GUXLwn4XkaWJU6C10rADD139hGyoBdWFZeHq2MCNJ2agKYqrPa6O\n" - "qt+GkIDbbQ1AtUqW4xEL3koMhe7g4CpqI0n07orAoqQQGvmrTqhNCOz3ftMQKtkM\n" - "qoiLwbdEU0X0s41vkCDxF52448ZMYQ5327kAa5mMG1lYrS7kQ9tLJ45z7RSw7Pan\n" - "tTi18cLE42kOe/wdaK/nakjNoIUcJC8VqYJ75IOnkxmMrP7wWpigHojLjjG2rCiU\n" - "qYwS+E5f+3WhESvu72DXjCClI/QQ5iQ9+BDtXzfzxVxpNicaAZtAVns/JPMzkVEH\n" - "A4efNXo8CwOMCyqhnKxKuprPAekDwjYyr6fI2iqcfb0TpnuAp9fOkjgkVZIuLAs7\n" - "gsyms9eniaFCGNLAwTkfEjxBVGP/5kSaka9w0Vj6g+mfeqEw2frD1LfEU5l2/F0t\n" - "iFYmtmgxpAnlWOF+Y6dlKqFwZbFiqzSZNMwzn29Lhx7hONJqzMzGhjk7heYwB7A8\n" - "8bloepcbvWcZJ/2dhmfsgk8CXVW22C0jB/nU2NpAcTki3TVAZ40cbt1fTdgS4tRJ\n" - "zR9OgLsjfuTo0LbEPbPDldytP1Xcdw+0hdxdYUv+G2UsdNKAcx+c+9VisogwQ5Ms\n" - "dUuE9B5EJO5cd8hz2w6SJ7Fe0uQHnXM0I+EtycCLcTjyO/ZMkQMZh7Yj37oOB+tJ\n" - "D2uAHdq0IHmBrEQWHOBuhwNNLtu90yfzT8hIPPmoY7ho+qIu+QhD65FLVIu1bU+3\n" - "nfEvcF4wdqMneAh+KlLyZbGSZdhZpD1YjP8cNvcO6w==\n" - "-----END PRIVATE KEY-----\n"; + "-----BEGIN PRIVATE KEY-----\n" + "MIIWOwIBADANBgkqhkiG9w0BAQEFAASCFiUwghYhAgEAAoIE4wDFrkizbnbH5DQk\n" + "wRmhTYNNlWpM9AwV+S/1suMUKtu1RAKMQHXzug+H0cS8SqS4LmFWXYf6Q9ru7axi\n" + "u2E80J0xd3+RUCZIT2JLuwq5Xxn1QREd6s/S2nTr3jxamy4N7iJSwrMMuRDBPfHe\n" + "mfOPR/taNCQsHHuevnfckSgqlTQqrpmHlQdJqkl1nyPTLqwBn1ANgge8GRcz4vqC\n" + "xlQ5Xt2oTn7vV76j66lRmhGSnCjByQiO+20IqahpRJ+zAGbyn1z/wbBrD5Nb3T82\n" + "ICCOWVy7443RwUQb855ya2d9ikjMXXgzx5bZCM4DsrnU8/YQhgzqwnNnoRScJSQs\n" + "eDy1XKW4Y0hT7T+lwIrc8rQA9qEoItDLQog1xhLyiY8dSCJdZkuezZau8mKeSFwO\n" + "oOEgN3kXdwYt3Nqmzk0qaBE2lkkUYLioA6PQwWqRT7cvKrzV8QpyauGwBONWm280\n" + "Onf+AWImo2vLRgKZLdCduiS6AIo95ZwlnJd/1DNWUL80ZkZBc3SdwxSQIMRtByxt\n" + "jPTv1O7iH788wWsigVOpzgOfBtM06mCeUwd05kiHCXnaVJGOen9WPIl4+mPdnXt5\n" + "VuhVk+zapy6R0K2NQ8Fnz7JwhV4N/xoe27r125LScIgPfNdvu8612pxDi0dj9KY0\n" + "RUrbABdmHR7ZNQzY9Pc6kJx79MF/67ZGH231u2/vlcjxBtjrxKVlROcVkQuwTsg8\n" + "OB3AgRFeIg4x+ZMvpc0ECSZYSxVAF8eI/nl3kHhv/emeJDdGEGvRfyliHybQcBnI\n" + "UYohT/x6Ac8QfoRUVCVvOYb+5s1vwkY3B+IBONuvoFYv9oX/iXGovX+A5D121m8r\n" + "i3Kzl0hdxI3/8JET+uFQIKX6SDsO5d32H/GDVByeeQgbKZRvruU0VdnH9qWX0fTw\n" + "CkH2V259zBoW9aFzfuwZZOdoukSfE02qU8Cv0b0EdkC1R7OsZLHv5hEkofrXF6+6\n" + "iZN4xf5PUeU79hIqhfZHdCT0KVZDOtPvdwJiERqLlsMU70xfTSFFR9cEqXa7wYTM\n" + "zPA3/WhJa5cxhBtbk0/5QByEGLzaKFHbODZL5bOXg0Javu+PA1dqPR7VQrALGTbK\n" + "kbHt1f9RF72yS21mCv29rw2tbpo2iSJOAboEqrix+O9upnf64CI+DpCeeMsQaLN9\n" + "Uaejj65+TLfLnJzcwiAu+vGjwiEenuJep/l5s8F3JigG4CERGnsIMFwgOg4VbbHK\n" + "WPBPClp0wKYLauYma7A2/EpPWv0Rn+OKrCJXDzO6Fhw/QtMzkH46UOs4VUFb3NEX\n" + "iVIpffT9xHtdo+UZLpZthOy64l5SdaxLjaOtCI5AfzzHjOstyrCRyEuXlIHDrLBL\n" + "RECzMEjw6QfMWZsEivpDS+CZ/L66B3qyy/kRzwiZ+DVRB0FZyXOBamlvwkUFONjy\n" + "R6q31uBV9l9X5w6O4xOo50c/967ifaH/p8QLB3iyTXZ/J6wqBVu0yQxc6RNQJ4Yi\n" + "y2yu9FfsEC6lEhJduX6AAr8TDSQHhiKhcjnUU1U7t4iQSRkh1Yt+v0naJLGI646W\n" + "CFhzi/4Ik4Vbr8MgGEr3oiHTKC17O24ngP4YFdfHuHiYfKB0CTrM9C1n6dvP2o86\n" + "XStLcXpc6ZHsaBxdfpnF+mPgB93/tcVHcie2qUduo29KSRlwimKLCQIDAQABAoIE\n" + "4itvYAoM+4xwWAS7aSZIIdGqQvElroIlfqQ96idEQ4JQrz6h60jiWQc+0DuPKyJN\n" + "DpYrdvVGc5SMJJSNF5CFRgTYfO8w7Th2OOLq9jBE9S8uXNR2A7QQzCAHdLtz3Wqy\n" + "KFiG71CcWVIcikifCyUwa8omKsyGdaMrtqqAOpMgtZWrR5DC7hcBk6KElRqR5rl0\n" + "h+Jv78MkwDRmayTQ7zCr54hTtxBf90ONRGbps3LDXTE3Ouov1IVSwe5fZbevHu+w\n" + "lH6d0GW1xmso8fqylHSyre2a0k6EaLK7lNUPRG4RNG2zG/ZEpKCLjrjBTJO+BxMa\n" + "YTwz/aeHfT/R6WDcCnrPIJqjNgE64AFLjTd/HI4Zos9u1vHSbJtkKkWgdBG7B9H9\n" + "6B+8jJ9kIscknxWXw9+QUMsXHAR3wpNkQRBQTXfxDZ2souZH5na4CPJk0ZtLiLJ5\n" + "hBIf6fcDG/CrtoODVVo6c5aJ0eWYPHnr1yrQ+8Di3X08NlMNVTyBI8aTd2/MCSPY\n" + "eocvlhUVHhPWv6xSjH8mClclIp/239N1Fyz4V1NZ7I5z8UbYd4r4DnedXWjbrB/i\n" + "SphoNMygN9E6CSdgMSyclC53DYR8laW0fYqR2GNg6omow9SD81CSLnCOyVad17h1\n" + "S7YpkqxErisIVnylvQzhuEJ3o4+WWHxTVv9HRxr1bI7u+93sify0cqPyBXTwTDmB\n" + "u9XEjgHvHOJgbR7ONbtWoLpOQVA5xl1x0NpSKFq+JK0wjGdNguMCm3QAFpTo4DxE\n" + "32voxO8KaTzjZMbfI7quGIu2WgkFw43D73XA7iiUDg/AYC03TjF2jM7KLCXdxROg\n" + "35gRFl1AFRfTV39VwxN/pMGNx5mVgxsQDtwPmrbv+rMlTOgn9gBAXw+9P5ClV6bl\n" + "I6BdmNVx2RLf1EnTBYeq8FqEcSX+AkG5+TdP5Oaq/pNdP5s0UzoxI2NyzqZF24kH\n" + "F8ixnTQma8Q0s6TapR0OqLaNCj4EN/jnb4FbKS8h9oGmJTUy6J8lxraChQkUhA5t\n" + "yBOM++NmiaUJQc88uZMAI7+6kBDEUPjZlhJTO3iaWJVZm7i0IErySHQ+Jj12sPuo\n" + "nFtSh3GTjWDGZANufiTy0KJDopTYZp3m+iv3/5KhkbLT/gdM+SoP4mGRVC7ZYbqd\n" + "ibszOv0lbN6zLcQjd7MEMMk4U5N3hDzo+Jfg8zbC/Q3A0GhgDDVhmywL7uyMCj+D\n" + "+JW0T+bqsxbCUHJARSgZMR1tE61GJWJ8M8Nj+7WLeYAnzo8PrrDS1rHTsav6YBUh\n" + "3sjg12UG5nAhMUC+jiL75OOTpzqkzSvcB7nGhLo+0DERtkKuNeUOnfKnEA4W/p5b\n" + "QtEdTlTPMPiaFWLaQ6iw5i+rMJgNJp5oUxe5NILf4aMI3OgjX3yZwqo/vo66EqZG\n" + "9qo6isHr4fj8jy9De5XnECeJyEQMl6Yv4KjuX8t2aGJnAWEUMCEtVJw3Zi+0O7wE\n" + "OPoRBp8noSfPsNNww1nsK85IoaYdcS0fmisom36TOo3pKTZc6ZcpQ4sPUrMJ9aW1\n" + "/UC7lptQcTKgH4FORICXNV/xojIPCFQD3GTZofCFlvebGanv7pzgGp1N6fzuO2eI\n" + "b5bjvy4BNRiV106ltidEZXG2+o6zVNsdNI5zvNNDceFx8mf7EJaVaWOrpp9LEFLS\n" + "ESUBAoICcgDrL2cZ1Om4iMgIAS00cYO9nchWx5s/MdDF7vZgBACjNmEBZoqMpNZb\n" + "NYjbGcIfj1WnWrp7jMoyyWbqoAaQAMyUWTvnD4ftsOAASVbWUpv1FdiqTRlBZVva\n" + "Gqy8rSyZa2H8Pq97mWA9w1zlZOrJMtybpk28iyjRy5TZSV58OM5qO6KlhCy+HHlP\n" + "UCOQZ+AFLOB1BPI4D64uKp9kzadN1g4EQMvF8WnAupU0k20h8CDIUdctxnny62X0\n" + "J5aPhsq04ci1TU+n6WAM/yStTcUAd+JZua4kXymlpDr2zSsqtgz0Axcbe0FVYJG3\n" + "uvDco/fgyAEa9M4gQt3oatQ0LeqqzLM1761JbnGQikExQM8KoCrfGQ6MUzYyL7KU\n" + "VXzuXNvvZHyT5NzKrxaGTcDlY0vvqrxei17kSjfBdss7eH+Tqytzg4SyQab0NvnN\n" + "W5+Rw0opol4El+LRFARERXp+HerFaU3Er8pZqlpnDA/XSlEy5jXJcwCMWABTuuvw\n" + "5nuTw9l1SEpnYm7x/x+P73gCUdOMeGX06w7k2Y3JnUvifJUrh9axMjCIXAMLJM7a\n" + "1EF7reOoJtVN/7slxh1eTAx3xFAZ+iDte5yEqNK375SlVWMm2BnbvG3H50fCx9Lz\n" + "KZ8cOKYKNZ5Q7iImNQ06jjoQzHAI4oJdvjutvm0TZSjDFUBHgcFTgVdZZIXweJSi\n" + "63QRDQdjyoaB3jowDRwP/AWI2o2QzapmG8zEB7gDafbam5IROf0gcj+/rUo9Dlor\n" + "QMI07d0qpHhL+VAcn3b8MI69rv4moB8Kf9RqdRyVJ3hua7pQ24B72KjC93noUrW0\n" + "lILbi65C4AufAoICcgDXLSTE9lkyrSr1Lamb3ag0SWbernBtkkTJPktloD6drQg7\n" + "lsXAFaV62SazBmg2ZtayB9D9HUU276F0sWQbxBD9hO/WGnVOMT7rgu5WMuUKid+H\n" + "oWj5oT+KMPccoPjrsBZHlXvpgtb8M5dp+l1HyRR1YN4J6y6oEhRDoWAApDgA1B29\n" + "nuICrMlMFE0TkNFz7YsiMMkDYAVGbjjPhCJu4eD698Ktopl1BUAKJwfI+6mxDDSu\n" + "+F6z2/0alJYo5Qb6+YsUSOpjCyRwQbahO/3drb4Gv1B5DmiHDhSZ5UwzUQbHdBAE\n" + "9PeColcWJtW5msRuxwZkbE4QGuWzQyBGgmy8bF0hpcaE0nbn0RQEqHHngcrTuu1l\n" + "zte9k8z6BLwYnVFcJyfTjGWqEr0Z5M8gpVNY0OHxuqHTpXMwFigzwEqH5+EHtGGZ\n" + "NN/daeUTyJgU+OFnEtoHfDCRoGrNbW2LgifJeOxvGvczVcF111jfuSehoVvJG1kl\n" + "1iQXwj22HHaDvJFQRDgEMRXnz98UikQwLolfSJF4qKENPdhWq3jmVCjdFLPuvxq4\n" + "q0fGLa19XWPfLZ/Fw0Oyy54Fq8Lm67EkeLouAB3RbSg9fwBNJw0p5XTiHykR5pBa\n" + "b7mkch/+GPrhuA/tsO1U1bFn1ykGswSTiUzdtBbYRXuczX6SoIuJgCqwI2RIZ9cS\n" + "k4bwnAHEcLHlZ2pzaGNRfEjKUnNgXsUo6txi57UXwaugvQ8eQiDQgYXKlj6jNden\n" + "2RwXhBHPFF+FRh0PGcGKOpqjptb3r/EUl2C7RDsXLClhJUpDDWb/0nnn175ODSeM\n" + "DKcHf6d+CBh28n1mumhXAoICcTAiOoKx7cfDztS8kOjr1p+nPEpufdqYMndgKfKK\n" + "vyqoRYBI4VBZqDlwonrdMbrN1iTzT7lbnkJ4r+STLeSpFTXDcZwftJ00FxRX7jrd\n" + "G2g0uWxZbTLSMNNZpELVWoxnyt0aY0XzpRve8RNN7TOSgk4k4kIVZRxTAzrZZkoc\n" + "QjrBy87+Vz3ti/Jsn2q9p77HaYTppz1MEEUImijCYlxu092Q+WOgvhkg1sq05aAN\n" + "ilgVT+nhdjH+dZZbx9fGKZSNpUtd8FCYVf0y9um1Qf2Pi7b7ZqWxCFALZbn/Ubdj\n" + "HRGP1FnehweXRRuKWiN+N4w8wuUmd01pAgvAWX/4ac/dJ0yBqkCeJwYDFcaj0fwF\n" + "veB9O1oC6dOpqW3sdS4/uQ+szEZkj7+3x+9i2HjaMr9xfS4Ibjpg6jphOsUIK2wo\n" + "mzMAFtd40lenLMcX2ne1tWcCASYFg/lwlFL4uVI4g0U2ASGhLNPfJrNyZ4eTgTze\n" + "muGI9PLETATW+9UJBv++FLKJQhkYr0Y+BdKqmzA2WQql1ZAjz5+M2xUJaW+IOet3\n" + "2LvZXs95rXHJbcChsmlCtJZEpGFbVo0rl/UlsWONvSsj4ztXkjggaUgV86FG8Y0Q\n" + "q3IqhXllX22BAi6cNSFMgscSJD3CDyEsuHFkjIPFo6Rd33qaJZKwp5hRmt8aaVZ5\n" + "Ov0BOsRj63nE4/7YG6Alv35wA8lulxAgjr7CwMs6l8CsJxTQ2b7BKashM9GYB3QZ\n" + "HzJVz7BGIiyO1GuHzHeSuzIwCSLbesbw6CRDN+OgfgmfudqnQO0s3NW2B1LqH27P\n" + "DePK+vc0OTIQQ3oa7xFJ7DdprVcCggJyAM8itfKk8tjFukSq4Esa5YDv6AcVBUV1\n" + "OKJBRXNe/ufqWbKDQXnXXKUVxRsxX8B+3s4imBwQwUBRDau32Baid3iVMAt7DNFo\n" + "tpkgQS7Zb4LlljiKOPOVNgVhfYAhtX2s1MW0MMRpH2tIfsmWKZWhDACybww9SXyh\n" + "asBv6Gq1qvOhPb/74rWQf3atVEUxc2+VjAotzFNja7CRCj85g6wZ5Omy98UOcYsk\n" + "srETQXtIR+IXTd/hV8jsTIn531MepcmTzz6HspoFb95gY95yUb/EMNlt8ZmXNShN\n" + "dadwBBqiNVRrdcBP0LQAcrTwTW2OfunkzVJ+r+bw/Y3DYJ5/jw0Tg9OQMbpKoAwo\n" + "SIzzWjLxzr5jg4QtyaDFVtyXEjrftiJvzvbmgDdoMoFqsblLbSBidB6u+nkzG99+\n" + "dNTcluKdZRJ1oj5Jl/ccqViSEVSfANyoWRo7gsWtFyMJ5BoYARUBQxjxbGYOd11p\n" + "IDS9mFkPa7v8h6TUr4nvglh8rdnC/F+4S/Q9DElK4gRz1ZBMPBFtWhw8uEx27HsC\n" + "NjADdBLeixeY/7AlscIk1o2ICUweL1/AyLqlKEltPwHsgWoKja8ajZm86q/IQhID\n" + "NbjPGeVS+cYxnWRxiNO0yPdiNKB0/2BgoRa5Xz4G8YdxbUZZNZV2d0daG9SmPOIJ\n" + "ikmjB3TnnPHWhENtoMieZVUk5xteoirWokUezzN0i3yJvmHVNLJBOyLTXNQvKw6F\n" + "ufD9vj12xHV4r1D0vwYkLMCbbBhvlimjMZxPLe27/dQRmpGn54Zd+EQmTu8lZoeF\n" + "r1E03AVCuf+IyjkXNPMS/7ljManPZMgvSaECggJxdDsg+VIkO4id44ATLjZ006oB\n" + "C2S+xktCmj1/GUXLwn4XkaWJU6C10rADD139hGyoBdWFZeHq2MCNJ2agKYqrPa6O\n" + "qt+GkIDbbQ1AtUqW4xEL3koMhe7g4CpqI0n07orAoqQQGvmrTqhNCOz3ftMQKtkM\n" + "qoiLwbdEU0X0s41vkCDxF52448ZMYQ5327kAa5mMG1lYrS7kQ9tLJ45z7RSw7Pan\n" + "tTi18cLE42kOe/wdaK/nakjNoIUcJC8VqYJ75IOnkxmMrP7wWpigHojLjjG2rCiU\n" + "qYwS+E5f+3WhESvu72DXjCClI/QQ5iQ9+BDtXzfzxVxpNicaAZtAVns/JPMzkVEH\n" + "A4efNXo8CwOMCyqhnKxKuprPAekDwjYyr6fI2iqcfb0TpnuAp9fOkjgkVZIuLAs7\n" + "gsyms9eniaFCGNLAwTkfEjxBVGP/5kSaka9w0Vj6g+mfeqEw2frD1LfEU5l2/F0t\n" + "iFYmtmgxpAnlWOF+Y6dlKqFwZbFiqzSZNMwzn29Lhx7hONJqzMzGhjk7heYwB7A8\n" + "8bloepcbvWcZJ/2dhmfsgk8CXVW22C0jB/nU2NpAcTki3TVAZ40cbt1fTdgS4tRJ\n" + "zR9OgLsjfuTo0LbEPbPDldytP1Xcdw+0hdxdYUv+G2UsdNKAcx+c+9VisogwQ5Ms\n" + "dUuE9B5EJO5cd8hz2w6SJ7Fe0uQHnXM0I+EtycCLcTjyO/ZMkQMZh7Yj37oOB+tJ\n" + "D2uAHdq0IHmBrEQWHOBuhwNNLtu90yfzT8hIPPmoY7ho+qIu+QhD65FLVIu1bU+3\n" + "nfEvcF4wdqMneAh+KlLyZbGSZdhZpD1YjP8cNvcO6w==\n" + "-----END PRIVATE KEY-----\n"; static char server_key_repro_pem[] = - "-----BEGIN PRIVATE KEY-----\n" - "MIIWMgIBADANBgkqhkiG9w0BAQEFAASCFhwwghYYAgEAAoIE4QDlLopBshMEROYt\n" - "nS3ZM02uRH0dFMreyhCNuoX5EPOsZRgTbGXM3myDqCWuIiFRf10OoSH8yzaT4nYS\n" - "tvz91Do3JM/qHsNXyQP5Ql4NQkfp9sl8gutog1Y3svWM6fpl/mZTPTLAJcW+HPi3\n" - "5GStCgnlXi6U8JLk4mmjuIt0m/O95x0EZ0qmC8Rn7Ijk8VHH24fMX3cWu+LSTQzr\n" - "WAGoBZWcl54EBm03GiUf92MW5CP3JpoTq/cwJ65b103GGC5CEhlFWaKTKQJ8EScu\n" - "ood3AUy7JvN13KIk+lw9cJ7Htw7GPe8ixzrsNaBIyJIiAFkS8iWYjfUGJkifM5XH\n" - "enMAx5UG6hdHWvbkrLL50Dpy46sPJvzNfMiY9ukVOaEMVSlXwHkuwMU/ZxyJL6w/\n" - "r3xS+xHdWQhDBgLFH4zIfUn36eEtDkGQ79B/wvx64M27mm+VLFWaS96lwfpmkmdV\n" - "940V0oTRVMYqIYfAfFX6Sr+U6GYF7Y6Te0vMLNQjHweCR33+1iUO4U21QYNA6ea8\n" - "Fs7wu60J9i+61gYJo+TN3hQPgBS+6R8ZIN7DNA6LRVB0dQtLIYhS7tPXm3sdOfP2\n" - "L72KftzmLYeYm9tDSx8BV9EN6wY3GfP8YJ7RQAwSWowEQLfleMUbI/ZAeIsJAqvo\n" - "dTQtUTDmzXWkk132HDe7bit+IIYSoUl70fOr4sJaF+cjPdWM6WjDUp7uSy//P3ZZ\n" - "gfhI14TWXIEh/0eNvHP5toWctRKXb0D79D5A4fNz79h802fxWDfUg4Ol+qoL8Ms6\n" - "NI3s1LTDDqJITwMQLFFuuUGvUD0x9WP0XHl7m2YcdQg1U1JP7vmMXsoa/zVcgovw\n" - "IFhiA69Umlu8BipEn9xeQjYdyBMBMRMasUjXgQt9OoLv43UqLVzjd1AtRURYZREO\n" - "T86gYU53SHHPvOyTA2U4ZyON0WVzPRLpHrg+9YhaL9bzXgcqtK13Zdj56B3jHgnz\n" - "ge3MmjYvJntGtCGl2D310FaG7GWg775Evh2I4np5nXsA9dnSqySFzAP3rJ/L5pUi\n" - "bQ+QDuYnNwATvRu57Gx3kgmMrMvKooudcpYlrekJUzjS6PfmsHPCYx97rqmeCvGZ\n" - "m8O4PmxC0NDr1MnTuBGjX1IOTuICrzHfoDPa07hxhOwQ35wa1a+aXgQGP3bqTISq\n" - "t9VV6/DWZ1NNsujAbbd+2oSYYhE9e4QZCCnpWQw1cmnwyVhvAVsTzkfDxwDDYBNj\n" - "+L/uG8BaoCuAtA1exDCXiLBwuS9fkwuO26NJoCx/hVih6sIqe7YS2qcubJiByMeU\n" - "YqPO/N7MrJK/psm7WG9Jby62xEYulfU28dYOFdjtFLaUY472Mo6Rxth6R9H/95tc\n" - "DX7ndmPMtYkBUJ91QyGwXLj/QozlH7woVzm7kdZmO5sCu4aezXylPnK7cTVwzTsk\n" - "3moucKsMshh9Sd+baxyVFrXlvntOGkrU0FdHh2aF47eCb5+agu3Aw6PHK+v9XsUR\n" - "FEw6xqqIp9aJsY6VkjM4zcglrrDJbAbujozRAZp7D5XPtSDfBAG7bdeZOCA4DZUE\n" - "QxY2HRJw6OeKLOclaEeCxW1LKBWW/oYbyo/0tK9ND+mk/WUOKXeBA47F+OGZLP2S\n" - "JzMWxJLuvL1XbMzHk/nrtN+mzgg1zbLdwuX9XUGcXQCDL2w3SCECAwEAAQKCBOAZ\n" - "dUIGajGSl9S53GvrZLeMVC9Ru62NcgTEuaOIN0naLKCwB6qHR23mchc9cK0i0HMV\n" - "3PBZlHlLlCxph8oyqBCPb5do+mHYrouydJzd/C7g3nkjS6e6xFwfc9GzBYq7KbdU\n" - "J8grcAa3R6CZTNWiIytWP1ANW2v14PC7LxTOr0Q0JCglBRRVvZjjsnLCe8wJ12kO\n" - "Wsxvyg84LTbyLaSBdZ1Y976l09Dt/gmBs4leUZltKuySoteikcXcjd4l0ynQTRJh\n" - "kcNtdXDBN2aS15sUrSBI6drBjPC2CtmUOZ5psPwDKX4W7uqssohLjXwuKru6Twu+\n" - "FobRWA9ZH/HTZta/j2wOiJJtar1iSYzYEzlq6b9mv331lZby5vqdUPmC1TLyfH75\n" - "opBGqr2Qv6ryqBu3XAxv+iPgzhogq5CH9OLylxhcWOkPoJQYnSBOxgoUfONIPtSD\n" - "f0oMP7ABFOJFumoBspDub+xTYcYiq60hUIxXjjlHD0x3NYsF8zTdceTzo91rIX6c\n" - "WIq5R728yD7JRf9W3oIqSR6kMoIZMAuKktDHqAKl8l9x+yTDqlSzQ8/cH+RRRDhQ\n" - "fhcqLCtQ488l2cfESrNfHk+htC53GzEmhQrD8QePt2JS9qittd+hak2Da20CIJhE\n" - "m4oPP1Sye4l9GQfiwNId0VTwIy6c2CWYvHQ4XoSGLURsbLYUsevE9kLGt2exb3wj\n" - "tlnRPqjmQbZz2uwpq0cmSMBPdnwMUpLPemb9MWAPUlx1oHwJ2Q+iIVJ7C0DQnmwV\n" - "P0aweVfKW8U3gf8B/97UjBuazKwab9Hb6thRESi7E/c2fc9A29JL9vQieE78ch8w\n" - "mEIp8SaT/l09gq6mTSUhYl6k5Z1iNHtrqgRr9uyfB5+fm4P3Hc5GzwCC38sU7rL3\n" - "zO6Dk5z+3VD2T9L+X9vZ6Z9mjvzKylQpZta8d5EAWkUiPaVY8xYcbtNKRahK5zFB\n" - "wgzTya1uFi9C0TBG07OONuT15bagbqjqsrZ6daLxqtiX6CUtNEAp8UWLlR3jW2/r\n" - "p1iE3AeW61MfKCmvsl+J9vZ8Vy+iisFaUVJWfhGFpH5WCO4idQiXZyjfsTAQhPV3\n" - "yBB65LVsXCZWXOiiwmmH3GIvY7fvVTQbM8Rz6FlLr8y8VPACsLJE2OnfRlwZvKaC\n" - "+Iwl1fKq+W457VdtkVMOzwAjWbcUpwuOzoUnuRoWj7hH+CuNwSeWAYWfPB+obhBN\n" - "g01jfzY/GKBoYmu5+5nudwhbKTzt1zJ7aBoq0iJ0yWD12DtQImWiWU7ax2wf9pfe\n" - "lIUL/aUJ2TxZbEYTOl+xeogQkikuSBlNYtM1coOjsXSRCjULW2f9GAl+VT/BA5ld\n" - "SwvRAgBYoC+X3r4IfBha5nrZStllAwMjgtM8VW2ZgMe7he7csY0WbeNNyH856Pe2\n" - "2lT49CjudbBytuPbRJXnuiiCVJnB3Qc8ntTthPIFHVLZRrNex6SGG22ANC27jKz7\n" - "s4Y+JJiAjZMfe2+Nvne3Vd9febCokhzH1HNHOjCx4U4sv2rmmCwGpw1NwRxX7hau\n" - "4cKPXkhH4iCurpG3ZbooN3DRRfNRdXT/G9Klt2HlI8kvdD2PCNtAGOQOHmHzZdKL\n" - "V/HvPkqTCdi+OuSPS9YHeHFZZUpqUZ+7eiyjQ86KzgmNi/TQWR/6IEIYe+k4QMEC\n" - "ggJxAPL6qmGPkdU4spW/FM4NmFG+ApqfisFH1hU/BzGqnL6p7DdfqzcgydyyVC/3\n" - "/j1QsV/2mh81a/Kho1AawHghjxz2k8ekARGic62tAf7pqoZFYtdGXa9hhned+9Ic\n" - "3esSItAUKlhX+XlQ6mZ7XUEbt4+6AhkZtiBgIHAUpoa90M0ru/zUoudUKatTfcAa\n" - "x9C6Uc6kBSIx7L4anGanDHuyivf3tl23UiRH06PHvb/XFCifAb9uXjfZ4+FiZdvR\n" - "7SM5EROtqJSXaMu3E/ZbK3qZSA4MK53Wr7lfKsyfvoDSxbauUPkUr8qsdIoLmIn4\n" - "gSjlFoH7ZFZVGgTB3ZW3DdOEm+7hGVwIHRR+KyM/oQevDspHeQbxWA2gx6MUavPG\n" - "KQVe8dAUVvhP0jktgwCfN/A6S/1yTXYxkmDmjlHUbchyD4hv+/3Z/+5ChAtCjVX2\n" - "+ybqRFAkJbqGeHUonWK1w+qzordT/9i/4Qg46qjVZvfvsEyyABMCptFaV4sPMJbY\n" - "CUFpCLEsQ5eHa+GgTp9V0rXoITsemJjXTAUxnEUjZ6MqfQkFs/CsLAoOaD5YjGdQ\n" - "HmyUEw2sRn4q+iFUlB3rq7BBqVyUrPzI9FajWlKL/Tr472a35uTKEd7Rvm/unY9Y\n" - "P5HM5o9v2hY3jF2qgK6/ksYkrdEVL95BRIXbJ8bk44bwja4eEfAESI7Rpc31bXd+\n" - "iNKnmMaB2A9iyzhZgZd5cTIpLM7rUwO7+IH8sd4gIKHVYUpy/KHJQ9wPy6pwc69R\n" - "MJ6HljhaRtaethkwr4Ehon3fvuQcll0rXfhbh9kN+UfE+77psBPyrLtNTTke6Ucc\n" - "4UkXGwKCAnEA8XaYDScKT2ngP/BPE9Pt/YiDoqhfGPCVMKC3/tiErdeoCk/NW6wF\n" - "00PYmaZVADXZ++kjwFfXv2w52k+8E1TEorUgap2VpAMFGmAasLkey/AuOSHK2zzU\n" - "5BWF2gwu2vDiHDs59brcH2fxGRtF/rHkZIq+fs9uHlIXARq7Wlcuu6ZkFT+qRGOl\n" - "091rFAhPmYZekBQoCjUOqPtxVPoGvdpp8SDjwet8KUBPgY0WEyZ0jGwMl25pCmlL\n" - "DGFXgbUm1dtTCxFyTC7fcp+6GmrT5FwhCBygY7pT8oAqV1C/uyvAcfFkIZAlRZQ+\n" - "FTeK8Kug2XBO1ycD5LrNZEWv91bQsMt1iF3A5PFSMwjcC+s07ZiAfhx0A3HX1sWV\n" - "VvhP+0NdY4aI7YQbUO4eSGiYOr2JPlOIQ9ObApOjQKysTuWTkwcUWCCbsMDk5CrR\n" - "XBrN91X/BJkLvcax0lPNpAko+avEVwxd/MsEKg8Tcc/rZajzVxqYei+fiCB7j2ye\n" - "V1SfpdFbScSoKreEtUEx+3BUVLAmmCmEtsO/d3b7G8yXwakLn05J2Vhw/3yNUdm7\n" - "hOYXMuqrEL2TO8oFTUUKRNRml0m4ymfKrdy1VLgx7wVUNNM/RAZEGFtb1B6VHF3E\n" - "3AHqR22H/aepgBQkN5s+P0eMgVOiEI2KTDGkOye0UgI/+7ZtfjLjGqvqX2X9J6Kk\n" - "QqfNl0jOTmKl0/3zrvAR1AOrTv6EvDxsLOfh3Nlr2I/t0RCzkeb5ECSiHmK9EjrA\n" - "b9cED3fgil2XiY7uyRW+3TpX6PJWSYxOlIaF/6YCy/vj09nQhLdnGQzuIEQLQHJn\n" - "nS+YVXYR0SVzAoICcHnxma8K+dqz8NS8qHldU1O6892cMmwcXHIfRsIDaVU7PITx\n" - "66DoQMcVbLECWkN1iv+paOI+0mVb//WE55Gi7gtQKQyp36t1B29jg7vmk6F9k0SN\n" - "WRla7bx8ulRSDoIagQRDCpl51YewN2OliEDT40Uryj/EqqYG+GCnzIeVHgTKbTdP\n" - "lE5a6+rDJTpTdnLn/4Sgxr7JpZInEtVmAxrVmW8nkAvqpDv3HF13MmDkVYapfpwP\n" - "jROks/x6gLpY2hWyX0KsBg5FCuAqisc6LFEEOqhqLT2y8FAtVfKKPXaz0WyEgbjw\n" - "S+WAtaBOf4jHAjN+/dPQUiQN49f9X/LygurkA8pYiHyqycVuKMIw/eU4U0jro+77\n" - "EwEL7wWGisK7cfzzEJMokhlfHhd6IuQeBFn5OAgD5KJr8JXXQBgLb+mIbQlBgot9\n" - "bDeshE6OYRaCtLtsGUrLSXAaarwJ3SscJC5XZ1NwwdeLPSn+Pq7rIxlN3wIu12Cz\n" - "FPu+xm7Q+cbKt6JvT2Bz4Zxb56W96ZeH4A9RZ9Qe3+DdNJbqtg3w3eOCwGvVw+AG\n" - "2LdXUbPwhs6W5B4EFqfnDR3m/c/afdeiXnFAEvqW11aqmA4fP4ZsIXQGWUgJBcVP\n" - "MLbONzA/5i150bWfyxqzvRUnXbfoiVqqZMQyxlVHt9VoljZDrevhFdu0QLbg+oml\n" - "7LBYwUjjYsP06kAmwsLliYT3RRyLt0FJPqk5Bvb2HZyjKu453x6mqxntWD2gBfBA\n" - "bWE1QDbS5wxWx/rX+2lezWyLDMMJrxs0wTNBJrGfM0uhJzEs5rnljHUbhGjlKWxp\n" - "f40lF5uSSutYsCwZfwKCAnAiRppo64zMHxRlHyCqiN/0qGc/NLVjHeufnoDf3S5g\n" - "WweQhyl4hN/C0JOzo+fXAs3xs3OOvylyE9PWiJEDEXpkOl/iooH2aTNVPiUrxut3\n" - "OZ3mIETigC0cP23juO0ByUXfigy9NAxBLQkNblCuSeRI3WUTLTDNfwui7X+A4HVS\n" - "z9jPJ11tHdQRUhH8Iv3hpjBQNXxFjqiJFkBNNry0QIffYbLS+TGDzYw7sKJcj43l\n" - "zQSwjky83Jt5o2u/js53dw2/uXdHFzRC2ieZzmZLuUQ7GY0u+ukluEnKYT0GPbyw\n" - "r/ptxT91NAjoDB1d8o7/rrCSXAhydI3pWPcUni87mXYSqHRUS2lGs1BBJN87hvVe\n" - "cX2Ka6Oe6ic71D3ORg7ArP1M8f7KqzKDRs2tMPCFd2gVcLlFUV3QNXK0NGSRb2TU\n" - "6bQQECGtveJAN9Ha9UshBPSkuMrPN3Quf9pgLqDNVoUU+GCb883nzwL0SFpal/zj\n" - "A1WbBjlj76A+d1W+PQy/WPoiLjDZZerJbXWbG/IukV40b28Db1FP7efw5qUutPdI\n" - "sgRAUBbjcovq3pqWcLddxftbdl7wTAecI6Z4fU+M89TSf00CPK9h5ZjBcuc9KcKK\n" - "zpUndDvobese6+qsvwCZ4i3ub22AsznP08E/LncH8H+cN0O/3e/74DPi8E90pZaV\n" - "V6gKaLjZ4n18tMM7YWtftyMhB6CKyatONEMiEIEZE16rtTLbncVwVWYF0mAbKvVZ\n" - "9ElLFOsP5mUgux3pcDPgkE6NiUueIccZMkn+WEAlapRRAxOMaa1l9Viu3vF5lWs+\n" - "JBa9X8tVF6hbqMDwCLWYwb8CggJxAMwL6SAeYP9kjq7tkk+TmZVTHDlV4Yw9kWAY\n" - "a9etQ4vJibIkyzrfJXIVmsY+df7m3uaNWnmNe3VuZxLv04sPyL8OMu+PIUct3174\n" - "sNYN5AjmjmuBLvs1vBF8VvQ8+TsH5HjzXYcSQM3OJ1G/GPjsptqHj/w3kLmHsQgW\n" - "Fps5OXWgjQEsVnrRL/Z5D6s4z8OPMRN3KAqb1k4Cp5m32f9bzBIHEPdHc1JLFx0X\n" - "4xFQ4m1Dfbab8/VGnm9mS67zDtJWjxUSeTlR84hONXqzPke5h/W4QGrUgHutm0zb\n" - "ch/CufhsxF6RjiK7EuKqZWZDDj0uxqOlI6X/Exf53KZRLwJlmhdaED5LP8BA2IHt\n" - "nRL7F0uGfaLMP5CCDyN36GjmrlCEilwQQSpJF6QnYEEkLaxjksqTzQ54ZtboLf7O\n" - "HY0iYN1fmuWpf41ljljHe5H58vKDr/oQkANfz6I2lBCdmz7GkmBPmed8XHJSWqs8\n" - "41tyHXPBAQj+1MQtsW0xjl2ajoF7mwrRVHQL0xLVQcwmXqNQyMJ905WRMBhLShRR\n" - "hXipo7nDHDE8jiRyTZGNIg12D6tDLD5tmPXK5Hmzn4pLPWcN6Q9UvWn0PWql31sx\n" - "3dNqZ6PlYyh0b92+pymfDF3TBvZI2PeOICQsiFnqwhMyrV0Ojwt/QxIFudJJf2u4\n" - "7EA14n87SVjMhF1l6BoP4wdqt21uU0UhpyFACCoH2arFFulGJjC2/d5drNq7hSef\n" - "LNMz9MPPkamMWQ6i7vlTlUjAOtIfukre/fG4qyVclTaAiKx6EXt98DSBjPLoMJO7\n" - "3sczn4+LAjtXDT3RX0aUWr+JQABd+g==\n" "-----END PRIVATE KEY-----\n"; + "-----BEGIN PRIVATE KEY-----\n" + "MIIWMgIBADANBgkqhkiG9w0BAQEFAASCFhwwghYYAgEAAoIE4QDlLopBshMEROYt\n" + "nS3ZM02uRH0dFMreyhCNuoX5EPOsZRgTbGXM3myDqCWuIiFRf10OoSH8yzaT4nYS\n" + "tvz91Do3JM/qHsNXyQP5Ql4NQkfp9sl8gutog1Y3svWM6fpl/mZTPTLAJcW+HPi3\n" + "5GStCgnlXi6U8JLk4mmjuIt0m/O95x0EZ0qmC8Rn7Ijk8VHH24fMX3cWu+LSTQzr\n" + "WAGoBZWcl54EBm03GiUf92MW5CP3JpoTq/cwJ65b103GGC5CEhlFWaKTKQJ8EScu\n" + "ood3AUy7JvN13KIk+lw9cJ7Htw7GPe8ixzrsNaBIyJIiAFkS8iWYjfUGJkifM5XH\n" + "enMAx5UG6hdHWvbkrLL50Dpy46sPJvzNfMiY9ukVOaEMVSlXwHkuwMU/ZxyJL6w/\n" + "r3xS+xHdWQhDBgLFH4zIfUn36eEtDkGQ79B/wvx64M27mm+VLFWaS96lwfpmkmdV\n" + "940V0oTRVMYqIYfAfFX6Sr+U6GYF7Y6Te0vMLNQjHweCR33+1iUO4U21QYNA6ea8\n" + "Fs7wu60J9i+61gYJo+TN3hQPgBS+6R8ZIN7DNA6LRVB0dQtLIYhS7tPXm3sdOfP2\n" + "L72KftzmLYeYm9tDSx8BV9EN6wY3GfP8YJ7RQAwSWowEQLfleMUbI/ZAeIsJAqvo\n" + "dTQtUTDmzXWkk132HDe7bit+IIYSoUl70fOr4sJaF+cjPdWM6WjDUp7uSy//P3ZZ\n" + "gfhI14TWXIEh/0eNvHP5toWctRKXb0D79D5A4fNz79h802fxWDfUg4Ol+qoL8Ms6\n" + "NI3s1LTDDqJITwMQLFFuuUGvUD0x9WP0XHl7m2YcdQg1U1JP7vmMXsoa/zVcgovw\n" + "IFhiA69Umlu8BipEn9xeQjYdyBMBMRMasUjXgQt9OoLv43UqLVzjd1AtRURYZREO\n" + "T86gYU53SHHPvOyTA2U4ZyON0WVzPRLpHrg+9YhaL9bzXgcqtK13Zdj56B3jHgnz\n" + "ge3MmjYvJntGtCGl2D310FaG7GWg775Evh2I4np5nXsA9dnSqySFzAP3rJ/L5pUi\n" + "bQ+QDuYnNwATvRu57Gx3kgmMrMvKooudcpYlrekJUzjS6PfmsHPCYx97rqmeCvGZ\n" + "m8O4PmxC0NDr1MnTuBGjX1IOTuICrzHfoDPa07hxhOwQ35wa1a+aXgQGP3bqTISq\n" + "t9VV6/DWZ1NNsujAbbd+2oSYYhE9e4QZCCnpWQw1cmnwyVhvAVsTzkfDxwDDYBNj\n" + "+L/uG8BaoCuAtA1exDCXiLBwuS9fkwuO26NJoCx/hVih6sIqe7YS2qcubJiByMeU\n" + "YqPO/N7MrJK/psm7WG9Jby62xEYulfU28dYOFdjtFLaUY472Mo6Rxth6R9H/95tc\n" + "DX7ndmPMtYkBUJ91QyGwXLj/QozlH7woVzm7kdZmO5sCu4aezXylPnK7cTVwzTsk\n" + "3moucKsMshh9Sd+baxyVFrXlvntOGkrU0FdHh2aF47eCb5+agu3Aw6PHK+v9XsUR\n" + "FEw6xqqIp9aJsY6VkjM4zcglrrDJbAbujozRAZp7D5XPtSDfBAG7bdeZOCA4DZUE\n" + "QxY2HRJw6OeKLOclaEeCxW1LKBWW/oYbyo/0tK9ND+mk/WUOKXeBA47F+OGZLP2S\n" + "JzMWxJLuvL1XbMzHk/nrtN+mzgg1zbLdwuX9XUGcXQCDL2w3SCECAwEAAQKCBOAZ\n" + "dUIGajGSl9S53GvrZLeMVC9Ru62NcgTEuaOIN0naLKCwB6qHR23mchc9cK0i0HMV\n" + "3PBZlHlLlCxph8oyqBCPb5do+mHYrouydJzd/C7g3nkjS6e6xFwfc9GzBYq7KbdU\n" + "J8grcAa3R6CZTNWiIytWP1ANW2v14PC7LxTOr0Q0JCglBRRVvZjjsnLCe8wJ12kO\n" + "Wsxvyg84LTbyLaSBdZ1Y976l09Dt/gmBs4leUZltKuySoteikcXcjd4l0ynQTRJh\n" + "kcNtdXDBN2aS15sUrSBI6drBjPC2CtmUOZ5psPwDKX4W7uqssohLjXwuKru6Twu+\n" + "FobRWA9ZH/HTZta/j2wOiJJtar1iSYzYEzlq6b9mv331lZby5vqdUPmC1TLyfH75\n" + "opBGqr2Qv6ryqBu3XAxv+iPgzhogq5CH9OLylxhcWOkPoJQYnSBOxgoUfONIPtSD\n" + "f0oMP7ABFOJFumoBspDub+xTYcYiq60hUIxXjjlHD0x3NYsF8zTdceTzo91rIX6c\n" + "WIq5R728yD7JRf9W3oIqSR6kMoIZMAuKktDHqAKl8l9x+yTDqlSzQ8/cH+RRRDhQ\n" + "fhcqLCtQ488l2cfESrNfHk+htC53GzEmhQrD8QePt2JS9qittd+hak2Da20CIJhE\n" + "m4oPP1Sye4l9GQfiwNId0VTwIy6c2CWYvHQ4XoSGLURsbLYUsevE9kLGt2exb3wj\n" + "tlnRPqjmQbZz2uwpq0cmSMBPdnwMUpLPemb9MWAPUlx1oHwJ2Q+iIVJ7C0DQnmwV\n" + "P0aweVfKW8U3gf8B/97UjBuazKwab9Hb6thRESi7E/c2fc9A29JL9vQieE78ch8w\n" + "mEIp8SaT/l09gq6mTSUhYl6k5Z1iNHtrqgRr9uyfB5+fm4P3Hc5GzwCC38sU7rL3\n" + "zO6Dk5z+3VD2T9L+X9vZ6Z9mjvzKylQpZta8d5EAWkUiPaVY8xYcbtNKRahK5zFB\n" + "wgzTya1uFi9C0TBG07OONuT15bagbqjqsrZ6daLxqtiX6CUtNEAp8UWLlR3jW2/r\n" + "p1iE3AeW61MfKCmvsl+J9vZ8Vy+iisFaUVJWfhGFpH5WCO4idQiXZyjfsTAQhPV3\n" + "yBB65LVsXCZWXOiiwmmH3GIvY7fvVTQbM8Rz6FlLr8y8VPACsLJE2OnfRlwZvKaC\n" + "+Iwl1fKq+W457VdtkVMOzwAjWbcUpwuOzoUnuRoWj7hH+CuNwSeWAYWfPB+obhBN\n" + "g01jfzY/GKBoYmu5+5nudwhbKTzt1zJ7aBoq0iJ0yWD12DtQImWiWU7ax2wf9pfe\n" + "lIUL/aUJ2TxZbEYTOl+xeogQkikuSBlNYtM1coOjsXSRCjULW2f9GAl+VT/BA5ld\n" + "SwvRAgBYoC+X3r4IfBha5nrZStllAwMjgtM8VW2ZgMe7he7csY0WbeNNyH856Pe2\n" + "2lT49CjudbBytuPbRJXnuiiCVJnB3Qc8ntTthPIFHVLZRrNex6SGG22ANC27jKz7\n" + "s4Y+JJiAjZMfe2+Nvne3Vd9febCokhzH1HNHOjCx4U4sv2rmmCwGpw1NwRxX7hau\n" + "4cKPXkhH4iCurpG3ZbooN3DRRfNRdXT/G9Klt2HlI8kvdD2PCNtAGOQOHmHzZdKL\n" + "V/HvPkqTCdi+OuSPS9YHeHFZZUpqUZ+7eiyjQ86KzgmNi/TQWR/6IEIYe+k4QMEC\n" + "ggJxAPL6qmGPkdU4spW/FM4NmFG+ApqfisFH1hU/BzGqnL6p7DdfqzcgydyyVC/3\n" + "/j1QsV/2mh81a/Kho1AawHghjxz2k8ekARGic62tAf7pqoZFYtdGXa9hhned+9Ic\n" + "3esSItAUKlhX+XlQ6mZ7XUEbt4+6AhkZtiBgIHAUpoa90M0ru/zUoudUKatTfcAa\n" + "x9C6Uc6kBSIx7L4anGanDHuyivf3tl23UiRH06PHvb/XFCifAb9uXjfZ4+FiZdvR\n" + "7SM5EROtqJSXaMu3E/ZbK3qZSA4MK53Wr7lfKsyfvoDSxbauUPkUr8qsdIoLmIn4\n" + "gSjlFoH7ZFZVGgTB3ZW3DdOEm+7hGVwIHRR+KyM/oQevDspHeQbxWA2gx6MUavPG\n" + "KQVe8dAUVvhP0jktgwCfN/A6S/1yTXYxkmDmjlHUbchyD4hv+/3Z/+5ChAtCjVX2\n" + "+ybqRFAkJbqGeHUonWK1w+qzordT/9i/4Qg46qjVZvfvsEyyABMCptFaV4sPMJbY\n" + "CUFpCLEsQ5eHa+GgTp9V0rXoITsemJjXTAUxnEUjZ6MqfQkFs/CsLAoOaD5YjGdQ\n" + "HmyUEw2sRn4q+iFUlB3rq7BBqVyUrPzI9FajWlKL/Tr472a35uTKEd7Rvm/unY9Y\n" + "P5HM5o9v2hY3jF2qgK6/ksYkrdEVL95BRIXbJ8bk44bwja4eEfAESI7Rpc31bXd+\n" + "iNKnmMaB2A9iyzhZgZd5cTIpLM7rUwO7+IH8sd4gIKHVYUpy/KHJQ9wPy6pwc69R\n" + "MJ6HljhaRtaethkwr4Ehon3fvuQcll0rXfhbh9kN+UfE+77psBPyrLtNTTke6Ucc\n" + "4UkXGwKCAnEA8XaYDScKT2ngP/BPE9Pt/YiDoqhfGPCVMKC3/tiErdeoCk/NW6wF\n" + "00PYmaZVADXZ++kjwFfXv2w52k+8E1TEorUgap2VpAMFGmAasLkey/AuOSHK2zzU\n" + "5BWF2gwu2vDiHDs59brcH2fxGRtF/rHkZIq+fs9uHlIXARq7Wlcuu6ZkFT+qRGOl\n" + "091rFAhPmYZekBQoCjUOqPtxVPoGvdpp8SDjwet8KUBPgY0WEyZ0jGwMl25pCmlL\n" + "DGFXgbUm1dtTCxFyTC7fcp+6GmrT5FwhCBygY7pT8oAqV1C/uyvAcfFkIZAlRZQ+\n" + "FTeK8Kug2XBO1ycD5LrNZEWv91bQsMt1iF3A5PFSMwjcC+s07ZiAfhx0A3HX1sWV\n" + "VvhP+0NdY4aI7YQbUO4eSGiYOr2JPlOIQ9ObApOjQKysTuWTkwcUWCCbsMDk5CrR\n" + "XBrN91X/BJkLvcax0lPNpAko+avEVwxd/MsEKg8Tcc/rZajzVxqYei+fiCB7j2ye\n" + "V1SfpdFbScSoKreEtUEx+3BUVLAmmCmEtsO/d3b7G8yXwakLn05J2Vhw/3yNUdm7\n" + "hOYXMuqrEL2TO8oFTUUKRNRml0m4ymfKrdy1VLgx7wVUNNM/RAZEGFtb1B6VHF3E\n" + "3AHqR22H/aepgBQkN5s+P0eMgVOiEI2KTDGkOye0UgI/+7ZtfjLjGqvqX2X9J6Kk\n" + "QqfNl0jOTmKl0/3zrvAR1AOrTv6EvDxsLOfh3Nlr2I/t0RCzkeb5ECSiHmK9EjrA\n" + "b9cED3fgil2XiY7uyRW+3TpX6PJWSYxOlIaF/6YCy/vj09nQhLdnGQzuIEQLQHJn\n" + "nS+YVXYR0SVzAoICcHnxma8K+dqz8NS8qHldU1O6892cMmwcXHIfRsIDaVU7PITx\n" + "66DoQMcVbLECWkN1iv+paOI+0mVb//WE55Gi7gtQKQyp36t1B29jg7vmk6F9k0SN\n" + "WRla7bx8ulRSDoIagQRDCpl51YewN2OliEDT40Uryj/EqqYG+GCnzIeVHgTKbTdP\n" + "lE5a6+rDJTpTdnLn/4Sgxr7JpZInEtVmAxrVmW8nkAvqpDv3HF13MmDkVYapfpwP\n" + "jROks/x6gLpY2hWyX0KsBg5FCuAqisc6LFEEOqhqLT2y8FAtVfKKPXaz0WyEgbjw\n" + "S+WAtaBOf4jHAjN+/dPQUiQN49f9X/LygurkA8pYiHyqycVuKMIw/eU4U0jro+77\n" + "EwEL7wWGisK7cfzzEJMokhlfHhd6IuQeBFn5OAgD5KJr8JXXQBgLb+mIbQlBgot9\n" + "bDeshE6OYRaCtLtsGUrLSXAaarwJ3SscJC5XZ1NwwdeLPSn+Pq7rIxlN3wIu12Cz\n" + "FPu+xm7Q+cbKt6JvT2Bz4Zxb56W96ZeH4A9RZ9Qe3+DdNJbqtg3w3eOCwGvVw+AG\n" + "2LdXUbPwhs6W5B4EFqfnDR3m/c/afdeiXnFAEvqW11aqmA4fP4ZsIXQGWUgJBcVP\n" + "MLbONzA/5i150bWfyxqzvRUnXbfoiVqqZMQyxlVHt9VoljZDrevhFdu0QLbg+oml\n" + "7LBYwUjjYsP06kAmwsLliYT3RRyLt0FJPqk5Bvb2HZyjKu453x6mqxntWD2gBfBA\n" + "bWE1QDbS5wxWx/rX+2lezWyLDMMJrxs0wTNBJrGfM0uhJzEs5rnljHUbhGjlKWxp\n" + "f40lF5uSSutYsCwZfwKCAnAiRppo64zMHxRlHyCqiN/0qGc/NLVjHeufnoDf3S5g\n" + "WweQhyl4hN/C0JOzo+fXAs3xs3OOvylyE9PWiJEDEXpkOl/iooH2aTNVPiUrxut3\n" + "OZ3mIETigC0cP23juO0ByUXfigy9NAxBLQkNblCuSeRI3WUTLTDNfwui7X+A4HVS\n" + "z9jPJ11tHdQRUhH8Iv3hpjBQNXxFjqiJFkBNNry0QIffYbLS+TGDzYw7sKJcj43l\n" + "zQSwjky83Jt5o2u/js53dw2/uXdHFzRC2ieZzmZLuUQ7GY0u+ukluEnKYT0GPbyw\n" + "r/ptxT91NAjoDB1d8o7/rrCSXAhydI3pWPcUni87mXYSqHRUS2lGs1BBJN87hvVe\n" + "cX2Ka6Oe6ic71D3ORg7ArP1M8f7KqzKDRs2tMPCFd2gVcLlFUV3QNXK0NGSRb2TU\n" + "6bQQECGtveJAN9Ha9UshBPSkuMrPN3Quf9pgLqDNVoUU+GCb883nzwL0SFpal/zj\n" + "A1WbBjlj76A+d1W+PQy/WPoiLjDZZerJbXWbG/IukV40b28Db1FP7efw5qUutPdI\n" + "sgRAUBbjcovq3pqWcLddxftbdl7wTAecI6Z4fU+M89TSf00CPK9h5ZjBcuc9KcKK\n" + "zpUndDvobese6+qsvwCZ4i3ub22AsznP08E/LncH8H+cN0O/3e/74DPi8E90pZaV\n" + "V6gKaLjZ4n18tMM7YWtftyMhB6CKyatONEMiEIEZE16rtTLbncVwVWYF0mAbKvVZ\n" + "9ElLFOsP5mUgux3pcDPgkE6NiUueIccZMkn+WEAlapRRAxOMaa1l9Viu3vF5lWs+\n" + "JBa9X8tVF6hbqMDwCLWYwb8CggJxAMwL6SAeYP9kjq7tkk+TmZVTHDlV4Yw9kWAY\n" + "a9etQ4vJibIkyzrfJXIVmsY+df7m3uaNWnmNe3VuZxLv04sPyL8OMu+PIUct3174\n" + "sNYN5AjmjmuBLvs1vBF8VvQ8+TsH5HjzXYcSQM3OJ1G/GPjsptqHj/w3kLmHsQgW\n" + "Fps5OXWgjQEsVnrRL/Z5D6s4z8OPMRN3KAqb1k4Cp5m32f9bzBIHEPdHc1JLFx0X\n" + "4xFQ4m1Dfbab8/VGnm9mS67zDtJWjxUSeTlR84hONXqzPke5h/W4QGrUgHutm0zb\n" + "ch/CufhsxF6RjiK7EuKqZWZDDj0uxqOlI6X/Exf53KZRLwJlmhdaED5LP8BA2IHt\n" + "nRL7F0uGfaLMP5CCDyN36GjmrlCEilwQQSpJF6QnYEEkLaxjksqTzQ54ZtboLf7O\n" + "HY0iYN1fmuWpf41ljljHe5H58vKDr/oQkANfz6I2lBCdmz7GkmBPmed8XHJSWqs8\n" + "41tyHXPBAQj+1MQtsW0xjl2ajoF7mwrRVHQL0xLVQcwmXqNQyMJ905WRMBhLShRR\n" + "hXipo7nDHDE8jiRyTZGNIg12D6tDLD5tmPXK5Hmzn4pLPWcN6Q9UvWn0PWql31sx\n" + "3dNqZ6PlYyh0b92+pymfDF3TBvZI2PeOICQsiFnqwhMyrV0Ojwt/QxIFudJJf2u4\n" + "7EA14n87SVjMhF1l6BoP4wdqt21uU0UhpyFACCoH2arFFulGJjC2/d5drNq7hSef\n" + "LNMz9MPPkamMWQ6i7vlTlUjAOtIfukre/fG4qyVclTaAiKx6EXt98DSBjPLoMJO7\n" + "3sczn4+LAjtXDT3RX0aUWr+JQABd+g==\n" + "-----END PRIVATE KEY-----\n"; static char server_cert_repro_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIILHTCCBiWgAwIBAgIJAKyNy9vjy7TCMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\n" - "BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX\n" - "aWRnaXRzIFB0eSBMdGQwHhcNMTcwOTEzMTAzNzU0WhcNMTcwOTE0MTAzNzU0WjBF\n" - "MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50\n" - "ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIFAjANBgkqhkiG9w0BAQEFAAOCBO8AMIIE\n" - "6gKCBOEA5S6KQbITBETmLZ0t2TNNrkR9HRTK3soQjbqF+RDzrGUYE2xlzN5sg6gl\n" - "riIhUX9dDqEh/Ms2k+J2Erb8/dQ6NyTP6h7DV8kD+UJeDUJH6fbJfILraINWN7L1\n" - "jOn6Zf5mUz0ywCXFvhz4t+RkrQoJ5V4ulPCS5OJpo7iLdJvzvecdBGdKpgvEZ+yI\n" - "5PFRx9uHzF93Frvi0k0M61gBqAWVnJeeBAZtNxolH/djFuQj9yaaE6v3MCeuW9dN\n" - "xhguQhIZRVmikykCfBEnLqKHdwFMuybzddyiJPpcPXCex7cOxj3vIsc67DWgSMiS\n" - "IgBZEvIlmI31BiZInzOVx3pzAMeVBuoXR1r25Kyy+dA6cuOrDyb8zXzImPbpFTmh\n" - "DFUpV8B5LsDFP2cciS+sP698UvsR3VkIQwYCxR+MyH1J9+nhLQ5BkO/Qf8L8euDN\n" - "u5pvlSxVmkvepcH6ZpJnVfeNFdKE0VTGKiGHwHxV+kq/lOhmBe2Ok3tLzCzUIx8H\n" - "gkd9/tYlDuFNtUGDQOnmvBbO8LutCfYvutYGCaPkzd4UD4AUvukfGSDewzQOi0VQ\n" - "dHULSyGIUu7T15t7HTnz9i+9in7c5i2HmJvbQ0sfAVfRDesGNxnz/GCe0UAMElqM\n" - "BEC35XjFGyP2QHiLCQKr6HU0LVEw5s11pJNd9hw3u24rfiCGEqFJe9Hzq+LCWhfn\n" - "Iz3VjOlow1Ke7ksv/z92WYH4SNeE1lyBIf9Hjbxz+baFnLUSl29A+/Q+QOHzc+/Y\n" - "fNNn8Vg31IODpfqqC/DLOjSN7NS0ww6iSE8DECxRbrlBr1A9MfVj9Fx5e5tmHHUI\n" - "NVNST+75jF7KGv81XIKL8CBYYgOvVJpbvAYqRJ/cXkI2HcgTATETGrFI14ELfTqC\n" - "7+N1Ki1c43dQLUVEWGURDk/OoGFOd0hxz7zskwNlOGcjjdFlcz0S6R64PvWIWi/W\n" - "814HKrStd2XY+egd4x4J84HtzJo2LyZ7RrQhpdg99dBWhuxloO++RL4diOJ6eZ17\n" - "APXZ0qskhcwD96yfy+aVIm0PkA7mJzcAE70buexsd5IJjKzLyqKLnXKWJa3pCVM4\n" - "0uj35rBzwmMfe66pngrxmZvDuD5sQtDQ69TJ07gRo19SDk7iAq8x36Az2tO4cYTs\n" - "EN+cGtWvml4EBj926kyEqrfVVevw1mdTTbLowG23ftqEmGIRPXuEGQgp6VkMNXJp\n" - "8MlYbwFbE85Hw8cAw2ATY/i/7hvAWqArgLQNXsQwl4iwcLkvX5MLjtujSaAsf4VY\n" - "oerCKnu2EtqnLmyYgcjHlGKjzvzezKySv6bJu1hvSW8utsRGLpX1NvHWDhXY7RS2\n" - "lGOO9jKOkcbYekfR//ebXA1+53ZjzLWJAVCfdUMhsFy4/0KM5R+8KFc5u5HWZjub\n" - "AruGns18pT5yu3E1cM07JN5qLnCrDLIYfUnfm2sclRa15b57ThpK1NBXR4dmheO3\n" - "gm+fmoLtwMOjxyvr/V7FERRMOsaqiKfWibGOlZIzOM3IJa6wyWwG7o6M0QGaew+V\n" - "z7Ug3wQBu23XmTggOA2VBEMWNh0ScOjniiznJWhHgsVtSygVlv6GG8qP9LSvTQ/p\n" - "pP1lDil3gQOOxfjhmSz9kiczFsSS7ry9V2zMx5P567Tfps4INc2y3cLl/V1BnF0A\n" - "gy9sN0ghAgMBAAGjUDBOMB0GA1UdDgQWBBT27j2hLGIaF0HRrGTPPxyYPcZiVDAf\n" - "BgNVHSMEGDAWgBT27j2hLGIaF0HRrGTPPxyYPcZiVDAMBgNVHRMEBTADAQH/MA0G\n" - "CSqGSIb3DQEBCwUAA4IE4QABjOzAO+aLbSvGPc5J0dFJV2upqv/lIQuwYkYwiDYn\n" - "jYiKvdldmx9DA4e6l+yE/7yAphz1qviySPzIDl3zsBxoTlUd1ghsm4R7euC827e8\n" - "MsJDMK8CfsXepqcvca2nrNpakDZ+z+e/y+UoAFiDMZhLX8N0a1+5+cQrONMMqEWa\n" - "GRV+SlH2dJHfi1aG981Br5pfoJmQbWRjj8sLM1e2EIe3NovcVDnS//7T3PcDINRM\n" - "M341onBL93/yv/iBevekTkx3FnjLF7qJRRqKX5bc0+H5Fe0sV7ObIEAAFyrRMp/l\n" - "A3AYCZ5vu9ueWdmmyuBZTro6eWyQN4G1WkYVYQMpa8JwOrclpSaa/d5f16u4wRLe\n" - "JguamO/qMbxpaVJPSXXiX+dwyaVow6l7s9O1+jrYDVhJACVP0OIfLtPeBZlbo4T9\n" - "B2XeFbgOZXT9gfz/vsq+pH9rBKrtvXzYAWEThlqjh1qNKfmG3bYwSJhsL5NnVOae\n" - "xZ8VveeDV05VfIQX3NpqK9gxoVMlbMX+zEdRpBak8d4P+wKMrLm2Vg+1MtfMsDes\n" - "bi0i2oHH2ESvY7elv1YTgORXjz6HmzA3L7oaISNgIoxbzVVu1hhBTD4MZXaFHGbW\n" - "E9IpEhHPNK6UHetbxJwN2X2lONEOwoDDzXerrmIjn6yHJetLOBTb0IAdaOvzEmyP\n" - "k4lhXJ9uOd0hdSqAIgKiFrrYNnXvYGMwItQPyI0KXN2e4B/kgZX9L/4SQwIpJuHy\n" - "Voit0WZVCAhIxA4SkYi7X/5qW2t/Kg4kfUxWO6itq8QChikSatkyLVtv9SOksQnm\n" - "2+alnBWhEziN7T4teM1qvj+Deiv3EYPaLBw68jJgKJ55lTt8vbHDWw07WUX7xP6C\n" - "BVKPh8fDH/j95Uyfsv5WxKBfjUFYD/c2R33AClST9iWCmZn2LJm66rzOx/dZ19eH\n" - "BJHeooCCzmk9BMrSLqcuzBaUsKjiKrlYeHa+klqgYhhDQxdxJ1GRUZbEywVc1+FL\n" - "fnDK2edISlUDZ2FsOK+X+bf4g5UhQzhnJZwTZhH3m35tM7AvX3ZpRmSoApbAEbqM\n" - "ndj3v4z7l/VYve/waZjVwLL+lzKTgOKh91RxzJcs34j/pvi9Srf7nif6O9Kf+F7z\n" - "bKKdN4RAypUxv9v0EjSolQ0lpUNQBJNJeepgqLzVNdDaEOAP0g/5LsFscpfawo80\n" - "KRCIJH1+C0OqZpHcu9w99l0/NsVOb50+IUhe1gA+wZDC8puODmacWNCctXG9cojZ\n" - "lcagSLUvh1jt/t6fsl2ObyL64+1RPrvi1A11mtqbUxS4iTa6l45yth+IjbpexVwh\n" - "YJUKTfBnWzS1RNBPJwsn6wRuvIWZT/VdQ5q/lTCWvovKPKg/gnwrlqqErVXgdgyG\n" - "YGdChbh3R4jYgHlUASa/xo5Nes+X2DRy+2OzaHrDKdo2pxwqMtzQjogPVTBOG0r1\n" - "iCNaCF9hLjJakrxsaoLBlb90bJ1ZrlYtqNXwKZphbLvgVELsPCghrwhbV9wdP6Le\n" - "zMnPLeicTSDPiq2nkDUWlbDd5oOhrTORf8gWRuPJVJ+noEkAkQEZkGHRnt3ouio6\n" - "P0BTNfA6e2quOiZ+8YSvWwOlwO2I0z8vy1IPQYIApX3S0UCPSep33u3KdL28O68z\n" - "pNVz4Hd2IpWckRR5ahdK00I=\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIILHTCCBiWgAwIBAgIJAKyNy9vjy7TCMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\n" + "BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX\n" + "aWRnaXRzIFB0eSBMdGQwHhcNMTcwOTEzMTAzNzU0WhcNMTcwOTE0MTAzNzU0WjBF\n" + "MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50\n" + "ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIFAjANBgkqhkiG9w0BAQEFAAOCBO8AMIIE\n" + "6gKCBOEA5S6KQbITBETmLZ0t2TNNrkR9HRTK3soQjbqF+RDzrGUYE2xlzN5sg6gl\n" + "riIhUX9dDqEh/Ms2k+J2Erb8/dQ6NyTP6h7DV8kD+UJeDUJH6fbJfILraINWN7L1\n" + "jOn6Zf5mUz0ywCXFvhz4t+RkrQoJ5V4ulPCS5OJpo7iLdJvzvecdBGdKpgvEZ+yI\n" + "5PFRx9uHzF93Frvi0k0M61gBqAWVnJeeBAZtNxolH/djFuQj9yaaE6v3MCeuW9dN\n" + "xhguQhIZRVmikykCfBEnLqKHdwFMuybzddyiJPpcPXCex7cOxj3vIsc67DWgSMiS\n" + "IgBZEvIlmI31BiZInzOVx3pzAMeVBuoXR1r25Kyy+dA6cuOrDyb8zXzImPbpFTmh\n" + "DFUpV8B5LsDFP2cciS+sP698UvsR3VkIQwYCxR+MyH1J9+nhLQ5BkO/Qf8L8euDN\n" + "u5pvlSxVmkvepcH6ZpJnVfeNFdKE0VTGKiGHwHxV+kq/lOhmBe2Ok3tLzCzUIx8H\n" + "gkd9/tYlDuFNtUGDQOnmvBbO8LutCfYvutYGCaPkzd4UD4AUvukfGSDewzQOi0VQ\n" + "dHULSyGIUu7T15t7HTnz9i+9in7c5i2HmJvbQ0sfAVfRDesGNxnz/GCe0UAMElqM\n" + "BEC35XjFGyP2QHiLCQKr6HU0LVEw5s11pJNd9hw3u24rfiCGEqFJe9Hzq+LCWhfn\n" + "Iz3VjOlow1Ke7ksv/z92WYH4SNeE1lyBIf9Hjbxz+baFnLUSl29A+/Q+QOHzc+/Y\n" + "fNNn8Vg31IODpfqqC/DLOjSN7NS0ww6iSE8DECxRbrlBr1A9MfVj9Fx5e5tmHHUI\n" + "NVNST+75jF7KGv81XIKL8CBYYgOvVJpbvAYqRJ/cXkI2HcgTATETGrFI14ELfTqC\n" + "7+N1Ki1c43dQLUVEWGURDk/OoGFOd0hxz7zskwNlOGcjjdFlcz0S6R64PvWIWi/W\n" + "814HKrStd2XY+egd4x4J84HtzJo2LyZ7RrQhpdg99dBWhuxloO++RL4diOJ6eZ17\n" + "APXZ0qskhcwD96yfy+aVIm0PkA7mJzcAE70buexsd5IJjKzLyqKLnXKWJa3pCVM4\n" + "0uj35rBzwmMfe66pngrxmZvDuD5sQtDQ69TJ07gRo19SDk7iAq8x36Az2tO4cYTs\n" + "EN+cGtWvml4EBj926kyEqrfVVevw1mdTTbLowG23ftqEmGIRPXuEGQgp6VkMNXJp\n" + "8MlYbwFbE85Hw8cAw2ATY/i/7hvAWqArgLQNXsQwl4iwcLkvX5MLjtujSaAsf4VY\n" + "oerCKnu2EtqnLmyYgcjHlGKjzvzezKySv6bJu1hvSW8utsRGLpX1NvHWDhXY7RS2\n" + "lGOO9jKOkcbYekfR//ebXA1+53ZjzLWJAVCfdUMhsFy4/0KM5R+8KFc5u5HWZjub\n" + "AruGns18pT5yu3E1cM07JN5qLnCrDLIYfUnfm2sclRa15b57ThpK1NBXR4dmheO3\n" + "gm+fmoLtwMOjxyvr/V7FERRMOsaqiKfWibGOlZIzOM3IJa6wyWwG7o6M0QGaew+V\n" + "z7Ug3wQBu23XmTggOA2VBEMWNh0ScOjniiznJWhHgsVtSygVlv6GG8qP9LSvTQ/p\n" + "pP1lDil3gQOOxfjhmSz9kiczFsSS7ry9V2zMx5P567Tfps4INc2y3cLl/V1BnF0A\n" + "gy9sN0ghAgMBAAGjUDBOMB0GA1UdDgQWBBT27j2hLGIaF0HRrGTPPxyYPcZiVDAf\n" + "BgNVHSMEGDAWgBT27j2hLGIaF0HRrGTPPxyYPcZiVDAMBgNVHRMEBTADAQH/MA0G\n" + "CSqGSIb3DQEBCwUAA4IE4QABjOzAO+aLbSvGPc5J0dFJV2upqv/lIQuwYkYwiDYn\n" + "jYiKvdldmx9DA4e6l+yE/7yAphz1qviySPzIDl3zsBxoTlUd1ghsm4R7euC827e8\n" + "MsJDMK8CfsXepqcvca2nrNpakDZ+z+e/y+UoAFiDMZhLX8N0a1+5+cQrONMMqEWa\n" + "GRV+SlH2dJHfi1aG981Br5pfoJmQbWRjj8sLM1e2EIe3NovcVDnS//7T3PcDINRM\n" + "M341onBL93/yv/iBevekTkx3FnjLF7qJRRqKX5bc0+H5Fe0sV7ObIEAAFyrRMp/l\n" + "A3AYCZ5vu9ueWdmmyuBZTro6eWyQN4G1WkYVYQMpa8JwOrclpSaa/d5f16u4wRLe\n" + "JguamO/qMbxpaVJPSXXiX+dwyaVow6l7s9O1+jrYDVhJACVP0OIfLtPeBZlbo4T9\n" + "B2XeFbgOZXT9gfz/vsq+pH9rBKrtvXzYAWEThlqjh1qNKfmG3bYwSJhsL5NnVOae\n" + "xZ8VveeDV05VfIQX3NpqK9gxoVMlbMX+zEdRpBak8d4P+wKMrLm2Vg+1MtfMsDes\n" + "bi0i2oHH2ESvY7elv1YTgORXjz6HmzA3L7oaISNgIoxbzVVu1hhBTD4MZXaFHGbW\n" + "E9IpEhHPNK6UHetbxJwN2X2lONEOwoDDzXerrmIjn6yHJetLOBTb0IAdaOvzEmyP\n" + "k4lhXJ9uOd0hdSqAIgKiFrrYNnXvYGMwItQPyI0KXN2e4B/kgZX9L/4SQwIpJuHy\n" + "Voit0WZVCAhIxA4SkYi7X/5qW2t/Kg4kfUxWO6itq8QChikSatkyLVtv9SOksQnm\n" + "2+alnBWhEziN7T4teM1qvj+Deiv3EYPaLBw68jJgKJ55lTt8vbHDWw07WUX7xP6C\n" + "BVKPh8fDH/j95Uyfsv5WxKBfjUFYD/c2R33AClST9iWCmZn2LJm66rzOx/dZ19eH\n" + "BJHeooCCzmk9BMrSLqcuzBaUsKjiKrlYeHa+klqgYhhDQxdxJ1GRUZbEywVc1+FL\n" + "fnDK2edISlUDZ2FsOK+X+bf4g5UhQzhnJZwTZhH3m35tM7AvX3ZpRmSoApbAEbqM\n" + "ndj3v4z7l/VYve/waZjVwLL+lzKTgOKh91RxzJcs34j/pvi9Srf7nif6O9Kf+F7z\n" + "bKKdN4RAypUxv9v0EjSolQ0lpUNQBJNJeepgqLzVNdDaEOAP0g/5LsFscpfawo80\n" + "KRCIJH1+C0OqZpHcu9w99l0/NsVOb50+IUhe1gA+wZDC8puODmacWNCctXG9cojZ\n" + "lcagSLUvh1jt/t6fsl2ObyL64+1RPrvi1A11mtqbUxS4iTa6l45yth+IjbpexVwh\n" + "YJUKTfBnWzS1RNBPJwsn6wRuvIWZT/VdQ5q/lTCWvovKPKg/gnwrlqqErVXgdgyG\n" + "YGdChbh3R4jYgHlUASa/xo5Nes+X2DRy+2OzaHrDKdo2pxwqMtzQjogPVTBOG0r1\n" + "iCNaCF9hLjJakrxsaoLBlb90bJ1ZrlYtqNXwKZphbLvgVELsPCghrwhbV9wdP6Le\n" + "zMnPLeicTSDPiq2nkDUWlbDd5oOhrTORf8gWRuPJVJ+noEkAkQEZkGHRnt3ouio6\n" + "P0BTNfA6e2quOiZ+8YSvWwOlwO2I0z8vy1IPQYIApX3S0UCPSep33u3KdL28O68z\n" + "pNVz4Hd2IpWckRR5ahdK00I=\n" + "-----END CERTIFICATE-----\n"; -static gnutls_datum_t server_repro_key = - { (void *)server_key_repro_pem, sizeof(server_key_repro_pem) - 1 }; -static gnutls_datum_t server_repro_cert = - { (void *)server_cert_repro_pem, sizeof(server_cert_repro_pem) - 1 }; -static gnutls_datum_t client_repro_key = - { (void *)client_key_repro_pem, sizeof(client_key_repro_pem) - 1 }; -static gnutls_datum_t client_repro_cert = - { (void *)client_cert_repro_pem, sizeof(client_cert_repro_pem) - 1 }; +static gnutls_datum_t server_repro_key = { (void *)server_key_repro_pem, + sizeof(server_key_repro_pem) - 1 }; +static gnutls_datum_t server_repro_cert = { (void *)server_cert_repro_pem, + sizeof(server_cert_repro_pem) - 1 }; +static gnutls_datum_t client_repro_key = { (void *)client_key_repro_pem, + sizeof(client_key_repro_pem) - 1 }; +static gnutls_datum_t client_repro_cert = { (void *)client_cert_repro_pem, + sizeof(client_cert_repro_pem) - 1 }; -#endif /* GNUTLS_TESTS_CERT_REPRO_20170915_H */ +#endif /* GNUTLS_TESTS_CERT_REPRO_20170915_H */ diff --git a/tests/cert-status.c b/tests/cert-status.c index 20cb767297..e3f3f837b4 100644 --- a/tests/cert-status.c +++ b/tests/cert-status.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,20 +35,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "utils.h" -# include "cert-common.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "utils.h" +#include "cert-common.h" /* This program tests whether the GNUTLS_CERT_* flags * work as expected. @@ -56,7 +56,7 @@ int main(void) static void server_log_func(int level, const char *str) { -// fprintf (stderr, "server|<%d>| %s", level, str); + // fprintf (stderr, "server|<%d>| %s", level, str); } static void client_log_func(int level, const char *str) @@ -64,7 +64,7 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, const char *prio) { @@ -98,8 +98,7 @@ static void client(int fd, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { if (debug) { @@ -114,8 +113,8 @@ static void client(int fd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); close(fd); @@ -158,14 +157,12 @@ static void server(int fd, const char *prio, unsigned status, int expected) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret == expected) { if (debug) - success - ("server: Handshake finished as expected (%d)\n", - ret); + success("server: Handshake finished as expected (%d)\n", + ret); goto finish; } else { fail("expected %d, handshake returned %d\n", expected, ret); @@ -176,9 +173,9 @@ static void server(int fd, const char *prio, unsigned status, int expected) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); - finish: + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); +finish: close(fd); gnutls_deinit(session); @@ -257,4 +254,4 @@ void doit(void) start("NORMAL", GNUTLS_CERT_REQUIRE, GNUTLS_E_CERTIFICATE_REQUIRED); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/cert.c b/tests/cert.c index 199d87d907..0586a954ea 100644 --- a/tests/cert.c +++ b/tests/cert.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include "config.h" +#include "config.h" #endif #include @@ -39,7 +39,7 @@ #define CERT_DIR "certs-interesting" -static int getnextcert(DIR ** dirp, gnutls_datum_t * der, int *exp_ret) +static int getnextcert(DIR **dirp, gnutls_datum_t *der, int *exp_ret) { struct dirent *d; char path[256]; @@ -66,7 +66,7 @@ static int getnextcert(DIR ** dirp, gnutls_datum_t * der, int *exp_ret) #ifdef _DIRENT_HAVE_D_TYPE && d->d_type == DT_REG #endif - ) { + ) { if (strstr(d->d_name, ".der") == 0) continue; if (strstr(d->d_name, ".err") != 0) @@ -84,7 +84,7 @@ static int getnextcert(DIR ** dirp, gnutls_datum_t * der, int *exp_ret) d->d_name); success("Loading errfile %s\n", path); ret = gnutls_load_file(path, &local); - if (ret < 0) { /* not found assume success */ + if (ret < 0) { /* not found assume success */ *exp_ret = 0; } else { *exp_ret = atoi((char *)local.data); @@ -97,7 +97,7 @@ static int getnextcert(DIR ** dirp, gnutls_datum_t * der, int *exp_ret) } while (d != NULL); closedir(*dirp); - return -1; /* finished */ + return -1; /* finished */ } void doit(void) @@ -127,9 +127,8 @@ void doit(void) if (ret == 0) { /* attempt to fully decode */ gnutls_datum_t out; - ret = - gnutls_x509_crt_print(cert, GNUTLS_CRT_PRINT_FULL, - &out); + ret = gnutls_x509_crt_print(cert, GNUTLS_CRT_PRINT_FULL, + &out); if (ret < 0) { fail("print: %s\n", gnutls_strerror(ret)); } diff --git a/tests/cert_verify_inv_utf8.c b/tests/cert_verify_inv_utf8.c index 497a4096bf..adcaacd45f 100644 --- a/tests/cert_verify_inv_utf8.c +++ b/tests/cert_verify_inv_utf8.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,10 +30,10 @@ #include #include #if !defined(_WIN32) -# include -# include -# include -# include +#include +#include +#include +#include #endif #include #include @@ -54,7 +54,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "<%d>| %s", level, str); } -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1473674242; if (t) @@ -88,24 +88,22 @@ static void auto_parse(void) assert(gnutls_certificate_allocate_credentials(&clicred) >= 0); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); pcert_list_size = sizeof(pcert_list) / sizeof(pcert_list[0]); - ret = gnutls_pcert_list_import_x509_raw(pcert_list, &pcert_list_size, - &server_ca3_localhost_cert_chain, - GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_pcert_list_import_x509_raw( + pcert_list, &pcert_list_size, &server_ca3_localhost_cert_chain, + GNUTLS_X509_FMT_PEM, 0); if (ret < 0) { fail("error in gnutls_pcert_list_import_x509_raw: %s\n", gnutls_strerror(ret)); } - ret = - gnutls_privkey_import_x509_raw(key, &server_ca3_key, - GNUTLS_X509_FMT_PEM, NULL, 0); + ret = gnutls_privkey_import_x509_raw(key, &server_ca3_key, + GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) { fail("error in key import: %s\n", gnutls_strerror(ret)); } @@ -122,23 +120,22 @@ static void auto_parse(void) assert(gnutls_privkey_init(&second_key) >= 0); pcert_list_size = 2; - ret = gnutls_pcert_list_import_x509_raw(second_pcert, &pcert_list_size, - &server_ca3_localhost_inv_utf8_cert, - GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_pcert_list_import_x509_raw( + second_pcert, &pcert_list_size, + &server_ca3_localhost_inv_utf8_cert, GNUTLS_X509_FMT_PEM, 0); if (ret < 0) { fail("error in gnutls_pcert_list_import_x509_raw: %s\n", gnutls_strerror(ret)); } - ret = - gnutls_privkey_import_x509_raw(second_key, &server_ca3_key, - GNUTLS_X509_FMT_PEM, NULL, 0); + ret = gnutls_privkey_import_x509_raw(second_key, &server_ca3_key, + GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) { fail("error in key import: %s\n", gnutls_strerror(ret)); } - ret = gnutls_certificate_set_key(x509_cred, NULL, 0, second_pcert, - 1, second_key); + ret = gnutls_certificate_set_key(x509_cred, NULL, 0, second_pcert, 1, + second_key); if (ret < 0) { fail("error in gnutls_certificate_set_key: %s\n", gnutls_strerror(ret)); diff --git a/tests/certificate_set_x509_crl.c b/tests/certificate_set_x509_crl.c index 89c72acf67..cbceb0b9d0 100644 --- a/tests/certificate_set_x509_crl.c +++ b/tests/certificate_set_x509_crl.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -32,18 +32,19 @@ #include static char g_crl[] = - "-----BEGIN X509 CRL-----\n" - "MIIB9DCCAV8CAQEwCwYJKoZIhvcNAQEFMIIBCDEXMBUGA1UEChMOVmVyaVNpZ24s\n" - "IEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxRjBEBgNVBAsT\n" - "PXd3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9SUEEgSW5jb3JwLiBieSBSZWYu\n" - "LExJQUIuTFREKGMpOTgxHjAcBgNVBAsTFVBlcnNvbmEgTm90IFZhbGlkYXRlZDEm\n" - "MCQGA1UECxMdRGlnaXRhbCBJRCBDbGFzcyAxIC0gTmV0c2NhcGUxGDAWBgNVBAMU\n" - "D1NpbW9uIEpvc2Vmc3NvbjEiMCAGCSqGSIb3DQEJARYTc2ltb25Aam9zZWZzc29u\n" - "Lm9yZxcNMDYxMjI3MDgwMjM0WhcNMDcwMjA3MDgwMjM1WjAjMCECEC4QNwPfRoWd\n" - "elUNpllhhTgXDTA2MTIyNzA4MDIzNFowCwYJKoZIhvcNAQEFA4GBAD0zX+J2hkcc\n" - "Nbrq1Dn5IKL8nXLgPGcHv1I/le1MNo9t1ohGQxB5HnFUkRPAY82fR6Epor4aHgVy\n" - "b+5y+neKN9Kn2mPF4iiun+a4o26CjJ0pArojCL1p8T0yyi9Xxvyc/ezaZ98HiIyP\n" - "c3DGMNR+oUmSjKZ0jIhAYmeLxaPHfQwR\n" "-----END X509 CRL-----\n"; + "-----BEGIN X509 CRL-----\n" + "MIIB9DCCAV8CAQEwCwYJKoZIhvcNAQEFMIIBCDEXMBUGA1UEChMOVmVyaVNpZ24s\n" + "IEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxRjBEBgNVBAsT\n" + "PXd3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9SUEEgSW5jb3JwLiBieSBSZWYu\n" + "LExJQUIuTFREKGMpOTgxHjAcBgNVBAsTFVBlcnNvbmEgTm90IFZhbGlkYXRlZDEm\n" + "MCQGA1UECxMdRGlnaXRhbCBJRCBDbGFzcyAxIC0gTmV0c2NhcGUxGDAWBgNVBAMU\n" + "D1NpbW9uIEpvc2Vmc3NvbjEiMCAGCSqGSIb3DQEJARYTc2ltb25Aam9zZWZzc29u\n" + "Lm9yZxcNMDYxMjI3MDgwMjM0WhcNMDcwMjA3MDgwMjM1WjAjMCECEC4QNwPfRoWd\n" + "elUNpllhhTgXDTA2MTIyNzA4MDIzNFowCwYJKoZIhvcNAQEFA4GBAD0zX+J2hkcc\n" + "Nbrq1Dn5IKL8nXLgPGcHv1I/le1MNo9t1ohGQxB5HnFUkRPAY82fR6Epor4aHgVy\n" + "b+5y+neKN9Kn2mPF4iiun+a4o26CjJ0pArojCL1p8T0yyi9Xxvyc/ezaZ98HiIyP\n" + "c3DGMNR+oUmSjKZ0jIhAYmeLxaPHfQwR\n" + "-----END X509 CRL-----\n"; /* Test regression of bug reported by Max Kellermann in Message-ID: <20061211075202.GA1517@roonstrasse.net> to the @@ -53,7 +54,7 @@ int main(void) { int rc; gnutls_certificate_credentials_t crt; - gnutls_datum_t crldatum = { (uint8_t *) g_crl, strlen(g_crl) }; + gnutls_datum_t crldatum = { (uint8_t *)g_crl, strlen(g_crl) }; gnutls_x509_crl_t crl; rc = global_init(); @@ -64,9 +65,8 @@ int main(void) rc = gnutls_certificate_allocate_credentials(&crt); if (rc) { - printf - ("gnutls_certificate_allocate_credentials rc %d: %s\n", - rc, gnutls_strerror(rc)); + printf("gnutls_certificate_allocate_credentials rc %d: %s\n", + rc, gnutls_strerror(rc)); return 1; } @@ -93,8 +93,8 @@ int main(void) rc = gnutls_certificate_set_x509_crl(crt, &crl, 1); if (rc < 0) { - printf("gnutls_certificate_set_x509_crl rc %d: %s\n", - rc, gnutls_strerror(rc)); + printf("gnutls_certificate_set_x509_crl rc %d: %s\n", rc, + gnutls_strerror(rc)); return 1; } diff --git a/tests/certuniqueid.c b/tests/certuniqueid.c index 5351ab677e..c78e6b57f0 100644 --- a/tests/certuniqueid.c +++ b/tests/certuniqueid.c @@ -22,7 +22,7 @@ */ #ifdef HAVE_CONFIG_H -# include "config.h" +#include "config.h" #endif #include "gnutls/gnutls.h" @@ -34,150 +34,83 @@ void doit(void) int ret; unsigned char der[] = { 0x30, 0x82, 0x03, 0x00, 0x30, 0x82, 0x01, 0xec, 0xa0, 0x03, - 0x02, 0x01, - 0x02, 0x02, 0x10, 0xbd, - 0x76, 0xdf, 0x42, 0x47, 0x0a, 0x00, 0x8d, 0x47, 0x3e, 0x74, - 0x3f, 0xa1, - 0xdc, 0x8b, 0xbd, 0x30, - 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1d, 0x05, 0x00, - 0x30, 0x2d, - 0x31, 0x2b, 0x30, 0x29, - 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x22, 0x77, 0x00, 0x32, - 0x00, 0x6b, - 0x00, 0x38, 0x00, 0x72, - 0x00, 0x32, 0x00, 0x2e, 0x00, 0x6d, 0x00, 0x61, 0x00, 0x74, - 0x00, 0x77, - 0x00, 0x73, 0x00, 0x2e, + 0x02, 0x01, 0x02, 0x02, 0x10, 0xbd, 0x76, 0xdf, 0x42, 0x47, + 0x0a, 0x00, 0x8d, 0x47, 0x3e, 0x74, 0x3f, 0xa1, 0xdc, 0x8b, + 0xbd, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1d, + 0x05, 0x00, 0x30, 0x2d, 0x31, 0x2b, 0x30, 0x29, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x13, 0x22, 0x77, 0x00, 0x32, 0x00, 0x6b, + 0x00, 0x38, 0x00, 0x72, 0x00, 0x32, 0x00, 0x2e, 0x00, 0x6d, + 0x00, 0x61, 0x00, 0x74, 0x00, 0x77, 0x00, 0x73, 0x00, 0x2e, 0x00, 0x6e, 0x00, 0x65, 0x00, 0x74, 0x00, 0x00, 0x00, 0x30, - 0x1e, 0x17, - 0x0d, 0x31, 0x30, 0x30, - 0x34, 0x32, 0x38, 0x31, 0x31, 0x34, 0x31, 0x35, 0x34, 0x5a, - 0x17, 0x0d, - 0x31, 0x31, 0x30, 0x34, - 0x32, 0x38, 0x31, 0x31, 0x34, 0x31, 0x35, 0x34, 0x5a, 0x30, - 0x2d, 0x31, - 0x2b, 0x30, 0x29, 0x06, - 0x03, 0x55, 0x04, 0x03, 0x13, 0x22, 0x77, 0x00, 0x32, 0x00, - 0x6b, 0x00, - 0x38, 0x00, 0x72, 0x00, - 0x32, 0x00, 0x2e, 0x00, 0x6d, 0x00, 0x61, 0x00, 0x74, 0x00, - 0x77, 0x00, - 0x73, 0x00, 0x2e, 0x00, + 0x1e, 0x17, 0x0d, 0x31, 0x30, 0x30, 0x34, 0x32, 0x38, 0x31, + 0x31, 0x34, 0x31, 0x35, 0x34, 0x5a, 0x17, 0x0d, 0x31, 0x31, + 0x30, 0x34, 0x32, 0x38, 0x31, 0x31, 0x34, 0x31, 0x35, 0x34, + 0x5a, 0x30, 0x2d, 0x31, 0x2b, 0x30, 0x29, 0x06, 0x03, 0x55, + 0x04, 0x03, 0x13, 0x22, 0x77, 0x00, 0x32, 0x00, 0x6b, 0x00, + 0x38, 0x00, 0x72, 0x00, 0x32, 0x00, 0x2e, 0x00, 0x6d, 0x00, + 0x61, 0x00, 0x74, 0x00, 0x77, 0x00, 0x73, 0x00, 0x2e, 0x00, 0x6e, 0x00, 0x65, 0x00, 0x74, 0x00, 0x00, 0x00, 0x30, 0x82, - 0x01, 0x22, - 0x30, 0x0d, 0x06, 0x09, - 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, - 0x00, 0x03, - 0x82, 0x01, 0x0f, 0x00, - 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xaa, - 0xd7, 0x32, - 0x26, 0xd7, 0xfc, 0x69, - 0x57, 0x4a, 0x55, 0x08, 0x2b, 0x97, 0xc1, 0x5b, 0x90, 0xfd, - 0xe8, 0xf5, - 0xf7, 0x9e, 0x7d, 0x34, - 0xce, 0xe9, 0xbb, 0x38, 0xa0, 0x9f, 0xec, 0x84, 0x86, 0x3e, - 0x47, 0x2e, - 0x71, 0xd7, 0xc3, 0xbf, + 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, + 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, + 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, + 0x00, 0xaa, 0xd7, 0x32, 0x26, 0xd7, 0xfc, 0x69, 0x57, 0x4a, + 0x55, 0x08, 0x2b, 0x97, 0xc1, 0x5b, 0x90, 0xfd, 0xe8, 0xf5, + 0xf7, 0x9e, 0x7d, 0x34, 0xce, 0xe9, 0xbb, 0x38, 0xa0, 0x9f, + 0xec, 0x84, 0x86, 0x3e, 0x47, 0x2e, 0x71, 0xd7, 0xc3, 0xbf, 0x89, 0xf3, 0x80, 0xb5, 0x77, 0x80, 0xd3, 0xb0, 0x56, 0x6b, - 0x9c, 0xf4, - 0xd3, 0x42, 0x2b, 0x26, - 0x01, 0x5c, 0x42, 0xef, 0xf6, 0x51, 0x5a, 0xaa, 0x55, 0x6b, - 0x30, 0xd3, - 0x2c, 0xdc, 0xde, 0x36, - 0x4d, 0xdd, 0xf3, 0x5f, 0x59, 0xba, 0x57, 0xd8, 0x39, 0x0f, - 0x5b, 0xd3, - 0xe1, 0x34, 0x39, 0x22, - 0xaa, 0x71, 0x10, 0x59, 0x7a, 0xec, 0x9f, 0x1a, 0xf5, 0xa9, - 0x40, 0xd6, - 0x7b, 0x32, 0x5f, 0x19, - 0x85, 0xc0, 0xfd, 0xa6, 0x6c, 0x32, 0x58, 0xdc, 0x7c, 0x07, - 0x42, 0x36, - 0xd0, 0x57, 0x78, 0x63, + 0x9c, 0xf4, 0xd3, 0x42, 0x2b, 0x26, 0x01, 0x5c, 0x42, 0xef, + 0xf6, 0x51, 0x5a, 0xaa, 0x55, 0x6b, 0x30, 0xd3, 0x2c, 0xdc, + 0xde, 0x36, 0x4d, 0xdd, 0xf3, 0x5f, 0x59, 0xba, 0x57, 0xd8, + 0x39, 0x0f, 0x5b, 0xd3, 0xe1, 0x34, 0x39, 0x22, 0xaa, 0x71, + 0x10, 0x59, 0x7a, 0xec, 0x9f, 0x1a, 0xf5, 0xa9, 0x40, 0xd6, + 0x7b, 0x32, 0x5f, 0x19, 0x85, 0xc0, 0xfd, 0xa6, 0x6c, 0x32, + 0x58, 0xdc, 0x7c, 0x07, 0x42, 0x36, 0xd0, 0x57, 0x78, 0x63, 0x60, 0x92, 0x1d, 0x1f, 0x9d, 0xbd, 0xcc, 0xd7, 0xe3, 0x1a, - 0x57, 0xdb, - 0x70, 0x80, 0x89, 0x36, - 0x39, 0x01, 0x71, 0x5a, 0x2a, 0x05, 0x25, 0x13, 0x80, 0xf8, - 0x49, 0x48, - 0x5f, 0x06, 0xd0, 0xcb, - 0x2c, 0x58, 0x9a, 0xe7, 0x8b, 0x6d, 0x17, 0x2c, 0xb2, 0x97, - 0x2c, 0x15, - 0xc9, 0x73, 0x6d, 0x8f, - 0x4f, 0xf3, 0xf1, 0xb9, 0x70, 0x3f, 0xcb, 0x5f, 0x80, 0x85, - 0x8b, 0xdf, - 0xd2, 0x05, 0x95, 0x1c, - 0xe4, 0x37, 0xee, 0xd2, 0x62, 0x49, 0x08, 0xdf, 0xf6, 0x02, - 0xec, 0xe6, - 0x9a, 0x37, 0xfc, 0x21, + 0x57, 0xdb, 0x70, 0x80, 0x89, 0x36, 0x39, 0x01, 0x71, 0x5a, + 0x2a, 0x05, 0x25, 0x13, 0x80, 0xf8, 0x49, 0x48, 0x5f, 0x06, + 0xd0, 0xcb, 0x2c, 0x58, 0x9a, 0xe7, 0x8b, 0x6d, 0x17, 0x2c, + 0xb2, 0x97, 0x2c, 0x15, 0xc9, 0x73, 0x6d, 0x8f, 0x4f, 0xf3, + 0xf1, 0xb9, 0x70, 0x3f, 0xcb, 0x5f, 0x80, 0x85, 0x8b, 0xdf, + 0xd2, 0x05, 0x95, 0x1c, 0xe4, 0x37, 0xee, 0xd2, 0x62, 0x49, + 0x08, 0xdf, 0xf6, 0x02, 0xec, 0xe6, 0x9a, 0x37, 0xfc, 0x21, 0x7a, 0x98, 0x12, 0x1d, 0x79, 0xbf, 0xc7, 0x0f, 0x0a, 0x20, - 0xf8, 0xef, - 0xa5, 0xc6, 0x0e, 0x94, - 0x5e, 0x17, 0x94, 0x12, 0x42, 0xfe, 0xd7, 0x22, 0xbd, 0x31, - 0x27, 0xc7, - 0xdb, 0x4a, 0x4e, 0x95, - 0xe2, 0xc1, 0xdd, 0xe8, 0x0f, 0x7d, 0x1d, 0xe4, 0xfd, 0xb1, - 0x27, 0x7b, - 0xc1, 0x71, 0xfe, 0x27, - 0x47, 0x89, 0xf4, 0xfc, 0x84, 0xa5, 0x57, 0x5d, 0x21, 0x02, - 0x03, 0x01, - 0x00, 0x01, 0x81, 0x11, - 0x00, 0xbd, 0x8b, 0xdc, 0xa1, 0x3f, 0x74, 0x3e, 0x47, 0x8d, - 0x00, 0x0a, - 0x47, 0x42, 0xdf, 0x76, + 0xf8, 0xef, 0xa5, 0xc6, 0x0e, 0x94, 0x5e, 0x17, 0x94, 0x12, + 0x42, 0xfe, 0xd7, 0x22, 0xbd, 0x31, 0x27, 0xc7, 0xdb, 0x4a, + 0x4e, 0x95, 0xe2, 0xc1, 0xdd, 0xe8, 0x0f, 0x7d, 0x1d, 0xe4, + 0xfd, 0xb1, 0x27, 0x7b, 0xc1, 0x71, 0xfe, 0x27, 0x47, 0x89, + 0xf4, 0xfc, 0x84, 0xa5, 0x57, 0x5d, 0x21, 0x02, 0x03, 0x01, + 0x00, 0x01, 0x81, 0x11, 0x00, 0xbd, 0x8b, 0xdc, 0xa1, 0x3f, + 0x74, 0x3e, 0x47, 0x8d, 0x00, 0x0a, 0x47, 0x42, 0xdf, 0x76, 0xbd, 0x82, 0x11, 0x00, 0xbd, 0x8b, 0xdc, 0xa1, 0x3f, 0x74, - 0x3e, 0x47, - 0x8d, 0x00, 0x0a, 0x47, - 0x42, 0xdf, 0x76, 0xbd, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, - 0x03, 0x02, - 0x1d, 0x05, 0x00, 0x03, - 0x82, 0x01, 0x01, 0x00, 0xa7, 0xb0, 0x66, 0x75, 0x14, 0x7e, - 0x7d, 0xb5, - 0x31, 0xec, 0xb2, 0xeb, - 0x90, 0x80, 0x95, 0x25, 0x59, 0x0f, 0xe4, 0x15, 0x86, 0x2d, - 0x9d, 0xd7, - 0x35, 0xe9, 0x22, 0x74, - 0xe7, 0x85, 0x36, 0x19, 0x4f, 0x27, 0x5c, 0x17, 0x63, 0x7b, - 0x2a, 0xfe, - 0x59, 0xe9, 0x76, 0x77, + 0x3e, 0x47, 0x8d, 0x00, 0x0a, 0x47, 0x42, 0xdf, 0x76, 0xbd, + 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1d, 0x05, + 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0xa7, 0xb0, 0x66, 0x75, + 0x14, 0x7e, 0x7d, 0xb5, 0x31, 0xec, 0xb2, 0xeb, 0x90, 0x80, + 0x95, 0x25, 0x59, 0x0f, 0xe4, 0x15, 0x86, 0x2d, 0x9d, 0xd7, + 0x35, 0xe9, 0x22, 0x74, 0xe7, 0x85, 0x36, 0x19, 0x4f, 0x27, + 0x5c, 0x17, 0x63, 0x7b, 0x2a, 0xfe, 0x59, 0xe9, 0x76, 0x77, 0xd0, 0xc9, 0x40, 0x78, 0x7c, 0x31, 0x62, 0x1e, 0x87, 0x1b, - 0xc1, 0x19, - 0xef, 0x6f, 0x15, 0xe6, - 0xce, 0x74, 0x84, 0x6d, 0xd6, 0x3b, 0x57, 0xd9, 0xa9, 0x13, - 0xf6, 0x7d, - 0x84, 0xe7, 0x8f, 0xc6, - 0x01, 0x5f, 0xcf, 0xc4, 0x95, 0xc9, 0xde, 0x97, 0x17, 0x43, - 0x12, 0x70, - 0x27, 0xf9, 0xc4, 0xd7, - 0xe1, 0x05, 0xbb, 0x63, 0x87, 0x5f, 0xdc, 0x20, 0xbd, 0xd1, - 0xde, 0xd6, - 0x2d, 0x9f, 0x3f, 0x5d, - 0x0a, 0x27, 0x40, 0x11, 0x5f, 0x5d, 0x54, 0xa7, 0x28, 0xf9, - 0x03, 0x2e, - 0x84, 0x8d, 0x48, 0x60, + 0xc1, 0x19, 0xef, 0x6f, 0x15, 0xe6, 0xce, 0x74, 0x84, 0x6d, + 0xd6, 0x3b, 0x57, 0xd9, 0xa9, 0x13, 0xf6, 0x7d, 0x84, 0xe7, + 0x8f, 0xc6, 0x01, 0x5f, 0xcf, 0xc4, 0x95, 0xc9, 0xde, 0x97, + 0x17, 0x43, 0x12, 0x70, 0x27, 0xf9, 0xc4, 0xd7, 0xe1, 0x05, + 0xbb, 0x63, 0x87, 0x5f, 0xdc, 0x20, 0xbd, 0xd1, 0xde, 0xd6, + 0x2d, 0x9f, 0x3f, 0x5d, 0x0a, 0x27, 0x40, 0x11, 0x5f, 0x5d, + 0x54, 0xa7, 0x28, 0xf9, 0x03, 0x2e, 0x84, 0x8d, 0x48, 0x60, 0xa1, 0x71, 0xa3, 0x46, 0x69, 0xdb, 0x88, 0x7b, 0xc1, 0xb6, - 0x08, 0x2d, - 0xdf, 0x25, 0x9d, 0x32, - 0x76, 0x49, 0x0b, 0xba, 0xab, 0xdd, 0xc3, 0x00, 0x76, 0x8a, - 0x94, 0xd2, - 0x25, 0x43, 0xf0, 0xa9, - 0x98, 0x65, 0x94, 0xc7, 0xdd, 0x7c, 0xd4, 0xe2, 0xe8, 0x33, - 0xe2, 0x9a, - 0xe9, 0x75, 0xf0, 0x0f, - 0x61, 0x86, 0xee, 0x0e, 0xf7, 0x39, 0x6b, 0x30, 0x63, 0xe5, - 0x46, 0xd4, - 0x1c, 0x83, 0xa1, 0x28, - 0x79, 0x76, 0x81, 0x48, 0x38, 0x72, 0xbc, 0x3f, 0x25, 0x53, - 0x31, 0xaa, - 0x02, 0xd1, 0x9b, 0x03, + 0x08, 0x2d, 0xdf, 0x25, 0x9d, 0x32, 0x76, 0x49, 0x0b, 0xba, + 0xab, 0xdd, 0xc3, 0x00, 0x76, 0x8a, 0x94, 0xd2, 0x25, 0x43, + 0xf0, 0xa9, 0x98, 0x65, 0x94, 0xc7, 0xdd, 0x7c, 0xd4, 0xe2, + 0xe8, 0x33, 0xe2, 0x9a, 0xe9, 0x75, 0xf0, 0x0f, 0x61, 0x86, + 0xee, 0x0e, 0xf7, 0x39, 0x6b, 0x30, 0x63, 0xe5, 0x46, 0xd4, + 0x1c, 0x83, 0xa1, 0x28, 0x79, 0x76, 0x81, 0x48, 0x38, 0x72, + 0xbc, 0x3f, 0x25, 0x53, 0x31, 0xaa, 0x02, 0xd1, 0x9b, 0x03, 0xa2, 0x5c, 0x94, 0x21, 0xb3, 0x8e, 0xdf, 0x2a, 0xa5, 0x4c, - 0x65, 0xa2, - 0xf9, 0xac, 0x38, 0x7a, - 0xf9, 0x45, 0xb3, 0xd5, 0xda, 0xe5, 0xb9, 0x56, 0x9e, 0x47, - 0xd5, 0x06, - 0xe6, 0xca, 0xd7, 0x6e, - 0x06, 0xdb, 0x6e, 0xa7, 0x7b, 0x4b, 0x13, 0x40, 0x3c, 0x12, - 0x76, 0x99, - 0x65, 0xb4, 0x54, 0xa1, - 0xd8, 0x21, 0x5c, 0x27 + 0x65, 0xa2, 0xf9, 0xac, 0x38, 0x7a, 0xf9, 0x45, 0xb3, 0xd5, + 0xda, 0xe5, 0xb9, 0x56, 0x9e, 0x47, 0xd5, 0x06, 0xe6, 0xca, + 0xd7, 0x6e, 0x06, 0xdb, 0x6e, 0xa7, 0x7b, 0x4b, 0x13, 0x40, + 0x3c, 0x12, 0x76, 0x99, 0x65, 0xb4, 0x54, 0xa1, 0xd8, 0x21, + 0x5c, 0x27 }; gnutls_datum_t derCert = { der, sizeof(der) }; @@ -185,11 +118,9 @@ void doit(void) gnutls_x509_crt_t cert; int result; - unsigned char expectedId[] = - { 0xbd, 0x8b, 0xdc, 0xa1, 0x3f, 0x74, 0x3e, 0x47, 0x8d, 0x00, - 0x0a, 0x47, - 0x42, 0xdf, 0x76, 0xbd - }; + unsigned char expectedId[] = { 0xbd, 0x8b, 0xdc, 0xa1, 0x3f, 0x74, + 0x3e, 0x47, 0x8d, 0x00, 0x0a, 0x47, + 0x42, 0xdf, 0x76, 0xbd }; char buf[17]; size_t buf_size; diff --git a/tests/chainverify-unsorted.c b/tests/chainverify-unsorted.c index 52291393d8..3b2c5b83c3 100644 --- a/tests/chainverify-unsorted.c +++ b/tests/chainverify-unsorted.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -44,546 +44,554 @@ static void tls_log_func(int level, const char *str) } const char ca_str[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n" - "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" - "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n" - "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n" - "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n" - "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" - "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n" - "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n" - "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n" - "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n" - "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n" - "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n" - "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n" + "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" + "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n" + "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n" + "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n" + "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" + "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n" + "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n" + "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n" + "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n" + "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n" + "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t ca = { (void *)ca_str, sizeof(ca_str) }; /* Chain1 is sorted */ static const char chain1[] = { /* chain[0] */ "-----BEGIN CERTIFICATE-----\n" - "MIIGCDCCBPCgAwIBAgIQakrDGzEQ5utI8PxRo5oXHzANBgkqhkiG9w0BAQUFADCB\n" - "vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" - "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" - "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMv\n" - "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0Ew\n" - "HhcNMDcwNTA5MDAwMDAwWhcNMDkwNTA4MjM1OTU5WjCCAUAxEDAOBgNVBAUTBzI0\n" - "OTc4ODYxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVs\n" - "YXdhcmUxCzAJBgNVBAYTAlVTMQ4wDAYDVQQRFAU5NDA0MzETMBEGA1UECBMKQ2Fs\n" - "aWZvcm5pYTEWMBQGA1UEBxQNTW91bnRhaW4gVmlldzEiMCAGA1UECRQZNDg3IEVh\n" - "c3QgTWlkZGxlZmllbGQgUm9hZDEXMBUGA1UEChQOVmVyaVNpZ24sIEluYy4xJTAj\n" - "BgNVBAsUHFByb2R1Y3Rpb24gU2VjdXJpdHkgU2VydmljZXMxMzAxBgNVBAsUKlRl\n" - "cm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjEZMBcGA1UE\n" - "AxQQd3d3LnZlcmlzaWduLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n" - "xxA35ev879drgQCpENGRQ3ARaCPz/WneT9dtMe3qGNvzXQJs6cjm1Bx8XegyW1gB\n" - "jJX5Zl4WWbr9wpAWZ1YyJ0bEyShIGmkU8fPfbcXYwSyWoWwvE5NRaUB2ztmfAVdv\n" - "OaGMUKxny2Dnj3tAdaQ+FOeRDJJYg6K1hzczq/otOfsCAwEAAaOCAf8wggH7MAkG\n" - "A1UdEwQCMAAwHQYDVR0OBBYEFPFaiZNVR0u6UfVO4MsWVfTXzDhnMAsGA1UdDwQE\n" - "AwIFoDA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vRVZJbnRsLWNybC52ZXJpc2ln\n" - "bi5jb20vRVZJbnRsMjAwNi5jcmwwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXBjAq\n" - "MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDQGA1Ud\n" - "JQQtMCsGCCsGAQUFBwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBBgorBgEEAYI3CgMD\n" - "MB8GA1UdIwQYMBaAFE5DyB127zdTek/yWG+U8zji1b3fMHYGCCsGAQUFBwEBBGow\n" - "aDArBggrBgEFBQcwAYYfaHR0cDovL0VWSW50bC1vY3NwLnZlcmlzaWduLmNvbTA5\n" - "BggrBgEFBQcwAoYtaHR0cDovL0VWSW50bC1haWEudmVyaXNpZ24uY29tL0VWSW50\n" - "bDIwMDYuY2VyMG0GCCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAh\n" - "MB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dv\n" - "LnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMA0GCSqGSIb3DQEBBQUAA4IBAQBEueAg\n" - "xZJrjGPKAZk1NT8VtTn0yi87i9XUnSOnkFkAuI3THDd+cWbNSUzc5uFJg42GhMK7\n" - "S1Rojm8FHxESovLvimH/w111BKF9wNU2XSOb9KohfYq3GRiQG8O7v9JwIjjLepkc\n" - "iyITx7sYiJ+kwZlrNBwN6TwVHrONg6NzyzSnxCg+XgKRbJu2PqEQb6uQVkYhb+Oq\n" - "Vi9d4by9YqpnuXImSffQ0OZ/6s3Rl6vY08zIPqa6OVfjGs/H45ETblzezcUKpX0L\n" - "cqnOwUB9dVuPhtlX3X/hgz/ROxz96NBwwzha58HUgfEfkVtm+piI6TTI7XxS/7Av\n" - "nKMfhbyFQYPQ6J9g\n" "-----END CERTIFICATE-----\n" - /* chain[1] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIGCjCCBPKgAwIBAgIQESoAbTflEG/WynzD77rMGDANBgkqhkiG9w0BAQUFADCB\n" - "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" - "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n" - "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n" - "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n" - "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBvjEL\n" - "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n" - "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n" - "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMvVmVy\n" - "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0EwggEi\n" - "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Voi6iDRkZM/NyrDu5xlzxXLZ\n" - "u0W8taj/g74cA9vtibcuEBolvFXKQaGfC88ZXnC5XjlLnjEcX4euKqqoK6IbOxAj\n" - "XxOx3QiMThTag4HjtYzjaO0kZ85Wtqybc5ZE24qMs9bwcZOO23FUSutzWWqPcFEs\n" - "A5+X0cwRerxiDZUqyRx1V+n1x+q6hDXLx4VafuRN4RGXfQ4gNEXb8aIJ6+s9nriW\n" - "Q140SwglHkMaotm3igE0PcP45a9PjP/NZfAjTsWXs1zakByChQ0GDcEitnsopAPD\n" - "TFPRWLxyvAg5/KB2qKjpS26IPeOzMSWMcylIDjJ5Bu09Q/T25On8fb6OCNUfAgMB\n" - "AAGjggH0MIIB8DAdBgNVHQ4EFgQUTkPIHXbvN1N6T/JYb5TzOOLVvd8wEgYDVR0T\n" - "AQH/BAgwBgEB/wIBADA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" - "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczA9BgNVHR8ENjA0MDKgMKAuhixo\n" - "dHRwOi8vRVZTZWN1cmUtY3JsLnZlcmlzaWduLmNvbS9wY2EzLWc1LmNybDAgBgNV\n" - "HSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDgYDVR0PAQH/BAQDAgEGMBEG\n" - "CWCGSAGG+EIBAQQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFn\n" - "ZS9naWYwITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRw\n" - "Oi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjApBgNVHREEIjAgpB4wHDEa\n" - "MBgGA1UEAxMRQ2xhc3MzQ0EyMDQ4LTEtNDgwPQYIKwYBBQUHAQEEMTAvMC0GCCsG\n" - "AQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5jb20wHwYDVR0j\n" - "BBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJKoZIhvcNAQEFBQADggEBAFqi\n" - "sb/rjdQ4qIBywtw4Lqyncfkro7tHu21pbxA2mIzHVi67vKtKm3rW8oKT4BT+is6D\n" - "t4Pbk4errGV5Sf1XqbHOCR+6EBXECQ5i4/kKJdVkmPDyqA92Mn6R5hjuvOfa0E6N\n" - "eLvincBZK8DOlQ0kDHLKNF5wIokrSrDxaIfz7kSNKEB3OW5IckUxXWs5DoYC6maZ\n" - "kzEP32fepp+MnUzOcW86Ifa5ND/5btia9z7a84Ffelxtj3z2mXS3/+QXXe1hXqtI\n" - "u5aNZkU5tBIK9nDpnHYiS2DpKhs0Sfei1GfAsSatE7rZhAHBq+GObXAWO3eskZq7\n" - "Gh/aWKfkT8Fhrryi/ks=\n" "-----END CERTIFICATE-----\n" - /* chain[2] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIE/zCCBGigAwIBAgIQY5Jrio9Agv2swDvTeCmmwDANBgkqhkiG9w0BAQUFADBf\n" - "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" - "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" - "HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx\n" - "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n" - "dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv\n" - "ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz\n" - "IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi\n" - "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8\n" - "RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb\n" - "ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR\n" - "TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/\n" - "Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH\n" - "iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB\n" - "AAGjggHKMIIBxjAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0\n" - "dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjBt\n" - "BggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFnZS9naWYwITAfMAcGBSsOAwIa\n" - "BBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRwOi8vbG9nby52ZXJpc2lnbi5j\n" - "b20vdnNsb2dvLmdpZjA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" - "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7Lvw\n" - "MAnzQzn6Aq8zMTMwgYAGA1UdIwR5MHehY6RhMF8xCzAJBgNVBAYTAlVTMRcwFQYD\n" - "VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp\n" - "bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIQcLrkHRDZKTS2OMp7A8y6vzAg\n" - "BgNVHSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDQYJKoZIhvcNAQEFBQAD\n" - "gYEAUNfnArcMK6xK11/59ADJdeNqKOck4skH3qw6WCAYQxfrcn4eobTInOn5G3Gu\n" - "39g6DapSHmBex2UtZSxvKnJVlWYQgE4P4wGoXdzV69YdCNssXNVVc59DYhDH05dZ\n" - "P4sJH99fucYDkJjUgRUYw35ww0OFwKgUp3CxiizbXxCqEQc=\n" - "-----END CERTIFICATE-----\n" - /* chain[3] (CA) */ + "MIIGCDCCBPCgAwIBAgIQakrDGzEQ5utI8PxRo5oXHzANBgkqhkiG9w0BAQUFADCB\n" + "vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" + "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" + "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMv\n" + "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0Ew\n" + "HhcNMDcwNTA5MDAwMDAwWhcNMDkwNTA4MjM1OTU5WjCCAUAxEDAOBgNVBAUTBzI0\n" + "OTc4ODYxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVs\n" + "YXdhcmUxCzAJBgNVBAYTAlVTMQ4wDAYDVQQRFAU5NDA0MzETMBEGA1UECBMKQ2Fs\n" + "aWZvcm5pYTEWMBQGA1UEBxQNTW91bnRhaW4gVmlldzEiMCAGA1UECRQZNDg3IEVh\n" + "c3QgTWlkZGxlZmllbGQgUm9hZDEXMBUGA1UEChQOVmVyaVNpZ24sIEluYy4xJTAj\n" + "BgNVBAsUHFByb2R1Y3Rpb24gU2VjdXJpdHkgU2VydmljZXMxMzAxBgNVBAsUKlRl\n" + "cm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjEZMBcGA1UE\n" + "AxQQd3d3LnZlcmlzaWduLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n" + "xxA35ev879drgQCpENGRQ3ARaCPz/WneT9dtMe3qGNvzXQJs6cjm1Bx8XegyW1gB\n" + "jJX5Zl4WWbr9wpAWZ1YyJ0bEyShIGmkU8fPfbcXYwSyWoWwvE5NRaUB2ztmfAVdv\n" + "OaGMUKxny2Dnj3tAdaQ+FOeRDJJYg6K1hzczq/otOfsCAwEAAaOCAf8wggH7MAkG\n" + "A1UdEwQCMAAwHQYDVR0OBBYEFPFaiZNVR0u6UfVO4MsWVfTXzDhnMAsGA1UdDwQE\n" + "AwIFoDA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vRVZJbnRsLWNybC52ZXJpc2ln\n" + "bi5jb20vRVZJbnRsMjAwNi5jcmwwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXBjAq\n" + "MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDQGA1Ud\n" + "JQQtMCsGCCsGAQUFBwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBBgorBgEEAYI3CgMD\n" + "MB8GA1UdIwQYMBaAFE5DyB127zdTek/yWG+U8zji1b3fMHYGCCsGAQUFBwEBBGow\n" + "aDArBggrBgEFBQcwAYYfaHR0cDovL0VWSW50bC1vY3NwLnZlcmlzaWduLmNvbTA5\n" + "BggrBgEFBQcwAoYtaHR0cDovL0VWSW50bC1haWEudmVyaXNpZ24uY29tL0VWSW50\n" + "bDIwMDYuY2VyMG0GCCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAh\n" + "MB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dv\n" + "LnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMA0GCSqGSIb3DQEBBQUAA4IBAQBEueAg\n" + "xZJrjGPKAZk1NT8VtTn0yi87i9XUnSOnkFkAuI3THDd+cWbNSUzc5uFJg42GhMK7\n" + "S1Rojm8FHxESovLvimH/w111BKF9wNU2XSOb9KohfYq3GRiQG8O7v9JwIjjLepkc\n" + "iyITx7sYiJ+kwZlrNBwN6TwVHrONg6NzyzSnxCg+XgKRbJu2PqEQb6uQVkYhb+Oq\n" + "Vi9d4by9YqpnuXImSffQ0OZ/6s3Rl6vY08zIPqa6OVfjGs/H45ETblzezcUKpX0L\n" + "cqnOwUB9dVuPhtlX3X/hgz/ROxz96NBwwzha58HUgfEfkVtm+piI6TTI7XxS/7Av\n" + "nKMfhbyFQYPQ6J9g\n" + "-----END CERTIFICATE-----\n" + /* chain[1] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIGCjCCBPKgAwIBAgIQESoAbTflEG/WynzD77rMGDANBgkqhkiG9w0BAQUFADCB\n" + "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" + "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n" + "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n" + "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n" + "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBvjEL\n" + "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n" + "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n" + "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMvVmVy\n" + "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0EwggEi\n" + "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Voi6iDRkZM/NyrDu5xlzxXLZ\n" + "u0W8taj/g74cA9vtibcuEBolvFXKQaGfC88ZXnC5XjlLnjEcX4euKqqoK6IbOxAj\n" + "XxOx3QiMThTag4HjtYzjaO0kZ85Wtqybc5ZE24qMs9bwcZOO23FUSutzWWqPcFEs\n" + "A5+X0cwRerxiDZUqyRx1V+n1x+q6hDXLx4VafuRN4RGXfQ4gNEXb8aIJ6+s9nriW\n" + "Q140SwglHkMaotm3igE0PcP45a9PjP/NZfAjTsWXs1zakByChQ0GDcEitnsopAPD\n" + "TFPRWLxyvAg5/KB2qKjpS26IPeOzMSWMcylIDjJ5Bu09Q/T25On8fb6OCNUfAgMB\n" + "AAGjggH0MIIB8DAdBgNVHQ4EFgQUTkPIHXbvN1N6T/JYb5TzOOLVvd8wEgYDVR0T\n" + "AQH/BAgwBgEB/wIBADA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" + "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczA9BgNVHR8ENjA0MDKgMKAuhixo\n" + "dHRwOi8vRVZTZWN1cmUtY3JsLnZlcmlzaWduLmNvbS9wY2EzLWc1LmNybDAgBgNV\n" + "HSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDgYDVR0PAQH/BAQDAgEGMBEG\n" + "CWCGSAGG+EIBAQQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFn\n" + "ZS9naWYwITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRw\n" + "Oi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjApBgNVHREEIjAgpB4wHDEa\n" + "MBgGA1UEAxMRQ2xhc3MzQ0EyMDQ4LTEtNDgwPQYIKwYBBQUHAQEEMTAvMC0GCCsG\n" + "AQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5jb20wHwYDVR0j\n" + "BBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJKoZIhvcNAQEFBQADggEBAFqi\n" + "sb/rjdQ4qIBywtw4Lqyncfkro7tHu21pbxA2mIzHVi67vKtKm3rW8oKT4BT+is6D\n" + "t4Pbk4errGV5Sf1XqbHOCR+6EBXECQ5i4/kKJdVkmPDyqA92Mn6R5hjuvOfa0E6N\n" + "eLvincBZK8DOlQ0kDHLKNF5wIokrSrDxaIfz7kSNKEB3OW5IckUxXWs5DoYC6maZ\n" + "kzEP32fepp+MnUzOcW86Ifa5ND/5btia9z7a84Ffelxtj3z2mXS3/+QXXe1hXqtI\n" + "u5aNZkU5tBIK9nDpnHYiS2DpKhs0Sfei1GfAsSatE7rZhAHBq+GObXAWO3eskZq7\n" + "Gh/aWKfkT8Fhrryi/ks=\n" + "-----END CERTIFICATE-----\n" + /* chain[2] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIE/zCCBGigAwIBAgIQY5Jrio9Agv2swDvTeCmmwDANBgkqhkiG9w0BAQUFADBf\n" + "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" + "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" + "HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx\n" + "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n" + "dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv\n" + "ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz\n" + "IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi\n" + "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8\n" + "RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb\n" + "ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR\n" + "TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/\n" + "Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH\n" + "iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB\n" + "AAGjggHKMIIBxjAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0\n" + "dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjBt\n" + "BggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFnZS9naWYwITAfMAcGBSsOAwIa\n" + "BBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRwOi8vbG9nby52ZXJpc2lnbi5j\n" + "b20vdnNsb2dvLmdpZjA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" + "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7Lvw\n" + "MAnzQzn6Aq8zMTMwgYAGA1UdIwR5MHehY6RhMF8xCzAJBgNVBAYTAlVTMRcwFQYD\n" + "VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp\n" + "bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIQcLrkHRDZKTS2OMp7A8y6vzAg\n" + "BgNVHSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDQYJKoZIhvcNAQEFBQAD\n" + "gYEAUNfnArcMK6xK11/59ADJdeNqKOck4skH3qw6WCAYQxfrcn4eobTInOn5G3Gu\n" + "39g6DapSHmBex2UtZSxvKnJVlWYQgE4P4wGoXdzV69YdCNssXNVVc59DYhDH05dZ\n" + "P4sJH99fucYDkJjUgRUYw35ww0OFwKgUp3CxiizbXxCqEQc=\n" + "-----END CERTIFICATE-----\n" + /* chain[3] (CA) */ "-----BEGIN CERTIFICATE-----\n" - "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n" - "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" - "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n" - "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n" - "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n" - "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" - "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n" - "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n" - "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n" - "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n" - "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n" - "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n" - "-----END CERTIFICATE-----\n" + "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n" + "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" + "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n" + "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n" + "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n" + "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" + "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n" + "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n" + "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n" + "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n" + "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n" + "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n" + "-----END CERTIFICATE-----\n" }; /* Chain2 is unsorted - reverse order */ static const char chain2[] = { /* chain[0] */ "-----BEGIN CERTIFICATE-----\n" - "MIIGCDCCBPCgAwIBAgIQakrDGzEQ5utI8PxRo5oXHzANBgkqhkiG9w0BAQUFADCB\n" - "vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" - "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" - "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMv\n" - "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0Ew\n" - "HhcNMDcwNTA5MDAwMDAwWhcNMDkwNTA4MjM1OTU5WjCCAUAxEDAOBgNVBAUTBzI0\n" - "OTc4ODYxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVs\n" - "YXdhcmUxCzAJBgNVBAYTAlVTMQ4wDAYDVQQRFAU5NDA0MzETMBEGA1UECBMKQ2Fs\n" - "aWZvcm5pYTEWMBQGA1UEBxQNTW91bnRhaW4gVmlldzEiMCAGA1UECRQZNDg3IEVh\n" - "c3QgTWlkZGxlZmllbGQgUm9hZDEXMBUGA1UEChQOVmVyaVNpZ24sIEluYy4xJTAj\n" - "BgNVBAsUHFByb2R1Y3Rpb24gU2VjdXJpdHkgU2VydmljZXMxMzAxBgNVBAsUKlRl\n" - "cm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjEZMBcGA1UE\n" - "AxQQd3d3LnZlcmlzaWduLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n" - "xxA35ev879drgQCpENGRQ3ARaCPz/WneT9dtMe3qGNvzXQJs6cjm1Bx8XegyW1gB\n" - "jJX5Zl4WWbr9wpAWZ1YyJ0bEyShIGmkU8fPfbcXYwSyWoWwvE5NRaUB2ztmfAVdv\n" - "OaGMUKxny2Dnj3tAdaQ+FOeRDJJYg6K1hzczq/otOfsCAwEAAaOCAf8wggH7MAkG\n" - "A1UdEwQCMAAwHQYDVR0OBBYEFPFaiZNVR0u6UfVO4MsWVfTXzDhnMAsGA1UdDwQE\n" - "AwIFoDA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vRVZJbnRsLWNybC52ZXJpc2ln\n" - "bi5jb20vRVZJbnRsMjAwNi5jcmwwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXBjAq\n" - "MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDQGA1Ud\n" - "JQQtMCsGCCsGAQUFBwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBBgorBgEEAYI3CgMD\n" - "MB8GA1UdIwQYMBaAFE5DyB127zdTek/yWG+U8zji1b3fMHYGCCsGAQUFBwEBBGow\n" - "aDArBggrBgEFBQcwAYYfaHR0cDovL0VWSW50bC1vY3NwLnZlcmlzaWduLmNvbTA5\n" - "BggrBgEFBQcwAoYtaHR0cDovL0VWSW50bC1haWEudmVyaXNpZ24uY29tL0VWSW50\n" - "bDIwMDYuY2VyMG0GCCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAh\n" - "MB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dv\n" - "LnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMA0GCSqGSIb3DQEBBQUAA4IBAQBEueAg\n" - "xZJrjGPKAZk1NT8VtTn0yi87i9XUnSOnkFkAuI3THDd+cWbNSUzc5uFJg42GhMK7\n" - "S1Rojm8FHxESovLvimH/w111BKF9wNU2XSOb9KohfYq3GRiQG8O7v9JwIjjLepkc\n" - "iyITx7sYiJ+kwZlrNBwN6TwVHrONg6NzyzSnxCg+XgKRbJu2PqEQb6uQVkYhb+Oq\n" - "Vi9d4by9YqpnuXImSffQ0OZ/6s3Rl6vY08zIPqa6OVfjGs/H45ETblzezcUKpX0L\n" - "cqnOwUB9dVuPhtlX3X/hgz/ROxz96NBwwzha58HUgfEfkVtm+piI6TTI7XxS/7Av\n" - "nKMfhbyFQYPQ6J9g\n" "-----END CERTIFICATE-----\n" - /* chain[3] (CA) */ - "-----BEGIN CERTIFICATE-----\n" - "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n" - "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" - "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n" - "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n" - "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n" - "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" - "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n" - "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n" - "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n" - "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n" - "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n" - "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n" - "-----END CERTIFICATE-----\n" - /* chain[2] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIE/zCCBGigAwIBAgIQY5Jrio9Agv2swDvTeCmmwDANBgkqhkiG9w0BAQUFADBf\n" - "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" - "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" - "HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx\n" - "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n" - "dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv\n" - "ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz\n" - "IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi\n" - "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8\n" - "RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb\n" - "ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR\n" - "TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/\n" - "Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH\n" - "iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB\n" - "AAGjggHKMIIBxjAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0\n" - "dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjBt\n" - "BggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFnZS9naWYwITAfMAcGBSsOAwIa\n" - "BBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRwOi8vbG9nby52ZXJpc2lnbi5j\n" - "b20vdnNsb2dvLmdpZjA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" - "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7Lvw\n" - "MAnzQzn6Aq8zMTMwgYAGA1UdIwR5MHehY6RhMF8xCzAJBgNVBAYTAlVTMRcwFQYD\n" - "VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp\n" - "bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIQcLrkHRDZKTS2OMp7A8y6vzAg\n" - "BgNVHSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDQYJKoZIhvcNAQEFBQAD\n" - "gYEAUNfnArcMK6xK11/59ADJdeNqKOck4skH3qw6WCAYQxfrcn4eobTInOn5G3Gu\n" - "39g6DapSHmBex2UtZSxvKnJVlWYQgE4P4wGoXdzV69YdCNssXNVVc59DYhDH05dZ\n" - "P4sJH99fucYDkJjUgRUYw35ww0OFwKgUp3CxiizbXxCqEQc=\n" - "-----END CERTIFICATE-----\n" - /* chain[1] */ + "MIIGCDCCBPCgAwIBAgIQakrDGzEQ5utI8PxRo5oXHzANBgkqhkiG9w0BAQUFADCB\n" + "vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" + "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" + "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMv\n" + "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0Ew\n" + "HhcNMDcwNTA5MDAwMDAwWhcNMDkwNTA4MjM1OTU5WjCCAUAxEDAOBgNVBAUTBzI0\n" + "OTc4ODYxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVs\n" + "YXdhcmUxCzAJBgNVBAYTAlVTMQ4wDAYDVQQRFAU5NDA0MzETMBEGA1UECBMKQ2Fs\n" + "aWZvcm5pYTEWMBQGA1UEBxQNTW91bnRhaW4gVmlldzEiMCAGA1UECRQZNDg3IEVh\n" + "c3QgTWlkZGxlZmllbGQgUm9hZDEXMBUGA1UEChQOVmVyaVNpZ24sIEluYy4xJTAj\n" + "BgNVBAsUHFByb2R1Y3Rpb24gU2VjdXJpdHkgU2VydmljZXMxMzAxBgNVBAsUKlRl\n" + "cm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjEZMBcGA1UE\n" + "AxQQd3d3LnZlcmlzaWduLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n" + "xxA35ev879drgQCpENGRQ3ARaCPz/WneT9dtMe3qGNvzXQJs6cjm1Bx8XegyW1gB\n" + "jJX5Zl4WWbr9wpAWZ1YyJ0bEyShIGmkU8fPfbcXYwSyWoWwvE5NRaUB2ztmfAVdv\n" + "OaGMUKxny2Dnj3tAdaQ+FOeRDJJYg6K1hzczq/otOfsCAwEAAaOCAf8wggH7MAkG\n" + "A1UdEwQCMAAwHQYDVR0OBBYEFPFaiZNVR0u6UfVO4MsWVfTXzDhnMAsGA1UdDwQE\n" + "AwIFoDA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vRVZJbnRsLWNybC52ZXJpc2ln\n" + "bi5jb20vRVZJbnRsMjAwNi5jcmwwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXBjAq\n" + "MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDQGA1Ud\n" + "JQQtMCsGCCsGAQUFBwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBBgorBgEEAYI3CgMD\n" + "MB8GA1UdIwQYMBaAFE5DyB127zdTek/yWG+U8zji1b3fMHYGCCsGAQUFBwEBBGow\n" + "aDArBggrBgEFBQcwAYYfaHR0cDovL0VWSW50bC1vY3NwLnZlcmlzaWduLmNvbTA5\n" + "BggrBgEFBQcwAoYtaHR0cDovL0VWSW50bC1haWEudmVyaXNpZ24uY29tL0VWSW50\n" + "bDIwMDYuY2VyMG0GCCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAh\n" + "MB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dv\n" + "LnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMA0GCSqGSIb3DQEBBQUAA4IBAQBEueAg\n" + "xZJrjGPKAZk1NT8VtTn0yi87i9XUnSOnkFkAuI3THDd+cWbNSUzc5uFJg42GhMK7\n" + "S1Rojm8FHxESovLvimH/w111BKF9wNU2XSOb9KohfYq3GRiQG8O7v9JwIjjLepkc\n" + "iyITx7sYiJ+kwZlrNBwN6TwVHrONg6NzyzSnxCg+XgKRbJu2PqEQb6uQVkYhb+Oq\n" + "Vi9d4by9YqpnuXImSffQ0OZ/6s3Rl6vY08zIPqa6OVfjGs/H45ETblzezcUKpX0L\n" + "cqnOwUB9dVuPhtlX3X/hgz/ROxz96NBwwzha58HUgfEfkVtm+piI6TTI7XxS/7Av\n" + "nKMfhbyFQYPQ6J9g\n" + "-----END CERTIFICATE-----\n" + /* chain[3] (CA) */ "-----BEGIN CERTIFICATE-----\n" - "MIIGCjCCBPKgAwIBAgIQESoAbTflEG/WynzD77rMGDANBgkqhkiG9w0BAQUFADCB\n" - "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" - "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n" - "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n" - "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n" - "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBvjEL\n" - "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n" - "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n" - "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMvVmVy\n" - "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0EwggEi\n" - "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Voi6iDRkZM/NyrDu5xlzxXLZ\n" - "u0W8taj/g74cA9vtibcuEBolvFXKQaGfC88ZXnC5XjlLnjEcX4euKqqoK6IbOxAj\n" - "XxOx3QiMThTag4HjtYzjaO0kZ85Wtqybc5ZE24qMs9bwcZOO23FUSutzWWqPcFEs\n" - "A5+X0cwRerxiDZUqyRx1V+n1x+q6hDXLx4VafuRN4RGXfQ4gNEXb8aIJ6+s9nriW\n" - "Q140SwglHkMaotm3igE0PcP45a9PjP/NZfAjTsWXs1zakByChQ0GDcEitnsopAPD\n" - "TFPRWLxyvAg5/KB2qKjpS26IPeOzMSWMcylIDjJ5Bu09Q/T25On8fb6OCNUfAgMB\n" - "AAGjggH0MIIB8DAdBgNVHQ4EFgQUTkPIHXbvN1N6T/JYb5TzOOLVvd8wEgYDVR0T\n" - "AQH/BAgwBgEB/wIBADA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" - "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczA9BgNVHR8ENjA0MDKgMKAuhixo\n" - "dHRwOi8vRVZTZWN1cmUtY3JsLnZlcmlzaWduLmNvbS9wY2EzLWc1LmNybDAgBgNV\n" - "HSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDgYDVR0PAQH/BAQDAgEGMBEG\n" - "CWCGSAGG+EIBAQQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFn\n" - "ZS9naWYwITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRw\n" - "Oi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjApBgNVHREEIjAgpB4wHDEa\n" - "MBgGA1UEAxMRQ2xhc3MzQ0EyMDQ4LTEtNDgwPQYIKwYBBQUHAQEEMTAvMC0GCCsG\n" - "AQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5jb20wHwYDVR0j\n" - "BBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJKoZIhvcNAQEFBQADggEBAFqi\n" - "sb/rjdQ4qIBywtw4Lqyncfkro7tHu21pbxA2mIzHVi67vKtKm3rW8oKT4BT+is6D\n" - "t4Pbk4errGV5Sf1XqbHOCR+6EBXECQ5i4/kKJdVkmPDyqA92Mn6R5hjuvOfa0E6N\n" - "eLvincBZK8DOlQ0kDHLKNF5wIokrSrDxaIfz7kSNKEB3OW5IckUxXWs5DoYC6maZ\n" - "kzEP32fepp+MnUzOcW86Ifa5ND/5btia9z7a84Ffelxtj3z2mXS3/+QXXe1hXqtI\n" - "u5aNZkU5tBIK9nDpnHYiS2DpKhs0Sfei1GfAsSatE7rZhAHBq+GObXAWO3eskZq7\n" - "Gh/aWKfkT8Fhrryi/ks=\n" "-----END CERTIFICATE-----\n" + "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n" + "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" + "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n" + "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n" + "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n" + "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" + "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n" + "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n" + "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n" + "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n" + "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n" + "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n" + "-----END CERTIFICATE-----\n" + /* chain[2] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIE/zCCBGigAwIBAgIQY5Jrio9Agv2swDvTeCmmwDANBgkqhkiG9w0BAQUFADBf\n" + "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" + "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" + "HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx\n" + "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n" + "dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv\n" + "ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz\n" + "IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi\n" + "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8\n" + "RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb\n" + "ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR\n" + "TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/\n" + "Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH\n" + "iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB\n" + "AAGjggHKMIIBxjAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0\n" + "dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjBt\n" + "BggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFnZS9naWYwITAfMAcGBSsOAwIa\n" + "BBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRwOi8vbG9nby52ZXJpc2lnbi5j\n" + "b20vdnNsb2dvLmdpZjA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" + "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7Lvw\n" + "MAnzQzn6Aq8zMTMwgYAGA1UdIwR5MHehY6RhMF8xCzAJBgNVBAYTAlVTMRcwFQYD\n" + "VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp\n" + "bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIQcLrkHRDZKTS2OMp7A8y6vzAg\n" + "BgNVHSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDQYJKoZIhvcNAQEFBQAD\n" + "gYEAUNfnArcMK6xK11/59ADJdeNqKOck4skH3qw6WCAYQxfrcn4eobTInOn5G3Gu\n" + "39g6DapSHmBex2UtZSxvKnJVlWYQgE4P4wGoXdzV69YdCNssXNVVc59DYhDH05dZ\n" + "P4sJH99fucYDkJjUgRUYw35ww0OFwKgUp3CxiizbXxCqEQc=\n" + "-----END CERTIFICATE-----\n" + /* chain[1] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIGCjCCBPKgAwIBAgIQESoAbTflEG/WynzD77rMGDANBgkqhkiG9w0BAQUFADCB\n" + "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" + "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n" + "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n" + "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n" + "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBvjEL\n" + "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n" + "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n" + "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMvVmVy\n" + "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0EwggEi\n" + "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Voi6iDRkZM/NyrDu5xlzxXLZ\n" + "u0W8taj/g74cA9vtibcuEBolvFXKQaGfC88ZXnC5XjlLnjEcX4euKqqoK6IbOxAj\n" + "XxOx3QiMThTag4HjtYzjaO0kZ85Wtqybc5ZE24qMs9bwcZOO23FUSutzWWqPcFEs\n" + "A5+X0cwRerxiDZUqyRx1V+n1x+q6hDXLx4VafuRN4RGXfQ4gNEXb8aIJ6+s9nriW\n" + "Q140SwglHkMaotm3igE0PcP45a9PjP/NZfAjTsWXs1zakByChQ0GDcEitnsopAPD\n" + "TFPRWLxyvAg5/KB2qKjpS26IPeOzMSWMcylIDjJ5Bu09Q/T25On8fb6OCNUfAgMB\n" + "AAGjggH0MIIB8DAdBgNVHQ4EFgQUTkPIHXbvN1N6T/JYb5TzOOLVvd8wEgYDVR0T\n" + "AQH/BAgwBgEB/wIBADA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" + "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczA9BgNVHR8ENjA0MDKgMKAuhixo\n" + "dHRwOi8vRVZTZWN1cmUtY3JsLnZlcmlzaWduLmNvbS9wY2EzLWc1LmNybDAgBgNV\n" + "HSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDgYDVR0PAQH/BAQDAgEGMBEG\n" + "CWCGSAGG+EIBAQQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFn\n" + "ZS9naWYwITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRw\n" + "Oi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjApBgNVHREEIjAgpB4wHDEa\n" + "MBgGA1UEAxMRQ2xhc3MzQ0EyMDQ4LTEtNDgwPQYIKwYBBQUHAQEEMTAvMC0GCCsG\n" + "AQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5jb20wHwYDVR0j\n" + "BBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJKoZIhvcNAQEFBQADggEBAFqi\n" + "sb/rjdQ4qIBywtw4Lqyncfkro7tHu21pbxA2mIzHVi67vKtKm3rW8oKT4BT+is6D\n" + "t4Pbk4errGV5Sf1XqbHOCR+6EBXECQ5i4/kKJdVkmPDyqA92Mn6R5hjuvOfa0E6N\n" + "eLvincBZK8DOlQ0kDHLKNF5wIokrSrDxaIfz7kSNKEB3OW5IckUxXWs5DoYC6maZ\n" + "kzEP32fepp+MnUzOcW86Ifa5ND/5btia9z7a84Ffelxtj3z2mXS3/+QXXe1hXqtI\n" + "u5aNZkU5tBIK9nDpnHYiS2DpKhs0Sfei1GfAsSatE7rZhAHBq+GObXAWO3eskZq7\n" + "Gh/aWKfkT8Fhrryi/ks=\n" + "-----END CERTIFICATE-----\n" }; /* Chain3 is unsorted - random order */ static const char chain3[] = { /* chain[0] */ "-----BEGIN CERTIFICATE-----\n" - "MIIGCDCCBPCgAwIBAgIQakrDGzEQ5utI8PxRo5oXHzANBgkqhkiG9w0BAQUFADCB\n" - "vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" - "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" - "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMv\n" - "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0Ew\n" - "HhcNMDcwNTA5MDAwMDAwWhcNMDkwNTA4MjM1OTU5WjCCAUAxEDAOBgNVBAUTBzI0\n" - "OTc4ODYxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVs\n" - "YXdhcmUxCzAJBgNVBAYTAlVTMQ4wDAYDVQQRFAU5NDA0MzETMBEGA1UECBMKQ2Fs\n" - "aWZvcm5pYTEWMBQGA1UEBxQNTW91bnRhaW4gVmlldzEiMCAGA1UECRQZNDg3IEVh\n" - "c3QgTWlkZGxlZmllbGQgUm9hZDEXMBUGA1UEChQOVmVyaVNpZ24sIEluYy4xJTAj\n" - "BgNVBAsUHFByb2R1Y3Rpb24gU2VjdXJpdHkgU2VydmljZXMxMzAxBgNVBAsUKlRl\n" - "cm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjEZMBcGA1UE\n" - "AxQQd3d3LnZlcmlzaWduLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n" - "xxA35ev879drgQCpENGRQ3ARaCPz/WneT9dtMe3qGNvzXQJs6cjm1Bx8XegyW1gB\n" - "jJX5Zl4WWbr9wpAWZ1YyJ0bEyShIGmkU8fPfbcXYwSyWoWwvE5NRaUB2ztmfAVdv\n" - "OaGMUKxny2Dnj3tAdaQ+FOeRDJJYg6K1hzczq/otOfsCAwEAAaOCAf8wggH7MAkG\n" - "A1UdEwQCMAAwHQYDVR0OBBYEFPFaiZNVR0u6UfVO4MsWVfTXzDhnMAsGA1UdDwQE\n" - "AwIFoDA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vRVZJbnRsLWNybC52ZXJpc2ln\n" - "bi5jb20vRVZJbnRsMjAwNi5jcmwwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXBjAq\n" - "MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDQGA1Ud\n" - "JQQtMCsGCCsGAQUFBwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBBgorBgEEAYI3CgMD\n" - "MB8GA1UdIwQYMBaAFE5DyB127zdTek/yWG+U8zji1b3fMHYGCCsGAQUFBwEBBGow\n" - "aDArBggrBgEFBQcwAYYfaHR0cDovL0VWSW50bC1vY3NwLnZlcmlzaWduLmNvbTA5\n" - "BggrBgEFBQcwAoYtaHR0cDovL0VWSW50bC1haWEudmVyaXNpZ24uY29tL0VWSW50\n" - "bDIwMDYuY2VyMG0GCCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAh\n" - "MB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dv\n" - "LnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMA0GCSqGSIb3DQEBBQUAA4IBAQBEueAg\n" - "xZJrjGPKAZk1NT8VtTn0yi87i9XUnSOnkFkAuI3THDd+cWbNSUzc5uFJg42GhMK7\n" - "S1Rojm8FHxESovLvimH/w111BKF9wNU2XSOb9KohfYq3GRiQG8O7v9JwIjjLepkc\n" - "iyITx7sYiJ+kwZlrNBwN6TwVHrONg6NzyzSnxCg+XgKRbJu2PqEQb6uQVkYhb+Oq\n" - "Vi9d4by9YqpnuXImSffQ0OZ/6s3Rl6vY08zIPqa6OVfjGs/H45ETblzezcUKpX0L\n" - "cqnOwUB9dVuPhtlX3X/hgz/ROxz96NBwwzha58HUgfEfkVtm+piI6TTI7XxS/7Av\n" - "nKMfhbyFQYPQ6J9g\n" "-----END CERTIFICATE-----\n" - /* chain[2] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIE/zCCBGigAwIBAgIQY5Jrio9Agv2swDvTeCmmwDANBgkqhkiG9w0BAQUFADBf\n" - "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" - "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" - "HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx\n" - "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n" - "dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv\n" - "ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz\n" - "IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi\n" - "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8\n" - "RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb\n" - "ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR\n" - "TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/\n" - "Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH\n" - "iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB\n" - "AAGjggHKMIIBxjAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0\n" - "dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjBt\n" - "BggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFnZS9naWYwITAfMAcGBSsOAwIa\n" - "BBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRwOi8vbG9nby52ZXJpc2lnbi5j\n" - "b20vdnNsb2dvLmdpZjA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" - "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7Lvw\n" - "MAnzQzn6Aq8zMTMwgYAGA1UdIwR5MHehY6RhMF8xCzAJBgNVBAYTAlVTMRcwFQYD\n" - "VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp\n" - "bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIQcLrkHRDZKTS2OMp7A8y6vzAg\n" - "BgNVHSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDQYJKoZIhvcNAQEFBQAD\n" - "gYEAUNfnArcMK6xK11/59ADJdeNqKOck4skH3qw6WCAYQxfrcn4eobTInOn5G3Gu\n" - "39g6DapSHmBex2UtZSxvKnJVlWYQgE4P4wGoXdzV69YdCNssXNVVc59DYhDH05dZ\n" - "P4sJH99fucYDkJjUgRUYw35ww0OFwKgUp3CxiizbXxCqEQc=\n" - "-----END CERTIFICATE-----\n" - /* chain[3] (CA) */ - "-----BEGIN CERTIFICATE-----\n" - "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n" - "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" - "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n" - "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n" - "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n" - "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" - "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n" - "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n" - "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n" - "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n" - "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n" - "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n" - "-----END CERTIFICATE-----\n" - /* chain[1] */ + "MIIGCDCCBPCgAwIBAgIQakrDGzEQ5utI8PxRo5oXHzANBgkqhkiG9w0BAQUFADCB\n" + "vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" + "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" + "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMv\n" + "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0Ew\n" + "HhcNMDcwNTA5MDAwMDAwWhcNMDkwNTA4MjM1OTU5WjCCAUAxEDAOBgNVBAUTBzI0\n" + "OTc4ODYxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVs\n" + "YXdhcmUxCzAJBgNVBAYTAlVTMQ4wDAYDVQQRFAU5NDA0MzETMBEGA1UECBMKQ2Fs\n" + "aWZvcm5pYTEWMBQGA1UEBxQNTW91bnRhaW4gVmlldzEiMCAGA1UECRQZNDg3IEVh\n" + "c3QgTWlkZGxlZmllbGQgUm9hZDEXMBUGA1UEChQOVmVyaVNpZ24sIEluYy4xJTAj\n" + "BgNVBAsUHFByb2R1Y3Rpb24gU2VjdXJpdHkgU2VydmljZXMxMzAxBgNVBAsUKlRl\n" + "cm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjEZMBcGA1UE\n" + "AxQQd3d3LnZlcmlzaWduLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n" + "xxA35ev879drgQCpENGRQ3ARaCPz/WneT9dtMe3qGNvzXQJs6cjm1Bx8XegyW1gB\n" + "jJX5Zl4WWbr9wpAWZ1YyJ0bEyShIGmkU8fPfbcXYwSyWoWwvE5NRaUB2ztmfAVdv\n" + "OaGMUKxny2Dnj3tAdaQ+FOeRDJJYg6K1hzczq/otOfsCAwEAAaOCAf8wggH7MAkG\n" + "A1UdEwQCMAAwHQYDVR0OBBYEFPFaiZNVR0u6UfVO4MsWVfTXzDhnMAsGA1UdDwQE\n" + "AwIFoDA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vRVZJbnRsLWNybC52ZXJpc2ln\n" + "bi5jb20vRVZJbnRsMjAwNi5jcmwwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXBjAq\n" + "MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDQGA1Ud\n" + "JQQtMCsGCCsGAQUFBwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBBgorBgEEAYI3CgMD\n" + "MB8GA1UdIwQYMBaAFE5DyB127zdTek/yWG+U8zji1b3fMHYGCCsGAQUFBwEBBGow\n" + "aDArBggrBgEFBQcwAYYfaHR0cDovL0VWSW50bC1vY3NwLnZlcmlzaWduLmNvbTA5\n" + "BggrBgEFBQcwAoYtaHR0cDovL0VWSW50bC1haWEudmVyaXNpZ24uY29tL0VWSW50\n" + "bDIwMDYuY2VyMG0GCCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAh\n" + "MB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dv\n" + "LnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMA0GCSqGSIb3DQEBBQUAA4IBAQBEueAg\n" + "xZJrjGPKAZk1NT8VtTn0yi87i9XUnSOnkFkAuI3THDd+cWbNSUzc5uFJg42GhMK7\n" + "S1Rojm8FHxESovLvimH/w111BKF9wNU2XSOb9KohfYq3GRiQG8O7v9JwIjjLepkc\n" + "iyITx7sYiJ+kwZlrNBwN6TwVHrONg6NzyzSnxCg+XgKRbJu2PqEQb6uQVkYhb+Oq\n" + "Vi9d4by9YqpnuXImSffQ0OZ/6s3Rl6vY08zIPqa6OVfjGs/H45ETblzezcUKpX0L\n" + "cqnOwUB9dVuPhtlX3X/hgz/ROxz96NBwwzha58HUgfEfkVtm+piI6TTI7XxS/7Av\n" + "nKMfhbyFQYPQ6J9g\n" + "-----END CERTIFICATE-----\n" + /* chain[2] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIE/zCCBGigAwIBAgIQY5Jrio9Agv2swDvTeCmmwDANBgkqhkiG9w0BAQUFADBf\n" + "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" + "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" + "HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx\n" + "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n" + "dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv\n" + "ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz\n" + "IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi\n" + "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8\n" + "RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb\n" + "ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR\n" + "TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/\n" + "Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH\n" + "iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB\n" + "AAGjggHKMIIBxjAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0\n" + "dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjBt\n" + "BggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFnZS9naWYwITAfMAcGBSsOAwIa\n" + "BBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRwOi8vbG9nby52ZXJpc2lnbi5j\n" + "b20vdnNsb2dvLmdpZjA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" + "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7Lvw\n" + "MAnzQzn6Aq8zMTMwgYAGA1UdIwR5MHehY6RhMF8xCzAJBgNVBAYTAlVTMRcwFQYD\n" + "VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp\n" + "bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIQcLrkHRDZKTS2OMp7A8y6vzAg\n" + "BgNVHSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDQYJKoZIhvcNAQEFBQAD\n" + "gYEAUNfnArcMK6xK11/59ADJdeNqKOck4skH3qw6WCAYQxfrcn4eobTInOn5G3Gu\n" + "39g6DapSHmBex2UtZSxvKnJVlWYQgE4P4wGoXdzV69YdCNssXNVVc59DYhDH05dZ\n" + "P4sJH99fucYDkJjUgRUYw35ww0OFwKgUp3CxiizbXxCqEQc=\n" + "-----END CERTIFICATE-----\n" + /* chain[3] (CA) */ "-----BEGIN CERTIFICATE-----\n" - "MIIGCjCCBPKgAwIBAgIQESoAbTflEG/WynzD77rMGDANBgkqhkiG9w0BAQUFADCB\n" - "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" - "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n" - "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n" - "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n" - "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBvjEL\n" - "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n" - "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n" - "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMvVmVy\n" - "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0EwggEi\n" - "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Voi6iDRkZM/NyrDu5xlzxXLZ\n" - "u0W8taj/g74cA9vtibcuEBolvFXKQaGfC88ZXnC5XjlLnjEcX4euKqqoK6IbOxAj\n" - "XxOx3QiMThTag4HjtYzjaO0kZ85Wtqybc5ZE24qMs9bwcZOO23FUSutzWWqPcFEs\n" - "A5+X0cwRerxiDZUqyRx1V+n1x+q6hDXLx4VafuRN4RGXfQ4gNEXb8aIJ6+s9nriW\n" - "Q140SwglHkMaotm3igE0PcP45a9PjP/NZfAjTsWXs1zakByChQ0GDcEitnsopAPD\n" - "TFPRWLxyvAg5/KB2qKjpS26IPeOzMSWMcylIDjJ5Bu09Q/T25On8fb6OCNUfAgMB\n" - "AAGjggH0MIIB8DAdBgNVHQ4EFgQUTkPIHXbvN1N6T/JYb5TzOOLVvd8wEgYDVR0T\n" - "AQH/BAgwBgEB/wIBADA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" - "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczA9BgNVHR8ENjA0MDKgMKAuhixo\n" - "dHRwOi8vRVZTZWN1cmUtY3JsLnZlcmlzaWduLmNvbS9wY2EzLWc1LmNybDAgBgNV\n" - "HSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDgYDVR0PAQH/BAQDAgEGMBEG\n" - "CWCGSAGG+EIBAQQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFn\n" - "ZS9naWYwITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRw\n" - "Oi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjApBgNVHREEIjAgpB4wHDEa\n" - "MBgGA1UEAxMRQ2xhc3MzQ0EyMDQ4LTEtNDgwPQYIKwYBBQUHAQEEMTAvMC0GCCsG\n" - "AQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5jb20wHwYDVR0j\n" - "BBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJKoZIhvcNAQEFBQADggEBAFqi\n" - "sb/rjdQ4qIBywtw4Lqyncfkro7tHu21pbxA2mIzHVi67vKtKm3rW8oKT4BT+is6D\n" - "t4Pbk4errGV5Sf1XqbHOCR+6EBXECQ5i4/kKJdVkmPDyqA92Mn6R5hjuvOfa0E6N\n" - "eLvincBZK8DOlQ0kDHLKNF5wIokrSrDxaIfz7kSNKEB3OW5IckUxXWs5DoYC6maZ\n" - "kzEP32fepp+MnUzOcW86Ifa5ND/5btia9z7a84Ffelxtj3z2mXS3/+QXXe1hXqtI\n" - "u5aNZkU5tBIK9nDpnHYiS2DpKhs0Sfei1GfAsSatE7rZhAHBq+GObXAWO3eskZq7\n" - "Gh/aWKfkT8Fhrryi/ks=\n" "-----END CERTIFICATE-----\n" + "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n" + "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" + "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n" + "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n" + "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n" + "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" + "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n" + "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n" + "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n" + "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n" + "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n" + "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n" + "-----END CERTIFICATE-----\n" + /* chain[1] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIGCjCCBPKgAwIBAgIQESoAbTflEG/WynzD77rMGDANBgkqhkiG9w0BAQUFADCB\n" + "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" + "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n" + "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n" + "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n" + "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBvjEL\n" + "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n" + "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n" + "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMvVmVy\n" + "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0EwggEi\n" + "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Voi6iDRkZM/NyrDu5xlzxXLZ\n" + "u0W8taj/g74cA9vtibcuEBolvFXKQaGfC88ZXnC5XjlLnjEcX4euKqqoK6IbOxAj\n" + "XxOx3QiMThTag4HjtYzjaO0kZ85Wtqybc5ZE24qMs9bwcZOO23FUSutzWWqPcFEs\n" + "A5+X0cwRerxiDZUqyRx1V+n1x+q6hDXLx4VafuRN4RGXfQ4gNEXb8aIJ6+s9nriW\n" + "Q140SwglHkMaotm3igE0PcP45a9PjP/NZfAjTsWXs1zakByChQ0GDcEitnsopAPD\n" + "TFPRWLxyvAg5/KB2qKjpS26IPeOzMSWMcylIDjJ5Bu09Q/T25On8fb6OCNUfAgMB\n" + "AAGjggH0MIIB8DAdBgNVHQ4EFgQUTkPIHXbvN1N6T/JYb5TzOOLVvd8wEgYDVR0T\n" + "AQH/BAgwBgEB/wIBADA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" + "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczA9BgNVHR8ENjA0MDKgMKAuhixo\n" + "dHRwOi8vRVZTZWN1cmUtY3JsLnZlcmlzaWduLmNvbS9wY2EzLWc1LmNybDAgBgNV\n" + "HSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDgYDVR0PAQH/BAQDAgEGMBEG\n" + "CWCGSAGG+EIBAQQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFn\n" + "ZS9naWYwITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRw\n" + "Oi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjApBgNVHREEIjAgpB4wHDEa\n" + "MBgGA1UEAxMRQ2xhc3MzQ0EyMDQ4LTEtNDgwPQYIKwYBBQUHAQEEMTAvMC0GCCsG\n" + "AQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5jb20wHwYDVR0j\n" + "BBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJKoZIhvcNAQEFBQADggEBAFqi\n" + "sb/rjdQ4qIBywtw4Lqyncfkro7tHu21pbxA2mIzHVi67vKtKm3rW8oKT4BT+is6D\n" + "t4Pbk4errGV5Sf1XqbHOCR+6EBXECQ5i4/kKJdVkmPDyqA92Mn6R5hjuvOfa0E6N\n" + "eLvincBZK8DOlQ0kDHLKNF5wIokrSrDxaIfz7kSNKEB3OW5IckUxXWs5DoYC6maZ\n" + "kzEP32fepp+MnUzOcW86Ifa5ND/5btia9z7a84Ffelxtj3z2mXS3/+QXXe1hXqtI\n" + "u5aNZkU5tBIK9nDpnHYiS2DpKhs0Sfei1GfAsSatE7rZhAHBq+GObXAWO3eskZq7\n" + "Gh/aWKfkT8Fhrryi/ks=\n" + "-----END CERTIFICATE-----\n" }; /* Chain4 is unsorted - random order and includes random certs */ static const char chain4[] = { /* chain[0] */ "-----BEGIN CERTIFICATE-----\n" - "MIIGCDCCBPCgAwIBAgIQakrDGzEQ5utI8PxRo5oXHzANBgkqhkiG9w0BAQUFADCB\n" - "vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" - "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" - "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMv\n" - "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0Ew\n" - "HhcNMDcwNTA5MDAwMDAwWhcNMDkwNTA4MjM1OTU5WjCCAUAxEDAOBgNVBAUTBzI0\n" - "OTc4ODYxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVs\n" - "YXdhcmUxCzAJBgNVBAYTAlVTMQ4wDAYDVQQRFAU5NDA0MzETMBEGA1UECBMKQ2Fs\n" - "aWZvcm5pYTEWMBQGA1UEBxQNTW91bnRhaW4gVmlldzEiMCAGA1UECRQZNDg3IEVh\n" - "c3QgTWlkZGxlZmllbGQgUm9hZDEXMBUGA1UEChQOVmVyaVNpZ24sIEluYy4xJTAj\n" - "BgNVBAsUHFByb2R1Y3Rpb24gU2VjdXJpdHkgU2VydmljZXMxMzAxBgNVBAsUKlRl\n" - "cm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjEZMBcGA1UE\n" - "AxQQd3d3LnZlcmlzaWduLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n" - "xxA35ev879drgQCpENGRQ3ARaCPz/WneT9dtMe3qGNvzXQJs6cjm1Bx8XegyW1gB\n" - "jJX5Zl4WWbr9wpAWZ1YyJ0bEyShIGmkU8fPfbcXYwSyWoWwvE5NRaUB2ztmfAVdv\n" - "OaGMUKxny2Dnj3tAdaQ+FOeRDJJYg6K1hzczq/otOfsCAwEAAaOCAf8wggH7MAkG\n" - "A1UdEwQCMAAwHQYDVR0OBBYEFPFaiZNVR0u6UfVO4MsWVfTXzDhnMAsGA1UdDwQE\n" - "AwIFoDA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vRVZJbnRsLWNybC52ZXJpc2ln\n" - "bi5jb20vRVZJbnRsMjAwNi5jcmwwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXBjAq\n" - "MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDQGA1Ud\n" - "JQQtMCsGCCsGAQUFBwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBBgorBgEEAYI3CgMD\n" - "MB8GA1UdIwQYMBaAFE5DyB127zdTek/yWG+U8zji1b3fMHYGCCsGAQUFBwEBBGow\n" - "aDArBggrBgEFBQcwAYYfaHR0cDovL0VWSW50bC1vY3NwLnZlcmlzaWduLmNvbTA5\n" - "BggrBgEFBQcwAoYtaHR0cDovL0VWSW50bC1haWEudmVyaXNpZ24uY29tL0VWSW50\n" - "bDIwMDYuY2VyMG0GCCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAh\n" - "MB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dv\n" - "LnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMA0GCSqGSIb3DQEBBQUAA4IBAQBEueAg\n" - "xZJrjGPKAZk1NT8VtTn0yi87i9XUnSOnkFkAuI3THDd+cWbNSUzc5uFJg42GhMK7\n" - "S1Rojm8FHxESovLvimH/w111BKF9wNU2XSOb9KohfYq3GRiQG8O7v9JwIjjLepkc\n" - "iyITx7sYiJ+kwZlrNBwN6TwVHrONg6NzyzSnxCg+XgKRbJu2PqEQb6uQVkYhb+Oq\n" - "Vi9d4by9YqpnuXImSffQ0OZ/6s3Rl6vY08zIPqa6OVfjGs/H45ETblzezcUKpX0L\n" - "cqnOwUB9dVuPhtlX3X/hgz/ROxz96NBwwzha58HUgfEfkVtm+piI6TTI7XxS/7Av\n" - "nKMfhbyFQYPQ6J9g\n" "-----END CERTIFICATE-----\n" - /* chain[2] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIE/zCCBGigAwIBAgIQY5Jrio9Agv2swDvTeCmmwDANBgkqhkiG9w0BAQUFADBf\n" - "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" - "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" - "HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx\n" - "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n" - "dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv\n" - "ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz\n" - "IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi\n" - "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8\n" - "RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb\n" - "ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR\n" - "TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/\n" - "Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH\n" - "iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB\n" - "AAGjggHKMIIBxjAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0\n" - "dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjBt\n" - "BggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFnZS9naWYwITAfMAcGBSsOAwIa\n" - "BBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRwOi8vbG9nby52ZXJpc2lnbi5j\n" - "b20vdnNsb2dvLmdpZjA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" - "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7Lvw\n" - "MAnzQzn6Aq8zMTMwgYAGA1UdIwR5MHehY6RhMF8xCzAJBgNVBAYTAlVTMRcwFQYD\n" - "VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp\n" - "bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIQcLrkHRDZKTS2OMp7A8y6vzAg\n" - "BgNVHSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDQYJKoZIhvcNAQEFBQAD\n" - "gYEAUNfnArcMK6xK11/59ADJdeNqKOck4skH3qw6WCAYQxfrcn4eobTInOn5G3Gu\n" - "39g6DapSHmBex2UtZSxvKnJVlWYQgE4P4wGoXdzV69YdCNssXNVVc59DYhDH05dZ\n" - "P4sJH99fucYDkJjUgRUYw35ww0OFwKgUp3CxiizbXxCqEQc=\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIEczCCA9ygAwIBAgIQeODCPg2RbK2r7/1KoWjWZzANBgkqhkiG9w0BAQUFADCB\n" - "ujEfMB0GA1UEChMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVy\n" - "aVNpZ24sIEluYy4xMzAxBgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2Vy\n" - "dmVyIENBIC0gQ2xhc3MgMzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMg\n" - "SW5jb3JwLmJ5IFJlZi4gTElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjAeFw0w\n" - "ODA2MTAwMDAwMDBaFw0wOTA3MzAyMzU5NTlaMIG2MQswCQYDVQQGEwJERTEPMA0G\n" - "A1UECBMGSGVzc2VuMRowGAYDVQQHFBFGcmFua2Z1cnQgYW0gTWFpbjEsMCoGA1UE\n" - "ChQjU3Bhcmthc3NlbiBJbmZvcm1hdGlrIEdtYkggJiBDby4gS0cxKTAnBgNVBAsU\n" - "IFRlcm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tMSEwHwYDVQQDFBhoYmNp\n" - "LXBpbnRhbi1ycC5zLWhiY2kuZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB\n" - "AK1CdQ9lqmChZWaRAInimuK7I36VImTuAVU0N6BIS4a2BbblkiekbVf15GVHGb6e\n" - "QV06ANN6Nd8XIdfoxi3LoAs8sa+Ku7eoEsRFi/XIU96GgtFlxf3EsVA9RbGdtfer\n" - "9iJGIBae2mJTlk+5LVg2EQr50PJlBuTgiYFc41xs9O2RAgMBAAGjggF6MIIBdjAJ\n" - "BgNVHRMEAjAAMAsGA1UdDwQEAwIFoDBGBgNVHR8EPzA9MDugOaA3hjVodHRwOi8v\n" - "Y3JsLnZlcmlzaWduLmNvbS9DbGFzczNJbnRlcm5hdGlvbmFsU2VydmVyLmNybDBE\n" - "BgNVHSAEPTA7MDkGC2CGSAGG+EUBBxcDMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\n" - "d3d3LnZlcmlzaWduLmNvbS9ycGEwKAYDVR0lBCEwHwYJYIZIAYb4QgQBBggrBgEF\n" - "BQcDAQYIKwYBBQUHAwIwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRw\n" - "Oi8vb2NzcC52ZXJpc2lnbi5jb20wbgYIKwYBBQUHAQwEYjBgoV6gXDBaMFgwVhYJ\n" - "aW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUS2u5KJYGDLvQUjibKaxLB4shBRgwJhYk\n" - "aHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nbzEuZ2lmMA0GCSqGSIb3DQEB\n" - "BQUAA4GBAJ03R0YAjYzlWm54gMSn6MqJi0mHdLCO2lk3CARwjbg7TEYAZvDsKqTd\n" - "cRuhNk079BqrQ3QapffeN55SAVrc3mzHO54Nla4n5y6x3XIQXVvRjbJGwmWXsdvr\n" - "W899F/pBEN30Tgdbmn7JR/iZlGhIJpY9Us1i7rwQhKYir9ZQBdj3\n" - "-----END CERTIFICATE-----\n" - /* chain[1] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIGCjCCBPKgAwIBAgIQESoAbTflEG/WynzD77rMGDANBgkqhkiG9w0BAQUFADCB\n" - "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" - "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n" - "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n" - "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n" - "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBvjEL\n" - "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n" - "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n" - "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMvVmVy\n" - "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0EwggEi\n" - "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Voi6iDRkZM/NyrDu5xlzxXLZ\n" - "u0W8taj/g74cA9vtibcuEBolvFXKQaGfC88ZXnC5XjlLnjEcX4euKqqoK6IbOxAj\n" - "XxOx3QiMThTag4HjtYzjaO0kZ85Wtqybc5ZE24qMs9bwcZOO23FUSutzWWqPcFEs\n" - "A5+X0cwRerxiDZUqyRx1V+n1x+q6hDXLx4VafuRN4RGXfQ4gNEXb8aIJ6+s9nriW\n" - "Q140SwglHkMaotm3igE0PcP45a9PjP/NZfAjTsWXs1zakByChQ0GDcEitnsopAPD\n" - "TFPRWLxyvAg5/KB2qKjpS26IPeOzMSWMcylIDjJ5Bu09Q/T25On8fb6OCNUfAgMB\n" - "AAGjggH0MIIB8DAdBgNVHQ4EFgQUTkPIHXbvN1N6T/JYb5TzOOLVvd8wEgYDVR0T\n" - "AQH/BAgwBgEB/wIBADA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" - "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczA9BgNVHR8ENjA0MDKgMKAuhixo\n" - "dHRwOi8vRVZTZWN1cmUtY3JsLnZlcmlzaWduLmNvbS9wY2EzLWc1LmNybDAgBgNV\n" - "HSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDgYDVR0PAQH/BAQDAgEGMBEG\n" - "CWCGSAGG+EIBAQQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFn\n" - "ZS9naWYwITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRw\n" - "Oi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjApBgNVHREEIjAgpB4wHDEa\n" - "MBgGA1UEAxMRQ2xhc3MzQ0EyMDQ4LTEtNDgwPQYIKwYBBQUHAQEEMTAvMC0GCCsG\n" - "AQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5jb20wHwYDVR0j\n" - "BBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJKoZIhvcNAQEFBQADggEBAFqi\n" - "sb/rjdQ4qIBywtw4Lqyncfkro7tHu21pbxA2mIzHVi67vKtKm3rW8oKT4BT+is6D\n" - "t4Pbk4errGV5Sf1XqbHOCR+6EBXECQ5i4/kKJdVkmPDyqA92Mn6R5hjuvOfa0E6N\n" - "eLvincBZK8DOlQ0kDHLKNF5wIokrSrDxaIfz7kSNKEB3OW5IckUxXWs5DoYC6maZ\n" - "kzEP32fepp+MnUzOcW86Ifa5ND/5btia9z7a84Ffelxtj3z2mXS3/+QXXe1hXqtI\n" - "u5aNZkU5tBIK9nDpnHYiS2DpKhs0Sfei1GfAsSatE7rZhAHBq+GObXAWO3eskZq7\n" - "Gh/aWKfkT8Fhrryi/ks=\n" "-----END CERTIFICATE-----\n" - /* chain[3] (CA) */ + "MIIGCDCCBPCgAwIBAgIQakrDGzEQ5utI8PxRo5oXHzANBgkqhkiG9w0BAQUFADCB\n" + "vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" + "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" + "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMv\n" + "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0Ew\n" + "HhcNMDcwNTA5MDAwMDAwWhcNMDkwNTA4MjM1OTU5WjCCAUAxEDAOBgNVBAUTBzI0\n" + "OTc4ODYxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVs\n" + "YXdhcmUxCzAJBgNVBAYTAlVTMQ4wDAYDVQQRFAU5NDA0MzETMBEGA1UECBMKQ2Fs\n" + "aWZvcm5pYTEWMBQGA1UEBxQNTW91bnRhaW4gVmlldzEiMCAGA1UECRQZNDg3IEVh\n" + "c3QgTWlkZGxlZmllbGQgUm9hZDEXMBUGA1UEChQOVmVyaVNpZ24sIEluYy4xJTAj\n" + "BgNVBAsUHFByb2R1Y3Rpb24gU2VjdXJpdHkgU2VydmljZXMxMzAxBgNVBAsUKlRl\n" + "cm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjEZMBcGA1UE\n" + "AxQQd3d3LnZlcmlzaWduLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n" + "xxA35ev879drgQCpENGRQ3ARaCPz/WneT9dtMe3qGNvzXQJs6cjm1Bx8XegyW1gB\n" + "jJX5Zl4WWbr9wpAWZ1YyJ0bEyShIGmkU8fPfbcXYwSyWoWwvE5NRaUB2ztmfAVdv\n" + "OaGMUKxny2Dnj3tAdaQ+FOeRDJJYg6K1hzczq/otOfsCAwEAAaOCAf8wggH7MAkG\n" + "A1UdEwQCMAAwHQYDVR0OBBYEFPFaiZNVR0u6UfVO4MsWVfTXzDhnMAsGA1UdDwQE\n" + "AwIFoDA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vRVZJbnRsLWNybC52ZXJpc2ln\n" + "bi5jb20vRVZJbnRsMjAwNi5jcmwwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXBjAq\n" + "MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDQGA1Ud\n" + "JQQtMCsGCCsGAQUFBwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBBgorBgEEAYI3CgMD\n" + "MB8GA1UdIwQYMBaAFE5DyB127zdTek/yWG+U8zji1b3fMHYGCCsGAQUFBwEBBGow\n" + "aDArBggrBgEFBQcwAYYfaHR0cDovL0VWSW50bC1vY3NwLnZlcmlzaWduLmNvbTA5\n" + "BggrBgEFBQcwAoYtaHR0cDovL0VWSW50bC1haWEudmVyaXNpZ24uY29tL0VWSW50\n" + "bDIwMDYuY2VyMG0GCCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAh\n" + "MB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dv\n" + "LnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMA0GCSqGSIb3DQEBBQUAA4IBAQBEueAg\n" + "xZJrjGPKAZk1NT8VtTn0yi87i9XUnSOnkFkAuI3THDd+cWbNSUzc5uFJg42GhMK7\n" + "S1Rojm8FHxESovLvimH/w111BKF9wNU2XSOb9KohfYq3GRiQG8O7v9JwIjjLepkc\n" + "iyITx7sYiJ+kwZlrNBwN6TwVHrONg6NzyzSnxCg+XgKRbJu2PqEQb6uQVkYhb+Oq\n" + "Vi9d4by9YqpnuXImSffQ0OZ/6s3Rl6vY08zIPqa6OVfjGs/H45ETblzezcUKpX0L\n" + "cqnOwUB9dVuPhtlX3X/hgz/ROxz96NBwwzha58HUgfEfkVtm+piI6TTI7XxS/7Av\n" + "nKMfhbyFQYPQ6J9g\n" + "-----END CERTIFICATE-----\n" + /* chain[2] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIE/zCCBGigAwIBAgIQY5Jrio9Agv2swDvTeCmmwDANBgkqhkiG9w0BAQUFADBf\n" + "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" + "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" + "HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx\n" + "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n" + "dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv\n" + "ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz\n" + "IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi\n" + "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8\n" + "RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb\n" + "ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR\n" + "TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/\n" + "Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH\n" + "iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB\n" + "AAGjggHKMIIBxjAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0\n" + "dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjBt\n" + "BggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFnZS9naWYwITAfMAcGBSsOAwIa\n" + "BBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRwOi8vbG9nby52ZXJpc2lnbi5j\n" + "b20vdnNsb2dvLmdpZjA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" + "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7Lvw\n" + "MAnzQzn6Aq8zMTMwgYAGA1UdIwR5MHehY6RhMF8xCzAJBgNVBAYTAlVTMRcwFQYD\n" + "VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp\n" + "bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIQcLrkHRDZKTS2OMp7A8y6vzAg\n" + "BgNVHSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDQYJKoZIhvcNAQEFBQAD\n" + "gYEAUNfnArcMK6xK11/59ADJdeNqKOck4skH3qw6WCAYQxfrcn4eobTInOn5G3Gu\n" + "39g6DapSHmBex2UtZSxvKnJVlWYQgE4P4wGoXdzV69YdCNssXNVVc59DYhDH05dZ\n" + "P4sJH99fucYDkJjUgRUYw35ww0OFwKgUp3CxiizbXxCqEQc=\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIEczCCA9ygAwIBAgIQeODCPg2RbK2r7/1KoWjWZzANBgkqhkiG9w0BAQUFADCB\n" + "ujEfMB0GA1UEChMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVy\n" + "aVNpZ24sIEluYy4xMzAxBgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2Vy\n" + "dmVyIENBIC0gQ2xhc3MgMzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMg\n" + "SW5jb3JwLmJ5IFJlZi4gTElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjAeFw0w\n" + "ODA2MTAwMDAwMDBaFw0wOTA3MzAyMzU5NTlaMIG2MQswCQYDVQQGEwJERTEPMA0G\n" + "A1UECBMGSGVzc2VuMRowGAYDVQQHFBFGcmFua2Z1cnQgYW0gTWFpbjEsMCoGA1UE\n" + "ChQjU3Bhcmthc3NlbiBJbmZvcm1hdGlrIEdtYkggJiBDby4gS0cxKTAnBgNVBAsU\n" + "IFRlcm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tMSEwHwYDVQQDFBhoYmNp\n" + "LXBpbnRhbi1ycC5zLWhiY2kuZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB\n" + "AK1CdQ9lqmChZWaRAInimuK7I36VImTuAVU0N6BIS4a2BbblkiekbVf15GVHGb6e\n" + "QV06ANN6Nd8XIdfoxi3LoAs8sa+Ku7eoEsRFi/XIU96GgtFlxf3EsVA9RbGdtfer\n" + "9iJGIBae2mJTlk+5LVg2EQr50PJlBuTgiYFc41xs9O2RAgMBAAGjggF6MIIBdjAJ\n" + "BgNVHRMEAjAAMAsGA1UdDwQEAwIFoDBGBgNVHR8EPzA9MDugOaA3hjVodHRwOi8v\n" + "Y3JsLnZlcmlzaWduLmNvbS9DbGFzczNJbnRlcm5hdGlvbmFsU2VydmVyLmNybDBE\n" + "BgNVHSAEPTA7MDkGC2CGSAGG+EUBBxcDMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\n" + "d3d3LnZlcmlzaWduLmNvbS9ycGEwKAYDVR0lBCEwHwYJYIZIAYb4QgQBBggrBgEF\n" + "BQcDAQYIKwYBBQUHAwIwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRw\n" + "Oi8vb2NzcC52ZXJpc2lnbi5jb20wbgYIKwYBBQUHAQwEYjBgoV6gXDBaMFgwVhYJ\n" + "aW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUS2u5KJYGDLvQUjibKaxLB4shBRgwJhYk\n" + "aHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nbzEuZ2lmMA0GCSqGSIb3DQEB\n" + "BQUAA4GBAJ03R0YAjYzlWm54gMSn6MqJi0mHdLCO2lk3CARwjbg7TEYAZvDsKqTd\n" + "cRuhNk079BqrQ3QapffeN55SAVrc3mzHO54Nla4n5y6x3XIQXVvRjbJGwmWXsdvr\n" + "W899F/pBEN30Tgdbmn7JR/iZlGhIJpY9Us1i7rwQhKYir9ZQBdj3\n" + "-----END CERTIFICATE-----\n" + /* chain[1] */ "-----BEGIN CERTIFICATE-----\n" - "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n" - "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" - "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n" - "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n" - "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n" - "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" - "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n" - "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n" - "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n" - "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n" - "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n" - "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIDgzCCAuygAwIBAgIQJUuKhThCzONY+MXdriJupDANBgkqhkiG9w0BAQUFADBf\n" - "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" - "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" - "HhcNOTcwNDE3MDAwMDAwWhcNMTExMDI0MjM1OTU5WjCBujEfMB0GA1UEChMWVmVy\n" - "aVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVyaVNpZ24sIEluYy4xMzAx\n" - "BgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gQ2xhc3Mg\n" - "MzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMgSW5jb3JwLmJ5IFJlZi4g\n" - "TElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjCBnzANBgkqhkiG9w0BAQEFAAOB\n" - "jQAwgYkCgYEA2IKA6NYZAn0fhRg5JaJlK+G/1AXTvOY2O6rwTGxbtueqPHNFVbLx\n" - "veqXQu2aNAoV1Klc9UAl3dkHwTKydWzEyruj/lYncUOqY/UwPpMo5frxCTvzt01O\n" - "OfdcSVq4wR3Tsor+cDCVQsv+K1GLWjw6+SJPkLICp1OcTzTnqwSye28CAwEAAaOB\n" - "4zCB4DAPBgNVHRMECDAGAQH/AgEAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHAQEw\n" - "KjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQUzA0BgNV\n" - "HSUELTArBggrBgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEAQYKYIZIAYb4RQEI\n" - "ATALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgEGMDEGA1UdHwQqMCgwJqAk\n" - "oCKGIGh0dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA0GCSqGSIb3DQEB\n" - "BQUAA4GBAAgB7ORolANC8XPxI6I63unx2sZUxCM+hurPajozq+qcBBQHNgYL+Yhv\n" - "1RPuKSvD5HKNRO3RrCAJLeH24RkFOLA9D59/+J4C3IYChmFOJl9en5IeDCSk9dBw\n" - "E88mw0M9SR2egi5SX7w+xmYpAY5Okiy8RnUDgqxz6dl+C2fvVFIa\n" - "-----END CERTIFICATE-----\n" + "MIIGCjCCBPKgAwIBAgIQESoAbTflEG/WynzD77rMGDANBgkqhkiG9w0BAQUFADCB\n" + "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" + "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n" + "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n" + "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n" + "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBvjEL\n" + "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n" + "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n" + "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMvVmVy\n" + "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0EwggEi\n" + "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Voi6iDRkZM/NyrDu5xlzxXLZ\n" + "u0W8taj/g74cA9vtibcuEBolvFXKQaGfC88ZXnC5XjlLnjEcX4euKqqoK6IbOxAj\n" + "XxOx3QiMThTag4HjtYzjaO0kZ85Wtqybc5ZE24qMs9bwcZOO23FUSutzWWqPcFEs\n" + "A5+X0cwRerxiDZUqyRx1V+n1x+q6hDXLx4VafuRN4RGXfQ4gNEXb8aIJ6+s9nriW\n" + "Q140SwglHkMaotm3igE0PcP45a9PjP/NZfAjTsWXs1zakByChQ0GDcEitnsopAPD\n" + "TFPRWLxyvAg5/KB2qKjpS26IPeOzMSWMcylIDjJ5Bu09Q/T25On8fb6OCNUfAgMB\n" + "AAGjggH0MIIB8DAdBgNVHQ4EFgQUTkPIHXbvN1N6T/JYb5TzOOLVvd8wEgYDVR0T\n" + "AQH/BAgwBgEB/wIBADA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" + "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczA9BgNVHR8ENjA0MDKgMKAuhixo\n" + "dHRwOi8vRVZTZWN1cmUtY3JsLnZlcmlzaWduLmNvbS9wY2EzLWc1LmNybDAgBgNV\n" + "HSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDgYDVR0PAQH/BAQDAgEGMBEG\n" + "CWCGSAGG+EIBAQQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFn\n" + "ZS9naWYwITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRw\n" + "Oi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjApBgNVHREEIjAgpB4wHDEa\n" + "MBgGA1UEAxMRQ2xhc3MzQ0EyMDQ4LTEtNDgwPQYIKwYBBQUHAQEEMTAvMC0GCCsG\n" + "AQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5jb20wHwYDVR0j\n" + "BBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJKoZIhvcNAQEFBQADggEBAFqi\n" + "sb/rjdQ4qIBywtw4Lqyncfkro7tHu21pbxA2mIzHVi67vKtKm3rW8oKT4BT+is6D\n" + "t4Pbk4errGV5Sf1XqbHOCR+6EBXECQ5i4/kKJdVkmPDyqA92Mn6R5hjuvOfa0E6N\n" + "eLvincBZK8DOlQ0kDHLKNF5wIokrSrDxaIfz7kSNKEB3OW5IckUxXWs5DoYC6maZ\n" + "kzEP32fepp+MnUzOcW86Ifa5ND/5btia9z7a84Ffelxtj3z2mXS3/+QXXe1hXqtI\n" + "u5aNZkU5tBIK9nDpnHYiS2DpKhs0Sfei1GfAsSatE7rZhAHBq+GObXAWO3eskZq7\n" + "Gh/aWKfkT8Fhrryi/ks=\n" + "-----END CERTIFICATE-----\n" + /* chain[3] (CA) */ + "-----BEGIN CERTIFICATE-----\n" + "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n" + "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" + "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n" + "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n" + "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n" + "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" + "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n" + "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n" + "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n" + "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n" + "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n" + "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIDgzCCAuygAwIBAgIQJUuKhThCzONY+MXdriJupDANBgkqhkiG9w0BAQUFADBf\n" + "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" + "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" + "HhcNOTcwNDE3MDAwMDAwWhcNMTExMDI0MjM1OTU5WjCBujEfMB0GA1UEChMWVmVy\n" + "aVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVyaVNpZ24sIEluYy4xMzAx\n" + "BgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gQ2xhc3Mg\n" + "MzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMgSW5jb3JwLmJ5IFJlZi4g\n" + "TElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjCBnzANBgkqhkiG9w0BAQEFAAOB\n" + "jQAwgYkCgYEA2IKA6NYZAn0fhRg5JaJlK+G/1AXTvOY2O6rwTGxbtueqPHNFVbLx\n" + "veqXQu2aNAoV1Klc9UAl3dkHwTKydWzEyruj/lYncUOqY/UwPpMo5frxCTvzt01O\n" + "OfdcSVq4wR3Tsor+cDCVQsv+K1GLWjw6+SJPkLICp1OcTzTnqwSye28CAwEAAaOB\n" + "4zCB4DAPBgNVHRMECDAGAQH/AgEAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHAQEw\n" + "KjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQUzA0BgNV\n" + "HSUELTArBggrBgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEAQYKYIZIAYb4RQEI\n" + "ATALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgEGMDEGA1UdHwQqMCgwJqAk\n" + "oCKGIGh0dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA0GCSqGSIb3DQEB\n" + "BQUAA4GBAAgB7ORolANC8XPxI6I63unx2sZUxCM+hurPajozq+qcBBQHNgYL+Yhv\n" + "1RPuKSvD5HKNRO3RrCAJLeH24RkFOLA9D59/+J4C3IYChmFOJl9en5IeDCSk9dBw\n" + "E88mw0M9SR2egi5SX7w+xmYpAY5Okiy8RnUDgqxz6dl+C2fvVFIa\n" + "-----END CERTIFICATE-----\n" }; -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1207000800; @@ -600,8 +608,8 @@ void doit(void) gnutls_x509_crt_t *crts; unsigned int crts_size, i; gnutls_x509_trust_list_t tl; - unsigned int status, flags = - GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN | GNUTLS_VERIFY_ALLOW_BROKEN; + unsigned int status, flags = GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN | + GNUTLS_VERIFY_ALLOW_BROKEN; unsigned int not_flags = GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN; /* this must be called once in the program @@ -616,9 +624,8 @@ void doit(void) /* test for gnutls_certificate_get_issuer() */ gnutls_x509_trust_list_init(&tl, 0); - ret = - gnutls_x509_trust_list_add_trust_mem(tl, &ca, NULL, - GNUTLS_X509_FMT_PEM, 0, 0); + ret = gnutls_x509_trust_list_add_trust_mem(tl, &ca, NULL, + GNUTLS_X509_FMT_PEM, 0, 0); if (ret < 0) { fail("gnutls_x509_trust_list_add_trust_mem\n"); exit(1); @@ -627,18 +634,16 @@ void doit(void) /* Chain 1 */ data.data = (void *)chain1; data.size = sizeof(chain1); - ret = - gnutls_x509_crt_list_import2(&crts, &crts_size, &data, - GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_x509_crt_list_import2(&crts, &crts_size, &data, + GNUTLS_X509_FMT_PEM, 0); if (ret < 0) { fail("gnutls_x509_crt_list_import2: %s\n", gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_trust_list_verify_crt(tl, crts, crts_size, flags, - &status, NULL); + ret = gnutls_x509_trust_list_verify_crt(tl, crts, crts_size, flags, + &status, NULL); if (ret < 0 || status != 0) { fail("gnutls_x509_trust_list_verify_crt - 1\n"); exit(1); @@ -654,27 +659,25 @@ void doit(void) /* verify whether the GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED flag is * considered by gnutls_x509_crt_list_import2() */ - ret = - gnutls_x509_crt_list_import2(&crts, &crts_size, &data, - GNUTLS_X509_FMT_PEM, - GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); + ret = gnutls_x509_crt_list_import2( + &crts, &crts_size, &data, GNUTLS_X509_FMT_PEM, + GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); if (ret != GNUTLS_E_CERTIFICATE_LIST_UNSORTED) { - fail("gnutls_x509_crt_list_import2 with flag GNUTLS_E_CERTIFICATE_LIST_UNSORTED on unsorted chain didn't fail: %s\n", gnutls_strerror(ret)); + fail("gnutls_x509_crt_list_import2 with flag GNUTLS_E_CERTIFICATE_LIST_UNSORTED on unsorted chain didn't fail: %s\n", + gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_crt_list_import2(&crts, &crts_size, &data, - GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_x509_crt_list_import2(&crts, &crts_size, &data, + GNUTLS_X509_FMT_PEM, 0); if (ret < 0) { fail("gnutls_x509_crt_list_import2: %s\n", gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_trust_list_verify_crt(tl, crts, crts_size, flags, - &status, NULL); + ret = gnutls_x509_trust_list_verify_crt(tl, crts, crts_size, flags, + &status, NULL); if (ret < 0 || status != 0) { fail("gnutls_x509_trust_list_verify_crt - 2\n"); exit(1); @@ -687,18 +690,16 @@ void doit(void) /* Chain 3 */ data.data = (void *)chain3; data.size = sizeof(chain3); - ret = - gnutls_x509_crt_list_import2(&crts, &crts_size, &data, - GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_x509_crt_list_import2(&crts, &crts_size, &data, + GNUTLS_X509_FMT_PEM, 0); if (ret < 0) { fail("gnutls_x509_crt_list_import2: %s\n", gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_trust_list_verify_crt(tl, crts, crts_size, flags, - &status, NULL); + ret = gnutls_x509_trust_list_verify_crt(tl, crts, crts_size, flags, + &status, NULL); if (ret < 0 || status != 0) { fail("gnutls_x509_trust_list_verify_crt - 3\n"); exit(1); @@ -711,18 +712,16 @@ void doit(void) /* Chain 4 */ data.data = (void *)chain4; data.size = sizeof(chain4); - ret = - gnutls_x509_crt_list_import2(&crts, &crts_size, &data, - GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_x509_crt_list_import2(&crts, &crts_size, &data, + GNUTLS_X509_FMT_PEM, 0); if (ret < 0) { fail("gnutls_x509_crt_list_import2: %s\n", gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_trust_list_verify_crt(tl, crts, crts_size, flags, - &status, NULL); + ret = gnutls_x509_trust_list_verify_crt(tl, crts, crts_size, flags, + &status, NULL); if (ret < 0 || status != 0) { fail("gnutls_x509_trust_list_verify_crt - 4\n"); exit(1); @@ -735,18 +734,16 @@ void doit(void) /* Check if an unsorted list would fail if the unsorted flag is not given */ data.data = (void *)chain2; data.size = sizeof(chain2); - ret = - gnutls_x509_crt_list_import2(&crts, &crts_size, &data, - GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_x509_crt_list_import2(&crts, &crts_size, &data, + GNUTLS_X509_FMT_PEM, 0); if (ret < 0) { fail("gnutls_x509_crt_list_import2: %s\n", gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_trust_list_verify_crt(tl, crts, crts_size, - not_flags, &status, NULL); + ret = gnutls_x509_trust_list_verify_crt(tl, crts, crts_size, not_flags, + &status, NULL); if (ret < 0 || status == 0) { fail("gnutls_x509_trust_list_verify_crt - 5\n"); exit(1); diff --git a/tests/chainverify.c b/tests/chainverify.c index 9460724fd1..9b19fe67ac 100644 --- a/tests/chainverify.c +++ b/tests/chainverify.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,7 +40,7 @@ static time_t then = DEFAULT_THEN; verifying certificates. To avoid a time bomb, we hard code the current time. This should work fine on systems where the library call to time is resolved at run-time. */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { if (t) *t = then; @@ -85,7 +85,6 @@ void doit(void) gnutls_global_set_log_level(4711); for (i = 0; chains[i].chain; i++) { - printf("[%d]: Chain '%s'...\n", (int)i, chains[i].name); if (chains[i].notfips && gnutls_fips140_mode_enabled()) { @@ -109,9 +108,8 @@ void doit(void) tmp.data = (unsigned char *)chains[i].chain[j]; tmp.size = strlen(chains[i].chain[j]); - ret = - gnutls_x509_crt_import(certs[j], &tmp, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(certs[j], &tmp, + GNUTLS_X509_FMT_PEM); if (debug > 2) printf("done\n"); if (ret < 0) { @@ -167,11 +165,9 @@ void doit(void) then = DEFAULT_THEN; if (chains[i].purpose == NULL) { - ret = gnutls_x509_crt_list_verify(certs, j, - &ca, 1, NULL, 0, - chains - [i].verify_flags, - &verify_status); + ret = gnutls_x509_crt_list_verify( + certs, j, &ca, 1, NULL, 0, + chains[i].verify_flags, &verify_status); if (ret < 0) { fprintf(stderr, "gnutls_x509_crt_list_verify[%d,%d]: %s\n", @@ -181,12 +177,16 @@ void doit(void) if (verify_status != chains[i].expected_verify_result) { gnutls_datum_t out1, out2; - gnutls_certificate_verification_status_print - (verify_status, GNUTLS_CRT_X509, &out1, 0); - gnutls_certificate_verification_status_print - (chains[i].expected_verify_result, - GNUTLS_CRT_X509, &out2, 0); - fail("chain[%s]:\nverify_status: %d: %s\nexpected: %d: %s\n", chains[i].name, verify_status, out1.data, chains[i].expected_verify_result, out2.data); + gnutls_certificate_verification_status_print( + verify_status, GNUTLS_CRT_X509, &out1, + 0); + gnutls_certificate_verification_status_print( + chains[i].expected_verify_result, + GNUTLS_CRT_X509, &out2, 0); + fail("chain[%s]:\nverify_status: %d: %s\nexpected: %d: %s\n", + chains[i].name, verify_status, out1.data, + chains[i].expected_verify_result, + out2.data); gnutls_free(out1.data); gnutls_free(out2.data); @@ -203,7 +203,6 @@ void doit(void) exit(1); } else if (debug) printf("done\n"); - } gnutls_x509_trust_list_init(&tl, 0); @@ -219,20 +218,13 @@ void doit(void) vdata[0].type = GNUTLS_DT_KEY_PURPOSE_OID; vdata[0].data = (void *)chains[i].purpose; - ret = - gnutls_x509_trust_list_verify_crt2(tl, certs, j, - vdata, 1, - chains - [i].verify_flags, - &verify_status1, - NULL); + ret = gnutls_x509_trust_list_verify_crt2( + tl, certs, j, vdata, 1, chains[i].verify_flags, + &verify_status1, NULL); } else { - ret = - gnutls_x509_trust_list_verify_crt(tl, certs, j, - chains - [i].verify_flags, - &verify_status1, - NULL); + ret = gnutls_x509_trust_list_verify_crt( + tl, certs, j, chains[i].verify_flags, + &verify_status1, NULL); } if (ret < 0) { fprintf(stderr, @@ -244,23 +236,32 @@ void doit(void) if (chains[i].purpose == NULL) { if (verify_status != verify_status1) { gnutls_datum_t out1, out2; - gnutls_certificate_verification_status_print - (verify_status, GNUTLS_CRT_X509, &out1, 0); - gnutls_certificate_verification_status_print - (verify_status1, GNUTLS_CRT_X509, &out2, 0); - fail("chain[%s]:\nverify_status: %d: %s\ntrust list vstatus: %d: %s\n", chains[i].name, verify_status, out1.data, verify_status1, out2.data); + gnutls_certificate_verification_status_print( + verify_status, GNUTLS_CRT_X509, &out1, + 0); + gnutls_certificate_verification_status_print( + verify_status1, GNUTLS_CRT_X509, &out2, + 0); + fail("chain[%s]:\nverify_status: %d: %s\ntrust list vstatus: %d: %s\n", + chains[i].name, verify_status, out1.data, + verify_status1, out2.data); gnutls_free(out1.data); gnutls_free(out2.data); } } else { - if (verify_status1 != chains[i].expected_verify_result) { + if (verify_status1 != + chains[i].expected_verify_result) { gnutls_datum_t out1, out2; - gnutls_certificate_verification_status_print - (verify_status1, GNUTLS_CRT_X509, &out1, 0); - gnutls_certificate_verification_status_print - (chains[i].expected_verify_result, - GNUTLS_CRT_X509, &out2, 0); - fail("chain[%s]:\nverify_status: %d: %s\nexpected: %d: %s\n", chains[i].name, verify_status1, out1.data, chains[i].expected_verify_result, out2.data); + gnutls_certificate_verification_status_print( + verify_status1, GNUTLS_CRT_X509, &out1, + 0); + gnutls_certificate_verification_status_print( + chains[i].expected_verify_result, + GNUTLS_CRT_X509, &out2, 0); + fail("chain[%s]:\nverify_status: %d: %s\nexpected: %d: %s\n", + chains[i].name, verify_status1, out1.data, + chains[i].expected_verify_result, + out2.data); gnutls_free(out1.data); gnutls_free(out2.data); } diff --git a/tests/cipher-alignment.c b/tests/cipher-alignment.c index 65fa6e0fa7..2ed64baad4 100644 --- a/tests/cipher-alignment.c +++ b/tests/cipher-alignment.c @@ -24,7 +24,7 @@ /* Tests whether memory input to ciphers are properly aligned */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,24 +40,24 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# endif -# include -# include -# include -# include -# include -# include -# include - -# include "utils.h" - -# include "ex-session-info.c" -# include "ex-x509-info.c" +#include +#include +#include +#if !defined(_WIN32) +#include +#endif +#include +#include +#include +#include +#include +#include +#include + +#include "utils.h" + +#include "ex-session-info.c" +#include "ex-x509-info.c" static pid_t child; @@ -67,56 +67,58 @@ static void tls_log_func(int level, const char *str) str); } -# define MAX_BUF 1024 -# define MSG "Hello TLS" +#define MAX_BUF 1024 +#define MSG "Hello TLS" static unsigned char ca_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIB5zCCAVKgAwIBAgIERiYdJzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTExWhcNMDgwNDE3MTMyOTExWjAZMRcw\n" - "FQYDVQQDEw5HbnVUTFMgdGVzdCBDQTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA\n" - "vuyYeh1vfmslnuggeEKgZAVmQ5ltSdUY7H25WGSygKMUYZ0KT74v8C780qtcNt9T\n" - "7EPH/N6RvB4BprdssgcQLsthR3XKA84jbjjxNCcaGs33lvOz8A1nf8p3hD+cKfRi\n" - "kfYSW2JazLrtCC4yRCas/SPOUxu78of+3HiTfFm/oXUCAwEAAaNDMEEwDwYDVR0T\n" - "AQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBTpPBz7rZJu5gak\n" - "Viyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAiaIRqGfp1jPpNeVhABK60SU0KIAy\n" - "njuu7kHq5peUgYn8Jd9zNzExBOEp1VOipGsf6G66oQAhDFp2o8zkz7ZH71zR4HEW\n" - "KoX6n5Emn6DvcEH/9pAhnGxNHJAoS7czTKv/JDZJhkqHxyrE1fuLsg5Qv25DTw7+\n" - "PfqUpIhz5Bbm7J4=\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIB5zCCAVKgAwIBAgIERiYdJzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTExWhcNMDgwNDE3MTMyOTExWjAZMRcw\n" + "FQYDVQQDEw5HbnVUTFMgdGVzdCBDQTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA\n" + "vuyYeh1vfmslnuggeEKgZAVmQ5ltSdUY7H25WGSygKMUYZ0KT74v8C780qtcNt9T\n" + "7EPH/N6RvB4BprdssgcQLsthR3XKA84jbjjxNCcaGs33lvOz8A1nf8p3hD+cKfRi\n" + "kfYSW2JazLrtCC4yRCas/SPOUxu78of+3HiTfFm/oXUCAwEAAaNDMEEwDwYDVR0T\n" + "AQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBTpPBz7rZJu5gak\n" + "Viyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAiaIRqGfp1jPpNeVhABK60SU0KIAy\n" + "njuu7kHq5peUgYn8Jd9zNzExBOEp1VOipGsf6G66oQAhDFp2o8zkz7ZH71zR4HEW\n" + "KoX6n5Emn6DvcEH/9pAhnGxNHJAoS7czTKv/JDZJhkqHxyrE1fuLsg5Qv25DTw7+\n" + "PfqUpIhz5Bbm7J4=\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t ca = { ca_pem, sizeof(ca_pem) }; static unsigned char cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" - "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" - "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" - "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" - "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" - "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" - "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" - "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" - "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" - "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" - "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" + "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" + "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" + "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" + "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" + "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" + "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" + "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" + "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" + "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" + "dc8Siq5JojruiMizAf0pA7in\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t cert = { cert_pem, sizeof(cert_pem) }; static unsigned char key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" - "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" - "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" - "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" - "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" - "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" - "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" - "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" - "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" - "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" - "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" - "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" - "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" + "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" + "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" + "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" + "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" + "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" + "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" + "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" + "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" + "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" + "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" + "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" + "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" + "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t key = { key_pem, sizeof(key_pem) }; struct myaes_ctx { @@ -127,15 +129,11 @@ struct myaes_ctx { static unsigned aes_init = 0; -extern int -_gnutls_crypto_register_cipher(gnutls_cipher_algorithm_t algorithm, - int priority, - gnutls_cipher_init_func init, - gnutls_cipher_setkey_func setkey, - gnutls_cipher_setiv_func setiv, - gnutls_cipher_encrypt_func encrypt, - gnutls_cipher_decrypt_func decrypt, - gnutls_cipher_deinit_func deinit); +extern int _gnutls_crypto_register_cipher( + gnutls_cipher_algorithm_t algorithm, int priority, + gnutls_cipher_init_func init, gnutls_cipher_setkey_func setkey, + gnutls_cipher_setiv_func setiv, gnutls_cipher_encrypt_func encrypt, + gnutls_cipher_decrypt_func decrypt, gnutls_cipher_deinit_func deinit); static int myaes_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc) { @@ -175,32 +173,30 @@ static int myaes_setiv(void *_ctx, const void *iv, size_t iv_size) return 0; } -static int -myaes_encrypt(void *_ctx, const void *src, size_t src_size, - void *dst, size_t dst_size) +static int myaes_encrypt(void *_ctx, const void *src, size_t src_size, + void *dst, size_t dst_size) { struct myaes_ctx *ctx = _ctx; -# if 0 /* this is under the control of the caller */ +#if 0 /* this is under the control of the caller */ if (((unsigned long)src) % 16 != 0) { fail("encrypt: source is not 16-byte aligned: %lu\n", ((unsigned long)src) % 16); } -# endif +#endif if (((unsigned long)dst) % 16 != 0) { fail("encrypt: dest is not 16-byte aligned: %lu\n", ((unsigned long)dst) % 16); } - cbc_encrypt(&ctx->aes, (nettle_cipher_func *) aes128_encrypt, 16, + cbc_encrypt(&ctx->aes, (nettle_cipher_func *)aes128_encrypt, 16, ctx->iv, src_size, dst, src); return 0; } -static int -myaes_decrypt(void *_ctx, const void *src, size_t src_size, - void *dst, size_t dst_size) +static int myaes_decrypt(void *_ctx, const void *src, size_t src_size, + void *dst, size_t dst_size) { struct myaes_ctx *ctx = _ctx; @@ -209,14 +205,14 @@ myaes_decrypt(void *_ctx, const void *src, size_t src_size, ((unsigned long)src) % 16); } -# if 0 /* this is under the control of the caller */ +#if 0 /* this is under the control of the caller */ if (((unsigned long)dst) % 16 != 0) { fail("decrypt: dest is not 16-byte aligned: %lu\n", ((unsigned long)dst) % 16); } -# endif +#endif - cbc_decrypt(&ctx->aes, (nettle_cipher_func *) aes128_decrypt, 16, + cbc_decrypt(&ctx->aes, (nettle_cipher_func *)aes128_decrypt, 16, ctx->iv, src_size, dst, src); return 0; @@ -272,8 +268,8 @@ static void client(int sd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* see the Getting peer's information example */ if (debug) @@ -301,8 +297,7 @@ static void client(int sd, const char *prio) ret = gnutls_handshake(session); if (ret == 0) { if (debug) - success - ("client: handshake complete, reading again.\n"); + success("client: handshake complete, reading again.\n"); ret = gnutls_record_recv(session, buffer, MAX_BUF); } else { fail("client: handshake failed.\n"); @@ -328,7 +323,7 @@ static void client(int sd, const char *prio) gnutls_bye(session, GNUTLS_SHUT_RDWR); - end: +end: close(sd); @@ -340,50 +335,47 @@ static void client(int sd, const char *prio) /* This is a sample TLS 1.0 echo server, using X.509 authentication. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 /* These are global */ static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; static void server(int sd, const char *prio) { @@ -429,8 +421,8 @@ static void server(int sd, const char *prio) if (debug) { success("server: Handshake was completed\n"); success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); } /* see the Getting peer's information example */ @@ -443,11 +435,11 @@ static void server(int sd, const char *prio) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { - fail("server: Received corrupted data(%d). Closing...\n", ret); + fail("server: Received corrupted data(%d). Closing...\n", + ret); break; } else if (ret > 0) { /* echo data back to the client @@ -468,8 +460,7 @@ static void server(int sd, const char *prio) success("server: finished\n"); } -static -void start(const char *prio) +static void start(const char *prio) { int sockets[2]; int err; @@ -509,10 +500,8 @@ void doit(void) global_init(); ret = _gnutls_crypto_register_cipher(GNUTLS_CIPHER_AES_128_CBC, 1, - myaes_init, - myaes_setkey, - myaes_setiv, - myaes_encrypt, + myaes_init, myaes_setkey, + myaes_setiv, myaes_encrypt, myaes_decrypt, myaes_deinit); if (ret < 0) { fail("%d: cannot register cipher\n", __LINE__); @@ -526,4 +515,4 @@ void doit(void) gnutls_global_deinit(); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/cipher-neg-common.c b/tests/cipher-neg-common.c index 3f7dc2a3f7..cad360274d 100644 --- a/tests/cipher-neg-common.c +++ b/tests/cipher-neg-common.c @@ -30,7 +30,7 @@ typedef struct test_case_st { unsigned not_on_fips; } test_case_st; -static void try(test_case_st * test) +static void try(test_case_st *test) { int sret, cret; gnutls_certificate_credentials_t s_cert_cred; @@ -54,15 +54,15 @@ static void try(test_case_st * test) gnutls_certificate_set_known_dh_params(s_cert_cred, GNUTLS_SEC_PARAM_MEDIUM); - assert(gnutls_certificate_set_x509_key_mem - (s_cert_cred, &server_ca3_localhost_rsa_decrypt_cert, - &server_ca3_key, GNUTLS_X509_FMT_PEM) >= 0); - assert(gnutls_certificate_set_x509_key_mem - (s_cert_cred, &server_ca3_localhost_rsa_sign_cert, - &server_ca3_key, GNUTLS_X509_FMT_PEM) >= 0); - assert(gnutls_certificate_set_x509_key_mem - (s_cert_cred, &server_ca3_localhost_ecc_cert, - &server_ca3_ecc_key, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + s_cert_cred, &server_ca3_localhost_rsa_decrypt_cert, + &server_ca3_key, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + s_cert_cred, &server_ca3_localhost_rsa_sign_cert, + &server_ca3_key, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + s_cert_cred, &server_ca3_localhost_ecc_cert, + &server_ca3_ecc_key, GNUTLS_X509_FMT_PEM) >= 0); gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, c_cert_cred); @@ -86,20 +86,26 @@ static void try(test_case_st * test) char *desc2 = gnutls_session_get_desc(client); if (strcmp(desc1, desc2) != 0) - fail("server and client session description don't match (%s, %s)\n", desc1, desc2); + fail("server and client session description don't match (%s, %s)\n", + desc1, desc2); if (strcmp(desc1, test->desc) != 0) - fail("session and expected session description don't match (%s, %s)\n", desc1, test->desc); + fail("session and expected session description don't match (%s, %s)\n", + desc1, test->desc); gnutls_free(desc1); gnutls_free(desc2); } if (sret != cret) { - fail("%s: client negotiated different cipher than server (%s, %s)!\n", test->name, gnutls_cipher_get_name(cret), gnutls_cipher_get_name(sret)); + fail("%s: client negotiated different cipher than server (%s, %s)!\n", + test->name, gnutls_cipher_get_name(cret), + gnutls_cipher_get_name(sret)); } if (cret != test->cipher) { - fail("%s: negotiated cipher differs with the expected (%s, %s)!\n", test->name, gnutls_cipher_get_name(cret), gnutls_cipher_get_name(test->cipher)); + fail("%s: negotiated cipher differs with the expected (%s, %s)!\n", + test->name, gnutls_cipher_get_name(cret), + gnutls_cipher_get_name(test->cipher)); } if (test->group) { @@ -107,11 +113,15 @@ static void try(test_case_st * test) cret = gnutls_group_get(server); if (sret != cret) { - fail("%s: client negotiated different group than server (%s, %s)!\n", test->name, gnutls_group_get_name(cret), gnutls_group_get_name(sret)); + fail("%s: client negotiated different group than server (%s, %s)!\n", + test->name, gnutls_group_get_name(cret), + gnutls_group_get_name(sret)); } if (cret != test->group) { - fail("%s: negotiated group differs with the expected (%s, %s)!\n", test->name, gnutls_group_get_name(cret), gnutls_group_get_name(test->group)); + fail("%s: negotiated group differs with the expected (%s, %s)!\n", + test->name, gnutls_group_get_name(cret), + gnutls_group_get_name(test->group)); } } diff --git a/tests/cipher-padding.c b/tests/cipher-padding.c index d629a595f9..7572269fca 100644 --- a/tests/cipher-padding.c +++ b/tests/cipher-padding.c @@ -35,8 +35,8 @@ static void tls_log_func(int level, const char *str) #define CLAMP(x, b) (((x) + (b)) / (b)) * (b) -static void -start(gnutls_cipher_algorithm_t algo, size_t plaintext_size, unsigned int flags) +static void start(gnutls_cipher_algorithm_t algo, size_t plaintext_size, + unsigned int flags) { int ret; gnutls_cipher_hd_t ch; @@ -48,8 +48,8 @@ start(gnutls_cipher_algorithm_t algo, size_t plaintext_size, unsigned int flags) size_t size; gnutls_datum_t key, iv; - success("%s %zu %u\n", - gnutls_cipher_get_name(algo), plaintext_size, flags); + success("%s %zu %u\n", gnutls_cipher_get_name(algo), plaintext_size, + flags); block_size = gnutls_cipher_get_block_size(algo); @@ -72,18 +72,16 @@ start(gnutls_cipher_algorithm_t algo, size_t plaintext_size, unsigned int flags) /* Check overflow if PKCS#7 is requested */ if (flags & GNUTLS_CIPHER_PADDING_PKCS7) { - ret = gnutls_cipher_encrypt3(ch, - plaintext, SIZE_MAX, - NULL, &size, flags); + ret = gnutls_cipher_encrypt3(ch, plaintext, SIZE_MAX, NULL, + &size, flags); if (ret != GNUTLS_E_INVALID_REQUEST) { fail("gnutls_cipher_encrypt3 succeeded\n"); } } /* Get the ciphertext size */ - ret = gnutls_cipher_encrypt3(ch, - plaintext, plaintext_size, - NULL, &size, flags); + ret = gnutls_cipher_encrypt3(ch, plaintext, plaintext_size, NULL, &size, + flags); if (ret < 0) { fail("gnutls_cipher_encrypt3 failed\n"); } @@ -93,35 +91,33 @@ start(gnutls_cipher_algorithm_t algo, size_t plaintext_size, unsigned int flags) fail("no padding appended\n"); } if (size != CLAMP(plaintext_size, block_size)) { - fail("size does not match: %zu (expected %zu)\n", - size, CLAMP(plaintext_size, block_size)); + fail("size does not match: %zu (expected %zu)\n", size, + CLAMP(plaintext_size, block_size)); } } else { if (size != plaintext_size) { - fail("size does not match: %zu (expected %zu)\n", - size, plaintext_size); + fail("size does not match: %zu (expected %zu)\n", size, + plaintext_size); } } /* Encrypt with padding */ - ret = gnutls_cipher_encrypt3(ch, - plaintext, plaintext_size, - ciphertext, &size, flags); + ret = gnutls_cipher_encrypt3(ch, plaintext, plaintext_size, ciphertext, + &size, flags); if (ret < 0) { fail("gnutls_cipher_encrypt3 failed\n"); } /* Decrypt with padding */ - ret = gnutls_cipher_decrypt3(ch, - ciphertext, size, - ciphertext, &size, flags); + ret = gnutls_cipher_decrypt3(ch, ciphertext, size, ciphertext, &size, + flags); if (ret < 0) { fail("gnutls_cipher_encrypt3 failed\n"); } if (size != plaintext_size) { - fail("size does not match: %zu (expected %zu)\n", - size, plaintext_size); + fail("size does not match: %zu (expected %zu)\n", size, + plaintext_size); } if (memcmp(ciphertext, plaintext, size) != 0) { diff --git a/tests/ciphersuite-name.c b/tests/ciphersuite-name.c index 9331c34905..8d194190b4 100644 --- a/tests/ciphersuite-name.c +++ b/tests/ciphersuite-name.c @@ -37,8 +37,8 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static void -start(const char *test_name, const char *prio, const char *expected_name) +static void start(const char *test_name, const char *prio, + const char *expected_name) { int sret, cret; gnutls_certificate_credentials_t scred, ccred; @@ -54,8 +54,7 @@ start(const char *test_name, const char *prio, const char *expected_name) /* Init server */ assert(gnutls_certificate_allocate_credentials(&scred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(scred, - &server_cert, + assert(gnutls_certificate_set_x509_key_mem(scred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM) >= 0); @@ -69,8 +68,8 @@ start(const char *test_name, const char *prio, const char *expected_name) /* Init client */ gnutls_certificate_allocate_credentials(&ccred); - assert(gnutls_certificate_set_x509_trust_mem - (ccred, &ca3_cert, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(ccred, &ca3_cert, + GNUTLS_X509_FMT_PEM) >= 0); gnutls_init(&client, GNUTLS_CLIENT); @@ -86,12 +85,14 @@ start(const char *test_name, const char *prio, const char *expected_name) name = gnutls_ciphersuite_get(server); if (!name || strcmp(name, expected_name) != 0) { - fail("server: gnutls_ciphersuite_get returned %s while %s is expected\n", name, expected_name); + fail("server: gnutls_ciphersuite_get returned %s while %s is expected\n", + name, expected_name); } name = gnutls_ciphersuite_get(client); if (!name || strcmp(name, expected_name) != 0) { - fail("client: gnutls_ciphersuite_get returned %s while %s is expected\n", name, expected_name); + fail("client: gnutls_ciphersuite_get returned %s while %s is expected\n", + name, expected_name); } gnutls_bye(client, GNUTLS_SHUT_WR); diff --git a/tests/client-fastopen.c b/tests/client-fastopen.c index bf3b854a00..17eced7eca 100644 --- a/tests/client-fastopen.c +++ b/tests/client-fastopen.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -39,21 +39,21 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "cert-common.h" +#include "utils.h" static void terminate(void); @@ -67,7 +67,7 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, struct sockaddr *connect_addr, socklen_t connect_addrlen, const char *prio) @@ -103,8 +103,7 @@ static void client(int fd, struct sockaddr *connect_addr, */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed: %s\n", gnutls_strerror(ret)); @@ -116,8 +115,8 @@ static void client(int fd, struct sockaddr *connect_addr, if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { ret = gnutls_record_recv(session, buffer, sizeof(buffer) - 1); @@ -138,7 +137,7 @@ static void client(int fd, struct sockaddr *connect_addr, gnutls_strerror(ret)); } - end: +end: close(fd); @@ -177,9 +176,8 @@ static void server(int fd, const char *prio) gnutls_certificate_allocate_credentials(&xcred); - ret = gnutls_certificate_set_x509_key_mem(xcred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + xcred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -197,8 +195,7 @@ static void server(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -211,8 +208,8 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* see the Getting peer's information example */ /* print_info(session); */ @@ -252,8 +249,7 @@ static void ch_handler(int sig) return; } -static -void run(const char *name, const char *prio) +static void run(const char *name, const char *prio) { int ret; struct sockaddr_in saddr; @@ -322,4 +318,4 @@ void doit(void) run("tls1.3", "NORMAL:-VERS-ALL:+VERS-TLS1.3"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/client-secrets.h b/tests/client-secrets.h index f53660e6b2..76fefbe783 100644 --- a/tests/client-secrets.h +++ b/tests/client-secrets.h @@ -22,312 +22,312 @@ */ #ifndef GNUTLS_TESTS_CLIENT_SECRETS_H -# define GNUTLS_TESTS_CLIENT_SECRETS_H +#define GNUTLS_TESTS_CLIENT_SECRETS_H static const struct secret client_normal_0[] = { { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\xdc\x47\xf1\x8b\x33\xd6\x08\x26\xa1\xad\xd9\xb0\x81\xee\x32\x01\xb6\xfc\xce\x9a\xa0\x35\xd1\x30\x61\x85\x2d\xff\x3d\xb1\xe5\x49", - (const uint8_t *) - "\x24\x24\xaf\xad\xa8\x0e\x40\xc6\xa1\xc3\x05\xff\x5a\xe5\x04\xb9\xc4\xc2\xff\xd6\x2b\x9a\xb8\x43\x85\x78\x92\x1e\x69\x44\x3d\xe2", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\x03\x38\xcf\x43\x68\x90\x01\x7a\xdb\x06\x7d\x92\x08\xcf\x67\x22\x41\xa7\xd3\xe7\x7e\x3a\xaf\x50\xd6\x5c\xaa\xfe\x90\xa4\x87\xa2", - (const uint8_t *) - "\x5c\x6f\xe8\x8b\xac\x0a\x7b\x04\x76\x9f\xe8\x2a\x7c\x06\x19\x4c\xa7\x51\x5c\xfe\xb9\x31\x25\x0d\x3b\x07\x78\xa9\xdd\x2d\x27\x72", - }, + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\xdc\x47\xf1\x8b\x33\xd6\x08\x26\xa1\xad\xd9\xb0\x81\xee\x32\x01\xb6\xfc\xce\x9a\xa0\x35\xd1\x30\x61\x85\x2d\xff\x3d\xb1\xe5\x49", + (const uint8_t + *)"\x24\x24\xaf\xad\xa8\x0e\x40\xc6\xa1\xc3\x05\xff\x5a\xe5\x04\xb9\xc4\xc2\xff\xd6\x2b\x9a\xb8\x43\x85\x78\x92\x1e\x69\x44\x3d\xe2", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\x03\x38\xcf\x43\x68\x90\x01\x7a\xdb\x06\x7d\x92\x08\xcf\x67\x22\x41\xa7\xd3\xe7\x7e\x3a\xaf\x50\xd6\x5c\xaa\xfe\x90\xa4\x87\xa2", + (const uint8_t + *)"\x5c\x6f\xe8\x8b\xac\x0a\x7b\x04\x76\x9f\xe8\x2a\x7c\x06\x19\x4c\xa7\x51\x5c\xfe\xb9\x31\x25\x0d\x3b\x07\x78\xa9\xdd\x2d\x27\x72", + }, }; static const struct secret client_normal_1[] = { { - GNUTLS_ENCRYPTION_LEVEL_EARLY, - 32, - NULL, - (const uint8_t *) - "\x6f\x16\x97\x8e\x90\x94\x77\x40\x0f\x00\xff\x79\x1c\x15\x20\x19\xeb\xc6\x10\x59\x8f\x92\xac\xab\xe6\xc8\x3c\x12\x30\x94\x91\x12", - }, - { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", - NULL, - }, - { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - NULL, - (const uint8_t *) - "\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\xf8\xa9\xd5\xe6\x18\xbb\xb7\x07\x1d\xb3\x8f\x78\x61\x30\x63\x01\xa5\x49\xc6\x05\x92\x7f\x67\x98\x72\x76\x75\xb1\x31\x1f\x14\xf9", - (const uint8_t *) - "\xab\xa3\xf5\x4f\xcc\x3f\xd7\xb7\x23\x73\x51\x6e\x64\xc1\xaa\x6b\xa9\x77\x30\x58\xe6\xd4\xf5\xe9\xa5\xd2\x0d\x35\x42\x65\xda\xf1", - }, + GNUTLS_ENCRYPTION_LEVEL_EARLY, + 32, + NULL, + (const uint8_t + *)"\x6f\x16\x97\x8e\x90\x94\x77\x40\x0f\x00\xff\x79\x1c\x15\x20\x19\xeb\xc6\x10\x59\x8f\x92\xac\xab\xe6\xc8\x3c\x12\x30\x94\x91\x12", + }, + { + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", + NULL, + }, + { + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + NULL, + (const uint8_t + *)"\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\xf8\xa9\xd5\xe6\x18\xbb\xb7\x07\x1d\xb3\x8f\x78\x61\x30\x63\x01\xa5\x49\xc6\x05\x92\x7f\x67\x98\x72\x76\x75\xb1\x31\x1f\x14\xf9", + (const uint8_t + *)"\xab\xa3\xf5\x4f\xcc\x3f\xd7\xb7\x23\x73\x51\x6e\x64\xc1\xaa\x6b\xa9\x77\x30\x58\xe6\xd4\xf5\xe9\xa5\xd2\x0d\x35\x42\x65\xda\xf1", + }, }; static const struct secret client_normal_2[] = { { - GNUTLS_ENCRYPTION_LEVEL_EARLY, - 32, - NULL, - (const uint8_t *) - "\x6f\x16\x97\x8e\x90\x94\x77\x40\x0f\x00\xff\x79\x1c\x15\x20\x19\xeb\xc6\x10\x59\x8f\x92\xac\xab\xe6\xc8\x3c\x12\x30\x94\x91\x12", - }, - { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", - NULL, - }, - { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - NULL, - (const uint8_t *) - "\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\xd8\xdf\x24\xd6\xe1\xdc\x86\x3b\x88\x3d\x2b\xad\x56\xec\x22\xd4\x5c\xaf\xa9\x24\xa3\x90\x20\xa1\xae\x77\x5c\x7d\xef\x3d\xcc\x5b", - (const uint8_t *) - "\x8d\x02\xe0\xe8\x5f\x9a\xcc\xc7\x8c\x81\x3b\x58\x5f\xa9\xdb\xfd\x98\xb1\x1f\xcc\x3e\x7b\xca\xe7\xef\x05\x4c\x84\x6c\xe1\x11\x25", - }, + GNUTLS_ENCRYPTION_LEVEL_EARLY, + 32, + NULL, + (const uint8_t + *)"\x6f\x16\x97\x8e\x90\x94\x77\x40\x0f\x00\xff\x79\x1c\x15\x20\x19\xeb\xc6\x10\x59\x8f\x92\xac\xab\xe6\xc8\x3c\x12\x30\x94\x91\x12", + }, + { + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", + NULL, + }, + { + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + NULL, + (const uint8_t + *)"\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\xd8\xdf\x24\xd6\xe1\xdc\x86\x3b\x88\x3d\x2b\xad\x56\xec\x22\xd4\x5c\xaf\xa9\x24\xa3\x90\x20\xa1\xae\x77\x5c\x7d\xef\x3d\xcc\x5b", + (const uint8_t + *)"\x8d\x02\xe0\xe8\x5f\x9a\xcc\xc7\x8c\x81\x3b\x58\x5f\xa9\xdb\xfd\x98\xb1\x1f\xcc\x3e\x7b\xca\xe7\xef\x05\x4c\x84\x6c\xe1\x11\x25", + }, }; static const struct secret client_small_0[] = { { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\xdc\x47\xf1\x8b\x33\xd6\x08\x26\xa1\xad\xd9\xb0\x81\xee\x32\x01\xb6\xfc\xce\x9a\xa0\x35\xd1\x30\x61\x85\x2d\xff\x3d\xb1\xe5\x49", - (const uint8_t *) - "\x24\x24\xaf\xad\xa8\x0e\x40\xc6\xa1\xc3\x05\xff\x5a\xe5\x04\xb9\xc4\xc2\xff\xd6\x2b\x9a\xb8\x43\x85\x78\x92\x1e\x69\x44\x3d\xe2", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\x03\x38\xcf\x43\x68\x90\x01\x7a\xdb\x06\x7d\x92\x08\xcf\x67\x22\x41\xa7\xd3\xe7\x7e\x3a\xaf\x50\xd6\x5c\xaa\xfe\x90\xa4\x87\xa2", - (const uint8_t *) - "\x5c\x6f\xe8\x8b\xac\x0a\x7b\x04\x76\x9f\xe8\x2a\x7c\x06\x19\x4c\xa7\x51\x5c\xfe\xb9\x31\x25\x0d\x3b\x07\x78\xa9\xdd\x2d\x27\x72", - }, + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\xdc\x47\xf1\x8b\x33\xd6\x08\x26\xa1\xad\xd9\xb0\x81\xee\x32\x01\xb6\xfc\xce\x9a\xa0\x35\xd1\x30\x61\x85\x2d\xff\x3d\xb1\xe5\x49", + (const uint8_t + *)"\x24\x24\xaf\xad\xa8\x0e\x40\xc6\xa1\xc3\x05\xff\x5a\xe5\x04\xb9\xc4\xc2\xff\xd6\x2b\x9a\xb8\x43\x85\x78\x92\x1e\x69\x44\x3d\xe2", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\x03\x38\xcf\x43\x68\x90\x01\x7a\xdb\x06\x7d\x92\x08\xcf\x67\x22\x41\xa7\xd3\xe7\x7e\x3a\xaf\x50\xd6\x5c\xaa\xfe\x90\xa4\x87\xa2", + (const uint8_t + *)"\x5c\x6f\xe8\x8b\xac\x0a\x7b\x04\x76\x9f\xe8\x2a\x7c\x06\x19\x4c\xa7\x51\x5c\xfe\xb9\x31\x25\x0d\x3b\x07\x78\xa9\xdd\x2d\x27\x72", + }, }; static const struct secret client_small_1[] = { { - GNUTLS_ENCRYPTION_LEVEL_EARLY, - 32, - NULL, - (const uint8_t *) - "\x6f\x16\x97\x8e\x90\x94\x77\x40\x0f\x00\xff\x79\x1c\x15\x20\x19\xeb\xc6\x10\x59\x8f\x92\xac\xab\xe6\xc8\x3c\x12\x30\x94\x91\x12", - }, - { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", - NULL, - }, - { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - NULL, - (const uint8_t *) - "\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\xf8\xa9\xd5\xe6\x18\xbb\xb7\x07\x1d\xb3\x8f\x78\x61\x30\x63\x01\xa5\x49\xc6\x05\x92\x7f\x67\x98\x72\x76\x75\xb1\x31\x1f\x14\xf9", - (const uint8_t *) - "\xab\xa3\xf5\x4f\xcc\x3f\xd7\xb7\x23\x73\x51\x6e\x64\xc1\xaa\x6b\xa9\x77\x30\x58\xe6\xd4\xf5\xe9\xa5\xd2\x0d\x35\x42\x65\xda\xf1", - }, + GNUTLS_ENCRYPTION_LEVEL_EARLY, + 32, + NULL, + (const uint8_t + *)"\x6f\x16\x97\x8e\x90\x94\x77\x40\x0f\x00\xff\x79\x1c\x15\x20\x19\xeb\xc6\x10\x59\x8f\x92\xac\xab\xe6\xc8\x3c\x12\x30\x94\x91\x12", + }, + { + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", + NULL, + }, + { + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + NULL, + (const uint8_t + *)"\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\xf8\xa9\xd5\xe6\x18\xbb\xb7\x07\x1d\xb3\x8f\x78\x61\x30\x63\x01\xa5\x49\xc6\x05\x92\x7f\x67\x98\x72\x76\x75\xb1\x31\x1f\x14\xf9", + (const uint8_t + *)"\xab\xa3\xf5\x4f\xcc\x3f\xd7\xb7\x23\x73\x51\x6e\x64\xc1\xaa\x6b\xa9\x77\x30\x58\xe6\xd4\xf5\xe9\xa5\xd2\x0d\x35\x42\x65\xda\xf1", + }, }; static const struct secret client_small_2[] = { { - GNUTLS_ENCRYPTION_LEVEL_EARLY, - 32, - NULL, - (const uint8_t *) - "\x6f\x16\x97\x8e\x90\x94\x77\x40\x0f\x00\xff\x79\x1c\x15\x20\x19\xeb\xc6\x10\x59\x8f\x92\xac\xab\xe6\xc8\x3c\x12\x30\x94\x91\x12", - }, - { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", - NULL, - }, - { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - NULL, - (const uint8_t *) - "\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\xd8\xdf\x24\xd6\xe1\xdc\x86\x3b\x88\x3d\x2b\xad\x56\xec\x22\xd4\x5c\xaf\xa9\x24\xa3\x90\x20\xa1\xae\x77\x5c\x7d\xef\x3d\xcc\x5b", - (const uint8_t *) - "\x8d\x02\xe0\xe8\x5f\x9a\xcc\xc7\x8c\x81\x3b\x58\x5f\xa9\xdb\xfd\x98\xb1\x1f\xcc\x3e\x7b\xca\xe7\xef\x05\x4c\x84\x6c\xe1\x11\x25", - }, + GNUTLS_ENCRYPTION_LEVEL_EARLY, + 32, + NULL, + (const uint8_t + *)"\x6f\x16\x97\x8e\x90\x94\x77\x40\x0f\x00\xff\x79\x1c\x15\x20\x19\xeb\xc6\x10\x59\x8f\x92\xac\xab\xe6\xc8\x3c\x12\x30\x94\x91\x12", + }, + { + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", + NULL, + }, + { + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + NULL, + (const uint8_t + *)"\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\xd8\xdf\x24\xd6\xe1\xdc\x86\x3b\x88\x3d\x2b\xad\x56\xec\x22\xd4\x5c\xaf\xa9\x24\xa3\x90\x20\xa1\xae\x77\x5c\x7d\xef\x3d\xcc\x5b", + (const uint8_t + *)"\x8d\x02\xe0\xe8\x5f\x9a\xcc\xc7\x8c\x81\x3b\x58\x5f\xa9\xdb\xfd\x98\xb1\x1f\xcc\x3e\x7b\xca\xe7\xef\x05\x4c\x84\x6c\xe1\x11\x25", + }, }; static const struct secret client_empty_0[] = { { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\xdc\x47\xf1\x8b\x33\xd6\x08\x26\xa1\xad\xd9\xb0\x81\xee\x32\x01\xb6\xfc\xce\x9a\xa0\x35\xd1\x30\x61\x85\x2d\xff\x3d\xb1\xe5\x49", - (const uint8_t *) - "\x24\x24\xaf\xad\xa8\x0e\x40\xc6\xa1\xc3\x05\xff\x5a\xe5\x04\xb9\xc4\xc2\xff\xd6\x2b\x9a\xb8\x43\x85\x78\x92\x1e\x69\x44\x3d\xe2", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\x03\x38\xcf\x43\x68\x90\x01\x7a\xdb\x06\x7d\x92\x08\xcf\x67\x22\x41\xa7\xd3\xe7\x7e\x3a\xaf\x50\xd6\x5c\xaa\xfe\x90\xa4\x87\xa2", - (const uint8_t *) - "\x5c\x6f\xe8\x8b\xac\x0a\x7b\x04\x76\x9f\xe8\x2a\x7c\x06\x19\x4c\xa7\x51\x5c\xfe\xb9\x31\x25\x0d\x3b\x07\x78\xa9\xdd\x2d\x27\x72", - }, + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\xdc\x47\xf1\x8b\x33\xd6\x08\x26\xa1\xad\xd9\xb0\x81\xee\x32\x01\xb6\xfc\xce\x9a\xa0\x35\xd1\x30\x61\x85\x2d\xff\x3d\xb1\xe5\x49", + (const uint8_t + *)"\x24\x24\xaf\xad\xa8\x0e\x40\xc6\xa1\xc3\x05\xff\x5a\xe5\x04\xb9\xc4\xc2\xff\xd6\x2b\x9a\xb8\x43\x85\x78\x92\x1e\x69\x44\x3d\xe2", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\x03\x38\xcf\x43\x68\x90\x01\x7a\xdb\x06\x7d\x92\x08\xcf\x67\x22\x41\xa7\xd3\xe7\x7e\x3a\xaf\x50\xd6\x5c\xaa\xfe\x90\xa4\x87\xa2", + (const uint8_t + *)"\x5c\x6f\xe8\x8b\xac\x0a\x7b\x04\x76\x9f\xe8\x2a\x7c\x06\x19\x4c\xa7\x51\x5c\xfe\xb9\x31\x25\x0d\x3b\x07\x78\xa9\xdd\x2d\x27\x72", + }, }; static const struct secret client_empty_1[] = { { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\xac\xc2\x07\x48\xba\x3d\x59\x2f\x5f\xce\x79\xda\xa6\x04\x4b\x55\x06\x2c\x9f\x0e\xdf\xda\x42\x51\x9d\x0b\xd9\x39\x4b\x8c\xb2\x7e", - (const uint8_t *) - "\x87\x07\x01\xdc\x13\xdc\xb7\x93\x26\x53\xff\xa4\x2d\x28\xed\xca\xef\x5b\xa7\x94\x17\x26\xdf\x1f\x8c\x7b\x79\x32\x55\x5e\xcb\x79", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\x73\x16\xe6\x0a\x66\xe1\x81\xd8\x74\xfa\x25\xe3\xf3\x1a\xf2\x4d\x84\xd6\xc6\x7a\x1b\x27\x79\x0a\x09\x9e\xd2\xd4\x1d\xdf\x0f\x53", - (const uint8_t *) - "\x5f\x8e\xfe\x3e\xa0\x41\x27\x9e\xbb\xba\xf2\xa9\x22\xc6\x06\x58\xb5\xbf\x6e\x29\x3d\x84\x10\x4e\x3f\xe3\xc0\x1f\x7a\x2c\xf5\x21", - }, + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\xac\xc2\x07\x48\xba\x3d\x59\x2f\x5f\xce\x79\xda\xa6\x04\x4b\x55\x06\x2c\x9f\x0e\xdf\xda\x42\x51\x9d\x0b\xd9\x39\x4b\x8c\xb2\x7e", + (const uint8_t + *)"\x87\x07\x01\xdc\x13\xdc\xb7\x93\x26\x53\xff\xa4\x2d\x28\xed\xca\xef\x5b\xa7\x94\x17\x26\xdf\x1f\x8c\x7b\x79\x32\x55\x5e\xcb\x79", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\x73\x16\xe6\x0a\x66\xe1\x81\xd8\x74\xfa\x25\xe3\xf3\x1a\xf2\x4d\x84\xd6\xc6\x7a\x1b\x27\x79\x0a\x09\x9e\xd2\xd4\x1d\xdf\x0f\x53", + (const uint8_t + *)"\x5f\x8e\xfe\x3e\xa0\x41\x27\x9e\xbb\xba\xf2\xa9\x22\xc6\x06\x58\xb5\xbf\x6e\x29\x3d\x84\x10\x4e\x3f\xe3\xc0\x1f\x7a\x2c\xf5\x21", + }, }; static const struct secret client_empty_2[] = { { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\xac\xc2\x07\x48\xba\x3d\x59\x2f\x5f\xce\x79\xda\xa6\x04\x4b\x55\x06\x2c\x9f\x0e\xdf\xda\x42\x51\x9d\x0b\xd9\x39\x4b\x8c\xb2\x7e", - (const uint8_t *) - "\x87\x07\x01\xdc\x13\xdc\xb7\x93\x26\x53\xff\xa4\x2d\x28\xed\xca\xef\x5b\xa7\x94\x17\x26\xdf\x1f\x8c\x7b\x79\x32\x55\x5e\xcb\x79", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\x73\x16\xe6\x0a\x66\xe1\x81\xd8\x74\xfa\x25\xe3\xf3\x1a\xf2\x4d\x84\xd6\xc6\x7a\x1b\x27\x79\x0a\x09\x9e\xd2\xd4\x1d\xdf\x0f\x53", - (const uint8_t *) - "\x5f\x8e\xfe\x3e\xa0\x41\x27\x9e\xbb\xba\xf2\xa9\x22\xc6\x06\x58\xb5\xbf\x6e\x29\x3d\x84\x10\x4e\x3f\xe3\xc0\x1f\x7a\x2c\xf5\x21", - }, + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\xac\xc2\x07\x48\xba\x3d\x59\x2f\x5f\xce\x79\xda\xa6\x04\x4b\x55\x06\x2c\x9f\x0e\xdf\xda\x42\x51\x9d\x0b\xd9\x39\x4b\x8c\xb2\x7e", + (const uint8_t + *)"\x87\x07\x01\xdc\x13\xdc\xb7\x93\x26\x53\xff\xa4\x2d\x28\xed\xca\xef\x5b\xa7\x94\x17\x26\xdf\x1f\x8c\x7b\x79\x32\x55\x5e\xcb\x79", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\x73\x16\xe6\x0a\x66\xe1\x81\xd8\x74\xfa\x25\xe3\xf3\x1a\xf2\x4d\x84\xd6\xc6\x7a\x1b\x27\x79\x0a\x09\x9e\xd2\xd4\x1d\xdf\x0f\x53", + (const uint8_t + *)"\x5f\x8e\xfe\x3e\xa0\x41\x27\x9e\xbb\xba\xf2\xa9\x22\xc6\x06\x58\xb5\xbf\x6e\x29\x3d\x84\x10\x4e\x3f\xe3\xc0\x1f\x7a\x2c\xf5\x21", + }, }; static const struct secret client_explicit_0[] = { { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\xdc\x47\xf1\x8b\x33\xd6\x08\x26\xa1\xad\xd9\xb0\x81\xee\x32\x01\xb6\xfc\xce\x9a\xa0\x35\xd1\x30\x61\x85\x2d\xff\x3d\xb1\xe5\x49", - (const uint8_t *) - "\x24\x24\xaf\xad\xa8\x0e\x40\xc6\xa1\xc3\x05\xff\x5a\xe5\x04\xb9\xc4\xc2\xff\xd6\x2b\x9a\xb8\x43\x85\x78\x92\x1e\x69\x44\x3d\xe2", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\x03\x38\xcf\x43\x68\x90\x01\x7a\xdb\x06\x7d\x92\x08\xcf\x67\x22\x41\xa7\xd3\xe7\x7e\x3a\xaf\x50\xd6\x5c\xaa\xfe\x90\xa4\x87\xa2", - (const uint8_t *) - "\x5c\x6f\xe8\x8b\xac\x0a\x7b\x04\x76\x9f\xe8\x2a\x7c\x06\x19\x4c\xa7\x51\x5c\xfe\xb9\x31\x25\x0d\x3b\x07\x78\xa9\xdd\x2d\x27\x72", - }, + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\xdc\x47\xf1\x8b\x33\xd6\x08\x26\xa1\xad\xd9\xb0\x81\xee\x32\x01\xb6\xfc\xce\x9a\xa0\x35\xd1\x30\x61\x85\x2d\xff\x3d\xb1\xe5\x49", + (const uint8_t + *)"\x24\x24\xaf\xad\xa8\x0e\x40\xc6\xa1\xc3\x05\xff\x5a\xe5\x04\xb9\xc4\xc2\xff\xd6\x2b\x9a\xb8\x43\x85\x78\x92\x1e\x69\x44\x3d\xe2", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\x03\x38\xcf\x43\x68\x90\x01\x7a\xdb\x06\x7d\x92\x08\xcf\x67\x22\x41\xa7\xd3\xe7\x7e\x3a\xaf\x50\xd6\x5c\xaa\xfe\x90\xa4\x87\xa2", + (const uint8_t + *)"\x5c\x6f\xe8\x8b\xac\x0a\x7b\x04\x76\x9f\xe8\x2a\x7c\x06\x19\x4c\xa7\x51\x5c\xfe\xb9\x31\x25\x0d\x3b\x07\x78\xa9\xdd\x2d\x27\x72", + }, }; static const struct secret client_explicit_1[] = { { - GNUTLS_ENCRYPTION_LEVEL_EARLY, - 32, - NULL, - (const uint8_t *) - "\x6f\x16\x97\x8e\x90\x94\x77\x40\x0f\x00\xff\x79\x1c\x15\x20\x19\xeb\xc6\x10\x59\x8f\x92\xac\xab\xe6\xc8\x3c\x12\x30\x94\x91\x12", - }, - { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", - NULL, - }, - { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - NULL, - (const uint8_t *) - "\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\xf8\xa9\xd5\xe6\x18\xbb\xb7\x07\x1d\xb3\x8f\x78\x61\x30\x63\x01\xa5\x49\xc6\x05\x92\x7f\x67\x98\x72\x76\x75\xb1\x31\x1f\x14\xf9", - (const uint8_t *) - "\xab\xa3\xf5\x4f\xcc\x3f\xd7\xb7\x23\x73\x51\x6e\x64\xc1\xaa\x6b\xa9\x77\x30\x58\xe6\xd4\xf5\xe9\xa5\xd2\x0d\x35\x42\x65\xda\xf1", - }, + GNUTLS_ENCRYPTION_LEVEL_EARLY, + 32, + NULL, + (const uint8_t + *)"\x6f\x16\x97\x8e\x90\x94\x77\x40\x0f\x00\xff\x79\x1c\x15\x20\x19\xeb\xc6\x10\x59\x8f\x92\xac\xab\xe6\xc8\x3c\x12\x30\x94\x91\x12", + }, + { + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", + NULL, + }, + { + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + NULL, + (const uint8_t + *)"\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\xf8\xa9\xd5\xe6\x18\xbb\xb7\x07\x1d\xb3\x8f\x78\x61\x30\x63\x01\xa5\x49\xc6\x05\x92\x7f\x67\x98\x72\x76\x75\xb1\x31\x1f\x14\xf9", + (const uint8_t + *)"\xab\xa3\xf5\x4f\xcc\x3f\xd7\xb7\x23\x73\x51\x6e\x64\xc1\xaa\x6b\xa9\x77\x30\x58\xe6\xd4\xf5\xe9\xa5\xd2\x0d\x35\x42\x65\xda\xf1", + }, }; static const struct secret client_explicit_2[] = { { - GNUTLS_ENCRYPTION_LEVEL_EARLY, - 32, - NULL, - (const uint8_t *) - "\x6f\x16\x97\x8e\x90\x94\x77\x40\x0f\x00\xff\x79\x1c\x15\x20\x19\xeb\xc6\x10\x59\x8f\x92\xac\xab\xe6\xc8\x3c\x12\x30\x94\x91\x12", - }, - { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", - NULL, - }, - { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - NULL, - (const uint8_t *) - "\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\xd8\xdf\x24\xd6\xe1\xdc\x86\x3b\x88\x3d\x2b\xad\x56\xec\x22\xd4\x5c\xaf\xa9\x24\xa3\x90\x20\xa1\xae\x77\x5c\x7d\xef\x3d\xcc\x5b", - (const uint8_t *) - "\x8d\x02\xe0\xe8\x5f\x9a\xcc\xc7\x8c\x81\x3b\x58\x5f\xa9\xdb\xfd\x98\xb1\x1f\xcc\x3e\x7b\xca\xe7\xef\x05\x4c\x84\x6c\xe1\x11\x25", - }, + GNUTLS_ENCRYPTION_LEVEL_EARLY, + 32, + NULL, + (const uint8_t + *)"\x6f\x16\x97\x8e\x90\x94\x77\x40\x0f\x00\xff\x79\x1c\x15\x20\x19\xeb\xc6\x10\x59\x8f\x92\xac\xab\xe6\xc8\x3c\x12\x30\x94\x91\x12", + }, + { + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", + NULL, + }, + { + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + NULL, + (const uint8_t + *)"\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\xd8\xdf\x24\xd6\xe1\xdc\x86\x3b\x88\x3d\x2b\xad\x56\xec\x22\xd4\x5c\xaf\xa9\x24\xa3\x90\x20\xa1\xae\x77\x5c\x7d\xef\x3d\xcc\x5b", + (const uint8_t + *)"\x8d\x02\xe0\xe8\x5f\x9a\xcc\xc7\x8c\x81\x3b\x58\x5f\xa9\xdb\xfd\x98\xb1\x1f\xcc\x3e\x7b\xca\xe7\xef\x05\x4c\x84\x6c\xe1\x11\x25", + }, }; -#endif /* GNUTLS_TESTS_CLIENT_SECRETS_H */ +#endif /* GNUTLS_TESTS_CLIENT_SECRETS_H */ diff --git a/tests/client-sign-md5-rep.c b/tests/client-sign-md5-rep.c index 08866c838c..3a0c6b4694 100644 --- a/tests/client-sign-md5-rep.c +++ b/tests/client-sign-md5-rep.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,19 +40,19 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" -# include "cert-common.h" +#include "utils.h" +#include "cert-common.h" pid_t child; @@ -61,625 +61,458 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s |<%d>| %s", "client", level, str); } -static unsigned char tls1_hello[] = { /* server hello etc. */ - 0x16, 0x03, 0x03, 0x00, 0x39, 0x02, 0x00, 0x00, 0x35, 0x03, 0x03, 0x95, - 0x66, 0x0A, 0x55, 0xBC, - 0x04, 0x84, 0xBD, 0x7E, 0xA6, 0xCE, 0x2B, 0x1C, 0x7B, 0x72, 0x28, 0x0D, - 0x8E, 0x2C, 0x34, 0xC8, - 0xFF, 0x73, 0xBA, 0x6C, 0x9F, 0x20, 0xB9, 0x18, 0xCD, 0x22, 0xCB, 0x00, - 0x00, 0x9E, 0x00, 0x00, - 0x0D, 0x00, 0x00, 0x00, 0x00, 0xFF, 0x01, 0x00, 0x01, 0x00, 0x00, 0x23, - 0x00, 0x00, 0x16, 0x03, - 0x03, 0x10, 0xE3, 0x0B, 0x00, 0x10, 0xDF, 0x00, 0x10, 0xDC, 0x00, 0x05, - 0x4F, 0x30, 0x82, 0x05, - 0x4B, 0x30, 0x82, 0x04, 0x33, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x10, - 0x4C, 0x8E, 0x18, 0x71, - 0x4B, 0x34, 0xE7, 0x5E, 0x8D, 0xAE, 0xFB, 0xE8, 0xF6, 0x4C, 0x3A, 0x82, - 0x30, 0x0D, 0x06, 0x09, - 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, - 0x81, 0x90, 0x31, 0x0B, - 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x47, 0x42, 0x31, - 0x1B, 0x30, 0x19, 0x06, - 0x03, 0x55, 0x04, 0x08, 0x13, 0x12, 0x47, 0x72, 0x65, 0x61, 0x74, 0x65, - 0x72, 0x20, 0x4D, 0x61, - 0x6E, 0x63, 0x68, 0x65, 0x73, 0x74, 0x65, 0x72, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, - 0x07, 0x13, 0x07, 0x53, 0x61, 0x6C, 0x66, 0x6F, 0x72, 0x64, 0x31, 0x1A, - 0x30, 0x18, 0x06, 0x03, - 0x55, 0x04, 0x0A, 0x13, 0x11, 0x43, 0x4F, 0x4D, 0x4F, 0x44, 0x4F, 0x20, - 0x43, 0x41, 0x20, 0x4C, - 0x69, 0x6D, 0x69, 0x74, 0x65, 0x64, 0x31, 0x36, 0x30, 0x34, 0x06, 0x03, - 0x55, 0x04, 0x03, 0x13, - 0x2D, 0x43, 0x4F, 0x4D, 0x4F, 0x44, 0x4F, 0x20, 0x52, 0x53, 0x41, 0x20, - 0x44, 0x6F, 0x6D, 0x61, - 0x69, 0x6E, 0x20, 0x56, 0x61, 0x6C, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6F, - 0x6E, 0x20, 0x53, 0x65, - 0x63, 0x75, 0x72, 0x65, 0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, - 0x43, 0x41, 0x30, 0x1E, - 0x17, 0x0D, 0x31, 0x36, 0x30, 0x37, 0x30, 0x37, 0x30, 0x30, 0x30, 0x30, - 0x30, 0x30, 0x5A, 0x17, - 0x0D, 0x31, 0x37, 0x30, 0x39, 0x30, 0x35, 0x32, 0x33, 0x35, 0x39, 0x35, - 0x39, 0x5A, 0x30, 0x59, - 0x31, 0x21, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x18, 0x44, - 0x6F, 0x6D, 0x61, 0x69, - 0x6E, 0x20, 0x43, 0x6F, 0x6E, 0x74, 0x72, 0x6F, 0x6C, 0x20, 0x56, 0x61, - 0x6C, 0x69, 0x64, 0x61, - 0x74, 0x65, 0x64, 0x31, 0x1D, 0x30, 0x1B, 0x06, 0x03, 0x55, 0x04, 0x0B, - 0x13, 0x14, 0x50, 0x6F, - 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x53, 0x53, 0x4C, 0x20, 0x57, 0x69, - 0x6C, 0x64, 0x63, 0x61, - 0x72, 0x64, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, - 0x0C, 0x2A, 0x2E, 0x62, - 0x61, 0x64, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, - 0x22, 0x30, 0x0D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, - 0x03, 0x82, 0x01, 0x0F, - 0x00, 0x30, 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC2, 0x04, - 0xEC, 0xF8, 0x8C, 0xEE, - 0x04, 0xC2, 0xB3, 0xD8, 0x50, 0xD5, 0x70, 0x58, 0xCC, 0x93, 0x18, 0xEB, - 0x5C, 0xA8, 0x68, 0x49, - 0xB0, 0x22, 0xB5, 0xF9, 0x95, 0x9E, 0xB1, 0x2B, 0x2C, 0x76, 0x3E, 0x6C, - 0xC0, 0x4B, 0x60, 0x4C, - 0x4C, 0xEA, 0xB2, 0xB4, 0xC0, 0x0F, 0x80, 0xB6, 0xB0, 0xF9, 0x72, 0xC9, - 0x86, 0x02, 0xF9, 0x5C, - 0x41, 0x5D, 0x13, 0x2B, 0x7F, 0x71, 0xC4, 0x4B, 0xBC, 0xE9, 0x94, 0x2E, - 0x50, 0x37, 0xA6, 0x67, - 0x1C, 0x61, 0x8C, 0xF6, 0x41, 0x42, 0xC5, 0x46, 0xD3, 0x16, 0x87, 0x27, - 0x9F, 0x74, 0xEB, 0x0A, - 0x9D, 0x11, 0x52, 0x26, 0x21, 0x73, 0x6C, 0x84, 0x4C, 0x79, 0x55, 0xE4, - 0xD1, 0x6B, 0xE8, 0x06, - 0x3D, 0x48, 0x15, 0x52, 0xAD, 0xB3, 0x28, 0xDB, 0xAA, 0xFF, 0x6E, 0xFF, - 0x60, 0x95, 0x4A, 0x77, - 0x6B, 0x39, 0xF1, 0x24, 0xD1, 0x31, 0xB6, 0xDD, 0x4D, 0xC0, 0xC4, 0xFC, - 0x53, 0xB9, 0x6D, 0x42, - 0xAD, 0xB5, 0x7C, 0xFE, 0xAE, 0xF5, 0x15, 0xD2, 0x33, 0x48, 0xE7, 0x22, - 0x71, 0xC7, 0xC2, 0x14, - 0x7A, 0x6C, 0x28, 0xEA, 0x37, 0x4A, 0xDF, 0xEA, 0x6C, 0xB5, 0x72, 0xB4, - 0x7E, 0x5A, 0xA2, 0x16, - 0xDC, 0x69, 0xB1, 0x57, 0x44, 0xDB, 0x0A, 0x12, 0xAB, 0xDE, 0xC3, 0x0F, - 0x47, 0x74, 0x5C, 0x41, - 0x22, 0xE1, 0x9A, 0xF9, 0x1B, 0x93, 0xE6, 0xAD, 0x22, 0x06, 0x29, 0x2E, - 0xB1, 0xBA, 0x49, 0x1C, - 0x0C, 0x27, 0x9E, 0xA3, 0xFB, 0x8B, 0xF7, 0x40, 0x72, 0x00, 0xAC, 0x92, - 0x08, 0xD9, 0x8C, 0x57, - 0x84, 0x53, 0x81, 0x05, 0xCB, 0xE6, 0xFE, 0x6B, 0x54, 0x98, 0x40, 0x27, - 0x85, 0xC7, 0x10, 0xBB, - 0x73, 0x70, 0xEF, 0x69, 0x18, 0x41, 0x07, 0x45, 0x55, 0x7C, 0xF9, 0x64, - 0x3F, 0x3D, 0x2C, 0xC3, - 0xA9, 0x7C, 0xEB, 0x93, 0x1A, 0x4C, 0x86, 0xD1, 0xCA, 0x85, 0x02, 0x03, - 0x01, 0x00, 0x01, 0xA3, - 0x82, 0x01, 0xD5, 0x30, 0x82, 0x01, 0xD1, 0x30, 0x1F, 0x06, 0x03, 0x55, - 0x1D, 0x23, 0x04, 0x18, - 0x30, 0x16, 0x80, 0x14, 0x90, 0xAF, 0x6A, 0x3A, 0x94, 0x5A, 0x0B, 0xD8, - 0x90, 0xEA, 0x12, 0x56, - 0x73, 0xDF, 0x43, 0xB4, 0x3A, 0x28, 0xDA, 0xE7, 0x30, 0x1D, 0x06, 0x03, - 0x55, 0x1D, 0x0E, 0x04, - 0x16, 0x04, 0x14, 0x9D, 0xEE, 0xC1, 0x7B, 0x81, 0x0B, 0x3A, 0x47, 0x69, - 0x71, 0x18, 0x7D, 0x11, - 0x37, 0x93, 0xBC, 0xA5, 0x1B, 0x3F, 0xFB, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x1D, 0x0F, 0x01, 0x01, - 0xFF, 0x04, 0x04, 0x03, 0x02, 0x05, 0xA0, 0x30, 0x0C, 0x06, 0x03, 0x55, - 0x1D, 0x13, 0x01, 0x01, - 0xFF, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, - 0x04, 0x16, 0x30, 0x14, - 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, - 0x2B, 0x06, 0x01, 0x05, - 0x05, 0x07, 0x03, 0x02, 0x30, 0x4F, 0x06, 0x03, 0x55, 0x1D, 0x20, 0x04, - 0x48, 0x30, 0x46, 0x30, - 0x3A, 0x06, 0x0B, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xB2, 0x31, 0x01, 0x02, - 0x02, 0x07, 0x30, 0x2B, - 0x30, 0x29, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x01, - 0x16, 0x1D, 0x68, 0x74, - 0x74, 0x70, 0x73, 0x3A, 0x2F, 0x2F, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, - 0x2E, 0x63, 0x6F, 0x6D, - 0x6F, 0x64, 0x6F, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x43, 0x50, 0x53, 0x30, - 0x08, 0x06, 0x06, 0x67, - 0x81, 0x0C, 0x01, 0x02, 0x01, 0x30, 0x54, 0x06, 0x03, 0x55, 0x1D, 0x1F, - 0x04, 0x4D, 0x30, 0x4B, - 0x30, 0x49, 0xA0, 0x47, 0xA0, 0x45, 0x86, 0x43, 0x68, 0x74, 0x74, 0x70, - 0x3A, 0x2F, 0x2F, 0x63, - 0x72, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x6F, 0x64, 0x6F, 0x63, 0x61, 0x2E, - 0x63, 0x6F, 0x6D, 0x2F, - 0x43, 0x4F, 0x4D, 0x4F, 0x44, 0x4F, 0x52, 0x53, 0x41, 0x44, 0x6F, 0x6D, - 0x61, 0x69, 0x6E, 0x56, - 0x61, 0x6C, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x53, 0x65, 0x63, - 0x75, 0x72, 0x65, 0x53, - 0x65, 0x72, 0x76, 0x65, 0x72, 0x43, 0x41, 0x2E, 0x63, 0x72, 0x6C, 0x30, - 0x81, 0x85, 0x06, 0x08, - 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01, 0x04, 0x79, 0x30, 0x77, - 0x30, 0x4F, 0x06, 0x08, - 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x02, 0x86, 0x43, 0x68, 0x74, - 0x74, 0x70, 0x3A, 0x2F, - 0x2F, 0x63, 0x72, 0x74, 0x2E, 0x63, 0x6F, 0x6D, 0x6F, 0x64, 0x6F, 0x63, - 0x61, 0x2E, 0x63, 0x6F, - 0x6D, 0x2F, 0x43, 0x4F, 0x4D, 0x4F, 0x44, 0x4F, 0x52, 0x53, 0x41, 0x44, - 0x6F, 0x6D, 0x61, 0x69, - 0x6E, 0x56, 0x61, 0x6C, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x53, - 0x65, 0x63, 0x75, 0x72, - 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x43, 0x41, 0x2E, 0x63, 0x72, - 0x74, 0x30, 0x24, 0x06, - 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x86, 0x18, 0x68, - 0x74, 0x74, 0x70, 0x3A, - 0x2F, 0x2F, 0x6F, 0x63, 0x73, 0x70, 0x2E, 0x63, 0x6F, 0x6D, 0x6F, 0x64, - 0x6F, 0x63, 0x61, 0x2E, - 0x63, 0x6F, 0x6D, 0x30, 0x23, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x1C, - 0x30, 0x1A, 0x82, 0x0C, - 0x2A, 0x2E, 0x62, 0x61, 0x64, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x82, 0x0A, 0x62, 0x61, - 0x64, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x0D, 0x06, 0x09, - 0x2A, 0x86, 0x48, 0x86, - 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, - 0x75, 0x48, 0x83, 0x88, - 0x9C, 0x55, 0x24, 0x37, 0x30, 0x07, 0xEB, 0x26, 0x68, 0xC8, 0x79, 0x1C, - 0x5C, 0xAE, 0x9A, 0x02, - 0x9A, 0xB5, 0x52, 0x75, 0x44, 0xAC, 0xA9, 0xED, 0x59, 0x65, 0xD0, 0xC6, - 0x47, 0x26, 0x04, 0x8D, - 0x57, 0x89, 0x16, 0x2E, 0x71, 0x18, 0x48, 0x98, 0x68, 0x1C, 0xF6, 0x31, - 0xF5, 0x26, 0x4B, 0xE8, - 0x81, 0x44, 0xB1, 0xFF, 0x5C, 0x65, 0x3D, 0x78, 0x54, 0x94, 0xC3, 0x86, - 0x9D, 0x48, 0x96, 0xE8, - 0x32, 0xAF, 0xE1, 0x8F, 0x94, 0x47, 0xBE, 0x37, 0x8C, 0xC3, 0xED, 0x4D, - 0x97, 0xBB, 0xC6, 0x2A, - 0x37, 0x72, 0x01, 0x3A, 0x8F, 0x82, 0xA4, 0x34, 0x44, 0xC4, 0xC4, 0xF8, - 0x50, 0x24, 0x48, 0x9E, - 0x19, 0xF0, 0xEC, 0xE1, 0xC6, 0x13, 0x44, 0x26, 0xB6, 0x65, 0xE1, 0x62, - 0x49, 0x87, 0xA4, 0xF4, - 0xD8, 0xC4, 0x39, 0x3C, 0x7D, 0x42, 0xC8, 0xA4, 0x2A, 0x54, 0x05, 0xA0, - 0xDC, 0x0A, 0xF8, 0x2B, - 0x22, 0x94, 0x93, 0x78, 0x4E, 0x6A, 0x36, 0x1B, 0xD2, 0xE7, 0xE9, 0xAE, - 0x84, 0xED, 0x13, 0x1D, - 0xA1, 0xF7, 0xA2, 0x83, 0x81, 0x03, 0x4C, 0x9E, 0x21, 0xFB, 0xBF, 0xA8, - 0x30, 0xFE, 0xEB, 0x00, - 0x68, 0xB1, 0x7F, 0xBA, 0x5D, 0xE2, 0x5D, 0xFF, 0x41, 0x1F, 0xD6, 0xF5, - 0xA6, 0x5C, 0x8A, 0xEF, - 0x81, 0x80, 0xC8, 0xF1, 0x52, 0x00, 0x17, 0x9D, 0xD1, 0x96, 0x1A, 0x7D, - 0x5E, 0xD2, 0x83, 0xB3, - 0x82, 0xC2, 0x3D, 0x46, 0x83, 0xA5, 0x1E, 0xB4, 0x36, 0x35, 0x38, 0xC4, - 0x7A, 0x2E, 0xDF, 0x0B, - 0xA1, 0x98, 0x63, 0x58, 0x0B, 0x1E, 0xD0, 0x6D, 0x83, 0x1F, 0xF1, 0x72, - 0x4D, 0x09, 0xAC, 0x96, - 0x1A, 0x0B, 0xE5, 0xF6, 0x34, 0x4C, 0xAB, 0xBC, 0xBC, 0x99, 0x5B, 0x82, - 0x59, 0xE6, 0x6C, 0xD3, - 0xDB, 0x98, 0xE0, 0xCE, 0x95, 0x3B, 0xCF, 0x4E, 0x17, 0xC3, 0xEE, 0x3A, - 0x00, 0x06, 0x0C, 0x30, - 0x82, 0x06, 0x08, 0x30, 0x82, 0x03, 0xF0, 0xA0, 0x03, 0x02, 0x01, 0x02, - 0x02, 0x10, 0x2B, 0x2E, - 0x6E, 0xEA, 0xD9, 0x75, 0x36, 0x6C, 0x14, 0x8A, 0x6E, 0xDB, 0xA3, 0x7C, - 0x8C, 0x07, 0x30, 0x0D, - 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0C, 0x05, - 0x00, 0x30, 0x81, 0x85, - 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x47, - 0x42, 0x31, 0x1B, 0x30, - 0x19, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x12, 0x47, 0x72, 0x65, 0x61, - 0x74, 0x65, 0x72, 0x20, - 0x4D, 0x61, 0x6E, 0x63, 0x68, 0x65, 0x73, 0x74, 0x65, 0x72, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x13, 0x07, 0x53, 0x61, 0x6C, 0x66, 0x6F, 0x72, 0x64, - 0x31, 0x1A, 0x30, 0x18, - 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x11, 0x43, 0x4F, 0x4D, 0x4F, 0x44, - 0x4F, 0x20, 0x43, 0x41, - 0x20, 0x4C, 0x69, 0x6D, 0x69, 0x74, 0x65, 0x64, 0x31, 0x2B, 0x30, 0x29, - 0x06, 0x03, 0x55, 0x04, - 0x03, 0x13, 0x22, 0x43, 0x4F, 0x4D, 0x4F, 0x44, 0x4F, 0x20, 0x52, 0x53, - 0x41, 0x20, 0x43, 0x65, - 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x20, - 0x41, 0x75, 0x74, 0x68, - 0x6F, 0x72, 0x69, 0x74, 0x79, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x34, 0x30, - 0x32, 0x31, 0x32, 0x30, - 0x30, 0x30, 0x30, 0x30, 0x30, 0x5A, 0x17, 0x0D, 0x32, 0x39, 0x30, 0x32, - 0x31, 0x31, 0x32, 0x33, - 0x35, 0x39, 0x35, 0x39, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, - 0x06, 0x13, 0x02, 0x47, 0x42, 0x31, 0x1B, 0x30, 0x19, 0x06, 0x03, 0x55, - 0x04, 0x08, 0x13, 0x12, - 0x47, 0x72, 0x65, 0x61, 0x74, 0x65, 0x72, 0x20, 0x4D, 0x61, 0x6E, 0x63, - 0x68, 0x65, 0x73, 0x74, - 0x65, 0x72, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, - 0x07, 0x53, 0x61, 0x6C, - 0x66, 0x6F, 0x72, 0x64, 0x31, 0x1A, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, - 0x0A, 0x13, 0x11, 0x43, - 0x4F, 0x4D, 0x4F, 0x44, 0x4F, 0x20, 0x43, 0x41, 0x20, 0x4C, 0x69, 0x6D, - 0x69, 0x74, 0x65, 0x64, - 0x31, 0x36, 0x30, 0x34, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x2D, 0x43, - 0x4F, 0x4D, 0x4F, 0x44, - 0x4F, 0x20, 0x52, 0x53, 0x41, 0x20, 0x44, 0x6F, 0x6D, 0x61, 0x69, 0x6E, - 0x20, 0x56, 0x61, 0x6C, - 0x69, 0x64, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x53, 0x65, 0x63, 0x75, - 0x72, 0x65, 0x20, 0x53, - 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, - 0x30, 0x0D, 0x06, 0x09, - 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, - 0x82, 0x01, 0x0F, 0x00, - 0x30, 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0x8E, 0xC2, 0x02, - 0x19, 0xE1, 0xA0, 0x59, - 0xA4, 0xEB, 0x38, 0x35, 0x8D, 0x2C, 0xFD, 0x01, 0xD0, 0xD3, 0x49, 0xC0, - 0x64, 0xC7, 0x0B, 0x62, - 0x05, 0x45, 0x16, 0x3A, 0xA8, 0xA0, 0xC0, 0x0C, 0x02, 0x7F, 0x1D, 0xCC, - 0xDB, 0xC4, 0xA1, 0x6D, - 0x77, 0x03, 0xA3, 0x0F, 0x86, 0xF9, 0xE3, 0x06, 0x9C, 0x3E, 0x0B, 0x81, - 0x8A, 0x9B, 0x49, 0x1B, - 0xAD, 0x03, 0xBE, 0xFA, 0x4B, 0xDB, 0x8C, 0x20, 0xED, 0xD5, 0xCE, 0x5E, - 0x65, 0x8E, 0x3E, 0x0D, - 0xAF, 0x4C, 0xC2, 0xB0, 0xB7, 0x45, 0x5E, 0x52, 0x2F, 0x34, 0xDE, 0x48, - 0x24, 0x64, 0xB4, 0x41, - 0xAE, 0x00, 0x97, 0xF7, 0xBE, 0x67, 0xDE, 0x9E, 0xD0, 0x7A, 0xA7, 0x53, - 0x80, 0x3B, 0x7C, 0xAD, - 0xF5, 0x96, 0x55, 0x6F, 0x97, 0x47, 0x0A, 0x7C, 0x85, 0x8B, 0x22, 0x97, - 0x8D, 0xB3, 0x84, 0xE0, - 0x96, 0x57, 0xD0, 0x70, 0x18, 0x60, 0x96, 0x8F, 0xEE, 0x2D, 0x07, 0x93, - 0x9D, 0xA1, 0xBA, 0xCA, - 0xD1, 0xCD, 0x7B, 0xE9, 0xC4, 0x2A, 0x9A, 0x28, 0x21, 0x91, 0x4D, 0x6F, - 0x92, 0x4F, 0x25, 0xA5, - 0xF2, 0x7A, 0x35, 0xDD, 0x26, 0xDC, 0x46, 0xA5, 0xD0, 0xAC, 0x59, 0x35, - 0x8C, 0xFF, 0x4E, 0x91, - 0x43, 0x50, 0x3F, 0x59, 0x93, 0x1E, 0x6C, 0x51, 0x21, 0xEE, 0x58, 0x14, - 0xAB, 0xFE, 0x75, 0x50, - 0x78, 0x3E, 0x4C, 0xB0, 0x1C, 0x86, 0x13, 0xFA, 0x6B, 0x98, 0xBC, 0xE0, - 0x3B, 0x94, 0x1E, 0x85, - 0x52, 0xDC, 0x03, 0x93, 0x24, 0x18, 0x6E, 0xCB, 0x27, 0x51, 0x45, 0xE6, - 0x70, 0xDE, 0x25, 0x43, - 0xA4, 0x0D, 0xE1, 0x4A, 0xA5, 0xED, 0xB6, 0x7E, 0xC8, 0xCD, 0x6D, 0xEE, - 0x2E, 0x1D, 0x27, 0x73, - 0x5D, 0xDC, 0x45, 0x30, 0x80, 0xAA, 0xE3, 0xB2, 0x41, 0x0B, 0xAF, 0xBD, - 0x44, 0x87, 0xDA, 0xB9, - 0xE5, 0x1B, 0x9D, 0x7F, 0xAE, 0xE5, 0x85, 0x82, 0xA5, 0x02, 0x03, 0x01, - 0x00, 0x01, 0xA3, 0x82, - 0x01, 0x65, 0x30, 0x82, 0x01, 0x61, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, - 0x23, 0x04, 0x18, 0x30, - 0x16, 0x80, 0x14, 0xBB, 0xAF, 0x7E, 0x02, 0x3D, 0xFA, 0xA6, 0xF1, 0x3C, - 0x84, 0x8E, 0xAD, 0xEE, - 0x38, 0x98, 0xEC, 0xD9, 0x32, 0x32, 0xD4, 0x30, 0x1D, 0x06, 0x03, 0x55, - 0x1D, 0x0E, 0x04, 0x16, - 0x04, 0x14, 0x90, 0xAF, 0x6A, 0x3A, 0x94, 0x5A, 0x0B, 0xD8, 0x90, 0xEA, - 0x12, 0x56, 0x73, 0xDF, - 0x43, 0xB4, 0x3A, 0x28, 0xDA, 0xE7, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, - 0x0F, 0x01, 0x01, 0xFF, - 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1D, - 0x13, 0x01, 0x01, 0xFF, - 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xFF, 0x02, 0x01, 0x00, 0x30, 0x1D, - 0x06, 0x03, 0x55, 0x1D, - 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x03, 0x01, 0x06, - 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x1B, 0x06, - 0x03, 0x55, 0x1D, 0x20, - 0x04, 0x14, 0x30, 0x12, 0x30, 0x06, 0x06, 0x04, 0x55, 0x1D, 0x20, 0x00, - 0x30, 0x08, 0x06, 0x06, - 0x67, 0x81, 0x0C, 0x01, 0x02, 0x01, 0x30, 0x4C, 0x06, 0x03, 0x55, 0x1D, - 0x1F, 0x04, 0x45, 0x30, - 0x43, 0x30, 0x41, 0xA0, 0x3F, 0xA0, 0x3D, 0x86, 0x3B, 0x68, 0x74, 0x74, - 0x70, 0x3A, 0x2F, 0x2F, - 0x63, 0x72, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x6F, 0x64, 0x6F, 0x63, 0x61, - 0x2E, 0x63, 0x6F, 0x6D, - 0x2F, 0x43, 0x4F, 0x4D, 0x4F, 0x44, 0x4F, 0x52, 0x53, 0x41, 0x43, 0x65, - 0x72, 0x74, 0x69, 0x66, - 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x41, 0x75, 0x74, 0x68, 0x6F, - 0x72, 0x69, 0x74, 0x79, - 0x2E, 0x63, 0x72, 0x6C, 0x30, 0x71, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, - 0x05, 0x07, 0x01, 0x01, - 0x04, 0x65, 0x30, 0x63, 0x30, 0x3B, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, - 0x05, 0x07, 0x30, 0x02, - 0x86, 0x2F, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x63, 0x72, 0x74, - 0x2E, 0x63, 0x6F, 0x6D, - 0x6F, 0x64, 0x6F, 0x63, 0x61, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x43, 0x4F, - 0x4D, 0x4F, 0x44, 0x4F, - 0x52, 0x53, 0x41, 0x41, 0x64, 0x64, 0x54, 0x72, 0x75, 0x73, 0x74, 0x43, - 0x41, 0x2E, 0x63, 0x72, - 0x74, 0x30, 0x24, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, - 0x01, 0x86, 0x18, 0x68, - 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x6F, 0x63, 0x73, 0x70, 0x2E, 0x63, - 0x6F, 0x6D, 0x6F, 0x64, - 0x6F, 0x63, 0x61, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, - 0x0D, 0x01, 0x01, 0x0C, 0x05, 0x00, 0x03, 0x82, 0x02, 0x01, 0x00, 0x4E, - 0x2B, 0x76, 0x4F, 0x92, - 0x1C, 0x62, 0x36, 0x89, 0xBA, 0x77, 0xC1, 0x27, 0x05, 0xF4, 0x1C, 0xD6, - 0x44, 0x9D, 0xA9, 0x9A, - 0x3E, 0xAA, 0xD5, 0x66, 0x66, 0x01, 0x3E, 0xEA, 0x49, 0xE6, 0xA2, 0x35, - 0xBC, 0xFA, 0xF6, 0xDD, - 0x95, 0x8E, 0x99, 0x35, 0x98, 0x0E, 0x36, 0x18, 0x75, 0xB1, 0xDD, 0xDD, - 0x50, 0x72, 0x7C, 0xAE, - 0xDC, 0x77, 0x88, 0xCE, 0x0F, 0xF7, 0x90, 0x20, 0xCA, 0xA3, 0x67, 0x2E, - 0x1F, 0x56, 0x7F, 0x7B, - 0xE1, 0x44, 0xEA, 0x42, 0x95, 0xC4, 0x5D, 0x0D, 0x01, 0x50, 0x46, 0x15, - 0xF2, 0x81, 0x89, 0x59, - 0x6C, 0x8A, 0xDD, 0x8C, 0xF1, 0x12, 0xA1, 0x8D, 0x3A, 0x42, 0x8A, 0x98, - 0xF8, 0x4B, 0x34, 0x7B, - 0x27, 0x3B, 0x08, 0xB4, 0x6F, 0x24, 0x3B, 0x72, 0x9D, 0x63, 0x74, 0x58, - 0x3C, 0x1A, 0x6C, 0x3F, - 0x4F, 0xC7, 0x11, 0x9A, 0xC8, 0xA8, 0xF5, 0xB5, 0x37, 0xEF, 0x10, 0x45, - 0xC6, 0x6C, 0xD9, 0xE0, - 0x5E, 0x95, 0x26, 0xB3, 0xEB, 0xAD, 0xA3, 0xB9, 0xEE, 0x7F, 0x0C, 0x9A, - 0x66, 0x35, 0x73, 0x32, - 0x60, 0x4E, 0xE5, 0xDD, 0x8A, 0x61, 0x2C, 0x6E, 0x52, 0x11, 0x77, 0x68, - 0x96, 0xD3, 0x18, 0x75, - 0x51, 0x15, 0x00, 0x1B, 0x74, 0x88, 0xDD, 0xE1, 0xC7, 0x38, 0x04, 0x43, - 0x28, 0xE9, 0x16, 0xFD, - 0xD9, 0x05, 0xD4, 0x5D, 0x47, 0x27, 0x60, 0xD6, 0xFB, 0x38, 0x3B, 0x6C, - 0x72, 0xA2, 0x94, 0xF8, - 0x42, 0x1A, 0xDF, 0xED, 0x6F, 0x06, 0x8C, 0x45, 0xC2, 0x06, 0x00, 0xAA, - 0xE4, 0xE8, 0xDC, 0xD9, - 0xB5, 0xE1, 0x73, 0x78, 0xEC, 0xF6, 0x23, 0xDC, 0xD1, 0xDD, 0x6C, 0x8E, - 0x1A, 0x8F, 0xA5, 0xEA, - 0x54, 0x7C, 0x96, 0xB7, 0xC3, 0xFE, 0x55, 0x8E, 0x8D, 0x49, 0x5E, 0xFC, - 0x64, 0xBB, 0xCF, 0x3E, - 0xBD, 0x96, 0xEB, 0x69, 0xCD, 0xBF, 0xE0, 0x48, 0xF1, 0x62, 0x82, 0x10, - 0xE5, 0x0C, 0x46, 0x57, - 0xF2, 0x33, 0xDA, 0xD0, 0xC8, 0x63, 0xED, 0xC6, 0x1F, 0x94, 0x05, 0x96, - 0x4A, 0x1A, 0x91, 0xD1, - 0xF7, 0xEB, 0xCF, 0x8F, 0x52, 0xAE, 0x0D, 0x08, 0xD9, 0x3E, 0xA8, 0xA0, - 0x51, 0xE9, 0xC1, 0x87, - 0x74, 0xD5, 0xC9, 0xF7, 0x74, 0xAB, 0x2E, 0x53, 0xFB, 0xBB, 0x7A, 0xFB, - 0x97, 0xE2, 0xF8, 0x1F, - 0x26, 0x8F, 0xB3, 0xD2, 0xA0, 0xE0, 0x37, 0x5B, 0x28, 0x3B, 0x31, 0xE5, - 0x0E, 0x57, 0x2D, 0x5A, - 0xB8, 0xAD, 0x79, 0xAC, 0x5E, 0x20, 0x66, 0x1A, 0xA5, 0xB9, 0xA6, 0xB5, - 0x39, 0xC1, 0xF5, 0x98, - 0x43, 0xFF, 0xEE, 0xF9, 0xA7, 0xA7, 0xFD, 0xEE, 0xCA, 0x24, 0x3D, 0x80, - 0x16, 0xC4, 0x17, 0x8F, - 0x8A, 0xC1, 0x60, 0xA1, 0x0C, 0xAE, 0x5B, 0x43, 0x47, 0x91, 0x4B, 0xD5, - 0x9A, 0x17, 0x5F, 0xF9, - 0xD4, 0x87, 0xC1, 0xC2, 0x8C, 0xB7, 0xE7, 0xE2, 0x0F, 0x30, 0x19, 0x37, - 0x86, 0xAC, 0xE0, 0xDC, - 0x42, 0x03, 0xE6, 0x94, 0xA8, 0x9D, 0xAE, 0xFD, 0x0F, 0x24, 0x51, 0x94, - 0xCE, 0x92, 0x08, 0xD1, - 0xFC, 0x50, 0xF0, 0x03, 0x40, 0x7B, 0x88, 0x59, 0xED, 0x0E, 0xDD, 0xAC, - 0xD2, 0x77, 0x82, 0x34, - 0xDC, 0x06, 0x95, 0x02, 0xD8, 0x90, 0xF9, 0x2D, 0xEA, 0x37, 0xD5, 0x1A, - 0x60, 0xD0, 0x67, 0x20, - 0xD7, 0xD8, 0x42, 0x0B, 0x45, 0xAF, 0x82, 0x68, 0xDE, 0xDD, 0x66, 0x24, - 0x37, 0x90, 0x29, 0x94, - 0x19, 0x46, 0x19, 0x25, 0xB8, 0x80, 0xD7, 0xCB, 0xD4, 0x86, 0x28, 0x6A, - 0x44, 0x70, 0x26, 0x23, - 0x62, 0xA9, 0x9F, 0x86, 0x6F, 0xBF, 0xBA, 0x90, 0x70, 0xD2, 0x56, 0x77, - 0x85, 0x78, 0xEF, 0xEA, - 0x25, 0xA9, 0x17, 0xCE, 0x50, 0x72, 0x8C, 0x00, 0x3A, 0xAA, 0xE3, 0xDB, - 0x63, 0x34, 0x9F, 0xF8, - 0x06, 0x71, 0x01, 0xE2, 0x82, 0x20, 0xD4, 0xFE, 0x6F, 0xBD, 0xB1, 0x00, - 0x05, 0x78, 0x30, 0x82, - 0x05, 0x74, 0x30, 0x82, 0x04, 0x5C, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, - 0x10, 0x27, 0x66, 0xEE, - 0x56, 0xEB, 0x49, 0xF3, 0x8E, 0xAB, 0xD7, 0x70, 0xA2, 0xFC, 0x84, 0xDE, - 0x22, 0x30, 0x0D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0C, 0x05, 0x00, - 0x30, 0x6F, 0x31, 0x0B, - 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x53, 0x45, 0x31, - 0x14, 0x30, 0x12, 0x06, - 0x03, 0x55, 0x04, 0x0A, 0x13, 0x0B, 0x41, 0x64, 0x64, 0x54, 0x72, 0x75, - 0x73, 0x74, 0x20, 0x41, - 0x42, 0x31, 0x26, 0x30, 0x24, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x1D, - 0x41, 0x64, 0x64, 0x54, - 0x72, 0x75, 0x73, 0x74, 0x20, 0x45, 0x78, 0x74, 0x65, 0x72, 0x6E, 0x61, - 0x6C, 0x20, 0x54, 0x54, - 0x50, 0x20, 0x4E, 0x65, 0x74, 0x77, 0x6F, 0x72, 0x6B, 0x31, 0x22, 0x30, - 0x20, 0x06, 0x03, 0x55, - 0x04, 0x03, 0x13, 0x19, 0x41, 0x64, 0x64, 0x54, 0x72, 0x75, 0x73, 0x74, - 0x20, 0x45, 0x78, 0x74, - 0x65, 0x72, 0x6E, 0x61, 0x6C, 0x20, 0x43, 0x41, 0x20, 0x52, 0x6F, 0x6F, - 0x74, 0x30, 0x1E, 0x17, - 0x0D, 0x30, 0x30, 0x30, 0x35, 0x33, 0x30, 0x31, 0x30, 0x34, 0x38, 0x33, - 0x38, 0x5A, 0x17, 0x0D, - 0x32, 0x30, 0x30, 0x35, 0x33, 0x30, 0x31, 0x30, 0x34, 0x38, 0x33, 0x38, - 0x5A, 0x30, 0x81, 0x85, - 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x47, - 0x42, 0x31, 0x1B, 0x30, - 0x19, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x12, 0x47, 0x72, 0x65, 0x61, - 0x74, 0x65, 0x72, 0x20, - 0x4D, 0x61, 0x6E, 0x63, 0x68, 0x65, 0x73, 0x74, 0x65, 0x72, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x13, 0x07, 0x53, 0x61, 0x6C, 0x66, 0x6F, 0x72, 0x64, - 0x31, 0x1A, 0x30, 0x18, - 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x11, 0x43, 0x4F, 0x4D, 0x4F, 0x44, - 0x4F, 0x20, 0x43, 0x41, - 0x20, 0x4C, 0x69, 0x6D, 0x69, 0x74, 0x65, 0x64, 0x31, 0x2B, 0x30, 0x29, - 0x06, 0x03, 0x55, 0x04, - 0x03, 0x13, 0x22, 0x43, 0x4F, 0x4D, 0x4F, 0x44, 0x4F, 0x20, 0x52, 0x53, - 0x41, 0x20, 0x43, 0x65, - 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x20, - 0x41, 0x75, 0x74, 0x68, - 0x6F, 0x72, 0x69, 0x74, 0x79, 0x30, 0x82, 0x02, 0x22, 0x30, 0x0D, 0x06, - 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x02, 0x0F, - 0x00, 0x30, 0x82, 0x02, - 0x0A, 0x02, 0x82, 0x02, 0x01, 0x00, 0x91, 0xE8, 0x54, 0x92, 0xD2, 0x0A, - 0x56, 0xB1, 0xAC, 0x0D, - 0x24, 0xDD, 0xC5, 0xCF, 0x44, 0x67, 0x74, 0x99, 0x2B, 0x37, 0xA3, 0x7D, - 0x23, 0x70, 0x00, 0x71, - 0xBC, 0x53, 0xDF, 0xC4, 0xFA, 0x2A, 0x12, 0x8F, 0x4B, 0x7F, 0x10, 0x56, - 0xBD, 0x9F, 0x70, 0x72, - 0xB7, 0x61, 0x7F, 0xC9, 0x4B, 0x0F, 0x17, 0xA7, 0x3D, 0xE3, 0xB0, 0x04, - 0x61, 0xEE, 0xFF, 0x11, - 0x97, 0xC7, 0xF4, 0x86, 0x3E, 0x0A, 0xFA, 0x3E, 0x5C, 0xF9, 0x93, 0xE6, - 0x34, 0x7A, 0xD9, 0x14, - 0x6B, 0xE7, 0x9C, 0xB3, 0x85, 0xA0, 0x82, 0x7A, 0x76, 0xAF, 0x71, 0x90, - 0xD7, 0xEC, 0xFD, 0x0D, - 0xFA, 0x9C, 0x6C, 0xFA, 0xDF, 0xB0, 0x82, 0xF4, 0x14, 0x7E, 0xF9, 0xBE, - 0xC4, 0xA6, 0x2F, 0x4F, - 0x7F, 0x99, 0x7F, 0xB5, 0xFC, 0x67, 0x43, 0x72, 0xBD, 0x0C, 0x00, 0xD6, - 0x89, 0xEB, 0x6B, 0x2C, - 0xD3, 0xED, 0x8F, 0x98, 0x1C, 0x14, 0xAB, 0x7E, 0xE5, 0xE3, 0x6E, 0xFC, - 0xD8, 0xA8, 0xE4, 0x92, - 0x24, 0xDA, 0x43, 0x6B, 0x62, 0xB8, 0x55, 0xFD, 0xEA, 0xC1, 0xBC, 0x6C, - 0xB6, 0x8B, 0xF3, 0x0E, - 0x8D, 0x9A, 0xE4, 0x9B, 0x6C, 0x69, 0x99, 0xF8, 0x78, 0x48, 0x30, 0x45, - 0xD5, 0xAD, 0xE1, 0x0D, - 0x3C, 0x45, 0x60, 0xFC, 0x32, 0x96, 0x51, 0x27, 0xBC, 0x67, 0xC3, 0xCA, - 0x2E, 0xB6, 0x6B, 0xEA, - 0x46, 0xC7, 0xC7, 0x20, 0xA0, 0xB1, 0x1F, 0x65, 0xDE, 0x48, 0x08, 0xBA, - 0xA4, 0x4E, 0xA9, 0xF2, - 0x83, 0x46, 0x37, 0x84, 0xEB, 0xE8, 0xCC, 0x81, 0x48, 0x43, 0x67, 0x4E, - 0x72, 0x2A, 0x9B, 0x5C, - 0xBD, 0x4C, 0x1B, 0x28, 0x8A, 0x5C, 0x22, 0x7B, 0xB4, 0xAB, 0x98, 0xD9, - 0xEE, 0xE0, 0x51, 0x83, - 0xC3, 0x09, 0x46, 0x4E, 0x6D, 0x3E, 0x99, 0xFA, 0x95, 0x17, 0xDA, 0x7C, - 0x33, 0x57, 0x41, 0x3C, - 0x8D, 0x51, 0xED, 0x0B, 0xB6, 0x5C, 0xAF, 0x2C, 0x63, 0x1A, 0xDF, 0x57, - 0xC8, 0x3F, 0xBC, 0xE9, - 0x5D, 0xC4, 0x9B, 0xAF, 0x45, 0x99, 0xE2, 0xA3, 0x5A, 0x24, 0xB4, 0xBA, - 0xA9, 0x56, 0x3D, 0xCF, - 0x6F, 0xAA, 0xFF, 0x49, 0x58, 0xBE, 0xF0, 0xA8, 0xFF, 0xF4, 0xB8, 0xAD, - 0xE9, 0x37, 0xFB, 0xBA, - 0xB8, 0xF4, 0x0B, 0x3A, 0xF9, 0xE8, 0x43, 0x42, 0x1E, 0x89, 0xD8, 0x84, - 0xCB, 0x13, 0xF1, 0xD9, - 0xBB, 0xE1, 0x89, 0x60, 0xB8, 0x8C, 0x28, 0x56, 0xAC, 0x14, 0x1D, 0x9C, - 0x0A, 0xE7, 0x71, 0xEB, - 0xCF, 0x0E, 0xDD, 0x3D, 0xA9, 0x96, 0xA1, 0x48, 0xBD, 0x3C, 0xF7, 0xAF, - 0xB5, 0x0D, 0x22, 0x4C, - 0xC0, 0x11, 0x81, 0xEC, 0x56, 0x3B, 0xF6, 0xD3, 0xA2, 0xE2, 0x5B, 0xB7, - 0xB2, 0x04, 0x22, 0x52, - 0x95, 0x80, 0x93, 0x69, 0xE8, 0x8E, 0x4C, 0x65, 0xF1, 0x91, 0x03, 0x2D, - 0x70, 0x74, 0x02, 0xEA, - 0x8B, 0x67, 0x15, 0x29, 0x69, 0x52, 0x02, 0xBB, 0xD7, 0xDF, 0x50, 0x6A, - 0x55, 0x46, 0xBF, 0xA0, - 0xA3, 0x28, 0x61, 0x7F, 0x70, 0xD0, 0xC3, 0xA2, 0xAA, 0x2C, 0x21, 0xAA, - 0x47, 0xCE, 0x28, 0x9C, - 0x06, 0x45, 0x76, 0xBF, 0x82, 0x18, 0x27, 0xB4, 0xD5, 0xAE, 0xB4, 0xCB, - 0x50, 0xE6, 0x6B, 0xF4, - 0x4C, 0x86, 0x71, 0x30, 0xE9, 0xA6, 0xDF, 0x16, 0x86, 0xE0, 0xD8, 0xFF, - 0x40, 0xDD, 0xFB, 0xD0, - 0x42, 0x88, 0x7F, 0xA3, 0x33, 0x3A, 0x2E, 0x5C, 0x1E, 0x41, 0x11, 0x81, - 0x63, 0xCE, 0x18, 0x71, - 0x6B, 0x2B, 0xEC, 0xA6, 0x8A, 0xB7, 0x31, 0x5C, 0x3A, 0x6A, 0x47, 0xE0, - 0xC3, 0x79, 0x59, 0xD6, - 0x20, 0x1A, 0xAF, 0xF2, 0x6A, 0x98, 0xAA, 0x72, 0xBC, 0x57, 0x4A, 0xD2, - 0x4B, 0x9D, 0xBB, 0x10, - 0xFC, 0xB0, 0x4C, 0x41, 0xE5, 0xED, 0x1D, 0x3D, 0x5E, 0x28, 0x9D, 0x9C, - 0xCC, 0xBF, 0xB3, 0x51, - 0xDA, 0xA7, 0x47, 0xE5, 0x84, 0x53, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, - 0x81, 0xF4, 0x30, 0x81, - 0xF1, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30, 0x16, - 0x80, 0x14, 0xAD, 0xBD, - 0x98, 0x7A, 0x34, 0xB4, 0x26, 0xF7, 0xFA, 0xC4, 0x26, 0x54, 0xEF, 0x03, - 0xBD, 0xE0, 0x24, 0xCB, - 0x54, 0x1A, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, - 0x14, 0xBB, 0xAF, 0x7E, - 0x02, 0x3D, 0xFA, 0xA6, 0xF1, 0x3C, 0x84, 0x8E, 0xAD, 0xEE, 0x38, 0x98, - 0xEC, 0xD9, 0x32, 0x32, - 0xD4, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, - 0x04, 0x03, 0x02, 0x01, - 0x86, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, - 0x05, 0x30, 0x03, 0x01, - 0x01, 0xFF, 0x30, 0x11, 0x06, 0x03, 0x55, 0x1D, 0x20, 0x04, 0x0A, 0x30, - 0x08, 0x30, 0x06, 0x06, - 0x04, 0x55, 0x1D, 0x20, 0x00, 0x30, 0x44, 0x06, 0x03, 0x55, 0x1D, 0x1F, - 0x04, 0x3D, 0x30, 0x3B, - 0x30, 0x39, 0xA0, 0x37, 0xA0, 0x35, 0x86, 0x33, 0x68, 0x74, 0x74, 0x70, - 0x3A, 0x2F, 0x2F, 0x63, - 0x72, 0x6C, 0x2E, 0x75, 0x73, 0x65, 0x72, 0x74, 0x72, 0x75, 0x73, 0x74, - 0x2E, 0x63, 0x6F, 0x6D, - 0x2F, 0x41, 0x64, 0x64, 0x54, 0x72, 0x75, 0x73, 0x74, 0x45, 0x78, 0x74, - 0x65, 0x72, 0x6E, 0x61, - 0x6C, 0x43, 0x41, 0x52, 0x6F, 0x6F, 0x74, 0x2E, 0x63, 0x72, 0x6C, 0x30, - 0x35, 0x06, 0x08, 0x2B, - 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01, 0x04, 0x29, 0x30, 0x27, 0x30, - 0x25, 0x06, 0x08, 0x2B, - 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x86, 0x19, 0x68, 0x74, 0x74, - 0x70, 0x3A, 0x2F, 0x2F, - 0x6F, 0x63, 0x73, 0x70, 0x2E, 0x75, 0x73, 0x65, 0x72, 0x74, 0x72, 0x75, - 0x73, 0x74, 0x2E, 0x63, - 0x6F, 0x6D, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x01, 0x0C, 0x05, - 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x64, 0xBF, 0x83, 0xF1, 0x5F, 0x9A, - 0x85, 0xD0, 0xCD, 0xB8, - 0xA1, 0x29, 0x57, 0x0D, 0xE8, 0x5A, 0xF7, 0xD1, 0xE9, 0x3E, 0xF2, 0x76, - 0x04, 0x6E, 0xF1, 0x52, - 0x70, 0xBB, 0x1E, 0x3C, 0xFF, 0x4D, 0x0D, 0x74, 0x6A, 0xCC, 0x81, 0x82, - 0x25, 0xD3, 0xC3, 0xA0, - 0x2A, 0x5D, 0x4C, 0xF5, 0xBA, 0x8B, 0xA1, 0x6D, 0xC4, 0x54, 0x09, 0x75, - 0xC7, 0xE3, 0x27, 0x0E, - 0x5D, 0x84, 0x79, 0x37, 0x40, 0x13, 0x77, 0xF5, 0xB4, 0xAC, 0x1C, 0xD0, - 0x3B, 0xAB, 0x17, 0x12, - 0xD6, 0xEF, 0x34, 0x18, 0x7E, 0x2B, 0xE9, 0x79, 0xD3, 0xAB, 0x57, 0x45, - 0x0C, 0xAF, 0x28, 0xFA, - 0xD0, 0xDB, 0xE5, 0x50, 0x95, 0x88, 0xBB, 0xDF, 0x85, 0x57, 0x69, 0x7D, - 0x92, 0xD8, 0x52, 0xCA, - 0x73, 0x81, 0xBF, 0x1C, 0xF3, 0xE6, 0xB8, 0x6E, 0x66, 0x11, 0x05, 0xB3, - 0x1E, 0x94, 0x2D, 0x7F, - 0x91, 0x95, 0x92, 0x59, 0xF1, 0x4C, 0xCE, 0xA3, 0x91, 0x71, 0x4C, 0x7C, - 0x47, 0x0C, 0x3B, 0x0B, - 0x19, 0xF6, 0xA1, 0xB1, 0x6C, 0x86, 0x3E, 0x5C, 0xAA, 0xC4, 0x2E, 0x82, - 0xCB, 0xF9, 0x07, 0x96, - 0xBA, 0x48, 0x4D, 0x90, 0xF2, 0x94, 0xC8, 0xA9, 0x73, 0xA2, 0xEB, 0x06, - 0x7B, 0x23, 0x9D, 0xDE, - 0xA2, 0xF3, 0x4D, 0x55, 0x9F, 0x7A, 0x61, 0x45, 0x98, 0x18, 0x68, 0xC7, - 0x5E, 0x40, 0x6B, 0x23, - 0xF5, 0x79, 0x7A, 0xEF, 0x8C, 0xB5, 0x6B, 0x8B, 0xB7, 0x6F, 0x46, 0xF4, - 0x7B, 0xF1, 0x3D, 0x4B, - 0x04, 0xD8, 0x93, 0x80, 0x59, 0x5A, 0xE0, 0x41, 0x24, 0x1D, 0xB2, 0x8F, - 0x15, 0x60, 0x58, 0x47, - 0xDB, 0xEF, 0x6E, 0x46, 0xFD, 0x15, 0xF5, 0xD9, 0x5F, 0x9A, 0xB3, 0xDB, - 0xD8, 0xB8, 0xE4, 0x40, - 0xB3, 0xCD, 0x97, 0x39, 0xAE, 0x85, 0xBB, 0x1D, 0x8E, 0xBC, 0xDC, 0x87, - 0x9B, 0xD1, 0xA6, 0xEF, - 0xF1, 0x3B, 0x6F, 0x10, 0x38, 0x6F, 0x16, 0x03, 0x03, 0x02, 0x0F, 0x0C, - 0x00, 0x02, 0x0B, 0x00, - 0x80, 0xBB, 0xBC, 0x2D, 0xCA, 0xD8, 0x46, 0x74, 0x90, 0x7C, 0x43, 0xFC, - 0xF5, 0x80, 0xE9, 0xCF, - 0xDB, 0xD9, 0x58, 0xA3, 0xF5, 0x68, 0xB4, 0x2D, 0x4B, 0x08, 0xEE, 0xD4, - 0xEB, 0x0F, 0xB3, 0x50, - 0x4C, 0x6C, 0x03, 0x02, 0x76, 0xE7, 0x10, 0x80, 0x0C, 0x5C, 0xCB, 0xBA, - 0xA8, 0x92, 0x26, 0x14, - 0xC5, 0xBE, 0xEC, 0xA5, 0x65, 0xA5, 0xFD, 0xF1, 0xD2, 0x87, 0xA2, 0xBC, - 0x04, 0x9B, 0xE6, 0x77, - 0x80, 0x60, 0xE9, 0x1A, 0x92, 0xA7, 0x57, 0xE3, 0x04, 0x8F, 0x68, 0xB0, - 0x76, 0xF7, 0xD3, 0x6C, - 0xC8, 0xF2, 0x9B, 0xA5, 0xDF, 0x81, 0xDC, 0x2C, 0xA7, 0x25, 0xEC, 0xE6, - 0x62, 0x70, 0xCC, 0x9A, - 0x50, 0x35, 0xD8, 0xCE, 0xCE, 0xEF, 0x9E, 0xA0, 0x27, 0x4A, 0x63, 0xAB, - 0x1E, 0x58, 0xFA, 0xFD, - 0x49, 0x88, 0xD0, 0xF6, 0x5D, 0x14, 0x67, 0x57, 0xDA, 0x07, 0x1D, 0xF0, - 0x45, 0xCF, 0xE1, 0x6B, - 0x9B, 0x00, 0x01, 0x02, 0x00, 0x80, 0x55, 0xFB, 0xB6, 0x92, 0x5A, 0x0C, - 0x93, 0x56, 0xE8, 0x1C, - 0xCD, 0x23, 0xFC, 0xB9, 0xBE, 0x98, 0x2D, 0x01, 0x4F, 0x35, 0xCE, 0x37, - 0xD0, 0xF8, 0xA0, 0x0C, - 0x42, 0x3B, 0x27, 0x25, 0x10, 0x04, 0x46, 0x02, 0x19, 0x1F, 0xDC, 0xDA, - 0x08, 0x33, 0x42, 0x63, - 0x5F, 0x3C, 0x82, 0x1F, 0xFA, 0x46, 0x9E, 0x34, 0xCB, 0x30, 0xED, 0x55, - 0x11, 0xD7, 0x00, 0x0C, - 0x76, 0x0A, 0x48, 0x0C, 0x1D, 0x7A, 0x13, 0x3D, 0xC6, 0x41, 0xD5, 0x7B, - 0xD5, 0x2A, 0xE0, 0xA3, - 0xB5, 0xAB, 0x0E, 0xBC, 0xD3, 0x17, 0x14, 0xFD, 0x21, 0x8C, 0x78, 0xB1, - 0x4D, 0xF2, 0x5A, 0x44, - 0x89, 0x4E, 0x82, 0x3D, 0x8B, 0xAC, 0x5D, 0x49, 0xB2, 0x19, 0x21, 0x67, - 0xCA, 0x70, 0xC7, 0x8D, - 0x35, 0x89, 0xD1, 0x9D, 0x34, 0xD4, 0x7A, 0xAF, 0x1D, 0x9D, 0x86, 0x0F, - 0xEF, 0x5A, 0x4F, 0x9E, - 0xDA, 0xF5, 0x02, 0x7E, 0x22, 0x67, 0x01, 0x01, 0x01, 0x00, 0x7B, 0x59, - 0x4A, 0x29, 0xF9, 0x9F, - 0x53, 0x41, 0x8B, 0xE6, 0x79, 0xE9, 0xF5, 0x73, 0x7C, 0xC8, 0xE9, 0x40, - 0x1F, 0x39, 0x08, 0x06, - 0x84, 0x3D, 0x80, 0x6B, 0xF0, 0x0C, 0x54, 0xC2, 0x18, 0xD6, 0xAD, 0x53, - 0xFD, 0x7C, 0xB3, 0x8B, - 0xCE, 0x70, 0x4F, 0xCF, 0xFC, 0xEF, 0xC8, 0x2D, 0xE4, 0xD0, 0xC2, 0x7B, - 0x80, 0x57, 0xA2, 0x5F, - 0x7F, 0x36, 0xB0, 0xBC, 0x16, 0xB7, 0xC1, 0xC2, 0x12, 0x96, 0x94, 0x88, - 0x9D, 0x68, 0xD3, 0xDF, - 0xB1, 0x3C, 0xA0, 0x93, 0x3A, 0x4D, 0x90, 0x66, 0x3F, 0xB0, 0x89, 0xE7, - 0x21, 0x58, 0xF0, 0x39, - 0x8B, 0x83, 0x32, 0x93, 0xCB, 0xA9, 0x57, 0x2B, 0x0A, 0x02, 0x5E, 0xF9, - 0xE6, 0x10, 0x9A, 0x7F, - 0x2A, 0x23, 0x3D, 0x5C, 0x3F, 0x38, 0x3A, 0x40, 0x0C, 0x1B, 0x7C, 0x0D, - 0x5D, 0x7C, 0xF1, 0xB2, - 0x88, 0x71, 0xA2, 0x57, 0x02, 0x94, 0x12, 0x45, 0x60, 0xEC, 0xC2, 0xB2, - 0xCB, 0x31, 0xF2, 0xF8, - 0x1B, 0xDD, 0xEA, 0xF6, 0x40, 0xF6, 0x07, 0xEA, 0xC2, 0x71, 0xA6, 0x07, - 0xC8, 0x45, 0xE4, 0xE2, - 0x1D, 0x49, 0x53, 0x40, 0x5B, 0x57, 0x68, 0xA4, 0x81, 0x1C, 0xCB, 0x33, - 0x95, 0x12, 0x0F, 0x4D, - 0xAD, 0x9B, 0x70, 0x53, 0xDC, 0x8B, 0xE6, 0x24, 0x0D, 0x39, 0x83, 0x0E, - 0x17, 0xFB, 0x13, 0xF2, - 0x45, 0x2C, 0x52, 0x44, 0xA3, 0x22, 0x0D, 0x32, 0xDD, 0x21, 0x05, 0x2B, - 0xA1, 0xAC, 0xC4, 0x84, - 0xD7, 0x18, 0x2F, 0xA2, 0xB4, 0xF5, 0x4E, 0xED, 0x72, 0x56, 0xB7, 0x87, - 0x81, 0xF8, 0x51, 0x30, - 0x01, 0xBE, 0x17, 0x31, 0xEE, 0x21, 0xBA, 0x16, 0xAF, 0xEB, 0x0A, 0x54, - 0x69, 0x84, 0xB3, 0xDC, - 0xCA, 0x04, 0xBB, 0x49, 0x84, 0x4C, 0x0F, 0xCE, 0x20, 0xE2, 0x71, 0xF3, - 0x43, 0x26, 0x1D, 0xA4, - 0xAF, 0xAE, 0x3F, 0x9E, 0xA3, 0x44, 0xDC, 0xAE, 0xB7, 0x5B, 0x16, 0x03, - 0x03, 0x00, 0x04, 0x0E, - 0x00, 0x00, 0x00 -}; +static unsigned char tls1_hello + [] = { /* server hello etc. */ + 0x16, 0x03, 0x03, 0x00, 0x39, 0x02, 0x00, 0x00, 0x35, 0x03, 0x03, + 0x95, 0x66, 0x0A, 0x55, 0xBC, 0x04, 0x84, 0xBD, 0x7E, 0xA6, 0xCE, + 0x2B, 0x1C, 0x7B, 0x72, 0x28, 0x0D, 0x8E, 0x2C, 0x34, 0xC8, 0xFF, + 0x73, 0xBA, 0x6C, 0x9F, 0x20, 0xB9, 0x18, 0xCD, 0x22, 0xCB, 0x00, + 0x00, 0x9E, 0x00, 0x00, 0x0D, 0x00, 0x00, 0x00, 0x00, 0xFF, 0x01, + 0x00, 0x01, 0x00, 0x00, 0x23, 0x00, 0x00, 0x16, 0x03, 0x03, 0x10, + 0xE3, 0x0B, 0x00, 0x10, 0xDF, 0x00, 0x10, 0xDC, 0x00, 0x05, 0x4F, + 0x30, 0x82, 0x05, 0x4B, 0x30, 0x82, 0x04, 0x33, 0xA0, 0x03, 0x02, + 0x01, 0x02, 0x02, 0x10, 0x4C, 0x8E, 0x18, 0x71, 0x4B, 0x34, 0xE7, + 0x5E, 0x8D, 0xAE, 0xFB, 0xE8, 0xF6, 0x4C, 0x3A, 0x82, 0x30, 0x0D, + 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, + 0x05, 0x00, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, + 0x55, 0x04, 0x06, 0x13, 0x02, 0x47, 0x42, 0x31, 0x1B, 0x30, 0x19, + 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x12, 0x47, 0x72, 0x65, 0x61, + 0x74, 0x65, 0x72, 0x20, 0x4D, 0x61, 0x6E, 0x63, 0x68, 0x65, 0x73, + 0x74, 0x65, 0x72, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x07, 0x13, 0x07, 0x53, 0x61, 0x6C, 0x66, 0x6F, 0x72, 0x64, 0x31, + 0x1A, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x11, 0x43, + 0x4F, 0x4D, 0x4F, 0x44, 0x4F, 0x20, 0x43, 0x41, 0x20, 0x4C, 0x69, + 0x6D, 0x69, 0x74, 0x65, 0x64, 0x31, 0x36, 0x30, 0x34, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x13, 0x2D, 0x43, 0x4F, 0x4D, 0x4F, 0x44, 0x4F, + 0x20, 0x52, 0x53, 0x41, 0x20, 0x44, 0x6F, 0x6D, 0x61, 0x69, 0x6E, + 0x20, 0x56, 0x61, 0x6C, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6F, 0x6E, + 0x20, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x20, 0x53, 0x65, 0x72, + 0x76, 0x65, 0x72, 0x20, 0x43, 0x41, 0x30, 0x1E, 0x17, 0x0D, 0x31, + 0x36, 0x30, 0x37, 0x30, 0x37, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, + 0x5A, 0x17, 0x0D, 0x31, 0x37, 0x30, 0x39, 0x30, 0x35, 0x32, 0x33, + 0x35, 0x39, 0x35, 0x39, 0x5A, 0x30, 0x59, 0x31, 0x21, 0x30, 0x1F, + 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x18, 0x44, 0x6F, 0x6D, 0x61, + 0x69, 0x6E, 0x20, 0x43, 0x6F, 0x6E, 0x74, 0x72, 0x6F, 0x6C, 0x20, + 0x56, 0x61, 0x6C, 0x69, 0x64, 0x61, 0x74, 0x65, 0x64, 0x31, 0x1D, + 0x30, 0x1B, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x14, 0x50, 0x6F, + 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x53, 0x53, 0x4C, 0x20, 0x57, + 0x69, 0x6C, 0x64, 0x63, 0x61, 0x72, 0x64, 0x31, 0x15, 0x30, 0x13, + 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0C, 0x2A, 0x2E, 0x62, 0x61, + 0x64, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, + 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, + 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC2, 0x04, 0xEC, + 0xF8, 0x8C, 0xEE, 0x04, 0xC2, 0xB3, 0xD8, 0x50, 0xD5, 0x70, 0x58, + 0xCC, 0x93, 0x18, 0xEB, 0x5C, 0xA8, 0x68, 0x49, 0xB0, 0x22, 0xB5, + 0xF9, 0x95, 0x9E, 0xB1, 0x2B, 0x2C, 0x76, 0x3E, 0x6C, 0xC0, 0x4B, + 0x60, 0x4C, 0x4C, 0xEA, 0xB2, 0xB4, 0xC0, 0x0F, 0x80, 0xB6, 0xB0, + 0xF9, 0x72, 0xC9, 0x86, 0x02, 0xF9, 0x5C, 0x41, 0x5D, 0x13, 0x2B, + 0x7F, 0x71, 0xC4, 0x4B, 0xBC, 0xE9, 0x94, 0x2E, 0x50, 0x37, 0xA6, + 0x67, 0x1C, 0x61, 0x8C, 0xF6, 0x41, 0x42, 0xC5, 0x46, 0xD3, 0x16, + 0x87, 0x27, 0x9F, 0x74, 0xEB, 0x0A, 0x9D, 0x11, 0x52, 0x26, 0x21, + 0x73, 0x6C, 0x84, 0x4C, 0x79, 0x55, 0xE4, 0xD1, 0x6B, 0xE8, 0x06, + 0x3D, 0x48, 0x15, 0x52, 0xAD, 0xB3, 0x28, 0xDB, 0xAA, 0xFF, 0x6E, + 0xFF, 0x60, 0x95, 0x4A, 0x77, 0x6B, 0x39, 0xF1, 0x24, 0xD1, 0x31, + 0xB6, 0xDD, 0x4D, 0xC0, 0xC4, 0xFC, 0x53, 0xB9, 0x6D, 0x42, 0xAD, + 0xB5, 0x7C, 0xFE, 0xAE, 0xF5, 0x15, 0xD2, 0x33, 0x48, 0xE7, 0x22, + 0x71, 0xC7, 0xC2, 0x14, 0x7A, 0x6C, 0x28, 0xEA, 0x37, 0x4A, 0xDF, + 0xEA, 0x6C, 0xB5, 0x72, 0xB4, 0x7E, 0x5A, 0xA2, 0x16, 0xDC, 0x69, + 0xB1, 0x57, 0x44, 0xDB, 0x0A, 0x12, 0xAB, 0xDE, 0xC3, 0x0F, 0x47, + 0x74, 0x5C, 0x41, 0x22, 0xE1, 0x9A, 0xF9, 0x1B, 0x93, 0xE6, 0xAD, + 0x22, 0x06, 0x29, 0x2E, 0xB1, 0xBA, 0x49, 0x1C, 0x0C, 0x27, 0x9E, + 0xA3, 0xFB, 0x8B, 0xF7, 0x40, 0x72, 0x00, 0xAC, 0x92, 0x08, 0xD9, + 0x8C, 0x57, 0x84, 0x53, 0x81, 0x05, 0xCB, 0xE6, 0xFE, 0x6B, 0x54, + 0x98, 0x40, 0x27, 0x85, 0xC7, 0x10, 0xBB, 0x73, 0x70, 0xEF, 0x69, + 0x18, 0x41, 0x07, 0x45, 0x55, 0x7C, 0xF9, 0x64, 0x3F, 0x3D, 0x2C, + 0xC3, 0xA9, 0x7C, 0xEB, 0x93, 0x1A, 0x4C, 0x86, 0xD1, 0xCA, 0x85, + 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0xD5, 0x30, 0x82, + 0x01, 0xD1, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, + 0x30, 0x16, 0x80, 0x14, 0x90, 0xAF, 0x6A, 0x3A, 0x94, 0x5A, 0x0B, + 0xD8, 0x90, 0xEA, 0x12, 0x56, 0x73, 0xDF, 0x43, 0xB4, 0x3A, 0x28, + 0xDA, 0xE7, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, + 0x04, 0x14, 0x9D, 0xEE, 0xC1, 0x7B, 0x81, 0x0B, 0x3A, 0x47, 0x69, + 0x71, 0x18, 0x7D, 0x11, 0x37, 0x93, 0xBC, 0xA5, 0x1B, 0x3F, 0xFB, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, + 0x04, 0x03, 0x02, 0x05, 0xA0, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, + 0x13, 0x01, 0x01, 0xFF, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1D, 0x06, + 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, + 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, + 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x4F, 0x06, 0x03, 0x55, + 0x1D, 0x20, 0x04, 0x48, 0x30, 0x46, 0x30, 0x3A, 0x06, 0x0B, 0x2B, + 0x06, 0x01, 0x04, 0x01, 0xB2, 0x31, 0x01, 0x02, 0x02, 0x07, 0x30, + 0x2B, 0x30, 0x29, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, + 0x02, 0x01, 0x16, 0x1D, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3A, 0x2F, + 0x2F, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x2E, 0x63, 0x6F, 0x6D, + 0x6F, 0x64, 0x6F, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x43, 0x50, 0x53, + 0x30, 0x08, 0x06, 0x06, 0x67, 0x81, 0x0C, 0x01, 0x02, 0x01, 0x30, + 0x54, 0x06, 0x03, 0x55, 0x1D, 0x1F, 0x04, 0x4D, 0x30, 0x4B, 0x30, + 0x49, 0xA0, 0x47, 0xA0, 0x45, 0x86, 0x43, 0x68, 0x74, 0x74, 0x70, + 0x3A, 0x2F, 0x2F, 0x63, 0x72, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x6F, + 0x64, 0x6F, 0x63, 0x61, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x43, 0x4F, + 0x4D, 0x4F, 0x44, 0x4F, 0x52, 0x53, 0x41, 0x44, 0x6F, 0x6D, 0x61, + 0x69, 0x6E, 0x56, 0x61, 0x6C, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6F, + 0x6E, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x53, 0x65, 0x72, 0x76, + 0x65, 0x72, 0x43, 0x41, 0x2E, 0x63, 0x72, 0x6C, 0x30, 0x81, 0x85, + 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01, 0x04, + 0x79, 0x30, 0x77, 0x30, 0x4F, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, + 0x05, 0x07, 0x30, 0x02, 0x86, 0x43, 0x68, 0x74, 0x74, 0x70, 0x3A, + 0x2F, 0x2F, 0x63, 0x72, 0x74, 0x2E, 0x63, 0x6F, 0x6D, 0x6F, 0x64, + 0x6F, 0x63, 0x61, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x43, 0x4F, 0x4D, + 0x4F, 0x44, 0x4F, 0x52, 0x53, 0x41, 0x44, 0x6F, 0x6D, 0x61, 0x69, + 0x6E, 0x56, 0x61, 0x6C, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6F, 0x6E, + 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, + 0x72, 0x43, 0x41, 0x2E, 0x63, 0x72, 0x74, 0x30, 0x24, 0x06, 0x08, + 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x86, 0x18, 0x68, + 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x6F, 0x63, 0x73, 0x70, 0x2E, + 0x63, 0x6F, 0x6D, 0x6F, 0x64, 0x6F, 0x63, 0x61, 0x2E, 0x63, 0x6F, + 0x6D, 0x30, 0x23, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x1C, 0x30, + 0x1A, 0x82, 0x0C, 0x2A, 0x2E, 0x62, 0x61, 0x64, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0A, 0x62, 0x61, 0x64, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, + 0x01, 0x01, 0x00, 0x75, 0x48, 0x83, 0x88, 0x9C, 0x55, 0x24, 0x37, + 0x30, 0x07, 0xEB, 0x26, 0x68, 0xC8, 0x79, 0x1C, 0x5C, 0xAE, 0x9A, + 0x02, 0x9A, 0xB5, 0x52, 0x75, 0x44, 0xAC, 0xA9, 0xED, 0x59, 0x65, + 0xD0, 0xC6, 0x47, 0x26, 0x04, 0x8D, 0x57, 0x89, 0x16, 0x2E, 0x71, + 0x18, 0x48, 0x98, 0x68, 0x1C, 0xF6, 0x31, 0xF5, 0x26, 0x4B, 0xE8, + 0x81, 0x44, 0xB1, 0xFF, 0x5C, 0x65, 0x3D, 0x78, 0x54, 0x94, 0xC3, + 0x86, 0x9D, 0x48, 0x96, 0xE8, 0x32, 0xAF, 0xE1, 0x8F, 0x94, 0x47, + 0xBE, 0x37, 0x8C, 0xC3, 0xED, 0x4D, 0x97, 0xBB, 0xC6, 0x2A, 0x37, + 0x72, 0x01, 0x3A, 0x8F, 0x82, 0xA4, 0x34, 0x44, 0xC4, 0xC4, 0xF8, + 0x50, 0x24, 0x48, 0x9E, 0x19, 0xF0, 0xEC, 0xE1, 0xC6, 0x13, 0x44, + 0x26, 0xB6, 0x65, 0xE1, 0x62, 0x49, 0x87, 0xA4, 0xF4, 0xD8, 0xC4, + 0x39, 0x3C, 0x7D, 0x42, 0xC8, 0xA4, 0x2A, 0x54, 0x05, 0xA0, 0xDC, + 0x0A, 0xF8, 0x2B, 0x22, 0x94, 0x93, 0x78, 0x4E, 0x6A, 0x36, 0x1B, + 0xD2, 0xE7, 0xE9, 0xAE, 0x84, 0xED, 0x13, 0x1D, 0xA1, 0xF7, 0xA2, + 0x83, 0x81, 0x03, 0x4C, 0x9E, 0x21, 0xFB, 0xBF, 0xA8, 0x30, 0xFE, + 0xEB, 0x00, 0x68, 0xB1, 0x7F, 0xBA, 0x5D, 0xE2, 0x5D, 0xFF, 0x41, + 0x1F, 0xD6, 0xF5, 0xA6, 0x5C, 0x8A, 0xEF, 0x81, 0x80, 0xC8, 0xF1, + 0x52, 0x00, 0x17, 0x9D, 0xD1, 0x96, 0x1A, 0x7D, 0x5E, 0xD2, 0x83, + 0xB3, 0x82, 0xC2, 0x3D, 0x46, 0x83, 0xA5, 0x1E, 0xB4, 0x36, 0x35, + 0x38, 0xC4, 0x7A, 0x2E, 0xDF, 0x0B, 0xA1, 0x98, 0x63, 0x58, 0x0B, + 0x1E, 0xD0, 0x6D, 0x83, 0x1F, 0xF1, 0x72, 0x4D, 0x09, 0xAC, 0x96, + 0x1A, 0x0B, 0xE5, 0xF6, 0x34, 0x4C, 0xAB, 0xBC, 0xBC, 0x99, 0x5B, + 0x82, 0x59, 0xE6, 0x6C, 0xD3, 0xDB, 0x98, 0xE0, 0xCE, 0x95, 0x3B, + 0xCF, 0x4E, 0x17, 0xC3, 0xEE, 0x3A, 0x00, 0x06, 0x0C, 0x30, 0x82, + 0x06, 0x08, 0x30, 0x82, 0x03, 0xF0, 0xA0, 0x03, 0x02, 0x01, 0x02, + 0x02, 0x10, 0x2B, 0x2E, 0x6E, 0xEA, 0xD9, 0x75, 0x36, 0x6C, 0x14, + 0x8A, 0x6E, 0xDB, 0xA3, 0x7C, 0x8C, 0x07, 0x30, 0x0D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0C, 0x05, 0x00, + 0x30, 0x81, 0x85, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x06, 0x13, 0x02, 0x47, 0x42, 0x31, 0x1B, 0x30, 0x19, 0x06, 0x03, + 0x55, 0x04, 0x08, 0x13, 0x12, 0x47, 0x72, 0x65, 0x61, 0x74, 0x65, + 0x72, 0x20, 0x4D, 0x61, 0x6E, 0x63, 0x68, 0x65, 0x73, 0x74, 0x65, + 0x72, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, + 0x07, 0x53, 0x61, 0x6C, 0x66, 0x6F, 0x72, 0x64, 0x31, 0x1A, 0x30, + 0x18, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x11, 0x43, 0x4F, 0x4D, + 0x4F, 0x44, 0x4F, 0x20, 0x43, 0x41, 0x20, 0x4C, 0x69, 0x6D, 0x69, + 0x74, 0x65, 0x64, 0x31, 0x2B, 0x30, 0x29, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x13, 0x22, 0x43, 0x4F, 0x4D, 0x4F, 0x44, 0x4F, 0x20, 0x52, + 0x53, 0x41, 0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, + 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F, + 0x72, 0x69, 0x74, 0x79, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x34, 0x30, + 0x32, 0x31, 0x32, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5A, 0x17, + 0x0D, 0x32, 0x39, 0x30, 0x32, 0x31, 0x31, 0x32, 0x33, 0x35, 0x39, + 0x35, 0x39, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x47, 0x42, 0x31, 0x1B, 0x30, + 0x19, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x12, 0x47, 0x72, 0x65, + 0x61, 0x74, 0x65, 0x72, 0x20, 0x4D, 0x61, 0x6E, 0x63, 0x68, 0x65, + 0x73, 0x74, 0x65, 0x72, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x13, 0x07, 0x53, 0x61, 0x6C, 0x66, 0x6F, 0x72, 0x64, + 0x31, 0x1A, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x11, + 0x43, 0x4F, 0x4D, 0x4F, 0x44, 0x4F, 0x20, 0x43, 0x41, 0x20, 0x4C, + 0x69, 0x6D, 0x69, 0x74, 0x65, 0x64, 0x31, 0x36, 0x30, 0x34, 0x06, + 0x03, 0x55, 0x04, 0x03, 0x13, 0x2D, 0x43, 0x4F, 0x4D, 0x4F, 0x44, + 0x4F, 0x20, 0x52, 0x53, 0x41, 0x20, 0x44, 0x6F, 0x6D, 0x61, 0x69, + 0x6E, 0x20, 0x56, 0x61, 0x6C, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6F, + 0x6E, 0x20, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x20, 0x53, 0x65, + 0x72, 0x76, 0x65, 0x72, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, + 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, + 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0x8E, 0xC2, 0x02, 0x19, + 0xE1, 0xA0, 0x59, 0xA4, 0xEB, 0x38, 0x35, 0x8D, 0x2C, 0xFD, 0x01, + 0xD0, 0xD3, 0x49, 0xC0, 0x64, 0xC7, 0x0B, 0x62, 0x05, 0x45, 0x16, + 0x3A, 0xA8, 0xA0, 0xC0, 0x0C, 0x02, 0x7F, 0x1D, 0xCC, 0xDB, 0xC4, + 0xA1, 0x6D, 0x77, 0x03, 0xA3, 0x0F, 0x86, 0xF9, 0xE3, 0x06, 0x9C, + 0x3E, 0x0B, 0x81, 0x8A, 0x9B, 0x49, 0x1B, 0xAD, 0x03, 0xBE, 0xFA, + 0x4B, 0xDB, 0x8C, 0x20, 0xED, 0xD5, 0xCE, 0x5E, 0x65, 0x8E, 0x3E, + 0x0D, 0xAF, 0x4C, 0xC2, 0xB0, 0xB7, 0x45, 0x5E, 0x52, 0x2F, 0x34, + 0xDE, 0x48, 0x24, 0x64, 0xB4, 0x41, 0xAE, 0x00, 0x97, 0xF7, 0xBE, + 0x67, 0xDE, 0x9E, 0xD0, 0x7A, 0xA7, 0x53, 0x80, 0x3B, 0x7C, 0xAD, + 0xF5, 0x96, 0x55, 0x6F, 0x97, 0x47, 0x0A, 0x7C, 0x85, 0x8B, 0x22, + 0x97, 0x8D, 0xB3, 0x84, 0xE0, 0x96, 0x57, 0xD0, 0x70, 0x18, 0x60, + 0x96, 0x8F, 0xEE, 0x2D, 0x07, 0x93, 0x9D, 0xA1, 0xBA, 0xCA, 0xD1, + 0xCD, 0x7B, 0xE9, 0xC4, 0x2A, 0x9A, 0x28, 0x21, 0x91, 0x4D, 0x6F, + 0x92, 0x4F, 0x25, 0xA5, 0xF2, 0x7A, 0x35, 0xDD, 0x26, 0xDC, 0x46, + 0xA5, 0xD0, 0xAC, 0x59, 0x35, 0x8C, 0xFF, 0x4E, 0x91, 0x43, 0x50, + 0x3F, 0x59, 0x93, 0x1E, 0x6C, 0x51, 0x21, 0xEE, 0x58, 0x14, 0xAB, + 0xFE, 0x75, 0x50, 0x78, 0x3E, 0x4C, 0xB0, 0x1C, 0x86, 0x13, 0xFA, + 0x6B, 0x98, 0xBC, 0xE0, 0x3B, 0x94, 0x1E, 0x85, 0x52, 0xDC, 0x03, + 0x93, 0x24, 0x18, 0x6E, 0xCB, 0x27, 0x51, 0x45, 0xE6, 0x70, 0xDE, + 0x25, 0x43, 0xA4, 0x0D, 0xE1, 0x4A, 0xA5, 0xED, 0xB6, 0x7E, 0xC8, + 0xCD, 0x6D, 0xEE, 0x2E, 0x1D, 0x27, 0x73, 0x5D, 0xDC, 0x45, 0x30, + 0x80, 0xAA, 0xE3, 0xB2, 0x41, 0x0B, 0xAF, 0xBD, 0x44, 0x87, 0xDA, + 0xB9, 0xE5, 0x1B, 0x9D, 0x7F, 0xAE, 0xE5, 0x85, 0x82, 0xA5, 0x02, + 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x65, 0x30, 0x82, 0x01, + 0x61, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30, + 0x16, 0x80, 0x14, 0xBB, 0xAF, 0x7E, 0x02, 0x3D, 0xFA, 0xA6, 0xF1, + 0x3C, 0x84, 0x8E, 0xAD, 0xEE, 0x38, 0x98, 0xEC, 0xD9, 0x32, 0x32, + 0xD4, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, + 0x14, 0x90, 0xAF, 0x6A, 0x3A, 0x94, 0x5A, 0x0B, 0xD8, 0x90, 0xEA, + 0x12, 0x56, 0x73, 0xDF, 0x43, 0xB4, 0x3A, 0x28, 0xDA, 0xE7, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, + 0x03, 0x02, 0x01, 0x86, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1D, 0x13, + 0x01, 0x01, 0xFF, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xFF, 0x02, + 0x01, 0x00, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, + 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, + 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, + 0x30, 0x1B, 0x06, 0x03, 0x55, 0x1D, 0x20, 0x04, 0x14, 0x30, 0x12, + 0x30, 0x06, 0x06, 0x04, 0x55, 0x1D, 0x20, 0x00, 0x30, 0x08, 0x06, + 0x06, 0x67, 0x81, 0x0C, 0x01, 0x02, 0x01, 0x30, 0x4C, 0x06, 0x03, + 0x55, 0x1D, 0x1F, 0x04, 0x45, 0x30, 0x43, 0x30, 0x41, 0xA0, 0x3F, + 0xA0, 0x3D, 0x86, 0x3B, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, + 0x63, 0x72, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x6F, 0x64, 0x6F, 0x63, + 0x61, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x43, 0x4F, 0x4D, 0x4F, 0x44, + 0x4F, 0x52, 0x53, 0x41, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, + 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x41, 0x75, 0x74, 0x68, 0x6F, + 0x72, 0x69, 0x74, 0x79, 0x2E, 0x63, 0x72, 0x6C, 0x30, 0x71, 0x06, + 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01, 0x04, 0x65, + 0x30, 0x63, 0x30, 0x3B, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x30, 0x02, 0x86, 0x2F, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, + 0x2F, 0x63, 0x72, 0x74, 0x2E, 0x63, 0x6F, 0x6D, 0x6F, 0x64, 0x6F, + 0x63, 0x61, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x43, 0x4F, 0x4D, 0x4F, + 0x44, 0x4F, 0x52, 0x53, 0x41, 0x41, 0x64, 0x64, 0x54, 0x72, 0x75, + 0x73, 0x74, 0x43, 0x41, 0x2E, 0x63, 0x72, 0x74, 0x30, 0x24, 0x06, + 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x86, 0x18, + 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x6F, 0x63, 0x73, 0x70, + 0x2E, 0x63, 0x6F, 0x6D, 0x6F, 0x64, 0x6F, 0x63, 0x61, 0x2E, 0x63, + 0x6F, 0x6D, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x01, 0x0C, 0x05, 0x00, 0x03, 0x82, 0x02, 0x01, 0x00, + 0x4E, 0x2B, 0x76, 0x4F, 0x92, 0x1C, 0x62, 0x36, 0x89, 0xBA, 0x77, + 0xC1, 0x27, 0x05, 0xF4, 0x1C, 0xD6, 0x44, 0x9D, 0xA9, 0x9A, 0x3E, + 0xAA, 0xD5, 0x66, 0x66, 0x01, 0x3E, 0xEA, 0x49, 0xE6, 0xA2, 0x35, + 0xBC, 0xFA, 0xF6, 0xDD, 0x95, 0x8E, 0x99, 0x35, 0x98, 0x0E, 0x36, + 0x18, 0x75, 0xB1, 0xDD, 0xDD, 0x50, 0x72, 0x7C, 0xAE, 0xDC, 0x77, + 0x88, 0xCE, 0x0F, 0xF7, 0x90, 0x20, 0xCA, 0xA3, 0x67, 0x2E, 0x1F, + 0x56, 0x7F, 0x7B, 0xE1, 0x44, 0xEA, 0x42, 0x95, 0xC4, 0x5D, 0x0D, + 0x01, 0x50, 0x46, 0x15, 0xF2, 0x81, 0x89, 0x59, 0x6C, 0x8A, 0xDD, + 0x8C, 0xF1, 0x12, 0xA1, 0x8D, 0x3A, 0x42, 0x8A, 0x98, 0xF8, 0x4B, + 0x34, 0x7B, 0x27, 0x3B, 0x08, 0xB4, 0x6F, 0x24, 0x3B, 0x72, 0x9D, + 0x63, 0x74, 0x58, 0x3C, 0x1A, 0x6C, 0x3F, 0x4F, 0xC7, 0x11, 0x9A, + 0xC8, 0xA8, 0xF5, 0xB5, 0x37, 0xEF, 0x10, 0x45, 0xC6, 0x6C, 0xD9, + 0xE0, 0x5E, 0x95, 0x26, 0xB3, 0xEB, 0xAD, 0xA3, 0xB9, 0xEE, 0x7F, + 0x0C, 0x9A, 0x66, 0x35, 0x73, 0x32, 0x60, 0x4E, 0xE5, 0xDD, 0x8A, + 0x61, 0x2C, 0x6E, 0x52, 0x11, 0x77, 0x68, 0x96, 0xD3, 0x18, 0x75, + 0x51, 0x15, 0x00, 0x1B, 0x74, 0x88, 0xDD, 0xE1, 0xC7, 0x38, 0x04, + 0x43, 0x28, 0xE9, 0x16, 0xFD, 0xD9, 0x05, 0xD4, 0x5D, 0x47, 0x27, + 0x60, 0xD6, 0xFB, 0x38, 0x3B, 0x6C, 0x72, 0xA2, 0x94, 0xF8, 0x42, + 0x1A, 0xDF, 0xED, 0x6F, 0x06, 0x8C, 0x45, 0xC2, 0x06, 0x00, 0xAA, + 0xE4, 0xE8, 0xDC, 0xD9, 0xB5, 0xE1, 0x73, 0x78, 0xEC, 0xF6, 0x23, + 0xDC, 0xD1, 0xDD, 0x6C, 0x8E, 0x1A, 0x8F, 0xA5, 0xEA, 0x54, 0x7C, + 0x96, 0xB7, 0xC3, 0xFE, 0x55, 0x8E, 0x8D, 0x49, 0x5E, 0xFC, 0x64, + 0xBB, 0xCF, 0x3E, 0xBD, 0x96, 0xEB, 0x69, 0xCD, 0xBF, 0xE0, 0x48, + 0xF1, 0x62, 0x82, 0x10, 0xE5, 0x0C, 0x46, 0x57, 0xF2, 0x33, 0xDA, + 0xD0, 0xC8, 0x63, 0xED, 0xC6, 0x1F, 0x94, 0x05, 0x96, 0x4A, 0x1A, + 0x91, 0xD1, 0xF7, 0xEB, 0xCF, 0x8F, 0x52, 0xAE, 0x0D, 0x08, 0xD9, + 0x3E, 0xA8, 0xA0, 0x51, 0xE9, 0xC1, 0x87, 0x74, 0xD5, 0xC9, 0xF7, + 0x74, 0xAB, 0x2E, 0x53, 0xFB, 0xBB, 0x7A, 0xFB, 0x97, 0xE2, 0xF8, + 0x1F, 0x26, 0x8F, 0xB3, 0xD2, 0xA0, 0xE0, 0x37, 0x5B, 0x28, 0x3B, + 0x31, 0xE5, 0x0E, 0x57, 0x2D, 0x5A, 0xB8, 0xAD, 0x79, 0xAC, 0x5E, + 0x20, 0x66, 0x1A, 0xA5, 0xB9, 0xA6, 0xB5, 0x39, 0xC1, 0xF5, 0x98, + 0x43, 0xFF, 0xEE, 0xF9, 0xA7, 0xA7, 0xFD, 0xEE, 0xCA, 0x24, 0x3D, + 0x80, 0x16, 0xC4, 0x17, 0x8F, 0x8A, 0xC1, 0x60, 0xA1, 0x0C, 0xAE, + 0x5B, 0x43, 0x47, 0x91, 0x4B, 0xD5, 0x9A, 0x17, 0x5F, 0xF9, 0xD4, + 0x87, 0xC1, 0xC2, 0x8C, 0xB7, 0xE7, 0xE2, 0x0F, 0x30, 0x19, 0x37, + 0x86, 0xAC, 0xE0, 0xDC, 0x42, 0x03, 0xE6, 0x94, 0xA8, 0x9D, 0xAE, + 0xFD, 0x0F, 0x24, 0x51, 0x94, 0xCE, 0x92, 0x08, 0xD1, 0xFC, 0x50, + 0xF0, 0x03, 0x40, 0x7B, 0x88, 0x59, 0xED, 0x0E, 0xDD, 0xAC, 0xD2, + 0x77, 0x82, 0x34, 0xDC, 0x06, 0x95, 0x02, 0xD8, 0x90, 0xF9, 0x2D, + 0xEA, 0x37, 0xD5, 0x1A, 0x60, 0xD0, 0x67, 0x20, 0xD7, 0xD8, 0x42, + 0x0B, 0x45, 0xAF, 0x82, 0x68, 0xDE, 0xDD, 0x66, 0x24, 0x37, 0x90, + 0x29, 0x94, 0x19, 0x46, 0x19, 0x25, 0xB8, 0x80, 0xD7, 0xCB, 0xD4, + 0x86, 0x28, 0x6A, 0x44, 0x70, 0x26, 0x23, 0x62, 0xA9, 0x9F, 0x86, + 0x6F, 0xBF, 0xBA, 0x90, 0x70, 0xD2, 0x56, 0x77, 0x85, 0x78, 0xEF, + 0xEA, 0x25, 0xA9, 0x17, 0xCE, 0x50, 0x72, 0x8C, 0x00, 0x3A, 0xAA, + 0xE3, 0xDB, 0x63, 0x34, 0x9F, 0xF8, 0x06, 0x71, 0x01, 0xE2, 0x82, + 0x20, 0xD4, 0xFE, 0x6F, 0xBD, 0xB1, 0x00, 0x05, 0x78, 0x30, 0x82, + 0x05, 0x74, 0x30, 0x82, 0x04, 0x5C, 0xA0, 0x03, 0x02, 0x01, 0x02, + 0x02, 0x10, 0x27, 0x66, 0xEE, 0x56, 0xEB, 0x49, 0xF3, 0x8E, 0xAB, + 0xD7, 0x70, 0xA2, 0xFC, 0x84, 0xDE, 0x22, 0x30, 0x0D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0C, 0x05, 0x00, + 0x30, 0x6F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, + 0x13, 0x02, 0x53, 0x45, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, + 0x04, 0x0A, 0x13, 0x0B, 0x41, 0x64, 0x64, 0x54, 0x72, 0x75, 0x73, + 0x74, 0x20, 0x41, 0x42, 0x31, 0x26, 0x30, 0x24, 0x06, 0x03, 0x55, + 0x04, 0x0B, 0x13, 0x1D, 0x41, 0x64, 0x64, 0x54, 0x72, 0x75, 0x73, + 0x74, 0x20, 0x45, 0x78, 0x74, 0x65, 0x72, 0x6E, 0x61, 0x6C, 0x20, + 0x54, 0x54, 0x50, 0x20, 0x4E, 0x65, 0x74, 0x77, 0x6F, 0x72, 0x6B, + 0x31, 0x22, 0x30, 0x20, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x19, + 0x41, 0x64, 0x64, 0x54, 0x72, 0x75, 0x73, 0x74, 0x20, 0x45, 0x78, + 0x74, 0x65, 0x72, 0x6E, 0x61, 0x6C, 0x20, 0x43, 0x41, 0x20, 0x52, + 0x6F, 0x6F, 0x74, 0x30, 0x1E, 0x17, 0x0D, 0x30, 0x30, 0x30, 0x35, + 0x33, 0x30, 0x31, 0x30, 0x34, 0x38, 0x33, 0x38, 0x5A, 0x17, 0x0D, + 0x32, 0x30, 0x30, 0x35, 0x33, 0x30, 0x31, 0x30, 0x34, 0x38, 0x33, + 0x38, 0x5A, 0x30, 0x81, 0x85, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, + 0x55, 0x04, 0x06, 0x13, 0x02, 0x47, 0x42, 0x31, 0x1B, 0x30, 0x19, + 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x12, 0x47, 0x72, 0x65, 0x61, + 0x74, 0x65, 0x72, 0x20, 0x4D, 0x61, 0x6E, 0x63, 0x68, 0x65, 0x73, + 0x74, 0x65, 0x72, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x07, 0x13, 0x07, 0x53, 0x61, 0x6C, 0x66, 0x6F, 0x72, 0x64, 0x31, + 0x1A, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x11, 0x43, + 0x4F, 0x4D, 0x4F, 0x44, 0x4F, 0x20, 0x43, 0x41, 0x20, 0x4C, 0x69, + 0x6D, 0x69, 0x74, 0x65, 0x64, 0x31, 0x2B, 0x30, 0x29, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x13, 0x22, 0x43, 0x4F, 0x4D, 0x4F, 0x44, 0x4F, + 0x20, 0x52, 0x53, 0x41, 0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, + 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x41, 0x75, 0x74, + 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79, 0x30, 0x82, 0x02, 0x22, 0x30, + 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, + 0x01, 0x05, 0x00, 0x03, 0x82, 0x02, 0x0F, 0x00, 0x30, 0x82, 0x02, + 0x0A, 0x02, 0x82, 0x02, 0x01, 0x00, 0x91, 0xE8, 0x54, 0x92, 0xD2, + 0x0A, 0x56, 0xB1, 0xAC, 0x0D, 0x24, 0xDD, 0xC5, 0xCF, 0x44, 0x67, + 0x74, 0x99, 0x2B, 0x37, 0xA3, 0x7D, 0x23, 0x70, 0x00, 0x71, 0xBC, + 0x53, 0xDF, 0xC4, 0xFA, 0x2A, 0x12, 0x8F, 0x4B, 0x7F, 0x10, 0x56, + 0xBD, 0x9F, 0x70, 0x72, 0xB7, 0x61, 0x7F, 0xC9, 0x4B, 0x0F, 0x17, + 0xA7, 0x3D, 0xE3, 0xB0, 0x04, 0x61, 0xEE, 0xFF, 0x11, 0x97, 0xC7, + 0xF4, 0x86, 0x3E, 0x0A, 0xFA, 0x3E, 0x5C, 0xF9, 0x93, 0xE6, 0x34, + 0x7A, 0xD9, 0x14, 0x6B, 0xE7, 0x9C, 0xB3, 0x85, 0xA0, 0x82, 0x7A, + 0x76, 0xAF, 0x71, 0x90, 0xD7, 0xEC, 0xFD, 0x0D, 0xFA, 0x9C, 0x6C, + 0xFA, 0xDF, 0xB0, 0x82, 0xF4, 0x14, 0x7E, 0xF9, 0xBE, 0xC4, 0xA6, + 0x2F, 0x4F, 0x7F, 0x99, 0x7F, 0xB5, 0xFC, 0x67, 0x43, 0x72, 0xBD, + 0x0C, 0x00, 0xD6, 0x89, 0xEB, 0x6B, 0x2C, 0xD3, 0xED, 0x8F, 0x98, + 0x1C, 0x14, 0xAB, 0x7E, 0xE5, 0xE3, 0x6E, 0xFC, 0xD8, 0xA8, 0xE4, + 0x92, 0x24, 0xDA, 0x43, 0x6B, 0x62, 0xB8, 0x55, 0xFD, 0xEA, 0xC1, + 0xBC, 0x6C, 0xB6, 0x8B, 0xF3, 0x0E, 0x8D, 0x9A, 0xE4, 0x9B, 0x6C, + 0x69, 0x99, 0xF8, 0x78, 0x48, 0x30, 0x45, 0xD5, 0xAD, 0xE1, 0x0D, + 0x3C, 0x45, 0x60, 0xFC, 0x32, 0x96, 0x51, 0x27, 0xBC, 0x67, 0xC3, + 0xCA, 0x2E, 0xB6, 0x6B, 0xEA, 0x46, 0xC7, 0xC7, 0x20, 0xA0, 0xB1, + 0x1F, 0x65, 0xDE, 0x48, 0x08, 0xBA, 0xA4, 0x4E, 0xA9, 0xF2, 0x83, + 0x46, 0x37, 0x84, 0xEB, 0xE8, 0xCC, 0x81, 0x48, 0x43, 0x67, 0x4E, + 0x72, 0x2A, 0x9B, 0x5C, 0xBD, 0x4C, 0x1B, 0x28, 0x8A, 0x5C, 0x22, + 0x7B, 0xB4, 0xAB, 0x98, 0xD9, 0xEE, 0xE0, 0x51, 0x83, 0xC3, 0x09, + 0x46, 0x4E, 0x6D, 0x3E, 0x99, 0xFA, 0x95, 0x17, 0xDA, 0x7C, 0x33, + 0x57, 0x41, 0x3C, 0x8D, 0x51, 0xED, 0x0B, 0xB6, 0x5C, 0xAF, 0x2C, + 0x63, 0x1A, 0xDF, 0x57, 0xC8, 0x3F, 0xBC, 0xE9, 0x5D, 0xC4, 0x9B, + 0xAF, 0x45, 0x99, 0xE2, 0xA3, 0x5A, 0x24, 0xB4, 0xBA, 0xA9, 0x56, + 0x3D, 0xCF, 0x6F, 0xAA, 0xFF, 0x49, 0x58, 0xBE, 0xF0, 0xA8, 0xFF, + 0xF4, 0xB8, 0xAD, 0xE9, 0x37, 0xFB, 0xBA, 0xB8, 0xF4, 0x0B, 0x3A, + 0xF9, 0xE8, 0x43, 0x42, 0x1E, 0x89, 0xD8, 0x84, 0xCB, 0x13, 0xF1, + 0xD9, 0xBB, 0xE1, 0x89, 0x60, 0xB8, 0x8C, 0x28, 0x56, 0xAC, 0x14, + 0x1D, 0x9C, 0x0A, 0xE7, 0x71, 0xEB, 0xCF, 0x0E, 0xDD, 0x3D, 0xA9, + 0x96, 0xA1, 0x48, 0xBD, 0x3C, 0xF7, 0xAF, 0xB5, 0x0D, 0x22, 0x4C, + 0xC0, 0x11, 0x81, 0xEC, 0x56, 0x3B, 0xF6, 0xD3, 0xA2, 0xE2, 0x5B, + 0xB7, 0xB2, 0x04, 0x22, 0x52, 0x95, 0x80, 0x93, 0x69, 0xE8, 0x8E, + 0x4C, 0x65, 0xF1, 0x91, 0x03, 0x2D, 0x70, 0x74, 0x02, 0xEA, 0x8B, + 0x67, 0x15, 0x29, 0x69, 0x52, 0x02, 0xBB, 0xD7, 0xDF, 0x50, 0x6A, + 0x55, 0x46, 0xBF, 0xA0, 0xA3, 0x28, 0x61, 0x7F, 0x70, 0xD0, 0xC3, + 0xA2, 0xAA, 0x2C, 0x21, 0xAA, 0x47, 0xCE, 0x28, 0x9C, 0x06, 0x45, + 0x76, 0xBF, 0x82, 0x18, 0x27, 0xB4, 0xD5, 0xAE, 0xB4, 0xCB, 0x50, + 0xE6, 0x6B, 0xF4, 0x4C, 0x86, 0x71, 0x30, 0xE9, 0xA6, 0xDF, 0x16, + 0x86, 0xE0, 0xD8, 0xFF, 0x40, 0xDD, 0xFB, 0xD0, 0x42, 0x88, 0x7F, + 0xA3, 0x33, 0x3A, 0x2E, 0x5C, 0x1E, 0x41, 0x11, 0x81, 0x63, 0xCE, + 0x18, 0x71, 0x6B, 0x2B, 0xEC, 0xA6, 0x8A, 0xB7, 0x31, 0x5C, 0x3A, + 0x6A, 0x47, 0xE0, 0xC3, 0x79, 0x59, 0xD6, 0x20, 0x1A, 0xAF, 0xF2, + 0x6A, 0x98, 0xAA, 0x72, 0xBC, 0x57, 0x4A, 0xD2, 0x4B, 0x9D, 0xBB, + 0x10, 0xFC, 0xB0, 0x4C, 0x41, 0xE5, 0xED, 0x1D, 0x3D, 0x5E, 0x28, + 0x9D, 0x9C, 0xCC, 0xBF, 0xB3, 0x51, 0xDA, 0xA7, 0x47, 0xE5, 0x84, + 0x53, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x81, 0xF4, 0x30, 0x81, + 0xF1, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30, + 0x16, 0x80, 0x14, 0xAD, 0xBD, 0x98, 0x7A, 0x34, 0xB4, 0x26, 0xF7, + 0xFA, 0xC4, 0x26, 0x54, 0xEF, 0x03, 0xBD, 0xE0, 0x24, 0xCB, 0x54, + 0x1A, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, + 0x14, 0xBB, 0xAF, 0x7E, 0x02, 0x3D, 0xFA, 0xA6, 0xF1, 0x3C, 0x84, + 0x8E, 0xAD, 0xEE, 0x38, 0x98, 0xEC, 0xD9, 0x32, 0x32, 0xD4, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, + 0x03, 0x02, 0x01, 0x86, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 0x13, + 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, + 0x11, 0x06, 0x03, 0x55, 0x1D, 0x20, 0x04, 0x0A, 0x30, 0x08, 0x30, + 0x06, 0x06, 0x04, 0x55, 0x1D, 0x20, 0x00, 0x30, 0x44, 0x06, 0x03, + 0x55, 0x1D, 0x1F, 0x04, 0x3D, 0x30, 0x3B, 0x30, 0x39, 0xA0, 0x37, + 0xA0, 0x35, 0x86, 0x33, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, + 0x63, 0x72, 0x6C, 0x2E, 0x75, 0x73, 0x65, 0x72, 0x74, 0x72, 0x75, + 0x73, 0x74, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x41, 0x64, 0x64, 0x54, + 0x72, 0x75, 0x73, 0x74, 0x45, 0x78, 0x74, 0x65, 0x72, 0x6E, 0x61, + 0x6C, 0x43, 0x41, 0x52, 0x6F, 0x6F, 0x74, 0x2E, 0x63, 0x72, 0x6C, + 0x30, 0x35, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, + 0x01, 0x04, 0x29, 0x30, 0x27, 0x30, 0x25, 0x06, 0x08, 0x2B, 0x06, + 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x86, 0x19, 0x68, 0x74, 0x74, + 0x70, 0x3A, 0x2F, 0x2F, 0x6F, 0x63, 0x73, 0x70, 0x2E, 0x75, 0x73, + 0x65, 0x72, 0x74, 0x72, 0x75, 0x73, 0x74, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x01, 0x0C, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x64, 0xBF, + 0x83, 0xF1, 0x5F, 0x9A, 0x85, 0xD0, 0xCD, 0xB8, 0xA1, 0x29, 0x57, + 0x0D, 0xE8, 0x5A, 0xF7, 0xD1, 0xE9, 0x3E, 0xF2, 0x76, 0x04, 0x6E, + 0xF1, 0x52, 0x70, 0xBB, 0x1E, 0x3C, 0xFF, 0x4D, 0x0D, 0x74, 0x6A, + 0xCC, 0x81, 0x82, 0x25, 0xD3, 0xC3, 0xA0, 0x2A, 0x5D, 0x4C, 0xF5, + 0xBA, 0x8B, 0xA1, 0x6D, 0xC4, 0x54, 0x09, 0x75, 0xC7, 0xE3, 0x27, + 0x0E, 0x5D, 0x84, 0x79, 0x37, 0x40, 0x13, 0x77, 0xF5, 0xB4, 0xAC, + 0x1C, 0xD0, 0x3B, 0xAB, 0x17, 0x12, 0xD6, 0xEF, 0x34, 0x18, 0x7E, + 0x2B, 0xE9, 0x79, 0xD3, 0xAB, 0x57, 0x45, 0x0C, 0xAF, 0x28, 0xFA, + 0xD0, 0xDB, 0xE5, 0x50, 0x95, 0x88, 0xBB, 0xDF, 0x85, 0x57, 0x69, + 0x7D, 0x92, 0xD8, 0x52, 0xCA, 0x73, 0x81, 0xBF, 0x1C, 0xF3, 0xE6, + 0xB8, 0x6E, 0x66, 0x11, 0x05, 0xB3, 0x1E, 0x94, 0x2D, 0x7F, 0x91, + 0x95, 0x92, 0x59, 0xF1, 0x4C, 0xCE, 0xA3, 0x91, 0x71, 0x4C, 0x7C, + 0x47, 0x0C, 0x3B, 0x0B, 0x19, 0xF6, 0xA1, 0xB1, 0x6C, 0x86, 0x3E, + 0x5C, 0xAA, 0xC4, 0x2E, 0x82, 0xCB, 0xF9, 0x07, 0x96, 0xBA, 0x48, + 0x4D, 0x90, 0xF2, 0x94, 0xC8, 0xA9, 0x73, 0xA2, 0xEB, 0x06, 0x7B, + 0x23, 0x9D, 0xDE, 0xA2, 0xF3, 0x4D, 0x55, 0x9F, 0x7A, 0x61, 0x45, + 0x98, 0x18, 0x68, 0xC7, 0x5E, 0x40, 0x6B, 0x23, 0xF5, 0x79, 0x7A, + 0xEF, 0x8C, 0xB5, 0x6B, 0x8B, 0xB7, 0x6F, 0x46, 0xF4, 0x7B, 0xF1, + 0x3D, 0x4B, 0x04, 0xD8, 0x93, 0x80, 0x59, 0x5A, 0xE0, 0x41, 0x24, + 0x1D, 0xB2, 0x8F, 0x15, 0x60, 0x58, 0x47, 0xDB, 0xEF, 0x6E, 0x46, + 0xFD, 0x15, 0xF5, 0xD9, 0x5F, 0x9A, 0xB3, 0xDB, 0xD8, 0xB8, 0xE4, + 0x40, 0xB3, 0xCD, 0x97, 0x39, 0xAE, 0x85, 0xBB, 0x1D, 0x8E, 0xBC, + 0xDC, 0x87, 0x9B, 0xD1, 0xA6, 0xEF, 0xF1, 0x3B, 0x6F, 0x10, 0x38, + 0x6F, 0x16, 0x03, 0x03, 0x02, 0x0F, 0x0C, 0x00, 0x02, 0x0B, 0x00, + 0x80, 0xBB, 0xBC, 0x2D, 0xCA, 0xD8, 0x46, 0x74, 0x90, 0x7C, 0x43, + 0xFC, 0xF5, 0x80, 0xE9, 0xCF, 0xDB, 0xD9, 0x58, 0xA3, 0xF5, 0x68, + 0xB4, 0x2D, 0x4B, 0x08, 0xEE, 0xD4, 0xEB, 0x0F, 0xB3, 0x50, 0x4C, + 0x6C, 0x03, 0x02, 0x76, 0xE7, 0x10, 0x80, 0x0C, 0x5C, 0xCB, 0xBA, + 0xA8, 0x92, 0x26, 0x14, 0xC5, 0xBE, 0xEC, 0xA5, 0x65, 0xA5, 0xFD, + 0xF1, 0xD2, 0x87, 0xA2, 0xBC, 0x04, 0x9B, 0xE6, 0x77, 0x80, 0x60, + 0xE9, 0x1A, 0x92, 0xA7, 0x57, 0xE3, 0x04, 0x8F, 0x68, 0xB0, 0x76, + 0xF7, 0xD3, 0x6C, 0xC8, 0xF2, 0x9B, 0xA5, 0xDF, 0x81, 0xDC, 0x2C, + 0xA7, 0x25, 0xEC, 0xE6, 0x62, 0x70, 0xCC, 0x9A, 0x50, 0x35, 0xD8, + 0xCE, 0xCE, 0xEF, 0x9E, 0xA0, 0x27, 0x4A, 0x63, 0xAB, 0x1E, 0x58, + 0xFA, 0xFD, 0x49, 0x88, 0xD0, 0xF6, 0x5D, 0x14, 0x67, 0x57, 0xDA, + 0x07, 0x1D, 0xF0, 0x45, 0xCF, 0xE1, 0x6B, 0x9B, 0x00, 0x01, 0x02, + 0x00, 0x80, 0x55, 0xFB, 0xB6, 0x92, 0x5A, 0x0C, 0x93, 0x56, 0xE8, + 0x1C, 0xCD, 0x23, 0xFC, 0xB9, 0xBE, 0x98, 0x2D, 0x01, 0x4F, 0x35, + 0xCE, 0x37, 0xD0, 0xF8, 0xA0, 0x0C, 0x42, 0x3B, 0x27, 0x25, 0x10, + 0x04, 0x46, 0x02, 0x19, 0x1F, 0xDC, 0xDA, 0x08, 0x33, 0x42, 0x63, + 0x5F, 0x3C, 0x82, 0x1F, 0xFA, 0x46, 0x9E, 0x34, 0xCB, 0x30, 0xED, + 0x55, 0x11, 0xD7, 0x00, 0x0C, 0x76, 0x0A, 0x48, 0x0C, 0x1D, 0x7A, + 0x13, 0x3D, 0xC6, 0x41, 0xD5, 0x7B, 0xD5, 0x2A, 0xE0, 0xA3, 0xB5, + 0xAB, 0x0E, 0xBC, 0xD3, 0x17, 0x14, 0xFD, 0x21, 0x8C, 0x78, 0xB1, + 0x4D, 0xF2, 0x5A, 0x44, 0x89, 0x4E, 0x82, 0x3D, 0x8B, 0xAC, 0x5D, + 0x49, 0xB2, 0x19, 0x21, 0x67, 0xCA, 0x70, 0xC7, 0x8D, 0x35, 0x89, + 0xD1, 0x9D, 0x34, 0xD4, 0x7A, 0xAF, 0x1D, 0x9D, 0x86, 0x0F, 0xEF, + 0x5A, 0x4F, 0x9E, 0xDA, 0xF5, 0x02, 0x7E, 0x22, 0x67, 0x01, 0x01, + 0x01, 0x00, 0x7B, 0x59, 0x4A, 0x29, 0xF9, 0x9F, 0x53, 0x41, 0x8B, + 0xE6, 0x79, 0xE9, 0xF5, 0x73, 0x7C, 0xC8, 0xE9, 0x40, 0x1F, 0x39, + 0x08, 0x06, 0x84, 0x3D, 0x80, 0x6B, 0xF0, 0x0C, 0x54, 0xC2, 0x18, + 0xD6, 0xAD, 0x53, 0xFD, 0x7C, 0xB3, 0x8B, 0xCE, 0x70, 0x4F, 0xCF, + 0xFC, 0xEF, 0xC8, 0x2D, 0xE4, 0xD0, 0xC2, 0x7B, 0x80, 0x57, 0xA2, + 0x5F, 0x7F, 0x36, 0xB0, 0xBC, 0x16, 0xB7, 0xC1, 0xC2, 0x12, 0x96, + 0x94, 0x88, 0x9D, 0x68, 0xD3, 0xDF, 0xB1, 0x3C, 0xA0, 0x93, 0x3A, + 0x4D, 0x90, 0x66, 0x3F, 0xB0, 0x89, 0xE7, 0x21, 0x58, 0xF0, 0x39, + 0x8B, 0x83, 0x32, 0x93, 0xCB, 0xA9, 0x57, 0x2B, 0x0A, 0x02, 0x5E, + 0xF9, 0xE6, 0x10, 0x9A, 0x7F, 0x2A, 0x23, 0x3D, 0x5C, 0x3F, 0x38, + 0x3A, 0x40, 0x0C, 0x1B, 0x7C, 0x0D, 0x5D, 0x7C, 0xF1, 0xB2, 0x88, + 0x71, 0xA2, 0x57, 0x02, 0x94, 0x12, 0x45, 0x60, 0xEC, 0xC2, 0xB2, + 0xCB, 0x31, 0xF2, 0xF8, 0x1B, 0xDD, 0xEA, 0xF6, 0x40, 0xF6, 0x07, + 0xEA, 0xC2, 0x71, 0xA6, 0x07, 0xC8, 0x45, 0xE4, 0xE2, 0x1D, 0x49, + 0x53, 0x40, 0x5B, 0x57, 0x68, 0xA4, 0x81, 0x1C, 0xCB, 0x33, 0x95, + 0x12, 0x0F, 0x4D, 0xAD, 0x9B, 0x70, 0x53, 0xDC, 0x8B, 0xE6, 0x24, + 0x0D, 0x39, 0x83, 0x0E, 0x17, 0xFB, 0x13, 0xF2, 0x45, 0x2C, 0x52, + 0x44, 0xA3, 0x22, 0x0D, 0x32, 0xDD, 0x21, 0x05, 0x2B, 0xA1, 0xAC, + 0xC4, 0x84, 0xD7, 0x18, 0x2F, 0xA2, 0xB4, 0xF5, 0x4E, 0xED, 0x72, + 0x56, 0xB7, 0x87, 0x81, 0xF8, 0x51, 0x30, 0x01, 0xBE, 0x17, 0x31, + 0xEE, 0x21, 0xBA, 0x16, 0xAF, 0xEB, 0x0A, 0x54, 0x69, 0x84, 0xB3, + 0xDC, 0xCA, 0x04, 0xBB, 0x49, 0x84, 0x4C, 0x0F, 0xCE, 0x20, 0xE2, + 0x71, 0xF3, 0x43, 0x26, 0x1D, 0xA4, 0xAF, 0xAE, 0x3F, 0x9E, 0xA3, + 0x44, 0xDC, 0xAE, 0xB7, 0x5B, 0x16, 0x03, 0x03, 0x00, 0x04, 0x0E, + 0x00, 0x00, 0x00 + }; static void server(int sd) { @@ -748,9 +581,10 @@ static void client(int sd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+DHE-RSA:+AES-128-GCM", - NULL); + gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+DHE-RSA:+AES-128-GCM", + NULL); gnutls_handshake_set_timeout(session, get_timeout()); gnutls_server_name_set(session, GNUTLS_NAME_DNS, "localhost", strlen("localhost")); @@ -820,4 +654,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/client_dsa_key.c b/tests/client_dsa_key.c index f5e346ee42..95ea654dbb 100644 --- a/tests/client_dsa_key.c +++ b/tests/client_dsa_key.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -28,10 +28,10 @@ #include #include #if !defined(_WIN32) -# include -# include -# include -# include +#include +#include +#include +#include #endif #include #include @@ -67,9 +67,8 @@ void doit(void) assert(gnutls_certificate_allocate_credentials(&cli_cred) >= 0); - ret = - gnutls_certificate_set_x509_trust_mem(cli_cred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(cli_cred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); @@ -88,26 +87,23 @@ void doit(void) gnutls_certificate_set_verify_flags(serv_cred, GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1); - ret = - gnutls_certificate_set_x509_trust_mem(serv_cred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(serv_cred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); - ret = - gnutls_certificate_set_x509_key_mem(serv_cred, - &server_ca3_localhost_cert_chain, - &server_ca3_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + serv_cred, &server_ca3_localhost_cert_chain, &server_ca3_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in error code\n"); exit(1); } - test_cli_serv_cert(serv_cred, cli_cred, - "NORMAL:+DHE-DSS:+SIGN-DSA-SHA1", - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:-DHE-DSS:+SIGN-DSA-SHA1", - "localhost"); + test_cli_serv_cert( + serv_cred, cli_cred, "NORMAL:+DHE-DSS:+SIGN-DSA-SHA1", + "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:-DHE-DSS:+SIGN-DSA-SHA1", + "localhost"); gnutls_certificate_free_credentials(serv_cred); gnutls_certificate_free_credentials(cli_cred); diff --git a/tests/cmocka-common.h b/tests/cmocka-common.h index 8db0e43841..d89c54d0d0 100644 --- a/tests/cmocka-common.h +++ b/tests/cmocka-common.h @@ -1,13 +1,13 @@ #ifndef GNUTLS_TESTS_CMOCKA_COMMON_H -# define GNUTLS_TESTS_CMOCKA_COMMON_H +#define GNUTLS_TESTS_CMOCKA_COMMON_H -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include -# define USE_CMOCKA -# include "eagain-common.h" +#define USE_CMOCKA +#include "eagain-common.h" -#endif /* GNUTLS_TESTS_CMOCKA_COMMON_H */ +#endif /* GNUTLS_TESTS_CMOCKA_COMMON_H */ diff --git a/tests/common-cert-key-exchange.c b/tests/common-cert-key-exchange.c index 243cb12bfd..b0a30941a3 100644 --- a/tests/common-cert-key-exchange.c +++ b/tests/common-cert-key-exchange.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the various certificate key exchange methods supported @@ -50,10 +50,10 @@ static void tls_log_func(int level, const char *str) void try_with_key_fail(const char *name, const char *client_prio, int server_err, int client_err, - const gnutls_datum_t * serv_cert, - const gnutls_datum_t * serv_key, - const gnutls_datum_t * cli_cert, - const gnutls_datum_t * cli_key) + const gnutls_datum_t *serv_cert, + const gnutls_datum_t *serv_key, + const gnutls_datum_t *cli_cert, + const gnutls_datum_t *cli_key) { int ret; /* Server stuff. */ @@ -75,16 +75,15 @@ void try_with_key_fail(const char *name, const char *client_prio, /* Init server */ assert(gnutls_certificate_allocate_credentials(&serverx509cred) >= 0); - ret = gnutls_certificate_set_x509_key_mem(serverx509cred, - serv_cert, serv_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + serverx509cred, serv_cert, serv_key, GNUTLS_X509_FMT_PEM); if (ret < 0) fail("Could not set key/cert: %s\n", gnutls_strerror(ret)); assert(gnutls_init(&server, GNUTLS_SERVER) >= 0); if (server_priority) - assert(gnutls_priority_set_direct(server, server_priority, NULL) - >= 0); + assert(gnutls_priority_set_direct(server, server_priority, + NULL) >= 0); else assert(gnutls_priority_set_direct(server, client_prio, NULL) >= 0); @@ -102,9 +101,8 @@ void try_with_key_fail(const char *name, const char *client_prio, exit(1); if (cli_cert) { - gnutls_certificate_set_x509_key_mem(clientx509cred, - cli_cert, cli_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem( + clientx509cred, cli_cert, cli_key, GNUTLS_X509_FMT_PEM); gnutls_certificate_server_set_request(server, GNUTLS_CERT_REQUIRE); } @@ -141,11 +139,10 @@ void try_with_key_fail(const char *name, const char *client_prio, void try_with_rawpk_key_fail(const char *name, const char *client_prio, int server_err, int client_err, - const gnutls_datum_t * serv_cert, - const gnutls_datum_t * serv_key, - unsigned server_ku, - const gnutls_datum_t * cli_cert, - const gnutls_datum_t * cli_key, unsigned client_ku) + const gnutls_datum_t *serv_cert, + const gnutls_datum_t *serv_key, unsigned server_ku, + const gnutls_datum_t *cli_cert, + const gnutls_datum_t *cli_key, unsigned client_ku) { int ret; /* Server stuff. */ @@ -167,8 +164,8 @@ void try_with_rawpk_key_fail(const char *name, const char *client_prio, /* Init server */ gnutls_certificate_allocate_credentials(&server_cred); - ret = gnutls_certificate_set_rawpk_key_mem(server_cred, - serv_cert, serv_key, + ret = gnutls_certificate_set_rawpk_key_mem(server_cred, serv_cert, + serv_key, GNUTLS_X509_FMT_PEM, NULL, server_ku, NULL, 0, 0); if (ret < 0) @@ -176,8 +173,8 @@ void try_with_rawpk_key_fail(const char *name, const char *client_prio, assert(gnutls_init(&server, GNUTLS_SERVER | GNUTLS_ENABLE_RAWPK) >= 0); if (server_priority) - assert(gnutls_priority_set_direct(server, server_priority, NULL) - >= 0); + assert(gnutls_priority_set_direct(server, server_priority, + NULL) >= 0); else assert(gnutls_priority_set_direct(server, client_prio, NULL) >= 0); @@ -194,11 +191,9 @@ void try_with_rawpk_key_fail(const char *name, const char *client_prio, exit(1); if (cli_cert) { - ret = gnutls_certificate_set_rawpk_key_mem(client_cred, - cli_cert, cli_key, - GNUTLS_X509_FMT_PEM, - NULL, client_ku, - NULL, 0, 0); + ret = gnutls_certificate_set_rawpk_key_mem( + client_cred, cli_cert, cli_key, GNUTLS_X509_FMT_PEM, + NULL, client_ku, NULL, 0, 0); if (ret < 0) fail("Could not set key/cert: %s\n", gnutls_strerror(ret)); @@ -240,10 +235,10 @@ void try_with_key_ks(const char *name, const char *client_prio, gnutls_kx_algorithm_t client_kx, gnutls_sign_algorithm_t server_sign_algo, gnutls_sign_algorithm_t client_sign_algo, - const gnutls_datum_t * serv_cert, - const gnutls_datum_t * serv_key, - const gnutls_datum_t * client_cert, - const gnutls_datum_t * client_key, unsigned cert_flags, + const gnutls_datum_t *serv_cert, + const gnutls_datum_t *serv_key, + const gnutls_datum_t *client_cert, + const gnutls_datum_t *client_key, unsigned cert_flags, unsigned exp_group, gnutls_certificate_type_t server_ctype, gnutls_certificate_type_t client_ctype) { @@ -276,9 +271,8 @@ void try_with_key_ks(const char *name, const char *client_prio, // Set server crt creds based on ctype switch (server_ctype) { case GNUTLS_CRT_X509: - ret = gnutls_certificate_set_x509_key_mem(server_cred, - serv_cert, serv_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + server_cred, serv_cert, serv_key, GNUTLS_X509_FMT_PEM); break; case GNUTLS_CRT_RAWPK: ret = gnutls_certificate_set_rawpk_key_mem(server_cred, @@ -306,12 +300,13 @@ void try_with_key_ks(const char *name, const char *client_prio, 0); if (server_priority) - assert(gnutls_priority_set_direct(server, server_priority, NULL) - >= 0); - else - assert(gnutls_priority_set_direct(server, - "NORMAL:+VERS-SSL3.0:+ANON-ECDH:+ANON-DH:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519:+CTYPE-ALL", + assert(gnutls_priority_set_direct(server, server_priority, NULL) >= 0); + else + assert(gnutls_priority_set_direct( + server, + "NORMAL:+VERS-SSL3.0:+ANON-ECDH:+ANON-DH:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519:+CTYPE-ALL", + NULL) >= 0); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -325,18 +320,14 @@ void try_with_key_ks(const char *name, const char *client_prio, // Set client crt creds based on ctype switch (client_ctype) { case GNUTLS_CRT_X509: - gnutls_certificate_set_x509_key_mem(client_cred, - client_cert, - client_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem( + client_cred, client_cert, client_key, + GNUTLS_X509_FMT_PEM); break; case GNUTLS_CRT_RAWPK: - gnutls_certificate_set_rawpk_key_mem(client_cred, - client_cert, - client_key, - GNUTLS_X509_FMT_PEM, - NULL, 0, NULL, 0, - 0); + gnutls_certificate_set_rawpk_key_mem( + client_cred, client_cert, client_key, + GNUTLS_X509_FMT_PEM, NULL, 0, NULL, 0, 0); break; default: fail("Illegal client certificate type given\n"); @@ -362,8 +353,8 @@ void try_with_key_ks(const char *name, const char *client_prio, assert(gnutls_anon_allocate_client_credentials(&c_anoncred) >= 0); assert(gnutls_credentials_set(client, GNUTLS_CRD_ANON, c_anoncred) >= 0); - ret = - gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, client_cred); + ret = gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, + client_cred); if (ret < 0) exit(1); @@ -381,7 +372,9 @@ void try_with_key_ks(const char *name, const char *client_prio, HANDSHAKE(client, server); if (gnutls_kx_get(client) != client_kx) { - fail("%s: got unexpected key exchange algorithm: %s (expected %s)\n", name, gnutls_kx_get_name(gnutls_kx_get(client)), gnutls_kx_get_name(client_kx)); + fail("%s: got unexpected key exchange algorithm: %s (expected %s)\n", + name, gnutls_kx_get_name(gnutls_kx_get(client)), + gnutls_kx_get_name(client_kx)); exit(1); } @@ -390,25 +383,29 @@ void try_with_key_ks(const char *name, const char *client_prio, if (version >= GNUTLS_TLS1_2) { ret = gnutls_sign_algorithm_get(server); if (ret != (int)server_sign_algo) { - fail("%s: got unexpected server signature algorithm: %d/%s\n", name, ret, gnutls_sign_get_name(ret)); + fail("%s: got unexpected server signature algorithm: %d/%s\n", + name, ret, gnutls_sign_get_name(ret)); exit(1); } ret = gnutls_sign_algorithm_get_client(server); if (ret != (int)client_sign_algo) { - fail("%s: got unexpected client signature algorithm: %d/%s\n", name, ret, gnutls_sign_get_name(ret)); + fail("%s: got unexpected client signature algorithm: %d/%s\n", + name, ret, gnutls_sign_get_name(ret)); exit(1); } ret = gnutls_sign_algorithm_get(client); if (ret != (int)server_sign_algo) { - fail("%s: cl: got unexpected server signature algorithm: %d/%s\n", name, ret, gnutls_sign_get_name(ret)); + fail("%s: cl: got unexpected server signature algorithm: %d/%s\n", + name, ret, gnutls_sign_get_name(ret)); exit(1); } ret = gnutls_sign_algorithm_get_client(client); if (ret != (int)client_sign_algo) { - fail("%s: cl: got unexpected client signature algorithm: %d/%s\n", name, ret, gnutls_sign_get_name(ret)); + fail("%s: cl: got unexpected client signature algorithm: %d/%s\n", + name, ret, gnutls_sign_get_name(ret)); exit(1); } } @@ -461,10 +458,10 @@ void dtls_try_with_key_mtu(const char *name, const char *client_prio, gnutls_kx_algorithm_t client_kx, gnutls_sign_algorithm_t server_sign_algo, gnutls_sign_algorithm_t client_sign_algo, - const gnutls_datum_t * serv_cert, - const gnutls_datum_t * serv_key, - const gnutls_datum_t * client_cert, - const gnutls_datum_t * client_key, + const gnutls_datum_t *serv_cert, + const gnutls_datum_t *serv_key, + const gnutls_datum_t *client_cert, + const gnutls_datum_t *client_key, unsigned cert_flags, unsigned smtu) { int ret; @@ -492,9 +489,8 @@ void dtls_try_with_key_mtu(const char *name, const char *client_prio, gnutls_anon_allocate_server_credentials(&s_anoncred); gnutls_certificate_allocate_credentials(&serverx509cred); - ret = gnutls_certificate_set_x509_key_mem(serverx509cred, - serv_cert, serv_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + serverx509cred, serv_cert, serv_key, GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("Could not set key/cert: %s\n", gnutls_strerror(ret)); } @@ -504,17 +500,17 @@ void dtls_try_with_key_mtu(const char *name, const char *client_prio, gnutls_certificate_set_dh_params(serverx509cred, dh_params); gnutls_anon_set_server_dh_params(s_anoncred, dh_params); - assert(gnutls_init - (&server, - GNUTLS_SERVER | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK) >= 0); - assert(gnutls_credentials_set - (server, GNUTLS_CRD_CERTIFICATE, serverx509cred) >= 0); + assert(gnutls_init(&server, GNUTLS_SERVER | GNUTLS_DATAGRAM | + GNUTLS_NONBLOCK) >= 0); + assert(gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, + serverx509cred) >= 0); assert(gnutls_credentials_set(server, GNUTLS_CRD_ANON, s_anoncred) >= 0); - assert(gnutls_priority_set_direct(server, - "NORMAL:+ANON-ECDH:+ANON-DH:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519", - NULL) >= 0); + assert(gnutls_priority_set_direct( + server, + "NORMAL:+ANON-ECDH:+ANON-DH:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519", + NULL) >= 0); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_pull_timeout_function(server, @@ -552,18 +548,16 @@ void dtls_try_with_key_mtu(const char *name, const char *client_prio, exit(1); #endif - ret = - gnutls_init(&client, - GNUTLS_CLIENT | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK); + ret = gnutls_init(&client, + GNUTLS_CLIENT | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK); if (ret < 0) exit(1); assert(gnutls_anon_allocate_client_credentials(&c_anoncred) >= 0); assert(gnutls_credentials_set(client, GNUTLS_CRD_ANON, c_anoncred) >= 0); - ret = - gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, - clientx509cred); + ret = gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, + clientx509cred); if (ret < 0) exit(1); @@ -584,7 +578,9 @@ void dtls_try_with_key_mtu(const char *name, const char *client_prio, HANDSHAKE_DTLS(client, server); if (gnutls_kx_get(client) != client_kx) { - fail("%s: got unexpected key exchange algorithm: %s (expected %s)\n", name, gnutls_kx_get_name(gnutls_kx_get(client)), gnutls_kx_get_name(client_kx)); + fail("%s: got unexpected key exchange algorithm: %s (expected %s)\n", + name, gnutls_kx_get_name(gnutls_kx_get(client)), + gnutls_kx_get_name(client_kx)); exit(1); } @@ -593,25 +589,29 @@ void dtls_try_with_key_mtu(const char *name, const char *client_prio, if (version >= GNUTLS_DTLS1_2) { ret = gnutls_sign_algorithm_get(server); if (ret != (int)server_sign_algo) { - fail("%s: got unexpected server signature algorithm: %d/%s\n", name, ret, gnutls_sign_get_name(ret)); + fail("%s: got unexpected server signature algorithm: %d/%s\n", + name, ret, gnutls_sign_get_name(ret)); exit(1); } ret = gnutls_sign_algorithm_get_client(server); if (ret != (int)client_sign_algo) { - fail("%s: got unexpected client signature algorithm: %d/%s\n", name, ret, gnutls_sign_get_name(ret)); + fail("%s: got unexpected client signature algorithm: %d/%s\n", + name, ret, gnutls_sign_get_name(ret)); exit(1); } ret = gnutls_sign_algorithm_get(client); if (ret != (int)server_sign_algo) { - fail("%s: cl: got unexpected server signature algorithm: %d/%s\n", name, ret, gnutls_sign_get_name(ret)); + fail("%s: cl: got unexpected server signature algorithm: %d/%s\n", + name, ret, gnutls_sign_get_name(ret)); exit(1); } ret = gnutls_sign_algorithm_get_client(client); if (ret != (int)client_sign_algo) { - fail("%s: cl: got unexpected client signature algorithm: %d/%s\n", name, ret, gnutls_sign_get_name(ret)); + fail("%s: cl: got unexpected client signature algorithm: %d/%s\n", + name, ret, gnutls_sign_get_name(ret)); exit(1); } } diff --git a/tests/common-cert-key-exchange.h b/tests/common-cert-key-exchange.h index 819ce39d38..18508e3965 100644 --- a/tests/common-cert-key-exchange.h +++ b/tests/common-cert-key-exchange.h @@ -20,70 +20,81 @@ */ #ifndef GNUTLS_TESTS_COMMON_CERT_KEY_EXCHANGE_H -# define GNUTLS_TESTS_COMMON_CERT_KEY_EXCHANGE_H +#define GNUTLS_TESTS_COMMON_CERT_KEY_EXCHANGE_H -# ifdef HAVE_CONFIG_H -# include -# endif +#ifdef HAVE_CONFIG_H +#include +#endif -# include +#include -# define USE_CERT 1 -# define ASK_CERT 2 +#define USE_CERT 1 +#define ASK_CERT 2 extern const char *server_priority; -# define try_x509(name, client_prio, client_kx, server_sign_algo, client_sign_algo) \ - try_with_key(name, client_prio, client_kx, server_sign_algo, client_sign_algo, \ - &server_ca3_localhost_cert, &server_ca3_key, NULL, NULL, 0, GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN) - -# define try_rawpk(name, client_prio, client_kx, server_sign_algo, client_sign_algo) \ - try_with_key(name, client_prio, client_kx, server_sign_algo, client_sign_algo, \ - &rawpk_public_key1, &rawpk_private_key1, NULL, NULL, 0, GNUTLS_CRT_RAWPK, GNUTLS_CRT_UNKNOWN) - -# define try_x509_ks(name, client_prio, client_kx, group) \ - try_with_key_ks(name, client_prio, client_kx, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, GNUTLS_SIGN_UNKNOWN, \ - &server_ca3_localhost_cert, &server_ca3_key, NULL, NULL, 0, group, GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN) - -# define try_x509_cli(name, client_prio, client_kx, server_sign_algo, client_sign_algo, client_cert) \ - try_with_key(name, client_prio, client_kx, server_sign_algo, client_sign_algo, \ - &server_ca3_localhost_cert, &server_ca3_key, &cli_ca3_cert, &cli_ca3_key, client_cert, GNUTLS_CRT_X509, GNUTLS_CRT_X509) - -# define try_rawpk_cli(name, client_prio, client_kx, server_sign_algo, client_sign_algo, client_cert) \ - try_with_key(name, client_prio, client_kx, server_sign_algo, client_sign_algo, \ - &rawpk_public_key1, &rawpk_private_key1, &rawpk_public_key2, &rawpk_private_key2, client_cert, GNUTLS_CRT_RAWPK, GNUTLS_CRT_RAWPK) +#define try_x509(name, client_prio, client_kx, server_sign_algo, \ + client_sign_algo) \ + try_with_key(name, client_prio, client_kx, server_sign_algo, \ + client_sign_algo, &server_ca3_localhost_cert, \ + &server_ca3_key, NULL, NULL, 0, GNUTLS_CRT_X509, \ + GNUTLS_CRT_UNKNOWN) + +#define try_rawpk(name, client_prio, client_kx, server_sign_algo, \ + client_sign_algo) \ + try_with_key(name, client_prio, client_kx, server_sign_algo, \ + client_sign_algo, &rawpk_public_key1, \ + &rawpk_private_key1, NULL, NULL, 0, GNUTLS_CRT_RAWPK, \ + GNUTLS_CRT_UNKNOWN) + +#define try_x509_ks(name, client_prio, client_kx, group) \ + try_with_key_ks(name, client_prio, client_kx, \ + GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, GNUTLS_SIGN_UNKNOWN, \ + &server_ca3_localhost_cert, &server_ca3_key, NULL, \ + NULL, 0, group, GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN) + +#define try_x509_cli(name, client_prio, client_kx, server_sign_algo, \ + client_sign_algo, client_cert) \ + try_with_key(name, client_prio, client_kx, server_sign_algo, \ + client_sign_algo, &server_ca3_localhost_cert, \ + &server_ca3_key, &cli_ca3_cert, &cli_ca3_key, \ + client_cert, GNUTLS_CRT_X509, GNUTLS_CRT_X509) + +#define try_rawpk_cli(name, client_prio, client_kx, server_sign_algo, \ + client_sign_algo, client_cert) \ + try_with_key(name, client_prio, client_kx, server_sign_algo, \ + client_sign_algo, &rawpk_public_key1, \ + &rawpk_private_key1, &rawpk_public_key2, \ + &rawpk_private_key2, client_cert, GNUTLS_CRT_RAWPK, \ + GNUTLS_CRT_RAWPK) void try_with_rawpk_key_fail(const char *name, const char *client_prio, int server_err, int client_err, - const gnutls_datum_t * serv_cert, - const gnutls_datum_t * serv_key, - unsigned server_ku, - const gnutls_datum_t * cli_cert, - const gnutls_datum_t * cli_key, - unsigned client_ku); + const gnutls_datum_t *serv_cert, + const gnutls_datum_t *serv_key, unsigned server_ku, + const gnutls_datum_t *cli_cert, + const gnutls_datum_t *cli_key, unsigned client_ku); void try_with_key_ks(const char *name, const char *client_prio, gnutls_kx_algorithm_t client_kx, gnutls_sign_algorithm_t server_sign_algo, gnutls_sign_algorithm_t client_sign_algo, - const gnutls_datum_t * serv_cert, - const gnutls_datum_t * serv_key, - const gnutls_datum_t * cli_cert, - const gnutls_datum_t * cli_key, unsigned client_cert, + const gnutls_datum_t *serv_cert, + const gnutls_datum_t *serv_key, + const gnutls_datum_t *cli_cert, + const gnutls_datum_t *cli_key, unsigned client_cert, unsigned exp_group, gnutls_certificate_type_t server_ctype, gnutls_certificate_type_t client_ctype); -inline static -void try_with_key(const char *name, const char *client_prio, - gnutls_kx_algorithm_t client_kx, - gnutls_sign_algorithm_t server_sign_algo, - gnutls_sign_algorithm_t client_sign_algo, - const gnutls_datum_t * serv_cert, - const gnutls_datum_t * serv_key, - const gnutls_datum_t * cli_cert, - const gnutls_datum_t * cli_key, unsigned client_cert, - gnutls_certificate_type_t server_ctype, - gnutls_certificate_type_t client_ctype) +inline static void +try_with_key(const char *name, const char *client_prio, + gnutls_kx_algorithm_t client_kx, + gnutls_sign_algorithm_t server_sign_algo, + gnutls_sign_algorithm_t client_sign_algo, + const gnutls_datum_t *serv_cert, const gnutls_datum_t *serv_key, + const gnutls_datum_t *cli_cert, const gnutls_datum_t *cli_key, + unsigned client_cert, gnutls_certificate_type_t server_ctype, + gnutls_certificate_type_t client_ctype) { return try_with_key_ks(name, client_prio, client_kx, server_sign_algo, client_sign_algo, serv_cert, serv_key, cli_cert, @@ -93,30 +104,39 @@ void try_with_key(const char *name, const char *client_prio, void try_with_key_fail(const char *name, const char *client_prio, int server_err, int client_err, - const gnutls_datum_t * serv_cert, - const gnutls_datum_t * serv_key, - const gnutls_datum_t * cli_cert, - const gnutls_datum_t * cli_key); - -# define dtls_try(name, client_prio, client_kx, server_sign_algo, client_sign_algo) \ - dtls_try_with_key(name, client_prio, client_kx, server_sign_algo, client_sign_algo, \ - &server_ca3_localhost_cert, &server_ca3_key, NULL, NULL, 0) - -# define dtls_try_cli(name, client_prio, client_kx, server_sign_algo, client_sign_algo, client_cert) \ - dtls_try_with_key(name, client_prio, client_kx, server_sign_algo, client_sign_algo, \ - &server_ca3_localhost_cert, &server_ca3_key, &cli_ca3_cert, &cli_ca3_key, client_cert) - -# define dtls_try_with_key(name, client_prio, client_kx, server_sign_algo, client_sign_algo, serv_cert, serv_key, cli_cert, cli_key, client_cert) \ - dtls_try_with_key_mtu(name, client_prio, client_kx, server_sign_algo, client_sign_algo, serv_cert, serv_key, cli_cert, cli_key, client_cert, 0) + const gnutls_datum_t *serv_cert, + const gnutls_datum_t *serv_key, + const gnutls_datum_t *cli_cert, + const gnutls_datum_t *cli_key); + +#define dtls_try(name, client_prio, client_kx, server_sign_algo, \ + client_sign_algo) \ + dtls_try_with_key(name, client_prio, client_kx, server_sign_algo, \ + client_sign_algo, &server_ca3_localhost_cert, \ + &server_ca3_key, NULL, NULL, 0) + +#define dtls_try_cli(name, client_prio, client_kx, server_sign_algo, \ + client_sign_algo, client_cert) \ + dtls_try_with_key(name, client_prio, client_kx, server_sign_algo, \ + client_sign_algo, &server_ca3_localhost_cert, \ + &server_ca3_key, &cli_ca3_cert, &cli_ca3_key, \ + client_cert) + +#define dtls_try_with_key(name, client_prio, client_kx, server_sign_algo, \ + client_sign_algo, serv_cert, serv_key, cli_cert, \ + cli_key, client_cert) \ + dtls_try_with_key_mtu(name, client_prio, client_kx, server_sign_algo, \ + client_sign_algo, serv_cert, serv_key, cli_cert, \ + cli_key, client_cert, 0) void dtls_try_with_key_mtu(const char *name, const char *client_prio, gnutls_kx_algorithm_t client_kx, gnutls_sign_algorithm_t server_sign_algo, gnutls_sign_algorithm_t client_sign_algo, - const gnutls_datum_t * serv_cert, - const gnutls_datum_t * serv_key, - const gnutls_datum_t * cli_cert, - const gnutls_datum_t * cli_key, unsigned client_cert, + const gnutls_datum_t *serv_cert, + const gnutls_datum_t *serv_key, + const gnutls_datum_t *cli_cert, + const gnutls_datum_t *cli_key, unsigned client_cert, unsigned mtu); -#endif /* GNUTLS_TESTS_COMMON_CERT_KEY_EXCHANGE_H */ +#endif /* GNUTLS_TESTS_COMMON_CERT_KEY_EXCHANGE_H */ diff --git a/tests/common-key-tests.h b/tests/common-key-tests.h index 6da9ea66bd..b36177bce5 100644 --- a/tests/common-key-tests.h +++ b/tests/common-key-tests.h @@ -20,11 +20,11 @@ */ #ifndef GNUTLS_TESTS_COMMON_KEY_TESTS_H -# define GNUTLS_TESTS_COMMON_KEY_TESTS_H +#define GNUTLS_TESTS_COMMON_KEY_TESTS_H -# include "cert-common.h" +#include "cert-common.h" -# include +#include struct _key_tests_st { const char *name; @@ -37,60 +37,54 @@ struct _key_tests_st { unsigned sign_flags; }; -static const -struct _key_tests_st common_key_tests[] = { - { - .name = "rsa key", - .cert = {(void *)cli_ca3_cert_pem, sizeof(cli_ca3_cert_pem) - 1}, - .key = {(void *)cli_ca3_key_pem, sizeof(cli_ca3_key_pem) - 1}, - .pk = GNUTLS_PK_RSA, - .digest = GNUTLS_DIG_SHA256, - .sigalgo = GNUTLS_SIGN_RSA_SHA256}, - { - .name = "dsa key", - .key = {(void *)clidsa_ca3_key_pem, sizeof(clidsa_ca3_key_pem) - 1}, - .cert = {(void *)clidsa_ca3_cert_pem, sizeof(clidsa_ca3_cert_pem) - 1}, - .pk = GNUTLS_PK_DSA, - .digest = GNUTLS_DIG_SHA1, - .sigalgo = GNUTLS_SIGN_DSA_SHA1}, - { - .name = "ecdsa key", - .key = - {(void *)server_ca3_ecc_key_pem, sizeof(server_ca3_ecc_key_pem) - 1}, - .cert = {(void *)server_localhost_ca3_ecc_cert_pem, - sizeof(server_localhost_ca3_ecc_cert_pem) - 1}, - .pk = GNUTLS_PK_ECDSA, - .digest = GNUTLS_DIG_SHA256, - .sigalgo = GNUTLS_SIGN_ECDSA_SHA256}, - { - .name = "ecdsa key", - .key = - {(void *)server_ca3_ecc_key_pem, sizeof(server_ca3_ecc_key_pem) - 1}, - .cert = {(void *)server_localhost_ca3_ecc_cert_pem, - sizeof(server_localhost_ca3_ecc_cert_pem) - 1}, - .pk = GNUTLS_PK_ECDSA, - .digest = GNUTLS_DIG_SHA256, - .sigalgo = GNUTLS_SIGN_ECDSA_SECP256R1_SHA256}, - { - .name = "rsa pss key", - .key = {(void *)server_ca3_rsa_pss_key_pem, - sizeof(server_ca3_rsa_pss_key_pem) - 1}, - .cert = {(void *)server_ca3_rsa_pss_cert_pem, - sizeof(server_ca3_rsa_pss_cert_pem) - 1}, - .pk = GNUTLS_PK_RSA_PSS, - .digest = GNUTLS_DIG_SHA256, - .sign_flags = GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS, - .sigalgo = GNUTLS_SIGN_RSA_PSS_SHA256}, - { - .name = "eddsa key", - .key = {(void *)server_ca3_eddsa_key_pem, - sizeof(server_ca3_eddsa_key_pem) - 1}, - .cert = {(void *)server_ca3_eddsa_cert_pem, - sizeof(server_ca3_eddsa_cert_pem) - 1}, - .pk = GNUTLS_PK_EDDSA_ED25519, - .digest = GNUTLS_DIG_SHA512, - .sigalgo = GNUTLS_SIGN_EDDSA_ED25519, - .data_only = 1} +static const struct _key_tests_st common_key_tests[] = { + { .name = "rsa key", + .cert = { (void *)cli_ca3_cert_pem, sizeof(cli_ca3_cert_pem) - 1 }, + .key = { (void *)cli_ca3_key_pem, sizeof(cli_ca3_key_pem) - 1 }, + .pk = GNUTLS_PK_RSA, + .digest = GNUTLS_DIG_SHA256, + .sigalgo = GNUTLS_SIGN_RSA_SHA256 }, + { .name = "dsa key", + .key = { (void *)clidsa_ca3_key_pem, sizeof(clidsa_ca3_key_pem) - 1 }, + .cert = { (void *)clidsa_ca3_cert_pem, + sizeof(clidsa_ca3_cert_pem) - 1 }, + .pk = GNUTLS_PK_DSA, + .digest = GNUTLS_DIG_SHA1, + .sigalgo = GNUTLS_SIGN_DSA_SHA1 }, + { .name = "ecdsa key", + .key = { (void *)server_ca3_ecc_key_pem, + sizeof(server_ca3_ecc_key_pem) - 1 }, + .cert = { (void *)server_localhost_ca3_ecc_cert_pem, + sizeof(server_localhost_ca3_ecc_cert_pem) - 1 }, + .pk = GNUTLS_PK_ECDSA, + .digest = GNUTLS_DIG_SHA256, + .sigalgo = GNUTLS_SIGN_ECDSA_SHA256 }, + { .name = "ecdsa key", + .key = { (void *)server_ca3_ecc_key_pem, + sizeof(server_ca3_ecc_key_pem) - 1 }, + .cert = { (void *)server_localhost_ca3_ecc_cert_pem, + sizeof(server_localhost_ca3_ecc_cert_pem) - 1 }, + .pk = GNUTLS_PK_ECDSA, + .digest = GNUTLS_DIG_SHA256, + .sigalgo = GNUTLS_SIGN_ECDSA_SECP256R1_SHA256 }, + { .name = "rsa pss key", + .key = { (void *)server_ca3_rsa_pss_key_pem, + sizeof(server_ca3_rsa_pss_key_pem) - 1 }, + .cert = { (void *)server_ca3_rsa_pss_cert_pem, + sizeof(server_ca3_rsa_pss_cert_pem) - 1 }, + .pk = GNUTLS_PK_RSA_PSS, + .digest = GNUTLS_DIG_SHA256, + .sign_flags = GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS, + .sigalgo = GNUTLS_SIGN_RSA_PSS_SHA256 }, + { .name = "eddsa key", + .key = { (void *)server_ca3_eddsa_key_pem, + sizeof(server_ca3_eddsa_key_pem) - 1 }, + .cert = { (void *)server_ca3_eddsa_cert_pem, + sizeof(server_ca3_eddsa_cert_pem) - 1 }, + .pk = GNUTLS_PK_EDDSA_ED25519, + .digest = GNUTLS_DIG_SHA512, + .sigalgo = GNUTLS_SIGN_EDDSA_ED25519, + .data_only = 1 } }; -#endif /* GNUTLS_TESTS_COMMON_KEY_TESTS_H */ +#endif /* GNUTLS_TESTS_COMMON_KEY_TESTS_H */ diff --git a/tests/conv-utf8.c b/tests/conv-utf8.c index bee84fea89..9edae83b16 100644 --- a/tests/conv-utf8.c +++ b/tests/conv-utf8.c @@ -33,11 +33,11 @@ #include -int _gnutls_utf8_to_ucs2(const void *data, size_t size, - gnutls_datum_t * output, unsigned be); +int _gnutls_utf8_to_ucs2(const void *data, size_t size, gnutls_datum_t *output, + unsigned be); -int _gnutls_ucs2_to_utf8(const void *data, size_t size, - gnutls_datum_t * output, unsigned be); +int _gnutls_ucs2_to_utf8(const void *data, size_t size, gnutls_datum_t *output, + unsigned be); #define DEBUG @@ -52,65 +52,75 @@ static void PRINT(const char *str, unsigned char *val, unsigned int size) printf("\n"); } #else -# define PRINT(x, y, x) +#define PRINT(x, y, x) #endif -#define UTF8_MATCH(fname, utf8, utf16) \ -static void fname(void **glob_state) \ -{ \ - gnutls_datum_t out; \ - int ret = _gnutls_utf8_to_ucs2(utf8, strlen(utf8), &out, 1); \ - assert_int_equal(ret, 0); \ - if (out.size != sizeof(utf16)-1 || memcmp(utf16, out.data, out.size) != 0) { PRINT("got: ", out.data, out.size); \ - PRINT("expected: ", (unsigned char*)utf16, sizeof(utf16)-1); } \ - assert_int_equal(out.size, sizeof(utf16)-1); \ - assert_memory_equal(utf16, out.data, out.size); \ - gnutls_free(out.data); \ -} +#define UTF8_MATCH(fname, utf8, utf16) \ + static void fname(void **glob_state) \ + { \ + gnutls_datum_t out; \ + int ret = _gnutls_utf8_to_ucs2(utf8, strlen(utf8), &out, 1); \ + assert_int_equal(ret, 0); \ + if (out.size != sizeof(utf16) - 1 || \ + memcmp(utf16, out.data, out.size) != 0) { \ + PRINT("got: ", out.data, out.size); \ + PRINT("expected: ", (unsigned char *)utf16, \ + sizeof(utf16) - 1); \ + } \ + assert_int_equal(out.size, sizeof(utf16) - 1); \ + assert_memory_equal(utf16, out.data, out.size); \ + gnutls_free(out.data); \ + } -#define UTF16_MATCH(fname, utf8, utf16) \ -static void fname(void **glob_state) \ -{ \ - gnutls_datum_t out; \ - int ret = _gnutls_ucs2_to_utf8(utf16, sizeof(utf16)-1, &out, 1); \ - assert_int_equal(ret, 0); \ - if (out.size != strlen(utf8) || memcmp(utf8, out.data, out.size) != 0) { PRINT("got: ", out.data, out.size); \ - PRINT("expected: ", (unsigned char*)utf8, strlen(utf8)); } \ - assert_int_equal(out.size, strlen(utf8)); \ - assert_memory_equal(utf8, out.data, out.size); \ - gnutls_free(out.data); \ -} +#define UTF16_MATCH(fname, utf8, utf16) \ + static void fname(void **glob_state) \ + { \ + gnutls_datum_t out; \ + int ret = _gnutls_ucs2_to_utf8(utf16, sizeof(utf16) - 1, &out, \ + 1); \ + assert_int_equal(ret, 0); \ + if (out.size != strlen(utf8) || \ + memcmp(utf8, out.data, out.size) != 0) { \ + PRINT("got: ", out.data, out.size); \ + PRINT("expected: ", (unsigned char *)utf8, \ + strlen(utf8)); \ + } \ + assert_int_equal(out.size, strlen(utf8)); \ + assert_memory_equal(utf8, out.data, out.size); \ + gnutls_free(out.data); \ + } -#define UTF8_FAIL(fname, utf8, utf8_size) \ -static void fname(void **glob_state) \ -{ \ - gnutls_datum_t out; \ - int ret = _gnutls_utf8_to_ucs2(utf8, utf8_size, &out, 1); \ - assert_int_not_equal(ret, 0); \ -} +#define UTF8_FAIL(fname, utf8, utf8_size) \ + static void fname(void **glob_state) \ + { \ + gnutls_datum_t out; \ + int ret = _gnutls_utf8_to_ucs2(utf8, utf8_size, &out, 1); \ + assert_int_not_equal(ret, 0); \ + } -#define UTF16_FAIL(fname, utf16, utf16_size) \ -static void fname(void **glob_state) \ -{ \ - gnutls_datum_t out; \ - int ret = _gnutls_ucs2_to_utf8(utf16, utf16_size, &out, 1); \ - assert_int_not_equal(ret, 0); \ -} +#define UTF16_FAIL(fname, utf16, utf16_size) \ + static void fname(void **glob_state) \ + { \ + gnutls_datum_t out; \ + int ret = _gnutls_ucs2_to_utf8(utf16, utf16_size, &out, 1); \ + assert_int_not_equal(ret, 0); \ + } UTF8_MATCH(check_utf8_ok1, "abcd", "\x00\x61\x00\x62\x00\x63\x00\x64"); UTF8_MATCH(check_utf8_ok2, "ユーザー別サイト", "\x30\xE6\x30\xFC\x30\xB6\x30\xFC\x52\x25\x30\xB5\x30\xA4\x30\xC8"); UTF8_MATCH(check_utf8_ok3, "简体中文", "\x7B\x80\x4F\x53\x4E\x2D\x65\x87"); -UTF8_MATCH(check_utf8_ok4, "Σὲ γνωρίζω ἀπὸ", - "\x03\xA3\x1F\x72\x00\x20\x03\xB3\x03\xBD\x03\xC9\x03\xC1\x03\xAF\x03\xB6\x03\xC9\x00\x20\x1F\x00\x03\xC0\x1F\x78"); +UTF8_MATCH( + check_utf8_ok4, "Σὲ γνωρίζω ἀπὸ", + "\x03\xA3\x1F\x72\x00\x20\x03\xB3\x03\xBD\x03\xC9\x03\xC1\x03\xAF\x03\xB6\x03\xC9\x00\x20\x1F\x00\x03\xC0\x1F\x78"); UTF16_MATCH(check_utf16_ok1, "abcd", "\x00\x61\x00\x62\x00\x63\x00\x64"); UTF16_MATCH(check_utf16_ok2, "ユーザー別サイト", "\x30\xE6\x30\xFC\x30\xB6\x30\xFC\x52\x25\x30\xB5\x30\xA4\x30\xC8"); -UTF16_MATCH(check_utf16_ok3, "简体中文", - "\x7B\x80\x4F\x53\x4E\x2D\x65\x87"); -UTF16_MATCH(check_utf16_ok4, "Σὲ γνωρίζω ἀπὸ", - "\x03\xA3\x1F\x72\x00\x20\x03\xB3\x03\xBD\x03\xC9\x03\xC1\x03\xAF\x03\xB6\x03\xC9\x00\x20\x1F\x00\x03\xC0\x1F\x78"); +UTF16_MATCH(check_utf16_ok3, "简体中文", "\x7B\x80\x4F\x53\x4E\x2D\x65\x87"); +UTF16_MATCH( + check_utf16_ok4, "Σὲ γνωρίζω ἀπὸ", + "\x03\xA3\x1F\x72\x00\x20\x03\xB3\x03\xBD\x03\xC9\x03\xC1\x03\xAF\x03\xB6\x03\xC9\x00\x20\x1F\x00\x03\xC0\x1F\x78"); UTF8_FAIL(check_utf8_fail1, "\xfe\xff\xaa\x80\xff", 5); UTF8_FAIL(check_utf8_fail2, "\x64\x00\x62\xf3\x64\x65", 6); @@ -118,18 +128,16 @@ UTF16_FAIL(check_utf16_fail1, "\xd8\x00\xdb\xff\x00\x63\x00\x04", 8); int main(void) { - const struct CMUnitTest tests[] = { - cmocka_unit_test(check_utf8_fail1), - cmocka_unit_test(check_utf8_fail2), - cmocka_unit_test(check_utf16_fail1), - cmocka_unit_test(check_utf8_ok1), - cmocka_unit_test(check_utf8_ok2), - cmocka_unit_test(check_utf8_ok3), - cmocka_unit_test(check_utf8_ok4), - cmocka_unit_test(check_utf16_ok1), - cmocka_unit_test(check_utf16_ok2), - cmocka_unit_test(check_utf16_ok3), - cmocka_unit_test(check_utf16_ok4) - }; + const struct CMUnitTest tests[] = { cmocka_unit_test(check_utf8_fail1), + cmocka_unit_test(check_utf8_fail2), + cmocka_unit_test(check_utf16_fail1), + cmocka_unit_test(check_utf8_ok1), + cmocka_unit_test(check_utf8_ok2), + cmocka_unit_test(check_utf8_ok3), + cmocka_unit_test(check_utf8_ok4), + cmocka_unit_test(check_utf16_ok1), + cmocka_unit_test(check_utf16_ok2), + cmocka_unit_test(check_utf16_ok3), + cmocka_unit_test(check_utf16_ok4) }; return cmocka_run_group_tests(tests, NULL, NULL); } diff --git a/tests/crl-basic.c b/tests/crl-basic.c index 1369dbebdb..3002411d83 100644 --- a/tests/crl-basic.c +++ b/tests/crl-basic.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,51 +33,54 @@ #include "utils.h" static const char simple1[] = -/* CRL */ - "-----BEGIN X509 CRL-----\n" - "MIIBmjCBgwIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0wGA8yMDE0\n" - "MDkxMzA5MDUyM1oYDzIwMTUwOTEzMDkwNTIzWjAAoDowODAfBgNVHSMEGDAWgBTx\n" - "Fcb1FYLbhH9yuqg4wlVJUZnYKTAVBgNVHRQEDgIMVBQI0zeJoFHkLaWNMA0GCSqG\n" - "SIb3DQEBCwUAA4IBAQB6SGYePy1MBmtELyWdnlJHlQ4bBgb4vjuLDSfH0X6b4dAS\n" - "MEZws8iA5SaJFIioIP41s3lfQ1Am7GjSoNccHdrLmEcUSTQLwLYaDL8SgxekP5Au\n" - "w8HTu1cz/mnjBBDURq1RvyGNFm6MXf1Rg/bHSea/EpDkn8KY152BT1/46iQ+Uho6\n" - "hz6UUWsTB4Lj25X8F2hlKwQcb3E63Or2XEPBw4rhaCDFAtSZeBaGUUSJ8CLUKXZf\n" - "5b45MjiZ/osgd81tfn3wdQVjDnaQwNtjeRbK+qU0Z4pIKBvHzRS/fZKwTnrK1DLI\n" - "yY/nqBJT/+Q5zdUx5FXp0bwyZuarJ1GHqcES3Rz1\n" "-----END X509 CRL-----\n"; + /* CRL */ + "-----BEGIN X509 CRL-----\n" + "MIIBmjCBgwIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0wGA8yMDE0\n" + "MDkxMzA5MDUyM1oYDzIwMTUwOTEzMDkwNTIzWjAAoDowODAfBgNVHSMEGDAWgBTx\n" + "Fcb1FYLbhH9yuqg4wlVJUZnYKTAVBgNVHRQEDgIMVBQI0zeJoFHkLaWNMA0GCSqG\n" + "SIb3DQEBCwUAA4IBAQB6SGYePy1MBmtELyWdnlJHlQ4bBgb4vjuLDSfH0X6b4dAS\n" + "MEZws8iA5SaJFIioIP41s3lfQ1Am7GjSoNccHdrLmEcUSTQLwLYaDL8SgxekP5Au\n" + "w8HTu1cz/mnjBBDURq1RvyGNFm6MXf1Rg/bHSea/EpDkn8KY152BT1/46iQ+Uho6\n" + "hz6UUWsTB4Lj25X8F2hlKwQcb3E63Or2XEPBw4rhaCDFAtSZeBaGUUSJ8CLUKXZf\n" + "5b45MjiZ/osgd81tfn3wdQVjDnaQwNtjeRbK+qU0Z4pIKBvHzRS/fZKwTnrK1DLI\n" + "yY/nqBJT/+Q5zdUx5FXp0bwyZuarJ1GHqcES3Rz1\n" + "-----END X509 CRL-----\n"; static const char simple1_constraints[] = -/* CRL */ - "-----BEGIN X509 CRL-----\n" - "MIIBmjCBgwIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0wGA8yMDE0\n" - "MDkxMzA4NTkxNloYDzIwMTUwOTEzMDg1OTE2WjAAoDowODAfBgNVHSMEGDAWgBTn\n" - "sISO6h9leKTKtOh/HG0jV03AMzAVBgNVHRQEDgIMVBQHZC2mj6EAgMPSMA0GCSqG\n" - "SIb3DQEBCwUAA4IBAQBHUgtxpOn8EHwlajVYoOh6DFCwIoxBIeUA4518W1cHoV7J\n" - "KMif6lmJRodrcbienDX781QcOaQcNnuu/oBEcoBdbZa0VICzXekIteSwEgGsbRve\n" - "QQFPnZn83I4btse1ly5fdxMsliSM+qRwIyNR18VHXZz9GWYrr4tYWnI2b9XrDnaC\n" - "1b3Ywt7I9pNi0/O0C0rE/37/VvPx6HghnC+un7LtT0Y0n+FQP7dhlMvzHaR8wVxs\n" - "WAzaNvSiJ1rVPzL21iCmQJsRQeDTSJBlzm0lWiU8Nys3ugM2KlERezfp8DkFGA3y\n" - "9Yzpq6gAi39ZK+LjopgGDkrQjxzBIaoe2bcDqB7X\n" "-----END X509 CRL-----\n"; + /* CRL */ + "-----BEGIN X509 CRL-----\n" + "MIIBmjCBgwIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0wGA8yMDE0\n" + "MDkxMzA4NTkxNloYDzIwMTUwOTEzMDg1OTE2WjAAoDowODAfBgNVHSMEGDAWgBTn\n" + "sISO6h9leKTKtOh/HG0jV03AMzAVBgNVHRQEDgIMVBQHZC2mj6EAgMPSMA0GCSqG\n" + "SIb3DQEBCwUAA4IBAQBHUgtxpOn8EHwlajVYoOh6DFCwIoxBIeUA4518W1cHoV7J\n" + "KMif6lmJRodrcbienDX781QcOaQcNnuu/oBEcoBdbZa0VICzXekIteSwEgGsbRve\n" + "QQFPnZn83I4btse1ly5fdxMsliSM+qRwIyNR18VHXZz9GWYrr4tYWnI2b9XrDnaC\n" + "1b3Ywt7I9pNi0/O0C0rE/37/VvPx6HghnC+un7LtT0Y0n+FQP7dhlMvzHaR8wVxs\n" + "WAzaNvSiJ1rVPzL21iCmQJsRQeDTSJBlzm0lWiU8Nys3ugM2KlERezfp8DkFGA3y\n" + "9Yzpq6gAi39ZK+LjopgGDkrQjxzBIaoe2bcDqB7X\n" + "-----END X509 CRL-----\n"; static const char crl_dsa[] = - "-----BEGIN X509 CRL-----\n" - "MIGmMGUwCwYHKoZIzjgEAwUAMDgxCzAJBgNVBAYTAnVzMQwwCgYDVQQKEwNzdW4x\n" - "DDAKBgNVBAsTA2plczENMAsGA1UEAxMEZ3JlZxcNMDUwNTE3MTk1OTQwWhcNMDYw\n" - "NTE3MTk1OTQwWjALBgcqhkjOOAQDBQADMAAwLQIUBBFLGYjUCVrRTGf3GTR6SGs/\n" - "accCFQCUhnSmr+CXCWKq8DtydVwH9FLsRA==\n" "-----END X509 CRL-----\n"; + "-----BEGIN X509 CRL-----\n" + "MIGmMGUwCwYHKoZIzjgEAwUAMDgxCzAJBgNVBAYTAnVzMQwwCgYDVQQKEwNzdW4x\n" + "DDAKBgNVBAsTA2plczENMAsGA1UEAxMEZ3JlZxcNMDUwNTE3MTk1OTQwWhcNMDYw\n" + "NTE3MTk1OTQwWjALBgcqhkjOOAQDBQADMAAwLQIUBBFLGYjUCVrRTGf3GTR6SGs/\n" + "accCFQCUhnSmr+CXCWKq8DtydVwH9FLsRA==\n" + "-----END X509 CRL-----\n"; static const char crl_rsa_sha1[] = - "-----BEGIN X509 CRL-----\n" - "MIIB2zCBxAIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJOTjExMC8GA1UE\n" - "CgwoRWRlbCBDdXJsIEFyY3RpYyBJbGx1ZGl1bSBSZXNlYXJjaCBDbG91ZDElMCMG\n" - "A1UEAwwcTm90aGVybiBOb3doZXJlIFRydXN0IEFuY2hvchcNMTAwNTI3MjEzNzEx\n" - "WhcNMTAwNjI2MjEzNzExWjAZMBcCBguYlPl8ahcNMTAwNTI3MjEzNzExWqAOMAww\n" - "CgYDVR0UBAMCAQEwDQYJKoZIhvcNAQEFBQADggEBAFuPZJ/cNNCeAzkSxVvPPPRX\n" - "Wsv9T6Dt61C5Fmq9eSNN2kRf7/dq5A5nqTIlHbXXiLdj3UqNhUHXe2oA1UpbdHz9\n" - "0JlfwWm1Y/gMr1fh1n0oFebEtCuOgDRpd07Uiz8AqOUBykDNDUlMvVwR9raHL8hj\n" - "NRwzugsfIxl0CvLLqrBpUWMxW3qemk4cWW39yrDdZgKo6eOZAOR3FQYlLIrw6Jcr\n" - "Kmm0PjdcJIfRgJvNysgyx1dIIKe7QXvFTR/QzdHWIWTkiYIW7wUKSzSICvDCr094\n" - "eo3nr3n9BtOqT61Z1m6FGCP6Mm0wFl6xLTCNd6ygfFo7pcAdWlUsdBgKzics0Kc=\n" - "-----END X509 CRL-----\n"; + "-----BEGIN X509 CRL-----\n" + "MIIB2zCBxAIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJOTjExMC8GA1UE\n" + "CgwoRWRlbCBDdXJsIEFyY3RpYyBJbGx1ZGl1bSBSZXNlYXJjaCBDbG91ZDElMCMG\n" + "A1UEAwwcTm90aGVybiBOb3doZXJlIFRydXN0IEFuY2hvchcNMTAwNTI3MjEzNzEx\n" + "WhcNMTAwNjI2MjEzNzExWjAZMBcCBguYlPl8ahcNMTAwNTI3MjEzNzExWqAOMAww\n" + "CgYDVR0UBAMCAQEwDQYJKoZIhvcNAQEFBQADggEBAFuPZJ/cNNCeAzkSxVvPPPRX\n" + "Wsv9T6Dt61C5Fmq9eSNN2kRf7/dq5A5nqTIlHbXXiLdj3UqNhUHXe2oA1UpbdHz9\n" + "0JlfwWm1Y/gMr1fh1n0oFebEtCuOgDRpd07Uiz8AqOUBykDNDUlMvVwR9raHL8hj\n" + "NRwzugsfIxl0CvLLqrBpUWMxW3qemk4cWW39yrDdZgKo6eOZAOR3FQYlLIrw6Jcr\n" + "Kmm0PjdcJIfRgJvNysgyx1dIIKe7QXvFTR/QzdHWIWTkiYIW7wUKSzSICvDCr094\n" + "eo3nr3n9BtOqT61Z1m6FGCP6Mm0wFl6xLTCNd6ygfFo7pcAdWlUsdBgKzics0Kc=\n" + "-----END X509 CRL-----\n"; static struct { const char *name; @@ -91,40 +94,38 @@ static struct { time_t crt_revoke_time; size_t crt_serial_size; const char *crt_serial; -} crl_list[] = { - {.name = "crl-sha256-1", - .crl = simple1, - .sign_algo = GNUTLS_SIGN_RSA_SHA256, - .sign_oid = "1.2.840.113549.1.1.11", - .crt_count = 0, - .this_update = 1410599123, - .next_update = 1442135123}, - {.name = "crl-sha256-2", - .crl = simple1_constraints, - .sign_algo = GNUTLS_SIGN_RSA_SHA256, - .sign_oid = "1.2.840.113549.1.1.11", - .crt_count = 0, - .this_update = 1410598756, - .next_update = 1442134756}, - {.name = "crl-dsa", - .crl = crl_dsa, - .sign_algo = GNUTLS_SIGN_DSA_SHA1, - .sign_oid = "1.2.840.10040.4.3", - .crt_count = 0, - .this_update = 1116359980, - .next_update = 1147895980}, - {.name = "crl-rsa-sha1", - .crl = crl_rsa_sha1, - .sign_algo = GNUTLS_SIGN_RSA_SHA1, - .sign_oid = "1.2.840.113549.1.1.5", - .crt_count = 1, - .this_update = 1274996231, - .next_update = 1277588231, - .crt_revoke_time = 1274996231, - .crt_serial = "\x0b\x98\x94\xf9\x7c\x6a", - .crt_serial_size = 6}, - {NULL, NULL, 0, 0} -}; +} crl_list[] = { { .name = "crl-sha256-1", + .crl = simple1, + .sign_algo = GNUTLS_SIGN_RSA_SHA256, + .sign_oid = "1.2.840.113549.1.1.11", + .crt_count = 0, + .this_update = 1410599123, + .next_update = 1442135123 }, + { .name = "crl-sha256-2", + .crl = simple1_constraints, + .sign_algo = GNUTLS_SIGN_RSA_SHA256, + .sign_oid = "1.2.840.113549.1.1.11", + .crt_count = 0, + .this_update = 1410598756, + .next_update = 1442134756 }, + { .name = "crl-dsa", + .crl = crl_dsa, + .sign_algo = GNUTLS_SIGN_DSA_SHA1, + .sign_oid = "1.2.840.10040.4.3", + .crt_count = 0, + .this_update = 1116359980, + .next_update = 1147895980 }, + { .name = "crl-rsa-sha1", + .crl = crl_rsa_sha1, + .sign_algo = GNUTLS_SIGN_RSA_SHA1, + .sign_oid = "1.2.840.113549.1.1.5", + .crt_count = 1, + .this_update = 1274996231, + .next_update = 1277588231, + .crt_revoke_time = 1274996231, + .crt_serial = "\x0b\x98\x94\xf9\x7c\x6a", + .crt_serial_size = 6 }, + { NULL, NULL, 0, 0 } }; static void tls_log_func(int level, const char *str) { @@ -152,7 +153,6 @@ void doit(void) gnutls_global_set_log_level(4711); for (i = 0; crl_list[i].name; i++) { - if (debug) printf("Chain '%s' (%d)...\n", crl_list[i].name, (int)i); @@ -162,8 +162,7 @@ void doit(void) ret = gnutls_x509_crl_init(&crl); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crl_init[%d]: %s\n", + fprintf(stderr, "gnutls_x509_crl_init[%d]: %s\n", (int)i, gnutls_strerror(ret)); exit(1); } @@ -175,8 +174,7 @@ void doit(void) if (debug > 2) printf("done\n"); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crl_import[%s]: %s\n", + fprintf(stderr, "gnutls_x509_crl_import[%s]: %s\n", crl_list[i].name, gnutls_strerror(ret)); exit(1); } @@ -188,19 +186,22 @@ void doit(void) ret = gnutls_x509_crl_get_signature_algorithm(crl); if (ret != (int)crl_list[i].sign_algo) { - fail("%s: error extracting signature algorithm: %d/%s\n", crl_list[i].name, ret, gnutls_strerror(ret)); + fail("%s: error extracting signature algorithm: %d/%s\n", + crl_list[i].name, ret, gnutls_strerror(ret)); exit(1); } oid_size = sizeof(oid); ret = gnutls_x509_crl_get_signature_oid(crl, oid, &oid_size); if (ret < 0) { - fail("%s: error extracting signature algorithm OID: %s\n", crl_list[i].name, gnutls_strerror(ret)); + fail("%s: error extracting signature algorithm OID: %s\n", + crl_list[i].name, gnutls_strerror(ret)); exit(1); } if (strcmp(oid, crl_list[i].sign_oid) != 0) { - fail("%s: error on the extracted signature algorithm: %s\n", crl_list[i].name, oid); + fail("%s: error on the extracted signature algorithm: %s\n", + crl_list[i].name, oid); exit(1); } @@ -216,20 +217,20 @@ void doit(void) size_t ssize = sizeof(serial); time_t t = 0; - ret = - gnutls_x509_crl_get_crt_serial(crl, 0, serial, - &ssize, &t); + ret = gnutls_x509_crl_get_crt_serial(crl, 0, serial, + &ssize, &t); if (ret < 0) { fail("%s: error on the extracted serial: %d\n", crl_list[i].name, ret); } if (t != crl_list[i].crt_revoke_time) - fail("%s: error on the extracted revocation time: %u\n", crl_list[i].name, (unsigned)t); + fail("%s: error on the extracted revocation time: %u\n", + crl_list[i].name, (unsigned)t); - if (ssize != crl_list[i].crt_serial_size - || memcmp(serial, crl_list[i].crt_serial, - ssize) != 0) { + if (ssize != crl_list[i].crt_serial_size || + memcmp(serial, crl_list[i].crt_serial, ssize) != + 0) { for (i = 0; i < ssize; i++) fprintf(stderr, "%.2x", (unsigned)serial[i]); diff --git a/tests/crl_apis.c b/tests/crl_apis.c index 2189dddfb2..c8d1a18f86 100644 --- a/tests/crl_apis.c +++ b/tests/crl_apis.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -36,7 +36,7 @@ static time_t then = 1207000800; -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { if (t) *t = then; @@ -45,43 +45,44 @@ static time_t mytime(time_t * t) } static unsigned char saved_crl_pem[] = - "-----BEGIN X509 CRL-----\n" - "MIICXzCByAIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0zFw0wODAz\n" - "MzEyMjAwMDBaFw0wODAzMzEyMjAyMDBaMFQwFAIDAQIDFw0wODAzMzEyMjAwMDBa\n" - "MB0CDFejHTI2Wi75obBaUhcNMDgwMzMxMjIwMDAwWjAdAgxXox0yNbNP0Ln15zwX\n" - "DTA4MDMzMTIyMDAwMFqgLzAtMB8GA1UdIwQYMBaAFPmohhljtqQUE2B2DwGaNTbv\n" - "8bSvMAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBgQAFpyifa5AJclRpJfjh\n" - "QOcSoiCJz5QsrGaK5I/UYHcY958hhFjnE2c9g3wYEEt13M2gkgOTXapImPbLXHv+\n" - "cHWGoTqX6+crs7xcC6mFc6JfY7q9O2eP1x386dzCxhsXMti5ml0iOeBpNrMO46Pr\n" - "PuvNaY7OE1UgN0Ha3YjmhP8HtWJSQCMmqIo6vP1/HBSzaXP/cjS7f0WBZemj0eE7\n" - "wwA1GUoUx9wHipvNkCSKy/eQz4fpOJExrvHeb1/N3po9hfZaZJAqR+rsC0j9J+wd\n" - "ZGAdVFKCJUZs0IgsWQqagg0tXGJ8ejdt4yE8zvhhcpf4pcGoYUqtoUPT+Fjnsw7C\n" - "P1GCVZQ2ciGxixljTJFdifhqPshgC1Ytd75MkDYH2RRir/JwypQK9CcqIAOjBzTl\n" - "uk4SkKL2xAIduw6Dz5kAC7G2EM94uODoI/RO5b6eN6Kb/592JrKAfB96jh2wwqW+\n" - "swaA4JPFqNQaiMWW1IXM3VJwXBt8DRSRo46JV5OktvvFRwI=\n" - "-----END X509 CRL-----\n"; + "-----BEGIN X509 CRL-----\n" + "MIICXzCByAIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0zFw0wODAz\n" + "MzEyMjAwMDBaFw0wODAzMzEyMjAyMDBaMFQwFAIDAQIDFw0wODAzMzEyMjAwMDBa\n" + "MB0CDFejHTI2Wi75obBaUhcNMDgwMzMxMjIwMDAwWjAdAgxXox0yNbNP0Ln15zwX\n" + "DTA4MDMzMTIyMDAwMFqgLzAtMB8GA1UdIwQYMBaAFPmohhljtqQUE2B2DwGaNTbv\n" + "8bSvMAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBgQAFpyifa5AJclRpJfjh\n" + "QOcSoiCJz5QsrGaK5I/UYHcY958hhFjnE2c9g3wYEEt13M2gkgOTXapImPbLXHv+\n" + "cHWGoTqX6+crs7xcC6mFc6JfY7q9O2eP1x386dzCxhsXMti5ml0iOeBpNrMO46Pr\n" + "PuvNaY7OE1UgN0Ha3YjmhP8HtWJSQCMmqIo6vP1/HBSzaXP/cjS7f0WBZemj0eE7\n" + "wwA1GUoUx9wHipvNkCSKy/eQz4fpOJExrvHeb1/N3po9hfZaZJAqR+rsC0j9J+wd\n" + "ZGAdVFKCJUZs0IgsWQqagg0tXGJ8ejdt4yE8zvhhcpf4pcGoYUqtoUPT+Fjnsw7C\n" + "P1GCVZQ2ciGxixljTJFdifhqPshgC1Ytd75MkDYH2RRir/JwypQK9CcqIAOjBzTl\n" + "uk4SkKL2xAIduw6Dz5kAC7G2EM94uODoI/RO5b6eN6Kb/592JrKAfB96jh2wwqW+\n" + "swaA4JPFqNQaiMWW1IXM3VJwXBt8DRSRo46JV5OktvvFRwI=\n" + "-----END X509 CRL-----\n"; static unsigned char saved_min_crl_pem[] = - "-----BEGIN X509 CRL-----\n" - "MIICUDCBuQIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0zFw0wODAz\n" - "MzEyMjAwMTBaMFQwFAIDAQIDFw0wODAzMzEyMjAwMTBaMB0CDFejHTI2Wi75obBa\n" - "UhcNMDgwMzMxMjIwMDEwWjAdAgxXox0yNbNP0Ln15zwXDTA4MDMzMTIyMDAxMFqg\n" - "LzAtMB8GA1UdIwQYMBaAFPmohhljtqQUE2B2DwGaNTbv8bSvMAoGA1UdFAQDAgEB\n" - "MA0GCSqGSIb3DQEBCwUAA4IBgQB/Y7MxKf7HpYBoi7N5lNCe7nSd0epQiNPOford\n" - "hGb1ZirZk9m67zg146Cwc0W4ipPzW/OjwgUoVQTm21I7oZj/GPItAABlILd6eRQe\n" - "jYJap0fxiXV7aMRfu2o3qCRGAITQf306H5zJmpdeNxbxzlr3t6IAHBDbLI1WYXiC\n" - "pTHo3wlpwFJEPw5NQ0j6rCAzSH81FHTrEiIOar17uRqeMjbGN6Eo4zjezEx2+ewg\n" - "unsdzx4OWx3KgzsQnyV9EoU6l9jREe519mICx7La6DZkhO4dSPJv6R5jEFitWDNB\n" - "lxZMA5ePrYXuE/3b+Li89R53O+xZxShLQYwBRSHDue44xUv6hh6YNIKDgt4ycIs8\n" - "9JAWsOYJDYUEbAUo+S4sWCU6LzloEvmg7EdJtvJWsScUKK4qbwkDfkBTKjbeBdFj\n" - "w6naZIjzbjMPEe8/T+hmu/txFj3fGj/GzOM1GaJNZ4vMWA4Y6LhB+H1Zf3xK+hV0\n" - "sc0eYw7RpIzEyc9PPz/uM+XabsI=\n" "-----END X509 CRL-----\n"; + "-----BEGIN X509 CRL-----\n" + "MIICUDCBuQIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0zFw0wODAz\n" + "MzEyMjAwMTBaMFQwFAIDAQIDFw0wODAzMzEyMjAwMTBaMB0CDFejHTI2Wi75obBa\n" + "UhcNMDgwMzMxMjIwMDEwWjAdAgxXox0yNbNP0Ln15zwXDTA4MDMzMTIyMDAxMFqg\n" + "LzAtMB8GA1UdIwQYMBaAFPmohhljtqQUE2B2DwGaNTbv8bSvMAoGA1UdFAQDAgEB\n" + "MA0GCSqGSIb3DQEBCwUAA4IBgQB/Y7MxKf7HpYBoi7N5lNCe7nSd0epQiNPOford\n" + "hGb1ZirZk9m67zg146Cwc0W4ipPzW/OjwgUoVQTm21I7oZj/GPItAABlILd6eRQe\n" + "jYJap0fxiXV7aMRfu2o3qCRGAITQf306H5zJmpdeNxbxzlr3t6IAHBDbLI1WYXiC\n" + "pTHo3wlpwFJEPw5NQ0j6rCAzSH81FHTrEiIOar17uRqeMjbGN6Eo4zjezEx2+ewg\n" + "unsdzx4OWx3KgzsQnyV9EoU6l9jREe519mICx7La6DZkhO4dSPJv6R5jEFitWDNB\n" + "lxZMA5ePrYXuE/3b+Li89R53O+xZxShLQYwBRSHDue44xUv6hh6YNIKDgt4ycIs8\n" + "9JAWsOYJDYUEbAUo+S4sWCU6LzloEvmg7EdJtvJWsScUKK4qbwkDfkBTKjbeBdFj\n" + "w6naZIjzbjMPEe8/T+hmu/txFj3fGj/GzOM1GaJNZ4vMWA4Y6LhB+H1Zf3xK+hV0\n" + "sc0eYw7RpIzEyc9PPz/uM+XabsI=\n" + "-----END X509 CRL-----\n"; const gnutls_datum_t saved_crl = { saved_crl_pem, sizeof(saved_crl_pem) - 1 }; -const gnutls_datum_t saved_min_crl = - { saved_min_crl_pem, sizeof(saved_min_crl_pem) - 1 }; +const gnutls_datum_t saved_min_crl = { saved_min_crl_pem, + sizeof(saved_min_crl_pem) - 1 }; -static void append_crt(gnutls_x509_crl_t crl, const gnutls_datum_t * pem) +static void append_crt(gnutls_x509_crl_t crl, const gnutls_datum_t *pem) { gnutls_x509_crt_t crt; int ret; @@ -95,7 +96,7 @@ static void append_crt(gnutls_x509_crl_t crl, const gnutls_datum_t * pem) gnutls_x509_crt_deinit(crt); } -static void append_aki(gnutls_x509_crl_t crl, const gnutls_datum_t * pem) +static void append_aki(gnutls_x509_crl_t crl, const gnutls_datum_t *pem) { gnutls_x509_crt_t crt; int ret; @@ -140,8 +141,8 @@ static void verify_crl(gnutls_x509_crl_t _crl, gnutls_x509_crt_t crt) gnutls_x509_crl_deinit(crl); } -static void sign_crl(gnutls_x509_crl_t crl, const gnutls_datum_t * cert, - const gnutls_datum_t * key) +static void sign_crl(gnutls_x509_crl_t crl, const gnutls_datum_t *cert, + const gnutls_datum_t *key) { gnutls_x509_crt_t crt; gnutls_x509_privkey_t pkey; @@ -201,8 +202,8 @@ static gnutls_x509_crl_t generate_crl(unsigned skip_optional) ret = gnutls_x509_crl_set_number(crl, "\x01", 1); if (ret != 0) - fail("gnutls_x509_crl_set_number %d: %s\n", - ret, gnutls_strerror(ret)); + fail("gnutls_x509_crl_set_number %d: %s\n", ret, + gnutls_strerror(ret)); sign_crl(crl, &ca3_cert, &ca3_key); @@ -210,7 +211,7 @@ static gnutls_x509_crl_t generate_crl(unsigned skip_optional) } static void verify_issuer(gnutls_x509_crl_t crl, - const gnutls_datum_t * issuer_cert) + const gnutls_datum_t *issuer_cert) { #define DN_MAX_LEN (1024) gnutls_x509_crt_t crt; @@ -226,32 +227,33 @@ static void verify_issuer(gnutls_x509_crl_t crl, char *crl_issuer = gnutls_calloc(DN_MAX_LEN, sizeof(char)); assert(crl_issuer != NULL); size_t crl_issuer_size = DN_MAX_LEN; - assert(gnutls_x509_crl_get_issuer_dn(crl, crl_issuer, &crl_issuer_size) - == GNUTLS_E_SUCCESS); - assert(crl_issuer_size == issuer_size - && memcmp(crl_issuer, issuer, issuer_size) == 0); + assert(gnutls_x509_crl_get_issuer_dn( + crl, crl_issuer, &crl_issuer_size) == GNUTLS_E_SUCCESS); + assert(crl_issuer_size == issuer_size && + memcmp(crl_issuer, issuer, issuer_size) == 0); gnutls_datum_t dn; dn.data = NULL; dn.size = 0; assert(gnutls_x509_crl_get_issuer_dn2(crl, &dn) == GNUTLS_E_SUCCESS); - assert(dn.size == issuer_size - && memcmp(dn.data, issuer, issuer_size) == 0); + assert(dn.size == issuer_size && + memcmp(dn.data, issuer, issuer_size) == 0); gnutls_free(dn.data); dn.data = NULL; dn.size = 0; assert(gnutls_x509_crl_get_issuer_dn3(crl, &dn, 0) == GNUTLS_E_SUCCESS); - assert(dn.size == issuer_size - && memcmp(dn.data, issuer, issuer_size) == 0); + assert(dn.size == issuer_size && + memcmp(dn.data, issuer, issuer_size) == 0); gnutls_free(dn.data); dn.data = NULL; dn.size = 0; - assert(gnutls_x509_crl_get_issuer_dn3 - (crl, &dn, GNUTLS_X509_DN_FLAG_COMPAT) == GNUTLS_E_SUCCESS); - assert(dn.size == issuer_size - && memcmp(dn.data, issuer, issuer_size) == 0); + assert(gnutls_x509_crl_get_issuer_dn3(crl, &dn, + GNUTLS_X509_DN_FLAG_COMPAT) == + GNUTLS_E_SUCCESS); + assert(dn.size == issuer_size && + memcmp(dn.data, issuer, issuer_size) == 0); gnutls_free(dn.data); dn.data = NULL; dn.size = 0; @@ -262,7 +264,7 @@ static void verify_issuer(gnutls_x509_crl_t crl, } static void get_dn_by_oid(gnutls_x509_crl_t crl, - const gnutls_datum_t * issuer_cert) + const gnutls_datum_t *issuer_cert) { gnutls_x509_crt_t crt; assert(gnutls_x509_crt_init(&crt) >= 0); @@ -279,8 +281,8 @@ static void get_dn_by_oid(gnutls_x509_crl_t crl, gnutls_x509_crl_get_issuer_dn_by_oid(crl, "2.5.4.3", 0, 0, crl_buf, &crl_buf_size); - assert(crt_buf_size == crl_buf_size - && memcmp(crt_buf, crl_buf, crl_buf_size) == 0); + assert(crt_buf_size == crl_buf_size && + memcmp(crt_buf, crl_buf, crl_buf_size) == 0); gnutls_free(crt_buf); gnutls_free(crl_buf); @@ -294,8 +296,8 @@ static void import_der_crl_list(gnutls_x509_crl_t crl) gnutls_x509_crl_t crl_list; unsigned int crl_list_max = 1; - assert(gnutls_x509_crl_list_import - (&crl_list, &crl_list_max, &out, GNUTLS_X509_FMT_DER, 0) > 0); + assert(gnutls_x509_crl_list_import(&crl_list, &crl_list_max, &out, + GNUTLS_X509_FMT_DER, 0) > 0); gnutls_free(out.data); gnutls_x509_crl_deinit(crl_list); @@ -341,5 +343,4 @@ void doit(void) gnutls_free(out.data); gnutls_x509_crl_deinit(crl); - } diff --git a/tests/crlverify.c b/tests/crlverify.c index 3583236cf6..01ad7be372 100644 --- a/tests/crlverify.c +++ b/tests/crlverify.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,137 +33,140 @@ #include "utils.h" static const char *simple1[] = { -/* CRL */ + /* CRL */ "-----BEGIN X509 CRL-----\n" - "MIIBmjCBgwIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0wGA8yMDE0\n" - "MDkxMzA5MDUyM1oYDzIwMTUwOTEzMDkwNTIzWjAAoDowODAfBgNVHSMEGDAWgBTx\n" - "Fcb1FYLbhH9yuqg4wlVJUZnYKTAVBgNVHRQEDgIMVBQI0zeJoFHkLaWNMA0GCSqG\n" - "SIb3DQEBCwUAA4IBAQB6SGYePy1MBmtELyWdnlJHlQ4bBgb4vjuLDSfH0X6b4dAS\n" - "MEZws8iA5SaJFIioIP41s3lfQ1Am7GjSoNccHdrLmEcUSTQLwLYaDL8SgxekP5Au\n" - "w8HTu1cz/mnjBBDURq1RvyGNFm6MXf1Rg/bHSea/EpDkn8KY152BT1/46iQ+Uho6\n" - "hz6UUWsTB4Lj25X8F2hlKwQcb3E63Or2XEPBw4rhaCDFAtSZeBaGUUSJ8CLUKXZf\n" - "5b45MjiZ/osgd81tfn3wdQVjDnaQwNtjeRbK+qU0Z4pIKBvHzRS/fZKwTnrK1DLI\n" - "yY/nqBJT/+Q5zdUx5FXp0bwyZuarJ1GHqcES3Rz1\n" - "-----END X509 CRL-----\n", -/* CA - cert_signing_key only */ + "MIIBmjCBgwIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0wGA8yMDE0\n" + "MDkxMzA5MDUyM1oYDzIwMTUwOTEzMDkwNTIzWjAAoDowODAfBgNVHSMEGDAWgBTx\n" + "Fcb1FYLbhH9yuqg4wlVJUZnYKTAVBgNVHRQEDgIMVBQI0zeJoFHkLaWNMA0GCSqG\n" + "SIb3DQEBCwUAA4IBAQB6SGYePy1MBmtELyWdnlJHlQ4bBgb4vjuLDSfH0X6b4dAS\n" + "MEZws8iA5SaJFIioIP41s3lfQ1Am7GjSoNccHdrLmEcUSTQLwLYaDL8SgxekP5Au\n" + "w8HTu1cz/mnjBBDURq1RvyGNFm6MXf1Rg/bHSea/EpDkn8KY152BT1/46iQ+Uho6\n" + "hz6UUWsTB4Lj25X8F2hlKwQcb3E63Or2XEPBw4rhaCDFAtSZeBaGUUSJ8CLUKXZf\n" + "5b45MjiZ/osgd81tfn3wdQVjDnaQwNtjeRbK+qU0Z4pIKBvHzRS/fZKwTnrK1DLI\n" + "yY/nqBJT/+Q5zdUx5FXp0bwyZuarJ1GHqcES3Rz1\n" + "-----END X509 CRL-----\n", + /* CA - cert_signing_key only */ "-----BEGIN CERTIFICATE-----\n" - "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwOTEzMDkwNTIzWhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCybbzvQTOmfwlA\n" - "+q8F/4ms42nhl5lo1lK6JCvE7jZdhqZNXE8e1eNACrU6rCxRQynDhOyAOCLQAAul\n" - "ivNMCW+SFN0IkSYXSRM8aWIDOZT8FyWB3yJSyvi3+SMgm7OYHFW8htH8qaIv0xJf\n" - "1h/ADBE62j9uaQIg7qSn6pVHMDHaITAbPg3y6II1iP3W28Vj/rtvK9yoZu4AThSD\n" - "Vdjl8WT4b4VOBbmioSNCDjx2C73+HLM2eUsdumCVcjWD9gkvCKkqTbOVplGRvCzO\n" - "sKNVGJamH9eGOjF2Az9XuYR+m7jWdIyTitLtbliyFiWwFguQ7BAPVnUS3TSKoLKL\n" - "X9WRGDIVAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcG\n" - "ADAdBgNVHQ4EFgQU8RXG9RWC24R/crqoOMJVSVGZ2CkwDQYJKoZIhvcNAQELBQAD\n" - "ggEBAASDvSD6Gt9E/IANgJ2lq7cvqKHhK/S0crpBHmzouLU1YANAbva8vZ2iVsgP\n" - "ojj5+QKosXgZM67g1u4Vr/Kt7APwYDVV9NlfE7BLSaksaQbh6J464rJ8pXONW6xP\n" - "z6tl/Pm1RqXuxzgnUv700OFuxBnnbglz9aQk5eS7kag8bfUx8MfN5gbW34nB79fn\n" - "5943Z8DmcDfUQZRY66v4S/NAYs7s96ABMB18u9Ct6KqGP/LKfDt2bgeTE/1b68T+\n" - "xmYF8N+JsJ3qP4lqBHgHLUL945nEoG8yDPIiZw3pmw1SyS0ktoVASynAh3W5j//r\n" - "d9Uk2Ojqo2tp/lJ0LCuQ3nWeM2Y=\n" "-----END CERTIFICATE-----\n" + "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwOTEzMDkwNTIzWhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCybbzvQTOmfwlA\n" + "+q8F/4ms42nhl5lo1lK6JCvE7jZdhqZNXE8e1eNACrU6rCxRQynDhOyAOCLQAAul\n" + "ivNMCW+SFN0IkSYXSRM8aWIDOZT8FyWB3yJSyvi3+SMgm7OYHFW8htH8qaIv0xJf\n" + "1h/ADBE62j9uaQIg7qSn6pVHMDHaITAbPg3y6II1iP3W28Vj/rtvK9yoZu4AThSD\n" + "Vdjl8WT4b4VOBbmioSNCDjx2C73+HLM2eUsdumCVcjWD9gkvCKkqTbOVplGRvCzO\n" + "sKNVGJamH9eGOjF2Az9XuYR+m7jWdIyTitLtbliyFiWwFguQ7BAPVnUS3TSKoLKL\n" + "X9WRGDIVAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcG\n" + "ADAdBgNVHQ4EFgQU8RXG9RWC24R/crqoOMJVSVGZ2CkwDQYJKoZIhvcNAQELBQAD\n" + "ggEBAASDvSD6Gt9E/IANgJ2lq7cvqKHhK/S0crpBHmzouLU1YANAbva8vZ2iVsgP\n" + "ojj5+QKosXgZM67g1u4Vr/Kt7APwYDVV9NlfE7BLSaksaQbh6J464rJ8pXONW6xP\n" + "z6tl/Pm1RqXuxzgnUv700OFuxBnnbglz9aQk5eS7kag8bfUx8MfN5gbW34nB79fn\n" + "5943Z8DmcDfUQZRY66v4S/NAYs7s96ABMB18u9Ct6KqGP/LKfDt2bgeTE/1b68T+\n" + "xmYF8N+JsJ3qP4lqBHgHLUL945nEoG8yDPIiZw3pmw1SyS0ktoVASynAh3W5j//r\n" + "d9Uk2Ojqo2tp/lJ0LCuQ3nWeM2Y=\n" + "-----END CERTIFICATE-----\n" }; static const char *simple1_broken[] = { -/* CRL with some bits flipped */ + /* CRL with some bits flipped */ "-----BEGIN X509 CRL-----\n" - "MIIBmjCBgwIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0wGA8yMDE0\n" - "MDkxMzA5MDUyM1oYDzIwMTUwOTEzMDkwNTIzWjAAoDowODAfBgNVHSMEGDAWgBTx\n" - "Fcb1FYLbhH9yuqg4wlVJUZnYKTAVBgNVHRQEDgIMVBQI0zeJoFHkLaWNMA0GCSqG\n" - "SIb3DQEBCwUAA4IBAQB6SGYePy1MBmtELyWdnlJHlQ4bBgb4vjuLDSfH0X6b4dAS\n" - "MEZws8iA5SaJFIioIP41s3lfQ1Am7GjSoNccHdrLmEcUSTQLwLYaDL8SgxekP5Au\n" - "w8HTu1cz/mnjBBDURq1RvyGNFm6MXf1Rg/bHSea/EpDkn8KY152BT1/46iQ+Uho6\n" - "hz6UUWsTB4Lj25X8F3hlKwQcb3E63Or2XEPBw4rhaCDFAtSZeBaGUUSJ8CLUKXZf\n" - "5b45MjiZ/osgd81tfn3wdQVjDnaQwNtjeRbK+qU0Z4pIKBvHzRS/fZKwTnrK1DLI\n" - "yY/nqBJT/+Q5zdUx5FXp0bwyZuarJ1GHqcES3Rz1\n" - "-----END X509 CRL-----\n", -/* CA - cert_signing_key only */ + "MIIBmjCBgwIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0wGA8yMDE0\n" + "MDkxMzA5MDUyM1oYDzIwMTUwOTEzMDkwNTIzWjAAoDowODAfBgNVHSMEGDAWgBTx\n" + "Fcb1FYLbhH9yuqg4wlVJUZnYKTAVBgNVHRQEDgIMVBQI0zeJoFHkLaWNMA0GCSqG\n" + "SIb3DQEBCwUAA4IBAQB6SGYePy1MBmtELyWdnlJHlQ4bBgb4vjuLDSfH0X6b4dAS\n" + "MEZws8iA5SaJFIioIP41s3lfQ1Am7GjSoNccHdrLmEcUSTQLwLYaDL8SgxekP5Au\n" + "w8HTu1cz/mnjBBDURq1RvyGNFm6MXf1Rg/bHSea/EpDkn8KY152BT1/46iQ+Uho6\n" + "hz6UUWsTB4Lj25X8F3hlKwQcb3E63Or2XEPBw4rhaCDFAtSZeBaGUUSJ8CLUKXZf\n" + "5b45MjiZ/osgd81tfn3wdQVjDnaQwNtjeRbK+qU0Z4pIKBvHzRS/fZKwTnrK1DLI\n" + "yY/nqBJT/+Q5zdUx5FXp0bwyZuarJ1GHqcES3Rz1\n" + "-----END X509 CRL-----\n", + /* CA - cert_signing_key only */ "-----BEGIN CERTIFICATE-----\n" - "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwOTEzMDkwNTIzWhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCybbzvQTOmfwlA\n" - "+q8F/4ms42nhl5lo1lK6JCvE7jZdhqZNXE8e1eNACrU6rCxRQynDhOyAOCLQAAul\n" - "ivNMCW+SFN0IkSYXSRM8aWIDOZT8FyWB3yJSyvi3+SMgm7OYHFW8htH8qaIv0xJf\n" - "1h/ADBE62j9uaQIg7qSn6pVHMDHaITAbPg3y6II1iP3W28Vj/rtvK9yoZu4AThSD\n" - "Vdjl8WT4b4VOBbmioSNCDjx2C73+HLM2eUsdumCVcjWD9gkvCKkqTbOVplGRvCzO\n" - "sKNVGJamH9eGOjF2Az9XuYR+m7jWdIyTitLtbliyFiWwFguQ7BAPVnUS3TSKoLKL\n" - "X9WRGDIVAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcG\n" - "ADAdBgNVHQ4EFgQU8RXG9RWC24R/crqoOMJVSVGZ2CkwDQYJKoZIhvcNAQELBQAD\n" - "ggEBAASDvSD6Gt9E/IANgJ2lq7cvqKHhK/S0crpBHmzouLU1YANAbva8vZ2iVsgP\n" - "ojj5+QKosXgZM67g1u4Vr/Kt7APwYDVV9NlfE7BLSaksaQbh6J464rJ8pXONW6xP\n" - "z6tl/Pm1RqXuxzgnUv700OFuxBnnbglz9aQk5eS7kag8bfUx8MfN5gbW34nB79fn\n" - "5943Z8DmcDfUQZRY66v4S/NAYs7s96ABMB18u9Ct6KqGP/LKfDt2bgeTE/1b68T+\n" - "xmYF8N+JsJ3qP4lqBHgHLUL945nEoG8yDPIiZw3pmw1SyS0ktoVASynAh3W5j//r\n" - "d9Uk2Ojqo2tp/lJ0LCuQ3nWeM2Y=\n" "-----END CERTIFICATE-----\n" + "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwOTEzMDkwNTIzWhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCybbzvQTOmfwlA\n" + "+q8F/4ms42nhl5lo1lK6JCvE7jZdhqZNXE8e1eNACrU6rCxRQynDhOyAOCLQAAul\n" + "ivNMCW+SFN0IkSYXSRM8aWIDOZT8FyWB3yJSyvi3+SMgm7OYHFW8htH8qaIv0xJf\n" + "1h/ADBE62j9uaQIg7qSn6pVHMDHaITAbPg3y6II1iP3W28Vj/rtvK9yoZu4AThSD\n" + "Vdjl8WT4b4VOBbmioSNCDjx2C73+HLM2eUsdumCVcjWD9gkvCKkqTbOVplGRvCzO\n" + "sKNVGJamH9eGOjF2Az9XuYR+m7jWdIyTitLtbliyFiWwFguQ7BAPVnUS3TSKoLKL\n" + "X9WRGDIVAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcG\n" + "ADAdBgNVHQ4EFgQU8RXG9RWC24R/crqoOMJVSVGZ2CkwDQYJKoZIhvcNAQELBQAD\n" + "ggEBAASDvSD6Gt9E/IANgJ2lq7cvqKHhK/S0crpBHmzouLU1YANAbva8vZ2iVsgP\n" + "ojj5+QKosXgZM67g1u4Vr/Kt7APwYDVV9NlfE7BLSaksaQbh6J464rJ8pXONW6xP\n" + "z6tl/Pm1RqXuxzgnUv700OFuxBnnbglz9aQk5eS7kag8bfUx8MfN5gbW34nB79fn\n" + "5943Z8DmcDfUQZRY66v4S/NAYs7s96ABMB18u9Ct6KqGP/LKfDt2bgeTE/1b68T+\n" + "xmYF8N+JsJ3qP4lqBHgHLUL945nEoG8yDPIiZw3pmw1SyS0ktoVASynAh3W5j//r\n" + "d9Uk2Ojqo2tp/lJ0LCuQ3nWeM2Y=\n" + "-----END CERTIFICATE-----\n" }; static const char *simple1_constraints[] = { -/* CRL */ + /* CRL */ "-----BEGIN X509 CRL-----\n" - "MIIBmjCBgwIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0wGA8yMDE0\n" - "MDkxMzA4NTkxNloYDzIwMTUwOTEzMDg1OTE2WjAAoDowODAfBgNVHSMEGDAWgBTn\n" - "sISO6h9leKTKtOh/HG0jV03AMzAVBgNVHRQEDgIMVBQHZC2mj6EAgMPSMA0GCSqG\n" - "SIb3DQEBCwUAA4IBAQBHUgtxpOn8EHwlajVYoOh6DFCwIoxBIeUA4518W1cHoV7J\n" - "KMif6lmJRodrcbienDX781QcOaQcNnuu/oBEcoBdbZa0VICzXekIteSwEgGsbRve\n" - "QQFPnZn83I4btse1ly5fdxMsliSM+qRwIyNR18VHXZz9GWYrr4tYWnI2b9XrDnaC\n" - "1b3Ywt7I9pNi0/O0C0rE/37/VvPx6HghnC+un7LtT0Y0n+FQP7dhlMvzHaR8wVxs\n" - "WAzaNvSiJ1rVPzL21iCmQJsRQeDTSJBlzm0lWiU8Nys3ugM2KlERezfp8DkFGA3y\n" - "9Yzpq6gAi39ZK+LjopgGDkrQjxzBIaoe2bcDqB7X\n" - "-----END X509 CRL-----\n", -/* CA - cert_signing_key only */ + "MIIBmjCBgwIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0wGA8yMDE0\n" + "MDkxMzA4NTkxNloYDzIwMTUwOTEzMDg1OTE2WjAAoDowODAfBgNVHSMEGDAWgBTn\n" + "sISO6h9leKTKtOh/HG0jV03AMzAVBgNVHRQEDgIMVBQHZC2mj6EAgMPSMA0GCSqG\n" + "SIb3DQEBCwUAA4IBAQBHUgtxpOn8EHwlajVYoOh6DFCwIoxBIeUA4518W1cHoV7J\n" + "KMif6lmJRodrcbienDX781QcOaQcNnuu/oBEcoBdbZa0VICzXekIteSwEgGsbRve\n" + "QQFPnZn83I4btse1ly5fdxMsliSM+qRwIyNR18VHXZz9GWYrr4tYWnI2b9XrDnaC\n" + "1b3Ywt7I9pNi0/O0C0rE/37/VvPx6HghnC+un7LtT0Y0n+FQP7dhlMvzHaR8wVxs\n" + "WAzaNvSiJ1rVPzL21iCmQJsRQeDTSJBlzm0lWiU8Nys3ugM2KlERezfp8DkFGA3y\n" + "9Yzpq6gAi39ZK+LjopgGDkrQjxzBIaoe2bcDqB7X\n" + "-----END X509 CRL-----\n", + /* CA - cert_signing_key only */ "-----BEGIN CERTIFICATE-----\n" - "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwOTEzMDg1OTE2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7AVMcGmvenCAt\n" - "14Yi2zi6In2vjNakbzDfUa5xaG8oD73h4P8zP2TQqDmUBAAi5EdXoF5/crpgnGY3\n" - "oyUEFYnT7GTI/FO+RxZz9jCLvY3hpeuJcofsFny8n0ARL9WiFKuAEvrZkg+6V3Fh\n" - "TC9bCOFsGVTaLiUoi/nkD9IUgCkybFTqZM+8tLT4/gCMFNs9e0ANa5F+wtvS0bjy\n" - "LLozq6+XpzEXlL3UNKJq9cf02zHjb9ftlMDykRRkGPzppBSfOCJAMOX/BBNpWznJ\n" - "I1bg0m/6X3+SDO3j0PKLVc7BWWTnXXHb4rznwcRZm8zJiKKFE0GDOijzpT6Dl/gX\n" - "JI0lroeJAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" - "ADAdBgNVHQ4EFgQU57CEjuofZXikyrTofxxtI1dNwDMwDQYJKoZIhvcNAQELBQAD\n" - "ggEBALPFKXFauyO0R7Y+zhpiqYe1ms4qU9aprr/x4GMG4ByZ0i0FK8Kh+L5BsNQA\n" - "FsEMeEEmKTHKzkMHfvTJ6y/K6P9rTVY7W2MqlX8IXM02L3fg0zn7Xd9CtCG1nnzh\n" - "fQMf/K/9Xqiotjlrgo8noEZksGPIvDPXXY98dd0clGnBvw2HwiG4h+csr4i9y7CH\n" - "tpnTRJnfzdqDYIh8vnM0tIJbXbe5DBLHnmnx15FQB1apFNa87gdBHAnkHCXrV1vC\n" - "oZXEeUL/zW2ax+ALOglM82dwex2qV9jgcsWfq1Y2JBlVT1QPpbAooCnjvBhmPCjX\n" - "qYkVfApeRr4QAwwkLnyfSKNLHco=\n" "-----END CERTIFICATE-----\n" + "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwOTEzMDg1OTE2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7AVMcGmvenCAt\n" + "14Yi2zi6In2vjNakbzDfUa5xaG8oD73h4P8zP2TQqDmUBAAi5EdXoF5/crpgnGY3\n" + "oyUEFYnT7GTI/FO+RxZz9jCLvY3hpeuJcofsFny8n0ARL9WiFKuAEvrZkg+6V3Fh\n" + "TC9bCOFsGVTaLiUoi/nkD9IUgCkybFTqZM+8tLT4/gCMFNs9e0ANa5F+wtvS0bjy\n" + "LLozq6+XpzEXlL3UNKJq9cf02zHjb9ftlMDykRRkGPzppBSfOCJAMOX/BBNpWznJ\n" + "I1bg0m/6X3+SDO3j0PKLVc7BWWTnXXHb4rznwcRZm8zJiKKFE0GDOijzpT6Dl/gX\n" + "JI0lroeJAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQU57CEjuofZXikyrTofxxtI1dNwDMwDQYJKoZIhvcNAQELBQAD\n" + "ggEBALPFKXFauyO0R7Y+zhpiqYe1ms4qU9aprr/x4GMG4ByZ0i0FK8Kh+L5BsNQA\n" + "FsEMeEEmKTHKzkMHfvTJ6y/K6P9rTVY7W2MqlX8IXM02L3fg0zn7Xd9CtCG1nnzh\n" + "fQMf/K/9Xqiotjlrgo8noEZksGPIvDPXXY98dd0clGnBvw2HwiG4h+csr4i9y7CH\n" + "tpnTRJnfzdqDYIh8vnM0tIJbXbe5DBLHnmnx15FQB1apFNa87gdBHAnkHCXrV1vC\n" + "oZXEeUL/zW2ax+ALOglM82dwex2qV9jgcsWfq1Y2JBlVT1QPpbAooCnjvBhmPCjX\n" + "qYkVfApeRr4QAwwkLnyfSKNLHco=\n" + "-----END CERTIFICATE-----\n" }; static const char *simple1_fail[] = { -/* CRL */ + /* CRL */ "-----BEGIN X509 CRL-----\n" - "MIIBmjCBgwIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0wGA8yMDE0\n" - "MDkxMzA4NTkxNloYDzIwMTUwOTEzMDg1OTE2WjAAoDowODAfBgNVHSMEGDAWgBTn\n" - "sISO6h9leKTKtOh/HG0jV03AMzAVBgNVHRQEDgIMVBQHZC2mj6EAgMPSMA0GCSqG\n" - "SIb3DQEBCwUAA4IBAQBHUgtxpOn8EHwlajVYoOh6DFCwIoxBIeUA4518W1cHoV7J\n" - "KMif6lmJRodrcbienDX781QcOaQcNnuu/oBEcoBdbZa0VICzXekIteSwEgGsbRve\n" - "QQFPnZn83I4btse1ly5fdxMsliSM+qRwIyNR18VHXZz9GWYrr4tYWnI2b9XrDnaC\n" - "1b3Ywt7I9pNi0/O0C0rE/37/VvPx6HghnC+un7LtT0Y0n+FQP7dhlMvzHaR8wVxs\n" - "WAzaNvSiJ1rVPzL21iCmQJsRQeDTSJBlzm0lWiU8Nys3ugM2KlERezfp8DkFGA3y\n" - "9Yzpq6gAi39ZK+LjopgGDkrQjxzBIaoe2bcDqB7X\n" - "-----END X509 CRL-----\n", -/* CA (unrelated to CRL) */ + "MIIBmjCBgwIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0wGA8yMDE0\n" + "MDkxMzA4NTkxNloYDzIwMTUwOTEzMDg1OTE2WjAAoDowODAfBgNVHSMEGDAWgBTn\n" + "sISO6h9leKTKtOh/HG0jV03AMzAVBgNVHRQEDgIMVBQHZC2mj6EAgMPSMA0GCSqG\n" + "SIb3DQEBCwUAA4IBAQBHUgtxpOn8EHwlajVYoOh6DFCwIoxBIeUA4518W1cHoV7J\n" + "KMif6lmJRodrcbienDX781QcOaQcNnuu/oBEcoBdbZa0VICzXekIteSwEgGsbRve\n" + "QQFPnZn83I4btse1ly5fdxMsliSM+qRwIyNR18VHXZz9GWYrr4tYWnI2b9XrDnaC\n" + "1b3Ywt7I9pNi0/O0C0rE/37/VvPx6HghnC+un7LtT0Y0n+FQP7dhlMvzHaR8wVxs\n" + "WAzaNvSiJ1rVPzL21iCmQJsRQeDTSJBlzm0lWiU8Nys3ugM2KlERezfp8DkFGA3y\n" + "9Yzpq6gAi39ZK+LjopgGDkrQjxzBIaoe2bcDqB7X\n" + "-----END X509 CRL-----\n", + /* CA (unrelated to CRL) */ "-----BEGIN CERTIFICATE-----\n" - "MIIDFTCCAf2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwODI2MTEwODUyWhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+iPUnEs+qmj2U\n" - "Rz8plNAE/CpeUxUfNNVonluu4DzulsxAJMN78g+Oqx+ggdkECZxHLISkzErMgiuv\n" - "bG+nr9yxjyHH2YoOAgzgknar5JkOBkKp1bIvyA950ZSygMFEHX1qoaM+F/1/DKjG\n" - "NmMCNUpR0c4m+K22s72LnrpMLMmCZU0fnqngb1+F+iZE6emhcX5Z5D0QTJTAeiYK\n" - "ArnO0rpVEvU0o3nwe3dDrT0YyoCYrzCsCOKUa2wFtkOzLZKJbMBRMflL+fBmtj/Q\n" - "7xUe7ox62ZEqSD7W+Po48/mIuSOhx7u+yToBZ60wKGz9OkQ/JwykkK5ZgI+nPWGT\n" - "1au1K4V7AgMBAAGjeDB2MA8GA1UdEwEB/wQFMAMBAf8wEgYDVR0eAQH/BAgwBqEE\n" - "MAKCADAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBSgAJcc9Q5KDpAhkrMORPJS\n" - "boq3vzAfBgNVHSMEGDAWgBQ/lKQpHoyEFz7J+Wn6eT5qxgYQpjANBgkqhkiG9w0B\n" - "AQsFAAOCAQEAoMeZ0cnHes8bWRHLvrGc6wpwVnxYx2CBF9Xd3k4YMNunwBF9oM+T\n" - "ZYSMo4k7C1XZ154avBIyiCne3eU7/oHG1nkqY9ndN5LMyL8KFOniETBY3BdKtlGA\n" - "N+pDiQsrWG6mtqQ+kHFJICnGEDDByGB2eH+oAS+8gNtSfamLuTWYMI6ANjA9OWan\n" - "rkIA7ta97UiH2flvKRctqvZ0n6Vp3n3aUc53FkAbTnxOCBNCBx/veCgD/r74WbcY\n" - "jiwh2RE//3D3Oo7zhUlwQEWQSa/7poG5e6bl7oj4JYjpwSmESCYokT83Iqeb9lwO\n" - "D+dr9zs1tCudW9xz3sUg6IBXhZ4UvegTNg==\n" - "-----END CERTIFICATE-----\n" + "MIIDFTCCAf2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwODI2MTEwODUyWhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+iPUnEs+qmj2U\n" + "Rz8plNAE/CpeUxUfNNVonluu4DzulsxAJMN78g+Oqx+ggdkECZxHLISkzErMgiuv\n" + "bG+nr9yxjyHH2YoOAgzgknar5JkOBkKp1bIvyA950ZSygMFEHX1qoaM+F/1/DKjG\n" + "NmMCNUpR0c4m+K22s72LnrpMLMmCZU0fnqngb1+F+iZE6emhcX5Z5D0QTJTAeiYK\n" + "ArnO0rpVEvU0o3nwe3dDrT0YyoCYrzCsCOKUa2wFtkOzLZKJbMBRMflL+fBmtj/Q\n" + "7xUe7ox62ZEqSD7W+Po48/mIuSOhx7u+yToBZ60wKGz9OkQ/JwykkK5ZgI+nPWGT\n" + "1au1K4V7AgMBAAGjeDB2MA8GA1UdEwEB/wQFMAMBAf8wEgYDVR0eAQH/BAgwBqEE\n" + "MAKCADAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBSgAJcc9Q5KDpAhkrMORPJS\n" + "boq3vzAfBgNVHSMEGDAWgBQ/lKQpHoyEFz7J+Wn6eT5qxgYQpjANBgkqhkiG9w0B\n" + "AQsFAAOCAQEAoMeZ0cnHes8bWRHLvrGc6wpwVnxYx2CBF9Xd3k4YMNunwBF9oM+T\n" + "ZYSMo4k7C1XZ154avBIyiCne3eU7/oHG1nkqY9ndN5LMyL8KFOniETBY3BdKtlGA\n" + "N+pDiQsrWG6mtqQ+kHFJICnGEDDByGB2eH+oAS+8gNtSfamLuTWYMI6ANjA9OWan\n" + "rkIA7ta97UiH2flvKRctqvZ0n6Vp3n3aUc53FkAbTnxOCBNCBx/veCgD/r74WbcY\n" + "jiwh2RE//3D3Oo7zhUlwQEWQSa/7poG5e6bl7oj4JYjpwSmESCYokT83Iqeb9lwO\n" + "D+dr9zs1tCudW9xz3sUg6IBXhZ4UvegTNg==\n" + "-----END CERTIFICATE-----\n" }; static struct { @@ -172,23 +175,22 @@ static struct { const char **ca; unsigned int verify_flags; unsigned int expected_verify_result; -} crl_list[] = { - {"simple-success", &simple1[0], &simple1[1], - 0, 0}, - {"simple-constraints", &simple1_constraints[0], &simple1_constraints[1], - 0, GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE | GNUTLS_CERT_INVALID}, - {"simple-broken", &simple1_broken[0], &simple1_broken[1], - 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNATURE_FAILURE}, - {"simple-fail", &simple1_fail[0], &simple1_fail[1], - 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND}, - {NULL, NULL, NULL, 0, 0} -}; +} crl_list[] = { { "simple-success", &simple1[0], &simple1[1], 0, 0 }, + { "simple-constraints", &simple1_constraints[0], + &simple1_constraints[1], 0, + GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE | + GNUTLS_CERT_INVALID }, + { "simple-broken", &simple1_broken[0], &simple1_broken[1], 0, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNATURE_FAILURE }, + { "simple-fail", &simple1_fail[0], &simple1_fail[1], 0, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND }, + { NULL, NULL, NULL, 0, 0 } }; /* GnuTLS internally calls time() to find out the current time when verifying certificates. To avoid a time bomb, we hard code the current time. This should work fine on systems where the library call to time is resolved at run-time. */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1410599367; @@ -233,7 +235,6 @@ void doit(void) gnutls_global_set_log_level(4711); for (i = 0; crl_list[i].name; i++) { - if (debug) printf("Chain '%s' (%d)...\n", crl_list[i].name, (int)i); @@ -243,8 +244,7 @@ void doit(void) ret = gnutls_x509_crl_init(&crl); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crl_init[%d]: %s\n", + fprintf(stderr, "gnutls_x509_crl_init[%d]: %s\n", (int)i, gnutls_strerror(ret)); exit(1); } @@ -256,8 +256,7 @@ void doit(void) if (debug > 2) printf("done\n"); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crl_import[%s]: %s\n", + fprintf(stderr, "gnutls_x509_crl_import[%s]: %s\n", crl_list[i].name, gnutls_strerror(ret)); exit(1); } @@ -298,27 +297,24 @@ void doit(void) if (debug) printf("\tVerifying..."); - ret = - gnutls_x509_crl_verify(crl, &ca, 1, - crl_list[i].verify_flags, - &verify_status); + ret = gnutls_x509_crl_verify( + crl, &ca, 1, crl_list[i].verify_flags, &verify_status); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_list_verify[%d]: %s\n", + fprintf(stderr, "gnutls_x509_crt_list_verify[%d]: %s\n", (int)i, gnutls_strerror(ret)); exit(1); } if (verify_status != crl_list[i].expected_verify_result) { gnutls_datum_t out1, out2; - gnutls_certificate_verification_status_print - (verify_status, GNUTLS_CRT_X509, &out1, 0); - gnutls_certificate_verification_status_print(crl_list - [i]. - expected_verify_result, - GNUTLS_CRT_X509, - &out2, 0); - fail("chain[%s]:\nverify_status: %d: %s\nexpected: %d: %s\n", crl_list[i].name, verify_status, out1.data, crl_list[i].expected_verify_result, out2.data); + gnutls_certificate_verification_status_print( + verify_status, GNUTLS_CRT_X509, &out1, 0); + gnutls_certificate_verification_status_print( + crl_list[i].expected_verify_result, + GNUTLS_CRT_X509, &out2, 0); + fail("chain[%s]:\nverify_status: %d: %s\nexpected: %d: %s\n", + crl_list[i].name, verify_status, out1.data, + crl_list[i].expected_verify_result, out2.data); gnutls_free(out1.data); gnutls_free(out2.data); @@ -336,10 +332,9 @@ void doit(void) } /* make sure that the two functions don't diverge */ - ret = - gnutls_x509_trust_list_add_crls(tl, &crl, 1, - GNUTLS_TL_VERIFY_CRL, - crl_list[i].verify_flags); + ret = gnutls_x509_trust_list_add_crls(tl, &crl, 1, + GNUTLS_TL_VERIFY_CRL, + crl_list[i].verify_flags); if (crl_list[i].expected_verify_result == 0 && ret < 0) { fprintf(stderr, "gnutls_x509_trust_list_add_crls[%d]: %s\n", diff --git a/tests/crq-basic.c b/tests/crq-basic.c index ff8c3ef49b..c939e67f1b 100644 --- a/tests/crq-basic.c +++ b/tests/crq-basic.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,40 +33,42 @@ #include "utils.h" static const char csr1[] = - "-----BEGIN CERTIFICATE REQUEST-----\n" - "MIICrDCCAZQCAQAwZzELMAkGA1UEBhMCTk4xMTAvBgNVBAoMKEVkZWwgQ3VybCBB\n" - "cmN0aWMgSWxsdWRpdW0gUmVzZWFyY2ggQ2xvdWQxJTAjBgNVBAMMHE5vdGhlcm4g\n" - "Tm93aGVyZSBUcnVzdCBBbmNob3IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" - "AoIBAQDBqQrvdgZ9/ng68Q5AbcJbro+Nf/DViZ5CKvAXlNkuZ8ctARyVo7GmhtQS\n" - "PEc6cOZ7HxEG03Ou38okGQPkYgrrZ9Tc750t4IJ3/iowWvtX5bhPNlJML1etEmqU\n" - "PuRIp62lwDrQTgCZiI+9SnC+O1tr/15vKW0Mp1VK4kPnSQ+ZVFlogTTYqfvIDRRa\n" - "QMtwHvU7wEI5BvljrdkpFFOvQhAdGJW2FYrYQdg3MQqXWhsQkKwd/25xM2t+iBgg\n" - "7b41/+dpSAXAeC4ERvTCjU1wbkL6k+vOEjvR9c4/KVyMvVmD5KHBPI4+OFXzmRiw\n" - "3/Z0yY4o9DgNRSDW28BzouaMbpifAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEA\n" - "eFMy55kFke/e9mrGloRUh1o8dxmzSiVwVCw5DTZQzTFNAMSOZXIId8k2IeHSUd84\n" - "ZyJ1UNyJn2EFcwgaYaMtvZ8xMWR2W0C7lBvOOcjvWmiGze9F2Z5XMQzL8cjkK4jW\n" - "RKIq9b0W6TC8lLO5F2eJpW6BoTQ8cBCDiVIDlCm7xZxPRjHowuyM0Tpewq2PltC1\n" - "p8DbQipZWl5LPaHBSZSmIuUgOBU9porH/Vn0oWXxYfts59103VJY5YKkdz0PiqqA\n" - "5kWYCMFDZyL+nZ2aIol4r8nXkN9MuPOU12aHqPGcDlaGS2i5zfm2Ywsg110k+NCk\n" - "AmqhjnrQjvJhif3rGO4+qw==\n" "-----END CERTIFICATE REQUEST-----\n"; + "-----BEGIN CERTIFICATE REQUEST-----\n" + "MIICrDCCAZQCAQAwZzELMAkGA1UEBhMCTk4xMTAvBgNVBAoMKEVkZWwgQ3VybCBB\n" + "cmN0aWMgSWxsdWRpdW0gUmVzZWFyY2ggQ2xvdWQxJTAjBgNVBAMMHE5vdGhlcm4g\n" + "Tm93aGVyZSBUcnVzdCBBbmNob3IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQDBqQrvdgZ9/ng68Q5AbcJbro+Nf/DViZ5CKvAXlNkuZ8ctARyVo7GmhtQS\n" + "PEc6cOZ7HxEG03Ou38okGQPkYgrrZ9Tc750t4IJ3/iowWvtX5bhPNlJML1etEmqU\n" + "PuRIp62lwDrQTgCZiI+9SnC+O1tr/15vKW0Mp1VK4kPnSQ+ZVFlogTTYqfvIDRRa\n" + "QMtwHvU7wEI5BvljrdkpFFOvQhAdGJW2FYrYQdg3MQqXWhsQkKwd/25xM2t+iBgg\n" + "7b41/+dpSAXAeC4ERvTCjU1wbkL6k+vOEjvR9c4/KVyMvVmD5KHBPI4+OFXzmRiw\n" + "3/Z0yY4o9DgNRSDW28BzouaMbpifAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEA\n" + "eFMy55kFke/e9mrGloRUh1o8dxmzSiVwVCw5DTZQzTFNAMSOZXIId8k2IeHSUd84\n" + "ZyJ1UNyJn2EFcwgaYaMtvZ8xMWR2W0C7lBvOOcjvWmiGze9F2Z5XMQzL8cjkK4jW\n" + "RKIq9b0W6TC8lLO5F2eJpW6BoTQ8cBCDiVIDlCm7xZxPRjHowuyM0Tpewq2PltC1\n" + "p8DbQipZWl5LPaHBSZSmIuUgOBU9porH/Vn0oWXxYfts59103VJY5YKkdz0PiqqA\n" + "5kWYCMFDZyL+nZ2aIol4r8nXkN9MuPOU12aHqPGcDlaGS2i5zfm2Ywsg110k+NCk\n" + "AmqhjnrQjvJhif3rGO4+qw==\n" + "-----END CERTIFICATE REQUEST-----\n"; static const char csr2[] = - "-----BEGIN NEW CERTIFICATE REQUEST-----\n" - "MIICrjCCAZYCAQAwJDEiMCAGA1UEAxMZZGhjcC0yLTEyNy5icnEucmVkaGF0LmNv\n" - "bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANiEAXIHON8p4YpVRH+X\n" - "OM546stpyzL5xKdxbRUlfK0pWoqm3iqenRUf43eb9W8RDTx6UhuY21RFETzlYT4r\n" - "+yVXOlvm8K5FLepNcjbqDJb9hngFm2q8u+OM3GKBiyeH43lUMC6/YksqPeEzsmKD\n" - "UlD7rkm9CK8GRyXEsCruFaQ0VA8XB6XK9Av/jfOrGT/gTdmNGKu/fZmoJsjBJh+g\n" - "Yobsi60YyWeuXw2s5zVga73cK1v0JG2ltjZy0M7qSO+CCJa24huO8uvJ4GPOfi/Q\n" - "MPZbsHaZAqrHLQQMfxXJ73gXq7FLIMnCcstWfiagE5QlFZUGj9AnicgiCpMTZMIq\n" - "miECAwEAAaBFMBMGCSqGSIb3DQEJBzEGEwQxMjM0MC4GCSqGSIb3DQEJDjEhMB8w\n" - "DAYDVR0TAQH/BAIwADAPBgNVHQ8BAf8EBQMDB6AAMA0GCSqGSIb3DQEBCwUAA4IB\n" - "AQAqYOqsS3xnfEzLIis3krcjzHGykXxfvnyREDijBIqyXF10lSrmb2byvoIfOuoc\n" - "pSmdT8MaIUTmKnZI4+htEPYcsAMwF2cXL1D2kvJhE0EKHbmv1E0QbJWmbnVz99bs\n" - "GIcFN1die0SYHLgf64bOxKOyq5V8hAaE/lS2yLT7Tf/6+nweYOuE9ONH7KD7zpQo\n" - "LyhsjhH0px75Ftej+yQWEElfokZrNu7iHuwcue3efySlMfpT9G/p4MhQQjFQySkK\n" - "ev17H0d3KBdtcqWjxaS3jDAzmuz6SZwdUxSDkWuqchyAozeBpI+SbIPOgfKHsYc+\n" - "yRKga0201rRJi4NKvt8iqj5r\n" "-----END NEW CERTIFICATE REQUEST-----\n"; + "-----BEGIN NEW CERTIFICATE REQUEST-----\n" + "MIICrjCCAZYCAQAwJDEiMCAGA1UEAxMZZGhjcC0yLTEyNy5icnEucmVkaGF0LmNv\n" + "bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANiEAXIHON8p4YpVRH+X\n" + "OM546stpyzL5xKdxbRUlfK0pWoqm3iqenRUf43eb9W8RDTx6UhuY21RFETzlYT4r\n" + "+yVXOlvm8K5FLepNcjbqDJb9hngFm2q8u+OM3GKBiyeH43lUMC6/YksqPeEzsmKD\n" + "UlD7rkm9CK8GRyXEsCruFaQ0VA8XB6XK9Av/jfOrGT/gTdmNGKu/fZmoJsjBJh+g\n" + "Yobsi60YyWeuXw2s5zVga73cK1v0JG2ltjZy0M7qSO+CCJa24huO8uvJ4GPOfi/Q\n" + "MPZbsHaZAqrHLQQMfxXJ73gXq7FLIMnCcstWfiagE5QlFZUGj9AnicgiCpMTZMIq\n" + "miECAwEAAaBFMBMGCSqGSIb3DQEJBzEGEwQxMjM0MC4GCSqGSIb3DQEJDjEhMB8w\n" + "DAYDVR0TAQH/BAIwADAPBgNVHQ8BAf8EBQMDB6AAMA0GCSqGSIb3DQEBCwUAA4IB\n" + "AQAqYOqsS3xnfEzLIis3krcjzHGykXxfvnyREDijBIqyXF10lSrmb2byvoIfOuoc\n" + "pSmdT8MaIUTmKnZI4+htEPYcsAMwF2cXL1D2kvJhE0EKHbmv1E0QbJWmbnVz99bs\n" + "GIcFN1die0SYHLgf64bOxKOyq5V8hAaE/lS2yLT7Tf/6+nweYOuE9ONH7KD7zpQo\n" + "LyhsjhH0px75Ftej+yQWEElfokZrNu7iHuwcue3efySlMfpT9G/p4MhQQjFQySkK\n" + "ev17H0d3KBdtcqWjxaS3jDAzmuz6SZwdUxSDkWuqchyAozeBpI+SbIPOgfKHsYc+\n" + "yRKga0201rRJi4NKvt8iqj5r\n" + "-----END NEW CERTIFICATE REQUEST-----\n"; static struct { const char *name; @@ -76,25 +78,25 @@ static struct { const char *sign_oid; unsigned pk_algo; const char *pk_oid; -} crq_list[] = { - {.name = "crl-1", - .crq = csr1, - .sign_algo = GNUTLS_SIGN_RSA_SHA256, - .sign_oid = "1.2.840.113549.1.1.11", - .pk_algo = GNUTLS_PK_RSA, - .pk_oid = "1.2.840.113549.1.1.1", - .version = 1, - }, - {.name = "crl-2", - .crq = csr2, - .sign_algo = GNUTLS_SIGN_RSA_SHA256, - .sign_oid = "1.2.840.113549.1.1.11", - .pk_algo = GNUTLS_PK_RSA, - .pk_oid = "1.2.840.113549.1.1.1", - .version = 1, - }, - {NULL, NULL, 0, 0} -}; +} crq_list[] = { { + .name = "crl-1", + .crq = csr1, + .sign_algo = GNUTLS_SIGN_RSA_SHA256, + .sign_oid = "1.2.840.113549.1.1.11", + .pk_algo = GNUTLS_PK_RSA, + .pk_oid = "1.2.840.113549.1.1.1", + .version = 1, + }, + { + .name = "crl-2", + .crq = csr2, + .sign_algo = GNUTLS_SIGN_RSA_SHA256, + .sign_oid = "1.2.840.113549.1.1.11", + .pk_algo = GNUTLS_PK_RSA, + .pk_oid = "1.2.840.113549.1.1.1", + .version = 1, + }, + { NULL, NULL, 0, 0 } }; static void tls_log_func(int level, const char *str) { @@ -122,7 +124,6 @@ void doit(void) gnutls_global_set_log_level(4711); for (i = 0; crq_list[i].name; i++) { - if (debug) printf("Chain '%s' (%d)...\n", crq_list[i].name, (int)i); @@ -132,8 +133,7 @@ void doit(void) ret = gnutls_x509_crq_init(&crq); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crq_init[%d]: %s\n", + fprintf(stderr, "gnutls_x509_crq_init[%d]: %s\n", (int)i, gnutls_strerror(ret)); exit(1); } @@ -145,8 +145,7 @@ void doit(void) if (debug > 2) printf("done\n"); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crq_import[%s]: %s\n", + fprintf(stderr, "gnutls_x509_crq_import[%s]: %s\n", crq_list[i].name, gnutls_strerror(ret)); exit(1); } @@ -158,19 +157,22 @@ void doit(void) ret = gnutls_x509_crq_get_signature_algorithm(crq); if (ret != (int)crq_list[i].sign_algo) { - fail("%s: error extracting signature algorithm: %d/%s\n", crq_list[i].name, ret, gnutls_strerror(ret)); + fail("%s: error extracting signature algorithm: %d/%s\n", + crq_list[i].name, ret, gnutls_strerror(ret)); exit(1); } oid_size = sizeof(oid); ret = gnutls_x509_crq_get_signature_oid(crq, oid, &oid_size); if (ret < 0) { - fail("%s: error extracting signature algorithm OID: %s\n", crq_list[i].name, gnutls_strerror(ret)); + fail("%s: error extracting signature algorithm OID: %s\n", + crq_list[i].name, gnutls_strerror(ret)); exit(1); } if (strcmp(oid, crq_list[i].sign_oid) != 0) { - fail("%s: error on the extracted signature algorithm: %s\n", crq_list[i].name, oid); + fail("%s: error on the extracted signature algorithm: %s\n", + crq_list[i].name, oid); exit(1); } diff --git a/tests/crq_apis.c b/tests/crq_apis.c index f41eacd8c4..ce91ac12d0 100644 --- a/tests/crq_apis.c +++ b/tests/crq_apis.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -38,42 +38,43 @@ static void tls_log_func(int level, const char *str) } static unsigned char saved_crq_pem[] = - "-----BEGIN NEW CERTIFICATE REQUEST-----\n" - "MIICSDCCAbECAQAwKzEOMAwGA1UEAxMFbmlrb3MxGTAXBgNVBAoTEG5vbmUgdG8s\n" - "IG1lbnRpb24wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALtmQ/Xyxde2jMzF\n" - "3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeLZIkiW8DdU3w77XwEu4C5\n" - "KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKNzj2AC41179gAgY8oBAOg\n" - "Io1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGggdwwEgYJKoZIhvcNAQkHMQUTA2Zv\n" - "bzCBxQYJKoZIhvcNAQkOMYG3MIG0MA8GA1UdEwEB/wQFMAMCAQAwDQYDVR0PAQH/\n" - "BAMDAQAwIwYDVR0RBBwwGoIDYXBhggNmb2+CDnhuLS1reGF3aGsuY29tMB0GA1Ud\n" - "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjALBgQqAwQFBAPK/v8wFAYILQOCiPS5\n" - "FwUBAf8EBcr+//r+MCsGA1UdEAQkMCKADzIwMTkwNzA5MDQyODI2WoEPMjAxOTA3\n" - "MDkwNzE1MDZaMA0GCSqGSIb3DQEBCwUAA4GBAD5WboLhAYvbStlK1UwvB4b2vmJP\n" - "mfl7S/VmaeBFX8w0lpZTCTCRuB0WJek6YPfXyRsUUJsjWElZeEE0N8V+eQ3oz4um\n" - "N2QCk4Zrc5FRyCkKUe+qaqQhB1ho01ZQDMgkj2B10tubhdrKf17QCzgKEp+5VR46\n" - "Bme4HDJqbHlH+O0y\n" "-----END NEW CERTIFICATE REQUEST-----\n"; + "-----BEGIN NEW CERTIFICATE REQUEST-----\n" + "MIICSDCCAbECAQAwKzEOMAwGA1UEAxMFbmlrb3MxGTAXBgNVBAoTEG5vbmUgdG8s\n" + "IG1lbnRpb24wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALtmQ/Xyxde2jMzF\n" + "3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeLZIkiW8DdU3w77XwEu4C5\n" + "KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKNzj2AC41179gAgY8oBAOg\n" + "Io1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGggdwwEgYJKoZIhvcNAQkHMQUTA2Zv\n" + "bzCBxQYJKoZIhvcNAQkOMYG3MIG0MA8GA1UdEwEB/wQFMAMCAQAwDQYDVR0PAQH/\n" + "BAMDAQAwIwYDVR0RBBwwGoIDYXBhggNmb2+CDnhuLS1reGF3aGsuY29tMB0GA1Ud\n" + "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjALBgQqAwQFBAPK/v8wFAYILQOCiPS5\n" + "FwUBAf8EBcr+//r+MCsGA1UdEAQkMCKADzIwMTkwNzA5MDQyODI2WoEPMjAxOTA3\n" + "MDkwNzE1MDZaMA0GCSqGSIb3DQEBCwUAA4GBAD5WboLhAYvbStlK1UwvB4b2vmJP\n" + "mfl7S/VmaeBFX8w0lpZTCTCRuB0WJek6YPfXyRsUUJsjWElZeEE0N8V+eQ3oz4um\n" + "N2QCk4Zrc5FRyCkKUe+qaqQhB1ho01ZQDMgkj2B10tubhdrKf17QCzgKEp+5VR46\n" + "Bme4HDJqbHlH+O0y\n" + "-----END NEW CERTIFICATE REQUEST-----\n"; const gnutls_datum_t saved_crq = { saved_crq_pem, sizeof(saved_crq_pem) - 1 }; static unsigned char key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" - "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" - "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" - "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" - "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" - "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" - "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" - "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" - "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" - "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" - "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" - "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" - "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" + "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" + "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" + "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" + "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" + "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" + "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" + "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" + "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" + "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" + "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" + "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" + "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" + "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t key = { key_pem, sizeof(key_pem) - 1 }; -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1207000800; @@ -137,9 +138,8 @@ static gnutls_x509_crq_t generate_crq(void) fail("%d: gnutls_x509_crq_get_challenge_password %d: %s\n", __LINE__, ret, gnutls_strerror(ret)); - ret = - gnutls_x509_crq_set_dn(crq, "o = none to\\, mention,cn = nikos", - &err); + ret = gnutls_x509_crq_set_dn(crq, "o = none to\\, mention,cn = nikos", + &err); if (ret < 0) { fail("gnutls_x509_crq_set_dn: %s, %s\n", gnutls_strerror(ret), err); @@ -152,7 +152,8 @@ static gnutls_x509_crq_t generate_crq(void) s = 0; ret = gnutls_x509_crq_get_challenge_password(crq, NULL, &s); if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER || s != 4) - fail("%d: gnutls_x509_crq_get_challenge_password %d: %s (passlen: %d)\n", __LINE__, ret, gnutls_strerror(ret), (int)s); + fail("%d: gnutls_x509_crq_get_challenge_password %d: %s (passlen: %d)\n", + __LINE__, ret, gnutls_strerror(ret), (int)s); s = 10; ret = gnutls_x509_crq_get_challenge_password(crq, smallbuf, &s); @@ -170,15 +171,13 @@ static gnutls_x509_crq_t generate_crq(void) if (ret != 0) fail("gnutls_x509_crq_get_extension_data\n"); - ret = gnutls_x509_crq_set_subject_alt_name(crq, GNUTLS_SAN_DNSNAME, - "foo", 3, - GNUTLS_FSAN_APPEND); + ret = gnutls_x509_crq_set_subject_alt_name( + crq, GNUTLS_SAN_DNSNAME, "foo", 3, GNUTLS_FSAN_APPEND); if (ret != 0) fail("gnutls_x509_crq_set_subject_alt_name\n"); - ret = gnutls_x509_crq_set_subject_alt_name(crq, GNUTLS_SAN_DNSNAME, - "bar", 3, - GNUTLS_FSAN_APPEND); + ret = gnutls_x509_crq_set_subject_alt_name( + crq, GNUTLS_SAN_DNSNAME, "bar", 3, GNUTLS_FSAN_APPEND); if (ret != 0) fail("gnutls_x509_crq_set_subject_alt_name\n"); @@ -187,9 +186,8 @@ static gnutls_x509_crq_t generate_crq(void) if (ret != 0) fail("gnutls_x509_crq_set_subject_alt_name\n"); - ret = gnutls_x509_crq_set_subject_alt_name(crq, GNUTLS_SAN_DNSNAME, - "foo", 3, - GNUTLS_FSAN_APPEND); + ret = gnutls_x509_crq_set_subject_alt_name( + crq, GNUTLS_SAN_DNSNAME, "foo", 3, GNUTLS_FSAN_APPEND); if (ret != 0) fail("gnutls_x509_crq_set_subject_alt_name\n"); @@ -213,9 +211,8 @@ static gnutls_x509_crq_t generate_crq(void) fail("gnutls_x509_crq_get_key_purpose_oid %d\n", ret); s = 0; - ret = - gnutls_x509_crq_set_key_purpose_oid(crq, - GNUTLS_KP_TLS_WWW_SERVER, 0); + ret = gnutls_x509_crq_set_key_purpose_oid(crq, GNUTLS_KP_TLS_WWW_SERVER, + 0); if (ret != 0) fail("gnutls_x509_crq_set_key_purpose_oid %d\n", ret); @@ -225,9 +222,8 @@ static gnutls_x509_crq_t generate_crq(void) fail("gnutls_x509_crq_get_key_purpose_oid %d\n", ret); s = 0; - ret = - gnutls_x509_crq_set_key_purpose_oid(crq, - GNUTLS_KP_TLS_WWW_CLIENT, 1); + ret = gnutls_x509_crq_set_key_purpose_oid(crq, GNUTLS_KP_TLS_WWW_CLIENT, + 1); if (ret != 0) fail("gnutls_x509_crq_set_key_purpose_oid2 %d\n", ret); @@ -236,16 +232,14 @@ static gnutls_x509_crq_t generate_crq(void) #define EXT_DATA1 "\xCA\xFE\xFF" #define EXT_DATA2 "\xCA\xFE\xFF\xFA\xFE" /* test writing arbitrary extensions */ - ret = - gnutls_x509_crq_set_extension_by_oid(crq, EXT_ID1, EXT_DATA1, - sizeof(EXT_DATA1) - 1, 0); + ret = gnutls_x509_crq_set_extension_by_oid(crq, EXT_ID1, EXT_DATA1, + sizeof(EXT_DATA1) - 1, 0); if (ret != 0) fail("gnutls_x509_crq_set_extension_by_oid %s\n", gnutls_strerror(ret)); - ret = - gnutls_x509_crq_set_extension_by_oid(crq, EXT_ID2, EXT_DATA2, - sizeof(EXT_DATA2) - 1, 1); + ret = gnutls_x509_crq_set_extension_by_oid(crq, EXT_ID2, EXT_DATA2, + sizeof(EXT_DATA2) - 1, 1); if (ret != 0) fail("gnutls_x509_crq_set_extension_by_oid %s\n", gnutls_strerror(ret)); @@ -269,14 +263,14 @@ static gnutls_x509_crq_t generate_crq(void) /* test reading the arb. extensions */ crit = -1; - ret = - gnutls_x509_crq_get_extension_by_oid2(crq, EXT_ID1, 0, &out, &crit); + ret = gnutls_x509_crq_get_extension_by_oid2(crq, EXT_ID1, 0, &out, + &crit); if (ret < 0) fail("gnutls_x509_crq_get_extension_by_oid2: %s\n", gnutls_strerror(ret)); - if (out.size != sizeof(EXT_DATA1) - 1 - || memcmp(out.data, EXT_DATA1, out.size) != 0) { + if (out.size != sizeof(EXT_DATA1) - 1 || + memcmp(out.data, EXT_DATA1, out.size) != 0) { fail("ext1 doesn't match\n"); } if (crit != 0) { @@ -285,14 +279,14 @@ static gnutls_x509_crq_t generate_crq(void) gnutls_free(out.data); crit = -1; - ret = - gnutls_x509_crq_get_extension_by_oid2(crq, EXT_ID2, 0, &out, &crit); + ret = gnutls_x509_crq_get_extension_by_oid2(crq, EXT_ID2, 0, &out, + &crit); if (ret < 0) fail("gnutls_x509_crq_get_extension_by_oid2: %s\n", gnutls_strerror(ret)); - if (out.size != sizeof(EXT_DATA2) - 1 - || memcmp(out.data, EXT_DATA2, out.size) != 0) { + if (out.size != sizeof(EXT_DATA2) - 1 || + memcmp(out.data, EXT_DATA2, out.size) != 0) { fail("ext2 doesn't match\n"); } if (crit != 1) { @@ -344,8 +338,8 @@ static void test_crq(gnutls_x509_crq_t crq) assert(pathlen == 0); s = sizeof(buf); - ret = - gnutls_x509_crq_get_subject_alt_name(crq, 0, buf, &s, &type, &crit); + ret = gnutls_x509_crq_get_subject_alt_name(crq, 0, buf, &s, &type, + &crit); assert(ret >= 0); assert(s == 3); assert(memcmp(buf, "apa", s) == 0); @@ -353,16 +347,16 @@ static void test_crq(gnutls_x509_crq_t crq) assert(crit == 0); s = sizeof(buf); - ret = - gnutls_x509_crq_get_subject_alt_name(crq, 1, buf, &s, &type, &crit); + ret = gnutls_x509_crq_get_subject_alt_name(crq, 1, buf, &s, &type, + &crit); assert(ret >= 0); assert(s == 3); assert(memcmp(buf, "foo", s) == 0); assert(type == GNUTLS_SAN_DNSNAME); assert(crit == 0); - ret = - gnutls_x509_crq_get_private_key_usage_period(crq, &t1, &t2, &crit); + ret = gnutls_x509_crq_get_private_key_usage_period(crq, &t1, &t2, + &crit); if (ret < 0) fail("gnutls_x509_crq_get_private_key_usage_period: %s\n", gnutls_strerror(ret)); @@ -408,9 +402,8 @@ static void run_set_extensions(gnutls_x509_crq_t crq) if (ret != 0) fail("gnutls_x509_crt_set_crq: %s\n", gnutls_strerror(ret)); - ret = - gnutls_x509_crt_set_issuer_dn(crt, "o = big\\, and one, cn = my CA", - &err); + ret = gnutls_x509_crt_set_issuer_dn( + crt, "o = big\\, and one, cn = my CA", &err); if (ret < 0) { fail("gnutls_x509_crt_set_issuer_dn: %s, %s\n", gnutls_strerror(ret), err); @@ -488,9 +481,8 @@ static void run_set_extension_by_oid(gnutls_x509_crq_t crq) if (ret != 0) fail("gnutls_x509_crt_set_crq: %s\n", gnutls_strerror(ret)); - ret = - gnutls_x509_crt_set_issuer_dn(crt, "o = big\\, and one,cn = my CA", - &err); + ret = gnutls_x509_crt_set_issuer_dn( + crt, "o = big\\, and one,cn = my CA", &err); if (ret < 0) { fail("gnutls_x509_crt_set_issuer_dn: %s, %s\n", gnutls_strerror(ret), err); @@ -500,10 +492,8 @@ static void run_set_extension_by_oid(gnutls_x509_crq_t crq) if (ret != 0) fail("gnutls_x509_crt_set_version\n"); - ret = - gnutls_x509_crt_set_crq_extension_by_oid(crt, crq, - GNUTLS_X509EXT_OID_EXTENDED_KEY_USAGE, - 0); + ret = gnutls_x509_crt_set_crq_extension_by_oid( + crt, crq, GNUTLS_X509EXT_OID_EXTENDED_KEY_USAGE, 0); if (ret != 0) fail("gnutls_x509_crt_set_crq_extension_by_oid\n"); @@ -521,22 +511,21 @@ static void run_set_extension_by_oid(gnutls_x509_crq_t crq) for (i = 0;; i++) { oid_size = sizeof(oid); - ret = - gnutls_x509_crq_get_extension_info(crq, i, oid, &oid_size, - NULL); + ret = gnutls_x509_crq_get_extension_info(crq, i, oid, &oid_size, + NULL); if (ret < 0) fail("loop: ext not found: %s\n", gnutls_strerror(ret)); if (strcmp(oid, GNUTLS_X509EXT_OID_EXTENDED_KEY_USAGE) == 0) { - ret = - gnutls_x509_crq_get_extension_data2(crq, 3, &out2); + ret = gnutls_x509_crq_get_extension_data2(crq, 3, + &out2); if (ret != 0) fail("gnutls_x509_crt_get_extension_data2\n"); break; } - } - if (out.size != out2.size || memcmp(out.data, out2.data, out.size) != 0) { + if (out.size != out2.size || + memcmp(out.data, out2.data, out.size) != 0) { fail("memcmp %d, %d\n", out.size, out2.size); } diff --git a/tests/crq_key_id.c b/tests/crq_key_id.c index 5c1bed5084..9c7aad3c7d 100644 --- a/tests/crq_key_id.c +++ b/tests/crq_key_id.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -61,7 +61,8 @@ void doit(void) if (debug) gnutls_global_set_log_level(4711); - for (algorithm = GNUTLS_PK_RSA; algorithm <= GNUTLS_PK_DSA; algorithm++) { + for (algorithm = GNUTLS_PK_RSA; algorithm <= GNUTLS_PK_DSA; + algorithm++) { ret = gnutls_x509_crq_init(&crq); if (ret < 0) fail("gnutls_x509_crq_init: %d: %s\n", ret, @@ -82,8 +83,8 @@ void doit(void) ret = gnutls_x509_privkey_generate(pkey, algorithm, 2048, 0); if (ret < 0) { fail("gnutls_x509_privkey_generate (%s): %d: %s\n", - gnutls_pk_algorithm_get_name(algorithm), - ret, gnutls_strerror(ret)); + gnutls_pk_algorithm_get_name(algorithm), ret, + gnutls_strerror(ret)); } else if (debug) { success("Key[%s] generation ok: %d\n", gnutls_pk_algorithm_get_name(algorithm), ret); @@ -93,15 +94,16 @@ void doit(void) ret = gnutls_x509_privkey_get_key_id(pkey, 0, pkey_key_id, &pkey_key_id_len); if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) { - fail("gnutls_x509_privkey_get_key_id incorrectly returns %d: %s\n", ret, gnutls_strerror(ret)); + fail("gnutls_x509_privkey_get_key_id incorrectly returns %d: %s\n", + ret, gnutls_strerror(ret)); } pkey_key_id = malloc(sizeof(unsigned char) * pkey_key_id_len); - ret = - gnutls_x509_privkey_get_key_id(pkey, 0, pkey_key_id, - &pkey_key_id_len); + ret = gnutls_x509_privkey_get_key_id(pkey, 0, pkey_key_id, + &pkey_key_id_len); if (ret != GNUTLS_E_SUCCESS) { - fail("gnutls_x509_privkey_get_key_id incorrectly returns %d: %s\n", ret, gnutls_strerror(ret)); + fail("gnutls_x509_privkey_get_key_id incorrectly returns %d: %s\n", + ret, gnutls_strerror(ret)); } ret = gnutls_x509_crq_set_version(crq, 1); @@ -116,10 +118,8 @@ void doit(void) gnutls_strerror(ret)); } - ret = - gnutls_x509_crq_set_dn_by_oid(crq, - GNUTLS_OID_X520_COMMON_NAME, - 0, "CN-Test", 7); + ret = gnutls_x509_crq_set_dn_by_oid( + crq, GNUTLS_OID_X520_COMMON_NAME, 0, "CN-Test", 7); if (ret < 0) { fail("gnutls_x509_crq_set_dn_by_oid: %d: %s\n", ret, gnutls_strerror(ret)); @@ -131,9 +131,8 @@ void doit(void) gnutls_strerror(ret)); } - ret = - gnutls_x509_crq_privkey_sign(crq, abs_pkey, - GNUTLS_DIG_SHA256, 0); + ret = gnutls_x509_crq_privkey_sign(crq, abs_pkey, + GNUTLS_DIG_SHA256, 0); if (ret < 0) { fail("gnutls_x509_crq_sign: %d: %s\n", ret, gnutls_strerror(ret)); @@ -146,19 +145,19 @@ void doit(void) } crq_key_id_len = 0; - ret = - gnutls_x509_crq_get_key_id(crq, 0, crq_key_id, - &crq_key_id_len); + ret = gnutls_x509_crq_get_key_id(crq, 0, crq_key_id, + &crq_key_id_len); if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) { - fail("gnutls_x509_crq_get_key_id incorrectly returns %d: %s\n", ret, gnutls_strerror(ret)); + fail("gnutls_x509_crq_get_key_id incorrectly returns %d: %s\n", + ret, gnutls_strerror(ret)); } crq_key_id = malloc(sizeof(unsigned char) * crq_key_id_len); - ret = - gnutls_x509_crq_get_key_id(crq, 0, crq_key_id, - &crq_key_id_len); + ret = gnutls_x509_crq_get_key_id(crq, 0, crq_key_id, + &crq_key_id_len); if (ret != GNUTLS_E_SUCCESS) { - fail("gnutls_x509_crq_get_key_id incorrectly returns %d: %s\n", ret, gnutls_strerror(ret)); + fail("gnutls_x509_crq_get_key_id incorrectly returns %d: %s\n", + ret, gnutls_strerror(ret)); } if (crq_key_id_len == pkey_key_id_len) { diff --git a/tests/crt_apis.c b/tests/crt_apis.c index b985214e15..dab14704e8 100644 --- a/tests/crt_apis.c +++ b/tests/crt_apis.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -37,20 +37,21 @@ #include "cert-common.h" static unsigned char saved_crt_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICWTCCAcKgAwIBAgIDChEAMA0GCSqGSIb3DQEBCwUAMCsxDjAMBgNVBAMTBW5p\n" - "a29zMRkwFwYDVQQKExBub25lIHRvLCBtZW50aW9uMCAXDTA4MDMzMTIyMDAwMFoY\n" - "Dzk5OTkxMjMxMjM1OTU5WjArMQ4wDAYDVQQDEwVuaWtvczEZMBcGA1UEChMQbm9u\n" - "ZSB0bywgbWVudGlvbjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAu2ZD9fLF\n" - "17aMzMXf9Yg7sclLag6hrSBQQAiAoU9co9D4bM/mPPfsBHYTF4tkiSJbwN1TfDvt\n" - "fAS7gLkovo6bxo6gpRLL9Vceoue7tzNJn+O7Sq5qTWj/yRHiMo3OPYALjXXv2ACB\n" - "jygEA6AijWEEB/q2N30hB0nSCWFpmJCjWKkCAwEAAYEFAAABAgOCBQAEAwIBo3sw\n" - "eTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDA3BgNVHREEMDAuiAQqAwQF\n" - "ghF4bi0tbXhhYTRhczZkLmNvbYETdGVzdEB4bi0ta3hhd2hrLm9yZzAgBgNVHSUB\n" - "Af8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADgYEAXE4Y\n" - "kO1M8RrC5qT7rs9zYoMVELPtirENuuGW8d4RFppvMDg8kpqWOo0ASkAa1ZeYSukE\n" - "m5KCEEyQ1UT00Vbr0Addn17y52RKMUzFhMmmu706MAvyutk51GmRgLusdbuEjgkn\n" - "jv3WmT8StaS7bFMw99hWCKDBPV9EE9M7zRHP0Js=\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIICWTCCAcKgAwIBAgIDChEAMA0GCSqGSIb3DQEBCwUAMCsxDjAMBgNVBAMTBW5p\n" + "a29zMRkwFwYDVQQKExBub25lIHRvLCBtZW50aW9uMCAXDTA4MDMzMTIyMDAwMFoY\n" + "Dzk5OTkxMjMxMjM1OTU5WjArMQ4wDAYDVQQDEwVuaWtvczEZMBcGA1UEChMQbm9u\n" + "ZSB0bywgbWVudGlvbjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAu2ZD9fLF\n" + "17aMzMXf9Yg7sclLag6hrSBQQAiAoU9co9D4bM/mPPfsBHYTF4tkiSJbwN1TfDvt\n" + "fAS7gLkovo6bxo6gpRLL9Vceoue7tzNJn+O7Sq5qTWj/yRHiMo3OPYALjXXv2ACB\n" + "jygEA6AijWEEB/q2N30hB0nSCWFpmJCjWKkCAwEAAYEFAAABAgOCBQAEAwIBo3sw\n" + "eTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDA3BgNVHREEMDAuiAQqAwQF\n" + "ghF4bi0tbXhhYTRhczZkLmNvbYETdGVzdEB4bi0ta3hhd2hrLm9yZzAgBgNVHSUB\n" + "Af8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADgYEAXE4Y\n" + "kO1M8RrC5qT7rs9zYoMVELPtirENuuGW8d4RFppvMDg8kpqWOo0ASkAa1ZeYSukE\n" + "m5KCEEyQ1UT00Vbr0Addn17y52RKMUzFhMmmu706MAvyutk51GmRgLusdbuEjgkn\n" + "jv3WmT8StaS7bFMw99hWCKDBPV9EE9M7zRHP0Js=\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t saved_crt = { saved_crt_pem, sizeof(saved_crt_pem) - 1 }; @@ -59,7 +60,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1207000800; @@ -101,8 +102,8 @@ void doit(void) if (ret != 0) fail("gnutls_x509_crt_init\n"); - ret = - gnutls_x509_crt_import(crt2, &server_ecc_cert, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt2, &server_ecc_cert, + GNUTLS_X509_FMT_PEM); if (ret != 0) fail("gnutls_x509_crt_import\n"); @@ -145,9 +146,8 @@ void doit(void) if (ret != 0) fail("gnutls_x509_crt_set_key_usage %d\n", ret); - ret = - gnutls_x509_crt_set_dn(crt, "o = none to\\, mention,cn = nikos", - &err); + ret = gnutls_x509_crt_set_dn(crt, "o = none to\\, mention,cn = nikos", + &err); if (ret < 0) { fail("gnutls_x509_crt_set_dn: %s, %s\n", gnutls_strerror(ret), err); @@ -166,8 +166,7 @@ void doit(void) ret = gnutls_x509_crt_set_subject_alt_name(crt, GNUTLS_SAN_RFC822NAME, "ινβάλιντ@bar.org", - strlen - ("ινβάλιντ@bar.org"), + strlen("ινβάλιντ@bar.org"), 1); if (ret != GNUTLS_E_INVALID_UTF8_EMAIL) fail("gnutls_x509_crt_set_subject_alt_name\n"); @@ -177,9 +176,10 @@ void doit(void) if (ret != 0) fail("gnutls_x509_crt_set_subject_alt_name\n"); - ret = gnutls_x509_crt_set_subject_alt_name(crt, GNUTLS_SAN_IPADDRESS, - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01", - 16, 1); + ret = gnutls_x509_crt_set_subject_alt_name( + crt, GNUTLS_SAN_IPADDRESS, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01", + 16, 1); if (ret != 0) fail("gnutls_x509_crt_set_subject_alt_name\n"); @@ -188,16 +188,15 @@ void doit(void) if (ret != 0) fail("gnutls_x509_crt_set_subject_alt_name\n"); - ret = - gnutls_x509_crt_set_subject_alt_name(crt, GNUTLS_SAN_REGISTERED_ID, - REGISTERED_OID, - strlen(REGISTERED_OID), 0); + ret = gnutls_x509_crt_set_subject_alt_name(crt, + GNUTLS_SAN_REGISTERED_ID, + REGISTERED_OID, + strlen(REGISTERED_OID), 0); if (ret != 0) fail("gnutls_x509_crt_set_subject_alt_name\n"); - ret = gnutls_x509_crt_set_subject_alt_name(crt, GNUTLS_SAN_DNSNAME, - "απαλό.com", - strlen("απαλό.com"), 1); + ret = gnutls_x509_crt_set_subject_alt_name( + crt, GNUTLS_SAN_DNSNAME, "απαλό.com", strlen("απαλό.com"), 1); #if defined(HAVE_LIBIDN2) || defined(HAVE_LIBIDN) if (ret != 0) fail("gnutls_x509_crt_set_subject_alt_name: %s\n", @@ -205,8 +204,7 @@ void doit(void) ret = gnutls_x509_crt_set_subject_alt_name(crt, GNUTLS_SAN_RFC822NAME, "test@νίκο.org", - strlen("test@νίκο.org"), - 1); + strlen("test@νίκο.org"), 1); if (ret != 0) fail("gnutls_x509_crt_set_subject_alt_name\n"); #else @@ -221,9 +219,8 @@ void doit(void) fail("gnutls_x509_crt_get_key_purpose_oid %d\n", ret); s = 0; - ret = - gnutls_x509_crt_set_key_purpose_oid(crt, - GNUTLS_KP_TLS_WWW_SERVER, 0); + ret = gnutls_x509_crt_set_key_purpose_oid(crt, GNUTLS_KP_TLS_WWW_SERVER, + 0); if (ret != 0) fail("gnutls_x509_crt_set_key_purpose_oid %d\n", ret); @@ -233,33 +230,28 @@ void doit(void) fail("gnutls_x509_crt_get_key_purpose_oid %d\n", ret); s = 0; - ret = - gnutls_x509_crt_set_key_purpose_oid(crt, - GNUTLS_KP_TLS_WWW_CLIENT, 1); + ret = gnutls_x509_crt_set_key_purpose_oid(crt, GNUTLS_KP_TLS_WWW_CLIENT, + 1); if (ret != 0) fail("gnutls_x509_crt_set_key_purpose_oid2 %d\n", ret); /* in the end this will be ignored as the issuer will be set * by gnutls_x509_crt_sign2() */ - ret = - gnutls_x509_crt_set_issuer_dn(crt, "cn = my CA, o = big\\, and one", - &err); + ret = gnutls_x509_crt_set_issuer_dn( + crt, "cn = my CA, o = big\\, and one", &err); if (ret < 0) { fail("gnutls_x509_crt_set_issuer_dn: %s, %s\n", gnutls_strerror(ret), err); } #define ISSUER_UNIQUE_ID "\x00\x01\x02\x03" #define SUBJECT_UNIQUE_ID "\x04\x03\x02\x01" - ret = - gnutls_x509_crt_set_issuer_unique_id(crt, ISSUER_UNIQUE_ID, - sizeof(ISSUER_UNIQUE_ID) - 1); + ret = gnutls_x509_crt_set_issuer_unique_id( + crt, ISSUER_UNIQUE_ID, sizeof(ISSUER_UNIQUE_ID) - 1); if (ret < 0) fail("error: %s\n", gnutls_strerror(ret)); - ret = - gnutls_x509_crt_set_subject_unique_id(crt, SUBJECT_UNIQUE_ID, - sizeof(SUBJECT_UNIQUE_ID) - - 1); + ret = gnutls_x509_crt_set_subject_unique_id( + crt, SUBJECT_UNIQUE_ID, sizeof(SUBJECT_UNIQUE_ID) - 1); if (ret < 0) fail("error: %s\n", gnutls_strerror(ret)); @@ -373,16 +365,16 @@ void doit(void) /* check whether the PEM output matches gnutls_x509_crt_export2 */ s = sizeof(large_buf); - assert(gnutls_x509_crt_export(crt, GNUTLS_X509_FMT_PEM, large_buf, &s) - == 0); + assert(gnutls_x509_crt_export(crt, GNUTLS_X509_FMT_PEM, large_buf, + &s) == 0); assert(s == out.size); assert(memcmp(large_buf, out.data, out.size) == 0); gnutls_free(out.data); /* check whether the der out length differs */ s = sizeof(large_buf); - assert(gnutls_x509_crt_export(crt, GNUTLS_X509_FMT_DER, large_buf, &s) - == 0); + assert(gnutls_x509_crt_export(crt, GNUTLS_X509_FMT_DER, large_buf, + &s) == 0); assert(gnutls_x509_crt_export2(crt, GNUTLS_X509_FMT_DER, &out) >= 0); assert(s == out.size); @@ -401,9 +393,8 @@ void doit(void) i = 0; do { s = sizeof(buf); - ret = - gnutls_x509_crt_get_subject_alt_name2(crt2, i++, buf, &s, - &san_type, NULL); + ret = gnutls_x509_crt_get_subject_alt_name2(crt2, i++, buf, &s, + &san_type, NULL); if (ret < 0) fail("gnutls_x509_crt_get_subject_alt_name2: %s\n", gnutls_strerror(ret)); diff --git a/tests/crt_inv_write.c b/tests/crt_inv_write.c index 4d7f6247ea..0db9c87dcb 100644 --- a/tests/crt_inv_write.c +++ b/tests/crt_inv_write.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -41,7 +41,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1207000800; @@ -102,18 +102,19 @@ static void do_crt_with_exts(unsigned version) if (ret != 0) fail("gnutls_x509_crt_set_key\n"); - ret = gnutls_x509_crt_set_basic_constraints(crt, 0, -1); /* invalid for V1 */ + ret = gnutls_x509_crt_set_basic_constraints(crt, 0, + -1); /* invalid for V1 */ if (ret < 0) { fail("error\n"); } - ret = gnutls_x509_crt_set_key_usage(crt, GNUTLS_KEY_DIGITAL_SIGNATURE); /* inv for V1 */ + ret = gnutls_x509_crt_set_key_usage( + crt, GNUTLS_KEY_DIGITAL_SIGNATURE); /* inv for V1 */ if (ret != 0) fail("gnutls_x509_crt_set_key_usage %d\n", ret); - ret = - gnutls_x509_crt_set_dn(crt, "o = none to\\, mention,cn = nikos", - &err); + ret = gnutls_x509_crt_set_dn(crt, "o = none to\\, mention,cn = nikos", + &err); if (ret < 0) { fail("gnutls_x509_crt_set_dn: %s, %s\n", gnutls_strerror(ret), err); @@ -122,8 +123,8 @@ static void do_crt_with_exts(unsigned version) ret = gnutls_x509_crt_sign2(crt, crt, pkey, GNUTLS_DIG_SHA256, 0); if (ret != GNUTLS_E_X509_CERTIFICATE_ERROR) { gnutls_datum_t out; - assert(gnutls_x509_crt_export2(crt, GNUTLS_X509_FMT_PEM, &out) - >= 0); + assert(gnutls_x509_crt_export2(crt, GNUTLS_X509_FMT_PEM, + &out) >= 0); printf("%s\n\n", out.data); fail("gnutls_x509_crt_sign2: %s\n", gnutls_strerror(ret)); @@ -191,9 +192,8 @@ static void do_v1_invalid_crt(void) fail("error\n"); } - ret = - gnutls_x509_crt_set_dn(crt, "o = none to\\, mention,cn = nikos", - &err); + ret = gnutls_x509_crt_set_dn(crt, "o = none to\\, mention,cn = nikos", + &err); if (ret < 0) { fail("gnutls_x509_crt_set_dn: %s, %s\n", gnutls_strerror(ret), err); @@ -202,8 +202,8 @@ static void do_v1_invalid_crt(void) ret = gnutls_x509_crt_sign2(crt, crt, pkey, GNUTLS_DIG_SHA256, 0); if (ret != GNUTLS_E_X509_CERTIFICATE_ERROR) { gnutls_datum_t out; - assert(gnutls_x509_crt_export2(crt, GNUTLS_X509_FMT_PEM, &out) - >= 0); + assert(gnutls_x509_crt_export2(crt, GNUTLS_X509_FMT_PEM, + &out) >= 0); printf("%s\n\n", out.data); fail("gnutls_x509_crt_sign2: %s\n", gnutls_strerror(ret)); diff --git a/tests/crt_type-neg-common.c b/tests/crt_type-neg-common.c index 8e6a5dc78e..5f3637e695 100644 --- a/tests/crt_type-neg-common.c +++ b/tests/crt_type-neg-common.c @@ -24,9 +24,9 @@ #include // Credential type flags -#define CRED_EMPTY 1<<0 -#define CRED_X509 1<<1 -#define CRED_RAWPK 1<<2 +#define CRED_EMPTY 1 << 0 +#define CRED_X509 1 << 1 +#define CRED_RAWPK 1 << 2 // Test case definition typedef struct test_case_st { @@ -44,15 +44,19 @@ typedef struct test_case_st { bool request_cli_crt; bool cli_srv_may_diverge; // only needed when may_diverge is true - gnutls_certificate_type_t expected_cli_cli_ctype; // negotiated cli ctype on the client - gnutls_certificate_type_t expected_srv_cli_ctype; // negotiated cli ctype on the server - gnutls_certificate_type_t expected_cli_srv_ctype; // negotiated srv ctype on the client - gnutls_certificate_type_t expected_srv_srv_ctype; // negotiated srv ctype on the server + gnutls_certificate_type_t + expected_cli_cli_ctype; // negotiated cli ctype on the client + gnutls_certificate_type_t + expected_srv_cli_ctype; // negotiated cli ctype on the server + gnutls_certificate_type_t + expected_cli_srv_ctype; // negotiated srv ctype on the client + gnutls_certificate_type_t + expected_srv_srv_ctype; // negotiated srv ctype on the server } test_case_st; -static void try(test_case_st * test) +static void try(test_case_st *test) { - int sret, cret; // Needed for HANDSHAKE macro + int sret, cret; // Needed for HANDSHAKE macro /* To hold negotiated certificate types */ gnutls_certificate_type_t srv_srv_ctype, srv_cli_ctype; gnutls_certificate_type_t cli_srv_ctype, cli_cli_ctype; @@ -71,15 +75,15 @@ static void try(test_case_st * test) // Init client/server if (test->init_flags_cli) { - assert(gnutls_init - (&client, GNUTLS_CLIENT | test->init_flags_cli) >= 0); + assert(gnutls_init(&client, + GNUTLS_CLIENT | test->init_flags_cli) >= 0); } else { assert(gnutls_init(&client, GNUTLS_CLIENT) >= 0); } if (test->init_flags_srv) { - assert(gnutls_init - (&server, GNUTLS_SERVER | test->init_flags_srv) >= 0); + assert(gnutls_init(&server, + GNUTLS_SERVER | test->init_flags_srv) >= 0); } else { assert(gnutls_init(&server, GNUTLS_SERVER) >= 0); } @@ -92,16 +96,16 @@ static void try(test_case_st * test) } else { // Test for using X509 cli credentials if (test->set_cli_creds & CRED_X509) { - assert(gnutls_certificate_set_x509_key_mem - (client_creds, &cli_ca3_cert, &cli_ca3_key, - GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + client_creds, &cli_ca3_cert, + &cli_ca3_key, GNUTLS_X509_FMT_PEM) >= 0); } // Test for using RawPubKey cli credentials if (test->set_cli_creds & CRED_RAWPK) { - assert(gnutls_certificate_set_rawpk_key_mem - (client_creds, &rawpk_public_key1, - &rawpk_private_key1, GNUTLS_X509_FMT_PEM, NULL, - 0, NULL, 0, 0) >= 0); + assert(gnutls_certificate_set_rawpk_key_mem( + client_creds, &rawpk_public_key1, + &rawpk_private_key1, GNUTLS_X509_FMT_PEM, + NULL, 0, NULL, 0, 0) >= 0); } // -- Add extra ctype creds here in the future -- @@ -117,26 +121,30 @@ static void try(test_case_st * test) } else { // Test for using X509 srv credentials if (test->set_srv_creds & CRED_X509) { - assert(gnutls_certificate_set_x509_key_mem - (server_creds, - &server_ca3_localhost_rsa_decrypt_cert, - &server_ca3_key, GNUTLS_X509_FMT_PEM) >= 0); - assert(gnutls_certificate_set_x509_key_mem - (server_creds, &server_ca3_localhost_ecc_cert, - &server_ca3_ecc_key, GNUTLS_X509_FMT_PEM) >= 0); - assert(gnutls_certificate_set_x509_key_mem - (server_creds, - &server_ca3_localhost_rsa_sign_cert, - &server_ca3_key, GNUTLS_X509_FMT_PEM) >= 0); - gnutls_certificate_set_known_dh_params(server_creds, - GNUTLS_SEC_PARAM_MEDIUM); + assert(gnutls_certificate_set_x509_key_mem( + server_creds, + &server_ca3_localhost_rsa_decrypt_cert, + &server_ca3_key, + GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + server_creds, + &server_ca3_localhost_ecc_cert, + &server_ca3_ecc_key, + GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + server_creds, + &server_ca3_localhost_rsa_sign_cert, + &server_ca3_key, + GNUTLS_X509_FMT_PEM) >= 0); + gnutls_certificate_set_known_dh_params( + server_creds, GNUTLS_SEC_PARAM_MEDIUM); } // Test for using RawPubKey srv credentials if (test->set_srv_creds & CRED_RAWPK) { - assert(gnutls_certificate_set_rawpk_key_mem - (server_creds, &rawpk_public_key2, - &rawpk_private_key2, GNUTLS_X509_FMT_PEM, NULL, - 0, NULL, 0, 0) >= 0); + assert(gnutls_certificate_set_rawpk_key_mem( + server_creds, &rawpk_public_key2, + &rawpk_private_key2, GNUTLS_X509_FMT_PEM, + NULL, 0, NULL, 0, 0) >= 0); } // -- Add extra ctype creds here in the future -- @@ -173,65 +181,105 @@ static void try(test_case_st * test) HANDSHAKE(client, server); /* Get the negotiated certificate types */ - srv_srv_ctype = - gnutls_certificate_type_get2(server, GNUTLS_CTYPE_SERVER); - srv_cli_ctype = - gnutls_certificate_type_get2(server, GNUTLS_CTYPE_CLIENT); - cli_srv_ctype = - gnutls_certificate_type_get2(client, GNUTLS_CTYPE_SERVER); - cli_cli_ctype = - gnutls_certificate_type_get2(client, GNUTLS_CTYPE_CLIENT); + srv_srv_ctype = gnutls_certificate_type_get2( + server, GNUTLS_CTYPE_SERVER); + srv_cli_ctype = gnutls_certificate_type_get2( + server, GNUTLS_CTYPE_CLIENT); + cli_srv_ctype = gnutls_certificate_type_get2( + client, GNUTLS_CTYPE_SERVER); + cli_cli_ctype = gnutls_certificate_type_get2( + client, GNUTLS_CTYPE_CLIENT); // For debugging if (debug) { success("Srv srv ctype: %s\n", - gnutls_certificate_type_get_name - (srv_srv_ctype)); + gnutls_certificate_type_get_name( + srv_srv_ctype)); success("Srv cli ctype: %s\n", - gnutls_certificate_type_get_name - (srv_cli_ctype)); + gnutls_certificate_type_get_name( + srv_cli_ctype)); success("Cli srv ctype: %s\n", - gnutls_certificate_type_get_name - (cli_srv_ctype)); + gnutls_certificate_type_get_name( + cli_srv_ctype)); success("Cli srv ctype: %s\n", - gnutls_certificate_type_get_name - (cli_cli_ctype)); + gnutls_certificate_type_get_name( + cli_cli_ctype)); } /* Check whether the negotiated certificate types match the expected results */ if (test->cli_srv_may_diverge) { // Matching expected client ctype at client if (cli_cli_ctype != test->expected_cli_cli_ctype) { - fail("%s: negotiated client ctype at client diffs the expected (%s, %s)!\n", test->name, gnutls_certificate_type_get_name(cli_cli_ctype), gnutls_certificate_type_get_name(test->expected_cli_cli_ctype)); + fail("%s: negotiated client ctype at client diffs the expected (%s, %s)!\n", + test->name, + gnutls_certificate_type_get_name( + cli_cli_ctype), + gnutls_certificate_type_get_name( + test->expected_cli_cli_ctype)); } // Matching expected server ctype at client if (cli_srv_ctype != test->expected_cli_srv_ctype) { - fail("%s: negotiated server ctype at client diffs the expected (%s, %s)!\n", test->name, gnutls_certificate_type_get_name(cli_srv_ctype), gnutls_certificate_type_get_name(test->expected_cli_srv_ctype)); + fail("%s: negotiated server ctype at client diffs the expected (%s, %s)!\n", + test->name, + gnutls_certificate_type_get_name( + cli_srv_ctype), + gnutls_certificate_type_get_name( + test->expected_cli_srv_ctype)); } // Matching expected client ctype at server if (srv_cli_ctype != test->expected_srv_cli_ctype) { - fail("%s: negotiated client ctype at server diffs the expected (%s, %s)!\n", test->name, gnutls_certificate_type_get_name(srv_cli_ctype), gnutls_certificate_type_get_name(test->expected_srv_cli_ctype)); + fail("%s: negotiated client ctype at server diffs the expected (%s, %s)!\n", + test->name, + gnutls_certificate_type_get_name( + srv_cli_ctype), + gnutls_certificate_type_get_name( + test->expected_srv_cli_ctype)); } // Matching expected server ctype at server if (srv_srv_ctype != test->expected_srv_srv_ctype) { - fail("%s: negotiated client ctype at client diffs the expected (%s, %s)!\n", test->name, gnutls_certificate_type_get_name(srv_srv_ctype), gnutls_certificate_type_get_name(test->expected_srv_srv_ctype)); + fail("%s: negotiated client ctype at client diffs the expected (%s, %s)!\n", + test->name, + gnutls_certificate_type_get_name( + srv_srv_ctype), + gnutls_certificate_type_get_name( + test->expected_srv_srv_ctype)); } } else { // Matching server ctype if (srv_srv_ctype != cli_srv_ctype) { - fail("%s: client negotiated different server ctype than server (%s, %s)!\n", test->name, gnutls_certificate_type_get_name(cli_srv_ctype), gnutls_certificate_type_get_name(srv_srv_ctype)); + fail("%s: client negotiated different server ctype than server (%s, %s)!\n", + test->name, + gnutls_certificate_type_get_name( + cli_srv_ctype), + gnutls_certificate_type_get_name( + srv_srv_ctype)); } // Matching client ctype if (srv_cli_ctype != cli_cli_ctype) { - fail("%s: client negotiated different client ctype than server (%s, %s)!\n", test->name, gnutls_certificate_type_get_name(cli_cli_ctype), gnutls_certificate_type_get_name(srv_cli_ctype)); + fail("%s: client negotiated different client ctype than server (%s, %s)!\n", + test->name, + gnutls_certificate_type_get_name( + cli_cli_ctype), + gnutls_certificate_type_get_name( + srv_cli_ctype)); } // Matching expected server ctype if (srv_srv_ctype != test->expected_srv_ctype) { - fail("%s: negotiated server ctype diffs the expected (%s, %s)!\n", test->name, gnutls_certificate_type_get_name(srv_srv_ctype), gnutls_certificate_type_get_name(test->expected_srv_ctype)); + fail("%s: negotiated server ctype diffs the expected (%s, %s)!\n", + test->name, + gnutls_certificate_type_get_name( + srv_srv_ctype), + gnutls_certificate_type_get_name( + test->expected_srv_ctype)); } // Matching expected client ctype if (srv_cli_ctype != test->expected_cli_ctype) { - fail("%s: negotiated client ctype diffs the expected (%s, %s)!\n", test->name, gnutls_certificate_type_get_name(srv_cli_ctype), gnutls_certificate_type_get_name(test->expected_cli_ctype)); + fail("%s: negotiated client ctype diffs the expected (%s, %s)!\n", + test->name, + gnutls_certificate_type_get_name( + srv_cli_ctype), + gnutls_certificate_type_get_name( + test->expected_cli_ctype)); } /* Check whether the API functions return the correct cert types for OURS and PEERS */ @@ -239,11 +287,11 @@ static void try(test_case_st * test) gnutls_certificate_type_get2(server, GNUTLS_CTYPE_OURS)); assert(srv_srv_ctype == - gnutls_certificate_type_get2(client, - GNUTLS_CTYPE_PEERS)); + gnutls_certificate_type_get2( + client, GNUTLS_CTYPE_PEERS)); assert(cli_cli_ctype == - gnutls_certificate_type_get2(server, - GNUTLS_CTYPE_PEERS)); + gnutls_certificate_type_get2( + server, GNUTLS_CTYPE_PEERS)); assert(cli_cli_ctype == gnutls_certificate_type_get2(client, GNUTLS_CTYPE_OURS)); diff --git a/tests/custom-urls-override.c b/tests/custom-urls-override.c index aa3de7bdad..e089446cdd 100644 --- a/tests/custom-urls-override.c +++ b/tests/custom-urls-override.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,21 +35,21 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include "cert-common.h" - -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "cert-common.h" + +#include "utils.h" static void terminate(void); static unsigned url_used = 0; @@ -99,8 +99,8 @@ static void client(int fd) gnutls_init(&session, GNUTLS_CLIENT); /* Use default priorities */ - assert(gnutls_priority_set_direct - (session, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL) >= 0); + assert(gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -110,8 +110,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -124,8 +123,8 @@ static void client(int fd) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); gnutls_bye(session, GNUTLS_SHUT_WR); @@ -158,10 +157,8 @@ static void server(int fd) */ gnutls_certificate_allocate_credentials(&x509_cred); - ret = - gnutls_certificate_set_x509_key_file(x509_cred, "system:cert", - "system:key", - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_file( + x509_cred, "system:cert", "system:key", GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("server: gnutls_certificate_set_x509_key_file (%s)\n\n", gnutls_strerror(ret)); @@ -173,8 +170,8 @@ static void server(int fd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - assert(gnutls_priority_set_direct - (session, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL) >= 0); + assert(gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -182,8 +179,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -196,8 +192,8 @@ static void server(int fd) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (url_used != 2) { fail("The callbacks were not used\n"); @@ -219,12 +215,10 @@ static void server(int fd) success("server: finished\n"); } -const gnutls_custom_url_st custom_url_st = { - .name = "system:", - .name_size = sizeof("system:") - 1, - .import_key = url_import_key, - .import_crt = url_import_crt -}; +const gnutls_custom_url_st custom_url_st = { .name = "system:", + .name_size = sizeof("system:") - 1, + .import_key = url_import_key, + .import_crt = url_import_crt }; static void start(void) { @@ -285,4 +279,4 @@ void doit(void) start(); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/custom-urls.c b/tests/custom-urls.c index 168ab030d1..045f585d3a 100644 --- a/tests/custom-urls.c +++ b/tests/custom-urls.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,21 +35,21 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" static void terminate(void); @@ -96,8 +96,8 @@ static void client(int fd) gnutls_init(&session, GNUTLS_CLIENT); /* Use default priorities */ - assert(gnutls_priority_set_direct - (session, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL) >= 0); + assert(gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -107,8 +107,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -121,8 +120,8 @@ static void client(int fd) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); gnutls_bye(session, GNUTLS_SHUT_WR); @@ -154,19 +153,16 @@ static void server(int fd) /* this must be called once in the program */ gnutls_certificate_allocate_credentials(&x509_cred); - ret = - gnutls_certificate_set_x509_key_file(x509_cred, "nomyurl:cert", - "nomyurl:key", - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_file( + x509_cred, "nomyurl:cert", "nomyurl:key", GNUTLS_X509_FMT_PEM); if (ret != GNUTLS_E_FILE_ERROR) { - fail("server: gnutls_certificate_set_x509_key_file unexpected error (%s)\n\n", gnutls_strerror(ret)); + fail("server: gnutls_certificate_set_x509_key_file unexpected error (%s)\n\n", + gnutls_strerror(ret)); terminate(); } - ret = - gnutls_certificate_set_x509_key_file(x509_cred, "myurl:cert", - "myurl:key", - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_file( + x509_cred, "myurl:cert", "myurl:key", GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("server: gnutls_certificate_set_x509_key_file (%s)\n\n", gnutls_strerror(ret)); @@ -178,8 +174,8 @@ static void server(int fd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - assert(gnutls_priority_set_direct - (session, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL) >= 0); + assert(gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -187,8 +183,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -201,8 +196,8 @@ static void server(int fd) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* do not wait for the peer to close the connection. */ @@ -219,12 +214,10 @@ static void server(int fd) success("server: finished\n"); } -const gnutls_custom_url_st custom_url_st = { - .name = "myurl:", - .name_size = sizeof("myurl:") - 1, - .import_key = url_import_key, - .import_crt = url_import_crt -}; +const gnutls_custom_url_st custom_url_st = { .name = "myurl:", + .name_size = sizeof("myurl:") - 1, + .import_key = url_import_key, + .import_crt = url_import_crt }; static void start(void) { @@ -285,4 +278,4 @@ void doit(void) start(); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/cve-2008-4989.c b/tests/cve-2008-4989.c index d204a0cf27..43a94e296e 100644 --- a/tests/cve-2008-4989.c +++ b/tests/cve-2008-4989.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -37,111 +37,112 @@ static const char *pem_certs[] = { "-----BEGIN CERTIFICATE-----\n" - "MIIB6zCCAVQCCQCgwnB/k0WZrDANBgkqhkiG9w0BAQUFADA9MQswCQYDVQQGEwJE\n" - "RTEXMBUGA1UEChMOR05VIFRMUyBBdHRhY2sxFTATBgNVBAMTDGludGVybWVkaWF0\n" - "ZTAeFw0wODExMDMxMjA1MDRaFw0wODEyMDMxMjA1MDRaMDcxCzAJBgNVBAYTAkRF\n" - "MRcwFQYDVQQKEw5HTlUgVExTIEF0dGFjazEPMA0GA1UEAxMGc2VydmVyMIGfMA0G\n" - "CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDKdL9g5ErMLOLRCjiomZlNLhy0moWGaKIW\n" - "aX6vyUIfh8d6FcArHoKoqhmX7ckvod50sOYPojQesDpl7gVaQNA6Ntr1VCcuNPef\n" - "UKWtEwL0Qu9JbPnUoIYd7mAaqVQgFp6W6yzV/dp63LH4XSdzBMhpZ/EU6vZoE8Sv\n" - "VLdqj5r6jwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAH4QRR7sZEbjW00tXYk/3O/Z\n" - "96AxJNg0F78W5B68gaJrLJ7DTE2RTglscuEq1+2Jyb4AIziwXpYqxgwcP91QpH97\n" - "XfwdXIcyjYvVLHiKmkQj2zJTY7MeyiEQQ2it8VstZG2fYmi2EiMZIEnyJ2JJ7bA7\n" - "bF7pG7Cg3oEHUM0H5KUU\n" "-----END CERTIFICATE-----\n", + "MIIB6zCCAVQCCQCgwnB/k0WZrDANBgkqhkiG9w0BAQUFADA9MQswCQYDVQQGEwJE\n" + "RTEXMBUGA1UEChMOR05VIFRMUyBBdHRhY2sxFTATBgNVBAMTDGludGVybWVkaWF0\n" + "ZTAeFw0wODExMDMxMjA1MDRaFw0wODEyMDMxMjA1MDRaMDcxCzAJBgNVBAYTAkRF\n" + "MRcwFQYDVQQKEw5HTlUgVExTIEF0dGFjazEPMA0GA1UEAxMGc2VydmVyMIGfMA0G\n" + "CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDKdL9g5ErMLOLRCjiomZlNLhy0moWGaKIW\n" + "aX6vyUIfh8d6FcArHoKoqhmX7ckvod50sOYPojQesDpl7gVaQNA6Ntr1VCcuNPef\n" + "UKWtEwL0Qu9JbPnUoIYd7mAaqVQgFp6W6yzV/dp63LH4XSdzBMhpZ/EU6vZoE8Sv\n" + "VLdqj5r6jwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAH4QRR7sZEbjW00tXYk/3O/Z\n" + "96AxJNg0F78W5B68gaJrLJ7DTE2RTglscuEq1+2Jyb4AIziwXpYqxgwcP91QpH97\n" + "XfwdXIcyjYvVLHiKmkQj2zJTY7MeyiEQQ2it8VstZG2fYmi2EiMZIEnyJ2JJ7bA7\n" + "bF7pG7Cg3oEHUM0H5KUU\n" + "-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\n" - "MIICADCCAWmgAwIBAgIJAIZ4nkHQAqTFMA0GCSqGSIb3DQEBBQUAMDUxCzAJBgNV\n" - "BAYTAkRFMRcwFQYDVQQKEw5HTlUgVExTIEF0dGFjazENMAsGA1UEAxMEcm9vdDAe\n" - "Fw0wODExMDMxMjA0NDVaFw0wODEyMDMxMjA0NDVaMD0xCzAJBgNVBAYTAkRFMRcw\n" - "FQYDVQQKEw5HTlUgVExTIEF0dGFjazEVMBMGA1UEAxMMaW50ZXJtZWRpYXRlMIGf\n" - "MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDvBpW8sAhIuUmNvcBE6wv/q7MtM1Z9\n" - "2I1SDL8eJ8I2nPg6BlCX+OIqNruynj8J7uPEQ04ZLwLxNXoyZa8057YFyrKLOvoj\n" - "5IfBtidsLWYv6PO3qqHJXVvwGdS7PKMuUlsjucCRyXVgQ07ODF7piqoVFi9KD99w\n" - "AU5+9plGrZNP/wIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA\n" - "A4GBAGPg+M+8MsB6zHN2o+jAtyqovrTTwmzVWEgfEH/aHC9+imGZRQ5lFNc2vdny\n" - "AgaJ9/izO5S6Ibb5zUowN2WhoUJOVipuQa2m9AviOgheoU7tmANC9ylm/pRkKy/0\n" - "n5UVzlKxDhRp/xBb7MWOw3KEQjiAf2Z3wCLcCPUqcJUdJC4v\n" - "-----END CERTIFICATE-----\n", + "MIICADCCAWmgAwIBAgIJAIZ4nkHQAqTFMA0GCSqGSIb3DQEBBQUAMDUxCzAJBgNV\n" + "BAYTAkRFMRcwFQYDVQQKEw5HTlUgVExTIEF0dGFjazENMAsGA1UEAxMEcm9vdDAe\n" + "Fw0wODExMDMxMjA0NDVaFw0wODEyMDMxMjA0NDVaMD0xCzAJBgNVBAYTAkRFMRcw\n" + "FQYDVQQKEw5HTlUgVExTIEF0dGFjazEVMBMGA1UEAxMMaW50ZXJtZWRpYXRlMIGf\n" + "MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDvBpW8sAhIuUmNvcBE6wv/q7MtM1Z9\n" + "2I1SDL8eJ8I2nPg6BlCX+OIqNruynj8J7uPEQ04ZLwLxNXoyZa8057YFyrKLOvoj\n" + "5IfBtidsLWYv6PO3qqHJXVvwGdS7PKMuUlsjucCRyXVgQ07ODF7piqoVFi9KD99w\n" + "AU5+9plGrZNP/wIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA\n" + "A4GBAGPg+M+8MsB6zHN2o+jAtyqovrTTwmzVWEgfEH/aHC9+imGZRQ5lFNc2vdny\n" + "AgaJ9/izO5S6Ibb5zUowN2WhoUJOVipuQa2m9AviOgheoU7tmANC9ylm/pRkKy/0\n" + "n5UVzlKxDhRp/xBb7MWOw3KEQjiAf2Z3wCLcCPUqcJUdJC4v\n" + "-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\n" - "MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUF\n" - "ADCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYG\n" - "A1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UE\n" - "CxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl\n" - "IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYx\n" - "MTE3MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTAT\n" - "BgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT\n" - "ZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJ\n" - "bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0\n" - "ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" - "AoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQ\n" - "LZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29\n" - "dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk6KHYcWUNo1F7\n" - "7rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/KaAcd\n" - "HJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR3\n" - "2HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA\n" - "MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7\n" - "W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7OR\n" - "tvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeE\n" - "uzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQ\n" - "aEfZYGDm/Ac9IiAXxPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqd\n" - "E8hhuvU5HIe6uL17In/2/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+\n" - "MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+\n" - "fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaA==\n" - "-----END CERTIFICATE-----\n" + "MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUF\n" + "ADCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYG\n" + "A1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UE\n" + "CxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl\n" + "IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYx\n" + "MTE3MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTAT\n" + "BgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT\n" + "ZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJ\n" + "bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0\n" + "ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQ\n" + "LZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29\n" + "dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk6KHYcWUNo1F7\n" + "7rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/KaAcd\n" + "HJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR3\n" + "2HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA\n" + "MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7\n" + "W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7OR\n" + "tvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeE\n" + "uzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQ\n" + "aEfZYGDm/Ac9IiAXxPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqd\n" + "E8hhuvU5HIe6uL17In/2/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+\n" + "MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+\n" + "fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaA==\n" + "-----END CERTIFICATE-----\n" }; static const char *pem_ca = { "-----BEGIN CERTIFICATE-----\n" - "MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUF\n" - "ADCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYG\n" - "A1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UE\n" - "CxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl\n" - "IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYx\n" - "MTE3MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTAT\n" - "BgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT\n" - "ZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJ\n" - "bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0\n" - "ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" - "AoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQ\n" - "LZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29\n" - "dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk6KHYcWUNo1F7\n" - "7rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/KaAcd\n" - "HJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR3\n" - "2HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA\n" - "MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7\n" - "W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7OR\n" - "tvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeE\n" - "uzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQ\n" - "aEfZYGDm/Ac9IiAXxPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqd\n" - "E8hhuvU5HIe6uL17In/2/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+\n" - "MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+\n" - "fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaA==\n" - "-----END CERTIFICATE-----\n" + "MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUF\n" + "ADCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYG\n" + "A1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UE\n" + "CxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl\n" + "IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYx\n" + "MTE3MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTAT\n" + "BgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT\n" + "ZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJ\n" + "bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0\n" + "ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQ\n" + "LZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29\n" + "dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk6KHYcWUNo1F7\n" + "7rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/KaAcd\n" + "HJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR3\n" + "2HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA\n" + "MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7\n" + "W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7OR\n" + "tvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeE\n" + "uzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQ\n" + "aEfZYGDm/Ac9IiAXxPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqd\n" + "E8hhuvU5HIe6uL17In/2/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+\n" + "MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+\n" + "fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaA==\n" + "-----END CERTIFICATE-----\n" }; -#define CHAIN_LENGTH (sizeof (pem_certs) / sizeof (pem_certs[0])) +#define CHAIN_LENGTH (sizeof(pem_certs) / sizeof(pem_certs[0])) static const char *pem_self_cert = { "-----BEGIN CERTIFICATE-----\n" - "MIIDgjCCAmygAwIBAgIBADALBgkqhkiG9w0BAQUwSzELMAkGA1UEBhMCQlIxFDAS\n" - "BgNVBAoTC01pbmFzIExpdnJlMSYwJAYDVQQDEx1UaGFkZXUgTGltYSBkZSBTb3V6\n" - "YSBDYXNjYXJkbzAeFw0wODA1MzAxOTUzNDNaFw0wODExMjYxOTUzNDNaMEsxCzAJ\n" - "BgNVBAYTAkJSMRQwEgYDVQQKEwtNaW5hcyBMaXZyZTEmMCQGA1UEAxMdVGhhZGV1\n" - "IExpbWEgZGUgU291emEgQ2FzY2FyZG8wggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIB\n" - "CQKCAQC4D934O6wrXJbMyu1w8gu6nN0aNUDGqrX9UgaB/4xVuYhPlhjH0z9Dqic9\n" - "0pEZmyNCjQmzDSg/hnlY3fBG0i9Iel2oYn1UB4SdcJ2qGkLS87y2ZbMTS1oyMR7/\n" - "y9l3WGEWqwgjIvOjGstcZo0rCIF8Qr21QGX22KWg2HXlMaZyA9bGtJ+L+x6f2hoo\n" - "yIPCA30VMvIgHjOSPQJF3iJFE4Uxq1PQ65W91NyI6/bRKFOmFdCUJW8tqqvntYP8\n" - "hEE08wGlKimFNv7CqZuRI8QuOnhZ7pBXkyvQpW8yHrORlOHxSjkNQKjddt92TCJb\n" - "1q6eKv2CtCuDLgCuIy0Onr4U9n+hAgMBAAGjeDB2MA8GA1UdEwEB/wQFMAMBAf8w\n" - "HgYDVR0RBBcwFYITbWFpbC5taW5hc2xpdnJlLm9yZzATBgNVHSUEDDAKBggrBgEF\n" - "BQcDATAPBgNVHQ8BAf8EBQMDB6QAMB0GA1UdDgQWBBQ/5v42y0jBHUKEfqpPmr5a\n" - "WsjCGjALBgkqhkiG9w0BAQUDggEBAC/WfO2yK3vM9bG0qFEj8sd0cWiapMhf5PtH\n" - "jigcPb/OKqSFQVXpAdNiUclPRP79Ih3CuWiXfZ/CW0+k2Z8tyy6AnEQItWvoVh/b\n" - "8lS7Ph/f9JUYHp2DtgsQWcNQbrUZOPFBu8J4MD6cDWG5Uxwl3YASg30ZdmMDNT8B\n" - "HshYz0HUOAhYwVSI3J/f7LFhD5OpjSroHgE7wA9UJrerAp9f7e3e9D7kNQ8DlvLP\n" - "kz6Jh+5M/xD3JO1yl+evaCp3LA+z4M2xiNvtzkAEgj3t6RaJ81Sh5XGiooDYZ14R\n" - "DgEBYLTUfBYBPzoaahPEdG/f0kUjUBJ34fkBUSjJKURPTHJfDfA=\n" - "-----END CERTIFICATE-----\n" + "MIIDgjCCAmygAwIBAgIBADALBgkqhkiG9w0BAQUwSzELMAkGA1UEBhMCQlIxFDAS\n" + "BgNVBAoTC01pbmFzIExpdnJlMSYwJAYDVQQDEx1UaGFkZXUgTGltYSBkZSBTb3V6\n" + "YSBDYXNjYXJkbzAeFw0wODA1MzAxOTUzNDNaFw0wODExMjYxOTUzNDNaMEsxCzAJ\n" + "BgNVBAYTAkJSMRQwEgYDVQQKEwtNaW5hcyBMaXZyZTEmMCQGA1UEAxMdVGhhZGV1\n" + "IExpbWEgZGUgU291emEgQ2FzY2FyZG8wggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIB\n" + "CQKCAQC4D934O6wrXJbMyu1w8gu6nN0aNUDGqrX9UgaB/4xVuYhPlhjH0z9Dqic9\n" + "0pEZmyNCjQmzDSg/hnlY3fBG0i9Iel2oYn1UB4SdcJ2qGkLS87y2ZbMTS1oyMR7/\n" + "y9l3WGEWqwgjIvOjGstcZo0rCIF8Qr21QGX22KWg2HXlMaZyA9bGtJ+L+x6f2hoo\n" + "yIPCA30VMvIgHjOSPQJF3iJFE4Uxq1PQ65W91NyI6/bRKFOmFdCUJW8tqqvntYP8\n" + "hEE08wGlKimFNv7CqZuRI8QuOnhZ7pBXkyvQpW8yHrORlOHxSjkNQKjddt92TCJb\n" + "1q6eKv2CtCuDLgCuIy0Onr4U9n+hAgMBAAGjeDB2MA8GA1UdEwEB/wQFMAMBAf8w\n" + "HgYDVR0RBBcwFYITbWFpbC5taW5hc2xpdnJlLm9yZzATBgNVHSUEDDAKBggrBgEF\n" + "BQcDATAPBgNVHQ8BAf8EBQMDB6QAMB0GA1UdDgQWBBQ/5v42y0jBHUKEfqpPmr5a\n" + "WsjCGjALBgkqhkiG9w0BAQUDggEBAC/WfO2yK3vM9bG0qFEj8sd0cWiapMhf5PtH\n" + "jigcPb/OKqSFQVXpAdNiUclPRP79Ih3CuWiXfZ/CW0+k2Z8tyy6AnEQItWvoVh/b\n" + "8lS7Ph/f9JUYHp2DtgsQWcNQbrUZOPFBu8J4MD6cDWG5Uxwl3YASg30ZdmMDNT8B\n" + "HshYz0HUOAhYwVSI3J/f7LFhD5OpjSroHgE7wA9UJrerAp9f7e3e9D7kNQ8DlvLP\n" + "kz6Jh+5M/xD3JO1yl+evaCp3LA+z4M2xiNvtzkAEgj3t6RaJ81Sh5XGiooDYZ14R\n" + "DgEBYLTUfBYBPzoaahPEdG/f0kUjUBJ34fkBUSjJKURPTHJfDfA=\n" + "-----END CERTIFICATE-----\n" }; int main(int argc, char *argv[]) @@ -163,16 +164,16 @@ int main(int argc, char *argv[]) for (i = 0; i < CHAIN_LENGTH; i++) { ret = gnutls_x509_crt_init(&certs[i]); if (ret < 0) { - fprintf(stderr, "gnutls_x509_crt_init[%d]: %s", - (int)i, gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crt_init[%d]: %s", (int)i, + gnutls_strerror(ret)); exit(1); } tmp.data = (unsigned char *)pem_certs[i]; tmp.size = strlen(pem_certs[i]); - ret = - gnutls_x509_crt_import(certs[i], &tmp, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(certs[i], &tmp, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fprintf(stderr, "gnutls_x509_crt_import[%d]: %s", (int)i, gnutls_strerror(ret)); @@ -197,15 +198,13 @@ int main(int argc, char *argv[]) exit(1); } - ret = gnutls_x509_crt_list_verify(certs, CHAIN_LENGTH, - &ca, 1, - NULL, 0, + ret = gnutls_x509_crt_list_verify(certs, CHAIN_LENGTH, &ca, 1, NULL, 0, GNUTLS_VERIFY_DISABLE_TIME_CHECKS | - GNUTLS_VERIFY_ALLOW_BROKEN, + GNUTLS_VERIFY_ALLOW_BROKEN, &verify_status); if (ret < 0) { - fprintf(stderr, "gnutls_x509_crt_list_verify[%d]: %s", - (int)i, gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crt_list_verify[%d]: %s", (int)i, + gnutls_strerror(ret)); exit(1); } @@ -238,14 +237,12 @@ int main(int argc, char *argv[]) gnutls_strerror(ret)); exit(1); } - ret = gnutls_x509_crt_list_verify(&self_cert, 1, - &self_cert, 1, - NULL, 0, + ret = gnutls_x509_crt_list_verify(&self_cert, 1, &self_cert, 1, NULL, 0, GNUTLS_VERIFY_DISABLE_TIME_CHECKS, &verify_status); if (ret < 0) { - fprintf(stderr, "gnutls_x509_crt_list_verify[%d]: %s", - (int)i, gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crt_list_verify[%d]: %s", (int)i, + gnutls_strerror(ret)); exit(1); } diff --git a/tests/cve-2009-1415.c b/tests/cve-2009-1415.c index 8827bd2d7d..50e76691bb 100644 --- a/tests/cve-2009-1415.c +++ b/tests/cve-2009-1415.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* @@ -49,30 +49,29 @@ #include static char dsa_cert[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDbzCCAtqgAwIBAgIERiYdRTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTQxWhcNMDgwNDE3MTMyOTQxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCCAbQwggEpBgcqhkjOOAQBMIIBHAKBgLmE9VqBvhoNxYpzjwybL5u2DkvD\n" - "dBp/ZK2d8yjFoEe8m1dW8ZfVfjcD6fJM9OOLfzCjXS+7oaI3wuo1jx+xX6aiXwHx\n" - "IzYr5E8vLd2d1TqmOa96UXzSJY6XdM8exXtLdkOBBx8GFLhuWBLhkOI3b9Ib7GjF\n" - "WOLmMOBqXixjeOwHAhSfVoxIZC/+jap6bZbbBF0W7wilcQKBgGIGfuRcdgi3Rhpd\n" - "15fUKiH7HzHJ0vT6Odgn0Zv8J12nCqca/FPBL0PCN8iFfz1Mq12BMvsdXh5UERYg\n" - "xoBa2YybQ/Dda6D0w/KKnDnSHHsP7/ook4/SoSLr3OCKi60oDs/vCYXpNr2LelDV\n" - "e/clDWxgEcTvcJDP1hvru47GPjqXA4GEAAKBgA+Kh1fy0cLcrN9Liw+Luin34QPk\n" - "VfqymAfW/RKxgLz1urRQ1H+gDkPnn8l4EV/l5Awsa2qkNdy9VOVgNpox0YpZbmsc\n" - "ur0uuut8h+/ayN2h66SD5out+vqOW9c3yDI+lsI+9EPafZECD7e8+O+P90EAXpbf\n" - "DwiW3Oqy6QaCr9Ivo4GTMIGQMAwGA1UdEwEB/wQCMAAwGgYDVR0RBBMwEYIPdGVz\n" - "dC5nbnV0bHMub3JnMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMH\n" - "gAAwHQYDVR0OBBYEFL/su87Y6HtwVuzz0SuS1tSZClvzMB8GA1UdIwQYMBaAFOk8\n" - "HPutkm7mBqRWLKLhwFMnyPKVMAsGCSqGSIb3DQEBBQOBgQBCsrnfD1xzh8/Eih1f\n" - "x+M0lPoX1Re5L2ElHI6DJpHYOBPwf9glwxnet2+avzgUQDUFwUSxOhodpyeaACXD\n" - "o0gGVpcH8sOBTQ+aTdM37hGkPxoXjtIkR/LgG5nP2H2JRd5TkW8l13JdM4MJFB4W\n" - "QcDzQ8REwidsfh9uKAluk1c/KQ==\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t dsa_cert_dat = { - (void *)dsa_cert, sizeof(dsa_cert) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIIDbzCCAtqgAwIBAgIERiYdRTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTQxWhcNMDgwNDE3MTMyOTQxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCCAbQwggEpBgcqhkjOOAQBMIIBHAKBgLmE9VqBvhoNxYpzjwybL5u2DkvD\n" + "dBp/ZK2d8yjFoEe8m1dW8ZfVfjcD6fJM9OOLfzCjXS+7oaI3wuo1jx+xX6aiXwHx\n" + "IzYr5E8vLd2d1TqmOa96UXzSJY6XdM8exXtLdkOBBx8GFLhuWBLhkOI3b9Ib7GjF\n" + "WOLmMOBqXixjeOwHAhSfVoxIZC/+jap6bZbbBF0W7wilcQKBgGIGfuRcdgi3Rhpd\n" + "15fUKiH7HzHJ0vT6Odgn0Zv8J12nCqca/FPBL0PCN8iFfz1Mq12BMvsdXh5UERYg\n" + "xoBa2YybQ/Dda6D0w/KKnDnSHHsP7/ook4/SoSLr3OCKi60oDs/vCYXpNr2LelDV\n" + "e/clDWxgEcTvcJDP1hvru47GPjqXA4GEAAKBgA+Kh1fy0cLcrN9Liw+Luin34QPk\n" + "VfqymAfW/RKxgLz1urRQ1H+gDkPnn8l4EV/l5Awsa2qkNdy9VOVgNpox0YpZbmsc\n" + "ur0uuut8h+/ayN2h66SD5out+vqOW9c3yDI+lsI+9EPafZECD7e8+O+P90EAXpbf\n" + "DwiW3Oqy6QaCr9Ivo4GTMIGQMAwGA1UdEwEB/wQCMAAwGgYDVR0RBBMwEYIPdGVz\n" + "dC5nbnV0bHMub3JnMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMH\n" + "gAAwHQYDVR0OBBYEFL/su87Y6HtwVuzz0SuS1tSZClvzMB8GA1UdIwQYMBaAFOk8\n" + "HPutkm7mBqRWLKLhwFMnyPKVMAsGCSqGSIb3DQEBBQOBgQBCsrnfD1xzh8/Eih1f\n" + "x+M0lPoX1Re5L2ElHI6DJpHYOBPwf9glwxnet2+avzgUQDUFwUSxOhodpyeaACXD\n" + "o0gGVpcH8sOBTQ+aTdM37hGkPxoXjtIkR/LgG5nP2H2JRd5TkW8l13JdM4MJFB4W\n" + "QcDzQ8REwidsfh9uKAluk1c/KQ==\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t dsa_cert_dat = { (void *)dsa_cert, sizeof(dsa_cert) }; int main(void) { @@ -100,9 +99,8 @@ int main(void) if (ret < 0) return 1; - ret = - gnutls_pubkey_verify_data2(pubkey, GNUTLS_SIGN_DSA_SHA1, 0, &data, - &sig); + ret = gnutls_pubkey_verify_data2(pubkey, GNUTLS_SIGN_DSA_SHA1, 0, &data, + &sig); if (ret < 0 && ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) return 1; diff --git a/tests/cve-2009-1416.c b/tests/cve-2009-1416.c index a06f56bb34..ba74857b73 100644 --- a/tests/cve-2009-1416.c +++ b/tests/cve-2009-1416.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* diff --git a/tests/dane-strcodes.c b/tests/dane-strcodes.c index 4ea3182777..4bf7e96af4 100644 --- a/tests/dane-strcodes.c +++ b/tests/dane-strcodes.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,8 +35,7 @@ * non null value. */ -static -void _check_unique_non_null(int line, int i, const char *val) +static void _check_unique_non_null(int line, int i, const char *val) { static char previous_val[128]; diff --git a/tests/dane.c b/tests/dane.c index 258163f0e7..37b792145a 100644 --- a/tests/dane.c +++ b/tests/dane.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -43,435 +43,412 @@ struct data_entry_st { int bogus; const char *cert; const char *ca; - unsigned expected_status; /* if cert is non-null */ - int expected_verify_ret; /* if cert is non-null */ + unsigned expected_status; /* if cert is non-null */ + int expected_verify_ret; /* if cert is non-null */ }; const struct data_entry_st data_entries[] = { - { - .name = "Entry parsing", - .queries = { - (char *) - "\x00\x00\x01\x19\x40\x0b\xe5\xb7\xa3\x1f\xb7\x33\x91\x77\x00\x78\x9d\x2f\x0a\x24\x71\xc0\xc9\xd5\x06\xc0\xe5\x04\xc0\x6c\x16\xd7\xcb\x17\xc0", - (char *) - "\x03\x00\x01\x03\x32\xaa\x2d\x58\xb3\xe0\x54\x4b\x65\x65\x64\x38\x93\x70\x68\xba\x44\xce\x2f\x14\x46\x9c\x4f\x50\xc9\xcc\x69\x33\xc8\x08\xd3", - (char *) - "\x03\x01\x01\x46\x25\x73\x19\x5c\x86\xe8\x61\xab\xab\x8e\xcc\xfb\xc7\xf0\x48\x69\x58\xef\xdf\xf9\x44\x9a\xc1\x07\x29\xb3\xa0\xf9\x06\xf3\x88", - NULL}, - .q_size = {35, 35, 35, 0}, - .expected_ret = 0, - .no_queries = 3, - .secure = 1, - .bogus = 0}, - { /* as the previous but with first byte invalid */ - .name = "Cert verification (single entry)", - .queries = { - (char *) - "\x03\x01\x01\x54\x4f\x28\x4d\x66\xaf\x2d\xe0\x8c\x17\xe7\x48\x6a\xed\xfa\x2e\x00\xaa\x1a\xc6\xbb\xf3\xaf\x5c\xa6\x2b\x55\xab\x7a\xc2\x69\xbe", - NULL}, - .q_size = {35, 35, 35, 0}, - .expected_ret = 0, - .no_queries = 1, - .secure = 1, - .bogus = 0, - .expected_verify_ret = 0, - .expected_status = 0, - .cert = "-----BEGIN CERTIFICATE-----\n" - "MIIE+DCCA+CgAwIBAgISESHVV5p9ybDcuT+A7ITU5IQYMA0GCSqGSIb3DQEBCwUA\n" - "MGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYD\n" - "VQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g\n" - "RzIwHhcNMTUxMDIxMDkxOTAwWhcNMTYxMjE4MTY1NDU2WjA8MSEwHwYDVQQLExhE\n" - "b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFzAVBgNVBAMMDioubmxuZXRsYWJzLm5s\n" - "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHpmwd7SC6vLKde0IcYD\n" - "rrVcSSZFNrmP6Wtw5rR7KTBGfj70lCzo1Tu4KzOeFL23cB/Y8kWPojw73eYM+lnr\n" - "woZmdG28q+nYeZYRNjFpeLmwK87bpWxw760FrdQSdPrgM9uZS02AWD8PWIWZQ+0X\n" - "5XbkgSSjgSRAeT6Ki+8r9TcA+rgUv208kHVgFrBqeNQ//oRojN/7tBbbXrVTy37W\n" - "yWLCijExfBzQSsamZqskwhmzYyCJOXCqHUGh/Nyt9WvcX4YE7ogba33M7EQX2C37\n" - "ZH+XcmHGdhhLahuMoAm39mchN8TwY7R6DtmvM/WhDdc4dkEWjvrUnGYQhajsKVIZ\n" - "oQIDAQABo4IBzjCCAcowDgYDVR0PAQH/BAQDAgWgMEkGA1UdIARCMEAwPgYGZ4EM\n" - "AQIBMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3Jl\n" - "cG9zaXRvcnkvMCcGA1UdEQQgMB6CDioubmxuZXRsYWJzLm5sggxubG5ldGxhYnMu\n" - "bmwwCQYDVR0TBAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwQwYD\n" - "VR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2Rv\n" - "bWFpbnZhbHNoYTJnMi5jcmwwgZQGCCsGAQUFBwEBBIGHMIGEMEcGCCsGAQUFBzAC\n" - "hjtodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc2RvbWFpbnZh\n" - "bHNoYTJnMnIxLmNydDA5BggrBgEFBQcwAYYtaHR0cDovL29jc3AyLmdsb2JhbHNp\n" - "Z24uY29tL2dzZG9tYWludmFsc2hhMmcyMB0GA1UdDgQWBBR8k4wtqr2L7in153sI\n" - "aE9Eo+ZB5zAfBgNVHSMEGDAWgBTqTnzUgC3lFYGGJoyCbcCYpM+XDzANBgkqhkiG\n" - "9w0BAQsFAAOCAQEAHgjG+iHJ8INGp/J0VskjmMItSdcTJhsQbAf1Pz1eu87cXhFa\n" - "Vro1xRN9KcsKhnd6TbflDpZkM0g9kX1nGZUWLxMmDbx6N/Y+0X9XHBkgTcVgo1gn\n" - "DkzBfMq/Qmy6Szl+RqNinvM2VjkjreWP2AFmIvbZxjMQDAtSs+5l1Qd+xR3Qxrim\n" - "5XFIaS7lR8ediLKO0trf7TcbXYZ72u3pxVxm7y2Vzi4mC+lcEcc6409b1yeSRbx/\n" - "9N6pYa8Uk3ZaeR6hZHx/g448vVwAqmKrsyJZOayDwHxrFeFWPfJSrFlT8kLmkr5A\n" - "VKOWjR5fslCGWqONiFHhyujZocIw03v5+kD9lw==\n" - "-----END CERTIFICATE-----\n"}, - { - .name = "Cert verification (multi entries)", - .queries = { - (char *) - "\x00\x00\x01\x19\x40\x0b\xe5\xb7\xa3\x1f\xb7\x33\x91\x77\x00\x78\x9d\x2f\x0a\x24\x71\xc0\xc9\xd5\x06\xc0\xe5\x04\xc0\x6c\x16\xd7\xcb\x17\xc0", - (char *) - "\x03\x01\x01\x54\x4f\x28\x4d\x66\xaf\x2d\xe0\x8c\x17\xe7\x48\x6a\xed\xfa\x2e\x00\xaa\x1a\xc6\xbb\xf3\xaf\x5c\xa6\x2b\x55\xab\x7a\xc2\x69\xbe", - (char *) - "\x03\x00\x01\x03\x32\xaa\x2d\x58\xb3\xe0\x54\x4b\x65\x65\x64\x38\x93\x70\x68\xba\x44\xce\x2f\x14\x46\x9c\x4f\x50\xc9\xcc\x69\x33\xc8\x08\xd3", - NULL}, - .q_size = {35, 35, 35, 0}, - .expected_ret = 0, - .no_queries = 3, - .secure = 1, - .bogus = 0, - .expected_verify_ret = 0, - .expected_status = 0, - .cert = "-----BEGIN CERTIFICATE-----\n" - "MIIE+DCCA+CgAwIBAgISESHVV5p9ybDcuT+A7ITU5IQYMA0GCSqGSIb3DQEBCwUA\n" - "MGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYD\n" - "VQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g\n" - "RzIwHhcNMTUxMDIxMDkxOTAwWhcNMTYxMjE4MTY1NDU2WjA8MSEwHwYDVQQLExhE\n" - "b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFzAVBgNVBAMMDioubmxuZXRsYWJzLm5s\n" - "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHpmwd7SC6vLKde0IcYD\n" - "rrVcSSZFNrmP6Wtw5rR7KTBGfj70lCzo1Tu4KzOeFL23cB/Y8kWPojw73eYM+lnr\n" - "woZmdG28q+nYeZYRNjFpeLmwK87bpWxw760FrdQSdPrgM9uZS02AWD8PWIWZQ+0X\n" - "5XbkgSSjgSRAeT6Ki+8r9TcA+rgUv208kHVgFrBqeNQ//oRojN/7tBbbXrVTy37W\n" - "yWLCijExfBzQSsamZqskwhmzYyCJOXCqHUGh/Nyt9WvcX4YE7ogba33M7EQX2C37\n" - "ZH+XcmHGdhhLahuMoAm39mchN8TwY7R6DtmvM/WhDdc4dkEWjvrUnGYQhajsKVIZ\n" - "oQIDAQABo4IBzjCCAcowDgYDVR0PAQH/BAQDAgWgMEkGA1UdIARCMEAwPgYGZ4EM\n" - "AQIBMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3Jl\n" - "cG9zaXRvcnkvMCcGA1UdEQQgMB6CDioubmxuZXRsYWJzLm5sggxubG5ldGxhYnMu\n" - "bmwwCQYDVR0TBAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwQwYD\n" - "VR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2Rv\n" - "bWFpbnZhbHNoYTJnMi5jcmwwgZQGCCsGAQUFBwEBBIGHMIGEMEcGCCsGAQUFBzAC\n" - "hjtodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc2RvbWFpbnZh\n" - "bHNoYTJnMnIxLmNydDA5BggrBgEFBQcwAYYtaHR0cDovL29jc3AyLmdsb2JhbHNp\n" - "Z24uY29tL2dzZG9tYWludmFsc2hhMmcyMB0GA1UdDgQWBBR8k4wtqr2L7in153sI\n" - "aE9Eo+ZB5zAfBgNVHSMEGDAWgBTqTnzUgC3lFYGGJoyCbcCYpM+XDzANBgkqhkiG\n" - "9w0BAQsFAAOCAQEAHgjG+iHJ8INGp/J0VskjmMItSdcTJhsQbAf1Pz1eu87cXhFa\n" - "Vro1xRN9KcsKhnd6TbflDpZkM0g9kX1nGZUWLxMmDbx6N/Y+0X9XHBkgTcVgo1gn\n" - "DkzBfMq/Qmy6Szl+RqNinvM2VjkjreWP2AFmIvbZxjMQDAtSs+5l1Qd+xR3Qxrim\n" - "5XFIaS7lR8ediLKO0trf7TcbXYZ72u3pxVxm7y2Vzi4mC+lcEcc6409b1yeSRbx/\n" - "9N6pYa8Uk3ZaeR6hZHx/g448vVwAqmKrsyJZOayDwHxrFeFWPfJSrFlT8kLmkr5A\n" - "VKOWjR5fslCGWqONiFHhyujZocIw03v5+kD9lw==\n" - "-----END CERTIFICATE-----\n"}, - { - .name = "Cert verification (invalid hash)", - .queries = { - (char *) - "\x03\x01\x01\x54\x4f\x28\x4d\x66\xaf\x2d\xe0\x8c\x17\xe7\x49\x6a\xed\xfa\x2e\x00\xaa\x1a\xc6\xbb\xf3\xaf\x5c\xa6\x2b\x55\xab\x7a\xc2\x69\xbe", - NULL}, - .q_size = {35, 0}, - .expected_ret = 0, - .no_queries = 1, - .secure = 1, - .bogus = 0, - .expected_verify_ret = 0, - .expected_status = DANE_VERIFY_CERT_DIFFERS, - .cert = "-----BEGIN CERTIFICATE-----\n" - "MIIE+DCCA+CgAwIBAgISESHVV5p9ybDcuT+A7ITU5IQYMA0GCSqGSIb3DQEBCwUA\n" - "MGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYD\n" - "VQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g\n" - "RzIwHhcNMTUxMDIxMDkxOTAwWhcNMTYxMjE4MTY1NDU2WjA8MSEwHwYDVQQLExhE\n" - "b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFzAVBgNVBAMMDioubmxuZXRsYWJzLm5s\n" - "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHpmwd7SC6vLKde0IcYD\n" - "rrVcSSZFNrmP6Wtw5rR7KTBGfj70lCzo1Tu4KzOeFL23cB/Y8kWPojw73eYM+lnr\n" - "woZmdG28q+nYeZYRNjFpeLmwK87bpWxw760FrdQSdPrgM9uZS02AWD8PWIWZQ+0X\n" - "5XbkgSSjgSRAeT6Ki+8r9TcA+rgUv208kHVgFrBqeNQ//oRojN/7tBbbXrVTy37W\n" - "yWLCijExfBzQSsamZqskwhmzYyCJOXCqHUGh/Nyt9WvcX4YE7ogba33M7EQX2C37\n" - "ZH+XcmHGdhhLahuMoAm39mchN8TwY7R6DtmvM/WhDdc4dkEWjvrUnGYQhajsKVIZ\n" - "oQIDAQABo4IBzjCCAcowDgYDVR0PAQH/BAQDAgWgMEkGA1UdIARCMEAwPgYGZ4EM\n" - "AQIBMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3Jl\n" - "cG9zaXRvcnkvMCcGA1UdEQQgMB6CDioubmxuZXRsYWJzLm5sggxubG5ldGxhYnMu\n" - "bmwwCQYDVR0TBAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwQwYD\n" - "VR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2Rv\n" - "bWFpbnZhbHNoYTJnMi5jcmwwgZQGCCsGAQUFBwEBBIGHMIGEMEcGCCsGAQUFBzAC\n" - "hjtodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc2RvbWFpbnZh\n" - "bHNoYTJnMnIxLmNydDA5BggrBgEFBQcwAYYtaHR0cDovL29jc3AyLmdsb2JhbHNp\n" - "Z24uY29tL2dzZG9tYWludmFsc2hhMmcyMB0GA1UdDgQWBBR8k4wtqr2L7in153sI\n" - "aE9Eo+ZB5zAfBgNVHSMEGDAWgBTqTnzUgC3lFYGGJoyCbcCYpM+XDzANBgkqhkiG\n" - "9w0BAQsFAAOCAQEAHgjG+iHJ8INGp/J0VskjmMItSdcTJhsQbAf1Pz1eu87cXhFa\n" - "Vro1xRN9KcsKhnd6TbflDpZkM0g9kX1nGZUWLxMmDbx6N/Y+0X9XHBkgTcVgo1gn\n" - "DkzBfMq/Qmy6Szl+RqNinvM2VjkjreWP2AFmIvbZxjMQDAtSs+5l1Qd+xR3Qxrim\n" - "5XFIaS7lR8ediLKO0trf7TcbXYZ72u3pxVxm7y2Vzi4mC+lcEcc6409b1yeSRbx/\n" - "9N6pYa8Uk3ZaeR6hZHx/g448vVwAqmKrsyJZOayDwHxrFeFWPfJSrFlT8kLmkr5A\n" - "VKOWjR5fslCGWqONiFHhyujZocIw03v5+kD9lw==\n" - "-----END CERTIFICATE-----\n"}, - { - .name = "Cert verification (bogus data)", - .queries = { - (char *) - "\x00\x00\x01\x19\x40\x0b\xe5\xb7\xa3\x1f\xb7\x33\x91\x77\x00\x78\x9d\x2f\x0a\x24\x71\xc0\xc9\xd5\x06\xc0\xe5\x04\xc0\x6c\x16\xd7\xcb\x17\xc0", - NULL}, - .q_size = {35, 0}, - .expected_ret = 0, - .no_queries = 1, - .secure = 1, - .bogus = 0, - .expected_verify_ret = DANE_E_REQUESTED_DATA_NOT_AVAILABLE, - .expected_status = -1, - .cert = "-----BEGIN CERTIFICATE-----\n" - "MIIE+DCCA+CgAwIBAgISESHVV5p9ybDcuT+A7ITU5IQYMA0GCSqGSIb3DQEBCwUA\n" - "MGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYD\n" - "VQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g\n" - "RzIwHhcNMTUxMDIxMDkxOTAwWhcNMTYxMjE4MTY1NDU2WjA8MSEwHwYDVQQLExhE\n" - "b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFzAVBgNVBAMMDioubmxuZXRsYWJzLm5s\n" - "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHpmwd7SC6vLKde0IcYD\n" - "rrVcSSZFNrmP6Wtw5rR7KTBGfj70lCzo1Tu4KzOeFL23cB/Y8kWPojw73eYM+lnr\n" - "woZmdG28q+nYeZYRNjFpeLmwK87bpWxw760FrdQSdPrgM9uZS02AWD8PWIWZQ+0X\n" - "5XbkgSSjgSRAeT6Ki+8r9TcA+rgUv208kHVgFrBqeNQ//oRojN/7tBbbXrVTy37W\n" - "yWLCijExfBzQSsamZqskwhmzYyCJOXCqHUGh/Nyt9WvcX4YE7ogba33M7EQX2C37\n" - "ZH+XcmHGdhhLahuMoAm39mchN8TwY7R6DtmvM/WhDdc4dkEWjvrUnGYQhajsKVIZ\n" - "oQIDAQABo4IBzjCCAcowDgYDVR0PAQH/BAQDAgWgMEkGA1UdIARCMEAwPgYGZ4EM\n" - "AQIBMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3Jl\n" - "cG9zaXRvcnkvMCcGA1UdEQQgMB6CDioubmxuZXRsYWJzLm5sggxubG5ldGxhYnMu\n" - "bmwwCQYDVR0TBAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwQwYD\n" - "VR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2Rv\n" - "bWFpbnZhbHNoYTJnMi5jcmwwgZQGCCsGAQUFBwEBBIGHMIGEMEcGCCsGAQUFBzAC\n" - "hjtodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc2RvbWFpbnZh\n" - "bHNoYTJnMnIxLmNydDA5BggrBgEFBQcwAYYtaHR0cDovL29jc3AyLmdsb2JhbHNp\n" - "Z24uY29tL2dzZG9tYWludmFsc2hhMmcyMB0GA1UdDgQWBBR8k4wtqr2L7in153sI\n" - "aE9Eo+ZB5zAfBgNVHSMEGDAWgBTqTnzUgC3lFYGGJoyCbcCYpM+XDzANBgkqhkiG\n" - "9w0BAQsFAAOCAQEAHgjG+iHJ8INGp/J0VskjmMItSdcTJhsQbAf1Pz1eu87cXhFa\n" - "Vro1xRN9KcsKhnd6TbflDpZkM0g9kX1nGZUWLxMmDbx6N/Y+0X9XHBkgTcVgo1gn\n" - "DkzBfMq/Qmy6Szl+RqNinvM2VjkjreWP2AFmIvbZxjMQDAtSs+5l1Qd+xR3Qxrim\n" - "5XFIaS7lR8ediLKO0trf7TcbXYZ72u3pxVxm7y2Vzi4mC+lcEcc6409b1yeSRbx/\n" - "9N6pYa8Uk3ZaeR6hZHx/g448vVwAqmKrsyJZOayDwHxrFeFWPfJSrFlT8kLmkr5A\n" - "VKOWjR5fslCGWqONiFHhyujZocIw03v5+kD9lw==\n" - "-----END CERTIFICATE-----\n"}, - { - .name = "CA verification (valid)", - .queries = { - (char *) - "\x00\x00\x01\x19\x40\x0b\xe5\xb7\xa3\x1f\xb7\x33\x91\x77\x00\x78\x9d\x2f\x0a\x24\x71\xc0\xc9\xd5\x06\xc0\xe5\x04\xc0\x6c\x16\xd7\xcb\x17\xc0", - NULL}, - .q_size = {35, 0}, - .expected_ret = 0, - .no_queries = 1, - .secure = 1, - .bogus = 0, - .expected_verify_ret = 0, - .expected_status = 0, - .cert = "-----BEGIN CERTIFICATE-----\n" - "MIIGXjCCBUagAwIBAgIQBNO3A71kyzonos0JsLRHrjANBgkqhkiG9w0BAQsFADBw\n" - "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n" - "d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz\n" - "dXJhbmNlIFNlcnZlciBDQTAeFw0xNDA0MjIwMDAwMDBaFw0xNzA0MjYxMjAwMDBa\n" - "MG0xCzAJBgNVBAYTAlVTMRcwFQYDVQQIEw5Ob3J0aCBDYXJvbGluYTEQMA4GA1UE\n" - "BxMHUmFsZWlnaDEVMBMGA1UEChMMUmVkIEhhdCBJbmMuMRwwGgYDVQQDDBMqLmZl\n" - "ZG9yYXByb2plY3Qub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA\n" - "vpd22JvToGSgnx2CBtfdoqvraQWNpQ1aXd/PSM0PVIqEjutrKJF7Xhr7DgHRLOhy\n" - "ko1CzfSp5n6nB7raqDq2kddWgqL3tuyb+lSwdQRGuJZsWW3CCwzR3VNRQUnPldpd\n" - "vqHVSkjHkIZYVcZ2FnMYWEa43ESnmgiQGBg4G+T7/9Pv+10SQ+fOE175GWZKHkJm\n" - "vJZAjIO2uxvJ/rCq3YQI6hdAsclIiSZ4X8UXWt0IMjp/RdCCnv+SS4XCirZ/IDqM\n" - "H+WdMllD0/cbgIOr4SXEuUPEJcI5NziuILe05RefFeZXoC6dxNWr8BvAjxxrZtpS\n" - "/7OMwE+WYkVIH8fkgCTVfsa2ZOvMM5CWzxqWKhbFsbw6EGSVIIUtI3C28i3rjLjr\n" - "XZ/94k3pf3i/u6DzUmlWm8psn6XZXru0+FKPTrmeDluyuxJsgzudk8mF8Cjw/Oc0\n" - "IHVg6Qw/Dm/OM9cAVqmb6ld3GF+QlkzTwurEGKeGj8s8Td0WoPOf6apB/PIaDIu1\n" - "rJphTVyGNqfKqMFFOwqH/M9CVtaEfwYqT9aB8OSE8MtFe3L1WypEq4tK8VUtoi98\n" - "0S9mz4fxathakM+js1eyup/uz0W4cKIFbONLgod0g1arMmSB1Ox7GD6qaUC6zKr8\n" - "hWcKMROSg8VFYMhqwGR2k64knXDsVH1mAOgRbJabr3ECAwEAAaOCAfUwggHxMB8G\n" - "A1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBRaTFeTslW8\n" - "sjOiEWQkQoHtHefJIjAxBgNVHREEKjAoghMqLmZlZG9yYXByb2plY3Qub3JnghFm\n" - "ZWRvcmFwcm9qZWN0Lm9yZzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB\n" - "BQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRp\n" - "Z2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nMi5jcmwwNKAyoDCGLmh0dHA6Ly9j\n" - "cmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nMi5jcmwwQgYDVR0gBDsw\n" - "OTA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNl\n" - "cnQuY29tL0NQUzCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8v\n" - "b2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRp\n" - "Z2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0\n" - "MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBADSBIYR5GwUfYTHlXeej\n" - "tgOMbGIiBD1YPBNlP7vLiGc9+Z4rUxWy/TkL7WUFJf1L88ph1CUQ8TbRjLz2RqL8\n" - "snkFWjMsH9ddnwTO4zkCtTjC9fu+broPkmvzmHq2hlXuiDz9G7XvjtbtPujrrKOz\n" - "o1pPAEl5c4B0ANaYL0OMUDhvskJguVMC5S/ZNuvNg6k3jkKZWGZPfcxgcZoPvBM8\n" - "oIjImGyUMpy7bqRPp4K2xoN530GjoXg8OWIvyAwA06ENLZrU1fcSJsvH2gZVzk8s\n" - "EvqFNFnOJN3aQ21imUjAesJ9dXSeCpscDDHqwzmRPuj2/QgtpMCmSZf34mdEzDIJ\n" - "hrA=\n" "-----END CERTIFICATE-----\n", - .ca = "-----BEGIN CERTIFICATE-----\n" - "MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBs\n" - "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n" - "d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j\n" - "ZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDEL\n" - "MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3\n" - "LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3Vy\n" - "YW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2\n" - "4C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMIC\n" - "Kq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1\n" - "itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn\n" - "4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0X\n" - "sh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcft\n" - "bZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEA\n" - "MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\n" - "NAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy\n" - "dC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29t\n" - "L0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIG\n" - "BFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQ\n" - "UzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7D\n" - "aQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwd\n" - "aOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNH\n" - "E+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly\n" - "/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zu\n" - "xICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF\n" - "0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0Ae\n" - "cPUeybQ=\n" "-----END CERTIFICATE-----\n"}, - { - .name = "CA verification (invalid)", - .queries = { - (char *) - "\x00\x00\x01\x19\x40\x0b\xe5\xb7\xa3\x1f\xb7\x33\x92\x77\x00\x78\x9d\x2f\x0a\x24\x71\xc0\xc9\xd5\x06\xc0\xe5\x04\xc0\x6c\x16\xd7\xcb\x17\xc0", - NULL}, - .q_size = {35, 0}, - .expected_ret = 0, - .no_queries = 1, - .secure = 1, - .bogus = 0, - .expected_verify_ret = 0, - .expected_status = DANE_VERIFY_CA_CONSTRAINTS_VIOLATED, - .cert = "-----BEGIN CERTIFICATE-----\n" - "MIIGXjCCBUagAwIBAgIQBNO3A71kyzonos0JsLRHrjANBgkqhkiG9w0BAQsFADBw\n" - "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n" - "d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz\n" - "dXJhbmNlIFNlcnZlciBDQTAeFw0xNDA0MjIwMDAwMDBaFw0xNzA0MjYxMjAwMDBa\n" - "MG0xCzAJBgNVBAYTAlVTMRcwFQYDVQQIEw5Ob3J0aCBDYXJvbGluYTEQMA4GA1UE\n" - "BxMHUmFsZWlnaDEVMBMGA1UEChMMUmVkIEhhdCBJbmMuMRwwGgYDVQQDDBMqLmZl\n" - "ZG9yYXByb2plY3Qub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA\n" - "vpd22JvToGSgnx2CBtfdoqvraQWNpQ1aXd/PSM0PVIqEjutrKJF7Xhr7DgHRLOhy\n" - "ko1CzfSp5n6nB7raqDq2kddWgqL3tuyb+lSwdQRGuJZsWW3CCwzR3VNRQUnPldpd\n" - "vqHVSkjHkIZYVcZ2FnMYWEa43ESnmgiQGBg4G+T7/9Pv+10SQ+fOE175GWZKHkJm\n" - "vJZAjIO2uxvJ/rCq3YQI6hdAsclIiSZ4X8UXWt0IMjp/RdCCnv+SS4XCirZ/IDqM\n" - "H+WdMllD0/cbgIOr4SXEuUPEJcI5NziuILe05RefFeZXoC6dxNWr8BvAjxxrZtpS\n" - "/7OMwE+WYkVIH8fkgCTVfsa2ZOvMM5CWzxqWKhbFsbw6EGSVIIUtI3C28i3rjLjr\n" - "XZ/94k3pf3i/u6DzUmlWm8psn6XZXru0+FKPTrmeDluyuxJsgzudk8mF8Cjw/Oc0\n" - "IHVg6Qw/Dm/OM9cAVqmb6ld3GF+QlkzTwurEGKeGj8s8Td0WoPOf6apB/PIaDIu1\n" - "rJphTVyGNqfKqMFFOwqH/M9CVtaEfwYqT9aB8OSE8MtFe3L1WypEq4tK8VUtoi98\n" - "0S9mz4fxathakM+js1eyup/uz0W4cKIFbONLgod0g1arMmSB1Ox7GD6qaUC6zKr8\n" - "hWcKMROSg8VFYMhqwGR2k64knXDsVH1mAOgRbJabr3ECAwEAAaOCAfUwggHxMB8G\n" - "A1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBRaTFeTslW8\n" - "sjOiEWQkQoHtHefJIjAxBgNVHREEKjAoghMqLmZlZG9yYXByb2plY3Qub3JnghFm\n" - "ZWRvcmFwcm9qZWN0Lm9yZzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB\n" - "BQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRp\n" - "Z2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nMi5jcmwwNKAyoDCGLmh0dHA6Ly9j\n" - "cmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nMi5jcmwwQgYDVR0gBDsw\n" - "OTA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNl\n" - "cnQuY29tL0NQUzCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8v\n" - "b2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRp\n" - "Z2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0\n" - "MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBADSBIYR5GwUfYTHlXeej\n" - "tgOMbGIiBD1YPBNlP7vLiGc9+Z4rUxWy/TkL7WUFJf1L88ph1CUQ8TbRjLz2RqL8\n" - "snkFWjMsH9ddnwTO4zkCtTjC9fu+broPkmvzmHq2hlXuiDz9G7XvjtbtPujrrKOz\n" - "o1pPAEl5c4B0ANaYL0OMUDhvskJguVMC5S/ZNuvNg6k3jkKZWGZPfcxgcZoPvBM8\n" - "oIjImGyUMpy7bqRPp4K2xoN530GjoXg8OWIvyAwA06ENLZrU1fcSJsvH2gZVzk8s\n" - "EvqFNFnOJN3aQ21imUjAesJ9dXSeCpscDDHqwzmRPuj2/QgtpMCmSZf34mdEzDIJ\n" - "hrA=\n" "-----END CERTIFICATE-----\n", - .ca = "-----BEGIN CERTIFICATE-----\n" - "MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBs\n" - "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n" - "d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j\n" - "ZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDEL\n" - "MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3\n" - "LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3Vy\n" - "YW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2\n" - "4C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMIC\n" - "Kq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1\n" - "itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn\n" - "4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0X\n" - "sh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcft\n" - "bZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEA\n" - "MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\n" - "NAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy\n" - "dC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29t\n" - "L0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIG\n" - "BFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQ\n" - "UzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7D\n" - "aQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwd\n" - "aOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNH\n" - "E+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly\n" - "/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zu\n" - "xICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF\n" - "0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0Ae\n" - "cPUeybQ=\n" "-----END CERTIFICATE-----\n"}, - { /* as the previous but with first byte invalid */ - .name = "CA verification (multiple entries)", - .queries = { - (char *) - "\x00\x00\x01\x19\x40\x0b\xe5\xb7\xa3\x1f\xb7\x33\x91\x77\x00\x78\x9d\x2f\x0a\x24\x71\xc0\xc9\xd5\x06\xc0\xe5\x04\xc0\x6c\x16\xd7\xcb\x17\xc0", - (char *) - "\x03\x01\x01\x54\x4f\x28\x4d\x66\xaf\x2d\xe0\x8c\x17\xe7\x48\x6a\xed\xfa\x2e\x00\xaa\x1a\xc6\xbb\xf3\xaf\x5c\xa6\x2b\x55\xab\x7a\xc2\x69\xbe", - (char *) - "\x00\x00\x01\x19\x40\x0b\xe5\xb7\xa3\x1f\xb7\x33\x91\x77\x00\x78\x9d\x2f\x0a\x24\x71\xc0\xc9\xd5\x06\xc0\xe5\x04\xc0\x6c\x16\xd7\xcb\x17\xc0", - (char *) - "\x03\x00\x01\x03\x32\xaa\x2d\x58\xb3\xe0\x54\x4b\x65\x65\x64\x38\x93\x70\x68\xba\x44\xce\x2f\x14\x46\x9c\x4f\x50\xc9\xcc\x69\x33\xc8\x08\xd3", - NULL}, - .q_size = {35, 35, 35, 35, 0}, - .expected_ret = 0, - .no_queries = 4, - .secure = 1, - .bogus = 0, - .expected_verify_ret = 0, - .expected_status = 0, - .cert = "-----BEGIN CERTIFICATE-----\n" - "MIIGXjCCBUagAwIBAgIQBNO3A71kyzonos0JsLRHrjANBgkqhkiG9w0BAQsFADBw\n" - "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n" - "d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz\n" - "dXJhbmNlIFNlcnZlciBDQTAeFw0xNDA0MjIwMDAwMDBaFw0xNzA0MjYxMjAwMDBa\n" - "MG0xCzAJBgNVBAYTAlVTMRcwFQYDVQQIEw5Ob3J0aCBDYXJvbGluYTEQMA4GA1UE\n" - "BxMHUmFsZWlnaDEVMBMGA1UEChMMUmVkIEhhdCBJbmMuMRwwGgYDVQQDDBMqLmZl\n" - "ZG9yYXByb2plY3Qub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA\n" - "vpd22JvToGSgnx2CBtfdoqvraQWNpQ1aXd/PSM0PVIqEjutrKJF7Xhr7DgHRLOhy\n" - "ko1CzfSp5n6nB7raqDq2kddWgqL3tuyb+lSwdQRGuJZsWW3CCwzR3VNRQUnPldpd\n" - "vqHVSkjHkIZYVcZ2FnMYWEa43ESnmgiQGBg4G+T7/9Pv+10SQ+fOE175GWZKHkJm\n" - "vJZAjIO2uxvJ/rCq3YQI6hdAsclIiSZ4X8UXWt0IMjp/RdCCnv+SS4XCirZ/IDqM\n" - "H+WdMllD0/cbgIOr4SXEuUPEJcI5NziuILe05RefFeZXoC6dxNWr8BvAjxxrZtpS\n" - "/7OMwE+WYkVIH8fkgCTVfsa2ZOvMM5CWzxqWKhbFsbw6EGSVIIUtI3C28i3rjLjr\n" - "XZ/94k3pf3i/u6DzUmlWm8psn6XZXru0+FKPTrmeDluyuxJsgzudk8mF8Cjw/Oc0\n" - "IHVg6Qw/Dm/OM9cAVqmb6ld3GF+QlkzTwurEGKeGj8s8Td0WoPOf6apB/PIaDIu1\n" - "rJphTVyGNqfKqMFFOwqH/M9CVtaEfwYqT9aB8OSE8MtFe3L1WypEq4tK8VUtoi98\n" - "0S9mz4fxathakM+js1eyup/uz0W4cKIFbONLgod0g1arMmSB1Ox7GD6qaUC6zKr8\n" - "hWcKMROSg8VFYMhqwGR2k64knXDsVH1mAOgRbJabr3ECAwEAAaOCAfUwggHxMB8G\n" - "A1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBRaTFeTslW8\n" - "sjOiEWQkQoHtHefJIjAxBgNVHREEKjAoghMqLmZlZG9yYXByb2plY3Qub3JnghFm\n" - "ZWRvcmFwcm9qZWN0Lm9yZzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB\n" - "BQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRp\n" - "Z2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nMi5jcmwwNKAyoDCGLmh0dHA6Ly9j\n" - "cmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nMi5jcmwwQgYDVR0gBDsw\n" - "OTA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNl\n" - "cnQuY29tL0NQUzCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8v\n" - "b2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRp\n" - "Z2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0\n" - "MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBADSBIYR5GwUfYTHlXeej\n" - "tgOMbGIiBD1YPBNlP7vLiGc9+Z4rUxWy/TkL7WUFJf1L88ph1CUQ8TbRjLz2RqL8\n" - "snkFWjMsH9ddnwTO4zkCtTjC9fu+broPkmvzmHq2hlXuiDz9G7XvjtbtPujrrKOz\n" - "o1pPAEl5c4B0ANaYL0OMUDhvskJguVMC5S/ZNuvNg6k3jkKZWGZPfcxgcZoPvBM8\n" - "oIjImGyUMpy7bqRPp4K2xoN530GjoXg8OWIvyAwA06ENLZrU1fcSJsvH2gZVzk8s\n" - "EvqFNFnOJN3aQ21imUjAesJ9dXSeCpscDDHqwzmRPuj2/QgtpMCmSZf34mdEzDIJ\n" - "hrA=\n" "-----END CERTIFICATE-----\n", - .ca = "-----BEGIN CERTIFICATE-----\n" - "MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBs\n" - "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n" - "d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j\n" - "ZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDEL\n" - "MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3\n" - "LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3Vy\n" - "YW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2\n" - "4C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMIC\n" - "Kq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1\n" - "itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn\n" - "4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0X\n" - "sh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcft\n" - "bZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEA\n" - "MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\n" - "NAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy\n" - "dC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29t\n" - "L0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIG\n" - "BFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQ\n" - "UzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7D\n" - "aQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwd\n" - "aOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNH\n" - "E+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly\n" - "/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zu\n" - "xICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF\n" - "0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0Ae\n" - "cPUeybQ=\n" "-----END CERTIFICATE-----\n"} + { .name = "Entry parsing", + .queries = { (char *)"\x00\x00\x01\x19\x40\x0b\xe5\xb7\xa3\x1f\xb7\x33\x91\x77\x00\x78\x9d\x2f\x0a\x24\x71\xc0\xc9\xd5\x06\xc0\xe5\x04\xc0\x6c\x16\xd7\xcb\x17\xc0", + (char *)"\x03\x00\x01\x03\x32\xaa\x2d\x58\xb3\xe0\x54\x4b\x65\x65\x64\x38\x93\x70\x68\xba\x44\xce\x2f\x14\x46\x9c\x4f\x50\xc9\xcc\x69\x33\xc8\x08\xd3", + (char *)"\x03\x01\x01\x46\x25\x73\x19\x5c\x86\xe8\x61\xab\xab\x8e\xcc\xfb\xc7\xf0\x48\x69\x58\xef\xdf\xf9\x44\x9a\xc1\x07\x29\xb3\xa0\xf9\x06\xf3\x88", + NULL }, + .q_size = { 35, 35, 35, 0 }, + .expected_ret = 0, + .no_queries = 3, + .secure = 1, + .bogus = 0 }, + { /* as the previous but with first byte invalid */ + .name = "Cert verification (single entry)", + .queries = { (char *)"\x03\x01\x01\x54\x4f\x28\x4d\x66\xaf\x2d\xe0\x8c\x17\xe7\x48\x6a\xed\xfa\x2e\x00\xaa\x1a\xc6\xbb\xf3\xaf\x5c\xa6\x2b\x55\xab\x7a\xc2\x69\xbe", + NULL }, + .q_size = { 35, 35, 35, 0 }, + .expected_ret = 0, + .no_queries = 1, + .secure = 1, + .bogus = 0, + .expected_verify_ret = 0, + .expected_status = 0, + .cert = "-----BEGIN CERTIFICATE-----\n" + "MIIE+DCCA+CgAwIBAgISESHVV5p9ybDcuT+A7ITU5IQYMA0GCSqGSIb3DQEBCwUA\n" + "MGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYD\n" + "VQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g\n" + "RzIwHhcNMTUxMDIxMDkxOTAwWhcNMTYxMjE4MTY1NDU2WjA8MSEwHwYDVQQLExhE\n" + "b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFzAVBgNVBAMMDioubmxuZXRsYWJzLm5s\n" + "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHpmwd7SC6vLKde0IcYD\n" + "rrVcSSZFNrmP6Wtw5rR7KTBGfj70lCzo1Tu4KzOeFL23cB/Y8kWPojw73eYM+lnr\n" + "woZmdG28q+nYeZYRNjFpeLmwK87bpWxw760FrdQSdPrgM9uZS02AWD8PWIWZQ+0X\n" + "5XbkgSSjgSRAeT6Ki+8r9TcA+rgUv208kHVgFrBqeNQ//oRojN/7tBbbXrVTy37W\n" + "yWLCijExfBzQSsamZqskwhmzYyCJOXCqHUGh/Nyt9WvcX4YE7ogba33M7EQX2C37\n" + "ZH+XcmHGdhhLahuMoAm39mchN8TwY7R6DtmvM/WhDdc4dkEWjvrUnGYQhajsKVIZ\n" + "oQIDAQABo4IBzjCCAcowDgYDVR0PAQH/BAQDAgWgMEkGA1UdIARCMEAwPgYGZ4EM\n" + "AQIBMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3Jl\n" + "cG9zaXRvcnkvMCcGA1UdEQQgMB6CDioubmxuZXRsYWJzLm5sggxubG5ldGxhYnMu\n" + "bmwwCQYDVR0TBAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwQwYD\n" + "VR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2Rv\n" + "bWFpbnZhbHNoYTJnMi5jcmwwgZQGCCsGAQUFBwEBBIGHMIGEMEcGCCsGAQUFBzAC\n" + "hjtodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc2RvbWFpbnZh\n" + "bHNoYTJnMnIxLmNydDA5BggrBgEFBQcwAYYtaHR0cDovL29jc3AyLmdsb2JhbHNp\n" + "Z24uY29tL2dzZG9tYWludmFsc2hhMmcyMB0GA1UdDgQWBBR8k4wtqr2L7in153sI\n" + "aE9Eo+ZB5zAfBgNVHSMEGDAWgBTqTnzUgC3lFYGGJoyCbcCYpM+XDzANBgkqhkiG\n" + "9w0BAQsFAAOCAQEAHgjG+iHJ8INGp/J0VskjmMItSdcTJhsQbAf1Pz1eu87cXhFa\n" + "Vro1xRN9KcsKhnd6TbflDpZkM0g9kX1nGZUWLxMmDbx6N/Y+0X9XHBkgTcVgo1gn\n" + "DkzBfMq/Qmy6Szl+RqNinvM2VjkjreWP2AFmIvbZxjMQDAtSs+5l1Qd+xR3Qxrim\n" + "5XFIaS7lR8ediLKO0trf7TcbXYZ72u3pxVxm7y2Vzi4mC+lcEcc6409b1yeSRbx/\n" + "9N6pYa8Uk3ZaeR6hZHx/g448vVwAqmKrsyJZOayDwHxrFeFWPfJSrFlT8kLmkr5A\n" + "VKOWjR5fslCGWqONiFHhyujZocIw03v5+kD9lw==\n" + "-----END CERTIFICATE-----\n" }, + { .name = "Cert verification (multi entries)", + .queries = { (char *)"\x00\x00\x01\x19\x40\x0b\xe5\xb7\xa3\x1f\xb7\x33\x91\x77\x00\x78\x9d\x2f\x0a\x24\x71\xc0\xc9\xd5\x06\xc0\xe5\x04\xc0\x6c\x16\xd7\xcb\x17\xc0", + (char *)"\x03\x01\x01\x54\x4f\x28\x4d\x66\xaf\x2d\xe0\x8c\x17\xe7\x48\x6a\xed\xfa\x2e\x00\xaa\x1a\xc6\xbb\xf3\xaf\x5c\xa6\x2b\x55\xab\x7a\xc2\x69\xbe", + (char *)"\x03\x00\x01\x03\x32\xaa\x2d\x58\xb3\xe0\x54\x4b\x65\x65\x64\x38\x93\x70\x68\xba\x44\xce\x2f\x14\x46\x9c\x4f\x50\xc9\xcc\x69\x33\xc8\x08\xd3", + NULL }, + .q_size = { 35, 35, 35, 0 }, + .expected_ret = 0, + .no_queries = 3, + .secure = 1, + .bogus = 0, + .expected_verify_ret = 0, + .expected_status = 0, + .cert = "-----BEGIN CERTIFICATE-----\n" + "MIIE+DCCA+CgAwIBAgISESHVV5p9ybDcuT+A7ITU5IQYMA0GCSqGSIb3DQEBCwUA\n" + "MGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYD\n" + "VQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g\n" + "RzIwHhcNMTUxMDIxMDkxOTAwWhcNMTYxMjE4MTY1NDU2WjA8MSEwHwYDVQQLExhE\n" + "b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFzAVBgNVBAMMDioubmxuZXRsYWJzLm5s\n" + "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHpmwd7SC6vLKde0IcYD\n" + "rrVcSSZFNrmP6Wtw5rR7KTBGfj70lCzo1Tu4KzOeFL23cB/Y8kWPojw73eYM+lnr\n" + "woZmdG28q+nYeZYRNjFpeLmwK87bpWxw760FrdQSdPrgM9uZS02AWD8PWIWZQ+0X\n" + "5XbkgSSjgSRAeT6Ki+8r9TcA+rgUv208kHVgFrBqeNQ//oRojN/7tBbbXrVTy37W\n" + "yWLCijExfBzQSsamZqskwhmzYyCJOXCqHUGh/Nyt9WvcX4YE7ogba33M7EQX2C37\n" + "ZH+XcmHGdhhLahuMoAm39mchN8TwY7R6DtmvM/WhDdc4dkEWjvrUnGYQhajsKVIZ\n" + "oQIDAQABo4IBzjCCAcowDgYDVR0PAQH/BAQDAgWgMEkGA1UdIARCMEAwPgYGZ4EM\n" + "AQIBMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3Jl\n" + "cG9zaXRvcnkvMCcGA1UdEQQgMB6CDioubmxuZXRsYWJzLm5sggxubG5ldGxhYnMu\n" + "bmwwCQYDVR0TBAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwQwYD\n" + "VR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2Rv\n" + "bWFpbnZhbHNoYTJnMi5jcmwwgZQGCCsGAQUFBwEBBIGHMIGEMEcGCCsGAQUFBzAC\n" + "hjtodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc2RvbWFpbnZh\n" + "bHNoYTJnMnIxLmNydDA5BggrBgEFBQcwAYYtaHR0cDovL29jc3AyLmdsb2JhbHNp\n" + "Z24uY29tL2dzZG9tYWludmFsc2hhMmcyMB0GA1UdDgQWBBR8k4wtqr2L7in153sI\n" + "aE9Eo+ZB5zAfBgNVHSMEGDAWgBTqTnzUgC3lFYGGJoyCbcCYpM+XDzANBgkqhkiG\n" + "9w0BAQsFAAOCAQEAHgjG+iHJ8INGp/J0VskjmMItSdcTJhsQbAf1Pz1eu87cXhFa\n" + "Vro1xRN9KcsKhnd6TbflDpZkM0g9kX1nGZUWLxMmDbx6N/Y+0X9XHBkgTcVgo1gn\n" + "DkzBfMq/Qmy6Szl+RqNinvM2VjkjreWP2AFmIvbZxjMQDAtSs+5l1Qd+xR3Qxrim\n" + "5XFIaS7lR8ediLKO0trf7TcbXYZ72u3pxVxm7y2Vzi4mC+lcEcc6409b1yeSRbx/\n" + "9N6pYa8Uk3ZaeR6hZHx/g448vVwAqmKrsyJZOayDwHxrFeFWPfJSrFlT8kLmkr5A\n" + "VKOWjR5fslCGWqONiFHhyujZocIw03v5+kD9lw==\n" + "-----END CERTIFICATE-----\n" }, + { .name = "Cert verification (invalid hash)", + .queries = { (char *)"\x03\x01\x01\x54\x4f\x28\x4d\x66\xaf\x2d\xe0\x8c\x17\xe7\x49\x6a\xed\xfa\x2e\x00\xaa\x1a\xc6\xbb\xf3\xaf\x5c\xa6\x2b\x55\xab\x7a\xc2\x69\xbe", + NULL }, + .q_size = { 35, 0 }, + .expected_ret = 0, + .no_queries = 1, + .secure = 1, + .bogus = 0, + .expected_verify_ret = 0, + .expected_status = DANE_VERIFY_CERT_DIFFERS, + .cert = "-----BEGIN CERTIFICATE-----\n" + "MIIE+DCCA+CgAwIBAgISESHVV5p9ybDcuT+A7ITU5IQYMA0GCSqGSIb3DQEBCwUA\n" + "MGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYD\n" + "VQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g\n" + "RzIwHhcNMTUxMDIxMDkxOTAwWhcNMTYxMjE4MTY1NDU2WjA8MSEwHwYDVQQLExhE\n" + "b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFzAVBgNVBAMMDioubmxuZXRsYWJzLm5s\n" + "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHpmwd7SC6vLKde0IcYD\n" + "rrVcSSZFNrmP6Wtw5rR7KTBGfj70lCzo1Tu4KzOeFL23cB/Y8kWPojw73eYM+lnr\n" + "woZmdG28q+nYeZYRNjFpeLmwK87bpWxw760FrdQSdPrgM9uZS02AWD8PWIWZQ+0X\n" + "5XbkgSSjgSRAeT6Ki+8r9TcA+rgUv208kHVgFrBqeNQ//oRojN/7tBbbXrVTy37W\n" + "yWLCijExfBzQSsamZqskwhmzYyCJOXCqHUGh/Nyt9WvcX4YE7ogba33M7EQX2C37\n" + "ZH+XcmHGdhhLahuMoAm39mchN8TwY7R6DtmvM/WhDdc4dkEWjvrUnGYQhajsKVIZ\n" + "oQIDAQABo4IBzjCCAcowDgYDVR0PAQH/BAQDAgWgMEkGA1UdIARCMEAwPgYGZ4EM\n" + "AQIBMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3Jl\n" + "cG9zaXRvcnkvMCcGA1UdEQQgMB6CDioubmxuZXRsYWJzLm5sggxubG5ldGxhYnMu\n" + "bmwwCQYDVR0TBAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwQwYD\n" + "VR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2Rv\n" + "bWFpbnZhbHNoYTJnMi5jcmwwgZQGCCsGAQUFBwEBBIGHMIGEMEcGCCsGAQUFBzAC\n" + "hjtodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc2RvbWFpbnZh\n" + "bHNoYTJnMnIxLmNydDA5BggrBgEFBQcwAYYtaHR0cDovL29jc3AyLmdsb2JhbHNp\n" + "Z24uY29tL2dzZG9tYWludmFsc2hhMmcyMB0GA1UdDgQWBBR8k4wtqr2L7in153sI\n" + "aE9Eo+ZB5zAfBgNVHSMEGDAWgBTqTnzUgC3lFYGGJoyCbcCYpM+XDzANBgkqhkiG\n" + "9w0BAQsFAAOCAQEAHgjG+iHJ8INGp/J0VskjmMItSdcTJhsQbAf1Pz1eu87cXhFa\n" + "Vro1xRN9KcsKhnd6TbflDpZkM0g9kX1nGZUWLxMmDbx6N/Y+0X9XHBkgTcVgo1gn\n" + "DkzBfMq/Qmy6Szl+RqNinvM2VjkjreWP2AFmIvbZxjMQDAtSs+5l1Qd+xR3Qxrim\n" + "5XFIaS7lR8ediLKO0trf7TcbXYZ72u3pxVxm7y2Vzi4mC+lcEcc6409b1yeSRbx/\n" + "9N6pYa8Uk3ZaeR6hZHx/g448vVwAqmKrsyJZOayDwHxrFeFWPfJSrFlT8kLmkr5A\n" + "VKOWjR5fslCGWqONiFHhyujZocIw03v5+kD9lw==\n" + "-----END CERTIFICATE-----\n" }, + { .name = "Cert verification (bogus data)", + .queries = { (char *)"\x00\x00\x01\x19\x40\x0b\xe5\xb7\xa3\x1f\xb7\x33\x91\x77\x00\x78\x9d\x2f\x0a\x24\x71\xc0\xc9\xd5\x06\xc0\xe5\x04\xc0\x6c\x16\xd7\xcb\x17\xc0", + NULL }, + .q_size = { 35, 0 }, + .expected_ret = 0, + .no_queries = 1, + .secure = 1, + .bogus = 0, + .expected_verify_ret = DANE_E_REQUESTED_DATA_NOT_AVAILABLE, + .expected_status = -1, + .cert = "-----BEGIN CERTIFICATE-----\n" + "MIIE+DCCA+CgAwIBAgISESHVV5p9ybDcuT+A7ITU5IQYMA0GCSqGSIb3DQEBCwUA\n" + "MGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYD\n" + "VQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g\n" + "RzIwHhcNMTUxMDIxMDkxOTAwWhcNMTYxMjE4MTY1NDU2WjA8MSEwHwYDVQQLExhE\n" + "b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFzAVBgNVBAMMDioubmxuZXRsYWJzLm5s\n" + "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHpmwd7SC6vLKde0IcYD\n" + "rrVcSSZFNrmP6Wtw5rR7KTBGfj70lCzo1Tu4KzOeFL23cB/Y8kWPojw73eYM+lnr\n" + "woZmdG28q+nYeZYRNjFpeLmwK87bpWxw760FrdQSdPrgM9uZS02AWD8PWIWZQ+0X\n" + "5XbkgSSjgSRAeT6Ki+8r9TcA+rgUv208kHVgFrBqeNQ//oRojN/7tBbbXrVTy37W\n" + "yWLCijExfBzQSsamZqskwhmzYyCJOXCqHUGh/Nyt9WvcX4YE7ogba33M7EQX2C37\n" + "ZH+XcmHGdhhLahuMoAm39mchN8TwY7R6DtmvM/WhDdc4dkEWjvrUnGYQhajsKVIZ\n" + "oQIDAQABo4IBzjCCAcowDgYDVR0PAQH/BAQDAgWgMEkGA1UdIARCMEAwPgYGZ4EM\n" + "AQIBMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3Jl\n" + "cG9zaXRvcnkvMCcGA1UdEQQgMB6CDioubmxuZXRsYWJzLm5sggxubG5ldGxhYnMu\n" + "bmwwCQYDVR0TBAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwQwYD\n" + "VR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2Rv\n" + "bWFpbnZhbHNoYTJnMi5jcmwwgZQGCCsGAQUFBwEBBIGHMIGEMEcGCCsGAQUFBzAC\n" + "hjtodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc2RvbWFpbnZh\n" + "bHNoYTJnMnIxLmNydDA5BggrBgEFBQcwAYYtaHR0cDovL29jc3AyLmdsb2JhbHNp\n" + "Z24uY29tL2dzZG9tYWludmFsc2hhMmcyMB0GA1UdDgQWBBR8k4wtqr2L7in153sI\n" + "aE9Eo+ZB5zAfBgNVHSMEGDAWgBTqTnzUgC3lFYGGJoyCbcCYpM+XDzANBgkqhkiG\n" + "9w0BAQsFAAOCAQEAHgjG+iHJ8INGp/J0VskjmMItSdcTJhsQbAf1Pz1eu87cXhFa\n" + "Vro1xRN9KcsKhnd6TbflDpZkM0g9kX1nGZUWLxMmDbx6N/Y+0X9XHBkgTcVgo1gn\n" + "DkzBfMq/Qmy6Szl+RqNinvM2VjkjreWP2AFmIvbZxjMQDAtSs+5l1Qd+xR3Qxrim\n" + "5XFIaS7lR8ediLKO0trf7TcbXYZ72u3pxVxm7y2Vzi4mC+lcEcc6409b1yeSRbx/\n" + "9N6pYa8Uk3ZaeR6hZHx/g448vVwAqmKrsyJZOayDwHxrFeFWPfJSrFlT8kLmkr5A\n" + "VKOWjR5fslCGWqONiFHhyujZocIw03v5+kD9lw==\n" + "-----END CERTIFICATE-----\n" }, + { .name = "CA verification (valid)", + .queries = { (char *)"\x00\x00\x01\x19\x40\x0b\xe5\xb7\xa3\x1f\xb7\x33\x91\x77\x00\x78\x9d\x2f\x0a\x24\x71\xc0\xc9\xd5\x06\xc0\xe5\x04\xc0\x6c\x16\xd7\xcb\x17\xc0", + NULL }, + .q_size = { 35, 0 }, + .expected_ret = 0, + .no_queries = 1, + .secure = 1, + .bogus = 0, + .expected_verify_ret = 0, + .expected_status = 0, + .cert = "-----BEGIN CERTIFICATE-----\n" + "MIIGXjCCBUagAwIBAgIQBNO3A71kyzonos0JsLRHrjANBgkqhkiG9w0BAQsFADBw\n" + "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n" + "d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz\n" + "dXJhbmNlIFNlcnZlciBDQTAeFw0xNDA0MjIwMDAwMDBaFw0xNzA0MjYxMjAwMDBa\n" + "MG0xCzAJBgNVBAYTAlVTMRcwFQYDVQQIEw5Ob3J0aCBDYXJvbGluYTEQMA4GA1UE\n" + "BxMHUmFsZWlnaDEVMBMGA1UEChMMUmVkIEhhdCBJbmMuMRwwGgYDVQQDDBMqLmZl\n" + "ZG9yYXByb2plY3Qub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA\n" + "vpd22JvToGSgnx2CBtfdoqvraQWNpQ1aXd/PSM0PVIqEjutrKJF7Xhr7DgHRLOhy\n" + "ko1CzfSp5n6nB7raqDq2kddWgqL3tuyb+lSwdQRGuJZsWW3CCwzR3VNRQUnPldpd\n" + "vqHVSkjHkIZYVcZ2FnMYWEa43ESnmgiQGBg4G+T7/9Pv+10SQ+fOE175GWZKHkJm\n" + "vJZAjIO2uxvJ/rCq3YQI6hdAsclIiSZ4X8UXWt0IMjp/RdCCnv+SS4XCirZ/IDqM\n" + "H+WdMllD0/cbgIOr4SXEuUPEJcI5NziuILe05RefFeZXoC6dxNWr8BvAjxxrZtpS\n" + "/7OMwE+WYkVIH8fkgCTVfsa2ZOvMM5CWzxqWKhbFsbw6EGSVIIUtI3C28i3rjLjr\n" + "XZ/94k3pf3i/u6DzUmlWm8psn6XZXru0+FKPTrmeDluyuxJsgzudk8mF8Cjw/Oc0\n" + "IHVg6Qw/Dm/OM9cAVqmb6ld3GF+QlkzTwurEGKeGj8s8Td0WoPOf6apB/PIaDIu1\n" + "rJphTVyGNqfKqMFFOwqH/M9CVtaEfwYqT9aB8OSE8MtFe3L1WypEq4tK8VUtoi98\n" + "0S9mz4fxathakM+js1eyup/uz0W4cKIFbONLgod0g1arMmSB1Ox7GD6qaUC6zKr8\n" + "hWcKMROSg8VFYMhqwGR2k64knXDsVH1mAOgRbJabr3ECAwEAAaOCAfUwggHxMB8G\n" + "A1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBRaTFeTslW8\n" + "sjOiEWQkQoHtHefJIjAxBgNVHREEKjAoghMqLmZlZG9yYXByb2plY3Qub3JnghFm\n" + "ZWRvcmFwcm9qZWN0Lm9yZzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB\n" + "BQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRp\n" + "Z2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nMi5jcmwwNKAyoDCGLmh0dHA6Ly9j\n" + "cmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nMi5jcmwwQgYDVR0gBDsw\n" + "OTA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNl\n" + "cnQuY29tL0NQUzCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8v\n" + "b2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRp\n" + "Z2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0\n" + "MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBADSBIYR5GwUfYTHlXeej\n" + "tgOMbGIiBD1YPBNlP7vLiGc9+Z4rUxWy/TkL7WUFJf1L88ph1CUQ8TbRjLz2RqL8\n" + "snkFWjMsH9ddnwTO4zkCtTjC9fu+broPkmvzmHq2hlXuiDz9G7XvjtbtPujrrKOz\n" + "o1pPAEl5c4B0ANaYL0OMUDhvskJguVMC5S/ZNuvNg6k3jkKZWGZPfcxgcZoPvBM8\n" + "oIjImGyUMpy7bqRPp4K2xoN530GjoXg8OWIvyAwA06ENLZrU1fcSJsvH2gZVzk8s\n" + "EvqFNFnOJN3aQ21imUjAesJ9dXSeCpscDDHqwzmRPuj2/QgtpMCmSZf34mdEzDIJ\n" + "hrA=\n" + "-----END CERTIFICATE-----\n", + .ca = "-----BEGIN CERTIFICATE-----\n" + "MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBs\n" + "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n" + "d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j\n" + "ZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDEL\n" + "MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3\n" + "LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3Vy\n" + "YW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2\n" + "4C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMIC\n" + "Kq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1\n" + "itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn\n" + "4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0X\n" + "sh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcft\n" + "bZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEA\n" + "MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\n" + "NAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy\n" + "dC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29t\n" + "L0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIG\n" + "BFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQ\n" + "UzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7D\n" + "aQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwd\n" + "aOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNH\n" + "E+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly\n" + "/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zu\n" + "xICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF\n" + "0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0Ae\n" + "cPUeybQ=\n" + "-----END CERTIFICATE-----\n" }, + { .name = "CA verification (invalid)", + .queries = { (char *)"\x00\x00\x01\x19\x40\x0b\xe5\xb7\xa3\x1f\xb7\x33\x92\x77\x00\x78\x9d\x2f\x0a\x24\x71\xc0\xc9\xd5\x06\xc0\xe5\x04\xc0\x6c\x16\xd7\xcb\x17\xc0", + NULL }, + .q_size = { 35, 0 }, + .expected_ret = 0, + .no_queries = 1, + .secure = 1, + .bogus = 0, + .expected_verify_ret = 0, + .expected_status = DANE_VERIFY_CA_CONSTRAINTS_VIOLATED, + .cert = "-----BEGIN CERTIFICATE-----\n" + "MIIGXjCCBUagAwIBAgIQBNO3A71kyzonos0JsLRHrjANBgkqhkiG9w0BAQsFADBw\n" + "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n" + "d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz\n" + "dXJhbmNlIFNlcnZlciBDQTAeFw0xNDA0MjIwMDAwMDBaFw0xNzA0MjYxMjAwMDBa\n" + "MG0xCzAJBgNVBAYTAlVTMRcwFQYDVQQIEw5Ob3J0aCBDYXJvbGluYTEQMA4GA1UE\n" + "BxMHUmFsZWlnaDEVMBMGA1UEChMMUmVkIEhhdCBJbmMuMRwwGgYDVQQDDBMqLmZl\n" + "ZG9yYXByb2plY3Qub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA\n" + "vpd22JvToGSgnx2CBtfdoqvraQWNpQ1aXd/PSM0PVIqEjutrKJF7Xhr7DgHRLOhy\n" + "ko1CzfSp5n6nB7raqDq2kddWgqL3tuyb+lSwdQRGuJZsWW3CCwzR3VNRQUnPldpd\n" + "vqHVSkjHkIZYVcZ2FnMYWEa43ESnmgiQGBg4G+T7/9Pv+10SQ+fOE175GWZKHkJm\n" + "vJZAjIO2uxvJ/rCq3YQI6hdAsclIiSZ4X8UXWt0IMjp/RdCCnv+SS4XCirZ/IDqM\n" + "H+WdMllD0/cbgIOr4SXEuUPEJcI5NziuILe05RefFeZXoC6dxNWr8BvAjxxrZtpS\n" + "/7OMwE+WYkVIH8fkgCTVfsa2ZOvMM5CWzxqWKhbFsbw6EGSVIIUtI3C28i3rjLjr\n" + "XZ/94k3pf3i/u6DzUmlWm8psn6XZXru0+FKPTrmeDluyuxJsgzudk8mF8Cjw/Oc0\n" + "IHVg6Qw/Dm/OM9cAVqmb6ld3GF+QlkzTwurEGKeGj8s8Td0WoPOf6apB/PIaDIu1\n" + "rJphTVyGNqfKqMFFOwqH/M9CVtaEfwYqT9aB8OSE8MtFe3L1WypEq4tK8VUtoi98\n" + "0S9mz4fxathakM+js1eyup/uz0W4cKIFbONLgod0g1arMmSB1Ox7GD6qaUC6zKr8\n" + "hWcKMROSg8VFYMhqwGR2k64knXDsVH1mAOgRbJabr3ECAwEAAaOCAfUwggHxMB8G\n" + "A1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBRaTFeTslW8\n" + "sjOiEWQkQoHtHefJIjAxBgNVHREEKjAoghMqLmZlZG9yYXByb2plY3Qub3JnghFm\n" + "ZWRvcmFwcm9qZWN0Lm9yZzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB\n" + "BQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRp\n" + "Z2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nMi5jcmwwNKAyoDCGLmh0dHA6Ly9j\n" + "cmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nMi5jcmwwQgYDVR0gBDsw\n" + "OTA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNl\n" + "cnQuY29tL0NQUzCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8v\n" + "b2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRp\n" + "Z2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0\n" + "MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBADSBIYR5GwUfYTHlXeej\n" + "tgOMbGIiBD1YPBNlP7vLiGc9+Z4rUxWy/TkL7WUFJf1L88ph1CUQ8TbRjLz2RqL8\n" + "snkFWjMsH9ddnwTO4zkCtTjC9fu+broPkmvzmHq2hlXuiDz9G7XvjtbtPujrrKOz\n" + "o1pPAEl5c4B0ANaYL0OMUDhvskJguVMC5S/ZNuvNg6k3jkKZWGZPfcxgcZoPvBM8\n" + "oIjImGyUMpy7bqRPp4K2xoN530GjoXg8OWIvyAwA06ENLZrU1fcSJsvH2gZVzk8s\n" + "EvqFNFnOJN3aQ21imUjAesJ9dXSeCpscDDHqwzmRPuj2/QgtpMCmSZf34mdEzDIJ\n" + "hrA=\n" + "-----END CERTIFICATE-----\n", + .ca = "-----BEGIN CERTIFICATE-----\n" + "MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBs\n" + "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n" + "d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j\n" + "ZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDEL\n" + "MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3\n" + "LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3Vy\n" + "YW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2\n" + "4C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMIC\n" + "Kq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1\n" + "itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn\n" + "4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0X\n" + "sh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcft\n" + "bZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEA\n" + "MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\n" + "NAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy\n" + "dC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29t\n" + "L0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIG\n" + "BFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQ\n" + "UzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7D\n" + "aQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwd\n" + "aOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNH\n" + "E+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly\n" + "/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zu\n" + "xICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF\n" + "0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0Ae\n" + "cPUeybQ=\n" + "-----END CERTIFICATE-----\n" }, + { /* as the previous but with first byte invalid */ + .name = "CA verification (multiple entries)", + .queries = { (char *)"\x00\x00\x01\x19\x40\x0b\xe5\xb7\xa3\x1f\xb7\x33\x91\x77\x00\x78\x9d\x2f\x0a\x24\x71\xc0\xc9\xd5\x06\xc0\xe5\x04\xc0\x6c\x16\xd7\xcb\x17\xc0", + (char *)"\x03\x01\x01\x54\x4f\x28\x4d\x66\xaf\x2d\xe0\x8c\x17\xe7\x48\x6a\xed\xfa\x2e\x00\xaa\x1a\xc6\xbb\xf3\xaf\x5c\xa6\x2b\x55\xab\x7a\xc2\x69\xbe", + (char *)"\x00\x00\x01\x19\x40\x0b\xe5\xb7\xa3\x1f\xb7\x33\x91\x77\x00\x78\x9d\x2f\x0a\x24\x71\xc0\xc9\xd5\x06\xc0\xe5\x04\xc0\x6c\x16\xd7\xcb\x17\xc0", + (char *)"\x03\x00\x01\x03\x32\xaa\x2d\x58\xb3\xe0\x54\x4b\x65\x65\x64\x38\x93\x70\x68\xba\x44\xce\x2f\x14\x46\x9c\x4f\x50\xc9\xcc\x69\x33\xc8\x08\xd3", + NULL }, + .q_size = { 35, 35, 35, 35, 0 }, + .expected_ret = 0, + .no_queries = 4, + .secure = 1, + .bogus = 0, + .expected_verify_ret = 0, + .expected_status = 0, + .cert = "-----BEGIN CERTIFICATE-----\n" + "MIIGXjCCBUagAwIBAgIQBNO3A71kyzonos0JsLRHrjANBgkqhkiG9w0BAQsFADBw\n" + "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n" + "d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz\n" + "dXJhbmNlIFNlcnZlciBDQTAeFw0xNDA0MjIwMDAwMDBaFw0xNzA0MjYxMjAwMDBa\n" + "MG0xCzAJBgNVBAYTAlVTMRcwFQYDVQQIEw5Ob3J0aCBDYXJvbGluYTEQMA4GA1UE\n" + "BxMHUmFsZWlnaDEVMBMGA1UEChMMUmVkIEhhdCBJbmMuMRwwGgYDVQQDDBMqLmZl\n" + "ZG9yYXByb2plY3Qub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA\n" + "vpd22JvToGSgnx2CBtfdoqvraQWNpQ1aXd/PSM0PVIqEjutrKJF7Xhr7DgHRLOhy\n" + "ko1CzfSp5n6nB7raqDq2kddWgqL3tuyb+lSwdQRGuJZsWW3CCwzR3VNRQUnPldpd\n" + "vqHVSkjHkIZYVcZ2FnMYWEa43ESnmgiQGBg4G+T7/9Pv+10SQ+fOE175GWZKHkJm\n" + "vJZAjIO2uxvJ/rCq3YQI6hdAsclIiSZ4X8UXWt0IMjp/RdCCnv+SS4XCirZ/IDqM\n" + "H+WdMllD0/cbgIOr4SXEuUPEJcI5NziuILe05RefFeZXoC6dxNWr8BvAjxxrZtpS\n" + "/7OMwE+WYkVIH8fkgCTVfsa2ZOvMM5CWzxqWKhbFsbw6EGSVIIUtI3C28i3rjLjr\n" + "XZ/94k3pf3i/u6DzUmlWm8psn6XZXru0+FKPTrmeDluyuxJsgzudk8mF8Cjw/Oc0\n" + "IHVg6Qw/Dm/OM9cAVqmb6ld3GF+QlkzTwurEGKeGj8s8Td0WoPOf6apB/PIaDIu1\n" + "rJphTVyGNqfKqMFFOwqH/M9CVtaEfwYqT9aB8OSE8MtFe3L1WypEq4tK8VUtoi98\n" + "0S9mz4fxathakM+js1eyup/uz0W4cKIFbONLgod0g1arMmSB1Ox7GD6qaUC6zKr8\n" + "hWcKMROSg8VFYMhqwGR2k64knXDsVH1mAOgRbJabr3ECAwEAAaOCAfUwggHxMB8G\n" + "A1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBRaTFeTslW8\n" + "sjOiEWQkQoHtHefJIjAxBgNVHREEKjAoghMqLmZlZG9yYXByb2plY3Qub3JnghFm\n" + "ZWRvcmFwcm9qZWN0Lm9yZzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB\n" + "BQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRp\n" + "Z2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nMi5jcmwwNKAyoDCGLmh0dHA6Ly9j\n" + "cmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nMi5jcmwwQgYDVR0gBDsw\n" + "OTA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNl\n" + "cnQuY29tL0NQUzCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8v\n" + "b2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRp\n" + "Z2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0\n" + "MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBADSBIYR5GwUfYTHlXeej\n" + "tgOMbGIiBD1YPBNlP7vLiGc9+Z4rUxWy/TkL7WUFJf1L88ph1CUQ8TbRjLz2RqL8\n" + "snkFWjMsH9ddnwTO4zkCtTjC9fu+broPkmvzmHq2hlXuiDz9G7XvjtbtPujrrKOz\n" + "o1pPAEl5c4B0ANaYL0OMUDhvskJguVMC5S/ZNuvNg6k3jkKZWGZPfcxgcZoPvBM8\n" + "oIjImGyUMpy7bqRPp4K2xoN530GjoXg8OWIvyAwA06ENLZrU1fcSJsvH2gZVzk8s\n" + "EvqFNFnOJN3aQ21imUjAesJ9dXSeCpscDDHqwzmRPuj2/QgtpMCmSZf34mdEzDIJ\n" + "hrA=\n" + "-----END CERTIFICATE-----\n", + .ca = "-----BEGIN CERTIFICATE-----\n" + "MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBs\n" + "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n" + "d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j\n" + "ZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDEL\n" + "MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3\n" + "LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3Vy\n" + "YW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2\n" + "4C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMIC\n" + "Kq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1\n" + "itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn\n" + "4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0X\n" + "sh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcft\n" + "bZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEA\n" + "MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\n" + "NAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy\n" + "dC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29t\n" + "L0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIG\n" + "BFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQ\n" + "UzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7D\n" + "aQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwd\n" + "aOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNH\n" + "E+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly\n" + "/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zu\n" + "xICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF\n" + "0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0Ae\n" + "cPUeybQ=\n" + "-----END CERTIFICATE-----\n" } }; -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1461671166; @@ -481,7 +458,7 @@ static time_t mytime(time_t * t) return then; } -static void crt_to_der(gnutls_datum_t * chain, const char *pem, unsigned size) +static void crt_to_der(gnutls_datum_t *chain, const char *pem, unsigned size) { int ret; gnutls_x509_crt_t crt; @@ -527,19 +504,17 @@ static void dane_raw_check(void) success("running test[%d]: %s\n", j, data_entries[j].name); - ret = - dane_raw_tlsa(s, &r, data_entries[j].queries, - data_entries[j].q_size, - data_entries[j].secure, - data_entries[j].bogus); + ret = dane_raw_tlsa(s, &r, data_entries[j].queries, + data_entries[j].q_size, + data_entries[j].secure, + data_entries[j].bogus); if (ret != data_entries[j].expected_ret) { fail("test[%d]: %d: %s\n", j, __LINE__, dane_strerror(ret)); } - ret = - dane_query_to_raw_tlsa(r, &entries, &r_data, &r_data_len, - &secure, &bogus); + ret = dane_query_to_raw_tlsa(r, &entries, &r_data, &r_data_len, + &secure, &bogus); if (ret < 0) { fail("test[%d]: %d: %s\n", j, __LINE__, dane_strerror(ret)); @@ -559,14 +534,13 @@ static void dane_raw_check(void) fail("test[%d]: %d: %s\n", j, __LINE__, dane_strerror(ret)); - if (memcmp - (r_data[i], data_entries[j].queries[i], - r_data_len[i]) != 0) + if (memcmp(r_data[i], data_entries[j].queries[i], + r_data_len[i]) != 0) fail("test[%d]: %d: %s\n", j, __LINE__, dane_strerror(ret)); } - if (data_entries[j].cert) { /* verify cert */ + if (data_entries[j].cert) { /* verify cert */ gnutls_datum_t chain[2]; unsigned status = 0; unsigned chain_size = 1; @@ -580,18 +554,19 @@ static void dane_raw_check(void) chain_size++; } - ret = - dane_verify_crt_raw(NULL, chain, chain_size, - GNUTLS_CRT_X509, r, 0, 0, - &status); + ret = dane_verify_crt_raw(NULL, chain, chain_size, + GNUTLS_CRT_X509, r, 0, 0, + &status); if (ret != data_entries[j].expected_verify_ret) fail("test[%d]: %d: %s\n", j, __LINE__, dane_strerror(ret)); - if (ret >= 0 - && status != data_entries[j].expected_status) { - fail("tests[%d]: expected verif. status %x, got %x\n", j, data_entries[j].expected_status, status); + if (ret >= 0 && + status != data_entries[j].expected_status) { + fail("tests[%d]: expected verif. status %x, got %x\n", + j, data_entries[j].expected_status, + status); } free(chain[0].data); if (chain_size == 2) diff --git a/tests/datefudge-check.c b/tests/datefudge-check.c index 366b8b0625..c78a504264 100644 --- a/tests/datefudge-check.c +++ b/tests/datefudge-check.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include "config.h" +#include "config.h" #endif #include diff --git a/tests/dh-compute.c b/tests/dh-compute.c index 9fbd3bbb7d..84629879fd 100644 --- a/tests/dh-compute.c +++ b/tests/dh-compute.c @@ -22,7 +22,7 @@ /* This program tests functionality of DH exchanges */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,16 +33,15 @@ #ifdef ENABLE_FIPS140 int _gnutls_dh_generate_key(gnutls_dh_params_t dh_params, - gnutls_datum_t * priv_key, - gnutls_datum_t * pub_key); + gnutls_datum_t *priv_key, gnutls_datum_t *pub_key); int _gnutls_dh_compute_key(gnutls_dh_params_t dh_params, - const gnutls_datum_t * priv_key, - const gnutls_datum_t * pub_key, - const gnutls_datum_t * peer_key, gnutls_datum_t * Z); + const gnutls_datum_t *priv_key, + const gnutls_datum_t *pub_key, + const gnutls_datum_t *peer_key, gnutls_datum_t *Z); -static void params(gnutls_dh_params_t * dh_params, const gnutls_datum_t * p, - const gnutls_datum_t * q, const gnutls_datum_t * g) +static void params(gnutls_dh_params_t *dh_params, const gnutls_datum_t *p, + const gnutls_datum_t *q, const gnutls_datum_t *g) { int ret; @@ -55,8 +54,8 @@ static void params(gnutls_dh_params_t * dh_params, const gnutls_datum_t * p, fail("error\n"); } -static void genkey(const gnutls_dh_params_t dh_params, - gnutls_datum_t * priv_key, gnutls_datum_t * pub_key) +static void genkey(const gnutls_dh_params_t dh_params, gnutls_datum_t *priv_key, + gnutls_datum_t *pub_key) { int ret; @@ -66,17 +65,17 @@ static void genkey(const gnutls_dh_params_t dh_params, } static void compute_key(const char *name, const gnutls_dh_params_t dh_params, - const gnutls_datum_t * priv_key, - const gnutls_datum_t * pub_key, - const gnutls_datum_t * peer_key, int expect_error, - gnutls_datum_t * result, bool expect_success) + const gnutls_datum_t *priv_key, + const gnutls_datum_t *pub_key, + const gnutls_datum_t *peer_key, int expect_error, + gnutls_datum_t *result, bool expect_success) { gnutls_datum_t Z = { 0 }; bool success; int ret; - ret = _gnutls_dh_compute_key(dh_params, priv_key, pub_key, - peer_key, &Z); + ret = _gnutls_dh_compute_key(dh_params, priv_key, pub_key, peer_key, + &Z); if (expect_error != ret) fail("%s: error %d (expected %d)\n", name, ret, expect_error); @@ -104,57 +103,57 @@ void doit(void) { struct dh_test_data test_data[] = { { - "[y == 0]", - gnutls_ffdhe_2048_group_prime, - gnutls_ffdhe_2048_group_q, - gnutls_ffdhe_2048_group_generator, - {(void *)"\x00", 1}, - GNUTLS_E_MPI_SCAN_FAILED, - GNUTLS_FIPS140_OP_APPROVED, - /* does not reach _wrap_nettle_pk_derive */ - GNUTLS_FIPS140_OP_INITIAL, - }, + "[y == 0]", + gnutls_ffdhe_2048_group_prime, + gnutls_ffdhe_2048_group_q, + gnutls_ffdhe_2048_group_generator, + { (void *)"\x00", 1 }, + GNUTLS_E_MPI_SCAN_FAILED, + GNUTLS_FIPS140_OP_APPROVED, + /* does not reach _wrap_nettle_pk_derive */ + GNUTLS_FIPS140_OP_INITIAL, + }, { - "[y < 2]", - gnutls_ffdhe_2048_group_prime, - gnutls_ffdhe_2048_group_q, - gnutls_ffdhe_2048_group_generator, - {(void *)"\x01", 1}, - GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER, - GNUTLS_FIPS140_OP_APPROVED, - GNUTLS_FIPS140_OP_ERROR, - }, + "[y < 2]", + gnutls_ffdhe_2048_group_prime, + gnutls_ffdhe_2048_group_q, + gnutls_ffdhe_2048_group_generator, + { (void *)"\x01", 1 }, + GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER, + GNUTLS_FIPS140_OP_APPROVED, + GNUTLS_FIPS140_OP_ERROR, + }, { - "[y > p - 2]", - gnutls_ffdhe_2048_group_prime, - gnutls_ffdhe_2048_group_q, - gnutls_ffdhe_2048_group_generator, - gnutls_ffdhe_2048_group_prime, - GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER, - GNUTLS_FIPS140_OP_APPROVED, - GNUTLS_FIPS140_OP_ERROR, - }, + "[y > p - 2]", + gnutls_ffdhe_2048_group_prime, + gnutls_ffdhe_2048_group_q, + gnutls_ffdhe_2048_group_generator, + gnutls_ffdhe_2048_group_prime, + GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER, + GNUTLS_FIPS140_OP_APPROVED, + GNUTLS_FIPS140_OP_ERROR, + }, { - "[y ^ q mod p == 1]", - gnutls_ffdhe_2048_group_prime, - gnutls_ffdhe_2048_group_q, - gnutls_ffdhe_2048_group_generator, - gnutls_ffdhe_2048_group_q, - GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER, - GNUTLS_FIPS140_OP_APPROVED, - GNUTLS_FIPS140_OP_ERROR, - }, + "[y ^ q mod p == 1]", + gnutls_ffdhe_2048_group_prime, + gnutls_ffdhe_2048_group_q, + gnutls_ffdhe_2048_group_generator, + gnutls_ffdhe_2048_group_q, + GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER, + GNUTLS_FIPS140_OP_APPROVED, + GNUTLS_FIPS140_OP_ERROR, + }, { - "Legal Input", - gnutls_ffdhe_2048_group_prime, - gnutls_ffdhe_2048_group_q, - gnutls_ffdhe_2048_group_generator, - {(void *)"\x02", 1}, - 0, - GNUTLS_FIPS140_OP_APPROVED, - GNUTLS_FIPS140_OP_APPROVED, - }, - {NULL} + "Legal Input", + gnutls_ffdhe_2048_group_prime, + gnutls_ffdhe_2048_group_q, + gnutls_ffdhe_2048_group_generator, + { (void *)"\x02", 1 }, + 0, + GNUTLS_FIPS140_OP_APPROVED, + GNUTLS_FIPS140_OP_APPROVED, + }, + { NULL } }; for (int i = 0; test_data[i].name != NULL; i++) { @@ -184,9 +183,9 @@ void doit(void) success("%s compute_key\n", test_data[i].name); fips_push_context(fips_context); - compute_key(test_data[i].name, dh_params, &priv_key, - &pub_key, &test_data[i].peer_key, - test_data[i].expected_error, NULL, 0); + compute_key(test_data[i].name, dh_params, &priv_key, &pub_key, + &test_data[i].peer_key, test_data[i].expected_error, + NULL, 0); fips_pop_context(fips_context, test_data[i].fips_state_compute_key); diff --git a/tests/dh-params.c b/tests/dh-params.c index 54bce137c7..e17cdd7c53 100644 --- a/tests/dh-params.c +++ b/tests/dh-params.c @@ -22,7 +22,7 @@ /* This program tests functionality in gnutls_dh_params structure */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -34,7 +34,7 @@ #include "cert-common.h" #include "utils.h" -static int compare(gnutls_datum_t * d1, gnutls_datum_t * d2) +static int compare(gnutls_datum_t *d1, gnutls_datum_t *d2) { gnutls_datum_t t1, t2; t1.data = d1->data; @@ -73,8 +73,8 @@ void doit(void) assert(gnutls_dh_params_init(&tmp_params) >= 0); assert(gnutls_x509_privkey_init(&privkey) >= 0); - ret = - gnutls_x509_privkey_import(privkey, &dsa_key, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import(privkey, &dsa_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("error in %s: %d\n", __FILE__, __LINE__); @@ -89,9 +89,8 @@ void doit(void) if (ret < 0) fail("error in %s: %d\n", __FILE__, __LINE__); - ret = - gnutls_x509_privkey_export_dsa_raw(privkey, &p2, &q, &g2, NULL, - NULL); + ret = gnutls_x509_privkey_export_dsa_raw(privkey, &p2, &q, &g2, NULL, + NULL); if (ret < 0) fail("error in %s: %d\n", __FILE__, __LINE__); diff --git a/tests/dhepskself.c b/tests/dhepskself.c index a7caa38381..a983156287 100644 --- a/tests/dhepskself.c +++ b/tests/dhepskself.c @@ -23,7 +23,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -39,22 +39,22 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# endif -# include -# include +#include +#include +#include +#if !defined(_WIN32) +#include +#endif +#include +#include -# include "utils.h" +#include "utils.h" /* A very basic TLS client, with PSK authentication. */ -# define MAX_BUF 1024 -# define MSG "Hello TLS" +#define MAX_BUF 1024 +#define MSG "Hello TLS" static void tls_log_func(int level, const char *str) { @@ -84,9 +84,8 @@ static void client(int sd) gnutls_init(&session, GNUTLS_CLIENT); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:+DHE-PSK", - NULL); + gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-TLS1.2:+DHE-PSK", NULL); /* put the anonymous credentials to the current session */ @@ -130,7 +129,7 @@ static void client(int sd) gnutls_bye(session, GNUTLS_SHUT_RDWR); - end: +end: close(sd); @@ -144,7 +143,7 @@ static void client(int sd) /* This is a sample TLS 1.0 echo server, for PSK authentication. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 /* These are global */ gnutls_psk_server_credentials_t server_pskcred; @@ -158,9 +157,8 @@ static gnutls_session_t initialize_tls_session(void) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:+DHE-PSK", - NULL); + gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-TLS1.2:+DHE-PSK", NULL); gnutls_handshake_set_timeout(session, get_timeout()); gnutls_credentials_set(session, GNUTLS_CRD_PSK, server_pskcred); @@ -183,8 +181,8 @@ static int generate_dh_params(void) GNUTLS_X509_FMT_PEM); } -static int -pskfunc(gnutls_session_t session, const char *username, gnutls_datum_t * key) +static int pskfunc(gnutls_session_t session, const char *username, + gnutls_datum_t *key) { if (debug) printf("psk callback to get %s's password\n", username); @@ -244,11 +242,11 @@ static void server(int sd) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { - fail("server: Received corrupted data(%d). Closing...\n", ret); + fail("server: Received corrupted data(%d). Closing...\n", + ret); break; } else if (ret > 0) { /* echo data back to the client @@ -306,4 +304,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/dhex509self.c b/tests/dhex509self.c index 548a97ba11..edfdf3bdc8 100644 --- a/tests/dhex509self.c +++ b/tests/dhex509self.c @@ -23,7 +23,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,19 +40,19 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# endif -# include -# include +#include +#include +#include +#if !defined(_WIN32) +#include +#endif +#include +#include -# include "utils.h" +#include "utils.h" -# include "ex-session-info.c" -# include "ex-x509-info.c" +#include "ex-session-info.c" +#include "ex-x509-info.c" pid_t child; @@ -65,8 +65,8 @@ static void tls_log_func(int level, const char *str) /* A very basic TLS client, with anonymous authentication. */ -# define MAX_BUF 1024 -# define MSG "Hello TLS" +#define MAX_BUF 1024 +#define MSG "Hello TLS" static void client(int sd) { @@ -96,9 +96,9 @@ static void client(int sd) gnutls_init(&session, GNUTLS_CLIENT); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+DHE-RSA", - NULL); + gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+DHE-RSA", + NULL); /* put the x509 credentials to the current session */ @@ -120,8 +120,8 @@ static void client(int sd) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* see the Getting peer's information example */ if (debug) @@ -129,9 +129,8 @@ static void client(int sd) print_dh_params_info(session); - ret = - gnutls_credentials_get(session, GNUTLS_CRD_CERTIFICATE, - (void **)&tst_cred); + ret = gnutls_credentials_get(session, GNUTLS_CRD_CERTIFICATE, + (void **)&tst_cred); if (ret < 0) { fail("client: gnutls_credentials_get failed: %s\n", gnutls_strerror(ret)); @@ -162,8 +161,7 @@ static void client(int sd) ret = gnutls_handshake(session); if (ret == 0) { if (debug) - success - ("client: handshake complete, reading again.\n"); + success("client: handshake complete, reading again.\n"); ret = gnutls_record_recv(session, buffer, MAX_BUF); } else { fail("client: handshake failed.\n"); @@ -189,7 +187,7 @@ static void client(int sd) gnutls_bye(session, GNUTLS_SHUT_RDWR); - end: +end: close(sd); @@ -203,8 +201,8 @@ static void client(int sd) /* This is a sample TLS 1.0 echo server, using X.509 authentication. */ -# define MAX_BUF 1024 -# define DH_BITS 1024 +#define MAX_BUF 1024 +#define DH_BITS 1024 /* These are global */ gnutls_certificate_credentials_t x509_cred; @@ -218,9 +216,9 @@ static gnutls_session_t initialize_tls_session(void) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+DHE-RSA", - NULL); + gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+DHE-RSA", + NULL); gnutls_handshake_set_timeout(session, get_timeout()); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -292,8 +290,8 @@ static void server(int sd) if (debug) { success("server: Handshake was completed\n"); success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); } /* see the Getting peer's information example */ @@ -308,19 +306,18 @@ static void server(int sd) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { - fail("server: Received corrupted data(%d). Closing...\n", ret); + fail("server: Received corrupted data(%d). Closing...\n", + ret); break; } else if (ret > 0) { - gnutls_certificate_server_set_request(session, - GNUTLS_CERT_REQUEST); + gnutls_certificate_server_set_request( + session, GNUTLS_CERT_REQUEST); if (debug) - success - ("server: got data, forcing rehandshake.\n"); + success("server: got data, forcing rehandshake.\n"); ret = gnutls_rehandshake(session); if (ret < 0) { @@ -394,4 +391,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/dn.c b/tests/dn.c index 2719942a53..1dd145d204 100644 --- a/tests/dn.c +++ b/tests/dn.c @@ -19,7 +19,7 @@ */ #ifdef HAVE_CONFIG_H -# include "config.h" +#include "config.h" #endif #include @@ -29,34 +29,35 @@ #include "utils.h" static char pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIE8jCCAtqgAwIBAgIDAkQVMA0GCSqGSIb3DQEBBQUAMHkxEDAOBgNVBAoTB1Jv\n" - "b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ\n" - "Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y\n" - "dEBjYWNlcnQub3JnMB4XDTA2MDUxNTE1MjEzMVoXDTA3MDUxNTE1MjEzMVowPjEY\n" - "MBYGA1UEAxMPQ0FjZXJ0IFdvVCBVc2VyMSIwIAYJKoZIhvcNAQkBFhNzaW1vbkBq\n" - "b3NlZnNzb24ub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuddO\n" - "vxr7gfof8Ejtk/EOC16m0UdymQhwQwfPM5wWKJCJK9l5GoXSHe+s/+6HPLhXo2do\n" - "byUS6X3w7ODO6MGnlWALJUapUa2LinofYwYWFVlOlwyuN2lW+xQgeQjn24R8Glzl\n" - "KQ2f5C9JOE3RSGnHr7VH/6JJy+rPovh+gqKHjt9UH6Su1LFEQGUg+x+CVPAluYty\n" - "ECfHdAad2Gcbgn3vkMyKEF6VAKR/G9uDb7bBVuA73UWkUtDi3dekM882UqH5HQRj\n" - "mGYoGJk49PQ52jGftXNIDyHDOYWXTl9W64dHKRGaW0LOrkLrodjMPdudTvSsoWzK\n" - "DpMMdHLsFx2/+MAsPwIDAQABo4G9MIG6MAwGA1UdEwEB/wQCMAAwVgYJYIZIAYb4\n" - "QgENBEkWR1RvIGdldCB5b3VyIG93biBjZXJ0aWZpY2F0ZSBmb3IgRlJFRSBoZWFk\n" - "IG92ZXIgdG8gaHR0cDovL3d3dy5DQWNlcnQub3JnMDIGCCsGAQUFBwEBBCYwJDAi\n" - "BggrBgEFBQcwAYYWaHR0cDovL29jc3AuY2FjZXJ0Lm9yZzAeBgNVHREEFzAVgRNz\n" - "aW1vbkBqb3NlZnNzb24ub3JnMA0GCSqGSIb3DQEBBQUAA4ICAQCXhyNfM8ozU2Jw\n" - "H+XEDgrt3lUgnUbXQC+AGXdj4ZIJXQfHOCCQxZOO6Oe9V0rxldO3M5tQi92yRjci\n" - "aa892MCVPxTkJLR0h4Kx4JfeTtSvl+9nWPSRrZbPTdWZ3ecnCyrfLfEas6pZp1ur\n" - "lJkaEksAg5dGNrvJGPqBbF6A44b1wlBTCHEBZy2n/7Qml7Nhydymq2nFhDtlQJ6X\n" - "w+6juM85vaEII6kuNatk2OcMJG9R0JxbC0e+PPI1jk7wuAz4WIMyj+ZudGNOTWKN\n" - "3ohK9v0/EE1/S+KMy3T7fzMkbKkwAQZzQNoDf8bSzvDwtZsoudA4Kcloz8a/iKEH\n" - "C9nKYBU8sFBd1cYV7ocFhN2awvuVnBlfsEN4eO5TRA50hmLxwt5D8Vs2v55n1kl6\n" - "7PBo6H2ZMfbQcws731k4RpOqQcU+2yl/wBlDChOOO95mbJ31tqMh27yIjIemgD6Z\n" - "jxL92AgHPzSFy/nyqmZ1ADcnB5fC5WsEYyr9tPM1gpjJEsi95YIBrO7Uyt4tj5U3\n" - "dYDvbU+Mg1r0gJi61wciuyAllwKfu9aqkCjJKQGHrTimWzRa6RPygaojWIEmap89\n" - "bHarWgDg9CKVP1DggVkcD838s//kE1Vl2DReyfAtEQ1agSXLFncgxL+yOi1o3lcq\n" - "+dmDgpDn168TY1Iug80uVKg7AfkLrA==\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIE8jCCAtqgAwIBAgIDAkQVMA0GCSqGSIb3DQEBBQUAMHkxEDAOBgNVBAoTB1Jv\n" + "b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ\n" + "Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y\n" + "dEBjYWNlcnQub3JnMB4XDTA2MDUxNTE1MjEzMVoXDTA3MDUxNTE1MjEzMVowPjEY\n" + "MBYGA1UEAxMPQ0FjZXJ0IFdvVCBVc2VyMSIwIAYJKoZIhvcNAQkBFhNzaW1vbkBq\n" + "b3NlZnNzb24ub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuddO\n" + "vxr7gfof8Ejtk/EOC16m0UdymQhwQwfPM5wWKJCJK9l5GoXSHe+s/+6HPLhXo2do\n" + "byUS6X3w7ODO6MGnlWALJUapUa2LinofYwYWFVlOlwyuN2lW+xQgeQjn24R8Glzl\n" + "KQ2f5C9JOE3RSGnHr7VH/6JJy+rPovh+gqKHjt9UH6Su1LFEQGUg+x+CVPAluYty\n" + "ECfHdAad2Gcbgn3vkMyKEF6VAKR/G9uDb7bBVuA73UWkUtDi3dekM882UqH5HQRj\n" + "mGYoGJk49PQ52jGftXNIDyHDOYWXTl9W64dHKRGaW0LOrkLrodjMPdudTvSsoWzK\n" + "DpMMdHLsFx2/+MAsPwIDAQABo4G9MIG6MAwGA1UdEwEB/wQCMAAwVgYJYIZIAYb4\n" + "QgENBEkWR1RvIGdldCB5b3VyIG93biBjZXJ0aWZpY2F0ZSBmb3IgRlJFRSBoZWFk\n" + "IG92ZXIgdG8gaHR0cDovL3d3dy5DQWNlcnQub3JnMDIGCCsGAQUFBwEBBCYwJDAi\n" + "BggrBgEFBQcwAYYWaHR0cDovL29jc3AuY2FjZXJ0Lm9yZzAeBgNVHREEFzAVgRNz\n" + "aW1vbkBqb3NlZnNzb24ub3JnMA0GCSqGSIb3DQEBBQUAA4ICAQCXhyNfM8ozU2Jw\n" + "H+XEDgrt3lUgnUbXQC+AGXdj4ZIJXQfHOCCQxZOO6Oe9V0rxldO3M5tQi92yRjci\n" + "aa892MCVPxTkJLR0h4Kx4JfeTtSvl+9nWPSRrZbPTdWZ3ecnCyrfLfEas6pZp1ur\n" + "lJkaEksAg5dGNrvJGPqBbF6A44b1wlBTCHEBZy2n/7Qml7Nhydymq2nFhDtlQJ6X\n" + "w+6juM85vaEII6kuNatk2OcMJG9R0JxbC0e+PPI1jk7wuAz4WIMyj+ZudGNOTWKN\n" + "3ohK9v0/EE1/S+KMy3T7fzMkbKkwAQZzQNoDf8bSzvDwtZsoudA4Kcloz8a/iKEH\n" + "C9nKYBU8sFBd1cYV7ocFhN2awvuVnBlfsEN4eO5TRA50hmLxwt5D8Vs2v55n1kl6\n" + "7PBo6H2ZMfbQcws731k4RpOqQcU+2yl/wBlDChOOO95mbJ31tqMh27yIjIemgD6Z\n" + "jxL92AgHPzSFy/nyqmZ1ADcnB5fC5WsEYyr9tPM1gpjJEsi95YIBrO7Uyt4tj5U3\n" + "dYDvbU+Mg1r0gJi61wciuyAllwKfu9aqkCjJKQGHrTimWzRa6RPygaojWIEmap89\n" + "bHarWgDg9CKVP1DggVkcD838s//kE1Vl2DReyfAtEQ1agSXLFncgxL+yOi1o3lcq\n" + "+dmDgpDn168TY1Iug80uVKg7AfkLrA==\n" + "-----END CERTIFICATE-----\n"; static void print_dn(gnutls_x509_dn_t dn) { @@ -76,10 +77,9 @@ static void print_dn(gnutls_x509_dn_t dn) if (ret < 0) fail("get_rdn_ava %d\n", ret); if (debug) - printf - ("dn[%d][%d] OID=%.*s\n\tDATA=%.*s\n", - i, j, ava.oid.size, ava.oid.data, - ava.value.size, ava.value.data); + printf("dn[%d][%d] OID=%.*s\n\tDATA=%.*s\n", i, + j, ava.oid.size, ava.oid.data, + ava.value.size, ava.value.data); } } @@ -121,10 +121,11 @@ void doit(void) if (ret < 0) fail("gnutls_x509_dn_get_str %d\n", ret); - if (strdn.size != 44 - || strcmp((char *)strdn.data, - "CN=CAcert WoT User,EMAIL=simon@josefsson.org") != 0) { - fail("gnutls_x509_dn_get_str string comparison failed: '%s'/%d\n", strdn.data, strdn.size); + if (strdn.size != 44 || + strcmp((char *)strdn.data, + "CN=CAcert WoT User,EMAIL=simon@josefsson.org") != 0) { + fail("gnutls_x509_dn_get_str string comparison failed: '%s'/%d\n", + strdn.data, strdn.size); } gnutls_free(strdn.data); @@ -132,10 +133,11 @@ void doit(void) ret = gnutls_x509_dn_get_str2(xdn, &strdn, 0); if (ret < 0) fail("gnutls_x509_dn_get_str2 %d\n", ret); - if (strdn.size != 44 - || strcmp((char *)strdn.data, - "EMAIL=simon@josefsson.org,CN=CAcert WoT User") != 0) { - fail("gnutls_x509_dn_get_str2 string comparison failed: '%s'/%d\n", strdn.data, strdn.size); + if (strdn.size != 44 || + strcmp((char *)strdn.data, + "EMAIL=simon@josefsson.org,CN=CAcert WoT User") != 0) { + fail("gnutls_x509_dn_get_str2 string comparison failed: '%s'/%d\n", + strdn.data, strdn.size); } gnutls_free(strdn.data); @@ -143,10 +145,11 @@ void doit(void) ret = gnutls_x509_dn_get_str2(xdn, &strdn, GNUTLS_X509_DN_FLAG_COMPAT); if (ret < 0) fail("gnutls_x509_dn_get_str2 %d\n", ret); - if (strdn.size != 44 - || strcmp((char *)strdn.data, - "CN=CAcert WoT User,EMAIL=simon@josefsson.org") != 0) { - fail("gnutls_x509_dn_get_str2 string comparison failed: '%s'/%d\n", strdn.data, strdn.size); + if (strdn.size != 44 || + strcmp((char *)strdn.data, + "CN=CAcert WoT User,EMAIL=simon@josefsson.org") != 0) { + fail("gnutls_x509_dn_get_str2 string comparison failed: '%s'/%d\n", + strdn.data, strdn.size); } gnutls_free(strdn.data); diff --git a/tests/dn2.c b/tests/dn2.c index 31915d5f1c..d236ece9e6 100644 --- a/tests/dn2.c +++ b/tests/dn2.c @@ -19,7 +19,7 @@ */ #ifdef HAVE_CONFIG_H -# include "config.h" +#include "config.h" #endif #include @@ -29,41 +29,42 @@ #include "utils.h" static char pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIFpzCCBI+gAwIBAgIQSOyh48ZYvgTFR8HspnpkMzANBgkqhkiG9w0BAQUFADCB\n" - "vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" - "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" - "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMv\n" - "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0Ew\n" - "HhcNMDgxMTEzMDAwMDAwWhcNMDkxMTEzMjM1OTU5WjCB6zETMBEGCysGAQQBgjc8\n" - "AgEDEwJERTEZMBcGCysGAQQBgjc8AgEBFAhNdWVuY2hlbjEbMBkGA1UEDxMSVjEu\n" - "MCwgQ2xhdXNlIDUuKGIpMRMwEQYDVQQFEwpIUkIgMTQ0MjYxMQswCQYDVQQGEwJE\n" - "RTEOMAwGA1UEERQFODA4MDcxEDAOBgNVBAgTB0JhdmFyaWExETAPBgNVBAcUCE11\n" - "ZW5jaGVuMR0wGwYDVQQJFBRGcmFua2Z1cnRlciBSaW5nIDEyOTERMA8GA1UEChQI\n" - "R01YIEdtYkgxEzARBgNVBAMUCnd3dy5nbXguZGUwgZ8wDQYJKoZIhvcNAQEBBQAD\n" - "gY0AMIGJAoGBAN/ZbLu17YtZo2OGnOfQDwhQlCvks2c+5nJDXjnCHI/ykSGlPH4G\n" - "5qc7/TScNV1/g0bUTRCA11+aVkvf6haRZfgwbxpY1iySNv8eOlm52QAfh3diJQ9N\n" - "5LxQblLHMRxXSFCJThl4BYAt70YdNMT9mVD21xx6ae+m3xEuco31aV7ZAgMBAAGj\n" - "ggH0MIIB8DAJBgNVHRMEAjAAMB0GA1UdDgQWBBTW4UAZN3wEg5TRWaoM1angbgOX\n" - "tjALBgNVHQ8EBAMCBaAwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXBjAqMCgGCCsG\n" - "AQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMD4GA1UdHwQ3MDUw\n" - "M6AxoC+GLWh0dHA6Ly9FVkludGwtY3JsLnZlcmlzaWduLmNvbS9FVkludGwyMDA2\n" - "LmNybDAoBgNVHSUEITAfBggrBgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEATAf\n" - "BgNVHSMEGDAWgBROQ8gddu83U3pP8lhvlPM44tW93zB2BggrBgEFBQcBAQRqMGgw\n" - "KwYIKwYBBQUHMAGGH2h0dHA6Ly9FVkludGwtb2NzcC52ZXJpc2lnbi5jb20wOQYI\n" - "KwYBBQUHMAKGLWh0dHA6Ly9FVkludGwtYWlhLnZlcmlzaWduLmNvbS9FVkludGwy\n" - "MDA2LmNlcjBuBggrBgEFBQcBDARiMGChXqBcMFowWDBWFglpbWFnZS9naWYwITAf\n" - "MAcGBSsOAwIaBBRLa7kolgYMu9BSOJsprEsHiyEFGDAmFiRodHRwOi8vbG9nby52\n" - "ZXJpc2lnbi5jb20vdnNsb2dvMS5naWYwDQYJKoZIhvcNAQEFBQADggEBAKpNJQYO\n" - "JTp34I24kvRF01WpOWOmfBx4K1gqruda/7U0UZqgTgBJVvwraKf6WeTZpHRqDCTw\n" - "iwySv7jil+gLMT0qIZxL1pII90z71tz08h8xYi1MOLeciG87O9C5pteL/iEtiMxB\n" - "96B6WWBo9mzgwSM1d8LDhrarZ7uQhm+kBAMyEXhmDnCPWhvExvxJzjEmOlxjThyP\n" - "2yvIgfLyDfplRe+jUbsY7YNe08eEyoLRq1jwPuRWTaEx2gA7C6pq45747/HkJrtF\n" - "ya3ULM/AJv6Nj6pobxzQ5rEkUGEwKavu7GMjLrSMnHrbVCiQrn1v6c7B9nSPA31L\n" - "/do1TDFI0vSl5+M=\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIFpzCCBI+gAwIBAgIQSOyh48ZYvgTFR8HspnpkMzANBgkqhkiG9w0BAQUFADCB\n" + "vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" + "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" + "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMv\n" + "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0Ew\n" + "HhcNMDgxMTEzMDAwMDAwWhcNMDkxMTEzMjM1OTU5WjCB6zETMBEGCysGAQQBgjc8\n" + "AgEDEwJERTEZMBcGCysGAQQBgjc8AgEBFAhNdWVuY2hlbjEbMBkGA1UEDxMSVjEu\n" + "MCwgQ2xhdXNlIDUuKGIpMRMwEQYDVQQFEwpIUkIgMTQ0MjYxMQswCQYDVQQGEwJE\n" + "RTEOMAwGA1UEERQFODA4MDcxEDAOBgNVBAgTB0JhdmFyaWExETAPBgNVBAcUCE11\n" + "ZW5jaGVuMR0wGwYDVQQJFBRGcmFua2Z1cnRlciBSaW5nIDEyOTERMA8GA1UEChQI\n" + "R01YIEdtYkgxEzARBgNVBAMUCnd3dy5nbXguZGUwgZ8wDQYJKoZIhvcNAQEBBQAD\n" + "gY0AMIGJAoGBAN/ZbLu17YtZo2OGnOfQDwhQlCvks2c+5nJDXjnCHI/ykSGlPH4G\n" + "5qc7/TScNV1/g0bUTRCA11+aVkvf6haRZfgwbxpY1iySNv8eOlm52QAfh3diJQ9N\n" + "5LxQblLHMRxXSFCJThl4BYAt70YdNMT9mVD21xx6ae+m3xEuco31aV7ZAgMBAAGj\n" + "ggH0MIIB8DAJBgNVHRMEAjAAMB0GA1UdDgQWBBTW4UAZN3wEg5TRWaoM1angbgOX\n" + "tjALBgNVHQ8EBAMCBaAwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXBjAqMCgGCCsG\n" + "AQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMD4GA1UdHwQ3MDUw\n" + "M6AxoC+GLWh0dHA6Ly9FVkludGwtY3JsLnZlcmlzaWduLmNvbS9FVkludGwyMDA2\n" + "LmNybDAoBgNVHSUEITAfBggrBgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEATAf\n" + "BgNVHSMEGDAWgBROQ8gddu83U3pP8lhvlPM44tW93zB2BggrBgEFBQcBAQRqMGgw\n" + "KwYIKwYBBQUHMAGGH2h0dHA6Ly9FVkludGwtb2NzcC52ZXJpc2lnbi5jb20wOQYI\n" + "KwYBBQUHMAKGLWh0dHA6Ly9FVkludGwtYWlhLnZlcmlzaWduLmNvbS9FVkludGwy\n" + "MDA2LmNlcjBuBggrBgEFBQcBDARiMGChXqBcMFowWDBWFglpbWFnZS9naWYwITAf\n" + "MAcGBSsOAwIaBBRLa7kolgYMu9BSOJsprEsHiyEFGDAmFiRodHRwOi8vbG9nby52\n" + "ZXJpc2lnbi5jb20vdnNsb2dvMS5naWYwDQYJKoZIhvcNAQEFBQADggEBAKpNJQYO\n" + "JTp34I24kvRF01WpOWOmfBx4K1gqruda/7U0UZqgTgBJVvwraKf6WeTZpHRqDCTw\n" + "iwySv7jil+gLMT0qIZxL1pII90z71tz08h8xYi1MOLeciG87O9C5pteL/iEtiMxB\n" + "96B6WWBo9mzgwSM1d8LDhrarZ7uQhm+kBAMyEXhmDnCPWhvExvxJzjEmOlxjThyP\n" + "2yvIgfLyDfplRe+jUbsY7YNe08eEyoLRq1jwPuRWTaEx2gA7C6pq45747/HkJrtF\n" + "ya3ULM/AJv6Nj6pobxzQ5rEkUGEwKavu7GMjLrSMnHrbVCiQrn1v6c7B9nSPA31L\n" + "/do1TDFI0vSl5+M=\n" + "-----END CERTIFICATE-----\n"; static const char *info = - "subject `CN=www.gmx.de,O=GMX GmbH,street=Frankfurter Ring 129,L=Muenchen,ST=Bavaria,postalCode=80807,C=DE,serialNumber=HRB 144261,businessCategory=V1.0\\, Clause 5.(b),jurisdictionOfIncorporationLocalityName=Muenchen,jurisdictionOfIncorporationCountryName=DE', issuer `CN=VeriSign Class 3 Extended Validation SSL SGC CA,OU=Terms of use at https://www.verisign.com/rpa (c)06,OU=VeriSign Trust Network,O=VeriSign\\, Inc.,C=US', serial 0x48eca1e3c658be04c547c1eca67a6433, RSA key 1024 bits, signed using RSA-SHA1 (broken!), activated `2008-11-13 00:00:00 UTC', expires `2009-11-13 23:59:59 UTC', pin-sha256=\"sVjloAiiqTbOeTkJWYtVweNaVPijLP/X95L96gJOSvk=\""; + "subject `CN=www.gmx.de,O=GMX GmbH,street=Frankfurter Ring 129,L=Muenchen,ST=Bavaria,postalCode=80807,C=DE,serialNumber=HRB 144261,businessCategory=V1.0\\, Clause 5.(b),jurisdictionOfIncorporationLocalityName=Muenchen,jurisdictionOfIncorporationCountryName=DE', issuer `CN=VeriSign Class 3 Extended Validation SSL SGC CA,OU=Terms of use at https://www.verisign.com/rpa (c)06,OU=VeriSign Trust Network,O=VeriSign\\, Inc.,C=US', serial 0x48eca1e3c658be04c547c1eca67a6433, RSA key 1024 bits, signed using RSA-SHA1 (broken!), activated `2008-11-13 00:00:00 UTC', expires `2009-11-13 23:59:59 UTC', pin-sha256=\"sVjloAiiqTbOeTkJWYtVweNaVPijLP/X95L96gJOSvk=\""; void doit(void) { @@ -90,7 +91,8 @@ void doit(void) /* When allowing SHA1, the output is different: no broken! string */ #ifndef ALLOW_SHA1 - if (out.size != strlen(info) || strcasecmp((char *)out.data, info) != 0) { + if (out.size != strlen(info) || + strcasecmp((char *)out.data, info) != 0) { fprintf(stderr, "comparison fail (%d/%d)\nexpected: %s\n\n got: %.*s\n\n", out.size, (int)strlen(info), info, out.size, out.data); diff --git a/tests/dss-sig-val.c b/tests/dss-sig-val.c index b6f58bc53b..2397bf26ca 100644 --- a/tests/dss-sig-val.c +++ b/tests/dss-sig-val.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,8 +33,8 @@ #include "utils.h" -static void encode(const char *test_name, const gnutls_datum_t * sig, - const gnutls_datum_t * r, const gnutls_datum_t * s) +static void encode(const char *test_name, const gnutls_datum_t *sig, + const gnutls_datum_t *r, const gnutls_datum_t *s) { int ret; gnutls_datum_t tmp_r, tmp_s, tmp_sig; @@ -46,13 +46,15 @@ static void encode(const char *test_name, const gnutls_datum_t * sig, exit(1); } - if (tmp_r.size != r->size || memcmp(r->data, tmp_r.data, r->size) != 0) { + if (tmp_r.size != r->size || + memcmp(r->data, tmp_r.data, r->size) != 0) { fail("%s: gnutls_decode_rs_value: r doesn't match\n", test_name); exit(1); } - if (tmp_s.size != s->size || memcmp(s->data, tmp_s.data, s->size) != 0) { + if (tmp_s.size != s->size || + memcmp(s->data, tmp_s.data, s->size) != 0) { fail("%s: gnutls_decode_rs_value: s doesn't match\n", test_name); exit(1); @@ -69,8 +71,8 @@ static void encode(const char *test_name, const gnutls_datum_t * sig, exit(1); } - if (tmp_sig.size != sig->size - || memcmp(sig->data, tmp_sig.data, sig->size) != 0) { + if (tmp_sig.size != sig->size || + memcmp(sig->data, tmp_sig.data, sig->size) != 0) { fail("%s: gnutls_encode_rs_value: sig doesn't match\n", test_name); exit(1); @@ -89,117 +91,102 @@ struct encode_tests_st { }; struct encode_tests_st encode_tests[] = { - { - .name = "test1", - .sig = {(unsigned char *) - "\x30\x46\x02\x21\x00\xe8\xa4\x26\x96\x2c\x32\xc6\x92\x55\x71\x31\xd7\x10\x35\x92\x60\x85\x34\xf0\x65\x03\x08\x2e\x38\x2b\xc8\x28\x67\xde\x10\x7c\xf5\x02\x21\x00\xc9\x8e\x56\x4f\xb1\x62\xe1\x74\xbe\x8c\x9d\xff\x04\x88\x75\x76\x63\x91\x8a\xd6\x9d\x41\x76\xef\xe2\xb5\x8e\xbb\xa8\x88\xba\x9f", - 72}, - .r = {(unsigned char *) - "\x00\xe8\xa4\x26\x96\x2c\x32\xc6\x92\x55\x71\x31\xd7\x10\x35\x92\x60\x85\x34\xf0\x65\x03\x08\x2e\x38\x2b\xc8\x28\x67\xde\x10\x7c\xf5", - 33}, - .s = {(unsigned char *) - "\x00\xc9\x8e\x56\x4f\xb1\x62\xe1\x74\xbe\x8c\x9d\xff\x04\x88\x75\x76\x63\x91\x8a\xd6\x9d\x41\x76\xef\xe2\xb5\x8e\xbb\xa8\x88\xba\x9f", - 33} - }, - { - .name = "test2", - .sig = {(unsigned char *) - "\x30\x44\x02\x20\x07\xd2\x7f\xd0\xef\x77\xa8\x29\x31\x9b\x46\x01\xb3\xaf\x66\xac\x33\x48\x15\x94\xb8\x80\xa1\x97\x71\x8f\x4a\x32\x43\x12\xec\x1f\x02\x20\x37\x06\x13\xbe\x4c\x6d\xdd\xcd\xa1\x4c\x88\xc5\x66\x85\x81\xf5\x50\x41\xb1\x4a\xee\x29\xce\x73\x2c\x09\xff\xba\xe3\x5e\x8a\x12", - 70}, - .r = {(unsigned char *) - "\x07\xd2\x7f\xd0\xef\x77\xa8\x29\x31\x9b\x46\x01\xb3\xaf\x66\xac\x33\x48\x15\x94\xb8\x80\xa1\x97\x71\x8f\x4a\x32\x43\x12\xec\x1f", - 32}, - .s = {(unsigned char *) - "\x37\x06\x13\xbe\x4c\x6d\xdd\xcd\xa1\x4c\x88\xc5\x66\x85\x81\xf5\x50\x41\xb1\x4a\xee\x29\xce\x73\x2c\x09\xff\xba\xe3\x5e\x8a\x12", - 32} - }, - { - .name = "test3", - .sig = {(unsigned char *) - "\x30\x44\x02\x20\x57\x53\x71\xfd\x9c\xb5\x96\xc2\xc5\xc7\x59\xce\x2f\xc2\xbe\x8f\xdc\x22\xf9\xab\x38\xdc\x57\x81\xfb\x34\x78\x12\xae\x88\x9a\x50\x02\x20\x60\x6b\xd4\x5b\xd6\x32\x05\xae\x1f\xe6\x08\xf4\x73\x0f\x42\xbc\x32\x55\x1f\x8d\xea\x81\xec\x2b\x4a\x0b\x8c\x0f\xb1\xbe\x5f\x9b", - 70}, - .r = {(unsigned char *) - "\x57\x53\x71\xfd\x9c\xb5\x96\xc2\xc5\xc7\x59\xce\x2f\xc2\xbe\x8f\xdc\x22\xf9\xab\x38\xdc\x57\x81\xfb\x34\x78\x12\xae\x88\x9a\x50", - 32}, - .s = {(unsigned char *) - "\x60\x6b\xd4\x5b\xd6\x32\x05\xae\x1f\xe6\x08\xf4\x73\x0f\x42\xbc\x32\x55\x1f\x8d\xea\x81\xec\x2b\x4a\x0b\x8c\x0f\xb1\xbe\x5f\x9b", - 32} - - }, - { - .name = "test4", - .sig = {(unsigned char *) - "\x30\x46\x02\x21\x00\xe7\xdd\x79\x58\x96\xf6\x12\x05\xc1\x7a\x44\xd6\xdf\xde\x83\xe9\xb6\x30\xa7\xff\x02\x85\x97\x34\x5a\xcd\x2f\xae\xbd\xc6\x5d\xde\x02\x21\x00\xb5\x64\xbc\x53\x97\xc5\x64\x6f\x6b\x81\xe7\x4d\xad\x36\x29\x50\xd1\x62\x91\x65\x51\xf0\xc4\xa5\x28\x80\x20\x51\x9b\xce\xcc\xc8", - 72}, - .r = {(unsigned char *) - "\x00\xe7\xdd\x79\x58\x96\xf6\x12\x05\xc1\x7a\x44\xd6\xdf\xde\x83\xe9\xb6\x30\xa7\xff\x02\x85\x97\x34\x5a\xcd\x2f\xae\xbd\xc6\x5d\xde", - 33}, - .s = {(unsigned char *) - "\x00\xb5\x64\xbc\x53\x97\xc5\x64\x6f\x6b\x81\xe7\x4d\xad\x36\x29\x50\xd1\x62\x91\x65\x51\xf0\xc4\xa5\x28\x80\x20\x51\x9b\xce\xcc\xc8", - 33} - }, - { - .name = "test5", - .sig = {(unsigned char *) - "\x30\x45\x02\x20\x54\xce\x1b\x8d\x63\x5d\xa4\xdb\x26\x58\x1c\x8f\xf0\xb0\x6d\xf3\x2f\x6a\xdb\x83\xcf\x7e\xe7\xda\x98\x52\xa6\x5f\x1f\xc9\x50\x73\x02\x21\x00\xfa\xb9\x6a\x18\xd4\xc6\x45\x3c\xf2\xbf\xc2\x3d\x15\x0d\xc6\xd4\x0c\x78\x52\x12\xec\xb5\x3c\xf5\xe0\x8a\xbf\x6c\x11\xd3\xfd\x4f", - 71}, - .r = {(unsigned char *) - "\x54\xce\x1b\x8d\x63\x5d\xa4\xdb\x26\x58\x1c\x8f\xf0\xb0\x6d\xf3\x2f\x6a\xdb\x83\xcf\x7e\xe7\xda\x98\x52\xa6\x5f\x1f\xc9\x50\x73", - 32}, - .s = {(unsigned char *) - "\x00\xfa\xb9\x6a\x18\xd4\xc6\x45\x3c\xf2\xbf\xc2\x3d\x15\x0d\xc6\xd4\x0c\x78\x52\x12\xec\xb5\x3c\xf5\xe0\x8a\xbf\x6c\x11\xd3\xfd\x4f", - 33} - }, - { - .name = "test6", - .sig = {(unsigned char *) - "\x30\x45\x02\x20\x3b\x77\x03\xcf\x8f\xe7\x92\xf1\x6a\x68\x3b\xcd\xb7\x21\x5b\x80\xcd\x00\x75\x65\x38\x31\x8c\xc2\x9b\x92\x6a\x1a\x02\x4b\xd8\x73\x02\x21\x00\xd9\x88\x28\x68\xae\x31\x5d\x95\xa4\x8b\x5e\x3a\x95\x24\x7b\x0d\x07\xaa\xc4\xe0\xeb\xb1\xf1\x89\xc0\xab\x4d\x88\x15\x84\x5f\x01", - 71}, - .r = {(unsigned char *) - "\x3b\x77\x03\xcf\x8f\xe7\x92\xf1\x6a\x68\x3b\xcd\xb7\x21\x5b\x80\xcd\x00\x75\x65\x38\x31\x8c\xc2\x9b\x92\x6a\x1a\x02\x4b\xd8\x73", - 32}, - .s = {(unsigned char *) - "\x00\xd9\x88\x28\x68\xae\x31\x5d\x95\xa4\x8b\x5e\x3a\x95\x24\x7b\x0d\x07\xaa\xc4\xe0\xeb\xb1\xf1\x89\xc0\xab\x4d\x88\x15\x84\x5f\x01", - 33} - }, - { - .name = "test7", - .sig = {(unsigned char *) - "\x30\x45\x02\x20\x22\xa1\xbf\x7d\xcd\x7b\x5e\xab\xa0\x08\x20\xe5\xcc\x22\x34\x61\xf1\x1f\xd0\x3a\x32\xc3\x61\x19\xcf\xe4\xeb\xff\x66\xe6\x51\xa1\x02\x21\x00\x9d\x62\xcb\x04\x3e\xb6\x1f\xc1\x2e\x52\xd4\x73\x7f\xbd\xa5\x9c\x29\x49\x75\x6d\x08\xf9\xcb\x74\xd7\x41\xdc\xcb\x66\x4d\x9a\x77", - 71}, - .r = {(unsigned char *) - "\x22\xa1\xbf\x7d\xcd\x7b\x5e\xab\xa0\x08\x20\xe5\xcc\x22\x34\x61\xf1\x1f\xd0\x3a\x32\xc3\x61\x19\xcf\xe4\xeb\xff\x66\xe6\x51\xa1", - 32}, - .s = {(unsigned char *) - "\x00\x9d\x62\xcb\x04\x3e\xb6\x1f\xc1\x2e\x52\xd4\x73\x7f\xbd\xa5\x9c\x29\x49\x75\x6d\x08\xf9\xcb\x74\xd7\x41\xdc\xcb\x66\x4d\x9a\x77", - 33} - }, - { - .name = "test8", - .sig = {(unsigned char *) - "\x30\x44\x02\x20\x41\xc9\x32\x16\x2e\x6f\x0c\x1f\x0f\x81\xc0\x0f\x01\x50\x31\x75\x10\x55\x25\x45\x2a\x75\xb1\xdf\x91\x8e\xdf\x24\x30\xf2\xa8\x5f\x02\x20\x07\x80\xa7\x9b\xb8\x1c\x4f\x6e\xc4\x97\x5c\xb7\x9e\x61\x2a\xf0\xfc\x16\xdd\xe7\xa3\xcc\x15\x99\x68\x08\x8e\x85\x60\x9d\x34\xf8", - 70}, - .r = {(unsigned char *) - "\x41\xc9\x32\x16\x2e\x6f\x0c\x1f\x0f\x81\xc0\x0f\x01\x50\x31\x75\x10\x55\x25\x45\x2a\x75\xb1\xdf\x91\x8e\xdf\x24\x30\xf2\xa8\x5f", - 32}, - .s = {(unsigned char *) - "\x07\x80\xa7\x9b\xb8\x1c\x4f\x6e\xc4\x97\x5c\xb7\x9e\x61\x2a\xf0\xfc\x16\xdd\xe7\xa3\xcc\x15\x99\x68\x08\x8e\x85\x60\x9d\x34\xf8", - 32} - - }, - { - .name = "test9", - .sig = {(unsigned char *) - "\x30\x46\x02\x21\x00\xbe\xa1\x01\x12\x64\x1d\x66\x5a\x68\x4a\xa0\xd5\x7e\x3e\x0c\x83\x51\xaa\x21\x9a\x0f\x7b\x38\xf0\xc0\x8b\xc5\xba\xfe\x25\x83\x51\x02\x21\x00\xfb\xea\x25\x74\x78\xd3\xaa\x91\x7b\xc8\x49\x26\x22\x26\xc7\x72\x6b\x25\xfd\x05\xac\x71\x5d\xeb\x1d\xc5\xaa\x4e\xc9\x6e\x34\xb5", - 72}, - .r = {(unsigned char *) - "\x00\xbe\xa1\x01\x12\x64\x1d\x66\x5a\x68\x4a\xa0\xd5\x7e\x3e\x0c\x83\x51\xaa\x21\x9a\x0f\x7b\x38\xf0\xc0\x8b\xc5\xba\xfe\x25\x83\x51", - 33}, - .s = {(unsigned char *) - "\x00\xfb\xea\x25\x74\x78\xd3\xaa\x91\x7b\xc8\x49\x26\x22\x26\xc7\x72\x6b\x25\xfd\x05\xac\x71\x5d\xeb\x1d\xc5\xaa\x4e\xc9\x6e\x34\xb5", - 33} - - } + { .name = "test1", + .sig = { (unsigned char + *)"\x30\x46\x02\x21\x00\xe8\xa4\x26\x96\x2c\x32\xc6\x92\x55\x71\x31\xd7\x10\x35\x92\x60\x85\x34\xf0\x65\x03\x08\x2e\x38\x2b\xc8\x28\x67\xde\x10\x7c\xf5\x02\x21\x00\xc9\x8e\x56\x4f\xb1\x62\xe1\x74\xbe\x8c\x9d\xff\x04\x88\x75\x76\x63\x91\x8a\xd6\x9d\x41\x76\xef\xe2\xb5\x8e\xbb\xa8\x88\xba\x9f", + 72 }, + .r = { (unsigned char + *)"\x00\xe8\xa4\x26\x96\x2c\x32\xc6\x92\x55\x71\x31\xd7\x10\x35\x92\x60\x85\x34\xf0\x65\x03\x08\x2e\x38\x2b\xc8\x28\x67\xde\x10\x7c\xf5", + 33 }, + .s = { (unsigned char + *)"\x00\xc9\x8e\x56\x4f\xb1\x62\xe1\x74\xbe\x8c\x9d\xff\x04\x88\x75\x76\x63\x91\x8a\xd6\x9d\x41\x76\xef\xe2\xb5\x8e\xbb\xa8\x88\xba\x9f", + 33 } }, + { .name = "test2", + .sig = { (unsigned char + *)"\x30\x44\x02\x20\x07\xd2\x7f\xd0\xef\x77\xa8\x29\x31\x9b\x46\x01\xb3\xaf\x66\xac\x33\x48\x15\x94\xb8\x80\xa1\x97\x71\x8f\x4a\x32\x43\x12\xec\x1f\x02\x20\x37\x06\x13\xbe\x4c\x6d\xdd\xcd\xa1\x4c\x88\xc5\x66\x85\x81\xf5\x50\x41\xb1\x4a\xee\x29\xce\x73\x2c\x09\xff\xba\xe3\x5e\x8a\x12", + 70 }, + .r = { (unsigned char + *)"\x07\xd2\x7f\xd0\xef\x77\xa8\x29\x31\x9b\x46\x01\xb3\xaf\x66\xac\x33\x48\x15\x94\xb8\x80\xa1\x97\x71\x8f\x4a\x32\x43\x12\xec\x1f", + 32 }, + .s = { (unsigned char + *)"\x37\x06\x13\xbe\x4c\x6d\xdd\xcd\xa1\x4c\x88\xc5\x66\x85\x81\xf5\x50\x41\xb1\x4a\xee\x29\xce\x73\x2c\x09\xff\xba\xe3\x5e\x8a\x12", + 32 } }, + { .name = "test3", + .sig = { (unsigned char + *)"\x30\x44\x02\x20\x57\x53\x71\xfd\x9c\xb5\x96\xc2\xc5\xc7\x59\xce\x2f\xc2\xbe\x8f\xdc\x22\xf9\xab\x38\xdc\x57\x81\xfb\x34\x78\x12\xae\x88\x9a\x50\x02\x20\x60\x6b\xd4\x5b\xd6\x32\x05\xae\x1f\xe6\x08\xf4\x73\x0f\x42\xbc\x32\x55\x1f\x8d\xea\x81\xec\x2b\x4a\x0b\x8c\x0f\xb1\xbe\x5f\x9b", + 70 }, + .r = { (unsigned char + *)"\x57\x53\x71\xfd\x9c\xb5\x96\xc2\xc5\xc7\x59\xce\x2f\xc2\xbe\x8f\xdc\x22\xf9\xab\x38\xdc\x57\x81\xfb\x34\x78\x12\xae\x88\x9a\x50", + 32 }, + .s = { (unsigned char + *)"\x60\x6b\xd4\x5b\xd6\x32\x05\xae\x1f\xe6\x08\xf4\x73\x0f\x42\xbc\x32\x55\x1f\x8d\xea\x81\xec\x2b\x4a\x0b\x8c\x0f\xb1\xbe\x5f\x9b", + 32 } + + }, + { .name = "test4", + .sig = { (unsigned char + *)"\x30\x46\x02\x21\x00\xe7\xdd\x79\x58\x96\xf6\x12\x05\xc1\x7a\x44\xd6\xdf\xde\x83\xe9\xb6\x30\xa7\xff\x02\x85\x97\x34\x5a\xcd\x2f\xae\xbd\xc6\x5d\xde\x02\x21\x00\xb5\x64\xbc\x53\x97\xc5\x64\x6f\x6b\x81\xe7\x4d\xad\x36\x29\x50\xd1\x62\x91\x65\x51\xf0\xc4\xa5\x28\x80\x20\x51\x9b\xce\xcc\xc8", + 72 }, + .r = { (unsigned char + *)"\x00\xe7\xdd\x79\x58\x96\xf6\x12\x05\xc1\x7a\x44\xd6\xdf\xde\x83\xe9\xb6\x30\xa7\xff\x02\x85\x97\x34\x5a\xcd\x2f\xae\xbd\xc6\x5d\xde", + 33 }, + .s = { (unsigned char + *)"\x00\xb5\x64\xbc\x53\x97\xc5\x64\x6f\x6b\x81\xe7\x4d\xad\x36\x29\x50\xd1\x62\x91\x65\x51\xf0\xc4\xa5\x28\x80\x20\x51\x9b\xce\xcc\xc8", + 33 } }, + { .name = "test5", + .sig = { (unsigned char + *)"\x30\x45\x02\x20\x54\xce\x1b\x8d\x63\x5d\xa4\xdb\x26\x58\x1c\x8f\xf0\xb0\x6d\xf3\x2f\x6a\xdb\x83\xcf\x7e\xe7\xda\x98\x52\xa6\x5f\x1f\xc9\x50\x73\x02\x21\x00\xfa\xb9\x6a\x18\xd4\xc6\x45\x3c\xf2\xbf\xc2\x3d\x15\x0d\xc6\xd4\x0c\x78\x52\x12\xec\xb5\x3c\xf5\xe0\x8a\xbf\x6c\x11\xd3\xfd\x4f", + 71 }, + .r = { (unsigned char + *)"\x54\xce\x1b\x8d\x63\x5d\xa4\xdb\x26\x58\x1c\x8f\xf0\xb0\x6d\xf3\x2f\x6a\xdb\x83\xcf\x7e\xe7\xda\x98\x52\xa6\x5f\x1f\xc9\x50\x73", + 32 }, + .s = { (unsigned char + *)"\x00\xfa\xb9\x6a\x18\xd4\xc6\x45\x3c\xf2\xbf\xc2\x3d\x15\x0d\xc6\xd4\x0c\x78\x52\x12\xec\xb5\x3c\xf5\xe0\x8a\xbf\x6c\x11\xd3\xfd\x4f", + 33 } }, + { .name = "test6", + .sig = { (unsigned char + *)"\x30\x45\x02\x20\x3b\x77\x03\xcf\x8f\xe7\x92\xf1\x6a\x68\x3b\xcd\xb7\x21\x5b\x80\xcd\x00\x75\x65\x38\x31\x8c\xc2\x9b\x92\x6a\x1a\x02\x4b\xd8\x73\x02\x21\x00\xd9\x88\x28\x68\xae\x31\x5d\x95\xa4\x8b\x5e\x3a\x95\x24\x7b\x0d\x07\xaa\xc4\xe0\xeb\xb1\xf1\x89\xc0\xab\x4d\x88\x15\x84\x5f\x01", + 71 }, + .r = { (unsigned char + *)"\x3b\x77\x03\xcf\x8f\xe7\x92\xf1\x6a\x68\x3b\xcd\xb7\x21\x5b\x80\xcd\x00\x75\x65\x38\x31\x8c\xc2\x9b\x92\x6a\x1a\x02\x4b\xd8\x73", + 32 }, + .s = { (unsigned char + *)"\x00\xd9\x88\x28\x68\xae\x31\x5d\x95\xa4\x8b\x5e\x3a\x95\x24\x7b\x0d\x07\xaa\xc4\xe0\xeb\xb1\xf1\x89\xc0\xab\x4d\x88\x15\x84\x5f\x01", + 33 } }, + { .name = "test7", + .sig = { (unsigned char + *)"\x30\x45\x02\x20\x22\xa1\xbf\x7d\xcd\x7b\x5e\xab\xa0\x08\x20\xe5\xcc\x22\x34\x61\xf1\x1f\xd0\x3a\x32\xc3\x61\x19\xcf\xe4\xeb\xff\x66\xe6\x51\xa1\x02\x21\x00\x9d\x62\xcb\x04\x3e\xb6\x1f\xc1\x2e\x52\xd4\x73\x7f\xbd\xa5\x9c\x29\x49\x75\x6d\x08\xf9\xcb\x74\xd7\x41\xdc\xcb\x66\x4d\x9a\x77", + 71 }, + .r = { (unsigned char + *)"\x22\xa1\xbf\x7d\xcd\x7b\x5e\xab\xa0\x08\x20\xe5\xcc\x22\x34\x61\xf1\x1f\xd0\x3a\x32\xc3\x61\x19\xcf\xe4\xeb\xff\x66\xe6\x51\xa1", + 32 }, + .s = { (unsigned char + *)"\x00\x9d\x62\xcb\x04\x3e\xb6\x1f\xc1\x2e\x52\xd4\x73\x7f\xbd\xa5\x9c\x29\x49\x75\x6d\x08\xf9\xcb\x74\xd7\x41\xdc\xcb\x66\x4d\x9a\x77", + 33 } }, + { .name = "test8", + .sig = { (unsigned char + *)"\x30\x44\x02\x20\x41\xc9\x32\x16\x2e\x6f\x0c\x1f\x0f\x81\xc0\x0f\x01\x50\x31\x75\x10\x55\x25\x45\x2a\x75\xb1\xdf\x91\x8e\xdf\x24\x30\xf2\xa8\x5f\x02\x20\x07\x80\xa7\x9b\xb8\x1c\x4f\x6e\xc4\x97\x5c\xb7\x9e\x61\x2a\xf0\xfc\x16\xdd\xe7\xa3\xcc\x15\x99\x68\x08\x8e\x85\x60\x9d\x34\xf8", + 70 }, + .r = { (unsigned char + *)"\x41\xc9\x32\x16\x2e\x6f\x0c\x1f\x0f\x81\xc0\x0f\x01\x50\x31\x75\x10\x55\x25\x45\x2a\x75\xb1\xdf\x91\x8e\xdf\x24\x30\xf2\xa8\x5f", + 32 }, + .s = { (unsigned char + *)"\x07\x80\xa7\x9b\xb8\x1c\x4f\x6e\xc4\x97\x5c\xb7\x9e\x61\x2a\xf0\xfc\x16\xdd\xe7\xa3\xcc\x15\x99\x68\x08\x8e\x85\x60\x9d\x34\xf8", + 32 } + + }, + { .name = "test9", + .sig = { (unsigned char + *)"\x30\x46\x02\x21\x00\xbe\xa1\x01\x12\x64\x1d\x66\x5a\x68\x4a\xa0\xd5\x7e\x3e\x0c\x83\x51\xaa\x21\x9a\x0f\x7b\x38\xf0\xc0\x8b\xc5\xba\xfe\x25\x83\x51\x02\x21\x00\xfb\xea\x25\x74\x78\xd3\xaa\x91\x7b\xc8\x49\x26\x22\x26\xc7\x72\x6b\x25\xfd\x05\xac\x71\x5d\xeb\x1d\xc5\xaa\x4e\xc9\x6e\x34\xb5", + 72 }, + .r = { (unsigned char + *)"\x00\xbe\xa1\x01\x12\x64\x1d\x66\x5a\x68\x4a\xa0\xd5\x7e\x3e\x0c\x83\x51\xaa\x21\x9a\x0f\x7b\x38\xf0\xc0\x8b\xc5\xba\xfe\x25\x83\x51", + 33 }, + .s = { (unsigned char + *)"\x00\xfb\xea\x25\x74\x78\xd3\xaa\x91\x7b\xc8\x49\x26\x22\x26\xc7\x72\x6b\x25\xfd\x05\xac\x71\x5d\xeb\x1d\xc5\xaa\x4e\xc9\x6e\x34\xb5", + 33 } + + } }; void doit(void) diff --git a/tests/dtls-client-with-seccomp.c b/tests/dtls-client-with-seccomp.c index b738b0c554..3816ec0631 100644 --- a/tests/dtls-client-with-seccomp.c +++ b/tests/dtls-client-with-seccomp.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,20 +35,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" static void terminate(void); @@ -62,7 +62,7 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static ssize_t push(gnutls_transport_ptr_t tr, const void *data, size_t len) { @@ -111,8 +111,7 @@ static void client(int fd, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -125,8 +124,8 @@ static void client(int fd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { ret = gnutls_record_recv(session, buffer, sizeof(buffer) - 1); @@ -147,7 +146,7 @@ static void client(int fd, const char *prio) gnutls_strerror(ret)); } - end: +end: close(fd); @@ -188,9 +187,8 @@ static void server(int fd, const char *prio) gnutls_certificate_allocate_credentials(&xcred); - ret = gnutls_certificate_set_x509_key_mem(xcred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + xcred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -210,8 +208,7 @@ static void server(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -224,8 +221,8 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* see the Getting peer's information example */ /* print_info(session); */ @@ -260,8 +257,7 @@ static void server(int fd, const char *prio) success("server: finished\n"); } -static -void run(const char *name, const char *prio) +static void run(const char *name, const char *prio) { int fd[2]; int ret; @@ -302,4 +298,4 @@ void doit(void) { run("dtls1.2", "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-DTLS1.2"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/dtls-etm.c b/tests/dtls-etm.c index 86e613ff3b..53d70a6c5c 100644 --- a/tests/dtls-etm.c +++ b/tests/dtls-etm.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,20 +35,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "utils.h" -# include "cert-common.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "utils.h" +#include "cert-common.h" static void terminate(void); @@ -68,7 +68,7 @@ static void client_log_func(int level, const char *str) /* A very basic TLS client, with anonymous authentication. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, const char *prio, unsigned etm) { @@ -107,8 +107,7 @@ static void client(int fd, const char *prio, unsigned etm) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -121,8 +120,8 @@ static void client(int fd, const char *prio, unsigned etm) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (etm != 0 && gnutls_session_etm_status(session) == 0) { fail("client: EtM was not negotiated with %s!\n", prio); @@ -132,13 +131,12 @@ static void client(int fd, const char *prio, unsigned etm) exit(1); } - if (etm != 0 - && ((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_ETM) == 0)) { + if (etm != 0 && + ((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_ETM) == 0)) { fail("client: EtM was not negotiated with %s!\n", prio); exit(1); - } else if (etm == 0 - && ((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_ETM) - != 0)) { + } else if (etm == 0 && ((gnutls_session_get_flags(session) & + GNUTLS_SFLAGS_ETM) != 0)) { fail("client: EtM was negotiated with %s!\n", prio); exit(1); } @@ -162,7 +160,7 @@ static void client(int fd, const char *prio, unsigned etm) gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -240,13 +238,12 @@ static void server(int fd, const char *prio, unsigned etm) exit(1); } - if (etm != 0 - && ((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_ETM) == 0)) { + if (etm != 0 && + ((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_ETM) == 0)) { fail("server: EtM was not negotiated with %s!\n", prio); exit(1); - } else if (etm == 0 - && ((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_ETM) - != 0)) { + } else if (etm == 0 && ((gnutls_session_get_flags(session) & + GNUTLS_SFLAGS_ETM) != 0)) { fail("server: EtM was negotiated with %s!\n", prio); exit(1); } @@ -256,13 +253,13 @@ static void server(int fd, const char *prio, unsigned etm) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { do { - ret = - gnutls_record_send(session, buffer, sizeof(buffer)); + ret = gnutls_record_send(session, buffer, + sizeof(buffer)); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { @@ -271,8 +268,7 @@ static void server(int fd, const char *prio, unsigned etm) terminate(); } to_send++; - } - while (to_send < 64); + } while (to_send < 64); to_send = -1; /* do not wait for the peer to close the connection. @@ -321,9 +317,12 @@ static void start(const char *prio, unsigned etm) } } -# define AES_CBC "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" -# define AES_CBC_SHA256 "NONE:+VERS-DTLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" -# define AES_GCM "NONE:+VERS-DTLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" +#define AES_CBC \ + "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" +#define AES_CBC_SHA256 \ + "NONE:+VERS-DTLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" +#define AES_GCM \ + "NONE:+VERS-DTLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" static void ch_handler(int sig) { @@ -342,4 +341,4 @@ void doit(void) start(AES_GCM, 0); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/dtls-handshake-versions.c b/tests/dtls-handshake-versions.c index a447e9e76e..63f1ea67ec 100644 --- a/tests/dtls-handshake-versions.c +++ b/tests/dtls-handshake-versions.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -66,9 +66,8 @@ static void try(unsigned char major, unsigned char minor, int ret1, int ret2) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); @@ -86,15 +85,13 @@ static void try(unsigned char major, unsigned char minor, int ret1, int ret2) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); - ret = - gnutls_init(&client, - GNUTLS_CLIENT | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK); + ret = gnutls_init(&client, + GNUTLS_CLIENT | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK); if (ret < 0) exit(1); diff --git a/tests/dtls-max-record.c b/tests/dtls-max-record.c index d37f226b8f..fd845f48f0 100644 --- a/tests/dtls-max-record.c +++ b/tests/dtls-max-record.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -32,7 +32,9 @@ #include #include "utils.h" -#define SERVER_PUSH_ADD if (len > 512 + 5+8+32) fail("max record set to 512, len: %d\n", (int)len); +#define SERVER_PUSH_ADD \ + if (len > 512 + 5 + 8 + 32) \ + fail("max record set to 512, len: %d\n", (int)len); #include "eagain-common.h" #include "cert-common.h" @@ -47,8 +49,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static -void run(const char *prio) +static void run(const char *prio) { global_init(); @@ -70,9 +71,8 @@ void run(const char *prio) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server2_cert, &server2_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server2_cert, + &server2_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); @@ -90,15 +90,13 @@ void run(const char *prio) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca2_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca2_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); - ret = - gnutls_init(&client, - GNUTLS_CLIENT | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK); + ret = gnutls_init(&client, + GNUTLS_CLIENT | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK); if (ret < 0) exit(1); diff --git a/tests/dtls-pthread.c b/tests/dtls-pthread.c index 2fa486b0e7..2f7c7ec2e1 100644 --- a/tests/dtls-pthread.c +++ b/tests/dtls-pthread.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,11 +33,11 @@ #include #include #ifndef _WIN32 -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include #endif #include #include "utils.h" @@ -67,10 +67,10 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -# define MSG "hello1111" -# define MSG2 "xxxxxxxxxxxx" +#define MSG "hello1111" +#define MSG2 "xxxxxxxxxxxx" -# define NO_MSGS 128 +#define NO_MSGS 128 static void *recv_thread(void *arg) { @@ -81,8 +81,8 @@ static void *recv_thread(void *arg) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); for (i = 0; i < NO_MSGS; i++) { /* the peer should reflect our messages */ @@ -91,9 +91,10 @@ static void *recv_thread(void *arg) } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) fail("client: recv failed: %s\n", gnutls_strerror(ret)); - if (ret != sizeof(MSG) - 1 - || memcmp(buf, MSG, sizeof(MSG) - 1) != 0) { - fail("client: recv failed; not the expected values (got: %d, exp: %d)\n", ret, (int)sizeof(MSG) - 1); + if (ret != sizeof(MSG) - 1 || + memcmp(buf, MSG, sizeof(MSG) - 1) != 0) { + fail("client: recv failed; not the expected values (got: %d, exp: %d)\n", + ret, (int)sizeof(MSG) - 1); } if (debug) @@ -107,7 +108,8 @@ static void *recv_thread(void *arg) if (ret < 0) fail("client: recv2 failed: %s\n", gnutls_strerror(ret)); - if (ret != sizeof(MSG2) - 1 || memcmp(buf, MSG2, sizeof(MSG2) - 1) != 0) { + if (ret != sizeof(MSG2) - 1 || + memcmp(buf, MSG2, sizeof(MSG2) - 1) != 0) { fail("client: recv2 failed; not the expected values\n"); } @@ -119,8 +121,7 @@ static void *recv_thread(void *arg) pthread_exit(0); } -static -void do_thread_stuff(gnutls_session_t session) +static void do_thread_stuff(gnutls_session_t session) { int ret; unsigned i; @@ -226,15 +227,14 @@ static void client(int fd, const char *prio, unsigned do_thread, assert(gnutls_priority_set_direct(session, prio, NULL) >= 0); - assert(gnutls_credentials_set - (session, GNUTLS_CRD_CERTIFICATE, x509_cred) >= 0); + assert(gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, + x509_cred) >= 0); gnutls_transport_set_int(session, fd); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed: %s\n", gnutls_strerror(ret)); @@ -265,13 +265,13 @@ static void server(int fd, const char *prio, unsigned do_thread) global_init(); -# if 0 +#if 0 if (debug) { side = "server"; gnutls_global_set_log_function(tls_log_func); gnutls_global_set_log_level(4711); } -# endif +#endif assert(gnutls_certificate_allocate_credentials(&x509_cred) >= 0); assert(gnutls_certificate_set_x509_key_mem(x509_cred, &server_cert, @@ -303,8 +303,8 @@ static void server(int fd, const char *prio, unsigned do_thread) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (do_thread) do_thread_stuff(session); @@ -322,9 +322,8 @@ static void server(int fd, const char *prio, unsigned do_thread) success("server: finished\n"); } -static -void run(const char *str, const char *prio, unsigned do_thread, - unsigned false_start) +static void run(const char *str, const char *prio, unsigned do_thread, + unsigned false_start) { int fd[2]; int ret; @@ -372,4 +371,4 @@ void doit(void) run("dtls1.2 false start, threaded server", "NORMAL:-VERS-ALL:+VERS-DTLS1.2", 1, 1); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/dtls-rehandshake-anon.c b/tests/dtls-rehandshake-anon.c index 3a8c60ed59..822bdf88fb 100644 --- a/tests/dtls-rehandshake-anon.c +++ b/tests/dtls-rehandshake-anon.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,17 +35,17 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -65,8 +65,8 @@ static void client_log_func(int level, const char *str) /* A very basic TLS client, with anonymous authentication. */ -# define MAX_BUF 1024 -# define MSG "Hello TLS" +#define MAX_BUF 1024 +#define MSG "Hello TLS" static ssize_t push(gnutls_transport_ptr_t tr, const void *data, size_t len) { @@ -99,9 +99,10 @@ static void client(int fd, int server_init) gnutls_dtls_set_mtu(session, 1500); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); /* put the anonymous credentials to the current session */ @@ -114,8 +115,7 @@ static void client(int fd, int server_init) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -128,8 +128,8 @@ static void client(int fd, int server_init) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (!server_init) { sec_sleep(60); @@ -137,8 +137,7 @@ static void client(int fd, int server_init) success("Initiating client rehandshake\n"); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("2nd client gnutls_handshake: %s\n", @@ -158,12 +157,10 @@ static void client(int fd, int server_init) } else if (ret < 0) { if (server_init && ret == GNUTLS_E_REHANDSHAKE) { if (debug) - success - ("Initiating rehandshake due to server request\n"); + success("Initiating rehandshake due to server request\n"); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); } if (ret != 0) { @@ -177,7 +174,7 @@ static void client(int fd, int server_init) } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -223,9 +220,10 @@ static void server(int fd, int server_init) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); @@ -234,8 +232,7 @@ static void server(int fd, int server_init) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -248,8 +245,8 @@ static void server(int fd, int server_init) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* see the Getting peer's information example */ /* print_info(session); */ @@ -267,8 +264,7 @@ static void server(int fd, int server_init) success("server: Initiating rehandshake\n"); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("server: 2nd gnutls_handshake: %s\n", @@ -286,34 +282,31 @@ static void server(int fd, int server_init) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { if (!server_init && ret == GNUTLS_E_REHANDSHAKE) { if (debug) - success - ("Initiating rehandshake due to client request\n"); + success("Initiating rehandshake due to client request\n"); do { ret = gnutls_handshake(session); - } - while (ret < 0 - && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && + gnutls_error_is_fatal(ret) == 0); if (ret == 0) break; } - fail("server: Received corrupted data(%s). Closing...\n", gnutls_strerror(ret)); + fail("server: Received corrupted data(%s). Closing...\n", + gnutls_strerror(ret)); terminate(); } else if (ret > 0) { /* echo data back to the client */ do { - ret = - gnutls_record_send(session, buffer, - strlen(buffer)); - } while (ret == GNUTLS_E_AGAIN - || ret == GNUTLS_E_INTERRUPTED); + ret = gnutls_record_send(session, buffer, + strlen(buffer)); + } while (ret == GNUTLS_E_AGAIN || + ret == GNUTLS_E_INTERRUPTED); } } @@ -370,4 +363,4 @@ void doit(void) start(1); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/dtls-rehandshake-cert-2.c b/tests/dtls-rehandshake-cert-2.c index 2f39ae672f..9bc6226107 100644 --- a/tests/dtls-rehandshake-cert-2.c +++ b/tests/dtls-rehandshake-cert-2.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,19 +35,19 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "cert-common.h" -# include "utils.h" +#include "cert-common.h" +#include "utils.h" static void terminate(void); @@ -69,8 +69,8 @@ static void client_log_func(int level, const char *str) * certificates. */ -# define MAX_BUF 1024 -# define MSG "Hello TLS" +#define MAX_BUF 1024 +#define MSG "Hello TLS" static ssize_t push(gnutls_transport_ptr_t tr, const void *data, size_t len) { @@ -115,8 +115,7 @@ static void client(int fd, int server_init, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -129,8 +128,8 @@ static void client(int fd, int server_init, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* update priorities to allow cert auth */ snprintf(buffer, sizeof(buffer), "%s:+ECDHE-RSA", prio); @@ -142,8 +141,7 @@ static void client(int fd, int server_init, const char *prio) success("Initiating client rehandshake\n"); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("2nd client gnutls_handshake: %s\n", @@ -163,12 +161,10 @@ static void client(int fd, int server_init, const char *prio) } else if (ret < 0) { if (server_init && ret == GNUTLS_E_REHANDSHAKE) { if (debug) - success - ("Initiating rehandshake due to server request\n"); + success("Initiating rehandshake due to server request\n"); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); } if (ret != 0) { @@ -182,7 +178,7 @@ static void client(int fd, int server_init, const char *prio) } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -224,8 +220,8 @@ static void server(int fd, int server_init, const char *prio) assert(gnutls_anon_allocate_server_credentials(&anoncred) >= 0); assert(gnutls_certificate_allocate_credentials(&serverx509cred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, + assert(gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM) >= 0); gnutls_init(&session, GNUTLS_SERVER | GNUTLS_DATAGRAM); @@ -245,8 +241,7 @@ static void server(int fd, int server_init, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -259,8 +254,8 @@ static void server(int fd, int server_init, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (gnutls_kx_get(session) != GNUTLS_KX_ANON_ECDH) { fail("did not negotiate an anonymous ciphersuite on initial auth\n"); @@ -282,8 +277,7 @@ static void server(int fd, int server_init, const char *prio) success("server: Initiating rehandshake\n"); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("server: 2nd gnutls_handshake: %s\n", @@ -301,34 +295,31 @@ static void server(int fd, int server_init, const char *prio) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { if (!server_init && ret == GNUTLS_E_REHANDSHAKE) { if (debug) - success - ("Initiating rehandshake due to client request\n"); + success("Initiating rehandshake due to client request\n"); do { ret = gnutls_handshake(session); - } - while (ret < 0 - && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && + gnutls_error_is_fatal(ret) == 0); if (ret == 0) break; } - fail("server: Received corrupted data(%s). Closing...\n", gnutls_strerror(ret)); + fail("server: Received corrupted data(%s). Closing...\n", + gnutls_strerror(ret)); terminate(); } else if (ret > 0) { /* echo data back to the client */ do { - ret = - gnutls_record_send(session, buffer, - strlen(buffer)); - } while (ret == GNUTLS_E_AGAIN - || ret == GNUTLS_E_INTERRUPTED); + ret = gnutls_record_send(session, buffer, + strlen(buffer)); + } while (ret == GNUTLS_E_AGAIN || + ret == GNUTLS_E_INTERRUPTED); } } @@ -392,4 +383,4 @@ void doit(void) "NONE:+VERS-DTLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+CURVE-ALL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/dtls-rehandshake-cert-3.c b/tests/dtls-rehandshake-cert-3.c index b5f3a73ba4..3581d39566 100644 --- a/tests/dtls-rehandshake-cert-3.c +++ b/tests/dtls-rehandshake-cert-3.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -36,23 +36,23 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "cert-common.h" -# include "utils.h" +#include "cert-common.h" +#include "utils.h" -# define MTU 1500 -# define MAX_BUF 4096 -# define MSG "Hello TLS" +#define MTU 1500 +#define MAX_BUF 4096 +#define MSG "Hello TLS" static int server_fd = -1; static char pkt_buf[MAX_BUF]; @@ -139,8 +139,7 @@ static void client(int fd, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -153,8 +152,8 @@ static void client(int fd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* update priorities to allow cert auth */ snprintf(buffer, sizeof(buffer), "%s:+ECDHE-RSA", prio); @@ -171,12 +170,10 @@ static void client(int fd, const char *prio) } else if (ret < 0) { if (ret == GNUTLS_E_REHANDSHAKE) { if (debug) - success - ("Initiating rehandshake due to server request\n"); + success("Initiating rehandshake due to server request\n"); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); } if (ret != 0) { @@ -190,7 +187,7 @@ static void client(int fd, const char *prio) } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -232,8 +229,8 @@ static void server(int fd, const char *prio) assert(gnutls_anon_allocate_server_credentials(&anoncred) >= 0); assert(gnutls_certificate_allocate_credentials(&serverx509cred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, + assert(gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM) >= 0); gnutls_init(&session, GNUTLS_SERVER | GNUTLS_DATAGRAM); @@ -253,8 +250,7 @@ static void server(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -267,8 +263,8 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (gnutls_kx_get(session) != GNUTLS_KX_ANON_ECDH) { fail("did not negotiate an anonymous ciphersuite on initial auth\n"); @@ -289,8 +285,7 @@ static void server(int fd, const char *prio) success("server: Initiating rehandshake\n"); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("server: 2nd gnutls_handshake: %s\n", @@ -307,21 +302,20 @@ static void server(int fd, const char *prio) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { - fail("server: Received corrupted data(%s). Closing...\n", gnutls_strerror(ret)); + fail("server: Received corrupted data(%s). Closing...\n", + gnutls_strerror(ret)); terminate(); } else if (ret > 0) { /* echo data back to the client */ do { - ret = - gnutls_record_send(session, buffer, - strlen(buffer)); - } while (ret == GNUTLS_E_AGAIN - || ret == GNUTLS_E_INTERRUPTED); + ret = gnutls_record_send(session, buffer, + strlen(buffer)); + } while (ret == GNUTLS_E_AGAIN || + ret == GNUTLS_E_INTERRUPTED); } } @@ -380,8 +374,7 @@ static void start(const char *prio) void doit(void) { - start - ("NONE:+VERS-DTLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+CURVE-ALL"); + start("NONE:+VERS-DTLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+CURVE-ALL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/dtls-rehandshake-cert.c b/tests/dtls-rehandshake-cert.c index cc29950a6c..f8f1083aea 100644 --- a/tests/dtls-rehandshake-cert.c +++ b/tests/dtls-rehandshake-cert.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,19 +35,19 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "cert-common.h" -# include "utils.h" +#include "cert-common.h" +#include "utils.h" static void terminate(void); @@ -68,8 +68,8 @@ static void client_log_func(int level, const char *str) * certificates. */ -# define MAX_BUF 1024 -# define MSG "Hello TLS" +#define MAX_BUF 1024 +#define MSG "Hello TLS" static ssize_t push(gnutls_transport_ptr_t tr, const void *data, size_t len) { @@ -112,8 +112,7 @@ static void client(int fd, int server_init, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -126,8 +125,8 @@ static void client(int fd, int server_init, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (!server_init) { sec_sleep(60); @@ -135,8 +134,7 @@ static void client(int fd, int server_init, const char *prio) success("Initiating client rehandshake\n"); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("2nd client gnutls_handshake: %s\n", @@ -156,12 +154,10 @@ static void client(int fd, int server_init, const char *prio) } else if (ret < 0) { if (server_init && ret == GNUTLS_E_REHANDSHAKE) { if (debug) - success - ("Initiating rehandshake due to server request\n"); + success("Initiating rehandshake due to server request\n"); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); } if (ret != 0) { @@ -175,7 +171,7 @@ static void client(int fd, int server_init, const char *prio) } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -214,8 +210,8 @@ static void server(int fd, int server_init, const char *prio) } assert(gnutls_certificate_allocate_credentials(&serverx509cred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, + assert(gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM) >= 0); gnutls_init(&session, GNUTLS_SERVER | GNUTLS_DATAGRAM); @@ -234,8 +230,7 @@ static void server(int fd, int server_init, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -248,8 +243,8 @@ static void server(int fd, int server_init, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* see the Getting peer's information example */ /* print_info(session); */ @@ -267,8 +262,7 @@ static void server(int fd, int server_init, const char *prio) success("server: Initiating rehandshake\n"); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("server: 2nd gnutls_handshake: %s\n", @@ -286,34 +280,31 @@ static void server(int fd, int server_init, const char *prio) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { if (!server_init && ret == GNUTLS_E_REHANDSHAKE) { if (debug) - success - ("Initiating rehandshake due to client request\n"); + success("Initiating rehandshake due to client request\n"); do { ret = gnutls_handshake(session); - } - while (ret < 0 - && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && + gnutls_error_is_fatal(ret) == 0); if (ret == 0) break; } - fail("server: Received corrupted data(%s). Closing...\n", gnutls_strerror(ret)); + fail("server: Received corrupted data(%s). Closing...\n", + gnutls_strerror(ret)); terminate(); } else if (ret > 0) { /* echo data back to the client */ do { - ret = - gnutls_record_send(session, buffer, - strlen(buffer)); - } while (ret == GNUTLS_E_AGAIN - || ret == GNUTLS_E_INTERRUPTED); + ret = gnutls_record_send(session, buffer, + strlen(buffer)); + } while (ret == GNUTLS_E_AGAIN || + ret == GNUTLS_E_INTERRUPTED); } } @@ -372,4 +363,4 @@ void doit(void) "NONE:+VERS-DTLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+CURVE-ALL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/dtls-repro-20170915.c b/tests/dtls-repro-20170915.c index 88351c61d9..adc92f3e71 100644 --- a/tests/dtls-repro-20170915.c +++ b/tests/dtls-repro-20170915.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the various certificate key exchange methods supported @@ -39,12 +39,12 @@ void doit(void) { global_init(); - dtls_try_with_key_mtu("DTLS 1.2 with cli-cert", - "NONE:+VERS-DTLS1.0:+MAC-ALL:+KX-ALL:+CIPHER-ALL:+SIGN-ALL:+COMP-ALL:+CURVE-ALL", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, - GNUTLS_SIGN_RSA_SHA256, &server_repro_cert, - &server_repro_key, &client_repro_cert, - &client_repro_key, USE_CERT, 1452); + dtls_try_with_key_mtu( + "DTLS 1.2 with cli-cert", + "NONE:+VERS-DTLS1.0:+MAC-ALL:+KX-ALL:+CIPHER-ALL:+SIGN-ALL:+COMP-ALL:+CURVE-ALL", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, + GNUTLS_SIGN_RSA_SHA256, &server_repro_cert, &server_repro_key, + &client_repro_cert, &client_repro_key, USE_CERT, 1452); gnutls_global_deinit(); } diff --git a/tests/dtls-session-ticket-lost.c b/tests/dtls-session-ticket-lost.c index e174563204..51d4b85de3 100644 --- a/tests/dtls-session-ticket-lost.c +++ b/tests/dtls-session-ticket-lost.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,20 +35,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" /* This program is a reproducer for issue #543; the timeout * of DTLS handshake when a NewSessionTicket is lost. @@ -64,7 +64,7 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, const char *prio) { @@ -89,8 +89,7 @@ static void client(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed: %s\n", gnutls_strerror(ret)); @@ -112,8 +111,8 @@ static void client(int fd, const char *prio) gnutls_certificate_free_credentials(x509_cred); } -static ssize_t -server_push(gnutls_transport_ptr_t tr, const void *data, size_t len) +static ssize_t server_push(gnutls_transport_ptr_t tr, const void *data, + size_t len) { const uint8_t *d = data; static int dropped = 0; @@ -184,7 +183,7 @@ static void server(int fd, const char *prio) if (ret != 0) fail("error waiting for EOF: %s\n", gnutls_strerror(ret)); - end: +end: close(fd); gnutls_deinit(session); gnutls_free(skey.data); @@ -200,8 +199,7 @@ static void ch_handler(int sig) return; } -static -void start(const char *prio) +static void start(const char *prio) { int fd[2]; int ret, status = 0; @@ -244,4 +242,4 @@ void doit(void) start("NORMAL:-VERS-ALL:+VERS-DTLS1.2"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/dtls-sliding-window.c b/tests/dtls-sliding-window.c index c24e45df8c..32dbea16f0 100644 --- a/tests/dtls-sliding-window.c +++ b/tests/dtls-sliding-window.c @@ -48,14 +48,12 @@ int _dtls_record_check(struct record_parameters_st *rp, uint64_t _seq); #define DTLS_SW_NO_INCLUDES #include "../lib/dtls-sw.c" -#define RESET_WINDOW \ - memset(&state, 0, sizeof(state)) +#define RESET_WINDOW memset(&state, 0, sizeof(state)) -#define SET_WINDOW_NEXT(x) \ - state.dtls_sw_next = (((x)&DTLS_SEQ_NUM_MASK)) +#define SET_WINDOW_NEXT(x) state.dtls_sw_next = (((x)&DTLS_SEQ_NUM_MASK)) #define SET_WINDOW_LAST_RECV(x) \ - t = x; \ + t = x; \ state.dtls_sw_have_recv = 1 static void check_dtls_window_uninit_0(void **glob_state) diff --git a/tests/dtls-with-seccomp.c b/tests/dtls-with-seccomp.c index 8cee86b74f..8be05e7825 100644 --- a/tests/dtls-with-seccomp.c +++ b/tests/dtls-with-seccomp.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,20 +35,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" static void terminate(void); @@ -62,7 +62,7 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static ssize_t push(gnutls_transport_ptr_t tr, const void *data, size_t len) { @@ -104,8 +104,7 @@ static void client(int fd, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -118,8 +117,8 @@ static void client(int fd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { ret = gnutls_record_recv(session, buffer, sizeof(buffer) - 1); @@ -140,7 +139,7 @@ static void client(int fd, const char *prio) gnutls_strerror(ret)); } - end: +end: close(fd); @@ -181,9 +180,8 @@ static void server(int fd, const char *prio) gnutls_certificate_allocate_credentials(&xcred); - ret = gnutls_certificate_set_x509_key_mem(xcred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + xcred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -206,8 +204,7 @@ static void server(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -220,8 +217,8 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* see the Getting peer's information example */ /* print_info(session); */ @@ -256,8 +253,7 @@ static void server(int fd, const char *prio) success("server: finished\n"); } -static -void run(const char *name, const char *prio) +static void run(const char *name, const char *prio) { int fd[2]; int ret; @@ -301,4 +297,4 @@ void doit(void) run("default", "NORMAL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/dtls/dtls-stress.c b/tests/dtls/dtls-stress.c index 088c84723d..2ed41eeaf7 100644 --- a/tests/dtls/dtls-stress.c +++ b/tests/dtls/dtls-stress.c @@ -107,8 +107,9 @@ // {{{ types -# define log(fmt, ...) \ - if (debug) fprintf(stdout, "%i %s| "fmt, run_id, role_name, ##__VA_ARGS__) +#define log(fmt, ...) \ + if (debug) \ + fprintf(stdout, "%i %s| " fmt, run_id, role_name, ##__VA_ARGS__) typedef struct { int count; @@ -126,113 +127,114 @@ typedef void (*filter_fn)(gnutls_transport_ptr_t, const unsigned char *, typedef int (*match_fn)(const unsigned char *, size_t); -enum role { SERVER, CLIENT }; +enum role { + SERVER, + CLIENT +}; // }}} // {{{ static data -static int permutations2[2][2] -= { {0, 1}, {1, 0} }; +static int permutations2[2][2] = { { 0, 1 }, { 1, 0 } }; -static const char *permutation_names2[] -= { "01", "10", 0 }; +static const char *permutation_names2[] = { "01", "10", 0 }; -static int permutations3[6][3] -= { {0, 1, 2}, {0, 2, 1}, {1, 0, 2}, {1, 2, 0}, {2, 0, 1}, {2, 1, 0} }; +static int permutations3[6][3] = { { 0, 1, 2 }, { 0, 2, 1 }, { 1, 0, 2 }, + { 1, 2, 0 }, { 2, 0, 1 }, { 2, 1, 0 } }; -static const char *permutation_names3[] -= { "012", "021", "102", "120", "201", "210", 0 }; +static const char *permutation_names3[] = { "012", "021", "102", "120", + "201", "210", 0 }; static int permutations5[120][5] = { - {0, 1, 2, 3, 4}, {0, 2, 1, 3, 4}, {1, 0, 2, 3, 4}, {1, 2, 0, 3, 4}, - {2, 0, 1, 3, 4}, {2, 1, 0, 3, 4}, {0, 1, 3, 2, 4}, {0, 2, 3, 1, 4}, - {1, 0, 3, 2, 4}, {1, 2, 3, 0, 4}, {2, 0, 3, 1, 4}, {2, 1, 3, 0, 4}, - {0, 3, 1, 2, 4}, {0, 3, 2, 1, 4}, {1, 3, 0, 2, 4}, {1, 3, 2, 0, 4}, - {2, 3, 0, 1, 4}, {2, 3, 1, 0, 4}, {3, 0, 1, 2, 4}, {3, 0, 2, 1, 4}, - {3, 1, 0, 2, 4}, {3, 1, 2, 0, 4}, {3, 2, 0, 1, 4}, {3, 2, 1, 0, 4}, - {0, 1, 2, 4, 3}, {0, 2, 1, 4, 3}, {1, 0, 2, 4, 3}, {1, 2, 0, 4, 3}, - {2, 0, 1, 4, 3}, {2, 1, 0, 4, 3}, {0, 1, 3, 4, 2}, {0, 2, 3, 4, 1}, - {1, 0, 3, 4, 2}, {1, 2, 3, 4, 0}, {2, 0, 3, 4, 1}, {2, 1, 3, 4, 0}, - {0, 3, 1, 4, 2}, {0, 3, 2, 4, 1}, {1, 3, 0, 4, 2}, {1, 3, 2, 4, 0}, - {2, 3, 0, 4, 1}, {2, 3, 1, 4, 0}, {3, 0, 1, 4, 2}, {3, 0, 2, 4, 1}, - {3, 1, 0, 4, 2}, {3, 1, 2, 4, 0}, {3, 2, 0, 4, 1}, {3, 2, 1, 4, 0}, - {0, 1, 4, 2, 3}, {0, 2, 4, 1, 3}, {1, 0, 4, 2, 3}, {1, 2, 4, 0, 3}, - {2, 0, 4, 1, 3}, {2, 1, 4, 0, 3}, {0, 1, 4, 3, 2}, {0, 2, 4, 3, 1}, - {1, 0, 4, 3, 2}, {1, 2, 4, 3, 0}, {2, 0, 4, 3, 1}, {2, 1, 4, 3, 0}, - {0, 3, 4, 1, 2}, {0, 3, 4, 2, 1}, {1, 3, 4, 0, 2}, {1, 3, 4, 2, 0}, - {2, 3, 4, 0, 1}, {2, 3, 4, 1, 0}, {3, 0, 4, 1, 2}, {3, 0, 4, 2, 1}, - {3, 1, 4, 0, 2}, {3, 1, 4, 2, 0}, {3, 2, 4, 0, 1}, {3, 2, 4, 1, 0}, - {0, 4, 1, 2, 3}, {0, 4, 2, 1, 3}, {1, 4, 0, 2, 3}, {1, 4, 2, 0, 3}, - {2, 4, 0, 1, 3}, {2, 4, 1, 0, 3}, {0, 4, 1, 3, 2}, {0, 4, 2, 3, 1}, - {1, 4, 0, 3, 2}, {1, 4, 2, 3, 0}, {2, 4, 0, 3, 1}, {2, 4, 1, 3, 0}, - {0, 4, 3, 1, 2}, {0, 4, 3, 2, 1}, {1, 4, 3, 0, 2}, {1, 4, 3, 2, 0}, - {2, 4, 3, 0, 1}, {2, 4, 3, 1, 0}, {3, 4, 0, 1, 2}, {3, 4, 0, 2, 1}, - {3, 4, 1, 0, 2}, {3, 4, 1, 2, 0}, {3, 4, 2, 0, 1}, {3, 4, 2, 1, 0}, - {4, 0, 1, 2, 3}, {4, 0, 2, 1, 3}, {4, 1, 0, 2, 3}, {4, 1, 2, 0, 3}, - {4, 2, 0, 1, 3}, {4, 2, 1, 0, 3}, {4, 0, 1, 3, 2}, {4, 0, 2, 3, 1}, - {4, 1, 0, 3, 2}, {4, 1, 2, 3, 0}, {4, 2, 0, 3, 1}, {4, 2, 1, 3, 0}, - {4, 0, 3, 1, 2}, {4, 0, 3, 2, 1}, {4, 1, 3, 0, 2}, {4, 1, 3, 2, 0}, - {4, 2, 3, 0, 1}, {4, 2, 3, 1, 0}, {4, 3, 0, 1, 2}, {4, 3, 0, 2, 1}, - {4, 3, 1, 0, 2}, {4, 3, 1, 2, 0}, {4, 3, 2, 0, 1}, {4, 3, 2, 1, 0} -}; - -static const char *permutation_names5[] - = { "01234", "02134", "10234", "12034", "20134", "21034", "01324", - "02314", "10324", "12304", "20314", "21304", "03124", "03214", - "13024", "13204", "23014", "23104", "30124", "30214", "31024", - "31204", "32014", "32104", "01243", "02143", "10243", "12043", - "20143", "21043", "01342", "02341", "10342", "12340", "20341", - "21340", "03142", "03241", "13042", "13240", "23041", "23140", - "30142", "30241", "31042", "31240", "32041", "32140", "01423", - "02413", "10423", "12403", "20413", "21403", "01432", "02431", - "10432", "12430", "20431", "21430", "03412", "03421", "13402", - "13420", "23401", "23410", "30412", "30421", "31402", "31420", - "32401", "32410", "04123", "04213", "14023", "14203", "24013", - "24103", "04132", "04231", "14032", "14230", "24031", "24130", - "04312", "04321", "14302", "14320", "24301", "24310", "34012", - "34021", "34102", "34120", "34201", "34210", "40123", "40213", - "41023", "41203", "42013", "42103", "40132", "40231", "41032", - "41230", "42031", "42130", "40312", "40321", "41302", "41320", - "42301", "42310", "43012", "43021", "43102", "43120", "43201", - "43210", 0 -}; - -static const char *filter_names[8] - = { "SHello", - "SKeyExchange", - "SHelloDone", - "CKeyExchange", - "CChangeCipherSpec", - "CFinished", - "SChangeCipherSpec", - "SFinished" -}; - -static const char *filter_names_resume[] - = { "SHello", - "SChangeCipherSpec", - "SFinished", - "CChangeCipherSpec", - "CFinished" + { 0, 1, 2, 3, 4 }, { 0, 2, 1, 3, 4 }, { 1, 0, 2, 3, 4 }, + { 1, 2, 0, 3, 4 }, { 2, 0, 1, 3, 4 }, { 2, 1, 0, 3, 4 }, + { 0, 1, 3, 2, 4 }, { 0, 2, 3, 1, 4 }, { 1, 0, 3, 2, 4 }, + { 1, 2, 3, 0, 4 }, { 2, 0, 3, 1, 4 }, { 2, 1, 3, 0, 4 }, + { 0, 3, 1, 2, 4 }, { 0, 3, 2, 1, 4 }, { 1, 3, 0, 2, 4 }, + { 1, 3, 2, 0, 4 }, { 2, 3, 0, 1, 4 }, { 2, 3, 1, 0, 4 }, + { 3, 0, 1, 2, 4 }, { 3, 0, 2, 1, 4 }, { 3, 1, 0, 2, 4 }, + { 3, 1, 2, 0, 4 }, { 3, 2, 0, 1, 4 }, { 3, 2, 1, 0, 4 }, + { 0, 1, 2, 4, 3 }, { 0, 2, 1, 4, 3 }, { 1, 0, 2, 4, 3 }, + { 1, 2, 0, 4, 3 }, { 2, 0, 1, 4, 3 }, { 2, 1, 0, 4, 3 }, + { 0, 1, 3, 4, 2 }, { 0, 2, 3, 4, 1 }, { 1, 0, 3, 4, 2 }, + { 1, 2, 3, 4, 0 }, { 2, 0, 3, 4, 1 }, { 2, 1, 3, 4, 0 }, + { 0, 3, 1, 4, 2 }, { 0, 3, 2, 4, 1 }, { 1, 3, 0, 4, 2 }, + { 1, 3, 2, 4, 0 }, { 2, 3, 0, 4, 1 }, { 2, 3, 1, 4, 0 }, + { 3, 0, 1, 4, 2 }, { 3, 0, 2, 4, 1 }, { 3, 1, 0, 4, 2 }, + { 3, 1, 2, 4, 0 }, { 3, 2, 0, 4, 1 }, { 3, 2, 1, 4, 0 }, + { 0, 1, 4, 2, 3 }, { 0, 2, 4, 1, 3 }, { 1, 0, 4, 2, 3 }, + { 1, 2, 4, 0, 3 }, { 2, 0, 4, 1, 3 }, { 2, 1, 4, 0, 3 }, + { 0, 1, 4, 3, 2 }, { 0, 2, 4, 3, 1 }, { 1, 0, 4, 3, 2 }, + { 1, 2, 4, 3, 0 }, { 2, 0, 4, 3, 1 }, { 2, 1, 4, 3, 0 }, + { 0, 3, 4, 1, 2 }, { 0, 3, 4, 2, 1 }, { 1, 3, 4, 0, 2 }, + { 1, 3, 4, 2, 0 }, { 2, 3, 4, 0, 1 }, { 2, 3, 4, 1, 0 }, + { 3, 0, 4, 1, 2 }, { 3, 0, 4, 2, 1 }, { 3, 1, 4, 0, 2 }, + { 3, 1, 4, 2, 0 }, { 3, 2, 4, 0, 1 }, { 3, 2, 4, 1, 0 }, + { 0, 4, 1, 2, 3 }, { 0, 4, 2, 1, 3 }, { 1, 4, 0, 2, 3 }, + { 1, 4, 2, 0, 3 }, { 2, 4, 0, 1, 3 }, { 2, 4, 1, 0, 3 }, + { 0, 4, 1, 3, 2 }, { 0, 4, 2, 3, 1 }, { 1, 4, 0, 3, 2 }, + { 1, 4, 2, 3, 0 }, { 2, 4, 0, 3, 1 }, { 2, 4, 1, 3, 0 }, + { 0, 4, 3, 1, 2 }, { 0, 4, 3, 2, 1 }, { 1, 4, 3, 0, 2 }, + { 1, 4, 3, 2, 0 }, { 2, 4, 3, 0, 1 }, { 2, 4, 3, 1, 0 }, + { 3, 4, 0, 1, 2 }, { 3, 4, 0, 2, 1 }, { 3, 4, 1, 0, 2 }, + { 3, 4, 1, 2, 0 }, { 3, 4, 2, 0, 1 }, { 3, 4, 2, 1, 0 }, + { 4, 0, 1, 2, 3 }, { 4, 0, 2, 1, 3 }, { 4, 1, 0, 2, 3 }, + { 4, 1, 2, 0, 3 }, { 4, 2, 0, 1, 3 }, { 4, 2, 1, 0, 3 }, + { 4, 0, 1, 3, 2 }, { 4, 0, 2, 3, 1 }, { 4, 1, 0, 3, 2 }, + { 4, 1, 2, 3, 0 }, { 4, 2, 0, 3, 1 }, { 4, 2, 1, 3, 0 }, + { 4, 0, 3, 1, 2 }, { 4, 0, 3, 2, 1 }, { 4, 1, 3, 0, 2 }, + { 4, 1, 3, 2, 0 }, { 4, 2, 3, 0, 1 }, { 4, 2, 3, 1, 0 }, + { 4, 3, 0, 1, 2 }, { 4, 3, 0, 2, 1 }, { 4, 3, 1, 0, 2 }, + { 4, 3, 1, 2, 0 }, { 4, 3, 2, 0, 1 }, { 4, 3, 2, 1, 0 } }; -static const char *filter_names_full[12] - = { "SHello", - "SCertificate", - "SKeyExchange", - "SCertificateRequest", - "SHelloDone", - "CCertificate", - "CKeyExchange", - "CCertificateVerify", - "CChangeCipherSpec", - "CFinished", - "SChangeCipherSpec", - "SFinished" +static const char *permutation_names5[] = { + "01234", "02134", "10234", "12034", "20134", "21034", "01324", "02314", + "10324", "12304", "20314", "21304", "03124", "03214", "13024", "13204", + "23014", "23104", "30124", "30214", "31024", "31204", "32014", "32104", + "01243", "02143", "10243", "12043", "20143", "21043", "01342", "02341", + "10342", "12340", "20341", "21340", "03142", "03241", "13042", "13240", + "23041", "23140", "30142", "30241", "31042", "31240", "32041", "32140", + "01423", "02413", "10423", "12403", "20413", "21403", "01432", "02431", + "10432", "12430", "20431", "21430", "03412", "03421", "13402", "13420", + "23401", "23410", "30412", "30421", "31402", "31420", "32401", "32410", + "04123", "04213", "14023", "14203", "24013", "24103", "04132", "04231", + "14032", "14230", "24031", "24130", "04312", "04321", "14302", "14320", + "24301", "24310", "34012", "34021", "34102", "34120", "34201", "34210", + "40123", "40213", "41023", "41203", "42013", "42103", "40132", "40231", + "41032", "41230", "42031", "42130", "40312", "40321", "41302", "41320", + "42301", "42310", "43012", "43021", "43102", "43120", "43201", "43210", + 0 }; -# include "cert-common.h" +static const char *filter_names[8] = { "SHello", + "SKeyExchange", + "SHelloDone", + "CKeyExchange", + "CChangeCipherSpec", + "CFinished", + "SChangeCipherSpec", + "SFinished" }; + +static const char *filter_names_resume[] = { "SHello", "SChangeCipherSpec", + "SFinished", "CChangeCipherSpec", + "CFinished" }; + +static const char *filter_names_full[12] = { "SHello", + "SCertificate", + "SKeyExchange", + "SCertificateRequest", + "SHelloDone", + "CCertificate", + "CKeyExchange", + "CCertificateVerify", + "CChangeCipherSpec", + "CFinished", + "SChangeCipherSpec", + "SFinished" }; + +#include "cert-common.h" // }}} @@ -240,7 +242,7 @@ static const char *filter_names_full[12] enum role role; -# define role_name (role == SERVER ? "server" : "client") +#define role_name (role == SERVER ? "server" : "client") int debug; int nonblock; @@ -281,8 +283,8 @@ static void drop(const char *packet) static int _process_error(int loc, int code, int die) { if (code < 0 && (die || code != GNUTLS_E_AGAIN)) { - fprintf(stdout, "%i <%s tls> line %i: %s", run_id, - role_name, loc, gnutls_strerror(code)); + fprintf(stdout, "%i <%s tls> line %i: %s", run_id, role_name, + loc, gnutls_strerror(code)); if (gnutls_error_is_fatal(code) || die) { fprintf(stdout, " (fatal)\n"); exit(1); @@ -293,8 +295,8 @@ static int _process_error(int loc, int code, int die) return code; } -# define die_on_error(code) _process_error(__LINE__, code, 1) -# define process_error(code) _process_error(__LINE__, code, 0) +#define die_on_error(code) _process_error(__LINE__, code, 1) +#define process_error(code) _process_error(__LINE__, code, 0) static void _process_error_or_timeout(int loc, int err, time_t tdiff) { @@ -308,7 +310,8 @@ static void _process_error_or_timeout(int loc, int err, time_t tdiff) } } -# define process_error_or_timeout(code, tdiff) _process_error_or_timeout(__LINE__, code, tdiff) +#define process_error_or_timeout(code, tdiff) \ + _process_error_or_timeout(__LINE__, code, tdiff) static void rperror(const char *name) { @@ -334,29 +337,58 @@ filter_packet_state_t state_packet_ServerChangeCipherSpec = { 0 }; filter_packet_state_t state_packet_ServerFinished = { 0 }; filter_packet_state_t state_packet_ServerFinishedResume = { 0 }; -static filter_permute_state_t state_permute_ServerHello = - { 0, {{0, 0}, {0, 0}, {0, 0}, {0, 0}, {0, 0}}, 0, 0 }; -static filter_permute_state_t state_permute_ServerHelloFull = - { 0, {{0, 0}, {0, 0}, {0, 0}, {0, 0}, {0, 0}}, 0, 0 }; -static filter_permute_state_t state_permute_ServerFinished = - { 0, {{0, 0}, {0, 0}, {0, 0}, {0, 0}, {0, 0}}, 0, 0 }; -static filter_permute_state_t state_permute_ServerFinishedResume = - { 0, {{0, 0}, {0, 0}, {0, 0}, {0, 0}, {0, 0}}, 0, 0 }; -static filter_permute_state_t state_permute_ClientFinished = - { 0, {{0, 0}, {0, 0}, {0, 0}, {0, 0}, {0, 0}}, 0, 0 }; -static filter_permute_state_t state_permute_ClientFinishedResume = - { 0, {{0, 0}, {0, 0}, {0, 0}, {0, 0}, {0, 0}}, 0, 0 }; -static filter_permute_state_t state_permute_ClientFinishedFull = - { 0, {{0, 0}, {0, 0}, {0, 0}, {0, 0}, {0, 0}}, 0, 0 }; +static filter_permute_state_t state_permute_ServerHello = { + 0, + { { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 } }, + 0, + 0 +}; +static filter_permute_state_t state_permute_ServerHelloFull = { + 0, + { { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 } }, + 0, + 0 +}; +static filter_permute_state_t state_permute_ServerFinished = { + 0, + { { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 } }, + 0, + 0 +}; +static filter_permute_state_t state_permute_ServerFinishedResume = { + 0, + { { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 } }, + 0, + 0 +}; +static filter_permute_state_t state_permute_ClientFinished = { + 0, + { { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 } }, + 0, + 0 +}; +static filter_permute_state_t state_permute_ClientFinishedResume = { + 0, + { { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 } }, + 0, + 0 +}; +static filter_permute_state_t state_permute_ClientFinishedFull = { + 0, + { { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 } }, + 0, + 0 +}; filter_fn filter_chain[32]; int filter_current_idx; -static void filter_permute_state_free_buffer(filter_permute_state_t * state) +static void filter_permute_state_free_buffer(filter_permute_state_t *state) { unsigned int i; - for (i = 0; i < sizeof(state->packets) / sizeof(state->packets[0]); i++) { + for (i = 0; i < sizeof(state->packets) / sizeof(state->packets[0]); + i++) { free(state->packets[i].data); state->packets[i].data = NULL; } @@ -436,7 +468,7 @@ static void filter_run_next(gnutls_transport_ptr_t fd, if (fn) { fn(fd, buffer, len); } else { - ret = send((int)(intptr_t) fd, buffer, len, 0); + ret = send((int)(intptr_t)fd, buffer, len, 0); } filter_current_idx--; @@ -445,7 +477,7 @@ static void filter_run_next(gnutls_transport_ptr_t fd, memcpy(rbuffer, buffer, len); rbuffer_size = len; } else if (rbuffer_size != 0) { - send((int)(intptr_t) fd, rbuffer, rbuffer_size, 0); + send((int)(intptr_t)fd, rbuffer, rbuffer_size, 0); if (len < sizeof(rbuffer) && len > rbuffer_size) { memcpy(rbuffer, buffer, len); rbuffer_size = len; @@ -460,52 +492,52 @@ static void filter_run_next(gnutls_transport_ptr_t fd, static int match_ServerHello(const unsigned char *buffer, size_t len) { - return role == SERVER && len >= 13 + 1 && buffer[0] == 22 - && buffer[13] == 2; + return role == SERVER && len >= 13 + 1 && buffer[0] == 22 && + buffer[13] == 2; } static int match_ServerCertificate(const unsigned char *buffer, size_t len) { - return role == SERVER && len >= 13 + 1 && buffer[0] == 22 - && buffer[13] == 11; + return role == SERVER && len >= 13 + 1 && buffer[0] == 22 && + buffer[13] == 11; } static int match_ServerKeyExchange(const unsigned char *buffer, size_t len) { - return role == SERVER && len >= 13 + 1 && buffer[0] == 22 - && buffer[13] == 12; + return role == SERVER && len >= 13 + 1 && buffer[0] == 22 && + buffer[13] == 12; } static int match_ServerCertificateRequest(const unsigned char *buffer, size_t len) { - return role == SERVER && len >= 13 + 1 && buffer[0] == 22 - && buffer[13] == 13; + return role == SERVER && len >= 13 + 1 && buffer[0] == 22 && + buffer[13] == 13; } static int match_ServerHelloDone(const unsigned char *buffer, size_t len) { - return role == SERVER && len >= 13 + 1 && buffer[0] == 22 - && buffer[13] == 14; + return role == SERVER && len >= 13 + 1 && buffer[0] == 22 && + buffer[13] == 14; } static int match_ClientCertificate(const unsigned char *buffer, size_t len) { - return role == CLIENT && len >= 13 + 1 && buffer[0] == 22 - && buffer[13] == 11; + return role == CLIENT && len >= 13 + 1 && buffer[0] == 22 && + buffer[13] == 11; } static int match_ClientKeyExchange(const unsigned char *buffer, size_t len) { - return role == CLIENT && len >= 13 + 1 && buffer[0] == 22 - && buffer[13] == 16; + return role == CLIENT && len >= 13 + 1 && buffer[0] == 22 && + buffer[13] == 16; } static int match_ClientCertificateVerify(const unsigned char *buffer, size_t len) { - return role == CLIENT && len >= 13 + 1 && buffer[0] == 22 - && buffer[13] == 15; + return role == CLIENT && len >= 13 + 1 && buffer[0] == 22 && + buffer[13] == 15; } static int match_ClientChangeCipherSpec(const unsigned char *buffer, size_t len) @@ -532,35 +564,36 @@ static int match_ServerFinished(const unsigned char *buffer, size_t len) // {{{ packet drop filters -# define FILTER_DROP_COUNT 3 -# define DECLARE_FILTER(packet) \ - static void filter_packet_##packet(gnutls_transport_ptr_t fd, \ - const unsigned char* buffer, size_t len) \ - { \ - if (match_##packet(buffer, len) && (state_packet_##packet).count++ < FILTER_DROP_COUNT) { \ - drop(#packet); \ - } else { \ - filter_run_next(fd, buffer, len); \ - } \ +#define FILTER_DROP_COUNT 3 +#define DECLARE_FILTER(packet) \ + static void filter_packet_##packet(gnutls_transport_ptr_t fd, \ + const unsigned char *buffer, \ + size_t len) \ + { \ + if (match_##packet(buffer, len) && \ + (state_packet_##packet).count++ < FILTER_DROP_COUNT) { \ + drop(#packet); \ + } else { \ + filter_run_next(fd, buffer, len); \ + } \ } DECLARE_FILTER(ServerHello) - DECLARE_FILTER(ServerCertificate) - DECLARE_FILTER(ServerKeyExchange) - DECLARE_FILTER(ServerCertificateRequest) - DECLARE_FILTER(ServerHelloDone) - DECLARE_FILTER(ClientCertificate) - DECLARE_FILTER(ClientKeyExchange) - DECLARE_FILTER(ClientCertificateVerify) - DECLARE_FILTER(ClientChangeCipherSpec) - DECLARE_FILTER(ClientFinished) - DECLARE_FILTER(ServerChangeCipherSpec) - DECLARE_FILTER(ServerFinished) +DECLARE_FILTER(ServerCertificate) +DECLARE_FILTER(ServerKeyExchange) +DECLARE_FILTER(ServerCertificateRequest) +DECLARE_FILTER(ServerHelloDone) +DECLARE_FILTER(ClientCertificate) +DECLARE_FILTER(ClientKeyExchange) +DECLARE_FILTER(ClientCertificateVerify) +DECLARE_FILTER(ClientChangeCipherSpec) +DECLARE_FILTER(ClientFinished) +DECLARE_FILTER(ServerChangeCipherSpec) +DECLARE_FILTER(ServerFinished) // }}} // {{{ flight permutation filters -static void filter_permute_state_run(filter_permute_state_t * state, - int packetCount, - gnutls_transport_ptr_t fd, +static void filter_permute_state_run(filter_permute_state_t *state, + int packetCount, gnutls_transport_ptr_t fd, const unsigned char *buffer, size_t len) { unsigned char *data; @@ -587,57 +620,62 @@ static void filter_permute_state_run(filter_permute_state_t * state, } } -# define DECLARE_PERMUTE(flight) \ - static void filter_permute_##flight(gnutls_transport_ptr_t fd, \ - const unsigned char* buffer, size_t len) \ - { \ - int count = sizeof(permute_match_##flight) / sizeof(permute_match_##flight[0]); \ - int i; \ - for (i = 0; i < count; i++) { \ - if (permute_match_##flight[i](buffer, len)) { \ - filter_permute_state_run(&state_permute_##flight, count, fd, buffer, len); \ - return; \ - } \ - } \ - filter_run_next(fd, buffer, len); \ +#define DECLARE_PERMUTE(flight) \ + static void filter_permute_##flight(gnutls_transport_ptr_t fd, \ + const unsigned char *buffer, \ + size_t len) \ + { \ + int count = sizeof(permute_match_##flight) / \ + sizeof(permute_match_##flight[0]); \ + int i; \ + for (i = 0; i < count; i++) { \ + if (permute_match_##flight[i](buffer, len)) { \ + filter_permute_state_run( \ + &state_permute_##flight, count, fd, \ + buffer, len); \ + return; \ + } \ + } \ + filter_run_next(fd, buffer, len); \ } -static match_fn permute_match_ServerHello[] = - { match_ServerHello, match_ServerKeyExchange, match_ServerHelloDone }; +static match_fn permute_match_ServerHello[] = { match_ServerHello, + match_ServerKeyExchange, + match_ServerHelloDone }; -static match_fn permute_match_ServerHelloFull[] = - { match_ServerHello, match_ServerCertificate, match_ServerKeyExchange, +static match_fn permute_match_ServerHelloFull[] = { + match_ServerHello, match_ServerCertificate, match_ServerKeyExchange, match_ServerCertificateRequest, match_ServerHelloDone }; -static match_fn permute_match_ServerFinished[] = - { match_ServerChangeCipherSpec, match_ServerFinished }; - -static match_fn permute_match_ServerFinishedResume[] = - { match_ServerHello, match_ServerChangeCipherSpec, match_ServerFinished }; +static match_fn permute_match_ServerFinished[] = { match_ServerChangeCipherSpec, + match_ServerFinished }; -static match_fn permute_match_ClientFinished[] = - { match_ClientKeyExchange, match_ClientChangeCipherSpec, - match_ClientFinished +static match_fn permute_match_ServerFinishedResume[] = { + match_ServerHello, match_ServerChangeCipherSpec, match_ServerFinished }; -static match_fn permute_match_ClientFinishedResume[] = - { match_ClientChangeCipherSpec, match_ClientFinished +static match_fn permute_match_ClientFinished[] = { match_ClientKeyExchange, + match_ClientChangeCipherSpec, + match_ClientFinished }; + +static match_fn permute_match_ClientFinishedResume[] = { + match_ClientChangeCipherSpec, match_ClientFinished }; -static match_fn permute_match_ClientFinishedFull[] = - { match_ClientCertificate, match_ClientKeyExchange, +static match_fn permute_match_ClientFinishedFull[] = { + match_ClientCertificate, match_ClientKeyExchange, match_ClientCertificateVerify, match_ClientChangeCipherSpec, match_ClientFinished }; DECLARE_PERMUTE(ServerHello) - DECLARE_PERMUTE(ServerHelloFull) - DECLARE_PERMUTE(ServerFinishedResume) - DECLARE_PERMUTE(ServerFinished) - DECLARE_PERMUTE(ClientFinished) - DECLARE_PERMUTE(ClientFinishedResume) - DECLARE_PERMUTE(ClientFinishedFull) +DECLARE_PERMUTE(ServerHelloFull) +DECLARE_PERMUTE(ServerFinishedResume) +DECLARE_PERMUTE(ServerFinished) +DECLARE_PERMUTE(ClientFinished) +DECLARE_PERMUTE(ClientFinishedResume) +DECLARE_PERMUTE(ClientFinishedFull) // }}} // {{{ emergency deadlock resolution time bomb timer_t killtimer_tid = 0; @@ -645,7 +683,7 @@ timer_t killtimer_tid = 0; static void killtimer_set(void) { struct sigevent sig; - struct itimerspec tout = { {0, 0}, {2 * timeout_seconds, 0} }; + struct itimerspec tout = { { 0, 0 }, { 2 * timeout_seconds, 0 } }; if (killtimer_tid != 0) { timer_delete(killtimer_tid); @@ -680,8 +718,8 @@ static void await(int fd, int timeout) { if (nonblock) { struct pollfd p = { fd, POLLIN, 0 }; - if (poll(&p, 1, timeout) < 0 && errno != EAGAIN - && errno != EINTR) { + if (poll(&p, 1, timeout) < 0 && errno != EAGAIN && + errno != EINTR) { rperror("poll"); exit(3); } @@ -698,17 +736,17 @@ static void cred_init(void) static void session_init(int sock, int server) { - gnutls_init(&session, - GNUTLS_DATAGRAM | (server ? GNUTLS_SERVER : GNUTLS_CLIENT) - | GNUTLS_NONBLOCK * nonblock); + gnutls_init(&session, GNUTLS_DATAGRAM | + (server ? GNUTLS_SERVER : GNUTLS_CLIENT) | + GNUTLS_NONBLOCK * nonblock); gnutls_priority_set_direct(session, "NORMAL:+ECDHE-RSA:+ANON-ECDH", 0); gnutls_transport_set_int(session, sock); if (full) { gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, cred); if (server) { - gnutls_certificate_server_set_request(session, - GNUTLS_CERT_REQUIRE); + gnutls_certificate_server_set_request( + session, GNUTLS_CERT_REQUIRE); } } else if (server) { gnutls_anon_server_credentials_t acred; @@ -787,9 +825,8 @@ static void client(int sock) do { await(sock, -1); - len = - process_error(gnutls_record_recv - (session, buffer, sizeof(buffer))); + len = process_error(gnutls_record_recv(session, buffer, + sizeof(buffer))); } while (len < 0); log("received data\n"); @@ -807,9 +844,8 @@ static void client(int sock) do { await(sock, -1); - len = - process_error(gnutls_record_recv - (session, buffer, sizeof(buffer))); + len = process_error(gnutls_record_recv(session, buffer, + sizeof(buffer))); } while (len < 0); log("received data\n"); @@ -820,7 +856,6 @@ static void client(int sock) exit(1); } } - } static gnutls_datum_t saved_data = { NULL, 0 }; @@ -923,9 +958,8 @@ static void server(int sock) do { await(sock, -1); - len = - process_error(gnutls_record_recv - (session, buffer, sizeof(buffer))); + len = process_error(gnutls_record_recv(session, buffer, + sizeof(buffer))); } while (len < 0); log("received data\n"); @@ -940,9 +974,8 @@ static void server(int sock) do { await(sock, -1); - len = - process_error(gnutls_record_recv - (session, buffer, sizeof(buffer))); + len = process_error(gnutls_record_recv(session, buffer, + sizeof(buffer))); } while (len < 0); log("received data\n"); @@ -959,7 +992,7 @@ static void server(int sock) // {{{ test running/handling itself -# if 0 +#if 0 static void udp_sockpair(int *socks) { struct sockaddr_in6 sa = @@ -976,7 +1009,7 @@ static void udp_sockpair(int *socks) connect(socks[1], (struct sockaddr *)&sa, sizeof(sa)); connect(socks[0], (struct sockaddr *)&sb, sizeof(sb)); } -# endif +#endif static int run_test(void) { @@ -996,21 +1029,23 @@ static int run_test(void) if (!(pid1 = fork())) { role = SERVER; - server(fds[1]); // noreturn + server(fds[1]); // noreturn } else if (pid1 < 0) { rperror("fork server"); exit(2); } if (!(pid2 = fork())) { role = CLIENT; - client(fds[0]); // noreturn + client(fds[0]); // noreturn } else if (pid2 < 0) { rperror("fork client"); exit(2); } - while (waitpid(pid2, &status2, 0) < 0 && errno == EINTR) ; + while (waitpid(pid2, &status2, 0) < 0 && errno == EINTR) + ; kill(pid1, 15); - while (waitpid(pid1, 0, 0) < 0 && errno == EINTR) ; + while (waitpid(pid1, 0, 0) < 0 && errno == EINTR) + ; close(fds[0]); close(fds[1]); @@ -1022,39 +1057,33 @@ static int run_test(void) } } -static filter_fn filters[] - = { filter_packet_ServerHello, - filter_packet_ServerKeyExchange, - filter_packet_ServerHelloDone, - filter_packet_ClientKeyExchange, - filter_packet_ClientChangeCipherSpec, - filter_packet_ClientFinished, - filter_packet_ServerChangeCipherSpec, - filter_packet_ServerFinished -}; - -static filter_fn filters_resume[] - = { filter_packet_ServerHello, - filter_packet_ServerChangeCipherSpec, - filter_packet_ServerFinished, - filter_packet_ClientChangeCipherSpec, - filter_packet_ClientFinished -}; - -static filter_fn filters_full[] - = { filter_packet_ServerHello, - filter_packet_ServerCertificate, - filter_packet_ServerKeyExchange, - filter_packet_ServerCertificateRequest, - filter_packet_ServerHelloDone, - filter_packet_ClientCertificate, - filter_packet_ClientKeyExchange, - filter_packet_ClientCertificateVerify, - filter_packet_ClientChangeCipherSpec, - filter_packet_ClientFinished, - filter_packet_ServerChangeCipherSpec, - filter_packet_ServerFinished -}; +static filter_fn filters[] = { filter_packet_ServerHello, + filter_packet_ServerKeyExchange, + filter_packet_ServerHelloDone, + filter_packet_ClientKeyExchange, + filter_packet_ClientChangeCipherSpec, + filter_packet_ClientFinished, + filter_packet_ServerChangeCipherSpec, + filter_packet_ServerFinished }; + +static filter_fn filters_resume[] = { filter_packet_ServerHello, + filter_packet_ServerChangeCipherSpec, + filter_packet_ServerFinished, + filter_packet_ClientChangeCipherSpec, + filter_packet_ClientFinished }; + +static filter_fn filters_full[] = { filter_packet_ServerHello, + filter_packet_ServerCertificate, + filter_packet_ServerKeyExchange, + filter_packet_ServerCertificateRequest, + filter_packet_ServerHelloDone, + filter_packet_ClientCertificate, + filter_packet_ClientKeyExchange, + filter_packet_ClientCertificateVerify, + filter_packet_ClientChangeCipherSpec, + filter_packet_ClientFinished, + filter_packet_ServerChangeCipherSpec, + filter_packet_ServerFinished }; static int run_one_test(int dropMode, int serverFinishedPermute, int serverHelloPermute, int clientFinishedPermute) @@ -1079,7 +1108,7 @@ static int run_one_test(int dropMode, int serverFinishedPermute, local_filters = filters_resume; local_filter_names = filter_names_resume; filter_count = - sizeof(filters_resume) / sizeof(filters_resume[0]); + sizeof(filters_resume) / sizeof(filters_resume[0]); client_finished_permutation_names = permutation_names2; server_finished_permutation_names = permutation_names3; server_hello_permutation_names = NULL; @@ -1092,51 +1121,52 @@ static int run_one_test(int dropMode, int serverFinishedPermute, server_hello_permutation_names = permutation_names3; } - run_id = - ((dropMode * 2 + serverFinishedPermute) * (full ? 120 : 6) + - serverHelloPermute) * (full ? 120 : 6) + clientFinishedPermute; + run_id = ((dropMode * 2 + serverFinishedPermute) * (full ? 120 : 6) + + serverHelloPermute) * + (full ? 120 : 6) + + clientFinishedPermute; filter_clear_state(); if (full) { filter_chain[fnIdx++] = filter_permute_ServerHelloFull; state_permute_ServerHelloFull.order = - permutations5[serverHelloPermute]; + permutations5[serverHelloPermute]; filter_chain[fnIdx++] = filter_permute_ClientFinishedFull; state_permute_ClientFinishedFull.order = - permutations5[clientFinishedPermute]; + permutations5[clientFinishedPermute]; filter_chain[fnIdx++] = filter_permute_ServerFinished; state_permute_ServerFinished.order = - permutations2[serverFinishedPermute]; + permutations2[serverFinishedPermute]; } else if (resume) { filter_chain[fnIdx++] = filter_permute_ServerFinishedResume; state_permute_ServerFinishedResume.order = - permutations3[serverFinishedPermute]; + permutations3[serverFinishedPermute]; filter_chain[fnIdx++] = filter_permute_ClientFinishedResume; state_permute_ClientFinishedResume.order = - permutations2[clientFinishedPermute]; + permutations2[clientFinishedPermute]; } else { filter_chain[fnIdx++] = filter_permute_ServerHello; state_permute_ServerHello.order = - permutations3[serverHelloPermute]; + permutations3[serverHelloPermute]; filter_chain[fnIdx++] = filter_permute_ClientFinished; state_permute_ClientFinished.order = - permutations3[clientFinishedPermute]; + permutations3[clientFinishedPermute]; filter_chain[fnIdx++] = filter_permute_ServerFinished; state_permute_ServerFinished.order = - permutations2[serverFinishedPermute]; + permutations2[serverFinishedPermute]; } if (dropMode) { for (filterIdx = 0; filterIdx < filter_count; filterIdx++) { if (dropMode & (1 << filterIdx)) { filter_chain[fnIdx++] = - local_filters[filterIdx]; + local_filters[filterIdx]; } } } @@ -1186,7 +1216,7 @@ static int run_test_by_id(int id) { int pscale = full ? 120 : 6; int dropMode, serverFinishedPermute, serverHelloPermute, - clientFinishedPermute; + clientFinishedPermute; clientFinishedPermute = id % pscale; id /= pscale; @@ -1199,8 +1229,8 @@ static int run_test_by_id(int id) dropMode = id; - return run_one_test(dropMode, serverFinishedPermute, - serverHelloPermute, clientFinishedPermute); + return run_one_test(dropMode, serverFinishedPermute, serverHelloPermute, + clientFinishedPermute); } int *job_pids; @@ -1265,9 +1295,8 @@ static int run_tests_from_id_list(int childcount) while ((ret = fscanf(stdin, "%i\n", &test_id)) > 0) { int pid; - if (test_id < 0 - || test_id > - 2 * (full ? 120 * 120 * (1 << 12) : 6 * 6 * 256)) { + if (test_id < 0 || test_id > 2 * (full ? 120 * 120 * (1 << 12) : + 6 * 6 * 256)) { fprintf(stderr, "Invalid test id %i\n", test_id); break; } @@ -1295,7 +1324,7 @@ static int run_tests_from_id_list(int childcount) static int run_all_tests(int childcount) { int dropMode, serverFinishedPermute, serverHelloPermute, - clientFinishedPermute; + clientFinishedPermute; int result = 0; for (dropMode = 0; dropMode != 1 << (full ? 12 : 8); dropMode++) @@ -1305,24 +1334,23 @@ static int run_all_tests(int childcount) serverHelloPermute < (full ? 120 : 6); serverHelloPermute++) for (clientFinishedPermute = 0; - clientFinishedPermute < - (full ? 120 : 6); + clientFinishedPermute < (full ? 120 : 6); clientFinishedPermute++) { int pid; if (!(pid = fork())) { - exit(run_one_test - (dropMode, - serverFinishedPermute, - serverHelloPermute, - clientFinishedPermute)); + exit(run_one_test( + dropMode, + serverFinishedPermute, + serverHelloPermute, + clientFinishedPermute)); } else if (pid < 0) { rperror("fork"); result = 4; break; } else { register_child(pid); - result |= - wait_children(childcount); + result |= wait_children( + childcount); } } @@ -1366,17 +1394,17 @@ int main(int argc, const char *argv[]) run_to_end = 1; job_limit = 1; -# define NEXT_ARG(name) \ - do { \ - if (++arg >= argc) { \ +#define NEXT_ARG(name) \ + do { \ + if (++arg >= argc) { \ fprintf(stderr, "No argument for -" #name "\n"); \ - exit(8); \ - } \ + exit(8); \ + } \ } while (0); -# define FAIL_ARG(name) \ - do { \ +#define FAIL_ARG(name) \ + do { \ fprintf(stderr, "Invalid argument for -" #name "\n"); \ - exit(8); \ + exit(8); \ } while (0); for (arg = 1; arg < argc; arg++) { @@ -1459,10 +1487,10 @@ int main(int argc, const char *argv[]) } NEXT_ARG(shello); - if (!parse_permutation - (argv[arg], - full ? permutation_names5 : - permutation_names3, &serverHelloPermute)) { + if (!parse_permutation(argv[arg], + full ? permutation_names5 : + permutation_names3, + &serverHelloPermute)) { FAIL_ARG(shell); } single++; @@ -1473,8 +1501,8 @@ int main(int argc, const char *argv[]) pname = permutation_names3; else pname = permutation_names2; - if (!parse_permutation - (argv[arg], pname, &serverFinishedPermute)) { + if (!parse_permutation(argv[arg], pname, + &serverFinishedPermute)) { FAIL_ARG(cfinished); } single++; @@ -1487,8 +1515,8 @@ int main(int argc, const char *argv[]) pname = permutation_names2; else pname = permutation_names3; - if (!parse_permutation - (argv[arg], pname, &clientFinishedPermute)) { + if (!parse_permutation(argv[arg], pname, + &clientFinishedPermute)) { FAIL_ARG(cfinished); } single++; @@ -1499,24 +1527,21 @@ int main(int argc, const char *argv[]) if (full) { local_filter_names = filter_names_full; - filter_count = - sizeof(filters_full) / - sizeof(filters_full[0]); + filter_count = sizeof(filters_full) / + sizeof(filters_full[0]); } else if (resume) { local_filter_names = filter_names_resume; - filter_count = - sizeof(filters_resume) / - sizeof(filters_resume[0]); + filter_count = sizeof(filters_resume) / + sizeof(filters_resume[0]); } else { local_filter_names = filter_names; filter_count = - sizeof(filters) / sizeof(filters[0]); + sizeof(filters) / sizeof(filters[0]); } for (drop = 0; drop < filter_count; drop++) { - if (strcmp - (local_filter_names[drop], - argv[arg]) == 0) { + if (strcmp(local_filter_names[drop], + argv[arg]) == 0) { dropMode |= (1 << drop); break; } @@ -1563,7 +1588,7 @@ int main(int argc, const char *argv[]) // vim: foldmethod=marker -#else /* NO POSIX TIMERS */ +#else /* NO POSIX TIMERS */ int main(int argc, const char *argv[]) { diff --git a/tests/dtls1-2-mtu-check.c b/tests/dtls1-2-mtu-check.c index b8788dc8b2..3c3a4ba7c6 100644 --- a/tests/dtls1-2-mtu-check.c +++ b/tests/dtls1-2-mtu-check.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the MTU calculation in various cipher/mac algorithm combinations @@ -37,8 +37,7 @@ #include "utils.h" #include -#define myfail(fmt, ...) \ - fail("%s: "fmt, name, ##__VA_ARGS__) +#define myfail(fmt, ...) fail("%s: " fmt, name, ##__VA_ARGS__) static void tls_log_func(int level, const char *str) { @@ -69,18 +68,18 @@ static void dtls_mtu_try(const char *name, const char *client_prio, /* Init server */ assert(gnutls_certificate_allocate_credentials(&serverx509cred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, + assert(gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM) >= 0); - assert(gnutls_init - (&server, - GNUTLS_SERVER | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK) >= 0); + assert(gnutls_init(&server, GNUTLS_SERVER | GNUTLS_DATAGRAM | + GNUTLS_NONBLOCK) >= 0); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); - assert(gnutls_priority_set_direct(server, - "NORMAL:+ANON-ECDH:+ANON-DH:+3DES-CBC:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+SHA256:+CURVE-X25519", - NULL) >= 0); + assert(gnutls_priority_set_direct( + server, + "NORMAL:+ANON-ECDH:+ANON-DH:+3DES-CBC:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+SHA256:+CURVE-X25519", + NULL) >= 0); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_pull_timeout_function(server, @@ -89,15 +88,14 @@ static void dtls_mtu_try(const char *name, const char *client_prio, /* Init client */ - ret = - gnutls_init(&client, - GNUTLS_CLIENT | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK); + ret = gnutls_init(&client, + GNUTLS_CLIENT | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK); if (ret < 0) exit(1); assert(gnutls_certificate_allocate_credentials(&clientx509cred) >= 0); - assert(gnutls_certificate_set_x509_trust_mem - (clientx509cred, &ca_cert, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, clientx509cred) >= 0); @@ -130,9 +128,8 @@ static void dtls_mtu_try(const char *name, const char *client_prio, memset(msg, 1, dmtu + 1); ret = gnutls_record_send(client, msg, dmtu + 1); if (ret != (int)GNUTLS_E_LARGE_PACKET) { - myfail - ("could send larger packet than MTU (%d), ret: %d\n", - dmtu, ret); + myfail("could send larger packet than MTU (%d), ret: %d\n", + dmtu, ret); } ret = gnutls_record_send(client, msg, dmtu); @@ -158,7 +155,8 @@ static void dtls_mtu_try(const char *name, const char *client_prio, dmtu = gnutls_dtls_get_data_mtu(client); if (dmtu != link_mtu) { if (gnutls_mac_get(client) == GNUTLS_MAC_AEAD) - fail("%s: got MTU (%d) which does not match expected (%d)\n", name, dmtu, link_mtu); + fail("%s: got MTU (%d) which does not match expected (%d)\n", + name, dmtu, link_mtu); else if (dmtu < link_mtu) fail("%s: got MTU (%d) smaller than expected (%d)\n", name, dmtu, link_mtu); @@ -186,174 +184,226 @@ void doit(void) global_init(); /* check padding in CBC */ - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1500, 1435); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1501", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1501, 1451); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1502", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1502, 1451); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1503", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1503, 1451); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1504", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1504, 1451); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1505", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1505, 1451); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1506", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1506, 1451); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1507", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1507, 1451); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1508", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1508, 1451); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1509", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1509, 1451); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1510", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1510, 1451); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1511", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1511, 1451); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1512", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1512, 1451); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1513", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1513, 1451); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1514", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1514, 1451); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1515", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1515, 1451); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1516", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1516, 1451); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1517", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1517, 1467); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1518", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1518, 1467); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1519", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1519, 1467); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1520", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1520, 1467); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1521", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1521, 1467); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1522", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1522, 1467); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1523", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1523, 1467); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1524", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1524, 1467); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1525", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1525, 1467); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1526", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1526, 1467); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1536", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1536, 1483); - - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA256", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA256", - 1500, 1423); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1500, 1435); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1501", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1501, 1451); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1502", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1502, 1451); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1503", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1503, 1451); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1504", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1504, 1451); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1505", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1505, 1451); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1506", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1506, 1451); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1507", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1507, 1451); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1508", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1508, 1451); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1509", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1509, 1451); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1510", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1510, 1451); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1511", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1511, 1451); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1512", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1512, 1451); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1513", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1513, 1451); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1514", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1514, 1451); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1515", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1515, 1451); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1516", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1516, 1451); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1517", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1517, 1467); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1518", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1518, 1467); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1519", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1519, 1467); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1520", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1520, 1467); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1521", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1521, 1467); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1522", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1522, 1467); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1523", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1523, 1467); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1524", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1524, 1467); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1525", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1525, 1467); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1526", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1526, 1467); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1536", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1536, 1483); + + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA256", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA256", + 1500, 1423); if (!gnutls_fips140_mode_enabled()) - dtls_mtu_try("DTLS 1.2 with 3DES-CBC-HMAC-SHA1", - "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+3DES-CBC:-MAC-ALL:+SHA1", - 1500, 1451); + dtls_mtu_try( + "DTLS 1.2 with 3DES-CBC-HMAC-SHA1", + "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+3DES-CBC:-MAC-ALL:+SHA1", + 1500, 1451); /* check non-CBC ciphers */ dtls_mtu_try("DTLS 1.2 with AES-128-GCM", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-GCM", 1500, 1463); if (!gnutls_fips140_mode_enabled()) - dtls_mtu_try("DTLS 1.2 with CHACHA20-POLY1305", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+CHACHA20-POLY1305", - 1500, 1471); + dtls_mtu_try( + "DTLS 1.2 with CHACHA20-POLY1305", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+CHACHA20-POLY1305", + 1500, 1471); /* check EtM CBC */ - dtls_mtu_try("DTLS 1.2/EtM with AES-128-CBC-HMAC-SHA1", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1500, 1439); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1501", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1501, 1439); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1502", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1502, 1439); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1503", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1503, 1439); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1504", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1504, 1439); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1505", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1505, 1455); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1506", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1506, 1455); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1507", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1507, 1455); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1508", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1508, 1455); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1509", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1509, 1455); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1510", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1510, 1455); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1511", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1511, 1455); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1512", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1512, 1455); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1513", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1513, 1455); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1514", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1514, 1455); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1515", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1515, 1455); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1516", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1516, 1455); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1517", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1517, 1455); - dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1518", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", - 1518, 1455); - - dtls_mtu_try("DTLS 1.2/EtM with AES-128-CBC-HMAC-SHA256", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA256", - 1500, 1423); + dtls_mtu_try( + "DTLS 1.2/EtM with AES-128-CBC-HMAC-SHA1", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1500, 1439); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1501", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1501, 1439); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1502", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1502, 1439); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1503", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1503, 1439); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1504", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1504, 1439); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1505", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1505, 1455); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1506", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1506, 1455); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1507", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1507, 1455); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1508", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1508, 1455); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1509", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1509, 1455); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1510", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1510, 1455); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1511", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1511, 1455); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1512", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1512, 1455); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1513", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1513, 1455); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1514", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1514, 1455); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1515", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1515, 1455); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1516", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1516, 1455); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1517", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1517, 1455); + dtls_mtu_try( + "DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1518", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", + 1518, 1455); + + dtls_mtu_try( + "DTLS 1.2/EtM with AES-128-CBC-HMAC-SHA256", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA256", + 1500, 1423); if (!gnutls_fips140_mode_enabled()) - dtls_mtu_try("DTLS 1.2/EtM with 3DES-CBC-HMAC-SHA1", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+3DES-CBC:-MAC-ALL:+SHA1", - 1500, 1455); + dtls_mtu_try( + "DTLS 1.2/EtM with 3DES-CBC-HMAC-SHA1", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+3DES-CBC:-MAC-ALL:+SHA1", + 1500, 1455); gnutls_global_deinit(); } diff --git a/tests/dtls10-cert-key-exchange.c b/tests/dtls10-cert-key-exchange.c index 44b47b2596..0aa541e0e9 100644 --- a/tests/dtls10-cert-key-exchange.c +++ b/tests/dtls10-cert-key-exchange.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the various certificate key exchange methods supported @@ -49,10 +49,11 @@ void doit(void) "NORMAL:-VERS-ALL:+VERS-DTLS1.0:-KX-ALL:+DHE-RSA", GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_SHA256, GNUTLS_SIGN_UNKNOWN); - dtls_try("DTLS 1.0 with ecdhe x25519 rsa no cert", - "NORMAL:-VERS-ALL:+VERS-DTLS1.0:-KX-ALL:+ECDHE-RSA:-CURVE-ALL:+CURVE-X25519", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, - GNUTLS_SIGN_UNKNOWN); + dtls_try( + "DTLS 1.0 with ecdhe x25519 rsa no cert", + "NORMAL:-VERS-ALL:+VERS-DTLS1.0:-KX-ALL:+ECDHE-RSA:-CURVE-ALL:+CURVE-X25519", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, + GNUTLS_SIGN_UNKNOWN); dtls_try("DTLS 1.0 with ecdhe rsa no cert", "NORMAL:-VERS-ALL:+VERS-DTLS1.0:-KX-ALL:+ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, diff --git a/tests/dtls12-cert-key-exchange.c b/tests/dtls12-cert-key-exchange.c index 9058ea2b67..d6e0574084 100644 --- a/tests/dtls12-cert-key-exchange.c +++ b/tests/dtls12-cert-key-exchange.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the various certificate key exchange methods supported @@ -49,10 +49,11 @@ void doit(void) "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+DHE-RSA", GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_SHA256, GNUTLS_SIGN_UNKNOWN); - dtls_try("DTLS 1.2 with ecdhe x25519 rsa no-cli-cert", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-CURVE-ALL:+CURVE-X25519", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, - GNUTLS_SIGN_UNKNOWN); + dtls_try( + "DTLS 1.2 with ecdhe x25519 rsa no-cli-cert", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-CURVE-ALL:+CURVE-X25519", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, + GNUTLS_SIGN_UNKNOWN); dtls_try("DTLS 1.2 with ecdhe rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, @@ -63,19 +64,22 @@ void doit(void) GNUTLS_SIGN_UNKNOWN, &server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, NULL, NULL, 0); - dtls_try("DTLS 1.2 with ecdhe rsa-pss sig no-cli-cert", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, - GNUTLS_SIGN_UNKNOWN); - dtls_try("DTLS 1.2 with ecdhe rsa-pss no-cli-cert", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, - GNUTLS_SIGN_UNKNOWN); - dtls_try_with_key("TLS 1.2 with ecdhe rsa-pss/rsa-pss no-cli-cert", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, - GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss_cert, - &server_ca3_rsa_pss_key, NULL, NULL, 0); + dtls_try( + "DTLS 1.2 with ecdhe rsa-pss sig no-cli-cert", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, + GNUTLS_SIGN_UNKNOWN); + dtls_try( + "DTLS 1.2 with ecdhe rsa-pss no-cli-cert", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, + GNUTLS_SIGN_UNKNOWN); + dtls_try_with_key( + "TLS 1.2 with ecdhe rsa-pss/rsa-pss no-cli-cert", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, + GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss_cert, + &server_ca3_rsa_pss_key, NULL, NULL, 0); dtls_try("DTLS 1.2 with rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+RSA", GNUTLS_KX_RSA, GNUTLS_SIGN_UNKNOWN, GNUTLS_SIGN_UNKNOWN); @@ -106,16 +110,18 @@ void doit(void) &server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, USE_CERT); - dtls_try_cli("DTLS 1.2 with ecdhe-rsa-pss cli-cert", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, - GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, USE_CERT); - dtls_try_with_key("DTLS 1.2 with ecdhe-rsa-pss/rsa-pss cli-cert", - "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, - GNUTLS_SIGN_RSA_PSS_SHA256, &server_ca3_rsa_pss_cert, - &server_ca3_rsa_pss_key, &cli_ca3_rsa_pss_cert, - &cli_ca3_rsa_pss_key, USE_CERT); + dtls_try_cli( + "DTLS 1.2 with ecdhe-rsa-pss cli-cert", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, + GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, USE_CERT); + dtls_try_with_key( + "DTLS 1.2 with ecdhe-rsa-pss/rsa-pss cli-cert", + "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, + GNUTLS_SIGN_RSA_PSS_SHA256, &server_ca3_rsa_pss_cert, + &server_ca3_rsa_pss_key, &cli_ca3_rsa_pss_cert, + &cli_ca3_rsa_pss_key, USE_CERT); dtls_try_cli("DTLS 1.2 with dhe-rsa ask cli-cert", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+DHE-RSA", GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_SHA256, diff --git a/tests/duplicate-extensions.c b/tests/duplicate-extensions.c index 54a4a7bb15..9cfad5df25 100644 --- a/tests/duplicate-extensions.c +++ b/tests/duplicate-extensions.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -37,18 +37,18 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" -# include "cert-common.h" +#include "utils.h" +#include "cert-common.h" pid_t child; @@ -62,29 +62,29 @@ static void tls_log_func(int level, const char *str) */ static unsigned char tls1_hello[] = - "\x16\x03\x01\x01\x5e\x01\x00\x01\x5a\x03\x03\x59\x41\x25\x0e\x19" - "\x02\x56\xa2\xe4\x97\x00\xea\x18\xd2\xb0\x00\xb9\xa2\x8a\x61\xb3" - "\xdd\x65\xed\xfd\x03\xaf\x93\x8d\xb2\x15\xf3\x00\x00\xd4\xc0\x30" - "\xcc\xa8\xc0\x8b\xc0\x14\xc0\x28\xc0\x77\xc0\x2f\xc0\x8a\xc0\x13" - "\xc0\x27\xc0\x76\xc0\x12\xc0\x2c\xc0\xad\xcc\xa9\xc0\x87\xc0\x0a" - "\xc0\x24\xc0\x73\xc0\x2b\xc0\xac\xc0\x86\xc0\x09\xc0\x23\xc0\x72" - "\xc0\x08\x00\x9d\xc0\x9d\xc0\x7b\x00\x35\x00\x3d\x00\x84\x00\xc0" - "\x00\x9c\xc0\x9c\xc0\x7a\x00\x2f\x00\x3c\x00\x41\x00\xba\x00\x0a" - "\x00\x9f\xc0\x9f\xcc\xaa\xc0\x7d\x00\x39\x00\x6b\x00\x88\x00\xc4" - "\x00\x9e\xc0\x9e\xc0\x7c\x00\x33\x00\x67\x00\x45\x00\xbe\x00\x16" - "\x00\xa3\xc0\x81\x00\x38\x00\x6a\x00\x87\x00\xc3\x00\xa2\xc0\x80" - "\x00\x32\x00\x40\x00\x44\x00\xbd\x00\x13\x00\xa9\xc0\xa5\xcc\xab" - "\xc0\x8f\x00\x8d\x00\xaf\xc0\x95\x00\xa8\xc0\xa4\xc0\x8e\x00\x8c" - "\x00\xae\xc0\x94\x00\x8b\x00\xab\xc0\xa7\xcc\xad\xc0\x91\x00\x91" - "\x00\xb3\xc0\x97\x00\xaa\xc0\xa6\xc0\x90\x00\x90\x00\xb2\xc0\x96" - "\x00\x8f\xcc\xac\xc0\x36\xc0\x38\xc0\x9b\xc0\x35\xc0\x37\xc0\x9a" - "\xc0\x34\x01\x00\x00\x5d\x00\x17\x00\x00\x00\x16\x00\x00\x00\x05" - "\x00\x05\x01\x00\x00\x00\x00\x00\x00\x00\x13\x00\x11\x00\x00\x0e" - "\x77\x77\x77\x2e\x61\x6d\x61\x7a\x6f\x6e\x2e\x63\x6f\x6d\xff\x01" - "\x00\x01\x00\x00\x23\x00\x00\x00\x0b\x00\x02\x01\x00\x00\x0b\x00" - "\x02\x01\x00\x00\x0d\x00\x16\x00\x14\x04\x01\x04\x03\x05\x01\x05" - "\x03\x06\x01\x06\x03\x03\x01\x03\x03\x02\x01\x02\x03\x00\x0a\x00" - "\x02\x00\x17"; + "\x16\x03\x01\x01\x5e\x01\x00\x01\x5a\x03\x03\x59\x41\x25\x0e\x19" + "\x02\x56\xa2\xe4\x97\x00\xea\x18\xd2\xb0\x00\xb9\xa2\x8a\x61\xb3" + "\xdd\x65\xed\xfd\x03\xaf\x93\x8d\xb2\x15\xf3\x00\x00\xd4\xc0\x30" + "\xcc\xa8\xc0\x8b\xc0\x14\xc0\x28\xc0\x77\xc0\x2f\xc0\x8a\xc0\x13" + "\xc0\x27\xc0\x76\xc0\x12\xc0\x2c\xc0\xad\xcc\xa9\xc0\x87\xc0\x0a" + "\xc0\x24\xc0\x73\xc0\x2b\xc0\xac\xc0\x86\xc0\x09\xc0\x23\xc0\x72" + "\xc0\x08\x00\x9d\xc0\x9d\xc0\x7b\x00\x35\x00\x3d\x00\x84\x00\xc0" + "\x00\x9c\xc0\x9c\xc0\x7a\x00\x2f\x00\x3c\x00\x41\x00\xba\x00\x0a" + "\x00\x9f\xc0\x9f\xcc\xaa\xc0\x7d\x00\x39\x00\x6b\x00\x88\x00\xc4" + "\x00\x9e\xc0\x9e\xc0\x7c\x00\x33\x00\x67\x00\x45\x00\xbe\x00\x16" + "\x00\xa3\xc0\x81\x00\x38\x00\x6a\x00\x87\x00\xc3\x00\xa2\xc0\x80" + "\x00\x32\x00\x40\x00\x44\x00\xbd\x00\x13\x00\xa9\xc0\xa5\xcc\xab" + "\xc0\x8f\x00\x8d\x00\xaf\xc0\x95\x00\xa8\xc0\xa4\xc0\x8e\x00\x8c" + "\x00\xae\xc0\x94\x00\x8b\x00\xab\xc0\xa7\xcc\xad\xc0\x91\x00\x91" + "\x00\xb3\xc0\x97\x00\xaa\xc0\xa6\xc0\x90\x00\x90\x00\xb2\xc0\x96" + "\x00\x8f\xcc\xac\xc0\x36\xc0\x38\xc0\x9b\xc0\x35\xc0\x37\xc0\x9a" + "\xc0\x34\x01\x00\x00\x5d\x00\x17\x00\x00\x00\x16\x00\x00\x00\x05" + "\x00\x05\x01\x00\x00\x00\x00\x00\x00\x00\x13\x00\x11\x00\x00\x0e" + "\x77\x77\x77\x2e\x61\x6d\x61\x7a\x6f\x6e\x2e\x63\x6f\x6d\xff\x01" + "\x00\x01\x00\x00\x23\x00\x00\x00\x0b\x00\x02\x01\x00\x00\x0b\x00" + "\x02\x01\x00\x00\x0d\x00\x16\x00\x14\x04\x01\x04\x03\x05\x01\x05" + "\x03\x06\x01\x06\x03\x03\x01\x03\x03\x02\x01\x02\x03\x00\x0a\x00" + "\x02\x00\x17"; static void client(int sd) { @@ -161,9 +161,10 @@ static void server(int sd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.0:+VERS-TLS1.1:+VERS-TLS1.2", - NULL); + gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.0:+VERS-TLS1.1:+VERS-TLS1.2", + NULL); gnutls_handshake_set_timeout(session, get_timeout()); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -225,4 +226,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/eagain-auto-auth.c b/tests/eagain-auto-auth.c index ede4c848aa..35ff7f3845 100644 --- a/tests/eagain-auto-auth.c +++ b/tests/eagain-auto-auth.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -45,15 +45,16 @@ static void tls_log_func(int level, const char *str) } #define MAX_BUF 1024 -#define MSG "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..." +#define MSG \ + "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..." static unsigned int cert_asked = 0; static int cert_callback(gnutls_session_t session, - const gnutls_datum_t * req_ca_rdn, int nreqs, - const gnutls_pk_algorithm_t * sign_algos, - int sign_algos_length, gnutls_pcert_st ** pcert, - unsigned int *pcert_length, gnutls_privkey_t * pkey) + const gnutls_datum_t *req_ca_rdn, int nreqs, + const gnutls_pk_algorithm_t *sign_algos, + int sign_algos_length, gnutls_pcert_st **pcert, + unsigned int *pcert_length, gnutls_privkey_t *pkey) { cert_asked = 1; *pcert_length = 0; @@ -83,20 +84,20 @@ static void async_handshake(void **glob_state, const char *prio, unsigned rehsk) gnutls_global_set_log_function(tls_log_func); /* Init server */ - assert_return_code(gnutls_certificate_allocate_credentials - (&serverx509cred), 0); - assert_return_code(gnutls_certificate_set_x509_key_mem - (serverx509cred, &server_cert, &server_key, - GNUTLS_X509_FMT_PEM), 0); + assert_return_code( + gnutls_certificate_allocate_credentials(&serverx509cred), 0); + assert_return_code(gnutls_certificate_set_x509_key_mem( + serverx509cred, &server_cert, &server_key, + GNUTLS_X509_FMT_PEM), + 0); ret = gnutls_init(&server, GNUTLS_SERVER | GNUTLS_POST_HANDSHAKE_AUTH); assert_return_code(ret, 0); ret = gnutls_priority_set_direct(server, prio, NULL); assert_return_code(ret, 0); - ret = - gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, - serverx509cred); + ret = gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, + serverx509cred); assert_return_code(ret, 0); gnutls_transport_set_push_function(server, server_push); @@ -111,16 +112,13 @@ static void async_handshake(void **glob_state, const char *prio, unsigned rehsk) gnutls_certificate_set_retrieve_function2(clientx509cred, cert_callback); - ret = - gnutls_init(&client, - GNUTLS_CLIENT | GNUTLS_AUTO_REAUTH | - GNUTLS_POST_HANDSHAKE_AUTH); + ret = gnutls_init(&client, GNUTLS_CLIENT | GNUTLS_AUTO_REAUTH | + GNUTLS_POST_HANDSHAKE_AUTH); ret = gnutls_priority_set_direct(client, prio, NULL); assert_return_code(ret, 0); - ret = - gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, - clientx509cred); + ret = gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, + clientx509cred); assert_return_code(ret, 0); gnutls_transport_set_push_function(client, client_push); @@ -135,8 +133,8 @@ static void async_handshake(void **glob_state, const char *prio, unsigned rehsk) do { sret = gnutls_rehandshake(server); - } while (sret == GNUTLS_E_AGAIN - || sret == GNUTLS_E_INTERRUPTED); + } while (sret == GNUTLS_E_AGAIN || + sret == GNUTLS_E_INTERRUPTED); assert_true(sret == 0); assert_true(gnutls_record_get_direction(server) == 1); @@ -158,13 +156,14 @@ static void async_handshake(void **glob_state, const char *prio, unsigned rehsk) sret = gnutls_handshake(server); if (sret == GNUTLS_E_INTERRUPTED) sret = GNUTLS_E_AGAIN; - assert_true(sret == GNUTLS_E_AGAIN - || sret == 0); + assert_true(sret == GNUTLS_E_AGAIN || + sret == 0); } /* we are done in client side */ - if (hstarted && gnutls_record_get_direction(client) == 0 - && to_client_len == 0) + if (hstarted && + gnutls_record_get_direction(client) == 0 && + to_client_len == 0) cret = 0; if (cret == GNUTLS_E_AGAIN) { @@ -203,8 +202,8 @@ static void async_handshake(void **glob_state, const char *prio, unsigned rehsk) } /* we are done in client side */ - if (gnutls_record_get_direction(client) == 0 - && to_client_len == 0) + if (gnutls_record_get_direction(client) == 0 && + to_client_len == 0) cret = 0; } while (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN); } diff --git a/tests/eagain-common.h b/tests/eagain-common.h index c7c49f4ac2..8fadb3a40f 100644 --- a/tests/eagain-common.h +++ b/tests/eagain-common.h @@ -1,172 +1,174 @@ #ifndef GNUTLS_TESTS_EAGAIN_COMMON_H -# define GNUTLS_TESTS_EAGAIN_COMMON_H +#define GNUTLS_TESTS_EAGAIN_COMMON_H -# include -# include -# include +#include +#include +#include -# define min(x,y) ((x)<(y)?(x):(y)) +#define min(x, y) ((x) < (y) ? (x) : (y)) extern const char *side; -# ifdef USE_CMOCKA -# define failure() fail() -# define client_transfer_failure(r) {fprintf(stderr, "client transfer failure: %s\n", gnutls_strerror(r)); fail();} -# define server_transfer_failure(r) {fprintf(stderr, "server transfer failure: %s\n", gnutls_strerror(r)); fail();} -# define switch_side(str) -# else -# define failure() fail("Handshake failed\n") -# define client_transfer_failure(r) fail("client transfer failure: %s\n", gnutls_strerror(r)) -# define server_transfer_failure(r) fail("client transfer failure: %s\n", gnutls_strerror(r)) -# define switch_side(str) side = str -# endif - -# define HANDSHAKE_EXPECT(c, s, clierr, serverr) \ - sret = cret = GNUTLS_E_AGAIN; \ - do \ - { \ - if (cret == GNUTLS_E_AGAIN) \ - { \ - switch_side("client"); \ - cret = gnutls_handshake (c); \ - if (cret == GNUTLS_E_INTERRUPTED) cret = GNUTLS_E_AGAIN; \ - } \ - if (sret == GNUTLS_E_AGAIN) \ - { \ - switch_side("server"); \ - sret = gnutls_handshake (s); \ - if (sret == GNUTLS_E_INTERRUPTED) sret = GNUTLS_E_AGAIN; \ - } \ - } \ - while ((cret == GNUTLS_E_AGAIN || (cret == 0 && sret == GNUTLS_E_AGAIN)) && (sret == GNUTLS_E_AGAIN || (sret == 0 && cret == GNUTLS_E_AGAIN))); \ - if ((clierr != -1 && cret != clierr) || (serverr != -1 && sret != serverr)) \ - { \ - fprintf(stderr, "client[%d]: %s\n", cret, gnutls_strerror(cret)); \ - fprintf(stderr, "server[%d]: %s\n", sret, gnutls_strerror(sret)); \ - failure(); \ - } - -# define HANDSHAKE(c, s) \ - HANDSHAKE_EXPECT(c,s,0,0) - -# define HANDSHAKE_DTLS_EXPECT(c, s, clierr, serverr) \ - sret = cret = GNUTLS_E_AGAIN; \ - do \ - { \ - if (cret == GNUTLS_E_LARGE_PACKET) \ - { \ - unsigned int mtu = gnutls_dtls_get_mtu(s); \ - gnutls_dtls_set_mtu(s, mtu/2); \ - } \ - if (cret < 0 && gnutls_error_is_fatal(cret) == 0) \ - { \ - switch_side("client"); \ - cret = gnutls_handshake (c); \ - } \ - if (sret == GNUTLS_E_LARGE_PACKET) \ - { \ - unsigned int mtu = gnutls_dtls_get_mtu(s); \ - gnutls_dtls_set_mtu(s, mtu/2); \ - } \ - if (sret < 0 && gnutls_error_is_fatal(sret) == 0) \ - { \ - switch_side("server"); \ - sret = gnutls_handshake (s); \ - } \ - } \ - while (((gnutls_error_is_fatal(cret) == 0 && gnutls_error_is_fatal(sret) == 0)) && (cret < 0 || sret < 0)); \ - if (cret != clierr || sret != serverr) \ - { \ - fprintf(stderr, "client: %s\n", gnutls_strerror(cret)); \ - fprintf(stderr, "server: %s\n", gnutls_strerror(sret)); \ - failure(); \ - } - -# define HANDSHAKE_DTLS(c, s) \ - HANDSHAKE_DTLS_EXPECT(c,s,0,0) - -# define HANDSHAKE(c, s) \ - HANDSHAKE_EXPECT(c,s,0,0) - -# define TRANSFER2(c, s, msg, msglen, buf, buflen, retry_send_with_null) { \ - int _ret; \ - switch_side("client"); \ - _ret = record_send_loop (c, msg, msglen, retry_send_with_null); \ - \ - if (_ret < 0) client_transfer_failure(_ret); \ - \ - do \ - { \ - do \ - { \ - switch_side("server"); \ - _ret = gnutls_record_recv (s, buf, buflen); \ - } \ - while(_ret == GNUTLS_E_AGAIN); \ - if (_ret <= 0) \ - { \ - server_transfer_failure(_ret); \ - } \ - else \ - { \ - transferred += _ret; \ - } \ - switch_side("server"); \ - _ret = record_send_loop (server, msg, msglen, retry_send_with_null); \ - if (_ret < 0) server_transfer_failure(_ret); \ - do \ - { \ - switch_side("client"); \ - _ret = gnutls_record_recv (client, buf, buflen); \ - } \ - while(_ret == GNUTLS_E_AGAIN); \ - if (_ret <= 0) \ - { \ - client_transfer_failure(_ret); \ - } \ - else \ - { \ - if (msglen != _ret || memcmp (buf, msg, msglen) != 0) \ - { \ - failure(); \ - } \ - /* echo back */ \ - switch_side("client"); \ - _ret = record_send_loop (client, buf, msglen, retry_send_with_null); \ - if (_ret < 0) client_transfer_failure(_ret); \ - transferred += _ret; \ - } \ - } \ - while (transferred < 70000); \ - } - -# define EMPTY_BUF(s, c, buf, buflen) \ - { \ - switch_side("client"); int _ret = 0; \ - while((_ret == GNUTLS_E_AGAIN && to_server_len > 0) || to_server_len > 0) \ - { \ - switch_side("server"); \ - _ret = gnutls_record_recv (s, buf, buflen); \ - } \ - if (_ret < 0 && _ret !=GNUTLS_E_AGAIN) \ - { \ - server_transfer_failure(_ret); \ - } \ - switch_side("server"); _ret = 0; \ - while((to_client_len > 0 && _ret == GNUTLS_E_AGAIN) || to_client_len > 0) \ - { \ - switch_side("client"); \ - _ret = gnutls_record_recv (client, buf, buflen); \ - } \ - if (_ret < 0 && _ret !=GNUTLS_E_AGAIN) \ - { \ - client_transfer_failure(_ret); \ - } \ - } - -# define TRANSFER(c, s, msg, msglen, buf, buflen) \ - TRANSFER2(c, s, msg, msglen, buf, buflen, 0); \ - TRANSFER2(c, s, msg, msglen, buf, buflen, 1) +#ifdef USE_CMOCKA +#define failure() fail() +#define client_transfer_failure(r) \ + { \ + fprintf(stderr, "client transfer failure: %s\n", \ + gnutls_strerror(r)); \ + fail(); \ + } +#define server_transfer_failure(r) \ + { \ + fprintf(stderr, "server transfer failure: %s\n", \ + gnutls_strerror(r)); \ + fail(); \ + } +#define switch_side(str) +#else +#define failure() fail("Handshake failed\n") +#define client_transfer_failure(r) \ + fail("client transfer failure: %s\n", gnutls_strerror(r)) +#define server_transfer_failure(r) \ + fail("client transfer failure: %s\n", gnutls_strerror(r)) +#define switch_side(str) side = str +#endif + +#define HANDSHAKE_EXPECT(c, s, clierr, serverr) \ + sret = cret = GNUTLS_E_AGAIN; \ + do { \ + if (cret == GNUTLS_E_AGAIN) { \ + switch_side("client"); \ + cret = gnutls_handshake(c); \ + if (cret == GNUTLS_E_INTERRUPTED) \ + cret = GNUTLS_E_AGAIN; \ + } \ + if (sret == GNUTLS_E_AGAIN) { \ + switch_side("server"); \ + sret = gnutls_handshake(s); \ + if (sret == GNUTLS_E_INTERRUPTED) \ + sret = GNUTLS_E_AGAIN; \ + } \ + } while ((cret == GNUTLS_E_AGAIN || \ + (cret == 0 && sret == GNUTLS_E_AGAIN)) && \ + (sret == GNUTLS_E_AGAIN || \ + (sret == 0 && cret == GNUTLS_E_AGAIN))); \ + if ((clierr != -1 && cret != clierr) || \ + (serverr != -1 && sret != serverr)) { \ + fprintf(stderr, "client[%d]: %s\n", cret, \ + gnutls_strerror(cret)); \ + fprintf(stderr, "server[%d]: %s\n", sret, \ + gnutls_strerror(sret)); \ + failure(); \ + } + +#define HANDSHAKE(c, s) HANDSHAKE_EXPECT(c, s, 0, 0) + +#define HANDSHAKE_DTLS_EXPECT(c, s, clierr, serverr) \ + sret = cret = GNUTLS_E_AGAIN; \ + do { \ + if (cret == GNUTLS_E_LARGE_PACKET) { \ + unsigned int mtu = gnutls_dtls_get_mtu(s); \ + gnutls_dtls_set_mtu(s, mtu / 2); \ + } \ + if (cret < 0 && gnutls_error_is_fatal(cret) == 0) { \ + switch_side("client"); \ + cret = gnutls_handshake(c); \ + } \ + if (sret == GNUTLS_E_LARGE_PACKET) { \ + unsigned int mtu = gnutls_dtls_get_mtu(s); \ + gnutls_dtls_set_mtu(s, mtu / 2); \ + } \ + if (sret < 0 && gnutls_error_is_fatal(sret) == 0) { \ + switch_side("server"); \ + sret = gnutls_handshake(s); \ + } \ + } while (((gnutls_error_is_fatal(cret) == 0 && \ + gnutls_error_is_fatal(sret) == 0)) && \ + (cret < 0 || sret < 0)); \ + if (cret != clierr || sret != serverr) { \ + fprintf(stderr, "client: %s\n", gnutls_strerror(cret)); \ + fprintf(stderr, "server: %s\n", gnutls_strerror(sret)); \ + failure(); \ + } + +#define HANDSHAKE_DTLS(c, s) HANDSHAKE_DTLS_EXPECT(c, s, 0, 0) + +#define HANDSHAKE(c, s) HANDSHAKE_EXPECT(c, s, 0, 0) + +#define TRANSFER2(c, s, msg, msglen, buf, buflen, retry_send_with_null) \ + { \ + int _ret; \ + switch_side("client"); \ + _ret = record_send_loop(c, msg, msglen, retry_send_with_null); \ + \ + if (_ret < 0) \ + client_transfer_failure(_ret); \ + \ + do { \ + do { \ + switch_side("server"); \ + _ret = gnutls_record_recv(s, buf, buflen); \ + } while (_ret == GNUTLS_E_AGAIN); \ + if (_ret <= 0) { \ + server_transfer_failure(_ret); \ + } else { \ + transferred += _ret; \ + } \ + switch_side("server"); \ + _ret = record_send_loop(server, msg, msglen, \ + retry_send_with_null); \ + if (_ret < 0) \ + server_transfer_failure(_ret); \ + do { \ + switch_side("client"); \ + _ret = gnutls_record_recv(client, buf, \ + buflen); \ + } while (_ret == GNUTLS_E_AGAIN); \ + if (_ret <= 0) { \ + client_transfer_failure(_ret); \ + } else { \ + if (msglen != _ret || \ + memcmp(buf, msg, msglen) != 0) { \ + failure(); \ + } \ + /* echo back */ \ + switch_side("client"); \ + _ret = record_send_loop(client, buf, msglen, \ + retry_send_with_null); \ + if (_ret < 0) \ + client_transfer_failure(_ret); \ + transferred += _ret; \ + } \ + } while (transferred < 70000); \ + } + +#define EMPTY_BUF(s, c, buf, buflen) \ + { \ + switch_side("client"); \ + int _ret = 0; \ + while ((_ret == GNUTLS_E_AGAIN && to_server_len > 0) || \ + to_server_len > 0) { \ + switch_side("server"); \ + _ret = gnutls_record_recv(s, buf, buflen); \ + } \ + if (_ret < 0 && _ret != GNUTLS_E_AGAIN) { \ + server_transfer_failure(_ret); \ + } \ + switch_side("server"); \ + _ret = 0; \ + while ((to_client_len > 0 && _ret == GNUTLS_E_AGAIN) || \ + to_client_len > 0) { \ + switch_side("client"); \ + _ret = gnutls_record_recv(client, buf, buflen); \ + } \ + if (_ret < 0 && _ret != GNUTLS_E_AGAIN) { \ + client_transfer_failure(_ret); \ + } \ + } + +#define TRANSFER(c, s, msg, msglen, buf, buflen) \ + TRANSFER2(c, s, msg, msglen, buf, buflen, 0); \ + TRANSFER2(c, s, msg, msglen, buf, buflen, 1) static char to_server[64 * 1024]; static size_t to_server_len = 0; @@ -174,21 +176,20 @@ static size_t to_server_len = 0; static char to_client[64 * 1024]; static size_t to_client_len = 0; -# ifdef RANDOMIZE -# define RETURN_RND_EAGAIN(session) \ - unsigned int rnd = time(0); \ - if (rnd++ % 3 == 0) \ - { \ - gnutls_transport_set_errno (session, EAGAIN); \ - return -1; \ - } -# else -# define RETURN_RND_EAGAIN(session) -# endif - -# ifndef IGNORE_PUSH -static ssize_t -client_push(gnutls_transport_ptr_t tr, const void *data, size_t len) +#ifdef RANDOMIZE +#define RETURN_RND_EAGAIN(session) \ + unsigned int rnd = time(0); \ + if (rnd++ % 3 == 0) { \ + gnutls_transport_set_errno(session, EAGAIN); \ + return -1; \ + } +#else +#define RETURN_RND_EAGAIN(session) +#endif + +#ifndef IGNORE_PUSH +static ssize_t client_push(gnutls_transport_ptr_t tr, const void *data, + size_t len) { size_t newlen; RETURN_RND_EAGAIN(tr); @@ -198,26 +199,26 @@ client_push(gnutls_transport_ptr_t tr, const void *data, size_t len) newlen = to_server_len + len; memcpy(to_server + to_server_len, data, len); to_server_len = newlen; -# ifdef EAGAIN_DEBUG +#ifdef EAGAIN_DEBUG fprintf(stderr, "eagain: pushed %d bytes to server (avail: %d)\n", (int)len, (int)to_server_len); -# endif +#endif return len; } -# endif +#endif static ssize_t client_pull(gnutls_transport_ptr_t tr, void *data, size_t len) { RETURN_RND_EAGAIN(tr); if (to_client_len == 0) { -# ifdef EAGAIN_DEBUG +#ifdef EAGAIN_DEBUG fprintf(stderr, "eagain: Not enough data by server (asked for: %d, have: %d)\n", (int)len, (int)to_client_len); -# endif - gnutls_transport_set_errno((gnutls_session_t) tr, EAGAIN); +#endif + gnutls_transport_set_errno((gnutls_session_t)tr, EAGAIN); return -1; } @@ -227,10 +228,10 @@ static ssize_t client_pull(gnutls_transport_ptr_t tr, void *data, size_t len) memmove(to_client, to_client + len, to_client_len - len); to_client_len -= len; -# ifdef EAGAIN_DEBUG +#ifdef EAGAIN_DEBUG fprintf(stderr, "eagain: pulled %d bytes by client (avail: %d)\n", (int)len, (int)to_client_len); -# endif +#endif return len; } @@ -240,20 +241,20 @@ static ssize_t server_pull(gnutls_transport_ptr_t tr, void *data, size_t len) RETURN_RND_EAGAIN(tr); if (to_server_len == 0) { -# ifdef EAGAIN_DEBUG +#ifdef EAGAIN_DEBUG fprintf(stderr, "eagain: Not enough data by client (asked for: %d, have: %d)\n", (int)len, (int)to_server_len); -# endif - gnutls_transport_set_errno((gnutls_session_t) tr, EAGAIN); +#endif + gnutls_transport_set_errno((gnutls_session_t)tr, EAGAIN); return -1; } len = min(len, to_server_len); -# ifdef EAGAIN_DEBUG +#ifdef EAGAIN_DEBUG fprintf(stderr, "eagain: pulled %d bytes by server (avail: %d)\n", (int)len, (int)to_server_len); -# endif +#endif memcpy(data, to_server, len); memmove(to_server, to_server + len, to_server_len - len); @@ -262,32 +263,32 @@ static ssize_t server_pull(gnutls_transport_ptr_t tr, void *data, size_t len) return len; } -# ifndef IGNORE_PUSH -static ssize_t -server_push(gnutls_transport_ptr_t tr, const void *data, size_t len) +#ifndef IGNORE_PUSH +static ssize_t server_push(gnutls_transport_ptr_t tr, const void *data, + size_t len) { size_t newlen; RETURN_RND_EAGAIN(tr); -// hexprint (data, len); + // hexprint (data, len); len = min(len, sizeof(to_client) - to_client_len); newlen = to_client_len + len; memcpy(to_client + to_client_len, data, len); to_client_len = newlen; -# ifdef EAGAIN_DEBUG +#ifdef EAGAIN_DEBUG fprintf(stderr, "eagain: pushed %d bytes to client (avail: %d)\n", (int)len, (int)to_client_len); -# endif +#endif -# ifdef SERVER_PUSH_ADD +#ifdef SERVER_PUSH_ADD SERVER_PUSH_ADD -# endif - return len; +#endif + return len; } -# endif +#endif /* inline is used to avoid a gcc warning if used in mini-eagain */ inline static int server_pull_timeout_func(gnutls_transport_ptr_t ptr, @@ -296,15 +297,15 @@ inline static int server_pull_timeout_func(gnutls_transport_ptr_t ptr, int ret; if (to_server_len > 0) - ret = 1; /* available data */ + ret = 1; /* available data */ else - ret = 0; /* timeout */ + ret = 0; /* timeout */ -# ifdef EAGAIN_DEBUG +#ifdef EAGAIN_DEBUG fprintf(stderr, "eagain: server_pull_timeout: %d (avail: cli %d, serv %d)\n", ret, (int)to_client_len, (int)to_server_len); -# endif +#endif return ret; } @@ -319,11 +320,11 @@ inline static int client_pull_timeout_func(gnutls_transport_ptr_t ptr, else ret = 0; -# ifdef EAGAIN_DEBUG +#ifdef EAGAIN_DEBUG fprintf(stderr, "eagain: client_pull_timeout: %d (avail: cli %d, serv %d)\n", ret, (int)to_client_len, (int)to_server_len); -# endif +#endif return ret; } @@ -334,9 +335,8 @@ inline static void reset_buffers(void) to_client_len = 0; } -inline static int record_send_loop(gnutls_session_t session, - const void *data, size_t sizeofdata, - int use_null_on_retry) +inline static int record_send_loop(gnutls_session_t session, const void *data, + size_t sizeofdata, int use_null_on_retry) { int ret; const void *retry_data; @@ -358,4 +358,4 @@ inline static int record_send_loop(gnutls_session_t session, return ret; } -#endif /* GNUTLS_TESTS_EAGAIN_COMMON_H */ +#endif /* GNUTLS_TESTS_EAGAIN_COMMON_H */ diff --git a/tests/eagain.c b/tests/eagain.c index eb46ec61ca..15f3ab88ec 100644 --- a/tests/eagain.c +++ b/tests/eagain.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -44,7 +44,8 @@ static void tls_log_func(int level, const char *str) } #define MAX_BUF 1024 -#define MSG "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..." +#define MSG \ + "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..." static void async_handshake(void **glob_state, const char *prio, unsigned rehsk) { @@ -65,20 +66,20 @@ static void async_handshake(void **glob_state, const char *prio, unsigned rehsk) gnutls_global_set_log_function(tls_log_func); /* Init server */ - assert_return_code(gnutls_certificate_allocate_credentials - (&serverx509cred), 0); - assert_return_code(gnutls_certificate_set_x509_key_mem - (serverx509cred, &server_cert, &server_key, - GNUTLS_X509_FMT_PEM), 0); + assert_return_code( + gnutls_certificate_allocate_credentials(&serverx509cred), 0); + assert_return_code(gnutls_certificate_set_x509_key_mem( + serverx509cred, &server_cert, &server_key, + GNUTLS_X509_FMT_PEM), + 0); ret = gnutls_init(&server, GNUTLS_SERVER); assert_return_code(ret, 0); ret = gnutls_priority_set_direct(server, prio, NULL); assert_return_code(ret, 0); - ret = - gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, - serverx509cred); + ret = gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, + serverx509cred); assert_return_code(ret, 0); gnutls_transport_set_push_function(server, server_push); @@ -94,9 +95,8 @@ static void async_handshake(void **glob_state, const char *prio, unsigned rehsk) ret = gnutls_priority_set_direct(client, prio, NULL); assert_return_code(ret, 0); - ret = - gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, - clientx509cred); + ret = gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, + clientx509cred); assert_return_code(ret, 0); gnutls_transport_set_push_function(client, client_push); diff --git a/tests/ecdh-compute.c b/tests/ecdh-compute.c index 4831bec918..f0536c41cd 100644 --- a/tests/ecdh-compute.c +++ b/tests/ecdh-compute.c @@ -22,7 +22,7 @@ /* This program tests functionality of DH exchanges */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -32,18 +32,16 @@ #include "utils.h" #ifdef ENABLE_FIPS140 -int _gnutls_ecdh_compute_key(gnutls_ecc_curve_t curve, - const gnutls_datum_t * x, const gnutls_datum_t * y, - const gnutls_datum_t * k, - const gnutls_datum_t * peer_x, - const gnutls_datum_t * peer_y, gnutls_datum_t * Z); - -int _gnutls_ecdh_generate_key(gnutls_ecc_curve_t curve, - gnutls_datum_t * x, gnutls_datum_t * y, - gnutls_datum_t * k); - -static void genkey(gnutls_ecc_curve_t curve, gnutls_datum_t * x, - gnutls_datum_t * y, gnutls_datum_t * key) +int _gnutls_ecdh_compute_key(gnutls_ecc_curve_t curve, const gnutls_datum_t *x, + const gnutls_datum_t *y, const gnutls_datum_t *k, + const gnutls_datum_t *peer_x, + const gnutls_datum_t *peer_y, gnutls_datum_t *Z); + +int _gnutls_ecdh_generate_key(gnutls_ecc_curve_t curve, gnutls_datum_t *x, + gnutls_datum_t *y, gnutls_datum_t *k); + +static void genkey(gnutls_ecc_curve_t curve, gnutls_datum_t *x, + gnutls_datum_t *y, gnutls_datum_t *key) { int ret; @@ -52,12 +50,11 @@ static void genkey(gnutls_ecc_curve_t curve, gnutls_datum_t * x, fail("error\n"); } -static void compute_key(gnutls_ecc_curve_t curve, const gnutls_datum_t * x, - const gnutls_datum_t * y, const gnutls_datum_t * key, - const gnutls_datum_t * peer_x, - const gnutls_datum_t * peer_y, - int expect_error, - gnutls_datum_t * result, bool expect_success) +static void compute_key(gnutls_ecc_curve_t curve, const gnutls_datum_t *x, + const gnutls_datum_t *y, const gnutls_datum_t *key, + const gnutls_datum_t *peer_x, + const gnutls_datum_t *peer_y, int expect_error, + gnutls_datum_t *result, bool expect_success) { gnutls_datum_t Z = { 0 }; bool success; @@ -90,83 +87,101 @@ void doit(void) { struct dh_test_data test_data[] = { { - /* x == 0, y == 0 */ - GNUTLS_ECC_CURVE_SECP256R1, - {0}, {0}, {0}, - {(void *)"\x00", 1}, - {(void *)"\x00", 1}, - /* Should be GNUTLS_E_PK_INVALID_PUBKEY but mpi scan + /* x == 0, y == 0 */ + GNUTLS_ECC_CURVE_SECP256R1, + { 0 }, + { 0 }, + { 0 }, + { (void *)"\x00", 1 }, + { (void *)"\x00", 1 }, + /* Should be GNUTLS_E_PK_INVALID_PUBKEY but mpi scan * balks on values of 0 */ - GNUTLS_E_MPI_SCAN_FAILED, - }, + GNUTLS_E_MPI_SCAN_FAILED, + }, { - /* x > p -1 */ - GNUTLS_ECC_CURVE_SECP256R1, - {0}, {0}, {0}, - {(void *)"\xff\xff\xff\xff\x00\x00\x00\x01" - "\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\xff\xff\xff\xff" - "\xff\xff\xff\xff\xff\xff\xff\xff", 1}, - {(void *)"\x02", 1}, - GNUTLS_E_PK_INVALID_PUBKEY, - }, + /* x > p -1 */ + GNUTLS_ECC_CURVE_SECP256R1, + { 0 }, + { 0 }, + { 0 }, + { (void *)"\xff\xff\xff\xff\x00\x00\x00\x01" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\xff\xff\xff\xff" + "\xff\xff\xff\xff\xff\xff\xff\xff", + 1 }, + { (void *)"\x02", 1 }, + GNUTLS_E_PK_INVALID_PUBKEY, + }, { - /* y > p -1 */ - GNUTLS_ECC_CURVE_SECP256R1, - {0}, {0}, {0}, - {(void *)"\x02", 1}, - {(void *)"\xff\xff\xff\xff\x00\x00\x00\x01" - "\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\xff\xff\xff\xff" - "\xff\xff\xff\xff\xff\xff\xff\xff", 1}, - GNUTLS_E_PK_INVALID_PUBKEY, - }, + /* y > p -1 */ + GNUTLS_ECC_CURVE_SECP256R1, + { 0 }, + { 0 }, + { 0 }, + { (void *)"\x02", 1 }, + { (void *)"\xff\xff\xff\xff\x00\x00\x00\x01" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\xff\xff\xff\xff" + "\xff\xff\xff\xff\xff\xff\xff\xff", + 1 }, + GNUTLS_E_PK_INVALID_PUBKEY, + }, { - /* From CAVS tests */ - GNUTLS_ECC_CURVE_SECP521R1, - {(void *)"\xac\xbe\x4a\xd4\xf6\x73\x44\x0a" - "\xfc\x31\xf0\xb0\x3d\x28\xd4\xd5" - "\x14\xbe\x7b\xdd\x7a\x31\xb0\x32" - "\xec\x27\x27\x17\xa5\x7d\xc2\x6c" - "\xc4\xc9\x56\x29\xdb\x2d\x8c\x05" - "\x86\x2b\xe6\x15\xc6\x06\x28\xa3" - "\x24\xf2\x01\x7f\x98\xbd\xf9\x11" - "\xcc\xf8\x83\x5e\x43\x9e\xb2\xc1" "\x88", 65}, - {(void *)"\xd6\x9b\x29\xa2\x37\x82\x36\x92" - "\xe8\xdb\x90\xa3\x25\x68\x67\x6c" - "\x92\xff\x3d\x23\x85\xe2\xfd\x13" - "\x16\x12\x72\xb3\x4b\x55\x88\x72" - "\xb0\x35\xab\xb5\x10\x89\x52\x5f" - "\x42\x9f\x53\x02\x60\x80\xc3\xd5" - "\x36\x6e\xe9\xdd\x28\xae\xd2\x38" - "\xab\xbe\x68\x6a\x54\x3e\x19\xf2" "\x77", 65}, - {(void *)"\xd7\xdd\x17\x7c\xb9\x7f\x19\x09" - "\xbe\x56\x79\xba\x38\x7b\xee\x64" - "\xf7\xb4\x08\x4a\x4f\xaa\x6c\x31" - "\x8b\x82\xe9\xf2\xf7\x50\xc5\xc1" - "\x82\x26\x20\xd4\x88\x25\x0b\xf6" - "\xb4\x14\xea\x9b\x2c\x07\x93\x50" - "\xb9\xad\x78\x0a\x5e\xc6\xa6\xf8" - "\xb2\x9f\xa1\xc4\x76\xce\x1d\xa9" "\xf5", 65}, - {(void *)"\x01\x41\xbe\x1a\xfa\x21\x99\xc9" - "\xb2\x2d\xaa\x0a\xff\x90\xb2\x67" - "\x18\xa2\x67\x04\x7e\xae\x28\x40" - "\xe8\xbc\xa0\xbd\x0c\x75\x41\x51" - "\xf1\xa0\x4d\xcf\x09\xa5\x4f\x1e" - "\x13\x5e\xa0\xdd\x13\xed\x86\x74" - "\x05\xc0\xcb\x6d\xac\x14\x6a\x24" - "\xb8\xdc\xf3\x78\xed\xed\x5d\xcd" "\x57\x5b", 66}, - {(void *)"\x19\x52\xbd\x5d\xe6\x26\x40\xc3" - "\xfc\x8c\xc1\x55\xe2\x9c\x71\x14" - "\x5e\xdc\x62\x1c\x3a\x94\x4e\x55" - "\x56\x75\xf7\x45\x6e\xa4\x9e\x94" - "\xb8\xfe\xda\xd4\xac\x7d\x76\xc5" - "\xb4\x65\xed\xb4\x49\x34\x71\x14" - "\xdb\x8f\x10\x90\xa3\x05\x02\xdc" - "\x86\x92\x6c\xbe\x9b\x57\x32\xe3" "\x2c", 65}, - 0, - }, - {0} + /* From CAVS tests */ + GNUTLS_ECC_CURVE_SECP521R1, + { (void *)"\xac\xbe\x4a\xd4\xf6\x73\x44\x0a" + "\xfc\x31\xf0\xb0\x3d\x28\xd4\xd5" + "\x14\xbe\x7b\xdd\x7a\x31\xb0\x32" + "\xec\x27\x27\x17\xa5\x7d\xc2\x6c" + "\xc4\xc9\x56\x29\xdb\x2d\x8c\x05" + "\x86\x2b\xe6\x15\xc6\x06\x28\xa3" + "\x24\xf2\x01\x7f\x98\xbd\xf9\x11" + "\xcc\xf8\x83\x5e\x43\x9e\xb2\xc1" + "\x88", + 65 }, + { (void *)"\xd6\x9b\x29\xa2\x37\x82\x36\x92" + "\xe8\xdb\x90\xa3\x25\x68\x67\x6c" + "\x92\xff\x3d\x23\x85\xe2\xfd\x13" + "\x16\x12\x72\xb3\x4b\x55\x88\x72" + "\xb0\x35\xab\xb5\x10\x89\x52\x5f" + "\x42\x9f\x53\x02\x60\x80\xc3\xd5" + "\x36\x6e\xe9\xdd\x28\xae\xd2\x38" + "\xab\xbe\x68\x6a\x54\x3e\x19\xf2" + "\x77", + 65 }, + { (void *)"\xd7\xdd\x17\x7c\xb9\x7f\x19\x09" + "\xbe\x56\x79\xba\x38\x7b\xee\x64" + "\xf7\xb4\x08\x4a\x4f\xaa\x6c\x31" + "\x8b\x82\xe9\xf2\xf7\x50\xc5\xc1" + "\x82\x26\x20\xd4\x88\x25\x0b\xf6" + "\xb4\x14\xea\x9b\x2c\x07\x93\x50" + "\xb9\xad\x78\x0a\x5e\xc6\xa6\xf8" + "\xb2\x9f\xa1\xc4\x76\xce\x1d\xa9" + "\xf5", + 65 }, + { (void *)"\x01\x41\xbe\x1a\xfa\x21\x99\xc9" + "\xb2\x2d\xaa\x0a\xff\x90\xb2\x67" + "\x18\xa2\x67\x04\x7e\xae\x28\x40" + "\xe8\xbc\xa0\xbd\x0c\x75\x41\x51" + "\xf1\xa0\x4d\xcf\x09\xa5\x4f\x1e" + "\x13\x5e\xa0\xdd\x13\xed\x86\x74" + "\x05\xc0\xcb\x6d\xac\x14\x6a\x24" + "\xb8\xdc\xf3\x78\xed\xed\x5d\xcd" + "\x57\x5b", + 66 }, + { (void *)"\x19\x52\xbd\x5d\xe6\x26\x40\xc3" + "\xfc\x8c\xc1\x55\xe2\x9c\x71\x14" + "\x5e\xdc\x62\x1c\x3a\x94\x4e\x55" + "\x56\x75\xf7\x45\x6e\xa4\x9e\x94" + "\xb8\xfe\xda\xd4\xac\x7d\x76\xc5" + "\xb4\x65\xed\xb4\x49\x34\x71\x14" + "\xdb\x8f\x10\x90\xa3\x05\x02\xdc" + "\x86\x92\x6c\xbe\x9b\x57\x32\xe3" + "\x2c", + 65 }, + 0, + }, + { 0 } }; for (int i = 0; test_data[i].curve != 0; i++) { @@ -181,8 +196,7 @@ void doit(void) } compute_key(test_data[i].curve, &x, &y, &key, - &test_data[i].peer_x, - &test_data[i].peer_y, + &test_data[i].peer_x, &test_data[i].peer_y, test_data[i].expected_error, NULL, 0); if (test_data[i].key.data == NULL) { diff --git a/tests/empty_retrieve_function.c b/tests/empty_retrieve_function.c index 35e2de913f..d1a0aa9718 100644 --- a/tests/empty_retrieve_function.c +++ b/tests/empty_retrieve_function.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -36,23 +36,18 @@ * return no certificates. */ -static int cert_cb1(gnutls_session_t session, - const gnutls_datum_t * req_ca_rdn, - int nreqs, - const gnutls_pk_algorithm_t * pk_algos, - int pk_algos_length, gnutls_retr2_st * retr) +static int cert_cb1(gnutls_session_t session, const gnutls_datum_t *req_ca_rdn, + int nreqs, const gnutls_pk_algorithm_t *pk_algos, + int pk_algos_length, gnutls_retr2_st *retr) { memset(retr, 0, sizeof(*retr)); return 0; } -static int cert_cb2(gnutls_session_t session, - const gnutls_datum_t * req_ca_rdn, - int nreqs, - const gnutls_pk_algorithm_t * pk_algos, - int pk_algos_length, - gnutls_pcert_st ** pcert, - unsigned int *pcert_length, gnutls_privkey_t * privkey) +static int cert_cb2(gnutls_session_t session, const gnutls_datum_t *req_ca_rdn, + int nreqs, const gnutls_pk_algorithm_t *pk_algos, + int pk_algos_length, gnutls_pcert_st **pcert, + unsigned int *pcert_length, gnutls_privkey_t *privkey) { *pcert_length = 0; *privkey = NULL; @@ -63,11 +58,9 @@ static int cert_cb2(gnutls_session_t session, static int cert_cb3(gnutls_session_t session, const struct gnutls_cert_retr_st *info, - gnutls_pcert_st ** certs, - unsigned int *pcert_length, - gnutls_ocsp_data_st ** ocsp, - unsigned int *ocsp_length, - gnutls_privkey_t * privkey, unsigned int *flags) + gnutls_pcert_st **certs, unsigned int *pcert_length, + gnutls_ocsp_data_st **ocsp, unsigned int *ocsp_length, + gnutls_privkey_t *privkey, unsigned int *flags) { *privkey = NULL; *ocsp_length = 0; @@ -96,11 +89,9 @@ void doit(void) gnutls_certificate_allocate_credentials(&x509_cred); - ret = - gnutls_certificate_set_x509_key_mem(x509_cred, - &server_ca3_localhost_cert_chain, - &server_ca3_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + x509_cred, &server_ca3_localhost_cert_chain, &server_ca3_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in error code\n"); exit(1); diff --git a/tests/fallback-scsv.c b/tests/fallback-scsv.c index 632d05211e..fbe0da9b21 100644 --- a/tests/fallback-scsv.c +++ b/tests/fallback-scsv.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,20 +35,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "utils.h" -# include "cert-common.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "utils.h" +#include "cert-common.h" static void terminate(void); @@ -68,7 +68,7 @@ static void client_log_func(int level, const char *str) /* This tests whether the fallback SCSV is working as intended. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, const char *prio, unsigned expect_fail) { @@ -101,8 +101,7 @@ static void client(int fd, const char *prio, unsigned expect_fail) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (expect_fail) { goto end; @@ -119,8 +118,8 @@ static void client(int fd, const char *prio, unsigned expect_fail) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { do { @@ -141,7 +140,7 @@ static void client(int fd, const char *prio, unsigned expect_fail) gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -202,8 +201,7 @@ static void server(int fd, const char *prio, unsigned expect_fail) if (expect_fail) { if (ret == GNUTLS_E_INAPPROPRIATE_FALLBACK) { if (debug) - success - ("server: received inappropriate fallback error\n"); + success("server: received inappropriate fallback error\n"); goto cleanup; } else { fail("server: received unexpected error: %s\n", @@ -224,13 +222,13 @@ static void server(int fd, const char *prio, unsigned expect_fail) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { do { - ret = - gnutls_record_send(session, buffer, sizeof(buffer)); + ret = gnutls_record_send(session, buffer, + sizeof(buffer)); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { @@ -239,14 +237,13 @@ static void server(int fd, const char *prio, unsigned expect_fail) terminate(); } to_send++; - } - while (to_send < 64); + } while (to_send < 64); to_send = -1; /* do not wait for the peer to close the connection. */ gnutls_bye(session, GNUTLS_SHUT_WR); - cleanup: +cleanup: close(fd); gnutls_deinit(session); @@ -318,4 +315,4 @@ void doit(void) 0); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/fips-mode-pthread.c b/tests/fips-mode-pthread.c index cf52c6d90b..08b463bb26 100644 --- a/tests/fips-mode-pthread.c +++ b/tests/fips-mode-pthread.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,11 +33,11 @@ #include #include #ifndef _WIN32 -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include #endif #include "utils.h" @@ -70,7 +70,8 @@ static void *test_set_per_thread(void *arg) mode = gnutls_fips140_mode_enabled(); if (mode != data->mode) - fail("%d: gnutls_fips140_mode_enabled: wrong mode returned (%d, exp: %d)\n", data->line, mode, data->mode); + fail("%d: gnutls_fips140_mode_enabled: wrong mode returned (%d, exp: %d)\n", + data->line, mode, data->mode); if (data->set_mode) gnutls_fips140_set_mode(data->set_mode, @@ -78,17 +79,19 @@ static void *test_set_per_thread(void *arg) mode = gnutls_fips140_mode_enabled(); if (mode != data->set_mode) { - fail("%d: gnutls_fips140_mode_enabled: wrong mode returned after set (%d, exp: %d)\n", data->line, mode, data->set_mode); + fail("%d: gnutls_fips140_mode_enabled: wrong mode returned after set (%d, exp: %d)\n", + data->line, mode, data->set_mode); } /* reset mode */ gnutls_fips140_set_mode(data->mode, GNUTLS_FIPS140_SET_MODE_THREAD); mode = gnutls_fips140_mode_enabled(); if (mode != data->mode) - fail("%d: gnutls_fips140_mode_enabled: wrong mode returned after set (%d, exp: %d)\n", data->line, mode, data->mode); + fail("%d: gnutls_fips140_mode_enabled: wrong mode returned after set (%d, exp: %d)\n", + data->line, mode, data->mode); - ret = gnutls_hmac_fast(GNUTLS_MAC_MD5, "keykeykey", 9, "abcdefgh", - 8, digest); + ret = gnutls_hmac_fast(GNUTLS_MAC_MD5, "keykeykey", 9, "abcdefgh", 8, + digest); if (mode == GNUTLS_FIPS140_STRICT && ret >= 0) { fail("gnutls_hmac_fast(MD5): succeeded in strict mode!\n"); } else if (mode != GNUTLS_FIPS140_STRICT && ret < 0) { @@ -101,7 +104,7 @@ static void *test_set_per_thread(void *arg) pthread_exit(0); } -# define MAX_THREADS 48 +#define MAX_THREADS 48 void doit(void) { @@ -137,9 +140,8 @@ void doit(void) else data[i].set_mode = GNUTLS_FIPS140_STRICT; - ret = - pthread_create(&data[i].id, NULL, test_set_per_thread, - &data[i]); + ret = pthread_create(&data[i].id, NULL, test_set_per_thread, + &data[i]); if (ret != 0) { abort(); } @@ -156,7 +158,8 @@ void doit(void) /* main thread should be in the same state */ if (mode != gnutls_fips140_mode_enabled()) - fail("gnutls_fips140_mode_enabled: main thread changed mode (%d, exp: %d)\n", gnutls_fips140_mode_enabled(), mode); + fail("gnutls_fips140_mode_enabled: main thread changed mode (%d, exp: %d)\n", + gnutls_fips140_mode_enabled(), mode); success("checking whether global changes are seen in threads\n"); /* Test if changes globally are visible in threads */ @@ -167,9 +170,8 @@ void doit(void) data[i].line = __LINE__; data[i].mode = mode; data[i].set_mode = GNUTLS_FIPS140_LAX; - ret = - pthread_create(&data[i].id, NULL, test_set_per_thread, - &data[i]); + ret = pthread_create(&data[i].id, NULL, test_set_per_thread, + &data[i]); if (ret != 0) abort(); } @@ -182,14 +184,14 @@ void doit(void) } if (mode != gnutls_fips140_mode_enabled()) - fail("gnutls_fips140_mode_enabled: main thread changed mode (%d, exp: %d)\n", gnutls_fips140_mode_enabled(), mode); + fail("gnutls_fips140_mode_enabled: main thread changed mode (%d, exp: %d)\n", + gnutls_fips140_mode_enabled(), mode); gnutls_fips140_set_mode(GNUTLS_FIPS140_SELFTESTS, 0); if (GNUTLS_FIPS140_SELFTESTS == gnutls_fips140_mode_enabled()) fail("gnutls_fips140_mode_enabled: setting to GNUTLS_FIPS140_SELFTESTS succeeded!\n"); free(data); - } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/fips-rsa-sizes.c b/tests/fips-rsa-sizes.c index 13089e3741..377761643a 100644 --- a/tests/fips-rsa-sizes.c +++ b/tests/fips-rsa-sizes.c @@ -26,16 +26,16 @@ #include #include -void generate_successfully(gnutls_privkey_t * privkey, gnutls_pubkey_t * pubkey, +void generate_successfully(gnutls_privkey_t *privkey, gnutls_pubkey_t *pubkey, unsigned int size); -void generate_unsuccessfully(gnutls_privkey_t * privkey, - gnutls_pubkey_t * pubkey, unsigned int size); +void generate_unsuccessfully(gnutls_privkey_t *privkey, gnutls_pubkey_t *pubkey, + unsigned int size); void sign_verify_successfully(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey); void sign_verify_unsuccessfully(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey); void nosign_verify(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey); -void generate_successfully(gnutls_privkey_t * privkey, gnutls_pubkey_t * pubkey, +void generate_successfully(gnutls_privkey_t *privkey, gnutls_pubkey_t *pubkey, unsigned int size) { int ret; @@ -72,8 +72,8 @@ void generate_successfully(gnutls_privkey_t * privkey, gnutls_pubkey_t * pubkey, gnutls_fips140_context_deinit(fips_context); } -void generate_unsuccessfully(gnutls_privkey_t * privkey, - gnutls_pubkey_t * pubkey, unsigned int size) +void generate_unsuccessfully(gnutls_privkey_t *privkey, gnutls_pubkey_t *pubkey, + unsigned int size) { int ret; gnutls_x509_privkey_t xprivkey; @@ -134,8 +134,7 @@ void sign_verify_successfully(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey) gnutls_datum_t signature; gnutls_datum_t plaintext = { - .data = (unsigned char *const)"Hello world!", - .size = 12 + .data = (unsigned char *const)"Hello world!", .size = 12 }; assert(gnutls_fips140_context_init(&fips_context) == 0); @@ -167,8 +166,7 @@ void sign_verify_unsuccessfully(gnutls_privkey_t privkey, gnutls_datum_t signature; gnutls_datum_t plaintext = { - .data = (unsigned char *const)"Hello world!", - .size = 12 + .data = (unsigned char *const)"Hello world!", .size = 12 }; assert(gnutls_fips140_context_init(&fips_context) == 0); @@ -201,8 +199,7 @@ void nosign_verify(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey) gnutls_datum_t signature; gnutls_datum_t plaintext = { - .data = (unsigned char *const)"Hello world!", - .size = 12 + .data = (unsigned char *const)"Hello world!", .size = 12 }; assert(gnutls_fips140_context_init(&fips_context) == 0); @@ -248,7 +245,7 @@ void doit(void) if (gnutls_fips140_mode_enabled() == 0) { success("We are not in FIPS140 mode\n"); - exit(77); /* SKIP */ + exit(77); /* SKIP */ } assert(gnutls_fips140_context_init(&fips_context) == 0); diff --git a/tests/fips-test.c b/tests/fips-test.c index 86d1aa8811..97a729d292 100644 --- a/tests/fips-test.c +++ b/tests/fips-test.c @@ -26,7 +26,7 @@ static uint8_t key_data[64]; static uint8_t iv_data[16]; static gnutls_fips140_context_t fips_context; -static const gnutls_datum_t data = {.data = (unsigned char *)"foo", 3 }; +static const gnutls_datum_t data = { .data = (unsigned char *)"foo", 3 }; static const uint8_t rsa2342_sha1_sig_data[] = { 0x9b, 0x3e, 0x15, 0x36, 0xec, 0x9d, 0x51, 0xd7, 0xa2, 0xb1, 0x3a, 0x15, @@ -76,9 +76,8 @@ static const gnutls_datum_t ecc256_sha1_sig = { .size = sizeof(ecc256_sha1_sig_data), }; -static void -import_keypair(gnutls_privkey_t * privkey, gnutls_pubkey_t * pubkey, - const char *filename) +static void import_keypair(gnutls_privkey_t *privkey, gnutls_pubkey_t *pubkey, + const char *filename) { const char *srcdir; char path[256]; @@ -125,7 +124,6 @@ import_keypair(gnutls_privkey_t * privkey, gnutls_pubkey_t * pubkey, if (ret < 0) { fail("gnutls_pubkey_import_privkey failed\n"); } - } static void test_aead_cipher_approved(gnutls_cipher_algorithm_t cipher) @@ -211,10 +209,9 @@ static void test_cipher_disallowed(gnutls_cipher_algorithm_t cipher) FIPS_POP_CONTEXT(ERROR); } -static void -test_ccm_cipher(gnutls_cipher_algorithm_t cipher, size_t tag_length, - bool expect_encryption_fail, - gnutls_fips140_operation_state_t expected_state) +static void test_ccm_cipher(gnutls_cipher_algorithm_t cipher, size_t tag_length, + bool expect_encryption_fail, + gnutls_fips140_operation_state_t expected_state) { int ret; unsigned key_size = gnutls_cipher_get_key_size(cipher); @@ -237,15 +234,14 @@ test_ccm_cipher(gnutls_cipher_algorithm_t cipher, size_t tag_length, length = sizeof(buffer); ret = gnutls_aead_cipher_encrypt(h, iv_data, gnutls_cipher_get_iv_size(cipher), - NULL, 0, tag_length, - buffer, length - tag_length, - buffer, &length); + NULL, 0, tag_length, buffer, + length - tag_length, buffer, &length); if (expect_encryption_fail) { if (ret != GNUTLS_E_INVALID_REQUEST) { fail("gnutls_aead_cipher_encrypt(%s) returned %d " "while %d is expected\n", - gnutls_cipher_get_name(cipher), - ret, GNUTLS_E_INVALID_REQUEST); + gnutls_cipher_get_name(cipher), ret, + GNUTLS_E_INVALID_REQUEST); } } else if (ret < 0) { fail("gnutls_aead_cipher_encrypt failed for %s\n", @@ -257,14 +253,14 @@ test_ccm_cipher(gnutls_cipher_algorithm_t cipher, size_t tag_length, length = sizeof(buffer); ret = gnutls_aead_cipher_decrypt(h, iv_data, gnutls_cipher_get_iv_size(cipher), - NULL, 0, tag_length, - buffer, length, buffer, &length); + NULL, 0, tag_length, buffer, length, + buffer, &length); if (expect_encryption_fail) { if (ret != GNUTLS_E_INVALID_REQUEST) { fail("gnutls_aead_cipher_decrypt(%s) returned %d " "while %d is expected\n", - gnutls_cipher_get_name(cipher), - ret, GNUTLS_E_INVALID_REQUEST); + gnutls_cipher_get_name(cipher), ret, + GNUTLS_E_INVALID_REQUEST); } } else if (ret < 0) { fail("gnutls_aead_cipher_decrypt failed for %s\n", @@ -285,19 +281,19 @@ static inline void test_ciphers(void) /* Check for all allowed Tlen */ for (i = 4; i <= 16; i += 2) { - test_ccm_cipher(GNUTLS_CIPHER_AES_128_CCM, i, - false, GNUTLS_FIPS140_OP_APPROVED); - test_ccm_cipher(GNUTLS_CIPHER_AES_256_CCM, i, - false, GNUTLS_FIPS140_OP_APPROVED); - } - test_ccm_cipher(GNUTLS_CIPHER_AES_128_CCM, 3, - true, GNUTLS_FIPS140_OP_ERROR); - test_ccm_cipher(GNUTLS_CIPHER_AES_256_CCM, 3, - true, GNUTLS_FIPS140_OP_ERROR); - test_ccm_cipher(GNUTLS_CIPHER_AES_128_CCM, 5, - true, GNUTLS_FIPS140_OP_ERROR); - test_ccm_cipher(GNUTLS_CIPHER_AES_256_CCM, 5, - true, GNUTLS_FIPS140_OP_ERROR); + test_ccm_cipher(GNUTLS_CIPHER_AES_128_CCM, i, false, + GNUTLS_FIPS140_OP_APPROVED); + test_ccm_cipher(GNUTLS_CIPHER_AES_256_CCM, i, false, + GNUTLS_FIPS140_OP_APPROVED); + } + test_ccm_cipher(GNUTLS_CIPHER_AES_128_CCM, 3, true, + GNUTLS_FIPS140_OP_ERROR); + test_ccm_cipher(GNUTLS_CIPHER_AES_256_CCM, 3, true, + GNUTLS_FIPS140_OP_ERROR); + test_ccm_cipher(GNUTLS_CIPHER_AES_128_CCM, 5, true, + GNUTLS_FIPS140_OP_ERROR); + test_ccm_cipher(GNUTLS_CIPHER_AES_256_CCM, 5, true, + GNUTLS_FIPS140_OP_ERROR); test_aead_cipher_approved(GNUTLS_CIPHER_AES_128_CCM_8); test_aead_cipher_approved(GNUTLS_CIPHER_AES_256_CCM_8); @@ -432,8 +428,8 @@ void doit(void) /* HMAC with key equal to or longer than 112 bits: approved */ FIPS_PUSH_CONTEXT(); - ret = gnutls_hmac_fast(GNUTLS_MAC_SHA256, key.data, key.size, - data.data, data.size, hmac); + ret = gnutls_hmac_fast(GNUTLS_MAC_SHA256, key.data, key.size, data.data, + data.size, hmac); if (ret < 0) { fail("gnutls_hmac_fast failed\n"); } @@ -441,8 +437,8 @@ void doit(void) /* HMAC with key shorter than 112 bits: not approved */ FIPS_PUSH_CONTEXT(); - ret = gnutls_hmac_fast(GNUTLS_MAC_SHA256, key.data, 13, - data.data, data.size, hmac); + ret = gnutls_hmac_fast(GNUTLS_MAC_SHA256, key.data, 13, data.data, + data.size, hmac); if (ret < 0) { fail("gnutls_hmac_fast failed\n"); } @@ -450,8 +446,8 @@ void doit(void) /* PBKDF2 with key equal to or longer than 112 bits: approved */ FIPS_PUSH_CONTEXT(); - ret = gnutls_pbkdf2(GNUTLS_MAC_SHA256, &key, &iv, 1000, - &pbkdf2, sizeof(pbkdf2)); + ret = gnutls_pbkdf2(GNUTLS_MAC_SHA256, &key, &iv, 1000, &pbkdf2, + sizeof(pbkdf2)); if (ret < 0) { fail("gnutls_pbkdf2 failed\n"); } @@ -460,8 +456,8 @@ void doit(void) /* PBKDF2 with key shorter than 112 bits: not approved */ FIPS_PUSH_CONTEXT(); key.size = 13; - ret = gnutls_pbkdf2(GNUTLS_MAC_SHA256, &key, &iv, 1000, - &pbkdf2, sizeof(pbkdf2)); + ret = gnutls_pbkdf2(GNUTLS_MAC_SHA256, &key, &iv, 1000, &pbkdf2, + sizeof(pbkdf2)); if (ret < 0) { fail("gnutls_pbkdf2 failed\n"); } @@ -470,8 +466,8 @@ void doit(void) /* PBKDF2 with iteration count lower than 1000: not approved */ FIPS_PUSH_CONTEXT(); - ret = gnutls_pbkdf2(GNUTLS_MAC_SHA256, &key, &iv, 999, - &pbkdf2, sizeof(pbkdf2)); + ret = gnutls_pbkdf2(GNUTLS_MAC_SHA256, &key, &iv, 999, &pbkdf2, + sizeof(pbkdf2)); if (ret < 0) { fail("gnutls_pbkdf2 failed\n"); } @@ -480,8 +476,8 @@ void doit(void) /* PBKDF2 with salt shorter than 16 bytes: not approved */ FIPS_PUSH_CONTEXT(); iv.size = 13; - ret = gnutls_pbkdf2(GNUTLS_MAC_SHA256, &key, &iv, 1000, - &pbkdf2, sizeof(pbkdf2)); + ret = gnutls_pbkdf2(GNUTLS_MAC_SHA256, &key, &iv, 1000, &pbkdf2, + sizeof(pbkdf2)); if (ret < 0) { fail("gnutls_pbkdf2 failed\n"); } @@ -543,11 +539,12 @@ void doit(void) if (ret < 0) { fail("gnutls_privkey_init failed\n"); } - bits = - gnutls_sec_param_to_pk_bits(GNUTLS_PK_RSA, GNUTLS_SEC_PARAM_MEDIUM); + bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_RSA, + GNUTLS_SEC_PARAM_MEDIUM); ret = gnutls_x509_privkey_generate(xprivkey, GNUTLS_PK_RSA, bits, 0); if (ret < 0) { - fail("gnutls_x509_privkey_generate failed (%d) for %u-bit key\n", ret, bits); + fail("gnutls_x509_privkey_generate failed (%d) for %u-bit key\n", + ret, bits); } gnutls_x509_privkey_deinit(xprivkey); FIPS_POP_CONTEXT(APPROVED); @@ -560,7 +557,8 @@ void doit(void) } ret = gnutls_x509_privkey_generate(xprivkey, GNUTLS_PK_RSA, 512, 0); if (ret != GNUTLS_E_PK_GENERATION_ERROR) { - fail("gnutls_x509_privkey_generate succeeded (%d) for 512-bit key\n", ret); + fail("gnutls_x509_privkey_generate succeeded (%d) for 512-bit key\n", + ret); } gnutls_x509_privkey_deinit(xprivkey); FIPS_POP_CONTEXT(ERROR); @@ -572,8 +570,8 @@ void doit(void) /* Create a signature with 2432-bit RSA and SHA256; approved */ FIPS_PUSH_CONTEXT(); - ret = gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA256, 0, - &data, &signature); + ret = gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA256, 0, &data, + &signature); if (ret < 0) { fail("gnutls_privkey_sign_data failed\n"); } @@ -591,8 +589,8 @@ void doit(void) /* Create a signature with 2432-bit RSA and SHA-1; not approved */ FIPS_PUSH_CONTEXT(); - ret = gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA1, 0, - &data, &signature); + ret = gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA1, 0, &data, + &signature); if (ret < 0) { fail("gnutls_privkey_sign_data failed\n"); } @@ -618,8 +616,8 @@ void doit(void) /* Create a signature with 512-bit RSA and SHA256; not approved */ FIPS_PUSH_CONTEXT(); - ret = gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA256, 0, - &data, &signature); + ret = gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA256, 0, &data, + &signature); if (ret < 0) { fail("gnutls_privkey_sign_data failed\n"); } @@ -663,8 +661,8 @@ void doit(void) /* Create a signature with ECDSA and SHA256 (old API); approved */ FIPS_PUSH_CONTEXT(); - ret = gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA256, 0, - &data, &signature); + ret = gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA256, 0, &data, + &signature); if (ret < 0) { fail("gnutls_privkey_sign_data failed\n"); } @@ -723,8 +721,8 @@ void doit(void) /* Create a signature with ECDSA and SHA-1 (old API); not approved */ FIPS_PUSH_CONTEXT(); - ret = gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA1, 0, - &data, &signature); + ret = gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA1, 0, &data, + &signature); if (ret < 0) { fail("gnutls_privkey_sign_data failed\n"); } diff --git a/tests/global-init-override.c b/tests/global-init-override.c index ae2f50a323..730da4e380 100644 --- a/tests/global-init-override.c +++ b/tests/global-init-override.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -49,8 +49,8 @@ struct gnutls_subject_alt_names_st { /* gnutls_subject_alt_names_init() is called by gnutls_x509_crt_init(). * We override it here to test if weak symbols work at all. */ -__attribute__((visibility("protected"))) -int gnutls_subject_alt_names_init(gnutls_subject_alt_names_t * sans) +__attribute__((visibility("protected"))) int +gnutls_subject_alt_names_init(gnutls_subject_alt_names_t *sans) { weak_symbol_works = 1; @@ -64,7 +64,6 @@ int gnutls_subject_alt_names_init(gnutls_subject_alt_names_t * sans) GNUTLS_SKIP_GLOBAL_INIT void doit(void) { - int ret; gnutls_x509_crt_t crt; diff --git a/tests/global-init.c b/tests/global-init.c index c4cae39236..02f5fec178 100644 --- a/tests/global-init.c +++ b/tests/global-init.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include diff --git a/tests/gnutls-ids.c b/tests/gnutls-ids.c index 5559ef0bac..e521053971 100644 --- a/tests/gnutls-ids.c +++ b/tests/gnutls-ids.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include diff --git a/tests/gnutls-strcodes.c b/tests/gnutls-strcodes.c index 0f1f5efe02..d0fd58038d 100644 --- a/tests/gnutls-strcodes.c +++ b/tests/gnutls-strcodes.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -37,15 +37,13 @@ unsigned _gnutls_ecc_curve_is_supported(gnutls_ecc_curve_t); * non null value. */ -static -void _check_non_null(int line, int i, const char *val) +static void _check_non_null(int line, int i, const char *val) { if (val == NULL) fail("issue in line %d, item %d\n", line, i); } -static -void _check_unique_non_null(int line, int i, const char *val) +static void _check_unique_non_null(int line, int i, const char *val) { static char previous_val[128]; @@ -59,8 +57,7 @@ void _check_unique_non_null(int line, int i, const char *val) snprintf(previous_val, sizeof(previous_val), "%s", val); } -static -void _check_unique(int line, int i, const char *val) +static void _check_unique(int line, int i, const char *val) { static char previous_val[128]; @@ -115,18 +112,18 @@ void doit(void) check_non_null(gnutls_sec_param_get_name(i)); } - check_non_null(gnutls_certificate_verification_profile_get_name - (GNUTLS_PROFILE_VERY_WEAK)); - check_non_null(gnutls_certificate_verification_profile_get_name - (GNUTLS_PROFILE_LOW)); - check_non_null(gnutls_certificate_verification_profile_get_name - (GNUTLS_PROFILE_LEGACY)); - check_non_null(gnutls_certificate_verification_profile_get_name - (GNUTLS_PROFILE_MEDIUM)); - check_non_null(gnutls_certificate_verification_profile_get_name - (GNUTLS_PROFILE_HIGH)); - check_non_null(gnutls_certificate_verification_profile_get_name - (GNUTLS_PROFILE_ULTRA)); + check_non_null(gnutls_certificate_verification_profile_get_name( + GNUTLS_PROFILE_VERY_WEAK)); + check_non_null(gnutls_certificate_verification_profile_get_name( + GNUTLS_PROFILE_LOW)); + check_non_null(gnutls_certificate_verification_profile_get_name( + GNUTLS_PROFILE_LEGACY)); + check_non_null(gnutls_certificate_verification_profile_get_name( + GNUTLS_PROFILE_MEDIUM)); + check_non_null(gnutls_certificate_verification_profile_get_name( + GNUTLS_PROFILE_HIGH)); + check_non_null(gnutls_certificate_verification_profile_get_name( + GNUTLS_PROFILE_ULTRA)); for (i = GNUTLS_ECC_CURVE_INVALID + 1; i <= GNUTLS_ECC_CURVE_MAX; i++) { if (_gnutls_ecc_curve_is_supported(i) == 0) @@ -134,9 +131,9 @@ void doit(void) check_unique_non_null(gnutls_ecc_curve_get_name(i)); if (i == GNUTLS_ECC_CURVE_X25519) - continue; /* no oid yet */ + continue; /* no oid yet */ if (i == GNUTLS_ECC_CURVE_X448) - continue; /* no oid yet */ + continue; /* no oid yet */ check_unique_non_null(gnutls_ecc_curve_get_oid(i)); } diff --git a/tests/gnutls_ext_raw_parse.c b/tests/gnutls_ext_raw_parse.c index 6c44315123..8bd6e4337f 100644 --- a/tests/gnutls_ext_raw_parse.c +++ b/tests/gnutls_ext_raw_parse.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,27 +35,27 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "utils.h" -# include "cert-common.h" -# include "tls13/ext-parse.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "utils.h" +#include "cert-common.h" +#include "tls13/ext-parse.h" /* This program tests gnutls_ext_raw_parse with GNUTLS_EXT_RAW_FLAG_TLS_CLIENT_HELLO * flag. */ -# define HOSTNAME "example.com" +#define HOSTNAME "example.com" static void server_log_func(int level, const char *str) { @@ -74,7 +74,7 @@ static unsigned bare_version = 0; static int ext_callback(void *ctx, unsigned tls_id, const unsigned char *data, unsigned size) { - if (tls_id == 0) { /* server name */ + if (tls_id == 0) { /* server name */ /* very interesting extension, 4 bytes of sizes * and 1 byte of type. */ unsigned esize = (data[0] << 8) | data[1]; @@ -106,15 +106,15 @@ static int ext_callback(void *ctx, unsigned tls_id, const unsigned char *data, static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { int ret; if (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO && post) { if (bare_version) { - ret = - gnutls_ext_raw_parse(NULL, ext_callback, msg, - GNUTLS_EXT_RAW_FLAG_TLS_CLIENT_HELLO); + ret = gnutls_ext_raw_parse( + NULL, ext_callback, msg, + GNUTLS_EXT_RAW_FLAG_TLS_CLIENT_HELLO); } else { unsigned pos; gnutls_datum_t mmsg; @@ -126,8 +126,8 @@ static int handshake_callback(gnutls_session_t session, unsigned int htype, mmsg.data = &msg->data[pos]; mmsg.size = msg->size - pos; - ret = - gnutls_ext_raw_parse(NULL, ext_callback, &mmsg, 0); + ret = gnutls_ext_raw_parse(NULL, ext_callback, &mmsg, + 0); } assert(ret >= 0); } @@ -161,15 +161,14 @@ static void client(int fd) gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); gnutls_transport_set_int(session, fd); - assert(gnutls_server_name_set - (session, GNUTLS_NAME_DNS, HOSTNAME, strlen(HOSTNAME)) >= 0); + assert(gnutls_server_name_set(session, GNUTLS_NAME_DNS, HOSTNAME, + strlen(HOSTNAME)) >= 0); /* Perform the TLS handshake */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret == GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM) { /* success */ @@ -185,12 +184,12 @@ static void client(int fd) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -251,15 +250,15 @@ static void server(int fd) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); assert(found_server_name != 0); assert(found_status_req != 0); gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); gnutls_deinit(session); @@ -321,4 +320,4 @@ void doit(void) start(1); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/gnutls_ext_raw_parse_dtls.c b/tests/gnutls_ext_raw_parse_dtls.c index 2b0abc876d..144baeb4a5 100644 --- a/tests/gnutls_ext_raw_parse_dtls.c +++ b/tests/gnutls_ext_raw_parse_dtls.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,27 +35,27 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "utils.h" -# include "cert-common.h" -# include "tls13/ext-parse.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "utils.h" +#include "cert-common.h" +#include "tls13/ext-parse.h" /* This program tests gnutls_ext_raw_parse with GNUTLS_EXT_RAW_FLAG_TLS_CLIENT_HELLO * flag. */ -# define HOSTNAME "example.com" +#define HOSTNAME "example.com" static void server_log_func(int level, const char *str) { @@ -73,7 +73,7 @@ static unsigned found_status_req = 0; static int ext_callback(void *ctx, unsigned tls_id, const unsigned char *data, unsigned size) { - if (tls_id == 0) { /* server name */ + if (tls_id == 0) { /* server name */ /* very interesting extension, 4 bytes of sizes * and 1 byte of type. */ unsigned esize = (data[0] << 8) | data[1]; @@ -105,14 +105,14 @@ static int ext_callback(void *ctx, unsigned tls_id, const unsigned char *data, static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { int ret; if (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO && post) { - ret = - gnutls_ext_raw_parse(NULL, ext_callback, msg, - GNUTLS_EXT_RAW_FLAG_DTLS_CLIENT_HELLO); + ret = gnutls_ext_raw_parse( + NULL, ext_callback, msg, + GNUTLS_EXT_RAW_FLAG_DTLS_CLIENT_HELLO); assert(ret >= 0); } @@ -139,21 +139,20 @@ static void client(int fd) gnutls_init(&session, GNUTLS_CLIENT | GNUTLS_DATAGRAM); gnutls_handshake_set_timeout(session, get_timeout()); - assert(gnutls_priority_set_direct - (session, "NORMAL:-VERS-ALL:+VERS-DTLS1.2", NULL) >= 0); + assert(gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-DTLS1.2", NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); gnutls_transport_set_int(session, fd); - assert(gnutls_server_name_set - (session, GNUTLS_NAME_DNS, HOSTNAME, strlen(HOSTNAME)) >= 0); + assert(gnutls_server_name_set(session, GNUTLS_NAME_DNS, HOSTNAME, + strlen(HOSTNAME)) >= 0); /* Perform the TLS handshake */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret == GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM) { /* success */ @@ -169,12 +168,12 @@ static void client(int fd) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -212,8 +211,8 @@ static void server(int fd) GNUTLS_HOOK_POST, handshake_callback); - assert(gnutls_priority_set_direct - (session, "NORMAL:-VERS-ALL:+VERS-DTLS1.2", NULL) >= 0); + assert(gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-DTLS1.2", NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -232,15 +231,15 @@ static void server(int fd) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); assert(found_server_name != 0); assert(found_status_req != 0); gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); gnutls_deinit(session); @@ -294,4 +293,4 @@ void doit(void) return; } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/gnutls_hmac_fast.c b/tests/gnutls_hmac_fast.c index 2a0b75cf17..89bff56a19 100644 --- a/tests/gnutls_hmac_fast.c +++ b/tests/gnutls_hmac_fast.c @@ -18,7 +18,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -42,13 +42,13 @@ void doit(void) if (debug) gnutls_global_set_log_level(4711); - err = - gnutls_hmac_fast(GNUTLS_MAC_SHA1, "keykeykey", 9, "abcdefgh", - 8, digest); + err = gnutls_hmac_fast(GNUTLS_MAC_SHA1, "keykeykey", 9, "abcdefgh", 8, + digest); if (err < 0) fail("gnutls_hmac_fast(SHA1) failed: %d\n", err); else { - if (memcmp(digest, "\x58\x93\x7a\x58\xfe\xea\x82\xf8" + if (memcmp(digest, + "\x58\x93\x7a\x58\xfe\xea\x82\xf8" "\x0e\x64\x62\x01\x40\x2b\x2c\xed\x5d\x54\xc1\xfa", 20) == 0) { if (debug) @@ -64,14 +64,15 @@ void doit(void) gnutls_fips140_set_mode(GNUTLS_FIPS140_LOG, 0); } - err = - gnutls_hmac_fast(GNUTLS_MAC_MD5, "keykeykey", 9, "abcdefgh", 8, - digest); + err = gnutls_hmac_fast(GNUTLS_MAC_MD5, "keykeykey", 9, "abcdefgh", 8, + digest); if (err < 0) fail("gnutls_hmac_fast(MD5) failed: %d\n", err); else { - if (memcmp(digest, "\x3c\xb0\x9d\x83\x28\x01\xef\xc0" - "\x7b\xb3\xaf\x42\x69\xe5\x93\x9a", 16) == 0) { + if (memcmp(digest, + "\x3c\xb0\x9d\x83\x28\x01\xef\xc0" + "\x7b\xb3\xaf\x42\x69\xe5\x93\x9a", + 16) == 0) { if (debug) success("gnutls_hmac_fast(MD5) OK\n"); } else { @@ -80,9 +81,8 @@ void doit(void) } } - err = - gnutls_hmac_fast(GNUTLS_MAC_AES_GMAC_128, "keykeykeykeykeyk", 16, - "abcdefghabc", 8, digest); + err = gnutls_hmac_fast(GNUTLS_MAC_AES_GMAC_128, "keykeykeykeykeyk", 16, + "abcdefghabc", 8, digest); if (err >= 0) fail("gnutls_hmac_fast(GMAC-128) succeeded unexpectedly: %d\n", err); @@ -91,10 +91,9 @@ void doit(void) else if (debug) success("gnutls_hmac_fast(GMAC-128) OK\n"); - err = - gnutls_hmac_fast(GNUTLS_MAC_AES_GMAC_192, - "keykeykeykeykeykeykeykey", 24, "abcdefghabc", 8, - digest); + err = gnutls_hmac_fast(GNUTLS_MAC_AES_GMAC_192, + "keykeykeykeykeykeykeykey", 24, "abcdefghabc", 8, + digest); if (err >= 0) fail("gnutls_hmac_fast(GMAC-192) succeeded unexpectedly: %d\n", err); @@ -103,10 +102,9 @@ void doit(void) else if (debug) success("gnutls_hmac_fast(GMAC-192) OK\n"); - err = - gnutls_hmac_fast(GNUTLS_MAC_AES_GMAC_256, - "keykeykeykeykeykeykeykeykeykeyke", 32, - "abcdefghabc", 8, digest); + err = gnutls_hmac_fast(GNUTLS_MAC_AES_GMAC_256, + "keykeykeykeykeykeykeykeykeykeyke", 32, + "abcdefghabc", 8, digest); if (err >= 0) fail("gnutls_hmac_fast(GMAC-256) succeeded unexpectedly: %d\n", err); @@ -115,9 +113,8 @@ void doit(void) else if (debug) success("gnutls_hmac_fast(GMAC-256) OK\n"); - err = - gnutls_hmac_fast(GNUTLS_MAC_UMAC_96, "keykeykeykeykeyk", 16, - "abcdefghabc", 8, digest); + err = gnutls_hmac_fast(GNUTLS_MAC_UMAC_96, "keykeykeykeykeyk", 16, + "abcdefghabc", 8, digest); if (err >= 0) fail("gnutls_hmac_fast(UMAC-96) succeeded unexpectedly: %d\n", err); @@ -126,9 +123,8 @@ void doit(void) else if (debug) success("gnutls_hmac_fast(UMAC-96) OK\n"); - err = - gnutls_hmac_fast(GNUTLS_MAC_UMAC_128, "keykeykeykeykeyk", 16, - "abcdefghabc", 8, digest); + err = gnutls_hmac_fast(GNUTLS_MAC_UMAC_128, "keykeykeykeykeyk", 16, + "abcdefghabc", 8, digest); if (err >= 0) fail("gnutls_hmac_fast(UMAC-128) succeeded unexpectedly: %d\n", err); diff --git a/tests/gnutls_ktls.c b/tests/gnutls_ktls.c index 13d6dace5c..0103a51a2b 100644 --- a/tests/gnutls_ktls.c +++ b/tests/gnutls_ktls.c @@ -1,5 +1,5 @@ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -14,23 +14,23 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" static void server_log_func(int level, const char *str) { @@ -42,8 +42,8 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 -# define MSG "Hello world!" +#define MAX_BUF 1024 +#define MSG "Hello world!" static void client(int fd, const char *prio) { @@ -72,8 +72,7 @@ static void client(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -92,8 +91,7 @@ static void client(int fd, const char *prio) memset(buffer, 0, sizeof(buffer)); do { ret = gnutls_record_recv(session, buffer, sizeof(buffer)); - } - while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); + } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret == 0) { success("client: Peer has closed the TLS connection\n"); @@ -115,8 +113,7 @@ static void client(int fd, const char *prio) memset(buffer, 0, sizeof(buffer)); do { ret = gnutls_record_recv(session, buffer, sizeof(buffer)); - } - while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); + } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret == 0) { success("client: Peer has closed the TLS connection\n"); @@ -141,7 +138,7 @@ static void client(int fd, const char *prio) } ret = 0; - end: +end: close(fd); @@ -177,9 +174,8 @@ static void server(int fd, const char *prio) } gnutls_certificate_allocate_credentials(&x509_cred); - ret = gnutls_certificate_set_x509_key_mem(x509_cred, &server_cert, - &server_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + x509_cred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -194,8 +190,7 @@ static void server(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("server: Handshake has failed (%s)\n\n", @@ -242,8 +237,8 @@ static void server(int fd, const char *prio) } do { - ret = - gnutls_record_send_file(session, fileno(fp), &offset, 512); + ret = gnutls_record_send_file(session, fileno(fp), &offset, + 512); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { @@ -258,7 +253,7 @@ static void server(int fd, const char *prio) gnutls_strerror(ret)); ret = 0; - end: +end: close(fd); gnutls_deinit(session); @@ -360,4 +355,4 @@ void doit(void) run("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+CHACHA20-POLY1305"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/gnutls_ocsp_resp_list_import2.c b/tests/gnutls_ocsp_resp_list_import2.c index 787496e7bc..258002db4b 100644 --- a/tests/gnutls_ocsp_resp_list_import2.c +++ b/tests/gnutls_ocsp_resp_list_import2.c @@ -22,7 +22,7 @@ /* This tests key import for gnutls_ocsp_resp_t APIs */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,12 +35,11 @@ #include "ocsp-common.h" #include "utils.h" -#define testfail(fmt, ...) \ - fail("%s: "fmt, name, ##__VA_ARGS__) +#define testfail(fmt, ...) fail("%s: " fmt, name, ##__VA_ARGS__) -static void load_list(const char *name, const gnutls_datum_t * txt, - unsigned int nocsps, - int format, unsigned flags, int exp_err) +static void load_list(const char *name, const gnutls_datum_t *txt, + unsigned int nocsps, int format, unsigned flags, + int exp_err) { gnutls_ocsp_resp_t *ocsps; unsigned int i, size; @@ -75,172 +74,168 @@ typedef struct test_st { } test_st; static const char long_chain_pem[] = - "-----BEGIN OCSP RESPONSE-----\n" - "MIICOgoBAKCCAjMwggIvBgkrBgEFBQcwAQEEggIgMIICHDCBhaEUMBIxEDAOBgNV\n" - "BAMTB3N1YkNBLTMYDzIwMTcxMDE4MTIyMDQ5WjBcMFowRTAJBgUrDgMCGgUABBSy\n" - "5lyOboNLvRHZl/o2k1merVwVxAQUnpHsjKokWyLg6BHo6aSRtZEmAPECDFejHTI3\n" - "ZFj6e1Jv14IAGA8yMDE3MTAxODEyMjA0OVowDQYJKoZIhvcNAQELBQADggGBAJg8\n" - "/9F2k7DdQsqMfU+f53gUHZAlZzRRPPYQfrmMGfSaMmr9W3fpCrLNMV4PWxGndTh7\n" - "AforaCwUb6+QyWlnE3B4UUQLphaEawnDJ/8GJZAnCIcjyxpWYZ4onEIZ6pN8BRQE\n" - "f8ccQN01xlB5RtdqsVmvxtoM0husO0YJDnsCwwFVXulPEFgWuFSoVLsx65lkc+4/\n" - "RM67+QrbNpBRgKrhb8MAE2WANjpjSAVSf5GWsH9T/F2HDG5crApFIoNywK9e21zk\n" - "qYAWQ6tVcps3QbvvIEXVy/jOqVASeaxuwHmkdBz4SNT83LvaNnJGBTKXTGukPKAO\n" - "t6xJpFLwrNWNhgfbw2fklWJSMzMtAEkjzBJi+4kn1SfLdcTLYBf9Tnoq1wsJhAMg\n" - "OFNzcWb8ZJxuGh7FXgytneM38sL8oTEmLKHfBRnWGOglfCMj3olvXpjotrIlKDAS\n" - "GbGElY+PZXUtkKiN2cNAecjIodzQFgL+YL6jWKLEuuWGT/MvRrliL83kGmKDdg==\n" - "-----END OCSP RESPONSE-----\n" - "-----BEGIN OCSP RESPONSE-----\n" - "MIICNwoBAKCCAjAwggIsBgkrBgEFBQcwAQEEggIdMIICGTCBgqERMA8xDTALBgNV\n" - "BAMTBENBLTMYDzIwMTcxMDE4MTIzODUyWjBcMFowRTAJBgUrDgMCGgUABBS3yg+r\n" - "3G+4sJZ6FayYCg8Z/qQS3gQUHoXtf55x+gidN0hDoBLv5arh44oCDFejHTI1s0/Q\n" - "ufXnPIIAGA8yMDE3MTAxODEyMzg1MlowDQYJKoZIhvcNAQELBQADggGBALMParB9\n" - "K97DlT4FmMdPScoT7oAAsar4XxKLU9+oraht7H+WTAYSpnCxh/ugR17G0jtzTzIw\n" - "nLQFAyR9MDYKp4Om4YqQ7r+43DiIqKVU25WcrVifUbtkR+LbjH+Bk1UHvFE8mCOX\n" - "ZB+cmQyjGap1RX0dnj2Wm48vUwqp71nA8AYcXL575xZ4rb9DDhaoV2h3S0Zlu4IN\n" - "btuDIVsxJ53kqkGjjVB4/R0RtqCXOI2ThMK3SfDWqwzF9tYA763VVXi+g+w3oyv4\n" - "ZtP8QUWOVUY4azpElX1wqoO8znUjxs1AzROLUeLPK8GMLVIZLP361J2kLgcj0Gdq\n" - "GIVH5N54p6bl5OgSUP3EdKbFRZyCVZ2n8Der3Cf9PtfvGV7Ze4Cv/CCN6rJkk54P\n" - "6auP6pEJg0ESGC5fop5HFCyVM+W/ot0A1cxN0+cHYlqB1NQholLqe3psDjJ2EoIK\n" - "LtN5dRLO6z5L74CwwiJ1SeLh8XyJtr/ee9RnFB56XCzO7lyhbHPx/VT6Qw==\n" - "-----END OCSP RESPONSE-----\n" - "-----BEGIN OCSP RESPONSE-----\n" - "MIIGUwoBAKCCBkwwggZIBgkrBgEFBQcwAQEEggY5MIIGNTCBhaEUMBIxEDAOBgNV\n" - "BAMTB3N1YkNBLTMYDzIwMTcxMDE4MTIwOTMwWjBcMFowRTAJBgUrDgMCGgUABBSy\n" - "5lyOboNLvRHZl/o2k1merVwVxAQUnpHsjKokWyLg6BHo6aSRtZEmAPECDFejHTI2\n" - "yAyhyrC99oIAGA8yMDE3MTAxODEyMDkzMFowDQYJKoZIhvcNAQENBQADggGBAFZk\n" - "KxCq5yZ/8X+Glw4YtHWSZRIrRp8+lpjkqxDRDuoI4qUBdaRbdqxJK57xSvJ5Ok4V\n" - "gf9N02WOrkq7MzWLD7ZdMu/14SW/vVIdmfI04Ps4NGya71OykMb7daCMvGuO2N4z\n" - "5G/yrfKiT8JYR+JobTo6swqCPaSFAFg+ADWdax//n66wmuLHDpqzfFLp2lBXNXJx\n" - "gafAQCjqK84JRx2xgEFZ9l3TPOoR2BO5DzJqKXK+wcMbtUxNDaHV8MTsxVqTQXoB\n" - "JLN6cYKjxghCkQ5r54YLr77fB1qMNfhffy9gBN0q8g3AHG+gMICkNYPTw8w1Rjbr\n" - "6bE8CI/MXcrZrz7UWLuQXe8BnNk+Vn7PE6oRxCLSoJ8b6fB4cDvMIX1rRpc/Owxb\n" - "j6gockpBTebdLr3xpB6iopRurTPCVtMpz3VeNVnrB3gjCyBO62ErRncKn6RXqEVF\n" - "bo+01Zz8hHjDgtm2p9V24CMJK5p8fLVthJ0fRwyc1oYr3fT6l+dy50JSdOhNAaCC\n" - "BBUwggQRMIIEDTCCAnWgAwIBAgIMV6MdMjWzT9C59ec8MA0GCSqGSIb3DQEBCwUA\n" - "MA8xDTALBgNVBAMTBENBLTMwIBcNMTYwNTEwMDg0ODMwWhgPOTk5OTEyMzEyMzU5\n" - "NTlaMBIxEDAOBgNVBAMTB3N1YkNBLTMwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAw\n" - "ggGKAoIBgQCgOcNXzStOnRFoi05aMRLeMB45X4a2srSBul3ULxDSGjIP0EEl//X2\n" - "WLiope/xNL8bPCRpI1sSVXl8Hb1cK3qWNGazVmC7xW07NxL26I86e3/BVRnq8ioV\n" - "tvPQwEpvuI8F97x1vL/n+cfcdkN77NScr5C9jHMVioRvC+qKz9bUBx5DSySV66PR\n" - "5+wGsJDvkfsmjVOgqiTlSWQS5G3nMMq0Rixsc5dP5Wygkbdh9+45UCtObcnHABJr\n" - "P+GtLiG0AOUx6oPzPteZL13erWXg7zYusTarj9rTcdsgR/Im1mIzmD2i7GhJo4Gj\n" - "0Sk3Rq93JyeA+Ay5UPmqcm+dqX00b49MTTv4GtO53kLQSCXYFJ96jcMiXMzBFJD1\n" - "ROsdk4WUed/tJMHffttDz9j3WcuX9M2nzTT2xlauokjbEAhRDRw5fxCFZh7TbmaH\n" - "4vysDO9UZXVEXSLKonQ2Lmyso48s/G30VmlSjtPtJqRsv/oPpCO/c0D6BrkHV55B\n" - "48xfmyIFjgECAwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMD\n" - "BwYAMB0GA1UdDgQWBBQtMwQbJ3+UBHzH4zVP6SWklOG3oTAfBgNVHSMEGDAWgBT5\n" - "qIYZY7akFBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAMii5Gx3/d/58\n" - "oDRy5a0oPvQhkU0dKa61NfjjOz9uqxNSilLJE7jGJPaG2tKtC/XU1Ybql2tqQY68\n" - "kogjKs31QC6RFkoZAFouTJt11kzbgVWKewCk3/OrA0/ZkRrAfE0Pma/NITRwTHmT\n" - "sQOdv/bzR+xIPhjKxKrKyJFMG5xb+Q0OKSbd8kDpgYWKob5x2jsNYgEDp8nYSRT4\n" - "5SGw7c7FcumkXz2nA6r5NwbnhELvNFK8fzsY+QJKHaAlJ9CclliP1PiiAcl2LQo2\n" - "gaygWNiD+ggnqzy7nqam9rieOOMHls1kKFAFrWy2g/cBhTfS+/7Shpex7NK2GAiu\n" - "jgUV0TZHEyEZt6um4gLS9vwUKs/R4XS9VL/bBlfAy2hAVTeUejiRBGeTJkqBu7+c\n" - "4FdrCByVhaeQASMYu/lga8eaGL1zJbJe2BQWI754KDYDT9qKNqGlgysr4AVje7z1\n" - "Y1MQ72SnfrzYSQw6BB85CurB6iou3Q+eM4o4g/+xGEuDo0Ne/8ir\n" - "-----END OCSP RESPONSE-----\n"; - -static const char bad_long_chain_pem[] = /* second response is broken */ - "-----BEGIN OCSP RESPONSE-----\n" - "MIICOgoBAKCCAjMwggIvBgkrBgEFBQcwAQEEggIgMIICHDCBhaEUMBIxEDAOBgNV\n" - "BAMTB3N1YkNBLTMYDzIwMTcxMDE4MTIyMDQ5WjBcMFowRTAJBgUrDgMCGgUABBSy\n" - "5lyOboNLvRHZl/o2k1merVwVxAQUnpHsjKokWyLg6BHo6aSRtZEmAPECDFejHTI3\n" - "ZFj6e1Jv14IAGA8yMDE3MTAxODEyMjA0OVowDQYJKoZIhvcNAQELBQADggGBAJg8\n" - "/9F2k7DdQsqMfU+f53gUHZAlZzRRPPYQfrmMGfSaMmr9W3fpCrLNMV4PWxGndTh7\n" - "AforaCwUb6+QyWlnE3B4UUQLphaEawnDJ/8GJZAnCIcjyxpWYZ4onEIZ6pN8BRQE\n" - "f8ccQN01xlB5RtdqsVmvxtoM0husO0YJDnsCwwFVXulPEFgWuFSoVLsx65lkc+4/\n" - "RM67+QrbNpBRgKrhb8MAE2WANjpjSAVSf5GWsH9T/F2HDG5crApFIoNywK9e21zk\n" - "qYAWQ6tVcps3QbvvIEXVy/jOqVASeaxuwHmkdBz4SNT83LvaNnJGBTKXTGukPKAO\n" - "t6xJpFLwrNWNhgfbw2fklWJSMzMtAEkjzBJi+4kn1SfLdcTLYBf9Tnoq1wsJhAMg\n" - "OFNzcWb8ZJxuGh7FXgytneM38sL8oTEmLKHfBRnWGOglfCMj3olvXpjotrIlKDAS\n" - "GbGElY+PZXUtkKiN2cNAecjIodzQFgL+YL6jWKLEuuWGT/MvRrliL83kGmKDdg==\n" - "-----END OCSP RESPONSE-----\n" - "-----BEGIN OCSP RESPONSE-----\n" - "MIICNwoBAKCCAjAwggIsBgkrBgEFBQcwAQEEggIdMIICGTCBgqERMA8xDTALBgNV\n" - "BAMTBENBLTMYDzIwMTcxMDE4MTIzODUyWjBcMFowRTAJBgUrDgMCGgUABBS3yg+r\n" - "3G+4sJZ6FayYCg8Z/qQS3gQUHoXtf55x+gidN0hDoBLv5arh44oCDFejHTI1s0/Q\n" - "ufXnPIIAGA8yMDE3MTAxODEyMzg1MlowDQYJKoZIhvcNAQELBQADggGBALMParB9\n" - "K97DlT4FmMdPScoT7oAAsar4XxKLU9+oraht7H+WTAYSpnCxh/ugR1fG0jtzTzIw\n" - "nLQFAyR9MDYKp4Om4YqQ7r+43DiIqKVU25WcrVifUbtkR+LbjH+Bk1UHvFE8mCOX\n" - "ZB+cmQyjGap1RX0dnj2Wm48vwwqp71nA8AYcXL575xZ4rb9DDhaoV2h3S0Zlu4IN\n" - "btuDIVsxJ53kqkGjjVB4/R0RtqCXOI2ThMK3SfDWqwzF9tYA763VVXi+g+w3oyv4\n" - "ZtP8QUWOVUY4azpzlX1wqoO8znUjxs1AzROLUeLPK8GMLVIZLP361J2kLgcj0Gdq\n" - "GIVH5N54p6bl5OgSUP3EdKbFRZyCVZ2n8Der3Cf9PtfvGV7Ze4Cv/CCN6rJkk54P\n" - "6auP6pEJg0ESGC5fop5HFCyVM+W/ot0A1cxN0+cHYlqB1NQholLqe3psDjJ2EoIK\n" - "LtN5dRLO6z5L74CwwiJ1SeLh8XyJtr/ee9RnFB56XCzO7lyhbHPx/VT6Qw==\n" - "-----END OCSP RESPONSE-----\n" - "-----BEGIN OCSP RESPONSE-----\n" - "MIIGUwoBAKCCBkwwggZIBgkrBgEFBQcwAQEEggY5MIIGNTCBhaEUMBIxEDAOBgNV\n" - "BAMTB3N1YkNBLTMYDzIwMTcxMDE4MTIwOTMwWjBcMFowRTAJBgUrDgMCGgUABBSy\n" - "5lyOboNLvRHZl/o2k1merVwVxAQUnpHsjKokWyLg6BHo6aSRtZEmAPECDFejHTI2\n" - "yAyhyrC99oIAGA8yMDE3MTAxODEyMDkzMFowDQYJKoZIhvcNAQENBQADggGBAFZk\n" - "KxCq5yZ/8X+Glw4YtHWSZRIrRp8+lpjkqxDRDuoI4qUBdaRbdqxJK57xSvJ5Ok4V\n" - "gf9N02WOrkq7MzWLD7ZdMu/14SW/vVIdmfI04Ps4NGya71OykMb7daCMvGuO2N4z\n" - "5G/yrfKiT8JYR+JobTo6swqCPaSFAFg+ADWdax//n66wmuLHDpqzfFLp2lBXNXJx\n" - "gafAQCjqK84JRx2xgEFZ9l3TPOoR2BO5DzJqKXK+wcMbtUxNDaHV8MTsxVqTQXoB\n" - "JLN6cYKjxghCkQ5r54YLr77fB1qMNfhffy9gBN0q8g3AHG+gMICkNYPTw8w1Rjbr\n" - "6bE8CI/MXcrZrz7UWLuQXe8BnNk+Vn7PE6oRxCLSoJ8b6fB4cDvMIX1rRpc/Owxb\n" - "j6gockpBTebdLr3xpB6iopRurTPCVtMpz3VeNVnrB3gjCyBO62ErRncKn6RXqEVF\n" - "bo+01Zz8hHjDgtm2p9V24CMJK5p8fLVthJ0fRwyc1oYr3fT6l+dy50JSdOhNAaCC\n" - "BBUwggQRMIIEDTCCAnWgAwIBAgIMV6MdMjWzT9C59ec8MA0GCSqGSIb3DQEBCwUA\n" - "MA8xDTALBgNVBAMTBENBLTMwIBcNMTYwNTEwMDg0ODMwWhgPOTk5OTEyMzEyMzU5\n" - "NTlaMBIxEDAOBgNVBAMTB3N1YkNBLTMwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAw\n" - "ggGKAoIBgQCgOcNXzStOnRFoi05aMRLeMB45X4a2srSBul3ULxDSGjIP0EEl//X2\n" - "WLiope/xNL8bPCRpI1sSVXl8Hb1cK3qWNGazVmC7xW07NxL26I86e3/BVRnq8ioV\n" - "tvPQwEpvuI8F97x1vL/n+cfcdkN77NScr5C9jHMVioRvC+qKz9bUBx5DSySV66PR\n" - "5+wGsJDvkfsmjVOgqiTlSWQS5G3nMMq0Rixsc5dP5Wygkbdh9+45UCtObcnHABJr\n" - "P+GtLiG0AOUx6oPzPteZL13erWXg7zYusTarj9rTcdsgR/Im1mIzmD2i7GhJo4Gj\n" - "0Sk3Rq93JyeA+Ay5UPmqcm+dqX00b49MTTv4GtO53kLQSCXYFJ96jcMiXMzBFJD1\n" - "ROsdk4WUed/tJMHffttDz9j3WcuX9M2nzTT2xlauokjbEAhRDRw5fxCFZh7TbmaH\n" - "4vysDO9UZXVEXSLKonQ2Lmyso48s/G30VmlSjtPtJqRsv/oPpCO/c0D6BrkHV55B\n" - "48xfmyIFjgECAwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMD\n" - "BwYAMB0GA1UdDgQWBBQtMwQbJ3+UBHzH4zVP6SWklOG3oTAfBgNVHSMEGDAWgBT5\n" - "qIYZY7akFBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAMii5Gx3/d/58\n" - "oDRy5a0oPvQhkU0dKa61NfjjOz9uqxNSilLJE7jGJPaG2tKtC/XU1Ybql2tqQY68\n" - "kogjKs31QC6RFkoZAFouTJt11kzbgVWKewCk3/OrA0/ZkRrAfE0Pma/NITRwTHmT\n" - "sQOdv/bzR+xIPhjKxKrKyJFMG5xb+Q0OKSbd8kDpgYWKob5x2jsNYgEDp8nYSRT4\n" - "5SGw7c7FcumkXz2nA6r5NwbnhELvNFK8fzsY+QJKHaAlJ9CclliP1PiiAcl2LQo2\n" - "gaygWNiD+ggnqzy7nqam9rieOOMHls1kKFAFrWy2g/cBhTfS+/7Shpex7NK2GAiu\n" - "jgUV0TZHEyEZt6um4gLS9vwUKs/R4XS9VL/bBlfAy2hAVTeUejiRBGeTJkqBu7+c\n" - "4FdrCByVhaeQASMYu/lga8eaGL1zJbJe2BQWI754KDYDT9qKNqGlgysr4AVje7z1\n" - "Y1MQ72SnfrzYSQw6BB85CurB6iou3Q+eM4o4g/+xGEuDo0Ne/8ir\n" - "-----END OCSP RESPONSE-----\n"; - -static const gnutls_datum_t long_chain = { - (void *)long_chain_pem, sizeof(long_chain_pem) - 1 -}; - -static const gnutls_datum_t bad_long_chain = { - (void *)bad_long_chain_pem, sizeof(bad_long_chain_pem) - 1 -}; - -static const gnutls_datum_t no_chain = { - (void *)" ", 1 -}; + "-----BEGIN OCSP RESPONSE-----\n" + "MIICOgoBAKCCAjMwggIvBgkrBgEFBQcwAQEEggIgMIICHDCBhaEUMBIxEDAOBgNV\n" + "BAMTB3N1YkNBLTMYDzIwMTcxMDE4MTIyMDQ5WjBcMFowRTAJBgUrDgMCGgUABBSy\n" + "5lyOboNLvRHZl/o2k1merVwVxAQUnpHsjKokWyLg6BHo6aSRtZEmAPECDFejHTI3\n" + "ZFj6e1Jv14IAGA8yMDE3MTAxODEyMjA0OVowDQYJKoZIhvcNAQELBQADggGBAJg8\n" + "/9F2k7DdQsqMfU+f53gUHZAlZzRRPPYQfrmMGfSaMmr9W3fpCrLNMV4PWxGndTh7\n" + "AforaCwUb6+QyWlnE3B4UUQLphaEawnDJ/8GJZAnCIcjyxpWYZ4onEIZ6pN8BRQE\n" + "f8ccQN01xlB5RtdqsVmvxtoM0husO0YJDnsCwwFVXulPEFgWuFSoVLsx65lkc+4/\n" + "RM67+QrbNpBRgKrhb8MAE2WANjpjSAVSf5GWsH9T/F2HDG5crApFIoNywK9e21zk\n" + "qYAWQ6tVcps3QbvvIEXVy/jOqVASeaxuwHmkdBz4SNT83LvaNnJGBTKXTGukPKAO\n" + "t6xJpFLwrNWNhgfbw2fklWJSMzMtAEkjzBJi+4kn1SfLdcTLYBf9Tnoq1wsJhAMg\n" + "OFNzcWb8ZJxuGh7FXgytneM38sL8oTEmLKHfBRnWGOglfCMj3olvXpjotrIlKDAS\n" + "GbGElY+PZXUtkKiN2cNAecjIodzQFgL+YL6jWKLEuuWGT/MvRrliL83kGmKDdg==\n" + "-----END OCSP RESPONSE-----\n" + "-----BEGIN OCSP RESPONSE-----\n" + "MIICNwoBAKCCAjAwggIsBgkrBgEFBQcwAQEEggIdMIICGTCBgqERMA8xDTALBgNV\n" + "BAMTBENBLTMYDzIwMTcxMDE4MTIzODUyWjBcMFowRTAJBgUrDgMCGgUABBS3yg+r\n" + "3G+4sJZ6FayYCg8Z/qQS3gQUHoXtf55x+gidN0hDoBLv5arh44oCDFejHTI1s0/Q\n" + "ufXnPIIAGA8yMDE3MTAxODEyMzg1MlowDQYJKoZIhvcNAQELBQADggGBALMParB9\n" + "K97DlT4FmMdPScoT7oAAsar4XxKLU9+oraht7H+WTAYSpnCxh/ugR17G0jtzTzIw\n" + "nLQFAyR9MDYKp4Om4YqQ7r+43DiIqKVU25WcrVifUbtkR+LbjH+Bk1UHvFE8mCOX\n" + "ZB+cmQyjGap1RX0dnj2Wm48vUwqp71nA8AYcXL575xZ4rb9DDhaoV2h3S0Zlu4IN\n" + "btuDIVsxJ53kqkGjjVB4/R0RtqCXOI2ThMK3SfDWqwzF9tYA763VVXi+g+w3oyv4\n" + "ZtP8QUWOVUY4azpElX1wqoO8znUjxs1AzROLUeLPK8GMLVIZLP361J2kLgcj0Gdq\n" + "GIVH5N54p6bl5OgSUP3EdKbFRZyCVZ2n8Der3Cf9PtfvGV7Ze4Cv/CCN6rJkk54P\n" + "6auP6pEJg0ESGC5fop5HFCyVM+W/ot0A1cxN0+cHYlqB1NQholLqe3psDjJ2EoIK\n" + "LtN5dRLO6z5L74CwwiJ1SeLh8XyJtr/ee9RnFB56XCzO7lyhbHPx/VT6Qw==\n" + "-----END OCSP RESPONSE-----\n" + "-----BEGIN OCSP RESPONSE-----\n" + "MIIGUwoBAKCCBkwwggZIBgkrBgEFBQcwAQEEggY5MIIGNTCBhaEUMBIxEDAOBgNV\n" + "BAMTB3N1YkNBLTMYDzIwMTcxMDE4MTIwOTMwWjBcMFowRTAJBgUrDgMCGgUABBSy\n" + "5lyOboNLvRHZl/o2k1merVwVxAQUnpHsjKokWyLg6BHo6aSRtZEmAPECDFejHTI2\n" + "yAyhyrC99oIAGA8yMDE3MTAxODEyMDkzMFowDQYJKoZIhvcNAQENBQADggGBAFZk\n" + "KxCq5yZ/8X+Glw4YtHWSZRIrRp8+lpjkqxDRDuoI4qUBdaRbdqxJK57xSvJ5Ok4V\n" + "gf9N02WOrkq7MzWLD7ZdMu/14SW/vVIdmfI04Ps4NGya71OykMb7daCMvGuO2N4z\n" + "5G/yrfKiT8JYR+JobTo6swqCPaSFAFg+ADWdax//n66wmuLHDpqzfFLp2lBXNXJx\n" + "gafAQCjqK84JRx2xgEFZ9l3TPOoR2BO5DzJqKXK+wcMbtUxNDaHV8MTsxVqTQXoB\n" + "JLN6cYKjxghCkQ5r54YLr77fB1qMNfhffy9gBN0q8g3AHG+gMICkNYPTw8w1Rjbr\n" + "6bE8CI/MXcrZrz7UWLuQXe8BnNk+Vn7PE6oRxCLSoJ8b6fB4cDvMIX1rRpc/Owxb\n" + "j6gockpBTebdLr3xpB6iopRurTPCVtMpz3VeNVnrB3gjCyBO62ErRncKn6RXqEVF\n" + "bo+01Zz8hHjDgtm2p9V24CMJK5p8fLVthJ0fRwyc1oYr3fT6l+dy50JSdOhNAaCC\n" + "BBUwggQRMIIEDTCCAnWgAwIBAgIMV6MdMjWzT9C59ec8MA0GCSqGSIb3DQEBCwUA\n" + "MA8xDTALBgNVBAMTBENBLTMwIBcNMTYwNTEwMDg0ODMwWhgPOTk5OTEyMzEyMzU5\n" + "NTlaMBIxEDAOBgNVBAMTB3N1YkNBLTMwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAw\n" + "ggGKAoIBgQCgOcNXzStOnRFoi05aMRLeMB45X4a2srSBul3ULxDSGjIP0EEl//X2\n" + "WLiope/xNL8bPCRpI1sSVXl8Hb1cK3qWNGazVmC7xW07NxL26I86e3/BVRnq8ioV\n" + "tvPQwEpvuI8F97x1vL/n+cfcdkN77NScr5C9jHMVioRvC+qKz9bUBx5DSySV66PR\n" + "5+wGsJDvkfsmjVOgqiTlSWQS5G3nMMq0Rixsc5dP5Wygkbdh9+45UCtObcnHABJr\n" + "P+GtLiG0AOUx6oPzPteZL13erWXg7zYusTarj9rTcdsgR/Im1mIzmD2i7GhJo4Gj\n" + "0Sk3Rq93JyeA+Ay5UPmqcm+dqX00b49MTTv4GtO53kLQSCXYFJ96jcMiXMzBFJD1\n" + "ROsdk4WUed/tJMHffttDz9j3WcuX9M2nzTT2xlauokjbEAhRDRw5fxCFZh7TbmaH\n" + "4vysDO9UZXVEXSLKonQ2Lmyso48s/G30VmlSjtPtJqRsv/oPpCO/c0D6BrkHV55B\n" + "48xfmyIFjgECAwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMD\n" + "BwYAMB0GA1UdDgQWBBQtMwQbJ3+UBHzH4zVP6SWklOG3oTAfBgNVHSMEGDAWgBT5\n" + "qIYZY7akFBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAMii5Gx3/d/58\n" + "oDRy5a0oPvQhkU0dKa61NfjjOz9uqxNSilLJE7jGJPaG2tKtC/XU1Ybql2tqQY68\n" + "kogjKs31QC6RFkoZAFouTJt11kzbgVWKewCk3/OrA0/ZkRrAfE0Pma/NITRwTHmT\n" + "sQOdv/bzR+xIPhjKxKrKyJFMG5xb+Q0OKSbd8kDpgYWKob5x2jsNYgEDp8nYSRT4\n" + "5SGw7c7FcumkXz2nA6r5NwbnhELvNFK8fzsY+QJKHaAlJ9CclliP1PiiAcl2LQo2\n" + "gaygWNiD+ggnqzy7nqam9rieOOMHls1kKFAFrWy2g/cBhTfS+/7Shpex7NK2GAiu\n" + "jgUV0TZHEyEZt6um4gLS9vwUKs/R4XS9VL/bBlfAy2hAVTeUejiRBGeTJkqBu7+c\n" + "4FdrCByVhaeQASMYu/lga8eaGL1zJbJe2BQWI754KDYDT9qKNqGlgysr4AVje7z1\n" + "Y1MQ72SnfrzYSQw6BB85CurB6iou3Q+eM4o4g/+xGEuDo0Ne/8ir\n" + "-----END OCSP RESPONSE-----\n"; + +static const char bad_long_chain_pem[] = /* second response is broken */ + "-----BEGIN OCSP RESPONSE-----\n" + "MIICOgoBAKCCAjMwggIvBgkrBgEFBQcwAQEEggIgMIICHDCBhaEUMBIxEDAOBgNV\n" + "BAMTB3N1YkNBLTMYDzIwMTcxMDE4MTIyMDQ5WjBcMFowRTAJBgUrDgMCGgUABBSy\n" + "5lyOboNLvRHZl/o2k1merVwVxAQUnpHsjKokWyLg6BHo6aSRtZEmAPECDFejHTI3\n" + "ZFj6e1Jv14IAGA8yMDE3MTAxODEyMjA0OVowDQYJKoZIhvcNAQELBQADggGBAJg8\n" + "/9F2k7DdQsqMfU+f53gUHZAlZzRRPPYQfrmMGfSaMmr9W3fpCrLNMV4PWxGndTh7\n" + "AforaCwUb6+QyWlnE3B4UUQLphaEawnDJ/8GJZAnCIcjyxpWYZ4onEIZ6pN8BRQE\n" + "f8ccQN01xlB5RtdqsVmvxtoM0husO0YJDnsCwwFVXulPEFgWuFSoVLsx65lkc+4/\n" + "RM67+QrbNpBRgKrhb8MAE2WANjpjSAVSf5GWsH9T/F2HDG5crApFIoNywK9e21zk\n" + "qYAWQ6tVcps3QbvvIEXVy/jOqVASeaxuwHmkdBz4SNT83LvaNnJGBTKXTGukPKAO\n" + "t6xJpFLwrNWNhgfbw2fklWJSMzMtAEkjzBJi+4kn1SfLdcTLYBf9Tnoq1wsJhAMg\n" + "OFNzcWb8ZJxuGh7FXgytneM38sL8oTEmLKHfBRnWGOglfCMj3olvXpjotrIlKDAS\n" + "GbGElY+PZXUtkKiN2cNAecjIodzQFgL+YL6jWKLEuuWGT/MvRrliL83kGmKDdg==\n" + "-----END OCSP RESPONSE-----\n" + "-----BEGIN OCSP RESPONSE-----\n" + "MIICNwoBAKCCAjAwggIsBgkrBgEFBQcwAQEEggIdMIICGTCBgqERMA8xDTALBgNV\n" + "BAMTBENBLTMYDzIwMTcxMDE4MTIzODUyWjBcMFowRTAJBgUrDgMCGgUABBS3yg+r\n" + "3G+4sJZ6FayYCg8Z/qQS3gQUHoXtf55x+gidN0hDoBLv5arh44oCDFejHTI1s0/Q\n" + "ufXnPIIAGA8yMDE3MTAxODEyMzg1MlowDQYJKoZIhvcNAQELBQADggGBALMParB9\n" + "K97DlT4FmMdPScoT7oAAsar4XxKLU9+oraht7H+WTAYSpnCxh/ugR1fG0jtzTzIw\n" + "nLQFAyR9MDYKp4Om4YqQ7r+43DiIqKVU25WcrVifUbtkR+LbjH+Bk1UHvFE8mCOX\n" + "ZB+cmQyjGap1RX0dnj2Wm48vwwqp71nA8AYcXL575xZ4rb9DDhaoV2h3S0Zlu4IN\n" + "btuDIVsxJ53kqkGjjVB4/R0RtqCXOI2ThMK3SfDWqwzF9tYA763VVXi+g+w3oyv4\n" + "ZtP8QUWOVUY4azpzlX1wqoO8znUjxs1AzROLUeLPK8GMLVIZLP361J2kLgcj0Gdq\n" + "GIVH5N54p6bl5OgSUP3EdKbFRZyCVZ2n8Der3Cf9PtfvGV7Ze4Cv/CCN6rJkk54P\n" + "6auP6pEJg0ESGC5fop5HFCyVM+W/ot0A1cxN0+cHYlqB1NQholLqe3psDjJ2EoIK\n" + "LtN5dRLO6z5L74CwwiJ1SeLh8XyJtr/ee9RnFB56XCzO7lyhbHPx/VT6Qw==\n" + "-----END OCSP RESPONSE-----\n" + "-----BEGIN OCSP RESPONSE-----\n" + "MIIGUwoBAKCCBkwwggZIBgkrBgEFBQcwAQEEggY5MIIGNTCBhaEUMBIxEDAOBgNV\n" + "BAMTB3N1YkNBLTMYDzIwMTcxMDE4MTIwOTMwWjBcMFowRTAJBgUrDgMCGgUABBSy\n" + "5lyOboNLvRHZl/o2k1merVwVxAQUnpHsjKokWyLg6BHo6aSRtZEmAPECDFejHTI2\n" + "yAyhyrC99oIAGA8yMDE3MTAxODEyMDkzMFowDQYJKoZIhvcNAQENBQADggGBAFZk\n" + "KxCq5yZ/8X+Glw4YtHWSZRIrRp8+lpjkqxDRDuoI4qUBdaRbdqxJK57xSvJ5Ok4V\n" + "gf9N02WOrkq7MzWLD7ZdMu/14SW/vVIdmfI04Ps4NGya71OykMb7daCMvGuO2N4z\n" + "5G/yrfKiT8JYR+JobTo6swqCPaSFAFg+ADWdax//n66wmuLHDpqzfFLp2lBXNXJx\n" + "gafAQCjqK84JRx2xgEFZ9l3TPOoR2BO5DzJqKXK+wcMbtUxNDaHV8MTsxVqTQXoB\n" + "JLN6cYKjxghCkQ5r54YLr77fB1qMNfhffy9gBN0q8g3AHG+gMICkNYPTw8w1Rjbr\n" + "6bE8CI/MXcrZrz7UWLuQXe8BnNk+Vn7PE6oRxCLSoJ8b6fB4cDvMIX1rRpc/Owxb\n" + "j6gockpBTebdLr3xpB6iopRurTPCVtMpz3VeNVnrB3gjCyBO62ErRncKn6RXqEVF\n" + "bo+01Zz8hHjDgtm2p9V24CMJK5p8fLVthJ0fRwyc1oYr3fT6l+dy50JSdOhNAaCC\n" + "BBUwggQRMIIEDTCCAnWgAwIBAgIMV6MdMjWzT9C59ec8MA0GCSqGSIb3DQEBCwUA\n" + "MA8xDTALBgNVBAMTBENBLTMwIBcNMTYwNTEwMDg0ODMwWhgPOTk5OTEyMzEyMzU5\n" + "NTlaMBIxEDAOBgNVBAMTB3N1YkNBLTMwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAw\n" + "ggGKAoIBgQCgOcNXzStOnRFoi05aMRLeMB45X4a2srSBul3ULxDSGjIP0EEl//X2\n" + "WLiope/xNL8bPCRpI1sSVXl8Hb1cK3qWNGazVmC7xW07NxL26I86e3/BVRnq8ioV\n" + "tvPQwEpvuI8F97x1vL/n+cfcdkN77NScr5C9jHMVioRvC+qKz9bUBx5DSySV66PR\n" + "5+wGsJDvkfsmjVOgqiTlSWQS5G3nMMq0Rixsc5dP5Wygkbdh9+45UCtObcnHABJr\n" + "P+GtLiG0AOUx6oPzPteZL13erWXg7zYusTarj9rTcdsgR/Im1mIzmD2i7GhJo4Gj\n" + "0Sk3Rq93JyeA+Ay5UPmqcm+dqX00b49MTTv4GtO53kLQSCXYFJ96jcMiXMzBFJD1\n" + "ROsdk4WUed/tJMHffttDz9j3WcuX9M2nzTT2xlauokjbEAhRDRw5fxCFZh7TbmaH\n" + "4vysDO9UZXVEXSLKonQ2Lmyso48s/G30VmlSjtPtJqRsv/oPpCO/c0D6BrkHV55B\n" + "48xfmyIFjgECAwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMD\n" + "BwYAMB0GA1UdDgQWBBQtMwQbJ3+UBHzH4zVP6SWklOG3oTAfBgNVHSMEGDAWgBT5\n" + "qIYZY7akFBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAMii5Gx3/d/58\n" + "oDRy5a0oPvQhkU0dKa61NfjjOz9uqxNSilLJE7jGJPaG2tKtC/XU1Ybql2tqQY68\n" + "kogjKs31QC6RFkoZAFouTJt11kzbgVWKewCk3/OrA0/ZkRrAfE0Pma/NITRwTHmT\n" + "sQOdv/bzR+xIPhjKxKrKyJFMG5xb+Q0OKSbd8kDpgYWKob5x2jsNYgEDp8nYSRT4\n" + "5SGw7c7FcumkXz2nA6r5NwbnhELvNFK8fzsY+QJKHaAlJ9CclliP1PiiAcl2LQo2\n" + "gaygWNiD+ggnqzy7nqam9rieOOMHls1kKFAFrWy2g/cBhTfS+/7Shpex7NK2GAiu\n" + "jgUV0TZHEyEZt6um4gLS9vwUKs/R4XS9VL/bBlfAy2hAVTeUejiRBGeTJkqBu7+c\n" + "4FdrCByVhaeQASMYu/lga8eaGL1zJbJe2BQWI754KDYDT9qKNqGlgysr4AVje7z1\n" + "Y1MQ72SnfrzYSQw6BB85CurB6iou3Q+eM4o4g/+xGEuDo0Ne/8ir\n" + "-----END OCSP RESPONSE-----\n"; + +static const gnutls_datum_t long_chain = { (void *)long_chain_pem, + sizeof(long_chain_pem) - 1 }; + +static const gnutls_datum_t bad_long_chain = { (void *)bad_long_chain_pem, + sizeof(bad_long_chain_pem) - 1 }; + +static const gnutls_datum_t no_chain = { (void *)" ", 1 }; static const test_st tests[] = { - {.name = "load no ocsps", - .ocsps = &no_chain, - .nocsps = 0, - .flags = 0, - .format = GNUTLS_X509_FMT_PEM, - .exp_err = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE}, - {.name = "load of 3 ocsps, with expected failure", - .ocsps = &bad_long_chain, - .nocsps = 3, - .flags = 0, - .format = GNUTLS_X509_FMT_PEM, - .exp_err = GNUTLS_E_ASN1_TAG_ERROR}, - {.name = "load 3 ocsps", - .ocsps = &long_chain, - .nocsps = 3, - .format = GNUTLS_X509_FMT_PEM, - .flags = 0}, - {.name = "load 1 DER ocsp", - .ocsps = &ocsp_subca3_unknown, - .nocsps = 1, - .format = GNUTLS_X509_FMT_DER, - .flags = 0} + { .name = "load no ocsps", + .ocsps = &no_chain, + .nocsps = 0, + .flags = 0, + .format = GNUTLS_X509_FMT_PEM, + .exp_err = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE }, + { .name = "load of 3 ocsps, with expected failure", + .ocsps = &bad_long_chain, + .nocsps = 3, + .flags = 0, + .format = GNUTLS_X509_FMT_PEM, + .exp_err = GNUTLS_E_ASN1_TAG_ERROR }, + { .name = "load 3 ocsps", + .ocsps = &long_chain, + .nocsps = 3, + .format = GNUTLS_X509_FMT_PEM, + .flags = 0 }, + { .name = "load 1 DER ocsp", + .ocsps = &ocsp_subca3_unknown, + .nocsps = 1, + .format = GNUTLS_X509_FMT_DER, + .flags = 0 } }; void doit(void) diff --git a/tests/gnutls_record_overhead.c b/tests/gnutls_record_overhead.c index c5de442564..d6e4e23225 100644 --- a/tests/gnutls_record_overhead.c +++ b/tests/gnutls_record_overhead.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This is a unit test of _gnutls_record_overhead. */ @@ -49,53 +49,54 @@ /* #pragma doesn't work to suppress preprocessor warnings like -Wunused-macros. * So we just use the above defined macros here. */ -#if defined _gnutls_debug_log && defined gnutls_assert && defined gnutls_assert_val -# include "../lib/algorithms.h" +#if defined _gnutls_debug_log && defined gnutls_assert && \ + defined gnutls_assert_val +#include "../lib/algorithms.h" #endif -unsigned _gnutls_record_overhead(const version_entry_st * ver, - const cipher_entry_st * cipher, - const mac_entry_st * mac, unsigned max); +unsigned _gnutls_record_overhead(const version_entry_st *ver, + const cipher_entry_st *cipher, + const mac_entry_st *mac, unsigned max); -#define OVERHEAD(v, c, m) \ - _gnutls_record_overhead(version_to_entry(v), cipher_to_entry(c), mac_to_entry(m), \ - 0) +#define OVERHEAD(v, c, m) \ + _gnutls_record_overhead(version_to_entry(v), cipher_to_entry(c), \ + mac_to_entry(m), 0) -#define MAX_OVERHEAD(v, c, m) \ - _gnutls_record_overhead(version_to_entry(v), cipher_to_entry(c), mac_to_entry(m), \ - 1) +#define MAX_OVERHEAD(v, c, m) \ + _gnutls_record_overhead(version_to_entry(v), cipher_to_entry(c), \ + mac_to_entry(m), 1) static void check_aes_gcm(void **glob_state) { const unsigned ov = 16 + 8; /* Under AES-GCM the overhead is constant */ - assert_int_equal(OVERHEAD - (GNUTLS_TLS1_2, GNUTLS_CIPHER_AES_128_GCM, - GNUTLS_MAC_AEAD), ov); - assert_int_equal(MAX_OVERHEAD - (GNUTLS_TLS1_2, GNUTLS_CIPHER_AES_128_GCM, - GNUTLS_MAC_AEAD), ov); + assert_int_equal(OVERHEAD(GNUTLS_TLS1_2, GNUTLS_CIPHER_AES_128_GCM, + GNUTLS_MAC_AEAD), + ov); + assert_int_equal(MAX_OVERHEAD(GNUTLS_TLS1_2, GNUTLS_CIPHER_AES_128_GCM, + GNUTLS_MAC_AEAD), + ov); } static void check_tls13_aes_gcm(void **glob_state) { const unsigned ov = 16 + 1; /* Under AES-GCM the overhead is constant */ - assert_int_equal(OVERHEAD - (GNUTLS_TLS1_3, GNUTLS_CIPHER_AES_128_GCM, - GNUTLS_MAC_AEAD), ov); - assert_int_equal(MAX_OVERHEAD - (GNUTLS_TLS1_3, GNUTLS_CIPHER_AES_128_GCM, - GNUTLS_MAC_AEAD), ov); + assert_int_equal(OVERHEAD(GNUTLS_TLS1_3, GNUTLS_CIPHER_AES_128_GCM, + GNUTLS_MAC_AEAD), + ov); + assert_int_equal(MAX_OVERHEAD(GNUTLS_TLS1_3, GNUTLS_CIPHER_AES_128_GCM, + GNUTLS_MAC_AEAD), + ov); } static void check_aes_sha1_min(void **glob_state) { const unsigned mac = 20; const unsigned block = 16; - assert_int_equal(OVERHEAD - (GNUTLS_TLS1_2, GNUTLS_CIPHER_AES_128_CBC, - GNUTLS_MAC_SHA1), 1 + mac + block); + assert_int_equal(OVERHEAD(GNUTLS_TLS1_2, GNUTLS_CIPHER_AES_128_CBC, + GNUTLS_MAC_SHA1), + 1 + mac + block); } static void check_aes_sha1_max(void **glob_state) @@ -103,9 +104,9 @@ static void check_aes_sha1_max(void **glob_state) const unsigned mac = 20; const unsigned block = 16; - assert_int_equal(MAX_OVERHEAD - (GNUTLS_TLS1_2, GNUTLS_CIPHER_AES_128_CBC, - GNUTLS_MAC_SHA1), block + mac + block); + assert_int_equal(MAX_OVERHEAD(GNUTLS_TLS1_2, GNUTLS_CIPHER_AES_128_CBC, + GNUTLS_MAC_SHA1), + block + mac + block); } int main(void) diff --git a/tests/gnutls_session_set_id.c b/tests/gnutls_session_set_id.c index db878a2a9c..099378e52a 100644 --- a/tests/gnutls_session_set_id.c +++ b/tests/gnutls_session_set_id.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -66,8 +66,8 @@ static gnutls_datum_t wrap_db_fetch(void *dbf, gnutls_datum_t key) unsigned *try_resume = dbf; gnutls_datum_t r = { NULL, 0 }; - if (key.size != test_id.size - || memcmp(test_id.data, key.data, test_id.size) != 0) + if (key.size != test_id.size || + memcmp(test_id.data, key.data, test_id.size) != 0) fail("received ID does not match the expected\n"); if (!(*try_resume)) @@ -107,8 +107,8 @@ static void start(const char *test, unsigned try_resume) gnutls_global_set_log_level(6); assert(gnutls_certificate_allocate_credentials(&serverx509cred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, + assert(gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&server, GNUTLS_SERVER) >= 0); @@ -124,15 +124,15 @@ static void start(const char *test, unsigned try_resume) gnutls_db_set_ptr(server, &try_resume); assert(gnutls_certificate_allocate_credentials(&clientx509cred) >= 0); - assert(gnutls_certificate_set_x509_trust_mem - (clientx509cred, &ca_cert, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&client, GNUTLS_CLIENT) >= 0); assert(gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, clientx509cred) >= 0); - assert(gnutls_priority_set_direct - (client, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL) >= 0); + assert(gnutls_priority_set_direct( + client, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL) >= 0); gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); gnutls_transport_set_ptr(client, client); @@ -170,8 +170,8 @@ static void start(const char *test, unsigned try_resume) assert(gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, clientx509cred) >= 0); - assert(gnutls_priority_set_direct - (client, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL) >= 0); + assert(gnutls_priority_set_direct( + client, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL) >= 0); gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); gnutls_transport_set_ptr(client, client); diff --git a/tests/gnutls_x509_crq_sign.c b/tests/gnutls_x509_crq_sign.c index 685e30623d..fa641ede90 100644 --- a/tests/gnutls_x509_crq_sign.c +++ b/tests/gnutls_x509_crq_sign.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -34,38 +34,39 @@ #include "utils.h" static unsigned char saved_crq_pem[] = - "-----BEGIN NEW CERTIFICATE REQUEST-----\n" - "MIIBgzCB7QIBADAAMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC7ZkP18sXX\n" - "tozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y89+wEdhMXi2SJIlvA3VN8O+18\n" - "BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpNaP/JEeIyjc49gAuNde/YAIGP\n" - "KAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQABoEQwQgYJKoZIhvcNAQkOMTUw\n" - "MzAPBgNVHRMBAf8EBTADAgEAMA0GA1UdDwEB/wQDAwEAMBEGA1UdEQEB/wQHMAWC\n" - "A2ZvbzANBgkqhkiG9w0BAQsFAAOBgQBKFQhbmY8RJBPiXm80PmYnZH7WaMeaOLJZ\n" - "JBVjsmdjFtDbgHaY9Vizrbh9jFM8iyvw01y+FZqCt2kSzvaPRoQad06NCV00oN6W\n" - "mG2iRKBSwVEX7JleigliK3M3Y5dlHV77CC1Or9BGC9Rbx9n9mV6z/NAWW5LyPHb5\n" - "gf4oXM6OPw==\n" "-----END NEW CERTIFICATE REQUEST-----\n"; + "-----BEGIN NEW CERTIFICATE REQUEST-----\n" + "MIIBgzCB7QIBADAAMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC7ZkP18sXX\n" + "tozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y89+wEdhMXi2SJIlvA3VN8O+18\n" + "BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpNaP/JEeIyjc49gAuNde/YAIGP\n" + "KAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQABoEQwQgYJKoZIhvcNAQkOMTUw\n" + "MzAPBgNVHRMBAf8EBTADAgEAMA0GA1UdDwEB/wQDAwEAMBEGA1UdEQEB/wQHMAWC\n" + "A2ZvbzANBgkqhkiG9w0BAQsFAAOBgQBKFQhbmY8RJBPiXm80PmYnZH7WaMeaOLJZ\n" + "JBVjsmdjFtDbgHaY9Vizrbh9jFM8iyvw01y+FZqCt2kSzvaPRoQad06NCV00oN6W\n" + "mG2iRKBSwVEX7JleigliK3M3Y5dlHV77CC1Or9BGC9Rbx9n9mV6z/NAWW5LyPHb5\n" + "gf4oXM6OPw==\n" + "-----END NEW CERTIFICATE REQUEST-----\n"; const gnutls_datum_t saved_crq = { saved_crq_pem, sizeof(saved_crq_pem) - 1 }; static unsigned char key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" - "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" - "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" - "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" - "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" - "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" - "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" - "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" - "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" - "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" - "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" - "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" - "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" + "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" + "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" + "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" + "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" + "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" + "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" + "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" + "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" + "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" + "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" + "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" + "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" + "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t key = { key_pem, sizeof(key_pem) - 1 }; -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1207000800; @@ -129,7 +130,7 @@ static gnutls_x509_crq_t generate_crq(void) return crq; } -static void verify_crq(const gnutls_datum_t * pem) +static void verify_crq(const gnutls_datum_t *pem) { gnutls_x509_crq_t crq; diff --git a/tests/gnutls_x509_crt_list_import.c b/tests/gnutls_x509_crt_list_import.c index 3a53e1a80d..2c83e593ba 100644 --- a/tests/gnutls_x509_crt_list_import.c +++ b/tests/gnutls_x509_crt_list_import.c @@ -22,7 +22,7 @@ /* This tests key import for gnutls_x509_privkey_t APIs */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -37,15 +37,13 @@ #include "cert-common.h" #include "utils.h" -#define testfail(fmt, ...) \ - fail("%s: "fmt, name, ##__VA_ARGS__) +#define testfail(fmt, ...) fail("%s: " fmt, name, ##__VA_ARGS__) #define MAX_CERTS 8 -static void load_list(const char *name, const gnutls_datum_t * txt, - unsigned int ncerts, - unsigned int max1, - unsigned int max2, unsigned flags, int exp_err) +static void load_list(const char *name, const gnutls_datum_t *txt, + unsigned int ncerts, unsigned int max1, unsigned int max2, + unsigned flags, int exp_err) { gnutls_x509_crt_t certs[MAX_CERTS]; unsigned int max, i; @@ -60,13 +58,12 @@ static void load_list(const char *name, const gnutls_datum_t * txt, else max = MAX_CERTS; - retry: - ret = - gnutls_x509_crt_list_import(certs, &max, txt, GNUTLS_X509_FMT_PEM, - flags); +retry: + ret = gnutls_x509_crt_list_import(certs, &max, txt, GNUTLS_X509_FMT_PEM, + flags); if (ret < 0) { - if (retried == 0 && ret == GNUTLS_E_SHORT_MEMORY_BUFFER && max2 - && max2 != max) { + if (retried == 0 && ret == GNUTLS_E_SHORT_MEMORY_BUFFER && + max2 && max2 != max) { max = max2; retried = 1; goto retry; @@ -85,9 +82,9 @@ static void load_list(const char *name, const gnutls_datum_t * txt, max, ncerts); if (ret != (int)ncerts) - testfail - ("imported number (%d) doesn't match return value (%d)\n", - ncerts, ret); + testfail( + "imported number (%d) doesn't match return value (%d)\n", + ncerts, ret); return; } @@ -104,249 +101,250 @@ typedef struct test_st { static const char long_chain_pem[] = { "-----BEGIN CERTIFICATE-----\n" - "MIIDQDCCAiigAwIBAgIMU/xyoxPcYVSaqH7/MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTMwIhgPMjAxNDA4MjYxMTQyMjdaGA85OTk5MTIzMTIzNTk1OVow\n" - "EzERMA8GA1UEChMIc2VydmVyLTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" - "AoIBAQDkemVOFdbhBX1qwjxQHr3LmPktNEVBmXjrIvyp++dN7gCYzubnpiLcBE+B\n" - "S2b+ppxBYm9ynKijhGrO+lZPCQRXWmqUg4YDfvnEqM4n04dCE98jN4IhwvWZyP3p\n" - "+U8Ra9mVIBAY2MReo1dcJQHNmo560xzxioHsGNQHAfYgVRHiE5hIXchYbWCkBrKt\n" - "XOoSSTmfgCF3L22p6S1q143VoKUr/C9zqinZo6feGAiTprj6YH0tHswjGBbxTFLb\n" - "q3ThbGDR5FNYL5q0FvQRNbjoF4oFitZ3P1Qkrzq7VIJd9k8J1C3g/16U2dDTKqRX\n" - "ejX7maFZ6oRZJASsRSowEs4wTfRpAgMBAAGjgZMwgZAwDAYDVR0TAQH/BAIwADAa\n" - "BgNVHREEEzARgg93d3cuZXhhbXBsZS5jb20wEwYDVR0lBAwwCgYIKwYBBQUHAwEw\n" - "DwYDVR0PAQH/BAUDAwegADAdBgNVHQ4EFgQUAEYPmcA7S/KChiet+Z6+RRmogiww\n" - "HwYDVR0jBBgwFoAUjxZogHO3y4VdOLuibQHsQYdsGgwwDQYJKoZIhvcNAQELBQAD\n" - "ggEBABlA3npOWwl3eBycaLVOsmdPS+fUwhLnF8hxoyKpHe/33k1nIxd7iiqNZ3iw\n" - "6pAjnuRUCjajU+mlx6ekrmga8mpmeD6JH0I3lq+mrPeCeFXm8gc1yJpcFJ/C2l4o\n" - "+3HNY7RJKcfoQxIbiKOtZ6x9E0aYuk3s1Um3Pf8GLwENoou7Stg5qHsLbkN/GBuP\n" - "n3p/4iqik2k7VblldDe3oCob5vMp0qrAEhlNl2Fn65rcB4+bp1EiC1Z+y6X8DpRb\n" - "NomKUsOiGcbFjQ4ptT6fePmPHX1mgDCx+5/22cyBUYElefYP7Xzr+C8tqqO3JFKe\n" - "hqEmQRsll9bkqpu2dh83c3i9u4g=\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIDATCCAemgAwIBAgIBAzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0y\n" - "MCIYDzIwMTQwODI2MTE0MjI3WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/4ofaL+ilmmM+\n" - "bGaFRy5GYQXtkD8sA3+/GWsunR928fQS68Zh6iWU+gPm52i7Gfbh7piKWA5Tb63w\n" - "unbS6dPsfPSvgRMZGKJpzxqVcBQAnTS4MuDPlXNg3K3HMyVtbxekII8jFeGEJuCL\n" - "mBMT4dI48IZRzj+2mir38w2cQPfomaKtjg2jMokG8Z9/4+SU9VJCcY1/yZk8fCbS\n" - "dBbwhnDq10yvhPCHgX6KMYmoJr28CYgH29Q9sDP1XN3VvAx5X+PtW/6pyF0U5E2e\n" - "gRzVv7Hr3FJKvytbNxRMCoy2YOyvsTP0fIhiXdtkulTKXyiq4cxA+aYByOu1FjU4\n" - "NicWbiZ/AgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" - "ADAdBgNVHQ4EFgQUjxZogHO3y4VdOLuibQHsQYdsGgwwHwYDVR0jBBgwFoAUwAx0\n" - "aL2SrsoSZcZUuFlq0O17BSgwDQYJKoZIhvcNAQELBQADggEBAGQvj8SquT31w8JK\n" - "tHDL4hWOU0EwVwWl4aYsvP17WspiFIIHKApPFfQOD0/Wg9zB48ble5ZSwKA3Vc3B\n" - "DJgd77HgVAd/Nu1TS5TFDKhpuvFPJVpJ3cqt3pTsVGMzf6GRz5kG3Ly/pBgkqiMG\n" - "gv6vTlEvzNe4FcnhNBEaRKpK5Hc5+GnxtfVoki3tjG5u+oa9/OwzAT+7IOyiIKHw\n" - "7F4Cm56QAWMJgVNm329AjZrJLeNuKoQWGueNew4dOe/zlYEaVMG4So74twXQwIAB\n" - "Zko7+wk6eI4CkI4Zair36s1jLkCF8xnL8FExTT3sg6B6KBHaNUuwc67WPILVuFuc\n" - "VfVBOd8=\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIDMzCCAhugAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" - "MCIYDzIwMTQwODI2MTE0MjI3WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIf3as4EONSgWu\n" - "Mbm9w3DbKd/su1UWlrYrcpVqmU3MKD5jXBxyoThSBWxmq1+wcNDmE1on6pHY1aad\n" - "k3188JKMC83wEcyQXaiH3DlTYFXXkkI+JJNUGlfAMSoXG248SpoCIOhCETUG03iP\n" - "Z3AZludaHYsv4akAh1Kl6qn66+bKM53l/YhoQDxhoGaYvO8ZSwKnx5DEiq447jpW\n" - "M+sUFe38RPaMjHpyc1GRctvQDzJGm+8ZRujYDH+fGNzVDDlRyRnsVanFGNdyfhmy\n" - "BN2D2+2VEvzAWlaGg2wQN8gF3+luavIVEgETXODZPa5FF7ulmQmhqGrZcw6WtDmY\n" - "hUbNmbL7AgMBAAGjgZUwgZIwDwYDVR0TAQH/BAUwAwEB/zAuBgNVHR4BAf8EJDAi\n" - "oA8wDYILZXhhbXBsZS5jb22hDzANggtleGFtcGxlLm9yZzAPBgNVHQ8BAf8EBQMD\n" - "BwQAMB0GA1UdDgQWBBTADHRovZKuyhJlxlS4WWrQ7XsFKDAfBgNVHSMEGDAWgBTg\n" - "+khaP8UOjcwSKVxgT+zhh0aWPDANBgkqhkiG9w0BAQsFAAOCAQEASq5yBiib8FPk\n" - "oRONZ4COgGqjXvigeOBRgbHf9AfagpoYDbOKDQS8Iwt9VHZfJxdcJ1OuM1aQqXlN\n" - "dUyf+JdR/24Nv1yrhL+dEfRGka6Db96YuPsbetVhNIiMm2teXDIPgGzAKuTm4xPA\n" - "6zyNVy5AwfDQ5hIZ+EUsfOoerIElNyAbh66law4MWuiv4oyX4u49m5lxLuL6mFpR\n" - "CIZYWjZMa0MJvWMKGm/AhpfEOkbT58Fg5YmxhnKMk6ps1eR6mh3NgH1IbUqvEYNC\n" - "eS42X3kAMxEDseBOMths0gxeLL+IHdQpXnAjZppW8zEIcN3yfknul35r8R6Qt9aK\n" - "q5+/m1ADBw==\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIDATCCAemgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwODI2MTE0MjI2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIe0eOnLaV750K\n" - "4+mVaAftRrJp8t68KJivcRFpkl0ucQs6gwNf9EsVkHineOR3RXypjJ7Hsv+4PIKp\n" - "BhEOTprYUKcBaxHK/NIezV6NrO1AwuD6MtJDQF9jGpSy0F3eRUoBCjVYhTl+JxcZ\n" - "hGHPJd8WMeanQWY4xG4gTwtpjF3tPU5+JGQwLk5SbcLicM2QMG3CapZinOGK3/XC\n" - "Fjsvf5ZhxnixayhfiX/n9BmeP1yxz7YORNYPlL8z1CcLZqJsyjZnNkVwNvl4ft9I\n" - "FOKBLoOTSGocHFIFXh5b50GG6QHgvN+TiAwdpfRTUskWVg8VVIh7ymgDoI2jQhk4\n" - "EeMaZHd/AgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" - "ADAdBgNVHQ4EFgQU4PpIWj/FDo3MEilcYE/s4YdGljwwHwYDVR0jBBgwFoAU6XJK\n" - "EOUYTuioWHG+1YBuz0yPFmowDQYJKoZIhvcNAQELBQADggEBAJOCrGvbeRqPj+uL\n" - "2FIfbkYZAx2nGl3RVv5ZK2YeDpU1udxLihc6Sr67OZbiA4QMKxwgI7pupuwXmyql\n" - "vs9dWnNpjzgfc0OqqzVdOFlfw8ew2DQb2sUXCcIkwqXb/pBQ9BvcgdDASu+rm74j\n" - "JWDZlhcqeVhZROKfpsjsl+lHgZ7kANwHtUJg/WvK8J971hgElqeBO1O97cGkw/in\n" - "e8ooK9Lxk3Td+WdI8C7juCYiwsGqFEKuj7b6937uzvpFmm1fYDdOHhTMcHTHIVTr\n" - "uxSSurQ4XSDF6Iuel3+IdpLL79UYJ7Cf4IhBWj0EloF6xWTA6nUYl3gzKpx1Tg1U\n" - "x2+26YY=\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwODI2MTE0MjI2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqLuVrTyiqz+Zs\n" - "9Qw5V2Z1y1YSWU6aRDMs+34rP2gwT41C69HBh2LLRS04iJUVQydwnEJukwKlTNRn\n" - "1lEpvWgtYmySWA2SyI4xkVzCXgwv0k7WyLwa39hfNY1rXAqhDTL8VO0nXxi8hCMW\n" - "ohaXcvsieglhN5uwu6voEdY3Gwtx4V8ysDJ2P9EBo49ZHdpBOv+3YLDxbWZuL/tI\n" - "nYkBUHHfWGhUHsRsu0EGob3SFnfiooCbE/vtmn9rUuBEQDqOjOg3el/aTPJzcMi/\n" - "RTz+8ho17ZrQRKHZGKWq9Skank+2X9FZoYKFCUlBm6RVud1R54QYZEIj7W9ujQLN\n" - "LJrcIwBDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" - "ADAdBgNVHQ4EFgQU6XJKEOUYTuioWHG+1YBuz0yPFmowDQYJKoZIhvcNAQELBQAD\n" - "ggEBAEeXYGhZ8fWDpCGfSGEDX8FTqLwfDXxw18ZJjQJwus7bsJ9K/hAXnasXrn0f\n" - "TJ+uJi8muqzP1V376mSUzlwXIzLZCtbwRdDhJJYRrLvf5zfHxHeDgvDALn+1AduF\n" - "G/GzCVIFsYNSMdKGwNRp6Ucgl43BPZs6Swn2DXrxxW7Gng+8dvUS2XGLLdH6q1O3\n" - "U1EgJilng+VXx9Rg3yCs5xDiehASySsM6MN/+v+Ouf9lkoQCEgrtlW5Lb/neOBlA\n" - "aS8PPQuKkIEggNd8hW88YWQOJXMiCAgFppVp5B1Vbghn9IDJQISx/AXAoDXQvQfE\n" - "bdOzcKFyDuklHl2IQPnYTFxm/G8=\n" "-----END CERTIFICATE-----\n" -}; - -static const char bad_long_chain_pem[] = { /* 3rd-cert is broken */ + "MIIDQDCCAiigAwIBAgIMU/xyoxPcYVSaqH7/MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTMwIhgPMjAxNDA4MjYxMTQyMjdaGA85OTk5MTIzMTIzNTk1OVow\n" + "EzERMA8GA1UEChMIc2VydmVyLTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQDkemVOFdbhBX1qwjxQHr3LmPktNEVBmXjrIvyp++dN7gCYzubnpiLcBE+B\n" + "S2b+ppxBYm9ynKijhGrO+lZPCQRXWmqUg4YDfvnEqM4n04dCE98jN4IhwvWZyP3p\n" + "+U8Ra9mVIBAY2MReo1dcJQHNmo560xzxioHsGNQHAfYgVRHiE5hIXchYbWCkBrKt\n" + "XOoSSTmfgCF3L22p6S1q143VoKUr/C9zqinZo6feGAiTprj6YH0tHswjGBbxTFLb\n" + "q3ThbGDR5FNYL5q0FvQRNbjoF4oFitZ3P1Qkrzq7VIJd9k8J1C3g/16U2dDTKqRX\n" + "ejX7maFZ6oRZJASsRSowEs4wTfRpAgMBAAGjgZMwgZAwDAYDVR0TAQH/BAIwADAa\n" + "BgNVHREEEzARgg93d3cuZXhhbXBsZS5jb20wEwYDVR0lBAwwCgYIKwYBBQUHAwEw\n" + "DwYDVR0PAQH/BAUDAwegADAdBgNVHQ4EFgQUAEYPmcA7S/KChiet+Z6+RRmogiww\n" + "HwYDVR0jBBgwFoAUjxZogHO3y4VdOLuibQHsQYdsGgwwDQYJKoZIhvcNAQELBQAD\n" + "ggEBABlA3npOWwl3eBycaLVOsmdPS+fUwhLnF8hxoyKpHe/33k1nIxd7iiqNZ3iw\n" + "6pAjnuRUCjajU+mlx6ekrmga8mpmeD6JH0I3lq+mrPeCeFXm8gc1yJpcFJ/C2l4o\n" + "+3HNY7RJKcfoQxIbiKOtZ6x9E0aYuk3s1Um3Pf8GLwENoou7Stg5qHsLbkN/GBuP\n" + "n3p/4iqik2k7VblldDe3oCob5vMp0qrAEhlNl2Fn65rcB4+bp1EiC1Z+y6X8DpRb\n" + "NomKUsOiGcbFjQ4ptT6fePmPHX1mgDCx+5/22cyBUYElefYP7Xzr+C8tqqO3JFKe\n" + "hqEmQRsll9bkqpu2dh83c3i9u4g=\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIDATCCAemgAwIBAgIBAzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0y\n" + "MCIYDzIwMTQwODI2MTE0MjI3WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/4ofaL+ilmmM+\n" + "bGaFRy5GYQXtkD8sA3+/GWsunR928fQS68Zh6iWU+gPm52i7Gfbh7piKWA5Tb63w\n" + "unbS6dPsfPSvgRMZGKJpzxqVcBQAnTS4MuDPlXNg3K3HMyVtbxekII8jFeGEJuCL\n" + "mBMT4dI48IZRzj+2mir38w2cQPfomaKtjg2jMokG8Z9/4+SU9VJCcY1/yZk8fCbS\n" + "dBbwhnDq10yvhPCHgX6KMYmoJr28CYgH29Q9sDP1XN3VvAx5X+PtW/6pyF0U5E2e\n" + "gRzVv7Hr3FJKvytbNxRMCoy2YOyvsTP0fIhiXdtkulTKXyiq4cxA+aYByOu1FjU4\n" + "NicWbiZ/AgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQUjxZogHO3y4VdOLuibQHsQYdsGgwwHwYDVR0jBBgwFoAUwAx0\n" + "aL2SrsoSZcZUuFlq0O17BSgwDQYJKoZIhvcNAQELBQADggEBAGQvj8SquT31w8JK\n" + "tHDL4hWOU0EwVwWl4aYsvP17WspiFIIHKApPFfQOD0/Wg9zB48ble5ZSwKA3Vc3B\n" + "DJgd77HgVAd/Nu1TS5TFDKhpuvFPJVpJ3cqt3pTsVGMzf6GRz5kG3Ly/pBgkqiMG\n" + "gv6vTlEvzNe4FcnhNBEaRKpK5Hc5+GnxtfVoki3tjG5u+oa9/OwzAT+7IOyiIKHw\n" + "7F4Cm56QAWMJgVNm329AjZrJLeNuKoQWGueNew4dOe/zlYEaVMG4So74twXQwIAB\n" + "Zko7+wk6eI4CkI4Zair36s1jLkCF8xnL8FExTT3sg6B6KBHaNUuwc67WPILVuFuc\n" + "VfVBOd8=\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIDMzCCAhugAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" + "MCIYDzIwMTQwODI2MTE0MjI3WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIf3as4EONSgWu\n" + "Mbm9w3DbKd/su1UWlrYrcpVqmU3MKD5jXBxyoThSBWxmq1+wcNDmE1on6pHY1aad\n" + "k3188JKMC83wEcyQXaiH3DlTYFXXkkI+JJNUGlfAMSoXG248SpoCIOhCETUG03iP\n" + "Z3AZludaHYsv4akAh1Kl6qn66+bKM53l/YhoQDxhoGaYvO8ZSwKnx5DEiq447jpW\n" + "M+sUFe38RPaMjHpyc1GRctvQDzJGm+8ZRujYDH+fGNzVDDlRyRnsVanFGNdyfhmy\n" + "BN2D2+2VEvzAWlaGg2wQN8gF3+luavIVEgETXODZPa5FF7ulmQmhqGrZcw6WtDmY\n" + "hUbNmbL7AgMBAAGjgZUwgZIwDwYDVR0TAQH/BAUwAwEB/zAuBgNVHR4BAf8EJDAi\n" + "oA8wDYILZXhhbXBsZS5jb22hDzANggtleGFtcGxlLm9yZzAPBgNVHQ8BAf8EBQMD\n" + "BwQAMB0GA1UdDgQWBBTADHRovZKuyhJlxlS4WWrQ7XsFKDAfBgNVHSMEGDAWgBTg\n" + "+khaP8UOjcwSKVxgT+zhh0aWPDANBgkqhkiG9w0BAQsFAAOCAQEASq5yBiib8FPk\n" + "oRONZ4COgGqjXvigeOBRgbHf9AfagpoYDbOKDQS8Iwt9VHZfJxdcJ1OuM1aQqXlN\n" + "dUyf+JdR/24Nv1yrhL+dEfRGka6Db96YuPsbetVhNIiMm2teXDIPgGzAKuTm4xPA\n" + "6zyNVy5AwfDQ5hIZ+EUsfOoerIElNyAbh66law4MWuiv4oyX4u49m5lxLuL6mFpR\n" + "CIZYWjZMa0MJvWMKGm/AhpfEOkbT58Fg5YmxhnKMk6ps1eR6mh3NgH1IbUqvEYNC\n" + "eS42X3kAMxEDseBOMths0gxeLL+IHdQpXnAjZppW8zEIcN3yfknul35r8R6Qt9aK\n" + "q5+/m1ADBw==\n" + "-----END CERTIFICATE-----\n" "-----BEGIN CERTIFICATE-----\n" - "MIIDQDCCAiigAwIBAgIMU/xyoxPcYVSaqH7/MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTMwIhgPMjAxNDA4MjYxMTQyMjdaGA85OTk5MTIzMTIzNTk1OVow\n" - "EzERMA8GA1UEChMIc2VydmVyLTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" - "AoIBAQDkemVOFdbhBX1qwjxQHr3LmPktNEVBmXjrIvyp++dN7gCYzubnpiLcBE+B\n" - "S2b+ppxBYm9ynKijhGrO+lZPCQRXWmqUg4YDfvnEqM4n04dCE98jN4IhwvWZyP3p\n" - "+U8Ra9mVIBAY2MReo1dcJQHNmo560xzxioHsGNQHAfYgVRHiE5hIXchYbWCkBrKt\n" - "XOoSSTmfgCF3L22p6S1q143VoKUr/C9zqinZo6feGAiTprj6YH0tHswjGBbxTFLb\n" - "q3ThbGDR5FNYL5q0FvQRNbjoF4oFitZ3P1Qkrzq7VIJd9k8J1C3g/16U2dDTKqRX\n" - "ejX7maFZ6oRZJASsRSowEs4wTfRpAgMBAAGjgZMwgZAwDAYDVR0TAQH/BAIwADAa\n" - "BgNVHREEEzARgg93d3cuZXhhbXBsZS5jb20wEwYDVR0lBAwwCgYIKwYBBQUHAwEw\n" - "DwYDVR0PAQH/BAUDAwegADAdBgNVHQ4EFgQUAEYPmcA7S/KChiet+Z6+RRmogiww\n" - "HwYDVR0jBBgwFoAUjxZogHO3y4VdOLuibQHsQYdsGgwwDQYJKoZIhvcNAQELBQAD\n" - "ggEBABlA3npOWwl3eBycaLVOsmdPS+fUwhLnF8hxoyKpHe/33k1nIxd7iiqNZ3iw\n" - "6pAjnuRUCjajU+mlx6ekrmga8mpmeD6JH0I3lq+mrPeCeFXm8gc1yJpcFJ/C2l4o\n" - "+3HNY7RJKcfoQxIbiKOtZ6x9E0aYuk3s1Um3Pf8GLwENoou7Stg5qHsLbkN/GBuP\n" - "n3p/4iqik2k7VblldDe3oCob5vMp0qrAEhlNl2Fn65rcB4+bp1EiC1Z+y6X8DpRb\n" - "NomKUsOiGcbFjQ4ptT6fePmPHX1mgDCx+5/22cyBUYElefYP7Xzr+C8tqqO3JFKe\n" - "hqEmQRsll9bkqpu2dh83c3i9u4g=\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIDATCCAemgAwIBAgIBAzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0y\n" - "MCIYDzIwMTQwODI2MTE0MjI3WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/4ofaL+ilmmM+\n" - "bGaFRy5GYQXtkD8sA3+/GWsunR928fQS68Zh6iWU+gPm52i7Gfbh7piKWA5Tb63w\n" - "unbS6dPsfPSvgRMZGKJpzxqVcBQAnTS4MuDPlXNg3K3HMyVtbxekII8jFeGEJuCL\n" - "mBMT4dI48IZRzj+2mir38w2cQPfomaKtjg2jMokG8Z9/4+SU9VJCcY1/yZk8fCbS\n" - "dBbwhnDq10yvhPCHgX6KMYmoJr28CYgH29Q9sDP1XN3VvAx5X+PtW/6pyF0U5E2e\n" - "gRzVv7Hr3FJKvytbNxRMCoy2YOyvsTP0fIhiXdtkulTKXyiq4cxA+aYByOu1FjU4\n" - "NicWbiZ/AgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" - "ADAdBgNVHQ4EFgQUjxZogHO3y4VdOLuibQHsQYdsGgwwHwYDVR0jBBgwFoAUwAx0\n" - "aL2SrsoSZcZUuFlq0O17BSgwDQYJKoZIhvcNAQELBQADggEBAGQvj8SquT31w8JK\n" - "tHDL4hWOU0EwVwWl4aYsvP17WspiFIIHKApPFfQOD0/Wg9zB48ble5ZSwKA3Vc3B\n" - "DJgd77HgVAd/Nu1TS5TFDKhpuvFPJVpJ3cqt3pTsVGMzf6GRz5kG3Ly/pBgkqiMG\n" - "gv6vTlEvzNe4FcnhNBEaRKpK5Hc5+GnxtfVoki3tjG5u+oa9/OwzAT+7IOyiIKHw\n" - "7F4Cm56QAWMJgVNm329AjZrJLeNuKoQWGueNew4dOe/zlYEaVMG4So74twXQwIAB\n" - "Zko7+wk6eI4CkI4Zair36s1jLkCF8xnL8FExTT3sg6B6KBHaNUuwc67WPILVuFuc\n" - "VfVBOd8=\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "XXIDMzCCAhugAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" - "MCIYDzIwMTQwODI2MTE0MjI3WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIf3as4EONSgWu\n" - "Mbm9w3DbKd/su1UWlrYrcpVqmU3MKD5jXBxyoThSBWxmq1+wcNDmE1on6pHY1aad\n" - "k3188JKMC83wEcyQXaiH3DlTYFXXkkI+JJNUGlfAMSoXG248SpoCIOhCETUG03iP\n" - "Z3AZludaHYsvQQXXh1Kl6qn66+bKM53l/YhoQDxhoGaYvO8ZSwKnx5DEiq447jpW\n" - "M+sUFe38RPaMQQXXc1GRctvQDzJGm+8ZRujYDH+fGNzVDDlRyRnsVanFGNdyfhmy\n" - "BN2D2+2VEvzAQQXXg2wQN8gF3+luavIVEgETXODZPa5FF7ulmQmhqGrZcw6WtDmY\n" - "hUbNmbL7AgMBQQXXgZUwgZIwDwYDVR0TAQH/BAUwAwEB/zAuBgNVHR4BAf8EJDAi\n" - "oA8wDYILZXhhQQBsZS5jb22hDzANggtleGFtcGxlLm9yZzAPBgNVHQ8BAf8EBQMD\n" - "BwQAMB0GA1UdQQQWBBTADHRovZKuyhJlxlS4WWrQ7XsFKDAfBgNVHSMEGDAWgBTg\n" - "+khaP8UOjcwSQQxgT+zhh0aWPDANBgkqhkiG9w0BAQsFAAOCAQEASq5yBiib8FPk\n" - "oRONZ4COgGqjQQigeOBRgbHf9AfagpoYDbOKDQS8Iwt9VHZfJxdcJ1OuM1aQqXlN\n" - "dUyf+JdR/24NQQyrhL+dEfRGka6Db96YuPsbetVhNIiMm2teXDIPgGzAKuTm4xPA\n" - "6zyNVy5AwfDQQQIZ+EUsfOoerIElNyAbh66law4MWuiv4oyX4u49m5lxLuL6mFpR\n" - "CIZYWjZMa0MJQQMKGm/AhpfEOkbT58Fg5YmxhnKMk6ps1eR6mh3NgH1IbUqvEYNC\n" - "eS42X3kAMxEDQQBOMths0gxeLL+IHdQpXnAjZppW8zEIcN3yfknul35r8R6Qt9aK\n" - "q5+/m1ADBw==\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIDATCCAemgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwODI2MTE0MjI2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIe0eOnLaV750K\n" - "4+mVaAftRrJp8t68KJivcRFpkl0ucQs6gwNf9EsVkHineOR3RXypjJ7Hsv+4PIKp\n" - "BhEOTprYUKcBaxHK/NIezV6NrO1AwuD6MtJDQF9jGpSy0F3eRUoBCjVYhTl+JxcZ\n" - "hGHPJd8WMeanQWY4xG4gTwtpjF3tPU5+JGQwLk5SbcLicM2QMG3CapZinOGK3/XC\n" - "Fjsvf5ZhxnixayhfiX/n9BmeP1yxz7YORNYPlL8z1CcLZqJsyjZnNkVwNvl4ft9I\n" - "FOKBLoOTSGocHFIFXh5b50GG6QHgvN+TiAwdpfRTUskWVg8VVIh7ymgDoI2jQhk4\n" - "EeMaZHd/AgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" - "ADAdBgNVHQ4EFgQU4PpIWj/FDo3MEilcYE/s4YdGljwwHwYDVR0jBBgwFoAU6XJK\n" - "EOUYTuioWHG+1YBuz0yPFmowDQYJKoZIhvcNAQELBQADggEBAJOCrGvbeRqPj+uL\n" - "2FIfbkYZAx2nGl3RVv5ZK2YeDpU1udxLihc6Sr67OZbiA4QMKxwgI7pupuwXmyql\n" - "vs9dWnNpjzgfc0OqqzVdOFlfw8ew2DQb2sUXCcIkwqXb/pBQ9BvcgdDASu+rm74j\n" - "JWDZlhcqeVhZROKfpsjsl+lHgZ7kANwHtUJg/WvK8J971hgElqeBO1O97cGkw/in\n" - "e8ooK9Lxk3Td+WdI8C7juCYiwsGqFEKuj7b6937uzvpFmm1fYDdOHhTMcHTHIVTr\n" - "uxSSurQ4XSDF6Iuel3+IdpLL79UYJ7Cf4IhBWj0EloF6xWTA6nUYl3gzKpx1Tg1U\n" - "x2+26YY=\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwODI2MTE0MjI2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqLuVrTyiqz+Zs\n" - "9Qw5V2Z1y1YSWU6aRDMs+34rP2gwT41C69HBh2LLRS04iJUVQydwnEJukwKlTNRn\n" - "1lEpvWgtYmySWA2SyI4xkVzCXgwv0k7WyLwa39hfNY1rXAqhDTL8VO0nXxi8hCMW\n" - "ohaXcvsieglhN5uwu6voEdY3Gwtx4V8ysDJ2P9EBo49ZHdpBOv+3YLDxbWZuL/tI\n" - "nYkBUHHfWGhUHsRsu0EGob3SFnfiooCbE/vtmn9rUuBEQDqOjOg3el/aTPJzcMi/\n" - "RTz+8ho17ZrQRKHZGKWq9Skank+2X9FZoYKFCUlBm6RVud1R54QYZEIj7W9ujQLN\n" - "LJrcIwBDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" - "ADAdBgNVHQ4EFgQU6XJKEOUYTuioWHG+1YBuz0yPFmowDQYJKoZIhvcNAQELBQAD\n" - "ggEBAEeXYGhZ8fWDpCGfSGEDX8FTqLwfDXxw18ZJjQJwus7bsJ9K/hAXnasXrn0f\n" - "TJ+uJi8muqzP1V376mSUzlwXIzLZCtbwRdDhJJYRrLvf5zfHxHeDgvDALn+1AduF\n" - "G/GzCVIFsYNSMdKGwNRp6Ucgl43BPZs6Swn2DXrxxW7Gng+8dvUS2XGLLdH6q1O3\n" - "U1EgJilng+VXx9Rg3yCs5xDiehASySsM6MN/+v+Ouf9lkoQCEgrtlW5Lb/neOBlA\n" - "aS8PPQuKkIEggNd8hW88YWQOJXMiCAgFppVp5B1Vbghn9IDJQISx/AXAoDXQvQfE\n" - "bdOzcKFyDuklHl2IQPnYTFxm/G8=\n" "-----END CERTIFICATE-----\n" + "MIIDATCCAemgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwODI2MTE0MjI2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIe0eOnLaV750K\n" + "4+mVaAftRrJp8t68KJivcRFpkl0ucQs6gwNf9EsVkHineOR3RXypjJ7Hsv+4PIKp\n" + "BhEOTprYUKcBaxHK/NIezV6NrO1AwuD6MtJDQF9jGpSy0F3eRUoBCjVYhTl+JxcZ\n" + "hGHPJd8WMeanQWY4xG4gTwtpjF3tPU5+JGQwLk5SbcLicM2QMG3CapZinOGK3/XC\n" + "Fjsvf5ZhxnixayhfiX/n9BmeP1yxz7YORNYPlL8z1CcLZqJsyjZnNkVwNvl4ft9I\n" + "FOKBLoOTSGocHFIFXh5b50GG6QHgvN+TiAwdpfRTUskWVg8VVIh7ymgDoI2jQhk4\n" + "EeMaZHd/AgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQU4PpIWj/FDo3MEilcYE/s4YdGljwwHwYDVR0jBBgwFoAU6XJK\n" + "EOUYTuioWHG+1YBuz0yPFmowDQYJKoZIhvcNAQELBQADggEBAJOCrGvbeRqPj+uL\n" + "2FIfbkYZAx2nGl3RVv5ZK2YeDpU1udxLihc6Sr67OZbiA4QMKxwgI7pupuwXmyql\n" + "vs9dWnNpjzgfc0OqqzVdOFlfw8ew2DQb2sUXCcIkwqXb/pBQ9BvcgdDASu+rm74j\n" + "JWDZlhcqeVhZROKfpsjsl+lHgZ7kANwHtUJg/WvK8J971hgElqeBO1O97cGkw/in\n" + "e8ooK9Lxk3Td+WdI8C7juCYiwsGqFEKuj7b6937uzvpFmm1fYDdOHhTMcHTHIVTr\n" + "uxSSurQ4XSDF6Iuel3+IdpLL79UYJ7Cf4IhBWj0EloF6xWTA6nUYl3gzKpx1Tg1U\n" + "x2+26YY=\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwODI2MTE0MjI2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqLuVrTyiqz+Zs\n" + "9Qw5V2Z1y1YSWU6aRDMs+34rP2gwT41C69HBh2LLRS04iJUVQydwnEJukwKlTNRn\n" + "1lEpvWgtYmySWA2SyI4xkVzCXgwv0k7WyLwa39hfNY1rXAqhDTL8VO0nXxi8hCMW\n" + "ohaXcvsieglhN5uwu6voEdY3Gwtx4V8ysDJ2P9EBo49ZHdpBOv+3YLDxbWZuL/tI\n" + "nYkBUHHfWGhUHsRsu0EGob3SFnfiooCbE/vtmn9rUuBEQDqOjOg3el/aTPJzcMi/\n" + "RTz+8ho17ZrQRKHZGKWq9Skank+2X9FZoYKFCUlBm6RVud1R54QYZEIj7W9ujQLN\n" + "LJrcIwBDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQU6XJKEOUYTuioWHG+1YBuz0yPFmowDQYJKoZIhvcNAQELBQAD\n" + "ggEBAEeXYGhZ8fWDpCGfSGEDX8FTqLwfDXxw18ZJjQJwus7bsJ9K/hAXnasXrn0f\n" + "TJ+uJi8muqzP1V376mSUzlwXIzLZCtbwRdDhJJYRrLvf5zfHxHeDgvDALn+1AduF\n" + "G/GzCVIFsYNSMdKGwNRp6Ucgl43BPZs6Swn2DXrxxW7Gng+8dvUS2XGLLdH6q1O3\n" + "U1EgJilng+VXx9Rg3yCs5xDiehASySsM6MN/+v+Ouf9lkoQCEgrtlW5Lb/neOBlA\n" + "aS8PPQuKkIEggNd8hW88YWQOJXMiCAgFppVp5B1Vbghn9IDJQISx/AXAoDXQvQfE\n" + "bdOzcKFyDuklHl2IQPnYTFxm/G8=\n" + "-----END CERTIFICATE-----\n" }; -static const gnutls_datum_t long_chain = { - (void *)long_chain_pem, sizeof(long_chain_pem) - 1 -}; +static const char bad_long_chain_pem + [] = { /* 3rd-cert is broken */ + "-----BEGIN CERTIFICATE-----\n" + "MIIDQDCCAiigAwIBAgIMU/xyoxPcYVSaqH7/MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTMwIhgPMjAxNDA4MjYxMTQyMjdaGA85OTk5MTIzMTIzNTk1OVow\n" + "EzERMA8GA1UEChMIc2VydmVyLTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQDkemVOFdbhBX1qwjxQHr3LmPktNEVBmXjrIvyp++dN7gCYzubnpiLcBE+B\n" + "S2b+ppxBYm9ynKijhGrO+lZPCQRXWmqUg4YDfvnEqM4n04dCE98jN4IhwvWZyP3p\n" + "+U8Ra9mVIBAY2MReo1dcJQHNmo560xzxioHsGNQHAfYgVRHiE5hIXchYbWCkBrKt\n" + "XOoSSTmfgCF3L22p6S1q143VoKUr/C9zqinZo6feGAiTprj6YH0tHswjGBbxTFLb\n" + "q3ThbGDR5FNYL5q0FvQRNbjoF4oFitZ3P1Qkrzq7VIJd9k8J1C3g/16U2dDTKqRX\n" + "ejX7maFZ6oRZJASsRSowEs4wTfRpAgMBAAGjgZMwgZAwDAYDVR0TAQH/BAIwADAa\n" + "BgNVHREEEzARgg93d3cuZXhhbXBsZS5jb20wEwYDVR0lBAwwCgYIKwYBBQUHAwEw\n" + "DwYDVR0PAQH/BAUDAwegADAdBgNVHQ4EFgQUAEYPmcA7S/KChiet+Z6+RRmogiww\n" + "HwYDVR0jBBgwFoAUjxZogHO3y4VdOLuibQHsQYdsGgwwDQYJKoZIhvcNAQELBQAD\n" + "ggEBABlA3npOWwl3eBycaLVOsmdPS+fUwhLnF8hxoyKpHe/33k1nIxd7iiqNZ3iw\n" + "6pAjnuRUCjajU+mlx6ekrmga8mpmeD6JH0I3lq+mrPeCeFXm8gc1yJpcFJ/C2l4o\n" + "+3HNY7RJKcfoQxIbiKOtZ6x9E0aYuk3s1Um3Pf8GLwENoou7Stg5qHsLbkN/GBuP\n" + "n3p/4iqik2k7VblldDe3oCob5vMp0qrAEhlNl2Fn65rcB4+bp1EiC1Z+y6X8DpRb\n" + "NomKUsOiGcbFjQ4ptT6fePmPHX1mgDCx+5/22cyBUYElefYP7Xzr+C8tqqO3JFKe\n" + "hqEmQRsll9bkqpu2dh83c3i9u4g=\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIDATCCAemgAwIBAgIBAzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0y\n" + "MCIYDzIwMTQwODI2MTE0MjI3WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/4ofaL+ilmmM+\n" + "bGaFRy5GYQXtkD8sA3+/GWsunR928fQS68Zh6iWU+gPm52i7Gfbh7piKWA5Tb63w\n" + "unbS6dPsfPSvgRMZGKJpzxqVcBQAnTS4MuDPlXNg3K3HMyVtbxekII8jFeGEJuCL\n" + "mBMT4dI48IZRzj+2mir38w2cQPfomaKtjg2jMokG8Z9/4+SU9VJCcY1/yZk8fCbS\n" + "dBbwhnDq10yvhPCHgX6KMYmoJr28CYgH29Q9sDP1XN3VvAx5X+PtW/6pyF0U5E2e\n" + "gRzVv7Hr3FJKvytbNxRMCoy2YOyvsTP0fIhiXdtkulTKXyiq4cxA+aYByOu1FjU4\n" + "NicWbiZ/AgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQUjxZogHO3y4VdOLuibQHsQYdsGgwwHwYDVR0jBBgwFoAUwAx0\n" + "aL2SrsoSZcZUuFlq0O17BSgwDQYJKoZIhvcNAQELBQADggEBAGQvj8SquT31w8JK\n" + "tHDL4hWOU0EwVwWl4aYsvP17WspiFIIHKApPFfQOD0/Wg9zB48ble5ZSwKA3Vc3B\n" + "DJgd77HgVAd/Nu1TS5TFDKhpuvFPJVpJ3cqt3pTsVGMzf6GRz5kG3Ly/pBgkqiMG\n" + "gv6vTlEvzNe4FcnhNBEaRKpK5Hc5+GnxtfVoki3tjG5u+oa9/OwzAT+7IOyiIKHw\n" + "7F4Cm56QAWMJgVNm329AjZrJLeNuKoQWGueNew4dOe/zlYEaVMG4So74twXQwIAB\n" + "Zko7+wk6eI4CkI4Zair36s1jLkCF8xnL8FExTT3sg6B6KBHaNUuwc67WPILVuFuc\n" + "VfVBOd8=\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "XXIDMzCCAhugAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" + "MCIYDzIwMTQwODI2MTE0MjI3WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIf3as4EONSgWu\n" + "Mbm9w3DbKd/su1UWlrYrcpVqmU3MKD5jXBxyoThSBWxmq1+wcNDmE1on6pHY1aad\n" + "k3188JKMC83wEcyQXaiH3DlTYFXXkkI+JJNUGlfAMSoXG248SpoCIOhCETUG03iP\n" + "Z3AZludaHYsvQQXXh1Kl6qn66+bKM53l/YhoQDxhoGaYvO8ZSwKnx5DEiq447jpW\n" + "M+sUFe38RPaMQQXXc1GRctvQDzJGm+8ZRujYDH+fGNzVDDlRyRnsVanFGNdyfhmy\n" + "BN2D2+2VEvzAQQXXg2wQN8gF3+luavIVEgETXODZPa5FF7ulmQmhqGrZcw6WtDmY\n" + "hUbNmbL7AgMBQQXXgZUwgZIwDwYDVR0TAQH/BAUwAwEB/zAuBgNVHR4BAf8EJDAi\n" + "oA8wDYILZXhhQQBsZS5jb22hDzANggtleGFtcGxlLm9yZzAPBgNVHQ8BAf8EBQMD\n" + "BwQAMB0GA1UdQQQWBBTADHRovZKuyhJlxlS4WWrQ7XsFKDAfBgNVHSMEGDAWgBTg\n" + "+khaP8UOjcwSQQxgT+zhh0aWPDANBgkqhkiG9w0BAQsFAAOCAQEASq5yBiib8FPk\n" + "oRONZ4COgGqjQQigeOBRgbHf9AfagpoYDbOKDQS8Iwt9VHZfJxdcJ1OuM1aQqXlN\n" + "dUyf+JdR/24NQQyrhL+dEfRGka6Db96YuPsbetVhNIiMm2teXDIPgGzAKuTm4xPA\n" + "6zyNVy5AwfDQQQIZ+EUsfOoerIElNyAbh66law4MWuiv4oyX4u49m5lxLuL6mFpR\n" + "CIZYWjZMa0MJQQMKGm/AhpfEOkbT58Fg5YmxhnKMk6ps1eR6mh3NgH1IbUqvEYNC\n" + "eS42X3kAMxEDQQBOMths0gxeLL+IHdQpXnAjZppW8zEIcN3yfknul35r8R6Qt9aK\n" + "q5+/m1ADBw==\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIDATCCAemgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwODI2MTE0MjI2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIe0eOnLaV750K\n" + "4+mVaAftRrJp8t68KJivcRFpkl0ucQs6gwNf9EsVkHineOR3RXypjJ7Hsv+4PIKp\n" + "BhEOTprYUKcBaxHK/NIezV6NrO1AwuD6MtJDQF9jGpSy0F3eRUoBCjVYhTl+JxcZ\n" + "hGHPJd8WMeanQWY4xG4gTwtpjF3tPU5+JGQwLk5SbcLicM2QMG3CapZinOGK3/XC\n" + "Fjsvf5ZhxnixayhfiX/n9BmeP1yxz7YORNYPlL8z1CcLZqJsyjZnNkVwNvl4ft9I\n" + "FOKBLoOTSGocHFIFXh5b50GG6QHgvN+TiAwdpfRTUskWVg8VVIh7ymgDoI2jQhk4\n" + "EeMaZHd/AgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQU4PpIWj/FDo3MEilcYE/s4YdGljwwHwYDVR0jBBgwFoAU6XJK\n" + "EOUYTuioWHG+1YBuz0yPFmowDQYJKoZIhvcNAQELBQADggEBAJOCrGvbeRqPj+uL\n" + "2FIfbkYZAx2nGl3RVv5ZK2YeDpU1udxLihc6Sr67OZbiA4QMKxwgI7pupuwXmyql\n" + "vs9dWnNpjzgfc0OqqzVdOFlfw8ew2DQb2sUXCcIkwqXb/pBQ9BvcgdDASu+rm74j\n" + "JWDZlhcqeVhZROKfpsjsl+lHgZ7kANwHtUJg/WvK8J971hgElqeBO1O97cGkw/in\n" + "e8ooK9Lxk3Td+WdI8C7juCYiwsGqFEKuj7b6937uzvpFmm1fYDdOHhTMcHTHIVTr\n" + "uxSSurQ4XSDF6Iuel3+IdpLL79UYJ7Cf4IhBWj0EloF6xWTA6nUYl3gzKpx1Tg1U\n" + "x2+26YY=\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwODI2MTE0MjI2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqLuVrTyiqz+Zs\n" + "9Qw5V2Z1y1YSWU6aRDMs+34rP2gwT41C69HBh2LLRS04iJUVQydwnEJukwKlTNRn\n" + "1lEpvWgtYmySWA2SyI4xkVzCXgwv0k7WyLwa39hfNY1rXAqhDTL8VO0nXxi8hCMW\n" + "ohaXcvsieglhN5uwu6voEdY3Gwtx4V8ysDJ2P9EBo49ZHdpBOv+3YLDxbWZuL/tI\n" + "nYkBUHHfWGhUHsRsu0EGob3SFnfiooCbE/vtmn9rUuBEQDqOjOg3el/aTPJzcMi/\n" + "RTz+8ho17ZrQRKHZGKWq9Skank+2X9FZoYKFCUlBm6RVud1R54QYZEIj7W9ujQLN\n" + "LJrcIwBDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQU6XJKEOUYTuioWHG+1YBuz0yPFmowDQYJKoZIhvcNAQELBQAD\n" + "ggEBAEeXYGhZ8fWDpCGfSGEDX8FTqLwfDXxw18ZJjQJwus7bsJ9K/hAXnasXrn0f\n" + "TJ+uJi8muqzP1V376mSUzlwXIzLZCtbwRdDhJJYRrLvf5zfHxHeDgvDALn+1AduF\n" + "G/GzCVIFsYNSMdKGwNRp6Ucgl43BPZs6Swn2DXrxxW7Gng+8dvUS2XGLLdH6q1O3\n" + "U1EgJilng+VXx9Rg3yCs5xDiehASySsM6MN/+v+Ouf9lkoQCEgrtlW5Lb/neOBlA\n" + "aS8PPQuKkIEggNd8hW88YWQOJXMiCAgFppVp5B1Vbghn9IDJQISx/AXAoDXQvQfE\n" + "bdOzcKFyDuklHl2IQPnYTFxm/G8=\n" + "-----END CERTIFICATE-----\n" + }; -static const gnutls_datum_t bad_long_chain = { - (void *)bad_long_chain_pem, sizeof(bad_long_chain_pem) - 1 -}; +static const gnutls_datum_t long_chain = { (void *)long_chain_pem, + sizeof(long_chain_pem) - 1 }; + +static const gnutls_datum_t bad_long_chain = { (void *)bad_long_chain_pem, + sizeof(bad_long_chain_pem) - 1 }; static const test_st tests[] = { - {.name = "load 5 certs", - .certs = &long_chain, - .ncerts = 5, - .flags = 0}, - {.name = "partial load of 5 certs, with expected failure", - .certs = &bad_long_chain, - .ncerts = 5, - .flags = 0, - .exp_err = GNUTLS_E_ASN1_TAG_ERROR}, - {.name = "load 2 certs out of 5", - .certs = &long_chain, - .max1 = 2, - .ncerts = 2, - .flags = 0}, - {.name = "load 1 cert out of 5", - .certs = &long_chain, - .ncerts = 1, - .max1 = 1, - .max2 = 0, - .flags = 0}, - {.name = "load 2 certs with fail if exceed", - .certs = &long_chain, - .ncerts = 2, - .max1 = 2, - .flags = GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED, - .exp_err = GNUTLS_E_SHORT_MEMORY_BUFFER}, - {.name = "load 2 certs with fail if exceed and retry", - .certs = &long_chain, - .ncerts = 5, - .max1 = 1, - .max2 = 6, - .exp_err = 0, - .flags = GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED}, - {.name = "load certs, fail due to size, and retry, and fail again", - .certs = &long_chain, - .max1 = 1, - .max2 = 3, - .ncerts = 5, - .flags = GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED, - .exp_err = GNUTLS_E_SHORT_MEMORY_BUFFER} + { .name = "load 5 certs", + .certs = &long_chain, + .ncerts = 5, + .flags = 0 }, + { .name = "partial load of 5 certs, with expected failure", + .certs = &bad_long_chain, + .ncerts = 5, + .flags = 0, + .exp_err = GNUTLS_E_ASN1_TAG_ERROR }, + { .name = "load 2 certs out of 5", + .certs = &long_chain, + .max1 = 2, + .ncerts = 2, + .flags = 0 }, + { .name = "load 1 cert out of 5", + .certs = &long_chain, + .ncerts = 1, + .max1 = 1, + .max2 = 0, + .flags = 0 }, + { .name = "load 2 certs with fail if exceed", + .certs = &long_chain, + .ncerts = 2, + .max1 = 2, + .flags = GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED, + .exp_err = GNUTLS_E_SHORT_MEMORY_BUFFER }, + { .name = "load 2 certs with fail if exceed and retry", + .certs = &long_chain, + .ncerts = 5, + .max1 = 1, + .max2 = 6, + .exp_err = 0, + .flags = GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED }, + { .name = "load certs, fail due to size, and retry, and fail again", + .certs = &long_chain, + .max1 = 1, + .max2 = 3, + .ncerts = 5, + .flags = GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED, + .exp_err = GNUTLS_E_SHORT_MEMORY_BUFFER } }; void doit(void) diff --git a/tests/gnutls_x509_crt_sign.c b/tests/gnutls_x509_crt_sign.c index c4fac7b793..29c3237f2b 100644 --- a/tests/gnutls_x509_crt_sign.c +++ b/tests/gnutls_x509_crt_sign.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -37,19 +37,20 @@ #include "cert-common.h" static unsigned char saved_crt_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICIjCCAYugAwIBAgIDChEAMA0GCSqGSIb3DQEBCwUAMCsxDjAMBgNVBAMTBW5p\n" - "a29zMRkwFwYDVQQKExBub25lIHRvLCBtZW50aW9uMCAXDTA4MDMzMTIyMDAwMFoY\n" - "Dzk5OTkxMjMxMjM1OTU5WjArMQ4wDAYDVQQDEwVuaWtvczEZMBcGA1UEChMQbm9u\n" - "ZSB0bywgbWVudGlvbjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAu2ZD9fLF\n" - "17aMzMXf9Yg7sclLag6hrSBQQAiAoU9co9D4bM/mPPfsBHYTF4tkiSJbwN1TfDvt\n" - "fAS7gLkovo6bxo6gpRLL9Vceoue7tzNJn+O7Sq5qTWj/yRHiMo3OPYALjXXv2ACB\n" - "jygEA6AijWEEB/q2N30hB0nSCWFpmJCjWKkCAwEAAaNSMFAwDAYDVR0TAQH/BAIw\n" - "ADAOBgNVHQ8BAf8EBAMCB4AwDgYDVR0RBAcwBYIDYXBhMCAGA1UdJQEB/wQWMBQG\n" - "CCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOBgQCiZrNQBktpWsND\n" - "MsH9kdwscx1ybGoeRibdngltnwzIjcl5T+D52fADzKHpuvwq6m5qHUz/f/872E3w\n" - "AKw9YX7n9316fTydee22/WyNGmP5r6E82Inu6wQpgkrOsgfhs/jNDGEhOw/G1lwZ\n" - "dAtaww1V7OEVK1WufVUtQ3rQzxYPcQ==\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIICIjCCAYugAwIBAgIDChEAMA0GCSqGSIb3DQEBCwUAMCsxDjAMBgNVBAMTBW5p\n" + "a29zMRkwFwYDVQQKExBub25lIHRvLCBtZW50aW9uMCAXDTA4MDMzMTIyMDAwMFoY\n" + "Dzk5OTkxMjMxMjM1OTU5WjArMQ4wDAYDVQQDEwVuaWtvczEZMBcGA1UEChMQbm9u\n" + "ZSB0bywgbWVudGlvbjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAu2ZD9fLF\n" + "17aMzMXf9Yg7sclLag6hrSBQQAiAoU9co9D4bM/mPPfsBHYTF4tkiSJbwN1TfDvt\n" + "fAS7gLkovo6bxo6gpRLL9Vceoue7tzNJn+O7Sq5qTWj/yRHiMo3OPYALjXXv2ACB\n" + "jygEA6AijWEEB/q2N30hB0nSCWFpmJCjWKkCAwEAAaNSMFAwDAYDVR0TAQH/BAIw\n" + "ADAOBgNVHQ8BAf8EBAMCB4AwDgYDVR0RBAcwBYIDYXBhMCAGA1UdJQEB/wQWMBQG\n" + "CCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOBgQCiZrNQBktpWsND\n" + "MsH9kdwscx1ybGoeRibdngltnwzIjcl5T+D52fADzKHpuvwq6m5qHUz/f/872E3w\n" + "AKw9YX7n9316fTydee22/WyNGmP5r6E82Inu6wQpgkrOsgfhs/jNDGEhOw/G1lwZ\n" + "dAtaww1V7OEVK1WufVUtQ3rQzxYPcQ==\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t saved_crt = { saved_crt_pem, sizeof(saved_crt_pem) - 1 }; @@ -58,7 +59,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1207000800; @@ -96,8 +97,8 @@ void doit(void) if (ret != 0) fail("gnutls_x509_crt_init\n"); - ret = - gnutls_x509_crt_import(crt2, &server_ecc_cert, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt2, &server_ecc_cert, + GNUTLS_X509_FMT_PEM); if (ret != 0) fail("gnutls_x509_crt_import\n"); @@ -140,9 +141,8 @@ void doit(void) if (ret != 0) fail("gnutls_x509_crt_set_key_usage %d\n", ret); - ret = - gnutls_x509_crt_set_dn(crt, "o = none to\\, mention,cn = nikos", - &err); + ret = gnutls_x509_crt_set_dn(crt, "o = none to\\, mention,cn = nikos", + &err); if (ret < 0) { fail("gnutls_x509_crt_set_dn: %s, %s\n", gnutls_strerror(ret), err); @@ -164,9 +164,10 @@ void doit(void) if (ret != 0) fail("gnutls_x509_crt_set_subject_alt_name\n"); - ret = gnutls_x509_crt_set_subject_alt_name(crt, GNUTLS_SAN_IPADDRESS, - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01", - 16, 1); + ret = gnutls_x509_crt_set_subject_alt_name( + crt, GNUTLS_SAN_IPADDRESS, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01", + 16, 1); if (ret != 0) fail("gnutls_x509_crt_set_subject_alt_name\n"); @@ -181,9 +182,8 @@ void doit(void) fail("gnutls_x509_crt_get_key_purpose_oid %d\n", ret); s = 0; - ret = - gnutls_x509_crt_set_key_purpose_oid(crt, - GNUTLS_KP_TLS_WWW_SERVER, 0); + ret = gnutls_x509_crt_set_key_purpose_oid(crt, GNUTLS_KP_TLS_WWW_SERVER, + 0); if (ret != 0) fail("gnutls_x509_crt_set_key_purpose_oid %d\n", ret); @@ -193,17 +193,15 @@ void doit(void) fail("gnutls_x509_crt_get_key_purpose_oid %d\n", ret); s = 0; - ret = - gnutls_x509_crt_set_key_purpose_oid(crt, - GNUTLS_KP_TLS_WWW_CLIENT, 1); + ret = gnutls_x509_crt_set_key_purpose_oid(crt, GNUTLS_KP_TLS_WWW_CLIENT, + 1); if (ret != 0) fail("gnutls_x509_crt_set_key_purpose_oid2 %d\n", ret); /* in the end this will be ignored as the issuer will be set * by gnutls_x509_crt_sign2() */ - ret = - gnutls_x509_crt_set_issuer_dn(crt, "cn = my CA, o = big\\, and one", - &err); + ret = gnutls_x509_crt_set_issuer_dn( + crt, "cn = my CA, o = big\\, and one", &err); if (ret < 0) { fail("gnutls_x509_crt_set_issuer_dn: %s, %s\n", gnutls_strerror(ret), err); diff --git a/tests/gnutls_x509_privkey_import.c b/tests/gnutls_x509_privkey_import.c index 1861370608..462358259a 100644 --- a/tests/gnutls_x509_privkey_import.c +++ b/tests/gnutls_x509_privkey_import.c @@ -22,7 +22,7 @@ /* This tests key import for gnutls_x509_privkey_t APIs */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -37,13 +37,9 @@ #include "cert-common.h" #include "utils.h" -#define testfail(fmt, ...) \ - fail("%s: "fmt, name, ##__VA_ARGS__) +#define testfail(fmt, ...) fail("%s: " fmt, name, ##__VA_ARGS__) -const gnutls_datum_t raw_data = { - (void *)"hello there", - 11 -}; +const gnutls_datum_t raw_data = { (void *)"hello there", 11 }; static int sign_verify_data(gnutls_x509_privkey_t pkey, gnutls_sign_algorithm_t algo) @@ -60,8 +56,8 @@ static int sign_verify_data(gnutls_x509_privkey_t pkey, if (ret < 0) fail("gnutls_privkey_import_x509\n"); - ret = gnutls_privkey_sign_data2(privkey, algo, 0, - &raw_data, &signature); + ret = gnutls_privkey_sign_data2(privkey, algo, 0, &raw_data, + &signature); if (ret < 0) { ret = -1; goto cleanup; @@ -83,7 +79,7 @@ static int sign_verify_data(gnutls_x509_privkey_t pkey, } ret = 0; - cleanup: +cleanup: if (pubkey) gnutls_pubkey_deinit(pubkey); gnutls_privkey_deinit(privkey); @@ -92,7 +88,7 @@ static int sign_verify_data(gnutls_x509_privkey_t pkey, return ret; } -static void load_privkey(const char *name, const gnutls_datum_t * txtkey, +static void load_privkey(const char *name, const gnutls_datum_t *txtkey, gnutls_pk_algorithm_t pk, gnutls_sign_algorithm_t sig, int exp_key_err) { @@ -106,8 +102,8 @@ static void load_privkey(const char *name, const gnutls_datum_t * txtkey, ret = gnutls_x509_privkey_import(tmp, txtkey, GNUTLS_X509_FMT_PEM); if (ret < 0) { if (exp_key_err) { - testfail - ("did not fail in key import, although expected\n"); + testfail( + "did not fail in key import, although expected\n"); } testfail("gnutls_privkey_import: %s\n", gnutls_strerror(ret)); @@ -129,7 +125,7 @@ static void load_privkey(const char *name, const gnutls_datum_t * txtkey, return; } -static void load_privkey_in_der(const char *name, const gnutls_datum_t * txtkey, +static void load_privkey_in_der(const char *name, const gnutls_datum_t *txtkey, gnutls_pk_algorithm_t pk, gnutls_sign_algorithm_t sig, int exp_key_err) { @@ -152,8 +148,8 @@ static void load_privkey_in_der(const char *name, const gnutls_datum_t * txtkey, if (ret < 0) { if (exp_key_err) { - testfail - ("did not fail in key import, although expected\n"); + testfail( + "did not fail in key import, although expected\n"); } testfail("gnutls_privkey_import: %s\n", gnutls_strerror(ret)); @@ -183,33 +179,36 @@ typedef struct test_st { int exp_key_err; } test_st; -static const test_st tests[] = { - {.name = "ecc key", - .pk = GNUTLS_PK_ECDSA, - .sig = GNUTLS_SIGN_ECDSA_SHA256, - .key = &server_ca3_ecc_key, - }, - {.name = "rsa-sign key", - .pk = GNUTLS_PK_RSA, - .sig = GNUTLS_SIGN_RSA_SHA384, - .key = &server_ca3_key, - }, - {.name = "rsa-pss-sign key (PKCS#8)", - .pk = GNUTLS_PK_RSA_PSS, - .sig = GNUTLS_SIGN_RSA_PSS_SHA256, - .key = &server_ca3_rsa_pss2_key, - }, - {.name = "dsa key", - .pk = GNUTLS_PK_DSA, - .sig = GNUTLS_SIGN_DSA_SHA1, - .key = &dsa_key, - }, - {.name = "ed25519 key (PKCS#8)", - .pk = GNUTLS_PK_EDDSA_ED25519, - .sig = GNUTLS_SIGN_EDDSA_ED25519, - .key = &server_ca3_eddsa_key, - } -}; +static const test_st tests[] = { { + .name = "ecc key", + .pk = GNUTLS_PK_ECDSA, + .sig = GNUTLS_SIGN_ECDSA_SHA256, + .key = &server_ca3_ecc_key, + }, + { + .name = "rsa-sign key", + .pk = GNUTLS_PK_RSA, + .sig = GNUTLS_SIGN_RSA_SHA384, + .key = &server_ca3_key, + }, + { + .name = "rsa-pss-sign key (PKCS#8)", + .pk = GNUTLS_PK_RSA_PSS, + .sig = GNUTLS_SIGN_RSA_PSS_SHA256, + .key = &server_ca3_rsa_pss2_key, + }, + { + .name = "dsa key", + .pk = GNUTLS_PK_DSA, + .sig = GNUTLS_SIGN_DSA_SHA1, + .key = &dsa_key, + }, + { + .name = "ed25519 key (PKCS#8)", + .pk = GNUTLS_PK_EDDSA_ED25519, + .sig = GNUTLS_SIGN_EDDSA_ED25519, + .key = &server_ca3_eddsa_key, + } }; void doit(void) { diff --git a/tests/handshake-false-start.c b/tests/handshake-false-start.c index 07cca827d0..84c2a1d84c 100644 --- a/tests/handshake-false-start.c +++ b/tests/handshake-false-start.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -50,8 +50,9 @@ enum { TESTNO_MAX }; -#define myfail(fmt, ...) \ - fail("%s%s %d: "fmt, dtls?"dtls":"tls", name, testno, ##__VA_ARGS__) +#define myfail(fmt, ...) \ + fail("%s%s %d: " fmt, dtls ? "dtls" : "tls", name, testno, \ + ##__VA_ARGS__) static void try(const char *name, unsigned testno, unsigned fs, const char *prio, unsigned dhsize, unsigned dtls) @@ -68,10 +69,10 @@ static void try(const char *name, unsigned testno, unsigned fs, gnutls_certificate_credentials_t clientx509cred; gnutls_session_t client; int cret = GNUTLS_E_AGAIN; - const gnutls_datum_t p3_2048 = - { (void *)pkcs3_2048, strlen(pkcs3_2048) }; - const gnutls_datum_t p3_3072 = - { (void *)pkcs3_3072, strlen(pkcs3_3072) }; + const gnutls_datum_t p3_2048 = { (void *)pkcs3_2048, + strlen(pkcs3_2048) }; + const gnutls_datum_t p3_3072 = { (void *)pkcs3_3072, + strlen(pkcs3_3072) }; gnutls_dh_params_t dh_params; unsigned flags = 0; @@ -101,11 +102,10 @@ static void try(const char *name, unsigned testno, unsigned fs, gnutls_anon_set_server_dh_params(serveranoncred, dh_params); gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_ecc_cert, &server_ecc_key, + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_ecc_cert, + &server_ecc_key, GNUTLS_X509_FMT_PEM); gnutls_certificate_set_dh_params(serverx509cred, dh_params); @@ -128,15 +128,13 @@ static void try(const char *name, unsigned testno, unsigned fs, if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); - ret = - gnutls_init(&client, - GNUTLS_CLIENT | GNUTLS_ENABLE_FALSE_START | flags); + ret = gnutls_init(&client, + GNUTLS_CLIENT | GNUTLS_ENABLE_FALSE_START | flags); if (ret < 0) exit(1); @@ -161,20 +159,20 @@ static void try(const char *name, unsigned testno, unsigned fs, HANDSHAKE(client, server); - if ((gnutls_session_get_flags(client) & GNUTLS_SFLAGS_FALSE_START) - && !fs) { + if ((gnutls_session_get_flags(client) & GNUTLS_SFLAGS_FALSE_START) && + !fs) { myfail("false start occurred but not expected\n"); } - if (!(gnutls_session_get_flags(client) & GNUTLS_SFLAGS_FALSE_START) - && fs) { + if (!(gnutls_session_get_flags(client) & GNUTLS_SFLAGS_FALSE_START) && + fs) { myfail("false start expected but not happened\n"); } if (testno == TEST_SEND_RECV) { side = "client"; - ret = - gnutls_record_send(client, TESTDATA, sizeof(TESTDATA) - 1); + ret = gnutls_record_send(client, TESTDATA, + sizeof(TESTDATA) - 1); if (ret < 0) { myfail("error sending false start data: %s\n", gnutls_strerror(ret)); @@ -198,8 +196,8 @@ static void try(const char *name, unsigned testno, unsigned fs, } /* check handshake completion */ - ret = - gnutls_record_send(server, TESTDATA, sizeof(TESTDATA) - 1); + ret = gnutls_record_send(server, TESTDATA, + sizeof(TESTDATA) - 1); if (ret < 0) { myfail("error sending false start data: %s\n", gnutls_strerror(ret)); @@ -208,8 +206,8 @@ static void try(const char *name, unsigned testno, unsigned fs, side = "client"; do { - ret = - gnutls_record_recv(client, buffer, sizeof(buffer)); + ret = gnutls_record_recv(client, buffer, + sizeof(buffer)); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { myfail("error receiving data: %s\n", @@ -217,8 +215,8 @@ static void try(const char *name, unsigned testno, unsigned fs, } } else if (testno == TEST_RECV_SEND) { side = "server"; - ret = - gnutls_record_send(server, TESTDATA, sizeof(TESTDATA) - 1); + ret = gnutls_record_send(server, TESTDATA, + sizeof(TESTDATA) - 1); if (ret < 0) { myfail("error sending false start data: %s\n", gnutls_strerror(ret)); @@ -244,9 +242,8 @@ static void try(const char *name, unsigned testno, unsigned fs, /* explicit completion by caller */ ret = gnutls_handshake(client); if (ret != GNUTLS_E_HANDSHAKE_DURING_FALSE_START) { - myfail - ("error in explicit handshake after false start: %s\n", - gnutls_strerror(ret)); + myfail("error in explicit handshake after false start: %s\n", + gnutls_strerror(ret)); exit(1); } @@ -266,7 +263,7 @@ static void try(const char *name, unsigned testno, unsigned fs, } success("%5s%s \tok\n", dtls ? "dtls-" : "tls-", name); - exit: +exit: gnutls_deinit(client); gnutls_deinit(server); diff --git a/tests/handshake-large-cert.c b/tests/handshake-large-cert.c index 44cf144f28..6d4f557573 100644 --- a/tests/handshake-large-cert.c +++ b/tests/handshake-large-cert.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -36,18 +36,18 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# include -# endif -# include -# include -# include +#include +#include +#include +#if !defined(_WIN32) +#include +#include +#endif +#include +#include +#include -# include "utils.h" +#include "utils.h" /* This test checks whether a large certificate packet can be sent by * server and received by client. */ @@ -111,40 +111,39 @@ static void client(int sd, const char *prio) } static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIEowIBAAKCAQEAwJo7662RNezA254WRsXlbuzkPV5eNX7pX5Pj66T8/RKfz7rL\n" - "GpKs4fNxhhIMSUDjy2KbEQXPUH9MWROgU8V//CfcnagLYCHtniqRE+eXv0fCLwWU\n" - "SrA8n0qCBj94/NMA4kSmHf6dE5YdjDSpukyza5IshAuxZ32MDevE3JqMjvnZ5vY7\n" - "drJSfal0V5gof3/7J41ZVxl+WJph50e2pY1E27/hY8q5yQ3DXnE5kTQjX664ozQ8\n" - "UPtqGfkr4YjYe4e6PUWAjU27mQng0O0K+/w8gg6xBxN/AH3U7dg5/cY5IKDsN+Iq\n" - "4UrcCgXWjhosv9IlIXqzK7IBMMphPmRMCLMH2QIDAQABAoIBAGpOdxZdZdH6zHQr\n" - "rKYBouJ39H5+8MbcNtmfWmT9WvogZn8U3ffbz3qjkRxsJ8XjABiJY4egyk3nBXAB\n" - "KjQyxbKbGeUXFLhJ4cq0OgFfid11MRQdIz2aSsutJ1llfVUm7cz2ES5rE6305Hg3\n" - "tRr0LPAJ7XIwtgmmPUCNysnsr/pVrmPLfAnl/CfbLF2v/SfpbSpkgUTrZCNUMC44\n" - "929K4c7cFEM4SP6pUad6MipPzY/SmxZ9yhX3MsROcLp+XLCOOJhhkqoB6LWiess2\n" - "d7odweFRZ0Q0gBD/9EMMy3J5iUwfasf8b5n7z8AgPg9CeB+p/As2/RhRPXnwlS0A\n" - "2KrxWQECgYEA0wM+5fJeL91s19vozCqi3mKVXTv68aL9iQJQNJc4UQm+yu7JvMn9\n" - "koPri74QUpYkmyttaJsGNc90Oj54rSsR/cmEFJKgHOEAYSLeVetyO2XNoQvKdyB9\n" - "UVof6joMLxQ368YCahfz4ogHTQqpzN0BD2TTnKXwCXQDikN/EBb4fHkCgYEA6aov\n" - "8XVIVlxUY4VB/9PQ03OwxTLi+zTJMFJvNJozkat6MLJjAv2zxMt2kmlb0xx3wftD\n" - "VJKHIQCeZmU8qWEZS0G58OPg+TPvQPqdnZmRz3bGfW6F++IDAqV4DEhQ+zXQL8Js\n" - "j9+ocre+s0zXq1HkHgemBGOHy5/jN9cXnH3XTmECgYATRFiZ5mdzN2SY0RuQiNQW\n" - "OiopOTDQn3FG8U8hfi1GOP2Syfrhog/lMOZw/AnBgLQW9wAmbQFEKI0URGAAb85U\n" - "vfGxbzHvcRv3wpdKgRUNF16PNeRmvDC1HOWNHX+/TLlObeYKieVa6dDA2Bho/ET8\n" - "gthPlVc1hcJM/Zy8e1x1AQKBgQCuLDiugGDaVtpkkIlAu8/WPk9Ovv6oh5FMHrZb\n" - "/HFiLPLY56+cJCZjE9Kfkj9rHrY59yQaH1rwg7iO1PmhvAoRqb2DTSl+OHMn+WeR\n" - "eU5R2dRc3QysU60wxMy2QxVyG4vCfedUW0ABuutAVZARWOp0Y/khHluzscu57O/h\n" - "q3/ZIQKBgEXHmOjftWrkWV+/zfZT64k2Z1g7s3dpXW/SFK9jPrt6oqI1GNkYz6Ds\n" - "O1dUiPsNXDCLytUtvYrvrT3rJaPjJDRU2HrN/cYdxXgf6HSEr3Cdcpqyp/5rOOxD\n" - "ALEix6R4MZlsQV8FfgWjvTAET7NtY303JrCdFPqIigwl/PFGPLiB\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIEowIBAAKCAQEAwJo7662RNezA254WRsXlbuzkPV5eNX7pX5Pj66T8/RKfz7rL\n" + "GpKs4fNxhhIMSUDjy2KbEQXPUH9MWROgU8V//CfcnagLYCHtniqRE+eXv0fCLwWU\n" + "SrA8n0qCBj94/NMA4kSmHf6dE5YdjDSpukyza5IshAuxZ32MDevE3JqMjvnZ5vY7\n" + "drJSfal0V5gof3/7J41ZVxl+WJph50e2pY1E27/hY8q5yQ3DXnE5kTQjX664ozQ8\n" + "UPtqGfkr4YjYe4e6PUWAjU27mQng0O0K+/w8gg6xBxN/AH3U7dg5/cY5IKDsN+Iq\n" + "4UrcCgXWjhosv9IlIXqzK7IBMMphPmRMCLMH2QIDAQABAoIBAGpOdxZdZdH6zHQr\n" + "rKYBouJ39H5+8MbcNtmfWmT9WvogZn8U3ffbz3qjkRxsJ8XjABiJY4egyk3nBXAB\n" + "KjQyxbKbGeUXFLhJ4cq0OgFfid11MRQdIz2aSsutJ1llfVUm7cz2ES5rE6305Hg3\n" + "tRr0LPAJ7XIwtgmmPUCNysnsr/pVrmPLfAnl/CfbLF2v/SfpbSpkgUTrZCNUMC44\n" + "929K4c7cFEM4SP6pUad6MipPzY/SmxZ9yhX3MsROcLp+XLCOOJhhkqoB6LWiess2\n" + "d7odweFRZ0Q0gBD/9EMMy3J5iUwfasf8b5n7z8AgPg9CeB+p/As2/RhRPXnwlS0A\n" + "2KrxWQECgYEA0wM+5fJeL91s19vozCqi3mKVXTv68aL9iQJQNJc4UQm+yu7JvMn9\n" + "koPri74QUpYkmyttaJsGNc90Oj54rSsR/cmEFJKgHOEAYSLeVetyO2XNoQvKdyB9\n" + "UVof6joMLxQ368YCahfz4ogHTQqpzN0BD2TTnKXwCXQDikN/EBb4fHkCgYEA6aov\n" + "8XVIVlxUY4VB/9PQ03OwxTLi+zTJMFJvNJozkat6MLJjAv2zxMt2kmlb0xx3wftD\n" + "VJKHIQCeZmU8qWEZS0G58OPg+TPvQPqdnZmRz3bGfW6F++IDAqV4DEhQ+zXQL8Js\n" + "j9+ocre+s0zXq1HkHgemBGOHy5/jN9cXnH3XTmECgYATRFiZ5mdzN2SY0RuQiNQW\n" + "OiopOTDQn3FG8U8hfi1GOP2Syfrhog/lMOZw/AnBgLQW9wAmbQFEKI0URGAAb85U\n" + "vfGxbzHvcRv3wpdKgRUNF16PNeRmvDC1HOWNHX+/TLlObeYKieVa6dDA2Bho/ET8\n" + "gthPlVc1hcJM/Zy8e1x1AQKBgQCuLDiugGDaVtpkkIlAu8/WPk9Ovv6oh5FMHrZb\n" + "/HFiLPLY56+cJCZjE9Kfkj9rHrY59yQaH1rwg7iO1PmhvAoRqb2DTSl+OHMn+WeR\n" + "eU5R2dRc3QysU60wxMy2QxVyG4vCfedUW0ABuutAVZARWOp0Y/khHluzscu57O/h\n" + "q3/ZIQKBgEXHmOjftWrkWV+/zfZT64k2Z1g7s3dpXW/SFK9jPrt6oqI1GNkYz6Ds\n" + "O1dUiPsNXDCLytUtvYrvrT3rJaPjJDRU2HrN/cYdxXgf6HSEr3Cdcpqyp/5rOOxD\n" + "ALEix6R4MZlsQV8FfgWjvTAET7NtY303JrCdFPqIigwl/PFGPLiB\n" + "-----END RSA PRIVATE KEY-----\n"; static void server(int sd, const char *prio) { gnutls_certificate_credentials_t serverx509cred; const gnutls_datum_t key = { server_key_pem, - sizeof(server_key_pem) - 1 - }; + sizeof(server_key_pem) - 1 }; int ret; gnutls_session_t session; gnutls_datum_t cert; @@ -166,8 +165,7 @@ static void server(int sd, const char *prio) assert(gnutls_load_file(cert_path, &cert) >= 0); assert(gnutls_certificate_allocate_credentials(&serverx509cred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(serverx509cred, - &cert, &key, + assert(gnutls_certificate_set_x509_key_mem(serverx509cred, &cert, &key, GNUTLS_X509_FMT_PEM) >= 0); gnutls_free(cert.data); @@ -208,8 +206,7 @@ static void server(int sd, const char *prio) success("server: finished\n"); } -static -void start(const char *name, const char *prio) +static void start(const char *name, const char *prio) { pid_t child; int sockets[2]; @@ -255,4 +252,4 @@ void doit(void) start("default", "NORMAL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/handshake-large-packet.c b/tests/handshake-large-packet.c index 8e2d2833e0..02bcd4bca3 100644 --- a/tests/handshake-large-packet.c +++ b/tests/handshake-large-packet.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -36,19 +36,19 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# include -# endif -# include -# include -# include +#include +#include +#include +#if !defined(_WIN32) +#include +#include +#endif +#include +#include +#include -# include "utils.h" -# include "cert-common.h" +#include "utils.h" +#include "cert-common.h" /* This test checks whether a large handshake packet is accepted by client * and by server. (large is around 64kb) @@ -60,16 +60,16 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -# define TLSEXT_TYPE1 0xFA -# define TLSEXT_TYPE2 0xFB -# define TLSEXT_TYPE3 0xFC -# define TLSEXT_TYPE4 0xFD -# define TLSEXT_TYPE5 0xFE +#define TLSEXT_TYPE1 0xFA +#define TLSEXT_TYPE2 0xFB +#define TLSEXT_TYPE3 0xFC +#define TLSEXT_TYPE4 0xFD +#define TLSEXT_TYPE5 0xFE static int TLSEXT_TYPE_server_sent = 0; static int TLSEXT_TYPE_client_received = 0; -# define MAX_SIZE (12*1024) +#define MAX_SIZE (12 * 1024) static int ext_recv_client_params(gnutls_session_t session, const unsigned char *buf, size_t buflen) @@ -79,7 +79,7 @@ static int ext_recv_client_params(gnutls_session_t session, TLSEXT_TYPE_client_received++; - return 0; //Success + return 0; //Success } static int ext_send_client_params(gnutls_session_t session, @@ -97,7 +97,7 @@ static int ext_send_client_params(gnutls_session_t session, static int ext_recv_server_params(gnutls_session_t session, const unsigned char *buf, size_t buflen) { - return 0; //Success + return 0; //Success } static int ext_send_server_params(gnutls_session_t session, @@ -183,7 +183,7 @@ static void client(int sd, const char *prio) gnutls_bye(session, GNUTLS_SHUT_RDWR); - end: +end: close(sd); gnutls_deinit(session); @@ -209,9 +209,8 @@ static void server(int sd, const char *prio) side = "server"; gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&session, GNUTLS_SERVER); @@ -278,8 +277,7 @@ static void server(int sd, const char *prio) success("server: finished\n"); } -static -void start(const char *prio) +static void start(const char *prio) { pid_t child; int sockets[2]; @@ -325,4 +323,4 @@ void doit(void) start("NORMAL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/handshake-timeout.c b/tests/handshake-timeout.c index 53087aff70..150988e1c4 100644 --- a/tests/handshake-timeout.c +++ b/tests/handshake-timeout.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -37,17 +37,17 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" /* This program tests whether the handshake timeout value is enforced. */ @@ -83,9 +83,8 @@ static void client(int fd, int tmo_ms) gnutls_handshake_set_timeout(session, tmo_ms); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NORMAL:+ANON-ECDH:-VERS-ALL:+VERS-TLS1.2", - NULL); + gnutls_priority_set_direct( + session, "NORMAL:+ANON-ECDH:-VERS-ALL:+VERS-TLS1.2", NULL); /* put the anonymous credentials to the current session */ @@ -97,8 +96,7 @@ static void client(int fd, int tmo_ms) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); gnutls_deinit(session); gnutls_anon_free_client_credentials(anoncred); @@ -147,9 +145,8 @@ static void server(int fd, int tmo_ms) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NORMAL:+ANON-ECDH:-VERS-ALL:+VERS-TLS1.2", - NULL); + gnutls_priority_set_direct( + session, "NORMAL:+ANON-ECDH:-VERS-ALL:+VERS-TLS1.2", NULL); gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); @@ -159,12 +156,12 @@ static void server(int fd, int tmo_ms) char buf[32]; // read until client closes connection - while (read(fd, buf, sizeof(buf)) > 0) ; + while (read(fd, buf, sizeof(buf)) > 0) + ; } else { do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret == 0) gnutls_bye(session, GNUTLS_SHUT_RDWR); @@ -234,4 +231,4 @@ void doit(void) start(1000); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/handshake-versions.c b/tests/handshake-versions.c index 38b83a398e..09b027d563 100644 --- a/tests/handshake-versions.c +++ b/tests/handshake-versions.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -65,9 +65,8 @@ static void try(unsigned char major, unsigned char minor, int ret1, int ret2) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); @@ -83,9 +82,8 @@ static void try(unsigned char major, unsigned char minor, int ret1, int ret2) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); diff --git a/tests/handshake-write.c b/tests/handshake-write.c index f1385039da..8e5cd603f3 100644 --- a/tests/handshake-write.c +++ b/tests/handshake-write.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -47,10 +47,11 @@ static void tls_log_func(int level, const char *str) } #define MAX_BUF 1024 -#define MSG "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..." +#define MSG \ + "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..." -static ssize_t -error_push(gnutls_transport_ptr_t tr, const void *data, size_t len) +static ssize_t error_push(gnutls_transport_ptr_t tr, const void *data, + size_t len) { fail("push_func called unexpectedly"); return -1; @@ -62,11 +63,10 @@ static ssize_t error_pull(gnutls_transport_ptr_t tr, void *data, size_t len) return -1; } -static int -handshake_read_func(gnutls_session_t session, - gnutls_record_encryption_level_t level, - gnutls_handshake_description_t htype, - const void *data, size_t data_size) +static int handshake_read_func(gnutls_session_t session, + gnutls_record_encryption_level_t level, + gnutls_handshake_description_t htype, + const void *data, size_t data_size) { gnutls_session_t peer = gnutls_session_get_ptr(session); @@ -98,10 +98,9 @@ static void run(const char *name, const char *prio) /* Init server */ assert(gnutls_certificate_allocate_credentials(&scred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(scred, - &server_ca3_localhost_cert, - &server_ca3_key, - GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + scred, &server_ca3_localhost_cert, &server_ca3_key, + GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&server, GNUTLS_SERVER) >= 0); assert(gnutls_priority_set_direct(server, prio, NULL) >= 0); @@ -112,8 +111,8 @@ static void run(const char *name, const char *prio) /* Init client */ assert(gnutls_certificate_allocate_credentials(&ccred) >= 0); - assert(gnutls_certificate_set_x509_trust_mem - (ccred, &ca3_cert, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(ccred, &ca3_cert, + GNUTLS_X509_FMT_PEM) >= 0); gnutls_init(&client, GNUTLS_CLIENT); assert(gnutls_priority_set_direct(client, prio, NULL) >= 0); diff --git a/tests/hex.c b/tests/hex.c index c5b3b6a58d..9443408210 100644 --- a/tests/hex.c +++ b/tests/hex.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,7 +33,7 @@ #include "utils.h" -static void encode(const char *test_name, const gnutls_datum_t * raw, +static void encode(const char *test_name, const gnutls_datum_t *raw, const char *expected) { int ret; @@ -47,12 +47,14 @@ static void encode(const char *test_name, const gnutls_datum_t * raw, } if (strlen(expected) != out.size) { - fail("%s: gnutls_hex_encode2: output has incorrect size (%d, expected %d)\n", test_name, (int)out.size, (int)strlen(expected)); + fail("%s: gnutls_hex_encode2: output has incorrect size (%d, expected %d)\n", + test_name, (int)out.size, (int)strlen(expected)); exit(1); } if (strncasecmp(expected, (char *)out.data, out.size) != 0) { - fail("%s: gnutls_hex_encode2: output does not match the expected\n", test_name); + fail("%s: gnutls_hex_encode2: output does not match the expected\n", + test_name); exit(1); } @@ -68,12 +70,14 @@ static void encode(const char *test_name, const gnutls_datum_t * raw, } if (raw->size != out.size) { - fail("%s: gnutls_hex_decode2: output has incorrect size (%d, expected %d)\n", test_name, out.size, raw->size); + fail("%s: gnutls_hex_decode2: output has incorrect size (%d, expected %d)\n", + test_name, out.size, raw->size); exit(1); } if (memcmp(raw->data, out.data, out.size) != 0) { - fail("%s: gnutls_hex_decode2: output does not match the expected\n", test_name); + fail("%s: gnutls_hex_decode2: output does not match the expected\n", + test_name); exit(1); } @@ -82,7 +86,7 @@ static void encode(const char *test_name, const gnutls_datum_t * raw, return; } -static void decode(const char *test_name, const gnutls_datum_t * raw, +static void decode(const char *test_name, const gnutls_datum_t *raw, const char *hex, int res) { int ret; @@ -92,7 +96,7 @@ static void decode(const char *test_name, const gnutls_datum_t * raw, in.size = strlen(hex); ret = gnutls_hex_decode2(&in, &out); if (ret < 0) { - if (res == ret) /* expected */ + if (res == ret) /* expected */ return; fail("%s: gnutls_hex_decode2: %d/%s\n", test_name, ret, gnutls_strerror(ret)); @@ -100,17 +104,20 @@ static void decode(const char *test_name, const gnutls_datum_t * raw, } if (res != 0) { - fail("%s: gnutls_hex_decode2: expected failure, but succeeded!\n", test_name); + fail("%s: gnutls_hex_decode2: expected failure, but succeeded!\n", + test_name); exit(1); } if (raw->size != out.size) { - fail("%s: gnutls_hex_decode2: output has incorrect size (%d, expected %d)\n", test_name, out.size, raw->size); + fail("%s: gnutls_hex_decode2: output has incorrect size (%d, expected %d)\n", + test_name, out.size, raw->size); exit(1); } if (memcmp(raw->data, out.data, out.size) != 0) { - fail("%s: gnutls_hex_decode2: output does not match the expected\n", test_name); + fail("%s: gnutls_hex_decode2: output does not match the expected\n", + test_name); exit(1); } @@ -119,7 +126,7 @@ static void decode(const char *test_name, const gnutls_datum_t * raw, return; } -static void decode2(const char *test_name, const gnutls_datum_t * raw, +static void decode2(const char *test_name, const gnutls_datum_t *raw, const char *hex, int res) { int ret; @@ -129,7 +136,7 @@ static void decode2(const char *test_name, const gnutls_datum_t * raw, outlen = sizeof(output); ret = gnutls_hex2bin(hex, strlen(hex), output, &outlen); if (ret < 0) { - if (res == ret) /* expected */ + if (res == ret) /* expected */ return; fail("%s: gnutls_hex2bin: %d/%s\n", test_name, ret, gnutls_strerror(ret)); @@ -143,7 +150,8 @@ static void decode2(const char *test_name, const gnutls_datum_t * raw, } if (raw->size != outlen) { - fail("%s: gnutls_hex2bin: output has incorrect size (%d, expected %d)\n", test_name, (int)outlen, raw->size); + fail("%s: gnutls_hex2bin: output has incorrect size (%d, expected %d)\n", + test_name, (int)outlen, raw->size); exit(1); } @@ -163,20 +171,14 @@ struct encode_tests_st { }; struct encode_tests_st encode_tests[] = { - { - .name = "rnd1", - .hex = "f69a468a84697a2883da52cd602f3978", - .raw = {(void *) - "\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78", - 16} - }, - { - .name = "rnd2", - .hex = "2c9ffb8546774ed3c8cf6765739f98bc42def9", - .raw = {(void *) - "\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", - 19} - } + { .name = "rnd1", + .hex = "f69a468a84697a2883da52cd602f3978", + .raw = { (void *)"\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78", + 16 } }, + { .name = "rnd2", + .hex = "2c9ffb8546774ed3c8cf6765739f98bc42def9", + .raw = { (void *)"\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", + 19 } } }; struct decode_tests_st { @@ -188,38 +190,30 @@ struct decode_tests_st { }; struct decode_tests_st decode_tests[] = { - { - .name = "dec-rnd1", - .hex = "f69a468a84697a2883da52cd602f3978", - .raw = {(void *) - "\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78", - 16}, - .res = 0, - .hex2bin_res = 0}, - { - .name = "dec-rnd2", - .hex = "2c9ffb8546774ed3c8cf6765739f98bc42def9", - .raw = {(void *) - "\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", - 19}, - .res = 0, - .hex2bin_res = 0}, - { - .name = "dec-colon", - .hex = "2c:9f:fb:85:46:77:4e:d3:c8:cf:67:65:73:9f:98:bc:42:de:f9", - .raw = {(void *) - "\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", - 19}, - .res = GNUTLS_E_PARSING_ERROR, - .hex2bin_res = 0}, - { - .name = "dec-odd-len", - .hex = "2c9ffb8546774ed3c8cf6765739f98bc42def9a", - .raw = {(void *) - "\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", - 19}, - .res = GNUTLS_E_PARSING_ERROR, - .hex2bin_res = GNUTLS_E_PARSING_ERROR} + { .name = "dec-rnd1", + .hex = "f69a468a84697a2883da52cd602f3978", + .raw = { (void *)"\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78", + 16 }, + .res = 0, + .hex2bin_res = 0 }, + { .name = "dec-rnd2", + .hex = "2c9ffb8546774ed3c8cf6765739f98bc42def9", + .raw = { (void *)"\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", + 19 }, + .res = 0, + .hex2bin_res = 0 }, + { .name = "dec-colon", + .hex = "2c:9f:fb:85:46:77:4e:d3:c8:cf:67:65:73:9f:98:bc:42:de:f9", + .raw = { (void *)"\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", + 19 }, + .res = GNUTLS_E_PARSING_ERROR, + .hex2bin_res = 0 }, + { .name = "dec-odd-len", + .hex = "2c9ffb8546774ed3c8cf6765739f98bc42def9a", + .raw = { (void *)"\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", + 19 }, + .res = GNUTLS_E_PARSING_ERROR, + .hex2bin_res = GNUTLS_E_PARSING_ERROR } }; void doit(void) diff --git a/tests/hex.h b/tests/hex.h index f388059c51..091ec21592 100644 --- a/tests/hex.h +++ b/tests/hex.h @@ -20,11 +20,11 @@ */ #ifndef GNUTLS_TESTS_HEX_H -# define GNUTLS_TESTS_HEX_H +#define GNUTLS_TESTS_HEX_H -# include -# include -# include +#include +#include +#include inline static gnutls_datum_t SHEX(const char *hex) { @@ -47,4 +47,4 @@ inline static gnutls_datum_t SDATA(const char *txt) return output; } -#endif /* GNUTLS_TESTS_HEX_H */ +#endif /* GNUTLS_TESTS_HEX_H */ diff --git a/tests/hostname-check-utf8.c b/tests/hostname-check-utf8.c index 7304fedc5c..0c7dcf385d 100644 --- a/tests/hostname-check-utf8.c +++ b/tests/hostname-check-utf8.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,7 +30,7 @@ #if defined(HAVE_LIBIDN2) /* to obtain version */ -# include +#include #endif #include "utils.h" @@ -40,62 +40,63 @@ certificates. */ -char pem_inv_utf8_dns[] = "\n" - " Subject Alternative Name (not critical):\n" - " DNSname: γγγ.τόστ.gr\n" - " DNSname: τέστ.gr\n" - " DNSname: *.teχ.gr\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIDWzCCAkOgAwIBAgIMU/SjEDp2nsS3kX9vMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTAwIhgPMjAxNDA4MjAxMzMwNTZaGA85OTk5MTIzMTIzNTk1OVow\n" - "EzERMA8GA1UEAxMIc2VydmVyLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" - "AoIBAQDggz41h9PcOjL7UOqx0FfZNtqoRhYQn6bVQqCehwERMDlR4QOqK3LRqE2B\n" - "cYyVlcdS63tnNFjYCLCz3/CV4rcJBNI3hfFZHUza70iFQ72xMvcgFPyl7UmXqIne\n" - "8swJ9jLMKou350ztPhshhXORqKxaDHBMcgD/Ade3Yxo2N1smsyINK+riged7A4QD\n" - "O9IgR9eERQbFrHGz+WgUUgoLFLF4DN1ANpWuZcOV1f9bRB8ADPyKo1yZY1sJj1gE\n" - "JRRsiOZLSLZ9D/1MLM7BXPuxWmWlJAGfNvrcXX/7FHe6QxC5gi1C6ZUEIZCne+Is\n" - "HpDNoz/A9vDn6iXZJBFXKyijNpVfAgMBAAGjga4wgaswDAYDVR0TAQH/BAIwADA1\n" - "BgNVHREELjAsghLOs86zzrMuz4TPjM+Dz4QuZ3KCC8+Ezq3Pg8+ELmdyggkqLnRl\n" - "z4cuZ3IwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNV\n" - "HQ4EFgQUvjD8gT+By/Xj/n+SGCVvL/KVElMwHwYDVR0jBBgwFoAUhU7w94kERpAh\n" - "6DEIh3nEVJnwSaUwDQYJKoZIhvcNAQELBQADggEBAIKuSREAd6ZdcS+slbx+hvew\n" - "IRBz5QGlCCjR4Oj5arIwFGnh0GdvAgzPa3qn6ReG1gvpe8k3X6Z2Yevw+DubLZNG\n" - "9CsfLfDIg2wUm05cuQdQG+gTSBVqw56jWf/JFXXwzhnbjX3c2QtepFsvkOnlWGFE\n" - "uVX6AiPfiNChVxnb4e1xpxOt6W/su19ar5J7rdDrdyVVm/ioSKvXhbBXI4f8NF2x\n" - "wTEzbtl99HyjbLIRRCWpUU277khHLr8SSFqdSr100zIkdiB72LfPXAHVld1onV2z\n" - "PPFYVMsnY+fuxIsTVErX3bLj6v67Bs3BNzagFUlyJl5rBGwn73UafNWz3BYDyxY=\n" - "-----END CERTIFICATE-----\n"; +char pem_inv_utf8_dns[] = + "\n" + " Subject Alternative Name (not critical):\n" + " DNSname: γγγ.τόστ.gr\n" + " DNSname: τέστ.gr\n" + " DNSname: *.teχ.gr\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIDWzCCAkOgAwIBAgIMU/SjEDp2nsS3kX9vMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTAwIhgPMjAxNDA4MjAxMzMwNTZaGA85OTk5MTIzMTIzNTk1OVow\n" + "EzERMA8GA1UEAxMIc2VydmVyLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQDggz41h9PcOjL7UOqx0FfZNtqoRhYQn6bVQqCehwERMDlR4QOqK3LRqE2B\n" + "cYyVlcdS63tnNFjYCLCz3/CV4rcJBNI3hfFZHUza70iFQ72xMvcgFPyl7UmXqIne\n" + "8swJ9jLMKou350ztPhshhXORqKxaDHBMcgD/Ade3Yxo2N1smsyINK+riged7A4QD\n" + "O9IgR9eERQbFrHGz+WgUUgoLFLF4DN1ANpWuZcOV1f9bRB8ADPyKo1yZY1sJj1gE\n" + "JRRsiOZLSLZ9D/1MLM7BXPuxWmWlJAGfNvrcXX/7FHe6QxC5gi1C6ZUEIZCne+Is\n" + "HpDNoz/A9vDn6iXZJBFXKyijNpVfAgMBAAGjga4wgaswDAYDVR0TAQH/BAIwADA1\n" + "BgNVHREELjAsghLOs86zzrMuz4TPjM+Dz4QuZ3KCC8+Ezq3Pg8+ELmdyggkqLnRl\n" + "z4cuZ3IwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNV\n" + "HQ4EFgQUvjD8gT+By/Xj/n+SGCVvL/KVElMwHwYDVR0jBBgwFoAUhU7w94kERpAh\n" + "6DEIh3nEVJnwSaUwDQYJKoZIhvcNAQELBQADggEBAIKuSREAd6ZdcS+slbx+hvew\n" + "IRBz5QGlCCjR4Oj5arIwFGnh0GdvAgzPa3qn6ReG1gvpe8k3X6Z2Yevw+DubLZNG\n" + "9CsfLfDIg2wUm05cuQdQG+gTSBVqw56jWf/JFXXwzhnbjX3c2QtepFsvkOnlWGFE\n" + "uVX6AiPfiNChVxnb4e1xpxOt6W/su19ar5J7rdDrdyVVm/ioSKvXhbBXI4f8NF2x\n" + "wTEzbtl99HyjbLIRRCWpUU277khHLr8SSFqdSr100zIkdiB72LfPXAHVld1onV2z\n" + "PPFYVMsnY+fuxIsTVErX3bLj6v67Bs3BNzagFUlyJl5rBGwn73UafNWz3BYDyxY=\n" + "-----END CERTIFICATE-----\n"; char pem_utf8_dns[] = - "Subject Alternative Name (not critical):\n" - " DNSname: xn--oxaaa.xn--4xabb4a.gr (γγγ.τόστ.gr)\n" - " DNSname: xn--ixa8bbc.gr (τέστ.gr)\n" - " DNSname: *.xn--te-8bc.gr (*.teχ.gr)\n" - "\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIEFTCCAn2gAwIBAgIMWElZgiWN43F5pluiMA0GCSqGSIb3DQEBCwUAMA0xCzAJ\n" - "BgNVBAYTAkdSMB4XDTA0MDIyOTE1MjE0MloXDTI0MDIyOTE1MjE0MVowDTELMAkG\n" - "A1UEBhMCR1IwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQC23cZ4hvts\n" - "D/zjXmX70ewCWpFaOXXhSiB1U4ogVsIYPh0o3eJ3w2vr8k7f8CHZXT9T64g9UYoH\n" - "PM+vPkcT6RnwHNfe6SpSqTtPCNC9UQyp4wVq+HxnQsxOrmf2bClYn6CGaXQvDNiG\n" - "KQCDGoxLZx+d12dYUxL4l07J3rogk7Wqe9znkpC+9UqyDJIAZgF9e4H190sRY0FM\n" - "zrOkDDDmt/vBlu0SPhP0sktUJDjvOtHY/V2IDp0y9tImxnFhdl5k4kAEiPiph72C\n" - "QjSRf/Kb5siUcgRxmTvN9GgWNPg3EtmyynMjIlnzicO1p6Wju80hAuVhYKOI3aq6\n" - "FAUHY0DQkkna7dcmKwJdUo9jzMWBV+B+eOT69rDKcAvQJz5PfrrnE9SJ4/eteam7\n" - "l4BcIZIKSuaZz48ymh6exEpSY+P3SD05oZbeQVfgi4e7Ui81S63XRlPqLPCYp0+N\n" - "q2nSeVedR59AtQhyGhQLgQneV0R17aym+1nJ8AjsZXL7sfYef/OOxeMCAwEAAaN1\n" - "MHMwDAYDVR0TAQH/BAIwADBEBgNVHREEPTA7ghh4bi0tb3hhYWEueG4tLTR4YWJi\n" - "NGEuZ3KCDnhuLS1peGE4YmJjLmdygg8qLnhuLS10ZS04YmMuZ3IwHQYDVR0OBBYE\n" - "FPmohhljtqQUE2B2DwGaNTbv8bSvMA0GCSqGSIb3DQEBCwUAA4IBgQAOAECgc096\n" - "3WH7G83bRmVDooGATNP0v3cmYebVu3RL77/vlCO3UOS9lVxEwlF/6V1u3OqEqwUy\n" - "EzGInEAmqR/VIoubIVrFqzaMMjfCHdKPuyWeCb3ylp0o2lxRKbC9m/Bu8Iv5rZdN\n" - "fTZVyJbp1Ddw4GhM0UZ/IK3h8J8UtarSijhha0UX9EwQo4wi1NRpc2nxRGy7xUHG\n" - "GqUCFBe6cgKBEBRWh3Gha5UgwqkapA9eGGmb7CRzOHZA0raIcxwb2w2Htf7ziE1G\n" - "UBdo0ZtpVYq/EDggP4XIvqHb8bJVFuOiu2xf71JoPgjg4+1CEj+vgkI4j/RGDjZ/\n" - "bQ66XHY2EbCjhSLoCGpY924frilrFL3cMofdMguxtsONwUotYmCF6VI/EtELvIdf\n" - "NbdaPqI2524oBDlD98DTJa5mGoaFUyJGotcK3e9fniIxbVW8/Ykwhqbj+9wKjYEP\n" - "ywY/9UOj+wjwULkIxK9g91yGLRDAO/6xzCF5ly5i4oXBqKLAKZ7vBTU=\n" - "-----END CERTIFICATE-----\n"; + "Subject Alternative Name (not critical):\n" + " DNSname: xn--oxaaa.xn--4xabb4a.gr (γγγ.τόστ.gr)\n" + " DNSname: xn--ixa8bbc.gr (τέστ.gr)\n" + " DNSname: *.xn--te-8bc.gr (*.teχ.gr)\n" + "\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIEFTCCAn2gAwIBAgIMWElZgiWN43F5pluiMA0GCSqGSIb3DQEBCwUAMA0xCzAJ\n" + "BgNVBAYTAkdSMB4XDTA0MDIyOTE1MjE0MloXDTI0MDIyOTE1MjE0MVowDTELMAkG\n" + "A1UEBhMCR1IwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQC23cZ4hvts\n" + "D/zjXmX70ewCWpFaOXXhSiB1U4ogVsIYPh0o3eJ3w2vr8k7f8CHZXT9T64g9UYoH\n" + "PM+vPkcT6RnwHNfe6SpSqTtPCNC9UQyp4wVq+HxnQsxOrmf2bClYn6CGaXQvDNiG\n" + "KQCDGoxLZx+d12dYUxL4l07J3rogk7Wqe9znkpC+9UqyDJIAZgF9e4H190sRY0FM\n" + "zrOkDDDmt/vBlu0SPhP0sktUJDjvOtHY/V2IDp0y9tImxnFhdl5k4kAEiPiph72C\n" + "QjSRf/Kb5siUcgRxmTvN9GgWNPg3EtmyynMjIlnzicO1p6Wju80hAuVhYKOI3aq6\n" + "FAUHY0DQkkna7dcmKwJdUo9jzMWBV+B+eOT69rDKcAvQJz5PfrrnE9SJ4/eteam7\n" + "l4BcIZIKSuaZz48ymh6exEpSY+P3SD05oZbeQVfgi4e7Ui81S63XRlPqLPCYp0+N\n" + "q2nSeVedR59AtQhyGhQLgQneV0R17aym+1nJ8AjsZXL7sfYef/OOxeMCAwEAAaN1\n" + "MHMwDAYDVR0TAQH/BAIwADBEBgNVHREEPTA7ghh4bi0tb3hhYWEueG4tLTR4YWJi\n" + "NGEuZ3KCDnhuLS1peGE4YmJjLmdygg8qLnhuLS10ZS04YmMuZ3IwHQYDVR0OBBYE\n" + "FPmohhljtqQUE2B2DwGaNTbv8bSvMA0GCSqGSIb3DQEBCwUAA4IBgQAOAECgc096\n" + "3WH7G83bRmVDooGATNP0v3cmYebVu3RL77/vlCO3UOS9lVxEwlF/6V1u3OqEqwUy\n" + "EzGInEAmqR/VIoubIVrFqzaMMjfCHdKPuyWeCb3ylp0o2lxRKbC9m/Bu8Iv5rZdN\n" + "fTZVyJbp1Ddw4GhM0UZ/IK3h8J8UtarSijhha0UX9EwQo4wi1NRpc2nxRGy7xUHG\n" + "GqUCFBe6cgKBEBRWh3Gha5UgwqkapA9eGGmb7CRzOHZA0raIcxwb2w2Htf7ziE1G\n" + "UBdo0ZtpVYq/EDggP4XIvqHb8bJVFuOiu2xf71JoPgjg4+1CEj+vgkI4j/RGDjZ/\n" + "bQ66XHY2EbCjhSLoCGpY924frilrFL3cMofdMguxtsONwUotYmCF6VI/EtELvIdf\n" + "NbdaPqI2524oBDlD98DTJa5mGoaFUyJGotcK3e9fniIxbVW8/Ykwhqbj+9wKjYEP\n" + "ywY/9UOj+wjwULkIxK9g91yGLRDAO/6xzCF5ly5i4oXBqKLAKZ7vBTU=\n" + "-----END CERTIFICATE-----\n"; void doit(void) { diff --git a/tests/hostname-check.c b/tests/hostname-check.c index 358350dd24..3cccae8139 100644 --- a/tests/hostname-check.c +++ b/tests/hostname-check.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,754 +40,769 @@ * dns_name = .example.net * dns_name = .example.edu.gr */ -char wildcards[] = "-----BEGIN CERTIFICATE-----" - "MIICwDCCAimgAwIBAgICPd8wDQYJKoZIhvcNAQELBQAwVTEOMAwGA1UEAwwFKi5j" - "b20xETAPBgNVBAsTCENBIGRlcHQuMRIwEAYDVQQKEwlLb2tvIGluYy4xDzANBgNV" - "BAgTBkF0dGlraTELMAkGA1UEBhMCR1IwIhgPMjAxNDAzMTkxMzI4MDhaGA85OTk5" - "MTIzMTIzNTk1OVowVTEOMAwGA1UEAwwFKi5jb20xETAPBgNVBAsTCENBIGRlcHQu" - "MRIwEAYDVQQKEwlLb2tvIGluYy4xDzANBgNVBAgTBkF0dGlraTELMAkGA1UEBhMC" - "R1IwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKXGznVDhL9kngInE/EDWfd5" - "LZLtfC9QpAPxLXm5hosFfjq7RKqvhM8TmB4cSjj3My16n3LUa20msDE3cBD7QunY" - "nRhlfhlJ/AWWBGiDHneGv+315RI7E/4zGJwaeh1pr0cCYHofuejP28g0MFGWPYyW" - "XAC8Yd4ID7E2IX+pAOMFAgMBAAGjgZowgZcwDAYDVR0TAQH/BAIwADBCBgNVHREE" - "OzA5gg93d3cuZXhhbXBsZS5jb22CBSoub3Jngg0qLmV4YW1wbGUubmV0ghAqLmV4" - "YW1wbGUuZWR1LmdyMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMH" - "oAAwHQYDVR0OBBYEFF1ArfDOlECVi36ZlB2SVCLKcjZfMA0GCSqGSIb3DQEBCwUA" - "A4GBAGcDnJIJFqjaDMk806xkfz7/FtbHYkj18ma3l7wgp27jeO/QDYunns5pqbqV" - "sxaKuPKLdWQdfIG7l4+TUnm/Hue6h2PFgbAyZtZbHlAtpEmLoSCmYlFqbRNqux0z" - "F5H1ocGzmbu1WQYXMlY1FYBvRDrAk7Wxt09WLdajH00S/fPT" - "-----END CERTIFICATE-----"; +char wildcards[] = + "-----BEGIN CERTIFICATE-----" + "MIICwDCCAimgAwIBAgICPd8wDQYJKoZIhvcNAQELBQAwVTEOMAwGA1UEAwwFKi5j" + "b20xETAPBgNVBAsTCENBIGRlcHQuMRIwEAYDVQQKEwlLb2tvIGluYy4xDzANBgNV" + "BAgTBkF0dGlraTELMAkGA1UEBhMCR1IwIhgPMjAxNDAzMTkxMzI4MDhaGA85OTk5" + "MTIzMTIzNTk1OVowVTEOMAwGA1UEAwwFKi5jb20xETAPBgNVBAsTCENBIGRlcHQu" + "MRIwEAYDVQQKEwlLb2tvIGluYy4xDzANBgNVBAgTBkF0dGlraTELMAkGA1UEBhMC" + "R1IwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKXGznVDhL9kngInE/EDWfd5" + "LZLtfC9QpAPxLXm5hosFfjq7RKqvhM8TmB4cSjj3My16n3LUa20msDE3cBD7QunY" + "nRhlfhlJ/AWWBGiDHneGv+315RI7E/4zGJwaeh1pr0cCYHofuejP28g0MFGWPYyW" + "XAC8Yd4ID7E2IX+pAOMFAgMBAAGjgZowgZcwDAYDVR0TAQH/BAIwADBCBgNVHREE" + "OzA5gg93d3cuZXhhbXBsZS5jb22CBSoub3Jngg0qLmV4YW1wbGUubmV0ghAqLmV4" + "YW1wbGUuZWR1LmdyMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMH" + "oAAwHQYDVR0OBBYEFF1ArfDOlECVi36ZlB2SVCLKcjZfMA0GCSqGSIb3DQEBCwUA" + "A4GBAGcDnJIJFqjaDMk806xkfz7/FtbHYkj18ma3l7wgp27jeO/QDYunns5pqbqV" + "sxaKuPKLdWQdfIG7l4+TUnm/Hue6h2PFgbAyZtZbHlAtpEmLoSCmYlFqbRNqux0z" + "F5H1ocGzmbu1WQYXMlY1FYBvRDrAk7Wxt09WLdajH00S/fPT" + "-----END CERTIFICATE-----"; /* Certificate with no SAN nor CN. */ char pem1[] = - "X.509 Certificate Information:\n" - " Version: 3\n" - " Serial Number (hex): 00\n" - " Issuer: O=GnuTLS hostname check test CA\n" - " Validity:\n" - " Not Before: Fri Feb 16 12:59:09 UTC 2007\n" - " Not After: Fri Mar 30 12:59:13 UTC 2007\n" - " Subject: O=GnuTLS hostname check test CA\n" - " Subject Public Key Algorithm: RSA\n" - " Modulus (bits 1024):\n" - " be:ec:98:7a:1d:6f:7e:6b:25:9e:e8:20:78:42:a0:64\n" - " 05:66:43:99:6d:49:d5:18:ec:7d:b9:58:64:b2:80:a3\n" - " 14:61:9d:0a:4f:be:2f:f0:2e:fc:d2:ab:5c:36:df:53\n" - " ec:43:c7:fc:de:91:bc:1e:01:a6:b7:6c:b2:07:10:2e\n" - " cb:61:47:75:ca:03:ce:23:6e:38:f1:34:27:1a:1a:cd\n" - " f7:96:f3:b3:f0:0d:67:7f:ca:77:84:3f:9c:29:f4:62\n" - " 91:f6:12:5b:62:5a:cc:ba:ed:08:2e:32:44:26:ac:fd\n" - " 23:ce:53:1b:bb:f2:87:fe:dc:78:93:7c:59:bf:a1:75\n" - " Exponent:\n" - " 01:00:01\n" - " Extensions:\n" - " Basic Constraints (critical):\n" - " Certificate Authority (CA): TRUE\n" - " Subject Key Identifier (not critical):\n" - " e93c1cfbad926ee606a4562ca2e1c05327c8f295\n" - " Signature Algorithm: RSA-SHA\n" - " Signature:\n" - " 7b:e8:11:6c:15:3f:f9:01:a0:f1:28:0c:62:50:58:f8\n" - " 92:44:fb:bf:ab:20:8a:3b:81:ca:e5:68:60:71:df:2b\n" - " e8:50:58:82:32:ef:fb:6e:4a:72:2c:c9:37:4f:88:1d\n" - " d7:1b:68:5b:db:83:1b:1a:f3:b4:8e:e0:88:03:e2:43\n" - " 91:be:d8:b1:ca:f2:62:ec:a1:fd:1a:c8:41:8c:fe:53\n" - " 1b:be:03:c9:a1:3d:f4:ae:57:fc:44:a6:34:bb:2c:2e\n" - " a7:56:14:1f:89:e9:3a:ec:1f:a3:da:d7:a1:94:3b:72\n" - " 1d:12:71:b9:65:a1:85:a2:4c:3a:d1:2c:e9:e9:ea:1c\n" - "Other Information:\n" - " MD5 fingerprint:\n" - " fd845ded8c28ba5e78d6c1844ceafd24\n" - " SHA-1 fingerprint:\n" - " 0bae431dda3cae76012b82276e4cd92ad7961798\n" - " Public Key ID:\n" - " e93c1cfbad926ee606a4562ca2e1c05327c8f295\n" - "\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIB8TCCAVygAwIBAgIBADALBgkqhkiG9w0BAQUwKDEmMCQGA1UEChMdR251VExT\n" - "IGhvc3RuYW1lIGNoZWNrIHRlc3QgQ0EwHhcNMDcwMjE2MTI1OTA5WhcNMDcwMzMw\n" - "MTI1OTEzWjAoMSYwJAYDVQQKEx1HbnVUTFMgaG9zdG5hbWUgY2hlY2sgdGVzdCBD\n" - "QTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGAvuyYeh1vfmslnuggeEKgZAVmQ5lt\n" - "SdUY7H25WGSygKMUYZ0KT74v8C780qtcNt9T7EPH/N6RvB4BprdssgcQLsthR3XK\n" - "A84jbjjxNCcaGs33lvOz8A1nf8p3hD+cKfRikfYSW2JazLrtCC4yRCas/SPOUxu7\n" - "8of+3HiTfFm/oXUCAwEAAaMyMDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU\n" - "6Twc+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBAHvoEWwVP/kBoPEo\n" - "DGJQWPiSRPu/qyCKO4HK5Whgcd8r6FBYgjLv+25KcizJN0+IHdcbaFvbgxsa87SO\n" - "4IgD4kORvtixyvJi7KH9GshBjP5TG74DyaE99K5X/ESmNLssLqdWFB+J6TrsH6Pa\n" - "16GUO3IdEnG5ZaGFokw60Szp6eoc\n" "-----END CERTIFICATE-----\n"; + "X.509 Certificate Information:\n" + " Version: 3\n" + " Serial Number (hex): 00\n" + " Issuer: O=GnuTLS hostname check test CA\n" + " Validity:\n" + " Not Before: Fri Feb 16 12:59:09 UTC 2007\n" + " Not After: Fri Mar 30 12:59:13 UTC 2007\n" + " Subject: O=GnuTLS hostname check test CA\n" + " Subject Public Key Algorithm: RSA\n" + " Modulus (bits 1024):\n" + " be:ec:98:7a:1d:6f:7e:6b:25:9e:e8:20:78:42:a0:64\n" + " 05:66:43:99:6d:49:d5:18:ec:7d:b9:58:64:b2:80:a3\n" + " 14:61:9d:0a:4f:be:2f:f0:2e:fc:d2:ab:5c:36:df:53\n" + " ec:43:c7:fc:de:91:bc:1e:01:a6:b7:6c:b2:07:10:2e\n" + " cb:61:47:75:ca:03:ce:23:6e:38:f1:34:27:1a:1a:cd\n" + " f7:96:f3:b3:f0:0d:67:7f:ca:77:84:3f:9c:29:f4:62\n" + " 91:f6:12:5b:62:5a:cc:ba:ed:08:2e:32:44:26:ac:fd\n" + " 23:ce:53:1b:bb:f2:87:fe:dc:78:93:7c:59:bf:a1:75\n" + " Exponent:\n" + " 01:00:01\n" + " Extensions:\n" + " Basic Constraints (critical):\n" + " Certificate Authority (CA): TRUE\n" + " Subject Key Identifier (not critical):\n" + " e93c1cfbad926ee606a4562ca2e1c05327c8f295\n" + " Signature Algorithm: RSA-SHA\n" + " Signature:\n" + " 7b:e8:11:6c:15:3f:f9:01:a0:f1:28:0c:62:50:58:f8\n" + " 92:44:fb:bf:ab:20:8a:3b:81:ca:e5:68:60:71:df:2b\n" + " e8:50:58:82:32:ef:fb:6e:4a:72:2c:c9:37:4f:88:1d\n" + " d7:1b:68:5b:db:83:1b:1a:f3:b4:8e:e0:88:03:e2:43\n" + " 91:be:d8:b1:ca:f2:62:ec:a1:fd:1a:c8:41:8c:fe:53\n" + " 1b:be:03:c9:a1:3d:f4:ae:57:fc:44:a6:34:bb:2c:2e\n" + " a7:56:14:1f:89:e9:3a:ec:1f:a3:da:d7:a1:94:3b:72\n" + " 1d:12:71:b9:65:a1:85:a2:4c:3a:d1:2c:e9:e9:ea:1c\n" + "Other Information:\n" + " MD5 fingerprint:\n" + " fd845ded8c28ba5e78d6c1844ceafd24\n" + " SHA-1 fingerprint:\n" + " 0bae431dda3cae76012b82276e4cd92ad7961798\n" + " Public Key ID:\n" + " e93c1cfbad926ee606a4562ca2e1c05327c8f295\n" + "\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIB8TCCAVygAwIBAgIBADALBgkqhkiG9w0BAQUwKDEmMCQGA1UEChMdR251VExT\n" + "IGhvc3RuYW1lIGNoZWNrIHRlc3QgQ0EwHhcNMDcwMjE2MTI1OTA5WhcNMDcwMzMw\n" + "MTI1OTEzWjAoMSYwJAYDVQQKEx1HbnVUTFMgaG9zdG5hbWUgY2hlY2sgdGVzdCBD\n" + "QTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGAvuyYeh1vfmslnuggeEKgZAVmQ5lt\n" + "SdUY7H25WGSygKMUYZ0KT74v8C780qtcNt9T7EPH/N6RvB4BprdssgcQLsthR3XK\n" + "A84jbjjxNCcaGs33lvOz8A1nf8p3hD+cKfRikfYSW2JazLrtCC4yRCas/SPOUxu7\n" + "8of+3HiTfFm/oXUCAwEAAaMyMDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU\n" + "6Twc+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBAHvoEWwVP/kBoPEo\n" + "DGJQWPiSRPu/qyCKO4HK5Whgcd8r6FBYgjLv+25KcizJN0+IHdcbaFvbgxsa87SO\n" + "4IgD4kORvtixyvJi7KH9GshBjP5TG74DyaE99K5X/ESmNLssLqdWFB+J6TrsH6Pa\n" + "16GUO3IdEnG5ZaGFokw60Szp6eoc\n" + "-----END CERTIFICATE-----\n"; /* Certificate with CN but no SAN. */ char pem2[] = - "X.509 Certificate Information:\n" - " Version: 3\n" - " Serial Number (hex): 00\n" - " Issuer: CN=www.example.org\n" - " Validity:\n" - " Not Before: Fri Feb 16 13:30:30 UTC 2007\n" - " Not After: Fri Mar 30 13:30:32 UTC 2007\n" - " Subject: CN=www.example.org\n" - " Subject Public Key Algorithm: RSA\n" - " Modulus (bits 1024):\n" - " be:ec:98:7a:1d:6f:7e:6b:25:9e:e8:20:78:42:a0:64\n" - " 05:66:43:99:6d:49:d5:18:ec:7d:b9:58:64:b2:80:a3\n" - " 14:61:9d:0a:4f:be:2f:f0:2e:fc:d2:ab:5c:36:df:53\n" - " ec:43:c7:fc:de:91:bc:1e:01:a6:b7:6c:b2:07:10:2e\n" - " cb:61:47:75:ca:03:ce:23:6e:38:f1:34:27:1a:1a:cd\n" - " f7:96:f3:b3:f0:0d:67:7f:ca:77:84:3f:9c:29:f4:62\n" - " 91:f6:12:5b:62:5a:cc:ba:ed:08:2e:32:44:26:ac:fd\n" - " 23:ce:53:1b:bb:f2:87:fe:dc:78:93:7c:59:bf:a1:75\n" - " Exponent:\n" - " 01:00:01\n" - " Extensions:\n" - " Basic Constraints (critical):\n" - " Certificate Authority (CA): TRUE\n" - " Subject Key Identifier (not critical):\n" - " e93c1cfbad926ee606a4562ca2e1c05327c8f295\n" - " Signature Algorithm: RSA-SHA\n" - " Signature:\n" - " b0:4e:ac:fb:89:12:36:27:f3:72:b8:1a:57:dc:bf:f3\n" - " a9:27:de:15:75:94:4f:65:cc:3a:59:12:4b:91:0e:28\n" - " b9:8d:d3:6e:ac:5d:a8:3e:b9:35:81:0c:8f:c7:95:72\n" - " d9:51:61:06:00:c6:aa:68:54:c8:52:3f:b6:1f:21:92\n" - " c8:fd:15:50:15:ac:d4:18:29:a1:ff:c9:25:5a:ce:5e\n" - " 11:7f:82:b2:94:8c:44:3c:3f:de:d7:3b:ff:1c:da:9c\n" - " 81:fa:63:e1:a7:67:ee:aa:fa:d0:c9:2f:66:1b:5e:af\n" - " 46:8c:f9:53:55:e7:80:7e:74:95:98:d4:2d:5f:94:ab\n" - "Other Information:\n" - " MD5 fingerprint:\n" - " 30cda7de4f0360892547974f45111ac1\n" - " SHA-1 fingerprint:\n" - " 39e3f8fec6a8d842390b6536998a957c1a6b7322\n" - " Public Key ID:\n" - " e93c1cfbad926ee606a4562ca2e1c05327c8f295\n" - "\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIB1TCCAUCgAwIBAgIBADALBgkqhkiG9w0BAQUwGjEYMBYGA1UEAxMPd3d3LmV4\n" - "YW1wbGUub3JnMB4XDTA3MDIxNjEzMzAzMFoXDTA3MDMzMDEzMzAzMlowGjEYMBYG\n" - "A1UEAxMPd3d3LmV4YW1wbGUub3JnMIGcMAsGCSqGSIb3DQEBAQOBjAAwgYgCgYC+\n" - "7Jh6HW9+ayWe6CB4QqBkBWZDmW1J1RjsfblYZLKAoxRhnQpPvi/wLvzSq1w231Ps\n" - "Q8f83pG8HgGmt2yyBxAuy2FHdcoDziNuOPE0JxoazfeW87PwDWd/yneEP5wp9GKR\n" - "9hJbYlrMuu0ILjJEJqz9I85TG7vyh/7ceJN8Wb+hdQIDAQABozIwMDAPBgNVHRMB\n" - "Af8EBTADAQH/MB0GA1UdDgQWBBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG\n" - "9w0BAQUDgYEAsE6s+4kSNifzcrgaV9y/86kn3hV1lE9lzDpZEkuRDii5jdNurF2o\n" - "Prk1gQyPx5Vy2VFhBgDGqmhUyFI/th8hksj9FVAVrNQYKaH/ySVazl4Rf4KylIxE\n" - "PD/e1zv/HNqcgfpj4adn7qr60MkvZhter0aM+VNV54B+dJWY1C1flKs=\n" - "-----END CERTIFICATE-----\n"; + "X.509 Certificate Information:\n" + " Version: 3\n" + " Serial Number (hex): 00\n" + " Issuer: CN=www.example.org\n" + " Validity:\n" + " Not Before: Fri Feb 16 13:30:30 UTC 2007\n" + " Not After: Fri Mar 30 13:30:32 UTC 2007\n" + " Subject: CN=www.example.org\n" + " Subject Public Key Algorithm: RSA\n" + " Modulus (bits 1024):\n" + " be:ec:98:7a:1d:6f:7e:6b:25:9e:e8:20:78:42:a0:64\n" + " 05:66:43:99:6d:49:d5:18:ec:7d:b9:58:64:b2:80:a3\n" + " 14:61:9d:0a:4f:be:2f:f0:2e:fc:d2:ab:5c:36:df:53\n" + " ec:43:c7:fc:de:91:bc:1e:01:a6:b7:6c:b2:07:10:2e\n" + " cb:61:47:75:ca:03:ce:23:6e:38:f1:34:27:1a:1a:cd\n" + " f7:96:f3:b3:f0:0d:67:7f:ca:77:84:3f:9c:29:f4:62\n" + " 91:f6:12:5b:62:5a:cc:ba:ed:08:2e:32:44:26:ac:fd\n" + " 23:ce:53:1b:bb:f2:87:fe:dc:78:93:7c:59:bf:a1:75\n" + " Exponent:\n" + " 01:00:01\n" + " Extensions:\n" + " Basic Constraints (critical):\n" + " Certificate Authority (CA): TRUE\n" + " Subject Key Identifier (not critical):\n" + " e93c1cfbad926ee606a4562ca2e1c05327c8f295\n" + " Signature Algorithm: RSA-SHA\n" + " Signature:\n" + " b0:4e:ac:fb:89:12:36:27:f3:72:b8:1a:57:dc:bf:f3\n" + " a9:27:de:15:75:94:4f:65:cc:3a:59:12:4b:91:0e:28\n" + " b9:8d:d3:6e:ac:5d:a8:3e:b9:35:81:0c:8f:c7:95:72\n" + " d9:51:61:06:00:c6:aa:68:54:c8:52:3f:b6:1f:21:92\n" + " c8:fd:15:50:15:ac:d4:18:29:a1:ff:c9:25:5a:ce:5e\n" + " 11:7f:82:b2:94:8c:44:3c:3f:de:d7:3b:ff:1c:da:9c\n" + " 81:fa:63:e1:a7:67:ee:aa:fa:d0:c9:2f:66:1b:5e:af\n" + " 46:8c:f9:53:55:e7:80:7e:74:95:98:d4:2d:5f:94:ab\n" + "Other Information:\n" + " MD5 fingerprint:\n" + " 30cda7de4f0360892547974f45111ac1\n" + " SHA-1 fingerprint:\n" + " 39e3f8fec6a8d842390b6536998a957c1a6b7322\n" + " Public Key ID:\n" + " e93c1cfbad926ee606a4562ca2e1c05327c8f295\n" + "\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIB1TCCAUCgAwIBAgIBADALBgkqhkiG9w0BAQUwGjEYMBYGA1UEAxMPd3d3LmV4\n" + "YW1wbGUub3JnMB4XDTA3MDIxNjEzMzAzMFoXDTA3MDMzMDEzMzAzMlowGjEYMBYG\n" + "A1UEAxMPd3d3LmV4YW1wbGUub3JnMIGcMAsGCSqGSIb3DQEBAQOBjAAwgYgCgYC+\n" + "7Jh6HW9+ayWe6CB4QqBkBWZDmW1J1RjsfblYZLKAoxRhnQpPvi/wLvzSq1w231Ps\n" + "Q8f83pG8HgGmt2yyBxAuy2FHdcoDziNuOPE0JxoazfeW87PwDWd/yneEP5wp9GKR\n" + "9hJbYlrMuu0ILjJEJqz9I85TG7vyh/7ceJN8Wb+hdQIDAQABozIwMDAPBgNVHRMB\n" + "Af8EBTADAQH/MB0GA1UdDgQWBBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG\n" + "9w0BAQUDgYEAsE6s+4kSNifzcrgaV9y/86kn3hV1lE9lzDpZEkuRDii5jdNurF2o\n" + "Prk1gQyPx5Vy2VFhBgDGqmhUyFI/th8hksj9FVAVrNQYKaH/ySVazl4Rf4KylIxE\n" + "PD/e1zv/HNqcgfpj4adn7qr60MkvZhter0aM+VNV54B+dJWY1C1flKs=\n" + "-----END CERTIFICATE-----\n"; /* Certificate with SAN but no CN. */ char pem3[] = - "X.509 Certificate Information:" - " Version: 3\n" - " Serial Number (hex): 00\n" - " Issuer: O=GnuTLS hostname check test CA\n" - " Validity:\n" - " Not Before: Fri Feb 16 13:36:27 UTC 2007\n" - " Not After: Fri Mar 30 13:36:29 UTC 2007\n" - " Subject: O=GnuTLS hostname check test CA\n" - " Subject Public Key Algorithm: RSA\n" - " Modulus (bits 1024):\n" - " be:ec:98:7a:1d:6f:7e:6b:25:9e:e8:20:78:42:a0:64\n" - " 05:66:43:99:6d:49:d5:18:ec:7d:b9:58:64:b2:80:a3\n" - " 14:61:9d:0a:4f:be:2f:f0:2e:fc:d2:ab:5c:36:df:53\n" - " ec:43:c7:fc:de:91:bc:1e:01:a6:b7:6c:b2:07:10:2e\n" - " cb:61:47:75:ca:03:ce:23:6e:38:f1:34:27:1a:1a:cd\n" - " f7:96:f3:b3:f0:0d:67:7f:ca:77:84:3f:9c:29:f4:62\n" - " 91:f6:12:5b:62:5a:cc:ba:ed:08:2e:32:44:26:ac:fd\n" - " 23:ce:53:1b:bb:f2:87:fe:dc:78:93:7c:59:bf:a1:75\n" - " Exponent:\n" - " 01:00:01\n" - " Extensions:\n" - " Basic Constraints (critical):\n" - " Certificate Authority (CA): TRUE\n" - " Subject Alternative Name (not critical):\n" - " DNSname: www.example.org\n" - " Key Purpose (not critical):\n" - " TLS WWW Server.\n" - " Subject Key Identifier (not critical):\n" - " e93c1cfbad926ee606a4562ca2e1c05327c8f295\n" - " Signature Algorithm: RSA-SHA\n" - " Signature:\n" - " a1:30:bc:01:b3:0f:98:7f:8e:76:7d:23:87:34:15:7f\n" - " a6:ae:a1:fb:87:75:e3:e8:1a:e5:5e:03:5d:bf:44:75\n" - " 46:4f:d2:a1:28:50:84:49:6d:3b:e0:bc:4e:de:79:85\n" - " fa:e1:07:b7:6e:0c:14:04:4a:82:b9:f3:22:6a:bc:99\n" - " 14:20:3b:49:1f:e4:97:d9:ea:eb:73:9a:83:a6:cc:b8\n" - " 55:fb:52:8e:5f:86:7c:9d:fa:af:03:76:ae:97:e0:64\n" - " 50:59:73:22:99:55:cf:da:59:31:0a:e8:6d:a0:53:bc\n" - " 39:63:2e:ac:92:4a:e9:8b:1e:d0:03:df:33:bb:4e:88\n" - "Other Information:\n" - " MD5 fingerprint:\n" - " df3f57d00c8149bd826b177d6ea4f369\n" - " SHA-1 fingerprint:\n" - " e95e56e2acac305f72ea6f698c11624663a595bd\n" - " Public Key ID:\n" - " e93c1cfbad926ee606a4562ca2e1c05327c8f295\n" - "\n" - "-----BEGIN CERTIFICATE-----\n" - "MIICIjCCAY2gAwIBAgIBADALBgkqhkiG9w0BAQUwKDEmMCQGA1UEChMdR251VExT\n" - "IGhvc3RuYW1lIGNoZWNrIHRlc3QgQ0EwHhcNMDcwMjE2MTMzNjI3WhcNMDcwMzMw\n" - "MTMzNjI5WjAoMSYwJAYDVQQKEx1HbnVUTFMgaG9zdG5hbWUgY2hlY2sgdGVzdCBD\n" - "QTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGAvuyYeh1vfmslnuggeEKgZAVmQ5lt\n" - "SdUY7H25WGSygKMUYZ0KT74v8C780qtcNt9T7EPH/N6RvB4BprdssgcQLsthR3XK\n" - "A84jbjjxNCcaGs33lvOz8A1nf8p3hD+cKfRikfYSW2JazLrtCC4yRCas/SPOUxu7\n" - "8of+3HiTfFm/oXUCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAaBgNVHREEEzAR\n" - "gg93d3cuZXhhbXBsZS5vcmcwEwYDVR0lBAwwCgYIKwYBBQUHAwEwHQYDVR0OBBYE\n" - "FOk8HPutkm7mBqRWLKLhwFMnyPKVMAsGCSqGSIb3DQEBBQOBgQChMLwBsw+Yf452\n" - "fSOHNBV/pq6h+4d14+ga5V4DXb9EdUZP0qEoUIRJbTvgvE7eeYX64Qe3bgwUBEqC\n" - "ufMiaryZFCA7SR/kl9nq63Oag6bMuFX7Uo5fhnyd+q8Ddq6X4GRQWXMimVXP2lkx\n" - "CuhtoFO8OWMurJJK6Yse0APfM7tOiA==\n" "-----END CERTIFICATE-----\n"; + "X.509 Certificate Information:" + " Version: 3\n" + " Serial Number (hex): 00\n" + " Issuer: O=GnuTLS hostname check test CA\n" + " Validity:\n" + " Not Before: Fri Feb 16 13:36:27 UTC 2007\n" + " Not After: Fri Mar 30 13:36:29 UTC 2007\n" + " Subject: O=GnuTLS hostname check test CA\n" + " Subject Public Key Algorithm: RSA\n" + " Modulus (bits 1024):\n" + " be:ec:98:7a:1d:6f:7e:6b:25:9e:e8:20:78:42:a0:64\n" + " 05:66:43:99:6d:49:d5:18:ec:7d:b9:58:64:b2:80:a3\n" + " 14:61:9d:0a:4f:be:2f:f0:2e:fc:d2:ab:5c:36:df:53\n" + " ec:43:c7:fc:de:91:bc:1e:01:a6:b7:6c:b2:07:10:2e\n" + " cb:61:47:75:ca:03:ce:23:6e:38:f1:34:27:1a:1a:cd\n" + " f7:96:f3:b3:f0:0d:67:7f:ca:77:84:3f:9c:29:f4:62\n" + " 91:f6:12:5b:62:5a:cc:ba:ed:08:2e:32:44:26:ac:fd\n" + " 23:ce:53:1b:bb:f2:87:fe:dc:78:93:7c:59:bf:a1:75\n" + " Exponent:\n" + " 01:00:01\n" + " Extensions:\n" + " Basic Constraints (critical):\n" + " Certificate Authority (CA): TRUE\n" + " Subject Alternative Name (not critical):\n" + " DNSname: www.example.org\n" + " Key Purpose (not critical):\n" + " TLS WWW Server.\n" + " Subject Key Identifier (not critical):\n" + " e93c1cfbad926ee606a4562ca2e1c05327c8f295\n" + " Signature Algorithm: RSA-SHA\n" + " Signature:\n" + " a1:30:bc:01:b3:0f:98:7f:8e:76:7d:23:87:34:15:7f\n" + " a6:ae:a1:fb:87:75:e3:e8:1a:e5:5e:03:5d:bf:44:75\n" + " 46:4f:d2:a1:28:50:84:49:6d:3b:e0:bc:4e:de:79:85\n" + " fa:e1:07:b7:6e:0c:14:04:4a:82:b9:f3:22:6a:bc:99\n" + " 14:20:3b:49:1f:e4:97:d9:ea:eb:73:9a:83:a6:cc:b8\n" + " 55:fb:52:8e:5f:86:7c:9d:fa:af:03:76:ae:97:e0:64\n" + " 50:59:73:22:99:55:cf:da:59:31:0a:e8:6d:a0:53:bc\n" + " 39:63:2e:ac:92:4a:e9:8b:1e:d0:03:df:33:bb:4e:88\n" + "Other Information:\n" + " MD5 fingerprint:\n" + " df3f57d00c8149bd826b177d6ea4f369\n" + " SHA-1 fingerprint:\n" + " e95e56e2acac305f72ea6f698c11624663a595bd\n" + " Public Key ID:\n" + " e93c1cfbad926ee606a4562ca2e1c05327c8f295\n" + "\n" + "-----BEGIN CERTIFICATE-----\n" + "MIICIjCCAY2gAwIBAgIBADALBgkqhkiG9w0BAQUwKDEmMCQGA1UEChMdR251VExT\n" + "IGhvc3RuYW1lIGNoZWNrIHRlc3QgQ0EwHhcNMDcwMjE2MTMzNjI3WhcNMDcwMzMw\n" + "MTMzNjI5WjAoMSYwJAYDVQQKEx1HbnVUTFMgaG9zdG5hbWUgY2hlY2sgdGVzdCBD\n" + "QTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGAvuyYeh1vfmslnuggeEKgZAVmQ5lt\n" + "SdUY7H25WGSygKMUYZ0KT74v8C780qtcNt9T7EPH/N6RvB4BprdssgcQLsthR3XK\n" + "A84jbjjxNCcaGs33lvOz8A1nf8p3hD+cKfRikfYSW2JazLrtCC4yRCas/SPOUxu7\n" + "8of+3HiTfFm/oXUCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAaBgNVHREEEzAR\n" + "gg93d3cuZXhhbXBsZS5vcmcwEwYDVR0lBAwwCgYIKwYBBQUHAwEwHQYDVR0OBBYE\n" + "FOk8HPutkm7mBqRWLKLhwFMnyPKVMAsGCSqGSIb3DQEBBQOBgQChMLwBsw+Yf452\n" + "fSOHNBV/pq6h+4d14+ga5V4DXb9EdUZP0qEoUIRJbTvgvE7eeYX64Qe3bgwUBEqC\n" + "ufMiaryZFCA7SR/kl9nq63Oag6bMuFX7Uo5fhnyd+q8Ddq6X4GRQWXMimVXP2lkx\n" + "CuhtoFO8OWMurJJK6Yse0APfM7tOiA==\n" + "-----END CERTIFICATE-----\n"; /* Certificate with wildcard SAN but no CN. */ char pem4[] = - "X.509 Certificate Information:\n" - " Version: 3\n" - " Serial Number (hex): 00\n" - " Issuer:\n" - " Validity:\n" - " Not Before: Fri Feb 16 13:40:10 UTC 2007\n" - " Not After: Fri Mar 30 13:40:12 UTC 2007\n" - " Subject:\n" - " Subject Public Key Algorithm: RSA\n" - " Modulus (bits 1024):\n" - " be:ec:98:7a:1d:6f:7e:6b:25:9e:e8:20:78:42:a0:64\n" - " 05:66:43:99:6d:49:d5:18:ec:7d:b9:58:64:b2:80:a3\n" - " 14:61:9d:0a:4f:be:2f:f0:2e:fc:d2:ab:5c:36:df:53\n" - " ec:43:c7:fc:de:91:bc:1e:01:a6:b7:6c:b2:07:10:2e\n" - " cb:61:47:75:ca:03:ce:23:6e:38:f1:34:27:1a:1a:cd\n" - " f7:96:f3:b3:f0:0d:67:7f:ca:77:84:3f:9c:29:f4:62\n" - " 91:f6:12:5b:62:5a:cc:ba:ed:08:2e:32:44:26:ac:fd\n" - " 23:ce:53:1b:bb:f2:87:fe:dc:78:93:7c:59:bf:a1:75\n" - " Exponent:\n" - " 01:00:01\n" - " Extensions:\n" - " Basic Constraints (critical):\n" - " Certificate Authority (CA): TRUE\n" - " Subject Alternative Name (not critical):\n" - " DNSname: *.example.org\n" - " Key Purpose (not critical):\n" - " TLS WWW Server.\n" - " Subject Key Identifier (not critical):\n" - " e93c1cfbad926ee606a4562ca2e1c05327c8f295\n" - " Signature Algorithm: RSA-SHA\n" - " Signature:\n" - " b1:62:e5:e3:0b:a5:99:58:b0:1c:5c:f5:d1:3f:7c:bb\n" - " 67:e1:43:c5:d7:a2:5c:db:f2:5a:f3:03:fc:76:e4:4d\n" - " c1:a0:89:36:24:82:a4:a1:ad:f5:83:e3:96:75:f4:c4\n" - " f3:eb:ff:3a:9b:da:d2:2c:58:d4:10:37:50:33:d1:39\n" - " 53:71:9e:48:2d:b2:5b:27:ce:1e:d9:d5:36:59:ac:17\n" - " 3a:83:cc:59:6b:8f:6a:24:b8:9f:f0:e6:14:03:23:5a\n" - " 87:e7:33:10:32:11:58:a2:bb:f1:e5:5a:88:87:bb:80\n" - " 1b:b6:bb:12:18:cb:15:d5:3a:fc:99:e4:42:5a:ba:45\n" - "Other Information:\n" - " MD5 fingerprint:\n" - " a411da7b0fa064d214116d5f94e06c24\n" - " SHA-1 fingerprint:\n" - " 3596e796c73ed096d762ab3d440a9ab55a386b3b\n" - " Public Key ID:\n" - " e93c1cfbad926ee606a4562ca2e1c05327c8f295\n" - "\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIB0DCCATugAwIBAgIBADALBgkqhkiG9w0BAQUwADAeFw0wNzAyMTYxMzQwMTBa\n" - "Fw0wNzAzMzAxMzQwMTJaMAAwgZwwCwYJKoZIhvcNAQEBA4GMADCBiAKBgL7smHod\n" - "b35rJZ7oIHhCoGQFZkOZbUnVGOx9uVhksoCjFGGdCk++L/Au/NKrXDbfU+xDx/ze\n" - "kbweAaa3bLIHEC7LYUd1ygPOI2448TQnGhrN95bzs/ANZ3/Kd4Q/nCn0YpH2Elti\n" - "Wsy67QguMkQmrP0jzlMbu/KH/tx4k3xZv6F1AgMBAAGjYTBfMA8GA1UdEwEB/wQF\n" - "MAMBAf8wGAYDVR0RBBEwD4INKi5leGFtcGxlLm9yZzATBgNVHSUEDDAKBggrBgEF\n" - "BQcDATAdBgNVHQ4EFgQU6Twc+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEF\n" - "A4GBALFi5eMLpZlYsBxc9dE/fLtn4UPF16Jc2/Ja8wP8duRNwaCJNiSCpKGt9YPj\n" - "lnX0xPPr/zqb2tIsWNQQN1Az0TlTcZ5ILbJbJ84e2dU2WawXOoPMWWuPaiS4n/Dm\n" - "FAMjWofnMxAyEViiu/HlWoiHu4AbtrsSGMsV1Tr8meRCWrpF\n" - "-----END CERTIFICATE-----\n"; + "X.509 Certificate Information:\n" + " Version: 3\n" + " Serial Number (hex): 00\n" + " Issuer:\n" + " Validity:\n" + " Not Before: Fri Feb 16 13:40:10 UTC 2007\n" + " Not After: Fri Mar 30 13:40:12 UTC 2007\n" + " Subject:\n" + " Subject Public Key Algorithm: RSA\n" + " Modulus (bits 1024):\n" + " be:ec:98:7a:1d:6f:7e:6b:25:9e:e8:20:78:42:a0:64\n" + " 05:66:43:99:6d:49:d5:18:ec:7d:b9:58:64:b2:80:a3\n" + " 14:61:9d:0a:4f:be:2f:f0:2e:fc:d2:ab:5c:36:df:53\n" + " ec:43:c7:fc:de:91:bc:1e:01:a6:b7:6c:b2:07:10:2e\n" + " cb:61:47:75:ca:03:ce:23:6e:38:f1:34:27:1a:1a:cd\n" + " f7:96:f3:b3:f0:0d:67:7f:ca:77:84:3f:9c:29:f4:62\n" + " 91:f6:12:5b:62:5a:cc:ba:ed:08:2e:32:44:26:ac:fd\n" + " 23:ce:53:1b:bb:f2:87:fe:dc:78:93:7c:59:bf:a1:75\n" + " Exponent:\n" + " 01:00:01\n" + " Extensions:\n" + " Basic Constraints (critical):\n" + " Certificate Authority (CA): TRUE\n" + " Subject Alternative Name (not critical):\n" + " DNSname: *.example.org\n" + " Key Purpose (not critical):\n" + " TLS WWW Server.\n" + " Subject Key Identifier (not critical):\n" + " e93c1cfbad926ee606a4562ca2e1c05327c8f295\n" + " Signature Algorithm: RSA-SHA\n" + " Signature:\n" + " b1:62:e5:e3:0b:a5:99:58:b0:1c:5c:f5:d1:3f:7c:bb\n" + " 67:e1:43:c5:d7:a2:5c:db:f2:5a:f3:03:fc:76:e4:4d\n" + " c1:a0:89:36:24:82:a4:a1:ad:f5:83:e3:96:75:f4:c4\n" + " f3:eb:ff:3a:9b:da:d2:2c:58:d4:10:37:50:33:d1:39\n" + " 53:71:9e:48:2d:b2:5b:27:ce:1e:d9:d5:36:59:ac:17\n" + " 3a:83:cc:59:6b:8f:6a:24:b8:9f:f0:e6:14:03:23:5a\n" + " 87:e7:33:10:32:11:58:a2:bb:f1:e5:5a:88:87:bb:80\n" + " 1b:b6:bb:12:18:cb:15:d5:3a:fc:99:e4:42:5a:ba:45\n" + "Other Information:\n" + " MD5 fingerprint:\n" + " a411da7b0fa064d214116d5f94e06c24\n" + " SHA-1 fingerprint:\n" + " 3596e796c73ed096d762ab3d440a9ab55a386b3b\n" + " Public Key ID:\n" + " e93c1cfbad926ee606a4562ca2e1c05327c8f295\n" + "\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIB0DCCATugAwIBAgIBADALBgkqhkiG9w0BAQUwADAeFw0wNzAyMTYxMzQwMTBa\n" + "Fw0wNzAzMzAxMzQwMTJaMAAwgZwwCwYJKoZIhvcNAQEBA4GMADCBiAKBgL7smHod\n" + "b35rJZ7oIHhCoGQFZkOZbUnVGOx9uVhksoCjFGGdCk++L/Au/NKrXDbfU+xDx/ze\n" + "kbweAaa3bLIHEC7LYUd1ygPOI2448TQnGhrN95bzs/ANZ3/Kd4Q/nCn0YpH2Elti\n" + "Wsy67QguMkQmrP0jzlMbu/KH/tx4k3xZv6F1AgMBAAGjYTBfMA8GA1UdEwEB/wQF\n" + "MAMBAf8wGAYDVR0RBBEwD4INKi5leGFtcGxlLm9yZzATBgNVHSUEDDAKBggrBgEF\n" + "BQcDATAdBgNVHQ4EFgQU6Twc+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEF\n" + "A4GBALFi5eMLpZlYsBxc9dE/fLtn4UPF16Jc2/Ja8wP8duRNwaCJNiSCpKGt9YPj\n" + "lnX0xPPr/zqb2tIsWNQQN1Az0TlTcZ5ILbJbJ84e2dU2WawXOoPMWWuPaiS4n/Dm\n" + "FAMjWofnMxAyEViiu/HlWoiHu4AbtrsSGMsV1Tr8meRCWrpF\n" + "-----END CERTIFICATE-----\n"; #ifdef SUPPORT_COMPLEX_WILDCARDS /* Certificate with multiple wildcards SAN but no CN. */ char pem6[] = - "X.509 Certificate Information:\n" - " Version: 3\n" - " Serial Number (hex): 00\n" - " Validity:\n" - " Not Before: Sat May 3 11:00:51 UTC 2008\n" - " Not After: Sat May 17 11:00:54 UTC 2008\n" - " Subject: O=GnuTLS hostname check test CA\n" - " Subject Public Key Algorithm: RSA\n" - " Modulus (bits 1024):\n" - " d2:05:c1:65:cb:bd:1e:2e:eb:7b:87:07:94:4c:93:33\n" - " f3:81:83:7d:32:1b:71:4e:4e:7f:c7:bc:bf:4b:2f:f2\n" - " 49:b5:cf:bf:c0:b8:e8:29:cc:f3:61:bd:2e:1d:e4:e8\n" - " 19:dd:c5:bd:2e:f0:35:b1:fd:30:d7:f5:a8:7c:83:9a\n" - " 13:9e:bf:25:ed:08:a6:05:9e:7b:4e:23:59:c3:0e:5a\n" - " f3:bf:54:c7:dc:d4:13:57:a1:0f:a2:9e:c8:ab:75:66\n" - " de:07:84:8d:68:ad:71:04:e0:9c:bd:cb:f6:08:7a:97\n" - " 42:f8:10:94:29:01:4a:7e:61:d7:04:21:05:4c:f1:07\n" - " Exponent:\n" - " 01:00:01\n" - " Extensions:\n" - " Basic Constraints (critical):\n" - " Certificate Authority (CA): TRUE\n" - " Subject Alternative Name (not critical):\n" - " DNSname: *.*.example.org\n" - " Key Purpose (not critical):\n" - " TLS WWW Server.\n" - " Subject Key Identifier (not critical):\n" - " 5493e6599b283b4529378818aef9a4abbf4d9918\n" - "Other Information:\n" - " Public Key ID:\n" - " 5493e6599b283b4529378818aef9a4abbf4d9918\n" - "\n" - "-----BEGIN CERTIFICATE-----\n" - "MIICIjCCAY2gAwIBAgIBADALBgkqhkiG9w0BAQUwKDEmMCQGA1UEChMdR251VExT\n" - "IGhvc3RuYW1lIGNoZWNrIHRlc3QgQ0EwHhcNMDgwNTAzMTEwMDUxWhcNMDgwNTE3\n" - "MTEwMDU0WjAoMSYwJAYDVQQKEx1HbnVUTFMgaG9zdG5hbWUgY2hlY2sgdGVzdCBD\n" - "QTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA0gXBZcu9Hi7re4cHlEyTM/OBg30y\n" - "G3FOTn/HvL9LL/JJtc+/wLjoKczzYb0uHeToGd3FvS7wNbH9MNf1qHyDmhOevyXt\n" - "CKYFnntOI1nDDlrzv1TH3NQTV6EPop7Iq3Vm3geEjWitcQTgnL3L9gh6l0L4EJQp\n" - "AUp+YdcEIQVM8QcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAaBgNVHREEEzAR\n" - "gg8qLiouZXhhbXBsZS5vcmcwEwYDVR0lBAwwCgYIKwYBBQUHAwEwHQYDVR0OBBYE\n" - "FFST5lmbKDtFKTeIGK75pKu/TZkYMAsGCSqGSIb3DQEBBQOBgQAQ9PStleVvfmlK\n" - "wRs8RE/oOO+ouC3qLdnumNEITMRFh8Q12/X4yMLD3CH0aQ/hvHcP26PxAWzpNutk\n" - "swNx7AzsCu6pN1t1aI3jLgo8e4/zZi57e8QcRuXZPDJxtJxVhJZX/C4pSz802WhS\n" - "64NgtpHEMu9JUHFhtRwPcvVGYqPUUA==\n" "-----END CERTIFICATE-----\n"; + "X.509 Certificate Information:\n" + " Version: 3\n" + " Serial Number (hex): 00\n" + " Validity:\n" + " Not Before: Sat May 3 11:00:51 UTC 2008\n" + " Not After: Sat May 17 11:00:54 UTC 2008\n" + " Subject: O=GnuTLS hostname check test CA\n" + " Subject Public Key Algorithm: RSA\n" + " Modulus (bits 1024):\n" + " d2:05:c1:65:cb:bd:1e:2e:eb:7b:87:07:94:4c:93:33\n" + " f3:81:83:7d:32:1b:71:4e:4e:7f:c7:bc:bf:4b:2f:f2\n" + " 49:b5:cf:bf:c0:b8:e8:29:cc:f3:61:bd:2e:1d:e4:e8\n" + " 19:dd:c5:bd:2e:f0:35:b1:fd:30:d7:f5:a8:7c:83:9a\n" + " 13:9e:bf:25:ed:08:a6:05:9e:7b:4e:23:59:c3:0e:5a\n" + " f3:bf:54:c7:dc:d4:13:57:a1:0f:a2:9e:c8:ab:75:66\n" + " de:07:84:8d:68:ad:71:04:e0:9c:bd:cb:f6:08:7a:97\n" + " 42:f8:10:94:29:01:4a:7e:61:d7:04:21:05:4c:f1:07\n" + " Exponent:\n" + " 01:00:01\n" + " Extensions:\n" + " Basic Constraints (critical):\n" + " Certificate Authority (CA): TRUE\n" + " Subject Alternative Name (not critical):\n" + " DNSname: *.*.example.org\n" + " Key Purpose (not critical):\n" + " TLS WWW Server.\n" + " Subject Key Identifier (not critical):\n" + " 5493e6599b283b4529378818aef9a4abbf4d9918\n" + "Other Information:\n" + " Public Key ID:\n" + " 5493e6599b283b4529378818aef9a4abbf4d9918\n" + "\n" + "-----BEGIN CERTIFICATE-----\n" + "MIICIjCCAY2gAwIBAgIBADALBgkqhkiG9w0BAQUwKDEmMCQGA1UEChMdR251VExT\n" + "IGhvc3RuYW1lIGNoZWNrIHRlc3QgQ0EwHhcNMDgwNTAzMTEwMDUxWhcNMDgwNTE3\n" + "MTEwMDU0WjAoMSYwJAYDVQQKEx1HbnVUTFMgaG9zdG5hbWUgY2hlY2sgdGVzdCBD\n" + "QTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA0gXBZcu9Hi7re4cHlEyTM/OBg30y\n" + "G3FOTn/HvL9LL/JJtc+/wLjoKczzYb0uHeToGd3FvS7wNbH9MNf1qHyDmhOevyXt\n" + "CKYFnntOI1nDDlrzv1TH3NQTV6EPop7Iq3Vm3geEjWitcQTgnL3L9gh6l0L4EJQp\n" + "AUp+YdcEIQVM8QcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAaBgNVHREEEzAR\n" + "gg8qLiouZXhhbXBsZS5vcmcwEwYDVR0lBAwwCgYIKwYBBQUHAwEwHQYDVR0OBBYE\n" + "FFST5lmbKDtFKTeIGK75pKu/TZkYMAsGCSqGSIb3DQEBBQOBgQAQ9PStleVvfmlK\n" + "wRs8RE/oOO+ouC3qLdnumNEITMRFh8Q12/X4yMLD3CH0aQ/hvHcP26PxAWzpNutk\n" + "swNx7AzsCu6pN1t1aI3jLgo8e4/zZi57e8QcRuXZPDJxtJxVhJZX/C4pSz802WhS\n" + "64NgtpHEMu9JUHFhtRwPcvVGYqPUUA==\n" + "-----END CERTIFICATE-----\n"; /* Certificate with prefixed and suffixed wildcard SAN but no CN. */ char pem7[] = - "X.509 Certificate Information:\n" - " Version: 3\n" - " Serial Number (hex): 00\n" - " Validity:\n" - " Not Before: Sat May 3 11:02:43 UTC 2008\n" - " Not After: Sat May 17 11:02:45 UTC 2008\n" - " Subject: O=GnuTLS hostname check test CA\n" - " Subject Public Key Algorithm: RSA\n" - " Modulus (bits 1024):\n" - " d2:05:c1:65:cb:bd:1e:2e:eb:7b:87:07:94:4c:93:33\n" - " f3:81:83:7d:32:1b:71:4e:4e:7f:c7:bc:bf:4b:2f:f2\n" - " 49:b5:cf:bf:c0:b8:e8:29:cc:f3:61:bd:2e:1d:e4:e8\n" - " 19:dd:c5:bd:2e:f0:35:b1:fd:30:d7:f5:a8:7c:83:9a\n" - " 13:9e:bf:25:ed:08:a6:05:9e:7b:4e:23:59:c3:0e:5a\n" - " f3:bf:54:c7:dc:d4:13:57:a1:0f:a2:9e:c8:ab:75:66\n" - " de:07:84:8d:68:ad:71:04:e0:9c:bd:cb:f6:08:7a:97\n" - " 42:f8:10:94:29:01:4a:7e:61:d7:04:21:05:4c:f1:07\n" - " Exponent:\n" - " 01:00:01\n" - " Extensions:\n" - " Basic Constraints (critical):\n" - " Certificate Authority (CA): TRUE\n" - " Subject Alternative Name (not critical):\n" - " DNSname: foo*bar.example.org\n" - " Key Purpose (not critical):\n" - " TLS WWW Server.\n" - " Subject Key Identifier (not critical):\n" - " 5493e6599b283b4529378818aef9a4abbf4d9918\n" - "Other Information:\n" - " Public Key ID:\n" - " 5493e6599b283b4529378818aef9a4abbf4d9918\n" - "\n" - "-----BEGIN CERTIFICATE-----\n" - "MIICJjCCAZGgAwIBAgIBADALBgkqhkiG9w0BAQUwKDEmMCQGA1UEChMdR251VExT\n" - "IGhvc3RuYW1lIGNoZWNrIHRlc3QgQ0EwHhcNMDgwNTAzMTEwMjQzWhcNMDgwNTE3\n" - "MTEwMjQ1WjAoMSYwJAYDVQQKEx1HbnVUTFMgaG9zdG5hbWUgY2hlY2sgdGVzdCBD\n" - "QTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA0gXBZcu9Hi7re4cHlEyTM/OBg30y\n" - "G3FOTn/HvL9LL/JJtc+/wLjoKczzYb0uHeToGd3FvS7wNbH9MNf1qHyDmhOevyXt\n" - "CKYFnntOI1nDDlrzv1TH3NQTV6EPop7Iq3Vm3geEjWitcQTgnL3L9gh6l0L4EJQp\n" - "AUp+YdcEIQVM8QcCAwEAAaNnMGUwDwYDVR0TAQH/BAUwAwEB/zAeBgNVHREEFzAV\n" - "ghNmb28qYmFyLmV4YW1wbGUub3JnMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB0GA1Ud\n" - "DgQWBBRUk+ZZmyg7RSk3iBiu+aSrv02ZGDALBgkqhkiG9w0BAQUDgYEAPPNe38jc\n" - "8NsZQVKKLYc1Y4y8LRPhvnxkSnlcGa1RzYZY1s12BZ6OVIfyxD1Z9BcNdqRSq7bQ\n" - "kEicsGp5ugGQTNq6aSlzYOUD9/fUP3jDsH7HVb36aCF3waGCQWj+pLqK0LYcW2p/\n" - "xnr5+z4YevFBhn7l/fMhg8TzKejxYm7TECg=\n" "-----END CERTIFICATE-----\n"; + "X.509 Certificate Information:\n" + " Version: 3\n" + " Serial Number (hex): 00\n" + " Validity:\n" + " Not Before: Sat May 3 11:02:43 UTC 2008\n" + " Not After: Sat May 17 11:02:45 UTC 2008\n" + " Subject: O=GnuTLS hostname check test CA\n" + " Subject Public Key Algorithm: RSA\n" + " Modulus (bits 1024):\n" + " d2:05:c1:65:cb:bd:1e:2e:eb:7b:87:07:94:4c:93:33\n" + " f3:81:83:7d:32:1b:71:4e:4e:7f:c7:bc:bf:4b:2f:f2\n" + " 49:b5:cf:bf:c0:b8:e8:29:cc:f3:61:bd:2e:1d:e4:e8\n" + " 19:dd:c5:bd:2e:f0:35:b1:fd:30:d7:f5:a8:7c:83:9a\n" + " 13:9e:bf:25:ed:08:a6:05:9e:7b:4e:23:59:c3:0e:5a\n" + " f3:bf:54:c7:dc:d4:13:57:a1:0f:a2:9e:c8:ab:75:66\n" + " de:07:84:8d:68:ad:71:04:e0:9c:bd:cb:f6:08:7a:97\n" + " 42:f8:10:94:29:01:4a:7e:61:d7:04:21:05:4c:f1:07\n" + " Exponent:\n" + " 01:00:01\n" + " Extensions:\n" + " Basic Constraints (critical):\n" + " Certificate Authority (CA): TRUE\n" + " Subject Alternative Name (not critical):\n" + " DNSname: foo*bar.example.org\n" + " Key Purpose (not critical):\n" + " TLS WWW Server.\n" + " Subject Key Identifier (not critical):\n" + " 5493e6599b283b4529378818aef9a4abbf4d9918\n" + "Other Information:\n" + " Public Key ID:\n" + " 5493e6599b283b4529378818aef9a4abbf4d9918\n" + "\n" + "-----BEGIN CERTIFICATE-----\n" + "MIICJjCCAZGgAwIBAgIBADALBgkqhkiG9w0BAQUwKDEmMCQGA1UEChMdR251VExT\n" + "IGhvc3RuYW1lIGNoZWNrIHRlc3QgQ0EwHhcNMDgwNTAzMTEwMjQzWhcNMDgwNTE3\n" + "MTEwMjQ1WjAoMSYwJAYDVQQKEx1HbnVUTFMgaG9zdG5hbWUgY2hlY2sgdGVzdCBD\n" + "QTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA0gXBZcu9Hi7re4cHlEyTM/OBg30y\n" + "G3FOTn/HvL9LL/JJtc+/wLjoKczzYb0uHeToGd3FvS7wNbH9MNf1qHyDmhOevyXt\n" + "CKYFnntOI1nDDlrzv1TH3NQTV6EPop7Iq3Vm3geEjWitcQTgnL3L9gh6l0L4EJQp\n" + "AUp+YdcEIQVM8QcCAwEAAaNnMGUwDwYDVR0TAQH/BAUwAwEB/zAeBgNVHREEFzAV\n" + "ghNmb28qYmFyLmV4YW1wbGUub3JnMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB0GA1Ud\n" + "DgQWBBRUk+ZZmyg7RSk3iBiu+aSrv02ZGDALBgkqhkiG9w0BAQUDgYEAPPNe38jc\n" + "8NsZQVKKLYc1Y4y8LRPhvnxkSnlcGa1RzYZY1s12BZ6OVIfyxD1Z9BcNdqRSq7bQ\n" + "kEicsGp5ugGQTNq6aSlzYOUD9/fUP3jDsH7HVb36aCF3waGCQWj+pLqK0LYcW2p/\n" + "xnr5+z4YevFBhn7l/fMhg8TzKejxYm7TECg=\n" + "-----END CERTIFICATE-----\n"; #endif /* Certificate with ending wildcard SAN but no CN. */ char pem8[] = - "X.509 Certificate Information:\n" - " Version: 3\n" - " Serial Number (hex): 00\n" - " Validity:\n" - " Not Before: Sat May 3 11:24:38 UTC 2008\n" - " Not After: Sat May 17 11:24:40 UTC 2008\n" - " Subject: O=GnuTLS hostname check test CA\n" - " Subject Public Key Algorithm: RSA\n" - " Modulus (bits 1024):\n" - " d2:05:c1:65:cb:bd:1e:2e:eb:7b:87:07:94:4c:93:33\n" - " f3:81:83:7d:32:1b:71:4e:4e:7f:c7:bc:bf:4b:2f:f2\n" - " 49:b5:cf:bf:c0:b8:e8:29:cc:f3:61:bd:2e:1d:e4:e8\n" - " 19:dd:c5:bd:2e:f0:35:b1:fd:30:d7:f5:a8:7c:83:9a\n" - " 13:9e:bf:25:ed:08:a6:05:9e:7b:4e:23:59:c3:0e:5a\n" - " f3:bf:54:c7:dc:d4:13:57:a1:0f:a2:9e:c8:ab:75:66\n" - " de:07:84:8d:68:ad:71:04:e0:9c:bd:cb:f6:08:7a:97\n" - " 42:f8:10:94:29:01:4a:7e:61:d7:04:21:05:4c:f1:07\n" - " Exponent:\n" - " 01:00:01\n" - " Extensions:\n" - " Basic Constraints (critical):\n" - " Certificate Authority (CA): TRUE\n" - " Subject Alternative Name (not critical):\n" - " DNSname: www.example.*\n" - " Key Purpose (not critical):\n" - " TLS WWW Server.\n" - " Subject Key Identifier (not critical):\n" - " 5493e6599b283b4529378818aef9a4abbf4d9918\n" - "Other Information:\n" - " Public Key ID:\n" - " 5493e6599b283b4529378818aef9a4abbf4d9918\n" - "\n" - "-----BEGIN CERTIFICATE-----\n" - "MIICIDCCAYugAwIBAgIBADALBgkqhkiG9w0BAQUwKDEmMCQGA1UEChMdR251VExT\n" - "IGhvc3RuYW1lIGNoZWNrIHRlc3QgQ0EwHhcNMDgwNTAzMTEyNDM4WhcNMDgwNTE3\n" - "MTEyNDQwWjAoMSYwJAYDVQQKEx1HbnVUTFMgaG9zdG5hbWUgY2hlY2sgdGVzdCBD\n" - "QTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA0gXBZcu9Hi7re4cHlEyTM/OBg30y\n" - "G3FOTn/HvL9LL/JJtc+/wLjoKczzYb0uHeToGd3FvS7wNbH9MNf1qHyDmhOevyXt\n" - "CKYFnntOI1nDDlrzv1TH3NQTV6EPop7Iq3Vm3geEjWitcQTgnL3L9gh6l0L4EJQp\n" - "AUp+YdcEIQVM8QcCAwEAAaNhMF8wDwYDVR0TAQH/BAUwAwEB/zAYBgNVHREEETAP\n" - "gg13d3cuZXhhbXBsZS4qMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB0GA1UdDgQWBBRU\n" - "k+ZZmyg7RSk3iBiu+aSrv02ZGDALBgkqhkiG9w0BAQUDgYEAZ7gLXtXwFW61dSAM\n" - "0Qt6IN68WBH7LCzetSF8ofG1WVUImCUU3pqXhXYtPGTrswOh2AavWTRbzVTtrFvf\n" - "WJg09Z7H6I70RPvAYGsK9t9qJ/4TPoYTGYQgsTbVpkv13O54O6jzemd8Zws/xMH5\n" - "7/q6C7P5OUmGOtfVe7UVDY0taQM=\n" "-----END CERTIFICATE-----\n"; + "X.509 Certificate Information:\n" + " Version: 3\n" + " Serial Number (hex): 00\n" + " Validity:\n" + " Not Before: Sat May 3 11:24:38 UTC 2008\n" + " Not After: Sat May 17 11:24:40 UTC 2008\n" + " Subject: O=GnuTLS hostname check test CA\n" + " Subject Public Key Algorithm: RSA\n" + " Modulus (bits 1024):\n" + " d2:05:c1:65:cb:bd:1e:2e:eb:7b:87:07:94:4c:93:33\n" + " f3:81:83:7d:32:1b:71:4e:4e:7f:c7:bc:bf:4b:2f:f2\n" + " 49:b5:cf:bf:c0:b8:e8:29:cc:f3:61:bd:2e:1d:e4:e8\n" + " 19:dd:c5:bd:2e:f0:35:b1:fd:30:d7:f5:a8:7c:83:9a\n" + " 13:9e:bf:25:ed:08:a6:05:9e:7b:4e:23:59:c3:0e:5a\n" + " f3:bf:54:c7:dc:d4:13:57:a1:0f:a2:9e:c8:ab:75:66\n" + " de:07:84:8d:68:ad:71:04:e0:9c:bd:cb:f6:08:7a:97\n" + " 42:f8:10:94:29:01:4a:7e:61:d7:04:21:05:4c:f1:07\n" + " Exponent:\n" + " 01:00:01\n" + " Extensions:\n" + " Basic Constraints (critical):\n" + " Certificate Authority (CA): TRUE\n" + " Subject Alternative Name (not critical):\n" + " DNSname: www.example.*\n" + " Key Purpose (not critical):\n" + " TLS WWW Server.\n" + " Subject Key Identifier (not critical):\n" + " 5493e6599b283b4529378818aef9a4abbf4d9918\n" + "Other Information:\n" + " Public Key ID:\n" + " 5493e6599b283b4529378818aef9a4abbf4d9918\n" + "\n" + "-----BEGIN CERTIFICATE-----\n" + "MIICIDCCAYugAwIBAgIBADALBgkqhkiG9w0BAQUwKDEmMCQGA1UEChMdR251VExT\n" + "IGhvc3RuYW1lIGNoZWNrIHRlc3QgQ0EwHhcNMDgwNTAzMTEyNDM4WhcNMDgwNTE3\n" + "MTEyNDQwWjAoMSYwJAYDVQQKEx1HbnVUTFMgaG9zdG5hbWUgY2hlY2sgdGVzdCBD\n" + "QTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA0gXBZcu9Hi7re4cHlEyTM/OBg30y\n" + "G3FOTn/HvL9LL/JJtc+/wLjoKczzYb0uHeToGd3FvS7wNbH9MNf1qHyDmhOevyXt\n" + "CKYFnntOI1nDDlrzv1TH3NQTV6EPop7Iq3Vm3geEjWitcQTgnL3L9gh6l0L4EJQp\n" + "AUp+YdcEIQVM8QcCAwEAAaNhMF8wDwYDVR0TAQH/BAUwAwEB/zAYBgNVHREEETAP\n" + "gg13d3cuZXhhbXBsZS4qMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB0GA1UdDgQWBBRU\n" + "k+ZZmyg7RSk3iBiu+aSrv02ZGDALBgkqhkiG9w0BAQUDgYEAZ7gLXtXwFW61dSAM\n" + "0Qt6IN68WBH7LCzetSF8ofG1WVUImCUU3pqXhXYtPGTrswOh2AavWTRbzVTtrFvf\n" + "WJg09Z7H6I70RPvAYGsK9t9qJ/4TPoYTGYQgsTbVpkv13O54O6jzemd8Zws/xMH5\n" + "7/q6C7P5OUmGOtfVe7UVDY0taQM=\n" + "-----END CERTIFICATE-----\n"; /* Certificate with SAN and CN but for different names. */ char pem9[] = - "X.509 Certificate Information:\n" - " Version: 3\n" - " Serial Number (hex): 4a827d5c\n" - " Issuer: O=GnuTLS hostname check test CA,CN=foo.example.org\n" - " Validity:\n" - " Not Before: Wed Aug 12 08:29:17 UTC 2009\n" - " Not After: Thu Aug 13 08:29:23 UTC 2009\n" - " Subject: O=GnuTLS hostname check test CA,CN=foo.example.org\n" - " Subject Public Key Algorithm: RSA\n" - " Modulus (bits 1024):\n" - " bb:66:43:f5:f2:c5:d7:b6:8c:cc:c5:df:f5:88:3b:b1\n" - " c9:4b:6a:0e:a1:ad:20:50:40:08:80:a1:4f:5c:a3:d0\n" - " f8:6c:cf:e6:3c:f7:ec:04:76:13:17:8b:64:89:22:5b\n" - " c0:dd:53:7c:3b:ed:7c:04:bb:80:b9:28:be:8e:9b:c6\n" - " 8e:a0:a5:12:cb:f5:57:1e:a2:e7:bb:b7:33:49:9f:e3\n" - " bb:4a:ae:6a:4d:68:ff:c9:11:e2:32:8d:ce:3d:80:0b\n" - " 8d:75:ef:d8:00:81:8f:28:04:03:a0:22:8d:61:04:07\n" - " fa:b6:37:7d:21:07:49:d2:09:61:69:98:90:a3:58:a9\n" - " Exponent (bits 24):\n" - " 01:00:01\n" - " Extensions:\n" - " Basic Constraints (critical):\n" - " Certificate Authority (CA): TRUE\n" - " Subject Alternative Name (not critical):\n" - " DNSname: bar.example.org\n" - " Key Purpose (not critical):\n" - " TLS WWW Server.\n" - " Subject Key Identifier (not critical):\n" - " 4cb90a9bfa1d34e37edecbd20715fea1dacb6891\n" - " Signature Algorithm: RSA-SHA\n" - " Signature:\n" - " a2:1f:d2:90:5f:c9:1c:6f:92:1d:c5:0b:ac:b0:17:23\n" - " c5:67:46:94:6f:0f:62:7d:66:4c:28:ff:b7:10:73:60\n" - " ae:0e:a2:47:82:83:bb:89:0d:f1:16:5e:f9:5b:35:4b\n" - " ce:ee:5e:d0:ad:b5:8b:cc:37:b3:ac:4d:1b:58:c2:4f\n" - " 1c:7f:c6:ac:3d:25:18:67:37:f0:27:11:9b:2c:20:b6\n" - " 78:24:21:a6:77:44:e7:1a:e5:f6:bf:45:84:32:81:67\n" - " af:8d:96:26:f7:39:31:6b:63:c5:15:9d:e0:a0:9a:1e\n" - " 96:12:cb:ad:85:cb:a7:d4:86:ac:d8:f5:e9:a4:2b:20\n" - "Other Information:\n" - " MD5 fingerprint:\n" - " f27b18092c7497f206e70f504eee0f8e\n" - " SHA-1 fingerprint:\n" - " bebdac9d0dd54e8f044642e0f065fae5d75ca6e5\n" - " Public Key ID:\n" - " 4cb90a9bfa1d34e37edecbd20715fea1dacb6891\n" - "\n" - "-----BEGIN CERTIFICATE-----\n" - "MIICWTCCAcSgAwIBAgIESoJ9XDALBgkqhkiG9w0BAQUwQjEmMCQGA1UEChMdR251\n" - "VExTIGhvc3RuYW1lIGNoZWNrIHRlc3QgQ0ExGDAWBgNVBAMTD2Zvby5leGFtcGxl\n" - "Lm9yZzAeFw0wOTA4MTIwODI5MTdaFw0wOTA4MTMwODI5MjNaMEIxJjAkBgNVBAoT\n" - "HUdudVRMUyBob3N0bmFtZSBjaGVjayB0ZXN0IENBMRgwFgYDVQQDEw9mb28uZXhh\n" - "bXBsZS5vcmcwgZwwCwYJKoZIhvcNAQEBA4GMADCBiAKBgLtmQ/Xyxde2jMzF3/WI\n" - "O7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeLZIkiW8DdU3w77XwEu4C5KL6O\n" - "m8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKNzj2AC41179gAgY8oBAOgIo1h\n" - "BAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wGgYD\n" - "VR0RBBMwEYIPYmFyLmV4YW1wbGUub3JnMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB0G\n" - "A1UdDgQWBBRMuQqb+h00437ey9IHFf6h2stokTALBgkqhkiG9w0BAQUDgYEAoh/S\n" - "kF/JHG+SHcULrLAXI8VnRpRvD2J9Zkwo/7cQc2CuDqJHgoO7iQ3xFl75WzVLzu5e\n" - "0K21i8w3s6xNG1jCTxx/xqw9JRhnN/AnEZssILZ4JCGmd0TnGuX2v0WEMoFnr42W\n" - "Jvc5MWtjxRWd4KCaHpYSy62Fy6fUhqzY9emkKyA=\n" "-----END CERTIFICATE-----\n"; + "X.509 Certificate Information:\n" + " Version: 3\n" + " Serial Number (hex): 4a827d5c\n" + " Issuer: O=GnuTLS hostname check test CA,CN=foo.example.org\n" + " Validity:\n" + " Not Before: Wed Aug 12 08:29:17 UTC 2009\n" + " Not After: Thu Aug 13 08:29:23 UTC 2009\n" + " Subject: O=GnuTLS hostname check test CA,CN=foo.example.org\n" + " Subject Public Key Algorithm: RSA\n" + " Modulus (bits 1024):\n" + " bb:66:43:f5:f2:c5:d7:b6:8c:cc:c5:df:f5:88:3b:b1\n" + " c9:4b:6a:0e:a1:ad:20:50:40:08:80:a1:4f:5c:a3:d0\n" + " f8:6c:cf:e6:3c:f7:ec:04:76:13:17:8b:64:89:22:5b\n" + " c0:dd:53:7c:3b:ed:7c:04:bb:80:b9:28:be:8e:9b:c6\n" + " 8e:a0:a5:12:cb:f5:57:1e:a2:e7:bb:b7:33:49:9f:e3\n" + " bb:4a:ae:6a:4d:68:ff:c9:11:e2:32:8d:ce:3d:80:0b\n" + " 8d:75:ef:d8:00:81:8f:28:04:03:a0:22:8d:61:04:07\n" + " fa:b6:37:7d:21:07:49:d2:09:61:69:98:90:a3:58:a9\n" + " Exponent (bits 24):\n" + " 01:00:01\n" + " Extensions:\n" + " Basic Constraints (critical):\n" + " Certificate Authority (CA): TRUE\n" + " Subject Alternative Name (not critical):\n" + " DNSname: bar.example.org\n" + " Key Purpose (not critical):\n" + " TLS WWW Server.\n" + " Subject Key Identifier (not critical):\n" + " 4cb90a9bfa1d34e37edecbd20715fea1dacb6891\n" + " Signature Algorithm: RSA-SHA\n" + " Signature:\n" + " a2:1f:d2:90:5f:c9:1c:6f:92:1d:c5:0b:ac:b0:17:23\n" + " c5:67:46:94:6f:0f:62:7d:66:4c:28:ff:b7:10:73:60\n" + " ae:0e:a2:47:82:83:bb:89:0d:f1:16:5e:f9:5b:35:4b\n" + " ce:ee:5e:d0:ad:b5:8b:cc:37:b3:ac:4d:1b:58:c2:4f\n" + " 1c:7f:c6:ac:3d:25:18:67:37:f0:27:11:9b:2c:20:b6\n" + " 78:24:21:a6:77:44:e7:1a:e5:f6:bf:45:84:32:81:67\n" + " af:8d:96:26:f7:39:31:6b:63:c5:15:9d:e0:a0:9a:1e\n" + " 96:12:cb:ad:85:cb:a7:d4:86:ac:d8:f5:e9:a4:2b:20\n" + "Other Information:\n" + " MD5 fingerprint:\n" + " f27b18092c7497f206e70f504eee0f8e\n" + " SHA-1 fingerprint:\n" + " bebdac9d0dd54e8f044642e0f065fae5d75ca6e5\n" + " Public Key ID:\n" + " 4cb90a9bfa1d34e37edecbd20715fea1dacb6891\n" + "\n" + "-----BEGIN CERTIFICATE-----\n" + "MIICWTCCAcSgAwIBAgIESoJ9XDALBgkqhkiG9w0BAQUwQjEmMCQGA1UEChMdR251\n" + "VExTIGhvc3RuYW1lIGNoZWNrIHRlc3QgQ0ExGDAWBgNVBAMTD2Zvby5leGFtcGxl\n" + "Lm9yZzAeFw0wOTA4MTIwODI5MTdaFw0wOTA4MTMwODI5MjNaMEIxJjAkBgNVBAoT\n" + "HUdudVRMUyBob3N0bmFtZSBjaGVjayB0ZXN0IENBMRgwFgYDVQQDEw9mb28uZXhh\n" + "bXBsZS5vcmcwgZwwCwYJKoZIhvcNAQEBA4GMADCBiAKBgLtmQ/Xyxde2jMzF3/WI\n" + "O7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeLZIkiW8DdU3w77XwEu4C5KL6O\n" + "m8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKNzj2AC41179gAgY8oBAOgIo1h\n" + "BAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wGgYD\n" + "VR0RBBMwEYIPYmFyLmV4YW1wbGUub3JnMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB0G\n" + "A1UdDgQWBBRMuQqb+h00437ey9IHFf6h2stokTALBgkqhkiG9w0BAQUDgYEAoh/S\n" + "kF/JHG+SHcULrLAXI8VnRpRvD2J9Zkwo/7cQc2CuDqJHgoO7iQ3xFl75WzVLzu5e\n" + "0K21i8w3s6xNG1jCTxx/xqw9JRhnN/AnEZssILZ4JCGmd0TnGuX2v0WEMoFnr42W\n" + "Jvc5MWtjxRWd4KCaHpYSy62Fy6fUhqzY9emkKyA=\n" + "-----END CERTIFICATE-----\n"; /* Certificate with SAN and CN that match iff you truncate the SAN to the embedded NUL. See . */ char pem10[] = - "X.509 Certificate Information:\n" - " Version: 3\n" - " Serial Number (hex): 0b5d0a870d09\n" - " Issuer: C=NN,O=Edel Curl Arctic Illudium Research Cloud,CN=Northern Nowhere Trust Anchor\n" - " Validity:\n" - " Not Before: Tue Aug 04 22:07:33 UTC 2009\n" - " Not After: Sat Oct 21 22:07:33 UTC 2017\n" - " Subject: C=NN,O=Edel Curl Arctic Illudium Research Cloud,CN=localhost\n" - " Subject Public Key Algorithm: RSA\n" - " Modulus (bits 1024):\n" - " be:67:3b:b4:ea:c0:85:b4:c3:56:c1:a4:96:23:36:f5\n" - " c6:77:aa:ad:e5:c1:dd:ce:c1:9a:97:07:dd:16:90:eb\n" - " f0:38:b5:95:6b:a6:0f:b9:73:4e:7d:82:57:ab:5f:b5\n" - " ba:5c:a0:48:8c:82:77:fd:67:d8:53:44:61:86:a5:06\n" - " 19:bf:73:51:68:2e:1a:0a:c5:05:39:ca:3d:ca:83:ed\n" - " 07:fe:ae:b7:73:1d:60:dd:ab:9e:0e:7e:02:f3:68:42\n" - " 93:27:c8:5f:c5:fa:cb:a9:84:06:2f:f3:66:bd:de:7d\n" - " 29:82:57:47:e4:a9:df:bf:8b:bc:c0:46:33:5a:7b:87\n" - " Exponent (bits 24):\n" - " 01:00:01\n" - " Extensions:\n" - " Subject Alternative Name (not critical):\n" - "warning: SAN contains an embedded NUL, replacing with '!'\n" - " DNSname: localhost!h\n" - " Key Usage (not critical):\n" - " Key encipherment.\n" - " Key Purpose (not critical):\n" - " TLS WWW Server.\n" - " Subject Key Identifier (not critical):\n" - " 0c37a3db0f73b3388a69d36eb3a7d6d8774eda67\n" - " Authority Key Identifier (not critical):\n" - " 126b24d24a68b7a1b01ccdbfd64ccc405b7fe040\n" - " Basic Constraints (critical):\n" - " Certificate Authority (CA): FALSE\n" - " Signature Algorithm: RSA-SHA\n" - " Signature:\n" - " 88:a0:17:77:77:bf:c1:8a:18:4e:a3:94:6e:45:18:31\n" - " fa:2f:7b:1f:ee:95:20:d1:cd:40:df:ee:f0:45:2e:e9\n" - " e6:cf:c8:77:bd:85:16:d7:9f:18:52:78:3f:ea:9c:86\n" - " 62:6e:db:90:b0:cd:f1:c1:6f:2d:87:4a:a0:be:b3:dc\n" - " 6d:e4:6b:d1:da:b9:10:25:7e:35:1f:1b:aa:a7:09:2f\n" - " 84:77:27:b0:48:a8:6d:54:57:38:35:22:34:03:0f:d4\n" - " 5d:ab:1c:72:15:b1:d9:89:56:10:12:fb:7d:0d:18:12\n" - " a9:0a:38:dc:93:cf:69:ff:75:86:9e:e3:6b:eb:92:6c\n" - " 55:16:d5:65:8b:d7:9c:5e:4b:82:c8:92:6c:8b:e6:18\n" - " a2:f8:8c:65:aa:b6:eb:23:ed:cb:99:db:fc:8b:8e:1d\n" - " 7a:39:c9:f5:7b:7f:58:7b:ed:01:6c:3c:40:ec:e3:a9\n" - " 5f:c4:3d:cb:81:17:03:6d:2d:d7:bd:00:5f:c4:79:f2\n" - " fb:ab:c6:0e:a2:01:8b:a1:42:73:de:96:29:3e:bf:d7\n" - " d9:51:a7:d4:98:07:7f:f0:f4:cd:00:a1:e1:ac:6c:05\n" - " ac:ab:93:1b:b0:5c:2c:13:ad:ff:27:dc:80:99:34:66\n" - " bd:e3:31:54:d5:b6:3f:ce:d4:08:a3:52:28:61:5e:bd\n" - "Other Information:\n" - " MD5 fingerprint:\n" - " 0b4d6d944200cdd1639008b24dc0fe0a\n" - " SHA-1 fingerprint:\n" - " ce85660f5451b0cc12f525577f0eb9411a20c76b\n" - " Public Key ID:\n" - " a1d18c15e65c7c4935512eeea7ca5d3e6baad4e1\n" - "\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIDQzCCAiugAwIBAgIGC10Khw0JMA0GCSqGSIb3DQEBBQUAMGcxCzAJBgNVBAYT\n" - "Ak5OMTEwLwYDVQQKDChFZGVsIEN1cmwgQXJjdGljIElsbHVkaXVtIFJlc2VhcmNo\n" - "IENsb3VkMSUwIwYDVQQDDBxOb3RoZXJuIE5vd2hlcmUgVHJ1c3QgQW5jaG9yMB4X\n" - "DTA5MDgwNDIyMDczM1oXDTE3MTAyMTIyMDczM1owVDELMAkGA1UEBhMCTk4xMTAv\n" - "BgNVBAoMKEVkZWwgQ3VybCBBcmN0aWMgSWxsdWRpdW0gUmVzZWFyY2ggQ2xvdWQx\n" - "EjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n" - "vmc7tOrAhbTDVsGkliM29cZ3qq3lwd3OwZqXB90WkOvwOLWVa6YPuXNOfYJXq1+1\n" - "ulygSIyCd/1n2FNEYYalBhm/c1FoLhoKxQU5yj3Kg+0H/q63cx1g3aueDn4C82hC\n" - "kyfIX8X6y6mEBi/zZr3efSmCV0fkqd+/i7zARjNae4cCAwEAAaOBizCBiDAWBgNV\n" - "HREEDzANggtsb2NhbGhvc3QAaDALBgNVHQ8EBAMCBSAwEwYDVR0lBAwwCgYIKwYB\n" - "BQUHAwEwHQYDVR0OBBYEFAw3o9sPc7M4imnTbrOn1th3TtpnMB8GA1UdIwQYMBaA\n" - "FBJrJNJKaLehsBzNv9ZMzEBbf+BAMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEF\n" - "BQADggEBAIigF3d3v8GKGE6jlG5FGDH6L3sf7pUg0c1A3+7wRS7p5s/Id72FFtef\n" - "GFJ4P+qchmJu25CwzfHBby2HSqC+s9xt5GvR2rkQJX41HxuqpwkvhHcnsEiobVRX\n" - "ODUiNAMP1F2rHHIVsdmJVhAS+30NGBKpCjjck89p/3WGnuNr65JsVRbVZYvXnF5L\n" - "gsiSbIvmGKL4jGWqtusj7cuZ2/yLjh16Ocn1e39Ye+0BbDxA7OOpX8Q9y4EXA20t\n" - "170AX8R58vurxg6iAYuhQnPelik+v9fZUafUmAd/8PTNAKHhrGwFrKuTG7BcLBOt\n" - "/yfcgJk0Zr3jMVTVtj/O1AijUihhXr0=\n" "-----END CERTIFICATE-----\n"; - -char pem_too_many[] = "\n" - " Subject: C=BE,CN=******************.gnutls.org\n" - "\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIDljCCAk6gAwIBAgIETcMNdjANBgkqhkiG9w0BAQsFADA6MQswCQYDVQQGEwJC\n" - "RTErMCkGA1UEAxMiKioqKioqKioqKioqKioqKioqKioqKiouZ251dGxzLm9yZzAe\n" - "Fw0xMTA1MDUyMDQ5NTlaFw02NDAxMTUyMDUwMDJaMDoxCzAJBgNVBAYTAkJFMSsw\n" - "KQYDVQQDEyIqKioqKioqKioqKioqKioqKioqKioqKi5nbnV0bHMub3JnMIIBUjAN\n" - "BgkqhkiG9w0BAQEFAAOCAT8AMIIBOgKCATEA3c+X0qUdld2GGNjEua2mDLSdttz6\n" - "3CHhOmI0B+gzsuiX7ixB0hLxX+3kdv9lJh4Mx0EVaV8N+a2JFI3q1xZSmkfBuwAC\n" - "5IhFc3ikrts4w8YH0mQOh+10jGvEwAJQfE6m0Vjp5RMJqdta6usPBoBcCe+UyOn7\n" - "Ny514ayTrZs3E0tmOnYz2MTXTPthyJIhB/zfqYhU5KOpR9JsuOM5iRGIOC2i3D5e\n" - "SqmkjtUfstDdQTzaEGieRxtlAqLFKHMCgwMJ/fUpfpfcKk5LqnlGRnCGG5u49oq+\n" - "KYd9X9qll2vvyEMJQ+IfihZ+HVBd9doC7vLDKkjmazDqAtfvrIsMuMGF2L98hage\n" - "g75cJi55e0f1Sj9mYpL9QSC2LADwUsomBi18z3pQfQ/L3ZcgyG/k4FD04wIDAQAB\n" - "o0QwQjAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB0GA1UdDgQW\n" - "BBSSU9ZxufhoqrNT9o31OUVmnKflMTANBgkqhkiG9w0BAQsFAAOCATEAUMK435LP\n" - "0XpmpWLBBuC6VLLIsAGmXRv7odw8sG9fOctalsbK3zd9pDOaoFI/128GOmlTp1aC\n" - "n4a/pZ9G5wTKRvdxVqecdYkozDtAS35uwCSQPU/P12Oug6kA4NNJDxF3FGm5eov6\n" - "SnZDL0Qlhat9y0yOakaOkVNwESAwgUEYClZeR45htvH5oP48XEgwqHQ9jPS2MXAe\n" - "QLBjqqeYzIvWqwT4z14tIkN0VWWqqVo/dzV+lfNwQy0UL8iWVYnks8wKs2SBkVHx\n" - "41wBR3uCgCDwlYGDLIG1cm0n7mXrnE7KNcrwQKXL8WGNRAVvx5MVO1vDoWPyQ1Y4\n" - "sDdnQiVER9ee/KxO6IgCTGh+nCBTSSYgLX2E/m789quPvzyi9Hf/go28he6E3dSK\n" - "q7/LRSxaZenB/Q==\n" "-----END CERTIFICATE-----\n"; - -char pem_ips[] = "\n" - "X.509 Certificate Information:\n" - " Version: 3\n" - " Serial Number (hex): 00\n" - " Issuer: CN=server-0\n" - " Validity:\n" - " Not Before: Fri Jun 27 09:14:36 UTC 2014\n" - " Not After: Fri Dec 31 23:59:59 UTC 9999\n" - " Subject: CN=server-0\n" - " Subject Public Key Algorithm: RSA\n" - " Algorithm Security Level: Medium (2048 bits)\n" - " Modulus (bits 2048):\n" - " 00:c1:56:12:f6:c3:c7:e3:4c:7e:ff:04:4e:88:1d:67\n" - " a7:f3:4d:64:cc:12:a7:ff:50:aa:5c:31:b9:3c:d1:d1\n" - " ba:78:2c:7d:dd:54:4a:cd:5a:f2:38:8b:b2:c5:26:7e\n" - " 25:05:36:b6:92:e6:1d:c3:00:39:a0:c5:1c:b5:63:3d\n" - " 00:e9:b4:b5:75:a7:14:b1:ff:a0:03:9d:ba:77:da:e5\n" - " de:21:fb:56:da:06:9d:84:57:53:3d:08:45:45:20:fd\n" - " e7:60:65:2e:55:60:db:d3:91:da:64:ff:c4:42:42:54\n" - " 77:cb:47:54:68:1e:b4:62:ad:8a:3c:0a:28:89:cb:d3\n" - " 81:d3:15:9a:1d:67:90:51:83:90:6d:fb:a1:0e:54:6b\n" - " 29:d7:ef:79:19:14:f6:0d:82:73:8f:79:58:0e:af:0e\n" - " cc:bd:17:ab:b5:a2:1f:76:a1:9f:4b:7b:e8:f9:7b:28\n" - " 56:cc:f1:5b:0e:93:c9:e5:44:2f:2d:0a:22:7d:0b:2b\n" - " 30:84:c3:1e:d6:4d:63:5b:41:51:83:d4:b5:09:f4:cc\n" - " ab:ad:51:1b:8e:a1:f6:b1:27:5b:43:3c:bc:ae:10:93\n" - " d4:ce:3b:10:ca:3f:22:dd:9e:a8:3f:4a:a6:a8:cd:8f\n" - " d0:6a:e0:40:26:28:0f:af:0e:13:e1:ac:b9:ac:41:cc\n" - " 5d\n" - " Exponent (bits 24):\n" - " 01:00:01\n" - " Extensions:\n" - " Basic Constraints (critical):\n" - " Certificate Authority (CA): TRUE\n" - " Subject Alternative Name (not critical):\n" - " IPAddress: 127.0.0.1\n" - " IPAddress: 192.168.5.1\n" - " IPAddress: 10.100.2.5\n" - " IPAddress: 0:0:0:0:0:0:0:1\n" - " IPAddress: fe80:0:0:0:3e97:eff:fe18:359a\n" - " Key Usage (critical):\n" - " Certificate signing.\n" - " Subject Key Identifier (not critical):\n" - " bd3d0b6cab6b33d8a8e1ed15b7ab17587cc2a09f\n" - " Signature Algorithm: RSA-SHA256\n" - " Signature:\n" - " 02:22:52:4b:69:e5:4f:f8:17:0a:46:34:d1:ec:6b:f5\n" - " ae:5b:fc:e2:00:ca:1f:f0:1d:74:91:9c:85:0a:a7:06\n" - " 3d:fa:93:0d:35:85:ea:3e:01:9f:9e:bc:52:72:95:b2\n" - " 8a:3a:78:6e:d2:5d:4d:60:88:2b:be:6f:68:75:c7:19\n" - " ac:c9:ea:ab:74:f6:62:4d:30:1e:87:e4:70:1e:96:f4\n" - " 0b:48:ef:c9:28:14:6f:fa:c1:7b:d3:ef:b3:d8:52:90\n" - " 5d:20:d0:aa:8b:10:ab:74:86:46:be:cb:6c:93:54:60\n" - " bc:6e:d6:4d:b2:1e:25:65:38:52:5b:6c:b4:57:8f:0f\n" - " 26:4f:36:ea:42:eb:71:68:93:f3:a9:7a:66:5c:b6:07\n" - " 7d:15:b5:f4:b8:5c:7c:e0:cd:d0:fa:5b:2a:6b:fd:4c\n" - " 71:12:45:d0:37:9e:cf:90:59:6e:fd:ba:3a:8b:ca:37\n" - " 01:cc:6f:e0:32:c7:9e:a4:ea:61:2c:e5:ad:66:73:80\n" - " 5c:5e:0c:44:ec:c2:74:b8:fe:6e:66:af:76:cc:30:10\n" - " 1f:3a:ac:34:36:e6:5b:72:f3:ee:5a:68:c3:43:37:56\n" - " c3:08:02:3c:96:1c:27:18:d0:38:fa:d7:51:4e:82:7d\n" - " fc:81:a2:23:c5:05:80:0e:b4:ba:d3:19:39:74:9c:74\n" - "Other Information:\n" - " SHA1 fingerprint:\n" - " 43536dd4198f6064c117c3825020b14c108f9a34\n" - " SHA256 fingerprint:\n" - " 5ab6626aa069da15650edcfff7305767ff5b8d338289f851a624ea89b50ff06a\n" - " Public Key ID:\n" - " bd3d0b6cab6b33d8a8e1ed15b7ab17587cc2a09f\n" - " Public key's random art:\n" - " +--[ RSA 2048]----+\n" - " | |\n" - " | . |\n" - " | . + |\n" - " | . .= . |\n" - " | .S+oo |\n" - " | E+.+ |\n" - " | . +. *.o |\n" - " | . oo.=..+ o |\n" - " | ooo.+Bo . |\n" - " +-----------------+\n" - "\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIDKzCCAhOgAwIBAgIBADANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDEwhzZXJ2\n" - "ZXItMDAiGA8yMDE0MDYyNzA5MTQzNloYDzk5OTkxMjMxMjM1OTU5WjATMREwDwYD\n" - "VQQDEwhzZXJ2ZXItMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMFW\n" - "EvbDx+NMfv8ETogdZ6fzTWTMEqf/UKpcMbk80dG6eCx93VRKzVryOIuyxSZ+JQU2\n" - "tpLmHcMAOaDFHLVjPQDptLV1pxSx/6ADnbp32uXeIftW2gadhFdTPQhFRSD952Bl\n" - "LlVg29OR2mT/xEJCVHfLR1RoHrRirYo8CiiJy9OB0xWaHWeQUYOQbfuhDlRrKdfv\n" - "eRkU9g2Cc495WA6vDsy9F6u1oh92oZ9Le+j5eyhWzPFbDpPJ5UQvLQoifQsrMITD\n" - "HtZNY1tBUYPUtQn0zKutURuOofaxJ1tDPLyuEJPUzjsQyj8i3Z6oP0qmqM2P0Grg\n" - "QCYoD68OE+GsuaxBzF0CAwEAAaOBhTCBgjAPBgNVHRMBAf8EBTADAQH/MD8GA1Ud\n" - "EQQ4MDaHBH8AAAGHBMCoBQGHBApkAgWHEAAAAAAAAAAAAAAAAAAAAAGHEP6AAAAA\n" - "AAAAPpcO//4YNZowDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUvT0LbKtrM9io\n" - "4e0Vt6sXWHzCoJ8wDQYJKoZIhvcNAQELBQADggEBAAIiUktp5U/4FwpGNNHsa/Wu\n" - "W/ziAMof8B10kZyFCqcGPfqTDTWF6j4Bn568UnKVsoo6eG7SXU1giCu+b2h1xxms\n" - "yeqrdPZiTTAeh+RwHpb0C0jvySgUb/rBe9Pvs9hSkF0g0KqLEKt0hka+y2yTVGC8\n" - "btZNsh4lZThSW2y0V48PJk826kLrcWiT86l6Zly2B30VtfS4XHzgzdD6Wypr/Uxx\n" - "EkXQN57PkFlu/bo6i8o3Acxv4DLHnqTqYSzlrWZzgFxeDETswnS4/m5mr3bMMBAf\n" - "Oqw0NuZbcvPuWmjDQzdWwwgCPJYcJxjQOPrXUU6CffyBoiPFBYAOtLrTGTl0nHQ=\n" - "-----END CERTIFICATE-----\n" ""; - -char multi_cns[] = "\n" - "Subject: CN=www.example.com,CN=www.example2.com,CN=www.example3.com\n" - "\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIDXzCCAkegAwIBAgIMU+p6uAg2JlqRhAbAMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTAwIhgPMjAxNDA4MTIyMDM2MDhaGA85OTk5MTIzMTIzNTk1OVow\n" - "UDEYMBYGA1UEAxMPd3d3LmV4YW1wbGUuY29tMRkwFwYDVQQDExB3d3cuZXhhbXBs\n" - "ZTIuY29tMRkwFwYDVQQDExB3d3cuZXhhbXBsZTMuY29tMIIBIjANBgkqhkiG9w0B\n" - "AQEFAAOCAQ8AMIIBCgKCAQEAqP5QQUqIS2lquM8hYbDHljqHBDWlGtr167DDPwix\n" - "oIlnq84Xr1zI5zpJ2t/3U5kGTbRJiVroQCh3cVhiQyGTPSJPK+CJGi3diw5Vc2rK\n" - "oAPxaFtaxvE36mLLH2SSuc49b6hhlRpXdWE0TgnsvJojL5V20/CZI23T27fl+DjT\n" - "MduU92qH8wdCgp7q3sHZvtvTZuFM+edYvKZjhUz8P7JwiamG0A2UH+NiyicdAOxc\n" - "+lfwfoyetJdTHLfwxdCXT4X91xGd9eOW9lIL5BqLuAArODTcmHDmiXpXEO/sEyHq\n" - "L96Eawjon0Gz4IRNq7/kwDjSPJOIN0GHq6DtNmXl6J0C5wIDAQABo3YwdDAMBgNV\n" - "HRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMHoAAw\n" - "HQYDVR0OBBYEFH6NTStc4XH/M74Meat1sT2o53fUMB8GA1UdIwQYMBaAFK8aMLKE\n" - "hAwWmkzQxRkQ1/efnumUMA0GCSqGSIb3DQEBCwUAA4IBAQBdHknM+rddB0ET+UI2\n" - "Or8qSNjkqBHwsZqb4hJozXFS35a1CJPQuxPzY13eHpiIfmdWL2EpKnLOU8vtAW9e\n" - "qpozMGDyrAuZhxsXUtInbF15C+Yuw9/sqCPK44b5DCtDf6J/N8m8FvdwqO803z1D\n" - "MGcSpES5I68+N3dwSRFYNpSLA1ul5MSlnmoffml959kx9hZNcI4N/UqkO1LMCKXX\n" - "Nf8kGFyLdPjANcIwL5sqP+Dp4HP3wdf7Ny+KFCZ6zDbpa53gb3G0naMdllK8BMfI\n" - "AQ4Y07zSA4K1QMdxeqaMgPIcCDLoKiMXAXNa42+K04F6SOkTjsVx9b5m0oynLt0u\n" - "MUjE\n" "-----END CERTIFICATE-----\n"; + "X.509 Certificate Information:\n" + " Version: 3\n" + " Serial Number (hex): 0b5d0a870d09\n" + " Issuer: C=NN,O=Edel Curl Arctic Illudium Research Cloud,CN=Northern Nowhere Trust Anchor\n" + " Validity:\n" + " Not Before: Tue Aug 04 22:07:33 UTC 2009\n" + " Not After: Sat Oct 21 22:07:33 UTC 2017\n" + " Subject: C=NN,O=Edel Curl Arctic Illudium Research Cloud,CN=localhost\n" + " Subject Public Key Algorithm: RSA\n" + " Modulus (bits 1024):\n" + " be:67:3b:b4:ea:c0:85:b4:c3:56:c1:a4:96:23:36:f5\n" + " c6:77:aa:ad:e5:c1:dd:ce:c1:9a:97:07:dd:16:90:eb\n" + " f0:38:b5:95:6b:a6:0f:b9:73:4e:7d:82:57:ab:5f:b5\n" + " ba:5c:a0:48:8c:82:77:fd:67:d8:53:44:61:86:a5:06\n" + " 19:bf:73:51:68:2e:1a:0a:c5:05:39:ca:3d:ca:83:ed\n" + " 07:fe:ae:b7:73:1d:60:dd:ab:9e:0e:7e:02:f3:68:42\n" + " 93:27:c8:5f:c5:fa:cb:a9:84:06:2f:f3:66:bd:de:7d\n" + " 29:82:57:47:e4:a9:df:bf:8b:bc:c0:46:33:5a:7b:87\n" + " Exponent (bits 24):\n" + " 01:00:01\n" + " Extensions:\n" + " Subject Alternative Name (not critical):\n" + "warning: SAN contains an embedded NUL, replacing with '!'\n" + " DNSname: localhost!h\n" + " Key Usage (not critical):\n" + " Key encipherment.\n" + " Key Purpose (not critical):\n" + " TLS WWW Server.\n" + " Subject Key Identifier (not critical):\n" + " 0c37a3db0f73b3388a69d36eb3a7d6d8774eda67\n" + " Authority Key Identifier (not critical):\n" + " 126b24d24a68b7a1b01ccdbfd64ccc405b7fe040\n" + " Basic Constraints (critical):\n" + " Certificate Authority (CA): FALSE\n" + " Signature Algorithm: RSA-SHA\n" + " Signature:\n" + " 88:a0:17:77:77:bf:c1:8a:18:4e:a3:94:6e:45:18:31\n" + " fa:2f:7b:1f:ee:95:20:d1:cd:40:df:ee:f0:45:2e:e9\n" + " e6:cf:c8:77:bd:85:16:d7:9f:18:52:78:3f:ea:9c:86\n" + " 62:6e:db:90:b0:cd:f1:c1:6f:2d:87:4a:a0:be:b3:dc\n" + " 6d:e4:6b:d1:da:b9:10:25:7e:35:1f:1b:aa:a7:09:2f\n" + " 84:77:27:b0:48:a8:6d:54:57:38:35:22:34:03:0f:d4\n" + " 5d:ab:1c:72:15:b1:d9:89:56:10:12:fb:7d:0d:18:12\n" + " a9:0a:38:dc:93:cf:69:ff:75:86:9e:e3:6b:eb:92:6c\n" + " 55:16:d5:65:8b:d7:9c:5e:4b:82:c8:92:6c:8b:e6:18\n" + " a2:f8:8c:65:aa:b6:eb:23:ed:cb:99:db:fc:8b:8e:1d\n" + " 7a:39:c9:f5:7b:7f:58:7b:ed:01:6c:3c:40:ec:e3:a9\n" + " 5f:c4:3d:cb:81:17:03:6d:2d:d7:bd:00:5f:c4:79:f2\n" + " fb:ab:c6:0e:a2:01:8b:a1:42:73:de:96:29:3e:bf:d7\n" + " d9:51:a7:d4:98:07:7f:f0:f4:cd:00:a1:e1:ac:6c:05\n" + " ac:ab:93:1b:b0:5c:2c:13:ad:ff:27:dc:80:99:34:66\n" + " bd:e3:31:54:d5:b6:3f:ce:d4:08:a3:52:28:61:5e:bd\n" + "Other Information:\n" + " MD5 fingerprint:\n" + " 0b4d6d944200cdd1639008b24dc0fe0a\n" + " SHA-1 fingerprint:\n" + " ce85660f5451b0cc12f525577f0eb9411a20c76b\n" + " Public Key ID:\n" + " a1d18c15e65c7c4935512eeea7ca5d3e6baad4e1\n" + "\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIDQzCCAiugAwIBAgIGC10Khw0JMA0GCSqGSIb3DQEBBQUAMGcxCzAJBgNVBAYT\n" + "Ak5OMTEwLwYDVQQKDChFZGVsIEN1cmwgQXJjdGljIElsbHVkaXVtIFJlc2VhcmNo\n" + "IENsb3VkMSUwIwYDVQQDDBxOb3RoZXJuIE5vd2hlcmUgVHJ1c3QgQW5jaG9yMB4X\n" + "DTA5MDgwNDIyMDczM1oXDTE3MTAyMTIyMDczM1owVDELMAkGA1UEBhMCTk4xMTAv\n" + "BgNVBAoMKEVkZWwgQ3VybCBBcmN0aWMgSWxsdWRpdW0gUmVzZWFyY2ggQ2xvdWQx\n" + "EjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n" + "vmc7tOrAhbTDVsGkliM29cZ3qq3lwd3OwZqXB90WkOvwOLWVa6YPuXNOfYJXq1+1\n" + "ulygSIyCd/1n2FNEYYalBhm/c1FoLhoKxQU5yj3Kg+0H/q63cx1g3aueDn4C82hC\n" + "kyfIX8X6y6mEBi/zZr3efSmCV0fkqd+/i7zARjNae4cCAwEAAaOBizCBiDAWBgNV\n" + "HREEDzANggtsb2NhbGhvc3QAaDALBgNVHQ8EBAMCBSAwEwYDVR0lBAwwCgYIKwYB\n" + "BQUHAwEwHQYDVR0OBBYEFAw3o9sPc7M4imnTbrOn1th3TtpnMB8GA1UdIwQYMBaA\n" + "FBJrJNJKaLehsBzNv9ZMzEBbf+BAMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEF\n" + "BQADggEBAIigF3d3v8GKGE6jlG5FGDH6L3sf7pUg0c1A3+7wRS7p5s/Id72FFtef\n" + "GFJ4P+qchmJu25CwzfHBby2HSqC+s9xt5GvR2rkQJX41HxuqpwkvhHcnsEiobVRX\n" + "ODUiNAMP1F2rHHIVsdmJVhAS+30NGBKpCjjck89p/3WGnuNr65JsVRbVZYvXnF5L\n" + "gsiSbIvmGKL4jGWqtusj7cuZ2/yLjh16Ocn1e39Ye+0BbDxA7OOpX8Q9y4EXA20t\n" + "170AX8R58vurxg6iAYuhQnPelik+v9fZUafUmAd/8PTNAKHhrGwFrKuTG7BcLBOt\n" + "/yfcgJk0Zr3jMVTVtj/O1AijUihhXr0=\n" + "-----END CERTIFICATE-----\n"; + +char pem_too_many[] = + "\n" + " Subject: C=BE,CN=******************.gnutls.org\n" + "\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIDljCCAk6gAwIBAgIETcMNdjANBgkqhkiG9w0BAQsFADA6MQswCQYDVQQGEwJC\n" + "RTErMCkGA1UEAxMiKioqKioqKioqKioqKioqKioqKioqKiouZ251dGxzLm9yZzAe\n" + "Fw0xMTA1MDUyMDQ5NTlaFw02NDAxMTUyMDUwMDJaMDoxCzAJBgNVBAYTAkJFMSsw\n" + "KQYDVQQDEyIqKioqKioqKioqKioqKioqKioqKioqKi5nbnV0bHMub3JnMIIBUjAN\n" + "BgkqhkiG9w0BAQEFAAOCAT8AMIIBOgKCATEA3c+X0qUdld2GGNjEua2mDLSdttz6\n" + "3CHhOmI0B+gzsuiX7ixB0hLxX+3kdv9lJh4Mx0EVaV8N+a2JFI3q1xZSmkfBuwAC\n" + "5IhFc3ikrts4w8YH0mQOh+10jGvEwAJQfE6m0Vjp5RMJqdta6usPBoBcCe+UyOn7\n" + "Ny514ayTrZs3E0tmOnYz2MTXTPthyJIhB/zfqYhU5KOpR9JsuOM5iRGIOC2i3D5e\n" + "SqmkjtUfstDdQTzaEGieRxtlAqLFKHMCgwMJ/fUpfpfcKk5LqnlGRnCGG5u49oq+\n" + "KYd9X9qll2vvyEMJQ+IfihZ+HVBd9doC7vLDKkjmazDqAtfvrIsMuMGF2L98hage\n" + "g75cJi55e0f1Sj9mYpL9QSC2LADwUsomBi18z3pQfQ/L3ZcgyG/k4FD04wIDAQAB\n" + "o0QwQjAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB0GA1UdDgQW\n" + "BBSSU9ZxufhoqrNT9o31OUVmnKflMTANBgkqhkiG9w0BAQsFAAOCATEAUMK435LP\n" + "0XpmpWLBBuC6VLLIsAGmXRv7odw8sG9fOctalsbK3zd9pDOaoFI/128GOmlTp1aC\n" + "n4a/pZ9G5wTKRvdxVqecdYkozDtAS35uwCSQPU/P12Oug6kA4NNJDxF3FGm5eov6\n" + "SnZDL0Qlhat9y0yOakaOkVNwESAwgUEYClZeR45htvH5oP48XEgwqHQ9jPS2MXAe\n" + "QLBjqqeYzIvWqwT4z14tIkN0VWWqqVo/dzV+lfNwQy0UL8iWVYnks8wKs2SBkVHx\n" + "41wBR3uCgCDwlYGDLIG1cm0n7mXrnE7KNcrwQKXL8WGNRAVvx5MVO1vDoWPyQ1Y4\n" + "sDdnQiVER9ee/KxO6IgCTGh+nCBTSSYgLX2E/m789quPvzyi9Hf/go28he6E3dSK\n" + "q7/LRSxaZenB/Q==\n" + "-----END CERTIFICATE-----\n"; + +char pem_ips[] = + "\n" + "X.509 Certificate Information:\n" + " Version: 3\n" + " Serial Number (hex): 00\n" + " Issuer: CN=server-0\n" + " Validity:\n" + " Not Before: Fri Jun 27 09:14:36 UTC 2014\n" + " Not After: Fri Dec 31 23:59:59 UTC 9999\n" + " Subject: CN=server-0\n" + " Subject Public Key Algorithm: RSA\n" + " Algorithm Security Level: Medium (2048 bits)\n" + " Modulus (bits 2048):\n" + " 00:c1:56:12:f6:c3:c7:e3:4c:7e:ff:04:4e:88:1d:67\n" + " a7:f3:4d:64:cc:12:a7:ff:50:aa:5c:31:b9:3c:d1:d1\n" + " ba:78:2c:7d:dd:54:4a:cd:5a:f2:38:8b:b2:c5:26:7e\n" + " 25:05:36:b6:92:e6:1d:c3:00:39:a0:c5:1c:b5:63:3d\n" + " 00:e9:b4:b5:75:a7:14:b1:ff:a0:03:9d:ba:77:da:e5\n" + " de:21:fb:56:da:06:9d:84:57:53:3d:08:45:45:20:fd\n" + " e7:60:65:2e:55:60:db:d3:91:da:64:ff:c4:42:42:54\n" + " 77:cb:47:54:68:1e:b4:62:ad:8a:3c:0a:28:89:cb:d3\n" + " 81:d3:15:9a:1d:67:90:51:83:90:6d:fb:a1:0e:54:6b\n" + " 29:d7:ef:79:19:14:f6:0d:82:73:8f:79:58:0e:af:0e\n" + " cc:bd:17:ab:b5:a2:1f:76:a1:9f:4b:7b:e8:f9:7b:28\n" + " 56:cc:f1:5b:0e:93:c9:e5:44:2f:2d:0a:22:7d:0b:2b\n" + " 30:84:c3:1e:d6:4d:63:5b:41:51:83:d4:b5:09:f4:cc\n" + " ab:ad:51:1b:8e:a1:f6:b1:27:5b:43:3c:bc:ae:10:93\n" + " d4:ce:3b:10:ca:3f:22:dd:9e:a8:3f:4a:a6:a8:cd:8f\n" + " d0:6a:e0:40:26:28:0f:af:0e:13:e1:ac:b9:ac:41:cc\n" + " 5d\n" + " Exponent (bits 24):\n" + " 01:00:01\n" + " Extensions:\n" + " Basic Constraints (critical):\n" + " Certificate Authority (CA): TRUE\n" + " Subject Alternative Name (not critical):\n" + " IPAddress: 127.0.0.1\n" + " IPAddress: 192.168.5.1\n" + " IPAddress: 10.100.2.5\n" + " IPAddress: 0:0:0:0:0:0:0:1\n" + " IPAddress: fe80:0:0:0:3e97:eff:fe18:359a\n" + " Key Usage (critical):\n" + " Certificate signing.\n" + " Subject Key Identifier (not critical):\n" + " bd3d0b6cab6b33d8a8e1ed15b7ab17587cc2a09f\n" + " Signature Algorithm: RSA-SHA256\n" + " Signature:\n" + " 02:22:52:4b:69:e5:4f:f8:17:0a:46:34:d1:ec:6b:f5\n" + " ae:5b:fc:e2:00:ca:1f:f0:1d:74:91:9c:85:0a:a7:06\n" + " 3d:fa:93:0d:35:85:ea:3e:01:9f:9e:bc:52:72:95:b2\n" + " 8a:3a:78:6e:d2:5d:4d:60:88:2b:be:6f:68:75:c7:19\n" + " ac:c9:ea:ab:74:f6:62:4d:30:1e:87:e4:70:1e:96:f4\n" + " 0b:48:ef:c9:28:14:6f:fa:c1:7b:d3:ef:b3:d8:52:90\n" + " 5d:20:d0:aa:8b:10:ab:74:86:46:be:cb:6c:93:54:60\n" + " bc:6e:d6:4d:b2:1e:25:65:38:52:5b:6c:b4:57:8f:0f\n" + " 26:4f:36:ea:42:eb:71:68:93:f3:a9:7a:66:5c:b6:07\n" + " 7d:15:b5:f4:b8:5c:7c:e0:cd:d0:fa:5b:2a:6b:fd:4c\n" + " 71:12:45:d0:37:9e:cf:90:59:6e:fd:ba:3a:8b:ca:37\n" + " 01:cc:6f:e0:32:c7:9e:a4:ea:61:2c:e5:ad:66:73:80\n" + " 5c:5e:0c:44:ec:c2:74:b8:fe:6e:66:af:76:cc:30:10\n" + " 1f:3a:ac:34:36:e6:5b:72:f3:ee:5a:68:c3:43:37:56\n" + " c3:08:02:3c:96:1c:27:18:d0:38:fa:d7:51:4e:82:7d\n" + " fc:81:a2:23:c5:05:80:0e:b4:ba:d3:19:39:74:9c:74\n" + "Other Information:\n" + " SHA1 fingerprint:\n" + " 43536dd4198f6064c117c3825020b14c108f9a34\n" + " SHA256 fingerprint:\n" + " 5ab6626aa069da15650edcfff7305767ff5b8d338289f851a624ea89b50ff06a\n" + " Public Key ID:\n" + " bd3d0b6cab6b33d8a8e1ed15b7ab17587cc2a09f\n" + " Public key's random art:\n" + " +--[ RSA 2048]----+\n" + " | |\n" + " | . |\n" + " | . + |\n" + " | . .= . |\n" + " | .S+oo |\n" + " | E+.+ |\n" + " | . +. *.o |\n" + " | . oo.=..+ o |\n" + " | ooo.+Bo . |\n" + " +-----------------+\n" + "\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIDKzCCAhOgAwIBAgIBADANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDEwhzZXJ2\n" + "ZXItMDAiGA8yMDE0MDYyNzA5MTQzNloYDzk5OTkxMjMxMjM1OTU5WjATMREwDwYD\n" + "VQQDEwhzZXJ2ZXItMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMFW\n" + "EvbDx+NMfv8ETogdZ6fzTWTMEqf/UKpcMbk80dG6eCx93VRKzVryOIuyxSZ+JQU2\n" + "tpLmHcMAOaDFHLVjPQDptLV1pxSx/6ADnbp32uXeIftW2gadhFdTPQhFRSD952Bl\n" + "LlVg29OR2mT/xEJCVHfLR1RoHrRirYo8CiiJy9OB0xWaHWeQUYOQbfuhDlRrKdfv\n" + "eRkU9g2Cc495WA6vDsy9F6u1oh92oZ9Le+j5eyhWzPFbDpPJ5UQvLQoifQsrMITD\n" + "HtZNY1tBUYPUtQn0zKutURuOofaxJ1tDPLyuEJPUzjsQyj8i3Z6oP0qmqM2P0Grg\n" + "QCYoD68OE+GsuaxBzF0CAwEAAaOBhTCBgjAPBgNVHRMBAf8EBTADAQH/MD8GA1Ud\n" + "EQQ4MDaHBH8AAAGHBMCoBQGHBApkAgWHEAAAAAAAAAAAAAAAAAAAAAGHEP6AAAAA\n" + "AAAAPpcO//4YNZowDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUvT0LbKtrM9io\n" + "4e0Vt6sXWHzCoJ8wDQYJKoZIhvcNAQELBQADggEBAAIiUktp5U/4FwpGNNHsa/Wu\n" + "W/ziAMof8B10kZyFCqcGPfqTDTWF6j4Bn568UnKVsoo6eG7SXU1giCu+b2h1xxms\n" + "yeqrdPZiTTAeh+RwHpb0C0jvySgUb/rBe9Pvs9hSkF0g0KqLEKt0hka+y2yTVGC8\n" + "btZNsh4lZThSW2y0V48PJk826kLrcWiT86l6Zly2B30VtfS4XHzgzdD6Wypr/Uxx\n" + "EkXQN57PkFlu/bo6i8o3Acxv4DLHnqTqYSzlrWZzgFxeDETswnS4/m5mr3bMMBAf\n" + "Oqw0NuZbcvPuWmjDQzdWwwgCPJYcJxjQOPrXUU6CffyBoiPFBYAOtLrTGTl0nHQ=\n" + "-----END CERTIFICATE-----\n" + ""; + +char multi_cns[] = + "\n" + "Subject: CN=www.example.com,CN=www.example2.com,CN=www.example3.com\n" + "\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIDXzCCAkegAwIBAgIMU+p6uAg2JlqRhAbAMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTAwIhgPMjAxNDA4MTIyMDM2MDhaGA85OTk5MTIzMTIzNTk1OVow\n" + "UDEYMBYGA1UEAxMPd3d3LmV4YW1wbGUuY29tMRkwFwYDVQQDExB3d3cuZXhhbXBs\n" + "ZTIuY29tMRkwFwYDVQQDExB3d3cuZXhhbXBsZTMuY29tMIIBIjANBgkqhkiG9w0B\n" + "AQEFAAOCAQ8AMIIBCgKCAQEAqP5QQUqIS2lquM8hYbDHljqHBDWlGtr167DDPwix\n" + "oIlnq84Xr1zI5zpJ2t/3U5kGTbRJiVroQCh3cVhiQyGTPSJPK+CJGi3diw5Vc2rK\n" + "oAPxaFtaxvE36mLLH2SSuc49b6hhlRpXdWE0TgnsvJojL5V20/CZI23T27fl+DjT\n" + "MduU92qH8wdCgp7q3sHZvtvTZuFM+edYvKZjhUz8P7JwiamG0A2UH+NiyicdAOxc\n" + "+lfwfoyetJdTHLfwxdCXT4X91xGd9eOW9lIL5BqLuAArODTcmHDmiXpXEO/sEyHq\n" + "L96Eawjon0Gz4IRNq7/kwDjSPJOIN0GHq6DtNmXl6J0C5wIDAQABo3YwdDAMBgNV\n" + "HRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMHoAAw\n" + "HQYDVR0OBBYEFH6NTStc4XH/M74Meat1sT2o53fUMB8GA1UdIwQYMBaAFK8aMLKE\n" + "hAwWmkzQxRkQ1/efnumUMA0GCSqGSIb3DQEBCwUAA4IBAQBdHknM+rddB0ET+UI2\n" + "Or8qSNjkqBHwsZqb4hJozXFS35a1CJPQuxPzY13eHpiIfmdWL2EpKnLOU8vtAW9e\n" + "qpozMGDyrAuZhxsXUtInbF15C+Yuw9/sqCPK44b5DCtDf6J/N8m8FvdwqO803z1D\n" + "MGcSpES5I68+N3dwSRFYNpSLA1ul5MSlnmoffml959kx9hZNcI4N/UqkO1LMCKXX\n" + "Nf8kGFyLdPjANcIwL5sqP+Dp4HP3wdf7Ny+KFCZ6zDbpa53gb3G0naMdllK8BMfI\n" + "AQ4Y07zSA4K1QMdxeqaMgPIcCDLoKiMXAXNa42+K04F6SOkTjsVx9b5m0oynLt0u\n" + "MUjE\n" + "-----END CERTIFICATE-----\n"; char txt_ip_in_names[] = - "Subject: CN=172.15.1.1\n" - "Subject Alternative Name (not critical):\n" - " DNSname: 172.15.2.1\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIEJDCCAoygAwIBAgIMWQXA/TIEZUXpwL2dMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTEwIBcNMTcwNDMwMTA0ODI5WhgPOTk5OTEyMzEyMzU5NTlaMBUx\n" - "EzARBgNVBAMTCjE3Mi4xNS4xLjEwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGK\n" - "AoIBgQDP3DsT65aY+fHi6FivWbypF71T9UjAGYcho7XXPUCvBr6xQbyERZjb08qn\n" - "RPvVDaiLeDfVve44gSho70t+fxMsCYZqkf9HN4aUzuxx2fHgMBCwyrhgm9zZ/zgA\n" - "D92oXOPem2mKNjPavXtthqvgvwu6HmpJDd+YYR7FFbkgZswrqjd+lg0z+PGt5Xee\n" - "LW3amPZINyc5Rai+LMlYIU29YK9G+CM3XVPQ8ygsQva+4/YoU1DVQRXFYTO1ERdn\n" - "QDV9kmJKvQOxbjchNkLLMdBWee/WpJtBDE4KcidAsbd/6eUIINVAD7Nm5uE39mDv\n" - "2ld4vup4j4A5dQNVhUd6iIYfkkwp9NnGMNGpgvSudPSHH8sFlfxXD8ysbD2wHeXL\n" - "S0Q4Ejypij7tEzy5KdUWqft1QqClHawc2hZ9KKnCHW3xoUsAWxcTIlsgqUUJOkXR\n" - "Qij2N+0SKrn6M6DSOiklCCunLUCUCceM7fiwYndhNFm5YvZq+m+Afnvxk5V7RnBu\n" - "DLoxPxkCAwEAAaN4MHYwDAYDVR0TAQH/BAIwADAVBgNVHREEDjAMggoxNzIuMTUu\n" - "Mi4xMA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFFqnqgPcjDWmHm0PJNxKNeEx\n" - "Msk1MB8GA1UdIwQYMBaAFOnh1ZODb8QbrqHBHpWyyrEVTpanMA0GCSqGSIb3DQEB\n" - "CwUAA4IBgQArsZSxJdZ1W+y3m+y6f1Me3FB/XUscpHQ9cS0wlaikeqBvIru5zp7U\n" - "tLT8qRS7Q8fxsL6LWiOmW5Izi4A51DYJQ9bUEqSIbp9SIV78u5v0oO1bnb7d5SV+\n" - "BZm/zYuox2uTT9PSoB+iqQXUJ7brWdKe0NdPAzRpM928CqWJLPw0gn41GOIPN6wS\n" - "IH29CvqRABkxzIsI8IcxHb3/F+DxTnq6aICoWe2XPeL+RqB7moP6YAC9W/r+hds2\n" - "m8Gok+rGuG3VXk2vc/j1LRnGZfpCQV2L7e7b5eLyQ2Ce46fnxkQSTt4tc0//FTfr\n" - "6X9624hAOV6MSlkPHNBwVE42z8KsxJfPxeHX+YzFBXqBiQ/r/TvOHDt5Tsny6lXh\n" - "TDqlJ3NwdS/K9PAlLqhDiZwwakUS9lEY6IC7biP7mxNM8npzlqogfS07XTJgGxgb\n" - "FtcITJKW0NPA8cnyEAt9jcgaDWw/xbVV+pIytFuGL8pjHEQ4H9Ymu6ifLNlkyu/e\n" - "3XYCeqo17QE=\n" "-----END CERTIFICATE-----\n"; + "Subject: CN=172.15.1.1\n" + "Subject Alternative Name (not critical):\n" + " DNSname: 172.15.2.1\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIEJDCCAoygAwIBAgIMWQXA/TIEZUXpwL2dMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTEwIBcNMTcwNDMwMTA0ODI5WhgPOTk5OTEyMzEyMzU5NTlaMBUx\n" + "EzARBgNVBAMTCjE3Mi4xNS4xLjEwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGK\n" + "AoIBgQDP3DsT65aY+fHi6FivWbypF71T9UjAGYcho7XXPUCvBr6xQbyERZjb08qn\n" + "RPvVDaiLeDfVve44gSho70t+fxMsCYZqkf9HN4aUzuxx2fHgMBCwyrhgm9zZ/zgA\n" + "D92oXOPem2mKNjPavXtthqvgvwu6HmpJDd+YYR7FFbkgZswrqjd+lg0z+PGt5Xee\n" + "LW3amPZINyc5Rai+LMlYIU29YK9G+CM3XVPQ8ygsQva+4/YoU1DVQRXFYTO1ERdn\n" + "QDV9kmJKvQOxbjchNkLLMdBWee/WpJtBDE4KcidAsbd/6eUIINVAD7Nm5uE39mDv\n" + "2ld4vup4j4A5dQNVhUd6iIYfkkwp9NnGMNGpgvSudPSHH8sFlfxXD8ysbD2wHeXL\n" + "S0Q4Ejypij7tEzy5KdUWqft1QqClHawc2hZ9KKnCHW3xoUsAWxcTIlsgqUUJOkXR\n" + "Qij2N+0SKrn6M6DSOiklCCunLUCUCceM7fiwYndhNFm5YvZq+m+Afnvxk5V7RnBu\n" + "DLoxPxkCAwEAAaN4MHYwDAYDVR0TAQH/BAIwADAVBgNVHREEDjAMggoxNzIuMTUu\n" + "Mi4xMA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFFqnqgPcjDWmHm0PJNxKNeEx\n" + "Msk1MB8GA1UdIwQYMBaAFOnh1ZODb8QbrqHBHpWyyrEVTpanMA0GCSqGSIb3DQEB\n" + "CwUAA4IBgQArsZSxJdZ1W+y3m+y6f1Me3FB/XUscpHQ9cS0wlaikeqBvIru5zp7U\n" + "tLT8qRS7Q8fxsL6LWiOmW5Izi4A51DYJQ9bUEqSIbp9SIV78u5v0oO1bnb7d5SV+\n" + "BZm/zYuox2uTT9PSoB+iqQXUJ7brWdKe0NdPAzRpM928CqWJLPw0gn41GOIPN6wS\n" + "IH29CvqRABkxzIsI8IcxHb3/F+DxTnq6aICoWe2XPeL+RqB7moP6YAC9W/r+hds2\n" + "m8Gok+rGuG3VXk2vc/j1LRnGZfpCQV2L7e7b5eLyQ2Ce46fnxkQSTt4tc0//FTfr\n" + "6X9624hAOV6MSlkPHNBwVE42z8KsxJfPxeHX+YzFBXqBiQ/r/TvOHDt5Tsny6lXh\n" + "TDqlJ3NwdS/K9PAlLqhDiZwwakUS9lEY6IC7biP7mxNM8npzlqogfS07XTJgGxgb\n" + "FtcITJKW0NPA8cnyEAt9jcgaDWw/xbVV+pIytFuGL8pjHEQ4H9Ymu6ifLNlkyu/e\n" + "3XYCeqo17QE=\n" + "-----END CERTIFICATE-----\n"; char txt_ip_in_cn[] = - "CN=172.15.1.1\n" - "-----BEGIN CERTIFICATE-----\n" - "MIICCDCCAXGgAwIBAgIMWQXCYQfV3T9BXL4hMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTEwIBcNMTcwNDMwMTA1NDI1WhgPOTk5OTEyMzEyMzU5NTlaMBUx\n" - "EzARBgNVBAMTCjE3Mi4xNS4xLjEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB\n" - "AM5hibrtVPezTZ018YR3DG+r71pTmfxVD1hWMAywQTMdut11Cg16dBtU/WJ6X3YF\n" - "b3MAtrJf7eHnaxPneY7j590eOcqiDmb0skUATuZrX4Su0QMP4ygTcXlzMAxOFYwQ\n" - "pd3d9LQiUxCVlg7fPI7BiqyWA1igBB34OaVbV0GHuJBVAgMBAAGjYTBfMAwGA1Ud\n" - "EwEB/wQCMAAwDwYDVR0PAQH/BAUDAwegADAdBgNVHQ4EFgQUSXWLgTdjnYj1kv1g\n" - "TEGZep6b0MMwHwYDVR0jBBgwFoAU3rLZPebH2OG+u4iAlJ+zbDif4GYwDQYJKoZI\n" - "hvcNAQELBQADgYEAifPWTjcErYbxCqRZW5JhwaosOFHCJVboPsLrIM8W0HEJgqet\n" - "TwarBBiE0mzQKU3GtjGj1ZSxUI/jBg9bzC+fs25VtdlC9nIxi5tSDI/HOoBBgXNr\n" - "f0+Un2eHAxFcRZPWdPy1/mn83NUMnjquuA/HHcju+pcoZrEwAI3PPQHgsGQ=\n" - "-----END CERTIFICATE-----\n"; + "CN=172.15.1.1\n" + "-----BEGIN CERTIFICATE-----\n" + "MIICCDCCAXGgAwIBAgIMWQXCYQfV3T9BXL4hMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTEwIBcNMTcwNDMwMTA1NDI1WhgPOTk5OTEyMzEyMzU5NTlaMBUx\n" + "EzARBgNVBAMTCjE3Mi4xNS4xLjEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB\n" + "AM5hibrtVPezTZ018YR3DG+r71pTmfxVD1hWMAywQTMdut11Cg16dBtU/WJ6X3YF\n" + "b3MAtrJf7eHnaxPneY7j590eOcqiDmb0skUATuZrX4Su0QMP4ygTcXlzMAxOFYwQ\n" + "pd3d9LQiUxCVlg7fPI7BiqyWA1igBB34OaVbV0GHuJBVAgMBAAGjYTBfMAwGA1Ud\n" + "EwEB/wQCMAAwDwYDVR0PAQH/BAUDAwegADAdBgNVHQ4EFgQUSXWLgTdjnYj1kv1g\n" + "TEGZep6b0MMwHwYDVR0jBBgwFoAU3rLZPebH2OG+u4iAlJ+zbDif4GYwDQYJKoZI\n" + "hvcNAQELBQADgYEAifPWTjcErYbxCqRZW5JhwaosOFHCJVboPsLrIM8W0HEJgqet\n" + "TwarBBiE0mzQKU3GtjGj1ZSxUI/jBg9bzC+fs25VtdlC9nIxi5tSDI/HOoBBgXNr\n" + "f0+Un2eHAxFcRZPWdPy1/mn83NUMnjquuA/HHcju+pcoZrEwAI3PPQHgsGQ=\n" + "-----END CERTIFICATE-----\n"; void doit(void) { @@ -900,9 +915,8 @@ void doit(void) fail("%d: Hostname incorrectly does not match (%d)\n", __LINE__, ret); - ret = - gnutls_x509_crt_check_hostname2(x509, "www.example.org", - GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS); + ret = gnutls_x509_crt_check_hostname2( + x509, "www.example.org", GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS); if (ret) fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret); @@ -1033,10 +1047,11 @@ void doit(void) if (ret < 0) fail("%d: gnutls_x509_crt_import: %d\n", __LINE__, ret); - ret = - gnutls_x509_crt_check_hostname(x509, "localhost.gnutls.gnutls.org"); + ret = gnutls_x509_crt_check_hostname(x509, + "localhost.gnutls.gnutls.org"); if (ret) - fail("%d: Hostname verification should have failed (too many wildcards)\n", __LINE__); + fail("%d: Hostname verification should have failed (too many wildcards)\n", + __LINE__); if (debug) success("Testing pem-ips...\n"); @@ -1082,21 +1097,18 @@ void doit(void) fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret); /* test flag GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES */ - ret = - gnutls_x509_crt_check_hostname2(x509, "127.0.0.1", - GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES); + ret = gnutls_x509_crt_check_hostname2( + x509, "127.0.0.1", GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES); if (ret) fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret); - ret = - gnutls_x509_crt_check_hostname2(x509, "::1", - GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES); + ret = gnutls_x509_crt_check_hostname2( + x509, "::1", GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES); if (ret) fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret); - ret = - gnutls_x509_crt_check_hostname2(x509, "127.0.0.2", - GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES); + ret = gnutls_x509_crt_check_hostname2( + x509, "127.0.0.2", GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES); if (ret) fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret); diff --git a/tests/id-on-xmppAddr.c b/tests/id-on-xmppAddr.c index 35025f6e87..512123678a 100644 --- a/tests/id-on-xmppAddr.c +++ b/tests/id-on-xmppAddr.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include "config.h" +#include "config.h" #endif #include @@ -30,7 +30,13 @@ #include "utils.h" -#define should_succeed(f) do{ int ret##__LINE__ = (f); if(ret##__LINE__ < 0) { fail(#f " failed %d\n", ret##__LINE__); } }while(0) +#define should_succeed(f) \ + do { \ + int ret##__LINE__ = (f); \ + if (ret##__LINE__ < 0) { \ + fail(#f " failed %d\n", ret##__LINE__); \ + } \ + } while (0) void doit(void) { @@ -42,7 +48,7 @@ void doit(void) char path[256]; const char *src; const char *id_on_xmppAddr = - "very.long.username@so.the.asn1.length.is.a.valid.ascii.character"; + "very.long.username@so.the.asn1.length.is.a.valid.ascii.character"; src = getenv("srcdir"); if (src == NULL) @@ -56,11 +62,10 @@ void doit(void) should_succeed(gnutls_x509_crt_init(&cert)); should_succeed(gnutls_load_file(path, &data)); - should_succeed(gnutls_x509_crt_import - (cert, &data, GNUTLS_X509_FMT_PEM)); - ret = - gnutls_x509_crt_get_subject_alt_name(cert, 0, name, &name_len, - NULL); + should_succeed( + gnutls_x509_crt_import(cert, &data, GNUTLS_X509_FMT_PEM)); + ret = gnutls_x509_crt_get_subject_alt_name(cert, 0, name, &name_len, + NULL); if (ret != GNUTLS_SAN_OTHERNAME_XMPP) fail("did not recognize GNUTLS_SAN_OTHERNAME_XMPP"); diff --git a/tests/infoaccess.c b/tests/infoaccess.c index 46253f6134..ff06f8c709 100644 --- a/tests/infoaccess.c +++ b/tests/infoaccess.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -32,43 +32,43 @@ #include "utils.h" static char cert_with_aia_data[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC\n" - "TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0\n" - "aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0\n" - "aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAzMTkxODMzMzNaFw0yMTAzMTcxODMz\n" - "MzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUw\n" - "IwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQDEyVR\n" - "dW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG\n" - "9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Yp\n" - "li4kVEAkOPcahdxYTMukJ0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2D\n" - "rOpm2RgbaIr1VxqYuvXtdj182d6UajtLF8HVj71lODqV0D1VNk7feVcxKh7YWWVJ\n" - "WCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeLYzcS19Dsw3sgQUSj7cug\n" - "F+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWenAScOospU\n" - "xbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCC\n" - "Ak4wPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVv\n" - "dmFkaXNvZmZzaG9yZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREw\n" - "ggENMIIBCQYJKwYBBAG+WAABMIH7MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNl\n" - "IG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBh\n" - "c3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFy\n" - "ZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh\n" - "Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYI\n" - "KwYBBQUHAgEWFmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3T\n" - "KbkGGew5Oanwl4Rqy+/fMIGuBgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rq\n" - "y+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p\n" - "dGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYD\n" - "VQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6tlCL\n" - "MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSk\n" - "fnIYj9lofFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf8\n" - "7C9TqnN7Az10buYWnuulLsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1R\n" - "cHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2xgI4JVrmcGmD+XcHXetwReNDWXcG31a0y\n" - "mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW\n" - "xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK\n" - "SnQ2+Q==\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t cert_with_aia = { - (void *)cert_with_aia_data, sizeof(cert_with_aia_data) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC\n" + "TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0\n" + "aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0\n" + "aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAzMTkxODMzMzNaFw0yMTAzMTcxODMz\n" + "MzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUw\n" + "IwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQDEyVR\n" + "dW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG\n" + "9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Yp\n" + "li4kVEAkOPcahdxYTMukJ0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2D\n" + "rOpm2RgbaIr1VxqYuvXtdj182d6UajtLF8HVj71lODqV0D1VNk7feVcxKh7YWWVJ\n" + "WCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeLYzcS19Dsw3sgQUSj7cug\n" + "F+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWenAScOospU\n" + "xbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCC\n" + "Ak4wPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVv\n" + "dmFkaXNvZmZzaG9yZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREw\n" + "ggENMIIBCQYJKwYBBAG+WAABMIH7MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNl\n" + "IG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBh\n" + "c3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFy\n" + "ZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh\n" + "Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYI\n" + "KwYBBQUHAgEWFmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3T\n" + "KbkGGew5Oanwl4Rqy+/fMIGuBgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rq\n" + "y+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p\n" + "dGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYD\n" + "VQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6tlCL\n" + "MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSk\n" + "fnIYj9lofFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf8\n" + "7C9TqnN7Az10buYWnuulLsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1R\n" + "cHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2xgI4JVrmcGmD+XcHXetwReNDWXcG31a0y\n" + "mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW\n" + "xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK\n" + "SnQ2+Q==\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t cert_with_aia = { (void *)cert_with_aia_data, + sizeof(cert_with_aia_data) }; void doit(void) { @@ -110,8 +110,8 @@ void doit(void) } /* test basic query with null output */ - ret = gnutls_x509_crt_get_authority_info_access - (crt, 0, GNUTLS_IA_ACCESSMETHOD_OID, NULL, NULL); + ret = gnutls_x509_crt_get_authority_info_access( + crt, 0, GNUTLS_IA_ACCESSMETHOD_OID, NULL, NULL); if (ret < 0) { fail("gnutls_x509_crt_get_authority_info_access " "GNUTLS_IA_ACCESSMETHOD_OID null output critical\n"); @@ -120,8 +120,8 @@ void doit(void) /* test same as previous but also check that critical flag is correct */ - ret = gnutls_x509_crt_get_authority_info_access - (crt, 0, GNUTLS_IA_ACCESSMETHOD_OID, NULL, &critical); + ret = gnutls_x509_crt_get_authority_info_access( + crt, 0, GNUTLS_IA_ACCESSMETHOD_OID, NULL, &critical); if (ret < 0) { fail("gnutls_x509_crt_get_authority_info_access " "GNUTLS_IA_ACCESSMETHOD_OID null output\n"); @@ -130,13 +130,14 @@ void doit(void) if (critical != 0) { fail("gnutls_x509_crt_get_authority_info_access " - "critical failed: %d\n", critical); + "critical failed: %d\n", + critical); exit(1); } /* basic query of another type */ - ret = gnutls_x509_crt_get_authority_info_access - (crt, 0, GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE, NULL, NULL); + ret = gnutls_x509_crt_get_authority_info_access( + crt, 0, GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE, NULL, NULL); if (ret < 0) { fail("gnutls_x509_crt_get_authority_info_access " "GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE null output\n"); @@ -144,8 +145,8 @@ void doit(void) } /* basic query of another type, with out-of-bound sequence */ - ret = gnutls_x509_crt_get_authority_info_access - (crt, 1, GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE, NULL, NULL); + ret = gnutls_x509_crt_get_authority_info_access( + crt, 1, GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE, NULL, NULL); if (ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { fail("gnutls_x509_crt_get_authority_info_access " "GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE out-of-bounds\n"); @@ -153,8 +154,8 @@ void doit(void) } /* basic query and check output value */ - ret = gnutls_x509_crt_get_authority_info_access - (crt, 0, GNUTLS_IA_ACCESSMETHOD_OID, &data, NULL); + ret = gnutls_x509_crt_get_authority_info_access( + crt, 0, GNUTLS_IA_ACCESSMETHOD_OID, &data, NULL); if (ret < 0) { fail("gnutls_x509_crt_get_authority_info_access " "GNUTLS_IA_ACCESSMETHOD_OID\n"); @@ -168,8 +169,8 @@ void doit(void) gnutls_free(data.data); /* basic query of another type and check output value */ - ret = gnutls_x509_crt_get_authority_info_access - (crt, 0, GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE, &data, NULL); + ret = gnutls_x509_crt_get_authority_info_access( + crt, 0, GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE, &data, NULL); if (ret < 0) { fail("gnutls_x509_crt_get_authority_info_access " "GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE\n"); @@ -183,30 +184,30 @@ void doit(void) gnutls_free(data.data); /* specific query */ - ret = gnutls_x509_crt_get_authority_info_access - (crt, 0, GNUTLS_IA_URI, &data, NULL); + ret = gnutls_x509_crt_get_authority_info_access(crt, 0, GNUTLS_IA_URI, + &data, NULL); if (ret < 0) { fail("gnutls_x509_crt_get_authority_info_access GNUTLS_IA_URI\n"); exit(1); } - if (memcmp - ("https://ocsp.quovadisoffshore.com", data.data, data.size) != 0) { + if (memcmp("https://ocsp.quovadisoffshore.com", data.data, data.size) != + 0) { fail("memcmp URI value failed\n"); exit(1); } gnutls_free(data.data); /* even more specific query */ - ret = gnutls_x509_crt_get_authority_info_access - (crt, 0, GNUTLS_IA_OCSP_URI, &data, NULL); + ret = gnutls_x509_crt_get_authority_info_access( + crt, 0, GNUTLS_IA_OCSP_URI, &data, NULL); if (ret < 0) { fail("gnutls_x509_crt_get_authority_info_access GNUTLS_IA_OCSP_URI\n"); exit(1); } - if (memcmp - ("https://ocsp.quovadisoffshore.com", data.data, data.size) != 0) { + if (memcmp("https://ocsp.quovadisoffshore.com", data.data, data.size) != + 0) { fail("memcmp URI value failed\n"); exit(1); } @@ -215,5 +216,4 @@ void doit(void) gnutls_x509_crt_deinit(crt); gnutls_global_deinit(); - } diff --git a/tests/init_roundtrip.c b/tests/init_roundtrip.c index 17918e73e5..b179728341 100644 --- a/tests/init_roundtrip.c +++ b/tests/init_roundtrip.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include diff --git a/tests/insecure_key.c b/tests/insecure_key.c index 167b02d07e..10540b1954 100644 --- a/tests/insecure_key.c +++ b/tests/insecure_key.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,10 +30,10 @@ #include #include #if !defined(_WIN32) -# include -# include -# include -# include +#include +#include +#include +#include #endif #include #include @@ -54,7 +54,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "<%d>| %s", level, str); } -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1474109119; if (t) @@ -83,25 +83,21 @@ void doit(void) assert(gnutls_certificate_allocate_credentials(&clicred) >= 0); assert(gnutls_certificate_allocate_credentials(&x509_cred) >= 0); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); - ret = - gnutls_certificate_set_x509_key_mem2(x509_cred, - &server_ca3_localhost_insecure_cert, - &server_ca3_localhost_insecure_key, - GNUTLS_X509_FMT_PEM, NULL, 0); + ret = gnutls_certificate_set_x509_key_mem2( + x509_cred, &server_ca3_localhost_insecure_cert, + &server_ca3_localhost_insecure_key, GNUTLS_X509_FMT_PEM, NULL, + 0); if (ret < 0) fail("%s\n", gnutls_strerror(ret)); - ret = - gnutls_certificate_set_x509_key_mem2(x509_cred, - &server_ca3_localhost6_cert_chain, - &server_ca3_key, - GNUTLS_X509_FMT_PEM, NULL, 0); + ret = gnutls_certificate_set_x509_key_mem2( + x509_cred, &server_ca3_localhost6_cert_chain, &server_ca3_key, + GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("%s\n", gnutls_strerror(ret)); diff --git a/tests/iov.c b/tests/iov.c index 6e9467f302..550476ec3e 100644 --- a/tests/iov.c +++ b/tests/iov.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include "gnutls_int.h" @@ -43,131 +43,97 @@ struct test_st { size_t expcnt; }; -static const giovec_t iov16[] = { - {(void *)"0123456789012345", 16}, - {(void *)"0123456789012345", 16}, - {(void *)"0123456789012345", 16}, - {(void *)"0123456789012345", 16} -}; - -static const struct exp_st exp16_64[] = { - {64, 4, 0}, - {0, 0, 0} -}; - -static const struct exp_st exp16_32[] = { - {32, 2, 0}, - {32, 4, 0}, - {0, 0, 0} -}; - -static const struct exp_st exp16_16[] = { - {16, 1, 0}, - {16, 2, 0}, - {16, 3, 0}, - {16, 4, 0}, - {0, 0, 0} -}; - -static const struct exp_st exp16_4[] = { - {16, 1, 0}, - {16, 2, 0}, - {16, 3, 0}, - {16, 4, 0}, - {0, 0, 0} -}; - -static const struct exp_st exp16_3[] = { - {15, 0, 15}, - {3, 1, 2}, - {12, 1, 14}, - {3, 2, 1}, - {15, 3, 0}, - {15, 3, 15}, - {1, 4, 0}, - {0, 0, 0} -}; - -static const giovec_t iov8[] = { - {(void *)"01234567", 8}, - {(void *)"01234567", 8}, - {(void *)"01234567", 8}, - {(void *)"01234567", 8} -}; - -static const struct exp_st exp8_64[] = { - {32, 4, 0}, - {0, 0, 0} -}; - -static const giovec_t iov_odd[] = { - {(void *)"0", 1}, - {(void *)"012", 3}, - {(void *)"01234", 5}, - {(void *)"0123456", 7}, - {(void *)"012345678", 9}, - {(void *)"01234567890", 11}, - {(void *)"0123456789012", 13}, - {(void *)"012345678901234", 15} -}; - -static const struct exp_st exp_odd_16[] = { - {16, 4, 0}, - {16, 5, 7}, - {16, 6, 12}, - {16, 8, 0}, - {0, 0, 0} -}; - -static const giovec_t iov_skip[] = { - {(void *)"0123456789012345", 16}, - {(void *)"01234567", 8}, - {(void *)"", 0}, - {(void *)"", 0}, - {(void *)"0123456789012345", 16} -}; - -static const struct exp_st exp_skip_16[] = { - {16, 1, 0}, - {16, 4, 8}, - {8, 5, 0}, - {0, 0, 0} -}; - -static const giovec_t iov_empty[] = { - {(void *)"", 0}, - {(void *)"", 0}, - {(void *)"", 0}, - {(void *)"", 0} -}; - -static const struct exp_st exp_empty_16[] = { - {0, 0, 0} -}; +static const giovec_t iov16[] = { { (void *)"0123456789012345", 16 }, + { (void *)"0123456789012345", 16 }, + { (void *)"0123456789012345", 16 }, + { (void *)"0123456789012345", 16 } }; + +static const struct exp_st exp16_64[] = { { 64, 4, 0 }, { 0, 0, 0 } }; + +static const struct exp_st exp16_32[] = { { 32, 2, 0 }, + { 32, 4, 0 }, + { 0, 0, 0 } }; + +static const struct exp_st exp16_16[] = { { 16, 1, 0 }, + { 16, 2, 0 }, + { 16, 3, 0 }, + { 16, 4, 0 }, + { 0, 0, 0 } }; + +static const struct exp_st exp16_4[] = { { 16, 1, 0 }, + { 16, 2, 0 }, + { 16, 3, 0 }, + { 16, 4, 0 }, + { 0, 0, 0 } }; + +static const struct exp_st exp16_3[] = { { 15, 0, 15 }, { 3, 1, 2 }, + { 12, 1, 14 }, { 3, 2, 1 }, + { 15, 3, 0 }, { 15, 3, 15 }, + { 1, 4, 0 }, { 0, 0, 0 } }; + +static const giovec_t iov8[] = { { (void *)"01234567", 8 }, + { (void *)"01234567", 8 }, + { (void *)"01234567", 8 }, + { (void *)"01234567", 8 } }; + +static const struct exp_st exp8_64[] = { { 32, 4, 0 }, { 0, 0, 0 } }; + +static const giovec_t iov_odd[] = { { (void *)"0", 1 }, + { (void *)"012", 3 }, + { (void *)"01234", 5 }, + { (void *)"0123456", 7 }, + { (void *)"012345678", 9 }, + { (void *)"01234567890", 11 }, + { (void *)"0123456789012", 13 }, + { (void *)"012345678901234", 15 } }; + +static const struct exp_st exp_odd_16[] = { { 16, 4, 0 }, + { 16, 5, 7 }, + { 16, 6, 12 }, + { 16, 8, 0 }, + { 0, 0, 0 } }; + +static const giovec_t iov_skip[] = { { (void *)"0123456789012345", 16 }, + { (void *)"01234567", 8 }, + { (void *)"", 0 }, + { (void *)"", 0 }, + { (void *)"0123456789012345", 16 } }; + +static const struct exp_st exp_skip_16[] = { { 16, 1, 0 }, + { 16, 4, 8 }, + { 8, 5, 0 }, + { 0, 0, 0 } }; + +static const giovec_t iov_empty[] = { { (void *)"", 0 }, + { (void *)"", 0 }, + { (void *)"", 0 }, + { (void *)"", 0 } }; + +static const struct exp_st exp_empty_16[] = { { 0, 0, 0 } }; static const struct test_st tests[] = { - {"16/64", iov16, sizeof(iov16) / sizeof(iov16[0]), 64, - exp16_64, sizeof(exp16_64) / sizeof(exp16_64[0])}, - {"16/32", iov16, sizeof(iov16) / sizeof(iov16[0]), 32, - exp16_32, sizeof(exp16_32) / sizeof(exp16_32[0])}, - {"16/16", iov16, sizeof(iov16) / sizeof(iov16[0]), 16, - exp16_16, sizeof(exp16_16) / sizeof(exp16_16[0])}, - {"16/4", iov16, sizeof(iov16) / sizeof(iov16[0]), 4, - exp16_4, sizeof(exp16_4) / sizeof(exp16_4[0])}, - {"16/3", iov16, sizeof(iov16) / sizeof(iov16[0]), 3, - exp16_3, sizeof(exp16_3) / sizeof(exp16_3[0])}, - {"8/64", iov8, sizeof(iov8) / sizeof(iov8[0]), 64, - exp8_64, sizeof(exp8_64) / sizeof(exp8_64[0])}, - {"odd/16", iov_odd, sizeof(iov_odd) / sizeof(iov_odd[0]), 16, - exp_odd_16, sizeof(exp_odd_16) / sizeof(exp_odd_16[0])}, - {"skip/16", iov_skip, sizeof(iov_skip) / sizeof(iov_skip[0]), 16, - exp_skip_16, sizeof(exp_skip_16) / sizeof(exp_skip_16[0])}, - {"empty/16", iov_empty, sizeof(iov_empty) / sizeof(iov_empty[0]), 16, - exp_empty_16, sizeof(exp_empty_16) / sizeof(exp_empty_16[0])}, -}; - -static void -copy(giovec_t * dst, uint8_t * buffer, const giovec_t * src, size_t iovcnt) + { "16/64", iov16, sizeof(iov16) / sizeof(iov16[0]), 64, exp16_64, + sizeof(exp16_64) / sizeof(exp16_64[0]) }, + { "16/32", iov16, sizeof(iov16) / sizeof(iov16[0]), 32, exp16_32, + sizeof(exp16_32) / sizeof(exp16_32[0]) }, + { "16/16", iov16, sizeof(iov16) / sizeof(iov16[0]), 16, exp16_16, + sizeof(exp16_16) / sizeof(exp16_16[0]) }, + { "16/4", iov16, sizeof(iov16) / sizeof(iov16[0]), 4, exp16_4, + sizeof(exp16_4) / sizeof(exp16_4[0]) }, + { "16/3", iov16, sizeof(iov16) / sizeof(iov16[0]), 3, exp16_3, + sizeof(exp16_3) / sizeof(exp16_3[0]) }, + { "8/64", iov8, sizeof(iov8) / sizeof(iov8[0]), 64, exp8_64, + sizeof(exp8_64) / sizeof(exp8_64[0]) }, + { "odd/16", iov_odd, sizeof(iov_odd) / sizeof(iov_odd[0]), 16, + exp_odd_16, sizeof(exp_odd_16) / sizeof(exp_odd_16[0]) }, + { "skip/16", iov_skip, sizeof(iov_skip) / sizeof(iov_skip[0]), 16, + exp_skip_16, sizeof(exp_skip_16) / sizeof(exp_skip_16[0]) }, + { "empty/16", iov_empty, sizeof(iov_empty) / sizeof(iov_empty[0]), 16, + exp_empty_16, sizeof(exp_empty_16) / sizeof(exp_empty_16[0]) }, +}; + +static void copy(giovec_t *dst, uint8_t *buffer, const giovec_t *src, + size_t iovcnt) { uint8_t *p = buffer; size_t i; @@ -180,7 +146,7 @@ copy(giovec_t * dst, uint8_t * buffer, const giovec_t * src, size_t iovcnt) } } -static void translate(uint8_t * data, size_t len) +static void translate(uint8_t *data, size_t len) { for (; len > 0; len--) { uint8_t *p = &data[len - 1]; @@ -209,19 +175,18 @@ void doit(void) copy(iov, buffer, tests[i].iov, tests[i].iovcnt); success("%s\n", tests[i].name); - assert(_gnutls_iov_iter_init(&iter, - iov, tests[i].iovcnt, + assert(_gnutls_iov_iter_init(&iter, iov, tests[i].iovcnt, tests[i].block_size) == 0); for (j = 0; j < tests[i].expcnt; j++) { ssize_t ret; ret = _gnutls_iov_iter_next(&iter, &data); if (ret != exp[j].ret) - fail("iov_iter_next: %d != %d\n", - (int)ret, (int)exp[j].ret); + fail("iov_iter_next: %d != %d\n", (int)ret, + (int)exp[j].ret); else if (debug) - success("iov_iter_next: %d == %d\n", - (int)ret, (int)exp[j].ret); + success("iov_iter_next: %d == %d\n", (int)ret, + (int)exp[j].ret); if (ret == 0) break; if (ret > 0) { diff --git a/tests/ip-check.c b/tests/ip-check.c index 0b50b143bd..48e0267f96 100644 --- a/tests/ip-check.c +++ b/tests/ip-check.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -34,107 +34,109 @@ * name-constraints-ip.c for lower level checks. */ -char pem_ips[] = "\n" - "X.509 Certificate Information:\n" - " Version: 3\n" - " Serial Number (hex): 00\n" - " Issuer: CN=server-0\n" - " Validity:\n" - " Not Before: Fri Jun 27 09:14:36 UTC 2014\n" - " Not After: Fri Dec 31 23:59:59 UTC 9999\n" - " Subject: CN=server-0\n" - " Subject Public Key Algorithm: RSA\n" - " Algorithm Security Level: Medium (2048 bits)\n" - " Modulus (bits 2048):\n" - " 00:c1:56:12:f6:c3:c7:e3:4c:7e:ff:04:4e:88:1d:67\n" - " a7:f3:4d:64:cc:12:a7:ff:50:aa:5c:31:b9:3c:d1:d1\n" - " ba:78:2c:7d:dd:54:4a:cd:5a:f2:38:8b:b2:c5:26:7e\n" - " 25:05:36:b6:92:e6:1d:c3:00:39:a0:c5:1c:b5:63:3d\n" - " 00:e9:b4:b5:75:a7:14:b1:ff:a0:03:9d:ba:77:da:e5\n" - " de:21:fb:56:da:06:9d:84:57:53:3d:08:45:45:20:fd\n" - " e7:60:65:2e:55:60:db:d3:91:da:64:ff:c4:42:42:54\n" - " 77:cb:47:54:68:1e:b4:62:ad:8a:3c:0a:28:89:cb:d3\n" - " 81:d3:15:9a:1d:67:90:51:83:90:6d:fb:a1:0e:54:6b\n" - " 29:d7:ef:79:19:14:f6:0d:82:73:8f:79:58:0e:af:0e\n" - " cc:bd:17:ab:b5:a2:1f:76:a1:9f:4b:7b:e8:f9:7b:28\n" - " 56:cc:f1:5b:0e:93:c9:e5:44:2f:2d:0a:22:7d:0b:2b\n" - " 30:84:c3:1e:d6:4d:63:5b:41:51:83:d4:b5:09:f4:cc\n" - " ab:ad:51:1b:8e:a1:f6:b1:27:5b:43:3c:bc:ae:10:93\n" - " d4:ce:3b:10:ca:3f:22:dd:9e:a8:3f:4a:a6:a8:cd:8f\n" - " d0:6a:e0:40:26:28:0f:af:0e:13:e1:ac:b9:ac:41:cc\n" - " 5d\n" - " Exponent (bits 24):\n" - " 01:00:01\n" - " Extensions:\n" - " Basic Constraints (critical):\n" - " Certificate Authority (CA): TRUE\n" - " Subject Alternative Name (not critical):\n" - " IPAddress: 127.0.0.1\n" - " IPAddress: 192.168.5.1\n" - " IPAddress: 10.100.2.5\n" - " IPAddress: 0:0:0:0:0:0:0:1\n" - " IPAddress: fe80:0:0:0:3e97:eff:fe18:359a\n" - " Key Usage (critical):\n" - " Certificate signing.\n" - " Subject Key Identifier (not critical):\n" - " bd3d0b6cab6b33d8a8e1ed15b7ab17587cc2a09f\n" - " Signature Algorithm: RSA-SHA256\n" - " Signature:\n" - " 02:22:52:4b:69:e5:4f:f8:17:0a:46:34:d1:ec:6b:f5\n" - " ae:5b:fc:e2:00:ca:1f:f0:1d:74:91:9c:85:0a:a7:06\n" - " 3d:fa:93:0d:35:85:ea:3e:01:9f:9e:bc:52:72:95:b2\n" - " 8a:3a:78:6e:d2:5d:4d:60:88:2b:be:6f:68:75:c7:19\n" - " ac:c9:ea:ab:74:f6:62:4d:30:1e:87:e4:70:1e:96:f4\n" - " 0b:48:ef:c9:28:14:6f:fa:c1:7b:d3:ef:b3:d8:52:90\n" - " 5d:20:d0:aa:8b:10:ab:74:86:46:be:cb:6c:93:54:60\n" - " bc:6e:d6:4d:b2:1e:25:65:38:52:5b:6c:b4:57:8f:0f\n" - " 26:4f:36:ea:42:eb:71:68:93:f3:a9:7a:66:5c:b6:07\n" - " 7d:15:b5:f4:b8:5c:7c:e0:cd:d0:fa:5b:2a:6b:fd:4c\n" - " 71:12:45:d0:37:9e:cf:90:59:6e:fd:ba:3a:8b:ca:37\n" - " 01:cc:6f:e0:32:c7:9e:a4:ea:61:2c:e5:ad:66:73:80\n" - " 5c:5e:0c:44:ec:c2:74:b8:fe:6e:66:af:76:cc:30:10\n" - " 1f:3a:ac:34:36:e6:5b:72:f3:ee:5a:68:c3:43:37:56\n" - " c3:08:02:3c:96:1c:27:18:d0:38:fa:d7:51:4e:82:7d\n" - " fc:81:a2:23:c5:05:80:0e:b4:ba:d3:19:39:74:9c:74\n" - "Other Information:\n" - " SHA1 fingerprint:\n" - " 43536dd4198f6064c117c3825020b14c108f9a34\n" - " SHA256 fingerprint:\n" - " 5ab6626aa069da15650edcfff7305767ff5b8d338289f851a624ea89b50ff06a\n" - " Public Key ID:\n" - " bd3d0b6cab6b33d8a8e1ed15b7ab17587cc2a09f\n" - " Public key's random art:\n" - " +--[ RSA 2048]----+\n" - " | |\n" - " | . |\n" - " | . + |\n" - " | . .= . |\n" - " | .S+oo |\n" - " | E+.+ |\n" - " | . +. *.o |\n" - " | . oo.=..+ o |\n" - " | ooo.+Bo . |\n" - " +-----------------+\n" - "\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIDKzCCAhOgAwIBAgIBADANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDEwhzZXJ2\n" - "ZXItMDAiGA8yMDE0MDYyNzA5MTQzNloYDzk5OTkxMjMxMjM1OTU5WjATMREwDwYD\n" - "VQQDEwhzZXJ2ZXItMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMFW\n" - "EvbDx+NMfv8ETogdZ6fzTWTMEqf/UKpcMbk80dG6eCx93VRKzVryOIuyxSZ+JQU2\n" - "tpLmHcMAOaDFHLVjPQDptLV1pxSx/6ADnbp32uXeIftW2gadhFdTPQhFRSD952Bl\n" - "LlVg29OR2mT/xEJCVHfLR1RoHrRirYo8CiiJy9OB0xWaHWeQUYOQbfuhDlRrKdfv\n" - "eRkU9g2Cc495WA6vDsy9F6u1oh92oZ9Le+j5eyhWzPFbDpPJ5UQvLQoifQsrMITD\n" - "HtZNY1tBUYPUtQn0zKutURuOofaxJ1tDPLyuEJPUzjsQyj8i3Z6oP0qmqM2P0Grg\n" - "QCYoD68OE+GsuaxBzF0CAwEAAaOBhTCBgjAPBgNVHRMBAf8EBTADAQH/MD8GA1Ud\n" - "EQQ4MDaHBH8AAAGHBMCoBQGHBApkAgWHEAAAAAAAAAAAAAAAAAAAAAGHEP6AAAAA\n" - "AAAAPpcO//4YNZowDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUvT0LbKtrM9io\n" - "4e0Vt6sXWHzCoJ8wDQYJKoZIhvcNAQELBQADggEBAAIiUktp5U/4FwpGNNHsa/Wu\n" - "W/ziAMof8B10kZyFCqcGPfqTDTWF6j4Bn568UnKVsoo6eG7SXU1giCu+b2h1xxms\n" - "yeqrdPZiTTAeh+RwHpb0C0jvySgUb/rBe9Pvs9hSkF0g0KqLEKt0hka+y2yTVGC8\n" - "btZNsh4lZThSW2y0V48PJk826kLrcWiT86l6Zly2B30VtfS4XHzgzdD6Wypr/Uxx\n" - "EkXQN57PkFlu/bo6i8o3Acxv4DLHnqTqYSzlrWZzgFxeDETswnS4/m5mr3bMMBAf\n" - "Oqw0NuZbcvPuWmjDQzdWwwgCPJYcJxjQOPrXUU6CffyBoiPFBYAOtLrTGTl0nHQ=\n" - "-----END CERTIFICATE-----\n" ""; +char pem_ips[] = + "\n" + "X.509 Certificate Information:\n" + " Version: 3\n" + " Serial Number (hex): 00\n" + " Issuer: CN=server-0\n" + " Validity:\n" + " Not Before: Fri Jun 27 09:14:36 UTC 2014\n" + " Not After: Fri Dec 31 23:59:59 UTC 9999\n" + " Subject: CN=server-0\n" + " Subject Public Key Algorithm: RSA\n" + " Algorithm Security Level: Medium (2048 bits)\n" + " Modulus (bits 2048):\n" + " 00:c1:56:12:f6:c3:c7:e3:4c:7e:ff:04:4e:88:1d:67\n" + " a7:f3:4d:64:cc:12:a7:ff:50:aa:5c:31:b9:3c:d1:d1\n" + " ba:78:2c:7d:dd:54:4a:cd:5a:f2:38:8b:b2:c5:26:7e\n" + " 25:05:36:b6:92:e6:1d:c3:00:39:a0:c5:1c:b5:63:3d\n" + " 00:e9:b4:b5:75:a7:14:b1:ff:a0:03:9d:ba:77:da:e5\n" + " de:21:fb:56:da:06:9d:84:57:53:3d:08:45:45:20:fd\n" + " e7:60:65:2e:55:60:db:d3:91:da:64:ff:c4:42:42:54\n" + " 77:cb:47:54:68:1e:b4:62:ad:8a:3c:0a:28:89:cb:d3\n" + " 81:d3:15:9a:1d:67:90:51:83:90:6d:fb:a1:0e:54:6b\n" + " 29:d7:ef:79:19:14:f6:0d:82:73:8f:79:58:0e:af:0e\n" + " cc:bd:17:ab:b5:a2:1f:76:a1:9f:4b:7b:e8:f9:7b:28\n" + " 56:cc:f1:5b:0e:93:c9:e5:44:2f:2d:0a:22:7d:0b:2b\n" + " 30:84:c3:1e:d6:4d:63:5b:41:51:83:d4:b5:09:f4:cc\n" + " ab:ad:51:1b:8e:a1:f6:b1:27:5b:43:3c:bc:ae:10:93\n" + " d4:ce:3b:10:ca:3f:22:dd:9e:a8:3f:4a:a6:a8:cd:8f\n" + " d0:6a:e0:40:26:28:0f:af:0e:13:e1:ac:b9:ac:41:cc\n" + " 5d\n" + " Exponent (bits 24):\n" + " 01:00:01\n" + " Extensions:\n" + " Basic Constraints (critical):\n" + " Certificate Authority (CA): TRUE\n" + " Subject Alternative Name (not critical):\n" + " IPAddress: 127.0.0.1\n" + " IPAddress: 192.168.5.1\n" + " IPAddress: 10.100.2.5\n" + " IPAddress: 0:0:0:0:0:0:0:1\n" + " IPAddress: fe80:0:0:0:3e97:eff:fe18:359a\n" + " Key Usage (critical):\n" + " Certificate signing.\n" + " Subject Key Identifier (not critical):\n" + " bd3d0b6cab6b33d8a8e1ed15b7ab17587cc2a09f\n" + " Signature Algorithm: RSA-SHA256\n" + " Signature:\n" + " 02:22:52:4b:69:e5:4f:f8:17:0a:46:34:d1:ec:6b:f5\n" + " ae:5b:fc:e2:00:ca:1f:f0:1d:74:91:9c:85:0a:a7:06\n" + " 3d:fa:93:0d:35:85:ea:3e:01:9f:9e:bc:52:72:95:b2\n" + " 8a:3a:78:6e:d2:5d:4d:60:88:2b:be:6f:68:75:c7:19\n" + " ac:c9:ea:ab:74:f6:62:4d:30:1e:87:e4:70:1e:96:f4\n" + " 0b:48:ef:c9:28:14:6f:fa:c1:7b:d3:ef:b3:d8:52:90\n" + " 5d:20:d0:aa:8b:10:ab:74:86:46:be:cb:6c:93:54:60\n" + " bc:6e:d6:4d:b2:1e:25:65:38:52:5b:6c:b4:57:8f:0f\n" + " 26:4f:36:ea:42:eb:71:68:93:f3:a9:7a:66:5c:b6:07\n" + " 7d:15:b5:f4:b8:5c:7c:e0:cd:d0:fa:5b:2a:6b:fd:4c\n" + " 71:12:45:d0:37:9e:cf:90:59:6e:fd:ba:3a:8b:ca:37\n" + " 01:cc:6f:e0:32:c7:9e:a4:ea:61:2c:e5:ad:66:73:80\n" + " 5c:5e:0c:44:ec:c2:74:b8:fe:6e:66:af:76:cc:30:10\n" + " 1f:3a:ac:34:36:e6:5b:72:f3:ee:5a:68:c3:43:37:56\n" + " c3:08:02:3c:96:1c:27:18:d0:38:fa:d7:51:4e:82:7d\n" + " fc:81:a2:23:c5:05:80:0e:b4:ba:d3:19:39:74:9c:74\n" + "Other Information:\n" + " SHA1 fingerprint:\n" + " 43536dd4198f6064c117c3825020b14c108f9a34\n" + " SHA256 fingerprint:\n" + " 5ab6626aa069da15650edcfff7305767ff5b8d338289f851a624ea89b50ff06a\n" + " Public Key ID:\n" + " bd3d0b6cab6b33d8a8e1ed15b7ab17587cc2a09f\n" + " Public key's random art:\n" + " +--[ RSA 2048]----+\n" + " | |\n" + " | . |\n" + " | . + |\n" + " | . .= . |\n" + " | .S+oo |\n" + " | E+.+ |\n" + " | . +. *.o |\n" + " | . oo.=..+ o |\n" + " | ooo.+Bo . |\n" + " +-----------------+\n" + "\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIDKzCCAhOgAwIBAgIBADANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDEwhzZXJ2\n" + "ZXItMDAiGA8yMDE0MDYyNzA5MTQzNloYDzk5OTkxMjMxMjM1OTU5WjATMREwDwYD\n" + "VQQDEwhzZXJ2ZXItMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMFW\n" + "EvbDx+NMfv8ETogdZ6fzTWTMEqf/UKpcMbk80dG6eCx93VRKzVryOIuyxSZ+JQU2\n" + "tpLmHcMAOaDFHLVjPQDptLV1pxSx/6ADnbp32uXeIftW2gadhFdTPQhFRSD952Bl\n" + "LlVg29OR2mT/xEJCVHfLR1RoHrRirYo8CiiJy9OB0xWaHWeQUYOQbfuhDlRrKdfv\n" + "eRkU9g2Cc495WA6vDsy9F6u1oh92oZ9Le+j5eyhWzPFbDpPJ5UQvLQoifQsrMITD\n" + "HtZNY1tBUYPUtQn0zKutURuOofaxJ1tDPLyuEJPUzjsQyj8i3Z6oP0qmqM2P0Grg\n" + "QCYoD68OE+GsuaxBzF0CAwEAAaOBhTCBgjAPBgNVHRMBAf8EBTADAQH/MD8GA1Ud\n" + "EQQ4MDaHBH8AAAGHBMCoBQGHBApkAgWHEAAAAAAAAAAAAAAAAAAAAAGHEP6AAAAA\n" + "AAAAPpcO//4YNZowDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUvT0LbKtrM9io\n" + "4e0Vt6sXWHzCoJ8wDQYJKoZIhvcNAQELBQADggEBAAIiUktp5U/4FwpGNNHsa/Wu\n" + "W/ziAMof8B10kZyFCqcGPfqTDTWF6j4Bn568UnKVsoo6eG7SXU1giCu+b2h1xxms\n" + "yeqrdPZiTTAeh+RwHpb0C0jvySgUb/rBe9Pvs9hSkF0g0KqLEKt0hka+y2yTVGC8\n" + "btZNsh4lZThSW2y0V48PJk826kLrcWiT86l6Zly2B30VtfS4XHzgzdD6Wypr/Uxx\n" + "EkXQN57PkFlu/bo6i8o3Acxv4DLHnqTqYSzlrWZzgFxeDETswnS4/m5mr3bMMBAf\n" + "Oqw0NuZbcvPuWmjDQzdWwwgCPJYcJxjQOPrXUU6CffyBoiPFBYAOtLrTGTl0nHQ=\n" + "-----END CERTIFICATE-----\n" + ""; void doit(void) { @@ -185,31 +187,34 @@ void doit(void) fail("%d: Hostname incorrectly does not match (%d)\n", __LINE__, ret); - ret = - gnutls_x509_crt_check_ip(x509, (unsigned char *)"\x7f\x00\x00\x02", - 4, 0); + ret = gnutls_x509_crt_check_ip( + x509, (unsigned char *)"\x7f\x00\x00\x02", 4, 0); if (ret) fail("%d: IP incorrectly matches (%d)\n", __LINE__, ret); - ret = - gnutls_x509_crt_check_ip(x509, (unsigned char *)"\x7f\x00\x00\x01", - 4, 0); + ret = gnutls_x509_crt_check_ip( + x509, (unsigned char *)"\x7f\x00\x00\x01", 4, 0); if (!ret) fail("%d: IP incorrectly does not match (%d)\n", __LINE__, ret); - ret = - gnutls_x509_crt_check_ip(x509, (unsigned char *)"\xc0\xa8\x05\x01", - 4, 0); + ret = gnutls_x509_crt_check_ip( + x509, (unsigned char *)"\xc0\xa8\x05\x01", 4, 0); if (!ret) fail("%d: IP incorrectly does not match (%d)\n", __LINE__, ret); - ret = gnutls_x509_crt_check_ip(x509, (unsigned char *) - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01", 16, 0); + ret = gnutls_x509_crt_check_ip( + x509, + (unsigned char + *)"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01", + 16, 0); if (!ret) fail("%d: IP incorrectly does not match (%d)\n", __LINE__, ret); - ret = gnutls_x509_crt_check_ip(x509, (unsigned char *) - "\xfe\x80\x00\x00\x00\x00\x00\x00\x3e\x97\x0e\xff\xfe\x18\x35\x9a", 16, 0); + ret = gnutls_x509_crt_check_ip( + x509, + (unsigned char + *)"\xfe\x80\x00\x00\x00\x00\x00\x00\x3e\x97\x0e\xff\xfe\x18\x35\x9a", + 16, 0); if (!ret) fail("%d: IP incorrectly does not match (%d)\n", __LINE__, ret); diff --git a/tests/ip-utils.c b/tests/ip-utils.c index 5718953f86..3d05470bc2 100644 --- a/tests/ip-utils.c +++ b/tests/ip-utils.c @@ -32,28 +32,29 @@ #include #ifndef _WIN32 -# include -# include +#include +#include -# define BUILD_IN_TESTS -# include "../lib/x509/ip-in-cidr.h" +#define BUILD_IN_TESTS +#include "../lib/x509/ip-in-cidr.h" -# define _MATCH_FUNC(fname, CIDR, IP, status) \ -static void fname(void **glob_state) \ -{ \ - gnutls_datum_t dcidr; \ - const char cidr[] = CIDR; \ - const char ip[] = IP; \ - char xip[4]; \ - gnutls_datum_t dip = {(unsigned char*)xip, sizeof(xip)}; \ - assert_int_equal(gnutls_x509_cidr_to_rfc5280(cidr, &dcidr), 0); \ - assert_int_equal(inet_pton(AF_INET, ip, xip), 1); \ - assert_int_equal(ip_in_cidr(&dip, &dcidr), status); \ - gnutls_free(dcidr.data); \ -} +#define _MATCH_FUNC(fname, CIDR, IP, status) \ + static void fname(void **glob_state) \ + { \ + gnutls_datum_t dcidr; \ + const char cidr[] = CIDR; \ + const char ip[] = IP; \ + char xip[4]; \ + gnutls_datum_t dip = { (unsigned char *)xip, sizeof(xip) }; \ + assert_int_equal(gnutls_x509_cidr_to_rfc5280(cidr, &dcidr), \ + 0); \ + assert_int_equal(inet_pton(AF_INET, ip, xip), 1); \ + assert_int_equal(ip_in_cidr(&dip, &dcidr), status); \ + gnutls_free(dcidr.data); \ + } -# define MATCH_FUNC_OK(fname, CIDR, IP) _MATCH_FUNC(fname, CIDR, IP, 1) -# define MATCH_FUNC_NOT_OK(fname, CIDR, IP) _MATCH_FUNC(fname, CIDR, IP, 0) +#define MATCH_FUNC_OK(fname, CIDR, IP) _MATCH_FUNC(fname, CIDR, IP, 1) +#define MATCH_FUNC_NOT_OK(fname, CIDR, IP) _MATCH_FUNC(fname, CIDR, IP, 0) MATCH_FUNC_OK(check_ip1_match, "192.168.1.0/24", "192.168.1.128"); MATCH_FUNC_OK(check_ip2_match, "192.168.1.0/24", "192.168.1.1"); @@ -69,34 +70,39 @@ MATCH_FUNC_NOT_OK(check_ip5_not_match, "192.168.1.0/28", "192.168.1.64"); MATCH_FUNC_NOT_OK(check_ip6_not_match, "192.168.1.0/24", "10.0.0.0"); MATCH_FUNC_NOT_OK(check_ip7_not_match, "192.168.1.0/24", "192.169.1.0"); -# define CIDR_MATCH(fname, CIDR, EXPECTED) \ -static void fname(void **glob_state) \ -{ \ - gnutls_datum_t dcidr; \ - const char cidr[] = CIDR; \ - assert_int_equal(gnutls_x509_cidr_to_rfc5280(cidr, &dcidr), 0); \ - assert_memory_equal(EXPECTED, dcidr.data, dcidr.size); \ - gnutls_free(dcidr.data); \ -} +#define CIDR_MATCH(fname, CIDR, EXPECTED) \ + static void fname(void **glob_state) \ + { \ + gnutls_datum_t dcidr; \ + const char cidr[] = CIDR; \ + assert_int_equal(gnutls_x509_cidr_to_rfc5280(cidr, &dcidr), \ + 0); \ + assert_memory_equal(EXPECTED, dcidr.data, dcidr.size); \ + gnutls_free(dcidr.data); \ + } -# define CIDR_FAIL(fname, CIDR) \ -static void fname(void **glob_state) \ -{ \ - gnutls_datum_t dcidr; \ - const char cidr[] = CIDR; \ - assert_int_not_equal(gnutls_x509_cidr_to_rfc5280(cidr, &dcidr), 0); \ -} +#define CIDR_FAIL(fname, CIDR) \ + static void fname(void **glob_state) \ + { \ + gnutls_datum_t dcidr; \ + const char cidr[] = CIDR; \ + assert_int_not_equal( \ + gnutls_x509_cidr_to_rfc5280(cidr, &dcidr), 0); \ + } CIDR_MATCH(check_cidr_ok1, "0.0.0.0/32", "\x00\x00\x00\x00\xff\xff\xff\xff"); CIDR_MATCH(check_cidr_ok2, "192.168.1.1/12", "\xc0\xa0\x00\x00\xff\xf0\x00\x00"); CIDR_MATCH(check_cidr_ok3, "192.168.1.1/0", "\x00\x00\x00\x00\x00\x00\x00\x00"); -CIDR_MATCH(check_cidr_ok4, "::/19", - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"); -CIDR_MATCH(check_cidr_ok5, "::1/128", - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"); -CIDR_MATCH(check_cidr_ok6, "2001:db8::/48", - "\x20\x01\x0d\xb8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"); +CIDR_MATCH( + check_cidr_ok4, "::/19", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"); +CIDR_MATCH( + check_cidr_ok5, "::1/128", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"); +CIDR_MATCH( + check_cidr_ok6, "2001:db8::/48", + "\x20\x01\x0d\xb8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"); CIDR_FAIL(check_cidr_fail1, "0.0.0.0/100"); CIDR_FAIL(check_cidr_fail2, "1.2.3.4/-1"); diff --git a/tests/kdf-api.c b/tests/kdf-api.c index c496cf2993..d476482fa5 100644 --- a/tests/kdf-api.c +++ b/tests/kdf-api.c @@ -35,12 +35,9 @@ static gnutls_fips140_context_t fips_context; -static void -test_hkdf(gnutls_mac_algorithm_t mac, - const char *ikm_hex, - const char *salt_hex, - const char *info_hex, - size_t length, const char *prk_hex, const char *okm_hex) +static void test_hkdf(gnutls_mac_algorithm_t mac, const char *ikm_hex, + const char *salt_hex, const char *info_hex, size_t length, + const char *prk_hex, const char *okm_hex) { gnutls_datum_t hex; gnutls_datum_t ikm; @@ -73,8 +70,8 @@ test_hkdf(gnutls_mac_algorithm_t mac, assert(gnutls_hex_encode2(&prk, &hex) >= 0); if (strcmp((char *)hex.data, prk_hex)) - fail("prk doesn't match: %s != %s\n", - (char *)hex.data, prk_hex); + fail("prk doesn't match: %s != %s\n", (char *)hex.data, + prk_hex); gnutls_free(hex.data); @@ -101,8 +98,8 @@ test_hkdf(gnutls_mac_algorithm_t mac, assert(gnutls_hex_encode2(&okm, &hex) >= 0); if (strcmp((char *)hex.data, okm_hex)) - fail("okm doesn't match: %s != %s\n", - (char *)hex.data, okm_hex); + fail("okm doesn't match: %s != %s\n", (char *)hex.data, + okm_hex); gnutls_free(hex.data); } @@ -126,14 +123,10 @@ is_mac_algo_hmac_approved_in_fips(gnutls_mac_algorithm_t algo) } } -static void -test_pbkdf2(gnutls_mac_algorithm_t mac, - const char *ikm_hex, - const char *salt_hex, - unsigned iter_count, - size_t length, - const char *okm_hex, - gnutls_fips140_operation_state_t expected_state) +static void test_pbkdf2(gnutls_mac_algorithm_t mac, const char *ikm_hex, + const char *salt_hex, unsigned iter_count, + size_t length, const char *okm_hex, + gnutls_fips140_operation_state_t expected_state) { gnutls_datum_t hex; gnutls_datum_t ikm; @@ -162,8 +155,8 @@ test_pbkdf2(gnutls_mac_algorithm_t mac, assert(gnutls_hex_encode2(&okm, &hex) >= 0); if (strcmp((char *)hex.data, okm_hex)) - fail("okm doesn't match: %s != %s\n", - (char *)hex.data, okm_hex); + fail("okm doesn't match: %s != %s\n", (char *)hex.data, + okm_hex); gnutls_free(hex.data); } @@ -177,24 +170,25 @@ void doit(void) test_hkdf(GNUTLS_MAC_SHA256, "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b" "0b0b0b0b0b0b", - "000102030405060708090a0b0c", - "f0f1f2f3f4f5f6f7f8f9", - 42, + "000102030405060708090a0b0c", "f0f1f2f3f4f5f6f7f8f9", 42, "077709362c2e32df0ddc3f0dc47bba63" "90b6c73bb50f9c3122ec844ad7c2b3e5", "3cb25f25faacd57a90434f64d0362f2a" - "2d2d0a90cf1a5a4c5db02d56ecc4c5bf" "34007208d5b887185865"); + "2d2d0a90cf1a5a4c5db02d56ecc4c5bf" + "34007208d5b887185865"); /* Test vector from RFC 6070. More thorough testing is done * in nettle. */ - test_pbkdf2(GNUTLS_MAC_SHA1, "70617373776f7264", /* "password" */ - "73616c74", /* "salt" */ - 4096, 20, "4b007901b765489abead49d926f721d065a429c1", - /* Key sizes and output sizes less than 112-bit are not approved. */ - GNUTLS_FIPS140_OP_NOT_APPROVED); - - test_pbkdf2(GNUTLS_MAC_AES_CMAC_128, "70617373776f726470617373776f7264", /* "passwordpassword" */ - "73616c74", /* "salt" */ + test_pbkdf2( + GNUTLS_MAC_SHA1, "70617373776f7264", /* "password" */ + "73616c74", /* "salt" */ + 4096, 20, "4b007901b765489abead49d926f721d065a429c1", + /* Key sizes and output sizes less than 112-bit are not approved. */ + GNUTLS_FIPS140_OP_NOT_APPROVED); + + test_pbkdf2(GNUTLS_MAC_AES_CMAC_128, + "70617373776f726470617373776f7264", /* "passwordpassword" */ + "73616c74", /* "salt" */ 4096, 20, "c4c112c6e1e3b8757640603dec78825ff87605a7", /* Use of AES-CMAC in PBKDF2 is not supported in ACVP. */ GNUTLS_FIPS140_OP_NOT_APPROVED); diff --git a/tests/key-export-pkcs8.c b/tests/key-export-pkcs8.c index f4e07af687..cf0a985291 100644 --- a/tests/key-export-pkcs8.c +++ b/tests/key-export-pkcs8.c @@ -18,7 +18,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -32,52 +32,52 @@ #include unsigned char dsa_p[] = - "\x00\xb9\x84\xf5\x5a\x81\xbe\x1a\x0d\xc5\x8a\x73\x8f\x0c\x9b\x2f\x9b\xb6\x0e\x4b\xc3\x74\x1a\x7f\x64\xad\x9d\xf3\x28\xc5\xa0\x47\xbc\x9b\x57\x56\xf1\x97\xd5\x7e\x37\x03\xe9\xf2\x4c\xf4\xe3\x8b\x7f\x30\xa3\x5d\x2f\xbb\xa1\xa2\x37\xc2\xea\x35\x8f\x1f\xb1\x5f\xa6\xa2\x5f\x01\xf1\x23\x36\x2b\xe4\x4f\x2f\x2d\xdd\x9d\xd5\x3a\xa6\x39\xaf\x7a\x51\x7c\xd2\x25\x8e\x97\x74\xcf\x1e\xc5\x7b\x4b\x76\x43\x81\x07\x1f\x06\x14\xb8\x6e\x58\x12\xe1\x90\xe2\x37\x6f\xd2\x1b\xec\x68\xc5\x58\xe2\xe6\x30\xe0\x6a\x5e\x2c\x63\x78\xec\x07"; + "\x00\xb9\x84\xf5\x5a\x81\xbe\x1a\x0d\xc5\x8a\x73\x8f\x0c\x9b\x2f\x9b\xb6\x0e\x4b\xc3\x74\x1a\x7f\x64\xad\x9d\xf3\x28\xc5\xa0\x47\xbc\x9b\x57\x56\xf1\x97\xd5\x7e\x37\x03\xe9\xf2\x4c\xf4\xe3\x8b\x7f\x30\xa3\x5d\x2f\xbb\xa1\xa2\x37\xc2\xea\x35\x8f\x1f\xb1\x5f\xa6\xa2\x5f\x01\xf1\x23\x36\x2b\xe4\x4f\x2f\x2d\xdd\x9d\xd5\x3a\xa6\x39\xaf\x7a\x51\x7c\xd2\x25\x8e\x97\x74\xcf\x1e\xc5\x7b\x4b\x76\x43\x81\x07\x1f\x06\x14\xb8\x6e\x58\x12\xe1\x90\xe2\x37\x6f\xd2\x1b\xec\x68\xc5\x58\xe2\xe6\x30\xe0\x6a\x5e\x2c\x63\x78\xec\x07"; unsigned char dsa_q[] = - "\x00\x9f\x56\x8c\x48\x64\x2f\xfe\x8d\xaa\x7a\x6d\x96\xdb\x04\x5d\x16\xef\x08\xa5\x71"; + "\x00\x9f\x56\x8c\x48\x64\x2f\xfe\x8d\xaa\x7a\x6d\x96\xdb\x04\x5d\x16\xef\x08\xa5\x71"; unsigned char dsa_g[] = - "\x62\x06\x7e\xe4\x5c\x76\x08\xb7\x46\x1a\x5d\xd7\x97\xd4\x2a\x21\xfb\x1f\x31\xc9\xd2\xf4\xfa\x39\xd8\x27\xd1\x9b\xfc\x27\x5d\xa7\x0a\xa7\x1a\xfc\x53\xc1\x2f\x43\xc2\x37\xc8\x85\x7f\x3d\x4c\xab\x5d\x81\x32\xfb\x1d\x5e\x1e\x54\x11\x16\x20\xc6\x80\x5a\xd9\x8c\x9b\x43\xf0\xdd\x6b\xa0\xf4\xc3\xf2\x8a\x9c\x39\xd2\x1c\x7b\x0f\xef\xfa\x28\x93\x8f\xd2\xa1\x22\xeb\xdc\xe0\x8a\x8b\xad\x28\x0e\xcf\xef\x09\x85\xe9\x36\xbd\x8b\x7a\x50\xd5\x7b\xf7\x25\x0d\x6c\x60\x11\xc4\xef\x70\x90\xcf\xd6\x1b\xeb\xbb\x8e\xc6\x3e\x3a\x97"; + "\x62\x06\x7e\xe4\x5c\x76\x08\xb7\x46\x1a\x5d\xd7\x97\xd4\x2a\x21\xfb\x1f\x31\xc9\xd2\xf4\xfa\x39\xd8\x27\xd1\x9b\xfc\x27\x5d\xa7\x0a\xa7\x1a\xfc\x53\xc1\x2f\x43\xc2\x37\xc8\x85\x7f\x3d\x4c\xab\x5d\x81\x32\xfb\x1d\x5e\x1e\x54\x11\x16\x20\xc6\x80\x5a\xd9\x8c\x9b\x43\xf0\xdd\x6b\xa0\xf4\xc3\xf2\x8a\x9c\x39\xd2\x1c\x7b\x0f\xef\xfa\x28\x93\x8f\xd2\xa1\x22\xeb\xdc\xe0\x8a\x8b\xad\x28\x0e\xcf\xef\x09\x85\xe9\x36\xbd\x8b\x7a\x50\xd5\x7b\xf7\x25\x0d\x6c\x60\x11\xc4\xef\x70\x90\xcf\xd6\x1b\xeb\xbb\x8e\xc6\x3e\x3a\x97"; unsigned char dsa_y[] = - "\x0f\x8a\x87\x57\xf2\xd1\xc2\xdc\xac\xdf\x4b\x8b\x0f\x8b\xba\x29\xf7\xe1\x03\xe4\x55\xfa\xb2\x98\x07\xd6\xfd\x12\xb1\x80\xbc\xf5\xba\xb4\x50\xd4\x7f\xa0\x0e\x43\xe7\x9f\xc9\x78\x11\x5f\xe5\xe4\x0c\x2c\x6b\x6a\xa4\x35\xdc\xbd\x54\xe5\x60\x36\x9a\x31\xd1\x8a\x59\x6e\x6b\x1c\xba\xbd\x2e\xba\xeb\x7c\x87\xef\xda\xc8\xdd\xa1\xeb\xa4\x83\xe6\x8b\xad\xfa\xfa\x8e\x5b\xd7\x37\xc8\x32\x3e\x96\xc2\x3e\xf4\x43\xda\x7d\x91\x02\x0f\xb7\xbc\xf8\xef\x8f\xf7\x41\x00\x5e\x96\xdf\x0f\x08\x96\xdc\xea\xb2\xe9\x06\x82\xaf\xd2\x2f"; + "\x0f\x8a\x87\x57\xf2\xd1\xc2\xdc\xac\xdf\x4b\x8b\x0f\x8b\xba\x29\xf7\xe1\x03\xe4\x55\xfa\xb2\x98\x07\xd6\xfd\x12\xb1\x80\xbc\xf5\xba\xb4\x50\xd4\x7f\xa0\x0e\x43\xe7\x9f\xc9\x78\x11\x5f\xe5\xe4\x0c\x2c\x6b\x6a\xa4\x35\xdc\xbd\x54\xe5\x60\x36\x9a\x31\xd1\x8a\x59\x6e\x6b\x1c\xba\xbd\x2e\xba\xeb\x7c\x87\xef\xda\xc8\xdd\xa1\xeb\xa4\x83\xe6\x8b\xad\xfa\xfa\x8e\x5b\xd7\x37\xc8\x32\x3e\x96\xc2\x3e\xf4\x43\xda\x7d\x91\x02\x0f\xb7\xbc\xf8\xef\x8f\xf7\x41\x00\x5e\x96\xdf\x0f\x08\x96\xdc\xea\xb2\xe9\x06\x82\xaf\xd2\x2f"; unsigned char dsa_x[] = - "\x4b\x9f\xeb\xff\x6c\x9a\x02\x83\x41\x5e\x37\x81\x8e\x00\x86\x31\xe8\xb6\x9b\xc1"; + "\x4b\x9f\xeb\xff\x6c\x9a\x02\x83\x41\x5e\x37\x81\x8e\x00\x86\x31\xe8\xb6\x9b\xc1"; unsigned char rsa_m[] = - "\x00\xbb\x66\x43\xf5\xf2\xc5\xd7\xb6\x8c\xcc\xc5\xdf\xf5\x88\x3b\xb1\xc9\x4b\x6a\x0e\xa1\xad\x20\x50\x40\x08\x80\xa1\x4f\x5c\xa3\xd0\xf8\x6c\xcf\xe6\x3c\xf7\xec\x04\x76\x13\x17\x8b\x64\x89\x22\x5b\xc0\xdd\x53\x7c\x3b\xed\x7c\x04\xbb\x80\xb9\x28\xbe\x8e\x9b\xc6\x8e\xa0\xa5\x12\xcb\xf5\x57\x1e\xa2\xe7\xbb\xb7\x33\x49\x9f\xe3\xbb\x4a\xae\x6a\x4d\x68\xff\xc9\x11\xe2\x32\x8d\xce\x3d\x80\x0b\x8d\x75\xef\xd8\x00\x81\x8f\x28\x04\x03\xa0\x22\x8d\x61\x04\x07\xfa\xb6\x37\x7d\x21\x07\x49\xd2\x09\x61\x69\x98\x90\xa3\x58\xa9"; + "\x00\xbb\x66\x43\xf5\xf2\xc5\xd7\xb6\x8c\xcc\xc5\xdf\xf5\x88\x3b\xb1\xc9\x4b\x6a\x0e\xa1\xad\x20\x50\x40\x08\x80\xa1\x4f\x5c\xa3\xd0\xf8\x6c\xcf\xe6\x3c\xf7\xec\x04\x76\x13\x17\x8b\x64\x89\x22\x5b\xc0\xdd\x53\x7c\x3b\xed\x7c\x04\xbb\x80\xb9\x28\xbe\x8e\x9b\xc6\x8e\xa0\xa5\x12\xcb\xf5\x57\x1e\xa2\xe7\xbb\xb7\x33\x49\x9f\xe3\xbb\x4a\xae\x6a\x4d\x68\xff\xc9\x11\xe2\x32\x8d\xce\x3d\x80\x0b\x8d\x75\xef\xd8\x00\x81\x8f\x28\x04\x03\xa0\x22\x8d\x61\x04\x07\xfa\xb6\x37\x7d\x21\x07\x49\xd2\x09\x61\x69\x98\x90\xa3\x58\xa9"; unsigned char rsa_e[] = "\x01\x00\x01"; unsigned char rsa_d[] = - "\x0e\x99\x80\x44\x6e\x42\x43\x14\xbe\x01\xeb\x0d\x90\x69\xa9\x6a\xe7\xa9\x88\x2c\xf5\x24\x11\x7f\x27\x09\xf2\x89\x7e\xaf\x13\x35\x21\xd1\x8a\x5d\xdf\xd4\x99\xce\xdc\x2b\x0f\x1b\xc5\x3c\x98\xd0\x68\xa5\x65\x8e\x69\x75\xce\x42\x69\x20\x35\x6c\xaa\xf1\xdd\xc9\x57\x6c\x7b\xc3\x3e\x42\x7e\xa1\xc3\x8c\x76\xa7\x9a\xe8\x81\xdb\xe1\x84\x82\xf5\x99\xd5\xa8\xee\x35\x9e\x54\x94\xc5\x44\xa0\x7b\xcc\xb7\x4c\x3e\xcd\xf2\x49\xdb\x5c\x21\x06\x85\xf6\x75\x00\x43\x62\x89\x12\xf9\x5d\x90\xed\xe6\xfd\xb4\x49\x14\x4a\x79\xe2\x4d"; + "\x0e\x99\x80\x44\x6e\x42\x43\x14\xbe\x01\xeb\x0d\x90\x69\xa9\x6a\xe7\xa9\x88\x2c\xf5\x24\x11\x7f\x27\x09\xf2\x89\x7e\xaf\x13\x35\x21\xd1\x8a\x5d\xdf\xd4\x99\xce\xdc\x2b\x0f\x1b\xc5\x3c\x98\xd0\x68\xa5\x65\x8e\x69\x75\xce\x42\x69\x20\x35\x6c\xaa\xf1\xdd\xc9\x57\x6c\x7b\xc3\x3e\x42\x7e\xa1\xc3\x8c\x76\xa7\x9a\xe8\x81\xdb\xe1\x84\x82\xf5\x99\xd5\xa8\xee\x35\x9e\x54\x94\xc5\x44\xa0\x7b\xcc\xb7\x4c\x3e\xcd\xf2\x49\xdb\x5c\x21\x06\x85\xf6\x75\x00\x43\x62\x89\x12\xf9\x5d\x90\xed\xe6\xfd\xb4\x49\x14\x4a\x79\xe2\x4d"; unsigned char rsa_p[] = - "\x00\xd8\xcb\xe4\x65\x4e\x6c\x11\x0f\xa8\x72\xed\x4b\x4c\x8d\x1d\x07\xdc\x24\x99\x25\xe4\x3c\xb2\xf3\x02\xc4\x72\xe6\x3a\x5b\x86\xf4\x7d\x54\x2a\x4e\x79\x64\x16\x1f\x45\x3b\x17\x9e\x2a\x94\x90\x90\x59\xe7\x0b\x95\xd4\xbf\xa9\x47\xd1\x0a\x71\xaf\x3d\x6b\xed\x55"; + "\x00\xd8\xcb\xe4\x65\x4e\x6c\x11\x0f\xa8\x72\xed\x4b\x4c\x8d\x1d\x07\xdc\x24\x99\x25\xe4\x3c\xb2\xf3\x02\xc4\x72\xe6\x3a\x5b\x86\xf4\x7d\x54\x2a\x4e\x79\x64\x16\x1f\x45\x3b\x17\x9e\x2a\x94\x90\x90\x59\xe7\x0b\x95\xd4\xbf\xa9\x47\xd1\x0a\x71\xaf\x3d\x6b\xed\x55"; unsigned char rsa_q[] = - "\x00\xdd\x49\x81\x7a\x5c\x04\xbf\x6b\xbd\x70\x05\x35\x42\x32\xa3\x9b\x08\xee\xd4\x98\x17\x6e\xb8\xc4\xa2\x12\xbe\xdc\x1e\x72\xd0\x44\x84\x5c\xf0\x30\x35\x04\xfd\x4e\xb0\xcc\xd6\x6f\x40\xcb\x16\x13\x58\xbc\x57\xf7\x77\x48\xe5\x0c\x0d\x14\x9b\x66\x6e\xd8\xde\x05"; + "\x00\xdd\x49\x81\x7a\x5c\x04\xbf\x6b\xbd\x70\x05\x35\x42\x32\xa3\x9b\x08\xee\xd4\x98\x17\x6e\xb8\xc4\xa2\x12\xbe\xdc\x1e\x72\xd0\x44\x84\x5c\xf0\x30\x35\x04\xfd\x4e\xb0\xcc\xd6\x6f\x40\xcb\x16\x13\x58\xbc\x57\xf7\x77\x48\xe5\x0c\x0d\x14\x9b\x66\x6e\xd8\xde\x05"; unsigned char rsa_u[] = - "\x4a\x74\x5c\x95\x83\x54\xa3\xb0\x71\x35\xba\x02\x3a\x7d\x4a\x8c\x2d\x9a\x26\x77\x60\x36\x28\xd4\xb1\x7d\x8a\x06\xf8\x89\xa2\xef\xb1\x66\x46\x7d\xb9\xd4\xde\xbc\xa3\xbe\x46\xfa\x62\xe1\x63\x82\xdc\xdb\x64\x36\x47\x59\x00\xa8\xf3\xf7\x0e\xb4\xe0\x66\x3d\xd9"; + "\x4a\x74\x5c\x95\x83\x54\xa3\xb0\x71\x35\xba\x02\x3a\x7d\x4a\x8c\x2d\x9a\x26\x77\x60\x36\x28\xd4\xb1\x7d\x8a\x06\xf8\x89\xa2\xef\xb1\x66\x46\x7d\xb9\xd4\xde\xbc\xa3\xbe\x46\xfa\x62\xe1\x63\x82\xdc\xdb\x64\x36\x47\x59\x00\xa8\xf3\xf7\x0e\xb4\xe0\x66\x3d\xd9"; unsigned char rsa_e1[] = - "\x45\x20\x96\x5e\x1b\x28\x68\x34\x46\xf1\x06\x6b\x09\x28\xc1\xc5\xfc\xd3\x0a\xa6\x43\x65\x7b\x65\xf3\x4e\xf2\x98\x28\xa9\x80\x99\xba\xd0\xb8\x80\xb7\x42\x4b\xaf\x82\xe2\xb9\xc0\x2c\x31\x9c\xfa\xfa\x3f\xaa\xb9\x06\xd2\x6a\x46\xc5\x08\x00\x81\xf1\x22\xd5\xd5"; + "\x45\x20\x96\x5e\x1b\x28\x68\x34\x46\xf1\x06\x6b\x09\x28\xc1\xc5\xfc\xd3\x0a\xa6\x43\x65\x7b\x65\xf3\x4e\xf2\x98\x28\xa9\x80\x99\xba\xd0\xb8\x80\xb7\x42\x4b\xaf\x82\xe2\xb9\xc0\x2c\x31\x9c\xfa\xfa\x3f\xaa\xb9\x06\xd2\x6a\x46\xc5\x08\x00\x81\xf1\x22\xd5\xd5"; unsigned char rsa_e2[] = - "\x00\xa6\x50\x60\xa7\xfe\x10\xf3\x6d\x9e\x6b\x5a\xfe\xb4\x4a\x2a\xfc\x92\xb2\x2d\xc6\x41\x96\x4d\xf8\x3b\x77\xab\x4a\xf4\xf7\x85\xe0\x79\x3b\x00\xaa\xba\xae\x8d\x53\x5f\x3e\x14\xcc\x78\xfe\x2a\x11\x50\x57\xfe\x25\x57\xd9\xc9\x8c\x4d\x28\x77\xc3\x7c\xfc\x31\xa1"; + "\x00\xa6\x50\x60\xa7\xfe\x10\xf3\x6d\x9e\x6b\x5a\xfe\xb4\x4a\x2a\xfc\x92\xb2\x2d\xc6\x41\x96\x4d\xf8\x3b\x77\xab\x4a\xf4\xf7\x85\xe0\x79\x3b\x00\xaa\xba\xae\x8d\x53\x5f\x3e\x14\xcc\x78\xfe\x2a\x11\x50\x57\xfe\x25\x57\xd9\xc9\x8c\x4d\x28\x77\xc3\x7c\xfc\x31\xa1"; unsigned char ecc_x[] = - "\x3c\x15\x6f\x1d\x48\x3e\x64\x59\x13\x2c\x6d\x04\x1a\x38\x0d\x30\x5c\xe4\x3f\x55\xcb\xd9\x17\x15\x46\x72\x71\x92\xc1\xf8\xc6\x33"; + "\x3c\x15\x6f\x1d\x48\x3e\x64\x59\x13\x2c\x6d\x04\x1a\x38\x0d\x30\x5c\xe4\x3f\x55\xcb\xd9\x17\x15\x46\x72\x71\x92\xc1\xf8\xc6\x33"; unsigned char ecc_y[] = - "\x3d\x04\x2e\xc8\xc1\x0f\xc0\x50\x04\x7b\x9f\xc9\x48\xb5\x40\xfa\x6f\x93\x82\x59\x61\x5e\x72\x57\xcb\x83\x06\xbd\xcc\x82\x94\xc1"; + "\x3d\x04\x2e\xc8\xc1\x0f\xc0\x50\x04\x7b\x9f\xc9\x48\xb5\x40\xfa\x6f\x93\x82\x59\x61\x5e\x72\x57\xcb\x83\x06\xbd\xcc\x82\x94\xc1"; unsigned char ecc_k[] = - "\x00\xfd\x2b\x00\x80\xf3\x36\x5f\x11\x32\x65\xe3\x8d\x30\x33\x3b\x47\xf5\xce\xf8\x13\xe5\x4c\xc2\xcf\xfd\xe8\x05\x6a\xca\xc9\x41\xb1"; + "\x00\xfd\x2b\x00\x80\xf3\x36\x5f\x11\x32\x65\xe3\x8d\x30\x33\x3b\x47\xf5\xce\xf8\x13\xe5\x4c\xc2\xcf\xfd\xe8\x05\x6a\xca\xc9\x41\xb1"; unsigned char false_ed25519_x[] = - "\xac\xac\x9a\xb3\xc3\x41\x8d\x41\x22\x21\xc1\x84\xa7\xb8\x70\xfb\x44\x6e\xc7\x7e\x20\x87\x7b\xd9\x22\xa4\x5d\xd2\x97\x09\xd5\x48"; + "\xac\xac\x9a\xb3\xc3\x41\x8d\x41\x22\x21\xc1\x84\xa7\xb8\x70\xfb\x44\x6e\xc7\x7e\x20\x87\x7b\xd9\x22\xa4\x5d\xd2\x97\x09\xd5\x48"; unsigned char ed25519_x[] = - "\xab\xaf\x98\xb3\xc3\x41\x8d\x41\x22\x21\xc1\x86\xa7\xb8\x70\xfb\x44\x6e\xc7\x7e\x20\x87\x7b\xd9\x22\xa4\x5d\xd2\x97\x09\xd5\x48"; + "\xab\xaf\x98\xb3\xc3\x41\x8d\x41\x22\x21\xc1\x86\xa7\xb8\x70\xfb\x44\x6e\xc7\x7e\x20\x87\x7b\xd9\x22\xa4\x5d\xd2\x97\x09\xd5\x48"; unsigned char ed25519_k[] = - "\x1c\xa9\x23\xdc\x35\xa8\xfd\xd6\x2d\xa8\x98\xb9\x60\x7b\xce\x10\x3d\xf4\x64\xc6\xe5\x4b\x0a\x65\x56\x6a\x3c\x73\x65\x51\xa2\x2f"; + "\x1c\xa9\x23\xdc\x35\xa8\xfd\xd6\x2d\xa8\x98\xb9\x60\x7b\xce\x10\x3d\xf4\x64\xc6\xe5\x4b\x0a\x65\x56\x6a\x3c\x73\x65\x51\xa2\x2f"; unsigned char gost_x[] = - "\xd0\xbb\xe9\xf4\xc6\xa8\x60\x3c\x73\x91\x44\x55\xcf\xbd\x50\xdd\x2c\x3d\x5a\xbc\x1a\xd8\x5e\x3c\xdf\x10\xdd\xd2\x63\x88\x0f\xc0"; + "\xd0\xbb\xe9\xf4\xc6\xa8\x60\x3c\x73\x91\x44\x55\xcf\xbd\x50\xdd\x2c\x3d\x5a\xbc\x1a\xd8\x5e\x3c\xdf\x10\xdd\xd2\x63\x88\x0f\xc0"; unsigned char gost_y[] = - "\x8a\xec\x96\x3c\x0b\xc8\x33\xff\x57\x5f\x66\x78\x94\x39\xb4\xf5\x24\xc6\xba\x86\x41\xac\x43\x21\x6f\x3c\xb0\xfa\x56\xbd\x5b\x37"; + "\x8a\xec\x96\x3c\x0b\xc8\x33\xff\x57\x5f\x66\x78\x94\x39\xb4\xf5\x24\xc6\xba\x86\x41\xac\x43\x21\x6f\x3c\xb0\xfa\x56\xbd\x5b\x37"; unsigned char gost_k[] = - "\x47\x59\x41\x2c\x8a\xf8\x58\x1a\x67\xe0\xc3\x82\x1f\xca\x31\x19\x66\xf9\xd8\x43\xcd\x2f\x78\x23\x34\x98\x90\xb8\x14\x2e\x7f\xa5"; + "\x47\x59\x41\x2c\x8a\xf8\x58\x1a\x67\xe0\xc3\x82\x1f\xca\x31\x19\x66\xf9\xd8\x43\xcd\x2f\x78\x23\x34\x98\x90\xb8\x14\x2e\x7f\xa5"; gnutls_datum_t _dsa_p = { dsa_p, sizeof(dsa_p) - 1 }; gnutls_datum_t _dsa_q = { dsa_q, sizeof(dsa_q) - 1 }; @@ -98,8 +98,8 @@ gnutls_datum_t _ecc_x = { ecc_x, sizeof(ecc_x) - 1 }; gnutls_datum_t _ecc_y = { ecc_y, sizeof(ecc_y) - 1 }; gnutls_datum_t _ecc_k = { ecc_k, sizeof(ecc_k) - 1 }; -gnutls_datum_t _false_ed25519_x = - { false_ed25519_x, sizeof(false_ed25519_x) - 1 }; +gnutls_datum_t _false_ed25519_x = { false_ed25519_x, + sizeof(false_ed25519_x) - 1 }; gnutls_datum_t _ed25519_x = { ed25519_x, sizeof(ed25519_x) - 1 }; gnutls_datum_t _ed25519_k = { ed25519_k, sizeof(ed25519_k) - 1 }; @@ -107,8 +107,7 @@ gnutls_datum_t _gost_x = { gost_x, sizeof(gost_x) - 1 }; gnutls_datum_t _gost_y = { gost_y, sizeof(gost_y) - 1 }; gnutls_datum_t _gost_k = { gost_k, sizeof(gost_k) - 1 }; -static -int check_dsa(void) +static int check_dsa(void) { gnutls_x509_privkey_t key; gnutls_datum_t out; @@ -120,15 +119,13 @@ int check_dsa(void) if (ret < 0) fail("error\n"); - ret = - gnutls_x509_privkey_import_dsa_raw(key, &_dsa_p, &_dsa_q, &_dsa_g, - &_dsa_y, &_dsa_x); + ret = gnutls_x509_privkey_import_dsa_raw(key, &_dsa_p, &_dsa_q, &_dsa_g, + &_dsa_y, &_dsa_x); if (ret < 0) fail("error\n"); - ret = - gnutls_x509_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_DER, NULL, 0, - &out); + ret = gnutls_x509_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_DER, NULL, + 0, &out); if (ret < 0 || out.size == 0) fail("error in pkcs8 export\n"); gnutls_free(out.data); @@ -138,8 +135,7 @@ int check_dsa(void) return 0; } -static -int check_rsa(void) +static int check_rsa(void) { gnutls_x509_privkey_t key; gnutls_datum_t out; @@ -152,16 +148,14 @@ int check_rsa(void) if (ret < 0) fail("error\n"); - ret = - gnutls_x509_privkey_import_rsa_raw2(key, &_rsa_m, &_rsa_e, &_rsa_d, - &_rsa_p, &_rsa_q, &_rsa_u, - &_rsa_e1, &_rsa_e2); + ret = gnutls_x509_privkey_import_rsa_raw2(key, &_rsa_m, &_rsa_e, + &_rsa_d, &_rsa_p, &_rsa_q, + &_rsa_u, &_rsa_e1, &_rsa_e2); if (ret < 0) fail("error\n"); - ret = - gnutls_x509_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_DER, NULL, 0, - &out); + ret = gnutls_x509_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_DER, NULL, + 0, &out); if (ret < 0 || out.size == 0) fail("error in pkcs8 export\n"); gnutls_free(out.data); @@ -171,8 +165,7 @@ int check_rsa(void) return 0; } -static -int check_ed25519(void) +static int check_ed25519(void) { gnutls_x509_privkey_t key; gnutls_datum_t out; @@ -185,15 +178,13 @@ int check_ed25519(void) if (ret < 0) fail("error\n"); - ret = - gnutls_x509_privkey_import_ecc_raw(key, GNUTLS_ECC_CURVE_ED25519, - &_ed25519_x, NULL, &_ed25519_k); + ret = gnutls_x509_privkey_import_ecc_raw( + key, GNUTLS_ECC_CURVE_ED25519, &_ed25519_x, NULL, &_ed25519_k); if (ret < 0) fail("error\n"); - ret = - gnutls_x509_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_DER, NULL, 0, - &out); + ret = gnutls_x509_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_DER, NULL, + 0, &out); if (ret < 0 || out.size == 0) fail("error in pkcs8 export\n"); gnutls_free(out.data); @@ -203,8 +194,7 @@ int check_ed25519(void) return 0; } -static -int check_gost(void) +static int check_gost(void) { #ifdef ENABLE_GOST gnutls_x509_privkey_t key; @@ -218,18 +208,14 @@ int check_gost(void) if (ret < 0) fail("error\n"); - ret = - gnutls_x509_privkey_import_gost_raw(key, - GNUTLS_ECC_CURVE_GOST256CPXA, - GNUTLS_DIG_GOSTR_94, - GNUTLS_GOST_PARAMSET_CP_A, - &_gost_x, &_gost_y, &_gost_k); + ret = gnutls_x509_privkey_import_gost_raw( + key, GNUTLS_ECC_CURVE_GOST256CPXA, GNUTLS_DIG_GOSTR_94, + GNUTLS_GOST_PARAMSET_CP_A, &_gost_x, &_gost_y, &_gost_k); if (ret < 0) fail("error\n"); - ret = - gnutls_x509_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_DER, NULL, 0, - &out); + ret = gnutls_x509_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_DER, NULL, + 0, &out); if (ret < 0 || out.size == 0) fail("error in pkcs8 export\n"); gnutls_free(out.data); @@ -240,8 +226,7 @@ int check_gost(void) return 0; } -static -int check_ecc(void) +static int check_ecc(void) { gnutls_x509_privkey_t key; gnutls_datum_t out; @@ -254,15 +239,13 @@ int check_ecc(void) if (ret < 0) fail("error\n"); - ret = - gnutls_x509_privkey_import_ecc_raw(key, GNUTLS_ECC_CURVE_SECP256R1, - &_ecc_x, &_ecc_y, &_ecc_k); + ret = gnutls_x509_privkey_import_ecc_raw( + key, GNUTLS_ECC_CURVE_SECP256R1, &_ecc_x, &_ecc_y, &_ecc_k); if (ret < 0) fail("error\n"); - ret = - gnutls_x509_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_PEM, NULL, 0, - &out); + ret = gnutls_x509_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_PEM, NULL, + 0, &out); if (ret < 0 || out.size == 0) fail("error in pkcs8 export\n"); diff --git a/tests/key-import-export.c b/tests/key-import-export.c index fcc0c4f54f..cec48e92e8 100644 --- a/tests/key-import-export.c +++ b/tests/key-import-export.c @@ -18,7 +18,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,25 +35,23 @@ #include "cert-common.h" static char rsa_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" - "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" - "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" - "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" - "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" - "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" - "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" - "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" - "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" - "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" - "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" - "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" - "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t rsa_key = { (void *)rsa_key_pem, - sizeof(rsa_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" + "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" + "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" + "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" + "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" + "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" + "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" + "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" + "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" + "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" + "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" + "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" + "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t rsa_key = { (void *)rsa_key_pem, sizeof(rsa_key_pem) }; static void dump(const char *name, unsigned char *buf, int buf_size) { @@ -65,52 +63,52 @@ static void dump(const char *name, unsigned char *buf, int buf_size) } unsigned char dsa_p[] = - "\x00\xb9\x84\xf5\x5a\x81\xbe\x1a\x0d\xc5\x8a\x73\x8f\x0c\x9b\x2f\x9b\xb6\x0e\x4b\xc3\x74\x1a\x7f\x64\xad\x9d\xf3\x28\xc5\xa0\x47\xbc\x9b\x57\x56\xf1\x97\xd5\x7e\x37\x03\xe9\xf2\x4c\xf4\xe3\x8b\x7f\x30\xa3\x5d\x2f\xbb\xa1\xa2\x37\xc2\xea\x35\x8f\x1f\xb1\x5f\xa6\xa2\x5f\x01\xf1\x23\x36\x2b\xe4\x4f\x2f\x2d\xdd\x9d\xd5\x3a\xa6\x39\xaf\x7a\x51\x7c\xd2\x25\x8e\x97\x74\xcf\x1e\xc5\x7b\x4b\x76\x43\x81\x07\x1f\x06\x14\xb8\x6e\x58\x12\xe1\x90\xe2\x37\x6f\xd2\x1b\xec\x68\xc5\x58\xe2\xe6\x30\xe0\x6a\x5e\x2c\x63\x78\xec\x07"; + "\x00\xb9\x84\xf5\x5a\x81\xbe\x1a\x0d\xc5\x8a\x73\x8f\x0c\x9b\x2f\x9b\xb6\x0e\x4b\xc3\x74\x1a\x7f\x64\xad\x9d\xf3\x28\xc5\xa0\x47\xbc\x9b\x57\x56\xf1\x97\xd5\x7e\x37\x03\xe9\xf2\x4c\xf4\xe3\x8b\x7f\x30\xa3\x5d\x2f\xbb\xa1\xa2\x37\xc2\xea\x35\x8f\x1f\xb1\x5f\xa6\xa2\x5f\x01\xf1\x23\x36\x2b\xe4\x4f\x2f\x2d\xdd\x9d\xd5\x3a\xa6\x39\xaf\x7a\x51\x7c\xd2\x25\x8e\x97\x74\xcf\x1e\xc5\x7b\x4b\x76\x43\x81\x07\x1f\x06\x14\xb8\x6e\x58\x12\xe1\x90\xe2\x37\x6f\xd2\x1b\xec\x68\xc5\x58\xe2\xe6\x30\xe0\x6a\x5e\x2c\x63\x78\xec\x07"; unsigned char dsa_q[] = - "\x00\x9f\x56\x8c\x48\x64\x2f\xfe\x8d\xaa\x7a\x6d\x96\xdb\x04\x5d\x16\xef\x08\xa5\x71"; + "\x00\x9f\x56\x8c\x48\x64\x2f\xfe\x8d\xaa\x7a\x6d\x96\xdb\x04\x5d\x16\xef\x08\xa5\x71"; unsigned char dsa_g[] = - "\x62\x06\x7e\xe4\x5c\x76\x08\xb7\x46\x1a\x5d\xd7\x97\xd4\x2a\x21\xfb\x1f\x31\xc9\xd2\xf4\xfa\x39\xd8\x27\xd1\x9b\xfc\x27\x5d\xa7\x0a\xa7\x1a\xfc\x53\xc1\x2f\x43\xc2\x37\xc8\x85\x7f\x3d\x4c\xab\x5d\x81\x32\xfb\x1d\x5e\x1e\x54\x11\x16\x20\xc6\x80\x5a\xd9\x8c\x9b\x43\xf0\xdd\x6b\xa0\xf4\xc3\xf2\x8a\x9c\x39\xd2\x1c\x7b\x0f\xef\xfa\x28\x93\x8f\xd2\xa1\x22\xeb\xdc\xe0\x8a\x8b\xad\x28\x0e\xcf\xef\x09\x85\xe9\x36\xbd\x8b\x7a\x50\xd5\x7b\xf7\x25\x0d\x6c\x60\x11\xc4\xef\x70\x90\xcf\xd6\x1b\xeb\xbb\x8e\xc6\x3e\x3a\x97"; + "\x62\x06\x7e\xe4\x5c\x76\x08\xb7\x46\x1a\x5d\xd7\x97\xd4\x2a\x21\xfb\x1f\x31\xc9\xd2\xf4\xfa\x39\xd8\x27\xd1\x9b\xfc\x27\x5d\xa7\x0a\xa7\x1a\xfc\x53\xc1\x2f\x43\xc2\x37\xc8\x85\x7f\x3d\x4c\xab\x5d\x81\x32\xfb\x1d\x5e\x1e\x54\x11\x16\x20\xc6\x80\x5a\xd9\x8c\x9b\x43\xf0\xdd\x6b\xa0\xf4\xc3\xf2\x8a\x9c\x39\xd2\x1c\x7b\x0f\xef\xfa\x28\x93\x8f\xd2\xa1\x22\xeb\xdc\xe0\x8a\x8b\xad\x28\x0e\xcf\xef\x09\x85\xe9\x36\xbd\x8b\x7a\x50\xd5\x7b\xf7\x25\x0d\x6c\x60\x11\xc4\xef\x70\x90\xcf\xd6\x1b\xeb\xbb\x8e\xc6\x3e\x3a\x97"; unsigned char dsa_y[] = - "\x0f\x8a\x87\x57\xf2\xd1\xc2\xdc\xac\xdf\x4b\x8b\x0f\x8b\xba\x29\xf7\xe1\x03\xe4\x55\xfa\xb2\x98\x07\xd6\xfd\x12\xb1\x80\xbc\xf5\xba\xb4\x50\xd4\x7f\xa0\x0e\x43\xe7\x9f\xc9\x78\x11\x5f\xe5\xe4\x0c\x2c\x6b\x6a\xa4\x35\xdc\xbd\x54\xe5\x60\x36\x9a\x31\xd1\x8a\x59\x6e\x6b\x1c\xba\xbd\x2e\xba\xeb\x7c\x87\xef\xda\xc8\xdd\xa1\xeb\xa4\x83\xe6\x8b\xad\xfa\xfa\x8e\x5b\xd7\x37\xc8\x32\x3e\x96\xc2\x3e\xf4\x43\xda\x7d\x91\x02\x0f\xb7\xbc\xf8\xef\x8f\xf7\x41\x00\x5e\x96\xdf\x0f\x08\x96\xdc\xea\xb2\xe9\x06\x82\xaf\xd2\x2f"; + "\x0f\x8a\x87\x57\xf2\xd1\xc2\xdc\xac\xdf\x4b\x8b\x0f\x8b\xba\x29\xf7\xe1\x03\xe4\x55\xfa\xb2\x98\x07\xd6\xfd\x12\xb1\x80\xbc\xf5\xba\xb4\x50\xd4\x7f\xa0\x0e\x43\xe7\x9f\xc9\x78\x11\x5f\xe5\xe4\x0c\x2c\x6b\x6a\xa4\x35\xdc\xbd\x54\xe5\x60\x36\x9a\x31\xd1\x8a\x59\x6e\x6b\x1c\xba\xbd\x2e\xba\xeb\x7c\x87\xef\xda\xc8\xdd\xa1\xeb\xa4\x83\xe6\x8b\xad\xfa\xfa\x8e\x5b\xd7\x37\xc8\x32\x3e\x96\xc2\x3e\xf4\x43\xda\x7d\x91\x02\x0f\xb7\xbc\xf8\xef\x8f\xf7\x41\x00\x5e\x96\xdf\x0f\x08\x96\xdc\xea\xb2\xe9\x06\x82\xaf\xd2\x2f"; unsigned char dsa_x[] = - "\x4b\x9f\xeb\xff\x6c\x9a\x02\x83\x41\x5e\x37\x81\x8e\x00\x86\x31\xe8\xb6\x9b\xc1"; + "\x4b\x9f\xeb\xff\x6c\x9a\x02\x83\x41\x5e\x37\x81\x8e\x00\x86\x31\xe8\xb6\x9b\xc1"; unsigned char rsa_m[] = - "\x00\xbb\x66\x43\xf5\xf2\xc5\xd7\xb6\x8c\xcc\xc5\xdf\xf5\x88\x3b\xb1\xc9\x4b\x6a\x0e\xa1\xad\x20\x50\x40\x08\x80\xa1\x4f\x5c\xa3\xd0\xf8\x6c\xcf\xe6\x3c\xf7\xec\x04\x76\x13\x17\x8b\x64\x89\x22\x5b\xc0\xdd\x53\x7c\x3b\xed\x7c\x04\xbb\x80\xb9\x28\xbe\x8e\x9b\xc6\x8e\xa0\xa5\x12\xcb\xf5\x57\x1e\xa2\xe7\xbb\xb7\x33\x49\x9f\xe3\xbb\x4a\xae\x6a\x4d\x68\xff\xc9\x11\xe2\x32\x8d\xce\x3d\x80\x0b\x8d\x75\xef\xd8\x00\x81\x8f\x28\x04\x03\xa0\x22\x8d\x61\x04\x07\xfa\xb6\x37\x7d\x21\x07\x49\xd2\x09\x61\x69\x98\x90\xa3\x58\xa9"; + "\x00\xbb\x66\x43\xf5\xf2\xc5\xd7\xb6\x8c\xcc\xc5\xdf\xf5\x88\x3b\xb1\xc9\x4b\x6a\x0e\xa1\xad\x20\x50\x40\x08\x80\xa1\x4f\x5c\xa3\xd0\xf8\x6c\xcf\xe6\x3c\xf7\xec\x04\x76\x13\x17\x8b\x64\x89\x22\x5b\xc0\xdd\x53\x7c\x3b\xed\x7c\x04\xbb\x80\xb9\x28\xbe\x8e\x9b\xc6\x8e\xa0\xa5\x12\xcb\xf5\x57\x1e\xa2\xe7\xbb\xb7\x33\x49\x9f\xe3\xbb\x4a\xae\x6a\x4d\x68\xff\xc9\x11\xe2\x32\x8d\xce\x3d\x80\x0b\x8d\x75\xef\xd8\x00\x81\x8f\x28\x04\x03\xa0\x22\x8d\x61\x04\x07\xfa\xb6\x37\x7d\x21\x07\x49\xd2\x09\x61\x69\x98\x90\xa3\x58\xa9"; unsigned char rsa_e[] = "\x01\x00\x01"; unsigned char rsa_d[] = - "\x0e\x99\x80\x44\x6e\x42\x43\x14\xbe\x01\xeb\x0d\x90\x69\xa9\x6a\xe7\xa9\x88\x2c\xf5\x24\x11\x7f\x27\x09\xf2\x89\x7e\xaf\x13\x35\x21\xd1\x8a\x5d\xdf\xd4\x99\xce\xdc\x2b\x0f\x1b\xc5\x3c\x98\xd0\x68\xa5\x65\x8e\x69\x75\xce\x42\x69\x20\x35\x6c\xaa\xf1\xdd\xc9\x57\x6c\x7b\xc3\x3e\x42\x7e\xa1\xc3\x8c\x76\xa7\x9a\xe8\x81\xdb\xe1\x84\x82\xf5\x99\xd5\xa8\xee\x35\x9e\x54\x94\xc5\x44\xa0\x7b\xcc\xb7\x4c\x3e\xcd\xf2\x49\xdb\x5c\x21\x06\x85\xf6\x75\x00\x43\x62\x89\x12\xf9\x5d\x90\xed\xe6\xfd\xb4\x49\x14\x4a\x79\xe2\x4d"; + "\x0e\x99\x80\x44\x6e\x42\x43\x14\xbe\x01\xeb\x0d\x90\x69\xa9\x6a\xe7\xa9\x88\x2c\xf5\x24\x11\x7f\x27\x09\xf2\x89\x7e\xaf\x13\x35\x21\xd1\x8a\x5d\xdf\xd4\x99\xce\xdc\x2b\x0f\x1b\xc5\x3c\x98\xd0\x68\xa5\x65\x8e\x69\x75\xce\x42\x69\x20\x35\x6c\xaa\xf1\xdd\xc9\x57\x6c\x7b\xc3\x3e\x42\x7e\xa1\xc3\x8c\x76\xa7\x9a\xe8\x81\xdb\xe1\x84\x82\xf5\x99\xd5\xa8\xee\x35\x9e\x54\x94\xc5\x44\xa0\x7b\xcc\xb7\x4c\x3e\xcd\xf2\x49\xdb\x5c\x21\x06\x85\xf6\x75\x00\x43\x62\x89\x12\xf9\x5d\x90\xed\xe6\xfd\xb4\x49\x14\x4a\x79\xe2\x4d"; unsigned char rsa_p[] = - "\x00\xd8\xcb\xe4\x65\x4e\x6c\x11\x0f\xa8\x72\xed\x4b\x4c\x8d\x1d\x07\xdc\x24\x99\x25\xe4\x3c\xb2\xf3\x02\xc4\x72\xe6\x3a\x5b\x86\xf4\x7d\x54\x2a\x4e\x79\x64\x16\x1f\x45\x3b\x17\x9e\x2a\x94\x90\x90\x59\xe7\x0b\x95\xd4\xbf\xa9\x47\xd1\x0a\x71\xaf\x3d\x6b\xed\x55"; + "\x00\xd8\xcb\xe4\x65\x4e\x6c\x11\x0f\xa8\x72\xed\x4b\x4c\x8d\x1d\x07\xdc\x24\x99\x25\xe4\x3c\xb2\xf3\x02\xc4\x72\xe6\x3a\x5b\x86\xf4\x7d\x54\x2a\x4e\x79\x64\x16\x1f\x45\x3b\x17\x9e\x2a\x94\x90\x90\x59\xe7\x0b\x95\xd4\xbf\xa9\x47\xd1\x0a\x71\xaf\x3d\x6b\xed\x55"; unsigned char rsa_q[] = - "\x00\xdd\x49\x81\x7a\x5c\x04\xbf\x6b\xbd\x70\x05\x35\x42\x32\xa3\x9b\x08\xee\xd4\x98\x17\x6e\xb8\xc4\xa2\x12\xbe\xdc\x1e\x72\xd0\x44\x84\x5c\xf0\x30\x35\x04\xfd\x4e\xb0\xcc\xd6\x6f\x40\xcb\x16\x13\x58\xbc\x57\xf7\x77\x48\xe5\x0c\x0d\x14\x9b\x66\x6e\xd8\xde\x05"; + "\x00\xdd\x49\x81\x7a\x5c\x04\xbf\x6b\xbd\x70\x05\x35\x42\x32\xa3\x9b\x08\xee\xd4\x98\x17\x6e\xb8\xc4\xa2\x12\xbe\xdc\x1e\x72\xd0\x44\x84\x5c\xf0\x30\x35\x04\xfd\x4e\xb0\xcc\xd6\x6f\x40\xcb\x16\x13\x58\xbc\x57\xf7\x77\x48\xe5\x0c\x0d\x14\x9b\x66\x6e\xd8\xde\x05"; unsigned char rsa_u[] = - "\x4a\x74\x5c\x95\x83\x54\xa3\xb0\x71\x35\xba\x02\x3a\x7d\x4a\x8c\x2d\x9a\x26\x77\x60\x36\x28\xd4\xb1\x7d\x8a\x06\xf8\x89\xa2\xef\xb1\x66\x46\x7d\xb9\xd4\xde\xbc\xa3\xbe\x46\xfa\x62\xe1\x63\x82\xdc\xdb\x64\x36\x47\x59\x00\xa8\xf3\xf7\x0e\xb4\xe0\x66\x3d\xd9"; + "\x4a\x74\x5c\x95\x83\x54\xa3\xb0\x71\x35\xba\x02\x3a\x7d\x4a\x8c\x2d\x9a\x26\x77\x60\x36\x28\xd4\xb1\x7d\x8a\x06\xf8\x89\xa2\xef\xb1\x66\x46\x7d\xb9\xd4\xde\xbc\xa3\xbe\x46\xfa\x62\xe1\x63\x82\xdc\xdb\x64\x36\x47\x59\x00\xa8\xf3\xf7\x0e\xb4\xe0\x66\x3d\xd9"; unsigned char rsa_e1[] = - "\x45\x20\x96\x5e\x1b\x28\x68\x34\x46\xf1\x06\x6b\x09\x28\xc1\xc5\xfc\xd3\x0a\xa6\x43\x65\x7b\x65\xf3\x4e\xf2\x98\x28\xa9\x80\x99\xba\xd0\xb8\x80\xb7\x42\x4b\xaf\x82\xe2\xb9\xc0\x2c\x31\x9c\xfa\xfa\x3f\xaa\xb9\x06\xd2\x6a\x46\xc5\x08\x00\x81\xf1\x22\xd5\xd5"; + "\x45\x20\x96\x5e\x1b\x28\x68\x34\x46\xf1\x06\x6b\x09\x28\xc1\xc5\xfc\xd3\x0a\xa6\x43\x65\x7b\x65\xf3\x4e\xf2\x98\x28\xa9\x80\x99\xba\xd0\xb8\x80\xb7\x42\x4b\xaf\x82\xe2\xb9\xc0\x2c\x31\x9c\xfa\xfa\x3f\xaa\xb9\x06\xd2\x6a\x46\xc5\x08\x00\x81\xf1\x22\xd5\xd5"; unsigned char rsa_e2[] = - "\x00\xa6\x50\x60\xa7\xfe\x10\xf3\x6d\x9e\x6b\x5a\xfe\xb4\x4a\x2a\xfc\x92\xb2\x2d\xc6\x41\x96\x4d\xf8\x3b\x77\xab\x4a\xf4\xf7\x85\xe0\x79\x3b\x00\xaa\xba\xae\x8d\x53\x5f\x3e\x14\xcc\x78\xfe\x2a\x11\x50\x57\xfe\x25\x57\xd9\xc9\x8c\x4d\x28\x77\xc3\x7c\xfc\x31\xa1"; + "\x00\xa6\x50\x60\xa7\xfe\x10\xf3\x6d\x9e\x6b\x5a\xfe\xb4\x4a\x2a\xfc\x92\xb2\x2d\xc6\x41\x96\x4d\xf8\x3b\x77\xab\x4a\xf4\xf7\x85\xe0\x79\x3b\x00\xaa\xba\xae\x8d\x53\x5f\x3e\x14\xcc\x78\xfe\x2a\x11\x50\x57\xfe\x25\x57\xd9\xc9\x8c\x4d\x28\x77\xc3\x7c\xfc\x31\xa1"; unsigned char ecc_x[] = - "\x3c\x15\x6f\x1d\x48\x3e\x64\x59\x13\x2c\x6d\x04\x1a\x38\x0d\x30\x5c\xe4\x3f\x55\xcb\xd9\x17\x15\x46\x72\x71\x92\xc1\xf8\xc6\x33"; + "\x3c\x15\x6f\x1d\x48\x3e\x64\x59\x13\x2c\x6d\x04\x1a\x38\x0d\x30\x5c\xe4\x3f\x55\xcb\xd9\x17\x15\x46\x72\x71\x92\xc1\xf8\xc6\x33"; unsigned char ecc_y[] = - "\x3d\x04\x2e\xc8\xc1\x0f\xc0\x50\x04\x7b\x9f\xc9\x48\xb5\x40\xfa\x6f\x93\x82\x59\x61\x5e\x72\x57\xcb\x83\x06\xbd\xcc\x82\x94\xc1"; + "\x3d\x04\x2e\xc8\xc1\x0f\xc0\x50\x04\x7b\x9f\xc9\x48\xb5\x40\xfa\x6f\x93\x82\x59\x61\x5e\x72\x57\xcb\x83\x06\xbd\xcc\x82\x94\xc1"; unsigned char ecc_k[] = - "\x00\xfd\x2b\x00\x80\xf3\x36\x5f\x11\x32\x65\xe3\x8d\x30\x33\x3b\x47\xf5\xce\xf8\x13\xe5\x4c\xc2\xcf\xfd\xe8\x05\x6a\xca\xc9\x41\xb1"; + "\x00\xfd\x2b\x00\x80\xf3\x36\x5f\x11\x32\x65\xe3\x8d\x30\x33\x3b\x47\xf5\xce\xf8\x13\xe5\x4c\xc2\xcf\xfd\xe8\x05\x6a\xca\xc9\x41\xb1"; unsigned char false_ed25519_x[] = - "\xac\xac\x9a\xb3\xc3\x41\x8d\x41\x22\x21\xc1\x84\xa7\xb8\x70\xfb\x44\x6e\xc7\x7e\x20\x87\x7b\xd9\x22\xa4\x5d\xd2\x97\x09\xd5\x48"; + "\xac\xac\x9a\xb3\xc3\x41\x8d\x41\x22\x21\xc1\x84\xa7\xb8\x70\xfb\x44\x6e\xc7\x7e\x20\x87\x7b\xd9\x22\xa4\x5d\xd2\x97\x09\xd5\x48"; unsigned char ed25519_x[] = - "\xab\xaf\x98\xb3\xc3\x41\x8d\x41\x22\x21\xc1\x86\xa7\xb8\x70\xfb\x44\x6e\xc7\x7e\x20\x87\x7b\xd9\x22\xa4\x5d\xd2\x97\x09\xd5\x48"; + "\xab\xaf\x98\xb3\xc3\x41\x8d\x41\x22\x21\xc1\x86\xa7\xb8\x70\xfb\x44\x6e\xc7\x7e\x20\x87\x7b\xd9\x22\xa4\x5d\xd2\x97\x09\xd5\x48"; unsigned char ed25519_k[] = - "\x1c\xa9\x23\xdc\x35\xa8\xfd\xd6\x2d\xa8\x98\xb9\x60\x7b\xce\x10\x3d\xf4\x64\xc6\xe5\x4b\x0a\x65\x56\x6a\x3c\x73\x65\x51\xa2\x2f"; + "\x1c\xa9\x23\xdc\x35\xa8\xfd\xd6\x2d\xa8\x98\xb9\x60\x7b\xce\x10\x3d\xf4\x64\xc6\xe5\x4b\x0a\x65\x56\x6a\x3c\x73\x65\x51\xa2\x2f"; unsigned char gost_x[] = - "\xd0\xbb\xe9\xf4\xc6\xa8\x60\x3c\x73\x91\x44\x55\xcf\xbd\x50\xdd\x2c\x3d\x5a\xbc\x1a\xd8\x5e\x3c\xdf\x10\xdd\xd2\x63\x88\x0f\xc0"; + "\xd0\xbb\xe9\xf4\xc6\xa8\x60\x3c\x73\x91\x44\x55\xcf\xbd\x50\xdd\x2c\x3d\x5a\xbc\x1a\xd8\x5e\x3c\xdf\x10\xdd\xd2\x63\x88\x0f\xc0"; unsigned char gost_y[] = - "\x8a\xec\x96\x3c\x0b\xc8\x33\xff\x57\x5f\x66\x78\x94\x39\xb4\xf5\x24\xc6\xba\x86\x41\xac\x43\x21\x6f\x3c\xb0\xfa\x56\xbd\x5b\x37"; + "\x8a\xec\x96\x3c\x0b\xc8\x33\xff\x57\x5f\x66\x78\x94\x39\xb4\xf5\x24\xc6\xba\x86\x41\xac\x43\x21\x6f\x3c\xb0\xfa\x56\xbd\x5b\x37"; unsigned char gost_k[] = - "\x47\x59\x41\x2c\x8a\xf8\x58\x1a\x67\xe0\xc3\x82\x1f\xca\x31\x19\x66\xf9\xd8\x43\xcd\x2f\x78\x23\x34\x98\x90\xb8\x14\x2e\x7f\xa5"; + "\x47\x59\x41\x2c\x8a\xf8\x58\x1a\x67\xe0\xc3\x82\x1f\xca\x31\x19\x66\xf9\xd8\x43\xcd\x2f\x78\x23\x34\x98\x90\xb8\x14\x2e\x7f\xa5"; gnutls_datum_t _dsa_p = { dsa_p, sizeof(dsa_p) - 1 }; gnutls_datum_t _dsa_q = { dsa_q, sizeof(dsa_q) - 1 }; @@ -131,8 +129,8 @@ gnutls_datum_t _ecc_x = { ecc_x, sizeof(ecc_x) - 1 }; gnutls_datum_t _ecc_y = { ecc_y, sizeof(ecc_y) - 1 }; gnutls_datum_t _ecc_k = { ecc_k, sizeof(ecc_k) - 1 }; -gnutls_datum_t _false_ed25519_x = - { false_ed25519_x, sizeof(false_ed25519_x) - 1 }; +gnutls_datum_t _false_ed25519_x = { false_ed25519_x, + sizeof(false_ed25519_x) - 1 }; gnutls_datum_t _ed25519_x = { ed25519_x, sizeof(ed25519_x) - 1 }; gnutls_datum_t _ed25519_k = { ed25519_k, sizeof(ed25519_k) - 1 }; @@ -142,12 +140,12 @@ gnutls_datum_t _gost_k = { gost_k, sizeof(gost_k) - 1 }; unsigned char ecc_params[] = "\x06\x08\x2a\x86\x48\xce\x3d\x03\x01\x07"; unsigned char ecc_point[] = - "\x04\x41\x04\x3c\x15\x6f\x1d\x48\x3e\x64\x59\x13\x2c\x6d\x04\x1a\x38\x0d\x30\x5c\xe4\x3f\x55\xcb\xd9\x17\x15\x46\x72\x71\x92\xc1\xf8\xc6\x33\x3d\x04\x2e\xc8\xc1\x0f\xc0\x50\x04\x7b\x9f\xc9\x48\xb5\x40\xfa\x6f\x93\x82\x59\x61\x5e\x72\x57\xcb\x83\x06\xbd\xcc\x82\x94\xc1"; + "\x04\x41\x04\x3c\x15\x6f\x1d\x48\x3e\x64\x59\x13\x2c\x6d\x04\x1a\x38\x0d\x30\x5c\xe4\x3f\x55\xcb\xd9\x17\x15\x46\x72\x71\x92\xc1\xf8\xc6\x33\x3d\x04\x2e\xc8\xc1\x0f\xc0\x50\x04\x7b\x9f\xc9\x48\xb5\x40\xfa\x6f\x93\x82\x59\x61\x5e\x72\x57\xcb\x83\x06\xbd\xcc\x82\x94\xc1"; static int _gnutls_privkey_export2_pkcs8(gnutls_privkey_t key, gnutls_x509_crt_fmt_t f, const char *password, unsigned flags, - gnutls_datum_t * out) + gnutls_datum_t *out) { gnutls_x509_privkey_t xkey; int ret; @@ -164,8 +162,8 @@ static int _gnutls_privkey_export2_pkcs8(gnutls_privkey_t key, return ret; } -#define CMP(name, dat, v) cmp(name, __LINE__, dat, v, sizeof(v)-1) -static int cmp(const char *name, int line, gnutls_datum_t * v1, +#define CMP(name, dat, v) cmp(name, __LINE__, dat, v, sizeof(v) - 1) +static int cmp(const char *name, int line, gnutls_datum_t *v1, unsigned char *v2, unsigned size) { if (size != v1->size) { @@ -185,8 +183,8 @@ static int cmp(const char *name, int line, gnutls_datum_t * v1, } /* leading zero on v2 is ignored */ -#define CMP_NO_LZ(name, dat, v) cmp_no_lz(name, __LINE__, dat, v, sizeof(v)-1) -static int cmp_no_lz(const char *name, int line, gnutls_datum_t * v1, +#define CMP_NO_LZ(name, dat, v) cmp_no_lz(name, __LINE__, dat, v, sizeof(v) - 1) +static int cmp_no_lz(const char *name, int line, gnutls_datum_t *v1, unsigned char *i2, unsigned size) { gnutls_datum_t v2; @@ -214,8 +212,7 @@ static int cmp_no_lz(const char *name, int line, gnutls_datum_t * v1, return 0; } -static -int check_x509_privkey(void) +static int check_x509_privkey(void) { gnutls_x509_privkey_t key; gnutls_datum_t p, q, g, y, x; @@ -258,9 +255,8 @@ int check_x509_privkey(void) if (ret < 0) fail("error\n"); - ret = - gnutls_x509_privkey_export_rsa_raw2(key, &m, &e, &d, &p, &q, &u, - &e1, &e2); + ret = gnutls_x509_privkey_export_rsa_raw2(key, &m, &e, &d, &p, &q, &u, + &e1, &e2); if (ret < 0) fail("error\n"); @@ -287,9 +283,8 @@ int check_x509_privkey(void) if (ret < 0) fail("error\n"); - ret = - gnutls_x509_privkey_import(key, &server_ecc_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import(key, &server_ecc_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("error\n"); @@ -312,19 +307,15 @@ int check_x509_privkey(void) return 0; } -static -int check_privkey_import_export(void) +static int check_privkey_import_export(void) { static const struct rsa_privkey_opt_args { gnutls_datum_t *_u, *_e1, *_e2; } rsa_opt_args[] = { - {NULL, NULL, NULL}, - {NULL, &_rsa_e1, &_rsa_e2}, - {NULL, &_rsa_e1, NULL}, - {NULL, NULL, &_rsa_e2}, - {&_rsa_u, NULL, NULL}, - {&_rsa_u, &_rsa_e1, NULL}, - {&_rsa_u, NULL, &_rsa_e2}, + { NULL, NULL, NULL }, { NULL, &_rsa_e1, &_rsa_e2 }, + { NULL, &_rsa_e1, NULL }, { NULL, NULL, &_rsa_e2 }, + { &_rsa_u, NULL, NULL }, { &_rsa_u, &_rsa_e1, NULL }, + { &_rsa_u, NULL, &_rsa_e2 }, }; gnutls_privkey_t key; gnutls_datum_t p, q, g, y, x; @@ -343,9 +334,8 @@ int check_privkey_import_export(void) if (ret < 0) fail("error\n"); - ret = - gnutls_privkey_import_dsa_raw(key, &_dsa_p, &_dsa_q, &_dsa_g, - &_dsa_y, &_dsa_x); + ret = gnutls_privkey_import_dsa_raw(key, &_dsa_p, &_dsa_q, &_dsa_g, + &_dsa_y, &_dsa_x); if (ret < 0) fail("error\n"); @@ -364,9 +354,8 @@ int check_privkey_import_export(void) gnutls_free(y.data); gnutls_free(x.data); - ret = - gnutls_privkey_export_dsa_raw2(key, &p, &q, &g, &y, &x, - GNUTLS_EXPORT_FLAG_NO_LZ); + ret = gnutls_privkey_export_dsa_raw2(key, &p, &q, &g, &y, &x, + GNUTLS_EXPORT_FLAG_NO_LZ); if (ret < 0) fail("error: %s\n", gnutls_strerror(ret)); @@ -387,9 +376,8 @@ int check_privkey_import_export(void) if (ret < 0) fail("error\n"); - ret = - gnutls_privkey_import_dsa_raw(key, &_dsa_p, &_dsa_q, &_dsa_g, NULL, - &_dsa_x); + ret = gnutls_privkey_import_dsa_raw(key, &_dsa_p, &_dsa_q, &_dsa_g, + NULL, &_dsa_x); if (ret < 0) fail("error\n"); @@ -417,12 +405,11 @@ int check_privkey_import_export(void) if (ret < 0) fail("error\n"); - ret = - gnutls_privkey_import_rsa_raw(key, &_rsa_m, &_rsa_e, - &_rsa_d, &_rsa_p, &_rsa_q, - rsa_opt_args[i]._u, - rsa_opt_args[i]._e1, - rsa_opt_args[i]._e2); + ret = gnutls_privkey_import_rsa_raw(key, &_rsa_m, &_rsa_e, + &_rsa_d, &_rsa_p, &_rsa_q, + rsa_opt_args[i]._u, + rsa_opt_args[i]._e1, + rsa_opt_args[i]._e2); if (ret < 0) fail("error\n"); @@ -434,15 +421,13 @@ int check_privkey_import_export(void) if (ret < 0) fail("error\n"); - ret = - gnutls_privkey_import_rsa_raw(key, &_rsa_m, &_rsa_e, NULL, &_rsa_p, - &_rsa_q, NULL, NULL, NULL); + ret = gnutls_privkey_import_rsa_raw(key, &_rsa_m, &_rsa_e, NULL, + &_rsa_p, &_rsa_q, NULL, NULL, NULL); if (ret < 0) fail("error\n"); - ret = - gnutls_privkey_export_rsa_raw2(key, &m, &e, &d, &p, &q, &u, &e1, - &e2, 0); + ret = gnutls_privkey_export_rsa_raw2(key, &m, &e, &d, &p, &q, &u, &e1, + &e2, 0); if (ret < 0) fail("error\n"); @@ -470,16 +455,14 @@ int check_privkey_import_export(void) fail("error\n"); /* Import/export */ - ret = - gnutls_privkey_import_rsa_raw(key, &_rsa_m, &_rsa_e, &_rsa_d, - &_rsa_p, &_rsa_q, &_rsa_u, &_rsa_e1, - &_rsa_e2); + ret = gnutls_privkey_import_rsa_raw(key, &_rsa_m, &_rsa_e, &_rsa_d, + &_rsa_p, &_rsa_q, &_rsa_u, &_rsa_e1, + &_rsa_e2); if (ret < 0) fail("error\n"); - ret = - gnutls_privkey_export_rsa_raw2(key, &m, &e, &d, &p, &q, &u, &e1, - &e2, 0); + ret = gnutls_privkey_export_rsa_raw2(key, &m, &e, &d, &p, &q, &u, &e1, + &e2, 0); if (ret < 0) fail("error\n"); @@ -500,9 +483,8 @@ int check_privkey_import_export(void) gnutls_free(e1.data); gnutls_free(e2.data); - ret = - gnutls_privkey_export_rsa_raw2(key, &m, &e, &d, &p, &q, &u, &e1, - &e2, GNUTLS_EXPORT_FLAG_NO_LZ); + ret = gnutls_privkey_export_rsa_raw2(key, &m, &e, &d, &p, &q, &u, &e1, + &e2, GNUTLS_EXPORT_FLAG_NO_LZ); if (ret < 0) fail("error\n"); @@ -529,9 +511,8 @@ int check_privkey_import_export(void) if (ret < 0) fail("error\n"); - ret = - gnutls_privkey_import_ecc_raw(key, GNUTLS_ECC_CURVE_SECP256R1, - &_ecc_x, &_ecc_y, &_ecc_k); + ret = gnutls_privkey_import_ecc_raw(key, GNUTLS_ECC_CURVE_SECP256R1, + &_ecc_x, &_ecc_y, &_ecc_k); if (ret < 0) fail("error\n"); @@ -550,9 +531,8 @@ int check_privkey_import_export(void) gnutls_free(y.data); gnutls_free(p.data); - ret = - gnutls_privkey_export_ecc_raw2(key, &curve, &x, &y, &p, - GNUTLS_EXPORT_FLAG_NO_LZ); + ret = gnutls_privkey_export_ecc_raw2(key, &curve, &x, &y, &p, + GNUTLS_EXPORT_FLAG_NO_LZ); if (ret < 0) fail("error\n"); @@ -574,15 +554,13 @@ int check_privkey_import_export(void) fail("error\n"); /* test whether an invalid size would fail */ - ret = - gnutls_privkey_import_ecc_raw(key, GNUTLS_ECC_CURVE_ED25519, - &_rsa_m, NULL, &_rsa_m); + ret = gnutls_privkey_import_ecc_raw(key, GNUTLS_ECC_CURVE_ED25519, + &_rsa_m, NULL, &_rsa_m); if (ret != GNUTLS_E_INVALID_REQUEST) fail("error\n"); - ret = - gnutls_privkey_import_ecc_raw(key, GNUTLS_ECC_CURVE_ED25519, - &_ed25519_x, NULL, &_ed25519_k); + ret = gnutls_privkey_import_ecc_raw(key, GNUTLS_ECC_CURVE_ED25519, + &_ed25519_x, NULL, &_ed25519_k); if (ret < 0) fail("error\n"); @@ -608,9 +586,9 @@ int check_privkey_import_export(void) if (ret < 0) fail("error\n"); - ret = - gnutls_privkey_import_ecc_raw(key, GNUTLS_ECC_CURVE_ED25519, - &_false_ed25519_x, NULL, &_ed25519_k); + ret = gnutls_privkey_import_ecc_raw(key, GNUTLS_ECC_CURVE_ED25519, + &_false_ed25519_x, NULL, + &_ed25519_k); if (ret < 0) fail("error\n"); @@ -626,17 +604,15 @@ int check_privkey_import_export(void) if (ret < 0) fail("error\n"); - ret = - gnutls_privkey_import_gost_raw(key, GNUTLS_ECC_CURVE_GOST256CPXA, - GNUTLS_DIG_GOSTR_94, - GNUTLS_GOST_PARAMSET_CP_A, &_gost_x, - &_gost_y, &_gost_k); + ret = gnutls_privkey_import_gost_raw(key, GNUTLS_ECC_CURVE_GOST256CPXA, + GNUTLS_DIG_GOSTR_94, + GNUTLS_GOST_PARAMSET_CP_A, + &_gost_x, &_gost_y, &_gost_k); if (ret < 0) fail("error\n"); - ret = - gnutls_privkey_export_gost_raw2(key, &curve, &digest, ¶mset, &x, - &y, &p, 0); + ret = gnutls_privkey_export_gost_raw2(key, &curve, &digest, ¶mset, + &x, &y, &p, 0); if (ret < 0) fail("error\n"); @@ -660,9 +636,9 @@ int check_privkey_import_export(void) gnutls_free(y.data); gnutls_free(p.data); - ret = - gnutls_privkey_export_gost_raw2(key, &curve, &digest, ¶mset, &x, - &y, &p, GNUTLS_EXPORT_FLAG_NO_LZ); + ret = gnutls_privkey_export_gost_raw2(key, &curve, &digest, ¶mset, + &x, &y, &p, + GNUTLS_EXPORT_FLAG_NO_LZ); if (ret < 0) fail("error\n"); @@ -691,8 +667,7 @@ int check_privkey_import_export(void) return 0; } -static -int check_dsa(void) +static int check_dsa(void) { gnutls_privkey_t key; gnutls_pubkey_t pub; @@ -711,9 +686,8 @@ int check_dsa(void) if (ret < 0) fail("error\n"); - ret = - gnutls_privkey_import_x509_raw(key, &dsa_key, GNUTLS_X509_FMT_PEM, - 0, 0); + ret = gnutls_privkey_import_x509_raw(key, &dsa_key, GNUTLS_X509_FMT_PEM, + 0, 0); if (ret < 0) fail("error\n"); @@ -734,9 +708,8 @@ int check_dsa(void) gnutls_free(g.data); gnutls_free(y.data); - ret = - gnutls_pubkey_export_dsa_raw2(pub, &p, &q, &g, &y, - GNUTLS_EXPORT_FLAG_NO_LZ); + ret = gnutls_pubkey_export_dsa_raw2(pub, &p, &q, &g, &y, + GNUTLS_EXPORT_FLAG_NO_LZ); if (ret < 0) fail("error\n"); @@ -763,9 +736,8 @@ int check_dsa(void) gnutls_free(y.data); gnutls_free(x.data); - ret = - _gnutls_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_DER, NULL, 0, - &x); + ret = _gnutls_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_DER, NULL, 0, + &x); if (ret < 0 || x.size == 0) fail("error in pkcs8 export\n"); gnutls_free(x.data); @@ -776,8 +748,7 @@ int check_dsa(void) return 0; } -static -int check_rsa(void) +static int check_rsa(void) { gnutls_privkey_t key; gnutls_pubkey_t pub; @@ -795,9 +766,8 @@ int check_rsa(void) if (ret < 0) fail("error\n"); - ret = - gnutls_privkey_import_x509_raw(key, &rsa_key, GNUTLS_X509_FMT_PEM, - 0, 0); + ret = gnutls_privkey_import_x509_raw(key, &rsa_key, GNUTLS_X509_FMT_PEM, + 0, 0); if (ret < 0) fail("error\n"); @@ -814,9 +784,8 @@ int check_rsa(void) gnutls_free(m.data); gnutls_free(e.data); - ret = - gnutls_pubkey_export_rsa_raw2(pub, &m, &e, - GNUTLS_EXPORT_FLAG_NO_LZ); + ret = gnutls_pubkey_export_rsa_raw2(pub, &m, &e, + GNUTLS_EXPORT_FLAG_NO_LZ); if (ret < 0) fail("error\n"); @@ -825,9 +794,8 @@ int check_rsa(void) gnutls_free(m.data); gnutls_free(e.data); - ret = - gnutls_privkey_export_rsa_raw(key, &m, &e, &d, &p, &q, &u, &e1, - &e2); + ret = gnutls_privkey_export_rsa_raw(key, &m, &e, &d, &p, &q, &u, &e1, + &e2); if (ret < 0) fail("error\n"); @@ -848,9 +816,8 @@ int check_rsa(void) gnutls_free(e1.data); gnutls_free(e2.data); - ret = - _gnutls_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_DER, NULL, 0, - &m); + ret = _gnutls_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_DER, NULL, 0, + &m); if (ret < 0 || m.size == 0) fail("error in pkcs8 export\n"); gnutls_free(m.data); @@ -861,8 +828,7 @@ int check_rsa(void) return 0; } -static -int check_ecc(void) +static int check_ecc(void) { gnutls_privkey_t key; gnutls_pubkey_t pub; @@ -881,9 +847,8 @@ int check_ecc(void) if (ret < 0) fail("error\n"); - ret = - gnutls_privkey_import_x509_raw(key, &server_ecc_key, - GNUTLS_X509_FMT_PEM, 0, 0); + ret = gnutls_privkey_import_x509_raw(key, &server_ecc_key, + GNUTLS_X509_FMT_PEM, 0, 0); if (ret < 0) fail("error\n"); @@ -904,9 +869,8 @@ int check_ecc(void) gnutls_free(x.data); gnutls_free(y.data); - ret = - gnutls_pubkey_export_ecc_raw2(pub, &curve, &x, &y, - GNUTLS_EXPORT_FLAG_NO_LZ); + ret = gnutls_pubkey_export_ecc_raw2(pub, &curve, &x, &y, + GNUTLS_EXPORT_FLAG_NO_LZ); if (ret < 0) fail("error\n"); @@ -935,9 +899,8 @@ int check_ecc(void) gnutls_free(y.data); gnutls_free(k.data); - ret = - _gnutls_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_DER, NULL, 0, - &x); + ret = _gnutls_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_DER, NULL, 0, + &x); if (ret < 0 || x.size == 0) fail("error in pkcs8 export\n"); gnutls_free(x.data); @@ -978,8 +941,7 @@ int check_ecc(void) return 0; } -static -int check_ed25519(void) +static int check_ed25519(void) { gnutls_privkey_t key; gnutls_pubkey_t pub; @@ -998,9 +960,8 @@ int check_ed25519(void) if (ret < 0) fail("error\n"); - ret = - gnutls_privkey_import_x509_raw(key, &server_ca3_eddsa_key, - GNUTLS_X509_FMT_PEM, 0, 0); + ret = gnutls_privkey_import_x509_raw(key, &server_ca3_eddsa_key, + GNUTLS_X509_FMT_PEM, 0, 0); if (ret < 0) fail("error\n"); @@ -1050,9 +1011,8 @@ int check_ed25519(void) fail("expected NULL value in Y\n"); } - ret = - _gnutls_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_DER, NULL, 0, - &x); + ret = _gnutls_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_DER, NULL, 0, + &x); if (ret < 0 || x.size == 0) fail("error in pkcs8 export\n"); gnutls_free(x.data); @@ -1070,8 +1030,7 @@ int check_ed25519(void) return 0; } -static -int check_gost(void) +static int check_gost(void) { #ifdef ENABLE_GOST gnutls_privkey_t key; @@ -1093,9 +1052,8 @@ int check_gost(void) if (ret < 0) fail("error\n"); - ret = - gnutls_privkey_import_x509_raw(key, &server_ca3_gost01_key, - GNUTLS_X509_FMT_PEM, 0, 0); + ret = gnutls_privkey_import_x509_raw(key, &server_ca3_gost01_key, + GNUTLS_X509_FMT_PEM, 0, 0); if (ret < 0) fail("error\n"); @@ -1103,9 +1061,8 @@ int check_gost(void) if (ret < 0) fail("error\n"); - ret = - gnutls_pubkey_export_gost_raw2(pub, &curve, &digest, ¶mset, &x, - &y, 0); + ret = gnutls_pubkey_export_gost_raw2(pub, &curve, &digest, ¶mset, + &x, &y, 0); if (ret < 0) fail("error\n"); @@ -1127,9 +1084,8 @@ int check_gost(void) gnutls_free(x.data); gnutls_free(y.data); - ret = - gnutls_pubkey_export_gost_raw2(pub, &curve, &digest, ¶mset, &x, - &y, GNUTLS_EXPORT_FLAG_NO_LZ); + ret = gnutls_pubkey_export_gost_raw2(pub, &curve, &digest, ¶mset, + &x, &y, GNUTLS_EXPORT_FLAG_NO_LZ); if (ret < 0) fail("error\n"); @@ -1152,9 +1108,8 @@ int check_gost(void) gnutls_free(y.data); /* check the private key export */ - ret = - gnutls_privkey_export_gost_raw2(key, &curve, &digest, ¶mset, &x, - &y, &k, 0); + ret = gnutls_privkey_export_gost_raw2(key, &curve, &digest, ¶mset, + &x, &y, &k, 0); if (ret < 0) fail("error\n"); @@ -1178,9 +1133,8 @@ int check_gost(void) gnutls_free(y.data); gnutls_free(k.data); - ret = - _gnutls_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_DER, NULL, 0, - &x); + ret = _gnutls_privkey_export2_pkcs8(key, GNUTLS_X509_FMT_DER, NULL, 0, + &x); if (ret < 0 || x.size == 0) fail("error in pkcs8 export\n"); gnutls_free(x.data); diff --git a/tests/key-material-dtls.c b/tests/key-material-dtls.c index 32ea05a913..fb8332255e 100644 --- a/tests/key-material-dtls.c +++ b/tests/key-material-dtls.c @@ -19,7 +19,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -34,17 +34,17 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -68,7 +68,7 @@ static pid_t child; /* A very basic DTLS client, with anonymous authentication, that negotiates SRTP */ -static void dump(const char *name, uint8_t * data, unsigned data_size) +static void dump(const char *name, uint8_t *data, unsigned data_size) { unsigned i; @@ -118,9 +118,10 @@ static void client(int fd) gnutls_init(&session, GNUTLS_CLIENT | GNUTLS_DATAGRAM); /* Use default priorities */ - ret = gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.0:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-DH:+ANON-ECDH:+CURVE-ALL", - &err); + ret = gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.0:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-DH:+ANON-ECDH:+CURVE-ALL", + &err); if (ret < 0) { fail("client: priority set failed (%s): %s\n", gnutls_strerror(ret), err); @@ -137,8 +138,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed: %s\n", strerror(ret)); @@ -150,8 +150,8 @@ static void client(int fd) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); ret = gnutls_cipher_get(session); if (ret != GNUTLS_CIPHER_AES_128_CBC) { @@ -182,9 +182,8 @@ static void client(int fd) p = key_material; /* check whether the key material matches our calculations */ - ret = - gnutls_record_get_state(session, 0, &mac_key, &iv, &cipher_key, - wseq_number); + ret = gnutls_record_get_state(session, 0, &mac_key, &iv, &cipher_key, + wseq_number); if (ret < 0) { fprintf(stderr, "error in %d\n", __LINE__); gnutls_perror(ret); @@ -197,9 +196,8 @@ static void client(int fd) exit(1); } - ret = - gnutls_record_get_state(session, 1, &read_mac_key, &read_iv, - &read_cipher_key, rseq_number); + ret = gnutls_record_get_state(session, 1, &read_mac_key, &read_iv, + &read_cipher_key, rseq_number); if (ret < 0) { fprintf(stderr, "error in %d\n", __LINE__); gnutls_perror(ret); @@ -212,8 +210,8 @@ static void client(int fd) exit(1); } - if (hash_size != mac_key.size - || memcmp(p, mac_key.data, hash_size) != 0) { + if (hash_size != mac_key.size || + memcmp(p, mac_key.data, hash_size) != 0) { dump("MAC:", mac_key.data, mac_key.size); dump("Block:", key_material, block_size); fprintf(stderr, "error in %d\n", __LINE__); @@ -221,8 +219,8 @@ static void client(int fd) } p += hash_size; - if (hash_size != read_mac_key.size - || memcmp(p, read_mac_key.data, hash_size) != 0) { + if (hash_size != read_mac_key.size || + memcmp(p, read_mac_key.data, hash_size) != 0) { dump("MAC:", read_mac_key.data, read_mac_key.size); dump("Block:", key_material, block_size); fprintf(stderr, "error in %d\n", __LINE__); @@ -230,15 +228,15 @@ static void client(int fd) } p += hash_size; - if (key_size != cipher_key.size - || memcmp(p, cipher_key.data, key_size) != 0) { + if (key_size != cipher_key.size || + memcmp(p, cipher_key.data, key_size) != 0) { fprintf(stderr, "error in %d\n", __LINE__); exit(1); } p += key_size; - if (key_size != read_cipher_key.size - || memcmp(p, read_cipher_key.data, key_size) != 0) { + if (key_size != read_cipher_key.size || + memcmp(p, read_cipher_key.data, key_size) != 0) { fprintf(stderr, "error in %d\n", __LINE__); exit(1); } @@ -253,8 +251,8 @@ static void client(int fd) } memset(wseq_number, 0xAA, sizeof(wseq_number)); - ret = - gnutls_record_get_state(session, 0, NULL, NULL, NULL, wseq_number); + ret = gnutls_record_get_state(session, 0, NULL, NULL, NULL, + wseq_number); if (ret < 0) { fprintf(stderr, "error in %d\n", __LINE__); gnutls_perror(ret); @@ -268,8 +266,8 @@ static void client(int fd) } memset(rseq_number, 0xAA, sizeof(rseq_number)); - ret = - gnutls_record_get_state(session, 1, NULL, NULL, NULL, rseq_number); + ret = gnutls_record_get_state(session, 1, NULL, NULL, NULL, + rseq_number); if (ret < 0) { fprintf(stderr, "error in %d\n", __LINE__); gnutls_perror(ret); @@ -320,9 +318,8 @@ static void server(int fd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - ret = gnutls_priority_set_direct(session, - "NORMAL:+VERS-DTLS1.0:+ANON-DH:+ANON-ECDH", - NULL); + ret = gnutls_priority_set_direct( + session, "NORMAL:+VERS-DTLS1.0:+ANON-DH:+ANON-ECDH", NULL); if (ret < 0) { fail("server: priority set failed (%s)\n\n", gnutls_strerror(ret)); @@ -335,8 +332,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -349,13 +345,13 @@ static void server(int fd) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { ret = gnutls_record_recv(session, buf, sizeof(buf)); - } while (ret > 0 || ret == GNUTLS_E_AGAIN - || ret == GNUTLS_E_INTERRUPTED); + } while (ret > 0 || ret == GNUTLS_E_AGAIN || + ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { fail("error: %s\n", gnutls_strerror(ret)); @@ -414,4 +410,4 @@ void doit(void) start(); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/key-material-set-dtls.c b/tests/key-material-set-dtls.c index b6bafbf816..058fed5481 100644 --- a/tests/key-material-set-dtls.c +++ b/tests/key-material-set-dtls.c @@ -19,7 +19,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -34,18 +34,18 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -104,9 +104,10 @@ static void client(int fd) gnutls_record_set_timeout(session, 10000); /* Use default priorities */ - ret = gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.0:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-DH:+ANON-ECDH:+CURVE-ALL", - &err); + ret = gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.0:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-DH:+ANON-ECDH:+CURVE-ALL", + &err); if (ret < 0) { fail("client: priority set failed (%s): %s\n", gnutls_strerror(ret), err); @@ -123,8 +124,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed: %s\n", strerror(ret)); @@ -136,8 +136,8 @@ static void client(int fd) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); ret = gnutls_cipher_get(session); if (ret != GNUTLS_CIPHER_AES_128_CBC) { @@ -154,16 +154,16 @@ static void client(int fd) } /* save state */ - ret = - gnutls_record_get_state(session, 0, NULL, NULL, NULL, wseq_number); + ret = gnutls_record_get_state(session, 0, NULL, NULL, NULL, + wseq_number); if (ret < 0) { fprintf(stderr, "error in %d\n", __LINE__); gnutls_perror(ret); exit(1); } - ret = - gnutls_record_get_state(session, 1, NULL, NULL, NULL, rseq_number); + ret = gnutls_record_get_state(session, 1, NULL, NULL, NULL, + rseq_number); if (ret < 0) { fprintf(stderr, "error in %d\n", __LINE__); gnutls_perror(ret); @@ -258,9 +258,8 @@ static void server(int fd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - ret = gnutls_priority_set_direct(session, - "NORMAL:+VERS-DTLS1.0:+ANON-DH:+ANON-ECDH", - NULL); + ret = gnutls_priority_set_direct( + session, "NORMAL:+VERS-DTLS1.0:+ANON-DH:+ANON-ECDH", NULL); if (ret < 0) { fail("server: priority set failed (%s)\n\n", gnutls_strerror(ret)); @@ -273,8 +272,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -287,18 +285,18 @@ static void server(int fd) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* save state */ - ret = - gnutls_record_get_state(session, 0, NULL, NULL, NULL, wseq_number); + ret = gnutls_record_get_state(session, 0, NULL, NULL, NULL, + wseq_number); if (ret < 0) { fail("error in %d\n", __LINE__); } - ret = - gnutls_record_get_state(session, 1, NULL, NULL, NULL, rseq_number); + ret = gnutls_record_get_state(session, 1, NULL, NULL, NULL, + rseq_number); if (ret < 0) { fail("error in %d\n", __LINE__); } @@ -396,4 +394,4 @@ void doit(void) start(); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/key-openssl.c b/tests/key-openssl.c index 2120a7d456..5e51b91dbd 100644 --- a/tests/key-openssl.c +++ b/tests/key-openssl.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -38,87 +38,87 @@ static void tls_log_func(int level, const char *str) } static char plain_key[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIEpQIBAAKCAQEA2d3Qs4fYDkzojm9nbaz7vdX2GIAv3stAAmI0MWq7uxWcJ7lz\n" - "4UCvSh7CFWESMqOPcIymXXZB3rdrG6RQAHhE2YfFFFi0W/5rqcmkiTMnGmAjYy2Q\n" - "lCU87b18SQgjX27YLygvlbtZrveCgT2rbJYL57Gph+wIi+cJsEUanR/2fd12hL7k\n" - "RumZNEofamTHQm6Bn47ZhhCdVfs+QkfiMh+LHJM3fFiVusAUhMIJYhml53O+cSrR\n" - "VgWVdp4za/FdUzmDnSxG4heMHblRMS+UyqtssDZEaVHytiNQXFkuQ/U3v0E+2knR\n" - "NPKy+s7ZmSISC0qzDn6C5yeJc17Kc91y5RLoZwIDAQABAoIBAQCRXAu5HPOsZufq\n" - "0K2DYZz9BdqSckR+M8HbVUZZiksDAeIUJwoHyi6qF2eK+B86JiK4Bz+gsBw2ys3t\n" - "vW2bQqM9N/boIl8D2fZfbCgZWkXGtUonC+mgzk+el4Rq/cEMFVqr6/YDwuKNeJpc\n" - "PJc5dcsvpTvlcjgpj9bJAvJEz2SYiIUpvtG4WNMGGapVZZPDvWn4/isY+75T5oDf\n" - "1X5jG0lN9uoUjcuGuThN7gxjwlRkcvEOPHjXc6rxfrWIDdiz/91V46PwpqVDpRrg\n" - "ig6U7+ckS0Oy2v32x0DaDhwAfDJ2RNc9az6Z+11lmY3LPkjG/p8Klcmgvt4/lwkD\n" - "OYRC5QGRAoGBAPFdud6nmVt9h1DL0o4R6snm6P3K81Ds765VWVmpzJkK3+bwe4PQ\n" - "GQQ0I0zN4hXkDMwHETS+EVWllqkK/d4dsE3volYtyTti8zthIATlgSEJ81x/ChAQ\n" - "vvXxgx+zPUnb1mUwy+X+6urTHe4bxN2ypg6ROIUmT+Hx1ITG40LRRiPTAoGBAOcT\n" - "WR8DTrj42xbxAUpz9vxJ15ZMwuIpk3ShE6+CWqvaXHF22Ju4WFwRNlW2zVLH6UMt\n" - "nNfOzyDoryoiu0+0mg0wSmgdJbtCSHoI2GeiAnjGn5i8flQlPQ8bdwwmU6g6I/EU\n" - "QRbGK/2XLmlrGN52gVy9UX0NsAA5fEOsAJiFj1CdAoGBAN9i3nbq6O2bNVSa/8mL\n" - "XaD1vGe/oQgh8gaIaYSpuXlfbjCAG+C4BZ81XgJkfj3CbfGbDNqimsqI0fKsAJ/F\n" - "HHpVMgrOn3L+Np2bW5YMj0Fzwy+1SCvsQ8C+gJwjOLMV6syGp/+6udMSB55rRv3k\n" - "rPnIf+YDumUke4tTw9wAcgkPAoGASHMkiji7QfuklbjSsslRMyDj21gN8mMevH6U\n" - "cX7pduBsA5dDqu9NpPAwnQdHsSDE3i868d8BykuqQAfLut3hPylY6vPYlLHfj4Oe\n" - "dj+xjrSX7YeMBE34qvfth32s1R4FjtzO25keyc/Q2XSew4FcZftlxVO5Txi3AXC4\n" - "bxnRKXECgYEAva+og7/rK+ZjboJVNxhFrwHp9bXhz4tzrUaWNvJD2vKJ5ZcThHcX\n" - "zCig8W7eXHLPLDhi9aWZ3kUZ1RLhrFc/6dujtVtU9z2w1tmn1I+4Zi6D6L4DzKdg\n" - "nMRLFoXufs/qoaJTqa8sQvKa+ceJAF04+gGtw617cuaZdZ3SYRLR2dk=\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIEpQIBAAKCAQEA2d3Qs4fYDkzojm9nbaz7vdX2GIAv3stAAmI0MWq7uxWcJ7lz\n" + "4UCvSh7CFWESMqOPcIymXXZB3rdrG6RQAHhE2YfFFFi0W/5rqcmkiTMnGmAjYy2Q\n" + "lCU87b18SQgjX27YLygvlbtZrveCgT2rbJYL57Gph+wIi+cJsEUanR/2fd12hL7k\n" + "RumZNEofamTHQm6Bn47ZhhCdVfs+QkfiMh+LHJM3fFiVusAUhMIJYhml53O+cSrR\n" + "VgWVdp4za/FdUzmDnSxG4heMHblRMS+UyqtssDZEaVHytiNQXFkuQ/U3v0E+2knR\n" + "NPKy+s7ZmSISC0qzDn6C5yeJc17Kc91y5RLoZwIDAQABAoIBAQCRXAu5HPOsZufq\n" + "0K2DYZz9BdqSckR+M8HbVUZZiksDAeIUJwoHyi6qF2eK+B86JiK4Bz+gsBw2ys3t\n" + "vW2bQqM9N/boIl8D2fZfbCgZWkXGtUonC+mgzk+el4Rq/cEMFVqr6/YDwuKNeJpc\n" + "PJc5dcsvpTvlcjgpj9bJAvJEz2SYiIUpvtG4WNMGGapVZZPDvWn4/isY+75T5oDf\n" + "1X5jG0lN9uoUjcuGuThN7gxjwlRkcvEOPHjXc6rxfrWIDdiz/91V46PwpqVDpRrg\n" + "ig6U7+ckS0Oy2v32x0DaDhwAfDJ2RNc9az6Z+11lmY3LPkjG/p8Klcmgvt4/lwkD\n" + "OYRC5QGRAoGBAPFdud6nmVt9h1DL0o4R6snm6P3K81Ds765VWVmpzJkK3+bwe4PQ\n" + "GQQ0I0zN4hXkDMwHETS+EVWllqkK/d4dsE3volYtyTti8zthIATlgSEJ81x/ChAQ\n" + "vvXxgx+zPUnb1mUwy+X+6urTHe4bxN2ypg6ROIUmT+Hx1ITG40LRRiPTAoGBAOcT\n" + "WR8DTrj42xbxAUpz9vxJ15ZMwuIpk3ShE6+CWqvaXHF22Ju4WFwRNlW2zVLH6UMt\n" + "nNfOzyDoryoiu0+0mg0wSmgdJbtCSHoI2GeiAnjGn5i8flQlPQ8bdwwmU6g6I/EU\n" + "QRbGK/2XLmlrGN52gVy9UX0NsAA5fEOsAJiFj1CdAoGBAN9i3nbq6O2bNVSa/8mL\n" + "XaD1vGe/oQgh8gaIaYSpuXlfbjCAG+C4BZ81XgJkfj3CbfGbDNqimsqI0fKsAJ/F\n" + "HHpVMgrOn3L+Np2bW5YMj0Fzwy+1SCvsQ8C+gJwjOLMV6syGp/+6udMSB55rRv3k\n" + "rPnIf+YDumUke4tTw9wAcgkPAoGASHMkiji7QfuklbjSsslRMyDj21gN8mMevH6U\n" + "cX7pduBsA5dDqu9NpPAwnQdHsSDE3i868d8BykuqQAfLut3hPylY6vPYlLHfj4Oe\n" + "dj+xjrSX7YeMBE34qvfth32s1R4FjtzO25keyc/Q2XSew4FcZftlxVO5Txi3AXC4\n" + "bxnRKXECgYEAva+og7/rK+ZjboJVNxhFrwHp9bXhz4tzrUaWNvJD2vKJ5ZcThHcX\n" + "zCig8W7eXHLPLDhi9aWZ3kUZ1RLhrFc/6dujtVtU9z2w1tmn1I+4Zi6D6L4DzKdg\n" + "nMRLFoXufs/qoaJTqa8sQvKa+ceJAF04+gGtw617cuaZdZ3SYRLR2dk=\n" + "-----END RSA PRIVATE KEY-----\n"; const char key1[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "Proc-Type: 4,ENCRYPTED\n" - "DEK-Info: DES-EDE3-CBC,82B2F7684A1713F8\n" - "\n" - "1zzOuu89dfFc2UkFCtSJBsBeEFxV8wE84OSxoWu4aYkPhl1LR08BchaTbjeLTP0b\n" - "t961vVpva0ekJkwGDEgmqlGjmhJq9y2sJfq7IeYa8OdTilfGrG1xeJ1QGBi6SCfR\n" - "s/PhkMxwGBtrZ2Z7bEcLT5dQKmKRqsthnClQggmngvk7zX7bPk0hKQKvf+FDxt6x\n" - "hzEaF3k9juU6vAVVSakrZ4QDqk9MUuTGHx0ksTDcC4EESS0l3Ybuum/rAzR4lQKR\n" - "4OLmAeYBDl+l/PSMllfd5x/z1YXYoiAbkpT4ix0lyZJgHrvrYIeUtJk2ODiMHezL\n" - "9BbK7EobtOGmrDLUNVX5BpdaExkWMGkioqzs2QqD/VkKu8RcNSsHVGqkdWKuhzXo\n" - "wcczQ+RiHckN2uy/zApubEWZNLPeDQ499kaF+QdZ+h4RM6E1r1Gu+A==\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "Proc-Type: 4,ENCRYPTED\n" + "DEK-Info: DES-EDE3-CBC,82B2F7684A1713F8\n" + "\n" + "1zzOuu89dfFc2UkFCtSJBsBeEFxV8wE84OSxoWu4aYkPhl1LR08BchaTbjeLTP0b\n" + "t961vVpva0ekJkwGDEgmqlGjmhJq9y2sJfq7IeYa8OdTilfGrG1xeJ1QGBi6SCfR\n" + "s/PhkMxwGBtrZ2Z7bEcLT5dQKmKRqsthnClQggmngvk7zX7bPk0hKQKvf+FDxt6x\n" + "hzEaF3k9juU6vAVVSakrZ4QDqk9MUuTGHx0ksTDcC4EESS0l3Ybuum/rAzR4lQKR\n" + "4OLmAeYBDl+l/PSMllfd5x/z1YXYoiAbkpT4ix0lyZJgHrvrYIeUtJk2ODiMHezL\n" + "9BbK7EobtOGmrDLUNVX5BpdaExkWMGkioqzs2QqD/VkKu8RcNSsHVGqkdWKuhzXo\n" + "wcczQ+RiHckN2uy/zApubEWZNLPeDQ499kaF+QdZ+h4RM6E1r1Gu+A==\n" + "-----END RSA PRIVATE KEY-----\n"; const char key2[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "Proc-Type: 4,ENCRYPTED\n" - "DEK-Info: AES-128-CBC,2A57FF97B701B3F760145D7446929481\n" - "\n" - "mGAPhSw48wZBnkHOhfMDg8yL2IBgMuTmeKE4xoHi7T6isHBNfkqMd0iJ+DJP/OKb\n" - "t+7lkKjj/xQ7w/bOBvBxlfRe4MW6+ejCdAFD9XSolW6WN6CEJPMI4UtmOK5inqcC\n" - "8l2l54f/VGrVN9uavU3KlXCjrd3Jp9B0Mu4Zh/UU4+EWs9rJAZfLIn+vHZ3OHetx\n" - "g74LdV7nC7lt/fjxc1caNIfgHs40dUt9FVrnJvAtkcNMtcjX/D+L8ZrLgQzIWFcs\n" - "WAbUZj7Me22mCli3RPET7Je37K59IzfWgbWFCGaNu3X02g5xtCfdcn/Uqy9eofH0\n" - "YjKRhpgXPeGJCkoRqDeUHQNPpVP5HrzDZMVK3E4DC03C8qvgsYvuwYt3KkbG2fuA\n" - "F3bDyqlxSOm7uxF/K3YzI44v8/D8GGnLBTpN+ANBdiY=\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "Proc-Type: 4,ENCRYPTED\n" + "DEK-Info: AES-128-CBC,2A57FF97B701B3F760145D7446929481\n" + "\n" + "mGAPhSw48wZBnkHOhfMDg8yL2IBgMuTmeKE4xoHi7T6isHBNfkqMd0iJ+DJP/OKb\n" + "t+7lkKjj/xQ7w/bOBvBxlfRe4MW6+ejCdAFD9XSolW6WN6CEJPMI4UtmOK5inqcC\n" + "8l2l54f/VGrVN9uavU3KlXCjrd3Jp9B0Mu4Zh/UU4+EWs9rJAZfLIn+vHZ3OHetx\n" + "g74LdV7nC7lt/fjxc1caNIfgHs40dUt9FVrnJvAtkcNMtcjX/D+L8ZrLgQzIWFcs\n" + "WAbUZj7Me22mCli3RPET7Je37K59IzfWgbWFCGaNu3X02g5xtCfdcn/Uqy9eofH0\n" + "YjKRhpgXPeGJCkoRqDeUHQNPpVP5HrzDZMVK3E4DC03C8qvgsYvuwYt3KkbG2fuA\n" + "F3bDyqlxSOm7uxF/K3YzI44v8/D8GGnLBTpN+ANBdiY=\n" + "-----END RSA PRIVATE KEY-----\n"; const char key_lowercase_iv[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "Proc-Type: 4,ENCRYPTED\n" - "DEK-Info: AES-256-CBC,c1967f64f92d5c4ef302537b7b50b98f\n" - "\n" - "iRHj/BbuyHodcEt/cPduzhxOUCwe+o77j7DOepAb7rasr7uRDjFcB2DeB4yvog5q\n" - "M46pB5NVqegJCTcFht/90OKXprt2m04ntsCEXXfJ/NQIYP3NsLM+aNiWUL1cxPiZ\n" - "6fWp6uaR165F+T5vBRmo6dS3wowHeiHZMiSGuM6CbW+AO5R31og9cUuP2e02GPbq\n" - "ZCGyU8RnA6c1caCql/T/5WOIjyaFpJhigBnQc6EoVi3C6XULBQ1Ut9A8gw3gVWda\n" - "NBF8sHfwXyKuPhWLZwOM7ZewIOvnesezwW7Tpf2LfMBIe1YQixdsBgM1RvhEN2bl\n" - "mYR1L1zfr94z/fWDztq1MYtCBPUJcgrjNLb80xv1qq5hZorTM9gjAeLfT4x9I6/m\n" - "57ohSPIR3bXgRZuefjxBhQYthUPcZ+qktrbURcvHNLs=\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "Proc-Type: 4,ENCRYPTED\n" + "DEK-Info: AES-256-CBC,c1967f64f92d5c4ef302537b7b50b98f\n" + "\n" + "iRHj/BbuyHodcEt/cPduzhxOUCwe+o77j7DOepAb7rasr7uRDjFcB2DeB4yvog5q\n" + "M46pB5NVqegJCTcFht/90OKXprt2m04ntsCEXXfJ/NQIYP3NsLM+aNiWUL1cxPiZ\n" + "6fWp6uaR165F+T5vBRmo6dS3wowHeiHZMiSGuM6CbW+AO5R31og9cUuP2e02GPbq\n" + "ZCGyU8RnA6c1caCql/T/5WOIjyaFpJhigBnQc6EoVi3C6XULBQ1Ut9A8gw3gVWda\n" + "NBF8sHfwXyKuPhWLZwOM7ZewIOvnesezwW7Tpf2LfMBIe1YQixdsBgM1RvhEN2bl\n" + "mYR1L1zfr94z/fWDztq1MYtCBPUJcgrjNLb80xv1qq5hZorTM9gjAeLfT4x9I6/m\n" + "57ohSPIR3bXgRZuefjxBhQYthUPcZ+qktrbURcvHNLs=\n" + "-----END RSA PRIVATE KEY-----\n"; static int good_pwd_cb(void *userdata, int attempt, const char *token_url, - const char *token_label, unsigned int flags, - char *pin, size_t pin_max) + const char *token_label, unsigned int flags, char *pin, + size_t pin_max) { snprintf(pin, pin_max, "%s", "123456"); return 0; } static int bad_pwd_cb(void *userdata, int attempt, const char *token_url, - const char *token_label, unsigned int flags, - char *pin, size_t pin_max) + const char *token_label, unsigned int flags, char *pin, + size_t pin_max) { snprintf(pin, pin_max, "%s", "bad"); return 0; @@ -174,9 +174,8 @@ void doit(void) key.data = (void *)key1; key.size = sizeof(key1); - ret = - gnutls_x509_privkey_import2(pkey, &key, GNUTLS_X509_FMT_PEM, - "123456", 0); + ret = gnutls_x509_privkey_import2(pkey, &key, GNUTLS_X509_FMT_PEM, + "123456", 0); if (ret < 0) { fail("gnutls_x509_privkey_import2: %s\n", gnutls_strerror(ret)); } @@ -189,9 +188,8 @@ void doit(void) key.data = (void *)plain_key; key.size = sizeof(plain_key); - ret = - gnutls_x509_privkey_import2(pkey, &key, GNUTLS_X509_FMT_PEM, - "123456", 0); + ret = gnutls_x509_privkey_import2(pkey, &key, GNUTLS_X509_FMT_PEM, + "123456", 0); if (ret < 0) { fail("gnutls_x509_privkey_import2: %s\n", gnutls_strerror(ret)); } @@ -204,8 +202,8 @@ void doit(void) key.data = (void *)key1; key.size = sizeof(key1); - ret = gnutls_x509_privkey_import2(pkey, &key, GNUTLS_X509_FMT_PEM, - NULL, 0); + ret = gnutls_x509_privkey_import2(pkey, &key, GNUTLS_X509_FMT_PEM, NULL, + 0); if (ret != GNUTLS_E_DECRYPTION_FAILED) { fail("gnutls_x509_privkey_import2 (expect decrypt fail): %s\n", gnutls_strerror(ret)); @@ -219,9 +217,8 @@ void doit(void) key.data = (void *)key_lowercase_iv; key.size = sizeof(key_lowercase_iv); - ret = - gnutls_x509_privkey_import2(pkey, &key, GNUTLS_X509_FMT_PEM, - "123456", 0); + ret = gnutls_x509_privkey_import2(pkey, &key, GNUTLS_X509_FMT_PEM, + "123456", 0); if (ret < 0) { fail("gnutls_x509_privkey_import2: %s\n", gnutls_strerror(ret)); } @@ -260,8 +257,8 @@ void doit(void) gnutls_x509_privkey_set_pin_function(pkey, good_pwd_cb, NULL); key.data = (void *)key1; key.size = sizeof(key1); - ret = gnutls_x509_privkey_import2(pkey, &key, GNUTLS_X509_FMT_PEM, - NULL, 0); + ret = gnutls_x509_privkey_import2(pkey, &key, GNUTLS_X509_FMT_PEM, NULL, + 0); if (ret < 0) { fail("gnutls_x509_privkey_import2 (good pin): %s\n", gnutls_strerror(ret)); @@ -276,8 +273,8 @@ void doit(void) gnutls_x509_privkey_set_pin_function(pkey, bad_pwd_cb, NULL); key.data = (void *)key1; key.size = sizeof(key1); - ret = gnutls_x509_privkey_import2(pkey, &key, GNUTLS_X509_FMT_PEM, - NULL, 0); + ret = gnutls_x509_privkey_import2(pkey, &key, GNUTLS_X509_FMT_PEM, NULL, + 0); if (ret != GNUTLS_E_DECRYPTION_FAILED) { fail("gnutls_x509_privkey_import2 (bad pin): %s\n", gnutls_strerror(ret)); diff --git a/tests/key-usage-ecdhe-rsa.c b/tests/key-usage-ecdhe-rsa.c index bb43b6abcd..140dd7bb30 100644 --- a/tests/key-usage-ecdhe-rsa.c +++ b/tests/key-usage-ecdhe-rsa.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -45,66 +45,64 @@ static void tls_log_func(int level, const char *str) } static unsigned char encryption_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDoTCCAgmgAwIBAgIIWD7Wvx22i+gwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" - "AxMEQ0EtMzAgFw0xNjExMzAxMzQwMTZaGA85OTk5MTIzMTIzNTk1OVowADCCASIw\n" - "DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM3XiAz9NK/9K4mciW5cioUfOrH8\n" - "W5QlnzgODc5O9vKypx+2Y42BmVArdTNox9ypyQHs4Tf1RVs8MkKLLRPVPvFTTwsB\n" - "sYYR0WwtjLaUAG6uEQOkQ1tKnkPveR+7Yaz/WurUTFH/6tt9PLkjUa2MFClJfQyA\n" - "+Ip0DOChfZVWDmKEsGxf0+HDrUwI6Yrue6Xjq4MtQ644vxYuIZrEU53bExNrZ7y9\n" - "fvwsYa86eNBO3lEierVnusFqvngsXzuhHMTh7Dd1kdewWnNX9cFyXFPU1oxpEqgD\n" - "9b/WOELpt4/Vyi6GAKthroTADOrgqIS4yVv/IwTE+I75820inSJBXwpVi9sCAwEA\n" - "AaOBjTCBijAMBgNVHRMBAf8EAjAAMBQGA1UdEQQNMAuCCWxvY2FsaG9zdDATBgNV\n" - "HSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDByAAMB0GA1UdDgQWBBThAci6\n" - "ST9MfTP8KV4xkB0p2hgsyjAfBgNVHSMEGDAWgBT5qIYZY7akFBNgdg8BmjU27/G0\n" - "rzANBgkqhkiG9w0BAQsFAAOCAYEAQSaXhGYE0VvpFidR+txfhRXZhoIyO6bCxrOE\n" - "WFTdglZ3XE9/avlONa18hAVmMqBXJFKiTIMou2qQu7dJ80dMphQPFSOgVTwNP5yD\n" - "MM0iJHSlcBweukA3+Jfo3lbGSYOGh3D157XwPQ5+dKFSgzFWdQApDAZ2Y5wg1mlD\n" - "riapOliMXEBHuKaBEAGYHLNQEUoutc/8lpv7FrE8YPp2J5f/kBlL21ygHNCNbRQZ\n" - "XTTajRgY5dg0R7CPM1wkyk/K1Lke2BgteF4FWlKTzh3b42swWJAlW9oDcqA8xRHu\n" - "cvU+7PKs3SpXky6dGC+rgWMfV99z00gNICdZJrqTRTd6JvMa+Q8QCChHtyE40LWe\n" - "MXFfeQW2kWD+q2CUAiY5K/fk4p74w4TtHuln3/+IZd+fwMfq9eD9524n+61AoTvm\n" - "FM9vezUEwybmHVTx+390aiY2SaAxl4BCopauOgpBTnj8Rcd5dMO3qEW4+QaXKMlU\n" - "wIEPoaEfCDQ/XXy0bM5zFUFWgTNX\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIDoTCCAgmgAwIBAgIIWD7Wvx22i+gwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" + "AxMEQ0EtMzAgFw0xNjExMzAxMzQwMTZaGA85OTk5MTIzMTIzNTk1OVowADCCASIw\n" + "DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM3XiAz9NK/9K4mciW5cioUfOrH8\n" + "W5QlnzgODc5O9vKypx+2Y42BmVArdTNox9ypyQHs4Tf1RVs8MkKLLRPVPvFTTwsB\n" + "sYYR0WwtjLaUAG6uEQOkQ1tKnkPveR+7Yaz/WurUTFH/6tt9PLkjUa2MFClJfQyA\n" + "+Ip0DOChfZVWDmKEsGxf0+HDrUwI6Yrue6Xjq4MtQ644vxYuIZrEU53bExNrZ7y9\n" + "fvwsYa86eNBO3lEierVnusFqvngsXzuhHMTh7Dd1kdewWnNX9cFyXFPU1oxpEqgD\n" + "9b/WOELpt4/Vyi6GAKthroTADOrgqIS4yVv/IwTE+I75820inSJBXwpVi9sCAwEA\n" + "AaOBjTCBijAMBgNVHRMBAf8EAjAAMBQGA1UdEQQNMAuCCWxvY2FsaG9zdDATBgNV\n" + "HSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDByAAMB0GA1UdDgQWBBThAci6\n" + "ST9MfTP8KV4xkB0p2hgsyjAfBgNVHSMEGDAWgBT5qIYZY7akFBNgdg8BmjU27/G0\n" + "rzANBgkqhkiG9w0BAQsFAAOCAYEAQSaXhGYE0VvpFidR+txfhRXZhoIyO6bCxrOE\n" + "WFTdglZ3XE9/avlONa18hAVmMqBXJFKiTIMou2qQu7dJ80dMphQPFSOgVTwNP5yD\n" + "MM0iJHSlcBweukA3+Jfo3lbGSYOGh3D157XwPQ5+dKFSgzFWdQApDAZ2Y5wg1mlD\n" + "riapOliMXEBHuKaBEAGYHLNQEUoutc/8lpv7FrE8YPp2J5f/kBlL21ygHNCNbRQZ\n" + "XTTajRgY5dg0R7CPM1wkyk/K1Lke2BgteF4FWlKTzh3b42swWJAlW9oDcqA8xRHu\n" + "cvU+7PKs3SpXky6dGC+rgWMfV99z00gNICdZJrqTRTd6JvMa+Q8QCChHtyE40LWe\n" + "MXFfeQW2kWD+q2CUAiY5K/fk4p74w4TtHuln3/+IZd+fwMfq9eD9524n+61AoTvm\n" + "FM9vezUEwybmHVTx+390aiY2SaAxl4BCopauOgpBTnj8Rcd5dMO3qEW4+QaXKMlU\n" + "wIEPoaEfCDQ/XXy0bM5zFUFWgTNX\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t enc_cert = { encryption_cert_pem, - sizeof(encryption_cert_pem) - 1 -}; + sizeof(encryption_cert_pem) - 1 }; static unsigned char encryption_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIEpgIBAAKCAQEAzdeIDP00r/0riZyJblyKhR86sfxblCWfOA4Nzk728rKnH7Zj\n" - "jYGZUCt1M2jH3KnJAezhN/VFWzwyQostE9U+8VNPCwGxhhHRbC2MtpQAbq4RA6RD\n" - "W0qeQ+95H7thrP9a6tRMUf/q2308uSNRrYwUKUl9DID4inQM4KF9lVYOYoSwbF/T\n" - "4cOtTAjpiu57peOrgy1Drji/Fi4hmsRTndsTE2tnvL1+/Cxhrzp40E7eUSJ6tWe6\n" - "wWq+eCxfO6EcxOHsN3WR17Bac1f1wXJcU9TWjGkSqAP1v9Y4Qum3j9XKLoYAq2Gu\n" - "hMAM6uCohLjJW/8jBMT4jvnzbSKdIkFfClWL2wIDAQABAoIBAQC70D11xI6PSUux\n" - "St/mj49gOYdfoOeaO92T0tbr+AbAmRt+Bve8xJQznwNX/fHmOBCMriss2KEIxtsA\n" - "9mYR44+Dt8S2QTxOHPHdZ44thMsEMdSaYwWGRYY0bEszFdDgfTnibASbCQusaw+9\n" - "ySkcVWSL616qyv57rbmWOCMS4CtN3Sk982mtzSdCkJ8tiq6n3C60QPom/zo5TBS5\n" - "vaJ70NRnj7Zuq9VPwNKOwhkYW9OUZsAmdwLqenmsLfQEnZnu/ielJ10LI8SrQG5x\n" - "lANdYRD07W5lpwImJCELUqK5X2iw5ii6/4vl/Si/WcL4pRFpuCOCp1B8SDuSkOKS\n" - "zebU/Z3hAoGBAPvIN/WlSQ+Iy5TNGsnV5B96Xvl8YrXVInJZ7z4MOrPgyvN8mQXX\n" - "sQ6D01H2tba3mWt0S16lWwBsOll5LDBj5kcvp+4702xUxoOap79wXPS1Ibi+uXlO\n" - "5c7V3pa7r2nw7YQL+ehYpgBdaVaYdAnHKn0Mo7zMd+yjNnQEfEcDwNFxAoGBANFK\n" - "S7y327IEms1wdn0hb1r812PKsn464j4xbnfnrAYzE2cttgLSYsRRYNMo++ZS9Y3v\n" - "3MZGmgOsKRgpbblxhUxNY5pKeHcXKUy1YtaGJVpeQwI8u69Th9tUDS2/yt7Op4/0\n" - "p5115DTEfmvKzF//PH7GtX5Ox/JoNSHaPcORT0wLAoGBANXYEZ8zCMCG4NG6+hue\n" - "7KfHmU6wVG43XZBdzhKW9Gy+aeEvXBBYR2saj6q3rVJI0acwGKuEKaxMP6qqfduD\n" - "nZusYCa47TK/NfOksQCpgGneRYvRgVoEpq5reyfutGd4V2KlgVXTpPn+XG9OAJAl\n" - "dnLK/25lAx4a6S7UeHEgQO4hAoGBAKyfch6jK3MGd0RxuVl2RWmv2Fw36MdS/B6+\n" - "GNaPYITwhdV5j4F+U/aHBKzGRhbwYBcFO3zS6N+UlYSXTyhAqOiJgFjXicr4cJkT\n" - "lwVIOfDyhKSIwWlYJVtTVVdhtQvXOb/z1Hh8r5CSbY+tAqs/U39hmHsosaSQLRrR\n" - "7lWrOdOHAoGBAIndZqW8HHfUk5Y6ZlbDzz/GRi81nrU3p2Ii1M17PLFyFhKZcPyM\n" - "kJDhqStyWEQKN7Xig0uxGvGAFYTBsILmoS/XAFnRpfcmNkF7hXRGHuHFRopZuIic\n" - "gZ9oloj50/wHdTSU/MExRExhC7DUom2DzihUz3a5uqWOK/SnpfNeIJPs\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIEpgIBAAKCAQEAzdeIDP00r/0riZyJblyKhR86sfxblCWfOA4Nzk728rKnH7Zj\n" + "jYGZUCt1M2jH3KnJAezhN/VFWzwyQostE9U+8VNPCwGxhhHRbC2MtpQAbq4RA6RD\n" + "W0qeQ+95H7thrP9a6tRMUf/q2308uSNRrYwUKUl9DID4inQM4KF9lVYOYoSwbF/T\n" + "4cOtTAjpiu57peOrgy1Drji/Fi4hmsRTndsTE2tnvL1+/Cxhrzp40E7eUSJ6tWe6\n" + "wWq+eCxfO6EcxOHsN3WR17Bac1f1wXJcU9TWjGkSqAP1v9Y4Qum3j9XKLoYAq2Gu\n" + "hMAM6uCohLjJW/8jBMT4jvnzbSKdIkFfClWL2wIDAQABAoIBAQC70D11xI6PSUux\n" + "St/mj49gOYdfoOeaO92T0tbr+AbAmRt+Bve8xJQznwNX/fHmOBCMriss2KEIxtsA\n" + "9mYR44+Dt8S2QTxOHPHdZ44thMsEMdSaYwWGRYY0bEszFdDgfTnibASbCQusaw+9\n" + "ySkcVWSL616qyv57rbmWOCMS4CtN3Sk982mtzSdCkJ8tiq6n3C60QPom/zo5TBS5\n" + "vaJ70NRnj7Zuq9VPwNKOwhkYW9OUZsAmdwLqenmsLfQEnZnu/ielJ10LI8SrQG5x\n" + "lANdYRD07W5lpwImJCELUqK5X2iw5ii6/4vl/Si/WcL4pRFpuCOCp1B8SDuSkOKS\n" + "zebU/Z3hAoGBAPvIN/WlSQ+Iy5TNGsnV5B96Xvl8YrXVInJZ7z4MOrPgyvN8mQXX\n" + "sQ6D01H2tba3mWt0S16lWwBsOll5LDBj5kcvp+4702xUxoOap79wXPS1Ibi+uXlO\n" + "5c7V3pa7r2nw7YQL+ehYpgBdaVaYdAnHKn0Mo7zMd+yjNnQEfEcDwNFxAoGBANFK\n" + "S7y327IEms1wdn0hb1r812PKsn464j4xbnfnrAYzE2cttgLSYsRRYNMo++ZS9Y3v\n" + "3MZGmgOsKRgpbblxhUxNY5pKeHcXKUy1YtaGJVpeQwI8u69Th9tUDS2/yt7Op4/0\n" + "p5115DTEfmvKzF//PH7GtX5Ox/JoNSHaPcORT0wLAoGBANXYEZ8zCMCG4NG6+hue\n" + "7KfHmU6wVG43XZBdzhKW9Gy+aeEvXBBYR2saj6q3rVJI0acwGKuEKaxMP6qqfduD\n" + "nZusYCa47TK/NfOksQCpgGneRYvRgVoEpq5reyfutGd4V2KlgVXTpPn+XG9OAJAl\n" + "dnLK/25lAx4a6S7UeHEgQO4hAoGBAKyfch6jK3MGd0RxuVl2RWmv2Fw36MdS/B6+\n" + "GNaPYITwhdV5j4F+U/aHBKzGRhbwYBcFO3zS6N+UlYSXTyhAqOiJgFjXicr4cJkT\n" + "lwVIOfDyhKSIwWlYJVtTVVdhtQvXOb/z1Hh8r5CSbY+tAqs/U39hmHsosaSQLRrR\n" + "7lWrOdOHAoGBAIndZqW8HHfUk5Y6ZlbDzz/GRi81nrU3p2Ii1M17PLFyFhKZcPyM\n" + "kJDhqStyWEQKN7Xig0uxGvGAFYTBsILmoS/XAFnRpfcmNkF7hXRGHuHFRopZuIic\n" + "gZ9oloj50/wHdTSU/MExRExhC7DUom2DzihUz3a5uqWOK/SnpfNeIJPs\n" + "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t enc_key = { encryption_key_pem, - sizeof(encryption_key_pem) - 1 -}; + sizeof(encryption_key_pem) - 1 }; -static -void server_check(void) +static void server_check(void) { int ret; /* Server stuff. */ @@ -124,15 +122,14 @@ void server_check(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &enc_cert, &enc_key, + gnutls_certificate_set_x509_key_mem(serverx509cred, &enc_cert, &enc_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); - gnutls_priority_set_direct(server, - "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2", - NULL); + gnutls_priority_set_direct( + server, "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2", + NULL); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -142,9 +139,8 @@ void server_check(void) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -157,9 +153,8 @@ void server_check(void) if (ret < 0) exit(1); - gnutls_priority_set_direct(client, - "NORMAL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2", - NULL); + gnutls_priority_set_direct( + client, "NORMAL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2", NULL); gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); gnutls_transport_set_ptr(client, client); @@ -182,12 +177,11 @@ void server_check(void) static gnutls_privkey_t g_pkey = NULL; static gnutls_pcert_st *g_pcert = NULL; -static int -cert_callback(gnutls_session_t session, - const gnutls_datum_t * req_ca_rdn, int nreqs, - const gnutls_pk_algorithm_t * sign_algos, - int sign_algos_length, gnutls_pcert_st ** pcert, - unsigned int *pcert_length, gnutls_privkey_t * pkey) +static int cert_callback(gnutls_session_t session, + const gnutls_datum_t *req_ca_rdn, int nreqs, + const gnutls_pk_algorithm_t *sign_algos, + int sign_algos_length, gnutls_pcert_st **pcert, + unsigned int *pcert_length, gnutls_privkey_t *pkey) { int ret; gnutls_pcert_st *p; @@ -198,9 +192,8 @@ cert_callback(gnutls_session_t session, if (p == NULL) return -1; - ret = - gnutls_pcert_import_x509_raw(p, &enc_cert, - GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_pcert_import_x509_raw(p, &enc_cert, + GNUTLS_X509_FMT_PEM, 0); if (ret < 0) return -1; @@ -208,10 +201,8 @@ cert_callback(gnutls_session_t session, if (ret < 0) return -1; - ret = - gnutls_privkey_import_x509_raw(lkey, &enc_key, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_privkey_import_x509_raw( + lkey, &enc_key, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) return -1; @@ -229,8 +220,7 @@ cert_callback(gnutls_session_t session, return 0; } -static -void client_check(void) +static void client_check(void) { int ret; /* Server stuff. */ @@ -255,9 +245,10 @@ void client_check(void) gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); - gnutls_priority_set_direct(server, - "NORMAL:-KX-ALL:+ECDHE-RSA:%DEBUG_ALLOW_KEY_USAGE_VIOLATIONS:-VERS-ALL:+VERS-TLS1.2", - NULL); + gnutls_priority_set_direct( + server, + "NORMAL:-KX-ALL:+ECDHE-RSA:%DEBUG_ALLOW_KEY_USAGE_VIOLATIONS:-VERS-ALL:+VERS-TLS1.2", + NULL); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -267,9 +258,8 @@ void client_check(void) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -282,9 +272,8 @@ void client_check(void) if (ret < 0) exit(1); - gnutls_priority_set_direct(client, - "NORMAL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2", - NULL); + gnutls_priority_set_direct( + client, "NORMAL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2", NULL); gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); gnutls_transport_set_ptr(client, client); diff --git a/tests/key-usage-rsa.c b/tests/key-usage-rsa.c index 42fdaa5d70..17c864b9c5 100644 --- a/tests/key-usage-rsa.c +++ b/tests/key-usage-rsa.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -44,107 +44,100 @@ static void tls_log_func(int level, const char *str) } static unsigned char ca_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIC8zCCAdugAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCAXDTE1MDgxNDA5MzUxMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0wMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4O2BYEx/hl7URXhb\n" - "52erURO6HrlfacZjG0fQ2WqRcJJTqg2baAbA7+1SLdhphZ+KJDypEjJWmOgbaehI\n" - "hlK7zDZb+0r0uXlUQ11mgf7FcCDQoJBmC1dcN3o6zPeXg5hkWV+ZV2h7hhJTwkRc\n" - "C4DXTbaDKy8PNiC0MRMOGjeMfnL26oaxzuHNgH4u1J02+XUZ0UcSDrUc52O1lJ02\n" - "i1SbD+fTNBgmFQADXyAllZYJ/xwbxf44TFhQjiOvVpz/9EB2+/x5H0r1YvwKGY6v\n" - "5mfkUsEAE5+uxDXdZT84ltEKkAjbZ9cIgdmXRuD4mkyo3NHLh7oHCdsRRE/S/rZe\n" - "ikmGpQIDAQABo1gwVjAPBgNVHRMBAf8EBTADAQH/MBMGA1UdJQQMMAoGCCsGAQUF\n" - "BwMJMA8GA1UdDwEB/wQFAwMHBgAwHQYDVR0OBBYEFEvjsNoFTfqDEKbcwFnxKId+\n" - "ZQP8MA0GCSqGSIb3DQEBCwUAA4IBAQAKrbc6hER0xAjn5driLNyoz0JJr5P07PDI\n" - "d8AR3ZC56DSJNdvKDqdFIvAoo/JePCTFSdhbaqu+08MoTtRK5TKqjRiDiG4XCxiz\n" - "Ado7QouS+ZgDP1Uxv8j2YWeSpkusD+oIEK96wbeDaYi0ENbLWbm9zWqvHaaEYn4c\n" - "ov78n+7VvP3I2OFuJ0EPy+r55GPxSCRCh6apL78yAc6TfcyOwwTihvCF5ejCqRg/\n" - "T1As5NCCpdYP2nejRymjO6wMRsRFBX9+gndO9qVQZJr8zBTw8k8/pMtDubjkYqEv\n" - "qRME4/3q8+Sm8HlZ8FPpcU9XbLl+ASd+SWr8jCTGLSxF2hME8Lgg\n" - "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t ca_cert = { ca_cert_pem, - sizeof(ca_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIIC8zCCAdugAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCAXDTE1MDgxNDA5MzUxMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0wMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4O2BYEx/hl7URXhb\n" + "52erURO6HrlfacZjG0fQ2WqRcJJTqg2baAbA7+1SLdhphZ+KJDypEjJWmOgbaehI\n" + "hlK7zDZb+0r0uXlUQ11mgf7FcCDQoJBmC1dcN3o6zPeXg5hkWV+ZV2h7hhJTwkRc\n" + "C4DXTbaDKy8PNiC0MRMOGjeMfnL26oaxzuHNgH4u1J02+XUZ0UcSDrUc52O1lJ02\n" + "i1SbD+fTNBgmFQADXyAllZYJ/xwbxf44TFhQjiOvVpz/9EB2+/x5H0r1YvwKGY6v\n" + "5mfkUsEAE5+uxDXdZT84ltEKkAjbZ9cIgdmXRuD4mkyo3NHLh7oHCdsRRE/S/rZe\n" + "ikmGpQIDAQABo1gwVjAPBgNVHRMBAf8EBTADAQH/MBMGA1UdJQQMMAoGCCsGAQUF\n" + "BwMJMA8GA1UdDwEB/wQFAwMHBgAwHQYDVR0OBBYEFEvjsNoFTfqDEKbcwFnxKId+\n" + "ZQP8MA0GCSqGSIb3DQEBCwUAA4IBAQAKrbc6hER0xAjn5driLNyoz0JJr5P07PDI\n" + "d8AR3ZC56DSJNdvKDqdFIvAoo/JePCTFSdhbaqu+08MoTtRK5TKqjRiDiG4XCxiz\n" + "Ado7QouS+ZgDP1Uxv8j2YWeSpkusD+oIEK96wbeDaYi0ENbLWbm9zWqvHaaEYn4c\n" + "ov78n+7VvP3I2OFuJ0EPy+r55GPxSCRCh6apL78yAc6TfcyOwwTihvCF5ejCqRg/\n" + "T1As5NCCpdYP2nejRymjO6wMRsRFBX9+gndO9qVQZJr8zBTw8k8/pMtDubjkYqEv\n" + "qRME4/3q8+Sm8HlZ8FPpcU9XbLl+ASd+SWr8jCTGLSxF2hME8Lgg\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t ca_cert = { ca_cert_pem, sizeof(ca_cert_pem) }; static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDITCCAgmgAwIBAgIMVc22UBIVIpQdKaDeMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTAwIBcNMTUwODE0MDkzNTEyWhgPOTk5OTEyMzEyMzU5NTlaMBMx\n" - "ETAPBgNVBAMTCHNlcnZlci0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC\n" - "AQEAvhX+gDD8GkLW0GVH5C+AdbCFKAcj0tG+S+OuCpDp8NGZN4GXtbljUk5U82ha\n" - "nyq52eJCptCSspXNKq6Hn0H/eSXlRndnIblB49Dqy6kHq0i1ysmrbdbe9BWrUqeU\n" - "uKSZ8O98ANzHfVDOxCvhqGfytvrgudfk5JZxqAD2CXU6R5AjG60cnR49xGkplfKS\n" - "31fpdshDkQMm+w2hfa97wqjrTbQ7K4SIgB9AYbRNvHd8PAo6fxXrLaBPZkQu9AiP\n" - "D+sEz5bGrhzlIwz5SdcGAjuysB1WAygrWcTZ2zvX96lVTMhRF4umo8Rd1rzapB6G\n" - "Uj64cKtkyJjcGV54Ifd6E/lmDwIDAQABo3cwdTAMBgNVHRMBAf8EAjAAMBQGA1Ud\n" - "EQQNMAuCCWxvY2FsaG9zdDAPBgNVHQ8BAf8EBQMDB4AAMB0GA1UdDgQWBBSTZZoN\n" - "JNpaTuLaiXd+abUidelNDDAfBgNVHSMEGDAWgBRL47DaBU36gxCm3MBZ8SiHfmUD\n" - "/DANBgkqhkiG9w0BAQsFAAOCAQEANot3py74nzCijhKilXyHz44LnpzbZGxMzbdr\n" - "gK9maqqfiOWJMohOmSezYvMItudDn/Z3Bu7xzDxchDF80sBN+4UiDxl47uYbNl6o\n" - "UFfpFu4GmO0HfeWkbM1ZqVJGBa6zOCkc3aw0LK7O2YRcBcsjzdIPQpePf/jRpppJ\n" - "mz4qShtGa37Vfv4XxoXFPJdfil3uXl8Pe3qo+f8+DiMIIuxzKyQatu0DP4CjuEf1\n" - "6sgcBFbeUMAJsCh0qFbqObWyOe9XxFEukLMPV7s2EKnRcY7Xhyuf6wyNI/oPkmon\n" - "+m/yxJVZSWkpERsyXW1ZkR0Xw2KnJ4bzdQkDTs73ijOd4jFQvA==\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIC8zCCAdugAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCAXDTE1MDgxNDA5MzUxMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0wMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4O2BYEx/hl7URXhb\n" - "52erURO6HrlfacZjG0fQ2WqRcJJTqg2baAbA7+1SLdhphZ+KJDypEjJWmOgbaehI\n" - "hlK7zDZb+0r0uXlUQ11mgf7FcCDQoJBmC1dcN3o6zPeXg5hkWV+ZV2h7hhJTwkRc\n" - "C4DXTbaDKy8PNiC0MRMOGjeMfnL26oaxzuHNgH4u1J02+XUZ0UcSDrUc52O1lJ02\n" - "i1SbD+fTNBgmFQADXyAllZYJ/xwbxf44TFhQjiOvVpz/9EB2+/x5H0r1YvwKGY6v\n" - "5mfkUsEAE5+uxDXdZT84ltEKkAjbZ9cIgdmXRuD4mkyo3NHLh7oHCdsRRE/S/rZe\n" - "ikmGpQIDAQABo1gwVjAPBgNVHRMBAf8EBTADAQH/MBMGA1UdJQQMMAoGCCsGAQUF\n" - "BwMJMA8GA1UdDwEB/wQFAwMHBgAwHQYDVR0OBBYEFEvjsNoFTfqDEKbcwFnxKId+\n" - "ZQP8MA0GCSqGSIb3DQEBCwUAA4IBAQAKrbc6hER0xAjn5driLNyoz0JJr5P07PDI\n" - "d8AR3ZC56DSJNdvKDqdFIvAoo/JePCTFSdhbaqu+08MoTtRK5TKqjRiDiG4XCxiz\n" - "Ado7QouS+ZgDP1Uxv8j2YWeSpkusD+oIEK96wbeDaYi0ENbLWbm9zWqvHaaEYn4c\n" - "ov78n+7VvP3I2OFuJ0EPy+r55GPxSCRCh6apL78yAc6TfcyOwwTihvCF5ejCqRg/\n" - "T1As5NCCpdYP2nejRymjO6wMRsRFBX9+gndO9qVQZJr8zBTw8k8/pMtDubjkYqEv\n" - "qRME4/3q8+Sm8HlZ8FPpcU9XbLl+ASd+SWr8jCTGLSxF2hME8Lgg\n" - "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIIDITCCAgmgAwIBAgIMVc22UBIVIpQdKaDeMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTAwIBcNMTUwODE0MDkzNTEyWhgPOTk5OTEyMzEyMzU5NTlaMBMx\n" + "ETAPBgNVBAMTCHNlcnZlci0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC\n" + "AQEAvhX+gDD8GkLW0GVH5C+AdbCFKAcj0tG+S+OuCpDp8NGZN4GXtbljUk5U82ha\n" + "nyq52eJCptCSspXNKq6Hn0H/eSXlRndnIblB49Dqy6kHq0i1ysmrbdbe9BWrUqeU\n" + "uKSZ8O98ANzHfVDOxCvhqGfytvrgudfk5JZxqAD2CXU6R5AjG60cnR49xGkplfKS\n" + "31fpdshDkQMm+w2hfa97wqjrTbQ7K4SIgB9AYbRNvHd8PAo6fxXrLaBPZkQu9AiP\n" + "D+sEz5bGrhzlIwz5SdcGAjuysB1WAygrWcTZ2zvX96lVTMhRF4umo8Rd1rzapB6G\n" + "Uj64cKtkyJjcGV54Ifd6E/lmDwIDAQABo3cwdTAMBgNVHRMBAf8EAjAAMBQGA1Ud\n" + "EQQNMAuCCWxvY2FsaG9zdDAPBgNVHQ8BAf8EBQMDB4AAMB0GA1UdDgQWBBSTZZoN\n" + "JNpaTuLaiXd+abUidelNDDAfBgNVHSMEGDAWgBRL47DaBU36gxCm3MBZ8SiHfmUD\n" + "/DANBgkqhkiG9w0BAQsFAAOCAQEANot3py74nzCijhKilXyHz44LnpzbZGxMzbdr\n" + "gK9maqqfiOWJMohOmSezYvMItudDn/Z3Bu7xzDxchDF80sBN+4UiDxl47uYbNl6o\n" + "UFfpFu4GmO0HfeWkbM1ZqVJGBa6zOCkc3aw0LK7O2YRcBcsjzdIPQpePf/jRpppJ\n" + "mz4qShtGa37Vfv4XxoXFPJdfil3uXl8Pe3qo+f8+DiMIIuxzKyQatu0DP4CjuEf1\n" + "6sgcBFbeUMAJsCh0qFbqObWyOe9XxFEukLMPV7s2EKnRcY7Xhyuf6wyNI/oPkmon\n" + "+m/yxJVZSWkpERsyXW1ZkR0Xw2KnJ4bzdQkDTs73ijOd4jFQvA==\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIC8zCCAdugAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCAXDTE1MDgxNDA5MzUxMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0wMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4O2BYEx/hl7URXhb\n" + "52erURO6HrlfacZjG0fQ2WqRcJJTqg2baAbA7+1SLdhphZ+KJDypEjJWmOgbaehI\n" + "hlK7zDZb+0r0uXlUQ11mgf7FcCDQoJBmC1dcN3o6zPeXg5hkWV+ZV2h7hhJTwkRc\n" + "C4DXTbaDKy8PNiC0MRMOGjeMfnL26oaxzuHNgH4u1J02+XUZ0UcSDrUc52O1lJ02\n" + "i1SbD+fTNBgmFQADXyAllZYJ/xwbxf44TFhQjiOvVpz/9EB2+/x5H0r1YvwKGY6v\n" + "5mfkUsEAE5+uxDXdZT84ltEKkAjbZ9cIgdmXRuD4mkyo3NHLh7oHCdsRRE/S/rZe\n" + "ikmGpQIDAQABo1gwVjAPBgNVHRMBAf8EBTADAQH/MBMGA1UdJQQMMAoGCCsGAQUF\n" + "BwMJMA8GA1UdDwEB/wQFAwMHBgAwHQYDVR0OBBYEFEvjsNoFTfqDEKbcwFnxKId+\n" + "ZQP8MA0GCSqGSIb3DQEBCwUAA4IBAQAKrbc6hER0xAjn5driLNyoz0JJr5P07PDI\n" + "d8AR3ZC56DSJNdvKDqdFIvAoo/JePCTFSdhbaqu+08MoTtRK5TKqjRiDiG4XCxiz\n" + "Ado7QouS+ZgDP1Uxv8j2YWeSpkusD+oIEK96wbeDaYi0ENbLWbm9zWqvHaaEYn4c\n" + "ov78n+7VvP3I2OFuJ0EPy+r55GPxSCRCh6apL78yAc6TfcyOwwTihvCF5ejCqRg/\n" + "T1As5NCCpdYP2nejRymjO6wMRsRFBX9+gndO9qVQZJr8zBTw8k8/pMtDubjkYqEv\n" + "qRME4/3q8+Sm8HlZ8FPpcU9XbLl+ASd+SWr8jCTGLSxF2hME8Lgg\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIEowIBAAKCAQEAvhX+gDD8GkLW0GVH5C+AdbCFKAcj0tG+S+OuCpDp8NGZN4GX\n" - "tbljUk5U82hanyq52eJCptCSspXNKq6Hn0H/eSXlRndnIblB49Dqy6kHq0i1ysmr\n" - "bdbe9BWrUqeUuKSZ8O98ANzHfVDOxCvhqGfytvrgudfk5JZxqAD2CXU6R5AjG60c\n" - "nR49xGkplfKS31fpdshDkQMm+w2hfa97wqjrTbQ7K4SIgB9AYbRNvHd8PAo6fxXr\n" - "LaBPZkQu9AiPD+sEz5bGrhzlIwz5SdcGAjuysB1WAygrWcTZ2zvX96lVTMhRF4um\n" - "o8Rd1rzapB6GUj64cKtkyJjcGV54Ifd6E/lmDwIDAQABAoIBAQCPPDOSlVbi0wrb\n" - "7fXGVKUQCfvMtdSgv7wNo3s6KwidltNFqDmRjijxlGUfJbtjxOZW8NAYs4JXX9pC\n" - "F1HLCAhiWdPyzXbBSsAD0yGaZbyJrTiPnne3RPqsIsf+eJjwqdf2Xf+rBrKsE4A7\n" - "AnYAWJPknhdI8w5f0Z3DYzYC2nsYAI/FvJCpQvs9qMfVznctzcLUpvquDYrkDaFA\n" - "Rk14xQ8zhXKSugx1N2QAabk9YhMIDgBRHvZkQfBYJ/bNhfpLveQZX14QLn++EuFZ\n" - "F0QpoOtJhWNZDbDdroud2G821dl5bLKsKx0cD63Bsz1uV8vUQF0F2xx8t64SPhz9\n" - "zC/eZB+BAoGBAM57D4Nav1zreqBJZnWVtR7qr54AIg3nKccFPXLeezhI1iJi07tn\n" - "Fc2YdP+5NzRAVBOBKaMwuJ4ZdLnclsKD8A/LzMgerRfuV6EDHOPKAgWISU/+Up6x\n" - "Q5tQ2ocPjQFHb5gK3Le9lMkBHt1j6ZIptUIXTqzzwKYSDDYkdMCmSyBXAoGBAOus\n" - "XvHE/DIV6idE4k590nq+o9OdMet+LWUzmyTjlbVhPZ09vTSHs+3U1Fe4te6aNUI+\n" - "KkhizCHMvx+M0uzCwy31TDdLe9QbmtkQet0AAX/Qsb5IQrDi5iLl7UuvZMa7tCUe\n" - "R0puBRBzvZg4LQWDgJ9U4fO3YO0c3VBRpicQbvUJAoGAFN6bUst5TAsA+fJxSLE4\n" - "/Ub7OR0KVB1pO5RsAZA7JBU4j4EtpWNl8MHYEYDG86EM3mvPqY7jGhe4lJCXLFHp\n" - "ka8no5J2LFUKxltqMBva2HRN9Kff8eo4yxoA/GW1+ssdnGB8rpWa1DYoyHeww/Uz\n" - "PNreONzqO97XHSHSKyajsUECgYAe/3ENg8dYHyHJQHozsMD6fBC4SLjELLhz0zHY\n" - "zEZosP2VrQUx35d+9LtpPlZPp+DRcbPGCZin6XJKCA/GLGfXp6f6reb/oxHe8xf1\n" - "8YZA9YYrbP24nl9+v5dSmSM8MHwlVbIyy/3GiDKrzte9HerRCi0eDUSma2GAqvyb\n" - "rsGpYQKBgCj7dXo0LKYaEJ17NXCD6Cu7gMP9haYo0HHfkhBnIgYs/Cytgnedzp6k\n" - "kRcVr4yllg5yEgiqPvg+PyuL1sm0epQ85qeYOaR2CsbN6mYnwX8/8LLZ7Ep4v3vv\n" - "m0SlmY5Hgw6lit1DOr1HDoZZKzbpT3H//TrMMhvBPdcBQwjcHMHl\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; - -static -void server_check(void) + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIEowIBAAKCAQEAvhX+gDD8GkLW0GVH5C+AdbCFKAcj0tG+S+OuCpDp8NGZN4GX\n" + "tbljUk5U82hanyq52eJCptCSspXNKq6Hn0H/eSXlRndnIblB49Dqy6kHq0i1ysmr\n" + "bdbe9BWrUqeUuKSZ8O98ANzHfVDOxCvhqGfytvrgudfk5JZxqAD2CXU6R5AjG60c\n" + "nR49xGkplfKS31fpdshDkQMm+w2hfa97wqjrTbQ7K4SIgB9AYbRNvHd8PAo6fxXr\n" + "LaBPZkQu9AiPD+sEz5bGrhzlIwz5SdcGAjuysB1WAygrWcTZ2zvX96lVTMhRF4um\n" + "o8Rd1rzapB6GUj64cKtkyJjcGV54Ifd6E/lmDwIDAQABAoIBAQCPPDOSlVbi0wrb\n" + "7fXGVKUQCfvMtdSgv7wNo3s6KwidltNFqDmRjijxlGUfJbtjxOZW8NAYs4JXX9pC\n" + "F1HLCAhiWdPyzXbBSsAD0yGaZbyJrTiPnne3RPqsIsf+eJjwqdf2Xf+rBrKsE4A7\n" + "AnYAWJPknhdI8w5f0Z3DYzYC2nsYAI/FvJCpQvs9qMfVznctzcLUpvquDYrkDaFA\n" + "Rk14xQ8zhXKSugx1N2QAabk9YhMIDgBRHvZkQfBYJ/bNhfpLveQZX14QLn++EuFZ\n" + "F0QpoOtJhWNZDbDdroud2G821dl5bLKsKx0cD63Bsz1uV8vUQF0F2xx8t64SPhz9\n" + "zC/eZB+BAoGBAM57D4Nav1zreqBJZnWVtR7qr54AIg3nKccFPXLeezhI1iJi07tn\n" + "Fc2YdP+5NzRAVBOBKaMwuJ4ZdLnclsKD8A/LzMgerRfuV6EDHOPKAgWISU/+Up6x\n" + "Q5tQ2ocPjQFHb5gK3Le9lMkBHt1j6ZIptUIXTqzzwKYSDDYkdMCmSyBXAoGBAOus\n" + "XvHE/DIV6idE4k590nq+o9OdMet+LWUzmyTjlbVhPZ09vTSHs+3U1Fe4te6aNUI+\n" + "KkhizCHMvx+M0uzCwy31TDdLe9QbmtkQet0AAX/Qsb5IQrDi5iLl7UuvZMa7tCUe\n" + "R0puBRBzvZg4LQWDgJ9U4fO3YO0c3VBRpicQbvUJAoGAFN6bUst5TAsA+fJxSLE4\n" + "/Ub7OR0KVB1pO5RsAZA7JBU4j4EtpWNl8MHYEYDG86EM3mvPqY7jGhe4lJCXLFHp\n" + "ka8no5J2LFUKxltqMBva2HRN9Kff8eo4yxoA/GW1+ssdnGB8rpWa1DYoyHeww/Uz\n" + "PNreONzqO97XHSHSKyajsUECgYAe/3ENg8dYHyHJQHozsMD6fBC4SLjELLhz0zHY\n" + "zEZosP2VrQUx35d+9LtpPlZPp+DRcbPGCZin6XJKCA/GLGfXp6f6reb/oxHe8xf1\n" + "8YZA9YYrbP24nl9+v5dSmSM8MHwlVbIyy/3GiDKrzte9HerRCi0eDUSma2GAqvyb\n" + "rsGpYQKBgCj7dXo0LKYaEJ17NXCD6Cu7gMP9haYo0HHfkhBnIgYs/Cytgnedzp6k\n" + "kRcVr4yllg5yEgiqPvg+PyuL1sm0epQ85qeYOaR2CsbN6mYnwX8/8LLZ7Ep4v3vv\n" + "m0SlmY5Hgw6lit1DOr1HDoZZKzbpT3H//TrMMhvBPdcBQwjcHMHl\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; + +static void server_check(void) { int ret; /* Server stuff. */ @@ -164,15 +157,13 @@ void server_check(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); - gnutls_priority_set_direct(server, - "NORMAL:-KX-ALL:+RSA:-VERS-ALL:+VERS-TLS1.2", - NULL); + gnutls_priority_set_direct( + server, "NORMAL:-KX-ALL:+RSA:-VERS-ALL:+VERS-TLS1.2", NULL); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -182,9 +173,8 @@ void server_check(void) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -221,12 +211,11 @@ void server_check(void) static gnutls_privkey_t g_pkey = NULL; static gnutls_pcert_st *g_pcert = NULL; -static int -cert_callback(gnutls_session_t session, - const gnutls_datum_t * req_ca_rdn, int nreqs, - const gnutls_pk_algorithm_t * sign_algos, - int sign_algos_length, gnutls_pcert_st ** pcert, - unsigned int *pcert_length, gnutls_privkey_t * pkey) +static int cert_callback(gnutls_session_t session, + const gnutls_datum_t *req_ca_rdn, int nreqs, + const gnutls_pk_algorithm_t *sign_algos, + int sign_algos_length, gnutls_pcert_st **pcert, + unsigned int *pcert_length, gnutls_privkey_t *pkey) { int ret; gnutls_pcert_st *p; @@ -237,9 +226,8 @@ cert_callback(gnutls_session_t session, if (p == NULL) return -1; - ret = - gnutls_pcert_import_x509_raw(p, &server_cert, - GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_pcert_import_x509_raw(p, &server_cert, + GNUTLS_X509_FMT_PEM, 0); if (ret < 0) return -1; @@ -247,10 +235,8 @@ cert_callback(gnutls_session_t session, if (ret < 0) return -1; - ret = - gnutls_privkey_import_x509_raw(lkey, &server_key, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_privkey_import_x509_raw( + lkey, &server_key, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) return -1; @@ -268,8 +254,7 @@ cert_callback(gnutls_session_t session, return 0; } -static -void client_check(void) +static void client_check(void) { int ret; /* Server stuff. */ @@ -294,9 +279,10 @@ void client_check(void) gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); - gnutls_priority_set_direct(server, - "NORMAL:-KX-ALL:+RSA:%DEBUG_ALLOW_KEY_USAGE_VIOLATIONS:-VERS-ALL:+VERS-TLS1.2", - NULL); + gnutls_priority_set_direct( + server, + "NORMAL:-KX-ALL:+RSA:%DEBUG_ALLOW_KEY_USAGE_VIOLATIONS:-VERS-ALL:+VERS-TLS1.2", + NULL); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -306,9 +292,8 @@ void client_check(void) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); diff --git a/tests/keylog-env.c b/tests/keylog-env.c index 408f04a48b..46320dd87a 100644 --- a/tests/keylog-env.c +++ b/tests/keylog-env.c @@ -20,7 +20,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -29,10 +29,10 @@ #include #include #if !defined(_WIN32) -# include -# include -# include -# include +#include +#include +#include +#include #endif #include #include @@ -90,8 +90,8 @@ static void search_for_str(const char *filename, const char *label, fail("file should contain %s\n", label); } -static void run(const char *filename, const char *prio, - const char **included, const char **excluded) +static void run(const char *filename, const char *prio, const char **included, + const char **excluded) { gnutls_certificate_credentials_t x509_cred; gnutls_certificate_credentials_t clicred; @@ -117,19 +117,16 @@ static void run(const char *filename, const char *prio, assert(gnutls_certificate_allocate_credentials(&x509_cred) >= 0); assert(gnutls_certificate_allocate_credentials(&clicred) >= 0); - ret = - gnutls_certificate_set_x509_key_mem(x509_cred, - &server_ca3_localhost_cert_chain, - &server_ca3_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + x509_cred, &server_ca3_localhost_cert_chain, &server_ca3_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in error code\n"); exit(1); } - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); diff --git a/tests/keylog-func.c b/tests/keylog-func.c index 980c34844a..faf74c8154 100644 --- a/tests/keylog-func.c +++ b/tests/keylog-func.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -37,18 +37,18 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "cert-common.h" -# include "utils.h" +#include "cert-common.h" +#include "utils.h" /* This program tests whether a keylog function is called. */ @@ -69,21 +69,18 @@ const char *side = ""; /* These are global */ static pid_t child; -# define MAX_BUF 1024 -# define MSG "Hello TLS" +#define MAX_BUF 1024 +#define MSG "Hello TLS" -static int -keylog_func(gnutls_session_t session, - const char *label, const gnutls_datum_t * secret) +static int keylog_func(gnutls_session_t session, const char *label, + const gnutls_datum_t *secret) { unsigned int *call_count = gnutls_session_get_ptr(session); - static const char *exp_labels[] = { - "CLIENT_HANDSHAKE_TRAFFIC_SECRET", - "SERVER_HANDSHAKE_TRAFFIC_SECRET", - "EXPORTER_SECRET", - "CLIENT_TRAFFIC_SECRET_0", - "SERVER_TRAFFIC_SECRET_0" - }; + static const char *exp_labels[] = { "CLIENT_HANDSHAKE_TRAFFIC_SECRET", + "SERVER_HANDSHAKE_TRAFFIC_SECRET", + "EXPORTER_SECRET", + "CLIENT_TRAFFIC_SECRET_0", + "SERVER_TRAFFIC_SECRET_0" }; if (*call_count >= sizeof(exp_labels) / sizeof(exp_labels[0])) fail("unexpected secret at call count %u\n", *call_count); @@ -144,8 +141,7 @@ static void client(int fd, const char *prio, unsigned int exp_call_count) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) fail("client: Handshake failed: %s\n", gnutls_strerror(ret)); @@ -156,8 +152,8 @@ static void client(int fd, const char *prio, unsigned int exp_call_count) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); gnutls_record_send(session, MSG, strlen(MSG)); @@ -180,8 +176,8 @@ static void client(int fd, const char *prio, unsigned int exp_call_count) } if (call_count != exp_call_count) - fail("secret hook is not called %u times (%u)\n", - call_count, exp_call_count); + fail("secret hook is not called %u times (%u)\n", call_count, + exp_call_count); gnutls_bye(session, GNUTLS_SHUT_WR); @@ -220,18 +216,18 @@ static void server(int fd, const char *prio, unsigned int exp_call_count) /* avoid calling all the priority functions, since the defaults * are adequate. */ - ret = gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA384:-GROUP-ALL:+GROUP-SECP256R1", - NULL); + ret = gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA384:-GROUP-ALL:+GROUP-SECP256R1", + NULL); if (ret < 0) { fail("server: priority set failed (%s)\n\n", gnutls_strerror(ret)); terminate(); } - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, serverx509cred); gnutls_transport_set_int(session, fd); @@ -240,8 +236,7 @@ static void server(int fd, const char *prio, unsigned int exp_call_count) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -254,8 +249,8 @@ static void server(int fd, const char *prio, unsigned int exp_call_count) } if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); memset(buffer, 0, MAX_BUF + 1); @@ -265,8 +260,7 @@ static void server(int fd, const char *prio, unsigned int exp_call_count) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); } else if (ret < 0) { fail("server: Received corrupted data(%d). Closing...\n", ret); } else if (ret > 0) { @@ -276,8 +270,8 @@ static void server(int fd, const char *prio, unsigned int exp_call_count) } if (call_count != exp_call_count) - fail("secret hook is not called %u times (%u)\n", - call_count, exp_call_count); + fail("secret hook is not called %u times (%u)\n", call_count, + exp_call_count); /* do not wait for the peer to close the connection. */ @@ -344,4 +338,4 @@ void doit(void) run("NORMAL:-VERS-ALL:+VERS-TLS1.3", 5); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/ktls_keyupdate.c b/tests/ktls_keyupdate.c index 5844c56497..e3c51ec369 100644 --- a/tests/ktls_keyupdate.c +++ b/tests/ktls_keyupdate.c @@ -18,7 +18,7 @@ // along with GnuTLS. If not, see . #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -50,73 +50,77 @@ int main(void) #else -# define MAX_BUF 1024 -# define MSG "Hello world!" - -# define HANDSHAKE(session, name, ret)\ -{\ - do {\ - ret = gnutls_handshake(session);\ - }\ - while (ret < 0 && gnutls_error_is_fatal(ret) == 0);\ - if (ret < 0) {\ - fail("%s: Handshake failed\n", name);\ - goto end;\ - }\ -} +#define MAX_BUF 1024 +#define MSG "Hello world!" + +#define HANDSHAKE(session, name, ret) \ + { \ + do { \ + ret = gnutls_handshake(session); \ + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); \ + if (ret < 0) { \ + fail("%s: Handshake failed\n", name); \ + goto end; \ + } \ + } -# define SEND_MSG(session, name, ret)\ -{\ - do {\ - ret = gnutls_record_send(session, MSG, strlen(MSG)+1);\ - } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);\ - if (ret < 0) {\ - fail("%s: data sending has failed (%s)\n",name,\ - gnutls_strerror(ret));\ - goto end;\ - }\ -} +#define SEND_MSG(session, name, ret) \ + { \ + do { \ + ret = gnutls_record_send(session, MSG, \ + strlen(MSG) + 1); \ + } while (ret == GNUTLS_E_AGAIN || \ + ret == GNUTLS_E_INTERRUPTED); \ + if (ret < 0) { \ + fail("%s: data sending has failed (%s)\n", name, \ + gnutls_strerror(ret)); \ + goto end; \ + } \ + } -# define RECV_MSG(session, name, buffer, buffer_len, ret)\ -{\ - memset(buffer, 0, sizeof(buffer));\ - do{\ - ret = gnutls_record_recv(session, buffer, sizeof(buffer));\ - }\ - while(ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);\ - if (ret == 0) {\ - success("%s: Peer has closed the TLS connection\n", name);\ - goto end;\ - } else if (ret < 0) {\ - fail("%s: Error -> %s\n", name, gnutls_strerror(ret));\ - goto end;\ - }\ - if(strncmp(buffer, MSG, ret)){\ - fail("%s: Message doesn't match\n", name);\ - goto end;\ - }\ -} +#define RECV_MSG(session, name, buffer, buffer_len, ret) \ + { \ + memset(buffer, 0, sizeof(buffer)); \ + do { \ + ret = gnutls_record_recv(session, buffer, \ + sizeof(buffer)); \ + } while (ret == GNUTLS_E_AGAIN || \ + ret == GNUTLS_E_INTERRUPTED); \ + if (ret == 0) { \ + success("%s: Peer has closed the TLS connection\n", \ + name); \ + goto end; \ + } else if (ret < 0) { \ + fail("%s: Error -> %s\n", name, gnutls_strerror(ret)); \ + goto end; \ + } \ + if (strncmp(buffer, MSG, ret)) { \ + fail("%s: Message doesn't match\n", name); \ + goto end; \ + } \ + } -# define KEY_UPDATE(session, name, peer_req, ret)\ -{\ - do {\ - ret = gnutls_session_key_update(session, peer_req);\ - } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);\ - if (ret < 0) {\ - fail("%s: key update has failed (%s)\n", name, \ - gnutls_strerror(ret));\ - goto end;\ - }\ -} +#define KEY_UPDATE(session, name, peer_req, ret) \ + { \ + do { \ + ret = gnutls_session_key_update(session, peer_req); \ + } while (ret == GNUTLS_E_AGAIN || \ + ret == GNUTLS_E_INTERRUPTED); \ + if (ret < 0) { \ + fail("%s: key update has failed (%s)\n", name, \ + gnutls_strerror(ret)); \ + goto end; \ + } \ + } -# define CHECK_KTLS_ENABLED(session, ret)\ -{\ - ret = gnutls_transport_is_ktls_enabled(session);\ - if (!(ret & GNUTLS_KTLS_RECV)){\ - fail("client: KTLS was not properly initialized\n");\ - goto end;\ - }\ -} +#define CHECK_KTLS_ENABLED(session, ret) \ + { \ + ret = gnutls_transport_is_ktls_enabled(session); \ + if (!(ret & GNUTLS_KTLS_RECV)) { \ + fail("client: KTLS was not properly initialized\n"); \ + goto end; \ + } \ + } static void server_log_func(int level, const char *str) { @@ -158,28 +162,28 @@ static void client(int fd, const char *prio, int pipe) HANDSHAKE(session, name, ret); CHECK_KTLS_ENABLED(session, ret) - // Test 0: Try sending/receiving data - RECV_MSG(session, name, buffer, MAX_BUF + 1, ret) - SEND_MSG(session, name, ret) - CHECK_KTLS_ENABLED(session, ret) - // Test 1: Servers does key update - read(pipe, &foo, 1); + // Test 0: Try sending/receiving data + RECV_MSG(session, name, buffer, MAX_BUF + 1, ret) + SEND_MSG(session, name, ret) + CHECK_KTLS_ENABLED(session, ret) + // Test 1: Servers does key update + read(pipe, &foo, 1); RECV_MSG(session, name, buffer, MAX_BUF + 1, ret) - SEND_MSG(session, name, ret) - CHECK_KTLS_ENABLED(session, ret) - // Test 2: Does key update witch request - read(pipe, &foo, 1); + SEND_MSG(session, name, ret) + CHECK_KTLS_ENABLED(session, ret) + // Test 2: Does key update witch request + read(pipe, &foo, 1); RECV_MSG(session, name, buffer, MAX_BUF + 1, ret) - SEND_MSG(session, name, ret) - CHECK_KTLS_ENABLED(session, ret) - ret = gnutls_bye(session, GNUTLS_SHUT_RDWR); + SEND_MSG(session, name, ret) + CHECK_KTLS_ENABLED(session, ret) + ret = gnutls_bye(session, GNUTLS_SHUT_RDWR); if (ret < 0) { fail("client: error in closing session: %s\n", gnutls_strerror(ret)); } ret = 0; - end: +end: close(fd); @@ -218,9 +222,8 @@ static void server(int fd, const char *prio, int pipe) } gnutls_certificate_allocate_credentials(&x509_cred); - ret = gnutls_certificate_set_x509_key_mem(x509_cred, &server_cert, - &server_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + x509_cred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -234,31 +237,31 @@ static void server(int fd, const char *prio, int pipe) gnutls_transport_set_int(session, fd); HANDSHAKE(session, name, ret) - CHECK_KTLS_ENABLED(session, ret) - success("Test 0: sending/receiving data\n"); + CHECK_KTLS_ENABLED(session, ret) + success("Test 0: sending/receiving data\n"); SEND_MSG(session, name, ret) - RECV_MSG(session, name, buffer, MAX_BUF + 1, ret) - CHECK_KTLS_ENABLED(session, ret) - success("Test 1: server key update without request\n"); + RECV_MSG(session, name, buffer, MAX_BUF + 1, ret) + CHECK_KTLS_ENABLED(session, ret) + success("Test 1: server key update without request\n"); KEY_UPDATE(session, name, 0, ret) - write(pipe, &bar, 1); + write(pipe, &bar, 1); SEND_MSG(session, name, ret) - RECV_MSG(session, name, buffer, MAX_BUF + 1, ret) - CHECK_KTLS_ENABLED(session, ret) - success("Test 2: server key update with request\n"); + RECV_MSG(session, name, buffer, MAX_BUF + 1, ret) + CHECK_KTLS_ENABLED(session, ret) + success("Test 2: server key update with request\n"); KEY_UPDATE(session, name, GNUTLS_KU_PEER, ret) - write(pipe, &bar, 1); + write(pipe, &bar, 1); SEND_MSG(session, name, ret) - RECV_MSG(session, name, buffer, MAX_BUF + 1, ret) - CHECK_KTLS_ENABLED(session, ret) - ret = gnutls_bye(session, GNUTLS_SHUT_RDWR); + RECV_MSG(session, name, buffer, MAX_BUF + 1, ret) + CHECK_KTLS_ENABLED(session, ret) + ret = gnutls_bye(session, GNUTLS_SHUT_RDWR); if (ret < 0) { fail("server: error in closing session: %s\n", gnutls_strerror(ret)); } ret = 0; - end: +end: close(fd); gnutls_deinit(session); @@ -287,7 +290,7 @@ static void run(const char *prio) int listener; int fd; - int sync_pipe[2]; //used for synchronization + int sync_pipe[2]; //used for synchronization pipe(sync_pipe); success("running ktls test with %s\n", prio); @@ -362,4 +365,4 @@ void doit(void) run("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-256-GCM"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/long-session-id.c b/tests/long-session-id.c index 86858bd780..155e7f3834 100644 --- a/tests/long-session-id.c +++ b/tests/long-session-id.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,17 +35,17 @@ void doit(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "utils.h" /* This program tests the robustness of record * decoding. @@ -57,45 +57,42 @@ static void client_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; /* A very basic TLS client, with anonymous authentication. */ @@ -132,8 +129,7 @@ static void client(int fd, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); r = gnutls_ecc_curve_get(session); if (r == 0xffffffff) { @@ -152,7 +148,7 @@ static void client(int fd, const char *prio) kill(getpid(), SIGSEGV); } - cleanup: +cleanup: close(fd); gnutls_deinit(session); @@ -169,10 +165,13 @@ static void server(int fd, const char *prio) { int ret; uint8_t id[255]; - uint8_t buffer[] = "\x16\x03\x01\x01\x25" "\x02\x00\x01\x21" "\x03\x01" /*Server Version */ - /*Random */ - "\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00" - /*SessionID */ "\xfe"; + uint8_t buffer[] = + "\x16\x03\x01\x01\x25" + "\x02\x00\x01\x21" + "\x03\x01" /*Server Version */ + /*Random */ + "\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00" + /*SessionID */ "\xfe"; ret = read(fd, id, sizeof(id)); if (ret < 0) { @@ -245,4 +244,4 @@ void doit(void) start("NORMAL:-VERS-ALL:+VERS-TLS1.2"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-alpn.c b/tests/mini-alpn.c index 97e1478851..55b03a6e21 100644 --- a/tests/mini-alpn.c +++ b/tests/mini-alpn.c @@ -18,7 +18,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,18 +33,18 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -90,9 +90,10 @@ static void client(int fd, const char *protocol0, const char *protocol2, gnutls_init(&session, GNUTLS_CLIENT); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); if (protocol1) { gnutls_datum_t t[3]; t[0].data = (void *)protocol0; @@ -119,8 +120,7 @@ static void client(int fd, const char *protocol0, const char *protocol2, */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -133,8 +133,8 @@ static void client(int fd, const char *protocol0, const char *protocol2, if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); ret = gnutls_alpn_get_selected_protocol(session, &proto); if (ret < 0) { @@ -143,8 +143,8 @@ static void client(int fd, const char *protocol0, const char *protocol2, } if (debug) { - fprintf(stderr, "selected protocol: %.*s\n", - (int)proto.size, proto.data); + fprintf(stderr, "selected protocol: %.*s\n", (int)proto.size, + proto.data); } gnutls_bye(session, GNUTLS_SHUT_WR); @@ -191,9 +191,10 @@ static void server(int fd, const char *protocol1, const char *protocol2) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); t[0].data = (void *)protocol1; t[0].size = strlen(protocol1); @@ -212,8 +213,7 @@ static void server(int fd, const char *protocol1, const char *protocol2) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -226,8 +226,8 @@ static void server(int fd, const char *protocol1, const char *protocol2) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); ret = gnutls_alpn_get_selected_protocol(session, &selected); if (ret < 0) { @@ -239,9 +239,10 @@ static void server(int fd, const char *protocol1, const char *protocol2) success("Protocol: %.*s\n", (int)selected.size, selected.data); } - if (selected.size != strlen(protocol1) - || memcmp(selected.data, protocol1, selected.size) != 0) { - fail("did not select the expected protocol (selected %.*s, expected %s)\n", selected.size, selected.data, protocol1); + if (selected.size != strlen(protocol1) || + memcmp(selected.data, protocol1, selected.size) != 0) { + fail("did not select the expected protocol (selected %.*s, expected %s)\n", + selected.size, selected.data, protocol1); exit(1); } @@ -301,4 +302,4 @@ void doit(void) start("spdy/3", "spdy/2"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-chain-unsorted.c b/tests/mini-chain-unsorted.c index b012fbb97c..e02f71bed4 100644 --- a/tests/mini-chain-unsorted.c +++ b/tests/mini-chain-unsorted.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,18 +35,18 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" /* This program tests whether the import functions sort the * chain. @@ -58,122 +58,121 @@ static void client_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = -/* 0 */ "-----BEGIN CERTIFICATE-----\n" - "MIIDIzCCAgugAwIBAgIMVHc8lDcqr/T62g5oMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTIwIhgPMjAxNDExMjcxNTAwMzZaGA85OTk5MTIzMTIzNTk1OVow\n" - "EzERMA8GA1UEAxMIc2VydmVyLTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" - "AoIBAQCsfFrZmOxA7ijkppwPtakc8ecuBRr9Dr4pe/alC/OXVZsZlAlnR0xd53XF\n" - "uUPwo9Ga2q7iY8+8yPRNs8gfl6IrHvUUtaukWdMlQq5nhRFaPgOzHOEZGGEUk3UF\n" - "R/8lld6xQFoe7FvHwQ5cIkIl0cN/I4jiUb9fQhRwcBPjmQbCisYXUZDe8KtCnkjw\n" - "ZZfOp7UclWPm+hv4G3cfeRUUis0Xf8sScjLAam7ojkGL9CeETXl1JGSqqmVN7svN\n" - "yDsiQebCSrA4wCt+ENe9rE6Cme6dEv+U4lyx4oijn4sNvPwwgmu+/g6XjhE6IWBL\n" - "kWXLJ1K4rixbqt3d3+H7IAFiX99bAgMBAAGjdzB1MAwGA1UdEwEB/wQCMAAwFAYD\n" - "VR0RBA0wC4IJbG9jYWxob3N0MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFNt6\n" - "DwawLeNaZ+5LMNBdeTVWZsmOMB8GA1UdIwQYMBaAFCjlkQq5yKVHzXPQLahHCcmS\n" - "AJRpMA0GCSqGSIb3DQEBCwUAA4IBAQClbMnEQpHwwqcdrGKiNXQYyJDClVfQFTlh\n" - "fTU2qUx8gfyP+1yR0lqsdremSzSjLPM6LmcJLAdu7GhL32Lc3068CCzDtd6vJDGf\n" - "vO1eudcixbAf7NuELCZM08wLuJvKQFlNYFSVZSb04habhcwgowsiy0YC+dF9XQKa\n" - "5YDGvOuMTqqKt5Wph+izCGQ+6WyRZQp2CIFWo0vBCYFaslaA/TBnsldIuACJFmg9\n" - "kmspW97ROmNr1jfQNyBVWjd1EER80zZCngXq4+JnP1tppJNcYFhHeqSGQCqASehY\n" - "CC7ITbKAK8IdwU4gVk7R92rOKyrFPimc1UwObNpxbL5jizZqemW7\n" - "-----END CERTIFICATE-----\n" -/* 3 */ "-----BEGIN CERTIFICATE-----\n" - "MIIC9TCCAd2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQxMTI3MTUwMDM2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC16A/jNGbd6oP3\n" - "t/neq6hlWopjKEPnM9FMZgPSNVsKtQEb1dOx2EDCuP3rC2POogAjo0NuE/SZtM0N\n" - "Nyf+X3QdjwcFdugMLTXGmGlEhCeWhSEjLwrd6eapdHzwpV0Ag22CvzoKEQenu92+\n" - "TI1MN/1j3XOgnOP3t4q5TeSZn7XtAMCBqt9b+LJT5XJ/sF6b1sH803HqV3CZ6ga+\n" - "kFY+uDcpImQEJNZi/B1xYObSHF+frg4SyeqjxiV9vmFHhRgLmD96iVukQTC/RPX3\n" - "ntl0wGBjpmglUVdcAJdZL7L2um1T1n3u+jS3U5FW7+MOnnTGqRT2pcYtHHLg2GDf\n" - "SSUpeuphAgMBAAGjWDBWMA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYB\n" - "BQUHAwkwDwYDVR0PAQH/BAUDAwcGADAdBgNVHQ4EFgQU1aTwaphaQJeRY+IF9NNT\n" - "mHHpIQ0wDQYJKoZIhvcNAQELBQADggEBAGUjVPu4aeel7UmgUvjBEpGbw6j9wKRL\n" - "4vVgGllKWH0diISEjPcJv0dTDJs4ZbY7KAEc4DRCl1QwNFsuASP5BlMSrWo+eGiC\n" - "oxsndY2EIpHAheLHXkVwbOwM5VRN2IhlcmVtHM370luvJjNa1MXy1p1/VEjGS794\n" - "FgtMOm9yILCM8WqwRHOY/mAOu/9iY/Zfqfobm+IfqgBmQMOLAIMKJffh15meTDRi\n" - "W3QXdf/khr1T3JEJ55t1WxcC1cWV4FnecUU4wlKs1mBghV+/8cgbYjoIdUAsYsdv\n" - "SjySP3B65XXw9G3MmHOjNoRpF7Oeea8tN+zxw3xFx/a9Uq19BdOlrHE=\n" - "-----END CERTIFICATE-----\n" -/* 1 */ "-----BEGIN CERTIFICATE-----\n" - "MIIDFjCCAf6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" - "MCIYDzIwMTQxMTI3MTUwMDM2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOnFo6ntaysv14\n" - "ewFwkm+mbE/8hEiZEcMNnWNSJb9tgpATLgu9LefStzRIvzns4OyLL77TEz8Gl8gJ\n" - "syfba2aIKxLveO1jpqQSfkcVlufa/GHspPKMkHMjz1UB+fQEAazAjVKHoofemKxW\n" - "0TtLeuL0LoE4g452Yy60vxRNwOs7WPZ5lktIQTYZTYcEjiiVlrRXXGgo9qCSfG4n\n" - "B+TmlraGHHPlKINcsOJnZOOZ6qHx+ZpqeCvuD7apiPcVzfLhxdJFoznY4r/bdCZT\n" - "ehChrKCYk5DmaPRBW0TLWoYrny745SG9U8XzTkKYaCDLhyMvn1oMrRVdbwO3/e6q\n" - "DbEvbpUrAgMBAAGjeTB3MA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYB\n" - "BQUHAwkwDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUKOWRCrnIpUfNc9AtqEcJ\n" - "yZIAlGkwHwYDVR0jBBgwFoAUarsjXomEecxGrV0LDBX8Dy+vh68wDQYJKoZIhvcN\n" - "AQELBQADggEBAKgo2SIyLywamhcqLnhxCXgx0SHJgmEVD7CvPgTISZisg5yMS77G\n" - "WqtHbyo7kOYIjbrzVRGOsijKmgCgqNTQXSMbWUfDOV93q82nV0bjQtnvZKMc0+OM\n" - "/cB5PA7BFKvVrpYGefFQtrgkFhHSoUwDtpJAdYJPWgUMiqpvDuQdD/d6FQ18rb7w\n" - "QuIIvUeHaawm8HLrJ5JZoy7BnryY4SEFqGSTeNWp4CyeTeQPAcCdZ3NlnSDV1RM2\n" - "QelcD8S6GAp8l8LcF1zqiaoqWVYdeVnO6Doabx/IP7ZxctcdaEAdUQYjJ/dG3A2p\n" - "wpf3tVoOBKFByhdBrz7uda09sq57+AmvQdk=\n" "-----END CERTIFICATE-----\n" -/* 2 */ "-----BEGIN CERTIFICATE-----\n" - "MIIDFjCCAf6gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQxMTI3MTUwMDM2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDft9fjnipXU+WO\n" - "NsIhqVgTkwQPWklvuJbAphYa0oCm/+S0dvalVEq9RMqV+sUtqrZ55LsHxvtD1iu9\n" - "03kf/FcqaAjSVZBt6n8JIfl4xyi//FYizamm2KEsBCEsUCH6iJGMGXfYAWgpMJ/6\n" - "yHwikBDI0Ea5ckIW58eWHI6Hmd11DTSy6OGNnOFqyEe3S/m1zTtNNGiA0VcSyAjg\n" - "98zaWGQHaQuqczqfoMz0dB5ly0mw2LfVxCPM8Z8xH1S9TNVqWnKu483Gp+2TkeKl\n" - "bJ5dI1XMihaxFq6xf9OsULGtMd8biRNxl8f8zsfd0A9LoPJWKdp345OJ33ULwogI\n" - "M6kUMw63AgMBAAGjeTB3MA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYB\n" - "BQUHAwkwDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUarsjXomEecxGrV0LDBX8\n" - "Dy+vh68wHwYDVR0jBBgwFoAU1aTwaphaQJeRY+IF9NNTmHHpIQ0wDQYJKoZIhvcN\n" - "AQELBQADggEBALGbNfhgr46cnDIbvPxXmNmMm840oVc9n5pW4be9emTWO67zkqll\n" - "KBjLbEAZTVSsjqPh8357iR5nVAen23eVYD5eGkuDZZAP3kvfVNVNCTQAEm0XDAse\n" - "kxbxL0ZWezMbC/U8R3tFSDZOCb/bM+wCKg1hX5My0+utKAmhbwlYQY9fKyhZCUdv\n" - "GnO3f5JInJDH2FmG80RouZ8Av6CjOwfChz+SPTgrMsbTugYWX9SVQ8oRF+N7cudC\n" - "7XlvScNQKlbzmMl2zLQOrL78djCLVdU70bZcpq1o7L/R59YNAB+4fGH8rTWZMYQB\n" - "rSoCPlyNAYAqMPXPsUFV/ngeYNSbpTz3SGA=\n" "-----END CERTIFICATE-----\n" "\n"; - -const gnutls_datum_t server_cert = { - server_cert_pem, - sizeof(server_cert_pem) -}; + /* 0 */ + "-----BEGIN CERTIFICATE-----\n" + "MIIDIzCCAgugAwIBAgIMVHc8lDcqr/T62g5oMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTIwIhgPMjAxNDExMjcxNTAwMzZaGA85OTk5MTIzMTIzNTk1OVow\n" + "EzERMA8GA1UEAxMIc2VydmVyLTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQCsfFrZmOxA7ijkppwPtakc8ecuBRr9Dr4pe/alC/OXVZsZlAlnR0xd53XF\n" + "uUPwo9Ga2q7iY8+8yPRNs8gfl6IrHvUUtaukWdMlQq5nhRFaPgOzHOEZGGEUk3UF\n" + "R/8lld6xQFoe7FvHwQ5cIkIl0cN/I4jiUb9fQhRwcBPjmQbCisYXUZDe8KtCnkjw\n" + "ZZfOp7UclWPm+hv4G3cfeRUUis0Xf8sScjLAam7ojkGL9CeETXl1JGSqqmVN7svN\n" + "yDsiQebCSrA4wCt+ENe9rE6Cme6dEv+U4lyx4oijn4sNvPwwgmu+/g6XjhE6IWBL\n" + "kWXLJ1K4rixbqt3d3+H7IAFiX99bAgMBAAGjdzB1MAwGA1UdEwEB/wQCMAAwFAYD\n" + "VR0RBA0wC4IJbG9jYWxob3N0MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFNt6\n" + "DwawLeNaZ+5LMNBdeTVWZsmOMB8GA1UdIwQYMBaAFCjlkQq5yKVHzXPQLahHCcmS\n" + "AJRpMA0GCSqGSIb3DQEBCwUAA4IBAQClbMnEQpHwwqcdrGKiNXQYyJDClVfQFTlh\n" + "fTU2qUx8gfyP+1yR0lqsdremSzSjLPM6LmcJLAdu7GhL32Lc3068CCzDtd6vJDGf\n" + "vO1eudcixbAf7NuELCZM08wLuJvKQFlNYFSVZSb04habhcwgowsiy0YC+dF9XQKa\n" + "5YDGvOuMTqqKt5Wph+izCGQ+6WyRZQp2CIFWo0vBCYFaslaA/TBnsldIuACJFmg9\n" + "kmspW97ROmNr1jfQNyBVWjd1EER80zZCngXq4+JnP1tppJNcYFhHeqSGQCqASehY\n" + "CC7ITbKAK8IdwU4gVk7R92rOKyrFPimc1UwObNpxbL5jizZqemW7\n" + "-----END CERTIFICATE-----\n" + /* 3 */ "-----BEGIN CERTIFICATE-----\n" + "MIIC9TCCAd2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQxMTI3MTUwMDM2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC16A/jNGbd6oP3\n" + "t/neq6hlWopjKEPnM9FMZgPSNVsKtQEb1dOx2EDCuP3rC2POogAjo0NuE/SZtM0N\n" + "Nyf+X3QdjwcFdugMLTXGmGlEhCeWhSEjLwrd6eapdHzwpV0Ag22CvzoKEQenu92+\n" + "TI1MN/1j3XOgnOP3t4q5TeSZn7XtAMCBqt9b+LJT5XJ/sF6b1sH803HqV3CZ6ga+\n" + "kFY+uDcpImQEJNZi/B1xYObSHF+frg4SyeqjxiV9vmFHhRgLmD96iVukQTC/RPX3\n" + "ntl0wGBjpmglUVdcAJdZL7L2um1T1n3u+jS3U5FW7+MOnnTGqRT2pcYtHHLg2GDf\n" + "SSUpeuphAgMBAAGjWDBWMA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYB\n" + "BQUHAwkwDwYDVR0PAQH/BAUDAwcGADAdBgNVHQ4EFgQU1aTwaphaQJeRY+IF9NNT\n" + "mHHpIQ0wDQYJKoZIhvcNAQELBQADggEBAGUjVPu4aeel7UmgUvjBEpGbw6j9wKRL\n" + "4vVgGllKWH0diISEjPcJv0dTDJs4ZbY7KAEc4DRCl1QwNFsuASP5BlMSrWo+eGiC\n" + "oxsndY2EIpHAheLHXkVwbOwM5VRN2IhlcmVtHM370luvJjNa1MXy1p1/VEjGS794\n" + "FgtMOm9yILCM8WqwRHOY/mAOu/9iY/Zfqfobm+IfqgBmQMOLAIMKJffh15meTDRi\n" + "W3QXdf/khr1T3JEJ55t1WxcC1cWV4FnecUU4wlKs1mBghV+/8cgbYjoIdUAsYsdv\n" + "SjySP3B65XXw9G3MmHOjNoRpF7Oeea8tN+zxw3xFx/a9Uq19BdOlrHE=\n" + "-----END CERTIFICATE-----\n" + /* 1 */ "-----BEGIN CERTIFICATE-----\n" + "MIIDFjCCAf6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" + "MCIYDzIwMTQxMTI3MTUwMDM2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOnFo6ntaysv14\n" + "ewFwkm+mbE/8hEiZEcMNnWNSJb9tgpATLgu9LefStzRIvzns4OyLL77TEz8Gl8gJ\n" + "syfba2aIKxLveO1jpqQSfkcVlufa/GHspPKMkHMjz1UB+fQEAazAjVKHoofemKxW\n" + "0TtLeuL0LoE4g452Yy60vxRNwOs7WPZ5lktIQTYZTYcEjiiVlrRXXGgo9qCSfG4n\n" + "B+TmlraGHHPlKINcsOJnZOOZ6qHx+ZpqeCvuD7apiPcVzfLhxdJFoznY4r/bdCZT\n" + "ehChrKCYk5DmaPRBW0TLWoYrny745SG9U8XzTkKYaCDLhyMvn1oMrRVdbwO3/e6q\n" + "DbEvbpUrAgMBAAGjeTB3MA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYB\n" + "BQUHAwkwDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUKOWRCrnIpUfNc9AtqEcJ\n" + "yZIAlGkwHwYDVR0jBBgwFoAUarsjXomEecxGrV0LDBX8Dy+vh68wDQYJKoZIhvcN\n" + "AQELBQADggEBAKgo2SIyLywamhcqLnhxCXgx0SHJgmEVD7CvPgTISZisg5yMS77G\n" + "WqtHbyo7kOYIjbrzVRGOsijKmgCgqNTQXSMbWUfDOV93q82nV0bjQtnvZKMc0+OM\n" + "/cB5PA7BFKvVrpYGefFQtrgkFhHSoUwDtpJAdYJPWgUMiqpvDuQdD/d6FQ18rb7w\n" + "QuIIvUeHaawm8HLrJ5JZoy7BnryY4SEFqGSTeNWp4CyeTeQPAcCdZ3NlnSDV1RM2\n" + "QelcD8S6GAp8l8LcF1zqiaoqWVYdeVnO6Doabx/IP7ZxctcdaEAdUQYjJ/dG3A2p\n" + "wpf3tVoOBKFByhdBrz7uda09sq57+AmvQdk=\n" + "-----END CERTIFICATE-----\n" + /* 2 */ "-----BEGIN CERTIFICATE-----\n" + "MIIDFjCCAf6gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQxMTI3MTUwMDM2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDft9fjnipXU+WO\n" + "NsIhqVgTkwQPWklvuJbAphYa0oCm/+S0dvalVEq9RMqV+sUtqrZ55LsHxvtD1iu9\n" + "03kf/FcqaAjSVZBt6n8JIfl4xyi//FYizamm2KEsBCEsUCH6iJGMGXfYAWgpMJ/6\n" + "yHwikBDI0Ea5ckIW58eWHI6Hmd11DTSy6OGNnOFqyEe3S/m1zTtNNGiA0VcSyAjg\n" + "98zaWGQHaQuqczqfoMz0dB5ly0mw2LfVxCPM8Z8xH1S9TNVqWnKu483Gp+2TkeKl\n" + "bJ5dI1XMihaxFq6xf9OsULGtMd8biRNxl8f8zsfd0A9LoPJWKdp345OJ33ULwogI\n" + "M6kUMw63AgMBAAGjeTB3MA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYB\n" + "BQUHAwkwDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUarsjXomEecxGrV0LDBX8\n" + "Dy+vh68wHwYDVR0jBBgwFoAU1aTwaphaQJeRY+IF9NNTmHHpIQ0wDQYJKoZIhvcN\n" + "AQELBQADggEBALGbNfhgr46cnDIbvPxXmNmMm840oVc9n5pW4be9emTWO67zkqll\n" + "KBjLbEAZTVSsjqPh8357iR5nVAen23eVYD5eGkuDZZAP3kvfVNVNCTQAEm0XDAse\n" + "kxbxL0ZWezMbC/U8R3tFSDZOCb/bM+wCKg1hX5My0+utKAmhbwlYQY9fKyhZCUdv\n" + "GnO3f5JInJDH2FmG80RouZ8Av6CjOwfChz+SPTgrMsbTugYWX9SVQ8oRF+N7cudC\n" + "7XlvScNQKlbzmMl2zLQOrL78djCLVdU70bZcpq1o7L/R59YNAB+4fGH8rTWZMYQB\n" + "rSoCPlyNAYAqMPXPsUFV/ngeYNSbpTz3SGA=\n" + "-----END CERTIFICATE-----\n" + "\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIEowIBAAKCAQEArHxa2ZjsQO4o5KacD7WpHPHnLgUa/Q6+KXv2pQvzl1WbGZQJ\n" - "Z0dMXed1xblD8KPRmtqu4mPPvMj0TbPIH5eiKx71FLWrpFnTJUKuZ4URWj4Dsxzh\n" - "GRhhFJN1BUf/JZXesUBaHuxbx8EOXCJCJdHDfyOI4lG/X0IUcHAT45kGworGF1GQ\n" - "3vCrQp5I8GWXzqe1HJVj5vob+Bt3H3kVFIrNF3/LEnIywGpu6I5Bi/QnhE15dSRk\n" - "qqplTe7Lzcg7IkHmwkqwOMArfhDXvaxOgpnunRL/lOJcseKIo5+LDbz8MIJrvv4O\n" - "l44ROiFgS5FlyydSuK4sW6rd3d/h+yABYl/fWwIDAQABAoIBAQCL0vc25C/I5wfB\n" - "a4qhdYsVCsh0VvEs6TGgoXwtCYY7TMtBre79iR/QE902HtyDi9lT5ijVH0J88I6T\n" - "GsWFTr/Iovzb//WXcrWmw+prwsRxWkpXfXbAiDHSo0K+uEGOr3JqUBd+b+5q/QZu\n" - "C9uBmw0W2LCTft9bEk9NYp3M5/VB6DaQbk//b7E9KFc7nFgzeQaSYHu9NBSLGZ2e\n" - "HqvzotiwlI6yfWTPm/esipXWaB4zqesx0TedoNK9SUAFdFBEHTyqm5RoGotjNLoM\n" - "bN08Fj3qOJekjPGBrMu37UKoRGdaTyPlmCGZ0+HN2F4kuaUGE8HHnUU3VIA3lTMh\n" - "LGt8jYpxAoGBAMsr8XlLsGFUgntHbCe5GhNKd9RJtRH1+zNw88ilfjttpxjggcL7\n" - "KGbcCK1VOhuD0Ud1pTklYFOUckZY6y1b4nUkp5SG4w8OiIcIZeE9erKwprnHa9RF\n" - "cewMtYhJ68evPrbM9UHEkTbdNBI4Cv561cY80pnsMTxy9al/aM23SLIJAoGBANlV\n" - "0J/lUuA4Lsvrtu/IriwUguMIBw7hC5gBIU58K9Xpo6fr55VTt6OALDrY5zbCPf38\n" - "pGMZgPsP3FG61BycA7jWB01Y++3COYKNKQtddWuY0SqCVS7Mdt6DwpYwUD7gRDY3\n" - "aIHMUP45glYEVnHgpwNM09f+ldiK4TnCJuKYRM9DAoGAYM3NPlf78EQN76M2Oy8M\n" - "54gh1DpSVf539CirXzzLCpHSfh3qdfapZ2kLkVr8VsPV4VCCqtnOLcSbNj2DwJb5\n" - "LYuLdU9XvILWNlCgClP6tE1LA1WrYPa9sxTTId7mwrwTC5JYgT+hWRzIhK3DP0FT\n" - "viKYzdImG4FC38HfM7VSo9ECgYBiP+wnTKlxmZR2NWIm9ibe4IrnDYr7S/tMxT4E\n" - "WBgNBSkp0XiIxibfcCMOm12zII6b0mmSL0ZiuSHVhMs8/76jAYadjdud+U68WQo0\n" - "DBT4BkaQnAjcNiyKnTALa13rfsD3bYb+HpqCwwbL0fwuUOvPjxy5qWqeUPJOhRnF\n" - "GCcLNwKBgHtDlVG5lJqtNty4aL9oBgcP0VcY/73Dx+l25DhprdlTHsjg+ue0rpjA\n" - "ieq7o2hENu6MA1AQ8o+BP6SlRuhYmvzh7vVbs3qFjnslaMCveHZDITN/0NJqF9xO\n" - "IeKrLzOIboyQw/sMSrPIPYILgXP0YnueteOgPUSZEcrqPIJI08Sb\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIEowIBAAKCAQEArHxa2ZjsQO4o5KacD7WpHPHnLgUa/Q6+KXv2pQvzl1WbGZQJ\n" + "Z0dMXed1xblD8KPRmtqu4mPPvMj0TbPIH5eiKx71FLWrpFnTJUKuZ4URWj4Dsxzh\n" + "GRhhFJN1BUf/JZXesUBaHuxbx8EOXCJCJdHDfyOI4lG/X0IUcHAT45kGworGF1GQ\n" + "3vCrQp5I8GWXzqe1HJVj5vob+Bt3H3kVFIrNF3/LEnIywGpu6I5Bi/QnhE15dSRk\n" + "qqplTe7Lzcg7IkHmwkqwOMArfhDXvaxOgpnunRL/lOJcseKIo5+LDbz8MIJrvv4O\n" + "l44ROiFgS5FlyydSuK4sW6rd3d/h+yABYl/fWwIDAQABAoIBAQCL0vc25C/I5wfB\n" + "a4qhdYsVCsh0VvEs6TGgoXwtCYY7TMtBre79iR/QE902HtyDi9lT5ijVH0J88I6T\n" + "GsWFTr/Iovzb//WXcrWmw+prwsRxWkpXfXbAiDHSo0K+uEGOr3JqUBd+b+5q/QZu\n" + "C9uBmw0W2LCTft9bEk9NYp3M5/VB6DaQbk//b7E9KFc7nFgzeQaSYHu9NBSLGZ2e\n" + "HqvzotiwlI6yfWTPm/esipXWaB4zqesx0TedoNK9SUAFdFBEHTyqm5RoGotjNLoM\n" + "bN08Fj3qOJekjPGBrMu37UKoRGdaTyPlmCGZ0+HN2F4kuaUGE8HHnUU3VIA3lTMh\n" + "LGt8jYpxAoGBAMsr8XlLsGFUgntHbCe5GhNKd9RJtRH1+zNw88ilfjttpxjggcL7\n" + "KGbcCK1VOhuD0Ud1pTklYFOUckZY6y1b4nUkp5SG4w8OiIcIZeE9erKwprnHa9RF\n" + "cewMtYhJ68evPrbM9UHEkTbdNBI4Cv561cY80pnsMTxy9al/aM23SLIJAoGBANlV\n" + "0J/lUuA4Lsvrtu/IriwUguMIBw7hC5gBIU58K9Xpo6fr55VTt6OALDrY5zbCPf38\n" + "pGMZgPsP3FG61BycA7jWB01Y++3COYKNKQtddWuY0SqCVS7Mdt6DwpYwUD7gRDY3\n" + "aIHMUP45glYEVnHgpwNM09f+ldiK4TnCJuKYRM9DAoGAYM3NPlf78EQN76M2Oy8M\n" + "54gh1DpSVf539CirXzzLCpHSfh3qdfapZ2kLkVr8VsPV4VCCqtnOLcSbNj2DwJb5\n" + "LYuLdU9XvILWNlCgClP6tE1LA1WrYPa9sxTTId7mwrwTC5JYgT+hWRzIhK3DP0FT\n" + "viKYzdImG4FC38HfM7VSo9ECgYBiP+wnTKlxmZR2NWIm9ibe4IrnDYr7S/tMxT4E\n" + "WBgNBSkp0XiIxibfcCMOm12zII6b0mmSL0ZiuSHVhMs8/76jAYadjdud+U68WQo0\n" + "DBT4BkaQnAjcNiyKnTALa13rfsD3bYb+HpqCwwbL0fwuUOvPjxy5qWqeUPJOhRnF\n" + "GCcLNwKBgHtDlVG5lJqtNty4aL9oBgcP0VcY/73Dx+l25DhprdlTHsjg+ue0rpjA\n" + "ieq7o2hENu6MA1AQ8o+BP6SlRuhYmvzh7vVbs3qFjnslaMCveHZDITN/0NJqF9xO\n" + "IeKrLzOIboyQw/sMSrPIPYILgXP0YnueteOgPUSZEcrqPIJI08Sb\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; /* A very basic TLS client, with anonymous authentication. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd) { @@ -197,10 +196,10 @@ static void client(int fd) gnutls_init(&session, GNUTLS_CLIENT); /* Use default priorities */ - ret = - gnutls_priority_set_direct(session, - "NONE:+VERS-TLS1.0:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA", - &p); + ret = gnutls_priority_set_direct( + session, + "NONE:+VERS-TLS1.0:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA", + &p); if (ret < 0) { fail("error in setting priority: %s\n", p); exit(1); @@ -216,8 +215,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { if (debug) { @@ -232,8 +230,8 @@ static void client(int fd) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); close(fd); @@ -264,18 +262,18 @@ static void server(int fd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NONE:+VERS-TLS1.0:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-TLS1.0:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA", + NULL); if (debug) { gnutls_global_set_log_level(4711); } gnutls_certificate_allocate_credentials(&x509_cred); - ret = gnutls_certificate_set_x509_key_mem(x509_cred, &server_cert, - &server_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + x509_cred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("server: gnutls_certificate_set_x509_key_mem: %s\n", gnutls_strerror(ret)); @@ -288,16 +286,15 @@ static void server(int fd) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (debug) success("server: Handshake was completed\n"); if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); close(fd); gnutls_deinit(session); @@ -357,4 +354,4 @@ void doit(void) start(); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-dtls-discard.c b/tests/mini-dtls-discard.c index 121374f0d4..69fe5ce92d 100644 --- a/tests/mini-dtls-discard.c +++ b/tests/mini-dtls-discard.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,26 +35,26 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" -# define TXT1 "hello there" -# define TXT1_SIZE (sizeof(TXT1)-1) +#define TXT1 "hello there" +#define TXT1_SIZE (sizeof(TXT1) - 1) -# define TXT2 "2hello there" -# define TXT2_SIZE (sizeof(TXT2)-1) +#define TXT2 "2hello there" +#define TXT2_SIZE (sizeof(TXT2) - 1) static void terminate(void); @@ -68,7 +68,7 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static ssize_t push(gnutls_transport_ptr_t tr, const void *data, size_t len) { @@ -118,8 +118,7 @@ static void client(int fd, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -132,8 +131,8 @@ static void client(int fd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); gnutls_transport_set_push_function(session, push); do { @@ -206,8 +205,7 @@ static void server(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -220,8 +218,8 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* see the Getting peer's information example */ /* print_info(session); */ @@ -258,8 +256,7 @@ static void server(int fd, const char *prio) success("server: finished\n"); } -static -void start(const char *prio) +static void start(const char *prio) { int fd[2]; int ret; @@ -295,10 +292,8 @@ void start(const char *prio) void doit(void) { - start - ("NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL"); - start - ("NONE:+VERS-DTLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL"); + start("NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL"); + start("NONE:+VERS-DTLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-dtls-fork.c b/tests/mini-dtls-fork.c index 9985dd06f4..3c5ca1d02a 100644 --- a/tests/mini-dtls-fork.c +++ b/tests/mini-dtls-fork.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,10 +33,10 @@ #include #include #ifndef _WIN32 -# include -# include -# include -# include +#include +#include +#include +#include #endif #include "utils.h" @@ -74,39 +74,36 @@ static void tls_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\n" - "A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\n" - "MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\n" - "A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\n" - "CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\n" - "2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\n" - "BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\n" - "PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\n" - "clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\n" - "CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\n" - "C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\n" - "fGa5kHvHARBPc8YAIVIqDvHH1Q==\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\n" + "A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\n" + "MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\n" + "A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\n" + "CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\n" + "2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\n" + "BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\n" + "PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\n" + "clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\n" + "CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\n" + "C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\n" + "fGa5kHvHARBPc8YAIVIqDvHH1Q==\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN EC PRIVATE KEY-----\n" - "MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\n" - "AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\n" - "6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\n" "-----END EC PRIVATE KEY-----\n"; + "-----BEGIN EC PRIVATE KEY-----\n" + "MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\n" + "AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\n" + "6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\n" + "-----END EC PRIVATE KEY-----\n"; -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; -# define MSG "hello1111" -# define MSG2 "xxxxxxxxxxxx" +#define MSG "hello1111" +#define MSG2 "xxxxxxxxxxxx" -static -void do_fork_stuff(gnutls_session_t session) +static void do_fork_stuff(gnutls_session_t session) { pid_t pid; int ret; @@ -119,13 +116,13 @@ void do_fork_stuff(gnutls_session_t session) } else if (pid != 0) { if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); sec_sleep(1); /* the server should reflect our messages */ ret = gnutls_record_recv(session, buf, sizeof(buf)); - if (ret != sizeof(MSG) - 1 - || memcmp(buf, MSG, sizeof(MSG) - 1) != 0) { + if (ret != sizeof(MSG) - 1 || + memcmp(buf, MSG, sizeof(MSG) - 1) != 0) { fail("client: recv failed: %s\n", gnutls_strerror(ret)); exit(1); } @@ -135,8 +132,8 @@ void do_fork_stuff(gnutls_session_t session) } ret = gnutls_record_recv(session, buf, sizeof(buf)); - if (ret != sizeof(MSG2) - 1 - || memcmp(buf, MSG2, sizeof(MSG2) - 1) != 0) { + if (ret != sizeof(MSG2) - 1 || + memcmp(buf, MSG2, sizeof(MSG2) - 1) != 0) { fail("client: recv2 failed: %s\n", gnutls_strerror(ret)); exit(1); @@ -152,7 +149,7 @@ void do_fork_stuff(gnutls_session_t session) gnutls_strerror(ret)); exit(1); } - } else if (pid == 0) { /* child */ + } else if (pid == 0) { /* child */ ret = gnutls_record_send(session, MSG, sizeof(MSG) - 1); if (ret != sizeof(MSG) - 1) { fail("client: send failed: %s\n", gnutls_strerror(ret)); @@ -230,9 +227,10 @@ static void client(int fd, unsigned do_fork) //gnutls_transport_set_push_function(session, push); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS-ALL:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ECDHE-ECDSA:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS-ALL:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ECDHE-ECDSA:+CURVE-ALL", + NULL); /* put the anonymous credentials to the current session */ @@ -244,8 +242,7 @@ static void client(int fd, unsigned do_fork) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -281,13 +278,13 @@ static void server(int fd, unsigned do_fork) */ global_init(); -# if 0 +#if 0 if (debug) { side = "server"; gnutls_global_set_log_function(tls_log_func); gnutls_global_set_log_level(4711); } -# endif +#endif gnutls_certificate_allocate_credentials(&x509_cred); gnutls_certificate_set_x509_key_mem(x509_cred, &server_cert, @@ -301,9 +298,10 @@ static void server(int fd, unsigned do_fork) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ECDHE-ECDSA:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ECDHE-ECDSA:+CURVE-ALL", + NULL); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -324,8 +322,8 @@ static void server(int fd, unsigned do_fork) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (do_fork) do_fork_stuff(session); @@ -343,8 +341,7 @@ static void server(int fd, unsigned do_fork) success("server: finished\n"); } -static -void run(unsigned do_fork) +static void run(unsigned do_fork) { int fd[2]; int ret; @@ -383,4 +380,4 @@ void doit(void) run(0); run(1); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-dtls-heartbeat.c b/tests/mini-dtls-heartbeat.c index b541683cac..8c5d4db225 100644 --- a/tests/mini-dtls-heartbeat.c +++ b/tests/mini-dtls-heartbeat.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,18 +35,18 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -69,7 +69,7 @@ static pid_t child; /* A very basic DTLS client, with anonymous authentication, that exchanges heartbeats. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, int server_init) { @@ -95,9 +95,10 @@ static void client(int fd, int server_init) gnutls_dtls_set_mtu(session, 1500); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); /* put the anonymous credentials to the current session */ @@ -109,8 +110,7 @@ static void client(int fd, int server_init) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -123,18 +123,17 @@ static void client(int fd, int server_init) if (debug) success("client: DTLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (!server_init) { do { - ret = - gnutls_record_recv(session, buffer, sizeof(buffer)); + ret = gnutls_record_recv(session, buffer, + sizeof(buffer)); if (ret == GNUTLS_E_HEARTBEAT_PING_RECEIVED) { if (debug) - success - ("Ping received. Replying with pong.\n"); + success("Ping received. Replying with pong.\n"); ret2 = gnutls_heartbeat_pong(session, 0); if (ret2 < 0) { fail("pong: %s\n", @@ -142,9 +141,8 @@ static void client(int fd, int server_init) exit(1); } } - } - while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED - || ret == GNUTLS_E_HEARTBEAT_PING_RECEIVED); + } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED || + ret == GNUTLS_E_HEARTBEAT_PING_RECEIVED); if (ret < 0) { fail("recv: %s\n", gnutls_strerror(ret)); @@ -152,14 +150,12 @@ static void client(int fd, int server_init) } } else { do { - ret = - gnutls_heartbeat_ping(session, 256, 5, - GNUTLS_HEARTBEAT_WAIT); + ret = gnutls_heartbeat_ping(session, 256, 5, + GNUTLS_HEARTBEAT_WAIT); if (debug) success("Ping sent.\n"); - } - while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); + } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { fail("ping: %s\n", gnutls_strerror(ret)); @@ -189,9 +185,10 @@ static gnutls_session_t initialize_tls_session(void) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); return session; } @@ -229,8 +226,7 @@ static void server(int fd, int server_init) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -243,21 +239,20 @@ static void server(int fd, int server_init) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* see the Getting peer's information example */ /* print_info(session); */ if (server_init) { do { - ret = - gnutls_record_recv(session, buffer, sizeof(buffer)); + ret = gnutls_record_recv(session, buffer, + sizeof(buffer)); if (ret == GNUTLS_E_HEARTBEAT_PING_RECEIVED) { if (debug) - success - ("Ping received. Replying with pong.\n"); + success("Ping received. Replying with pong.\n"); ret2 = gnutls_heartbeat_pong(session, 0); if (ret2 < 0) { fail("pong: %s\n", @@ -265,19 +260,16 @@ static void server(int fd, int server_init) terminate(); } } - } - while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED - || ret == GNUTLS_E_HEARTBEAT_PING_RECEIVED); + } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED || + ret == GNUTLS_E_HEARTBEAT_PING_RECEIVED); } else { do { - ret = - gnutls_heartbeat_ping(session, 256, 5, - GNUTLS_HEARTBEAT_WAIT); + ret = gnutls_heartbeat_ping(session, 256, 5, + GNUTLS_HEARTBEAT_WAIT); if (debug) success("Ping sent.\n"); - } - while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); + } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { fail("ping: %s\n", gnutls_strerror(ret)); @@ -340,4 +332,4 @@ void doit(void) start(1); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-dtls-hello-verify-48.c b/tests/mini-dtls-hello-verify-48.c index d16116612a..b37a0d78e5 100644 --- a/tests/mini-dtls-hello-verify-48.c +++ b/tests/mini-dtls-hello-verify-48.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -41,20 +41,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "utils.h" static void server_log_func(int level, const char *str) { @@ -66,7 +66,7 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static ssize_t push(gnutls_transport_ptr_t tr, const void *data, size_t len) { @@ -98,9 +98,10 @@ static void client(int fd) gnutls_handshake_set_timeout(session, get_timeout()); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS-ALL:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS-ALL:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); /* put the anonymous credentials to the current session */ @@ -113,8 +114,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { success("client: Handshake failed as expected\n"); @@ -125,7 +125,7 @@ static void client(int fd) goto exit; } - exit: +exit: gnutls_deinit(session); gnutls_anon_free_client_credentials(anoncred); @@ -136,12 +136,11 @@ static void client(int fd) /* These are global */ pid_t child; -# define CLI_ADDR (void*)"test" -# define CLI_ADDR_LEN 4 +#define CLI_ADDR (void *)"test" +#define CLI_ADDR_LEN 4 -static -ssize_t recv_timeout(int sockfd, void *buf, size_t len, unsigned flags, - unsigned sec) +static ssize_t recv_timeout(int sockfd, void *buf, size_t len, unsigned flags, + unsigned sec) { int ret; struct timeval tv; @@ -165,7 +164,7 @@ ssize_t recv_timeout(int sockfd, void *buf, size_t len, unsigned flags, return recv(sockfd, buf, len, flags); } -# define SERV_TIMEOUT 30 +#define SERV_TIMEOUT 30 static void server(int fd) { @@ -201,9 +200,10 @@ static void server(int fd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); @@ -211,9 +211,8 @@ static void server(int fd) gnutls_transport_set_push_function(session, push); for (;;) { - ret = - recv_timeout(fd, buffer, sizeof(buffer), MSG_PEEK, - SERV_TIMEOUT); + ret = recv_timeout(fd, buffer, sizeof(buffer), MSG_PEEK, + SERV_TIMEOUT); if (ret < 0) { if (try != 0) { success("Server was terminated as expected!\n"); @@ -228,20 +227,16 @@ static void server(int fd) memset(&prestate, 0, sizeof(prestate)); prestate.record_seq = 105791312; prestate.hsk_write_seq = 67166359; - ret = - gnutls_dtls_cookie_verify(&cookie_key, CLI_ADDR, - CLI_ADDR_LEN, buffer, ret, - &prestate); - if (ret < 0) { /* cookie not valid */ + ret = gnutls_dtls_cookie_verify(&cookie_key, CLI_ADDR, + CLI_ADDR_LEN, buffer, ret, + &prestate); + if (ret < 0) { /* cookie not valid */ if (debug) success("Sending hello verify request\n"); - ret = - gnutls_dtls_cookie_send(&cookie_key, CLI_ADDR, - CLI_ADDR_LEN, - &prestate, - (gnutls_transport_ptr_t) - (long)fd, push); + ret = gnutls_dtls_cookie_send( + &cookie_key, CLI_ADDR, CLI_ADDR_LEN, &prestate, + (gnutls_transport_ptr_t)(long)fd, push); if (ret < 0) { fail("Cannot send data\n"); exit(1); @@ -266,7 +261,7 @@ static void server(int fd) fail("Shouldn't have reached here\n"); exit(1); - exit: +exit: gnutls_deinit(session); gnutls_free(cookie_key.data); @@ -309,4 +304,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-dtls-hello-verify.c b/tests/mini-dtls-hello-verify.c index 0eb8172180..f6c814c573 100644 --- a/tests/mini-dtls-hello-verify.c +++ b/tests/mini-dtls-hello-verify.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,18 +35,18 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -66,7 +66,7 @@ static void client_log_func(int level, const char *str) /* A very basic TLS client, with anonymous authentication. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 static ssize_t push(gnutls_transport_ptr_t tr, const void *data, size_t len) { @@ -99,9 +99,10 @@ static void client(int fd) gnutls_handshake_set_timeout(session, get_timeout()); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS-ALL:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS-ALL:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); /* put the anonymous credentials to the current session */ @@ -114,8 +115,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -128,8 +128,8 @@ static void client(int fd) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { ret = gnutls_record_recv(session, buffer, MAX_BUF); @@ -146,7 +146,7 @@ static void client(int fd) gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -169,8 +169,8 @@ static void terminate(void) exit(1); } -# define CLI_ADDR (void*)"test" -# define CLI_ADDR_LEN 4 +#define CLI_ADDR (void *)"test" +#define CLI_ADDR_LEN 4 static void server(int fd) { @@ -205,9 +205,10 @@ static void server(int fd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); @@ -222,20 +223,16 @@ static void server(int fd) } memset(&prestate, 0, sizeof(prestate)); - ret = - gnutls_dtls_cookie_verify(&cookie_key, CLI_ADDR, - CLI_ADDR_LEN, buffer, ret, - &prestate); - if (ret < 0) { /* cookie not valid */ + ret = gnutls_dtls_cookie_verify(&cookie_key, CLI_ADDR, + CLI_ADDR_LEN, buffer, ret, + &prestate); + if (ret < 0) { /* cookie not valid */ if (debug) success("Sending hello verify request\n"); - ret = - gnutls_dtls_cookie_send(&cookie_key, CLI_ADDR, - CLI_ADDR_LEN, - &prestate, - (gnutls_transport_ptr_t) - (long)fd, push); + ret = gnutls_dtls_cookie_send( + &cookie_key, CLI_ADDR, CLI_ADDR_LEN, &prestate, + (gnutls_transport_ptr_t)(long)fd, push); if (ret < 0) { fail("Cannot send data\n"); terminate(); @@ -261,8 +258,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -275,8 +271,8 @@ static void server(int fd) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* see the Getting peer's information example */ /* print_info(session); */ @@ -343,4 +339,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-dtls-large.c b/tests/mini-dtls-large.c index 6e8270247e..1c67386fe9 100644 --- a/tests/mini-dtls-large.c +++ b/tests/mini-dtls-large.c @@ -18,7 +18,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,17 +33,17 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -66,8 +66,8 @@ static pid_t child; /* A very basic DTLS client, with anonymous authentication, that exchanges heartbeats. */ -# define MAX_BUF 24*1024 -# define MAX_MTU 20*1024 +#define MAX_BUF 24 * 1024 +#define MAX_MTU 20 * 1024 static void client(int fd) { @@ -93,9 +93,10 @@ static void client(int fd) gnutls_dtls_set_mtu(session, 1500); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); /* put the anonymous credentials to the current session */ @@ -107,8 +108,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -121,13 +121,13 @@ static void client(int fd) if (debug) success("client: DTLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { ret = gnutls_record_recv(session, buffer, sizeof(buffer)); - } - while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED || ret > 0); + } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED || + ret > 0); if (ret < 0) { fail("recv: %s\n", gnutls_strerror(ret)); @@ -174,9 +174,10 @@ static void server(int fd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); @@ -184,8 +185,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -198,8 +198,8 @@ static void server(int fd) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* see the Getting peer's information example */ /* print_info(session); */ @@ -207,50 +207,44 @@ static void server(int fd) /* avoid uninitialized warnings */ memset(buffer, 1, sizeof(buffer)); - ret = - gnutls_record_send(session, buffer, - gnutls_dtls_get_data_mtu(session) + 12); + ret = gnutls_record_send(session, buffer, + gnutls_dtls_get_data_mtu(session) + 12); if (ret != GNUTLS_E_LARGE_PACKET) { terminate(); fail("send[%d]: %s\n", __LINE__, gnutls_strerror(ret)); } - ret = - gnutls_record_send(session, buffer, - gnutls_dtls_get_data_mtu(session) + 5048); + ret = gnutls_record_send(session, buffer, + gnutls_dtls_get_data_mtu(session) + 5048); if (ret != GNUTLS_E_LARGE_PACKET) { terminate(); fail("send[%d]: %s\n", __LINE__, gnutls_strerror(ret)); } - ret = - gnutls_record_send(session, buffer, - gnutls_dtls_get_data_mtu(session)); + ret = gnutls_record_send(session, buffer, + gnutls_dtls_get_data_mtu(session)); if (ret < 0) { terminate(); fail("send[%d]: %s\n", __LINE__, gnutls_strerror(ret)); } gnutls_dtls_set_mtu(session, MAX_MTU); - ret = - gnutls_record_send(session, buffer, - gnutls_dtls_get_data_mtu(session) + 12); + ret = gnutls_record_send(session, buffer, + gnutls_dtls_get_data_mtu(session) + 12); if (ret != GNUTLS_E_LARGE_PACKET) { terminate(); fail("send[%d]: %s\n", __LINE__, gnutls_strerror(ret)); } - ret = - gnutls_record_send(session, buffer, - gnutls_dtls_get_data_mtu(session) + 5048); + ret = gnutls_record_send(session, buffer, + gnutls_dtls_get_data_mtu(session) + 5048); if (ret != GNUTLS_E_LARGE_PACKET) { terminate(); fail("send[%d]: %s\n", __LINE__, gnutls_strerror(ret)); } - ret = - gnutls_record_send(session, buffer, - gnutls_dtls_get_data_mtu(session)); + ret = gnutls_record_send(session, buffer, + gnutls_dtls_get_data_mtu(session)); if (ret > 16384 || ret < 0) { terminate(); fail("send[%d]: %s\n", __LINE__, gnutls_strerror(ret)); @@ -259,9 +253,8 @@ static void server(int fd) /* test cork and uncork */ gnutls_record_cork(session); - ret = - gnutls_record_send(session, buffer, - gnutls_dtls_get_data_mtu(session)); + ret = gnutls_record_send(session, buffer, + gnutls_dtls_get_data_mtu(session)); if (ret < 0) { terminate(); fail("send[%d]: %s\n", __LINE__, gnutls_strerror(ret)); @@ -275,17 +268,15 @@ static void server(int fd) gnutls_record_cork(session); - ret = - gnutls_record_send(session, buffer, - gnutls_dtls_get_data_mtu(session) - 16); + ret = gnutls_record_send(session, buffer, + gnutls_dtls_get_data_mtu(session) - 16); if (ret < 0) { terminate(); fail("send[%d]: %s\n", __LINE__, gnutls_strerror(ret)); } - ret = - gnutls_record_send(session, buffer, - gnutls_dtls_get_data_mtu(session)); + ret = gnutls_record_send(session, buffer, + gnutls_dtls_get_data_mtu(session)); if (ret != GNUTLS_E_LARGE_PACKET) { terminate(); fail("send[%d]: %s\n", __LINE__, gnutls_strerror(ret)); @@ -349,4 +340,4 @@ void doit(void) start(); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-dtls-lowmtu.c b/tests/mini-dtls-lowmtu.c index 2aed25913e..44afee7645 100644 --- a/tests/mini-dtls-lowmtu.c +++ b/tests/mini-dtls-lowmtu.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -37,18 +37,18 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -67,38 +67,36 @@ static void client_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\n" - "A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\n" - "MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\n" - "A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\n" - "CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\n" - "2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\n" - "BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\n" - "PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\n" - "clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\n" - "CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\n" - "C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\n" - "fGa5kHvHARBPc8YAIVIqDvHH1Q==\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\n" + "A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\n" + "MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\n" + "A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\n" + "CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\n" + "2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\n" + "BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\n" + "PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\n" + "clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\n" + "CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\n" + "C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\n" + "fGa5kHvHARBPc8YAIVIqDvHH1Q==\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN EC PRIVATE KEY-----\n" - "MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\n" - "AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\n" - "6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\n" "-----END EC PRIVATE KEY-----\n"; + "-----BEGIN EC PRIVATE KEY-----\n" + "MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\n" + "AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\n" + "6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\n" + "-----END EC PRIVATE KEY-----\n"; -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; /* A very basic TLS client, with anonymous authentication. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 static int mtu = 0; @@ -124,7 +122,7 @@ static void client(int fd, const char *prio) /* Initialize TLS session */ gnutls_init(&session, GNUTLS_CLIENT | GNUTLS_DATAGRAM); -// gnutls_dtls_set_mtu(session, 104); + // gnutls_dtls_set_mtu(session, 104); /* Use default priorities */ gnutls_priority_set_direct(session, prio, NULL); @@ -140,8 +138,7 @@ static void client(int fd, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed: %s (%d)\n", @@ -154,8 +151,8 @@ static void client(int fd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { do { @@ -176,7 +173,7 @@ static void client(int fd, const char *prio) gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -237,8 +234,7 @@ static void server(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -251,14 +247,13 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); mtu = gnutls_dtls_get_mtu(session); do { - ret = - gnutls_record_send(session, buffer, - gnutls_dtls_get_data_mtu(session)); + ret = gnutls_record_send(session, buffer, + gnutls_dtls_get_data_mtu(session)); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { fail("Error sending packet: %s\n", gnutls_strerror(ret)); @@ -311,7 +306,8 @@ static void start(const char *prio) } } -# define AES_GCM "NONE:+VERS-DTLS1.2:-CIPHER-ALL:+ECDHE-ECDSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" +#define AES_GCM \ + "NONE:+VERS-DTLS1.2:-CIPHER-ALL:+ECDHE-ECDSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" static void ch_handler(int sig) { @@ -328,4 +324,4 @@ void doit(void) start(AES_GCM); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-dtls-mtu.c b/tests/mini-dtls-mtu.c index cb31fb05c0..5eb804582a 100644 --- a/tests/mini-dtls-mtu.c +++ b/tests/mini-dtls-mtu.c @@ -18,7 +18,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -31,13 +31,13 @@ #include #include #ifndef _WIN32 -# include -# include -# include +#include +#include +#include #endif #include "utils.h" -#define SERVER_MTU 500 +#define SERVER_MTU 500 #ifdef _WIN32 @@ -48,7 +48,7 @@ void doit(void) #else -# include +#include /* Tests whether packing multiple DTLS records in a single UDP packet * will be handled correctly. @@ -62,33 +62,31 @@ static void tls_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\n" - "A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\n" - "MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\n" - "A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\n" - "CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\n" - "2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\n" - "BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\n" - "PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\n" - "clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\n" - "CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\n" - "C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\n" - "fGa5kHvHARBPc8YAIVIqDvHH1Q==\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\n" + "A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\n" + "MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\n" + "A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\n" + "CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\n" + "2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\n" + "BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\n" + "PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\n" + "clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\n" + "CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\n" + "C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\n" + "fGa5kHvHARBPc8YAIVIqDvHH1Q==\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN EC PRIVATE KEY-----\n" - "MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\n" - "AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\n" - "6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\n" "-----END EC PRIVATE KEY-----\n"; + "-----BEGIN EC PRIVATE KEY-----\n" + "MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\n" + "AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\n" + "6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\n" + "-----END EC PRIVATE KEY-----\n"; -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; static int client_pull_timeout(gnutls_transport_ptr_t ptr, unsigned int ms) { @@ -117,7 +115,8 @@ static ssize_t client_pull(gnutls_transport_ptr_t ptr, void *data, size_t len) ret = recv(fd, data, len, 0); if (ret > SERVER_MTU) { - fail("client: packet size beyond server MTU, got %d bytes, expect max. %d bytes\n", (int)ret, SERVER_MTU); + fail("client: packet size beyond server MTU, got %d bytes, expect max. %d bytes\n", + (int)ret, SERVER_MTU); exit(1); } @@ -148,9 +147,10 @@ static void client(int fd) gnutls_handshake_set_timeout(session, get_timeout()); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS-ALL:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ECDHE-ECDSA:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS-ALL:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ECDHE-ECDSA:+CURVE-ALL", + NULL); /* put the anonymous credentials to the current session */ @@ -165,8 +165,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -179,8 +178,8 @@ static void client(int fd) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); gnutls_bye(session, GNUTLS_SHUT_WR); @@ -232,9 +231,10 @@ static void server(int fd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ECDHE-ECDSA:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ECDHE-ECDSA:+CURVE-ALL", + NULL); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -242,8 +242,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -256,8 +255,8 @@ static void server(int fd) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* do not wait for the peer to close the connection. */ @@ -309,4 +308,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-dtls-record-asym.c b/tests/mini-dtls-record-asym.c index 0082abdec7..42c425cbd4 100644 --- a/tests/mini-dtls-record-asym.c +++ b/tests/mini-dtls-record-asym.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -43,12 +43,12 @@ void doit(void) #else -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include /* Tests whether packing multiple DTLS records in a single UDP packet * will be handled correctly, as well as an asymmetry in MTU sizes @@ -77,7 +77,7 @@ static ssize_t push(gnutls_transport_ptr_t tr, const void *data, size_t len) memcpy(&buffer[buffer_size], data, len); buffer_size += len; - if (d[0] == 22) { /* handshake */ + if (d[0] == 22) { /* handshake */ if (d[13] == GNUTLS_HANDSHAKE_CERTIFICATE_PKT || d[13] == GNUTLS_HANDSHAKE_CERTIFICATE_STATUS || d[13] == GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE || @@ -86,17 +86,15 @@ static ssize_t push(gnutls_transport_ptr_t tr, const void *data, size_t len) d[13] == GNUTLS_HANDSHAKE_NEW_SESSION_TICKET || d[13] == GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY || d[13] == GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE) { - if (debug) fprintf(stderr, "caching: %s (buffer: %d)\n", - gnutls_handshake_description_get_name(d - [13]), + gnutls_handshake_description_get_name( + d[13]), buffer_size); return len; } else if (debug) { fprintf(stderr, "sending: %s\n", gnutls_handshake_description_get_name(d[13])); - } } @@ -112,33 +110,31 @@ static ssize_t push(gnutls_transport_ptr_t tr, const void *data, size_t len) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\n" - "A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\n" - "MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\n" - "A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\n" - "CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\n" - "2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\n" - "BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\n" - "PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\n" - "clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\n" - "CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\n" - "C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\n" - "fGa5kHvHARBPc8YAIVIqDvHH1Q==\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\n" + "A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\n" + "MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\n" + "A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\n" + "CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\n" + "2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\n" + "BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\n" + "PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\n" + "clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\n" + "CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\n" + "C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\n" + "fGa5kHvHARBPc8YAIVIqDvHH1Q==\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN EC PRIVATE KEY-----\n" - "MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\n" - "AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\n" - "6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\n" "-----END EC PRIVATE KEY-----\n"; + "-----BEGIN EC PRIVATE KEY-----\n" + "MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\n" + "AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\n" + "6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\n" + "-----END EC PRIVATE KEY-----\n"; -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; static void client(int fd, unsigned cache) { @@ -168,9 +164,10 @@ static void client(int fd, unsigned cache) //gnutls_transport_set_push_function(session, push); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS-ALL:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ECDHE-ECDSA:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS-ALL:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ECDHE-ECDSA:+CURVE-ALL", + NULL); /* put the anonymous credentials to the current session */ @@ -189,8 +186,8 @@ static void client(int fd, unsigned cache) ret = gnutls_handshake(session); - if (ret == GNUTLS_E_AGAIN - && gnutls_record_get_direction(session) == 0) { + if (ret == GNUTLS_E_AGAIN && + gnutls_record_get_direction(session) == 0) { int rv; pfd.fd = fd; pfd.events = POLLIN; @@ -206,8 +203,7 @@ static void client(int fd, unsigned cache) fail("test %d: No data were received.\n", cache); } - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -220,8 +216,8 @@ static void client(int fd, unsigned cache) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); gnutls_bye(session, GNUTLS_SHUT_WR); @@ -256,13 +252,13 @@ static void server(int fd, unsigned cache) */ global_init(); -# if 0 +#if 0 if (debug) { side = "server"; gnutls_global_set_log_function(tls_log_func); gnutls_global_set_log_level(4711); } -# endif +#endif gnutls_certificate_allocate_credentials(&x509_cred); gnutls_certificate_set_x509_key_mem(x509_cred, &server_cert, @@ -278,9 +274,10 @@ static void server(int fd, unsigned cache) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ECDHE-ECDSA:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ECDHE-ECDSA:+CURVE-ALL", + NULL); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -301,8 +298,8 @@ static void server(int fd, unsigned cache) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* do not wait for the peer to close the connection. */ @@ -319,8 +316,7 @@ static void server(int fd, unsigned cache) success("server: finished\n"); } -static -void run(unsigned cache) +static void run(unsigned cache) { int fd[2]; int ret; @@ -359,4 +355,4 @@ void doit(void) run(0); run(1); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-dtls-record.c b/tests/mini-dtls-record.c index 8ab32c681f..81e753de01 100644 --- a/tests/mini-dtls-record.c +++ b/tests/mini-dtls-record.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -36,19 +36,19 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static int test_finished = 0; static void terminate(void); @@ -82,16 +82,14 @@ static pid_t child; /* A test client/server app for DTLS duplicate packet detection. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 -# define MAX_SEQ 128 +#define MAX_SEQ 128 -static int msg_seq[] = - { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 10, 16, 5, 32, 11, 11, 11, 11, 12, - 10, 13, 14, 15, 16, 17, 19, 20, 18, 22, 24, 23, 25, 26, 27, 29, 28, - 29, 29, 30, 31, 32, 33, 34, 35, 37, 36, 38, 39, 42, 37, 40, 41, 41, - -1 -}; +static int msg_seq[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 10, 16, 5, + 32, 11, 11, 11, 11, 12, 10, 13, 14, 15, 16, 17, 19, 20, + 18, 22, 24, 23, 25, 26, 27, 29, 28, 29, 29, 30, 31, 32, + 33, 34, 35, 37, 36, 38, 39, 42, 37, 40, 41, 41, -1 }; static unsigned int current = 0; static unsigned int pos = 0; @@ -118,14 +116,11 @@ static ssize_t odd_push(gnutls_transport_ptr_t tr, const void *data, size_t len) for (i = pos; i <= current; i++) { if (stored_messages[msg_seq[i]] != NULL) { do { - ret = - send((long int)tr, - stored_messages[msg_seq - [i]], - stored_sizes[msg_seq[i]], 0); - } - while (ret == -1 - && (errno == EAGAIN || errno == EINTR)); + ret = send((long int)tr, + stored_messages[msg_seq[i]], + stored_sizes[msg_seq[i]], 0); + } while (ret == -1 && + (errno == EAGAIN || errno == EINTR)); pos++; } else break; @@ -133,8 +128,7 @@ static ssize_t odd_push(gnutls_transport_ptr_t tr, const void *data, size_t len) } else if (msg_seq[current] == (int)current) { do { ret = send((long int)tr, data, len, 0); - } - while (ret == -1 && (errno == EAGAIN || errno == EINTR)); + } while (ret == -1 && (errno == EAGAIN || errno == EINTR)); current++; pos++; @@ -142,12 +136,10 @@ static ssize_t odd_push(gnutls_transport_ptr_t tr, const void *data, size_t len) return ret; } else if (stored_messages[msg_seq[current]] != NULL) { do { - ret = - send((long int)tr, - stored_messages[msg_seq[current]], - stored_sizes[msg_seq[current]], 0); - } - while (ret == -1 && (errno == EAGAIN || errno == EINTR)); + ret = send((long int)tr, + stored_messages[msg_seq[current]], + stored_sizes[msg_seq[current]], 0); + } while (ret == -1 && (errno == EAGAIN || errno == EINTR)); current++; pos++; return ret; @@ -164,11 +156,10 @@ static ssize_t n_push(gnutls_transport_ptr_t tr, const void *data, size_t len) } /* The first five messages are handshake. Thus corresponds to msg_seq+5 */ -static int recv_msg_seq[] = - { 1, 2, 3, 4, 5, 6, 12, 28, 7, 8, 9, 10, 11, 13, 15, 16, 14, 18, 20, - 19, 21, 22, 23, 25, 24, 26, 27, 29, 30, 31, 33, 32, 34, 35, 38, 36, 37, - -1 -}; +static int recv_msg_seq[] = { 1, 2, 3, 4, 5, 6, 12, 28, 7, 8, + 9, 10, 11, 13, 15, 16, 14, 18, 20, 19, + 21, 22, 23, 25, 24, 26, 27, 29, 30, 31, + 33, 32, 34, 35, 38, 36, 37, -1 }; static void client(int fd) { @@ -183,7 +174,7 @@ static void client(int fd) /* Need to enable anonymous KX specifically. */ -/* gnutls_global_set_audit_log_function (tls_audit_log_func); */ + /* gnutls_global_set_audit_log_function (tls_audit_log_func); */ global_init(); if (debug) { @@ -202,9 +193,10 @@ static void client(int fd) gnutls_dtls_set_mtu(session, 1500); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); /* put the anonymous credentials to the current session */ @@ -216,8 +208,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -232,17 +223,15 @@ static void client(int fd) if (debug) success("client: DTLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { - ret = - gnutls_record_recv_seq(session, buffer, sizeof(buffer), - seq); + ret = gnutls_record_recv_seq(session, buffer, sizeof(buffer), + seq); if (ret > 0) { - useq = - seq[7] | (seq[6] << 8) | (seq[5] << 16) | - (seq[4] << 24); + useq = seq[7] | (seq[6] << 8) | (seq[5] << 16) | + (seq[4] << 24); if (debug) success("received %u\n", (unsigned int)useq); @@ -251,16 +240,17 @@ static void client(int fd) fail("received message sequence differs\n"); exit(1); } - if (((uint32_t) recv_msg_seq[current]) != useq) { - fail("received message sequence differs (current: %u, got: %u, expected: %u)\n", (unsigned)current, (unsigned)useq, (unsigned)recv_msg_seq[current]); + if (((uint32_t)recv_msg_seq[current]) != useq) { + fail("received message sequence differs (current: %u, got: %u, expected: %u)\n", + (unsigned)current, (unsigned)useq, + (unsigned)recv_msg_seq[current]); exit(1); } current++; } - } - while ((ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED - || ret > 0)); + } while ((ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED || + ret > 0)); gnutls_bye(session, GNUTLS_SHUT_WR); @@ -308,17 +298,17 @@ static void server(int fd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); gnutls_transport_set_int(session, fd); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -331,28 +321,25 @@ static void server(int fd) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); gnutls_record_recv(session, &c, 1); do { do { ret = gnutls_record_send(session, &c, 1); - } - while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); + } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { fail("send: %s\n", gnutls_strerror(ret)); terminate(); } - } - while (test_finished == 0); + } while (test_finished == 0); gnutls_transport_set_push_function(session, n_push); do { ret = gnutls_bye(session, GNUTLS_SHUT_WR); - } - while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); + } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); close(fd); gnutls_deinit(session); @@ -404,4 +391,4 @@ void doit(void) start(); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-dtls-srtp.c b/tests/mini-dtls-srtp.c index d8c6c362bc..e6e758a9ba 100644 --- a/tests/mini-dtls-srtp.c +++ b/tests/mini-dtls-srtp.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,18 +35,18 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -66,7 +66,7 @@ static void client_log_func(int level, const char *str) /* These are global */ static pid_t child; -# define MAX_KEY_MATERIAL 64*4 +#define MAX_KEY_MATERIAL 64 * 4 /* A very basic DTLS client, with anonymous authentication, that negotiates SRTP */ @@ -96,19 +96,16 @@ static void client(int fd, int profile) gnutls_dtls_set_mtu(session, 1500); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); if (profile) - ret = - gnutls_srtp_set_profile_direct(session, - "SRTP_AES128_CM_HMAC_SHA1_80", - NULL); + ret = gnutls_srtp_set_profile_direct( + session, "SRTP_AES128_CM_HMAC_SHA1_80", NULL); else - ret = - gnutls_srtp_set_profile_direct(session, - "SRTP_NULL_HMAC_SHA1_80", - NULL); + ret = gnutls_srtp_set_profile_direct( + session, "SRTP_NULL_HMAC_SHA1_80", NULL); if (ret < 0) { gnutls_perror(ret); exit(1); @@ -124,8 +121,7 @@ static void client(int fd, int profile) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -138,12 +134,11 @@ static void client(int fd, int profile) if (debug) success("client: DTLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); - ret = - gnutls_srtp_get_keys(session, km, sizeof(km), &cli_key, - &cli_salt, &server_key, &server_salt); + ret = gnutls_srtp_get_keys(session, km, sizeof(km), &cli_key, &cli_salt, + &server_key, &server_salt); if (ret < 0) { gnutls_perror(ret); exit(1); @@ -214,20 +209,17 @@ static void server(int fd, int profile) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); if (profile) - ret = - gnutls_srtp_set_profile_direct(session, - "SRTP_AES128_CM_HMAC_SHA1_80", - NULL); + ret = gnutls_srtp_set_profile_direct( + session, "SRTP_AES128_CM_HMAC_SHA1_80", NULL); else - ret = - gnutls_srtp_set_profile_direct(session, - "SRTP_NULL_HMAC_SHA1_80", - NULL); + ret = gnutls_srtp_set_profile_direct( + session, "SRTP_NULL_HMAC_SHA1_80", NULL); if (ret < 0) { gnutls_perror(ret); exit(1); @@ -239,8 +231,7 @@ static void server(int fd, int profile) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -253,12 +244,11 @@ static void server(int fd, int profile) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); - ret = - gnutls_srtp_get_keys(session, km, sizeof(km), &cli_key, - &cli_salt, &server_key, &server_salt); + ret = gnutls_srtp_get_keys(session, km, sizeof(km), &cli_key, &cli_salt, + &server_key, &server_salt); if (ret < 0) { gnutls_perror(ret); exit(1); @@ -337,4 +327,4 @@ void doit(void) start(1); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-dtls0-9.c b/tests/mini-dtls0-9.c index f532135024..be592f7f49 100644 --- a/tests/mini-dtls0-9.c +++ b/tests/mini-dtls0-9.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,18 +35,18 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -66,7 +66,7 @@ static void client_log_func(int level, const char *str) /* A very basic DTLS client handling DTLS 0.9 which sets premaster secret. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 static ssize_t push(gnutls_transport_ptr_t tr, const void *data, size_t len) { @@ -75,8 +75,8 @@ static ssize_t push(gnutls_transport_ptr_t tr, const void *data, size_t len) return send(fd, data, len, 0); } -static gnutls_datum_t master = { (void *) - "\x44\x66\x44\xa9\xb6\x29\xed\x6e\xd6\x93\x15\xdb\xf0\x7d\x4b\x2e\x18\xb1\x9d\xed\xff\x6a\x86\x76\xc9\x0e\x16\xab\xc2\x10\xbb\x17\x99\x24\xb1\xd9\xb9\x95\xe7\xea\xea\xea\xea\xea\xff\xaa\xac", +static gnutls_datum_t master = { + (void *)"\x44\x66\x44\xa9\xb6\x29\xed\x6e\xd6\x93\x15\xdb\xf0\x7d\x4b\x2e\x18\xb1\x9d\xed\xff\x6a\x86\x76\xc9\x0e\x16\xab\xc2\x10\xbb\x17\x99\x24\xb1\xd9\xb9\x95\xe7\xea\xea\xea\xea\xea\xff\xaa\xac", 48 }; static gnutls_datum_t sess_id = { (void *)"\xd9\xb9\x95\xe7\xea", 5 }; @@ -104,13 +104,13 @@ static void client(int fd, int proto, int cipher, int mac) gnutls_handshake_set_timeout(session, get_timeout()); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS0.9:+COMP-NULL:+AES-128-GCM:+AEAD:+AES-128-CBC:+SHA1:+RSA:%COMPAT", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS0.9:+COMP-NULL:+AES-128-GCM:+AEAD:+AES-128-CBC:+SHA1:+RSA:%COMPAT", + NULL); - ret = gnutls_session_set_premaster(session, GNUTLS_CLIENT, - proto, GNUTLS_KX_RSA, - cipher, mac, + ret = gnutls_session_set_premaster(session, GNUTLS_CLIENT, proto, + GNUTLS_KX_RSA, cipher, mac, GNUTLS_COMP_NULL, &master, &sess_id); if (ret < 0) { fail("client: gnutls_session_set_premaster failed: %s\n", @@ -127,8 +127,7 @@ static void client(int fd, int proto, int cipher, int mac) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -141,8 +140,8 @@ static void client(int fd, int proto, int cipher, int mac) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { ret = gnutls_record_recv(session, buffer, sizeof(buffer) - 1); @@ -159,7 +158,7 @@ static void client(int fd, int proto, int cipher, int mac) gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -210,13 +209,13 @@ static void server(int fd, int proto, int cipher, int mac) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS0.9:+COMP-NULL:+AES-128-CBC:+AES-128-GCM:+AEAD:+SHA1:+RSA:%COMPAT", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS0.9:+COMP-NULL:+AES-128-CBC:+AES-128-GCM:+AEAD:+SHA1:+RSA:%COMPAT", + NULL); - ret = gnutls_session_set_premaster(session, GNUTLS_SERVER, - proto, GNUTLS_KX_RSA, - cipher, mac, + ret = gnutls_session_set_premaster(session, GNUTLS_SERVER, proto, + GNUTLS_KX_RSA, cipher, mac, GNUTLS_COMP_NULL, &master, &sess_id); if (ret < 0) { fail("server: gnutls_session_set_premaster failed: %s\n", @@ -231,8 +230,7 @@ static void server(int fd, int proto, int cipher, int mac) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -245,8 +243,8 @@ static void server(int fd, int proto, int cipher, int mac) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* see the Getting peer's information example */ /* print_info(session); */ @@ -322,4 +320,4 @@ void doit(void) run(GNUTLS_DTLS0_9, GNUTLS_CIPHER_AES_128_GCM, GNUTLS_MAC_AEAD); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-eagain-dtls.c b/tests/mini-eagain-dtls.c index 771f8691a5..f13c1bf6b3 100644 --- a/tests/mini-eagain-dtls.c +++ b/tests/mini-eagain-dtls.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -43,7 +43,8 @@ static void tls_log_func(int level, const char *str) static int handshake = 0; #define MAX_BUF 1024 -#define MSG "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..." +#define MSG \ + "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..." void doit(void) { @@ -72,10 +73,10 @@ void doit(void) gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM); gnutls_anon_set_server_dh_params(s_anoncred, dh_params); gnutls_init(&server, GNUTLS_SERVER | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK); - ret = - gnutls_priority_set_direct(server, - "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH", - NULL); + ret = gnutls_priority_set_direct( + server, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH", + NULL); if (ret < 0) exit(1); gnutls_credentials_set(server, GNUTLS_CRD_ANON, s_anoncred); @@ -88,10 +89,10 @@ void doit(void) /* Init client */ gnutls_anon_allocate_client_credentials(&c_anoncred); gnutls_init(&client, GNUTLS_CLIENT | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK); - cret = - gnutls_priority_set_direct(client, - "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH", - NULL); + cret = gnutls_priority_set_direct( + client, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH", + NULL); if (cret < 0) exit(1); gnutls_credentials_set(client, GNUTLS_CRD_ANON, c_anoncred); @@ -110,8 +111,7 @@ void doit(void) do { ret = gnutls_record_send(client, MSG, strlen(MSG)); - } - while (ret == GNUTLS_E_AGAIN); + } while (ret == GNUTLS_E_AGAIN); msglen = strlen(MSG); TRANSFER(client, server, MSG, msglen, buffer, MAX_BUF); diff --git a/tests/mini-emsgsize-dtls.c b/tests/mini-emsgsize-dtls.c index 665f3a73f8..0ca6a54613 100644 --- a/tests/mini-emsgsize-dtls.c +++ b/tests/mini-emsgsize-dtls.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -45,15 +45,16 @@ static void tls_log_func(int level, const char *str) static int handshake = 0; #define MAX_BUF 1024 -#define MSG "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..." +#define MSG \ + "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..." -static ssize_t -client_push_300(gnutls_transport_ptr_t tr, const void *data, size_t len) +static ssize_t client_push_300(gnutls_transport_ptr_t tr, const void *data, + size_t len) { size_t newlen; if (len > 300) { - gnutls_transport_set_errno((gnutls_session_t) tr, EMSGSIZE); + gnutls_transport_set_errno((gnutls_session_t)tr, EMSGSIZE); return -1; } @@ -69,13 +70,13 @@ client_push_300(gnutls_transport_ptr_t tr, const void *data, size_t len) return len; } -static ssize_t -server_push_300(gnutls_transport_ptr_t tr, const void *data, size_t len) +static ssize_t server_push_300(gnutls_transport_ptr_t tr, const void *data, + size_t len) { size_t newlen; if (len > 300) { - gnutls_transport_set_errno((gnutls_session_t) tr, EMSGSIZE); + gnutls_transport_set_errno((gnutls_session_t)tr, EMSGSIZE); return -1; } @@ -119,10 +120,10 @@ void doit(void) gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM); gnutls_anon_set_server_dh_params(s_anoncred, dh_params); gnutls_init(&server, GNUTLS_SERVER | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK); - ret = - gnutls_priority_set_direct(server, - "NONE:+VERS-DTLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH", - NULL); + ret = gnutls_priority_set_direct( + server, + "NONE:+VERS-DTLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH", + NULL); if (ret < 0) exit(1); gnutls_credentials_set(server, GNUTLS_CRD_ANON, s_anoncred); @@ -135,10 +136,10 @@ void doit(void) /* Init client */ gnutls_anon_allocate_client_credentials(&c_anoncred); gnutls_init(&client, GNUTLS_CLIENT | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK); - cret = - gnutls_priority_set_direct(client, - "NONE:+VERS-DTLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH", - NULL); + cret = gnutls_priority_set_direct( + client, + "NONE:+VERS-DTLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH", + NULL); if (cret < 0) exit(1); gnutls_credentials_set(client, GNUTLS_CRD_ANON, c_anoncred); @@ -162,8 +163,7 @@ void doit(void) do { ret = gnutls_record_send(client, MSG, strlen(MSG)); - } - while (ret == GNUTLS_E_AGAIN); + } while (ret == GNUTLS_E_AGAIN); msglen = strlen(MSG); TRANSFER(client, server, MSG, msglen, buffer, MAX_BUF); diff --git a/tests/mini-global-load.c b/tests/mini-global-load.c index 7330317395..4c649ed7d1 100644 --- a/tests/mini-global-load.c +++ b/tests/mini-global-load.c @@ -23,7 +23,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -42,45 +42,42 @@ static void tls_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; static void start(const char *prio) { @@ -102,9 +99,8 @@ static void start(const char *prio) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); gnutls_priority_set_direct(server, prio, NULL); diff --git a/tests/mini-key-material.c b/tests/mini-key-material.c index ffb0e88180..0b93d183be 100644 --- a/tests/mini-key-material.c +++ b/tests/mini-key-material.c @@ -18,7 +18,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,17 +33,17 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -67,7 +67,7 @@ static pid_t child; /* A very basic DTLS client, with anonymous authentication, that negotiates SRTP */ -static void dump(const char *name, uint8_t * data, unsigned data_size) +static void dump(const char *name, uint8_t *data, unsigned data_size) { unsigned i; @@ -117,9 +117,10 @@ static void client(int fd) gnutls_init(&session, GNUTLS_CLIENT); /* Use default priorities */ - ret = gnutls_priority_set_direct(session, - "NONE:+VERS-TLS1.0:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-DH:+ANON-ECDH:+CURVE-ALL", - &err); + ret = gnutls_priority_set_direct( + session, + "NONE:+VERS-TLS1.0:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-DH:+ANON-ECDH:+CURVE-ALL", + &err); if (ret < 0) { fail("client: priority set failed (%s): %s\n", gnutls_strerror(ret), err); @@ -136,8 +137,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed: %s\n", strerror(ret)); @@ -149,8 +149,8 @@ static void client(int fd) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); ret = gnutls_cipher_get(session); if (ret != GNUTLS_CIPHER_AES_128_CBC) { @@ -181,9 +181,8 @@ static void client(int fd) p = key_material; /* check whether the key material matches our calculations */ - ret = - gnutls_record_get_state(session, 0, &mac_key, &iv, &cipher_key, - wseq_number); + ret = gnutls_record_get_state(session, 0, &mac_key, &iv, &cipher_key, + wseq_number); if (ret < 0) { fprintf(stderr, "error in %d\n", __LINE__); gnutls_perror(ret); @@ -196,9 +195,8 @@ static void client(int fd) exit(1); } - ret = - gnutls_record_get_state(session, 1, &read_mac_key, &read_iv, - &read_cipher_key, rseq_number); + ret = gnutls_record_get_state(session, 1, &read_mac_key, &read_iv, + &read_cipher_key, rseq_number); if (ret < 0) { fprintf(stderr, "error in %d\n", __LINE__); gnutls_perror(ret); @@ -211,8 +209,8 @@ static void client(int fd) exit(1); } - if (hash_size != mac_key.size - || memcmp(p, mac_key.data, hash_size) != 0) { + if (hash_size != mac_key.size || + memcmp(p, mac_key.data, hash_size) != 0) { dump("MAC:", mac_key.data, mac_key.size); dump("Block:", key_material, block_size); fprintf(stderr, "error in %d\n", __LINE__); @@ -220,8 +218,8 @@ static void client(int fd) } p += hash_size; - if (hash_size != read_mac_key.size - || memcmp(p, read_mac_key.data, hash_size) != 0) { + if (hash_size != read_mac_key.size || + memcmp(p, read_mac_key.data, hash_size) != 0) { dump("MAC:", read_mac_key.data, read_mac_key.size); dump("Block:", key_material, block_size); fprintf(stderr, "error in %d\n", __LINE__); @@ -229,15 +227,15 @@ static void client(int fd) } p += hash_size; - if (key_size != cipher_key.size - || memcmp(p, cipher_key.data, key_size) != 0) { + if (key_size != cipher_key.size || + memcmp(p, cipher_key.data, key_size) != 0) { fprintf(stderr, "error in %d\n", __LINE__); exit(1); } p += key_size; - if (key_size != read_cipher_key.size - || memcmp(p, read_cipher_key.data, key_size) != 0) { + if (key_size != read_cipher_key.size || + memcmp(p, read_cipher_key.data, key_size) != 0) { fprintf(stderr, "error in %d\n", __LINE__); exit(1); } @@ -262,8 +260,8 @@ static void client(int fd) } } - ret = - gnutls_record_get_state(session, 0, NULL, NULL, NULL, wseq_number); + ret = gnutls_record_get_state(session, 0, NULL, NULL, NULL, + wseq_number); if (ret < 0) { fprintf(stderr, "error in %d\n", __LINE__); gnutls_perror(ret); @@ -276,8 +274,8 @@ static void client(int fd) exit(1); } - ret = - gnutls_record_get_state(session, 1, NULL, NULL, NULL, rseq_number); + ret = gnutls_record_get_state(session, 1, NULL, NULL, NULL, + rseq_number); if (ret < 0) { fprintf(stderr, "error in %d\n", __LINE__); gnutls_perror(ret); @@ -328,9 +326,9 @@ static void server(int fd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - ret = gnutls_priority_set_direct(session, - "NORMAL:+ANON-DH:+ANON-ECDH:-VERS-ALL:+VERS-TLS1.0", - NULL); + ret = gnutls_priority_set_direct( + session, "NORMAL:+ANON-DH:+ANON-ECDH:-VERS-ALL:+VERS-TLS1.0", + NULL); if (ret < 0) { fail("server: priority set failed (%s)\n\n", gnutls_strerror(ret)); @@ -343,8 +341,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -357,8 +354,8 @@ static void server(int fd) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { ret = gnutls_record_recv(session, buf, sizeof(buf)); @@ -421,4 +418,4 @@ void doit(void) start(); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-loss-time.c b/tests/mini-loss-time.c index 505b3baafe..8e23b96137 100644 --- a/tests/mini-loss-time.c +++ b/tests/mini-loss-time.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -36,17 +36,17 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" /* This program tests whether a DTLS handshake would timeout * in the expected time. @@ -135,9 +135,10 @@ static void client(int fd, unsigned timeout) gnutls_dtls_set_timeouts(session, 1 * 1000, timeout * 1000); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); /* put the anonymous credentials to the current session */ @@ -151,9 +152,8 @@ static void client(int fd, unsigned timeout) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 - && (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED)); + } while (ret < 0 && + (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED)); gnutls_deinit(session); gnutls_anon_free_client_credentials(anoncred); @@ -198,9 +198,10 @@ static void server(int fd, int packet, unsigned timeout) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); @@ -212,9 +213,8 @@ static void server(int fd, int packet, unsigned timeout) do { ret = gnutls_handshake(session); - } - while (ret < 0 - && (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED)); + } while (ret < 0 && + (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED)); gnutls_deinit(session); gnutls_anon_free_server_credentials(anoncred); @@ -291,7 +291,8 @@ static void ch_handler(int sig) void doit(void) { time_t tstart, tstop; - int tries = 5; /* we try multiple times because in very busy systems the suite may fail to finish on time */ + int tries = + 5; /* we try multiple times because in very busy systems the suite may fail to finish on time */ signal(SIGCHLD, ch_handler); signal(SIGPIPE, SIG_IGN); @@ -335,4 +336,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-overhead.c b/tests/mini-overhead.c index b698877b02..5be9f6e3d9 100644 --- a/tests/mini-overhead.c +++ b/tests/mini-overhead.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,18 +35,18 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -56,7 +56,7 @@ static void terminate(void); static void server_log_func(int level, const char *str) { -// fprintf (stderr, "server|<%d>| %s", level, str); + // fprintf (stderr, "server|<%d>| %s", level, str); } static void client_log_func(int level, const char *str) @@ -65,51 +65,48 @@ static void client_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; /* A very basic TLS client, with anonymous authentication. */ -# define MAX_BUF 1024 -# define MTU 1500 +#define MAX_BUF 1024 +#define MTU 1500 static void client(int fd, const char *prio, unsigned overhead) { @@ -151,8 +148,7 @@ static void client(int fd, const char *prio, unsigned overhead) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed for %s\n", prio); @@ -165,15 +161,15 @@ static void client(int fd, const char *prio, unsigned overhead) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); gnutls_dtls_set_mtu(session, MTU); ret = gnutls_dtls_get_data_mtu(session); if (MTU - ret != (int)overhead) { - fail("overhead for %s is %d, expected %u\n", prio, - MTU - ret, overhead); + fail("overhead for %s is %d, expected %u\n", prio, MTU - ret, + overhead); exit(1); } @@ -244,8 +240,7 @@ static void server(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -258,8 +253,8 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); close(fd); gnutls_deinit(session); @@ -319,20 +314,17 @@ void doit(void) /* overhead for CBC depends on MTU */ /* 13 + 20(sha1) + 16(iv) + 16(pad) */ - start - ("NONE:+VERS-DTLS1.0:%NO_ETM:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA", - 65); + start("NONE:+VERS-DTLS1.0:%NO_ETM:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA", + 65); /* 13 + 20(sha1) + 8(iv) + 8(max pad) */ if (!gnutls_fips140_mode_enabled()) - start - ("NONE:+VERS-DTLS1.0:+3DES-CBC:%NO_ETM:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA", - 49); + start("NONE:+VERS-DTLS1.0:+3DES-CBC:%NO_ETM:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA", + 49); /* 13 + 16(tag) + 4(iv) */ - start - ("NONE:+VERS-DTLS1.2:+AES-128-GCM:%NO_ETM:+AEAD:+SIGN-ALL:+COMP-NULL:+RSA", - 37); + start("NONE:+VERS-DTLS1.2:+AES-128-GCM:%NO_ETM:+AEAD:+SIGN-ALL:+COMP-NULL:+RSA", + 37); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-record-2.c b/tests/mini-record-2.c index 37b1e87671..18baddce24 100644 --- a/tests/mini-record-2.c +++ b/tests/mini-record-2.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,18 +35,18 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -65,50 +65,47 @@ static void client_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; /* A very basic TLS client, with anonymous authentication. */ -# define MAX_BUF 24*1024 +#define MAX_BUF 24 * 1024 static void client(int fd, const char *prio, int ign) { @@ -154,8 +151,7 @@ static void client(int fd, const char *prio, int ign) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client (%s): Handshake has failed (%s)\n\n", prio, @@ -168,8 +164,8 @@ static void client(int fd, const char *prio, int ign) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* Test sending */ for (i = 1; i < 16384; i++) { @@ -191,11 +187,12 @@ static void client(int fd, const char *prio, int ign) } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { - fail("server (%s): Error sending %d byte packet: %s\n", - prio, i, gnutls_strerror(ret)); + fail("server (%s): Error sending %d byte packet: %s\n", prio, i, + gnutls_strerror(ret)); exit(1); } else if (ign == 0 && ret != 16384) { - fail("server (%s): Error sending %d byte packet; sent %d bytes instead of 16384\n", prio, i, ret); + fail("server (%s): Error sending %d byte packet; sent %d bytes instead of 16384\n", + prio, i, ret); exit(1); } @@ -226,7 +223,7 @@ static void client(int fd, const char *prio, int ign) } } - end: +end: close(fd); @@ -292,8 +289,7 @@ static void server(int fd, const char *prio, int ign) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -306,8 +302,8 @@ static void server(int fd, const char *prio, int ign) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* Here we do both a receive and a send test because if valgrind * detects an error on the peer, the main process will never know. @@ -349,11 +345,12 @@ static void server(int fd, const char *prio, int ign) } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { - fail("server (%s): Error sending %d byte packet: %s\n", - prio, i, gnutls_strerror(ret)); + fail("server (%s): Error sending %d byte packet: %s\n", prio, i, + gnutls_strerror(ret)); terminate(); } else if (ign == 0 && ret != 16384) { - fail("server (%s): Error sending %d byte packet; sent %d bytes instead of 16384\n", prio, i, ret); + fail("server (%s): Error sending %d byte packet; sent %d bytes instead of 16384\n", + prio, i, ret); terminate(); } @@ -406,22 +403,34 @@ static void start(const char *name, const char *prio, int ign) } } -# define AES_CBC "NONE:+VERS-TLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" -# define AES_CBC_SHA256 "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" -# define AES_GCM "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" -# define AES_CCM "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" -# define AES_CCM_8 "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CCM-8:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" - -# define ARCFOUR_SHA1 "NONE:+VERS-TLS1.0:-CIPHER-ALL:+ARCFOUR-128:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" -# define ARCFOUR_MD5 "NONE:+VERS-TLS1.0:-CIPHER-ALL:+ARCFOUR-128:+MD5:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL:+RSA" - -# define NULL_SHA1 "NONE:+VERS-TLS1.0:-CIPHER-ALL:+NULL:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+RSA:+CURVE-ALL" - -# define CHACHA_POLY1305 "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+CHACHA20-POLY1305:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ECDHE-RSA:+CURVE-ALL" - -# define TLS13_AES_GCM "NONE:+VERS-TLS1.3:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+GROUP-ALL" -# define TLS13_AES_CCM "NONE:+VERS-TLS1.3:-CIPHER-ALL:+RSA:+AES-128-CCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+GROUP-ALL" -# define TLS13_CHACHA_POLY1305 "NONE:+VERS-TLS1.3:-CIPHER-ALL:+RSA:+CHACHA20-POLY1305:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+GROUP-ALL" +#define AES_CBC \ + "NONE:+VERS-TLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" +#define AES_CBC_SHA256 \ + "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" +#define AES_GCM \ + "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" +#define AES_CCM \ + "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" +#define AES_CCM_8 \ + "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CCM-8:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" + +#define ARCFOUR_SHA1 \ + "NONE:+VERS-TLS1.0:-CIPHER-ALL:+ARCFOUR-128:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" +#define ARCFOUR_MD5 \ + "NONE:+VERS-TLS1.0:-CIPHER-ALL:+ARCFOUR-128:+MD5:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL:+RSA" + +#define NULL_SHA1 \ + "NONE:+VERS-TLS1.0:-CIPHER-ALL:+NULL:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+RSA:+CURVE-ALL" + +#define CHACHA_POLY1305 \ + "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+CHACHA20-POLY1305:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ECDHE-RSA:+CURVE-ALL" + +#define TLS13_AES_GCM \ + "NONE:+VERS-TLS1.3:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+GROUP-ALL" +#define TLS13_AES_CCM \ + "NONE:+VERS-TLS1.3:-CIPHER-ALL:+RSA:+AES-128-CCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+GROUP-ALL" +#define TLS13_CHACHA_POLY1305 \ + "NONE:+VERS-TLS1.3:-CIPHER-ALL:+RSA:+CHACHA20-POLY1305:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+GROUP-ALL" static void ch_handler(int sig) { @@ -449,7 +458,6 @@ void doit(void) start("tls13-aes-gcm", TLS13_AES_GCM, 0); start("tls13-aes-ccm", TLS13_AES_CCM, 0); - } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-record-failure.c b/tests/mini-record-failure.c index 67d2551733..4db6e0123a 100644 --- a/tests/mini-record-failure.c +++ b/tests/mini-record-failure.c @@ -22,7 +22,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -37,18 +37,18 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "cert-common.h" +#include "utils.h" static void terminate(void); @@ -69,8 +69,8 @@ static void client_log_func(int level, const char *str) static int modify = 0; -static ssize_t -client_push(gnutls_transport_ptr_t tr, const void *data, size_t len) +static ssize_t client_push(gnutls_transport_ptr_t tr, const void *data, + size_t len) { unsigned int fd = (long)tr; @@ -87,7 +87,7 @@ client_push(gnutls_transport_ptr_t tr, const void *data, size_t len) } } -# define MAX_BUF 24*1024 +#define MAX_BUF 24 * 1024 static void client(int fd, const char *prio, int ign) { @@ -133,8 +133,7 @@ static void client(int fd, const char *prio, int ign) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client (%s): Handshake has failed (%s)\n\n", prio, @@ -147,8 +146,8 @@ static void client(int fd, const char *prio, int ign) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); modify = 1; do { @@ -227,8 +226,7 @@ static void server(int fd, const char *prio, int ign) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -241,8 +239,8 @@ static void server(int fd, const char *prio, int ign) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* Here we do both a receive and a send test because if valgrind * detects an error on the peer, the main process will never know. @@ -304,22 +302,33 @@ static void start(const char *name, const char *prio, int ign) } } -# define AES_CBC "NONE:+VERS-TLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" -# define AES_CBC_SHA256 "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" -# define AES_GCM "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" -# define AES_CCM "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" -# define AES_CCM_8 "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CCM-8:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" - -# define ARCFOUR_SHA1 "NONE:+VERS-TLS1.0:-CIPHER-ALL:+ARCFOUR-128:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" -# define ARCFOUR_MD5 "NONE:+VERS-TLS1.0:-CIPHER-ALL:+ARCFOUR-128:+MD5:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL:+RSA" - -# define NULL_SHA1 "NONE:+VERS-TLS1.0:-CIPHER-ALL:+NULL:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+RSA:+CURVE-ALL" - -# define NO_ETM ":%NO_ETM" - -# define TLS13_AES_GCM "NONE:+VERS-TLS1.3:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+GROUP-ALL" -# define TLS13_AES_CCM "NONE:+VERS-TLS1.3:-CIPHER-ALL:+RSA:+AES-128-CCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+GROUP-ALL" -# define TLS13_CHACHA_POLY1305 "NONE:+VERS-TLS1.3:-CIPHER-ALL:+RSA:+CHACHA20-POLY1305:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+GROUP-ALL" +#define AES_CBC \ + "NONE:+VERS-TLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" +#define AES_CBC_SHA256 \ + "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" +#define AES_GCM \ + "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" +#define AES_CCM \ + "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" +#define AES_CCM_8 \ + "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CCM-8:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" + +#define ARCFOUR_SHA1 \ + "NONE:+VERS-TLS1.0:-CIPHER-ALL:+ARCFOUR-128:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" +#define ARCFOUR_MD5 \ + "NONE:+VERS-TLS1.0:-CIPHER-ALL:+ARCFOUR-128:+MD5:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL:+RSA" + +#define NULL_SHA1 \ + "NONE:+VERS-TLS1.0:-CIPHER-ALL:+NULL:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+RSA:+CURVE-ALL" + +#define NO_ETM ":%NO_ETM" + +#define TLS13_AES_GCM \ + "NONE:+VERS-TLS1.3:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+GROUP-ALL" +#define TLS13_AES_CCM \ + "NONE:+VERS-TLS1.3:-CIPHER-ALL:+RSA:+AES-128-CCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+GROUP-ALL" +#define TLS13_CHACHA_POLY1305 \ + "NONE:+VERS-TLS1.3:-CIPHER-ALL:+RSA:+CHACHA20-POLY1305:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+GROUP-ALL" static void ch_handler(int sig) { @@ -363,4 +372,4 @@ void doit(void) start("tls13-aes-ccm", TLS13_AES_CCM, 0); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-record-range.c b/tests/mini-record-range.c index c5e2578f88..908230de82 100644 --- a/tests/mini-record-range.c +++ b/tests/mini-record-range.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,22 +35,22 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" - -# define MAX_BUF 1024 -# define HIGH(x) (3*x) +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" + +#define MAX_BUF 1024 +#define HIGH(x) (3 * x) static void terminate(void); static int to_send; static size_t total; @@ -117,8 +117,7 @@ static void client(int fd, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -131,8 +130,8 @@ static void client(int fd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { do { @@ -153,7 +152,7 @@ static void client(int fd, const char *prio) gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -219,8 +218,7 @@ static void server(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -233,8 +231,8 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); gnutls_transport_set_push_function(session, push); @@ -246,9 +244,8 @@ static void server(int fd, const char *prio) do { total = 0; do { - ret = - gnutls_record_send_range(session, buffer, - sizeof(buffer), &range); + ret = gnutls_record_send_range(session, buffer, + sizeof(buffer), &range); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { @@ -263,8 +260,7 @@ static void server(int fd, const char *prio) } to_send++; - } - while (to_send < 4); + } while (to_send < 4); to_send = -1; /* do not wait for the peer to close the connection. @@ -313,8 +309,9 @@ static void start(const char *prio) } } -# define AES_CBC "NONE:+VERS-TLS1.2:+AES-128-CBC:+MAC-ALL:+SIGN-ALL:+ANON-ECDH:+CURVE-ALL" -# define AES_GCM "NONE:+VERS-TLS1.3:+AES-256-GCM:+AEAD:+SIGN-ALL:+GROUP-ALL" +#define AES_CBC \ + "NONE:+VERS-TLS1.2:+AES-128-CBC:+MAC-ALL:+SIGN-ALL:+ANON-ECDH:+CURVE-ALL" +#define AES_GCM "NONE:+VERS-TLS1.3:+AES-256-GCM:+AEAD:+SIGN-ALL:+GROUP-ALL" static void ch_handler(int sig) { @@ -332,4 +329,4 @@ void doit(void) start(AES_GCM); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-record.c b/tests/mini-record.c index 10f464b2e2..154836671c 100644 --- a/tests/mini-record.c +++ b/tests/mini-record.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -36,19 +36,19 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" -# include "cert-common.h" +#include "utils.h" +#include "cert-common.h" static void terminate(void); @@ -66,7 +66,7 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static int to_send = -1; static int mtu = 0; @@ -78,10 +78,10 @@ static ssize_t push(gnutls_transport_ptr_t tr, const void *data, size_t len) return send(fd, data, len, 0); } -# define RECORD_HEADER_SIZE (5+8) +#define RECORD_HEADER_SIZE (5 + 8) -static ssize_t -push_crippled(gnutls_transport_ptr_t tr, const void *data, size_t len) +static ssize_t push_crippled(gnutls_transport_ptr_t tr, const void *data, + size_t len) { int fd = (long int)tr; int _len, ret; @@ -90,11 +90,11 @@ push_crippled(gnutls_transport_ptr_t tr, const void *data, size_t len) if (to_send == -1) return send(fd, data, len, 0); else { -# if 0 +#if 0 _len = ((uint8_t *) data)[11] << 8 | ((uint8_t *) data)[12]; fprintf(stderr, "mtu: %d, len: %d", mtu, (int)_len); fprintf(stderr, " send: %d\n", (int)to_send); -# endif +#endif _len = to_send; _data[11] = _len >> 8; @@ -154,8 +154,7 @@ static void client(int fd, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -168,8 +167,8 @@ static void client(int fd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* make sure we are not blocked forever */ gnutls_record_set_timeout(session, 10000); @@ -193,7 +192,7 @@ static void client(int fd, const char *prio) gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -260,8 +259,7 @@ static void server(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -274,15 +272,15 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); mtu = gnutls_dtls_get_mtu(session); do { - usleep(10000); /* some systems like FreeBSD have their buffers full during this send */ + usleep(10000); /* some systems like FreeBSD have their buffers full during this send */ do { - ret = - gnutls_record_send(session, buffer, sizeof(buffer)); + ret = gnutls_record_send(session, buffer, + sizeof(buffer)); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { @@ -291,8 +289,7 @@ static void server(int fd, const char *prio) terminate(); } to_send++; - } - while (to_send < 64); + } while (to_send < 64); to_send = -1; @@ -344,12 +341,18 @@ static void start(const char *name, const char *prio) } } -# define AES_CBC "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" -# define AES_CBC_SHA256 "NONE:+VERS-DTLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" -# define AES_GCM "NONE:+VERS-DTLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" -# define AES_CCM "NONE:+VERS-DTLS1.2:-CIPHER-ALL:+RSA:+AES-128-CCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" -# define AES_CCM_8 "NONE:+VERS-DTLS1.2:-CIPHER-ALL:+RSA:+AES-128-CCM-8:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" -# define CHACHA_POLY1305 "NONE:+VERS-DTLS1.2:-CIPHER-ALL:+RSA:+CHACHA20-POLY1305:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ECDHE-RSA:+CURVE-ALL" +#define AES_CBC \ + "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" +#define AES_CBC_SHA256 \ + "NONE:+VERS-DTLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" +#define AES_GCM \ + "NONE:+VERS-DTLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" +#define AES_CCM \ + "NONE:+VERS-DTLS1.2:-CIPHER-ALL:+RSA:+AES-128-CCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" +#define AES_CCM_8 \ + "NONE:+VERS-DTLS1.2:-CIPHER-ALL:+RSA:+AES-128-CCM-8:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" +#define CHACHA_POLY1305 \ + "NONE:+VERS-DTLS1.2:-CIPHER-ALL:+RSA:+CHACHA20-POLY1305:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ECDHE-RSA:+CURVE-ALL" static void ch_handler(int sig) { @@ -371,4 +374,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-server-name.c b/tests/mini-server-name.c index e2d73c52e0..0aa7baeb9e 100644 --- a/tests/mini-server-name.c +++ b/tests/mini-server-name.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -37,20 +37,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void terminate(void); /* This program tests gnutls_server_name_set() and gnutls_server_name_get(). @@ -115,8 +115,7 @@ static void client(const char *test_name, const char *prio, int fd, */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { if (server_err < 0) @@ -130,12 +129,12 @@ static void client(const char *test_name, const char *prio, int fd, if (debug) test_success("TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); gnutls_bye(session, GNUTLS_SHUT_WR); - cleanup: +cleanup: close(fd); gnutls_deinit(session); @@ -197,8 +196,7 @@ static void server(const char *test_name, const char *prio, int fd, do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { if (exp_err == ret) goto cleanup; @@ -213,15 +211,15 @@ static void server(const char *test_name, const char *prio, int fd, if (debug) test_success("TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); buffer_size = sizeof(buffer); ret = gnutls_server_name_get(session, buffer, &buffer_size, &type, 0); - if ((name == NULL || name[0] == 0) - && (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE - || ret == GNUTLS_E_IDNA_ERROR)) { + if ((name == NULL || name[0] == 0) && + (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE || + ret == GNUTLS_E_IDNA_ERROR)) { /* expected */ if (debug) test_success("empty name matches\n"); @@ -229,19 +227,19 @@ static void server(const char *test_name, const char *prio, int fd, test_fail("server_name: %s/%d\n", gnutls_strerror(ret), ret); } else { if (name == NULL || name[0] == 0) { - test_fail - ("did not receive the expected name: got: %s\n", - buffer); + test_fail( + "did not receive the expected name: got: %s\n", + buffer); exit(1); } if (buffer_size != strlen(buffer)) { - test_fail - ("received name '%s/%d/%d', with embedded null\n", - buffer, (int)buffer_size, (int)strlen(buffer)); + test_fail( + "received name '%s/%d/%d', with embedded null\n", + buffer, (int)buffer_size, (int)strlen(buffer)); exit(1); } - if (name_len != buffer_size - || memcmp(name, buffer, name_len) != 0) { + if (name_len != buffer_size || + memcmp(name, buffer, name_len) != 0) { test_fail("received name '%s/%d', expected '%s/%d'\n", buffer, (int)buffer_size, name, (int)name_len); @@ -254,7 +252,7 @@ static void server(const char *test_name, const char *prio, int fd, /* do not wait for the peer to close the connection. */ gnutls_bye(session, GNUTLS_SHUT_WR); - cleanup: +cleanup: close(fd); gnutls_deinit(session); @@ -311,9 +309,9 @@ static void ch_handler(int sig) return; } -# define PRIO_TLS12 "NORMAL:-VERS-ALL:+VERS-TLS1.2" -# define PRIO_TLS13 "NORMAL:-VERS-ALL:+VERS-TLS1.3" -# define PRIO_NORMAL "NORMAL" +#define PRIO_TLS12 "NORMAL:-VERS-ALL:+VERS-TLS1.2" +#define PRIO_TLS13 "NORMAL:-VERS-ALL:+VERS-TLS1.3" +#define PRIO_NORMAL "NORMAL" void doit(void) { @@ -360,4 +358,4 @@ void doit(void) GNUTLS_E_RECEIVED_DISALLOWED_NAME); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-session-verify-function.c b/tests/mini-session-verify-function.c index 152d204580..c187fe1b4a 100644 --- a/tests/mini-session-verify-function.c +++ b/tests/mini-session-verify-function.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -55,14 +55,16 @@ static int server_callback(gnutls_session_t session) if (gnutls_handshake_get_last_in(session) != GNUTLS_HANDSHAKE_CERTIFICATE_PKT) { fail("client's last input message was unexpected: %s\n", - gnutls_handshake_description_get_name - (gnutls_handshake_get_last_in(session))); + gnutls_handshake_description_get_name( + gnutls_handshake_get_last_in(session))); exit(1); } if (gnutls_handshake_get_last_out(session) != GNUTLS_HANDSHAKE_SERVER_HELLO_DONE) { - fail("client's last output message was unexpected: %s\n", gnutls_handshake_description_get_name(gnutls_handshake_get_last_out(session))); + fail("client's last output message was unexpected: %s\n", + gnutls_handshake_description_get_name( + gnutls_handshake_get_last_out(session))); exit(1); } } @@ -75,48 +77,44 @@ static void tls_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; - -static -void test_success1(const char *prio) + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; + +static void test_success1(const char *prio) { /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -136,9 +134,8 @@ void test_success1(const char *prio) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); assert(gnutls_priority_set_direct(server, prio, NULL) >= 0); @@ -176,8 +173,7 @@ void test_success1(const char *prio) fail("Client certificate verify callback wasn't called\n"); } -static -void test_failure_client(const char *prio) +static void test_failure_client(const char *prio) { /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -199,9 +195,8 @@ void test_failure_client(const char *prio) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); assert(gnutls_priority_set_direct(server, prio, NULL) >= 0); @@ -235,8 +230,7 @@ void test_failure_client(const char *prio) __func__); } -static -void test_failure_server(const char *prio) +static void test_failure_server(const char *prio) { /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -258,9 +252,8 @@ void test_failure_server(const char *prio) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); assert(gnutls_priority_set_direct(server, prio, NULL) >= 0); diff --git a/tests/mini-termination.c b/tests/mini-termination.c index 92dac747ea..09dc5bae79 100644 --- a/tests/mini-termination.c +++ b/tests/mini-termination.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,18 +35,18 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -56,7 +56,7 @@ static void terminate(void); static void server_log_func(int level, const char *str) { -// fprintf (stderr, "server|<%d>| %s", level, str); + // fprintf (stderr, "server|<%d>| %s", level, str); } static void client_log_func(int level, const char *str) @@ -65,50 +65,47 @@ static void client_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; /* A very basic TLS client, with anonymous authentication. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, const char *prio) { @@ -147,8 +144,7 @@ static void client(int fd, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -161,8 +157,8 @@ static void client(int fd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { do { ret = gnutls_record_recv(session, buffer, MAX_BUF); @@ -179,7 +175,7 @@ static void client(int fd, const char *prio) exit(1); } - end: +end: close(fd); gnutls_deinit(session); @@ -238,8 +234,7 @@ static void server(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -252,8 +247,8 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); close(fd); gnutls_deinit(session); @@ -316,4 +311,4 @@ void doit(void) start("NORMAL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-tls-nonblock.c b/tests/mini-tls-nonblock.c index 42260dd09a..853f841fbd 100644 --- a/tests/mini-tls-nonblock.c +++ b/tests/mini-tls-nonblock.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,19 +35,19 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -57,7 +57,7 @@ static void terminate(void); static void server_log_func(int level, const char *str) { -// fprintf (stderr, "server|<%d>| %s", level, str); + // fprintf (stderr, "server|<%d>| %s", level, str); } static void client_log_func(int level, const char *str) @@ -66,50 +66,47 @@ static void client_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; /* A very basic TLS client, with anonymous authentication. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 static const char *g_msg = ""; static ssize_t my_pull(gnutls_transport_ptr_t tr, void *data, size_t len) @@ -179,8 +176,7 @@ static void client(int fd, const char *msg, const char *prio, unsigned expl) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -193,8 +189,8 @@ static void client(int fd, const char *msg, const char *prio, unsigned expl) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); close(fd); @@ -257,8 +253,7 @@ static void server(int fd, const char *prio, unsigned expl) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -271,8 +266,8 @@ static void server(int fd, const char *prio, unsigned expl) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); close(fd); gnutls_deinit(session); @@ -327,9 +322,9 @@ static void ch_handler(int sig) return; } -# ifndef GNUTLS_NONBLOCK -# error GNUTLS_NONBLOCK should have been defined -# endif +#ifndef GNUTLS_NONBLOCK +#error GNUTLS_NONBLOCK should have been defined +#endif void doit(void) { @@ -349,4 +344,4 @@ void doit(void) start("TLS-no flag", "NORMAL", 0); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/mini-x509-2.c b/tests/mini-x509-2.c index 27f7f6a51d..10ff2b2682 100644 --- a/tests/mini-x509-2.c +++ b/tests/mini-x509-2.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -43,141 +43,137 @@ static void tls_log_func(int level, const char *str) } static unsigned char ca_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwNDA5MDgwMjM0WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuLSye8pe3yWKZ\n" - "Yp7tLQ4ImwLqqh1aN7x9pc5spLDj6krVArzkyyYDcWvtQNDjErEfLUrZZrCc4aIl\n" - "oU1Ghb92kI8ofZnHFbj3z5zdcWqiPppj5Y+hRdc4LszTWb+itrD9Ht/D67EK+m7W\n" - "ev6xxUdyiBYUmb2O3CnPZpUVshMRtEe45EDGI5hUgL2n4Msj41htTq8hATYPXgoq\n" - "gQUyXFpKAX5XDCyOG+FC6jmEys7UCRYv3SCl7TPWJ4cm+lHcFI2/OTOCBvMlKN2J\n" - "mWCdfnudZldqthin+8fR9l4nbuutOfPNt1Dj9InDzWZ1W/o4LrjKa7fsvszj2Z5A\n" - "Fn+xN/4zAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" - "ADAdBgNVHQ4EFgQUwRHwbXyPosKNNkBiZduEwL5ZCwswDQYJKoZIhvcNAQELBQAD\n" - "ggEBAEKr0b7WoJL+L8St/LEITU/i7FwFrCP6DkbaNo0kgzPmwnvNmw88MLI6UKwE\n" - "JecnjFhurRBBZ4FA85ucNyizeBnuXqFcyJ20+XziaXGPKV/ugKyYv9KBoTYkQOCh\n" - "nbOthmDqjvy2UYQj0BU2dOywkjUKWhYHEZLBpZYck0Orynxydwil5Ncsz4t3smJw\n" - "ahzCW8SzBFTiO99qQBCH2RH1PbUYzfAnJxZS2VScpcqlu9pr+Qv7r8E3p9qHxnQM\n" - "gO5laWO6lc13rNsbZRrtlCvacsiDSuDnS8EVXm0ih4fAntpRHacPbXZbOPQqJ/+1\n" - "G7/qJ6cDC/9aW+fU80ogTkAoFg4=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t ca_cert = { ca_cert_pem, - sizeof(ca_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwNDA5MDgwMjM0WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuLSye8pe3yWKZ\n" + "Yp7tLQ4ImwLqqh1aN7x9pc5spLDj6krVArzkyyYDcWvtQNDjErEfLUrZZrCc4aIl\n" + "oU1Ghb92kI8ofZnHFbj3z5zdcWqiPppj5Y+hRdc4LszTWb+itrD9Ht/D67EK+m7W\n" + "ev6xxUdyiBYUmb2O3CnPZpUVshMRtEe45EDGI5hUgL2n4Msj41htTq8hATYPXgoq\n" + "gQUyXFpKAX5XDCyOG+FC6jmEys7UCRYv3SCl7TPWJ4cm+lHcFI2/OTOCBvMlKN2J\n" + "mWCdfnudZldqthin+8fR9l4nbuutOfPNt1Dj9InDzWZ1W/o4LrjKa7fsvszj2Z5A\n" + "Fn+xN/4zAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQUwRHwbXyPosKNNkBiZduEwL5ZCwswDQYJKoZIhvcNAQELBQAD\n" + "ggEBAEKr0b7WoJL+L8St/LEITU/i7FwFrCP6DkbaNo0kgzPmwnvNmw88MLI6UKwE\n" + "JecnjFhurRBBZ4FA85ucNyizeBnuXqFcyJ20+XziaXGPKV/ugKyYv9KBoTYkQOCh\n" + "nbOthmDqjvy2UYQj0BU2dOywkjUKWhYHEZLBpZYck0Orynxydwil5Ncsz4t3smJw\n" + "ahzCW8SzBFTiO99qQBCH2RH1PbUYzfAnJxZS2VScpcqlu9pr+Qv7r8E3p9qHxnQM\n" + "gO5laWO6lc13rNsbZRrtlCvacsiDSuDnS8EVXm0ih4fAntpRHacPbXZbOPQqJ/+1\n" + "G7/qJ6cDC/9aW+fU80ogTkAoFg4=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t ca_cert = { ca_cert_pem, sizeof(ca_cert_pem) }; static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDOjCCAiKgAwIBAgIMU0T+mwoDu5uVLKeeMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTEwIhgPMjAxNDA0MDkwODAyMzVaGA85OTk5MTIzMTIzNTk1OVow\n" - "EzERMA8GA1UEAxMIc2VydmVyLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" - "AoIBAQDXfvgsMWXHNf3iUaEoZSNztZZr6+UdBkoUhbdWJDR+GwR+GHfnYaYHsuqb\n" - "bNEl/QFI+8Jeth0SmG7TNB+b/AlHFoBm8TwBt7H+Mn6AQIdo872Vs262UkHgbZN6\n" - "dEQeRCgiXmlsOVe+MVpf79Xi32MYz1FZ/ueS6tr8sIDhECThIZkq2eulVjAV86N2\n" - "zQ72Ml1k8rPw4SdK5OFhcXNdXr6CsAol8MmiORKDF0iAZxwtFVc00nBGqQC5rwrN\n" - "3A8czH5TsvyvrcW0mwV2XOVvZM5kFM1T/X0jF6RQHiGGFBYK4s6JZxSSOhJMFYYh\n" - "koPEKsuVZdmBJ2yTTdGumHZfG9LDAgMBAAGjgY0wgYowDAYDVR0TAQH/BAIwADAU\n" - "BgNVHREEDTALgglsb2NhbGhvc3QwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0P\n" - "AQH/BAUDAwegADAdBgNVHQ4EFgQURXiN5VD5vgqAprhd/37ldGKv4/4wHwYDVR0j\n" - "BBgwFoAU8MUzmkotjSmVa5r1ejMkMQ6BiZYwDQYJKoZIhvcNAQELBQADggEBABSU\n" - "cmMX0nGeg43itPnLjSTIUuYEamRhfsFDwgRYQn5w+BcFG1p0scBRxLAShUEb9A2A\n" - "oEJV4rQDpCn9bcMrMHhTCR5sOlLh/2o9BROjK0+DjQLDkooQK5xa+1GYEiy6QYCx\n" - "QjdCCnMhHh24oP2/vUggRKhevvD2QQFKcCDT6n13RFYm+HX82gIh6SAtRs0oahY5\n" - "k9CM9TYRPzXy+tQqhZisJzc8BLTW/XA97kAJW6+hUhPir7AYR6BKJhNeIxcN/yMy\n" - "jsHzWDLezip/8q+kzw658V5e40hne7ZaJycGUaUdLVnJcpNtBgGE82TRS/XZSQKF\n" - "fpy8FLGcJynqlIOzdKs=\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIDATCCAemgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwNDA5MDgwMjM0WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZq3sA+mjFadII\n" - "EMDHfj1fYh+UOUSa8c814E9NfCdYZ9Z11BmPpBeR5mXV12j1DKjkTlqTUL7s4lVR\n" - "RKfyAdCpQIfeXHDeTYYUq2uBnbi5YMG5Y+WbCiYacgRU3IypYrSzaeh1mY7GiEFe\n" - "U/NaImHLCf+TdAvTJ3Fo0QPe5QN2Lrv6l//cqOv7enZ91KRWxClDMM6EAr+C/7dk\n" - "rOTXRrCuH/e/KVBXEJ/YeSYPmBIwolGktRrGdsVagdqYArr4dhJ7VThIVRUX1Ijl\n" - "THCLstI/LuD8WkDccU3ZSdm47f2U43p/+rSO0MiNOXiaskeK56G/9DbJEeETUbzm\n" - "/B2712MVAgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" - "ADAdBgNVHQ4EFgQU8MUzmkotjSmVa5r1ejMkMQ6BiZYwHwYDVR0jBBgwFoAUwRHw\n" - "bXyPosKNNkBiZduEwL5ZCwswDQYJKoZIhvcNAQELBQADggEBACKxBPj9u1t52uIF\n" - "eQ2JPb8/u+MBttvSLo0qPKXwpc4q8hNclh66dpqGWiF0iSumsKyKU54r6CIF9Ikm\n" - "t1V1GR9Ll4iTnz3NdIt1w3ns8rSlU5O/dgKysK/1C/5xJWEUYtEO5mnyi4Zaf8FB\n" - "hKmQ1aWF5dTB81PVAQxyCiFEnH7YumK7pJeIpnCOPIqLZLUHfrTUeL8zONF4i5Sb\n" - "7taZ8SQ6b7IaioU+NJ50uT2wy34lsyvCWf76Azezv9bggkdNDo/7ktMgsfRrSyM8\n" - "+MVob5ePGTjKx5yMy/sy2vUkkefwW3RiEss/y2JRb8Hw7nDlA9ttilYKFwGFwRvw\n" - "KRsXqo8=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIIDOjCCAiKgAwIBAgIMU0T+mwoDu5uVLKeeMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTEwIhgPMjAxNDA0MDkwODAyMzVaGA85OTk5MTIzMTIzNTk1OVow\n" + "EzERMA8GA1UEAxMIc2VydmVyLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQDXfvgsMWXHNf3iUaEoZSNztZZr6+UdBkoUhbdWJDR+GwR+GHfnYaYHsuqb\n" + "bNEl/QFI+8Jeth0SmG7TNB+b/AlHFoBm8TwBt7H+Mn6AQIdo872Vs262UkHgbZN6\n" + "dEQeRCgiXmlsOVe+MVpf79Xi32MYz1FZ/ueS6tr8sIDhECThIZkq2eulVjAV86N2\n" + "zQ72Ml1k8rPw4SdK5OFhcXNdXr6CsAol8MmiORKDF0iAZxwtFVc00nBGqQC5rwrN\n" + "3A8czH5TsvyvrcW0mwV2XOVvZM5kFM1T/X0jF6RQHiGGFBYK4s6JZxSSOhJMFYYh\n" + "koPEKsuVZdmBJ2yTTdGumHZfG9LDAgMBAAGjgY0wgYowDAYDVR0TAQH/BAIwADAU\n" + "BgNVHREEDTALgglsb2NhbGhvc3QwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0P\n" + "AQH/BAUDAwegADAdBgNVHQ4EFgQURXiN5VD5vgqAprhd/37ldGKv4/4wHwYDVR0j\n" + "BBgwFoAU8MUzmkotjSmVa5r1ejMkMQ6BiZYwDQYJKoZIhvcNAQELBQADggEBABSU\n" + "cmMX0nGeg43itPnLjSTIUuYEamRhfsFDwgRYQn5w+BcFG1p0scBRxLAShUEb9A2A\n" + "oEJV4rQDpCn9bcMrMHhTCR5sOlLh/2o9BROjK0+DjQLDkooQK5xa+1GYEiy6QYCx\n" + "QjdCCnMhHh24oP2/vUggRKhevvD2QQFKcCDT6n13RFYm+HX82gIh6SAtRs0oahY5\n" + "k9CM9TYRPzXy+tQqhZisJzc8BLTW/XA97kAJW6+hUhPir7AYR6BKJhNeIxcN/yMy\n" + "jsHzWDLezip/8q+kzw658V5e40hne7ZaJycGUaUdLVnJcpNtBgGE82TRS/XZSQKF\n" + "fpy8FLGcJynqlIOzdKs=\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIDATCCAemgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwNDA5MDgwMjM0WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZq3sA+mjFadII\n" + "EMDHfj1fYh+UOUSa8c814E9NfCdYZ9Z11BmPpBeR5mXV12j1DKjkTlqTUL7s4lVR\n" + "RKfyAdCpQIfeXHDeTYYUq2uBnbi5YMG5Y+WbCiYacgRU3IypYrSzaeh1mY7GiEFe\n" + "U/NaImHLCf+TdAvTJ3Fo0QPe5QN2Lrv6l//cqOv7enZ91KRWxClDMM6EAr+C/7dk\n" + "rOTXRrCuH/e/KVBXEJ/YeSYPmBIwolGktRrGdsVagdqYArr4dhJ7VThIVRUX1Ijl\n" + "THCLstI/LuD8WkDccU3ZSdm47f2U43p/+rSO0MiNOXiaskeK56G/9DbJEeETUbzm\n" + "/B2712MVAgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQU8MUzmkotjSmVa5r1ejMkMQ6BiZYwHwYDVR0jBBgwFoAUwRHw\n" + "bXyPosKNNkBiZduEwL5ZCwswDQYJKoZIhvcNAQELBQADggEBACKxBPj9u1t52uIF\n" + "eQ2JPb8/u+MBttvSLo0qPKXwpc4q8hNclh66dpqGWiF0iSumsKyKU54r6CIF9Ikm\n" + "t1V1GR9Ll4iTnz3NdIt1w3ns8rSlU5O/dgKysK/1C/5xJWEUYtEO5mnyi4Zaf8FB\n" + "hKmQ1aWF5dTB81PVAQxyCiFEnH7YumK7pJeIpnCOPIqLZLUHfrTUeL8zONF4i5Sb\n" + "7taZ8SQ6b7IaioU+NJ50uT2wy34lsyvCWf76Azezv9bggkdNDo/7ktMgsfRrSyM8\n" + "+MVob5ePGTjKx5yMy/sy2vUkkefwW3RiEss/y2JRb8Hw7nDlA9ttilYKFwGFwRvw\n" + "KRsXqo8=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIEpAIBAAKCAQEA1374LDFlxzX94lGhKGUjc7WWa+vlHQZKFIW3ViQ0fhsEfhh3\n" - "52GmB7Lqm2zRJf0BSPvCXrYdEphu0zQfm/wJRxaAZvE8Abex/jJ+gECHaPO9lbNu\n" - "tlJB4G2TenREHkQoIl5pbDlXvjFaX+/V4t9jGM9RWf7nkura/LCA4RAk4SGZKtnr\n" - "pVYwFfOjds0O9jJdZPKz8OEnSuThYXFzXV6+grAKJfDJojkSgxdIgGccLRVXNNJw\n" - "RqkAua8KzdwPHMx+U7L8r63FtJsFdlzlb2TOZBTNU/19IxekUB4hhhQWCuLOiWcU\n" - "kjoSTBWGIZKDxCrLlWXZgSdsk03Rrph2XxvSwwIDAQABAoIBAB7trDS7ij4DM8MN\n" - "sDGaAnKS91nZ63I0+uDjKCMG4znOKuDmJh9hVnD4bs+L2KC5JTwSVh09ygJnOlC5\n" - "xGegzrwTMK6VpOUiNjujh6BkooqfoPAhZpxoReguEeKbWUN2yMPWBQ9xU3SKpMvs\n" - "IiiDozdmWeiuuxHM/00REA49QO3Gnx2logeB+fcvXXD1UiZV3x0xxSApiJt1sr2r\n" - "NmqSyGdNUgpmnTP8zbKnDaRe5Wj4tj1TCTLE/HZ0tzdRuwlkIqvcpGg1LMtKm5N8\n" - "xIWjTGMFwGjG+OF8LGqHLH+28pI3iMB6QqO2YLwOp+WZKImKP3+Dp3s8lCw8t8cm\n" - "q5/Qc9ECgYEA2xwxm+pFkrFmZNLCakP/6S5AZqpfSBRUlF/uX2pBKO7o6I6aOV9o\n" - "zq2QWYIZfdyD+9MvAFUQ36sWfTVWpGA34WGtsGtcRRygKKTigpJHvBldaPxiuYuk\n" - "xbS54nWUdix/JzyQAy22xJXlp4XJvtFJjHhA2td0XA7tfng9n8jmvEUCgYEA+8cA\n" - "uFIQFbaZ2y6pnOvlVj8OH0f1hZa9M+3q01fWy1rnDAsLrIzJy8TZnBtpDwy9lAun\n" - "Sa6wzu6qeHmF17xwk5U7BCyK2Qj/9KhRLg1mnDebQ/CiLSAaJVnrYFp9Du96fTkN\n" - "ollvbFiGF92QwPTDf2f1gHZQEPwa+f/ox37ad2cCgYEAwMgXpfUD7cOEMeV2BQV7\n" - "XnDBXRM97i9lE38sPmtAlYFPD36Yly4pCt+PCBH9181zmtf+nK47wG/Jw7RwXQQD\n" - "ZpwItBZiArTi/Z/FY9jMoOU4WKznOBVzjjgq7ONDEo6n+Z/BnepUyraQb0q5bNi7\n" - "e4o6ldHHoU/JCeNFZRbgXHkCgYA6vJU9at+XwS6phHxLQHkTIsivoYD0tlLTX4it\n" - "30sby8wk8hq6GWomYHkHwxlCSo2bkRBozxkuXV1ll6wSxUJaG7FV6vJFaaUUtYOi\n" - "w7uRbCOLuQKMlnWjCxQvOUz9g/7GYd39ZvHoi8pUnPrdGPzWpzEN1AwfukCs2/e5\n" - "Oq3KtwKBgQCkHmDU8h0kOfN28f8ZiyjJemQMNoOGiJqnGexaKvsRd+bt4H+7DsWQ\n" - "OnyKm/oR0wCCSmFM5aQc6GgzPD7orueKVYHChbY7HLTWKRHNs6Rlk+6hXJvOld0i\n" - "Cl7KqL2x2ibGMtt4LtSntdzWqa87N7vCWMSTmvd8uLgflBs33xUIiQ==\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIEpAIBAAKCAQEA1374LDFlxzX94lGhKGUjc7WWa+vlHQZKFIW3ViQ0fhsEfhh3\n" + "52GmB7Lqm2zRJf0BSPvCXrYdEphu0zQfm/wJRxaAZvE8Abex/jJ+gECHaPO9lbNu\n" + "tlJB4G2TenREHkQoIl5pbDlXvjFaX+/V4t9jGM9RWf7nkura/LCA4RAk4SGZKtnr\n" + "pVYwFfOjds0O9jJdZPKz8OEnSuThYXFzXV6+grAKJfDJojkSgxdIgGccLRVXNNJw\n" + "RqkAua8KzdwPHMx+U7L8r63FtJsFdlzlb2TOZBTNU/19IxekUB4hhhQWCuLOiWcU\n" + "kjoSTBWGIZKDxCrLlWXZgSdsk03Rrph2XxvSwwIDAQABAoIBAB7trDS7ij4DM8MN\n" + "sDGaAnKS91nZ63I0+uDjKCMG4znOKuDmJh9hVnD4bs+L2KC5JTwSVh09ygJnOlC5\n" + "xGegzrwTMK6VpOUiNjujh6BkooqfoPAhZpxoReguEeKbWUN2yMPWBQ9xU3SKpMvs\n" + "IiiDozdmWeiuuxHM/00REA49QO3Gnx2logeB+fcvXXD1UiZV3x0xxSApiJt1sr2r\n" + "NmqSyGdNUgpmnTP8zbKnDaRe5Wj4tj1TCTLE/HZ0tzdRuwlkIqvcpGg1LMtKm5N8\n" + "xIWjTGMFwGjG+OF8LGqHLH+28pI3iMB6QqO2YLwOp+WZKImKP3+Dp3s8lCw8t8cm\n" + "q5/Qc9ECgYEA2xwxm+pFkrFmZNLCakP/6S5AZqpfSBRUlF/uX2pBKO7o6I6aOV9o\n" + "zq2QWYIZfdyD+9MvAFUQ36sWfTVWpGA34WGtsGtcRRygKKTigpJHvBldaPxiuYuk\n" + "xbS54nWUdix/JzyQAy22xJXlp4XJvtFJjHhA2td0XA7tfng9n8jmvEUCgYEA+8cA\n" + "uFIQFbaZ2y6pnOvlVj8OH0f1hZa9M+3q01fWy1rnDAsLrIzJy8TZnBtpDwy9lAun\n" + "Sa6wzu6qeHmF17xwk5U7BCyK2Qj/9KhRLg1mnDebQ/CiLSAaJVnrYFp9Du96fTkN\n" + "ollvbFiGF92QwPTDf2f1gHZQEPwa+f/ox37ad2cCgYEAwMgXpfUD7cOEMeV2BQV7\n" + "XnDBXRM97i9lE38sPmtAlYFPD36Yly4pCt+PCBH9181zmtf+nK47wG/Jw7RwXQQD\n" + "ZpwItBZiArTi/Z/FY9jMoOU4WKznOBVzjjgq7ONDEo6n+Z/BnepUyraQb0q5bNi7\n" + "e4o6ldHHoU/JCeNFZRbgXHkCgYA6vJU9at+XwS6phHxLQHkTIsivoYD0tlLTX4it\n" + "30sby8wk8hq6GWomYHkHwxlCSo2bkRBozxkuXV1ll6wSxUJaG7FV6vJFaaUUtYOi\n" + "w7uRbCOLuQKMlnWjCxQvOUz9g/7GYd39ZvHoi8pUnPrdGPzWpzEN1AwfukCs2/e5\n" + "Oq3KtwKBgQCkHmDU8h0kOfN28f8ZiyjJemQMNoOGiJqnGexaKvsRd+bt4H+7DsWQ\n" + "OnyKm/oR0wCCSmFM5aQc6GgzPD7orueKVYHChbY7HLTWKRHNs6Rlk+6hXJvOld0i\n" + "Cl7KqL2x2ibGMtt4LtSntdzWqa87N7vCWMSTmvd8uLgflBs33xUIiQ==\n" + "-----END RSA PRIVATE KEY-----\n"; static unsigned char cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" - "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" - "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" - "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" - "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" - "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" - "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" - "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" - "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" - "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" - "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" + "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" + "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" + "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" + "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" + "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" + "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" + "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" + "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" + "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" + "dc8Siq5JojruiMizAf0pA7in\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t cli_cert = { cert_pem, sizeof(cert_pem) - 1 }; static unsigned char key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" - "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" - "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" - "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" - "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" - "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" - "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" - "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" - "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" - "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" - "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" - "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" - "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" + "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" + "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" + "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" + "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" + "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" + "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" + "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" + "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" + "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" + "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" + "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" + "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" + "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t cli_key = { key_pem, sizeof(key_pem) - 1 }; -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; -static -void start(const char *prio) +static void start(const char *prio) { int ret; /* Server stuff. */ @@ -201,10 +197,9 @@ void start(const char *prio) if (debug) gnutls_global_set_log_level(2); - ret = - gnutls_x509_crt_list_import2(&crts, &crts_size, &server_cert, - GNUTLS_X509_FMT_PEM, - GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); + ret = gnutls_x509_crt_list_import2( + &crts, &crts_size, &server_cert, GNUTLS_X509_FMT_PEM, + GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); if (ret < 0) { fprintf(stderr, "error: %s\n", gnutls_strerror(ret)); exit(1); @@ -216,8 +211,8 @@ void start(const char *prio) exit(1); } - ret = - gnutls_x509_privkey_import(pkey, &server_key, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import(pkey, &server_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fprintf(stderr, "error: %s\n", gnutls_strerror(ret)); exit(1); @@ -245,15 +240,13 @@ void start(const char *prio) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); - ret = gnutls_certificate_set_x509_key_mem(clientx509cred, - &cli_cert, &cli_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + clientx509cred, &cli_cert, &cli_key, GNUTLS_X509_FMT_PEM); ret = gnutls_init(&client, GNUTLS_CLIENT); if (ret < 0) @@ -284,9 +277,8 @@ void start(const char *prio) } gnutls_x509_crt_init(&crt); - ret = - gnutls_x509_crt_import(crt, &server_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt, &server_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("gnutls_x509_crt_import: %s\n", gnutls_strerror(ret)); @@ -302,8 +294,8 @@ void start(const char *prio) assert(ret == 0); gnutls_x509_crt_deinit(crt); - if (scert.size != mcert->size - || memcmp(scert.data, mcert->data, mcert->size) != 0) { + if (scert.size != mcert->size || + memcmp(scert.data, mcert->data, mcert->size) != 0) { fail("gnutls_certificate_get_ours output doesn't match cert\n"); exit(1); } @@ -325,8 +317,8 @@ void start(const char *prio) } gnutls_x509_crt_init(&crt); - ret = - gnutls_x509_crt_import(crt, &cli_cert, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt, &cli_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("gnutls_x509_crt_import: %s\n", gnutls_strerror(ret)); @@ -342,8 +334,8 @@ void start(const char *prio) assert(ret == 0); gnutls_x509_crt_deinit(crt); - if (ccert.size != mcert->size - || memcmp(ccert.data, mcert->data, mcert->size) != 0) { + if (ccert.size != mcert->size || + memcmp(ccert.data, mcert->data, mcert->size) != 0) { fail("gnutls_certificate_get_ours output doesn't match cert\n"); exit(1); } @@ -440,9 +432,8 @@ void start(const char *prio) exit(1); } - status = - gnutls_ocsp_status_request_is_checked(client, - GNUTLS_OCSP_SR_IS_AVAIL); + status = gnutls_ocsp_status_request_is_checked( + client, GNUTLS_OCSP_SR_IS_AVAIL); if (status != 0) { fprintf(stderr, "gnutls_ocsp_status_request_is_checked: unexpected value (%u)\n", diff --git a/tests/mini-x509-callbacks-intr.c b/tests/mini-x509-callbacks-intr.c index 3ea7aa2499..4060103c1b 100644 --- a/tests/mini-x509-callbacks-intr.c +++ b/tests/mini-x509-callbacks-intr.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -79,48 +79,44 @@ static void tls_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; - -static -void start(const char *prio) + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; + +static void start(const char *prio) { /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -144,9 +140,8 @@ void start(const char *prio) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); gnutls_priority_set_direct(server, "NORMAL", NULL); @@ -155,8 +150,8 @@ void start(const char *prio) gnutls_transport_set_ptr(server, server); gnutls_certificate_set_verify_function(serverx509cred, server_callback); gnutls_certificate_server_set_request(server, GNUTLS_CERT_REQUEST); - gnutls_handshake_set_post_client_hello_function(server, - post_client_hello_callback); + gnutls_handshake_set_post_client_hello_function( + server, post_client_hello_callback); /* Init client */ gnutls_certificate_allocate_credentials(&clientx509cred); diff --git a/tests/mini-x509-callbacks.c b/tests/mini-x509-callbacks.c index 3a25a01015..d70f01ffd4 100644 --- a/tests/mini-x509-callbacks.c +++ b/tests/mini-x509-callbacks.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -61,8 +61,8 @@ static void verify_alpn(gnutls_session_t session) exit(1); } - if (strlen(str) != selected.size - || memcmp(str, selected.data, selected.size) != 0) { + if (strlen(str) != selected.size || + memcmp(str, selected.data, selected.size) != 0) { fail("expected protocol %s, got %.*s\n", str, selected.size, selected.data); exit(1); @@ -95,7 +95,7 @@ unsigned int msg_order[] = { static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * rawmsg) + const gnutls_datum_t *rawmsg) { static unsigned idx = 0; unsigned int msg; @@ -112,13 +112,15 @@ static int handshake_callback(gnutls_session_t session, unsigned int htype, if (incoming != 0) { msg = gnutls_handshake_get_last_in(session); if (msg != htype) { - fail("last input message was not recorded (exp: %d, found: %d) \n", msg, htype); + fail("last input message was not recorded (exp: %d, found: %d) \n", + msg, htype); exit(1); } } else { msg = gnutls_handshake_get_last_out(session); if (msg != htype) { - fail("last output message was not recorded (exp: %d, found: %d) \n", msg, htype); + fail("last output message was not recorded (exp: %d, found: %d) \n", + msg, htype); exit(1); } } @@ -153,45 +155,42 @@ static void tls_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; static void append_alpn(gnutls_session_t session) { @@ -211,8 +210,7 @@ static void append_alpn(gnutls_session_t session) } } -static -void start(const char *prio, unsigned check_order) +static void start(const char *prio, unsigned check_order) { /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -237,9 +235,8 @@ void start(const char *prio, unsigned check_order) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); gnutls_priority_set_direct(server, prio, NULL); @@ -248,8 +245,8 @@ void start(const char *prio, unsigned check_order) gnutls_transport_set_ptr(server, server); gnutls_certificate_set_verify_function(serverx509cred, server_callback); gnutls_certificate_server_set_request(server, GNUTLS_CERT_REQUEST); - gnutls_handshake_set_post_client_hello_function(server, - post_client_hello_callback); + gnutls_handshake_set_post_client_hello_function( + server, post_client_hello_callback); if (check_order) gnutls_handshake_set_hook_function(server, GNUTLS_HANDSHAKE_ANY, GNUTLS_HOOK_POST, diff --git a/tests/mini-x509-cas.c b/tests/mini-x509-cas.c index 08b40329e8..4fd9e16e13 100644 --- a/tests/mini-x509-cas.c +++ b/tests/mini-x509-cas.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -43,8 +43,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static -void start(const char *prio) +static void start(const char *prio) { const char *ca_file; /* Server stuff. */ @@ -71,12 +70,10 @@ void start(const char *prio) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); - ret = - gnutls_certificate_set_x509_trust_file(serverx509cred, ca_file, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_file(serverx509cred, ca_file, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fprintf(stderr, "%s\n", gnutls_strerror(ret)); exit(1); diff --git a/tests/mini-x509-ipaddr.c b/tests/mini-x509-ipaddr.c index 7d6fc2e0f8..a85144066a 100644 --- a/tests/mini-x509-ipaddr.c +++ b/tests/mini-x509-ipaddr.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -41,7 +41,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1490171562; @@ -100,9 +100,8 @@ void doit(void) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -124,7 +123,6 @@ void doit(void) /* attempt to verify */ { - /* try hostname - which is invalid */ memset(data, 0, sizeof(data)); @@ -186,15 +184,14 @@ void doit(void) } if (status != 0) { - assert(gnutls_certificate_verification_status_print - (status, GNUTLS_CRT_X509, &t, 0) >= 0); + assert(gnutls_certificate_verification_status_print( + status, GNUTLS_CRT_X509, &t, 0) >= 0); fail("could not verify: %s/%.4x!\n", t.data, status); } /* try the other verification functions */ - ret = - gnutls_certificate_verify_peers3(client, "127.0.0.1", - &status); + ret = gnutls_certificate_verify_peers3(client, "127.0.0.1", + &status); if (ret < 0) { fail("could not verify certificate: %s\n", gnutls_strerror(ret)); @@ -202,21 +199,20 @@ void doit(void) } if (status != 0) { - assert(gnutls_certificate_verification_status_print - (status, GNUTLS_CRT_X509, &t, 0) >= 0); + assert(gnutls_certificate_verification_status_print( + status, GNUTLS_CRT_X509, &t, 0) >= 0); fail("could not verify: %s/%.4x!\n", t.data, status); } } { /* change the flags */ - gnutls_certificate_set_verify_flags(clientx509cred, - GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES); + gnutls_certificate_set_verify_flags( + clientx509cred, GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES); /* now the compatibility option should fail */ - ret = - gnutls_certificate_verify_peers3(client, "127.0.0.1", - &status); + ret = gnutls_certificate_verify_peers3(client, "127.0.0.1", + &status); if (ret < 0) { fail("could not verify certificate: %s\n", gnutls_strerror(ret)); @@ -266,8 +262,8 @@ void doit(void) } if (status != 0) { - assert(gnutls_certificate_verification_status_print - (status, GNUTLS_CRT_X509, &t, 0) >= 0); + assert(gnutls_certificate_verification_status_print( + status, GNUTLS_CRT_X509, &t, 0) >= 0); fail("could not verify: %s/%.4x!\n", t.data, status); } } diff --git a/tests/mini-x509.c b/tests/mini-x509.c index 4aa1d5f4e2..d358c20b01 100644 --- a/tests/mini-x509.c +++ b/tests/mini-x509.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,7 +40,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1461671166; @@ -50,8 +50,7 @@ static time_t mytime(time_t * t) return then; } -static -void start(const char *prio, unsigned expect_max) +static void start(const char *prio, unsigned expect_max) { int ret; /* Server stuff. */ @@ -75,9 +74,8 @@ void start(const char *prio, unsigned expect_max) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); @@ -91,9 +89,8 @@ void start(const char *prio, unsigned expect_max) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -181,9 +178,8 @@ void start(const char *prio, unsigned expect_max) } /* check gnutls_certificate_verify_peers3 */ - ret = - gnutls_certificate_verify_peers3(client, "localhost1", - &status); + ret = gnutls_certificate_verify_peers3(client, "localhost1", + &status); if (ret < 0) { fail("could not verify certificate: %s\n", gnutls_strerror(ret)); @@ -195,9 +191,8 @@ void start(const char *prio, unsigned expect_max) exit(1); } - ret = - gnutls_certificate_verify_peers3(client, "localhost", - &status); + ret = gnutls_certificate_verify_peers3(client, "localhost", + &status); if (ret < 0) { fail("could not verify certificate: %s\n", gnutls_strerror(ret)); @@ -235,7 +230,7 @@ void start(const char *prio, unsigned expect_max) if (sizeof(time_t) >= 8) { t = gnutls_certificate_expiration_time_peers(client); - if (t != (time_t) 253402300799UL) { + if (t != (time_t)253402300799UL) { fail("unexpected expiration time: %lu\n", (long unsigned)t); } @@ -252,12 +247,14 @@ void start(const char *prio, unsigned expect_max) if (gnutls_protocol_get_version(client) == GNUTLS_TLS1_2) { ret = gnutls_session_ext_master_secret_status(client); if (ret != 1) { - fail("Extended master secret wasn't negotiated by default (client ret: %d)\n", ret); + fail("Extended master secret wasn't negotiated by default (client ret: %d)\n", + ret); } ret = gnutls_session_ext_master_secret_status(server); if (ret != 1) { - fail("Extended master secret wasn't negotiated by default (server ret: %d)\n", ret); + fail("Extended master secret wasn't negotiated by default (server ret: %d)\n", + ret); } } diff --git a/tests/missingissuer.c b/tests/missingissuer.c index 5a7ccaabbd..5f3a5364bb 100644 --- a/tests/missingissuer.c +++ b/tests/missingissuer.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -43,7 +43,7 @@ static time_t then = DEFAULT_THEN; verifying certificates. To avoid a time bomb, we hard code the current time. This should work fine on systems where the library call to time is resolved at run-time. */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { if (t) *t = then; @@ -63,7 +63,7 @@ struct getissuer_data { static int getissuer_callback(gnutls_x509_trust_list_t tlist, const gnutls_x509_crt_t crt, - gnutls_x509_crt_t ** issuers, + gnutls_x509_crt_t **issuers, unsigned int *issuers_size) { gnutls_datum_t tmp; @@ -94,13 +94,14 @@ static int getissuer_callback(gnutls_x509_trust_list_t tlist, assert(gnutls_x509_crt_print(crt, GNUTLS_CRT_PRINT_ONELINE, &tmp) >= 0); if (debug) - printf("\t Certificate missing issuer is: %.*s\n", - tmp.size, tmp.data); + printf("\t Certificate missing issuer is: %.*s\n", tmp.size, + tmp.data); gnutls_free(tmp.data); for (i = 0; i < *issuers_size; i++) { - assert(gnutls_x509_crt_print - ((*issuers)[i], GNUTLS_CRT_PRINT_ONELINE, &tmp) >= 0); + assert(gnutls_x509_crt_print((*issuers)[i], + GNUTLS_CRT_PRINT_ONELINE, + &tmp) >= 0); if (debug) printf("\t Appended issuer certificate is: %.*s\n", @@ -163,9 +164,8 @@ void doit(void) tmp.data = (unsigned char *)chains[i].chain[j]; tmp.size = strlen(chains[i].chain[j]); - ret = - gnutls_x509_crt_import(certs[j], &tmp, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(certs[j], &tmp, + GNUTLS_X509_FMT_PEM); if (debug > 2) printf("done\n"); if (ret < 0) { @@ -226,8 +226,8 @@ void doit(void) data.insert = chains[i].insert; gnutls_x509_trust_list_set_ptr(tl, &data); - gnutls_x509_trust_list_set_getissuer_function(tl, - getissuer_callback); + gnutls_x509_trust_list_set_getissuer_function( + tl, getissuer_callback); ret = gnutls_x509_trust_list_verify_crt(tl, certs, j, chains[i].verify_flags, @@ -241,12 +241,14 @@ void doit(void) if (verify_status != chains[i].expected_verify_result) { gnutls_datum_t out1, out2; - gnutls_certificate_verification_status_print - (verify_status, GNUTLS_CRT_X509, &out1, 0); - gnutls_certificate_verification_status_print - (chains[i].expected_verify_result, - GNUTLS_CRT_X509, &out2, 0); - fail("chain[%s]:\nverify_status: %d: %s\nexpected: %d: %s\n", chains[i].name, verify_status, out1.data, chains[i].expected_verify_result, out2.data); + gnutls_certificate_verification_status_print( + verify_status, GNUTLS_CRT_X509, &out1, 0); + gnutls_certificate_verification_status_print( + chains[i].expected_verify_result, + GNUTLS_CRT_X509, &out2, 0); + fail("chain[%s]:\nverify_status: %d: %s\nexpected: %d: %s\n", + chains[i].name, verify_status, out1.data, + chains[i].expected_verify_result, out2.data); gnutls_free(out1.data); gnutls_free(out2.data); diff --git a/tests/missingissuer_aia.c b/tests/missingissuer_aia.c index 8070331909..0fe8879ade 100644 --- a/tests/missingissuer_aia.c +++ b/tests/missingissuer_aia.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -43,7 +43,7 @@ static time_t then = DEFAULT_THEN; verifying certificates. To avoid a time bomb, we hard code the current time. This should work fine on systems where the library call to time is resolved at run-time. */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { if (t) *t = then; @@ -58,7 +58,7 @@ static void tls_log_func(int level, const char *str) static int getissuer_callback(gnutls_x509_trust_list_t tlist, const gnutls_x509_crt_t crt, - gnutls_x509_crt_t ** issuers, + gnutls_x509_crt_t **issuers, unsigned int *issuers_size) { int ret; @@ -69,13 +69,12 @@ static int getissuer_callback(gnutls_x509_trust_list_t tlist, assert(gnutls_x509_crt_print(crt, GNUTLS_CRT_PRINT_ONELINE, &tmp) >= 0); if (debug) - printf("\t Certificate missing issuer is: %.*s\n", - tmp.size, tmp.data); + printf("\t Certificate missing issuer is: %.*s\n", tmp.size, + tmp.data); gnutls_free(tmp.data); - ret = gnutls_x509_crt_get_authority_info_access(crt, 1, - GNUTLS_IA_CAISSUERS_URI, - &aia, NULL); + ret = gnutls_x509_crt_get_authority_info_access( + crt, 1, GNUTLS_IA_CAISSUERS_URI, &aia, NULL); if (ret < 0) { fprintf(stderr, "error: %s\n", gnutls_strerror(ret)); return -1; @@ -98,8 +97,9 @@ static int getissuer_callback(gnutls_x509_trust_list_t tlist, } for (i = 0; i < *issuers_size; i++) { - assert(gnutls_x509_crt_print - (*issuers[i], GNUTLS_CRT_PRINT_ONELINE, &tmp) >= 0); + assert(gnutls_x509_crt_print(*issuers[i], + GNUTLS_CRT_PRINT_ONELINE, + &tmp) >= 0); if (debug) printf("\t Appended missing certificate is: %.*s\n", @@ -145,8 +145,7 @@ void doit(void) ret = gnutls_x509_crt_init(&certs[j]); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_init[%d]: %s\n", + fprintf(stderr, "gnutls_x509_crt_init[%d]: %s\n", (int)j, gnutls_strerror(ret)); exit(1); } @@ -154,21 +153,20 @@ void doit(void) tmp.data = (unsigned char *)missing_cert_aia[j]; tmp.size = strlen(missing_cert_aia[j]); - ret = - gnutls_x509_crt_import(certs[j], &tmp, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(certs[j], &tmp, + GNUTLS_X509_FMT_PEM); if (debug > 2) printf("done\n"); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_import[%d]: %s\n", + fprintf(stderr, "gnutls_x509_crt_import[%d]: %s\n", (int)j, gnutls_strerror(ret)); exit(1); } gnutls_x509_crt_print(certs[j], GNUTLS_CRT_PRINT_ONELINE, &tmp); if (debug) - printf("\tCertificate %d: %.*s\n", (int)j, - tmp.size, tmp.data); + printf("\tCertificate %d: %.*s\n", (int)j, tmp.size, + tmp.data); gnutls_free(tmp.data); } @@ -212,16 +210,16 @@ void doit(void) gnutls_x509_trust_list_set_getissuer_function(tl, getissuer_callback); - ret = gnutls_x509_trust_list_verify_crt(tl, certs, MAX_CHAIN, - 0, &verify_status, NULL); + ret = gnutls_x509_trust_list_verify_crt(tl, certs, MAX_CHAIN, 0, + &verify_status, NULL); if (ret < 0) { fail("gnutls_x509_crt_list_verify: %s\n", gnutls_strerror(ret)); } if (verify_status) { gnutls_datum_t out; - gnutls_certificate_verification_status_print - (verify_status, GNUTLS_CRT_X509, &out, 0); + gnutls_certificate_verification_status_print( + verify_status, GNUTLS_CRT_X509, &out, 0); fail("verification failed: %s\n", out.data); gnutls_free(out.data); } diff --git a/tests/mpi.c b/tests/mpi.c index bc1d731a6d..39e856ba73 100644 --- a/tests/mpi.c +++ b/tests/mpi.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include diff --git a/tests/multi-alerts.c b/tests/multi-alerts.c index 7412d48fa1..1ca2521519 100644 --- a/tests/multi-alerts.c +++ b/tests/multi-alerts.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -41,18 +41,18 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# endif -# include -# include -# include +#include +#include +#include +#if !defined(_WIN32) +#include +#endif +#include +#include +#include -# include "utils.h" -# include "cert-common.h" +#include "utils.h" +#include "cert-common.h" pid_t child; @@ -62,46 +62,46 @@ static void tls_log_func(int level, const char *str) str); } -static unsigned char tls_hello[] = - "\x16\x03\x01\x01\x38\x01\x00\x01" - "\x34\x03\x03\xfc\x77\xa8\xc7\x46" - "\xf7\xfd\x04\x5b\x3c\xc6\xfa\xa4" - "\xea\x3e\xfa\x76\x99\xfe\x1a\x2e" - "\xe0\x79\x17\xb2\x27\x06\xc4\x5c" - "\xd8\x78\x31\x00\x00\xb6\xc0\x30" - "\xc0\x2c\xc0\x28\xc0\x24\xc0\x14" - "\xc0\x0a\x00\xa5\x00\xa3\x00\xa1" - "\x00\x9f\x00\x6b\x00\x6a\x00\x69" - "\x00\x68\x00\x39\x00\x38\x00\x37" - "\x00\x36\x00\x88\x00\x87\x00\x86" - "\x00\x85\xc0\x32\xc0\x2e\xc0\x2a" - "\xc0\x26\xc0\x0f\xc0\x05\x00\x9d" - "\x00\x3d\x00\x35\x00\x84\xc0\x2f" - "\xc0\x2b\xc0\x27\xc0\x23\xc0\x13" - "\xc0\x09\x00\xa4\x00\xa2\x00\xa0" - "\x00\x9e\x00\x67\x00\x40\x00\x3f" - "\x00\x3e\x00\x33\x00\x32\x00\x31" - "\x00\x30\x00\x9a\x00\x99\x00\x98" - "\x00\x97\x00\x45\x00\x44\x00\x43" - "\x00\x42\xc0\x31\xc0\x2d\xc0\x29" - "\xc0\x25\xc0\x0e\xc0\x04\x00\x9c" - "\x00\x3c\x00\x2f\x00\x96\x00\x41" - "\x00\x07\xc0\x11\xc0\x07\xc0\x0c" - "\xc0\x02\x00\x05\x00\x04\xc0\x12" - "\xc0\x08\x00\x16\x00\x13\x00\x10" - "\x00\x0d\xc0\x0d\xc0\x03\x00\x0a" - "\x00\x15\x00\x12\x00\x0f\x00\x0c" - "\x00\x09\x00\xff\x01\x00\x00\x55" - "\x00\x0b\x00\x04\x03\x00\x01\x02" - "\x00\x0a\x00\x1c\x00\x1a\x00\x17" - "\x00\x19\x00\x1c\x00\x1b\x00\x18" - "\x00\x1a\x00\x16\x00\x0e\x00\x0d" - "\x00\x0b\x00\x0c\x00\x09\x00\x0a" - "\x00\x23\x00\x00\x00\x0d\x00\x20" - "\x00\x1e\x06\x01\x06\x02\x06\x03" - "\x05\x01\x05\x02\x05\x03\x04\x01" - "\x04\x02\x04\x03\x03\x01\x03\x02" - "\x03\x03\x02\x01\x02\x02\x02\x03" "\x00\x0f\x00\x01\x01"; +static unsigned char tls_hello[] = "\x16\x03\x01\x01\x38\x01\x00\x01" + "\x34\x03\x03\xfc\x77\xa8\xc7\x46" + "\xf7\xfd\x04\x5b\x3c\xc6\xfa\xa4" + "\xea\x3e\xfa\x76\x99\xfe\x1a\x2e" + "\xe0\x79\x17\xb2\x27\x06\xc4\x5c" + "\xd8\x78\x31\x00\x00\xb6\xc0\x30" + "\xc0\x2c\xc0\x28\xc0\x24\xc0\x14" + "\xc0\x0a\x00\xa5\x00\xa3\x00\xa1" + "\x00\x9f\x00\x6b\x00\x6a\x00\x69" + "\x00\x68\x00\x39\x00\x38\x00\x37" + "\x00\x36\x00\x88\x00\x87\x00\x86" + "\x00\x85\xc0\x32\xc0\x2e\xc0\x2a" + "\xc0\x26\xc0\x0f\xc0\x05\x00\x9d" + "\x00\x3d\x00\x35\x00\x84\xc0\x2f" + "\xc0\x2b\xc0\x27\xc0\x23\xc0\x13" + "\xc0\x09\x00\xa4\x00\xa2\x00\xa0" + "\x00\x9e\x00\x67\x00\x40\x00\x3f" + "\x00\x3e\x00\x33\x00\x32\x00\x31" + "\x00\x30\x00\x9a\x00\x99\x00\x98" + "\x00\x97\x00\x45\x00\x44\x00\x43" + "\x00\x42\xc0\x31\xc0\x2d\xc0\x29" + "\xc0\x25\xc0\x0e\xc0\x04\x00\x9c" + "\x00\x3c\x00\x2f\x00\x96\x00\x41" + "\x00\x07\xc0\x11\xc0\x07\xc0\x0c" + "\xc0\x02\x00\x05\x00\x04\xc0\x12" + "\xc0\x08\x00\x16\x00\x13\x00\x10" + "\x00\x0d\xc0\x0d\xc0\x03\x00\x0a" + "\x00\x15\x00\x12\x00\x0f\x00\x0c" + "\x00\x09\x00\xff\x01\x00\x00\x55" + "\x00\x0b\x00\x04\x03\x00\x01\x02" + "\x00\x0a\x00\x1c\x00\x1a\x00\x17" + "\x00\x19\x00\x1c\x00\x1b\x00\x18" + "\x00\x1a\x00\x16\x00\x0e\x00\x0d" + "\x00\x0b\x00\x0c\x00\x09\x00\x0a" + "\x00\x23\x00\x00\x00\x0d\x00\x20" + "\x00\x1e\x06\x01\x06\x02\x06\x03" + "\x05\x01\x05\x02\x05\x03\x04\x01" + "\x04\x02\x04\x03\x03\x01\x03\x02" + "\x03\x03\x02\x01\x02\x02\x02\x03" + "\x00\x0f\x00\x01\x01"; static unsigned char tls_alert[] = "\x15\x03\x03\x00\x02\x00\x0A"; @@ -162,8 +162,8 @@ static void server(int sd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - assert(gnutls_priority_set_direct - (session, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL) >= 0); + assert(gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -174,8 +174,8 @@ static void server(int sd) loops++; if (loops > 64) fail("Too many loops in the handshake!\n"); - } while (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN - || ret == GNUTLS_E_WARNING_ALERT_RECEIVED); + } while (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN || + ret == GNUTLS_E_WARNING_ALERT_RECEIVED); if (ret >= 0) { fail("server: Handshake succeeded unexpectedly\n"); @@ -231,4 +231,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/naked-alerts.c b/tests/naked-alerts.c index 73331f72fc..69392ef358 100644 --- a/tests/naked-alerts.c +++ b/tests/naked-alerts.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,18 +40,18 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# endif -# include -# include -# include +#include +#include +#include +#if !defined(_WIN32) +#include +#endif +#include +#include +#include -# include "utils.h" -# include "cert-common.h" +#include "utils.h" +#include "cert-common.h" pid_t child; @@ -111,8 +111,8 @@ static void server(int sd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - assert(gnutls_priority_set_direct - (session, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL) >= 0); + assert(gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -123,11 +123,12 @@ static void server(int sd) loops++; if (loops > 64) fail("Too many loops in the handshake!\n"); - } while (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN - || ret == GNUTLS_E_WARNING_ALERT_RECEIVED); + } while (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN || + ret == GNUTLS_E_WARNING_ALERT_RECEIVED); if (ret != GNUTLS_E_UNEXPECTED_PACKET) { - fail("server: Handshake didn't fail with expected code (failed with %d)\n", ret); + fail("server: Handshake didn't fail with expected code (failed with %d)\n", + ret); } close(sd); @@ -174,4 +175,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/name-constraints-ip.c b/tests/name-constraints-ip.c index 00d10c03b2..cdc27fe4b2 100644 --- a/tests/name-constraints-ip.c +++ b/tests/name-constraints-ip.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -47,10 +47,9 @@ typedef struct test_vars_t { /* just declaration: function is exported privately from lib/x509/name_constraints.c (declared in lib/x509/x509_int.h) but including the header breaks includes */ -extern int _gnutls_x509_name_constraints_merge(gnutls_x509_name_constraints_t - nc, - gnutls_x509_name_constraints_t - nc2); +extern int +_gnutls_x509_name_constraints_merge(gnutls_x509_name_constraints_t nc, + gnutls_x509_name_constraints_t nc2); static void check_for_error(int ret) { @@ -62,7 +61,7 @@ static void check_for_error(int ret) #define IP_REJECTED 0 static void check_test_result(int ret, int expected_outcome, - gnutls_datum_t * tested_ip) + gnutls_datum_t *tested_ip) { if (expected_outcome == IP_ACCEPTED ? ret == 0 : ret != 0) { char ip_out[48]; @@ -78,7 +77,7 @@ static void check_test_result(int ret, int expected_outcome, } } -static void parse_cidr(const char *cidr, gnutls_datum_t * datum) +static void parse_cidr(const char *cidr, gnutls_datum_t *datum) { if (datum->data != NULL) { gnutls_free(datum->data); @@ -93,30 +92,31 @@ static void tls_log_func(int level, const char *str) } static unsigned char cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix\n" - "RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1\n" - "dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1p\n" - "YyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDExMB4XDTExMTIw\n" - "NjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYTAkdSMUQwQgYDVQQK\n" - "EztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENl\n" - "cnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl\n" - "c2VhcmNoIEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEB\n" - "BQADggEPADCCAQoCggEBAKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPz\n" - "dYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJ\n" - "fel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa71HFK9+WXesyHgLacEns\n" - "bgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u8yBRQlqD\n" - "75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSP\n" - "FEDH3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNV\n" - "HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp\n" - "5dgTBCPuQSUwRwYDVR0eBEAwPqA8MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQu\n" - "b3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQub3JnMA0GCSqGSIb3DQEBBQUA\n" - "A4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVtXdMiKahsog2p\n" - "6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8\n" - "TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7\n" - "dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys\n" - "Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI\n" - "l7WdmplNsDz4SgCbZN2fOUvRJ9e4\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix\n" + "RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1\n" + "dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1p\n" + "YyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDExMB4XDTExMTIw\n" + "NjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYTAkdSMUQwQgYDVQQK\n" + "EztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENl\n" + "cnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl\n" + "c2VhcmNoIEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEB\n" + "BQADggEPADCCAQoCggEBAKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPz\n" + "dYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJ\n" + "fel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa71HFK9+WXesyHgLacEns\n" + "bgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u8yBRQlqD\n" + "75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSP\n" + "FEDH3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNV\n" + "HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp\n" + "5dgTBCPuQSUwRwYDVR0eBEAwPqA8MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQu\n" + "b3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQub3JnMA0GCSqGSIb3DQEBBQUA\n" + "A4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVtXdMiKahsog2p\n" + "6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8\n" + "TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7\n" + "dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys\n" + "Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI\n" + "l7WdmplNsDz4SgCbZN2fOUvRJ9e4\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t cert = { cert_pem, sizeof(cert_pem) }; @@ -125,8 +125,8 @@ const gnutls_datum_t cert = { cert_pem, sizeof(cert_pem) }; static void check_generation_reading_basic_checking(void **glob_state) { int ret; - gnutls_x509_name_constraints_t nc = ((test_vars_t *) * glob_state)->nc; - gnutls_datum_t *ip = &(((test_vars_t *) * glob_state)->ip); + gnutls_x509_name_constraints_t nc = ((test_vars_t *)*glob_state)->nc; + gnutls_datum_t *ip = &(((test_vars_t *)*glob_state)->ip); unsigned int i, num_permitted, num_excluded, type; gnutls_x509_crt_t crt; @@ -146,30 +146,26 @@ static void check_generation_reading_basic_checking(void **glob_state) num_permitted = num_excluded = 0; parse_cidr("203.0.113.0/24", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc, GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc, GNUTLS_SAN_IPADDRESS, ip); num_permitted++; check_for_error(ret); parse_cidr("2001:DB8::/32", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc, GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc, GNUTLS_SAN_IPADDRESS, ip); num_permitted++; check_for_error(ret); parse_cidr("203.0.113.0/26", ip); - ret = - gnutls_x509_name_constraints_add_excluded(nc, GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_excluded( + nc, GNUTLS_SAN_IPADDRESS, ip); num_excluded++; check_for_error(ret); parse_cidr("2001:DB8::/34", ip); - ret = - gnutls_x509_name_constraints_add_excluded(nc, GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_excluded( + nc, GNUTLS_SAN_IPADDRESS, ip); num_excluded++; check_for_error(ret); @@ -177,17 +173,15 @@ static void check_generation_reading_basic_checking(void **glob_state) parse_cidr("2001:DB8::/34", ip); ip->data[30] = 2; - ret = - gnutls_x509_name_constraints_add_excluded(nc, GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_excluded( + nc, GNUTLS_SAN_IPADDRESS, ip); if (ret == 0) fail_msg("Checking invalid network mask should have failed."); parse_cidr("2001:DB8::/34", ip); ip->size = 31; - ret = - gnutls_x509_name_constraints_add_permitted(nc, GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc, GNUTLS_SAN_IPADDRESS, ip); if (ret == 0) fail_msg("Checking invalid IP size should have failed."); @@ -198,9 +192,8 @@ static void check_generation_reading_basic_checking(void **glob_state) i = 0; do { - ret = - gnutls_x509_name_constraints_get_permitted(nc, i++, &type, - &name); + ret = gnutls_x509_name_constraints_get_permitted(nc, i++, &type, + &name); #ifdef DEBUG _gnutls_cidr_to_string(name.data, name.size, ip_out, sizeof(ip_out)); @@ -209,16 +202,15 @@ static void check_generation_reading_basic_checking(void **glob_state) } while (ret == 0); if (i - 1 != num_permitted) { - fail_msg - ("Could not read all constraints; read %d, expected %d\n", - i - 1, num_permitted); + fail_msg( + "Could not read all constraints; read %d, expected %d\n", + i - 1, num_permitted); } i = 0; do { - ret = - gnutls_x509_name_constraints_get_excluded(nc, i++, &type, - &name); + ret = gnutls_x509_name_constraints_get_excluded(nc, i++, &type, + &name); #ifdef DEBUG _gnutls_cidr_to_string(name.data, name.size, ip_out, sizeof(ip_out)); @@ -227,40 +219,40 @@ static void check_generation_reading_basic_checking(void **glob_state) } while (ret == 0); if (i - 1 != num_excluded) { - fail_msg - ("Could not read all excluded constraints; read %d, expected %d\n", - i - 1, num_excluded); + fail_msg( + "Could not read all excluded constraints; read %d, expected %d\n", + i - 1, num_excluded); } /* 3: test the name constraints check function */ parse_cidr("203.0.113.250/32", ip); - ip->size = 4; // strip network mask + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_ACCEPTED, ip); parse_cidr("203.0.114.0/32", ip); - ip->size = 4; // strip network mask + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); parse_cidr("203.0.113.10/32", ip); - ip->size = 4; // strip network mask + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); parse_cidr("2001:DB8:4000::/128", ip); - ip->size = 16; // strip network mask + ip->size = 16; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_ACCEPTED, ip); parse_cidr("2001:DB9::/128", ip); - ip->size = 16; // strip network mask + ip->size = 16; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); parse_cidr("2001:DB8:10::/128", ip); - ip->size = 16; // strip network mask + ip->size = 16; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); @@ -271,22 +263,21 @@ static void check_universal_constraint_checking(void **glob_state) { /* 3b setting universal constraint */ int ret; - gnutls_x509_name_constraints_t nc = ((test_vars_t *) * glob_state)->nc; - gnutls_datum_t *ip = &(((test_vars_t *) * glob_state)->ip); + gnutls_x509_name_constraints_t nc = ((test_vars_t *)*glob_state)->nc; + gnutls_datum_t *ip = &(((test_vars_t *)*glob_state)->ip); parse_cidr("2001:DB8::/0", ip); - ret = - gnutls_x509_name_constraints_add_excluded(nc, GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_excluded( + nc, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); parse_cidr("2001:DB8:10::/128", ip); - ip->size = 16; // strip network mask + ip->size = 16; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); parse_cidr("::/128", ip); - ip->size = 16; // strip network mask + ip->size = 16; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); } @@ -299,37 +290,33 @@ static void check_simple_intersection(void **glob_state) * A B C */ int ret; - gnutls_x509_name_constraints_t nc = ((test_vars_t *) * glob_state)->nc; - gnutls_x509_name_constraints_t nc2 = - ((test_vars_t *) * glob_state)->nc2; - gnutls_datum_t *ip = &(((test_vars_t *) * glob_state)->ip); + gnutls_x509_name_constraints_t nc = ((test_vars_t *)*glob_state)->nc; + gnutls_x509_name_constraints_t nc2 = ((test_vars_t *)*glob_state)->nc2; + gnutls_datum_t *ip = &(((test_vars_t *)*glob_state)->ip); parse_cidr("203.0.113.0/24", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc, GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); parse_cidr("203.0.113.0/26", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc2, - GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc2, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); ret = _gnutls_x509_name_constraints_merge(nc, nc2); check_for_error(ret); - parse_cidr("203.0.113.2/32", ip); // A - ip->size = 4; // strip network mask + parse_cidr("203.0.113.2/32", ip); // A + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_ACCEPTED, ip); - parse_cidr("203.0.113.250/32", ip); // B - ip->size = 4; // strip network mask + parse_cidr("203.0.113.250/32", ip); // B + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("203.0.114.0/32", ip); // C - ip->size = 4; // strip network mask + parse_cidr("203.0.114.0/32", ip); // C + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); } @@ -342,37 +329,33 @@ static void check_empty_intersection(void **glob_state) * A B C */ int ret; - gnutls_x509_name_constraints_t nc = ((test_vars_t *) * glob_state)->nc; - gnutls_x509_name_constraints_t nc2 = - ((test_vars_t *) * glob_state)->nc2; - gnutls_datum_t *ip = &(((test_vars_t *) * glob_state)->ip); + gnutls_x509_name_constraints_t nc = ((test_vars_t *)*glob_state)->nc; + gnutls_x509_name_constraints_t nc2 = ((test_vars_t *)*glob_state)->nc2; + gnutls_datum_t *ip = &(((test_vars_t *)*glob_state)->ip); parse_cidr("127.0.113.0/24", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc, GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); parse_cidr("255.0.113.0/24", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc2, - GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc2, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); ret = _gnutls_x509_name_constraints_merge(nc, nc2); check_for_error(ret); - parse_cidr("127.0.113.2/32", ip); // A - ip->size = 4; // strip network mask + parse_cidr("127.0.113.2/32", ip); // A + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("255.0.0.2/32", ip); // B - ip->size = 4; // strip network mask + parse_cidr("255.0.0.2/32", ip); // B + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("255.0.113.2/32", ip); // C - ip->size = 4; // strip network mask + parse_cidr("255.0.113.2/32", ip); // C + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); } @@ -385,48 +368,42 @@ static void check_mediocre_intersection(void **glob_state) * A B C D */ int ret; - gnutls_x509_name_constraints_t nc = ((test_vars_t *) * glob_state)->nc; - gnutls_x509_name_constraints_t nc2 = - ((test_vars_t *) * glob_state)->nc2; - gnutls_datum_t *ip = &(((test_vars_t *) * glob_state)->ip); + gnutls_x509_name_constraints_t nc = ((test_vars_t *)*glob_state)->nc; + gnutls_x509_name_constraints_t nc2 = ((test_vars_t *)*glob_state)->nc2; + gnutls_datum_t *ip = &(((test_vars_t *)*glob_state)->ip); parse_cidr("127.0.113.0/24", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc, GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); parse_cidr("127.0.113.0/26", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc2, - GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc2, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); parse_cidr("255.0.113.0/24", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc2, - GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc2, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); ret = _gnutls_x509_name_constraints_merge(nc, nc2); check_for_error(ret); - parse_cidr("127.0.113.2/32", ip); // A - ip->size = 4; // strip network mask + parse_cidr("127.0.113.2/32", ip); // A + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_ACCEPTED, ip); - parse_cidr("127.0.113.250/32", ip); // B - ip->size = 4; // strip network mask + parse_cidr("127.0.113.250/32", ip); // B + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("255.0.0.2/32", ip); // C - ip->size = 4; // strip network mask + parse_cidr("255.0.0.2/32", ip); // C + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("255.0.113.2/32", ip); // D - ip->size = 4; // strip network mask + parse_cidr("255.0.113.2/32", ip); // D + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); } @@ -439,79 +416,70 @@ static void check_difficult_intersection(void **glob_state) * A B C D E F G H */ int ret; - gnutls_x509_name_constraints_t nc = ((test_vars_t *) * glob_state)->nc; - gnutls_x509_name_constraints_t nc2 = - ((test_vars_t *) * glob_state)->nc2; - gnutls_datum_t *ip = &(((test_vars_t *) * glob_state)->ip); + gnutls_x509_name_constraints_t nc = ((test_vars_t *)*glob_state)->nc; + gnutls_x509_name_constraints_t nc2 = ((test_vars_t *)*glob_state)->nc2; + gnutls_datum_t *ip = &(((test_vars_t *)*glob_state)->ip); parse_cidr("0.0.0.0/3", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc, GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); parse_cidr("88.0.0.0/5", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc, GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); parse_cidr("0.0.0.0/5", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc2, - GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc2, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); parse_cidr("16.0.0.0/5", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc2, - GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc2, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); parse_cidr("64.0.0.0/3", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc2, - GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc2, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); ret = _gnutls_x509_name_constraints_merge(nc, nc2); check_for_error(ret); - parse_cidr("0.0.113.2/32", ip); // A - ip->size = 4; // strip network mask + parse_cidr("0.0.113.2/32", ip); // A + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_ACCEPTED, ip); - parse_cidr("15.255.255.255/32", ip); // B - ip->size = 4; // strip network mask + parse_cidr("15.255.255.255/32", ip); // B + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("16.0.0.0/32", ip); // C - ip->size = 4; // strip network mask + parse_cidr("16.0.0.0/32", ip); // C + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_ACCEPTED, ip); - parse_cidr("31.12.25.2/32", ip); // D - ip->size = 4; // strip network mask + parse_cidr("31.12.25.2/32", ip); // D + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("63.255.255.255/32", ip); // E - ip->size = 4; // strip network mask + parse_cidr("63.255.255.255/32", ip); // E + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("64.0.0.0/32", ip); // F - ip->size = 4; // strip network mask + parse_cidr("64.0.0.0/32", ip); // F + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("89.125.7.187/32", ip); // G - ip->size = 4; // strip network mask + parse_cidr("89.125.7.187/32", ip); // G + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_ACCEPTED, ip); - parse_cidr("96.0.0.0/32", ip); // H - ip->size = 4; // strip network mask + parse_cidr("96.0.0.0/32", ip); // H + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); } @@ -524,62 +492,57 @@ static void check_ipv6_intersection(void **glob_state) * A B C D E F G */ int ret; - gnutls_x509_name_constraints_t nc = ((test_vars_t *) * glob_state)->nc; - gnutls_x509_name_constraints_t nc2 = - ((test_vars_t *) * glob_state)->nc2; - gnutls_datum_t *ip = &(((test_vars_t *) * glob_state)->ip); + gnutls_x509_name_constraints_t nc = ((test_vars_t *)*glob_state)->nc; + gnutls_x509_name_constraints_t nc2 = ((test_vars_t *)*glob_state)->nc2; + gnutls_datum_t *ip = &(((test_vars_t *)*glob_state)->ip); parse_cidr("affb::/16", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc, GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); parse_cidr("affd:0000::/20", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc, GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); parse_cidr("affb:aa00::/24", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc2, - GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc2, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); ret = _gnutls_x509_name_constraints_merge(nc, nc2); check_for_error(ret); - parse_cidr("affa:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128", ip); // A - ip->size = 16; // strip network mask + parse_cidr("affa:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128", ip); // A + ip->size = 16; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("affb:a500::/128", ip); // B - ip->size = 16; // strip network mask + parse_cidr("affb:a500::/128", ip); // B + ip->size = 16; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("affb:aa00::/128", ip); // C - ip->size = 16; // strip network mask + parse_cidr("affb:aa00::/128", ip); // C + ip->size = 16; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_ACCEPTED, ip); - parse_cidr("affb:ab01::/128", ip); // D - ip->size = 16; // strip network mask + parse_cidr("affb:ab01::/128", ip); // D + ip->size = 16; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("affc::/128", ip); // E - ip->size = 16; // strip network mask + parse_cidr("affc::/128", ip); // E + ip->size = 16; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("affd:0fff::/128", ip); // F - ip->size = 16; // strip network mask + parse_cidr("affd:0fff::/128", ip); // F + ip->size = 16; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("affd:1000::/128", ip); // G - ip->size = 16; // strip network mask + parse_cidr("affd:1000::/128", ip); // G + ip->size = 16; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); } @@ -596,52 +559,47 @@ static void check_empty_ipv4_intersection_ipv6_remains(void **glob_state) * D E */ int ret; - gnutls_x509_name_constraints_t nc = ((test_vars_t *) * glob_state)->nc; - gnutls_x509_name_constraints_t nc2 = - ((test_vars_t *) * glob_state)->nc2; - gnutls_datum_t *ip = &(((test_vars_t *) * glob_state)->ip); + gnutls_x509_name_constraints_t nc = ((test_vars_t *)*glob_state)->nc; + gnutls_x509_name_constraints_t nc2 = ((test_vars_t *)*glob_state)->nc2; + gnutls_datum_t *ip = &(((test_vars_t *)*glob_state)->ip); parse_cidr("127.0.113.0/24", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc, GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); parse_cidr("bfa6::/16", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc, GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); parse_cidr("255.0.113.0/24", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc2, - GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc2, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); ret = _gnutls_x509_name_constraints_merge(nc, nc2); check_for_error(ret); - parse_cidr("127.0.113.2/32", ip); // A - ip->size = 4; // strip network mask + parse_cidr("127.0.113.2/32", ip); // A + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("255.0.0.2/32", ip); // B - ip->size = 4; // strip network mask + parse_cidr("255.0.0.2/32", ip); // B + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("255.0.113.2/32", ip); // C - ip->size = 4; // strip network mask + parse_cidr("255.0.113.2/32", ip); // C + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("bfa6:ab01::/128", ip); // D - ip->size = 16; // strip network mask + parse_cidr("bfa6:ab01::/128", ip); // D + ip->size = 16; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("bfa7::/128", ip); // E - ip->size = 16; // strip network mask + parse_cidr("bfa7::/128", ip); // E + ip->size = 16; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); } @@ -659,63 +617,56 @@ static void check_empty_ipv4v6_intersections(void **glob_state) * D E F */ int ret; - gnutls_x509_name_constraints_t nc = ((test_vars_t *) * glob_state)->nc; - gnutls_x509_name_constraints_t nc2 = - ((test_vars_t *) * glob_state)->nc2; - gnutls_datum_t *ip = &(((test_vars_t *) * glob_state)->ip); + gnutls_x509_name_constraints_t nc = ((test_vars_t *)*glob_state)->nc; + gnutls_x509_name_constraints_t nc2 = ((test_vars_t *)*glob_state)->nc2; + gnutls_datum_t *ip = &(((test_vars_t *)*glob_state)->ip); parse_cidr("127.0.113.0/24", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc, GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); parse_cidr("bfa6::/16", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc, GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); parse_cidr("255.0.113.0/24", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc2, - GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc2, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); parse_cidr("cfa6::/16", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc2, - GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc2, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); ret = _gnutls_x509_name_constraints_merge(nc, nc2); check_for_error(ret); - parse_cidr("127.0.113.2/32", ip); // A - ip->size = 4; // strip network mask + parse_cidr("127.0.113.2/32", ip); // A + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("255.0.0.2/32", ip); // B - ip->size = 4; // strip network mask + parse_cidr("255.0.0.2/32", ip); // B + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("255.0.113.2/32", ip); // C - ip->size = 4; // strip network mask + parse_cidr("255.0.113.2/32", ip); // C + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("bfa6:ab01::/128", ip); // D - ip->size = 16; // strip network mask + parse_cidr("bfa6:ab01::/128", ip); // D + ip->size = 16; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("bfa7::/128", ip); // E - ip->size = 16; // strip network mask + parse_cidr("bfa7::/128", ip); // E + ip->size = 16; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("cfa7:00cc::/128", ip); // F - ip->size = 16; // strip network mask + parse_cidr("cfa7:00cc::/128", ip); // F + ip->size = 16; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); } @@ -731,42 +682,38 @@ static void check_ipv4v6_single_constraint_each(void **glob_state) * C D */ int ret; - gnutls_x509_name_constraints_t nc = ((test_vars_t *) * glob_state)->nc; - gnutls_x509_name_constraints_t nc2 = - ((test_vars_t *) * glob_state)->nc2; - gnutls_datum_t *ip = &(((test_vars_t *) * glob_state)->ip); + gnutls_x509_name_constraints_t nc = ((test_vars_t *)*glob_state)->nc; + gnutls_x509_name_constraints_t nc2 = ((test_vars_t *)*glob_state)->nc2; + gnutls_datum_t *ip = &(((test_vars_t *)*glob_state)->ip); parse_cidr("127.0.113.0/24", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc, GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); parse_cidr("bfa6::/16", ip); - ret = - gnutls_x509_name_constraints_add_permitted(nc2, - GNUTLS_SAN_IPADDRESS, - ip); + ret = gnutls_x509_name_constraints_add_permitted( + nc2, GNUTLS_SAN_IPADDRESS, ip); check_for_error(ret); ret = _gnutls_x509_name_constraints_merge(nc, nc2); check_for_error(ret); - parse_cidr("127.0.113.2/32", ip); // A - ip->size = 4; // strip network mask + parse_cidr("127.0.113.2/32", ip); // A + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("255.0.0.2/32", ip); // B - ip->size = 4; // strip network mask + parse_cidr("255.0.0.2/32", ip); // B + ip->size = 4; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("bfa6:ab01::/128", ip); // C - ip->size = 16; // strip network mask + parse_cidr("bfa6:ab01::/128", ip); // C + ip->size = 16; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); - parse_cidr("bfa7::/128", ip); // D - ip->size = 16; // strip network mask + parse_cidr("bfa7::/128", ip); // D + ip->size = 16; // strip network mask ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, ip); check_test_result(ret, IP_REJECTED, ip); } @@ -802,10 +749,11 @@ static int teardown(void **state) int main(int argc, char **argv) { const struct CMUnitTest tests[] = { - cmocka_unit_test_setup_teardown - (check_generation_reading_basic_checking, setup, teardown), - cmocka_unit_test_setup_teardown - (check_universal_constraint_checking, setup, teardown), + cmocka_unit_test_setup_teardown( + check_generation_reading_basic_checking, setup, + teardown), + cmocka_unit_test_setup_teardown( + check_universal_constraint_checking, setup, teardown), cmocka_unit_test_setup_teardown(check_simple_intersection, setup, teardown), cmocka_unit_test_setup_teardown(check_empty_intersection, setup, @@ -816,13 +764,13 @@ int main(int argc, char **argv) setup, teardown), cmocka_unit_test_setup_teardown(check_ipv6_intersection, setup, teardown), - cmocka_unit_test_setup_teardown - (check_empty_ipv4_intersection_ipv6_remains, setup, - teardown), - cmocka_unit_test_setup_teardown - (check_empty_ipv4v6_intersections, setup, teardown), - cmocka_unit_test_setup_teardown - (check_ipv4v6_single_constraint_each, setup, teardown) + cmocka_unit_test_setup_teardown( + check_empty_ipv4_intersection_ipv6_remains, setup, + teardown), + cmocka_unit_test_setup_teardown( + check_empty_ipv4v6_intersections, setup, teardown), + cmocka_unit_test_setup_teardown( + check_ipv4v6_single_constraint_each, setup, teardown) }; cmocka_run_group_tests(tests, NULL, NULL); } diff --git a/tests/name-constraints-merge.c b/tests/name-constraints-merge.c index 0321e166ec..d14019342e 100644 --- a/tests/name-constraints-merge.c +++ b/tests/name-constraints-merge.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -48,18 +48,20 @@ static void check_for_error(int ret) #define NAME_REJECTED 0 static void check_test_result(int suite, int ret, int expected_outcome, - gnutls_datum_t * tested_data) + gnutls_datum_t *tested_data) { if (expected_outcome == NAME_ACCEPTED ? ret == 0 : ret != 0) { if (expected_outcome == NAME_ACCEPTED) { - fail("Checking \"%.*s\" should have succeeded (suite %d).\n", tested_data->size, tested_data->data, suite); + fail("Checking \"%.*s\" should have succeeded (suite %d).\n", + tested_data->size, tested_data->data, suite); } else { - fail("Checking \"%.*s\" should have failed (suite %d).\n", tested_data->size, tested_data->data, suite); + fail("Checking \"%.*s\" should have failed (suite %d).\n", + tested_data->size, tested_data->data, suite); } } } -static void set_name(const char *name, gnutls_datum_t * datum) +static void set_name(const char *name, gnutls_datum_t *datum) { datum->data = (unsigned char *)name; datum->size = strlen((char *)name); @@ -96,34 +98,28 @@ void doit(void) check_for_error(ret); set_name("org", &name); - ret = - gnutls_x509_name_constraints_add_permitted(nc1, GNUTLS_SAN_DNSNAME, - &name); + ret = gnutls_x509_name_constraints_add_permitted( + nc1, GNUTLS_SAN_DNSNAME, &name); check_for_error(ret); set_name("ccc.com", &name); - ret = - gnutls_x509_name_constraints_add_permitted(nc1, GNUTLS_SAN_DNSNAME, - &name); + ret = gnutls_x509_name_constraints_add_permitted( + nc1, GNUTLS_SAN_DNSNAME, &name); check_for_error(ret); set_name("ccc.com", &name); - ret = - gnutls_x509_name_constraints_add_permitted(nc1, - GNUTLS_SAN_RFC822NAME, - &name); + ret = gnutls_x509_name_constraints_add_permitted( + nc1, GNUTLS_SAN_RFC822NAME, &name); check_for_error(ret); set_name("org", &name); - ret = - gnutls_x509_name_constraints_add_permitted(nc2, GNUTLS_SAN_DNSNAME, - &name); + ret = gnutls_x509_name_constraints_add_permitted( + nc2, GNUTLS_SAN_DNSNAME, &name); check_for_error(ret); set_name("aaa.bbb.ccc.com", &name); - ret = - gnutls_x509_name_constraints_add_permitted(nc2, GNUTLS_SAN_DNSNAME, - &name); + ret = gnutls_x509_name_constraints_add_permitted( + nc2, GNUTLS_SAN_DNSNAME, &name); check_for_error(ret); ret = _gnutls_x509_name_constraints_merge(nc1, nc2); @@ -131,66 +127,64 @@ void doit(void) /* unrelated */ set_name("xxx.example.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("example.org", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_ACCEPTED, &name); set_name("com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("xxx.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("ccc.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); /* check intersection of permitted */ set_name("xxx.aaa.bbb.ccc.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_ACCEPTED, &name); set_name("aaa.bbb.ccc.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_ACCEPTED, &name); set_name("xxx.bbb.ccc.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("xxx.ccc.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("ccc.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("ccc.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_RFC822NAME, - &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_RFC822NAME, + &name); check_test_result(suite, ret, NAME_ACCEPTED, &name); set_name("xxx.ccc.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_RFC822NAME, - &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_RFC822NAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); gnutls_x509_name_constraints_deinit(nc1); @@ -209,43 +203,41 @@ void doit(void) check_for_error(ret); set_name("example.com", &name); - ret = - gnutls_x509_name_constraints_add_excluded(nc1, GNUTLS_SAN_DNSNAME, - &name); + ret = gnutls_x509_name_constraints_add_excluded(nc1, GNUTLS_SAN_DNSNAME, + &name); check_for_error(ret); set_name("example.net", &name); - ret = - gnutls_x509_name_constraints_add_excluded(nc2, GNUTLS_SAN_DNSNAME, - &name); + ret = gnutls_x509_name_constraints_add_excluded(nc2, GNUTLS_SAN_DNSNAME, + &name); check_for_error(ret); ret = _gnutls_x509_name_constraints_merge(nc1, nc2); check_for_error(ret); set_name("xxx.example.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("xxx.example.net", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("example.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("example.net", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("example.org", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_ACCEPTED, &name); gnutls_x509_name_constraints_deinit(nc1); @@ -265,43 +257,41 @@ void doit(void) check_for_error(ret); set_name("one.example.com", &name); - ret = - gnutls_x509_name_constraints_add_permitted(nc1, GNUTLS_SAN_DNSNAME, - &name); + ret = gnutls_x509_name_constraints_add_permitted( + nc1, GNUTLS_SAN_DNSNAME, &name); check_for_error(ret); set_name("two.example.com", &name); - ret = - gnutls_x509_name_constraints_add_permitted(nc2, GNUTLS_SAN_DNSNAME, - &name); + ret = gnutls_x509_name_constraints_add_permitted( + nc2, GNUTLS_SAN_DNSNAME, &name); check_for_error(ret); ret = _gnutls_x509_name_constraints_merge(nc1, nc2); check_for_error(ret); set_name("one.example.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("two.example.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("three.example.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("example.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("org", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); gnutls_x509_name_constraints_deinit(nc1); @@ -322,49 +312,46 @@ void doit(void) check_for_error(ret); set_name("foo.com", &name); - ret = - gnutls_x509_name_constraints_add_permitted(nc1, GNUTLS_SAN_DNSNAME, - &name); + ret = gnutls_x509_name_constraints_add_permitted( + nc1, GNUTLS_SAN_DNSNAME, &name); check_for_error(ret); set_name("bar.com", &name); - ret = - gnutls_x509_name_constraints_add_permitted(nc1, GNUTLS_SAN_DNSNAME, - &name); + ret = gnutls_x509_name_constraints_add_permitted( + nc1, GNUTLS_SAN_DNSNAME, &name); check_for_error(ret); set_name("sub.foo.com", &name); - ret = - gnutls_x509_name_constraints_add_permitted(nc2, GNUTLS_SAN_DNSNAME, - &name); + ret = gnutls_x509_name_constraints_add_permitted( + nc2, GNUTLS_SAN_DNSNAME, &name); check_for_error(ret); ret = _gnutls_x509_name_constraints_merge(nc1, nc2); check_for_error(ret); set_name("foo.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("bar.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("sub.foo.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_ACCEPTED, &name); set_name("anothersub.foo.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); gnutls_x509_name_constraints_deinit(nc1); @@ -386,50 +373,46 @@ void doit(void) check_for_error(ret); set_name("three.example.com", &name); - ret = - gnutls_x509_name_constraints_add_permitted(nc1, GNUTLS_SAN_DNSNAME, - &name); + ret = gnutls_x509_name_constraints_add_permitted( + nc1, GNUTLS_SAN_DNSNAME, &name); check_for_error(ret); set_name("redhat.com", &name); - ret = - gnutls_x509_name_constraints_add_permitted(nc1, - GNUTLS_SAN_RFC822NAME, - &name); + ret = gnutls_x509_name_constraints_add_permitted( + nc1, GNUTLS_SAN_RFC822NAME, &name); check_for_error(ret); set_name("four.example.com", &name); - ret = - gnutls_x509_name_constraints_add_permitted(nc2, GNUTLS_SAN_DNSNAME, - &name); + ret = gnutls_x509_name_constraints_add_permitted( + nc2, GNUTLS_SAN_DNSNAME, &name); check_for_error(ret); ret = _gnutls_x509_name_constraints_merge(nc1, nc2); check_for_error(ret); set_name("three.example.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("four.example.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("five.example.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("example.com", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); set_name("org", &name); - ret = - gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, &name); + ret = gnutls_x509_name_constraints_check(nc1, GNUTLS_SAN_DNSNAME, + &name); check_test_result(suite, ret, NAME_REJECTED, &name); gnutls_x509_name_constraints_deinit(nc1); diff --git a/tests/name-constraints.c b/tests/name-constraints.c index c1c0706da8..3488105ad1 100644 --- a/tests/name-constraints.c +++ b/tests/name-constraints.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -48,7 +48,7 @@ static void check_for_error(int ret) #define NAME_REJECTED 0 static void check_test_result(int ret, int expected_outcome, - gnutls_datum_t * tested_data) + gnutls_datum_t *tested_data) { if (expected_outcome == NAME_ACCEPTED ? ret == 0 : ret != 0) { if (expected_outcome == NAME_ACCEPTED) { @@ -61,7 +61,7 @@ static void check_test_result(int ret, int expected_outcome, } } -static void set_name(const char *name, gnutls_datum_t * datum) +static void set_name(const char *name, gnutls_datum_t *datum) { datum->data = (unsigned char *)name; datum->size = strlen((char *)name); @@ -73,48 +73,49 @@ static void tls_log_func(int level, const char *str) } static unsigned char cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix\n" - "RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1\n" - "dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1p\n" - "YyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDExMB4XDTExMTIw\n" - "NjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYTAkdSMUQwQgYDVQQK\n" - "EztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENl\n" - "cnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl\n" - "c2VhcmNoIEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEB\n" - "BQADggEPADCCAQoCggEBAKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPz\n" - "dYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJ\n" - "fel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa71HFK9+WXesyHgLacEns\n" - "bgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u8yBRQlqD\n" - "75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSP\n" - "FEDH3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNV\n" - "HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp\n" - "5dgTBCPuQSUwRwYDVR0eBEAwPqA8MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQu\n" - "b3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQub3JnMA0GCSqGSIb3DQEBBQUA\n" - "A4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVtXdMiKahsog2p\n" - "6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8\n" - "TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7\n" - "dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys\n" - "Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI\n" - "l7WdmplNsDz4SgCbZN2fOUvRJ9e4\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix\n" + "RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1\n" + "dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1p\n" + "YyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDExMB4XDTExMTIw\n" + "NjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYTAkdSMUQwQgYDVQQK\n" + "EztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENl\n" + "cnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl\n" + "c2VhcmNoIEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEB\n" + "BQADggEPADCCAQoCggEBAKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPz\n" + "dYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJ\n" + "fel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa71HFK9+WXesyHgLacEns\n" + "bgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u8yBRQlqD\n" + "75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSP\n" + "FEDH3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNV\n" + "HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp\n" + "5dgTBCPuQSUwRwYDVR0eBEAwPqA8MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQu\n" + "b3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQub3JnMA0GCSqGSIb3DQEBBQUA\n" + "A4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVtXdMiKahsog2p\n" + "6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8\n" + "TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7\n" + "dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys\n" + "Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI\n" + "l7WdmplNsDz4SgCbZN2fOUvRJ9e4\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t cert = { cert_pem, sizeof(cert_pem) }; const gnutls_datum_t name1 = { (void *)"com", 3 }; -const gnutls_datum_t name2 = - { (void *)"example.com", sizeof("example.com") - 1 }; -const gnutls_datum_t name3 = - { (void *)"another.example.com", sizeof("another.example.com") - 1 }; +const gnutls_datum_t name2 = { (void *)"example.com", + sizeof("example.com") - 1 }; +const gnutls_datum_t name3 = { (void *)"another.example.com", + sizeof("another.example.com") - 1 }; const gnutls_datum_t name4 = { (void *)".gr", 3 }; -const gnutls_datum_t mail1 = - { (void *)"example.com", sizeof("example.com") - 1 }; -const gnutls_datum_t mail2 = - { (void *)".example.net", sizeof(".example.net") - 1 }; -const gnutls_datum_t mail3 = - { (void *)"nmav@redhat.com", sizeof("nmav@redhat.com") - 1 }; -const gnutls_datum_t mail4 = - { (void *)"koko.example.net", sizeof("koko.example.net") - 1 }; +const gnutls_datum_t mail1 = { (void *)"example.com", + sizeof("example.com") - 1 }; +const gnutls_datum_t mail2 = { (void *)".example.net", + sizeof(".example.net") - 1 }; +const gnutls_datum_t mail3 = { (void *)"nmav@redhat.com", + sizeof("nmav@redhat.com") - 1 }; +const gnutls_datum_t mail4 = { (void *)"koko.example.net", + sizeof("koko.example.net") - 1 }; void doit(void) { @@ -149,12 +150,12 @@ void doit(void) i = 0; do { - ret = - gnutls_x509_name_constraints_get_permitted(nc, i++, &type, - &name); + ret = gnutls_x509_name_constraints_get_permitted(nc, i++, &type, + &name); if (ret >= 0 && i == 2) { - if (name.size != 3 || memcmp(name.data, ".eu", 3) != 0) { + if (name.size != 3 || + memcmp(name.data, ".eu", 3) != 0) { fail("error reading 2nd constraint\n"); } } @@ -183,60 +184,48 @@ void doit(void) check_for_error(ret); permitted++; - ret = - gnutls_x509_name_constraints_add_permitted(nc, GNUTLS_SAN_DNSNAME, - &name1); + ret = gnutls_x509_name_constraints_add_permitted(nc, GNUTLS_SAN_DNSNAME, + &name1); check_for_error(ret); excluded++; - ret = - gnutls_x509_name_constraints_add_excluded(nc, GNUTLS_SAN_DNSNAME, - &name2); + ret = gnutls_x509_name_constraints_add_excluded(nc, GNUTLS_SAN_DNSNAME, + &name2); check_for_error(ret); excluded++; - ret = - gnutls_x509_name_constraints_add_excluded(nc, GNUTLS_SAN_DNSNAME, - &name3); + ret = gnutls_x509_name_constraints_add_excluded(nc, GNUTLS_SAN_DNSNAME, + &name3); check_for_error(ret); permitted++; - ret = - gnutls_x509_name_constraints_add_permitted(nc, GNUTLS_SAN_DNSNAME, - &name4); + ret = gnutls_x509_name_constraints_add_permitted(nc, GNUTLS_SAN_DNSNAME, + &name4); check_for_error(ret); excluded++; - ret = - gnutls_x509_name_constraints_add_excluded(nc, GNUTLS_SAN_URI, - &name3); + ret = gnutls_x509_name_constraints_add_excluded(nc, GNUTLS_SAN_URI, + &name3); check_for_error(ret); permitted++; - ret = - gnutls_x509_name_constraints_add_permitted(nc, - GNUTLS_SAN_RFC822NAME, - &mail1); + ret = gnutls_x509_name_constraints_add_permitted( + nc, GNUTLS_SAN_RFC822NAME, &mail1); check_for_error(ret); permitted++; - ret = - gnutls_x509_name_constraints_add_permitted(nc, - GNUTLS_SAN_RFC822NAME, - &mail2); + ret = gnutls_x509_name_constraints_add_permitted( + nc, GNUTLS_SAN_RFC822NAME, &mail2); check_for_error(ret); permitted++; - ret = - gnutls_x509_name_constraints_add_permitted(nc, - GNUTLS_SAN_RFC822NAME, - &mail3); + ret = gnutls_x509_name_constraints_add_permitted( + nc, GNUTLS_SAN_RFC822NAME, &mail3); check_for_error(ret); excluded++; - ret = - gnutls_x509_name_constraints_add_excluded(nc, GNUTLS_SAN_RFC822NAME, - &mail4); + ret = gnutls_x509_name_constraints_add_excluded( + nc, GNUTLS_SAN_RFC822NAME, &mail4); check_for_error(ret); ret = gnutls_x509_crt_set_name_constraints(crt, nc, 1); @@ -246,13 +235,12 @@ void doit(void) i = 0; do { - ret = - gnutls_x509_name_constraints_get_permitted(nc, i++, &type, - &name); + ret = gnutls_x509_name_constraints_get_permitted(nc, i++, &type, + &name); if (ret >= 0 && i == 1) { - if (name.size != name1.size - || memcmp(name.data, name1.data, name1.size) != 0) { + if (name.size != name1.size || + memcmp(name.data, name1.data, name1.size) != 0) { fail("%d: error reading 1st constraint\n", __LINE__); } @@ -266,26 +254,28 @@ void doit(void) i = 0; do { - ret = - gnutls_x509_name_constraints_get_excluded(nc, i++, &type, - &name); + ret = gnutls_x509_name_constraints_get_excluded(nc, i++, &type, + &name); if (ret >= 0 && i == 1) { - if (name.size != name2.size - || memcmp(name.data, name2.data, name2.size) != 0) { - fail("%d: error reading 1st excluded constraint\n", __LINE__); + if (name.size != name2.size || + memcmp(name.data, name2.data, name2.size) != 0) { + fail("%d: error reading 1st excluded constraint\n", + __LINE__); } } if (ret >= 0 && i == 2) { - if (name.size != name3.size - || memcmp(name.data, name3.data, name3.size) != 0) { - fail("%d: error reading 1st excluded constraint\n", __LINE__); + if (name.size != name3.size || + memcmp(name.data, name3.data, name3.size) != 0) { + fail("%d: error reading 1st excluded constraint\n", + __LINE__); } } } while (ret == 0); if (i - 1 != excluded) { - fail("Could not read all excluded constraints; read %d, expected %d\n", i - 1, excluded); + fail("Could not read all excluded constraints; read %d, expected %d\n", + i - 1, excluded); } /* 3: test the name constraints check function */ @@ -298,39 +288,33 @@ void doit(void) /* Test e-mails */ set_name("nmav@redhat.com", &name); - ret = - gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_RFC822NAME, - &name); + ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_RFC822NAME, + &name); check_test_result(ret, NAME_ACCEPTED, &name); set_name("nmav@radhat.com", &name); - ret = - gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_RFC822NAME, - &name); + ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_RFC822NAME, + &name); check_test_result(ret, NAME_REJECTED, &name); set_name("nmav@example.com", &name); - ret = - gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_RFC822NAME, - &name); + ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_RFC822NAME, + &name); check_test_result(ret, NAME_ACCEPTED, &name); set_name("nmav@test.example.net", &name); - ret = - gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_RFC822NAME, - &name); + ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_RFC822NAME, + &name); check_test_result(ret, NAME_ACCEPTED, &name); set_name("nmav@example.net", &name); - ret = - gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_RFC822NAME, - &name); + ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_RFC822NAME, + &name); check_test_result(ret, NAME_REJECTED, &name); set_name("nmav@koko.example.net", &name); - ret = - gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_RFC822NAME, - &name); + ret = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_RFC822NAME, + &name); check_test_result(ret, NAME_REJECTED, &name); /* This name constraints structure does have an excluded URI so @@ -370,9 +354,8 @@ void doit(void) check_for_error(ret); set_name("", &name); - ret = - gnutls_x509_name_constraints_add_excluded(nc, GNUTLS_SAN_DNSNAME, - &name); + ret = gnutls_x509_name_constraints_add_excluded(nc, GNUTLS_SAN_DNSNAME, + &name); check_for_error(ret); set_name("example.net", &name); diff --git a/tests/no-extensions.c b/tests/no-extensions.c index bb543b59bb..2aa99bd64b 100644 --- a/tests/no-extensions.c +++ b/tests/no-extensions.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -46,7 +46,7 @@ static void tls_log_func(int level, const char *str) static int server_handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { unsigned pos; gnutls_datum_t mmsg; @@ -58,7 +58,7 @@ static int server_handshake_callback(gnutls_session_t session, assert(msg->size >= HANDSHAKE_SESSION_ID_POS); pos = HANDSHAKE_SESSION_ID_POS; SKIP8(pos, msg->size); - pos += 3; /* ciphersuite + compression */ + pos += 3; /* ciphersuite + compression */ mmsg.data = &msg->data[pos]; mmsg.size = msg->size - pos; @@ -77,7 +77,7 @@ static int server_handshake_callback(gnutls_session_t session, static int client_handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { unsigned pos; gnutls_datum_t mmsg; @@ -107,8 +107,7 @@ static int client_handshake_callback(gnutls_session_t session, return 0; } -static -void start(const char *prio, gnutls_protocol_t exp_version) +static void start(const char *prio, gnutls_protocol_t exp_version) { int ret; /* Server stuff. */ @@ -130,9 +129,8 @@ void start(const char *prio, gnutls_protocol_t exp_version) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); @@ -151,9 +149,8 @@ void start(const char *prio, gnutls_protocol_t exp_version) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); diff --git a/tests/no-signal.c b/tests/no-signal.c index c1ea0e18dc..61a2b259a6 100644 --- a/tests/no-signal.c +++ b/tests/no-signal.c @@ -18,7 +18,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -34,34 +34,33 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# ifndef MSG_NOSIGNAL +#ifndef MSG_NOSIGNAL int main(void) { exit(77); } -# else +#else -# include "utils.h" +#include "utils.h" -static -void sigpipe(int sig) +static void sigpipe(int sig) { _exit(2); } -# define BUF_SIZE 64 +#define BUF_SIZE 64 static void client(int fd) { @@ -86,9 +85,10 @@ static void client(int fd) gnutls_handshake_set_timeout(session, get_timeout()); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); /* put the anonymous credentials to the current session */ @@ -100,9 +100,8 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 - && (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED)); + } while (ret < 0 && + (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED)); ret = gnutls_record_recv(session, buf, sizeof(buf)); if (ret < 0 || ret != sizeof(buf)) { @@ -157,9 +156,10 @@ static void server(int fd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); @@ -167,9 +167,8 @@ static void server(int fd) do { ret = gnutls_handshake(session); - } - while (ret < 0 - && (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED)); + } while (ret < 0 && + (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED)); if (ret < 0) { fail("error in handshake: %s\n", gnutls_strerror(ret)); @@ -189,7 +188,6 @@ static void server(int fd) gnutls_deinit(session); gnutls_anon_free_server_credentials(anoncred); gnutls_global_deinit(); - } static void start(void) @@ -241,5 +239,5 @@ void doit(void) start(); } -# endif /* MSG_NOSIGNAL */ -#endif /* _WIN32 */ +#endif /* MSG_NOSIGNAL */ +#endif /* _WIN32 */ diff --git a/tests/no-status-request.c b/tests/no-status-request.c index 8f1933cc60..953ea68239 100644 --- a/tests/no-status-request.c +++ b/tests/no-status-request.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,28 +35,29 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" /* This program tests that the client does not send the * status request extension if GNUTLS_NO_STATUS_REQUEST is set */ -# define RESP "\x30\x82\x06\x8C\x0A\x01\x00\xA0\x82\x06\x85\x30\x82\x06\x81\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\x72\x30\x82\x06\x6E\x30\x82\x01\x07\xA1\x69\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\x30\x64\x30\x62\x30\x3A\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\x13\x9D\xA0\x9E\xF4\x32\xAB\x8F\xE2\x89\x56\x67\xFA\xD0\xD4\xE3\x35\x86\x71\xB9\x04\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\x02\x01\x1D\x80\x00\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\xA0\x11\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x39\x32\x38\x5A\xA1\x23\x30\x21\x30\x1F\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x16\x89\x7D\x91\x3A\xB5\x25\xA4\x45\xFE\xC9\xFD\xC2\xE5\x08\xA4\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x4E\xAD\x6B\x2B\xF7\xF2\xBF\xA9\x23\x1E\x3A\x0B\x06\xDB\x55\x53\x2B\x64\x54\x11\x32\xBF\x60\xF7\x4F\xE0\x8E\x9B\xA0\xA2\x4C\x79\xC3\x2A\xE0\x43\xF7\x40\x1A\xDC\xB9\xB4\x25\xEF\x48\x01\x97\x8C\xF5\x1E\xDB\xD1\x30\x37\x73\x69\xD6\xA7\x7A\x2D\x8E\xDE\x5C\xAA\xEA\x39\xB9\x52\xAA\x25\x1E\x74\x7D\xF9\x78\x95\x8A\x92\x1F\x98\x21\xF4\x60\x7F\xD3\x28\xEE\x47\x9C\xBF\xE2\x5D\xF6\x3F\x68\x0A\xD6\xFF\x08\xC1\xDC\x95\x1E\x29\xD7\x3E\x85\xD5\x65\xA4\x4B\xC0\xAF\xC3\x78\xAB\x06\x98\x88\x19\x8A\x64\xA6\x83\x91\x87\x13\xDB\x17\xCC\x46\xBD\xAB\x4E\xC7\x16\xD1\xF8\x35\xFD\x27\xC8\xF6\x6B\xEB\x37\xB8\x08\x6F\xE2\x6F\xB4\x7E\xD5\x68\xDB\x7F\x5D\x5E\x36\x38\xF2\x77\x59\x13\xE7\x3E\x4D\x67\x5F\xDB\xA2\xF5\x5D\x7C\xBF\xBD\xB5\x37\x33\x51\x36\x63\xF8\x21\x1E\xFC\x73\x8F\x32\x69\xBB\x97\xA7\xBD\xF1\xB6\xE0\x40\x09\x68\xEA\xD5\x93\xB8\xBB\x39\x8D\xA8\x16\x1B\xBF\x04\x7A\xBC\x18\x43\x01\xE9\x3C\x19\x5C\x4D\x4B\x98\xD8\x23\x37\x39\xA4\xC4\xDD\xED\x9C\xEC\x37\xAB\x66\x44\x9B\xE7\x5B\x5D\x32\xA2\xDB\xA6\x0B\x3B\x8C\xE1\xF5\xDB\xCB\x7D\x58\xA0\x82\x04\x4B\x30\x82\x04\x47\x30\x82\x04\x43\x30\x82\x03\x2B\xA0\x03\x02\x01\x02\x02\x01\x1E\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x1E\x17\x0D\x30\x39\x31\x31\x32\x34\x31\x32\x35\x31\x35\x33\x5A\x17\x0D\x31\x34\x31\x31\x32\x33\x31\x32\x35\x31\x35\x33\x5A\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\xBC\x05\x3E\x4B\xBE\xC6\xB1\x33\x48\x0E\xC3\xD4\x0C\xEF\x83\x0B\xBD\xBC\x57\x5F\x14\xEF\xF5\x6D\x0B\xFF\xFA\x01\x9C\xFA\x21\x6D\x5C\xAE\x79\x29\x74\xFE\xBD\xAB\x70\x87\x98\x6B\x48\x35\x79\xE3\xE0\xC1\x14\x41\x1F\x0A\xF7\xE7\xA3\xA6\xDA\x6B\xFF\xCD\x74\xE9\x95\x00\x38\xAA\xD6\x3A\x60\xC6\x64\xA1\xE6\x02\x39\x58\x4E\xFD\xF2\x78\x08\x63\xB6\xD7\x7A\x96\x79\x62\x18\x39\xEE\x27\x8D\x3B\xA2\x3D\x48\x88\xDB\x43\xD6\x6A\x77\x20\x6A\x27\x39\x50\xE0\x02\x50\x19\xF2\x7A\xCF\x78\x23\x99\x01\xD4\xE5\xB1\xD1\x31\xE6\x6B\x84\xAF\xD0\x77\x41\x46\x85\xB0\x3B\xE6\x6A\x00\x0F\x3B\x7E\x95\x7F\x59\xA8\x22\xE8\x49\x49\x05\xC8\xCB\x6C\xEE\x47\xA7\x2D\xC9\x74\x5B\xEB\x8C\xD5\x99\xC2\xE2\x70\xDB\xEA\x87\x43\x84\x0E\x4F\x83\x1C\xA6\xEB\x1F\x22\x38\x17\x69\x9B\x72\x12\x95\x48\x71\xB2\x7B\x92\x73\x52\xAB\xE3\x1A\xA5\xD3\xF4\x44\x14\xBA\xC3\x35\xDA\x91\x6C\x7D\xB4\xC2\x00\x07\xD8\x0A\x51\xF1\x0D\x4C\xD9\x7A\xD1\x99\xE6\xA8\x8D\x0A\x80\xA8\x91\xDD\x8A\xA2\x6B\xF6\xDB\xB0\x3E\xC9\x71\xA9\xE0\x39\xC3\xA3\x58\x0D\x87\xD0\xB2\xA7\x9C\xB7\x69\x02\x03\x01\x00\x01\xA3\x82\x01\x1A\x30\x82\x01\x16\x30\x09\x06\x03\x55\x1D\x13\x04\x02\x30\x00\x30\x0B\x06\x03\x55\x1D\x0F\x04\x04\x03\x02\x03\xA8\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x34\x91\x6E\x91\x32\xBF\x35\x25\x43\xCC\x28\x74\xEF\x82\xC2\x57\x92\x79\x13\x73\x30\x6D\x06\x03\x55\x1D\x23\x04\x66\x30\x64\x80\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\xA1\x49\xA4\x47\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x82\x01\x00\x30\x1E\x06\x03\x55\x1D\x11\x04\x17\x30\x15\x82\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x13\x06\x03\x55\x1D\x25\x04\x0C\x30\x0A\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x39\x06\x03\x55\x1D\x1F\x04\x32\x30\x30\x30\x2E\xA0\x2C\xA0\x2A\x86\x28\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x2F\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x63\x72\x6C\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x03\x82\x01\x01\x00\x6D\x78\xD7\x66\x90\xA6\xEB\xDD\xB5\x09\x48\xA4\xDA\x27\xFA\xAC\xB1\xBC\x8F\x8C\xBE\xCC\x8C\x09\xA2\x40\x0D\x6C\x4A\xAE\x72\x22\x1E\xC8\xAF\x6D\xF1\x12\xAF\xD7\x40\x51\x79\xD4\xDD\xB2\x0C\xDB\x97\x84\xB6\x24\xD5\xF5\xA8\xBB\xC0\x4B\xF9\x7F\x71\xF7\xB0\x65\x42\x4A\x7D\xFE\x76\x7E\x05\xD2\x46\xB8\x7D\xB3\x39\x4C\x5C\xB1\xFA\xB9\xEE\x3B\x70\x33\x39\x57\x1A\xB9\x95\x51\x33\x00\x25\x1B\x4C\xAA\xB4\xA7\x55\xAF\x63\x6D\x6F\x88\x17\x6A\x7F\xB0\x97\xDE\x49\x14\x6A\x27\x6A\xB0\x42\x80\xD6\xA6\x9B\xEF\x04\x5E\x11\x7D\xD5\x8E\x54\x20\xA2\x76\xD4\x66\x58\xAC\x9C\x12\xD3\xF5\xCA\x54\x98\xCA\x21\xEC\xC1\x55\xA1\x2F\x68\x0B\x5D\x04\x50\xD2\x5E\x70\x25\xD8\x13\xD9\x44\x51\x0E\x8A\x42\x08\x18\x84\xE6\x61\xCE\x5A\x7D\x7B\x81\x35\x90\xC3\xD4\x9D\x19\xB6\x37\xEE\x8F\x63\x5C\xDA\xD8\xF0\x64\x60\x39\xEB\x9B\x1C\x54\x66\x75\x76\xB5\x0A\x58\xB9\x3F\x91\xE1\x21\x9C\xA0\x50\x15\x97\xB6\x7E\x41\xBC\xD0\xC4\x21\x4C\xF5\xD7\xF0\x13\xF8\x77\xE9\x74\xC4\x8A\x0E\x20\x17\x32\xAE\x38\xC2\xA5\xA8\x62\x85\x17\xB1\xA2\xD3\x22\x9F\x95\xB7\xA3\x4C" -# define RESP_SIZE (sizeof(RESP) - 1) -# define MAX_BUF 1024 +#define RESP \ + "\x30\x82\x06\x8C\x0A\x01\x00\xA0\x82\x06\x85\x30\x82\x06\x81\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\x72\x30\x82\x06\x6E\x30\x82\x01\x07\xA1\x69\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\x30\x64\x30\x62\x30\x3A\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\x13\x9D\xA0\x9E\xF4\x32\xAB\x8F\xE2\x89\x56\x67\xFA\xD0\xD4\xE3\x35\x86\x71\xB9\x04\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\x02\x01\x1D\x80\x00\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\xA0\x11\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x39\x32\x38\x5A\xA1\x23\x30\x21\x30\x1F\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x16\x89\x7D\x91\x3A\xB5\x25\xA4\x45\xFE\xC9\xFD\xC2\xE5\x08\xA4\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x4E\xAD\x6B\x2B\xF7\xF2\xBF\xA9\x23\x1E\x3A\x0B\x06\xDB\x55\x53\x2B\x64\x54\x11\x32\xBF\x60\xF7\x4F\xE0\x8E\x9B\xA0\xA2\x4C\x79\xC3\x2A\xE0\x43\xF7\x40\x1A\xDC\xB9\xB4\x25\xEF\x48\x01\x97\x8C\xF5\x1E\xDB\xD1\x30\x37\x73\x69\xD6\xA7\x7A\x2D\x8E\xDE\x5C\xAA\xEA\x39\xB9\x52\xAA\x25\x1E\x74\x7D\xF9\x78\x95\x8A\x92\x1F\x98\x21\xF4\x60\x7F\xD3\x28\xEE\x47\x9C\xBF\xE2\x5D\xF6\x3F\x68\x0A\xD6\xFF\x08\xC1\xDC\x95\x1E\x29\xD7\x3E\x85\xD5\x65\xA4\x4B\xC0\xAF\xC3\x78\xAB\x06\x98\x88\x19\x8A\x64\xA6\x83\x91\x87\x13\xDB\x17\xCC\x46\xBD\xAB\x4E\xC7\x16\xD1\xF8\x35\xFD\x27\xC8\xF6\x6B\xEB\x37\xB8\x08\x6F\xE2\x6F\xB4\x7E\xD5\x68\xDB\x7F\x5D\x5E\x36\x38\xF2\x77\x59\x13\xE7\x3E\x4D\x67\x5F\xDB\xA2\xF5\x5D\x7C\xBF\xBD\xB5\x37\x33\x51\x36\x63\xF8\x21\x1E\xFC\x73\x8F\x32\x69\xBB\x97\xA7\xBD\xF1\xB6\xE0\x40\x09\x68\xEA\xD5\x93\xB8\xBB\x39\x8D\xA8\x16\x1B\xBF\x04\x7A\xBC\x18\x43\x01\xE9\x3C\x19\x5C\x4D\x4B\x98\xD8\x23\x37\x39\xA4\xC4\xDD\xED\x9C\xEC\x37\xAB\x66\x44\x9B\xE7\x5B\x5D\x32\xA2\xDB\xA6\x0B\x3B\x8C\xE1\xF5\xDB\xCB\x7D\x58\xA0\x82\x04\x4B\x30\x82\x04\x47\x30\x82\x04\x43\x30\x82\x03\x2B\xA0\x03\x02\x01\x02\x02\x01\x1E\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x1E\x17\x0D\x30\x39\x31\x31\x32\x34\x31\x32\x35\x31\x35\x33\x5A\x17\x0D\x31\x34\x31\x31\x32\x33\x31\x32\x35\x31\x35\x33\x5A\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\xBC\x05\x3E\x4B\xBE\xC6\xB1\x33\x48\x0E\xC3\xD4\x0C\xEF\x83\x0B\xBD\xBC\x57\x5F\x14\xEF\xF5\x6D\x0B\xFF\xFA\x01\x9C\xFA\x21\x6D\x5C\xAE\x79\x29\x74\xFE\xBD\xAB\x70\x87\x98\x6B\x48\x35\x79\xE3\xE0\xC1\x14\x41\x1F\x0A\xF7\xE7\xA3\xA6\xDA\x6B\xFF\xCD\x74\xE9\x95\x00\x38\xAA\xD6\x3A\x60\xC6\x64\xA1\xE6\x02\x39\x58\x4E\xFD\xF2\x78\x08\x63\xB6\xD7\x7A\x96\x79\x62\x18\x39\xEE\x27\x8D\x3B\xA2\x3D\x48\x88\xDB\x43\xD6\x6A\x77\x20\x6A\x27\x39\x50\xE0\x02\x50\x19\xF2\x7A\xCF\x78\x23\x99\x01\xD4\xE5\xB1\xD1\x31\xE6\x6B\x84\xAF\xD0\x77\x41\x46\x85\xB0\x3B\xE6\x6A\x00\x0F\x3B\x7E\x95\x7F\x59\xA8\x22\xE8\x49\x49\x05\xC8\xCB\x6C\xEE\x47\xA7\x2D\xC9\x74\x5B\xEB\x8C\xD5\x99\xC2\xE2\x70\xDB\xEA\x87\x43\x84\x0E\x4F\x83\x1C\xA6\xEB\x1F\x22\x38\x17\x69\x9B\x72\x12\x95\x48\x71\xB2\x7B\x92\x73\x52\xAB\xE3\x1A\xA5\xD3\xF4\x44\x14\xBA\xC3\x35\xDA\x91\x6C\x7D\xB4\xC2\x00\x07\xD8\x0A\x51\xF1\x0D\x4C\xD9\x7A\xD1\x99\xE6\xA8\x8D\x0A\x80\xA8\x91\xDD\x8A\xA2\x6B\xF6\xDB\xB0\x3E\xC9\x71\xA9\xE0\x39\xC3\xA3\x58\x0D\x87\xD0\xB2\xA7\x9C\xB7\x69\x02\x03\x01\x00\x01\xA3\x82\x01\x1A\x30\x82\x01\x16\x30\x09\x06\x03\x55\x1D\x13\x04\x02\x30\x00\x30\x0B\x06\x03\x55\x1D\x0F\x04\x04\x03\x02\x03\xA8\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x34\x91\x6E\x91\x32\xBF\x35\x25\x43\xCC\x28\x74\xEF\x82\xC2\x57\x92\x79\x13\x73\x30\x6D\x06\x03\x55\x1D\x23\x04\x66\x30\x64\x80\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\xA1\x49\xA4\x47\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x82\x01\x00\x30\x1E\x06\x03\x55\x1D\x11\x04\x17\x30\x15\x82\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x13\x06\x03\x55\x1D\x25\x04\x0C\x30\x0A\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x39\x06\x03\x55\x1D\x1F\x04\x32\x30\x30\x30\x2E\xA0\x2C\xA0\x2A\x86\x28\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x2F\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x63\x72\x6C\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x03\x82\x01\x01\x00\x6D\x78\xD7\x66\x90\xA6\xEB\xDD\xB5\x09\x48\xA4\xDA\x27\xFA\xAC\xB1\xBC\x8F\x8C\xBE\xCC\x8C\x09\xA2\x40\x0D\x6C\x4A\xAE\x72\x22\x1E\xC8\xAF\x6D\xF1\x12\xAF\xD7\x40\x51\x79\xD4\xDD\xB2\x0C\xDB\x97\x84\xB6\x24\xD5\xF5\xA8\xBB\xC0\x4B\xF9\x7F\x71\xF7\xB0\x65\x42\x4A\x7D\xFE\x76\x7E\x05\xD2\x46\xB8\x7D\xB3\x39\x4C\x5C\xB1\xFA\xB9\xEE\x3B\x70\x33\x39\x57\x1A\xB9\x95\x51\x33\x00\x25\x1B\x4C\xAA\xB4\xA7\x55\xAF\x63\x6D\x6F\x88\x17\x6A\x7F\xB0\x97\xDE\x49\x14\x6A\x27\x6A\xB0\x42\x80\xD6\xA6\x9B\xEF\x04\x5E\x11\x7D\xD5\x8E\x54\x20\xA2\x76\xD4\x66\x58\xAC\x9C\x12\xD3\xF5\xCA\x54\x98\xCA\x21\xEC\xC1\x55\xA1\x2F\x68\x0B\x5D\x04\x50\xD2\x5E\x70\x25\xD8\x13\xD9\x44\x51\x0E\x8A\x42\x08\x18\x84\xE6\x61\xCE\x5A\x7D\x7B\x81\x35\x90\xC3\xD4\x9D\x19\xB6\x37\xEE\x8F\x63\x5C\xDA\xD8\xF0\x64\x60\x39\xEB\x9B\x1C\x54\x66\x75\x76\xB5\x0A\x58\xB9\x3F\x91\xE1\x21\x9C\xA0\x50\x15\x97\xB6\x7E\x41\xBC\xD0\xC4\x21\x4C\xF5\xD7\xF0\x13\xF8\x77\xE9\x74\xC4\x8A\x0E\x20\x17\x32\xAE\x38\xC2\xA5\xA8\x62\x85\x17\xB1\xA2\xD3\x22\x9F\x95\xB7\xA3\x4C" +#define RESP_SIZE (sizeof(RESP) - 1) +#define MAX_BUF 1024 static void server_log_func(int level, const char *str) { @@ -70,13 +71,13 @@ static void client_log_func(int level, const char *str) static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { fail("received status request\n"); } static int status_func(gnutls_session_t session, void *ptr, - gnutls_datum_t * resp) + gnutls_datum_t *resp) { resp->data = gnutls_malloc(RESP_SIZE); if (resp->data == NULL) @@ -119,13 +120,13 @@ static void client(int fd, const char *prio, int flags) else if (debug) success("client: Handshake was completed\n"); - assert(! - (gnutls_session_get_flags(session) & - GNUTLS_SFLAGS_CLI_REQUESTED_OCSP)); + assert(!(gnutls_session_get_flags(session) & + GNUTLS_SFLAGS_CLI_REQUESTED_OCSP)); if (debug) - success("client: TLS version is: %s\n", gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + success("client: TLS version is: %s\n", + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { do @@ -142,7 +143,7 @@ static void client(int fd, const char *prio, int flags) gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); gnutls_deinit(session); @@ -184,20 +185,20 @@ static void server(int fd, const char *prio) if (ret < 0) goto end; - assert(! - (gnutls_session_get_flags(session) & - GNUTLS_SFLAGS_CLI_REQUESTED_OCSP)); + assert(!(gnutls_session_get_flags(session) & + GNUTLS_SFLAGS_CLI_REQUESTED_OCSP)); if (debug) success("server: Handshake was completed\n"); if (debug) - success("server: TLS version is: %s\n", gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + success("server: TLS version is: %s\n", + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); gnutls_deinit(session); gnutls_certificate_free_credentials(x509_cred); @@ -252,4 +253,4 @@ void doit(void) start("NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_STATUS_REQUEST", 0); start("NORMAL:%NO_STATUS_REQUEST", 0); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/nul-in-x509-names.c b/tests/nul-in-x509-names.c index cab3d76ebe..8bb384c7f9 100644 --- a/tests/nul-in-x509-names.c +++ b/tests/nul-in-x509-names.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,59 +35,58 @@ certs that trigger this bug. */ static char badguy_nul_cn_data[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQUFADB0MQswCQYDVQQGEwJHQjES\n" - "MBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYDVQQKEw5N\n" - "eSBDb21wYW55IEx0ZDELMAkGA1UECxMCQ0ExGTAXBgNVBAMTEE5VTEwtZnJpZW5k\n" - "bHkgQ0EwHhcNMDkwODA0MDczMzQzWhcNMTkwODAyMDczMzQzWjAjMSEwHwYDVQQD\n" - "Exh3d3cuYmFuay5jb20ALmJhZGd1eS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB\n" - "DwAwggEKAoIBAQDNJnCWqaZdPpztDwgVWnwXJWhorxO5rUH6ElTihHJ9WNHiQELB\n" - "We0FPaoQU3AAiDp3oMBWnqx9ISpxRFEIvBcH2qijdtxRvBuK9gIaVb9GtERrJ16+\n" - "5ReLVrLGgjYRg6i/9y8NF/bNR7VvK6ZBto0zX+rqi7Ea4pk4/1lbCqFxE8o3P7mw\n" - "HpGayJM1DErgnfTSYcdOW0EKfDFUmdv1Zc6A08ICN2T9VBJ76qyFWVwX4S720Kjy\n" - "0C6UWS/Cpl/aB957LhQH7eQnJDedCS6x+VpIuYAkQ+bLx24139VpNP/m1p7odmZu\n" - "X1kBPJY77HILPB6VD85oE5wi3Ru1RChQSgV/AgMBAAGjezB5MAkGA1UdEwQCMAAw\n" - "LAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0G\n" - "A1UdDgQWBBQzFSS+2mY6BovZJzQ6r2JA5JVmXTAfBgNVHSMEGDAWgBQKaTlfnTAE\n" - "GAguAg7m6p2yJvbiajANBgkqhkiG9w0BAQUFAAOCAQEAMmUjH8jZU4SC0ArrFFEk\n" - "A7xsGypa/hvw6GkMKxmGz38ydtgr0s+LxNG2W5xgo5kuknIGzt6L0qLSiXwTqQtO\n" - "vhIJ5dYoOqynJlaUfxPuZH3elGB1wbxVl9SqE44C2LCwcFOuGFPOqrIshT7j8+Em\n" - "8/pc7vh7C8Y5tQQzXq64Xg5mzKjAag3sYMHF2TnqvRuPHH0WOLHoyDcBqkuZ3+QP\n" - "EL5h7prPzScFRgBg2Gp0CDI8i5ABagczDGyQ2+r7ahcadrtzFCfhpH7V3TCxXfIO\n" - "qtSy1Uz2T5EqB/Q3wc9IGcX+fpKWqN9QajGSo7EU/kHMSWKYTerFugUtScMicu9B\n" - "CQ==\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t badguy_nul_cn = { - (void *)badguy_nul_cn_data, sizeof(badguy_nul_cn_data) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQUFADB0MQswCQYDVQQGEwJHQjES\n" + "MBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYDVQQKEw5N\n" + "eSBDb21wYW55IEx0ZDELMAkGA1UECxMCQ0ExGTAXBgNVBAMTEE5VTEwtZnJpZW5k\n" + "bHkgQ0EwHhcNMDkwODA0MDczMzQzWhcNMTkwODAyMDczMzQzWjAjMSEwHwYDVQQD\n" + "Exh3d3cuYmFuay5jb20ALmJhZGd1eS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB\n" + "DwAwggEKAoIBAQDNJnCWqaZdPpztDwgVWnwXJWhorxO5rUH6ElTihHJ9WNHiQELB\n" + "We0FPaoQU3AAiDp3oMBWnqx9ISpxRFEIvBcH2qijdtxRvBuK9gIaVb9GtERrJ16+\n" + "5ReLVrLGgjYRg6i/9y8NF/bNR7VvK6ZBto0zX+rqi7Ea4pk4/1lbCqFxE8o3P7mw\n" + "HpGayJM1DErgnfTSYcdOW0EKfDFUmdv1Zc6A08ICN2T9VBJ76qyFWVwX4S720Kjy\n" + "0C6UWS/Cpl/aB957LhQH7eQnJDedCS6x+VpIuYAkQ+bLx24139VpNP/m1p7odmZu\n" + "X1kBPJY77HILPB6VD85oE5wi3Ru1RChQSgV/AgMBAAGjezB5MAkGA1UdEwQCMAAw\n" + "LAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0G\n" + "A1UdDgQWBBQzFSS+2mY6BovZJzQ6r2JA5JVmXTAfBgNVHSMEGDAWgBQKaTlfnTAE\n" + "GAguAg7m6p2yJvbiajANBgkqhkiG9w0BAQUFAAOCAQEAMmUjH8jZU4SC0ArrFFEk\n" + "A7xsGypa/hvw6GkMKxmGz38ydtgr0s+LxNG2W5xgo5kuknIGzt6L0qLSiXwTqQtO\n" + "vhIJ5dYoOqynJlaUfxPuZH3elGB1wbxVl9SqE44C2LCwcFOuGFPOqrIshT7j8+Em\n" + "8/pc7vh7C8Y5tQQzXq64Xg5mzKjAag3sYMHF2TnqvRuPHH0WOLHoyDcBqkuZ3+QP\n" + "EL5h7prPzScFRgBg2Gp0CDI8i5ABagczDGyQ2+r7ahcadrtzFCfhpH7V3TCxXfIO\n" + "qtSy1Uz2T5EqB/Q3wc9IGcX+fpKWqN9QajGSo7EU/kHMSWKYTerFugUtScMicu9B\n" + "CQ==\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t badguy_nul_cn = { (void *)badguy_nul_cn_data, + sizeof(badguy_nul_cn_data) }; static char badguy_nul_san_data[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDrTCCApWgAwIBAgIBADANBgkqhkiG9w0BAQUFADB0MQswCQYDVQQGEwJHQjES\n" - "MBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYDVQQKEw5N\n" - "eSBDb21wYW55IEx0ZDELMAkGA1UECxMCQ0ExGTAXBgNVBAMTEE5VTEwtZnJpZW5k\n" - "bHkgQ0EwHhcNMDkwODA0MDY1MzA1WhcNMTkwODAyMDY1MzA1WjAZMRcwFQYDVQQD\n" - "Ew53d3cuYmFkZ3V5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n" - "AM0mcJappl0+nO0PCBVafBclaGivE7mtQfoSVOKEcn1Y0eJAQsFZ7QU9qhBTcACI\n" - "OnegwFaerH0hKnFEUQi8FwfaqKN23FG8G4r2AhpVv0a0RGsnXr7lF4tWssaCNhGD\n" - "qL/3Lw0X9s1HtW8rpkG2jTNf6uqLsRrimTj/WVsKoXETyjc/ubAekZrIkzUMSuCd\n" - "9NJhx05bQQp8MVSZ2/VlzoDTwgI3ZP1UEnvqrIVZXBfhLvbQqPLQLpRZL8KmX9oH\n" - "3nsuFAft5CckN50JLrH5Wki5gCRD5svHbjXf1Wk0/+bWnuh2Zm5fWQE8ljvscgs8\n" - "HpUPzmgTnCLdG7VEKFBKBX8CAwEAAaOBpDCBoTAJBgNVHRMEAjAAMCwGCWCGSAGG\n" - "+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU\n" - "MxUkvtpmOgaL2Sc0Oq9iQOSVZl0wHwYDVR0jBBgwFoAUCmk5X50wBBgILgIO5uqd\n" - "sib24mowJgYDVR0RBB8wHYIbd3d3LmJhbmsuY29tAHd3dy5iYWRndXkuY29tMA0G\n" - "CSqGSIb3DQEBBQUAA4IBAQAnbn2zqYZSV2qgxjBsHpQJp2+t/hGfvjKNAXuLlGbX\n" - "fLaxkPzk9bYyvGxxI7EYiNZHvNoHx15GcTrmQG7Bfx1WlnBl2FGp3J6lBgCY5x4Q\n" - "vIK6AOVOog8+7Irdb8bJweztbXwxPmaHR6GLFTwhfuwheD0hcHK6cMNk+B1P2dAn\n" - "PD5+olmuvprTAESncjrjP8ibxY+xlP4AD264FIjxA1CRUa/wHve4WqRXNS3xrciu\n" - "3SlhFH3q0TSAXBv960PcIW3GRPk7VHbEkVuspI5y59gk/6dawO8nw9fk+X9VjQ0w\n" - "7KLZbch29L6UPRIySpFP28PndgdaEpcYtxUAmFkhiT41\n" - "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t badguy_nul_san = { - (void *)badguy_nul_san_data, sizeof(badguy_nul_san_data) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIIDrTCCApWgAwIBAgIBADANBgkqhkiG9w0BAQUFADB0MQswCQYDVQQGEwJHQjES\n" + "MBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYDVQQKEw5N\n" + "eSBDb21wYW55IEx0ZDELMAkGA1UECxMCQ0ExGTAXBgNVBAMTEE5VTEwtZnJpZW5k\n" + "bHkgQ0EwHhcNMDkwODA0MDY1MzA1WhcNMTkwODAyMDY1MzA1WjAZMRcwFQYDVQQD\n" + "Ew53d3cuYmFkZ3V5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n" + "AM0mcJappl0+nO0PCBVafBclaGivE7mtQfoSVOKEcn1Y0eJAQsFZ7QU9qhBTcACI\n" + "OnegwFaerH0hKnFEUQi8FwfaqKN23FG8G4r2AhpVv0a0RGsnXr7lF4tWssaCNhGD\n" + "qL/3Lw0X9s1HtW8rpkG2jTNf6uqLsRrimTj/WVsKoXETyjc/ubAekZrIkzUMSuCd\n" + "9NJhx05bQQp8MVSZ2/VlzoDTwgI3ZP1UEnvqrIVZXBfhLvbQqPLQLpRZL8KmX9oH\n" + "3nsuFAft5CckN50JLrH5Wki5gCRD5svHbjXf1Wk0/+bWnuh2Zm5fWQE8ljvscgs8\n" + "HpUPzmgTnCLdG7VEKFBKBX8CAwEAAaOBpDCBoTAJBgNVHRMEAjAAMCwGCWCGSAGG\n" + "+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU\n" + "MxUkvtpmOgaL2Sc0Oq9iQOSVZl0wHwYDVR0jBBgwFoAUCmk5X50wBBgILgIO5uqd\n" + "sib24mowJgYDVR0RBB8wHYIbd3d3LmJhbmsuY29tAHd3dy5iYWRndXkuY29tMA0G\n" + "CSqGSIb3DQEBBQUAA4IBAQAnbn2zqYZSV2qgxjBsHpQJp2+t/hGfvjKNAXuLlGbX\n" + "fLaxkPzk9bYyvGxxI7EYiNZHvNoHx15GcTrmQG7Bfx1WlnBl2FGp3J6lBgCY5x4Q\n" + "vIK6AOVOog8+7Irdb8bJweztbXwxPmaHR6GLFTwhfuwheD0hcHK6cMNk+B1P2dAn\n" + "PD5+olmuvprTAESncjrjP8ibxY+xlP4AD264FIjxA1CRUa/wHve4WqRXNS3xrciu\n" + "3SlhFH3q0TSAXBv960PcIW3GRPk7VHbEkVuspI5y59gk/6dawO8nw9fk+X9VjQ0w\n" + "7KLZbch29L6UPRIySpFP28PndgdaEpcYtxUAmFkhiT41\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t badguy_nul_san = { (void *)badguy_nul_san_data, + sizeof(badguy_nul_san_data) }; void doit(void) { @@ -115,8 +114,7 @@ void doit(void) ret = gnutls_x509_crt_check_hostname(crt, "www.bank.com"); if (ret == 0) { if (debug) - success - ("gnutls_x509_crt_check_hostname OK (NUL-IN-CN)"); + success("gnutls_x509_crt_check_hostname OK (NUL-IN-CN)"); } else { fail("gnutls_x509_crt_check_hostname BROKEN (NUL-IN-CN)"); } @@ -130,8 +128,7 @@ void doit(void) ret = gnutls_x509_crt_check_hostname(crt, "www.bank.com"); if (ret == 0) { if (debug) - success - ("gnutls_x509_crt_check_hostname OK (NUL-IN-SAN)"); + success("gnutls_x509_crt_check_hostname OK (NUL-IN-SAN)"); } else { fail("gnutls_x509_crt_check_hostname BROKEN (NUL-IN-SAN)"); } @@ -139,5 +136,4 @@ void doit(void) gnutls_x509_crt_deinit(crt); gnutls_global_deinit(); - } diff --git a/tests/null_retrieve_function.c b/tests/null_retrieve_function.c index eb156e9646..7a51e9ee8b 100644 --- a/tests/null_retrieve_function.c +++ b/tests/null_retrieve_function.c @@ -19,7 +19,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,33 +35,26 @@ * function. */ -static int cert_cb1(gnutls_session_t session, - const gnutls_datum_t * req_ca_rdn, - int nreqs, - const gnutls_pk_algorithm_t * pk_algos, - int pk_algos_length, gnutls_retr2_st * retr) +static int cert_cb1(gnutls_session_t session, const gnutls_datum_t *req_ca_rdn, + int nreqs, const gnutls_pk_algorithm_t *pk_algos, + int pk_algos_length, gnutls_retr2_st *retr) { return -1; } -static int cert_cb2(gnutls_session_t session, - const gnutls_datum_t * req_ca_rdn, - int nreqs, - const gnutls_pk_algorithm_t * pk_algos, - int pk_algos_length, - gnutls_pcert_st ** pcert, - unsigned int *pcert_length, gnutls_privkey_t * privkey) +static int cert_cb2(gnutls_session_t session, const gnutls_datum_t *req_ca_rdn, + int nreqs, const gnutls_pk_algorithm_t *pk_algos, + int pk_algos_length, gnutls_pcert_st **pcert, + unsigned int *pcert_length, gnutls_privkey_t *privkey) { return -1; } static int cert_cb3(gnutls_session_t session, const struct gnutls_cert_retr_st *info, - gnutls_pcert_st ** certs, - unsigned int *pcert_length, - gnutls_ocsp_data_st ** ocsp, - unsigned int *ocsp_length, - gnutls_privkey_t * privkey, unsigned int *flags) + gnutls_pcert_st **certs, unsigned int *pcert_length, + gnutls_ocsp_data_st **ocsp, unsigned int *ocsp_length, + gnutls_privkey_t *privkey, unsigned int *flags) { return -1; } @@ -87,11 +80,9 @@ void doit(void) gnutls_certificate_allocate_credentials(&x509_cred); - ret = - gnutls_certificate_set_x509_key_mem(x509_cred, - &server_ca3_localhost_cert_chain, - &server_ca3_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + x509_cred, &server_ca3_localhost_cert_chain, &server_ca3_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in error code\n"); exit(1); diff --git a/tests/ocsp-common.h b/tests/ocsp-common.h index 4d8ef9ab39..14c0207650 100644 --- a/tests/ocsp-common.h +++ b/tests/ocsp-common.h @@ -21,110 +21,86 @@ */ #ifndef GNUTLS_TESTS_OCSP_COMMON_H -# define GNUTLS_TESTS_OCSP_COMMON_H +#define GNUTLS_TESTS_OCSP_COMMON_H -# if defined __clang__ || __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 5) -# pragma GCC diagnostic push -# pragma GCC diagnostic ignored "-Wunused-variable" -# endif +#if defined __clang__ || __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 5) +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wunused-variable" +#endif /* Date for responses to be valid */ -# define OCSP_RESP_DATE 1508329639 +#define OCSP_RESP_DATE 1508329639 /* ocsp response with unknown status for * server_ca3_localhost6_cert. Signed with * RSA-SHA256. */ static const char _ocsp_ca3_localhost6_unknown[] = { - 0x30, 0x82, 0x02, 0x3A, 0x0A, 0x01, 0x00, 0xA0, - 0x82, 0x02, 0x33, 0x30, 0x82, 0x02, 0x2F, 0x06, - 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, - 0x01, 0x01, 0x04, 0x82, 0x02, 0x20, 0x30, 0x82, - 0x02, 0x1C, 0x30, 0x81, 0x85, 0xA1, 0x14, 0x30, - 0x12, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x03, 0x13, 0x07, 0x73, 0x75, 0x62, 0x43, - 0x41, 0x2D, 0x33, 0x18, 0x0F, 0x32, 0x30, 0x31, - 0x37, 0x31, 0x30, 0x31, 0x38, 0x31, 0x32, 0x32, - 0x30, 0x34, 0x39, 0x5A, 0x30, 0x5C, 0x30, 0x5A, - 0x30, 0x45, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, - 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14, 0xB2, - 0xE6, 0x5C, 0x8E, 0x6E, 0x83, 0x4B, 0xBD, 0x11, - 0xD9, 0x97, 0xFA, 0x36, 0x93, 0x59, 0x9E, 0xAD, - 0x5C, 0x15, 0xC4, 0x04, 0x14, 0x9E, 0x91, 0xEC, - 0x8C, 0xAA, 0x24, 0x5B, 0x22, 0xE0, 0xE8, 0x11, - 0xE8, 0xE9, 0xA4, 0x91, 0xB5, 0x91, 0x26, 0x00, - 0xF1, 0x02, 0x0C, 0x57, 0xA3, 0x1D, 0x32, 0x37, - 0x64, 0x58, 0xFA, 0x7B, 0x52, 0x6F, 0xD7, 0x82, - 0x00, 0x18, 0x0F, 0x32, 0x30, 0x31, 0x37, 0x31, - 0x30, 0x31, 0x38, 0x31, 0x32, 0x32, 0x30, 0x34, - 0x39, 0x5A, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, - 0x00, 0x03, 0x82, 0x01, 0x81, 0x00, 0x98, 0x3C, - 0xFF, 0xD1, 0x76, 0x93, 0xB0, 0xDD, 0x42, 0xCA, - 0x8C, 0x7D, 0x4F, 0x9F, 0xE7, 0x78, 0x14, 0x1D, - 0x90, 0x25, 0x67, 0x34, 0x51, 0x3C, 0xF6, 0x10, - 0x7E, 0xB9, 0x8C, 0x19, 0xF4, 0x9A, 0x32, 0x6A, - 0xFD, 0x5B, 0x77, 0xE9, 0x0A, 0xB2, 0xCD, 0x31, - 0x5E, 0x0F, 0x5B, 0x11, 0xA7, 0x75, 0x38, 0x7B, - 0x01, 0xFA, 0x2B, 0x68, 0x2C, 0x14, 0x6F, 0xAF, - 0x90, 0xC9, 0x69, 0x67, 0x13, 0x70, 0x78, 0x51, - 0x44, 0x0B, 0xA6, 0x16, 0x84, 0x6B, 0x09, 0xC3, - 0x27, 0xFF, 0x06, 0x25, 0x90, 0x27, 0x08, 0x87, - 0x23, 0xCB, 0x1A, 0x56, 0x61, 0x9E, 0x28, 0x9C, - 0x42, 0x19, 0xEA, 0x93, 0x7C, 0x05, 0x14, 0x04, - 0x7F, 0xC7, 0x1C, 0x40, 0xDD, 0x35, 0xC6, 0x50, - 0x79, 0x46, 0xD7, 0x6A, 0xB1, 0x59, 0xAF, 0xC6, - 0xDA, 0x0C, 0xD2, 0x1B, 0xAC, 0x3B, 0x46, 0x09, - 0x0E, 0x7B, 0x02, 0xC3, 0x01, 0x55, 0x5E, 0xE9, - 0x4F, 0x10, 0x58, 0x16, 0xB8, 0x54, 0xA8, 0x54, - 0xBB, 0x31, 0xEB, 0x99, 0x64, 0x73, 0xEE, 0x3F, - 0x44, 0xCE, 0xBB, 0xF9, 0x0A, 0xDB, 0x36, 0x90, - 0x51, 0x80, 0xAA, 0xE1, 0x6F, 0xC3, 0x00, 0x13, - 0x65, 0x80, 0x36, 0x3A, 0x63, 0x48, 0x05, 0x52, - 0x7F, 0x91, 0x96, 0xB0, 0x7F, 0x53, 0xFC, 0x5D, - 0x87, 0x0C, 0x6E, 0x5C, 0xAC, 0x0A, 0x45, 0x22, - 0x83, 0x72, 0xC0, 0xAF, 0x5E, 0xDB, 0x5C, 0xE4, - 0xA9, 0x80, 0x16, 0x43, 0xAB, 0x55, 0x72, 0x9B, - 0x37, 0x41, 0xBB, 0xEF, 0x20, 0x45, 0xD5, 0xCB, - 0xF8, 0xCE, 0xA9, 0x50, 0x12, 0x79, 0xAC, 0x6E, - 0xC0, 0x79, 0xA4, 0x74, 0x1C, 0xF8, 0x48, 0xD4, - 0xFC, 0xDC, 0xBB, 0xDA, 0x36, 0x72, 0x46, 0x05, - 0x32, 0x97, 0x4C, 0x6B, 0xA4, 0x3C, 0xA0, 0x0E, - 0xB7, 0xAC, 0x49, 0xA4, 0x52, 0xF0, 0xAC, 0xD5, - 0x8D, 0x86, 0x07, 0xDB, 0xC3, 0x67, 0xE4, 0x95, - 0x62, 0x52, 0x33, 0x33, 0x2D, 0x00, 0x49, 0x23, - 0xCC, 0x12, 0x62, 0xFB, 0x89, 0x27, 0xD5, 0x27, - 0xCB, 0x75, 0xC4, 0xCB, 0x60, 0x17, 0xFD, 0x4E, - 0x7A, 0x2A, 0xD7, 0x0B, 0x09, 0x84, 0x03, 0x20, - 0x38, 0x53, 0x73, 0x71, 0x66, 0xFC, 0x64, 0x9C, - 0x6E, 0x1A, 0x1E, 0xC5, 0x5E, 0x0C, 0xAD, 0x9D, - 0xE3, 0x37, 0xF2, 0xC2, 0xFC, 0xA1, 0x31, 0x26, - 0x2C, 0xA1, 0xDF, 0x05, 0x19, 0xD6, 0x18, 0xE8, - 0x25, 0x7C, 0x23, 0x23, 0xDE, 0x89, 0x6F, 0x5E, - 0x98, 0xE8, 0xB6, 0xB2, 0x25, 0x28, 0x30, 0x12, - 0x19, 0xB1, 0x84, 0x95, 0x8F, 0x8F, 0x65, 0x75, - 0x2D, 0x90, 0xA8, 0x8D, 0xD9, 0xC3, 0x40, 0x79, - 0xC8, 0xC8, 0xA1, 0xDC, 0xD0, 0x16, 0x02, 0xFE, - 0x60, 0xBE, 0xA3, 0x58, 0xA2, 0xC4, 0xBA, 0xE5, - 0x86, 0x4F, 0xF3, 0x2F, 0x46, 0xB9, 0x62, 0x2F, - 0xCD, 0xE4, 0x1A, 0x62, 0x83, 0x76 + 0x30, 0x82, 0x02, 0x3A, 0x0A, 0x01, 0x00, 0xA0, 0x82, 0x02, 0x33, 0x30, + 0x82, 0x02, 0x2F, 0x06, 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, + 0x01, 0x01, 0x04, 0x82, 0x02, 0x20, 0x30, 0x82, 0x02, 0x1C, 0x30, 0x81, + 0x85, 0xA1, 0x14, 0x30, 0x12, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x03, 0x13, 0x07, 0x73, 0x75, 0x62, 0x43, 0x41, 0x2D, 0x33, 0x18, + 0x0F, 0x32, 0x30, 0x31, 0x37, 0x31, 0x30, 0x31, 0x38, 0x31, 0x32, 0x32, + 0x30, 0x34, 0x39, 0x5A, 0x30, 0x5C, 0x30, 0x5A, 0x30, 0x45, 0x30, 0x09, + 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14, 0xB2, + 0xE6, 0x5C, 0x8E, 0x6E, 0x83, 0x4B, 0xBD, 0x11, 0xD9, 0x97, 0xFA, 0x36, + 0x93, 0x59, 0x9E, 0xAD, 0x5C, 0x15, 0xC4, 0x04, 0x14, 0x9E, 0x91, 0xEC, + 0x8C, 0xAA, 0x24, 0x5B, 0x22, 0xE0, 0xE8, 0x11, 0xE8, 0xE9, 0xA4, 0x91, + 0xB5, 0x91, 0x26, 0x00, 0xF1, 0x02, 0x0C, 0x57, 0xA3, 0x1D, 0x32, 0x37, + 0x64, 0x58, 0xFA, 0x7B, 0x52, 0x6F, 0xD7, 0x82, 0x00, 0x18, 0x0F, 0x32, + 0x30, 0x31, 0x37, 0x31, 0x30, 0x31, 0x38, 0x31, 0x32, 0x32, 0x30, 0x34, + 0x39, 0x5A, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x01, 0x81, 0x00, 0x98, 0x3C, + 0xFF, 0xD1, 0x76, 0x93, 0xB0, 0xDD, 0x42, 0xCA, 0x8C, 0x7D, 0x4F, 0x9F, + 0xE7, 0x78, 0x14, 0x1D, 0x90, 0x25, 0x67, 0x34, 0x51, 0x3C, 0xF6, 0x10, + 0x7E, 0xB9, 0x8C, 0x19, 0xF4, 0x9A, 0x32, 0x6A, 0xFD, 0x5B, 0x77, 0xE9, + 0x0A, 0xB2, 0xCD, 0x31, 0x5E, 0x0F, 0x5B, 0x11, 0xA7, 0x75, 0x38, 0x7B, + 0x01, 0xFA, 0x2B, 0x68, 0x2C, 0x14, 0x6F, 0xAF, 0x90, 0xC9, 0x69, 0x67, + 0x13, 0x70, 0x78, 0x51, 0x44, 0x0B, 0xA6, 0x16, 0x84, 0x6B, 0x09, 0xC3, + 0x27, 0xFF, 0x06, 0x25, 0x90, 0x27, 0x08, 0x87, 0x23, 0xCB, 0x1A, 0x56, + 0x61, 0x9E, 0x28, 0x9C, 0x42, 0x19, 0xEA, 0x93, 0x7C, 0x05, 0x14, 0x04, + 0x7F, 0xC7, 0x1C, 0x40, 0xDD, 0x35, 0xC6, 0x50, 0x79, 0x46, 0xD7, 0x6A, + 0xB1, 0x59, 0xAF, 0xC6, 0xDA, 0x0C, 0xD2, 0x1B, 0xAC, 0x3B, 0x46, 0x09, + 0x0E, 0x7B, 0x02, 0xC3, 0x01, 0x55, 0x5E, 0xE9, 0x4F, 0x10, 0x58, 0x16, + 0xB8, 0x54, 0xA8, 0x54, 0xBB, 0x31, 0xEB, 0x99, 0x64, 0x73, 0xEE, 0x3F, + 0x44, 0xCE, 0xBB, 0xF9, 0x0A, 0xDB, 0x36, 0x90, 0x51, 0x80, 0xAA, 0xE1, + 0x6F, 0xC3, 0x00, 0x13, 0x65, 0x80, 0x36, 0x3A, 0x63, 0x48, 0x05, 0x52, + 0x7F, 0x91, 0x96, 0xB0, 0x7F, 0x53, 0xFC, 0x5D, 0x87, 0x0C, 0x6E, 0x5C, + 0xAC, 0x0A, 0x45, 0x22, 0x83, 0x72, 0xC0, 0xAF, 0x5E, 0xDB, 0x5C, 0xE4, + 0xA9, 0x80, 0x16, 0x43, 0xAB, 0x55, 0x72, 0x9B, 0x37, 0x41, 0xBB, 0xEF, + 0x20, 0x45, 0xD5, 0xCB, 0xF8, 0xCE, 0xA9, 0x50, 0x12, 0x79, 0xAC, 0x6E, + 0xC0, 0x79, 0xA4, 0x74, 0x1C, 0xF8, 0x48, 0xD4, 0xFC, 0xDC, 0xBB, 0xDA, + 0x36, 0x72, 0x46, 0x05, 0x32, 0x97, 0x4C, 0x6B, 0xA4, 0x3C, 0xA0, 0x0E, + 0xB7, 0xAC, 0x49, 0xA4, 0x52, 0xF0, 0xAC, 0xD5, 0x8D, 0x86, 0x07, 0xDB, + 0xC3, 0x67, 0xE4, 0x95, 0x62, 0x52, 0x33, 0x33, 0x2D, 0x00, 0x49, 0x23, + 0xCC, 0x12, 0x62, 0xFB, 0x89, 0x27, 0xD5, 0x27, 0xCB, 0x75, 0xC4, 0xCB, + 0x60, 0x17, 0xFD, 0x4E, 0x7A, 0x2A, 0xD7, 0x0B, 0x09, 0x84, 0x03, 0x20, + 0x38, 0x53, 0x73, 0x71, 0x66, 0xFC, 0x64, 0x9C, 0x6E, 0x1A, 0x1E, 0xC5, + 0x5E, 0x0C, 0xAD, 0x9D, 0xE3, 0x37, 0xF2, 0xC2, 0xFC, 0xA1, 0x31, 0x26, + 0x2C, 0xA1, 0xDF, 0x05, 0x19, 0xD6, 0x18, 0xE8, 0x25, 0x7C, 0x23, 0x23, + 0xDE, 0x89, 0x6F, 0x5E, 0x98, 0xE8, 0xB6, 0xB2, 0x25, 0x28, 0x30, 0x12, + 0x19, 0xB1, 0x84, 0x95, 0x8F, 0x8F, 0x65, 0x75, 0x2D, 0x90, 0xA8, 0x8D, + 0xD9, 0xC3, 0x40, 0x79, 0xC8, 0xC8, 0xA1, 0xDC, 0xD0, 0x16, 0x02, 0xFE, + 0x60, 0xBE, 0xA3, 0x58, 0xA2, 0xC4, 0xBA, 0xE5, 0x86, 0x4F, 0xF3, 0x2F, + 0x46, 0xB9, 0x62, 0x2F, 0xCD, 0xE4, 0x1A, 0x62, 0x83, 0x76 }; const char _ocsp_ca3_localhost6_unknown_pem[] = - "-----BEGIN OCSP RESPONSE-----\n" - "MIICOgoBAKCCAjMwggIvBgkrBgEFBQcwAQEEggIgMIICHDCBhaEUMBIxEDAOBgNV\n" - "BAMTB3N1YkNBLTMYDzIwMTcxMDE4MTIyMDQ5WjBcMFowRTAJBgUrDgMCGgUABBSy\n" - "5lyOboNLvRHZl/o2k1merVwVxAQUnpHsjKokWyLg6BHo6aSRtZEmAPECDFejHTI3\n" - "ZFj6e1Jv14IAGA8yMDE3MTAxODEyMjA0OVowDQYJKoZIhvcNAQELBQADggGBAJg8\n" - "/9F2k7DdQsqMfU+f53gUHZAlZzRRPPYQfrmMGfSaMmr9W3fpCrLNMV4PWxGndTh7\n" - "AforaCwUb6+QyWlnE3B4UUQLphaEawnDJ/8GJZAnCIcjyxpWYZ4onEIZ6pN8BRQE\n" - "f8ccQN01xlB5RtdqsVmvxtoM0husO0YJDnsCwwFVXulPEFgWuFSoVLsx65lkc+4/\n" - "RM67+QrbNpBRgKrhb8MAE2WANjpjSAVSf5GWsH9T/F2HDG5crApFIoNywK9e21zk\n" - "qYAWQ6tVcps3QbvvIEXVy/jOqVASeaxuwHmkdBz4SNT83LvaNnJGBTKXTGukPKAO\n" - "t6xJpFLwrNWNhgfbw2fklWJSMzMtAEkjzBJi+4kn1SfLdcTLYBf9Tnoq1wsJhAMg\n" - "OFNzcWb8ZJxuGh7FXgytneM38sL8oTEmLKHfBRnWGOglfCMj3olvXpjotrIlKDAS\n" - "GbGElY+PZXUtkKiN2cNAecjIodzQFgL+YL6jWKLEuuWGT/MvRrliL83kGmKDdg==\n" - "-----END OCSP RESPONSE-----"; + "-----BEGIN OCSP RESPONSE-----\n" + "MIICOgoBAKCCAjMwggIvBgkrBgEFBQcwAQEEggIgMIICHDCBhaEUMBIxEDAOBgNV\n" + "BAMTB3N1YkNBLTMYDzIwMTcxMDE4MTIyMDQ5WjBcMFowRTAJBgUrDgMCGgUABBSy\n" + "5lyOboNLvRHZl/o2k1merVwVxAQUnpHsjKokWyLg6BHo6aSRtZEmAPECDFejHTI3\n" + "ZFj6e1Jv14IAGA8yMDE3MTAxODEyMjA0OVowDQYJKoZIhvcNAQELBQADggGBAJg8\n" + "/9F2k7DdQsqMfU+f53gUHZAlZzRRPPYQfrmMGfSaMmr9W3fpCrLNMV4PWxGndTh7\n" + "AforaCwUb6+QyWlnE3B4UUQLphaEawnDJ/8GJZAnCIcjyxpWYZ4onEIZ6pN8BRQE\n" + "f8ccQN01xlB5RtdqsVmvxtoM0husO0YJDnsCwwFVXulPEFgWuFSoVLsx65lkc+4/\n" + "RM67+QrbNpBRgKrhb8MAE2WANjpjSAVSf5GWsH9T/F2HDG5crApFIoNywK9e21zk\n" + "qYAWQ6tVcps3QbvvIEXVy/jOqVASeaxuwHmkdBz4SNT83LvaNnJGBTKXTGukPKAO\n" + "t6xJpFLwrNWNhgfbw2fklWJSMzMtAEkjzBJi+4kn1SfLdcTLYBf9Tnoq1wsJhAMg\n" + "OFNzcWb8ZJxuGh7FXgytneM38sL8oTEmLKHfBRnWGOglfCMj3olvXpjotrIlKDAS\n" + "GbGElY+PZXUtkKiN2cNAecjIodzQFgL+YL6jWKLEuuWGT/MvRrliL83kGmKDdg==\n" + "-----END OCSP RESPONSE-----"; static gnutls_datum_t ocsp_ca3_localhost6_unknown = { (void *)_ocsp_ca3_localhost6_unknown, @@ -141,226 +117,159 @@ static gnutls_datum_t ocsp_ca3_localhost6_unknown_pem = { * RSA-SHA512. */ static const char _ocsp_ca3_localhost_unknown[] = { - 0x30, 0x82, 0x06, 0x53, 0x0A, 0x01, 0x00, 0xA0, - 0x82, 0x06, 0x4C, 0x30, 0x82, 0x06, 0x48, 0x06, - 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, - 0x01, 0x01, 0x04, 0x82, 0x06, 0x39, 0x30, 0x82, - 0x06, 0x35, 0x30, 0x81, 0x85, 0xA1, 0x14, 0x30, - 0x12, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x03, 0x13, 0x07, 0x73, 0x75, 0x62, 0x43, - 0x41, 0x2D, 0x33, 0x18, 0x0F, 0x32, 0x30, 0x31, - 0x37, 0x31, 0x30, 0x31, 0x38, 0x31, 0x32, 0x30, - 0x39, 0x33, 0x30, 0x5A, 0x30, 0x5C, 0x30, 0x5A, - 0x30, 0x45, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, - 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14, 0xB2, - 0xE6, 0x5C, 0x8E, 0x6E, 0x83, 0x4B, 0xBD, 0x11, - 0xD9, 0x97, 0xFA, 0x36, 0x93, 0x59, 0x9E, 0xAD, - 0x5C, 0x15, 0xC4, 0x04, 0x14, 0x9E, 0x91, 0xEC, - 0x8C, 0xAA, 0x24, 0x5B, 0x22, 0xE0, 0xE8, 0x11, - 0xE8, 0xE9, 0xA4, 0x91, 0xB5, 0x91, 0x26, 0x00, - 0xF1, 0x02, 0x0C, 0x57, 0xA3, 0x1D, 0x32, 0x36, - 0xC8, 0x0C, 0xA1, 0xCA, 0xB0, 0xBD, 0xF6, 0x82, - 0x00, 0x18, 0x0F, 0x32, 0x30, 0x31, 0x37, 0x31, - 0x30, 0x31, 0x38, 0x31, 0x32, 0x30, 0x39, 0x33, - 0x30, 0x5A, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0D, 0x05, - 0x00, 0x03, 0x82, 0x01, 0x81, 0x00, 0x56, 0x64, - 0x2B, 0x10, 0xAA, 0xE7, 0x26, 0x7F, 0xF1, 0x7F, - 0x86, 0x97, 0x0E, 0x18, 0xB4, 0x75, 0x92, 0x65, - 0x12, 0x2B, 0x46, 0x9F, 0x3E, 0x96, 0x98, 0xE4, - 0xAB, 0x10, 0xD1, 0x0E, 0xEA, 0x08, 0xE2, 0xA5, - 0x01, 0x75, 0xA4, 0x5B, 0x76, 0xAC, 0x49, 0x2B, - 0x9E, 0xF1, 0x4A, 0xF2, 0x79, 0x3A, 0x4E, 0x15, - 0x81, 0xFF, 0x4D, 0xD3, 0x65, 0x8E, 0xAE, 0x4A, - 0xBB, 0x33, 0x35, 0x8B, 0x0F, 0xB6, 0x5D, 0x32, - 0xEF, 0xF5, 0xE1, 0x25, 0xBF, 0xBD, 0x52, 0x1D, - 0x99, 0xF2, 0x34, 0xE0, 0xFB, 0x38, 0x34, 0x6C, - 0x9A, 0xEF, 0x53, 0xB2, 0x90, 0xC6, 0xFB, 0x75, - 0xA0, 0x8C, 0xBC, 0x6B, 0x8E, 0xD8, 0xDE, 0x33, - 0xE4, 0x6F, 0xF2, 0xAD, 0xF2, 0xA2, 0x4F, 0xC2, - 0x58, 0x47, 0xE2, 0x68, 0x6D, 0x3A, 0x3A, 0xB3, - 0x0A, 0x82, 0x3D, 0xA4, 0x85, 0x00, 0x58, 0x3E, - 0x00, 0x35, 0x9D, 0x6B, 0x1F, 0xFF, 0x9F, 0xAE, - 0xB0, 0x9A, 0xE2, 0xC7, 0x0E, 0x9A, 0xB3, 0x7C, - 0x52, 0xE9, 0xDA, 0x50, 0x57, 0x35, 0x72, 0x71, - 0x81, 0xA7, 0xC0, 0x40, 0x28, 0xEA, 0x2B, 0xCE, - 0x09, 0x47, 0x1D, 0xB1, 0x80, 0x41, 0x59, 0xF6, - 0x5D, 0xD3, 0x3C, 0xEA, 0x11, 0xD8, 0x13, 0xB9, - 0x0F, 0x32, 0x6A, 0x29, 0x72, 0xBE, 0xC1, 0xC3, - 0x1B, 0xB5, 0x4C, 0x4D, 0x0D, 0xA1, 0xD5, 0xF0, - 0xC4, 0xEC, 0xC5, 0x5A, 0x93, 0x41, 0x7A, 0x01, - 0x24, 0xB3, 0x7A, 0x71, 0x82, 0xA3, 0xC6, 0x08, - 0x42, 0x91, 0x0E, 0x6B, 0xE7, 0x86, 0x0B, 0xAF, - 0xBE, 0xDF, 0x07, 0x5A, 0x8C, 0x35, 0xF8, 0x5F, - 0x7F, 0x2F, 0x60, 0x04, 0xDD, 0x2A, 0xF2, 0x0D, - 0xC0, 0x1C, 0x6F, 0xA0, 0x30, 0x80, 0xA4, 0x35, - 0x83, 0xD3, 0xC3, 0xCC, 0x35, 0x46, 0x36, 0xEB, - 0xE9, 0xB1, 0x3C, 0x08, 0x8F, 0xCC, 0x5D, 0xCA, - 0xD9, 0xAF, 0x3E, 0xD4, 0x58, 0xBB, 0x90, 0x5D, - 0xEF, 0x01, 0x9C, 0xD9, 0x3E, 0x56, 0x7E, 0xCF, - 0x13, 0xAA, 0x11, 0xC4, 0x22, 0xD2, 0xA0, 0x9F, - 0x1B, 0xE9, 0xF0, 0x78, 0x70, 0x3B, 0xCC, 0x21, - 0x7D, 0x6B, 0x46, 0x97, 0x3F, 0x3B, 0x0C, 0x5B, - 0x8F, 0xA8, 0x28, 0x72, 0x4A, 0x41, 0x4D, 0xE6, - 0xDD, 0x2E, 0xBD, 0xF1, 0xA4, 0x1E, 0xA2, 0xA2, - 0x94, 0x6E, 0xAD, 0x33, 0xC2, 0x56, 0xD3, 0x29, - 0xCF, 0x75, 0x5E, 0x35, 0x59, 0xEB, 0x07, 0x78, - 0x23, 0x0B, 0x20, 0x4E, 0xEB, 0x61, 0x2B, 0x46, - 0x77, 0x0A, 0x9F, 0xA4, 0x57, 0xA8, 0x45, 0x45, - 0x6E, 0x8F, 0xB4, 0xD5, 0x9C, 0xFC, 0x84, 0x78, - 0xC3, 0x82, 0xD9, 0xB6, 0xA7, 0xD5, 0x76, 0xE0, - 0x23, 0x09, 0x2B, 0x9A, 0x7C, 0x7C, 0xB5, 0x6D, - 0x84, 0x9D, 0x1F, 0x47, 0x0C, 0x9C, 0xD6, 0x86, - 0x2B, 0xDD, 0xF4, 0xFA, 0x97, 0xE7, 0x72, 0xE7, - 0x42, 0x52, 0x74, 0xE8, 0x4D, 0x01, 0xA0, 0x82, - 0x04, 0x15, 0x30, 0x82, 0x04, 0x11, 0x30, 0x82, - 0x04, 0x0D, 0x30, 0x82, 0x02, 0x75, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x0C, 0x57, 0xA3, 0x1D, - 0x32, 0x35, 0xB3, 0x4F, 0xD0, 0xB9, 0xF5, 0xE7, - 0x3C, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x30, 0x0F, 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, - 0x55, 0x04, 0x03, 0x13, 0x04, 0x43, 0x41, 0x2D, - 0x33, 0x30, 0x20, 0x17, 0x0D, 0x31, 0x36, 0x30, - 0x35, 0x31, 0x30, 0x30, 0x38, 0x34, 0x38, 0x33, - 0x30, 0x5A, 0x18, 0x0F, 0x39, 0x39, 0x39, 0x39, - 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, - 0x35, 0x39, 0x5A, 0x30, 0x12, 0x31, 0x10, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x07, - 0x73, 0x75, 0x62, 0x43, 0x41, 0x2D, 0x33, 0x30, - 0x82, 0x01, 0xA2, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, - 0x05, 0x00, 0x03, 0x82, 0x01, 0x8F, 0x00, 0x30, - 0x82, 0x01, 0x8A, 0x02, 0x82, 0x01, 0x81, 0x00, - 0xA0, 0x39, 0xC3, 0x57, 0xCD, 0x2B, 0x4E, 0x9D, - 0x11, 0x68, 0x8B, 0x4E, 0x5A, 0x31, 0x12, 0xDE, - 0x30, 0x1E, 0x39, 0x5F, 0x86, 0xB6, 0xB2, 0xB4, - 0x81, 0xBA, 0x5D, 0xD4, 0x2F, 0x10, 0xD2, 0x1A, - 0x32, 0x0F, 0xD0, 0x41, 0x25, 0xFF, 0xF5, 0xF6, - 0x58, 0xB8, 0xA8, 0xA5, 0xEF, 0xF1, 0x34, 0xBF, - 0x1B, 0x3C, 0x24, 0x69, 0x23, 0x5B, 0x12, 0x55, - 0x79, 0x7C, 0x1D, 0xBD, 0x5C, 0x2B, 0x7A, 0x96, - 0x34, 0x66, 0xB3, 0x56, 0x60, 0xBB, 0xC5, 0x6D, - 0x3B, 0x37, 0x12, 0xF6, 0xE8, 0x8F, 0x3A, 0x7B, - 0x7F, 0xC1, 0x55, 0x19, 0xEA, 0xF2, 0x2A, 0x15, - 0xB6, 0xF3, 0xD0, 0xC0, 0x4A, 0x6F, 0xB8, 0x8F, - 0x05, 0xF7, 0xBC, 0x75, 0xBC, 0xBF, 0xE7, 0xF9, - 0xC7, 0xDC, 0x76, 0x43, 0x7B, 0xEC, 0xD4, 0x9C, - 0xAF, 0x90, 0xBD, 0x8C, 0x73, 0x15, 0x8A, 0x84, - 0x6F, 0x0B, 0xEA, 0x8A, 0xCF, 0xD6, 0xD4, 0x07, - 0x1E, 0x43, 0x4B, 0x24, 0x95, 0xEB, 0xA3, 0xD1, - 0xE7, 0xEC, 0x06, 0xB0, 0x90, 0xEF, 0x91, 0xFB, - 0x26, 0x8D, 0x53, 0xA0, 0xAA, 0x24, 0xE5, 0x49, - 0x64, 0x12, 0xE4, 0x6D, 0xE7, 0x30, 0xCA, 0xB4, - 0x46, 0x2C, 0x6C, 0x73, 0x97, 0x4F, 0xE5, 0x6C, - 0xA0, 0x91, 0xB7, 0x61, 0xF7, 0xEE, 0x39, 0x50, - 0x2B, 0x4E, 0x6D, 0xC9, 0xC7, 0x00, 0x12, 0x6B, - 0x3F, 0xE1, 0xAD, 0x2E, 0x21, 0xB4, 0x00, 0xE5, - 0x31, 0xEA, 0x83, 0xF3, 0x3E, 0xD7, 0x99, 0x2F, - 0x5D, 0xDE, 0xAD, 0x65, 0xE0, 0xEF, 0x36, 0x2E, - 0xB1, 0x36, 0xAB, 0x8F, 0xDA, 0xD3, 0x71, 0xDB, - 0x20, 0x47, 0xF2, 0x26, 0xD6, 0x62, 0x33, 0x98, - 0x3D, 0xA2, 0xEC, 0x68, 0x49, 0xA3, 0x81, 0xA3, - 0xD1, 0x29, 0x37, 0x46, 0xAF, 0x77, 0x27, 0x27, - 0x80, 0xF8, 0x0C, 0xB9, 0x50, 0xF9, 0xAA, 0x72, - 0x6F, 0x9D, 0xA9, 0x7D, 0x34, 0x6F, 0x8F, 0x4C, - 0x4D, 0x3B, 0xF8, 0x1A, 0xD3, 0xB9, 0xDE, 0x42, - 0xD0, 0x48, 0x25, 0xD8, 0x14, 0x9F, 0x7A, 0x8D, - 0xC3, 0x22, 0x5C, 0xCC, 0xC1, 0x14, 0x90, 0xF5, - 0x44, 0xEB, 0x1D, 0x93, 0x85, 0x94, 0x79, 0xDF, - 0xED, 0x24, 0xC1, 0xDF, 0x7E, 0xDB, 0x43, 0xCF, - 0xD8, 0xF7, 0x59, 0xCB, 0x97, 0xF4, 0xCD, 0xA7, - 0xCD, 0x34, 0xF6, 0xC6, 0x56, 0xAE, 0xA2, 0x48, - 0xDB, 0x10, 0x08, 0x51, 0x0D, 0x1C, 0x39, 0x7F, - 0x10, 0x85, 0x66, 0x1E, 0xD3, 0x6E, 0x66, 0x87, - 0xE2, 0xFC, 0xAC, 0x0C, 0xEF, 0x54, 0x65, 0x75, - 0x44, 0x5D, 0x22, 0xCA, 0xA2, 0x74, 0x36, 0x2E, - 0x6C, 0xAC, 0xA3, 0x8F, 0x2C, 0xFC, 0x6D, 0xF4, - 0x56, 0x69, 0x52, 0x8E, 0xD3, 0xED, 0x26, 0xA4, - 0x6C, 0xBF, 0xFA, 0x0F, 0xA4, 0x23, 0xBF, 0x73, - 0x40, 0xFA, 0x06, 0xB9, 0x07, 0x57, 0x9E, 0x41, - 0xE3, 0xCC, 0x5F, 0x9B, 0x22, 0x05, 0x8E, 0x01, - 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x64, 0x30, - 0x62, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 0x13, - 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, - 0x01, 0xFF, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, - 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x03, 0x03, - 0x07, 0x06, 0x00, 0x30, 0x1D, 0x06, 0x03, 0x55, - 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x2D, 0x33, - 0x04, 0x1B, 0x27, 0x7F, 0x94, 0x04, 0x7C, 0xC7, - 0xE3, 0x35, 0x4F, 0xE9, 0x25, 0xA4, 0x94, 0xE1, - 0xB7, 0xA1, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, - 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xF9, - 0xA8, 0x86, 0x19, 0x63, 0xB6, 0xA4, 0x14, 0x13, - 0x60, 0x76, 0x0F, 0x01, 0x9A, 0x35, 0x36, 0xEF, - 0xF1, 0xB4, 0xAF, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, - 0x05, 0x00, 0x03, 0x82, 0x01, 0x81, 0x00, 0x32, - 0x28, 0xB9, 0x1B, 0x1D, 0xFF, 0x77, 0xFE, 0x7C, - 0xA0, 0x34, 0x72, 0xE5, 0xAD, 0x28, 0x3E, 0xF4, - 0x21, 0x91, 0x4D, 0x1D, 0x29, 0xAE, 0xB5, 0x35, - 0xF8, 0xE3, 0x3B, 0x3F, 0x6E, 0xAB, 0x13, 0x52, - 0x8A, 0x52, 0xC9, 0x13, 0xB8, 0xC6, 0x24, 0xF6, - 0x86, 0xDA, 0xD2, 0xAD, 0x0B, 0xF5, 0xD4, 0xD5, - 0x86, 0xEA, 0x97, 0x6B, 0x6A, 0x41, 0x8E, 0xBC, - 0x92, 0x88, 0x23, 0x2A, 0xCD, 0xF5, 0x40, 0x2E, - 0x91, 0x16, 0x4A, 0x19, 0x00, 0x5A, 0x2E, 0x4C, - 0x9B, 0x75, 0xD6, 0x4C, 0xDB, 0x81, 0x55, 0x8A, - 0x7B, 0x00, 0xA4, 0xDF, 0xF3, 0xAB, 0x03, 0x4F, - 0xD9, 0x91, 0x1A, 0xC0, 0x7C, 0x4D, 0x0F, 0x99, - 0xAF, 0xCD, 0x21, 0x34, 0x70, 0x4C, 0x79, 0x93, - 0xB1, 0x03, 0x9D, 0xBF, 0xF6, 0xF3, 0x47, 0xEC, - 0x48, 0x3E, 0x18, 0xCA, 0xC4, 0xAA, 0xCA, 0xC8, - 0x91, 0x4C, 0x1B, 0x9C, 0x5B, 0xF9, 0x0D, 0x0E, - 0x29, 0x26, 0xDD, 0xF2, 0x40, 0xE9, 0x81, 0x85, - 0x8A, 0xA1, 0xBE, 0x71, 0xDA, 0x3B, 0x0D, 0x62, - 0x01, 0x03, 0xA7, 0xC9, 0xD8, 0x49, 0x14, 0xF8, - 0xE5, 0x21, 0xB0, 0xED, 0xCE, 0xC5, 0x72, 0xE9, - 0xA4, 0x5F, 0x3D, 0xA7, 0x03, 0xAA, 0xF9, 0x37, - 0x06, 0xE7, 0x84, 0x42, 0xEF, 0x34, 0x52, 0xBC, - 0x7F, 0x3B, 0x18, 0xF9, 0x02, 0x4A, 0x1D, 0xA0, - 0x25, 0x27, 0xD0, 0x9C, 0x96, 0x58, 0x8F, 0xD4, - 0xF8, 0xA2, 0x01, 0xC9, 0x76, 0x2D, 0x0A, 0x36, - 0x81, 0xAC, 0xA0, 0x58, 0xD8, 0x83, 0xFA, 0x08, - 0x27, 0xAB, 0x3C, 0xBB, 0x9E, 0xA6, 0xA6, 0xF6, - 0xB8, 0x9E, 0x38, 0xE3, 0x07, 0x96, 0xCD, 0x64, - 0x28, 0x50, 0x05, 0xAD, 0x6C, 0xB6, 0x83, 0xF7, - 0x01, 0x85, 0x37, 0xD2, 0xFB, 0xFE, 0xD2, 0x86, - 0x97, 0xB1, 0xEC, 0xD2, 0xB6, 0x18, 0x08, 0xAE, - 0x8E, 0x05, 0x15, 0xD1, 0x36, 0x47, 0x13, 0x21, - 0x19, 0xB7, 0xAB, 0xA6, 0xE2, 0x02, 0xD2, 0xF6, - 0xFC, 0x14, 0x2A, 0xCF, 0xD1, 0xE1, 0x74, 0xBD, - 0x54, 0xBF, 0xDB, 0x06, 0x57, 0xC0, 0xCB, 0x68, - 0x40, 0x55, 0x37, 0x94, 0x7A, 0x38, 0x91, 0x04, - 0x67, 0x93, 0x26, 0x4A, 0x81, 0xBB, 0xBF, 0x9C, - 0xE0, 0x57, 0x6B, 0x08, 0x1C, 0x95, 0x85, 0xA7, - 0x90, 0x01, 0x23, 0x18, 0xBB, 0xF9, 0x60, 0x6B, - 0xC7, 0x9A, 0x18, 0xBD, 0x73, 0x25, 0xB2, 0x5E, - 0xD8, 0x14, 0x16, 0x23, 0xBE, 0x78, 0x28, 0x36, - 0x03, 0x4F, 0xDA, 0x8A, 0x36, 0xA1, 0xA5, 0x83, - 0x2B, 0x2B, 0xE0, 0x05, 0x63, 0x7B, 0xBC, 0xF5, - 0x63, 0x53, 0x10, 0xEF, 0x64, 0xA7, 0x7E, 0xBC, - 0xD8, 0x49, 0x0C, 0x3A, 0x04, 0x1F, 0x39, 0x0A, - 0xEA, 0xC1, 0xEA, 0x2A, 0x2E, 0xDD, 0x0F, 0x9E, - 0x33, 0x8A, 0x38, 0x83, 0xFF, 0xB1, 0x18, 0x4B, - 0x83, 0xA3, 0x43, 0x5E, 0xFF, 0xC8, 0xAB + 0x30, 0x82, 0x06, 0x53, 0x0A, 0x01, 0x00, 0xA0, 0x82, 0x06, 0x4C, 0x30, + 0x82, 0x06, 0x48, 0x06, 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, + 0x01, 0x01, 0x04, 0x82, 0x06, 0x39, 0x30, 0x82, 0x06, 0x35, 0x30, 0x81, + 0x85, 0xA1, 0x14, 0x30, 0x12, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x03, 0x13, 0x07, 0x73, 0x75, 0x62, 0x43, 0x41, 0x2D, 0x33, 0x18, + 0x0F, 0x32, 0x30, 0x31, 0x37, 0x31, 0x30, 0x31, 0x38, 0x31, 0x32, 0x30, + 0x39, 0x33, 0x30, 0x5A, 0x30, 0x5C, 0x30, 0x5A, 0x30, 0x45, 0x30, 0x09, + 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14, 0xB2, + 0xE6, 0x5C, 0x8E, 0x6E, 0x83, 0x4B, 0xBD, 0x11, 0xD9, 0x97, 0xFA, 0x36, + 0x93, 0x59, 0x9E, 0xAD, 0x5C, 0x15, 0xC4, 0x04, 0x14, 0x9E, 0x91, 0xEC, + 0x8C, 0xAA, 0x24, 0x5B, 0x22, 0xE0, 0xE8, 0x11, 0xE8, 0xE9, 0xA4, 0x91, + 0xB5, 0x91, 0x26, 0x00, 0xF1, 0x02, 0x0C, 0x57, 0xA3, 0x1D, 0x32, 0x36, + 0xC8, 0x0C, 0xA1, 0xCA, 0xB0, 0xBD, 0xF6, 0x82, 0x00, 0x18, 0x0F, 0x32, + 0x30, 0x31, 0x37, 0x31, 0x30, 0x31, 0x38, 0x31, 0x32, 0x30, 0x39, 0x33, + 0x30, 0x5A, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x01, 0x0D, 0x05, 0x00, 0x03, 0x82, 0x01, 0x81, 0x00, 0x56, 0x64, + 0x2B, 0x10, 0xAA, 0xE7, 0x26, 0x7F, 0xF1, 0x7F, 0x86, 0x97, 0x0E, 0x18, + 0xB4, 0x75, 0x92, 0x65, 0x12, 0x2B, 0x46, 0x9F, 0x3E, 0x96, 0x98, 0xE4, + 0xAB, 0x10, 0xD1, 0x0E, 0xEA, 0x08, 0xE2, 0xA5, 0x01, 0x75, 0xA4, 0x5B, + 0x76, 0xAC, 0x49, 0x2B, 0x9E, 0xF1, 0x4A, 0xF2, 0x79, 0x3A, 0x4E, 0x15, + 0x81, 0xFF, 0x4D, 0xD3, 0x65, 0x8E, 0xAE, 0x4A, 0xBB, 0x33, 0x35, 0x8B, + 0x0F, 0xB6, 0x5D, 0x32, 0xEF, 0xF5, 0xE1, 0x25, 0xBF, 0xBD, 0x52, 0x1D, + 0x99, 0xF2, 0x34, 0xE0, 0xFB, 0x38, 0x34, 0x6C, 0x9A, 0xEF, 0x53, 0xB2, + 0x90, 0xC6, 0xFB, 0x75, 0xA0, 0x8C, 0xBC, 0x6B, 0x8E, 0xD8, 0xDE, 0x33, + 0xE4, 0x6F, 0xF2, 0xAD, 0xF2, 0xA2, 0x4F, 0xC2, 0x58, 0x47, 0xE2, 0x68, + 0x6D, 0x3A, 0x3A, 0xB3, 0x0A, 0x82, 0x3D, 0xA4, 0x85, 0x00, 0x58, 0x3E, + 0x00, 0x35, 0x9D, 0x6B, 0x1F, 0xFF, 0x9F, 0xAE, 0xB0, 0x9A, 0xE2, 0xC7, + 0x0E, 0x9A, 0xB3, 0x7C, 0x52, 0xE9, 0xDA, 0x50, 0x57, 0x35, 0x72, 0x71, + 0x81, 0xA7, 0xC0, 0x40, 0x28, 0xEA, 0x2B, 0xCE, 0x09, 0x47, 0x1D, 0xB1, + 0x80, 0x41, 0x59, 0xF6, 0x5D, 0xD3, 0x3C, 0xEA, 0x11, 0xD8, 0x13, 0xB9, + 0x0F, 0x32, 0x6A, 0x29, 0x72, 0xBE, 0xC1, 0xC3, 0x1B, 0xB5, 0x4C, 0x4D, + 0x0D, 0xA1, 0xD5, 0xF0, 0xC4, 0xEC, 0xC5, 0x5A, 0x93, 0x41, 0x7A, 0x01, + 0x24, 0xB3, 0x7A, 0x71, 0x82, 0xA3, 0xC6, 0x08, 0x42, 0x91, 0x0E, 0x6B, + 0xE7, 0x86, 0x0B, 0xAF, 0xBE, 0xDF, 0x07, 0x5A, 0x8C, 0x35, 0xF8, 0x5F, + 0x7F, 0x2F, 0x60, 0x04, 0xDD, 0x2A, 0xF2, 0x0D, 0xC0, 0x1C, 0x6F, 0xA0, + 0x30, 0x80, 0xA4, 0x35, 0x83, 0xD3, 0xC3, 0xCC, 0x35, 0x46, 0x36, 0xEB, + 0xE9, 0xB1, 0x3C, 0x08, 0x8F, 0xCC, 0x5D, 0xCA, 0xD9, 0xAF, 0x3E, 0xD4, + 0x58, 0xBB, 0x90, 0x5D, 0xEF, 0x01, 0x9C, 0xD9, 0x3E, 0x56, 0x7E, 0xCF, + 0x13, 0xAA, 0x11, 0xC4, 0x22, 0xD2, 0xA0, 0x9F, 0x1B, 0xE9, 0xF0, 0x78, + 0x70, 0x3B, 0xCC, 0x21, 0x7D, 0x6B, 0x46, 0x97, 0x3F, 0x3B, 0x0C, 0x5B, + 0x8F, 0xA8, 0x28, 0x72, 0x4A, 0x41, 0x4D, 0xE6, 0xDD, 0x2E, 0xBD, 0xF1, + 0xA4, 0x1E, 0xA2, 0xA2, 0x94, 0x6E, 0xAD, 0x33, 0xC2, 0x56, 0xD3, 0x29, + 0xCF, 0x75, 0x5E, 0x35, 0x59, 0xEB, 0x07, 0x78, 0x23, 0x0B, 0x20, 0x4E, + 0xEB, 0x61, 0x2B, 0x46, 0x77, 0x0A, 0x9F, 0xA4, 0x57, 0xA8, 0x45, 0x45, + 0x6E, 0x8F, 0xB4, 0xD5, 0x9C, 0xFC, 0x84, 0x78, 0xC3, 0x82, 0xD9, 0xB6, + 0xA7, 0xD5, 0x76, 0xE0, 0x23, 0x09, 0x2B, 0x9A, 0x7C, 0x7C, 0xB5, 0x6D, + 0x84, 0x9D, 0x1F, 0x47, 0x0C, 0x9C, 0xD6, 0x86, 0x2B, 0xDD, 0xF4, 0xFA, + 0x97, 0xE7, 0x72, 0xE7, 0x42, 0x52, 0x74, 0xE8, 0x4D, 0x01, 0xA0, 0x82, + 0x04, 0x15, 0x30, 0x82, 0x04, 0x11, 0x30, 0x82, 0x04, 0x0D, 0x30, 0x82, + 0x02, 0x75, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x0C, 0x57, 0xA3, 0x1D, + 0x32, 0x35, 0xB3, 0x4F, 0xD0, 0xB9, 0xF5, 0xE7, 0x3C, 0x30, 0x0D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, + 0x30, 0x0F, 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, + 0x04, 0x43, 0x41, 0x2D, 0x33, 0x30, 0x20, 0x17, 0x0D, 0x31, 0x36, 0x30, + 0x35, 0x31, 0x30, 0x30, 0x38, 0x34, 0x38, 0x33, 0x30, 0x5A, 0x18, 0x0F, + 0x39, 0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, + 0x35, 0x39, 0x5A, 0x30, 0x12, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x03, 0x13, 0x07, 0x73, 0x75, 0x62, 0x43, 0x41, 0x2D, 0x33, 0x30, + 0x82, 0x01, 0xA2, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x8F, 0x00, 0x30, + 0x82, 0x01, 0x8A, 0x02, 0x82, 0x01, 0x81, 0x00, 0xA0, 0x39, 0xC3, 0x57, + 0xCD, 0x2B, 0x4E, 0x9D, 0x11, 0x68, 0x8B, 0x4E, 0x5A, 0x31, 0x12, 0xDE, + 0x30, 0x1E, 0x39, 0x5F, 0x86, 0xB6, 0xB2, 0xB4, 0x81, 0xBA, 0x5D, 0xD4, + 0x2F, 0x10, 0xD2, 0x1A, 0x32, 0x0F, 0xD0, 0x41, 0x25, 0xFF, 0xF5, 0xF6, + 0x58, 0xB8, 0xA8, 0xA5, 0xEF, 0xF1, 0x34, 0xBF, 0x1B, 0x3C, 0x24, 0x69, + 0x23, 0x5B, 0x12, 0x55, 0x79, 0x7C, 0x1D, 0xBD, 0x5C, 0x2B, 0x7A, 0x96, + 0x34, 0x66, 0xB3, 0x56, 0x60, 0xBB, 0xC5, 0x6D, 0x3B, 0x37, 0x12, 0xF6, + 0xE8, 0x8F, 0x3A, 0x7B, 0x7F, 0xC1, 0x55, 0x19, 0xEA, 0xF2, 0x2A, 0x15, + 0xB6, 0xF3, 0xD0, 0xC0, 0x4A, 0x6F, 0xB8, 0x8F, 0x05, 0xF7, 0xBC, 0x75, + 0xBC, 0xBF, 0xE7, 0xF9, 0xC7, 0xDC, 0x76, 0x43, 0x7B, 0xEC, 0xD4, 0x9C, + 0xAF, 0x90, 0xBD, 0x8C, 0x73, 0x15, 0x8A, 0x84, 0x6F, 0x0B, 0xEA, 0x8A, + 0xCF, 0xD6, 0xD4, 0x07, 0x1E, 0x43, 0x4B, 0x24, 0x95, 0xEB, 0xA3, 0xD1, + 0xE7, 0xEC, 0x06, 0xB0, 0x90, 0xEF, 0x91, 0xFB, 0x26, 0x8D, 0x53, 0xA0, + 0xAA, 0x24, 0xE5, 0x49, 0x64, 0x12, 0xE4, 0x6D, 0xE7, 0x30, 0xCA, 0xB4, + 0x46, 0x2C, 0x6C, 0x73, 0x97, 0x4F, 0xE5, 0x6C, 0xA0, 0x91, 0xB7, 0x61, + 0xF7, 0xEE, 0x39, 0x50, 0x2B, 0x4E, 0x6D, 0xC9, 0xC7, 0x00, 0x12, 0x6B, + 0x3F, 0xE1, 0xAD, 0x2E, 0x21, 0xB4, 0x00, 0xE5, 0x31, 0xEA, 0x83, 0xF3, + 0x3E, 0xD7, 0x99, 0x2F, 0x5D, 0xDE, 0xAD, 0x65, 0xE0, 0xEF, 0x36, 0x2E, + 0xB1, 0x36, 0xAB, 0x8F, 0xDA, 0xD3, 0x71, 0xDB, 0x20, 0x47, 0xF2, 0x26, + 0xD6, 0x62, 0x33, 0x98, 0x3D, 0xA2, 0xEC, 0x68, 0x49, 0xA3, 0x81, 0xA3, + 0xD1, 0x29, 0x37, 0x46, 0xAF, 0x77, 0x27, 0x27, 0x80, 0xF8, 0x0C, 0xB9, + 0x50, 0xF9, 0xAA, 0x72, 0x6F, 0x9D, 0xA9, 0x7D, 0x34, 0x6F, 0x8F, 0x4C, + 0x4D, 0x3B, 0xF8, 0x1A, 0xD3, 0xB9, 0xDE, 0x42, 0xD0, 0x48, 0x25, 0xD8, + 0x14, 0x9F, 0x7A, 0x8D, 0xC3, 0x22, 0x5C, 0xCC, 0xC1, 0x14, 0x90, 0xF5, + 0x44, 0xEB, 0x1D, 0x93, 0x85, 0x94, 0x79, 0xDF, 0xED, 0x24, 0xC1, 0xDF, + 0x7E, 0xDB, 0x43, 0xCF, 0xD8, 0xF7, 0x59, 0xCB, 0x97, 0xF4, 0xCD, 0xA7, + 0xCD, 0x34, 0xF6, 0xC6, 0x56, 0xAE, 0xA2, 0x48, 0xDB, 0x10, 0x08, 0x51, + 0x0D, 0x1C, 0x39, 0x7F, 0x10, 0x85, 0x66, 0x1E, 0xD3, 0x6E, 0x66, 0x87, + 0xE2, 0xFC, 0xAC, 0x0C, 0xEF, 0x54, 0x65, 0x75, 0x44, 0x5D, 0x22, 0xCA, + 0xA2, 0x74, 0x36, 0x2E, 0x6C, 0xAC, 0xA3, 0x8F, 0x2C, 0xFC, 0x6D, 0xF4, + 0x56, 0x69, 0x52, 0x8E, 0xD3, 0xED, 0x26, 0xA4, 0x6C, 0xBF, 0xFA, 0x0F, + 0xA4, 0x23, 0xBF, 0x73, 0x40, 0xFA, 0x06, 0xB9, 0x07, 0x57, 0x9E, 0x41, + 0xE3, 0xCC, 0x5F, 0x9B, 0x22, 0x05, 0x8E, 0x01, 0x02, 0x03, 0x01, 0x00, + 0x01, 0xA3, 0x64, 0x30, 0x62, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 0x13, + 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x0F, + 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x03, 0x03, + 0x07, 0x06, 0x00, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, + 0x04, 0x14, 0x2D, 0x33, 0x04, 0x1B, 0x27, 0x7F, 0x94, 0x04, 0x7C, 0xC7, + 0xE3, 0x35, 0x4F, 0xE9, 0x25, 0xA4, 0x94, 0xE1, 0xB7, 0xA1, 0x30, 0x1F, + 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xF9, + 0xA8, 0x86, 0x19, 0x63, 0xB6, 0xA4, 0x14, 0x13, 0x60, 0x76, 0x0F, 0x01, + 0x9A, 0x35, 0x36, 0xEF, 0xF1, 0xB4, 0xAF, 0x30, 0x0D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, + 0x01, 0x81, 0x00, 0x32, 0x28, 0xB9, 0x1B, 0x1D, 0xFF, 0x77, 0xFE, 0x7C, + 0xA0, 0x34, 0x72, 0xE5, 0xAD, 0x28, 0x3E, 0xF4, 0x21, 0x91, 0x4D, 0x1D, + 0x29, 0xAE, 0xB5, 0x35, 0xF8, 0xE3, 0x3B, 0x3F, 0x6E, 0xAB, 0x13, 0x52, + 0x8A, 0x52, 0xC9, 0x13, 0xB8, 0xC6, 0x24, 0xF6, 0x86, 0xDA, 0xD2, 0xAD, + 0x0B, 0xF5, 0xD4, 0xD5, 0x86, 0xEA, 0x97, 0x6B, 0x6A, 0x41, 0x8E, 0xBC, + 0x92, 0x88, 0x23, 0x2A, 0xCD, 0xF5, 0x40, 0x2E, 0x91, 0x16, 0x4A, 0x19, + 0x00, 0x5A, 0x2E, 0x4C, 0x9B, 0x75, 0xD6, 0x4C, 0xDB, 0x81, 0x55, 0x8A, + 0x7B, 0x00, 0xA4, 0xDF, 0xF3, 0xAB, 0x03, 0x4F, 0xD9, 0x91, 0x1A, 0xC0, + 0x7C, 0x4D, 0x0F, 0x99, 0xAF, 0xCD, 0x21, 0x34, 0x70, 0x4C, 0x79, 0x93, + 0xB1, 0x03, 0x9D, 0xBF, 0xF6, 0xF3, 0x47, 0xEC, 0x48, 0x3E, 0x18, 0xCA, + 0xC4, 0xAA, 0xCA, 0xC8, 0x91, 0x4C, 0x1B, 0x9C, 0x5B, 0xF9, 0x0D, 0x0E, + 0x29, 0x26, 0xDD, 0xF2, 0x40, 0xE9, 0x81, 0x85, 0x8A, 0xA1, 0xBE, 0x71, + 0xDA, 0x3B, 0x0D, 0x62, 0x01, 0x03, 0xA7, 0xC9, 0xD8, 0x49, 0x14, 0xF8, + 0xE5, 0x21, 0xB0, 0xED, 0xCE, 0xC5, 0x72, 0xE9, 0xA4, 0x5F, 0x3D, 0xA7, + 0x03, 0xAA, 0xF9, 0x37, 0x06, 0xE7, 0x84, 0x42, 0xEF, 0x34, 0x52, 0xBC, + 0x7F, 0x3B, 0x18, 0xF9, 0x02, 0x4A, 0x1D, 0xA0, 0x25, 0x27, 0xD0, 0x9C, + 0x96, 0x58, 0x8F, 0xD4, 0xF8, 0xA2, 0x01, 0xC9, 0x76, 0x2D, 0x0A, 0x36, + 0x81, 0xAC, 0xA0, 0x58, 0xD8, 0x83, 0xFA, 0x08, 0x27, 0xAB, 0x3C, 0xBB, + 0x9E, 0xA6, 0xA6, 0xF6, 0xB8, 0x9E, 0x38, 0xE3, 0x07, 0x96, 0xCD, 0x64, + 0x28, 0x50, 0x05, 0xAD, 0x6C, 0xB6, 0x83, 0xF7, 0x01, 0x85, 0x37, 0xD2, + 0xFB, 0xFE, 0xD2, 0x86, 0x97, 0xB1, 0xEC, 0xD2, 0xB6, 0x18, 0x08, 0xAE, + 0x8E, 0x05, 0x15, 0xD1, 0x36, 0x47, 0x13, 0x21, 0x19, 0xB7, 0xAB, 0xA6, + 0xE2, 0x02, 0xD2, 0xF6, 0xFC, 0x14, 0x2A, 0xCF, 0xD1, 0xE1, 0x74, 0xBD, + 0x54, 0xBF, 0xDB, 0x06, 0x57, 0xC0, 0xCB, 0x68, 0x40, 0x55, 0x37, 0x94, + 0x7A, 0x38, 0x91, 0x04, 0x67, 0x93, 0x26, 0x4A, 0x81, 0xBB, 0xBF, 0x9C, + 0xE0, 0x57, 0x6B, 0x08, 0x1C, 0x95, 0x85, 0xA7, 0x90, 0x01, 0x23, 0x18, + 0xBB, 0xF9, 0x60, 0x6B, 0xC7, 0x9A, 0x18, 0xBD, 0x73, 0x25, 0xB2, 0x5E, + 0xD8, 0x14, 0x16, 0x23, 0xBE, 0x78, 0x28, 0x36, 0x03, 0x4F, 0xDA, 0x8A, + 0x36, 0xA1, 0xA5, 0x83, 0x2B, 0x2B, 0xE0, 0x05, 0x63, 0x7B, 0xBC, 0xF5, + 0x63, 0x53, 0x10, 0xEF, 0x64, 0xA7, 0x7E, 0xBC, 0xD8, 0x49, 0x0C, 0x3A, + 0x04, 0x1F, 0x39, 0x0A, 0xEA, 0xC1, 0xEA, 0x2A, 0x2E, 0xDD, 0x0F, 0x9E, + 0x33, 0x8A, 0x38, 0x83, 0xFF, 0xB1, 0x18, 0x4B, 0x83, 0xA3, 0x43, 0x5E, + 0xFF, 0xC8, 0xAB }; const char _ocsp_ca3_localhost_unknown_pem[] = - "-----BEGIN OCSP RESPONSE-----\n" - "MIICNwoBAKCCAjAwggIsBgkrBgEFBQcwAQEEggIdMIICGTCBgqERMA8xDTALBgNV\n" - "BAMTBENBLTMYDzIwMTcxMDE4MTIzODUyWjBcMFowRTAJBgUrDgMCGgUABBS3yg+r\n" - "3G+4sJZ6FayYCg8Z/qQS3gQUHoXtf55x+gidN0hDoBLv5arh44oCDFejHTI1s0/Q\n" - "ufXnPIIAGA8yMDE3MTAxODEyMzg1MlowDQYJKoZIhvcNAQELBQADggGBALMParB9\n" - "K97DlT4FmMdPScoT7oAAsar4XxKLU9+oraht7H+WTAYSpnCxh/ugR17G0jtzTzIw\n" - "nLQFAyR9MDYKp4Om4YqQ7r+43DiIqKVU25WcrVifUbtkR+LbjH+Bk1UHvFE8mCOX\n" - "ZB+cmQyjGap1RX0dnj2Wm48vUwqp71nA8AYcXL575xZ4rb9DDhaoV2h3S0Zlu4IN\n" - "btuDIVsxJ53kqkGjjVB4/R0RtqCXOI2ThMK3SfDWqwzF9tYA763VVXi+g+w3oyv4\n" - "ZtP8QUWOVUY4azpElX1wqoO8znUjxs1AzROLUeLPK8GMLVIZLP361J2kLgcj0Gdq\n" - "GIVH5N54p6bl5OgSUP3EdKbFRZyCVZ2n8Der3Cf9PtfvGV7Ze4Cv/CCN6rJkk54P\n" - "6auP6pEJg0ESGC5fop5HFCyVM+W/ot0A1cxN0+cHYlqB1NQholLqe3psDjJ2EoIK\n" - "LtN5dRLO6z5L74CwwiJ1SeLh8XyJtr/ee9RnFB56XCzO7lyhbHPx/VT6Qw==\n" - "-----END OCSP RESPONSE-----"; + "-----BEGIN OCSP RESPONSE-----\n" + "MIICNwoBAKCCAjAwggIsBgkrBgEFBQcwAQEEggIdMIICGTCBgqERMA8xDTALBgNV\n" + "BAMTBENBLTMYDzIwMTcxMDE4MTIzODUyWjBcMFowRTAJBgUrDgMCGgUABBS3yg+r\n" + "3G+4sJZ6FayYCg8Z/qQS3gQUHoXtf55x+gidN0hDoBLv5arh44oCDFejHTI1s0/Q\n" + "ufXnPIIAGA8yMDE3MTAxODEyMzg1MlowDQYJKoZIhvcNAQELBQADggGBALMParB9\n" + "K97DlT4FmMdPScoT7oAAsar4XxKLU9+oraht7H+WTAYSpnCxh/ugR17G0jtzTzIw\n" + "nLQFAyR9MDYKp4Om4YqQ7r+43DiIqKVU25WcrVifUbtkR+LbjH+Bk1UHvFE8mCOX\n" + "ZB+cmQyjGap1RX0dnj2Wm48vUwqp71nA8AYcXL575xZ4rb9DDhaoV2h3S0Zlu4IN\n" + "btuDIVsxJ53kqkGjjVB4/R0RtqCXOI2ThMK3SfDWqwzF9tYA763VVXi+g+w3oyv4\n" + "ZtP8QUWOVUY4azpElX1wqoO8znUjxs1AzROLUeLPK8GMLVIZLP361J2kLgcj0Gdq\n" + "GIVH5N54p6bl5OgSUP3EdKbFRZyCVZ2n8Der3Cf9PtfvGV7Ze4Cv/CCN6rJkk54P\n" + "6auP6pEJg0ESGC5fop5HFCyVM+W/ot0A1cxN0+cHYlqB1NQholLqe3psDjJ2EoIK\n" + "LtN5dRLO6z5L74CwwiJ1SeLh8XyJtr/ee9RnFB56XCzO7lyhbHPx/VT6Qw==\n" + "-----END OCSP RESPONSE-----"; static gnutls_datum_t ocsp_ca3_localhost_unknown = { (void *)_ocsp_ca3_localhost_unknown, sizeof(_ocsp_ca3_localhost_unknown) @@ -376,78 +285,54 @@ static gnutls_datum_t ocsp_ca3_localhost_unknown_pem = { * RSA-SHA1. */ static const char _ocsp_ca3_localhost_unknown_sha1[] = { - 0x30, 0x82, 0x02, 0x3A, 0x0A, 0x01, 0x00, 0xA0, - 0x82, 0x02, 0x33, 0x30, 0x82, 0x02, 0x2F, 0x06, - 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, - 0x01, 0x01, 0x04, 0x82, 0x02, 0x20, 0x30, 0x82, - 0x02, 0x1C, 0x30, 0x81, 0x85, 0xA1, 0x14, 0x30, - 0x12, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x03, 0x13, 0x07, 0x73, 0x75, 0x62, 0x43, - 0x41, 0x2D, 0x33, 0x18, 0x0F, 0x32, 0x30, 0x31, - 0x37, 0x31, 0x30, 0x31, 0x38, 0x31, 0x32, 0x32, - 0x32, 0x30, 0x36, 0x5A, 0x30, 0x5C, 0x30, 0x5A, - 0x30, 0x45, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, - 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14, 0xB2, - 0xE6, 0x5C, 0x8E, 0x6E, 0x83, 0x4B, 0xBD, 0x11, - 0xD9, 0x97, 0xFA, 0x36, 0x93, 0x59, 0x9E, 0xAD, - 0x5C, 0x15, 0xC4, 0x04, 0x14, 0x9E, 0x91, 0xEC, - 0x8C, 0xAA, 0x24, 0x5B, 0x22, 0xE0, 0xE8, 0x11, - 0xE8, 0xE9, 0xA4, 0x91, 0xB5, 0x91, 0x26, 0x00, - 0xF1, 0x02, 0x0C, 0x57, 0xA3, 0x1D, 0x32, 0x36, - 0xC8, 0x0C, 0xA1, 0xCA, 0xB0, 0xBD, 0xF6, 0x82, - 0x00, 0x18, 0x0F, 0x32, 0x30, 0x31, 0x37, 0x31, - 0x30, 0x31, 0x38, 0x31, 0x32, 0x32, 0x32, 0x30, - 0x36, 0x5A, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, - 0x00, 0x03, 0x82, 0x01, 0x81, 0x00, 0x29, 0x91, - 0xFA, 0x87, 0x8F, 0x4D, 0xC2, 0x25, 0x67, 0x4F, - 0x2A, 0x39, 0xF9, 0xDA, 0x05, 0x4A, 0x8E, 0xBC, - 0x72, 0xB7, 0x8B, 0xF1, 0x6C, 0x77, 0x5E, 0x2F, - 0x0F, 0xA4, 0xEC, 0x7F, 0xD6, 0x63, 0xEA, 0x39, - 0x17, 0x6F, 0xAA, 0x4B, 0x86, 0x46, 0x0E, 0xB2, - 0xE1, 0x65, 0x1C, 0xEC, 0x97, 0x05, 0x00, 0x4D, - 0xAC, 0xBA, 0xA5, 0xD4, 0x1B, 0xB8, 0x4A, 0x05, - 0x94, 0x6C, 0xC9, 0xE1, 0x41, 0x5B, 0x44, 0x4F, - 0x39, 0x9C, 0xF7, 0xAF, 0x04, 0x31, 0x1A, 0x5B, - 0xF8, 0x5E, 0x42, 0xDA, 0xEA, 0xFF, 0x25, 0x67, - 0x75, 0x3E, 0x46, 0xC4, 0x7D, 0x31, 0x74, 0xBD, - 0x19, 0xFF, 0x11, 0x7F, 0x21, 0x39, 0x4D, 0xE3, - 0x07, 0x2F, 0xF4, 0xF5, 0x6B, 0xE7, 0x10, 0xF8, - 0x6C, 0x57, 0x7B, 0x83, 0x84, 0xCD, 0x3D, 0x61, - 0xFD, 0x91, 0x87, 0x03, 0x03, 0xDD, 0x7A, 0x60, - 0xF9, 0x1D, 0x82, 0xE9, 0xD9, 0x4B, 0xC9, 0xF2, - 0x6F, 0xE5, 0x09, 0xCC, 0xEC, 0x63, 0xD7, 0xC1, - 0xED, 0x54, 0x6D, 0x03, 0xC8, 0xC5, 0x92, 0xBC, - 0x22, 0x11, 0xCD, 0x3A, 0x2E, 0x51, 0xCD, 0x5F, - 0xA5, 0xB5, 0xA3, 0x5C, 0x8D, 0x54, 0x92, 0x85, - 0x6B, 0x92, 0x2A, 0x23, 0x5E, 0xFB, 0x35, 0xFB, - 0x23, 0xDA, 0x17, 0x16, 0x6D, 0xB2, 0xFB, 0xD8, - 0x8D, 0x43, 0x9F, 0x36, 0xE9, 0x5E, 0xA2, 0xCB, - 0xA5, 0x2D, 0xAE, 0xDD, 0x63, 0xFC, 0x53, 0x90, - 0xB5, 0x54, 0x82, 0x7C, 0xBD, 0x08, 0xD7, 0x4E, - 0xEA, 0x11, 0x84, 0x3C, 0x5B, 0x63, 0x06, 0xA5, - 0x2C, 0x8B, 0x09, 0x13, 0xC7, 0x04, 0x5F, 0xAF, - 0x73, 0xB1, 0x89, 0x40, 0x12, 0xEA, 0x9C, 0x56, - 0xC6, 0x08, 0x39, 0xD4, 0xAA, 0x1F, 0xAF, 0x74, - 0x78, 0xCC, 0x84, 0xC2, 0x8A, 0xE8, 0x0B, 0xCD, - 0xD3, 0x2D, 0xCD, 0x98, 0x2E, 0x8D, 0xAB, 0x59, - 0xFC, 0xCF, 0x4C, 0x1A, 0x30, 0xED, 0x8E, 0x3F, - 0xF8, 0xC7, 0xBD, 0xE3, 0x64, 0x94, 0x0C, 0xFC, - 0x24, 0x85, 0x35, 0x0A, 0x0E, 0x65, 0xA7, 0x2C, - 0x0B, 0x80, 0xB9, 0xB0, 0x97, 0xA5, 0x70, 0xE0, - 0x12, 0x86, 0x69, 0x74, 0x22, 0xEA, 0xE3, 0x11, - 0x4B, 0x34, 0xB1, 0xFB, 0x24, 0xEE, 0x00, 0x73, - 0x71, 0x33, 0x74, 0x62, 0x64, 0x10, 0xDD, 0x5A, - 0x3A, 0x10, 0xA3, 0x8E, 0x36, 0x03, 0x0D, 0x17, - 0xE3, 0x72, 0x29, 0xAE, 0x5A, 0xBD, 0x2E, 0xE0, - 0xFD, 0xB1, 0xDF, 0x8F, 0x2C, 0x24, 0xCF, 0xB9, - 0x10, 0x99, 0x68, 0xA2, 0x55, 0x01, 0x1E, 0xFB, - 0x9B, 0x14, 0x4C, 0x1E, 0xB4, 0x59, 0x79, 0xB7, - 0x8F, 0x07, 0x28, 0x3E, 0xB4, 0x2E, 0x8F, 0x91, - 0x51, 0xFD, 0x8F, 0x12, 0x8D, 0xC6, 0x57, 0x7B, - 0x87, 0xEF, 0x9C, 0x8B, 0x90, 0xD3, 0xA5, 0xB0, - 0xBE, 0x4B, 0xFA, 0x33, 0x54, 0x87, 0x81, 0xCF, - 0x96, 0x9A, 0xD3, 0xDC, 0xA9, 0xB6 + 0x30, 0x82, 0x02, 0x3A, 0x0A, 0x01, 0x00, 0xA0, 0x82, 0x02, 0x33, 0x30, + 0x82, 0x02, 0x2F, 0x06, 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, + 0x01, 0x01, 0x04, 0x82, 0x02, 0x20, 0x30, 0x82, 0x02, 0x1C, 0x30, 0x81, + 0x85, 0xA1, 0x14, 0x30, 0x12, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x03, 0x13, 0x07, 0x73, 0x75, 0x62, 0x43, 0x41, 0x2D, 0x33, 0x18, + 0x0F, 0x32, 0x30, 0x31, 0x37, 0x31, 0x30, 0x31, 0x38, 0x31, 0x32, 0x32, + 0x32, 0x30, 0x36, 0x5A, 0x30, 0x5C, 0x30, 0x5A, 0x30, 0x45, 0x30, 0x09, + 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14, 0xB2, + 0xE6, 0x5C, 0x8E, 0x6E, 0x83, 0x4B, 0xBD, 0x11, 0xD9, 0x97, 0xFA, 0x36, + 0x93, 0x59, 0x9E, 0xAD, 0x5C, 0x15, 0xC4, 0x04, 0x14, 0x9E, 0x91, 0xEC, + 0x8C, 0xAA, 0x24, 0x5B, 0x22, 0xE0, 0xE8, 0x11, 0xE8, 0xE9, 0xA4, 0x91, + 0xB5, 0x91, 0x26, 0x00, 0xF1, 0x02, 0x0C, 0x57, 0xA3, 0x1D, 0x32, 0x36, + 0xC8, 0x0C, 0xA1, 0xCA, 0xB0, 0xBD, 0xF6, 0x82, 0x00, 0x18, 0x0F, 0x32, + 0x30, 0x31, 0x37, 0x31, 0x30, 0x31, 0x38, 0x31, 0x32, 0x32, 0x32, 0x30, + 0x36, 0x5A, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x01, 0x81, 0x00, 0x29, 0x91, + 0xFA, 0x87, 0x8F, 0x4D, 0xC2, 0x25, 0x67, 0x4F, 0x2A, 0x39, 0xF9, 0xDA, + 0x05, 0x4A, 0x8E, 0xBC, 0x72, 0xB7, 0x8B, 0xF1, 0x6C, 0x77, 0x5E, 0x2F, + 0x0F, 0xA4, 0xEC, 0x7F, 0xD6, 0x63, 0xEA, 0x39, 0x17, 0x6F, 0xAA, 0x4B, + 0x86, 0x46, 0x0E, 0xB2, 0xE1, 0x65, 0x1C, 0xEC, 0x97, 0x05, 0x00, 0x4D, + 0xAC, 0xBA, 0xA5, 0xD4, 0x1B, 0xB8, 0x4A, 0x05, 0x94, 0x6C, 0xC9, 0xE1, + 0x41, 0x5B, 0x44, 0x4F, 0x39, 0x9C, 0xF7, 0xAF, 0x04, 0x31, 0x1A, 0x5B, + 0xF8, 0x5E, 0x42, 0xDA, 0xEA, 0xFF, 0x25, 0x67, 0x75, 0x3E, 0x46, 0xC4, + 0x7D, 0x31, 0x74, 0xBD, 0x19, 0xFF, 0x11, 0x7F, 0x21, 0x39, 0x4D, 0xE3, + 0x07, 0x2F, 0xF4, 0xF5, 0x6B, 0xE7, 0x10, 0xF8, 0x6C, 0x57, 0x7B, 0x83, + 0x84, 0xCD, 0x3D, 0x61, 0xFD, 0x91, 0x87, 0x03, 0x03, 0xDD, 0x7A, 0x60, + 0xF9, 0x1D, 0x82, 0xE9, 0xD9, 0x4B, 0xC9, 0xF2, 0x6F, 0xE5, 0x09, 0xCC, + 0xEC, 0x63, 0xD7, 0xC1, 0xED, 0x54, 0x6D, 0x03, 0xC8, 0xC5, 0x92, 0xBC, + 0x22, 0x11, 0xCD, 0x3A, 0x2E, 0x51, 0xCD, 0x5F, 0xA5, 0xB5, 0xA3, 0x5C, + 0x8D, 0x54, 0x92, 0x85, 0x6B, 0x92, 0x2A, 0x23, 0x5E, 0xFB, 0x35, 0xFB, + 0x23, 0xDA, 0x17, 0x16, 0x6D, 0xB2, 0xFB, 0xD8, 0x8D, 0x43, 0x9F, 0x36, + 0xE9, 0x5E, 0xA2, 0xCB, 0xA5, 0x2D, 0xAE, 0xDD, 0x63, 0xFC, 0x53, 0x90, + 0xB5, 0x54, 0x82, 0x7C, 0xBD, 0x08, 0xD7, 0x4E, 0xEA, 0x11, 0x84, 0x3C, + 0x5B, 0x63, 0x06, 0xA5, 0x2C, 0x8B, 0x09, 0x13, 0xC7, 0x04, 0x5F, 0xAF, + 0x73, 0xB1, 0x89, 0x40, 0x12, 0xEA, 0x9C, 0x56, 0xC6, 0x08, 0x39, 0xD4, + 0xAA, 0x1F, 0xAF, 0x74, 0x78, 0xCC, 0x84, 0xC2, 0x8A, 0xE8, 0x0B, 0xCD, + 0xD3, 0x2D, 0xCD, 0x98, 0x2E, 0x8D, 0xAB, 0x59, 0xFC, 0xCF, 0x4C, 0x1A, + 0x30, 0xED, 0x8E, 0x3F, 0xF8, 0xC7, 0xBD, 0xE3, 0x64, 0x94, 0x0C, 0xFC, + 0x24, 0x85, 0x35, 0x0A, 0x0E, 0x65, 0xA7, 0x2C, 0x0B, 0x80, 0xB9, 0xB0, + 0x97, 0xA5, 0x70, 0xE0, 0x12, 0x86, 0x69, 0x74, 0x22, 0xEA, 0xE3, 0x11, + 0x4B, 0x34, 0xB1, 0xFB, 0x24, 0xEE, 0x00, 0x73, 0x71, 0x33, 0x74, 0x62, + 0x64, 0x10, 0xDD, 0x5A, 0x3A, 0x10, 0xA3, 0x8E, 0x36, 0x03, 0x0D, 0x17, + 0xE3, 0x72, 0x29, 0xAE, 0x5A, 0xBD, 0x2E, 0xE0, 0xFD, 0xB1, 0xDF, 0x8F, + 0x2C, 0x24, 0xCF, 0xB9, 0x10, 0x99, 0x68, 0xA2, 0x55, 0x01, 0x1E, 0xFB, + 0x9B, 0x14, 0x4C, 0x1E, 0xB4, 0x59, 0x79, 0xB7, 0x8F, 0x07, 0x28, 0x3E, + 0xB4, 0x2E, 0x8F, 0x91, 0x51, 0xFD, 0x8F, 0x12, 0x8D, 0xC6, 0x57, 0x7B, + 0x87, 0xEF, 0x9C, 0x8B, 0x90, 0xD3, 0xA5, 0xB0, 0xBE, 0x4B, 0xFA, 0x33, + 0x54, 0x87, 0x81, 0xCF, 0x96, 0x9A, 0xD3, 0xDC, 0xA9, 0xB6 }; static gnutls_datum_t ocsp_ca3_localhost_unknown_sha1 = { @@ -460,121 +345,96 @@ static gnutls_datum_t ocsp_ca3_localhost_unknown_sha1 = { * RSA-SHA256. */ static const char _ocsp_subca3_unknown[] = { - 0x30, 0x82, 0x02, 0x37, 0x0A, 0x01, 0x00, 0xA0, - 0x82, 0x02, 0x30, 0x30, 0x82, 0x02, 0x2C, 0x06, - 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, - 0x01, 0x01, 0x04, 0x82, 0x02, 0x1D, 0x30, 0x82, - 0x02, 0x19, 0x30, 0x81, 0x82, 0xA1, 0x11, 0x30, - 0x0F, 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, - 0x04, 0x03, 0x13, 0x04, 0x43, 0x41, 0x2D, 0x33, - 0x18, 0x0F, 0x32, 0x30, 0x31, 0x37, 0x31, 0x30, - 0x31, 0x38, 0x31, 0x32, 0x33, 0x38, 0x35, 0x32, - 0x5A, 0x30, 0x5C, 0x30, 0x5A, 0x30, 0x45, 0x30, - 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, - 0x05, 0x00, 0x04, 0x14, 0xB7, 0xCA, 0x0F, 0xAB, - 0xDC, 0x6F, 0xB8, 0xB0, 0x96, 0x7A, 0x15, 0xAC, - 0x98, 0x0A, 0x0F, 0x19, 0xFE, 0xA4, 0x12, 0xDE, - 0x04, 0x14, 0x1E, 0x85, 0xED, 0x7F, 0x9E, 0x71, - 0xFA, 0x08, 0x9D, 0x37, 0x48, 0x43, 0xA0, 0x12, - 0xEF, 0xE5, 0xAA, 0xE1, 0xE3, 0x8A, 0x02, 0x0C, - 0x57, 0xA3, 0x1D, 0x32, 0x35, 0xB3, 0x4F, 0xD0, - 0xB9, 0xF5, 0xE7, 0x3C, 0x82, 0x00, 0x18, 0x0F, - 0x32, 0x30, 0x31, 0x37, 0x31, 0x30, 0x31, 0x38, - 0x31, 0x32, 0x33, 0x38, 0x35, 0x32, 0x5A, 0x30, - 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, - 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, - 0x01, 0x81, 0x00, 0xB3, 0x0F, 0x6A, 0xB0, 0x7D, - 0x2B, 0xDE, 0xC3, 0x95, 0x3E, 0x05, 0x98, 0xC7, - 0x4F, 0x49, 0xCA, 0x13, 0xEE, 0x80, 0x00, 0xB1, - 0xAA, 0xF8, 0x5F, 0x12, 0x8B, 0x53, 0xDF, 0xA8, - 0xAD, 0xA8, 0x6D, 0xEC, 0x7F, 0x96, 0x4C, 0x06, - 0x12, 0xA6, 0x70, 0xB1, 0x87, 0xFB, 0xA0, 0x47, - 0x5E, 0xC6, 0xD2, 0x3B, 0x73, 0x4F, 0x32, 0x30, - 0x9C, 0xB4, 0x05, 0x03, 0x24, 0x7D, 0x30, 0x36, - 0x0A, 0xA7, 0x83, 0xA6, 0xE1, 0x8A, 0x90, 0xEE, - 0xBF, 0xB8, 0xDC, 0x38, 0x88, 0xA8, 0xA5, 0x54, - 0xDB, 0x95, 0x9C, 0xAD, 0x58, 0x9F, 0x51, 0xBB, - 0x64, 0x47, 0xE2, 0xDB, 0x8C, 0x7F, 0x81, 0x93, - 0x55, 0x07, 0xBC, 0x51, 0x3C, 0x98, 0x23, 0x97, - 0x64, 0x1F, 0x9C, 0x99, 0x0C, 0xA3, 0x19, 0xAA, - 0x75, 0x45, 0x7D, 0x1D, 0x9E, 0x3D, 0x96, 0x9B, - 0x8F, 0x2F, 0x53, 0x0A, 0xA9, 0xEF, 0x59, 0xC0, - 0xF0, 0x06, 0x1C, 0x5C, 0xBE, 0x7B, 0xE7, 0x16, - 0x78, 0xAD, 0xBF, 0x43, 0x0E, 0x16, 0xA8, 0x57, - 0x68, 0x77, 0x4B, 0x46, 0x65, 0xBB, 0x82, 0x0D, - 0x6E, 0xDB, 0x83, 0x21, 0x5B, 0x31, 0x27, 0x9D, - 0xE4, 0xAA, 0x41, 0xA3, 0x8D, 0x50, 0x78, 0xFD, - 0x1D, 0x11, 0xB6, 0xA0, 0x97, 0x38, 0x8D, 0x93, - 0x84, 0xC2, 0xB7, 0x49, 0xF0, 0xD6, 0xAB, 0x0C, - 0xC5, 0xF6, 0xD6, 0x00, 0xEF, 0xAD, 0xD5, 0x55, - 0x78, 0xBE, 0x83, 0xEC, 0x37, 0xA3, 0x2B, 0xF8, - 0x66, 0xD3, 0xFC, 0x41, 0x45, 0x8E, 0x55, 0x46, - 0x38, 0x6B, 0x3A, 0x44, 0x95, 0x7D, 0x70, 0xAA, - 0x83, 0xBC, 0xCE, 0x75, 0x23, 0xC6, 0xCD, 0x40, - 0xCD, 0x13, 0x8B, 0x51, 0xE2, 0xCF, 0x2B, 0xC1, - 0x8C, 0x2D, 0x52, 0x19, 0x2C, 0xFD, 0xFA, 0xD4, - 0x9D, 0xA4, 0x2E, 0x07, 0x23, 0xD0, 0x67, 0x6A, - 0x18, 0x85, 0x47, 0xE4, 0xDE, 0x78, 0xA7, 0xA6, - 0xE5, 0xE4, 0xE8, 0x12, 0x50, 0xFD, 0xC4, 0x74, - 0xA6, 0xC5, 0x45, 0x9C, 0x82, 0x55, 0x9D, 0xA7, - 0xF0, 0x37, 0xAB, 0xDC, 0x27, 0xFD, 0x3E, 0xD7, - 0xEF, 0x19, 0x5E, 0xD9, 0x7B, 0x80, 0xAF, 0xFC, - 0x20, 0x8D, 0xEA, 0xB2, 0x64, 0x93, 0x9E, 0x0F, - 0xE9, 0xAB, 0x8F, 0xEA, 0x91, 0x09, 0x83, 0x41, - 0x12, 0x18, 0x2E, 0x5F, 0xA2, 0x9E, 0x47, 0x14, - 0x2C, 0x95, 0x33, 0xE5, 0xBF, 0xA2, 0xDD, 0x00, - 0xD5, 0xCC, 0x4D, 0xD3, 0xE7, 0x07, 0x62, 0x5A, - 0x81, 0xD4, 0xD4, 0x21, 0xA2, 0x52, 0xEA, 0x7B, - 0x7A, 0x6C, 0x0E, 0x32, 0x76, 0x12, 0x82, 0x0A, - 0x2E, 0xD3, 0x79, 0x75, 0x12, 0xCE, 0xEB, 0x3E, - 0x4B, 0xEF, 0x80, 0xB0, 0xC2, 0x22, 0x75, 0x49, - 0xE2, 0xE1, 0xF1, 0x7C, 0x89, 0xB6, 0xBF, 0xDE, - 0x7B, 0xD4, 0x67, 0x14, 0x1E, 0x7A, 0x5C, 0x2C, - 0xCE, 0xEE, 0x5C, 0xA1, 0x6C, 0x73, 0xF1, 0xFD, - 0x54, 0xFA, 0x43 + 0x30, 0x82, 0x02, 0x37, 0x0A, 0x01, 0x00, 0xA0, 0x82, 0x02, 0x30, 0x30, + 0x82, 0x02, 0x2C, 0x06, 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, + 0x01, 0x01, 0x04, 0x82, 0x02, 0x1D, 0x30, 0x82, 0x02, 0x19, 0x30, 0x81, + 0x82, 0xA1, 0x11, 0x30, 0x0F, 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, + 0x04, 0x03, 0x13, 0x04, 0x43, 0x41, 0x2D, 0x33, 0x18, 0x0F, 0x32, 0x30, + 0x31, 0x37, 0x31, 0x30, 0x31, 0x38, 0x31, 0x32, 0x33, 0x38, 0x35, 0x32, + 0x5A, 0x30, 0x5C, 0x30, 0x5A, 0x30, 0x45, 0x30, 0x09, 0x06, 0x05, 0x2B, + 0x0E, 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14, 0xB7, 0xCA, 0x0F, 0xAB, + 0xDC, 0x6F, 0xB8, 0xB0, 0x96, 0x7A, 0x15, 0xAC, 0x98, 0x0A, 0x0F, 0x19, + 0xFE, 0xA4, 0x12, 0xDE, 0x04, 0x14, 0x1E, 0x85, 0xED, 0x7F, 0x9E, 0x71, + 0xFA, 0x08, 0x9D, 0x37, 0x48, 0x43, 0xA0, 0x12, 0xEF, 0xE5, 0xAA, 0xE1, + 0xE3, 0x8A, 0x02, 0x0C, 0x57, 0xA3, 0x1D, 0x32, 0x35, 0xB3, 0x4F, 0xD0, + 0xB9, 0xF5, 0xE7, 0x3C, 0x82, 0x00, 0x18, 0x0F, 0x32, 0x30, 0x31, 0x37, + 0x31, 0x30, 0x31, 0x38, 0x31, 0x32, 0x33, 0x38, 0x35, 0x32, 0x5A, 0x30, + 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, + 0x05, 0x00, 0x03, 0x82, 0x01, 0x81, 0x00, 0xB3, 0x0F, 0x6A, 0xB0, 0x7D, + 0x2B, 0xDE, 0xC3, 0x95, 0x3E, 0x05, 0x98, 0xC7, 0x4F, 0x49, 0xCA, 0x13, + 0xEE, 0x80, 0x00, 0xB1, 0xAA, 0xF8, 0x5F, 0x12, 0x8B, 0x53, 0xDF, 0xA8, + 0xAD, 0xA8, 0x6D, 0xEC, 0x7F, 0x96, 0x4C, 0x06, 0x12, 0xA6, 0x70, 0xB1, + 0x87, 0xFB, 0xA0, 0x47, 0x5E, 0xC6, 0xD2, 0x3B, 0x73, 0x4F, 0x32, 0x30, + 0x9C, 0xB4, 0x05, 0x03, 0x24, 0x7D, 0x30, 0x36, 0x0A, 0xA7, 0x83, 0xA6, + 0xE1, 0x8A, 0x90, 0xEE, 0xBF, 0xB8, 0xDC, 0x38, 0x88, 0xA8, 0xA5, 0x54, + 0xDB, 0x95, 0x9C, 0xAD, 0x58, 0x9F, 0x51, 0xBB, 0x64, 0x47, 0xE2, 0xDB, + 0x8C, 0x7F, 0x81, 0x93, 0x55, 0x07, 0xBC, 0x51, 0x3C, 0x98, 0x23, 0x97, + 0x64, 0x1F, 0x9C, 0x99, 0x0C, 0xA3, 0x19, 0xAA, 0x75, 0x45, 0x7D, 0x1D, + 0x9E, 0x3D, 0x96, 0x9B, 0x8F, 0x2F, 0x53, 0x0A, 0xA9, 0xEF, 0x59, 0xC0, + 0xF0, 0x06, 0x1C, 0x5C, 0xBE, 0x7B, 0xE7, 0x16, 0x78, 0xAD, 0xBF, 0x43, + 0x0E, 0x16, 0xA8, 0x57, 0x68, 0x77, 0x4B, 0x46, 0x65, 0xBB, 0x82, 0x0D, + 0x6E, 0xDB, 0x83, 0x21, 0x5B, 0x31, 0x27, 0x9D, 0xE4, 0xAA, 0x41, 0xA3, + 0x8D, 0x50, 0x78, 0xFD, 0x1D, 0x11, 0xB6, 0xA0, 0x97, 0x38, 0x8D, 0x93, + 0x84, 0xC2, 0xB7, 0x49, 0xF0, 0xD6, 0xAB, 0x0C, 0xC5, 0xF6, 0xD6, 0x00, + 0xEF, 0xAD, 0xD5, 0x55, 0x78, 0xBE, 0x83, 0xEC, 0x37, 0xA3, 0x2B, 0xF8, + 0x66, 0xD3, 0xFC, 0x41, 0x45, 0x8E, 0x55, 0x46, 0x38, 0x6B, 0x3A, 0x44, + 0x95, 0x7D, 0x70, 0xAA, 0x83, 0xBC, 0xCE, 0x75, 0x23, 0xC6, 0xCD, 0x40, + 0xCD, 0x13, 0x8B, 0x51, 0xE2, 0xCF, 0x2B, 0xC1, 0x8C, 0x2D, 0x52, 0x19, + 0x2C, 0xFD, 0xFA, 0xD4, 0x9D, 0xA4, 0x2E, 0x07, 0x23, 0xD0, 0x67, 0x6A, + 0x18, 0x85, 0x47, 0xE4, 0xDE, 0x78, 0xA7, 0xA6, 0xE5, 0xE4, 0xE8, 0x12, + 0x50, 0xFD, 0xC4, 0x74, 0xA6, 0xC5, 0x45, 0x9C, 0x82, 0x55, 0x9D, 0xA7, + 0xF0, 0x37, 0xAB, 0xDC, 0x27, 0xFD, 0x3E, 0xD7, 0xEF, 0x19, 0x5E, 0xD9, + 0x7B, 0x80, 0xAF, 0xFC, 0x20, 0x8D, 0xEA, 0xB2, 0x64, 0x93, 0x9E, 0x0F, + 0xE9, 0xAB, 0x8F, 0xEA, 0x91, 0x09, 0x83, 0x41, 0x12, 0x18, 0x2E, 0x5F, + 0xA2, 0x9E, 0x47, 0x14, 0x2C, 0x95, 0x33, 0xE5, 0xBF, 0xA2, 0xDD, 0x00, + 0xD5, 0xCC, 0x4D, 0xD3, 0xE7, 0x07, 0x62, 0x5A, 0x81, 0xD4, 0xD4, 0x21, + 0xA2, 0x52, 0xEA, 0x7B, 0x7A, 0x6C, 0x0E, 0x32, 0x76, 0x12, 0x82, 0x0A, + 0x2E, 0xD3, 0x79, 0x75, 0x12, 0xCE, 0xEB, 0x3E, 0x4B, 0xEF, 0x80, 0xB0, + 0xC2, 0x22, 0x75, 0x49, 0xE2, 0xE1, 0xF1, 0x7C, 0x89, 0xB6, 0xBF, 0xDE, + 0x7B, 0xD4, 0x67, 0x14, 0x1E, 0x7A, 0x5C, 0x2C, 0xCE, 0xEE, 0x5C, 0xA1, + 0x6C, 0x73, 0xF1, 0xFD, 0x54, 0xFA, 0x43 }; const char _ocsp_subca3_unknown_pem[] = - "-----BEGIN OCSP RESPONSE-----\n" - "MIIGUwoBAKCCBkwwggZIBgkrBgEFBQcwAQEEggY5MIIGNTCBhaEUMBIxEDAOBgNV\n" - "BAMTB3N1YkNBLTMYDzIwMTcxMDE4MTIwOTMwWjBcMFowRTAJBgUrDgMCGgUABBSy\n" - "5lyOboNLvRHZl/o2k1merVwVxAQUnpHsjKokWyLg6BHo6aSRtZEmAPECDFejHTI2\n" - "yAyhyrC99oIAGA8yMDE3MTAxODEyMDkzMFowDQYJKoZIhvcNAQENBQADggGBAFZk\n" - "KxCq5yZ/8X+Glw4YtHWSZRIrRp8+lpjkqxDRDuoI4qUBdaRbdqxJK57xSvJ5Ok4V\n" - "gf9N02WOrkq7MzWLD7ZdMu/14SW/vVIdmfI04Ps4NGya71OykMb7daCMvGuO2N4z\n" - "5G/yrfKiT8JYR+JobTo6swqCPaSFAFg+ADWdax//n66wmuLHDpqzfFLp2lBXNXJx\n" - "gafAQCjqK84JRx2xgEFZ9l3TPOoR2BO5DzJqKXK+wcMbtUxNDaHV8MTsxVqTQXoB\n" - "JLN6cYKjxghCkQ5r54YLr77fB1qMNfhffy9gBN0q8g3AHG+gMICkNYPTw8w1Rjbr\n" - "6bE8CI/MXcrZrz7UWLuQXe8BnNk+Vn7PE6oRxCLSoJ8b6fB4cDvMIX1rRpc/Owxb\n" - "j6gockpBTebdLr3xpB6iopRurTPCVtMpz3VeNVnrB3gjCyBO62ErRncKn6RXqEVF\n" - "bo+01Zz8hHjDgtm2p9V24CMJK5p8fLVthJ0fRwyc1oYr3fT6l+dy50JSdOhNAaCC\n" - "BBUwggQRMIIEDTCCAnWgAwIBAgIMV6MdMjWzT9C59ec8MA0GCSqGSIb3DQEBCwUA\n" - "MA8xDTALBgNVBAMTBENBLTMwIBcNMTYwNTEwMDg0ODMwWhgPOTk5OTEyMzEyMzU5\n" - "NTlaMBIxEDAOBgNVBAMTB3N1YkNBLTMwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAw\n" - "ggGKAoIBgQCgOcNXzStOnRFoi05aMRLeMB45X4a2srSBul3ULxDSGjIP0EEl//X2\n" - "WLiope/xNL8bPCRpI1sSVXl8Hb1cK3qWNGazVmC7xW07NxL26I86e3/BVRnq8ioV\n" - "tvPQwEpvuI8F97x1vL/n+cfcdkN77NScr5C9jHMVioRvC+qKz9bUBx5DSySV66PR\n" - "5+wGsJDvkfsmjVOgqiTlSWQS5G3nMMq0Rixsc5dP5Wygkbdh9+45UCtObcnHABJr\n" - "P+GtLiG0AOUx6oPzPteZL13erWXg7zYusTarj9rTcdsgR/Im1mIzmD2i7GhJo4Gj\n" - "0Sk3Rq93JyeA+Ay5UPmqcm+dqX00b49MTTv4GtO53kLQSCXYFJ96jcMiXMzBFJD1\n" - "ROsdk4WUed/tJMHffttDz9j3WcuX9M2nzTT2xlauokjbEAhRDRw5fxCFZh7TbmaH\n" - "4vysDO9UZXVEXSLKonQ2Lmyso48s/G30VmlSjtPtJqRsv/oPpCO/c0D6BrkHV55B\n" - "48xfmyIFjgECAwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMD\n" - "BwYAMB0GA1UdDgQWBBQtMwQbJ3+UBHzH4zVP6SWklOG3oTAfBgNVHSMEGDAWgBT5\n" - "qIYZY7akFBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAMii5Gx3/d/58\n" - "oDRy5a0oPvQhkU0dKa61NfjjOz9uqxNSilLJE7jGJPaG2tKtC/XU1Ybql2tqQY68\n" - "kogjKs31QC6RFkoZAFouTJt11kzbgVWKewCk3/OrA0/ZkRrAfE0Pma/NITRwTHmT\n" - "sQOdv/bzR+xIPhjKxKrKyJFMG5xb+Q0OKSbd8kDpgYWKob5x2jsNYgEDp8nYSRT4\n" - "5SGw7c7FcumkXz2nA6r5NwbnhELvNFK8fzsY+QJKHaAlJ9CclliP1PiiAcl2LQo2\n" - "gaygWNiD+ggnqzy7nqam9rieOOMHls1kKFAFrWy2g/cBhTfS+/7Shpex7NK2GAiu\n" - "jgUV0TZHEyEZt6um4gLS9vwUKs/R4XS9VL/bBlfAy2hAVTeUejiRBGeTJkqBu7+c\n" - "4FdrCByVhaeQASMYu/lga8eaGL1zJbJe2BQWI754KDYDT9qKNqGlgysr4AVje7z1\n" - "Y1MQ72SnfrzYSQw6BB85CurB6iou3Q+eM4o4g/+xGEuDo0Ne/8ir\n" - "-----END OCSP RESPONSE-----\n"; + "-----BEGIN OCSP RESPONSE-----\n" + "MIIGUwoBAKCCBkwwggZIBgkrBgEFBQcwAQEEggY5MIIGNTCBhaEUMBIxEDAOBgNV\n" + "BAMTB3N1YkNBLTMYDzIwMTcxMDE4MTIwOTMwWjBcMFowRTAJBgUrDgMCGgUABBSy\n" + "5lyOboNLvRHZl/o2k1merVwVxAQUnpHsjKokWyLg6BHo6aSRtZEmAPECDFejHTI2\n" + "yAyhyrC99oIAGA8yMDE3MTAxODEyMDkzMFowDQYJKoZIhvcNAQENBQADggGBAFZk\n" + "KxCq5yZ/8X+Glw4YtHWSZRIrRp8+lpjkqxDRDuoI4qUBdaRbdqxJK57xSvJ5Ok4V\n" + "gf9N02WOrkq7MzWLD7ZdMu/14SW/vVIdmfI04Ps4NGya71OykMb7daCMvGuO2N4z\n" + "5G/yrfKiT8JYR+JobTo6swqCPaSFAFg+ADWdax//n66wmuLHDpqzfFLp2lBXNXJx\n" + "gafAQCjqK84JRx2xgEFZ9l3TPOoR2BO5DzJqKXK+wcMbtUxNDaHV8MTsxVqTQXoB\n" + "JLN6cYKjxghCkQ5r54YLr77fB1qMNfhffy9gBN0q8g3AHG+gMICkNYPTw8w1Rjbr\n" + "6bE8CI/MXcrZrz7UWLuQXe8BnNk+Vn7PE6oRxCLSoJ8b6fB4cDvMIX1rRpc/Owxb\n" + "j6gockpBTebdLr3xpB6iopRurTPCVtMpz3VeNVnrB3gjCyBO62ErRncKn6RXqEVF\n" + "bo+01Zz8hHjDgtm2p9V24CMJK5p8fLVthJ0fRwyc1oYr3fT6l+dy50JSdOhNAaCC\n" + "BBUwggQRMIIEDTCCAnWgAwIBAgIMV6MdMjWzT9C59ec8MA0GCSqGSIb3DQEBCwUA\n" + "MA8xDTALBgNVBAMTBENBLTMwIBcNMTYwNTEwMDg0ODMwWhgPOTk5OTEyMzEyMzU5\n" + "NTlaMBIxEDAOBgNVBAMTB3N1YkNBLTMwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAw\n" + "ggGKAoIBgQCgOcNXzStOnRFoi05aMRLeMB45X4a2srSBul3ULxDSGjIP0EEl//X2\n" + "WLiope/xNL8bPCRpI1sSVXl8Hb1cK3qWNGazVmC7xW07NxL26I86e3/BVRnq8ioV\n" + "tvPQwEpvuI8F97x1vL/n+cfcdkN77NScr5C9jHMVioRvC+qKz9bUBx5DSySV66PR\n" + "5+wGsJDvkfsmjVOgqiTlSWQS5G3nMMq0Rixsc5dP5Wygkbdh9+45UCtObcnHABJr\n" + "P+GtLiG0AOUx6oPzPteZL13erWXg7zYusTarj9rTcdsgR/Im1mIzmD2i7GhJo4Gj\n" + "0Sk3Rq93JyeA+Ay5UPmqcm+dqX00b49MTTv4GtO53kLQSCXYFJ96jcMiXMzBFJD1\n" + "ROsdk4WUed/tJMHffttDz9j3WcuX9M2nzTT2xlauokjbEAhRDRw5fxCFZh7TbmaH\n" + "4vysDO9UZXVEXSLKonQ2Lmyso48s/G30VmlSjtPtJqRsv/oPpCO/c0D6BrkHV55B\n" + "48xfmyIFjgECAwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMD\n" + "BwYAMB0GA1UdDgQWBBQtMwQbJ3+UBHzH4zVP6SWklOG3oTAfBgNVHSMEGDAWgBT5\n" + "qIYZY7akFBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAMii5Gx3/d/58\n" + "oDRy5a0oPvQhkU0dKa61NfjjOz9uqxNSilLJE7jGJPaG2tKtC/XU1Ybql2tqQY68\n" + "kogjKs31QC6RFkoZAFouTJt11kzbgVWKewCk3/OrA0/ZkRrAfE0Pma/NITRwTHmT\n" + "sQOdv/bzR+xIPhjKxKrKyJFMG5xb+Q0OKSbd8kDpgYWKob5x2jsNYgEDp8nYSRT4\n" + "5SGw7c7FcumkXz2nA6r5NwbnhELvNFK8fzsY+QJKHaAlJ9CclliP1PiiAcl2LQo2\n" + "gaygWNiD+ggnqzy7nqam9rieOOMHls1kKFAFrWy2g/cBhTfS+/7Shpex7NK2GAiu\n" + "jgUV0TZHEyEZt6um4gLS9vwUKs/R4XS9VL/bBlfAy2hAVTeUejiRBGeTJkqBu7+c\n" + "4FdrCByVhaeQASMYu/lga8eaGL1zJbJe2BQWI754KDYDT9qKNqGlgysr4AVje7z1\n" + "Y1MQ72SnfrzYSQw6BB85CurB6iou3Q+eM4o4g/+xGEuDo0Ne/8ir\n" + "-----END OCSP RESPONSE-----\n"; -static gnutls_datum_t ocsp_subca3_unknown = { - (void *)_ocsp_subca3_unknown, sizeof(_ocsp_subca3_unknown) -}; +static gnutls_datum_t ocsp_subca3_unknown = { (void *)_ocsp_subca3_unknown, + sizeof(_ocsp_subca3_unknown) }; static gnutls_datum_t ocsp_subca3_unknown_pem = { (void *)_ocsp_subca3_unknown_pem, sizeof(_ocsp_subca3_unknown_pem) - 1 @@ -586,90 +446,90 @@ static gnutls_datum_t ocsp_subca3_unknown_pem = { */ const char _ocsp_cli_ca3_good_pem[] = - "-----BEGIN OCSP RESPONSE-----" - "MIIGPQoBAKCCBjYwggYyBgkrBgEFBQcwAQEEggYjMIIGHzCBgqERMA8xDTALBgNV" - "BAMTBENBLTMYDzIwMTkwOTIwMjAwMjMxWjBcMFowRTAJBgUrDgMCGgUABBSy5lyO" - "boNLvRHZl/o2k1merVwVxAQUnpHsjKokWyLg6BHo6aSRtZEmAPECDFejHTI2Wi75" - "obBaUoAAGA8yMDE5MDkyMDIwMDIzMVowDQYJKoZIhvcNAQELBQADggGBAC80EWal" - "PkJ29i/sZsO49hRolZXCMb1bjI0yxwhoH2Hk8Z0L41N0WFRphPqrDr8Dm3uRMcdx" - "n3xre+bxM0WL44mUMxptdYUcAwfb1M2gSQVhRvhvIfiMQZlkMYle4RPdVQN9nxmC" - "WbZD0WJmXQuYpFWYDVQkcL6f5Tlex5a8M/v/ihFBecs3wfstD1Bu4mD7nA8O/tGa" - "u0JQXxHnIM7FBOm73HccoxE5in307WEJtK1yTiUjwjlvl05hdWIzdydRToB6dNLL" - "MtgoFkKIX4aF6fkv1We4zooFdzlQanGdompaSDRGgMEONMZsQdWAs6Nmk+98f6cR" - "V426fFq3i6MLctLbwB5cOvvKbf9+P14KMD+bzcglupWqgJhNAmQlWksjWgMjfcCV" - "w4xATkcHnbMLlQ6ikORcXdkAbbhx8O0jJG1MdiUxErPOkOmKz2Nq14OYVYZII0t/" - "tbzuVGrYtNde4OM2mt9KSOY9rqX1wgKWOUPQW/FzOQvlAaiIwSQtrha/JaCCBAIw" - "ggP+MIID+jCCAmKgAwIBAgIIVzGgXgSsTYwwDQYJKoZIhvcNAQELBQAwDzENMAsG" - "A1UEAxMEQ0EtMzAgFw0xNjA1MTAwODQ4MzBaGA85OTk5MTIzMTIzNTk1OVowDzEN" - "MAsGA1UEAxMEQ0EtMzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALbd" - "xniG+2wP/ONeZfvR7AJakVo5deFKIHVTiiBWwhg+HSjd4nfDa+vyTt/wIdldP1Pr" - "iD1Rigc8z68+RxPpGfAc197pKlKpO08I0L1RDKnjBWr4fGdCzE6uZ/ZsKVifoIZp" - "dC8M2IYpAIMajEtnH53XZ1hTEviXTsneuiCTtap73OeSkL71SrIMkgBmAX17gfX3" - "SxFjQUzOs6QMMOa3+8GW7RI+E/SyS1QkOO860dj9XYgOnTL20ibGcWF2XmTiQASI" - "+KmHvYJCNJF/8pvmyJRyBHGZO830aBY0+DcS2bLKcyMiWfOJw7WnpaO7zSEC5WFg" - "o4jdqroUBQdjQNCSSdrt1yYrAl1Sj2PMxYFX4H545Pr2sMpwC9AnPk9+uucT1Inj" - "9615qbuXgFwhkgpK5pnPjzKaHp7ESlJj4/dIPTmhlt5BV+CLh7tSLzVLrddGU+os" - "8JinT42radJ5V51Hn0C1CHIaFAuBCd5XRHXtrKb7WcnwCOxlcvux9h5/847F4wID" - "AQABo1gwVjAPBgNVHRMBAf8EBTADAQH/MBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8G" - "A1UdDwEB/wQFAwMHBgAwHQYDVR0OBBYEFPmohhljtqQUE2B2DwGaNTbv8bSvMA0G" - "CSqGSIb3DQEBCwUAA4IBgQBhBi8dXQMtXH2oqcuHuEj9JkxraAsaJvc1WAoxbiqV" - "cJKcVSC0gvoCY3q+NQvuePzw5dzd5JBfkoIsP5U6ATWAUPPqCP+/jRnFqDQlH626" - "mhDGVS8W7Ee8z1KWqnKWGv5nkrZ6r3y9bVaNUmY7rytzuct1bI9YkX1kM66vgnU2" - "xeMIjDe36/wTtBRVFPSPpE3KL9hxCg3KgPSeSmmIhmQxJ1M6xe00314/GX3lTDt5" - "5UdMgmldl2LHV+0i1NPCgnuOEFVOiz2nHAnw2LNmvHEDDpPauz2Meeh9aaDeefIh" - "2u/wg39WRPhU1mYvmxvYZqA/jwSctiEhuKEBBZSOHxeTjplH1THlIziVnYyVW4sP" - "MiGUajXhTi47H219hx87+bldruOtirbDIslL9RGWqWAkMeGP+hUl1R2zvDukaqIK" - "qIN81/A/EeMoI6/IHb1BpgY2rGs/I/QTb3VTKqQUYv09Hi+itPCdKqamSm8dZMKK" - "aPA0fD9yskUMFPBhfj8BvXg=" "-----END OCSP RESPONSE-----"; + "-----BEGIN OCSP RESPONSE-----" + "MIIGPQoBAKCCBjYwggYyBgkrBgEFBQcwAQEEggYjMIIGHzCBgqERMA8xDTALBgNV" + "BAMTBENBLTMYDzIwMTkwOTIwMjAwMjMxWjBcMFowRTAJBgUrDgMCGgUABBSy5lyO" + "boNLvRHZl/o2k1merVwVxAQUnpHsjKokWyLg6BHo6aSRtZEmAPECDFejHTI2Wi75" + "obBaUoAAGA8yMDE5MDkyMDIwMDIzMVowDQYJKoZIhvcNAQELBQADggGBAC80EWal" + "PkJ29i/sZsO49hRolZXCMb1bjI0yxwhoH2Hk8Z0L41N0WFRphPqrDr8Dm3uRMcdx" + "n3xre+bxM0WL44mUMxptdYUcAwfb1M2gSQVhRvhvIfiMQZlkMYle4RPdVQN9nxmC" + "WbZD0WJmXQuYpFWYDVQkcL6f5Tlex5a8M/v/ihFBecs3wfstD1Bu4mD7nA8O/tGa" + "u0JQXxHnIM7FBOm73HccoxE5in307WEJtK1yTiUjwjlvl05hdWIzdydRToB6dNLL" + "MtgoFkKIX4aF6fkv1We4zooFdzlQanGdompaSDRGgMEONMZsQdWAs6Nmk+98f6cR" + "V426fFq3i6MLctLbwB5cOvvKbf9+P14KMD+bzcglupWqgJhNAmQlWksjWgMjfcCV" + "w4xATkcHnbMLlQ6ikORcXdkAbbhx8O0jJG1MdiUxErPOkOmKz2Nq14OYVYZII0t/" + "tbzuVGrYtNde4OM2mt9KSOY9rqX1wgKWOUPQW/FzOQvlAaiIwSQtrha/JaCCBAIw" + "ggP+MIID+jCCAmKgAwIBAgIIVzGgXgSsTYwwDQYJKoZIhvcNAQELBQAwDzENMAsG" + "A1UEAxMEQ0EtMzAgFw0xNjA1MTAwODQ4MzBaGA85OTk5MTIzMTIzNTk1OVowDzEN" + "MAsGA1UEAxMEQ0EtMzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALbd" + "xniG+2wP/ONeZfvR7AJakVo5deFKIHVTiiBWwhg+HSjd4nfDa+vyTt/wIdldP1Pr" + "iD1Rigc8z68+RxPpGfAc197pKlKpO08I0L1RDKnjBWr4fGdCzE6uZ/ZsKVifoIZp" + "dC8M2IYpAIMajEtnH53XZ1hTEviXTsneuiCTtap73OeSkL71SrIMkgBmAX17gfX3" + "SxFjQUzOs6QMMOa3+8GW7RI+E/SyS1QkOO860dj9XYgOnTL20ibGcWF2XmTiQASI" + "+KmHvYJCNJF/8pvmyJRyBHGZO830aBY0+DcS2bLKcyMiWfOJw7WnpaO7zSEC5WFg" + "o4jdqroUBQdjQNCSSdrt1yYrAl1Sj2PMxYFX4H545Pr2sMpwC9AnPk9+uucT1Inj" + "9615qbuXgFwhkgpK5pnPjzKaHp7ESlJj4/dIPTmhlt5BV+CLh7tSLzVLrddGU+os" + "8JinT42radJ5V51Hn0C1CHIaFAuBCd5XRHXtrKb7WcnwCOxlcvux9h5/847F4wID" + "AQABo1gwVjAPBgNVHRMBAf8EBTADAQH/MBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8G" + "A1UdDwEB/wQFAwMHBgAwHQYDVR0OBBYEFPmohhljtqQUE2B2DwGaNTbv8bSvMA0G" + "CSqGSIb3DQEBCwUAA4IBgQBhBi8dXQMtXH2oqcuHuEj9JkxraAsaJvc1WAoxbiqV" + "cJKcVSC0gvoCY3q+NQvuePzw5dzd5JBfkoIsP5U6ATWAUPPqCP+/jRnFqDQlH626" + "mhDGVS8W7Ee8z1KWqnKWGv5nkrZ6r3y9bVaNUmY7rytzuct1bI9YkX1kM66vgnU2" + "xeMIjDe36/wTtBRVFPSPpE3KL9hxCg3KgPSeSmmIhmQxJ1M6xe00314/GX3lTDt5" + "5UdMgmldl2LHV+0i1NPCgnuOEFVOiz2nHAnw2LNmvHEDDpPauz2Meeh9aaDeefIh" + "2u/wg39WRPhU1mYvmxvYZqA/jwSctiEhuKEBBZSOHxeTjplH1THlIziVnYyVW4sP" + "MiGUajXhTi47H219hx87+bldruOtirbDIslL9RGWqWAkMeGP+hUl1R2zvDukaqIK" + "qIN81/A/EeMoI6/IHb1BpgY2rGs/I/QTb3VTKqQUYv09Hi+itPCdKqamSm8dZMKK" + "aPA0fD9yskUMFPBhfj8BvXg=" + "-----END OCSP RESPONSE-----"; static gnutls_datum_t ocsp_cli_ca3_good_pem = { (void *)_ocsp_cli_ca3_good_pem, sizeof(_ocsp_cli_ca3_good_pem) }; const char _ocsp_cli_ca3_bad_pem[] = - "-----BEGIN OCSP RESPONSE-----" - "MIIGTgoBAKCCBkcwggZDBgkrBgEFBQcwAQEEggY0MIIGMDCBk6ERMA8xDTALBgNV" - "BAMTBENBLTMYDzIwMTkwOTIwMjAwMTIxWjBtMGswRTAJBgUrDgMCGgUABBSy5lyO" - "boNLvRHZl/o2k1merVwVxAQUnpHsjKokWyLg6BHo6aSRtZEmAPECDFejHTI2Wi75" - "obBaUqERGA8yMDE5MDUyMjEzNTEwMVoYDzIwMTkwOTIwMjAwMTIxWjANBgkqhkiG" - "9w0BAQsFAAOCAYEAdCpwIfVu7z2CW3G7IzRSAMBLxu1e/trNdmlKPpx9ptKVWISr" - "2Fbro6D73HE0/IoTkZXqmUNoEjK0Os3Z/FIlbRuDql0dLkK/KornsvFRD7SemW2z" - "Z93GIX4JUBJQJW5iYjKBq9xn31IKEhjn9Zhtsfe7a9vK9mnW5oefeIiRLqfmcS09" - "mclyvTI1aGPcfkSSdabywpKFFETwX1LBIyBhNL9cV07nf0xntOrv5xfLTjyM2uVt" - "1A4F87xJJG2OX3YJXtf2yuXh1JTAMlUOOrICq1ejXos0AW7iJMzuOkBmXuGHjbBA" - "1zcSHJF6eZK4iaasdKd4q+coI9x0IdtNohT0a++R4jwFyKlINMVxB8L3xL9l+Fxz" - "+bNlJt3oZSYAx3CmcFMbScN3LmmHXrsKc6BhuHmgLEhpU9qnnDmUTaJdIWtTHIrq" - "St+IjvU77wnBscIxQaY0p120rwbqFF9ZUWnbgzsxYqJJ8+qW6oESV5ezWF7bg2YI" - "d6W38uy7ibW/10froIIEAjCCA/4wggP6MIICYqADAgECAghXMaBeBKxNjDANBgkq" - "hkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0zMCAXDTE2MDUxMDA4NDgzMFoYDzk5" - "OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRDQS0zMIIBojANBgkqhkiG9w0BAQEF" - "AAOCAY8AMIIBigKCAYEAtt3GeIb7bA/8415l+9HsAlqRWjl14UogdVOKIFbCGD4d" - "KN3id8Nr6/JO3/Ah2V0/U+uIPVGKBzzPrz5HE+kZ8BzX3ukqUqk7TwjQvVEMqeMF" - "avh8Z0LMTq5n9mwpWJ+ghml0LwzYhikAgxqMS2cfnddnWFMS+JdOyd66IJO1qnvc" - "55KQvvVKsgySAGYBfXuB9fdLEWNBTM6zpAww5rf7wZbtEj4T9LJLVCQ47zrR2P1d" - "iA6dMvbSJsZxYXZeZOJABIj4qYe9gkI0kX/ym+bIlHIEcZk7zfRoFjT4NxLZsspz" - "IyJZ84nDtaelo7vNIQLlYWCjiN2quhQFB2NA0JJJ2u3XJisCXVKPY8zFgVfgfnjk" - "+vawynAL0Cc+T3665xPUieP3rXmpu5eAXCGSCkrmmc+PMpoensRKUmPj90g9OaGW" - "3kFX4IuHu1IvNUut10ZT6izwmKdPjatp0nlXnUefQLUIchoUC4EJ3ldEde2spvtZ" - "yfAI7GVy+7H2Hn/zjsXjAgMBAAGjWDBWMA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0l" - "BAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUDAwcGADAdBgNVHQ4EFgQU+aiGGWO2" - "pBQTYHYPAZo1Nu/xtK8wDQYJKoZIhvcNAQELBQADggGBAGEGLx1dAy1cfaipy4e4" - "SP0mTGtoCxom9zVYCjFuKpVwkpxVILSC+gJjer41C+54/PDl3N3kkF+Sgiw/lToB" - "NYBQ8+oI/7+NGcWoNCUfrbqaEMZVLxbsR7zPUpaqcpYa/meStnqvfL1tVo1SZjuv" - "K3O5y3Vsj1iRfWQzrq+CdTbF4wiMN7fr/BO0FFUU9I+kTcov2HEKDcqA9J5KaYiG" - "ZDEnUzrF7TTfXj8ZfeVMO3nlR0yCaV2XYsdX7SLU08KCe44QVU6LPaccCfDYs2a8" - "cQMOk9q7PYx56H1poN558iHa7/CDf1ZE+FTWZi+bG9hmoD+PBJy2ISG4oQEFlI4f" - "F5OOmUfVMeUjOJWdjJVbiw8yIZRqNeFOLjsfbX2HHzv5uV2u462KtsMiyUv1EZap" - "YCQx4Y/6FSXVHbO8O6Rqogqog3zX8D8R4ygjr8gdvUGmBjasaz8j9BNvdVMqpBRi" - "/T0eL6K08J0qpqZKbx1kwopo8DR8P3KyRQwU8GF+PwG9eA==" - "-----END OCSP RESPONSE-----"; + "-----BEGIN OCSP RESPONSE-----" + "MIIGTgoBAKCCBkcwggZDBgkrBgEFBQcwAQEEggY0MIIGMDCBk6ERMA8xDTALBgNV" + "BAMTBENBLTMYDzIwMTkwOTIwMjAwMTIxWjBtMGswRTAJBgUrDgMCGgUABBSy5lyO" + "boNLvRHZl/o2k1merVwVxAQUnpHsjKokWyLg6BHo6aSRtZEmAPECDFejHTI2Wi75" + "obBaUqERGA8yMDE5MDUyMjEzNTEwMVoYDzIwMTkwOTIwMjAwMTIxWjANBgkqhkiG" + "9w0BAQsFAAOCAYEAdCpwIfVu7z2CW3G7IzRSAMBLxu1e/trNdmlKPpx9ptKVWISr" + "2Fbro6D73HE0/IoTkZXqmUNoEjK0Os3Z/FIlbRuDql0dLkK/KornsvFRD7SemW2z" + "Z93GIX4JUBJQJW5iYjKBq9xn31IKEhjn9Zhtsfe7a9vK9mnW5oefeIiRLqfmcS09" + "mclyvTI1aGPcfkSSdabywpKFFETwX1LBIyBhNL9cV07nf0xntOrv5xfLTjyM2uVt" + "1A4F87xJJG2OX3YJXtf2yuXh1JTAMlUOOrICq1ejXos0AW7iJMzuOkBmXuGHjbBA" + "1zcSHJF6eZK4iaasdKd4q+coI9x0IdtNohT0a++R4jwFyKlINMVxB8L3xL9l+Fxz" + "+bNlJt3oZSYAx3CmcFMbScN3LmmHXrsKc6BhuHmgLEhpU9qnnDmUTaJdIWtTHIrq" + "St+IjvU77wnBscIxQaY0p120rwbqFF9ZUWnbgzsxYqJJ8+qW6oESV5ezWF7bg2YI" + "d6W38uy7ibW/10froIIEAjCCA/4wggP6MIICYqADAgECAghXMaBeBKxNjDANBgkq" + "hkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0zMCAXDTE2MDUxMDA4NDgzMFoYDzk5" + "OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRDQS0zMIIBojANBgkqhkiG9w0BAQEF" + "AAOCAY8AMIIBigKCAYEAtt3GeIb7bA/8415l+9HsAlqRWjl14UogdVOKIFbCGD4d" + "KN3id8Nr6/JO3/Ah2V0/U+uIPVGKBzzPrz5HE+kZ8BzX3ukqUqk7TwjQvVEMqeMF" + "avh8Z0LMTq5n9mwpWJ+ghml0LwzYhikAgxqMS2cfnddnWFMS+JdOyd66IJO1qnvc" + "55KQvvVKsgySAGYBfXuB9fdLEWNBTM6zpAww5rf7wZbtEj4T9LJLVCQ47zrR2P1d" + "iA6dMvbSJsZxYXZeZOJABIj4qYe9gkI0kX/ym+bIlHIEcZk7zfRoFjT4NxLZsspz" + "IyJZ84nDtaelo7vNIQLlYWCjiN2quhQFB2NA0JJJ2u3XJisCXVKPY8zFgVfgfnjk" + "+vawynAL0Cc+T3665xPUieP3rXmpu5eAXCGSCkrmmc+PMpoensRKUmPj90g9OaGW" + "3kFX4IuHu1IvNUut10ZT6izwmKdPjatp0nlXnUefQLUIchoUC4EJ3ldEde2spvtZ" + "yfAI7GVy+7H2Hn/zjsXjAgMBAAGjWDBWMA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0l" + "BAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUDAwcGADAdBgNVHQ4EFgQU+aiGGWO2" + "pBQTYHYPAZo1Nu/xtK8wDQYJKoZIhvcNAQELBQADggGBAGEGLx1dAy1cfaipy4e4" + "SP0mTGtoCxom9zVYCjFuKpVwkpxVILSC+gJjer41C+54/PDl3N3kkF+Sgiw/lToB" + "NYBQ8+oI/7+NGcWoNCUfrbqaEMZVLxbsR7zPUpaqcpYa/meStnqvfL1tVo1SZjuv" + "K3O5y3Vsj1iRfWQzrq+CdTbF4wiMN7fr/BO0FFUU9I+kTcov2HEKDcqA9J5KaYiG" + "ZDEnUzrF7TTfXj8ZfeVMO3nlR0yCaV2XYsdX7SLU08KCe44QVU6LPaccCfDYs2a8" + "cQMOk9q7PYx56H1poN558iHa7/CDf1ZE+FTWZi+bG9hmoD+PBJy2ISG4oQEFlI4f" + "F5OOmUfVMeUjOJWdjJVbiw8yIZRqNeFOLjsfbX2HHzv5uV2u462KtsMiyUv1EZap" + "YCQx4Y/6FSXVHbO8O6Rqogqog3zX8D8R4ygjr8gdvUGmBjasaz8j9BNvdVMqpBRi" + "/T0eL6K08J0qpqZKbx1kwopo8DR8P3KyRQwU8GF+PwG9eA==" + "-----END OCSP RESPONSE-----"; -static gnutls_datum_t ocsp_cli_ca3_bad_pem = { - (void *)_ocsp_cli_ca3_bad_pem, sizeof(_ocsp_cli_ca3_bad_pem) -}; +static gnutls_datum_t ocsp_cli_ca3_bad_pem = { (void *)_ocsp_cli_ca3_bad_pem, + sizeof(_ocsp_cli_ca3_bad_pem) }; -# if defined __clang__ || __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 5) -# pragma GCC diagnostic pop -# endif +#if defined __clang__ || __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 5) +#pragma GCC diagnostic pop +#endif -#endif /* GNUTLS_TESTS_OCSP_COMMON_H */ +#endif /* GNUTLS_TESTS_OCSP_COMMON_H */ diff --git a/tests/ocsp-filename-memleak.c b/tests/ocsp-filename-memleak.c index decc5b4b55..2c51c522ca 100644 --- a/tests/ocsp-filename-memleak.c +++ b/tests/ocsp-filename-memleak.c @@ -24,7 +24,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -49,10 +49,10 @@ void doit(void) gnutls_certificate_allocate_credentials(&x509_cred); /* The file does not need to exist for this test */ - gnutls_certificate_set_ocsp_status_request_file - (x509_cred, "ocsp-status.der", 0); - gnutls_certificate_set_ocsp_status_request_file - (x509_cred, "ocsp-status.der", 0); + gnutls_certificate_set_ocsp_status_request_file(x509_cred, + "ocsp-status.der", 0); + gnutls_certificate_set_ocsp_status_request_file(x509_cred, + "ocsp-status.der", 0); gnutls_certificate_free_credentials(x509_cred); } diff --git a/tests/ocsp.c b/tests/ocsp.c index 14c5b846f5..20be4cc6cb 100644 --- a/tests/ocsp.c +++ b/tests/ocsp.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -38,9 +38,8 @@ static time_t _then = 1332548220; -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { - if (t) *t = _then; @@ -54,434 +53,442 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -#define REQ1 "\x30\x67\x30\x65\x30\x3e\x30\x3c\x30\x3a\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\x13\x9d\xa0\x9e\xf4\x32\xab\x8f\xe2\x89\x56\x67\xfa\xd0\xd4\xe3\x35\x86\x71\xb9\x04\x14\x5d\xa7\xdd\x70\x06\x51\x32\x7e\xe7\xb6\x6d\xb3\xb5\xe5\xe0\x60\xea\x2e\x4d\xef\x02\x01\x1d\xa2\x23\x30\x21\x30\x1f\x06\x09\x2b\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x35\xc5\xe3\x50\xc3\xcf\x04\x33\xcc\x9e\x06\x3a\x9a\x18\x80\xcc" +#define REQ1 \ + "\x30\x67\x30\x65\x30\x3e\x30\x3c\x30\x3a\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\x13\x9d\xa0\x9e\xf4\x32\xab\x8f\xe2\x89\x56\x67\xfa\xd0\xd4\xe3\x35\x86\x71\xb9\x04\x14\x5d\xa7\xdd\x70\x06\x51\x32\x7e\xe7\xb6\x6d\xb3\xb5\xe5\xe0\x60\xea\x2e\x4d\xef\x02\x01\x1d\xa2\x23\x30\x21\x30\x1f\x06\x09\x2b\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x35\xc5\xe3\x50\xc3\xcf\x04\x33\xcc\x9e\x06\x3a\x9a\x18\x80\xcc" static const gnutls_datum_t req1 = { (unsigned char *)REQ1, sizeof(REQ1) - 1 }; -#define REQ1INFO \ - "OCSP Request Information:\n" \ - " Version: 1\n" \ - " Request List:\n" \ - " Certificate ID:\n" \ - " Hash Algorithm: SHA1\n" \ - " Issuer Name Hash: 139da09ef432ab8fe2895667fad0d4e3358671b9\n" \ - " Issuer Key Hash: 5da7dd700651327ee7b66db3b5e5e060ea2e4def\n" \ - " Serial Number: 1d\n" \ - " Extensions:\n" \ - " Nonce: 35c5e350c3cf0433cc9e063a9a1880cc\n" - -#define REQ1NONCE "\x04\x10\x35\xc5\xe3\x50\xc3\xcf\x04\x33\xcc\x9e\x06\x3a\x9a\x18\x80\xcc" - -#define REQ1INH "\x13\x9d\xa0\x9e\xf4\x32\xab\x8f\xe2\x89\x56\x67\xfa\xd0\xd4\xe3\x35\x86\x71\xb9" -#define REQ1IKH "\x5d\xa7\xdd\x70\x06\x51\x32\x7e\xe7\xb6\x6d\xb3\xb5\xe5\xe0\x60\xea\x2e\x4d\xef" +#define REQ1INFO \ + "OCSP Request Information:\n" \ + " Version: 1\n" \ + " Request List:\n" \ + " Certificate ID:\n" \ + " Hash Algorithm: SHA1\n" \ + " Issuer Name Hash: 139da09ef432ab8fe2895667fad0d4e3358671b9\n" \ + " Issuer Key Hash: 5da7dd700651327ee7b66db3b5e5e060ea2e4def\n" \ + " Serial Number: 1d\n" \ + " Extensions:\n" \ + " Nonce: 35c5e350c3cf0433cc9e063a9a1880cc\n" + +#define REQ1NONCE \ + "\x04\x10\x35\xc5\xe3\x50\xc3\xcf\x04\x33\xcc\x9e\x06\x3a\x9a\x18\x80\xcc" + +#define REQ1INH \ + "\x13\x9d\xa0\x9e\xf4\x32\xab\x8f\xe2\x89\x56\x67\xfa\xd0\xd4\xe3\x35\x86\x71\xb9" +#define REQ1IKH \ + "\x5d\xa7\xdd\x70\x06\x51\x32\x7e\xe7\xb6\x6d\xb3\xb5\xe5\xe0\x60\xea\x2e\x4d\xef" #define REQ1SN "\x1d" /* sample response */ #define RESP1 "\x30\x03\x0a\x01\x01" -static const gnutls_datum_t resp1 = - { (unsigned char *)RESP1, sizeof(RESP1) - 1 }; - -#define RESP1INFO \ - "OCSP Response Information:\n" \ - " Response Status: malformedRequest\n" - -#define RESP2 "\x30\x82\x06\x8C\x0A\x01\x00\xA0\x82\x06\x85\x30\x82\x06\x81\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\x72\x30\x82\x06\x6E\x30\x82\x01\x07\xA1\x69\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\x30\x64\x30\x62\x30\x3A\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\x13\x9D\xA0\x9E\xF4\x32\xAB\x8F\xE2\x89\x56\x67\xFA\xD0\xD4\xE3\x35\x86\x71\xB9\x04\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\x02\x01\x1D\x80\x00\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\xA0\x11\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x39\x32\x38\x5A\xA1\x23\x30\x21\x30\x1F\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x16\x89\x7D\x91\x3A\xB5\x25\xA4\x45\xFE\xC9\xFD\xC2\xE5\x08\xA4\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x4E\xAD\x6B\x2B\xF7\xF2\xBF\xA9\x23\x1E\x3A\x0B\x06\xDB\x55\x53\x2B\x64\x54\x11\x32\xBF\x60\xF7\x4F\xE0\x8E\x9B\xA0\xA2\x4C\x79\xC3\x2A\xE0\x43\xF7\x40\x1A\xDC\xB9\xB4\x25\xEF\x48\x01\x97\x8C\xF5\x1E\xDB\xD1\x30\x37\x73\x69\xD6\xA7\x7A\x2D\x8E\xDE\x5C\xAA\xEA\x39\xB9\x52\xAA\x25\x1E\x74\x7D\xF9\x78\x95\x8A\x92\x1F\x98\x21\xF4\x60\x7F\xD3\x28\xEE\x47\x9C\xBF\xE2\x5D\xF6\x3F\x68\x0A\xD6\xFF\x08\xC1\xDC\x95\x1E\x29\xD7\x3E\x85\xD5\x65\xA4\x4B\xC0\xAF\xC3\x78\xAB\x06\x98\x88\x19\x8A\x64\xA6\x83\x91\x87\x13\xDB\x17\xCC\x46\xBD\xAB\x4E\xC7\x16\xD1\xF8\x35\xFD\x27\xC8\xF6\x6B\xEB\x37\xB8\x08\x6F\xE2\x6F\xB4\x7E\xD5\x68\xDB\x7F\x5D\x5E\x36\x38\xF2\x77\x59\x13\xE7\x3E\x4D\x67\x5F\xDB\xA2\xF5\x5D\x7C\xBF\xBD\xB5\x37\x33\x51\x36\x63\xF8\x21\x1E\xFC\x73\x8F\x32\x69\xBB\x97\xA7\xBD\xF1\xB6\xE0\x40\x09\x68\xEA\xD5\x93\xB8\xBB\x39\x8D\xA8\x16\x1B\xBF\x04\x7A\xBC\x18\x43\x01\xE9\x3C\x19\x5C\x4D\x4B\x98\xD8\x23\x37\x39\xA4\xC4\xDD\xED\x9C\xEC\x37\xAB\x66\x44\x9B\xE7\x5B\x5D\x32\xA2\xDB\xA6\x0B\x3B\x8C\xE1\xF5\xDB\xCB\x7D\x58\xA0\x82\x04\x4B\x30\x82\x04\x47\x30\x82\x04\x43\x30\x82\x03\x2B\xA0\x03\x02\x01\x02\x02\x01\x1E\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x1E\x17\x0D\x30\x39\x31\x31\x32\x34\x31\x32\x35\x31\x35\x33\x5A\x17\x0D\x31\x34\x31\x31\x32\x33\x31\x32\x35\x31\x35\x33\x5A\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\xBC\x05\x3E\x4B\xBE\xC6\xB1\x33\x48\x0E\xC3\xD4\x0C\xEF\x83\x0B\xBD\xBC\x57\x5F\x14\xEF\xF5\x6D\x0B\xFF\xFA\x01\x9C\xFA\x21\x6D\x5C\xAE\x79\x29\x74\xFE\xBD\xAB\x70\x87\x98\x6B\x48\x35\x79\xE3\xE0\xC1\x14\x41\x1F\x0A\xF7\xE7\xA3\xA6\xDA\x6B\xFF\xCD\x74\xE9\x95\x00\x38\xAA\xD6\x3A\x60\xC6\x64\xA1\xE6\x02\x39\x58\x4E\xFD\xF2\x78\x08\x63\xB6\xD7\x7A\x96\x79\x62\x18\x39\xEE\x27\x8D\x3B\xA2\x3D\x48\x88\xDB\x43\xD6\x6A\x77\x20\x6A\x27\x39\x50\xE0\x02\x50\x19\xF2\x7A\xCF\x78\x23\x99\x01\xD4\xE5\xB1\xD1\x31\xE6\x6B\x84\xAF\xD0\x77\x41\x46\x85\xB0\x3B\xE6\x6A\x00\x0F\x3B\x7E\x95\x7F\x59\xA8\x22\xE8\x49\x49\x05\xC8\xCB\x6C\xEE\x47\xA7\x2D\xC9\x74\x5B\xEB\x8C\xD5\x99\xC2\xE2\x70\xDB\xEA\x87\x43\x84\x0E\x4F\x83\x1C\xA6\xEB\x1F\x22\x38\x17\x69\x9B\x72\x12\x95\x48\x71\xB2\x7B\x92\x73\x52\xAB\xE3\x1A\xA5\xD3\xF4\x44\x14\xBA\xC3\x35\xDA\x91\x6C\x7D\xB4\xC2\x00\x07\xD8\x0A\x51\xF1\x0D\x4C\xD9\x7A\xD1\x99\xE6\xA8\x8D\x0A\x80\xA8\x91\xDD\x8A\xA2\x6B\xF6\xDB\xB0\x3E\xC9\x71\xA9\xE0\x39\xC3\xA3\x58\x0D\x87\xD0\xB2\xA7\x9C\xB7\x69\x02\x03\x01\x00\x01\xA3\x82\x01\x1A\x30\x82\x01\x16\x30\x09\x06\x03\x55\x1D\x13\x04\x02\x30\x00\x30\x0B\x06\x03\x55\x1D\x0F\x04\x04\x03\x02\x03\xA8\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x34\x91\x6E\x91\x32\xBF\x35\x25\x43\xCC\x28\x74\xEF\x82\xC2\x57\x92\x79\x13\x73\x30\x6D\x06\x03\x55\x1D\x23\x04\x66\x30\x64\x80\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\xA1\x49\xA4\x47\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x82\x01\x00\x30\x1E\x06\x03\x55\x1D\x11\x04\x17\x30\x15\x82\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x13\x06\x03\x55\x1D\x25\x04\x0C\x30\x0A\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x39\x06\x03\x55\x1D\x1F\x04\x32\x30\x30\x30\x2E\xA0\x2C\xA0\x2A\x86\x28\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x2F\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x63\x72\x6C\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x03\x82\x01\x01\x00\x6D\x78\xD7\x66\x90\xA6\xEB\xDD\xB5\x09\x48\xA4\xDA\x27\xFA\xAC\xB1\xBC\x8F\x8C\xBE\xCC\x8C\x09\xA2\x40\x0D\x6C\x4A\xAE\x72\x22\x1E\xC8\xAF\x6D\xF1\x12\xAF\xD7\x40\x51\x79\xD4\xDD\xB2\x0C\xDB\x97\x84\xB6\x24\xD5\xF5\xA8\xBB\xC0\x4B\xF9\x7F\x71\xF7\xB0\x65\x42\x4A\x7D\xFE\x76\x7E\x05\xD2\x46\xB8\x7D\xB3\x39\x4C\x5C\xB1\xFA\xB9\xEE\x3B\x70\x33\x39\x57\x1A\xB9\x95\x51\x33\x00\x25\x1B\x4C\xAA\xB4\xA7\x55\xAF\x63\x6D\x6F\x88\x17\x6A\x7F\xB0\x97\xDE\x49\x14\x6A\x27\x6A\xB0\x42\x80\xD6\xA6\x9B\xEF\x04\x5E\x11\x7D\xD5\x8E\x54\x20\xA2\x76\xD4\x66\x58\xAC\x9C\x12\xD3\xF5\xCA\x54\x98\xCA\x21\xEC\xC1\x55\xA1\x2F\x68\x0B\x5D\x04\x50\xD2\x5E\x70\x25\xD8\x13\xD9\x44\x51\x0E\x8A\x42\x08\x18\x84\xE6\x61\xCE\x5A\x7D\x7B\x81\x35\x90\xC3\xD4\x9D\x19\xB6\x37\xEE\x8F\x63\x5C\xDA\xD8\xF0\x64\x60\x39\xEB\x9B\x1C\x54\x66\x75\x76\xB5\x0A\x58\xB9\x3F\x91\xE1\x21\x9C\xA0\x50\x15\x97\xB6\x7E\x41\xBC\xD0\xC4\x21\x4C\xF5\xD7\xF0\x13\xF8\x77\xE9\x74\xC4\x8A\x0E\x20\x17\x32\xAE\x38\xC2\xA5\xA8\x62\x85\x17\xB1\xA2\xD3\x22\x9F\x95\xB7\xA3\x4C" - -#define RESP2INFO \ - "OCSP Response Information:\n" \ - " Response Status: Successful\n" \ - " Response Type: Basic OCSP Response\n" \ - " Version: 1\n" \ - " Responder ID: CN=ocsp.strongswan.org,OU=OCSP Signing Authority,O=Linux strongSwan,C=CH\n" \ - " Produced At: Tue Sep 27 09:54:28 UTC 2011\n" \ - " Responses:\n" \ - " Certificate ID:\n" \ - " Hash Algorithm: SHA1\n" \ - " Issuer Name Hash: 139da09ef432ab8fe2895667fad0d4e3358671b9\n" \ - " Issuer Key Hash: 5da7dd700651327ee7b66db3b5e5e060ea2e4def\n" \ - " Serial Number: 1d\n" \ - " Certificate Status: good\n" \ - " This Update: Tue Sep 27 09:54:28 UTC 2011\n" \ - " Next Update: Tue Sep 27 09:59:28 UTC 2011\n" \ - " Extensions:\n" \ - " Nonce: 16897d913ab525a445fec9fdc2e508a4\n" \ - " Signature Algorithm: RSA-SHA1\n" \ - " Signature:\n" \ - " 4e:ad:6b:2b:f7:f2:bf:a9:23:1e:3a:0b:06:db:55:53\n" \ - " 2b:64:54:11:32:bf:60:f7:4f:e0:8e:9b:a0:a2:4c:79\n" \ - " c3:2a:e0:43:f7:40:1a:dc:b9:b4:25:ef:48:01:97:8c\n" \ - " f5:1e:db:d1:30:37:73:69:d6:a7:7a:2d:8e:de:5c:aa\n" \ - " ea:39:b9:52:aa:25:1e:74:7d:f9:78:95:8a:92:1f:98\n" \ - " 21:f4:60:7f:d3:28:ee:47:9c:bf:e2:5d:f6:3f:68:0a\n" \ - " d6:ff:08:c1:dc:95:1e:29:d7:3e:85:d5:65:a4:4b:c0\n" \ - " af:c3:78:ab:06:98:88:19:8a:64:a6:83:91:87:13:db\n" \ - " 17:cc:46:bd:ab:4e:c7:16:d1:f8:35:fd:27:c8:f6:6b\n" \ - " eb:37:b8:08:6f:e2:6f:b4:7e:d5:68:db:7f:5d:5e:36\n" \ - " 38:f2:77:59:13:e7:3e:4d:67:5f:db:a2:f5:5d:7c:bf\n" \ - " bd:b5:37:33:51:36:63:f8:21:1e:fc:73:8f:32:69:bb\n" \ - " 97:a7:bd:f1:b6:e0:40:09:68:ea:d5:93:b8:bb:39:8d\n" \ - " a8:16:1b:bf:04:7a:bc:18:43:01:e9:3c:19:5c:4d:4b\n" \ - " 98:d8:23:37:39:a4:c4:dd:ed:9c:ec:37:ab:66:44:9b\n" \ - " e7:5b:5d:32:a2:db:a6:0b:3b:8c:e1:f5:db:cb:7d:58\n" - /* cut */ - -static const gnutls_datum_t resp2 = - { (unsigned char *)RESP2, sizeof(RESP2) - 1 }; - -#define RESP3 "\x30\x82\x01\xd3\x0a\x01\x00\xa0\x82\x01\xcc\x30\x82\x01\xc8\x06\x09\x2b\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x01\xb9\x30\x82\x01\xb5\x30\x81\x9e\xa2\x16\x04\x14\x50\xea\x73\x89\xdb\x29\xfb\x10\x8f\x9e\xe5\x01\x20\xd4\xde\x79\x99\x48\x83\xf7\x18\x0f\x32\x30\x31\x34\x30\x39\x30\x34\x30\x35\x34\x39\x30\x30\x5a\x30\x73\x30\x71\x30\x49\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\xed\x48\xad\xdd\xcb\x7b\x00\xe2\x0e\x84\x2a\xa9\xb4\x09\xf1\xac\x30\x34\xcf\x96\x04\x14\x50\xea\x73\x89\xdb\x29\xfb\x10\x8f\x9e\xe5\x01\x20\xd4\xde\x79\x99\x48\x83\xf7\x02\x10\x02\x01\x48\x91\x5d\xfd\x5e\xb6\xe0\x02\x90\xa9\x67\xb0\xe4\x64\x80\x00\x18\x0f\x32\x30\x31\x34\x30\x39\x30\x34\x30\x35\x34\x39\x30\x30\x5a\xa0\x11\x18\x0f\x32\x30\x31\x34\x30\x39\x31\x31\x30\x36\x30\x34\x30\x30\x5a\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x6e\x5e\x5e\x81\xff\x3f\x4d\xc7\x53\xc7\x1b\xf3\xd3\x1d\xdc\x9a\xc7\xce\x77\x2c\x67\x56\x13\x98\x91\x02\x01\x76\xdc\x48\xb2\x1f\x9b\x17\xea\xbf\x2c\x0a\xf5\x1d\x98\x90\x3c\x5f\x55\xc2\xff\x4b\x9a\xbc\xa6\x83\x9e\xab\x2b\xeb\x9d\x01\xea\x3b\x5f\xbe\x03\x29\x70\x63\x2a\xa4\x1d\xa8\xab\x69\xb2\x64\xba\x5d\x73\x91\x5c\x92\xf3\x69\xd4\xc9\x39\x9c\x7c\x7d\xa2\x47\x92\xc2\x56\xfe\xa1\x0d\x4a\x69\xff\xda\x48\xc5\x5e\xd8\xab\x39\x88\x6a\x06\xfa\x07\x57\xd6\x48\xb5\xce\xc9\x5f\xa5\x96\xfe\x37\x18\x5e\x7f\x35\x51\xc1\x9e\x79\x5a\x26\xba\x67\x67\x38\x2a\x80\x75\x42\x99\x68\x3e\xec\x2f\x7e\x2d\xa1\xa6\xbe\x9f\x01\x51\x22\x88\x3a\xc9\x9c\xed\x51\xef\x21\x66\x7e\xa9\xd0\x3f\x13\x9c\xbb\xd2\x94\x14\x6f\x4b\xd9\xc4\xf5\x2c\xf5\x7d\x07\x68\xf3\x51\xac\xda\xc2\x09\x66\xa9\x3d\xed\xad\x02\x4d\x9c\x11\x29\x1a\x54\xfb\x1e\x7e\x36\xf4\xbb\x0d\x08\x8c\x6a\x42\x08\x10\x29\x08\x7c\x56\x0b\x18\x47\xff\x87\x11\xfd\xb2\xfb\xc9\x22\x7f\xe3\x1f\x7b\xf9\x98\xaa\x3a\x32\xb6\x2f\x02\xba\xb6\xc1\xdc\xc3\x5d\xb5\x4b\xae\x5d\x29\x6a\x31\xde\xcd" - -#define RESP3INFO "OCSP Response Information:\n" \ -" Response Status: Successful\n" \ -" Response Type: Basic OCSP Response\n" \ -" Version: 1\n" \ -" Responder Key ID: 50ea7389db29fb108f9ee50120d4de79994883f7\n" \ -" Produced At: Thu Sep 04 05:49:00 UTC 2014\n" \ -" Responses:\n" \ -" Certificate ID:\n" \ -" Hash Algorithm: SHA1\n" \ -" Issuer Name Hash: ed48adddcb7b00e20e842aa9b409f1ac3034cf96\n" \ -" Issuer Key Hash: 50ea7389db29fb108f9ee50120d4de79994883f7\n" \ -" Serial Number: 020148915dfd5eb6e00290a967b0e464\n" \ -" Certificate Status: good\n" \ -" This Update: Thu Sep 04 05:49:00 UTC 2014\n" \ -" Next Update: Thu Sep 11 06:04:00 UTC 2014\n" \ -" Extensions:\n" \ -" Signature Algorithm: RSA-SHA1\n" \ -" Signature:\n" \ -" 6e:5e:5e:81:ff:3f:4d:c7:53:c7:1b:f3:d3:1d:dc:9a\n" \ -" c7:ce:77:2c:67:56:13:98:91:02:01:76:dc:48:b2:1f\n" \ -" 9b:17:ea:bf:2c:0a:f5:1d:98:90:3c:5f:55:c2:ff:4b\n" \ -" 9a:bc:a6:83:9e:ab:2b:eb:9d:01:ea:3b:5f:be:03:29\n" \ -" 70:63:2a:a4:1d:a8:ab:69:b2:64:ba:5d:73:91:5c:92\n" \ -" f3:69:d4:c9:39:9c:7c:7d:a2:47:92:c2:56:fe:a1:0d\n" \ -" 4a:69:ff:da:48:c5:5e:d8:ab:39:88:6a:06:fa:07:57\n" \ -" d6:48:b5:ce:c9:5f:a5:96:fe:37:18:5e:7f:35:51:c1\n" \ -" 9e:79:5a:26:ba:67:67:38:2a:80:75:42:99:68:3e:ec\n" \ -" 2f:7e:2d:a1:a6:be:9f:01:51:22:88:3a:c9:9c:ed:51\n" \ -" ef:21:66:7e:a9:d0:3f:13:9c:bb:d2:94:14:6f:4b:d9\n" \ -" c4:f5:2c:f5:7d:07:68:f3:51:ac:da:c2:09:66:a9:3d\n" \ -" ed:ad:02:4d:9c:11:29:1a:54:fb:1e:7e:36:f4:bb:0d\n" \ -" 08:8c:6a:42:08:10:29:08:7c:56:0b:18:47:ff:87:11\n" \ -" fd:b2:fb:c9:22:7f:e3:1f:7b:f9:98:aa:3a:32:b6:2f\n" \ -" 02:ba:b6:c1:dc:c3:5d:b5:4b:ae:5d:29:6a:31:de:cd\n" - -static const gnutls_datum_t resp3 = - { (unsigned char *)RESP3, sizeof(RESP3) - 1 }; +static const gnutls_datum_t resp1 = { (unsigned char *)RESP1, + sizeof(RESP1) - 1 }; + +#define RESP1INFO \ + "OCSP Response Information:\n" \ + " Response Status: malformedRequest\n" + +#define RESP2 \ + "\x30\x82\x06\x8C\x0A\x01\x00\xA0\x82\x06\x85\x30\x82\x06\x81\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\x72\x30\x82\x06\x6E\x30\x82\x01\x07\xA1\x69\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\x30\x64\x30\x62\x30\x3A\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\x13\x9D\xA0\x9E\xF4\x32\xAB\x8F\xE2\x89\x56\x67\xFA\xD0\xD4\xE3\x35\x86\x71\xB9\x04\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\x02\x01\x1D\x80\x00\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\xA0\x11\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x39\x32\x38\x5A\xA1\x23\x30\x21\x30\x1F\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x16\x89\x7D\x91\x3A\xB5\x25\xA4\x45\xFE\xC9\xFD\xC2\xE5\x08\xA4\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x4E\xAD\x6B\x2B\xF7\xF2\xBF\xA9\x23\x1E\x3A\x0B\x06\xDB\x55\x53\x2B\x64\x54\x11\x32\xBF\x60\xF7\x4F\xE0\x8E\x9B\xA0\xA2\x4C\x79\xC3\x2A\xE0\x43\xF7\x40\x1A\xDC\xB9\xB4\x25\xEF\x48\x01\x97\x8C\xF5\x1E\xDB\xD1\x30\x37\x73\x69\xD6\xA7\x7A\x2D\x8E\xDE\x5C\xAA\xEA\x39\xB9\x52\xAA\x25\x1E\x74\x7D\xF9\x78\x95\x8A\x92\x1F\x98\x21\xF4\x60\x7F\xD3\x28\xEE\x47\x9C\xBF\xE2\x5D\xF6\x3F\x68\x0A\xD6\xFF\x08\xC1\xDC\x95\x1E\x29\xD7\x3E\x85\xD5\x65\xA4\x4B\xC0\xAF\xC3\x78\xAB\x06\x98\x88\x19\x8A\x64\xA6\x83\x91\x87\x13\xDB\x17\xCC\x46\xBD\xAB\x4E\xC7\x16\xD1\xF8\x35\xFD\x27\xC8\xF6\x6B\xEB\x37\xB8\x08\x6F\xE2\x6F\xB4\x7E\xD5\x68\xDB\x7F\x5D\x5E\x36\x38\xF2\x77\x59\x13\xE7\x3E\x4D\x67\x5F\xDB\xA2\xF5\x5D\x7C\xBF\xBD\xB5\x37\x33\x51\x36\x63\xF8\x21\x1E\xFC\x73\x8F\x32\x69\xBB\x97\xA7\xBD\xF1\xB6\xE0\x40\x09\x68\xEA\xD5\x93\xB8\xBB\x39\x8D\xA8\x16\x1B\xBF\x04\x7A\xBC\x18\x43\x01\xE9\x3C\x19\x5C\x4D\x4B\x98\xD8\x23\x37\x39\xA4\xC4\xDD\xED\x9C\xEC\x37\xAB\x66\x44\x9B\xE7\x5B\x5D\x32\xA2\xDB\xA6\x0B\x3B\x8C\xE1\xF5\xDB\xCB\x7D\x58\xA0\x82\x04\x4B\x30\x82\x04\x47\x30\x82\x04\x43\x30\x82\x03\x2B\xA0\x03\x02\x01\x02\x02\x01\x1E\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x1E\x17\x0D\x30\x39\x31\x31\x32\x34\x31\x32\x35\x31\x35\x33\x5A\x17\x0D\x31\x34\x31\x31\x32\x33\x31\x32\x35\x31\x35\x33\x5A\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\xBC\x05\x3E\x4B\xBE\xC6\xB1\x33\x48\x0E\xC3\xD4\x0C\xEF\x83\x0B\xBD\xBC\x57\x5F\x14\xEF\xF5\x6D\x0B\xFF\xFA\x01\x9C\xFA\x21\x6D\x5C\xAE\x79\x29\x74\xFE\xBD\xAB\x70\x87\x98\x6B\x48\x35\x79\xE3\xE0\xC1\x14\x41\x1F\x0A\xF7\xE7\xA3\xA6\xDA\x6B\xFF\xCD\x74\xE9\x95\x00\x38\xAA\xD6\x3A\x60\xC6\x64\xA1\xE6\x02\x39\x58\x4E\xFD\xF2\x78\x08\x63\xB6\xD7\x7A\x96\x79\x62\x18\x39\xEE\x27\x8D\x3B\xA2\x3D\x48\x88\xDB\x43\xD6\x6A\x77\x20\x6A\x27\x39\x50\xE0\x02\x50\x19\xF2\x7A\xCF\x78\x23\x99\x01\xD4\xE5\xB1\xD1\x31\xE6\x6B\x84\xAF\xD0\x77\x41\x46\x85\xB0\x3B\xE6\x6A\x00\x0F\x3B\x7E\x95\x7F\x59\xA8\x22\xE8\x49\x49\x05\xC8\xCB\x6C\xEE\x47\xA7\x2D\xC9\x74\x5B\xEB\x8C\xD5\x99\xC2\xE2\x70\xDB\xEA\x87\x43\x84\x0E\x4F\x83\x1C\xA6\xEB\x1F\x22\x38\x17\x69\x9B\x72\x12\x95\x48\x71\xB2\x7B\x92\x73\x52\xAB\xE3\x1A\xA5\xD3\xF4\x44\x14\xBA\xC3\x35\xDA\x91\x6C\x7D\xB4\xC2\x00\x07\xD8\x0A\x51\xF1\x0D\x4C\xD9\x7A\xD1\x99\xE6\xA8\x8D\x0A\x80\xA8\x91\xDD\x8A\xA2\x6B\xF6\xDB\xB0\x3E\xC9\x71\xA9\xE0\x39\xC3\xA3\x58\x0D\x87\xD0\xB2\xA7\x9C\xB7\x69\x02\x03\x01\x00\x01\xA3\x82\x01\x1A\x30\x82\x01\x16\x30\x09\x06\x03\x55\x1D\x13\x04\x02\x30\x00\x30\x0B\x06\x03\x55\x1D\x0F\x04\x04\x03\x02\x03\xA8\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x34\x91\x6E\x91\x32\xBF\x35\x25\x43\xCC\x28\x74\xEF\x82\xC2\x57\x92\x79\x13\x73\x30\x6D\x06\x03\x55\x1D\x23\x04\x66\x30\x64\x80\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\xA1\x49\xA4\x47\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x82\x01\x00\x30\x1E\x06\x03\x55\x1D\x11\x04\x17\x30\x15\x82\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x13\x06\x03\x55\x1D\x25\x04\x0C\x30\x0A\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x39\x06\x03\x55\x1D\x1F\x04\x32\x30\x30\x30\x2E\xA0\x2C\xA0\x2A\x86\x28\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x2F\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x63\x72\x6C\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x03\x82\x01\x01\x00\x6D\x78\xD7\x66\x90\xA6\xEB\xDD\xB5\x09\x48\xA4\xDA\x27\xFA\xAC\xB1\xBC\x8F\x8C\xBE\xCC\x8C\x09\xA2\x40\x0D\x6C\x4A\xAE\x72\x22\x1E\xC8\xAF\x6D\xF1\x12\xAF\xD7\x40\x51\x79\xD4\xDD\xB2\x0C\xDB\x97\x84\xB6\x24\xD5\xF5\xA8\xBB\xC0\x4B\xF9\x7F\x71\xF7\xB0\x65\x42\x4A\x7D\xFE\x76\x7E\x05\xD2\x46\xB8\x7D\xB3\x39\x4C\x5C\xB1\xFA\xB9\xEE\x3B\x70\x33\x39\x57\x1A\xB9\x95\x51\x33\x00\x25\x1B\x4C\xAA\xB4\xA7\x55\xAF\x63\x6D\x6F\x88\x17\x6A\x7F\xB0\x97\xDE\x49\x14\x6A\x27\x6A\xB0\x42\x80\xD6\xA6\x9B\xEF\x04\x5E\x11\x7D\xD5\x8E\x54\x20\xA2\x76\xD4\x66\x58\xAC\x9C\x12\xD3\xF5\xCA\x54\x98\xCA\x21\xEC\xC1\x55\xA1\x2F\x68\x0B\x5D\x04\x50\xD2\x5E\x70\x25\xD8\x13\xD9\x44\x51\x0E\x8A\x42\x08\x18\x84\xE6\x61\xCE\x5A\x7D\x7B\x81\x35\x90\xC3\xD4\x9D\x19\xB6\x37\xEE\x8F\x63\x5C\xDA\xD8\xF0\x64\x60\x39\xEB\x9B\x1C\x54\x66\x75\x76\xB5\x0A\x58\xB9\x3F\x91\xE1\x21\x9C\xA0\x50\x15\x97\xB6\x7E\x41\xBC\xD0\xC4\x21\x4C\xF5\xD7\xF0\x13\xF8\x77\xE9\x74\xC4\x8A\x0E\x20\x17\x32\xAE\x38\xC2\xA5\xA8\x62\x85\x17\xB1\xA2\xD3\x22\x9F\x95\xB7\xA3\x4C" + +#define RESP2INFO \ + "OCSP Response Information:\n" \ + " Response Status: Successful\n" \ + " Response Type: Basic OCSP Response\n" \ + " Version: 1\n" \ + " Responder ID: CN=ocsp.strongswan.org,OU=OCSP Signing Authority,O=Linux strongSwan,C=CH\n" \ + " Produced At: Tue Sep 27 09:54:28 UTC 2011\n" \ + " Responses:\n" \ + " Certificate ID:\n" \ + " Hash Algorithm: SHA1\n" \ + " Issuer Name Hash: 139da09ef432ab8fe2895667fad0d4e3358671b9\n" \ + " Issuer Key Hash: 5da7dd700651327ee7b66db3b5e5e060ea2e4def\n" \ + " Serial Number: 1d\n" \ + " Certificate Status: good\n" \ + " This Update: Tue Sep 27 09:54:28 UTC 2011\n" \ + " Next Update: Tue Sep 27 09:59:28 UTC 2011\n" \ + " Extensions:\n" \ + " Nonce: 16897d913ab525a445fec9fdc2e508a4\n" \ + " Signature Algorithm: RSA-SHA1\n" \ + " Signature:\n" \ + " 4e:ad:6b:2b:f7:f2:bf:a9:23:1e:3a:0b:06:db:55:53\n" \ + " 2b:64:54:11:32:bf:60:f7:4f:e0:8e:9b:a0:a2:4c:79\n" \ + " c3:2a:e0:43:f7:40:1a:dc:b9:b4:25:ef:48:01:97:8c\n" \ + " f5:1e:db:d1:30:37:73:69:d6:a7:7a:2d:8e:de:5c:aa\n" \ + " ea:39:b9:52:aa:25:1e:74:7d:f9:78:95:8a:92:1f:98\n" \ + " 21:f4:60:7f:d3:28:ee:47:9c:bf:e2:5d:f6:3f:68:0a\n" \ + " d6:ff:08:c1:dc:95:1e:29:d7:3e:85:d5:65:a4:4b:c0\n" \ + " af:c3:78:ab:06:98:88:19:8a:64:a6:83:91:87:13:db\n" \ + " 17:cc:46:bd:ab:4e:c7:16:d1:f8:35:fd:27:c8:f6:6b\n" \ + " eb:37:b8:08:6f:e2:6f:b4:7e:d5:68:db:7f:5d:5e:36\n" \ + " 38:f2:77:59:13:e7:3e:4d:67:5f:db:a2:f5:5d:7c:bf\n" \ + " bd:b5:37:33:51:36:63:f8:21:1e:fc:73:8f:32:69:bb\n" \ + " 97:a7:bd:f1:b6:e0:40:09:68:ea:d5:93:b8:bb:39:8d\n" \ + " a8:16:1b:bf:04:7a:bc:18:43:01:e9:3c:19:5c:4d:4b\n" \ + " 98:d8:23:37:39:a4:c4:dd:ed:9c:ec:37:ab:66:44:9b\n" \ + " e7:5b:5d:32:a2:db:a6:0b:3b:8c:e1:f5:db:cb:7d:58\n" +/* cut */ + +static const gnutls_datum_t resp2 = { (unsigned char *)RESP2, + sizeof(RESP2) - 1 }; + +#define RESP3 \ + "\x30\x82\x01\xd3\x0a\x01\x00\xa0\x82\x01\xcc\x30\x82\x01\xc8\x06\x09\x2b\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x01\xb9\x30\x82\x01\xb5\x30\x81\x9e\xa2\x16\x04\x14\x50\xea\x73\x89\xdb\x29\xfb\x10\x8f\x9e\xe5\x01\x20\xd4\xde\x79\x99\x48\x83\xf7\x18\x0f\x32\x30\x31\x34\x30\x39\x30\x34\x30\x35\x34\x39\x30\x30\x5a\x30\x73\x30\x71\x30\x49\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\xed\x48\xad\xdd\xcb\x7b\x00\xe2\x0e\x84\x2a\xa9\xb4\x09\xf1\xac\x30\x34\xcf\x96\x04\x14\x50\xea\x73\x89\xdb\x29\xfb\x10\x8f\x9e\xe5\x01\x20\xd4\xde\x79\x99\x48\x83\xf7\x02\x10\x02\x01\x48\x91\x5d\xfd\x5e\xb6\xe0\x02\x90\xa9\x67\xb0\xe4\x64\x80\x00\x18\x0f\x32\x30\x31\x34\x30\x39\x30\x34\x30\x35\x34\x39\x30\x30\x5a\xa0\x11\x18\x0f\x32\x30\x31\x34\x30\x39\x31\x31\x30\x36\x30\x34\x30\x30\x5a\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x6e\x5e\x5e\x81\xff\x3f\x4d\xc7\x53\xc7\x1b\xf3\xd3\x1d\xdc\x9a\xc7\xce\x77\x2c\x67\x56\x13\x98\x91\x02\x01\x76\xdc\x48\xb2\x1f\x9b\x17\xea\xbf\x2c\x0a\xf5\x1d\x98\x90\x3c\x5f\x55\xc2\xff\x4b\x9a\xbc\xa6\x83\x9e\xab\x2b\xeb\x9d\x01\xea\x3b\x5f\xbe\x03\x29\x70\x63\x2a\xa4\x1d\xa8\xab\x69\xb2\x64\xba\x5d\x73\x91\x5c\x92\xf3\x69\xd4\xc9\x39\x9c\x7c\x7d\xa2\x47\x92\xc2\x56\xfe\xa1\x0d\x4a\x69\xff\xda\x48\xc5\x5e\xd8\xab\x39\x88\x6a\x06\xfa\x07\x57\xd6\x48\xb5\xce\xc9\x5f\xa5\x96\xfe\x37\x18\x5e\x7f\x35\x51\xc1\x9e\x79\x5a\x26\xba\x67\x67\x38\x2a\x80\x75\x42\x99\x68\x3e\xec\x2f\x7e\x2d\xa1\xa6\xbe\x9f\x01\x51\x22\x88\x3a\xc9\x9c\xed\x51\xef\x21\x66\x7e\xa9\xd0\x3f\x13\x9c\xbb\xd2\x94\x14\x6f\x4b\xd9\xc4\xf5\x2c\xf5\x7d\x07\x68\xf3\x51\xac\xda\xc2\x09\x66\xa9\x3d\xed\xad\x02\x4d\x9c\x11\x29\x1a\x54\xfb\x1e\x7e\x36\xf4\xbb\x0d\x08\x8c\x6a\x42\x08\x10\x29\x08\x7c\x56\x0b\x18\x47\xff\x87\x11\xfd\xb2\xfb\xc9\x22\x7f\xe3\x1f\x7b\xf9\x98\xaa\x3a\x32\xb6\x2f\x02\xba\xb6\xc1\xdc\xc3\x5d\xb5\x4b\xae\x5d\x29\x6a\x31\xde\xcd" + +#define RESP3INFO \ + "OCSP Response Information:\n" \ + " Response Status: Successful\n" \ + " Response Type: Basic OCSP Response\n" \ + " Version: 1\n" \ + " Responder Key ID: 50ea7389db29fb108f9ee50120d4de79994883f7\n" \ + " Produced At: Thu Sep 04 05:49:00 UTC 2014\n" \ + " Responses:\n" \ + " Certificate ID:\n" \ + " Hash Algorithm: SHA1\n" \ + " Issuer Name Hash: ed48adddcb7b00e20e842aa9b409f1ac3034cf96\n" \ + " Issuer Key Hash: 50ea7389db29fb108f9ee50120d4de79994883f7\n" \ + " Serial Number: 020148915dfd5eb6e00290a967b0e464\n" \ + " Certificate Status: good\n" \ + " This Update: Thu Sep 04 05:49:00 UTC 2014\n" \ + " Next Update: Thu Sep 11 06:04:00 UTC 2014\n" \ + " Extensions:\n" \ + " Signature Algorithm: RSA-SHA1\n" \ + " Signature:\n" \ + " 6e:5e:5e:81:ff:3f:4d:c7:53:c7:1b:f3:d3:1d:dc:9a\n" \ + " c7:ce:77:2c:67:56:13:98:91:02:01:76:dc:48:b2:1f\n" \ + " 9b:17:ea:bf:2c:0a:f5:1d:98:90:3c:5f:55:c2:ff:4b\n" \ + " 9a:bc:a6:83:9e:ab:2b:eb:9d:01:ea:3b:5f:be:03:29\n" \ + " 70:63:2a:a4:1d:a8:ab:69:b2:64:ba:5d:73:91:5c:92\n" \ + " f3:69:d4:c9:39:9c:7c:7d:a2:47:92:c2:56:fe:a1:0d\n" \ + " 4a:69:ff:da:48:c5:5e:d8:ab:39:88:6a:06:fa:07:57\n" \ + " d6:48:b5:ce:c9:5f:a5:96:fe:37:18:5e:7f:35:51:c1\n" \ + " 9e:79:5a:26:ba:67:67:38:2a:80:75:42:99:68:3e:ec\n" \ + " 2f:7e:2d:a1:a6:be:9f:01:51:22:88:3a:c9:9c:ed:51\n" \ + " ef:21:66:7e:a9:d0:3f:13:9c:bb:d2:94:14:6f:4b:d9\n" \ + " c4:f5:2c:f5:7d:07:68:f3:51:ac:da:c2:09:66:a9:3d\n" \ + " ed:ad:02:4d:9c:11:29:1a:54:fb:1e:7e:36:f4:bb:0d\n" \ + " 08:8c:6a:42:08:10:29:08:7c:56:0b:18:47:ff:87:11\n" \ + " fd:b2:fb:c9:22:7f:e3:1f:7b:f9:98:aa:3a:32:b6:2f\n" \ + " 02:ba:b6:c1:dc:c3:5d:b5:4b:ae:5d:29:6a:31:de:cd\n" + +static const gnutls_datum_t resp3 = { (unsigned char *)RESP3, + sizeof(RESP3) - 1 }; static unsigned char issuer_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDuDCCAqCgAwIBAgIBADANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ\n" - "MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS\n" - "b290IENBMB4XDTA0MDkxMDEwMDExOFoXDTE5MDkwNzEwMDExOFowRTELMAkGA1UE\n" - "BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9u\n" - "Z1N3YW4gUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/y\n" - "X2LqPVZuWLPIeknK86xhz6ljd3NNhC2z+P1uoCP3sBMuZiZQEjFzhnKcbXxCeo2f\n" - "FnvhOOjrrisSuVkzuu82oxXD3fIkzuS7m9V4E10EZzgmKWIf+WuNRfbgAuUINmLc\n" - "4YGAXBQLPyzpP4Ou48hhz/YQo58Bics6PHy5v34qCVROIXDvqhj91P8g+pS+F21/\n" - "7P+CH2jRcVIEHZtG8M/PweTPQ95dPzpYd2Ov6SZ/U7EWmbMmT8VcUYn1aChxFmy5\n" - "gweVBWlkH6MP+1DeE0/tL5c87xo5KCeGK8Tdqpe7sBRC4pPEEHDQciTUvkeuJ1Pr\n" - "K+1LwdqRxo7HgMRiDw8CAwEAAaOBsjCBrzASBgNVHRMBAf8ECDAGAQH/AgEBMAsG\n" - "A1UdDwQEAwIBBjAdBgNVHQ4EFgQUXafdcAZRMn7ntm2zteXgYOouTe8wbQYDVR0j\n" - "BGYwZIAUXafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUxCzAJBgNVBAYTAkNIMRkw\n" - "FwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQDExJzdHJvbmdTd2FuIFJv\n" - "b3QgQ0GCAQAwDQYJKoZIhvcNAQELBQADggEBACOSmqEBtBLR9aV3UyCI8gmzR5in\n" - "Lte9aUXXS+qis6F2h2Stf4sN+Nl6Gj7REC6SpfEH4wWdwiUL5J0CJhyoOjQuDl3n\n" - "1Dw3dE4/zqMZdyDKEYTU75TmvusNJBdGsLkrf7EATAjoi/nrTOYPPhSUZvPp/D+Y\n" - "vORJ9Ej51GXlK1nwEB5iA8+tDYniNQn6BD1MEgIejzK+fbiy7braZB1kqhoEr2Si\n" - "7luBSnU912sw494E88a2EWbmMvg2TVHPNzCpVkpNk7kifCiwmw9VldkqYy9y/lCa\n" - "Epyp7lTfKw7cbD04Vk8QJW782L6Csuxkl346b17wmOqn8AZips3tFsuAY3w=\n" - "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIDuDCCAqCgAwIBAgIBADANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ\n" + "MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS\n" + "b290IENBMB4XDTA0MDkxMDEwMDExOFoXDTE5MDkwNzEwMDExOFowRTELMAkGA1UE\n" + "BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9u\n" + "Z1N3YW4gUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/y\n" + "X2LqPVZuWLPIeknK86xhz6ljd3NNhC2z+P1uoCP3sBMuZiZQEjFzhnKcbXxCeo2f\n" + "FnvhOOjrrisSuVkzuu82oxXD3fIkzuS7m9V4E10EZzgmKWIf+WuNRfbgAuUINmLc\n" + "4YGAXBQLPyzpP4Ou48hhz/YQo58Bics6PHy5v34qCVROIXDvqhj91P8g+pS+F21/\n" + "7P+CH2jRcVIEHZtG8M/PweTPQ95dPzpYd2Ov6SZ/U7EWmbMmT8VcUYn1aChxFmy5\n" + "gweVBWlkH6MP+1DeE0/tL5c87xo5KCeGK8Tdqpe7sBRC4pPEEHDQciTUvkeuJ1Pr\n" + "K+1LwdqRxo7HgMRiDw8CAwEAAaOBsjCBrzASBgNVHRMBAf8ECDAGAQH/AgEBMAsG\n" + "A1UdDwQEAwIBBjAdBgNVHQ4EFgQUXafdcAZRMn7ntm2zteXgYOouTe8wbQYDVR0j\n" + "BGYwZIAUXafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUxCzAJBgNVBAYTAkNIMRkw\n" + "FwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQDExJzdHJvbmdTd2FuIFJv\n" + "b3QgQ0GCAQAwDQYJKoZIhvcNAQELBQADggEBACOSmqEBtBLR9aV3UyCI8gmzR5in\n" + "Lte9aUXXS+qis6F2h2Stf4sN+Nl6Gj7REC6SpfEH4wWdwiUL5J0CJhyoOjQuDl3n\n" + "1Dw3dE4/zqMZdyDKEYTU75TmvusNJBdGsLkrf7EATAjoi/nrTOYPPhSUZvPp/D+Y\n" + "vORJ9Ej51GXlK1nwEB5iA8+tDYniNQn6BD1MEgIejzK+fbiy7braZB1kqhoEr2Si\n" + "7luBSnU912sw494E88a2EWbmMvg2TVHPNzCpVkpNk7kifCiwmw9VldkqYy9y/lCa\n" + "Epyp7lTfKw7cbD04Vk8QJW782L6Csuxkl346b17wmOqn8AZips3tFsuAY3w=\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t issuer_data = { issuer_pem, sizeof(issuer_pem) }; static unsigned char subject_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEIjCCAwqgAwIBAgIBHTANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ\n" - "MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS\n" - "b290IENBMB4XDTA5MDgyNzEwNDQ1MVoXDTE0MDgyNjEwNDQ1MVowWjELMAkGA1UE\n" - "BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xETAPBgNVBAsTCFJlc2Vh\n" - "cmNoMR0wGwYDVQQDFBRjYXJvbEBzdHJvbmdzd2FuLm9yZzCCASIwDQYJKoZIhvcN\n" - "AQEBBQADggEPADCCAQoCggEBANBdWU+BF7x4lyo+xHnr4UAOU89yQQuT5vdPoXzx\n" - "6kRPsjYAuuktgXR+SaLkQHw/YRgDPSKj5nzmmlOQf/rWRr+8O2q+C92aUICmkNvZ\n" - "Gamo5w2WlOMZ6T5dk2Hv+QM6xT/GzWyVr1dMYu/7tywD1Bw7aW/HqkRESDu6q95V\n" - "Wu+Lzg6XlxCNEez0YsZrN/fC6BL2qzKAqMBbIHFW8OOnh+nEY4IF5AzkZnFrw12G\n" - "I72Z882pw97lyKwZhSz/GMQFBJx+rnNdw5P1IJwTlG5PUdoDCte/Mcr1iiA+zOov\n" - "x55x1GoGxduoXWU5egrf1MtalRf9Pc8Xr4q3WEKTAmsZrVECAwEAAaOCAQYwggEC\n" - "MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgOoMB0GA1UdDgQWBBQfoamI2WSMtaCiVGQ5\n" - "tPI9dF1ufDBtBgNVHSMEZjBkgBRdp91wBlEyfue2bbO15eBg6i5N76FJpEcwRTEL\n" - "MAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMT\n" - "EnN0cm9uZ1N3YW4gUm9vdCBDQYIBADAfBgNVHREEGDAWgRRjYXJvbEBzdHJvbmdz\n" - "d2FuLm9yZzA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnN0cm9uZ3N3YW4u\n" - "b3JnL3N0cm9uZ3N3YW4uY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQC8pqX3KrSzKeul\n" - "GdzydAV4hGwYB3WiB02oJ2nh5MJBu7J0Kn4IVkvLUHSSZhSRxx55tQZfdYqtXVS7\n" - "ZuyG+6rV7sb595SIRwfkLAdjbvv0yZIl4xx8j50K3yMR+9aXW1NSGPEkb8BjBUMr\n" - "F2kjGTOqomo8OIzyI369z9kJrtEhnS37nHcdpewZC1wHcWfJ6wd9wxmz2dVXmgVQ\n" - "L2BjXd/BcpLFaIC4h7jMXQ5FURjnU7K9xSa4T8PpR6FrQhOcIYBXAp94GiM8JqmK\n" - "ZBGUpeP+3cy4i3DV18Kyr64Q4XZlzhZClNE43sgMqiX88dc3znpDzT7T51j+d+9k\n" - "Rf5Z0GOR\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIEIjCCAwqgAwIBAgIBHTANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ\n" + "MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS\n" + "b290IENBMB4XDTA5MDgyNzEwNDQ1MVoXDTE0MDgyNjEwNDQ1MVowWjELMAkGA1UE\n" + "BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xETAPBgNVBAsTCFJlc2Vh\n" + "cmNoMR0wGwYDVQQDFBRjYXJvbEBzdHJvbmdzd2FuLm9yZzCCASIwDQYJKoZIhvcN\n" + "AQEBBQADggEPADCCAQoCggEBANBdWU+BF7x4lyo+xHnr4UAOU89yQQuT5vdPoXzx\n" + "6kRPsjYAuuktgXR+SaLkQHw/YRgDPSKj5nzmmlOQf/rWRr+8O2q+C92aUICmkNvZ\n" + "Gamo5w2WlOMZ6T5dk2Hv+QM6xT/GzWyVr1dMYu/7tywD1Bw7aW/HqkRESDu6q95V\n" + "Wu+Lzg6XlxCNEez0YsZrN/fC6BL2qzKAqMBbIHFW8OOnh+nEY4IF5AzkZnFrw12G\n" + "I72Z882pw97lyKwZhSz/GMQFBJx+rnNdw5P1IJwTlG5PUdoDCte/Mcr1iiA+zOov\n" + "x55x1GoGxduoXWU5egrf1MtalRf9Pc8Xr4q3WEKTAmsZrVECAwEAAaOCAQYwggEC\n" + "MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgOoMB0GA1UdDgQWBBQfoamI2WSMtaCiVGQ5\n" + "tPI9dF1ufDBtBgNVHSMEZjBkgBRdp91wBlEyfue2bbO15eBg6i5N76FJpEcwRTEL\n" + "MAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMT\n" + "EnN0cm9uZ1N3YW4gUm9vdCBDQYIBADAfBgNVHREEGDAWgRRjYXJvbEBzdHJvbmdz\n" + "d2FuLm9yZzA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnN0cm9uZ3N3YW4u\n" + "b3JnL3N0cm9uZ3N3YW4uY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQC8pqX3KrSzKeul\n" + "GdzydAV4hGwYB3WiB02oJ2nh5MJBu7J0Kn4IVkvLUHSSZhSRxx55tQZfdYqtXVS7\n" + "ZuyG+6rV7sb595SIRwfkLAdjbvv0yZIl4xx8j50K3yMR+9aXW1NSGPEkb8BjBUMr\n" + "F2kjGTOqomo8OIzyI369z9kJrtEhnS37nHcdpewZC1wHcWfJ6wd9wxmz2dVXmgVQ\n" + "L2BjXd/BcpLFaIC4h7jMXQ5FURjnU7K9xSa4T8PpR6FrQhOcIYBXAp94GiM8JqmK\n" + "ZBGUpeP+3cy4i3DV18Kyr64Q4XZlzhZClNE43sgMqiX88dc3znpDzT7T51j+d+9k\n" + "Rf5Z0GOR\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t subject_data = { subject_pem, sizeof(subject_pem) }; /* For testing verify functions. */ -#define BLOG_RESP "\x30\x82\x06\xF8\x0A\x01\x00\xA0\x82\x06\xF1\x30\x82\x06\xED\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\xDE\x30\x82\x06\xDA\x30\x82\x01\x25\xA1\x7E\x30\x7C\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x41\x55\x31\x0C\x30\x0A\x06\x03\x55\x04\x08\x13\x03\x4E\x53\x57\x31\x0F\x30\x0D\x06\x03\x55\x04\x07\x13\x06\x53\x79\x64\x6E\x65\x79\x31\x14\x30\x12\x06\x03\x55\x04\x0A\x13\x0B\x43\x41\x63\x65\x72\x74\x20\x49\x6E\x63\x2E\x31\x1E\x30\x1C\x06\x03\x55\x04\x0B\x13\x15\x53\x65\x72\x76\x65\x72\x20\x41\x64\x6D\x69\x6E\x69\x73\x74\x72\x61\x74\x69\x6F\x6E\x31\x18\x30\x16\x06\x03\x55\x04\x03\x13\x0F\x6F\x63\x73\x70\x2E\x63\x61\x63\x65\x72\x74\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x32\x30\x31\x31\x33\x30\x38\x35\x30\x34\x32\x5A\x30\x66\x30\x64\x30\x3C\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\xF2\x2A\x62\x16\x93\xA6\xDA\x5A\xD0\xB9\x8D\x3A\x13\x5E\x35\xD1\xEB\x18\x36\x61\x04\x14\x75\xA8\x71\x60\x4C\x88\x13\xF0\x78\xD9\x89\x77\xB5\x6D\xC5\x89\xDF\xBC\xB1\x7A\x02\x03\x00\xBC\xE0\x80\x00\x18\x0F\x32\x30\x31\x32\x30\x31\x31\x33\x30\x37\x32\x30\x34\x39\x5A\xA0\x11\x18\x0F\x32\x30\x31\x32\x30\x31\x31\x35\x30\x38\x35\x30\x34\x32\x5A\xA1\x2A\x30\x28\x30\x26\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x19\x04\x17\x73\x69\xD2\xC5\x6F\xC7\x7E\x2E\xB0\x2F\xCC\xC3\xE2\x80\xD6\x2A\xCE\xD3\xDE\x8F\x27\x1B\xB2\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x3E\x50\x9D\xE9\xA2\xE0\xCA\x33\x88\x9B\x28\x7E\xE7\xA4\xAF\xDA\xBB\x75\x2D\xD9\x66\xA6\xD5\xFA\x17\x56\xC0\x3B\xDD\x74\xB6\x7E\x42\x2C\x28\xD0\x73\x91\x54\x69\xFA\xCF\xD8\xC7\x74\x1C\x5D\xBC\x8E\xCD\xE3\x0E\xD5\x3F\x80\x71\x9C\x95\x53\xC4\xD1\x95\x63\x5D\x72\xCE\xCC\x77\x9D\x7C\xAD\x47\x3F\x34\xDA\x90\x80\xC5\x15\xE1\x2B\xEE\x98\x57\xA3\xA7\x9F\xA2\xC3\xF5\x5E\xF7\x13\x26\x52\xDA\x09\x38\x5B\x18\x91\x07\x38\xCF\x09\xDA\x08\xED\x80\x4F\x26\x3A\xB9\xBE\xF6\xED\x65\x3F\xB1\x3A\x6D\xA3\x87\x22\xA3\x2A\xA5\x99\xCC\x06\xF3\x5A\xD5\x34\xFB\x9E\x32\x28\xC3\x3E\xF4\xAF\x33\x02\xCF\x6A\x74\x73\x17\x24\x17\x41\x0D\x7E\x86\x79\x83\x34\xE8\x82\x0A\x0D\x21\xED\xCB\x3B\xB7\x31\x64\xC9\xB6\x1E\xC7\x0C\x75\xCE\xBA\xB7\xDC\xB2\x67\x96\x2B\xAD\xBF\x86\x22\x81\x54\x66\xBA\x68\x89\xD7\x7E\x35\x60\x93\xEC\x6B\xD8\x59\x23\xA0\xD0\x95\x55\x8F\x93\x52\x48\x4E\x48\xCB\x92\xE9\x67\x71\x60\x07\xC9\xA3\x3B\xAC\xD1\xEA\x5B\x71\xDB\xC1\x94\x79\x85\x55\x8C\x03\x61\x9E\xC7\xD6\x32\x40\xFA\xDD\xF6\xC9\xF8\xE0\xFF\x4D\xAC\x54\xED\x61\xFE\xB2\xA0\x82\x04\x99\x30\x82\x04\x95\x30\x82\x04\x91\x30\x82\x02\x79\xA0\x03\x02\x01\x02\x02\x03\x00\xDC\xA6\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x30\x54\x31\x14\x30\x12\x06\x03\x55\x04\x0A\x13\x0B\x43\x41\x63\x65\x72\x74\x20\x49\x6E\x63\x2E\x31\x1E\x30\x1C\x06\x03\x55\x04\x0B\x13\x15\x68\x74\x74\x70\x3A\x2F\x2F\x77\x77\x77\x2E\x43\x41\x63\x65\x72\x74\x2E\x6F\x72\x67\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x43\x41\x63\x65\x72\x74\x20\x43\x6C\x61\x73\x73\x20\x33\x20\x52\x6F\x6F\x74\x30\x1E\x17\x0D\x31\x31\x30\x38\x32\x33\x30\x30\x30\x38\x33\x37\x5A\x17\x0D\x31\x33\x30\x38\x32\x32\x30\x30\x30\x38\x33\x37\x5A\x30\x7C\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x41\x55\x31\x0C\x30\x0A\x06\x03\x55\x04\x08\x13\x03\x4E\x53\x57\x31\x0F\x30\x0D\x06\x03\x55\x04\x07\x13\x06\x53\x79\x64\x6E\x65\x79\x31\x14\x30\x12\x06\x03\x55\x04\x0A\x13\x0B\x43\x41\x63\x65\x72\x74\x20\x49\x6E\x63\x2E\x31\x1E\x30\x1C\x06\x03\x55\x04\x0B\x13\x15\x53\x65\x72\x76\x65\x72\x20\x41\x64\x6D\x69\x6E\x69\x73\x74\x72\x61\x74\x69\x6F\x6E\x31\x18\x30\x16\x06\x03\x55\x04\x03\x13\x0F\x6F\x63\x73\x70\x2E\x63\x61\x63\x65\x72\x74\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\x9C\xC6\xD4\x6F\xE4\x23\xC7\xC3\x70\x4B\x75\x1F\xE4\xFC\xAE\xF6\x62\xC4\x60\xA1\xD6\xCF\xF9\x47\x40\x38\xD9\xAF\x06\xF5\xB3\x87\x09\xBA\x07\xC8\x7A\x3B\xE3\x3A\xE2\xC1\x6B\xDB\x0E\x9B\x7B\xB4\x98\x04\x40\x88\xC8\xE4\x20\x34\x9D\x5F\x94\xAE\x0C\xA0\x05\xA1\x74\x10\x3F\x1F\x93\x6D\xC5\xA0\xCE\x29\xB0\x2A\x03\x6E\xED\x3B\xD1\x9A\x7A\xF7\x0F\xA7\xB7\x39\xD7\xC3\xB4\xDE\x15\x67\x94\xF2\xEF\xB0\xDD\x5F\xE3\xC9\xD8\xD2\x34\x0E\x5D\x44\xDF\xBF\x99\xD8\x5E\x60\xF4\x39\x24\x8A\xFD\x5D\xC8\x46\x8D\x0A\xB1\x60\x7A\x4F\xD5\x27\x30\x60\x9E\x13\x06\xF8\x3A\xAA\xB3\xBB\x33\x34\x6F\x84\x81\x7E\x5C\xCC\x12\x89\xF2\xFE\x6E\x93\x83\xFA\x8B\xEE\xAB\x36\x4C\xB6\x40\xA9\xEE\xFB\xF8\x16\x5A\x55\xD1\x64\x0D\x49\xDA\x04\xDE\xD1\xC8\xCA\xEE\x5F\x24\xB1\x79\x78\xB3\x9A\x88\x13\xDD\x68\x51\x39\xE9\x68\x31\xAF\xD7\xF8\x4D\x35\x6D\x60\x58\x04\x42\xBB\x55\x92\x18\xF6\x98\x01\xA5\x74\x3B\xBC\x36\xDB\x20\x68\x18\xB8\x85\xD4\x8B\x6D\x30\x87\x4D\xD6\x33\x2D\x7A\x54\x36\x1D\x57\x42\x14\x5C\x7A\x62\x74\xD5\x1E\x2B\xD5\xBF\x04\xF3\xFF\xEC\x03\xC1\x02\x03\x01\x00\x01\xA3\x44\x30\x42\x30\x0C\x06\x03\x55\x1D\x13\x01\x01\xFF\x04\x02\x30\x00\x30\x27\x06\x03\x55\x1D\x25\x04\x20\x30\x1E\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x02\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x01\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x09\x06\x03\x55\x1D\x11\x04\x02\x30\x00\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x02\x01\x00\x50\xDD\x63\xB7\x1A\x6F\x91\x4C\xE8\x7F\x82\x1A\x27\x04\x81\x05\xBB\xA6\x69\xAC\x41\x7B\x62\xFC\x4B\x08\xDC\x60\xCF\xB2\x5A\xF1\xB4\xB5\x27\x69\x6B\x12\xE4\x07\xC8\x16\xCE\x3B\x42\xCC\x02\x90\x66\x0E\x79\xB8\x6C\x4B\x90\x00\xC5\x66\x64\x92\x2B\x2B\x48\x0E\x84\xC2\x6D\xBF\xA5\xDE\x16\xE3\xBD\x19\xF5\x5C\x93\xA1\x86\x7F\xD9\x89\x78\x6A\x3F\x83\xF0\xAA\xF8\xEA\x1D\xA4\x13\xF7\x2A\x15\x4C\x51\x9C\xC4\xB0\xBE\x58\x66\xCF\x4C\x6C\x3D\x31\xE5\xF9\x54\x21\xCD\xA1\x30\x01\x6A\xB3\x1A\x48\x85\x34\x93\xB8\xF9\x15\x19\x48\x34\x8D\x73\xE7\x03\x50\xAF\xDE\x50\xC7\x62\xAF\x25\x22\x2B\xF6\xE8\x37\x2E\xE4\x71\xA9\x5C\x26\xEA\x79\xCB\x04\x29\x73\x6B\x8F\xDF\x1F\x5C\x41\x52\xC0\x36\xAA\xD7\x7D\x8E\x44\x54\x98\x06\x4C\x63\xA6\x0B\x01\x94\x5D\x0C\x5C\xD4\xCF\xCB\x0B\x7B\x2D\x56\xCC\xBF\x97\x7F\x15\x24\x1D\xBA\xEA\xB7\x97\xB0\x32\xAD\xFC\xEA\x6D\x94\x39\x7A\xE3\x25\x54\xFC\x4A\xF5\x3D\xBD\x2E\xD5\x31\x07\x49\x24\xCC\x92\x69\x0E\x79\xB9\xDF\xDB\x36\xBF\x04\x44\x15\xD0\x46\x99\x8C\xD2\x4C\x94\x38\x0E\x10\x64\x13\xAB\xD9\x1B\x54\x02\x31\x56\x20\xEE\x69\x95\xDF\x39\xBB\xE9\xA7\x6D\xC3\x23\x86\x0B\xD6\x34\x40\x37\xC3\xD4\x41\xA8\x2E\x71\x1D\x6E\x5B\xD7\xC5\x9F\x2A\xE6\x02\x80\xAE\x0A\x28\x69\x63\x4B\x89\x2E\xBD\x4F\x42\x58\xFB\x86\x9A\xA2\x18\xDC\xC6\x32\xC1\x46\xBA\x28\xD2\x8B\xCE\x56\x63\x04\x80\x51\x51\x39\x00\x3B\x00\xB9\x5F\x67\xFA\x90\x1E\xDA\x76\xB5\x31\xA5\xBD\x11\xD2\x5F\xDA\x5D\xD5\xF7\xEE\xAB\xC0\x62\x74\x60\x47\x32\x42\xFD\xB2\x2E\x04\x3A\x2E\xF2\xC8\xB3\x41\xA3\xBD\xFE\x94\x5F\xEF\x6E\xD7\x92\x7C\x1D\x04\xF0\xC6\x53\x8E\x46\xDC\x30\x3A\x35\x5F\x1A\x4B\xEA\x3B\x00\x8B\x97\xB5\xB9\xCE\x71\x6E\x5C\xD5\xA0\x0B\xB1\x33\x08\x89\x61\x23\xCF\x97\x9F\x8F\x9A\x50\xB5\xEC\xCE\x40\x8D\x82\x95\x8B\x79\x26\x66\xF3\xF4\x70\xD8\xEE\x58\xDD\x75\x29\xD5\x6A\x91\x51\x7A\x17\xBC\x4F\xD4\xA3\x45\x7B\x84\xE7\xBE\x69\x53\xC1\xE2\x5C\xC8\x45\xA0\x3A\xEC\xDF\x8A\x1E\xC1\x18\x84\x8B\x7A\x4E\x4E\x9E\x3A\x26\xFE\x5D\x22\xD4\xC5\x14\xBE\xEE\x06\xEB\x05\x4A\x66\xC9\xA4\xB3\x68\x04\xB0\x5D\x25\x54\xB3\x05\xED\x41\xF0\x65\x69\x6D\xA5\x4E\xB7\x97\xD8\xD8\xF5" +#define BLOG_RESP \ + "\x30\x82\x06\xF8\x0A\x01\x00\xA0\x82\x06\xF1\x30\x82\x06\xED\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\xDE\x30\x82\x06\xDA\x30\x82\x01\x25\xA1\x7E\x30\x7C\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x41\x55\x31\x0C\x30\x0A\x06\x03\x55\x04\x08\x13\x03\x4E\x53\x57\x31\x0F\x30\x0D\x06\x03\x55\x04\x07\x13\x06\x53\x79\x64\x6E\x65\x79\x31\x14\x30\x12\x06\x03\x55\x04\x0A\x13\x0B\x43\x41\x63\x65\x72\x74\x20\x49\x6E\x63\x2E\x31\x1E\x30\x1C\x06\x03\x55\x04\x0B\x13\x15\x53\x65\x72\x76\x65\x72\x20\x41\x64\x6D\x69\x6E\x69\x73\x74\x72\x61\x74\x69\x6F\x6E\x31\x18\x30\x16\x06\x03\x55\x04\x03\x13\x0F\x6F\x63\x73\x70\x2E\x63\x61\x63\x65\x72\x74\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x32\x30\x31\x31\x33\x30\x38\x35\x30\x34\x32\x5A\x30\x66\x30\x64\x30\x3C\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\xF2\x2A\x62\x16\x93\xA6\xDA\x5A\xD0\xB9\x8D\x3A\x13\x5E\x35\xD1\xEB\x18\x36\x61\x04\x14\x75\xA8\x71\x60\x4C\x88\x13\xF0\x78\xD9\x89\x77\xB5\x6D\xC5\x89\xDF\xBC\xB1\x7A\x02\x03\x00\xBC\xE0\x80\x00\x18\x0F\x32\x30\x31\x32\x30\x31\x31\x33\x30\x37\x32\x30\x34\x39\x5A\xA0\x11\x18\x0F\x32\x30\x31\x32\x30\x31\x31\x35\x30\x38\x35\x30\x34\x32\x5A\xA1\x2A\x30\x28\x30\x26\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x19\x04\x17\x73\x69\xD2\xC5\x6F\xC7\x7E\x2E\xB0\x2F\xCC\xC3\xE2\x80\xD6\x2A\xCE\xD3\xDE\x8F\x27\x1B\xB2\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x3E\x50\x9D\xE9\xA2\xE0\xCA\x33\x88\x9B\x28\x7E\xE7\xA4\xAF\xDA\xBB\x75\x2D\xD9\x66\xA6\xD5\xFA\x17\x56\xC0\x3B\xDD\x74\xB6\x7E\x42\x2C\x28\xD0\x73\x91\x54\x69\xFA\xCF\xD8\xC7\x74\x1C\x5D\xBC\x8E\xCD\xE3\x0E\xD5\x3F\x80\x71\x9C\x95\x53\xC4\xD1\x95\x63\x5D\x72\xCE\xCC\x77\x9D\x7C\xAD\x47\x3F\x34\xDA\x90\x80\xC5\x15\xE1\x2B\xEE\x98\x57\xA3\xA7\x9F\xA2\xC3\xF5\x5E\xF7\x13\x26\x52\xDA\x09\x38\x5B\x18\x91\x07\x38\xCF\x09\xDA\x08\xED\x80\x4F\x26\x3A\xB9\xBE\xF6\xED\x65\x3F\xB1\x3A\x6D\xA3\x87\x22\xA3\x2A\xA5\x99\xCC\x06\xF3\x5A\xD5\x34\xFB\x9E\x32\x28\xC3\x3E\xF4\xAF\x33\x02\xCF\x6A\x74\x73\x17\x24\x17\x41\x0D\x7E\x86\x79\x83\x34\xE8\x82\x0A\x0D\x21\xED\xCB\x3B\xB7\x31\x64\xC9\xB6\x1E\xC7\x0C\x75\xCE\xBA\xB7\xDC\xB2\x67\x96\x2B\xAD\xBF\x86\x22\x81\x54\x66\xBA\x68\x89\xD7\x7E\x35\x60\x93\xEC\x6B\xD8\x59\x23\xA0\xD0\x95\x55\x8F\x93\x52\x48\x4E\x48\xCB\x92\xE9\x67\x71\x60\x07\xC9\xA3\x3B\xAC\xD1\xEA\x5B\x71\xDB\xC1\x94\x79\x85\x55\x8C\x03\x61\x9E\xC7\xD6\x32\x40\xFA\xDD\xF6\xC9\xF8\xE0\xFF\x4D\xAC\x54\xED\x61\xFE\xB2\xA0\x82\x04\x99\x30\x82\x04\x95\x30\x82\x04\x91\x30\x82\x02\x79\xA0\x03\x02\x01\x02\x02\x03\x00\xDC\xA6\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x30\x54\x31\x14\x30\x12\x06\x03\x55\x04\x0A\x13\x0B\x43\x41\x63\x65\x72\x74\x20\x49\x6E\x63\x2E\x31\x1E\x30\x1C\x06\x03\x55\x04\x0B\x13\x15\x68\x74\x74\x70\x3A\x2F\x2F\x77\x77\x77\x2E\x43\x41\x63\x65\x72\x74\x2E\x6F\x72\x67\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x43\x41\x63\x65\x72\x74\x20\x43\x6C\x61\x73\x73\x20\x33\x20\x52\x6F\x6F\x74\x30\x1E\x17\x0D\x31\x31\x30\x38\x32\x33\x30\x30\x30\x38\x33\x37\x5A\x17\x0D\x31\x33\x30\x38\x32\x32\x30\x30\x30\x38\x33\x37\x5A\x30\x7C\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x41\x55\x31\x0C\x30\x0A\x06\x03\x55\x04\x08\x13\x03\x4E\x53\x57\x31\x0F\x30\x0D\x06\x03\x55\x04\x07\x13\x06\x53\x79\x64\x6E\x65\x79\x31\x14\x30\x12\x06\x03\x55\x04\x0A\x13\x0B\x43\x41\x63\x65\x72\x74\x20\x49\x6E\x63\x2E\x31\x1E\x30\x1C\x06\x03\x55\x04\x0B\x13\x15\x53\x65\x72\x76\x65\x72\x20\x41\x64\x6D\x69\x6E\x69\x73\x74\x72\x61\x74\x69\x6F\x6E\x31\x18\x30\x16\x06\x03\x55\x04\x03\x13\x0F\x6F\x63\x73\x70\x2E\x63\x61\x63\x65\x72\x74\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\x9C\xC6\xD4\x6F\xE4\x23\xC7\xC3\x70\x4B\x75\x1F\xE4\xFC\xAE\xF6\x62\xC4\x60\xA1\xD6\xCF\xF9\x47\x40\x38\xD9\xAF\x06\xF5\xB3\x87\x09\xBA\x07\xC8\x7A\x3B\xE3\x3A\xE2\xC1\x6B\xDB\x0E\x9B\x7B\xB4\x98\x04\x40\x88\xC8\xE4\x20\x34\x9D\x5F\x94\xAE\x0C\xA0\x05\xA1\x74\x10\x3F\x1F\x93\x6D\xC5\xA0\xCE\x29\xB0\x2A\x03\x6E\xED\x3B\xD1\x9A\x7A\xF7\x0F\xA7\xB7\x39\xD7\xC3\xB4\xDE\x15\x67\x94\xF2\xEF\xB0\xDD\x5F\xE3\xC9\xD8\xD2\x34\x0E\x5D\x44\xDF\xBF\x99\xD8\x5E\x60\xF4\x39\x24\x8A\xFD\x5D\xC8\x46\x8D\x0A\xB1\x60\x7A\x4F\xD5\x27\x30\x60\x9E\x13\x06\xF8\x3A\xAA\xB3\xBB\x33\x34\x6F\x84\x81\x7E\x5C\xCC\x12\x89\xF2\xFE\x6E\x93\x83\xFA\x8B\xEE\xAB\x36\x4C\xB6\x40\xA9\xEE\xFB\xF8\x16\x5A\x55\xD1\x64\x0D\x49\xDA\x04\xDE\xD1\xC8\xCA\xEE\x5F\x24\xB1\x79\x78\xB3\x9A\x88\x13\xDD\x68\x51\x39\xE9\x68\x31\xAF\xD7\xF8\x4D\x35\x6D\x60\x58\x04\x42\xBB\x55\x92\x18\xF6\x98\x01\xA5\x74\x3B\xBC\x36\xDB\x20\x68\x18\xB8\x85\xD4\x8B\x6D\x30\x87\x4D\xD6\x33\x2D\x7A\x54\x36\x1D\x57\x42\x14\x5C\x7A\x62\x74\xD5\x1E\x2B\xD5\xBF\x04\xF3\xFF\xEC\x03\xC1\x02\x03\x01\x00\x01\xA3\x44\x30\x42\x30\x0C\x06\x03\x55\x1D\x13\x01\x01\xFF\x04\x02\x30\x00\x30\x27\x06\x03\x55\x1D\x25\x04\x20\x30\x1E\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x02\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x01\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x09\x06\x03\x55\x1D\x11\x04\x02\x30\x00\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x02\x01\x00\x50\xDD\x63\xB7\x1A\x6F\x91\x4C\xE8\x7F\x82\x1A\x27\x04\x81\x05\xBB\xA6\x69\xAC\x41\x7B\x62\xFC\x4B\x08\xDC\x60\xCF\xB2\x5A\xF1\xB4\xB5\x27\x69\x6B\x12\xE4\x07\xC8\x16\xCE\x3B\x42\xCC\x02\x90\x66\x0E\x79\xB8\x6C\x4B\x90\x00\xC5\x66\x64\x92\x2B\x2B\x48\x0E\x84\xC2\x6D\xBF\xA5\xDE\x16\xE3\xBD\x19\xF5\x5C\x93\xA1\x86\x7F\xD9\x89\x78\x6A\x3F\x83\xF0\xAA\xF8\xEA\x1D\xA4\x13\xF7\x2A\x15\x4C\x51\x9C\xC4\xB0\xBE\x58\x66\xCF\x4C\x6C\x3D\x31\xE5\xF9\x54\x21\xCD\xA1\x30\x01\x6A\xB3\x1A\x48\x85\x34\x93\xB8\xF9\x15\x19\x48\x34\x8D\x73\xE7\x03\x50\xAF\xDE\x50\xC7\x62\xAF\x25\x22\x2B\xF6\xE8\x37\x2E\xE4\x71\xA9\x5C\x26\xEA\x79\xCB\x04\x29\x73\x6B\x8F\xDF\x1F\x5C\x41\x52\xC0\x36\xAA\xD7\x7D\x8E\x44\x54\x98\x06\x4C\x63\xA6\x0B\x01\x94\x5D\x0C\x5C\xD4\xCF\xCB\x0B\x7B\x2D\x56\xCC\xBF\x97\x7F\x15\x24\x1D\xBA\xEA\xB7\x97\xB0\x32\xAD\xFC\xEA\x6D\x94\x39\x7A\xE3\x25\x54\xFC\x4A\xF5\x3D\xBD\x2E\xD5\x31\x07\x49\x24\xCC\x92\x69\x0E\x79\xB9\xDF\xDB\x36\xBF\x04\x44\x15\xD0\x46\x99\x8C\xD2\x4C\x94\x38\x0E\x10\x64\x13\xAB\xD9\x1B\x54\x02\x31\x56\x20\xEE\x69\x95\xDF\x39\xBB\xE9\xA7\x6D\xC3\x23\x86\x0B\xD6\x34\x40\x37\xC3\xD4\x41\xA8\x2E\x71\x1D\x6E\x5B\xD7\xC5\x9F\x2A\xE6\x02\x80\xAE\x0A\x28\x69\x63\x4B\x89\x2E\xBD\x4F\x42\x58\xFB\x86\x9A\xA2\x18\xDC\xC6\x32\xC1\x46\xBA\x28\xD2\x8B\xCE\x56\x63\x04\x80\x51\x51\x39\x00\x3B\x00\xB9\x5F\x67\xFA\x90\x1E\xDA\x76\xB5\x31\xA5\xBD\x11\xD2\x5F\xDA\x5D\xD5\xF7\xEE\xAB\xC0\x62\x74\x60\x47\x32\x42\xFD\xB2\x2E\x04\x3A\x2E\xF2\xC8\xB3\x41\xA3\xBD\xFE\x94\x5F\xEF\x6E\xD7\x92\x7C\x1D\x04\xF0\xC6\x53\x8E\x46\xDC\x30\x3A\x35\x5F\x1A\x4B\xEA\x3B\x00\x8B\x97\xB5\xB9\xCE\x71\x6E\x5C\xD5\xA0\x0B\xB1\x33\x08\x89\x61\x23\xCF\x97\x9F\x8F\x9A\x50\xB5\xEC\xCE\x40\x8D\x82\x95\x8B\x79\x26\x66\xF3\xF4\x70\xD8\xEE\x58\xDD\x75\x29\xD5\x6A\x91\x51\x7A\x17\xBC\x4F\xD4\xA3\x45\x7B\x84\xE7\xBE\x69\x53\xC1\xE2\x5C\xC8\x45\xA0\x3A\xEC\xDF\x8A\x1E\xC1\x18\x84\x8B\x7A\x4E\x4E\x9E\x3A\x26\xFE\x5D\x22\xD4\xC5\x14\xBE\xEE\x06\xEB\x05\x4A\x66\xC9\xA4\xB3\x68\x04\xB0\x5D\x25\x54\xB3\x05\xED\x41\xF0\x65\x69\x6D\xA5\x4E\xB7\x97\xD8\xD8\xF5" -static const gnutls_datum_t blog_resp = - { (unsigned char *)BLOG_RESP, sizeof(BLOG_RESP) - 1 }; +static const gnutls_datum_t blog_resp = { (unsigned char *)BLOG_RESP, + sizeof(BLOG_RESP) - 1 }; static unsigned char blog_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIE8DCCAtigAwIBAgIDALzgMA0GCSqGSIb3DQEBBQUAMFQxFDASBgNVBAoTC0NB\n" - "Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV\n" - "BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMTAxMTE2MjI1MjMzWhcNMTIxMTE1\n" - "MjI1MjMzWjAdMRswGQYDVQQDExJibG9nLmpvc2Vmc3Nvbi5vcmcwggEiMA0GCSqG\n" - "SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBKA6bm/Kip0i00vU+BOmUF2MBDTwps41c\n" - "xKN5bDn7usWZj8loi6BHRPE2WzCVPnPRD1FJXBc4rXL8zZWrCRe1b4A+l8NjPN2o\n" - "uUgJvYLXYQ2hXkvxlPBQPKNOudaOAVsahpyxk6g6Z3mskOfqPhxvjutHvMC4fOsJ\n" - "1+FstMzvg5SpDd4uYM9m0UK8pbEUSuwW+fxyWqhciSi7kJtdrD6bwx3ub3t9GFkM\n" - "9uTzImIslTq19w8AHQsTICNnmNwfUGF5XMUIuxun0HlFt2KUP5G3Qg9Cd18wZFql\n" - "RQJvLA3nbVFtmN3M3yKXnGSsEn38ZJvC+UxFuSfYJN9UwgoG6gwhAgMBAAGjggEA\n" - "MIH9MAwGA1UdEwEB/wQCMAAwNAYDVR0lBC0wKwYIKwYBBQUHAwIGCCsGAQUFBwMB\n" - "BglghkgBhvhCBAEGCisGAQQBgjcKAwMwCwYDVR0PBAQDAgWgMDMGCCsGAQUFBwEB\n" - "BCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuY2FjZXJ0Lm9yZy8wdQYDVR0R\n" - "BG4wbIISYmxvZy5qb3NlZnNzb24ub3JnoCAGCCsGAQUFBwgFoBQMEmJsb2cuam9z\n" - "ZWZzc29uLm9yZ4ISYmxvZy5qb3NlZnNzb24ub3JnoCAGCCsGAQUFBwgFoBQMEmJs\n" - "b2cuam9zZWZzc29uLm9yZzANBgkqhkiG9w0BAQUFAAOCAgEACQX0KziT81G0XJ4C\n" - "SlVumGN0KcVPDjtiUYskMpUvyLF951Q4Uuih0Aa9c0LynyZq8yqr6sW5OTmnRfSU\n" - "DuUK5IH+IPq5PU7qteQSIy+63yjMQ+1wye1zfCWI+MyaS54AOn6uZObsr4grq41i\n" - "sTwnX8OF/z15dQBjDR18WoehsnbuMz3Ld7+w5UcVWRGDzTyZ7JrYisEywQ7TXcoK\n" - "1IlhD1TqwFucH7lIr4mPWNjL7Nw0sw11HN0Syt9H3upcq6lqyEI0ygfNZ9cdxvmX\n" - "WqOBxxLc6G/87G4nGW4jw3WrCX7LqSmChlR3SbEC1UhWpaQMQ+mOU5+vXon7blRV\n" - "zGJ/1wK8mKu3fKw9rm5TQ1xfJuRABbzsD3BrrUaHlREQQ+i6SCPVFGer6oeAaxyv\n" - "so0NCbmBQkcpmUUl0COIR/Lh/YT78PjIEfxaUnUlaZXvCbKPKP2cM8LY7ltEaTgJ\n" - "4W6sZi3QNFySzd4sz7J/YhY/jGjqku7TfpN/GOheW8AzKTBlm3WLps1YXys4TKrB\n" - "0RStfaPfRJI1PeSlrWl6+kQu/5O8WA8NK0JZ/0Jc4d5LNrtUXo4VU9XCthrxLkgL\n" - "3XWgZKFrqJd1UeJJ7OvkRYfI1c5i4oAP5ksuF0SHTpqnXE8K39kUnUx3B+ItJlZP\n" - "VXTFhXRc06QwYqYXuYSAmj7/GJk=\n" "-----END CERTIFICATE-----\n"; -const gnutls_datum_t blog_cert_data = { blog_cert_pem, - sizeof(blog_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIIE8DCCAtigAwIBAgIDALzgMA0GCSqGSIb3DQEBBQUAMFQxFDASBgNVBAoTC0NB\n" + "Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV\n" + "BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMTAxMTE2MjI1MjMzWhcNMTIxMTE1\n" + "MjI1MjMzWjAdMRswGQYDVQQDExJibG9nLmpvc2Vmc3Nvbi5vcmcwggEiMA0GCSqG\n" + "SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBKA6bm/Kip0i00vU+BOmUF2MBDTwps41c\n" + "xKN5bDn7usWZj8loi6BHRPE2WzCVPnPRD1FJXBc4rXL8zZWrCRe1b4A+l8NjPN2o\n" + "uUgJvYLXYQ2hXkvxlPBQPKNOudaOAVsahpyxk6g6Z3mskOfqPhxvjutHvMC4fOsJ\n" + "1+FstMzvg5SpDd4uYM9m0UK8pbEUSuwW+fxyWqhciSi7kJtdrD6bwx3ub3t9GFkM\n" + "9uTzImIslTq19w8AHQsTICNnmNwfUGF5XMUIuxun0HlFt2KUP5G3Qg9Cd18wZFql\n" + "RQJvLA3nbVFtmN3M3yKXnGSsEn38ZJvC+UxFuSfYJN9UwgoG6gwhAgMBAAGjggEA\n" + "MIH9MAwGA1UdEwEB/wQCMAAwNAYDVR0lBC0wKwYIKwYBBQUHAwIGCCsGAQUFBwMB\n" + "BglghkgBhvhCBAEGCisGAQQBgjcKAwMwCwYDVR0PBAQDAgWgMDMGCCsGAQUFBwEB\n" + "BCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuY2FjZXJ0Lm9yZy8wdQYDVR0R\n" + "BG4wbIISYmxvZy5qb3NlZnNzb24ub3JnoCAGCCsGAQUFBwgFoBQMEmJsb2cuam9z\n" + "ZWZzc29uLm9yZ4ISYmxvZy5qb3NlZnNzb24ub3JnoCAGCCsGAQUFBwgFoBQMEmJs\n" + "b2cuam9zZWZzc29uLm9yZzANBgkqhkiG9w0BAQUFAAOCAgEACQX0KziT81G0XJ4C\n" + "SlVumGN0KcVPDjtiUYskMpUvyLF951Q4Uuih0Aa9c0LynyZq8yqr6sW5OTmnRfSU\n" + "DuUK5IH+IPq5PU7qteQSIy+63yjMQ+1wye1zfCWI+MyaS54AOn6uZObsr4grq41i\n" + "sTwnX8OF/z15dQBjDR18WoehsnbuMz3Ld7+w5UcVWRGDzTyZ7JrYisEywQ7TXcoK\n" + "1IlhD1TqwFucH7lIr4mPWNjL7Nw0sw11HN0Syt9H3upcq6lqyEI0ygfNZ9cdxvmX\n" + "WqOBxxLc6G/87G4nGW4jw3WrCX7LqSmChlR3SbEC1UhWpaQMQ+mOU5+vXon7blRV\n" + "zGJ/1wK8mKu3fKw9rm5TQ1xfJuRABbzsD3BrrUaHlREQQ+i6SCPVFGer6oeAaxyv\n" + "so0NCbmBQkcpmUUl0COIR/Lh/YT78PjIEfxaUnUlaZXvCbKPKP2cM8LY7ltEaTgJ\n" + "4W6sZi3QNFySzd4sz7J/YhY/jGjqku7TfpN/GOheW8AzKTBlm3WLps1YXys4TKrB\n" + "0RStfaPfRJI1PeSlrWl6+kQu/5O8WA8NK0JZ/0Jc4d5LNrtUXo4VU9XCthrxLkgL\n" + "3XWgZKFrqJd1UeJJ7OvkRYfI1c5i4oAP5ksuF0SHTpqnXE8K39kUnUx3B+ItJlZP\n" + "VXTFhXRc06QwYqYXuYSAmj7/GJk=\n" + "-----END CERTIFICATE-----\n"; +const gnutls_datum_t blog_cert_data = { blog_cert_pem, sizeof(blog_cert_pem) }; static unsigned char blog_issuer_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIHWTCCBUGgAwIBAgIDCkGKMA0GCSqGSIb3DQEBCwUAMHkxEDAOBgNVBAoTB1Jv\n" - "b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ\n" - "Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y\n" - "dEBjYWNlcnQub3JnMB4XDTExMDUyMzE3NDgwMloXDTIxMDUyMDE3NDgwMlowVDEU\n" - "MBIGA1UEChMLQ0FjZXJ0IEluYy4xHjAcBgNVBAsTFWh0dHA6Ly93d3cuQ0FjZXJ0\n" - "Lm9yZzEcMBoGA1UEAxMTQ0FjZXJ0IENsYXNzIDMgUm9vdDCCAiIwDQYJKoZIhvcN\n" - "AQEBBQADggIPADCCAgoCggIBAKtJNRFIfNImflOUz0Op3SjXQiqL84d4GVh8D57a\n" - "iX3h++tykA10oZZkq5+gJJlz2uJVdscXe/UErEa4w75/ZI0QbCTzYZzA8pD6Ueb1\n" - "aQFjww9W4kpCz+JEjCUoqMV5CX1GuYrz6fM0KQhF5Byfy5QEHIGoFLOYZcRD7E6C\n" - "jQnRvapbjZLQ7N6QxX8KwuPr5jFaXnQ+lzNZ6MMDPWAzv/fRb0fEze5ig1JuLgia\n" - "pNkVGJGmhZJHsK5I6223IeyFGmhyNav/8BBdwPSUp2rVO5J+TJAFfpPBLIukjmJ0\n" - "FXFuC3ED6q8VOJrU0gVyb4z5K+taciX5OUbjchs+BMNkJyIQKopPWKcDrb60LhPt\n" - "XapI19V91Cp7XPpGBFDkzA5CW4zt2/LP/JaT4NsRNlRiNDiPDGCbO5dWOK3z0luL\n" - "oFvqTpa4fNfVoIZwQNORKbeiPK31jLvPGpKK5DR7wNhsX+kKwsOnIJpa3yxdUly6\n" - "R9Wb7yQocDggL9V/KcCyQQNokszgnMyXS0XvOhAKq3A6mJVwrTWx6oUrpByAITGp\n" - "rmB6gCZIALgBwJNjVSKRPFbnr9s6JfOPMVTqJouBWfmh0VMRxXudA/Z0EeBtsSw/\n" - "LIaRmXGapneLNGDRFLQsrJ2vjBDTn8Rq+G8T/HNZ92ZCdB6K4/jc0m+YnMtHmJVA\n" - "BfvpAgMBAAGjggINMIICCTAdBgNVHQ4EFgQUdahxYEyIE/B42Yl3tW3Fid+8sXow\n" - "gaMGA1UdIwSBmzCBmIAUFrUyG9TH8+DmjvO90rA67rI5GNGhfaR7MHkxEDAOBgNV\n" - "BAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAG\n" - "A1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYS\n" - "c3VwcG9ydEBjYWNlcnQub3JnggEAMA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUH\n" - "AQEEUTBPMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggr\n" - "BgEFBQcwAoYcaHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBB\n" - "MD8GCCsGAQQBgZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9y\n" - "Zy9pbmRleC5waHA/aWQ9MTAwNAYJYIZIAYb4QgEIBCcWJWh0dHA6Ly93d3cuQ0Fj\n" - "ZXJ0Lm9yZy9pbmRleC5waHA/aWQ9MTAwUAYJYIZIAYb4QgENBEMWQVRvIGdldCB5\n" - "b3VyIG93biBjZXJ0aWZpY2F0ZSBmb3IgRlJFRSwgZ28gdG8gaHR0cDovL3d3dy5D\n" - "QWNlcnQub3JnMA0GCSqGSIb3DQEBCwUAA4ICAQApKIWuRKm5r6R5E/CooyuXYPNc\n" - "7uMvwfbiZqARrjY3OnYVBFPqQvX56sAV2KaC2eRhrnILKVyQQ+hBsuF32wITRHhH\n" - "Va9Y/MyY9kW50SD42CEH/m2qc9SzxgfpCYXMO/K2viwcJdVxjDm1Luq+GIG6sJO4\n" - "D+Pm1yaMMVpyA4RS5qb1MyJFCsgLDYq4Nm+QCaGrvdfVTi5xotSu+qdUK+s1jVq3\n" - "VIgv7nSf7UgWyg1I0JTTrKSi9iTfkuO960NAkW4cGI5WtIIS86mTn9S8nK2cde5a\n" - "lxuV53QtHA+wLJef+6kzOXrnAzqSjiL2jA3k2X4Ndhj3AfnvlpaiVXPAPHG0HRpW\n" - "Q7fDCo1y/OIQCQtBzoyUoPkD/XFzS4pXM+WOdH4VAQDmzEoc53+VGS3FpQyLu7Xt\n" - "hbNc09+4ufLKxw0BFKxwWMWMjTPUnWajGlCVI/xI4AZDEtnNp4Y5LzZyo4AQ5OHz\n" - "0ctbGsDkgJp8E3MGT9ujayQKurMcvEp4u+XjdTilSKeiHq921F73OIZWWonO1sOn\n" - "ebJSoMbxhbQljPI/lrMQ2Y1sVzufb4Y6GIIiNsiwkTjbKqGTqoQ/9SdlrnPVyNXT\n" - "d+pLncdBu8fA46A/5H2kjXPmEkvfoXNzczqA6NXLji/L6hOn1kGLrPo8idck9U60\n" - "4GGSt/M3mMS+lqO3ig==\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIHWTCCBUGgAwIBAgIDCkGKMA0GCSqGSIb3DQEBCwUAMHkxEDAOBgNVBAoTB1Jv\n" + "b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ\n" + "Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y\n" + "dEBjYWNlcnQub3JnMB4XDTExMDUyMzE3NDgwMloXDTIxMDUyMDE3NDgwMlowVDEU\n" + "MBIGA1UEChMLQ0FjZXJ0IEluYy4xHjAcBgNVBAsTFWh0dHA6Ly93d3cuQ0FjZXJ0\n" + "Lm9yZzEcMBoGA1UEAxMTQ0FjZXJ0IENsYXNzIDMgUm9vdDCCAiIwDQYJKoZIhvcN\n" + "AQEBBQADggIPADCCAgoCggIBAKtJNRFIfNImflOUz0Op3SjXQiqL84d4GVh8D57a\n" + "iX3h++tykA10oZZkq5+gJJlz2uJVdscXe/UErEa4w75/ZI0QbCTzYZzA8pD6Ueb1\n" + "aQFjww9W4kpCz+JEjCUoqMV5CX1GuYrz6fM0KQhF5Byfy5QEHIGoFLOYZcRD7E6C\n" + "jQnRvapbjZLQ7N6QxX8KwuPr5jFaXnQ+lzNZ6MMDPWAzv/fRb0fEze5ig1JuLgia\n" + "pNkVGJGmhZJHsK5I6223IeyFGmhyNav/8BBdwPSUp2rVO5J+TJAFfpPBLIukjmJ0\n" + "FXFuC3ED6q8VOJrU0gVyb4z5K+taciX5OUbjchs+BMNkJyIQKopPWKcDrb60LhPt\n" + "XapI19V91Cp7XPpGBFDkzA5CW4zt2/LP/JaT4NsRNlRiNDiPDGCbO5dWOK3z0luL\n" + "oFvqTpa4fNfVoIZwQNORKbeiPK31jLvPGpKK5DR7wNhsX+kKwsOnIJpa3yxdUly6\n" + "R9Wb7yQocDggL9V/KcCyQQNokszgnMyXS0XvOhAKq3A6mJVwrTWx6oUrpByAITGp\n" + "rmB6gCZIALgBwJNjVSKRPFbnr9s6JfOPMVTqJouBWfmh0VMRxXudA/Z0EeBtsSw/\n" + "LIaRmXGapneLNGDRFLQsrJ2vjBDTn8Rq+G8T/HNZ92ZCdB6K4/jc0m+YnMtHmJVA\n" + "BfvpAgMBAAGjggINMIICCTAdBgNVHQ4EFgQUdahxYEyIE/B42Yl3tW3Fid+8sXow\n" + "gaMGA1UdIwSBmzCBmIAUFrUyG9TH8+DmjvO90rA67rI5GNGhfaR7MHkxEDAOBgNV\n" + "BAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAG\n" + "A1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYS\n" + "c3VwcG9ydEBjYWNlcnQub3JnggEAMA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUH\n" + "AQEEUTBPMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggr\n" + "BgEFBQcwAoYcaHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBB\n" + "MD8GCCsGAQQBgZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9y\n" + "Zy9pbmRleC5waHA/aWQ9MTAwNAYJYIZIAYb4QgEIBCcWJWh0dHA6Ly93d3cuQ0Fj\n" + "ZXJ0Lm9yZy9pbmRleC5waHA/aWQ9MTAwUAYJYIZIAYb4QgENBEMWQVRvIGdldCB5\n" + "b3VyIG93biBjZXJ0aWZpY2F0ZSBmb3IgRlJFRSwgZ28gdG8gaHR0cDovL3d3dy5D\n" + "QWNlcnQub3JnMA0GCSqGSIb3DQEBCwUAA4ICAQApKIWuRKm5r6R5E/CooyuXYPNc\n" + "7uMvwfbiZqARrjY3OnYVBFPqQvX56sAV2KaC2eRhrnILKVyQQ+hBsuF32wITRHhH\n" + "Va9Y/MyY9kW50SD42CEH/m2qc9SzxgfpCYXMO/K2viwcJdVxjDm1Luq+GIG6sJO4\n" + "D+Pm1yaMMVpyA4RS5qb1MyJFCsgLDYq4Nm+QCaGrvdfVTi5xotSu+qdUK+s1jVq3\n" + "VIgv7nSf7UgWyg1I0JTTrKSi9iTfkuO960NAkW4cGI5WtIIS86mTn9S8nK2cde5a\n" + "lxuV53QtHA+wLJef+6kzOXrnAzqSjiL2jA3k2X4Ndhj3AfnvlpaiVXPAPHG0HRpW\n" + "Q7fDCo1y/OIQCQtBzoyUoPkD/XFzS4pXM+WOdH4VAQDmzEoc53+VGS3FpQyLu7Xt\n" + "hbNc09+4ufLKxw0BFKxwWMWMjTPUnWajGlCVI/xI4AZDEtnNp4Y5LzZyo4AQ5OHz\n" + "0ctbGsDkgJp8E3MGT9ujayQKurMcvEp4u+XjdTilSKeiHq921F73OIZWWonO1sOn\n" + "ebJSoMbxhbQljPI/lrMQ2Y1sVzufb4Y6GIIiNsiwkTjbKqGTqoQ/9SdlrnPVyNXT\n" + "d+pLncdBu8fA46A/5H2kjXPmEkvfoXNzczqA6NXLji/L6hOn1kGLrPo8idck9U60\n" + "4GGSt/M3mMS+lqO3ig==\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t blog_issuer_data = { blog_issuer_pem, - sizeof(blog_issuer_pem) -}; + sizeof(blog_issuer_pem) }; static unsigned char blog_signer_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEkTCCAnmgAwIBAgIDANymMA0GCSqGSIb3DQEBBQUAMFQxFDASBgNVBAoTC0NB\n" - "Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV\n" - "BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMTEwODIzMDAwODM3WhcNMTMwODIy\n" - "MDAwODM3WjB8MQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT\n" - "eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMR4wHAYDVQQLExVTZXJ2ZXIgQWRt\n" - "aW5pc3RyYXRpb24xGDAWBgNVBAMTD29jc3AuY2FjZXJ0Lm9yZzCCASIwDQYJKoZI\n" - "hvcNAQEBBQADggEPADCCAQoCggEBAJzG1G/kI8fDcEt1H+T8rvZixGCh1s/5R0A4\n" - "2a8G9bOHCboHyHo74zriwWvbDpt7tJgEQIjI5CA0nV+UrgygBaF0ED8fk23FoM4p\n" - "sCoDbu070Zp69w+ntznXw7TeFWeU8u+w3V/jydjSNA5dRN+/mdheYPQ5JIr9XchG\n" - "jQqxYHpP1ScwYJ4TBvg6qrO7MzRvhIF+XMwSifL+bpOD+ovuqzZMtkCp7vv4FlpV\n" - "0WQNSdoE3tHIyu5fJLF5eLOaiBPdaFE56Wgxr9f4TTVtYFgEQrtVkhj2mAGldDu8\n" - "NtsgaBi4hdSLbTCHTdYzLXpUNh1XQhRcemJ01R4r1b8E8//sA8ECAwEAAaNEMEIw\n" - "DAYDVR0TAQH/BAIwADAnBgNVHSUEIDAeBggrBgEFBQcDAgYIKwYBBQUHAwEGCCsG\n" - "AQUFBwMJMAkGA1UdEQQCMAAwDQYJKoZIhvcNAQEFBQADggIBAFDdY7cab5FM6H+C\n" - "GicEgQW7pmmsQXti/EsI3GDPslrxtLUnaWsS5AfIFs47QswCkGYOebhsS5AAxWZk\n" - "kisrSA6Ewm2/pd4W470Z9VyToYZ/2Yl4aj+D8Kr46h2kE/cqFUxRnMSwvlhmz0xs\n" - "PTHl+VQhzaEwAWqzGkiFNJO4+RUZSDSNc+cDUK/eUMdiryUiK/boNy7kcalcJup5\n" - "ywQpc2uP3x9cQVLANqrXfY5EVJgGTGOmCwGUXQxc1M/LC3stVsy/l38VJB266reX\n" - "sDKt/OptlDl64yVU/Er1Pb0u1TEHSSTMkmkOebnf2za/BEQV0EaZjNJMlDgOEGQT\n" - "q9kbVAIxViDuaZXfObvpp23DI4YL1jRAN8PUQagucR1uW9fFnyrmAoCuCihpY0uJ\n" - "Lr1PQlj7hpqiGNzGMsFGuijSi85WYwSAUVE5ADsAuV9n+pAe2na1MaW9EdJf2l3V\n" - "9+6rwGJ0YEcyQv2yLgQ6LvLIs0Gjvf6UX+9u15J8HQTwxlOORtwwOjVfGkvqOwCL\n" - "l7W5znFuXNWgC7EzCIlhI8+Xn4+aULXszkCNgpWLeSZm8/Rw2O5Y3XUp1WqRUXoX\n" - "vE/Uo0V7hOe+aVPB4lzIRaA67N+KHsEYhIt6Tk6eOib+XSLUxRS+7gbrBUpmyaSz\n" - "aASwXSVUswXtQfBlaW2lTreX2Nj1\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIEkTCCAnmgAwIBAgIDANymMA0GCSqGSIb3DQEBBQUAMFQxFDASBgNVBAoTC0NB\n" + "Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV\n" + "BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMTEwODIzMDAwODM3WhcNMTMwODIy\n" + "MDAwODM3WjB8MQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT\n" + "eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMR4wHAYDVQQLExVTZXJ2ZXIgQWRt\n" + "aW5pc3RyYXRpb24xGDAWBgNVBAMTD29jc3AuY2FjZXJ0Lm9yZzCCASIwDQYJKoZI\n" + "hvcNAQEBBQADggEPADCCAQoCggEBAJzG1G/kI8fDcEt1H+T8rvZixGCh1s/5R0A4\n" + "2a8G9bOHCboHyHo74zriwWvbDpt7tJgEQIjI5CA0nV+UrgygBaF0ED8fk23FoM4p\n" + "sCoDbu070Zp69w+ntznXw7TeFWeU8u+w3V/jydjSNA5dRN+/mdheYPQ5JIr9XchG\n" + "jQqxYHpP1ScwYJ4TBvg6qrO7MzRvhIF+XMwSifL+bpOD+ovuqzZMtkCp7vv4FlpV\n" + "0WQNSdoE3tHIyu5fJLF5eLOaiBPdaFE56Wgxr9f4TTVtYFgEQrtVkhj2mAGldDu8\n" + "NtsgaBi4hdSLbTCHTdYzLXpUNh1XQhRcemJ01R4r1b8E8//sA8ECAwEAAaNEMEIw\n" + "DAYDVR0TAQH/BAIwADAnBgNVHSUEIDAeBggrBgEFBQcDAgYIKwYBBQUHAwEGCCsG\n" + "AQUFBwMJMAkGA1UdEQQCMAAwDQYJKoZIhvcNAQEFBQADggIBAFDdY7cab5FM6H+C\n" + "GicEgQW7pmmsQXti/EsI3GDPslrxtLUnaWsS5AfIFs47QswCkGYOebhsS5AAxWZk\n" + "kisrSA6Ewm2/pd4W470Z9VyToYZ/2Yl4aj+D8Kr46h2kE/cqFUxRnMSwvlhmz0xs\n" + "PTHl+VQhzaEwAWqzGkiFNJO4+RUZSDSNc+cDUK/eUMdiryUiK/boNy7kcalcJup5\n" + "ywQpc2uP3x9cQVLANqrXfY5EVJgGTGOmCwGUXQxc1M/LC3stVsy/l38VJB266reX\n" + "sDKt/OptlDl64yVU/Er1Pb0u1TEHSSTMkmkOebnf2za/BEQV0EaZjNJMlDgOEGQT\n" + "q9kbVAIxViDuaZXfObvpp23DI4YL1jRAN8PUQagucR1uW9fFnyrmAoCuCihpY0uJ\n" + "Lr1PQlj7hpqiGNzGMsFGuijSi85WYwSAUVE5ADsAuV9n+pAe2na1MaW9EdJf2l3V\n" + "9+6rwGJ0YEcyQv2yLgQ6LvLIs0Gjvf6UX+9u15J8HQTwxlOORtwwOjVfGkvqOwCL\n" + "l7W5znFuXNWgC7EzCIlhI8+Xn4+aULXszkCNgpWLeSZm8/Rw2O5Y3XUp1WqRUXoX\n" + "vE/Uo0V7hOe+aVPB4lzIRaA67N+KHsEYhIt6Tk6eOib+XSLUxRS+7gbrBUpmyaSz\n" + "aASwXSVUswXtQfBlaW2lTreX2Nj1\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t blog_signer_data = { blog_signer_pem, - sizeof(blog_signer_pem) -}; + sizeof(blog_signer_pem) }; static unsigned char long_resp_signer_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIE3zCCA8egAwIBAgIQPZqC0NHDL2/ghF+ZEe5TQjANBgkqhkiG9w0BAQUFADCB\n" - "tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" - "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" - "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm\n" - "VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTQwOTEy\n" - "MDAwMDAwWhcNMTQxMjExMjM1OTU5WjCBhzELMAkGA1UEBhMCVVMxFzAVBgNVBAoT\n" - "DlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3Jr\n" - "MT4wPAYDVQQDEzVWZXJpU2lnbiBDbGFzcyAzIFNlY3VyZSBTZXJ2ZXIgQ0EgLSBH\n" - "MyBPQ1NQIFJlc3BvbmRlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n" - "ALbm3lapt756SdAuFIelnhbtZvin09w/iS38GoMpR9A326dcSiKwmk7LYnLEkgQI\n" - "mb5g4Nx6+nkQuhZoJiSxvqoPTgwt1nZtQ4v1weitmI1elgOSin+YrrjxPCpiYrFp\n" - "j3qwbMz2K5ktlXl/2FeY5XWYuzz4ZscfxPF1mb1Nd5C7I+rZOE7nj7m9aQPEczgp\n" - "hfZbMBb5kceeuskBkGyv05PwYbSkPTA4bzNA5dKT2ZsXzp+XC92EssV2smRiR/A1\n" - "ai0uLUZeB4bJgICs6PNxPUaLt1Sn2gBgi+iw3039/8aAbx52FJm1yVv3MRDtaVqR\n" - "l1kWCnyG/VLEhP1YcyeAC0cCAwEAAaOCARUwggERMAkGA1UdEwQCMAAwgawGA1Ud\n" - "IASBpDCBoTCBngYLYIZIAYb4RQEHFwMwgY4wKAYIKwYBBQUHAgEWHGh0dHBzOi8v\n" - "d3d3LnZlcmlzaWduLmNvbS9DUFMwYgYIKwYBBQUHAgIwVjAVFg5WZXJpU2lnbiwg\n" - "SW5jLjADAgEBGj1WZXJpU2lnbidzIENQUyBpbmNvcnAuIGJ5IHJlZmVyZW5jZSBs\n" - "aWFiLiBsdGQuIChjKTk3IFZlcmlTaWduMBMGA1UdJQQMMAoGCCsGAQUFBwMJMAsG\n" - "A1UdDwQEAwIHgDAPBgkrBgEFBQcwAQUEAgUAMCIGA1UdEQQbMBmkFzAVMRMwEQYD\n" - "VQQDEwpUR1YtQi0xNzk4MA0GCSqGSIb3DQEBBQUAA4IBAQCM8gJSyR4O8S5m52za\n" - "FSzMfAcai+j5AqoRhYmY/+n/Hs/2bAdPy/6a+ukWGwhWZQRYLNr7SSSBkuSuVk/W\n" - "zZX9VJmxAt1WzFRrXvgFyjSDtnqtg89LJbUOz5hG95d/scgb3ndv5Ey5193H/b8T\n" - "O6GZ933J0O3X6qk4bnMBDUPFXgyn0Xfv0jeYzOa/Tu2IPpcf0ugogbrZscsIZWFy\n" - "jFlwHnFGpd2k1GXaFRPqxk+qtLAxJtjN+DfkmxGNoIAv1hHXpBhDhuzTpnmXVf32\n" - "YfFIyYfRt/x/Z4hztF/MZ41QxJdZIqvCMooi1GAgeG2jkXLx+x6ppfhkN7+zOF8A\n" - "4W5J\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIE3zCCA8egAwIBAgIQPZqC0NHDL2/ghF+ZEe5TQjANBgkqhkiG9w0BAQUFADCB\n" + "tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" + "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" + "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm\n" + "VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTQwOTEy\n" + "MDAwMDAwWhcNMTQxMjExMjM1OTU5WjCBhzELMAkGA1UEBhMCVVMxFzAVBgNVBAoT\n" + "DlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3Jr\n" + "MT4wPAYDVQQDEzVWZXJpU2lnbiBDbGFzcyAzIFNlY3VyZSBTZXJ2ZXIgQ0EgLSBH\n" + "MyBPQ1NQIFJlc3BvbmRlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n" + "ALbm3lapt756SdAuFIelnhbtZvin09w/iS38GoMpR9A326dcSiKwmk7LYnLEkgQI\n" + "mb5g4Nx6+nkQuhZoJiSxvqoPTgwt1nZtQ4v1weitmI1elgOSin+YrrjxPCpiYrFp\n" + "j3qwbMz2K5ktlXl/2FeY5XWYuzz4ZscfxPF1mb1Nd5C7I+rZOE7nj7m9aQPEczgp\n" + "hfZbMBb5kceeuskBkGyv05PwYbSkPTA4bzNA5dKT2ZsXzp+XC92EssV2smRiR/A1\n" + "ai0uLUZeB4bJgICs6PNxPUaLt1Sn2gBgi+iw3039/8aAbx52FJm1yVv3MRDtaVqR\n" + "l1kWCnyG/VLEhP1YcyeAC0cCAwEAAaOCARUwggERMAkGA1UdEwQCMAAwgawGA1Ud\n" + "IASBpDCBoTCBngYLYIZIAYb4RQEHFwMwgY4wKAYIKwYBBQUHAgEWHGh0dHBzOi8v\n" + "d3d3LnZlcmlzaWduLmNvbS9DUFMwYgYIKwYBBQUHAgIwVjAVFg5WZXJpU2lnbiwg\n" + "SW5jLjADAgEBGj1WZXJpU2lnbidzIENQUyBpbmNvcnAuIGJ5IHJlZmVyZW5jZSBs\n" + "aWFiLiBsdGQuIChjKTk3IFZlcmlTaWduMBMGA1UdJQQMMAoGCCsGAQUFBwMJMAsG\n" + "A1UdDwQEAwIHgDAPBgkrBgEFBQcwAQUEAgUAMCIGA1UdEQQbMBmkFzAVMRMwEQYD\n" + "VQQDEwpUR1YtQi0xNzk4MA0GCSqGSIb3DQEBBQUAA4IBAQCM8gJSyR4O8S5m52za\n" + "FSzMfAcai+j5AqoRhYmY/+n/Hs/2bAdPy/6a+ukWGwhWZQRYLNr7SSSBkuSuVk/W\n" + "zZX9VJmxAt1WzFRrXvgFyjSDtnqtg89LJbUOz5hG95d/scgb3ndv5Ey5193H/b8T\n" + "O6GZ933J0O3X6qk4bnMBDUPFXgyn0Xfv0jeYzOa/Tu2IPpcf0ugogbrZscsIZWFy\n" + "jFlwHnFGpd2k1GXaFRPqxk+qtLAxJtjN+DfkmxGNoIAv1hHXpBhDhuzTpnmXVf32\n" + "YfFIyYfRt/x/Z4hztF/MZ41QxJdZIqvCMooi1GAgeG2jkXLx+x6ppfhkN7+zOF8A\n" + "4W5J\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t long_resp_signer_data = { long_resp_signer_pem, - sizeof(long_resp_signer_pem) -}; + sizeof(long_resp_signer_pem) }; static unsigned char long_resp_str[] = - "\x30\x82\x06\xbe\x0a\x01\x00\xa0\x82\x06\xb7\x30\x82\x06\xb3\x06" - "\x09\x2b\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\xa4\x30\x82" - "\x06\xa0\x30\x81\x9e\xa2\x16\x04\x14\x81\x75\x7a\x7e\x22\xc8\xa4" - "\x4c\xdf\x9f\x2d\x3f\x87\x61\xaf\x57\xe1\xaf\x4f\xd9\x18\x0f\x32" - "\x30\x31\x34\x31\x31\x31\x30\x32\x30\x33\x33\x31\x37\x5a\x30\x73" - "\x30\x71\x30\x49\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04" - "\x14\x0c\x81\x29\x38\x74\xb2\x96\x29\x10\x7e\xd8\x35\x62\x52\x64" - "\x04\x53\x0d\xe0\x83\x04\x14\x0d\x44\x5c\x16\x53\x44\xc1\x82\x7e" - "\x1d\x20\xab\x25\xf4\x01\x63\xd8\xbe\x79\xa5\x02\x10\x4e\xeb\x31" - "\x09\x63\x39\x4e\x8e\xa0\x4e\x70\x9c\xa9\x1d\xcd\xa6\x80\x00\x18" - "\x0f\x32\x30\x31\x34\x31\x31\x31\x30\x32\x30\x33\x33\x31\x37\x5a" - "\xa0\x11\x18\x0f\x32\x30\x31\x34\x31\x31\x31\x37\x32\x30\x33\x33" - "\x31\x37\x5a\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05" - "\x05\x00\x03\x82\x01\x01\x00\x67\xf8\x80\x8d\x1b\x17\x3d\xbe\x81" - "\xf4\x3e\x74\x6d\x65\x5d\x9c\xdf\xd7\xdc\x7c\xd5\x23\x75\x24\xaa" - "\x55\x8f\xa5\x99\xf8\x27\xd6\x69\x8e\x5a\x25\x0d\x5e\x1e\x49\xfc" - "\x50\x98\x7b\xe7\x49\xfb\x05\xa5\x04\x46\xb7\x5e\xf6\x20\x46\x18" - "\xd5\xdc\x70\xd8\x99\x2b\x64\x12\xae\x74\x8e\xa1\xdb\x0e\x9f\x11" - "\x47\xdf\x87\x6e\x9d\xb9\x13\xaa\x66\x33\x8c\xf3\x3d\xed\x33\x57" - "\x7d\x4c\x82\x21\xc6\x18\x67\x56\xbe\x46\x78\xa8\xec\xd0\x5b\xc0" - "\x2d\xb6\xee\x5a\xd8\xbf\xc3\xea\x49\xcd\x6d\x01\x97\x6e\x3a\x81" - "\x0f\x06\x16\xb4\x1e\x15\x08\x5c\x46\x35\x44\xa4\x06\x84\x32\xaa" - "\x1b\xb7\xc2\x97\xbf\xfd\xc8\xe2\x6b\x7a\xa2\x40\x3b\x50\x59\xd2" - "\xbe\xa2\x26\x09\xea\xf7\xc1\x9e\x89\x1d\x34\x79\xc3\xba\xa6\xb8" - "\x09\x92\xc8\xee\xa4\xe2\xe2\x32\x43\x48\xc8\xf6\x69\xe5\xde\x33" - "\x75\xe8\x38\x8a\xb0\xda\x19\x38\x75\x39\xab\xd6\x3f\x70\xcc\x4e" - "\x45\x16\x2a\x82\x32\x8e\x48\x92\xa4\x1f\xe9\x46\x85\x18\x78\xa7" - "\x46\xf7\x11\x9e\x37\x95\x1a\xc3\x30\x2d\x90\x6a\xc3\xfd\x95\x81" - "\x6b\xb1\xcb\x12\x26\x9e\xe4\xd3\x2a\xc1\xdf\x82\x57\xf2\x21\xea" - "\x6a\x16\x12\x40\x94\xe1\xc9\xa0\x82\x04\xe7\x30\x82\x04\xe3\x30" - "\x82\x04\xdf\x30\x82\x03\xc7\xa0\x03\x02\x01\x02\x02\x10\x3d\x9a" - "\x82\xd0\xd1\xc3\x2f\x6f\xe0\x84\x5f\x99\x11\xee\x53\x42\x30\x0d" - "\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x30\x81\xb5" - "\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x55\x53\x31\x17\x30" - "\x15\x06\x03\x55\x04\x0a\x13\x0e\x56\x65\x72\x69\x53\x69\x67\x6e" - "\x2c\x20\x49\x6e\x63\x2e\x31\x1f\x30\x1d\x06\x03\x55\x04\x0b\x13" - "\x16\x56\x65\x72\x69\x53\x69\x67\x6e\x20\x54\x72\x75\x73\x74\x20" - "\x4e\x65\x74\x77\x6f\x72\x6b\x31\x3b\x30\x39\x06\x03\x55\x04\x0b" - "\x13\x32\x54\x65\x72\x6d\x73\x20\x6f\x66\x20\x75\x73\x65\x20\x61" - "\x74\x20\x68\x74\x74\x70\x73\x3a\x2f\x2f\x77\x77\x77\x2e\x76\x65" - "\x72\x69\x73\x69\x67\x6e\x2e\x63\x6f\x6d\x2f\x72\x70\x61\x20\x28" - "\x63\x29\x31\x30\x31\x2f\x30\x2d\x06\x03\x55\x04\x03\x13\x26\x56" - "\x65\x72\x69\x53\x69\x67\x6e\x20\x43\x6c\x61\x73\x73\x20\x33\x20" - "\x53\x65\x63\x75\x72\x65\x20\x53\x65\x72\x76\x65\x72\x20\x43\x41" - "\x20\x2d\x20\x47\x33\x30\x1e\x17\x0d\x31\x34\x30\x39\x31\x32\x30" - "\x30\x30\x30\x30\x30\x5a\x17\x0d\x31\x34\x31\x32\x31\x31\x32\x33" - "\x35\x39\x35\x39\x5a\x30\x81\x87\x31\x0b\x30\x09\x06\x03\x55\x04" - "\x06\x13\x02\x55\x53\x31\x17\x30\x15\x06\x03\x55\x04\x0a\x13\x0e" - "\x56\x65\x72\x69\x53\x69\x67\x6e\x2c\x20\x49\x6e\x63\x2e\x31\x1f" - "\x30\x1d\x06\x03\x55\x04\x0b\x13\x16\x56\x65\x72\x69\x53\x69\x67" - "\x6e\x20\x54\x72\x75\x73\x74\x20\x4e\x65\x74\x77\x6f\x72\x6b\x31" - "\x3e\x30\x3c\x06\x03\x55\x04\x03\x13\x35\x56\x65\x72\x69\x53\x69" - "\x67\x6e\x20\x43\x6c\x61\x73\x73\x20\x33\x20\x53\x65\x63\x75\x72" - "\x65\x20\x53\x65\x72\x76\x65\x72\x20\x43\x41\x20\x2d\x20\x47\x33" - "\x20\x4f\x43\x53\x50\x20\x52\x65\x73\x70\x6f\x6e\x64\x65\x72\x30" - "\x82\x01\x22\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01" - "\x05\x00\x03\x82\x01\x0f\x00\x30\x82\x01\x0a\x02\x82\x01\x01\x00" - "\xb6\xe6\xde\x56\xa9\xb7\xbe\x7a\x49\xd0\x2e\x14\x87\xa5\x9e\x16" - "\xed\x66\xf8\xa7\xd3\xdc\x3f\x89\x2d\xfc\x1a\x83\x29\x47\xd0\x37" - "\xdb\xa7\x5c\x4a\x22\xb0\x9a\x4e\xcb\x62\x72\xc4\x92\x04\x08\x99" - "\xbe\x60\xe0\xdc\x7a\xfa\x79\x10\xba\x16\x68\x26\x24\xb1\xbe\xaa" - "\x0f\x4e\x0c\x2d\xd6\x76\x6d\x43\x8b\xf5\xc1\xe8\xad\x98\x8d\x5e" - "\x96\x03\x92\x8a\x7f\x98\xae\xb8\xf1\x3c\x2a\x62\x62\xb1\x69\x8f" - "\x7a\xb0\x6c\xcc\xf6\x2b\x99\x2d\x95\x79\x7f\xd8\x57\x98\xe5\x75" - "\x98\xbb\x3c\xf8\x66\xc7\x1f\xc4\xf1\x75\x99\xbd\x4d\x77\x90\xbb" - "\x23\xea\xd9\x38\x4e\xe7\x8f\xb9\xbd\x69\x03\xc4\x73\x38\x29\x85" - "\xf6\x5b\x30\x16\xf9\x91\xc7\x9e\xba\xc9\x01\x90\x6c\xaf\xd3\x93" - "\xf0\x61\xb4\xa4\x3d\x30\x38\x6f\x33\x40\xe5\xd2\x93\xd9\x9b\x17" - "\xce\x9f\x97\x0b\xdd\x84\xb2\xc5\x76\xb2\x64\x62\x47\xf0\x35\x6a" - "\x2d\x2e\x2d\x46\x5e\x07\x86\xc9\x80\x80\xac\xe8\xf3\x71\x3d\x46" - "\x8b\xb7\x54\xa7\xda\x00\x60\x8b\xe8\xb0\xdf\x4d\xfd\xff\xc6\x80" - "\x6f\x1e\x76\x14\x99\xb5\xc9\x5b\xf7\x31\x10\xed\x69\x5a\x91\x97" - "\x59\x16\x0a\x7c\x86\xfd\x52\xc4\x84\xfd\x58\x73\x27\x80\x0b\x47" - "\x02\x03\x01\x00\x01\xa3\x82\x01\x15\x30\x82\x01\x11\x30\x09\x06" - "\x03\x55\x1d\x13\x04\x02\x30\x00\x30\x81\xac\x06\x03\x55\x1d\x20" - "\x04\x81\xa4\x30\x81\xa1\x30\x81\x9e\x06\x0b\x60\x86\x48\x01\x86" - "\xf8\x45\x01\x07\x17\x03\x30\x81\x8e\x30\x28\x06\x08\x2b\x06\x01" - "\x05\x05\x07\x02\x01\x16\x1c\x68\x74\x74\x70\x73\x3a\x2f\x2f\x77" - "\x77\x77\x2e\x76\x65\x72\x69\x73\x69\x67\x6e\x2e\x63\x6f\x6d\x2f" - "\x43\x50\x53\x30\x62\x06\x08\x2b\x06\x01\x05\x05\x07\x02\x02\x30" - "\x56\x30\x15\x16\x0e\x56\x65\x72\x69\x53\x69\x67\x6e\x2c\x20\x49" - "\x6e\x63\x2e\x30\x03\x02\x01\x01\x1a\x3d\x56\x65\x72\x69\x53\x69" - "\x67\x6e\x27\x73\x20\x43\x50\x53\x20\x69\x6e\x63\x6f\x72\x70\x2e" - "\x20\x62\x79\x20\x72\x65\x66\x65\x72\x65\x6e\x63\x65\x20\x6c\x69" - "\x61\x62\x2e\x20\x6c\x74\x64\x2e\x20\x28\x63\x29\x39\x37\x20\x56" - "\x65\x72\x69\x53\x69\x67\x6e\x30\x13\x06\x03\x55\x1d\x25\x04\x0c" - "\x30\x0a\x06\x08\x2b\x06\x01\x05\x05\x07\x03\x09\x30\x0b\x06\x03" - "\x55\x1d\x0f\x04\x04\x03\x02\x07\x80\x30\x0f\x06\x09\x2b\x06\x01" - "\x05\x05\x07\x30\x01\x05\x04\x02\x05\x00\x30\x22\x06\x03\x55\x1d" - "\x11\x04\x1b\x30\x19\xa4\x17\x30\x15\x31\x13\x30\x11\x06\x03\x55" - "\x04\x03\x13\x0a\x54\x47\x56\x2d\x42\x2d\x31\x37\x39\x38\x30\x0d" - "\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x03\x82\x01" - "\x01\x00\x8c\xf2\x02\x52\xc9\x1e\x0e\xf1\x2e\x66\xe7\x6c\xda\x15" - "\x2c\xcc\x7c\x07\x1a\x8b\xe8\xf9\x02\xaa\x11\x85\x89\x98\xff\xe9" - "\xff\x1e\xcf\xf6\x6c\x07\x4f\xcb\xfe\x9a\xfa\xe9\x16\x1b\x08\x56" - "\x65\x04\x58\x2c\xda\xfb\x49\x24\x81\x92\xe4\xae\x56\x4f\xd6\xcd" - "\x95\xfd\x54\x99\xb1\x02\xdd\x56\xcc\x54\x6b\x5e\xf8\x05\xca\x34" - "\x83\xb6\x7a\xad\x83\xcf\x4b\x25\xb5\x0e\xcf\x98\x46\xf7\x97\x7f" - "\xb1\xc8\x1b\xde\x77\x6f\xe4\x4c\xb9\xd7\xdd\xc7\xfd\xbf\x13\x3b" - "\xa1\x99\xf7\x7d\xc9\xd0\xed\xd7\xea\xa9\x38\x6e\x73\x01\x0d\x43" - "\xc5\x5e\x0c\xa7\xd1\x77\xef\xd2\x37\x98\xcc\xe6\xbf\x4e\xed\x88" - "\x3e\x97\x1f\xd2\xe8\x28\x81\xba\xd9\xb1\xcb\x08\x65\x61\x72\x8c" - "\x59\x70\x1e\x71\x46\xa5\xdd\xa4\xd4\x65\xda\x15\x13\xea\xc6\x4f" - "\xaa\xb4\xb0\x31\x26\xd8\xcd\xf8\x37\xe4\x9b\x11\x8d\xa0\x80\x2f" - "\xd6\x11\xd7\xa4\x18\x43\x86\xec\xd3\xa6\x79\x97\x55\xfd\xf6\x61" - "\xf1\x48\xc9\x87\xd1\xb7\xfc\x7f\x67\x88\x73\xb4\x5f\xcc\x67\x8d" - "\x50\xc4\x97\x59\x22\xab\xc2\x32\x8a\x22\xd4\x60\x20\x78\x6d\xa3" - "\x91\x72\xf1\xfb\x1e\xa9\xa5\xf8\x64\x37\xbf\xb3\x38\x5f\x00\xe1" - "\x6e\x49"; + "\x30\x82\x06\xbe\x0a\x01\x00\xa0\x82\x06\xb7\x30\x82\x06\xb3\x06" + "\x09\x2b\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\xa4\x30\x82" + "\x06\xa0\x30\x81\x9e\xa2\x16\x04\x14\x81\x75\x7a\x7e\x22\xc8\xa4" + "\x4c\xdf\x9f\x2d\x3f\x87\x61\xaf\x57\xe1\xaf\x4f\xd9\x18\x0f\x32" + "\x30\x31\x34\x31\x31\x31\x30\x32\x30\x33\x33\x31\x37\x5a\x30\x73" + "\x30\x71\x30\x49\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04" + "\x14\x0c\x81\x29\x38\x74\xb2\x96\x29\x10\x7e\xd8\x35\x62\x52\x64" + "\x04\x53\x0d\xe0\x83\x04\x14\x0d\x44\x5c\x16\x53\x44\xc1\x82\x7e" + "\x1d\x20\xab\x25\xf4\x01\x63\xd8\xbe\x79\xa5\x02\x10\x4e\xeb\x31" + "\x09\x63\x39\x4e\x8e\xa0\x4e\x70\x9c\xa9\x1d\xcd\xa6\x80\x00\x18" + "\x0f\x32\x30\x31\x34\x31\x31\x31\x30\x32\x30\x33\x33\x31\x37\x5a" + "\xa0\x11\x18\x0f\x32\x30\x31\x34\x31\x31\x31\x37\x32\x30\x33\x33" + "\x31\x37\x5a\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05" + "\x05\x00\x03\x82\x01\x01\x00\x67\xf8\x80\x8d\x1b\x17\x3d\xbe\x81" + "\xf4\x3e\x74\x6d\x65\x5d\x9c\xdf\xd7\xdc\x7c\xd5\x23\x75\x24\xaa" + "\x55\x8f\xa5\x99\xf8\x27\xd6\x69\x8e\x5a\x25\x0d\x5e\x1e\x49\xfc" + "\x50\x98\x7b\xe7\x49\xfb\x05\xa5\x04\x46\xb7\x5e\xf6\x20\x46\x18" + "\xd5\xdc\x70\xd8\x99\x2b\x64\x12\xae\x74\x8e\xa1\xdb\x0e\x9f\x11" + "\x47\xdf\x87\x6e\x9d\xb9\x13\xaa\x66\x33\x8c\xf3\x3d\xed\x33\x57" + "\x7d\x4c\x82\x21\xc6\x18\x67\x56\xbe\x46\x78\xa8\xec\xd0\x5b\xc0" + "\x2d\xb6\xee\x5a\xd8\xbf\xc3\xea\x49\xcd\x6d\x01\x97\x6e\x3a\x81" + "\x0f\x06\x16\xb4\x1e\x15\x08\x5c\x46\x35\x44\xa4\x06\x84\x32\xaa" + "\x1b\xb7\xc2\x97\xbf\xfd\xc8\xe2\x6b\x7a\xa2\x40\x3b\x50\x59\xd2" + "\xbe\xa2\x26\x09\xea\xf7\xc1\x9e\x89\x1d\x34\x79\xc3\xba\xa6\xb8" + "\x09\x92\xc8\xee\xa4\xe2\xe2\x32\x43\x48\xc8\xf6\x69\xe5\xde\x33" + "\x75\xe8\x38\x8a\xb0\xda\x19\x38\x75\x39\xab\xd6\x3f\x70\xcc\x4e" + "\x45\x16\x2a\x82\x32\x8e\x48\x92\xa4\x1f\xe9\x46\x85\x18\x78\xa7" + "\x46\xf7\x11\x9e\x37\x95\x1a\xc3\x30\x2d\x90\x6a\xc3\xfd\x95\x81" + "\x6b\xb1\xcb\x12\x26\x9e\xe4\xd3\x2a\xc1\xdf\x82\x57\xf2\x21\xea" + "\x6a\x16\x12\x40\x94\xe1\xc9\xa0\x82\x04\xe7\x30\x82\x04\xe3\x30" + "\x82\x04\xdf\x30\x82\x03\xc7\xa0\x03\x02\x01\x02\x02\x10\x3d\x9a" + "\x82\xd0\xd1\xc3\x2f\x6f\xe0\x84\x5f\x99\x11\xee\x53\x42\x30\x0d" + "\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x30\x81\xb5" + "\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x55\x53\x31\x17\x30" + "\x15\x06\x03\x55\x04\x0a\x13\x0e\x56\x65\x72\x69\x53\x69\x67\x6e" + "\x2c\x20\x49\x6e\x63\x2e\x31\x1f\x30\x1d\x06\x03\x55\x04\x0b\x13" + "\x16\x56\x65\x72\x69\x53\x69\x67\x6e\x20\x54\x72\x75\x73\x74\x20" + "\x4e\x65\x74\x77\x6f\x72\x6b\x31\x3b\x30\x39\x06\x03\x55\x04\x0b" + "\x13\x32\x54\x65\x72\x6d\x73\x20\x6f\x66\x20\x75\x73\x65\x20\x61" + "\x74\x20\x68\x74\x74\x70\x73\x3a\x2f\x2f\x77\x77\x77\x2e\x76\x65" + "\x72\x69\x73\x69\x67\x6e\x2e\x63\x6f\x6d\x2f\x72\x70\x61\x20\x28" + "\x63\x29\x31\x30\x31\x2f\x30\x2d\x06\x03\x55\x04\x03\x13\x26\x56" + "\x65\x72\x69\x53\x69\x67\x6e\x20\x43\x6c\x61\x73\x73\x20\x33\x20" + "\x53\x65\x63\x75\x72\x65\x20\x53\x65\x72\x76\x65\x72\x20\x43\x41" + "\x20\x2d\x20\x47\x33\x30\x1e\x17\x0d\x31\x34\x30\x39\x31\x32\x30" + "\x30\x30\x30\x30\x30\x5a\x17\x0d\x31\x34\x31\x32\x31\x31\x32\x33" + "\x35\x39\x35\x39\x5a\x30\x81\x87\x31\x0b\x30\x09\x06\x03\x55\x04" + "\x06\x13\x02\x55\x53\x31\x17\x30\x15\x06\x03\x55\x04\x0a\x13\x0e" + "\x56\x65\x72\x69\x53\x69\x67\x6e\x2c\x20\x49\x6e\x63\x2e\x31\x1f" + "\x30\x1d\x06\x03\x55\x04\x0b\x13\x16\x56\x65\x72\x69\x53\x69\x67" + "\x6e\x20\x54\x72\x75\x73\x74\x20\x4e\x65\x74\x77\x6f\x72\x6b\x31" + "\x3e\x30\x3c\x06\x03\x55\x04\x03\x13\x35\x56\x65\x72\x69\x53\x69" + "\x67\x6e\x20\x43\x6c\x61\x73\x73\x20\x33\x20\x53\x65\x63\x75\x72" + "\x65\x20\x53\x65\x72\x76\x65\x72\x20\x43\x41\x20\x2d\x20\x47\x33" + "\x20\x4f\x43\x53\x50\x20\x52\x65\x73\x70\x6f\x6e\x64\x65\x72\x30" + "\x82\x01\x22\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01" + "\x05\x00\x03\x82\x01\x0f\x00\x30\x82\x01\x0a\x02\x82\x01\x01\x00" + "\xb6\xe6\xde\x56\xa9\xb7\xbe\x7a\x49\xd0\x2e\x14\x87\xa5\x9e\x16" + "\xed\x66\xf8\xa7\xd3\xdc\x3f\x89\x2d\xfc\x1a\x83\x29\x47\xd0\x37" + "\xdb\xa7\x5c\x4a\x22\xb0\x9a\x4e\xcb\x62\x72\xc4\x92\x04\x08\x99" + "\xbe\x60\xe0\xdc\x7a\xfa\x79\x10\xba\x16\x68\x26\x24\xb1\xbe\xaa" + "\x0f\x4e\x0c\x2d\xd6\x76\x6d\x43\x8b\xf5\xc1\xe8\xad\x98\x8d\x5e" + "\x96\x03\x92\x8a\x7f\x98\xae\xb8\xf1\x3c\x2a\x62\x62\xb1\x69\x8f" + "\x7a\xb0\x6c\xcc\xf6\x2b\x99\x2d\x95\x79\x7f\xd8\x57\x98\xe5\x75" + "\x98\xbb\x3c\xf8\x66\xc7\x1f\xc4\xf1\x75\x99\xbd\x4d\x77\x90\xbb" + "\x23\xea\xd9\x38\x4e\xe7\x8f\xb9\xbd\x69\x03\xc4\x73\x38\x29\x85" + "\xf6\x5b\x30\x16\xf9\x91\xc7\x9e\xba\xc9\x01\x90\x6c\xaf\xd3\x93" + "\xf0\x61\xb4\xa4\x3d\x30\x38\x6f\x33\x40\xe5\xd2\x93\xd9\x9b\x17" + "\xce\x9f\x97\x0b\xdd\x84\xb2\xc5\x76\xb2\x64\x62\x47\xf0\x35\x6a" + "\x2d\x2e\x2d\x46\x5e\x07\x86\xc9\x80\x80\xac\xe8\xf3\x71\x3d\x46" + "\x8b\xb7\x54\xa7\xda\x00\x60\x8b\xe8\xb0\xdf\x4d\xfd\xff\xc6\x80" + "\x6f\x1e\x76\x14\x99\xb5\xc9\x5b\xf7\x31\x10\xed\x69\x5a\x91\x97" + "\x59\x16\x0a\x7c\x86\xfd\x52\xc4\x84\xfd\x58\x73\x27\x80\x0b\x47" + "\x02\x03\x01\x00\x01\xa3\x82\x01\x15\x30\x82\x01\x11\x30\x09\x06" + "\x03\x55\x1d\x13\x04\x02\x30\x00\x30\x81\xac\x06\x03\x55\x1d\x20" + "\x04\x81\xa4\x30\x81\xa1\x30\x81\x9e\x06\x0b\x60\x86\x48\x01\x86" + "\xf8\x45\x01\x07\x17\x03\x30\x81\x8e\x30\x28\x06\x08\x2b\x06\x01" + "\x05\x05\x07\x02\x01\x16\x1c\x68\x74\x74\x70\x73\x3a\x2f\x2f\x77" + "\x77\x77\x2e\x76\x65\x72\x69\x73\x69\x67\x6e\x2e\x63\x6f\x6d\x2f" + "\x43\x50\x53\x30\x62\x06\x08\x2b\x06\x01\x05\x05\x07\x02\x02\x30" + "\x56\x30\x15\x16\x0e\x56\x65\x72\x69\x53\x69\x67\x6e\x2c\x20\x49" + "\x6e\x63\x2e\x30\x03\x02\x01\x01\x1a\x3d\x56\x65\x72\x69\x53\x69" + "\x67\x6e\x27\x73\x20\x43\x50\x53\x20\x69\x6e\x63\x6f\x72\x70\x2e" + "\x20\x62\x79\x20\x72\x65\x66\x65\x72\x65\x6e\x63\x65\x20\x6c\x69" + "\x61\x62\x2e\x20\x6c\x74\x64\x2e\x20\x28\x63\x29\x39\x37\x20\x56" + "\x65\x72\x69\x53\x69\x67\x6e\x30\x13\x06\x03\x55\x1d\x25\x04\x0c" + "\x30\x0a\x06\x08\x2b\x06\x01\x05\x05\x07\x03\x09\x30\x0b\x06\x03" + "\x55\x1d\x0f\x04\x04\x03\x02\x07\x80\x30\x0f\x06\x09\x2b\x06\x01" + "\x05\x05\x07\x30\x01\x05\x04\x02\x05\x00\x30\x22\x06\x03\x55\x1d" + "\x11\x04\x1b\x30\x19\xa4\x17\x30\x15\x31\x13\x30\x11\x06\x03\x55" + "\x04\x03\x13\x0a\x54\x47\x56\x2d\x42\x2d\x31\x37\x39\x38\x30\x0d" + "\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x03\x82\x01" + "\x01\x00\x8c\xf2\x02\x52\xc9\x1e\x0e\xf1\x2e\x66\xe7\x6c\xda\x15" + "\x2c\xcc\x7c\x07\x1a\x8b\xe8\xf9\x02\xaa\x11\x85\x89\x98\xff\xe9" + "\xff\x1e\xcf\xf6\x6c\x07\x4f\xcb\xfe\x9a\xfa\xe9\x16\x1b\x08\x56" + "\x65\x04\x58\x2c\xda\xfb\x49\x24\x81\x92\xe4\xae\x56\x4f\xd6\xcd" + "\x95\xfd\x54\x99\xb1\x02\xdd\x56\xcc\x54\x6b\x5e\xf8\x05\xca\x34" + "\x83\xb6\x7a\xad\x83\xcf\x4b\x25\xb5\x0e\xcf\x98\x46\xf7\x97\x7f" + "\xb1\xc8\x1b\xde\x77\x6f\xe4\x4c\xb9\xd7\xdd\xc7\xfd\xbf\x13\x3b" + "\xa1\x99\xf7\x7d\xc9\xd0\xed\xd7\xea\xa9\x38\x6e\x73\x01\x0d\x43" + "\xc5\x5e\x0c\xa7\xd1\x77\xef\xd2\x37\x98\xcc\xe6\xbf\x4e\xed\x88" + "\x3e\x97\x1f\xd2\xe8\x28\x81\xba\xd9\xb1\xcb\x08\x65\x61\x72\x8c" + "\x59\x70\x1e\x71\x46\xa5\xdd\xa4\xd4\x65\xda\x15\x13\xea\xc6\x4f" + "\xaa\xb4\xb0\x31\x26\xd8\xcd\xf8\x37\xe4\x9b\x11\x8d\xa0\x80\x2f" + "\xd6\x11\xd7\xa4\x18\x43\x86\xec\xd3\xa6\x79\x97\x55\xfd\xf6\x61" + "\xf1\x48\xc9\x87\xd1\xb7\xfc\x7f\x67\x88\x73\xb4\x5f\xcc\x67\x8d" + "\x50\xc4\x97\x59\x22\xab\xc2\x32\x8a\x22\xd4\x60\x20\x78\x6d\xa3" + "\x91\x72\xf1\xfb\x1e\xa9\xa5\xf8\x64\x37\xbf\xb3\x38\x5f\x00\xe1" + "\x6e\x49"; gnutls_datum_t long_resp = { long_resp_str, sizeof(long_resp_str) - 1 }; @@ -809,9 +816,8 @@ static void ocsp_invalid_calls(void) exit(1); } - rc = gnutls_ocsp_resp_get_responder_raw_id(resp, - GNUTLS_OCSP_RESP_ID_KEY, - &dat); + rc = gnutls_ocsp_resp_get_responder_raw_id( + resp, GNUTLS_OCSP_RESP_ID_KEY, &dat); if (rc != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { fail("gnutls_ocsp_resp_get_responder_raw_id %s\n", gnutls_strerror(rc)); @@ -858,8 +864,7 @@ static void req_parse(void) /* check nonce */ { gnutls_datum_t expect = { (unsigned char *)REQ1NONCE + 2, - sizeof(REQ1NONCE) - 3 - }; + sizeof(REQ1NONCE) - 3 }; gnutls_datum_t got; unsigned int critical; @@ -894,8 +899,8 @@ static void req_parse(void) if (strlen(REQ1INFO) != d.size || memcmp(REQ1INFO, d.data, strlen(REQ1INFO)) != 0) { printf("expected (len %ld):\n%s\ngot (len %d):\n%.*s\n", - strlen(REQ1INFO), REQ1INFO, (int)d.size, - (int)d.size, d.data); + strlen(REQ1INFO), REQ1INFO, (int)d.size, (int)d.size, + d.data); fail("ocsp request print failed\n"); exit(1); } @@ -1011,8 +1016,8 @@ static void req_parse(void) exit(1); } - if (n2.size == got.size - && memcmp(n1.data, n2.data, n1.size) == 0) { + if (n2.size == got.size && + memcmp(n1.data, n2.data, n1.size) == 0) { fail("ocsp request random nonce memcmp failed\n"); exit(1); } @@ -1045,13 +1050,11 @@ static void req_addcert_id(void) /* add ocsp request nonce */ { - gnutls_datum_t nonce = - { (unsigned char *)REQ1NONCE, sizeof(REQ1NONCE) - 1 }; + gnutls_datum_t nonce = { (unsigned char *)REQ1NONCE, + sizeof(REQ1NONCE) - 1 }; - ret = - gnutls_ocsp_req_set_extension(req, - "1.3.6.1.5.5.7.48.1.2", - 0, &nonce); + ret = gnutls_ocsp_req_set_extension(req, "1.3.6.1.5.5.7.48.1.2", + 0, &nonce); if (ret != 0) { fail("gnutls_ocsp_req_set_extension %d\n", ret); exit(1); @@ -1060,12 +1063,12 @@ static void req_addcert_id(void) /* add cert_id */ { - gnutls_datum_t issuer_name_hash = - { (unsigned char *)REQ1INH, sizeof(REQ1INH) - 1 }; - gnutls_datum_t issuer_key_hash = - { (unsigned char *)REQ1IKH, sizeof(REQ1IKH) - 1 }; - gnutls_datum_t serial_number = - { (unsigned char *)REQ1SN, sizeof(REQ1SN) - 1 }; + gnutls_datum_t issuer_name_hash = { (unsigned char *)REQ1INH, + sizeof(REQ1INH) - 1 }; + gnutls_datum_t issuer_key_hash = { (unsigned char *)REQ1IKH, + sizeof(REQ1IKH) - 1 }; + gnutls_datum_t serial_number = { (unsigned char *)REQ1SN, + sizeof(REQ1SN) - 1 }; ret = gnutls_ocsp_req_add_cert_id(req, GNUTLS_DIG_SHA1, &issuer_name_hash, @@ -1088,8 +1091,8 @@ static void req_addcert_id(void) if (strlen(REQ1INFO) != d.size || memcmp(REQ1INFO, d.data, strlen(REQ1INFO)) != 0) { printf("expected (len %ld):\n%s\ngot (len %d):\n%.*s\n", - strlen(REQ1INFO), REQ1INFO, (int)d.size, - (int)d.size, d.data); + strlen(REQ1INFO), REQ1INFO, (int)d.size, (int)d.size, + d.data); fail("ocsp request print failed\n"); exit(1); } @@ -1134,13 +1137,11 @@ static void req_addcert(void) /* add ocsp request nonce */ { - gnutls_datum_t nonce = - { (unsigned char *)REQ1NONCE, sizeof(REQ1NONCE) - 1 }; + gnutls_datum_t nonce = { (unsigned char *)REQ1NONCE, + sizeof(REQ1NONCE) - 1 }; - ret = - gnutls_ocsp_req_set_extension(req, - "1.3.6.1.5.5.7.48.1.2", - 0, &nonce); + ret = gnutls_ocsp_req_set_extension(req, "1.3.6.1.5.5.7.48.1.2", + 0, &nonce); if (ret != 0) { fail("gnutls_ocsp_req_set_extension %d\n", ret); exit(1); @@ -1163,24 +1164,22 @@ static void req_addcert(void) exit(1); } - ret = - gnutls_x509_crt_import(issuer, &issuer_data, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(issuer, &issuer_data, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("gnutls_x509_crt_import (issuer) %d\n", ret); exit(1); } - ret = - gnutls_x509_crt_import(subject, &subject_data, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(subject, &subject_data, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("gnutls_x509_crt_import (subject) %d\n", ret); exit(1); } - ret = gnutls_ocsp_req_add_cert(req, GNUTLS_DIG_SHA1, - issuer, subject); + ret = gnutls_ocsp_req_add_cert(req, GNUTLS_DIG_SHA1, issuer, + subject); if (ret != 0) { fail("gnutls_ocsp_add_cert %d\n", ret); exit(1); @@ -1201,8 +1200,8 @@ static void req_addcert(void) if (strlen(REQ1INFO) != d.size || memcmp(REQ1INFO, d.data, strlen(REQ1INFO)) != 0) { printf("expected (len %ld):\n%s\ngot (len %d):\n%.*s\n", - strlen(REQ1INFO), REQ1INFO, (int)d.size, - (int)d.size, d.data); + strlen(REQ1INFO), REQ1INFO, (int)d.size, (int)d.size, + d.data); fail("ocsp request print failed\n"); exit(1); } @@ -1265,9 +1264,8 @@ static void check_ocsp_resp(gnutls_ocsp_resp_t resp) gnutls_strerror(ret)); } - ret = gnutls_ocsp_resp_get_single(resp, 0, NULL, NULL, NULL, NULL, - NULL, NULL, NULL, NULL, - &revocation_reason); + ret = gnutls_ocsp_resp_get_single(resp, 0, NULL, NULL, NULL, NULL, NULL, + NULL, NULL, NULL, &revocation_reason); if (ret < 0) { fail("error in gnutls_ocsp_resp_get_single: %s\n", gnutls_strerror(ret)); @@ -1310,8 +1308,8 @@ static void resp_import(void) if (strlen(RESP1INFO) != d.size || memcmp(RESP1INFO, d.data, strlen(RESP1INFO)) != 0) { printf("expected (len %ld):\n%s\ngot (len %d):\n%.*s\n", - strlen(RESP1INFO), RESP1INFO, (int)d.size, - (int)d.size, d.data); + strlen(RESP1INFO), RESP1INFO, (int)d.size, (int)d.size, + d.data); fail("ocsp response print failed\n"); exit(1); } @@ -1337,8 +1335,8 @@ static void resp_import(void) if (memcmp(RESP2INFO, d.data, strlen(RESP2INFO)) != 0) { printf("expected (len %ld):\n%s\ngot (len %d):\n%.*s\n", - strlen(RESP2INFO), RESP2INFO, (int)d.size, - (int)d.size, d.data); + strlen(RESP2INFO), RESP2INFO, (int)d.size, (int)d.size, + d.data); fail("ocsp response print failed\n"); exit(1); } @@ -1373,8 +1371,8 @@ static void resp_import(void) if (memcmp(RESP3INFO, d.data, strlen(RESP3INFO)) != 0) { printf("expected (len %ld):\n%s\ngot (len %d):\n%.*s\n", - strlen(RESP3INFO), RESP3INFO, (int)d.size, - (int)d.size, d.data); + strlen(RESP3INFO), RESP3INFO, (int)d.size, (int)d.size, + d.data); fail("ocsp response 3 print failed\n"); exit(1); } @@ -1427,24 +1425,22 @@ static void resp_verify(void) exit(1); } - ret = - gnutls_x509_crt_import(cert, &blog_cert_data, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(cert, &blog_cert_data, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("gnutls_x509_crt_import (cert) %d\n", ret); exit(1); } - ret = - gnutls_x509_crt_import(issuer, &blog_issuer_data, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(issuer, &blog_issuer_data, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("gnutls_x509_crt_import (issuer) %d\n", ret); exit(1); } - ret = - gnutls_x509_crt_import(signer, &blog_signer_data, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(signer, &blog_signer_data, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("gnutls_x509_crt_import (signer) %d\n", ret); exit(1); @@ -1465,9 +1461,8 @@ static void resp_verify(void) /* check direct verify with cert (should fail) */ - ret = - gnutls_ocsp_resp_verify_direct(resp, cert, &verify, - GNUTLS_VERIFY_ALLOW_BROKEN); + ret = gnutls_ocsp_resp_verify_direct(resp, cert, &verify, + GNUTLS_VERIFY_ALLOW_BROKEN); if (ret < 0) { fail("gnutls_ocsp_resp_verify_direct (cert) %d\n", ret); exit(1); @@ -1492,9 +1487,8 @@ static void resp_verify(void) exit(1); } - ret = - gnutls_ocsp_resp_verify(resp, list, &verify, - GNUTLS_VERIFY_ALLOW_BROKEN); + ret = gnutls_ocsp_resp_verify(resp, list, &verify, + GNUTLS_VERIFY_ALLOW_BROKEN); if (ret < 0) { fail("gnutls_ocsp_resp_verify (issuer) %d\n", ret); exit(1); @@ -1548,9 +1542,8 @@ static void resp_verify(void) exit(1); } - ret = - gnutls_ocsp_resp_verify(resp, list, &verify, - GNUTLS_VERIFY_ALLOW_BROKEN); + ret = gnutls_ocsp_resp_verify(resp, list, &verify, + GNUTLS_VERIFY_ALLOW_BROKEN); if (ret < 0) { fail("gnutls_ocsp_resp_verify (issuer) %d\n", ret); exit(1); @@ -1640,9 +1633,8 @@ static void long_resp_check(void) exit(1); } - ret = - gnutls_x509_crt_import(signer, &long_resp_signer_data, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(signer, &long_resp_signer_data, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("gnutls_x509_crt_import (cert) %d\n", ret); exit(1); diff --git a/tests/oids.c b/tests/oids.c index fd95f7006b..77fb7a055e 100644 --- a/tests/oids.c +++ b/tests/oids.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -32,21 +32,21 @@ #include "utils.h" -#define SELF_TEST_SIG(x) \ - ret = gnutls_oid_to_sign(gnutls_sign_get_oid(x)); \ - if (ret != x) { \ +#define SELF_TEST_SIG(x) \ + ret = gnutls_oid_to_sign(gnutls_sign_get_oid(x)); \ + if (ret != x) { \ fail("error testing %s\n", gnutls_sign_get_name(x)); \ } -#define SELF_TEST_PK(x) \ - ret = gnutls_oid_to_pk(gnutls_pk_get_oid(x)); \ - if (ret != x) { \ +#define SELF_TEST_PK(x) \ + ret = gnutls_oid_to_pk(gnutls_pk_get_oid(x)); \ + if (ret != x) { \ fail("error testing %s\n", gnutls_pk_get_name(x)); \ } -#define SELF_TEST_DIG(x) \ - ret = gnutls_oid_to_digest(gnutls_digest_get_oid(x)); \ - if (ret != x) { \ +#define SELF_TEST_DIG(x) \ + ret = gnutls_oid_to_digest(gnutls_digest_get_oid(x)); \ + if (ret != x) { \ fail("error testing %s\n", gnutls_digest_get_name(x)); \ } diff --git a/tests/openconnect-dtls12.c b/tests/openconnect-dtls12.c index dab7ed647a..722961ed82 100644 --- a/tests/openconnect-dtls12.c +++ b/tests/openconnect-dtls12.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,19 +35,19 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void server_log_func(int level, const char *str) { @@ -62,7 +62,7 @@ static void client_log_func(int level, const char *str) /* A DTLS client handling DTLS 1.2 resumption under AnyConnect protocol which sets premaster secret. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 static ssize_t push(gnutls_transport_ptr_t tr, const void *data, size_t len) { @@ -71,8 +71,8 @@ static ssize_t push(gnutls_transport_ptr_t tr, const void *data, size_t len) return send(fd, data, len, 0); } -static gnutls_datum_t master = { (void *) - "\x44\x66\x44\xa9\xb6\x29\xed\x6e\xd6\x93\x15\xdb\xf0\x7d\x4b\x2e\x18\xb1\x9d\xed\xff\x6a\x86\x76\xc9\x0e\x16\xab\xc2\x10\xbb\x17\x99\x24\xb1\xd9\xb9\x95\xe7\xea\xea\xea\xea\xea\xff\xaa\xac", +static gnutls_datum_t master = { + (void *)"\x44\x66\x44\xa9\xb6\x29\xed\x6e\xd6\x93\x15\xdb\xf0\x7d\x4b\x2e\x18\xb1\x9d\xed\xff\x6a\x86\x76\xc9\x0e\x16\xab\xc2\x10\xbb\x17\x99\x24\xb1\xd9\xb9\x95\xe7\xea\xea\xea\xea\xea\xff\xaa\xac", 48 }; static gnutls_datum_t sess_id = { (void *)"\xd9\xb9\x95\xe7\xea", 5 }; @@ -101,9 +101,9 @@ static void client(int fd, const char *prio, int proto, int cipher, int kx, assert(gnutls_priority_set_direct(session, prio, NULL) >= 0); - ret = gnutls_session_set_premaster(session, GNUTLS_CLIENT, - proto, kx, cipher, mac, - GNUTLS_COMP_NULL, &master, &sess_id); + ret = gnutls_session_set_premaster(session, GNUTLS_CLIENT, proto, kx, + cipher, mac, GNUTLS_COMP_NULL, + &master, &sess_id); if (ret < 0) { fail("client: gnutls_session_set_premaster failed: %s\n", gnutls_strerror(ret)); @@ -119,8 +119,7 @@ static void client(int fd, const char *prio, int proto, int cipher, int kx, */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -144,8 +143,8 @@ static void client(int fd, const char *prio, int proto, int cipher, int kx, if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { ret = gnutls_record_recv(session, buffer, sizeof(buffer) - 1); @@ -162,7 +161,7 @@ static void client(int fd, const char *prio, int proto, int cipher, int kx, gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -201,9 +200,9 @@ static void server(int fd, const char *prio, int proto, int cipher, int kx, */ assert(gnutls_priority_set_direct(session, prio, NULL) >= 0); - ret = gnutls_session_set_premaster(session, GNUTLS_SERVER, - proto, kx, cipher, mac, - GNUTLS_COMP_NULL, &master, &sess_id); + ret = gnutls_session_set_premaster(session, GNUTLS_SERVER, proto, kx, + cipher, mac, GNUTLS_COMP_NULL, + &master, &sess_id); if (ret < 0) { fail("server: gnutls_session_set_premaster failed: %s\n", gnutls_strerror(ret)); @@ -217,8 +216,7 @@ static void server(int fd, const char *prio, int proto, int cipher, int kx, do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -230,8 +228,8 @@ static void server(int fd, const char *prio, int proto, int cipher, int kx, if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* see the Getting peer's information example */ /* print_info(session); */ @@ -324,4 +322,4 @@ void doit(void) GNUTLS_MAC_AEAD, "(DTLS1.2)-(RSA)-(AES-256-GCM)"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/openssl.c b/tests/openssl.c index 604d58d002..5dff1e32f4 100644 --- a/tests/openssl.c +++ b/tests/openssl.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -49,8 +49,10 @@ void doit(void) MD5_Update(&c, "abc", 3); MD5_Final(&(md[0]), &c); - if (memcmp(md, "\x90\x01\x50\x98\x3c\xd2\x4f\xb0" - "\xd6\x96\x3f\x7d\x28\xe1\x7f\x72", sizeof(md)) != 0) { + if (memcmp(md, + "\x90\x01\x50\x98\x3c\xd2\x4f\xb0" + "\xd6\x96\x3f\x7d\x28\xe1\x7f\x72", + sizeof(md)) != 0) { hexprint(md, sizeof(md)); fail("MD5 failure\n"); } else if (debug) diff --git a/tests/parse_ca.c b/tests/parse_ca.c index ff8cb63509..9fe5996a2c 100644 --- a/tests/parse_ca.c +++ b/tests/parse_ca.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -28,31 +28,32 @@ #include "utils.h" static char castr[] = - "-----BEGIN CERTIFICATE-----\r\n" - "MIIB5zCCAVKgAwIBAgIERiYdJzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\r\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTExWhcNMDgwNDE3MTMyOTExWjAZMRcw\r\n" - "FQYDVQQDEw5HbnVUTFMgdGVzdCBDQTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA\r\n" - "vuyYeh1vfmslnuggeEKgZAVmQ5ltSdUY7H25WGSygKMUYZ0KT74v8C780qtcNt9T\r\n" - "7EPH/N6RvB4BprdssgcQLsthR3XKA84jbjjxNCcaGs33lvOz8A1nf8p3hD+cKfRi\r\n" - "kfYSW2JazLrtCC4yRCas/SPOUxu78of+3HiTfFm/oXUCAwEAAaNDMEEwDwYDVR0T\r\n" - "AQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBTpPBz7rZJu5gak\r\n" - "Viyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAiaIRqGfp1jPpNeVhABK60SU0KIAy\r\n" - "njuu7kHq5peUgYn8Jd9zNzExBOEp1VOipGsf6G66oQAhDFp2o8zkz7ZH71zR4HEW\r\n" - "KoX6n5Emn6DvcEH/9pAhnGxNHJAoS7czTKv/JDZJhkqHxyrE1fuLsg5Qv25DTw7+\r\n" - "PfqUpIhz5Bbm7J4=\r\n" - "-----END CERTIFICATE-----\r\n" - "-----BEGIN CERTIFICATE-----\r\n" - "MIIB5zCCAVKgAwIBAgIERiYdJzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\r\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTExWhcNMDgwNDE3MTMyOTExWjAZMRcw\r\n" - "FQYDVQQDEw5HbnVUTFMgdGVzdCBDQTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA\r\n" - "vuyYeh1vfmslnuggeEKgZAVmQ5ltSdUY7H25WGSygKMUYZ0KT74v8C780qtcNt9T\r\n" - "7EPH/N6RvB4BprdssgcQLsthR3XKA84jbjjxNCcaGs33lvOz8A1nf8p3hD+cKfRi\r\n" - "kfYSW2JazLrtCC4yRCas/SPOUxu78of+3HiTfFm/oXUCAwEAAaNDMEEwDwYDVR0T\r\n" - "AQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBTpPBz7rZJu5gak\r\n" - "Viyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAiaIRqGfp1jPpNeVhABK60SU0KIAy\r\n" - "njuu7kHq5peUgYn8Jd9zNzExBOEp1VOipGsf6G66oQAhDFp2o8zkz7ZH71zR4HEW\r\n" - "KoX6n5Emn6DvcEH/9pAhnGxNHJAoS7czTKv/JDZJhkqHxyrE1fuLsg5Qv25DTw7+\r\n" - "PfqUpIhz5Bbm7J4=\r\n" "-----END CERTIFICATE-----\r\n"; + "-----BEGIN CERTIFICATE-----\r\n" + "MIIB5zCCAVKgAwIBAgIERiYdJzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\r\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTExWhcNMDgwNDE3MTMyOTExWjAZMRcw\r\n" + "FQYDVQQDEw5HbnVUTFMgdGVzdCBDQTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA\r\n" + "vuyYeh1vfmslnuggeEKgZAVmQ5ltSdUY7H25WGSygKMUYZ0KT74v8C780qtcNt9T\r\n" + "7EPH/N6RvB4BprdssgcQLsthR3XKA84jbjjxNCcaGs33lvOz8A1nf8p3hD+cKfRi\r\n" + "kfYSW2JazLrtCC4yRCas/SPOUxu78of+3HiTfFm/oXUCAwEAAaNDMEEwDwYDVR0T\r\n" + "AQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBTpPBz7rZJu5gak\r\n" + "Viyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAiaIRqGfp1jPpNeVhABK60SU0KIAy\r\n" + "njuu7kHq5peUgYn8Jd9zNzExBOEp1VOipGsf6G66oQAhDFp2o8zkz7ZH71zR4HEW\r\n" + "KoX6n5Emn6DvcEH/9pAhnGxNHJAoS7czTKv/JDZJhkqHxyrE1fuLsg5Qv25DTw7+\r\n" + "PfqUpIhz5Bbm7J4=\r\n" + "-----END CERTIFICATE-----\r\n" + "-----BEGIN CERTIFICATE-----\r\n" + "MIIB5zCCAVKgAwIBAgIERiYdJzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\r\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTExWhcNMDgwNDE3MTMyOTExWjAZMRcw\r\n" + "FQYDVQQDEw5HbnVUTFMgdGVzdCBDQTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA\r\n" + "vuyYeh1vfmslnuggeEKgZAVmQ5ltSdUY7H25WGSygKMUYZ0KT74v8C780qtcNt9T\r\n" + "7EPH/N6RvB4BprdssgcQLsthR3XKA84jbjjxNCcaGs33lvOz8A1nf8p3hD+cKfRi\r\n" + "kfYSW2JazLrtCC4yRCas/SPOUxu78of+3HiTfFm/oXUCAwEAAaNDMEEwDwYDVR0T\r\n" + "AQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBTpPBz7rZJu5gak\r\n" + "Viyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAiaIRqGfp1jPpNeVhABK60SU0KIAy\r\n" + "njuu7kHq5peUgYn8Jd9zNzExBOEp1VOipGsf6G66oQAhDFp2o8zkz7ZH71zR4HEW\r\n" + "KoX6n5Emn6DvcEH/9pAhnGxNHJAoS7czTKv/JDZJhkqHxyrE1fuLsg5Qv25DTw7+\r\n" + "PfqUpIhz5Bbm7J4=\r\n" + "-----END CERTIFICATE-----\r\n"; void doit(void) { diff --git a/tests/pcert-list.c b/tests/pcert-list.c index 66244a8891..a90d14fd7a 100644 --- a/tests/pcert-list.c +++ b/tests/pcert-list.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,222 +35,218 @@ /* This tests functions related to pcert-lists */ -#define CERT0 \ -"-----BEGIN CERTIFICATE-----\n" \ -"MIIEITCCAomgAwIBAgIMVsXM+TCHHodT4TxYMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" \ -"BgNVBAMTBENBLTIwIBcNMTYwMjE4MTM1NDAxWhgPOTk5OTEyMzEyMzU5NTlaMBMx\n" \ -"ETAPBgNVBAMTCHNlcnZlci0zMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC\n" \ -"AYEAs6z83Jg9XjIuBb87zm6uuBjGG+45IpSw6gRgU/1izgBUofefrkdvjhpneBYU\n" \ -"7PySNxTcyKUe1ZijKAYwck5jE76Y/xKNdMffgYqXOusCij7xutssdtvYw7yJjUHv\n" \ -"43+zqbydONRNebO8qw1/BGXzKCsAE83iYumxJxSkwTsq04Kp9vrfW6zaTpa3VGq5\n" \ -"wYPBT+neszrT9/E/Bn+QJh66US+EYnl+TlI5XTp4J0XqGP8PB1OYG/WPPjdRgv7j\n" \ -"C/dSsEaLmV2YdQWjPRqZ+hxQbRJbLaJ9b7czBSdK1lhefAKshUEV+SGQI2MzEVGW\n" \ -"lP4tLpIhiy33fNWpnkhbxxsa/NnIS2Vb8JvQidKdgQLsJL8hRJ/it41B4JGiaBnM\n" \ -"uQmIwr+DFbVs2ibm2VlV1oNB1DrFOAYNURSIUJM0th+Wj4vI9hnwIVeUY/u3Dk5V\n" \ -"bhks+JfbPLmbJ7Tx9JiBCes7isuxNCtWrWRDUQj71IqCc2+iV86Q+gw3rcpLeLYN\n" \ -"yv3PAgMBAAGjdzB1MAwGA1UdEwEB/wQCMAAwFAYDVR0RBA0wC4IJbG9jYWxob3N0\n" \ -"MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFEnsKuMM/IbHLD1TnAK78YwFx0VF\n" \ -"MB8GA1UdIwQYMBaAFFGRr1BCIq0AHmB59tUBsghMjvz/MA0GCSqGSIb3DQEBCwUA\n" \ -"A4IBgQB0i38qq4/os7MIhUFnBFD/eduk5B+jaGvPTM8lsZJ/17BbiMBc5dyxjMVY\n" \ -"WYsm+KI5XEddBEqMYYwjdO/aoJzFLkkDu7E+UnygVZmMdQONuoyeQ/IrLk3l3zGi\n" \ -"JJlylxFBNkns+a4AnXwSAv/ZiZapjQQUX378IxOpZuqzELAPqCkqp/6LyJApDiVV\n" \ -"9av7WWySG5Wtp8lNs8o8l8ZxU14++fwo1euH0mQ4AM2DGLAhQSdOqChmROWt4MPd\n" \ -"7raaO8dl6wMI83OgOHIhZlvlmmZTYqbpPXYm/2lM9ePBU/bkA7Y/X7HFDbTIBH9Y\n" \ -"rkVZyq3FYPUtYRyqQXa8s730MQBxGmVZkKptCZjLDziZF4sAZGX78EyDeSl3Z3Jg\n" \ -"I5JGLsdznHlhqEx8hNJnYtINVv1arn2UHO7p3/cB8VXt2UdQP+YJYdVzCvT4WW1E\n" \ -"PvzTI6JbcwDpOs0MxRIrXrhgEZWylk0W93FO1WErd1+Sn3LZqvrtyXLzYB9wCl1I\n" \ -"A34kGlE=\n" \ -"-----END CERTIFICATE-----\n" +#define CERT0 \ + "-----BEGIN CERTIFICATE-----\n" \ + "MIIEITCCAomgAwIBAgIMVsXM+TCHHodT4TxYMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" \ + "BgNVBAMTBENBLTIwIBcNMTYwMjE4MTM1NDAxWhgPOTk5OTEyMzEyMzU5NTlaMBMx\n" \ + "ETAPBgNVBAMTCHNlcnZlci0zMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC\n" \ + "AYEAs6z83Jg9XjIuBb87zm6uuBjGG+45IpSw6gRgU/1izgBUofefrkdvjhpneBYU\n" \ + "7PySNxTcyKUe1ZijKAYwck5jE76Y/xKNdMffgYqXOusCij7xutssdtvYw7yJjUHv\n" \ + "43+zqbydONRNebO8qw1/BGXzKCsAE83iYumxJxSkwTsq04Kp9vrfW6zaTpa3VGq5\n" \ + "wYPBT+neszrT9/E/Bn+QJh66US+EYnl+TlI5XTp4J0XqGP8PB1OYG/WPPjdRgv7j\n" \ + "C/dSsEaLmV2YdQWjPRqZ+hxQbRJbLaJ9b7czBSdK1lhefAKshUEV+SGQI2MzEVGW\n" \ + "lP4tLpIhiy33fNWpnkhbxxsa/NnIS2Vb8JvQidKdgQLsJL8hRJ/it41B4JGiaBnM\n" \ + "uQmIwr+DFbVs2ibm2VlV1oNB1DrFOAYNURSIUJM0th+Wj4vI9hnwIVeUY/u3Dk5V\n" \ + "bhks+JfbPLmbJ7Tx9JiBCes7isuxNCtWrWRDUQj71IqCc2+iV86Q+gw3rcpLeLYN\n" \ + "yv3PAgMBAAGjdzB1MAwGA1UdEwEB/wQCMAAwFAYDVR0RBA0wC4IJbG9jYWxob3N0\n" \ + "MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFEnsKuMM/IbHLD1TnAK78YwFx0VF\n" \ + "MB8GA1UdIwQYMBaAFFGRr1BCIq0AHmB59tUBsghMjvz/MA0GCSqGSIb3DQEBCwUA\n" \ + "A4IBgQB0i38qq4/os7MIhUFnBFD/eduk5B+jaGvPTM8lsZJ/17BbiMBc5dyxjMVY\n" \ + "WYsm+KI5XEddBEqMYYwjdO/aoJzFLkkDu7E+UnygVZmMdQONuoyeQ/IrLk3l3zGi\n" \ + "JJlylxFBNkns+a4AnXwSAv/ZiZapjQQUX378IxOpZuqzELAPqCkqp/6LyJApDiVV\n" \ + "9av7WWySG5Wtp8lNs8o8l8ZxU14++fwo1euH0mQ4AM2DGLAhQSdOqChmROWt4MPd\n" \ + "7raaO8dl6wMI83OgOHIhZlvlmmZTYqbpPXYm/2lM9ePBU/bkA7Y/X7HFDbTIBH9Y\n" \ + "rkVZyq3FYPUtYRyqQXa8s730MQBxGmVZkKptCZjLDziZF4sAZGX78EyDeSl3Z3Jg\n" \ + "I5JGLsdznHlhqEx8hNJnYtINVv1arn2UHO7p3/cB8VXt2UdQP+YJYdVzCvT4WW1E\n" \ + "PvzTI6JbcwDpOs0MxRIrXrhgEZWylk0W93FO1WErd1+Sn3LZqvrtyXLzYB9wCl1I\n" \ + "A34kGlE=\n" \ + "-----END CERTIFICATE-----\n" -static unsigned char server_cert_pem[] = - CERT0 - "-----BEGIN CERTIFICATE-----\n" - "MIIEFDCCAnygAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" - "MCAXDTE2MDIxODEzNTQwMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0yMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAu1/IharA+97QfzDj\n" - "UXEBl9TAFqHkN9B5erj1yhMlwPAakreStR8VvuCx46TA3gP7sbUYU811T+2D5/GU\n" - "u7YuMWsFeSmGWvbxa/tKTpXoEM0bNV+rIbxAcfgtxbARZDocv8gxfG/70vc2dSDh\n" - "KgZCoMQyO6qGLRdsoPAf+De7YD8sKS7Q3d3Xnfyv4AVnDkbAVFsZhu4lQFuWXyfG\n" - "Sl95TT94wLDLdf/Gf/F0nNsv6+D6yb15afhJKdqo6PH19gsyE0U3zj6c/7abha2W\n" - "fvVe6hVbaW1HLDZdHZnjlJHamNFdrOHI5Xi+SJO7/3MWvdTzdMVFBDfS5o7TvYyS\n" - "pu6iTmVeJvJ1OpXV7Lw1M2dSTW9RJLzUF3fXYOsuh32qMel9IzhnVh8Veyl0I0WL\n" - "hThmkF73mGWcVq4lMPXwEnwYJtRLeH5HWvG3rgmb7m827XMNnqKE0NOkPH63OUqJ\n" - "0h4b6PBb6wiOgnsC3yZIf0KgB0gToySvmD6MyJsmbN9rQit1AgMBAAGjeTB3MA8G\n" - "A1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUD\n" - "AwcEADAdBgNVHQ4EFgQUUZGvUEIirQAeYHn21QGyCEyO/P8wHwYDVR0jBBgwFoAU\n" - "v9x1k1GrVS0yXKvMzD7k/zInm9gwDQYJKoZIhvcNAQELBQADggGBAIwUNzAo7Efm\n" - "X8dVGz6OEsfZ/RPIeYxZ5cmqWwcZ4oLBv55xGJNG+nIcgLMA2L6ybtFiK2nKtqy4\n" - "hMv/P6qvjX5vVQGVgLclvMkDkmXWVdqkTYDX7cSe/Bv6qIS2KBaVo87r2DIWN8Zu\n" - "J3w0U3RcD6ilXVmqvARLeKWBPrCep0DJvg/BEAFSjCgHImrpZdzm6NuUr1eYCfgN\n" - "HPwUj5Ivyy9ioPRXGzzHQH6T1p/xIRbuhqTGRUin3MqGQlFseBJ2qXPf6uQmCaWZ\n" - "tFp4oWLJThqVmlvHViPDy235roYSKkJXH4qxjbhuv0pgUZOzmSsG7YA/oYNGDm6I\n" - "bEvids1r45PjYDHctB4QLhXNY3SJVgMog1KuVCK6JQL8F8XP5Sup1qW4ed/WvXwe\n" - "PBTOWbE/ENnxF2/nQLwnr80cgVx8rAE5sxubNNQVHu/6NonPzGUhTHXmGleuXPbb\n" - "Mjv4x9s3QftWUVJb7b8GUt5bMAthqo7Y47Jed1kKIt2PAm0SNBMYrw==\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIEFDCCAnygAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCAXDTE2MDIxODEzNTQwMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0xMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA0QG/LnrMV5vsE3G7\n" - "mGVYr33PFQ/WojwKg1C8GGH9aaIn+VMuBS2d1/mwtM9axoje1uQzwKp/hPT+N3Z3\n" - "qmFWeX8somDwowNDWN3skST4ob/M4aSlfP6OhNeIfBNvPTz3GtsbOtN5TkOX7Nf2\n" - "+mfFm09xMHQ3z4yyGNmKG/oxGKY2WDe93hp0rlIZ6ihMPcsCHwWLfja3SAT4AcXs\n" - "TFrTxEnaTYuVxcRcoW7lEDtcCyGbPfszo/rEQfJxwxRF46Yoz6rrCSkXOzLhQa4v\n" - "PPsZJ6ltNqkCtSrnhcCl3SC9JqdI4e7lGsnDylq4evi8RtOYknVOqDwv0q/9DI2+\n" - "rhFUy4I0Ah9H2T7dC01KIOjGiHyThCgkt2Nee/AXFflpN2Ws7/SGALdx6Vy3OkVo\n" - "NkHYxlKKn/06Yp8XlNPR64EqxeJqPW9Pf742EJUCOeavu5wPWJtLQr03JyKWoeZf\n" - "IYT/HwZUJveqEBU1EKeZRSvrRwHnmzQJuxyUhj/2C92QF5edAgMBAAGjeTB3MA8G\n" - "A1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUD\n" - "AwcEADAdBgNVHQ4EFgQUv9x1k1GrVS0yXKvMzD7k/zInm9gwHwYDVR0jBBgwFoAU\n" - "2iUEUyXy7fPzZtc8ktanTiDzjuUwDQYJKoZIhvcNAQELBQADggGBAC9X5og786Il\n" - "CUKj4FpZrqgfN+Cwf1EebW1tX1iKYASGo8t7JS0Btt3ycVpx04JSJy5WM9cQNFU0\n" - "5vimaG0qAsWhHXljhmM0mr4ruW1Jw6KAuqw0V/JJ0oYRZaYnvi6UsoJJjq8YcatW\n" - "5ixtKr928933kYD71sMZBN7Um7ictDq0M2oaW4k0/Yt4Uqb9fv20E4EHKEpETMUR\n" - "FviTIjONdVsAVj4lxuS3u1Nt7B5ayYCkgFabME28ud6EazelwZWZwBRGiuPr6634\n" - "f8lZtnscRVU5oQb6DjkyD/SM+1ue6/wpNapoH7BimnvCcRmLvsG34vlyt7QC0BRO\n" - "cRmEPZCq8hIUIuD0x836FRNUSjjMVi2Dj+QjeNolpKgUjRF/h2yKmDRB2A7WAV5g\n" - "It7RRjMnkm3pvKj2d7/qb5OaccO4uoAq333PRAX0RLYT5yosFGq+RN8+WCnzuGsB\n" - "hCe33/7HCC6mO0/vsrQuRvECvAasznN9mF3t+ZXMvcsqTcOq4Iag1A==\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIID8zCCAlugAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCAXDTE2MDIxODEzNTQwMFoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0wMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA0MYBHVUjwlQH7Mvn\n" - "4viHyEONr+7M0+fLntPITQHihE8gxU3LpqAUpl7felAA4k0sJTaXvnZA+E1DCcIq\n" - "zksAhK3Qr8zZeCKNM41U1klcCh2+3IoGjg+CcQisb8gtiiXybH3qXYFgi3ww2YFG\n" - "cIjJAciZj8qLfwMhMcBPMx4IDHR7gdWH9V0xUZZiBkk7x3PBIWCr2FKD0877yR9t\n" - "wjlQ4Fbw5NW9j7WaUgeY2LV7iTtBH0bZ7D/04KsYdct6lKhUkzSUBg/bAUWCFp1j\n" - "ouFhzyqMf3jFDrcejxPKlRk15e9SkQYD/7dTpudXwbL9ugZfoP1xDRgslEyfyU/Q\n" - "DEyG5mlXjVBRiGvL+dfxRNw2E5xLpESt2rlMiBhe1cv8+XL5D6z/WBwDfBNUzoQR\n" - "X15YHK2NgNNHQ8u8GLtUbp3ZXaeKgj8fdR3UoRTqWgpy2vjVM3vN1xXFVTo13MJ8\n" - "isLXH/QNUR4tnOytDp1HyK2ybHkfXB1a0RMBwM5XDVD2LhPFAgMBAAGjWDBWMA8G\n" - "A1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUD\n" - "AwcGADAdBgNVHQ4EFgQU2iUEUyXy7fPzZtc8ktanTiDzjuUwDQYJKoZIhvcNAQEL\n" - "BQADggGBAJrJujtXifCeySYWbnJlraec63Zgqfv4SZIEdLt5GFLdpjk2WCxhFrN3\n" - "n6JZgI2aUWin2OL1VA1hfddAPUSHOCV8nP/Vu1f/BEaeQjEVS2AOF7T+eQSTNQtN\n" - "MkTTi0UKKXZjIIXiW4YXDs2b22JIOXkL9rFyrvN4vvbIp/jwLWx5UTHFtsktMkai\n" - "MteJBobd69ra7kdX43EkUKrgSDNpMQn10y3w4ziPDsLZ9sWaRxESbXWqDn4A7J9t\n" - "prfxut+s/3rsZgpt4s2FsswymfuW8DhzH1EjfV1Tb32blpgz/40sIRbU158Wh1UH\n" - "/DGQ6RVX0RcRt7ce7QCYTROD/yHYPVucqLfRpVNJ3oujGYaMgnSSuxEOsfwx5u+P\n" - "8USIxyQNR9cX/gQswzs3Ouj1rXBnjiSS1YXWZXvqHsUamJ8O7qpnqkL2Ti64O0HA\n" - "wdTtAcDO0BTHvanKZojLZm8nStvTvFpSVh7z+8Fu0A5zAcHsDj4vLABsdPDsXUTr\n" - "kb2G3Yy/UA==\n" "-----END CERTIFICATE-----\n"; +static unsigned char server_cert_pem[] = CERT0 + "-----BEGIN CERTIFICATE-----\n" + "MIIEFDCCAnygAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" + "MCAXDTE2MDIxODEzNTQwMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0yMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAu1/IharA+97QfzDj\n" + "UXEBl9TAFqHkN9B5erj1yhMlwPAakreStR8VvuCx46TA3gP7sbUYU811T+2D5/GU\n" + "u7YuMWsFeSmGWvbxa/tKTpXoEM0bNV+rIbxAcfgtxbARZDocv8gxfG/70vc2dSDh\n" + "KgZCoMQyO6qGLRdsoPAf+De7YD8sKS7Q3d3Xnfyv4AVnDkbAVFsZhu4lQFuWXyfG\n" + "Sl95TT94wLDLdf/Gf/F0nNsv6+D6yb15afhJKdqo6PH19gsyE0U3zj6c/7abha2W\n" + "fvVe6hVbaW1HLDZdHZnjlJHamNFdrOHI5Xi+SJO7/3MWvdTzdMVFBDfS5o7TvYyS\n" + "pu6iTmVeJvJ1OpXV7Lw1M2dSTW9RJLzUF3fXYOsuh32qMel9IzhnVh8Veyl0I0WL\n" + "hThmkF73mGWcVq4lMPXwEnwYJtRLeH5HWvG3rgmb7m827XMNnqKE0NOkPH63OUqJ\n" + "0h4b6PBb6wiOgnsC3yZIf0KgB0gToySvmD6MyJsmbN9rQit1AgMBAAGjeTB3MA8G\n" + "A1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUD\n" + "AwcEADAdBgNVHQ4EFgQUUZGvUEIirQAeYHn21QGyCEyO/P8wHwYDVR0jBBgwFoAU\n" + "v9x1k1GrVS0yXKvMzD7k/zInm9gwDQYJKoZIhvcNAQELBQADggGBAIwUNzAo7Efm\n" + "X8dVGz6OEsfZ/RPIeYxZ5cmqWwcZ4oLBv55xGJNG+nIcgLMA2L6ybtFiK2nKtqy4\n" + "hMv/P6qvjX5vVQGVgLclvMkDkmXWVdqkTYDX7cSe/Bv6qIS2KBaVo87r2DIWN8Zu\n" + "J3w0U3RcD6ilXVmqvARLeKWBPrCep0DJvg/BEAFSjCgHImrpZdzm6NuUr1eYCfgN\n" + "HPwUj5Ivyy9ioPRXGzzHQH6T1p/xIRbuhqTGRUin3MqGQlFseBJ2qXPf6uQmCaWZ\n" + "tFp4oWLJThqVmlvHViPDy235roYSKkJXH4qxjbhuv0pgUZOzmSsG7YA/oYNGDm6I\n" + "bEvids1r45PjYDHctB4QLhXNY3SJVgMog1KuVCK6JQL8F8XP5Sup1qW4ed/WvXwe\n" + "PBTOWbE/ENnxF2/nQLwnr80cgVx8rAE5sxubNNQVHu/6NonPzGUhTHXmGleuXPbb\n" + "Mjv4x9s3QftWUVJb7b8GUt5bMAthqo7Y47Jed1kKIt2PAm0SNBMYrw==\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIEFDCCAnygAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCAXDTE2MDIxODEzNTQwMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0xMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA0QG/LnrMV5vsE3G7\n" + "mGVYr33PFQ/WojwKg1C8GGH9aaIn+VMuBS2d1/mwtM9axoje1uQzwKp/hPT+N3Z3\n" + "qmFWeX8somDwowNDWN3skST4ob/M4aSlfP6OhNeIfBNvPTz3GtsbOtN5TkOX7Nf2\n" + "+mfFm09xMHQ3z4yyGNmKG/oxGKY2WDe93hp0rlIZ6ihMPcsCHwWLfja3SAT4AcXs\n" + "TFrTxEnaTYuVxcRcoW7lEDtcCyGbPfszo/rEQfJxwxRF46Yoz6rrCSkXOzLhQa4v\n" + "PPsZJ6ltNqkCtSrnhcCl3SC9JqdI4e7lGsnDylq4evi8RtOYknVOqDwv0q/9DI2+\n" + "rhFUy4I0Ah9H2T7dC01KIOjGiHyThCgkt2Nee/AXFflpN2Ws7/SGALdx6Vy3OkVo\n" + "NkHYxlKKn/06Yp8XlNPR64EqxeJqPW9Pf742EJUCOeavu5wPWJtLQr03JyKWoeZf\n" + "IYT/HwZUJveqEBU1EKeZRSvrRwHnmzQJuxyUhj/2C92QF5edAgMBAAGjeTB3MA8G\n" + "A1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUD\n" + "AwcEADAdBgNVHQ4EFgQUv9x1k1GrVS0yXKvMzD7k/zInm9gwHwYDVR0jBBgwFoAU\n" + "2iUEUyXy7fPzZtc8ktanTiDzjuUwDQYJKoZIhvcNAQELBQADggGBAC9X5og786Il\n" + "CUKj4FpZrqgfN+Cwf1EebW1tX1iKYASGo8t7JS0Btt3ycVpx04JSJy5WM9cQNFU0\n" + "5vimaG0qAsWhHXljhmM0mr4ruW1Jw6KAuqw0V/JJ0oYRZaYnvi6UsoJJjq8YcatW\n" + "5ixtKr928933kYD71sMZBN7Um7ictDq0M2oaW4k0/Yt4Uqb9fv20E4EHKEpETMUR\n" + "FviTIjONdVsAVj4lxuS3u1Nt7B5ayYCkgFabME28ud6EazelwZWZwBRGiuPr6634\n" + "f8lZtnscRVU5oQb6DjkyD/SM+1ue6/wpNapoH7BimnvCcRmLvsG34vlyt7QC0BRO\n" + "cRmEPZCq8hIUIuD0x836FRNUSjjMVi2Dj+QjeNolpKgUjRF/h2yKmDRB2A7WAV5g\n" + "It7RRjMnkm3pvKj2d7/qb5OaccO4uoAq333PRAX0RLYT5yosFGq+RN8+WCnzuGsB\n" + "hCe33/7HCC6mO0/vsrQuRvECvAasznN9mF3t+ZXMvcsqTcOq4Iag1A==\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIID8zCCAlugAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCAXDTE2MDIxODEzNTQwMFoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0wMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA0MYBHVUjwlQH7Mvn\n" + "4viHyEONr+7M0+fLntPITQHihE8gxU3LpqAUpl7felAA4k0sJTaXvnZA+E1DCcIq\n" + "zksAhK3Qr8zZeCKNM41U1klcCh2+3IoGjg+CcQisb8gtiiXybH3qXYFgi3ww2YFG\n" + "cIjJAciZj8qLfwMhMcBPMx4IDHR7gdWH9V0xUZZiBkk7x3PBIWCr2FKD0877yR9t\n" + "wjlQ4Fbw5NW9j7WaUgeY2LV7iTtBH0bZ7D/04KsYdct6lKhUkzSUBg/bAUWCFp1j\n" + "ouFhzyqMf3jFDrcejxPKlRk15e9SkQYD/7dTpudXwbL9ugZfoP1xDRgslEyfyU/Q\n" + "DEyG5mlXjVBRiGvL+dfxRNw2E5xLpESt2rlMiBhe1cv8+XL5D6z/WBwDfBNUzoQR\n" + "X15YHK2NgNNHQ8u8GLtUbp3ZXaeKgj8fdR3UoRTqWgpy2vjVM3vN1xXFVTo13MJ8\n" + "isLXH/QNUR4tnOytDp1HyK2ybHkfXB1a0RMBwM5XDVD2LhPFAgMBAAGjWDBWMA8G\n" + "A1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUD\n" + "AwcGADAdBgNVHQ4EFgQU2iUEUyXy7fPzZtc8ktanTiDzjuUwDQYJKoZIhvcNAQEL\n" + "BQADggGBAJrJujtXifCeySYWbnJlraec63Zgqfv4SZIEdLt5GFLdpjk2WCxhFrN3\n" + "n6JZgI2aUWin2OL1VA1hfddAPUSHOCV8nP/Vu1f/BEaeQjEVS2AOF7T+eQSTNQtN\n" + "MkTTi0UKKXZjIIXiW4YXDs2b22JIOXkL9rFyrvN4vvbIp/jwLWx5UTHFtsktMkai\n" + "MteJBobd69ra7kdX43EkUKrgSDNpMQn10y3w4ziPDsLZ9sWaRxESbXWqDn4A7J9t\n" + "prfxut+s/3rsZgpt4s2FsswymfuW8DhzH1EjfV1Tb32blpgz/40sIRbU158Wh1UH\n" + "/DGQ6RVX0RcRt7ce7QCYTROD/yHYPVucqLfRpVNJ3oujGYaMgnSSuxEOsfwx5u+P\n" + "8USIxyQNR9cX/gQswzs3Ouj1rXBnjiSS1YXWZXvqHsUamJ8O7qpnqkL2Ti64O0HA\n" + "wdTtAcDO0BTHvanKZojLZm8nStvTvFpSVh7z+8Fu0A5zAcHsDj4vLABsdPDsXUTr\n" + "kb2G3Yy/UA==\n" + "-----END CERTIFICATE-----\n"; -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; -static unsigned char unsorted_server_cert_pem[] = - CERT0 - "-----BEGIN CERTIFICATE-----\n" - "MIIEFDCCAnygAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCAXDTE2MDIxODEzNTQwMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0xMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA0QG/LnrMV5vsE3G7\n" - "mGVYr33PFQ/WojwKg1C8GGH9aaIn+VMuBS2d1/mwtM9axoje1uQzwKp/hPT+N3Z3\n" - "qmFWeX8somDwowNDWN3skST4ob/M4aSlfP6OhNeIfBNvPTz3GtsbOtN5TkOX7Nf2\n" - "+mfFm09xMHQ3z4yyGNmKG/oxGKY2WDe93hp0rlIZ6ihMPcsCHwWLfja3SAT4AcXs\n" - "TFrTxEnaTYuVxcRcoW7lEDtcCyGbPfszo/rEQfJxwxRF46Yoz6rrCSkXOzLhQa4v\n" - "PPsZJ6ltNqkCtSrnhcCl3SC9JqdI4e7lGsnDylq4evi8RtOYknVOqDwv0q/9DI2+\n" - "rhFUy4I0Ah9H2T7dC01KIOjGiHyThCgkt2Nee/AXFflpN2Ws7/SGALdx6Vy3OkVo\n" - "NkHYxlKKn/06Yp8XlNPR64EqxeJqPW9Pf742EJUCOeavu5wPWJtLQr03JyKWoeZf\n" - "IYT/HwZUJveqEBU1EKeZRSvrRwHnmzQJuxyUhj/2C92QF5edAgMBAAGjeTB3MA8G\n" - "A1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUD\n" - "AwcEADAdBgNVHQ4EFgQUv9x1k1GrVS0yXKvMzD7k/zInm9gwHwYDVR0jBBgwFoAU\n" - "2iUEUyXy7fPzZtc8ktanTiDzjuUwDQYJKoZIhvcNAQELBQADggGBAC9X5og786Il\n" - "CUKj4FpZrqgfN+Cwf1EebW1tX1iKYASGo8t7JS0Btt3ycVpx04JSJy5WM9cQNFU0\n" - "5vimaG0qAsWhHXljhmM0mr4ruW1Jw6KAuqw0V/JJ0oYRZaYnvi6UsoJJjq8YcatW\n" - "5ixtKr928933kYD71sMZBN7Um7ictDq0M2oaW4k0/Yt4Uqb9fv20E4EHKEpETMUR\n" - "FviTIjONdVsAVj4lxuS3u1Nt7B5ayYCkgFabME28ud6EazelwZWZwBRGiuPr6634\n" - "f8lZtnscRVU5oQb6DjkyD/SM+1ue6/wpNapoH7BimnvCcRmLvsG34vlyt7QC0BRO\n" - "cRmEPZCq8hIUIuD0x836FRNUSjjMVi2Dj+QjeNolpKgUjRF/h2yKmDRB2A7WAV5g\n" - "It7RRjMnkm3pvKj2d7/qb5OaccO4uoAq333PRAX0RLYT5yosFGq+RN8+WCnzuGsB\n" - "hCe33/7HCC6mO0/vsrQuRvECvAasznN9mF3t+ZXMvcsqTcOq4Iag1A==\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIID8zCCAlugAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCAXDTE2MDIxODEzNTQwMFoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0wMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA0MYBHVUjwlQH7Mvn\n" - "4viHyEONr+7M0+fLntPITQHihE8gxU3LpqAUpl7felAA4k0sJTaXvnZA+E1DCcIq\n" - "zksAhK3Qr8zZeCKNM41U1klcCh2+3IoGjg+CcQisb8gtiiXybH3qXYFgi3ww2YFG\n" - "cIjJAciZj8qLfwMhMcBPMx4IDHR7gdWH9V0xUZZiBkk7x3PBIWCr2FKD0877yR9t\n" - "wjlQ4Fbw5NW9j7WaUgeY2LV7iTtBH0bZ7D/04KsYdct6lKhUkzSUBg/bAUWCFp1j\n" - "ouFhzyqMf3jFDrcejxPKlRk15e9SkQYD/7dTpudXwbL9ugZfoP1xDRgslEyfyU/Q\n" - "DEyG5mlXjVBRiGvL+dfxRNw2E5xLpESt2rlMiBhe1cv8+XL5D6z/WBwDfBNUzoQR\n" - "X15YHK2NgNNHQ8u8GLtUbp3ZXaeKgj8fdR3UoRTqWgpy2vjVM3vN1xXFVTo13MJ8\n" - "isLXH/QNUR4tnOytDp1HyK2ybHkfXB1a0RMBwM5XDVD2LhPFAgMBAAGjWDBWMA8G\n" - "A1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUD\n" - "AwcGADAdBgNVHQ4EFgQU2iUEUyXy7fPzZtc8ktanTiDzjuUwDQYJKoZIhvcNAQEL\n" - "BQADggGBAJrJujtXifCeySYWbnJlraec63Zgqfv4SZIEdLt5GFLdpjk2WCxhFrN3\n" - "n6JZgI2aUWin2OL1VA1hfddAPUSHOCV8nP/Vu1f/BEaeQjEVS2AOF7T+eQSTNQtN\n" - "MkTTi0UKKXZjIIXiW4YXDs2b22JIOXkL9rFyrvN4vvbIp/jwLWx5UTHFtsktMkai\n" - "MteJBobd69ra7kdX43EkUKrgSDNpMQn10y3w4ziPDsLZ9sWaRxESbXWqDn4A7J9t\n" - "prfxut+s/3rsZgpt4s2FsswymfuW8DhzH1EjfV1Tb32blpgz/40sIRbU158Wh1UH\n" - "/DGQ6RVX0RcRt7ce7QCYTROD/yHYPVucqLfRpVNJ3oujGYaMgnSSuxEOsfwx5u+P\n" - "8USIxyQNR9cX/gQswzs3Ouj1rXBnjiSS1YXWZXvqHsUamJ8O7qpnqkL2Ti64O0HA\n" - "wdTtAcDO0BTHvanKZojLZm8nStvTvFpSVh7z+8Fu0A5zAcHsDj4vLABsdPDsXUTr\n" - "kb2G3Yy/UA==\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIEFDCCAnygAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" - "MCAXDTE2MDIxODEzNTQwMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0yMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAu1/IharA+97QfzDj\n" - "UXEBl9TAFqHkN9B5erj1yhMlwPAakreStR8VvuCx46TA3gP7sbUYU811T+2D5/GU\n" - "u7YuMWsFeSmGWvbxa/tKTpXoEM0bNV+rIbxAcfgtxbARZDocv8gxfG/70vc2dSDh\n" - "KgZCoMQyO6qGLRdsoPAf+De7YD8sKS7Q3d3Xnfyv4AVnDkbAVFsZhu4lQFuWXyfG\n" - "Sl95TT94wLDLdf/Gf/F0nNsv6+D6yb15afhJKdqo6PH19gsyE0U3zj6c/7abha2W\n" - "fvVe6hVbaW1HLDZdHZnjlJHamNFdrOHI5Xi+SJO7/3MWvdTzdMVFBDfS5o7TvYyS\n" - "pu6iTmVeJvJ1OpXV7Lw1M2dSTW9RJLzUF3fXYOsuh32qMel9IzhnVh8Veyl0I0WL\n" - "hThmkF73mGWcVq4lMPXwEnwYJtRLeH5HWvG3rgmb7m827XMNnqKE0NOkPH63OUqJ\n" - "0h4b6PBb6wiOgnsC3yZIf0KgB0gToySvmD6MyJsmbN9rQit1AgMBAAGjeTB3MA8G\n" - "A1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUD\n" - "AwcEADAdBgNVHQ4EFgQUUZGvUEIirQAeYHn21QGyCEyO/P8wHwYDVR0jBBgwFoAU\n" - "v9x1k1GrVS0yXKvMzD7k/zInm9gwDQYJKoZIhvcNAQELBQADggGBAIwUNzAo7Efm\n" - "X8dVGz6OEsfZ/RPIeYxZ5cmqWwcZ4oLBv55xGJNG+nIcgLMA2L6ybtFiK2nKtqy4\n" - "hMv/P6qvjX5vVQGVgLclvMkDkmXWVdqkTYDX7cSe/Bv6qIS2KBaVo87r2DIWN8Zu\n" - "J3w0U3RcD6ilXVmqvARLeKWBPrCep0DJvg/BEAFSjCgHImrpZdzm6NuUr1eYCfgN\n" - "HPwUj5Ivyy9ioPRXGzzHQH6T1p/xIRbuhqTGRUin3MqGQlFseBJ2qXPf6uQmCaWZ\n" - "tFp4oWLJThqVmlvHViPDy235roYSKkJXH4qxjbhuv0pgUZOzmSsG7YA/oYNGDm6I\n" - "bEvids1r45PjYDHctB4QLhXNY3SJVgMog1KuVCK6JQL8F8XP5Sup1qW4ed/WvXwe\n" - "PBTOWbE/ENnxF2/nQLwnr80cgVx8rAE5sxubNNQVHu/6NonPzGUhTHXmGleuXPbb\n" - "Mjv4x9s3QftWUVJb7b8GUt5bMAthqo7Y47Jed1kKIt2PAm0SNBMYrw==\n" - "-----END CERTIFICATE-----\n"; +static unsigned char unsorted_server_cert_pem[] = CERT0 + "-----BEGIN CERTIFICATE-----\n" + "MIIEFDCCAnygAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCAXDTE2MDIxODEzNTQwMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0xMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA0QG/LnrMV5vsE3G7\n" + "mGVYr33PFQ/WojwKg1C8GGH9aaIn+VMuBS2d1/mwtM9axoje1uQzwKp/hPT+N3Z3\n" + "qmFWeX8somDwowNDWN3skST4ob/M4aSlfP6OhNeIfBNvPTz3GtsbOtN5TkOX7Nf2\n" + "+mfFm09xMHQ3z4yyGNmKG/oxGKY2WDe93hp0rlIZ6ihMPcsCHwWLfja3SAT4AcXs\n" + "TFrTxEnaTYuVxcRcoW7lEDtcCyGbPfszo/rEQfJxwxRF46Yoz6rrCSkXOzLhQa4v\n" + "PPsZJ6ltNqkCtSrnhcCl3SC9JqdI4e7lGsnDylq4evi8RtOYknVOqDwv0q/9DI2+\n" + "rhFUy4I0Ah9H2T7dC01KIOjGiHyThCgkt2Nee/AXFflpN2Ws7/SGALdx6Vy3OkVo\n" + "NkHYxlKKn/06Yp8XlNPR64EqxeJqPW9Pf742EJUCOeavu5wPWJtLQr03JyKWoeZf\n" + "IYT/HwZUJveqEBU1EKeZRSvrRwHnmzQJuxyUhj/2C92QF5edAgMBAAGjeTB3MA8G\n" + "A1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUD\n" + "AwcEADAdBgNVHQ4EFgQUv9x1k1GrVS0yXKvMzD7k/zInm9gwHwYDVR0jBBgwFoAU\n" + "2iUEUyXy7fPzZtc8ktanTiDzjuUwDQYJKoZIhvcNAQELBQADggGBAC9X5og786Il\n" + "CUKj4FpZrqgfN+Cwf1EebW1tX1iKYASGo8t7JS0Btt3ycVpx04JSJy5WM9cQNFU0\n" + "5vimaG0qAsWhHXljhmM0mr4ruW1Jw6KAuqw0V/JJ0oYRZaYnvi6UsoJJjq8YcatW\n" + "5ixtKr928933kYD71sMZBN7Um7ictDq0M2oaW4k0/Yt4Uqb9fv20E4EHKEpETMUR\n" + "FviTIjONdVsAVj4lxuS3u1Nt7B5ayYCkgFabME28ud6EazelwZWZwBRGiuPr6634\n" + "f8lZtnscRVU5oQb6DjkyD/SM+1ue6/wpNapoH7BimnvCcRmLvsG34vlyt7QC0BRO\n" + "cRmEPZCq8hIUIuD0x836FRNUSjjMVi2Dj+QjeNolpKgUjRF/h2yKmDRB2A7WAV5g\n" + "It7RRjMnkm3pvKj2d7/qb5OaccO4uoAq333PRAX0RLYT5yosFGq+RN8+WCnzuGsB\n" + "hCe33/7HCC6mO0/vsrQuRvECvAasznN9mF3t+ZXMvcsqTcOq4Iag1A==\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIID8zCCAlugAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCAXDTE2MDIxODEzNTQwMFoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0wMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA0MYBHVUjwlQH7Mvn\n" + "4viHyEONr+7M0+fLntPITQHihE8gxU3LpqAUpl7felAA4k0sJTaXvnZA+E1DCcIq\n" + "zksAhK3Qr8zZeCKNM41U1klcCh2+3IoGjg+CcQisb8gtiiXybH3qXYFgi3ww2YFG\n" + "cIjJAciZj8qLfwMhMcBPMx4IDHR7gdWH9V0xUZZiBkk7x3PBIWCr2FKD0877yR9t\n" + "wjlQ4Fbw5NW9j7WaUgeY2LV7iTtBH0bZ7D/04KsYdct6lKhUkzSUBg/bAUWCFp1j\n" + "ouFhzyqMf3jFDrcejxPKlRk15e9SkQYD/7dTpudXwbL9ugZfoP1xDRgslEyfyU/Q\n" + "DEyG5mlXjVBRiGvL+dfxRNw2E5xLpESt2rlMiBhe1cv8+XL5D6z/WBwDfBNUzoQR\n" + "X15YHK2NgNNHQ8u8GLtUbp3ZXaeKgj8fdR3UoRTqWgpy2vjVM3vN1xXFVTo13MJ8\n" + "isLXH/QNUR4tnOytDp1HyK2ybHkfXB1a0RMBwM5XDVD2LhPFAgMBAAGjWDBWMA8G\n" + "A1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUD\n" + "AwcGADAdBgNVHQ4EFgQU2iUEUyXy7fPzZtc8ktanTiDzjuUwDQYJKoZIhvcNAQEL\n" + "BQADggGBAJrJujtXifCeySYWbnJlraec63Zgqfv4SZIEdLt5GFLdpjk2WCxhFrN3\n" + "n6JZgI2aUWin2OL1VA1hfddAPUSHOCV8nP/Vu1f/BEaeQjEVS2AOF7T+eQSTNQtN\n" + "MkTTi0UKKXZjIIXiW4YXDs2b22JIOXkL9rFyrvN4vvbIp/jwLWx5UTHFtsktMkai\n" + "MteJBobd69ra7kdX43EkUKrgSDNpMQn10y3w4ziPDsLZ9sWaRxESbXWqDn4A7J9t\n" + "prfxut+s/3rsZgpt4s2FsswymfuW8DhzH1EjfV1Tb32blpgz/40sIRbU158Wh1UH\n" + "/DGQ6RVX0RcRt7ce7QCYTROD/yHYPVucqLfRpVNJ3oujGYaMgnSSuxEOsfwx5u+P\n" + "8USIxyQNR9cX/gQswzs3Ouj1rXBnjiSS1YXWZXvqHsUamJ8O7qpnqkL2Ti64O0HA\n" + "wdTtAcDO0BTHvanKZojLZm8nStvTvFpSVh7z+8Fu0A5zAcHsDj4vLABsdPDsXUTr\n" + "kb2G3Yy/UA==\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIEFDCCAnygAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" + "MCAXDTE2MDIxODEzNTQwMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0yMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAu1/IharA+97QfzDj\n" + "UXEBl9TAFqHkN9B5erj1yhMlwPAakreStR8VvuCx46TA3gP7sbUYU811T+2D5/GU\n" + "u7YuMWsFeSmGWvbxa/tKTpXoEM0bNV+rIbxAcfgtxbARZDocv8gxfG/70vc2dSDh\n" + "KgZCoMQyO6qGLRdsoPAf+De7YD8sKS7Q3d3Xnfyv4AVnDkbAVFsZhu4lQFuWXyfG\n" + "Sl95TT94wLDLdf/Gf/F0nNsv6+D6yb15afhJKdqo6PH19gsyE0U3zj6c/7abha2W\n" + "fvVe6hVbaW1HLDZdHZnjlJHamNFdrOHI5Xi+SJO7/3MWvdTzdMVFBDfS5o7TvYyS\n" + "pu6iTmVeJvJ1OpXV7Lw1M2dSTW9RJLzUF3fXYOsuh32qMel9IzhnVh8Veyl0I0WL\n" + "hThmkF73mGWcVq4lMPXwEnwYJtRLeH5HWvG3rgmb7m827XMNnqKE0NOkPH63OUqJ\n" + "0h4b6PBb6wiOgnsC3yZIf0KgB0gToySvmD6MyJsmbN9rQit1AgMBAAGjeTB3MA8G\n" + "A1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUD\n" + "AwcEADAdBgNVHQ4EFgQUUZGvUEIirQAeYHn21QGyCEyO/P8wHwYDVR0jBBgwFoAU\n" + "v9x1k1GrVS0yXKvMzD7k/zInm9gwDQYJKoZIhvcNAQELBQADggGBAIwUNzAo7Efm\n" + "X8dVGz6OEsfZ/RPIeYxZ5cmqWwcZ4oLBv55xGJNG+nIcgLMA2L6ybtFiK2nKtqy4\n" + "hMv/P6qvjX5vVQGVgLclvMkDkmXWVdqkTYDX7cSe/Bv6qIS2KBaVo87r2DIWN8Zu\n" + "J3w0U3RcD6ilXVmqvARLeKWBPrCep0DJvg/BEAFSjCgHImrpZdzm6NuUr1eYCfgN\n" + "HPwUj5Ivyy9ioPRXGzzHQH6T1p/xIRbuhqTGRUin3MqGQlFseBJ2qXPf6uQmCaWZ\n" + "tFp4oWLJThqVmlvHViPDy235roYSKkJXH4qxjbhuv0pgUZOzmSsG7YA/oYNGDm6I\n" + "bEvids1r45PjYDHctB4QLhXNY3SJVgMog1KuVCK6JQL8F8XP5Sup1qW4ed/WvXwe\n" + "PBTOWbE/ENnxF2/nQLwnr80cgVx8rAE5sxubNNQVHu/6NonPzGUhTHXmGleuXPbb\n" + "Mjv4x9s3QftWUVJb7b8GUt5bMAthqo7Y47Jed1kKIt2PAm0SNBMYrw==\n" + "-----END CERTIFICATE-----\n"; -const gnutls_datum_t unsorted_server_cert = { unsorted_server_cert_pem, - sizeof(unsorted_server_cert_pem) +const gnutls_datum_t unsorted_server_cert = { + unsorted_server_cert_pem, sizeof(unsorted_server_cert_pem) }; const gnutls_datum_t single_server_cert = { server_cert_pem, - sizeof(CERT0) - 1 -}; + sizeof(CERT0) - 1 }; -static unsigned char isolated_server_cert_pem[] = - CERT0 - "-----BEGIN CERTIFICATE-----\n" - "MIID8zCCAlugAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCAXDTE2MDIxODEzNTQwMFoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0wMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA0MYBHVUjwlQH7Mvn\n" - "4viHyEONr+7M0+fLntPITQHihE8gxU3LpqAUpl7felAA4k0sJTaXvnZA+E1DCcIq\n" - "zksAhK3Qr8zZeCKNM41U1klcCh2+3IoGjg+CcQisb8gtiiXybH3qXYFgi3ww2YFG\n" - "cIjJAciZj8qLfwMhMcBPMx4IDHR7gdWH9V0xUZZiBkk7x3PBIWCr2FKD0877yR9t\n" - "wjlQ4Fbw5NW9j7WaUgeY2LV7iTtBH0bZ7D/04KsYdct6lKhUkzSUBg/bAUWCFp1j\n" - "ouFhzyqMf3jFDrcejxPKlRk15e9SkQYD/7dTpudXwbL9ugZfoP1xDRgslEyfyU/Q\n" - "DEyG5mlXjVBRiGvL+dfxRNw2E5xLpESt2rlMiBhe1cv8+XL5D6z/WBwDfBNUzoQR\n" - "X15YHK2NgNNHQ8u8GLtUbp3ZXaeKgj8fdR3UoRTqWgpy2vjVM3vN1xXFVTo13MJ8\n" - "isLXH/QNUR4tnOytDp1HyK2ybHkfXB1a0RMBwM5XDVD2LhPFAgMBAAGjWDBWMA8G\n" - "A1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUD\n" - "AwcGADAdBgNVHQ4EFgQU2iUEUyXy7fPzZtc8ktanTiDzjuUwDQYJKoZIhvcNAQEL\n" - "BQADggGBAJrJujtXifCeySYWbnJlraec63Zgqfv4SZIEdLt5GFLdpjk2WCxhFrN3\n" - "n6JZgI2aUWin2OL1VA1hfddAPUSHOCV8nP/Vu1f/BEaeQjEVS2AOF7T+eQSTNQtN\n" - "MkTTi0UKKXZjIIXiW4YXDs2b22JIOXkL9rFyrvN4vvbIp/jwLWx5UTHFtsktMkai\n" - "MteJBobd69ra7kdX43EkUKrgSDNpMQn10y3w4ziPDsLZ9sWaRxESbXWqDn4A7J9t\n" - "prfxut+s/3rsZgpt4s2FsswymfuW8DhzH1EjfV1Tb32blpgz/40sIRbU158Wh1UH\n" - "/DGQ6RVX0RcRt7ce7QCYTROD/yHYPVucqLfRpVNJ3oujGYaMgnSSuxEOsfwx5u+P\n" - "8USIxyQNR9cX/gQswzs3Ouj1rXBnjiSS1YXWZXvqHsUamJ8O7qpnqkL2Ti64O0HA\n" - "wdTtAcDO0BTHvanKZojLZm8nStvTvFpSVh7z+8Fu0A5zAcHsDj4vLABsdPDsXUTr\n" - "kb2G3Yy/UA==\n" "-----END CERTIFICATE-----\n"; +static unsigned char isolated_server_cert_pem[] = CERT0 + "-----BEGIN CERTIFICATE-----\n" + "MIID8zCCAlugAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCAXDTE2MDIxODEzNTQwMFoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0wMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA0MYBHVUjwlQH7Mvn\n" + "4viHyEONr+7M0+fLntPITQHihE8gxU3LpqAUpl7felAA4k0sJTaXvnZA+E1DCcIq\n" + "zksAhK3Qr8zZeCKNM41U1klcCh2+3IoGjg+CcQisb8gtiiXybH3qXYFgi3ww2YFG\n" + "cIjJAciZj8qLfwMhMcBPMx4IDHR7gdWH9V0xUZZiBkk7x3PBIWCr2FKD0877yR9t\n" + "wjlQ4Fbw5NW9j7WaUgeY2LV7iTtBH0bZ7D/04KsYdct6lKhUkzSUBg/bAUWCFp1j\n" + "ouFhzyqMf3jFDrcejxPKlRk15e9SkQYD/7dTpudXwbL9ugZfoP1xDRgslEyfyU/Q\n" + "DEyG5mlXjVBRiGvL+dfxRNw2E5xLpESt2rlMiBhe1cv8+XL5D6z/WBwDfBNUzoQR\n" + "X15YHK2NgNNHQ8u8GLtUbp3ZXaeKgj8fdR3UoRTqWgpy2vjVM3vN1xXFVTo13MJ8\n" + "isLXH/QNUR4tnOytDp1HyK2ybHkfXB1a0RMBwM5XDVD2LhPFAgMBAAGjWDBWMA8G\n" + "A1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYDVR0PAQH/BAUD\n" + "AwcGADAdBgNVHQ4EFgQU2iUEUyXy7fPzZtc8ktanTiDzjuUwDQYJKoZIhvcNAQEL\n" + "BQADggGBAJrJujtXifCeySYWbnJlraec63Zgqfv4SZIEdLt5GFLdpjk2WCxhFrN3\n" + "n6JZgI2aUWin2OL1VA1hfddAPUSHOCV8nP/Vu1f/BEaeQjEVS2AOF7T+eQSTNQtN\n" + "MkTTi0UKKXZjIIXiW4YXDs2b22JIOXkL9rFyrvN4vvbIp/jwLWx5UTHFtsktMkai\n" + "MteJBobd69ra7kdX43EkUKrgSDNpMQn10y3w4ziPDsLZ9sWaRxESbXWqDn4A7J9t\n" + "prfxut+s/3rsZgpt4s2FsswymfuW8DhzH1EjfV1Tb32blpgz/40sIRbU158Wh1UH\n" + "/DGQ6RVX0RcRt7ce7QCYTROD/yHYPVucqLfRpVNJ3oujGYaMgnSSuxEOsfwx5u+P\n" + "8USIxyQNR9cX/gQswzs3Ouj1rXBnjiSS1YXWZXvqHsUamJ8O7qpnqkL2Ti64O0HA\n" + "wdTtAcDO0BTHvanKZojLZm8nStvTvFpSVh7z+8Fu0A5zAcHsDj4vLABsdPDsXUTr\n" + "kb2G3Yy/UA==\n" + "-----END CERTIFICATE-----\n"; -const gnutls_datum_t isolated_server_cert = { isolated_server_cert_pem, - sizeof(isolated_server_cert_pem) +const gnutls_datum_t isolated_server_cert = { + isolated_server_cert_pem, sizeof(isolated_server_cert_pem) }; void doit(void) @@ -316,12 +312,11 @@ void doit(void) gnutls_pcert_deinit(&pcert_list[i]); pcert_list_size = 16; - flags = - GNUTLS_X509_CRT_LIST_SORT | GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED; - ret = - gnutls_pcert_list_import_x509_raw(pcert_list, &pcert_list_size, - &server_cert, GNUTLS_X509_FMT_PEM, - flags); + flags = GNUTLS_X509_CRT_LIST_SORT | + GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED; + ret = gnutls_pcert_list_import_x509_raw(pcert_list, &pcert_list_size, + &server_cert, + GNUTLS_X509_FMT_PEM, flags); if (ret != 0 || pcert_list_size != 4) { fail("the combined import failed\n"); } @@ -331,14 +326,14 @@ void doit(void) /* try the unsorted list */ pcert_list_size = 16; - flags = - GNUTLS_X509_CRT_LIST_SORT | GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED; - ret = - gnutls_pcert_list_import_x509_raw(pcert_list, &pcert_list_size, - &unsorted_server_cert, - GNUTLS_X509_FMT_PEM, flags); + flags = GNUTLS_X509_CRT_LIST_SORT | + GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED; + ret = gnutls_pcert_list_import_x509_raw(pcert_list, &pcert_list_size, + &unsorted_server_cert, + GNUTLS_X509_FMT_PEM, flags); if (ret < 0 || pcert_list_size != 4) { - fail("the combined import failed for the unsorted list (%d): %s\n", pcert_list_size, gnutls_strerror(ret)); + fail("the combined import failed for the unsorted list (%d): %s\n", + pcert_list_size, gnutls_strerror(ret)); } for (i = 0; i < pcert_list_size; i++) @@ -346,14 +341,14 @@ void doit(void) /* try the single cert list */ pcert_list_size = 16; - flags = - GNUTLS_X509_CRT_LIST_SORT | GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED; - ret = - gnutls_pcert_list_import_x509_raw(pcert_list, &pcert_list_size, - &single_server_cert, - GNUTLS_X509_FMT_PEM, flags); + flags = GNUTLS_X509_CRT_LIST_SORT | + GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED; + ret = gnutls_pcert_list_import_x509_raw(pcert_list, &pcert_list_size, + &single_server_cert, + GNUTLS_X509_FMT_PEM, flags); if (ret < 0 || pcert_list_size != 1) { - fail("the combined import failed for the single cert (%d): %s\n", pcert_list_size, gnutls_strerror(ret)); + fail("the combined import failed for the single cert (%d): %s\n", + pcert_list_size, gnutls_strerror(ret)); } for (i = 0; i < pcert_list_size; i++) @@ -361,14 +356,14 @@ void doit(void) /* try the single final cert list */ pcert_list_size = 16; - flags = - GNUTLS_X509_CRT_LIST_SORT | GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED; - ret = - gnutls_pcert_list_import_x509_raw(pcert_list, &pcert_list_size, - &isolated_server_cert, - GNUTLS_X509_FMT_PEM, flags); + flags = GNUTLS_X509_CRT_LIST_SORT | + GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED; + ret = gnutls_pcert_list_import_x509_raw(pcert_list, &pcert_list_size, + &isolated_server_cert, + GNUTLS_X509_FMT_PEM, flags); if (ret < 0 || pcert_list_size != 1) { - fail("the combined import failed for the isolated cert (%d): %s\n", pcert_list_size, gnutls_strerror(ret)); + fail("the combined import failed for the isolated cert (%d): %s\n", + pcert_list_size, gnutls_strerror(ret)); } for (i = 0; i < pcert_list_size; i++) diff --git a/tests/pkcs1-digest-info.c b/tests/pkcs1-digest-info.c index f137361c66..ea8d62758b 100644 --- a/tests/pkcs1-digest-info.c +++ b/tests/pkcs1-digest-info.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -36,7 +36,7 @@ #include "utils.h" static void encode(const char *test_name, gnutls_digest_algorithm_t hash, - const gnutls_datum_t * raw, const gnutls_datum_t * expected) + const gnutls_datum_t *raw, const gnutls_datum_t *expected) { int ret; gnutls_datum_t out; @@ -53,13 +53,15 @@ static void encode(const char *test_name, gnutls_digest_algorithm_t hash, if (expected->size != out.size) { hexprint(out.data, out.size); - fail("%s: gnutls_encode_ber_digest_info: output has incorrect size (%d, expected %d)\n", test_name, (int)out.size, expected->size); + fail("%s: gnutls_encode_ber_digest_info: output has incorrect size (%d, expected %d)\n", + test_name, (int)out.size, expected->size); exit(1); } if (memcmp(expected->data, out.data, out.size) != 0) { hexprint(out.data, out.size); - fail("%s: gnutls_encode_ber_digest_info: output does not match the expected\n", test_name); + fail("%s: gnutls_encode_ber_digest_info: output does not match the expected\n", + test_name); exit(1); } @@ -72,17 +74,20 @@ static void encode(const char *test_name, gnutls_digest_algorithm_t hash, } if (thash != hash) { - fail("%s: gnutls_decode_ber_digest_info: wrong hash, got: %d, expected %d\n", test_name, (int)thash, (int)hash); + fail("%s: gnutls_decode_ber_digest_info: wrong hash, got: %d, expected %d\n", + test_name, (int)thash, (int)hash); exit(1); } if (raw->size != digest_size) { - fail("%s: gnutls_decode_ber_digest_info: output has incorrect size (%d, expected %d)\n", test_name, digest_size, raw->size); + fail("%s: gnutls_decode_ber_digest_info: output has incorrect size (%d, expected %d)\n", + test_name, digest_size, raw->size); exit(1); } if (memcmp(raw->data, digest, digest_size) != 0) { - fail("%s: gnutls_decode_ber_digest_info: output does not match the expected\n", test_name); + fail("%s: gnutls_decode_ber_digest_info: output does not match the expected\n", + test_name); exit(1); } @@ -92,8 +97,7 @@ static void encode(const char *test_name, gnutls_digest_algorithm_t hash, } static void decode(const char *test_name, gnutls_digest_algorithm_t hash, - const gnutls_datum_t * raw, const gnutls_datum_t * di, - int res) + const gnutls_datum_t *raw, const gnutls_datum_t *di, int res) { int ret; uint8_t digest[128]; @@ -113,17 +117,20 @@ static void decode(const char *test_name, gnutls_digest_algorithm_t hash, } if (thash != hash) { - fail("%s: gnutls_decode_ber_digest_info: wrong hash, got: %d, expected %d\n", test_name, (int)thash, (int)hash); + fail("%s: gnutls_decode_ber_digest_info: wrong hash, got: %d, expected %d\n", + test_name, (int)thash, (int)hash); exit(1); } if (raw->size != digest_size) { - fail("%s: gnutls_decode_ber_digest_info: output has incorrect size (%d, expected %d)\n", test_name, digest_size, raw->size); + fail("%s: gnutls_decode_ber_digest_info: output has incorrect size (%d, expected %d)\n", + test_name, digest_size, raw->size); exit(1); } if (memcmp(raw->data, digest, digest_size) != 0) { - fail("%s: gnutls_decode_ber_digest_info: output does not match the expected\n", test_name); + fail("%s: gnutls_decode_ber_digest_info: output does not match the expected\n", + test_name); exit(1); } @@ -138,26 +145,18 @@ struct encode_tests_st { }; struct encode_tests_st encode_tests[] = { - { - .name = "rnd1", - .hash = GNUTLS_DIG_SHA1, - .raw = {(void *) - "\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78\xff\xa1\x32\x12", - 20}, - .di = {(void *) - "\x30\x21\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78\xff\xa1\x32\x12", - 35} - }, - { - .name = "rnd2", - .hash = GNUTLS_DIG_SHA256, - .raw = {(void *) - "\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x85\xe3\xf9\x25", - 32}, - .di = {(void *) - "\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x85\xe3\xf9\x25", - 51} - } + { .name = "rnd1", + .hash = GNUTLS_DIG_SHA1, + .raw = { (void *)"\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78\xff\xa1\x32\x12", + 20 }, + .di = { (void *)"\x30\x21\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78\xff\xa1\x32\x12", + 35 } }, + { .name = "rnd2", + .hash = GNUTLS_DIG_SHA256, + .raw = { (void *)"\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x85\xe3\xf9\x25", + 32 }, + .di = { (void *)"\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x85\xe3\xf9\x25", + 51 } } }; struct decode_tests_st { @@ -170,57 +169,44 @@ struct decode_tests_st { struct decode_tests_st decode_tests[] = { { - .name = "dec-rnd1", - .hash = GNUTLS_DIG_SHA1, - .di = {(void *) - "\x30\x21\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78\xff\xa1\x32\x12", - 35}, - .raw = {(void *) - "\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78\xff\xa1\x32\x12", - 20}, - .res = 0, - }, - { - .name = "dec-rnd2", - .hash = GNUTLS_DIG_SHA256, - .raw = {(void *) - "\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x85\xe3\xf9\x25", - 32}, - .di = {(void *) - "\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x85\xe3\xf9\x25", - 51}, - .res = 0, - }, - { - .name = "dec-wrong-tag", - .hash = GNUTLS_DIG_SHA256, - .raw = {(void *) - "\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x85\xe3\xf9\x25", - 32}, - .di = {(void *) - "\x31\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x85\xe3\xf9\x25", - 51}, - .res = GNUTLS_E_ASN1_TAG_ERROR}, - { - .name = "dec-wrong-der", - .hash = GNUTLS_DIG_SHA256, - .raw = {(void *) - "\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x85\xe3\xf9\x25", - 32}, - .di = {(void *) - "\x30\x31\x30\x0c\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x86\xe3\xf9\x25", - 51}, - .res = GNUTLS_E_ASN1_DER_ERROR}, + .name = "dec-rnd1", + .hash = GNUTLS_DIG_SHA1, + .di = { (void *)"\x30\x21\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78\xff\xa1\x32\x12", + 35 }, + .raw = { (void *)"\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78\xff\xa1\x32\x12", + 20 }, + .res = 0, + }, { - .name = "dec-wrong-hash", - .hash = GNUTLS_DIG_SHA256, - .raw = {(void *) - "\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x85\xe3\xf9\x25", - 32}, - .di = {(void *) - "\x30\x31\x30\x0d\x06\x09\x61\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x86\xe3\xf9\x25", - 51}, - .res = GNUTLS_E_UNKNOWN_HASH_ALGORITHM}, + .name = "dec-rnd2", + .hash = GNUTLS_DIG_SHA256, + .raw = { (void *)"\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x85\xe3\xf9\x25", + 32 }, + .di = { (void *)"\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x85\xe3\xf9\x25", + 51 }, + .res = 0, + }, + { .name = "dec-wrong-tag", + .hash = GNUTLS_DIG_SHA256, + .raw = { (void *)"\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x85\xe3\xf9\x25", + 32 }, + .di = { (void *)"\x31\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x85\xe3\xf9\x25", + 51 }, + .res = GNUTLS_E_ASN1_TAG_ERROR }, + { .name = "dec-wrong-der", + .hash = GNUTLS_DIG_SHA256, + .raw = { (void *)"\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x85\xe3\xf9\x25", + 32 }, + .di = { (void *)"\x30\x31\x30\x0c\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x86\xe3\xf9\x25", + 51 }, + .res = GNUTLS_E_ASN1_DER_ERROR }, + { .name = "dec-wrong-hash", + .hash = GNUTLS_DIG_SHA256, + .raw = { (void *)"\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x85\xe3\xf9\x25", + 32 }, + .di = { (void *)"\x30\x31\x30\x0d\x06\x09\x61\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20\x0b\x68\xdf\x4b\x27\xac\xc5\xc5\x52\x43\x74\x32\x39\x5c\x1e\xf5\x6a\xe2\x19\x5a\x58\x75\x81\xa5\x6a\xf5\xbf\x98\x86\xe3\xf9\x25", + 51 }, + .res = GNUTLS_E_UNKNOWN_HASH_ALGORITHM }, }; void doit(void) diff --git a/tests/pkcs11/distrust-after.c b/tests/pkcs11/distrust-after.c index 05165baa5a..c95e8720d6 100644 --- a/tests/pkcs11/distrust-after.c +++ b/tests/pkcs11/distrust-after.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -36,14 +36,14 @@ int main(void) #else -# include -# include -# include -# include +#include +#include +#include +#include -# include "cert-common.h" -# include "pkcs11/softhsm.h" -# include "utils.h" +#include "cert-common.h" +#include "pkcs11/softhsm.h" +#include "utils.h" /* This program tests that CKA_NSS_SERVER_DISTRUST_AFTER is honored * while validating certificate chain. @@ -54,64 +54,64 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "server|<%d>| %s", level, str); } -# define PIN "1234" +#define PIN "1234" -# define CONFIG_NAME "softhsm-distrust-after" -# define CONFIG CONFIG_NAME".config" +#define CONFIG_NAME "softhsm-distrust-after" +#define CONFIG CONFIG_NAME ".config" static const unsigned char chain_pem[] = - "-----BEGIN CERTIFICATE-----" - "MIID5zCCAp+gAwIBAgIUIXzLE8ObVwBGHepbjMWRwW/NpDgwDQYJKoZIhvcNAQEL" - "BQAwGTEXMBUGA1UEAxMOR251VExTIHRlc3QgQ0EwIBcNMjMwMzE0MTAwNDAzWhgP" - "OTk5OTEyMzEyMzU5NTlaMDcxGzAZBgNVBAoTEkdudVRMUyB0ZXN0IHNlcnZlcjEY" - "MBYGA1UEAxMPdGVzdC5nbnV0bHMub3JnMIIBUjANBgkqhkiG9w0BAQEFAAOCAT8A" - "MIIBOgKCATEAtGsnmCWvwf8eyrB+9Ni87UOGZ1Rd2rQewpBfgzwCEfwTcoWyiKRl" - "QQt2XyO+ip/+eUtzOy7HSzy/FsmXVTUX86FySzDC4CeUEvNWAObOgksRXaQem/r6" - "uRsqTRi1uqXmDMeoqKFtqoiE3JYOsmwcNarnx5Q9+dXHwqINS7NuevcIX8UJzRWT" - "GveY3ypMZokk7R/QFmOBZaVYO6HNJWKbmYFUCBcY7HwvCKI7KFcynRdHCob7YrFB" - "meb73qjqIH7zG+666pohZCmS8q1z5RkFnTdT4hGfGF8iuuKLDQCMni+nhz1Avkqi" - "pZIIDC5hwFh8mpnh1qyDOSXPPhvt66NtncvFON7Bx26bNBS+MD6CkB65Spp25O8z" - "DEaiMXL2w2EL+KpnifSl5XY3oSmfgHmqdQIDAQABo4GmMIGjMAwGA1UdEwEB/wQC" - "MAAwGgYDVR0RBBMwEYIPdGVzdC5nbnV0bHMub3JnMCcGA1UdJQQgMB4GCCsGAQUF" - "BwMBBggrBgEFBQcDAwYIKwYBBQUHAwQwDgYDVR0PAQH/BAQDAgWgMB0GA1UdDgQW" - "BBRIIzRTCokxOEpa6sq20qbezh0rGDAfBgNVHSMEGDAWgBQedyNtZzEfkQebli/s" - "/MhG/ozhAzANBgkqhkiG9w0BAQsFAAOCATEAYbQLlr74D62lPEevV/HWLOMG8taY" - "gPld7Z5VApIhsJa913Jya7AOsW+lz48LX3QNTc8Xgj7FVwQeNP1GtBZXCe6U73KB" - "Z+qp1rIEwn2cQVmFG+ShxmUA/gxxmWql2BAORNd5ZCVOcZbMh9uwWjhIQN/SImtW" - "x3ebFgV5N7GPFbw+5NUITLXoLrD7Bixv3iQS8hWwmAmmPZbHAENRauL6jYSjniru" - "SSFYjzJ1trJB6VgpJ2yWfKdcGZmB3osnGshWbayVOaprbH0AWKwOZ/d7sAldjdVw" - "ZsaOhA+6NbvpKYZuw6Tdt0+VmUwGC1ATJGpc0dEXRBaFlt/e+gqQ43Mo+YwiMDYq" - "LDU5nLC6uTSZLtgQHTqb32xmQ/D/y6NkUTH3f4OcxPGxBRVBHjOTk6MhRA==" - "-----END CERTIFICATE-----" - "-----BEGIN CERTIFICATE-----" - "MIIDjTCCAkWgAwIBAgIUejTcfGbOAc9l4IBW+kpAN6A7Sj4wDQYJKoZIhvcNAQEL" - "BQAwGTEXMBUGA1UEAxMOR251VExTIHRlc3QgQ0EwIBcNMjMwMzE0MDk1NzU1WhgP" - "OTk5OTEyMzEyMzU5NTlaMBkxFzAVBgNVBAMTDkdudVRMUyB0ZXN0IENBMIIBUjAN" - "BgkqhkiG9w0BAQEFAAOCAT8AMIIBOgKCATEAnORCsX1unl//fy2d1054XduIg/3C" - "qVBaT3Hca65SEoDwh0KiPtQoOgZLdKY2cobGs/ojYtOjcs0KnlPYdmtjEh6WEhuJ" - "U95v4TQdC4OLMiE56eIGq252hZAbHoTL84Q14DxQWGuzQK830iml7fbw2WcIcRQ8" - "vFGs8SzfXw63+MI6Fq6iMAQIqP08WzGmRRzL5wvCiPhCVkrPmwbXoABub6AAsYwW" - "PJB91M9/lx5gFH5k9/iPfi3s2Kg3F8MOcppqFYjxDSnsfiz6eMh1+bYVIAo367vG" - "VYHigXMEZC2FezlwIHaZzpEoFlY3a7LFJ00yrjQ910r8UE+CEMTYzE40D0olCMo7" - "FA9RCjeO3bUIoYaIdVTUGWEGHWSeoxGei9Gkm6u+ASj8f+i0jxdD2qXsewIDAQAB" - "o2swaTAPBgNVHRMBAf8EBTADAQH/MCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEF" - "BQcDAwYIKwYBBQUHAwQwDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBQedyNtZzEf" - "kQebli/s/MhG/ozhAzANBgkqhkiG9w0BAQsFAAOCATEAa37UdOTvdUfRGwjrodhE" - "tEnRnfrwfQ61RMK5GY07UAks7CjdeWFDLoQfv9oP9kH122hEGAA683xg/CH5OeN0" - "8zrayQKqwcH40SJQDzc748lTgxUIDaf2rrkoF8butpaDaI0fageqjlEvCeZZSuIC" - "KCfZK9NPN47DknuerjOTwrWxvXYRepfSo8VVbjRj8R4qsgJsmJZYQfrAg0XrnKf/" - "UibNPXRCYABsxH4ZFtivg93LaQ05z4IrPSWGOTDQxNBoEC0DVGfSc8XElP0MkF/K" - "BIPsl3Rt2oFNhfViF9Gpzy9Dj1P1kMD6kE7nBDiRBUPNJZBiJSGVTMZTMc2tg42W" - "QcUYnUUzOpQWg1tcOZy4s+EuJ0bEWhSkFfSN3ENxsHXNCYYHgeadATcGbzTxD6ib" - "eA==" "-----END CERTIFICATE-----"; - -static const gnutls_datum_t chain = { - (unsigned char *)chain_pem, sizeof(chain_pem) - 1 -}; - -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) + "-----BEGIN CERTIFICATE-----" + "MIID5zCCAp+gAwIBAgIUIXzLE8ObVwBGHepbjMWRwW/NpDgwDQYJKoZIhvcNAQEL" + "BQAwGTEXMBUGA1UEAxMOR251VExTIHRlc3QgQ0EwIBcNMjMwMzE0MTAwNDAzWhgP" + "OTk5OTEyMzEyMzU5NTlaMDcxGzAZBgNVBAoTEkdudVRMUyB0ZXN0IHNlcnZlcjEY" + "MBYGA1UEAxMPdGVzdC5nbnV0bHMub3JnMIIBUjANBgkqhkiG9w0BAQEFAAOCAT8A" + "MIIBOgKCATEAtGsnmCWvwf8eyrB+9Ni87UOGZ1Rd2rQewpBfgzwCEfwTcoWyiKRl" + "QQt2XyO+ip/+eUtzOy7HSzy/FsmXVTUX86FySzDC4CeUEvNWAObOgksRXaQem/r6" + "uRsqTRi1uqXmDMeoqKFtqoiE3JYOsmwcNarnx5Q9+dXHwqINS7NuevcIX8UJzRWT" + "GveY3ypMZokk7R/QFmOBZaVYO6HNJWKbmYFUCBcY7HwvCKI7KFcynRdHCob7YrFB" + "meb73qjqIH7zG+666pohZCmS8q1z5RkFnTdT4hGfGF8iuuKLDQCMni+nhz1Avkqi" + "pZIIDC5hwFh8mpnh1qyDOSXPPhvt66NtncvFON7Bx26bNBS+MD6CkB65Spp25O8z" + "DEaiMXL2w2EL+KpnifSl5XY3oSmfgHmqdQIDAQABo4GmMIGjMAwGA1UdEwEB/wQC" + "MAAwGgYDVR0RBBMwEYIPdGVzdC5nbnV0bHMub3JnMCcGA1UdJQQgMB4GCCsGAQUF" + "BwMBBggrBgEFBQcDAwYIKwYBBQUHAwQwDgYDVR0PAQH/BAQDAgWgMB0GA1UdDgQW" + "BBRIIzRTCokxOEpa6sq20qbezh0rGDAfBgNVHSMEGDAWgBQedyNtZzEfkQebli/s" + "/MhG/ozhAzANBgkqhkiG9w0BAQsFAAOCATEAYbQLlr74D62lPEevV/HWLOMG8taY" + "gPld7Z5VApIhsJa913Jya7AOsW+lz48LX3QNTc8Xgj7FVwQeNP1GtBZXCe6U73KB" + "Z+qp1rIEwn2cQVmFG+ShxmUA/gxxmWql2BAORNd5ZCVOcZbMh9uwWjhIQN/SImtW" + "x3ebFgV5N7GPFbw+5NUITLXoLrD7Bixv3iQS8hWwmAmmPZbHAENRauL6jYSjniru" + "SSFYjzJ1trJB6VgpJ2yWfKdcGZmB3osnGshWbayVOaprbH0AWKwOZ/d7sAldjdVw" + "ZsaOhA+6NbvpKYZuw6Tdt0+VmUwGC1ATJGpc0dEXRBaFlt/e+gqQ43Mo+YwiMDYq" + "LDU5nLC6uTSZLtgQHTqb32xmQ/D/y6NkUTH3f4OcxPGxBRVBHjOTk6MhRA==" + "-----END CERTIFICATE-----" + "-----BEGIN CERTIFICATE-----" + "MIIDjTCCAkWgAwIBAgIUejTcfGbOAc9l4IBW+kpAN6A7Sj4wDQYJKoZIhvcNAQEL" + "BQAwGTEXMBUGA1UEAxMOR251VExTIHRlc3QgQ0EwIBcNMjMwMzE0MDk1NzU1WhgP" + "OTk5OTEyMzEyMzU5NTlaMBkxFzAVBgNVBAMTDkdudVRMUyB0ZXN0IENBMIIBUjAN" + "BgkqhkiG9w0BAQEFAAOCAT8AMIIBOgKCATEAnORCsX1unl//fy2d1054XduIg/3C" + "qVBaT3Hca65SEoDwh0KiPtQoOgZLdKY2cobGs/ojYtOjcs0KnlPYdmtjEh6WEhuJ" + "U95v4TQdC4OLMiE56eIGq252hZAbHoTL84Q14DxQWGuzQK830iml7fbw2WcIcRQ8" + "vFGs8SzfXw63+MI6Fq6iMAQIqP08WzGmRRzL5wvCiPhCVkrPmwbXoABub6AAsYwW" + "PJB91M9/lx5gFH5k9/iPfi3s2Kg3F8MOcppqFYjxDSnsfiz6eMh1+bYVIAo367vG" + "VYHigXMEZC2FezlwIHaZzpEoFlY3a7LFJ00yrjQ910r8UE+CEMTYzE40D0olCMo7" + "FA9RCjeO3bUIoYaIdVTUGWEGHWSeoxGei9Gkm6u+ASj8f+i0jxdD2qXsewIDAQAB" + "o2swaTAPBgNVHRMBAf8EBTADAQH/MCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEF" + "BQcDAwYIKwYBBQUHAwQwDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBQedyNtZzEf" + "kQebli/s/MhG/ozhAzANBgkqhkiG9w0BAQsFAAOCATEAa37UdOTvdUfRGwjrodhE" + "tEnRnfrwfQ61RMK5GY07UAks7CjdeWFDLoQfv9oP9kH122hEGAA683xg/CH5OeN0" + "8zrayQKqwcH40SJQDzc748lTgxUIDaf2rrkoF8butpaDaI0fageqjlEvCeZZSuIC" + "KCfZK9NPN47DknuerjOTwrWxvXYRepfSo8VVbjRj8R4qsgJsmJZYQfrAg0XrnKf/" + "UibNPXRCYABsxH4ZFtivg93LaQ05z4IrPSWGOTDQxNBoEC0DVGfSc8XElP0MkF/K" + "BIPsl3Rt2oFNhfViF9Gpzy9Dj1P1kMD6kE7nBDiRBUPNJZBiJSGVTMZTMc2tg42W" + "QcUYnUUzOpQWg1tcOZy4s+EuJ0bEWhSkFfSN3ENxsHXNCYYHgeadATcGbzTxD6ib" + "eA==" + "-----END CERTIFICATE-----"; + +static const gnutls_datum_t chain = { (unsigned char *)chain_pem, + sizeof(chain_pem) - 1 }; + +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -154,23 +154,22 @@ static void test(const char *provider, const char *purpose, bool succeeds) fail("gnutls_pkcs11_token_init: %s\n", gnutls_strerror(ret)); } - ret = - gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, - GNUTLS_PIN_USER); + ret = gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, + GNUTLS_PIN_USER); if (ret < 0) { fail("gnutls_pkcs11_token_set_pin: %s\n", gnutls_strerror(ret)); } gnutls_x509_trust_list_init(&tl, 0); - ret = gnutls_x509_trust_list_add_trust_file(tl, SOFTHSM_URL, NULL, - 0, 0, 0); + ret = gnutls_x509_trust_list_add_trust_file(tl, SOFTHSM_URL, NULL, 0, 0, + 0); if (ret < 0) { fail("gnutls_x509_trust_list_add_trust_file\n"); } - ret = gnutls_x509_crt_list_import2(&certs, &count, - &chain, GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_x509_crt_list_import2(&certs, &count, &chain, + GNUTLS_X509_FMT_PEM, 0); if (ret < 0) { fail("gnutls_x509_crt_import: %s\n", gnutls_strerror(ret)); } @@ -178,10 +177,11 @@ static void test(const char *provider, const char *purpose, bool succeeds) assert(count == 2); /* Use the ICA (instead of the actual root CA) for simplicity. */ - ret = gnutls_pkcs11_copy_x509_crt(SOFTHSM_URL, certs[1], "ca", - GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED | - GNUTLS_PKCS11_OBJ_FLAG_MARK_CA | - GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO); + ret = gnutls_pkcs11_copy_x509_crt( + SOFTHSM_URL, certs[1], "ca", + GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED | + GNUTLS_PKCS11_OBJ_FLAG_MARK_CA | + GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_crt: %s\n", gnutls_strerror(ret)); } @@ -189,8 +189,8 @@ static void test(const char *provider, const char *purpose, bool succeeds) vdata.type = GNUTLS_DT_KEY_PURPOSE_OID; vdata.data = (void *)purpose; - ret = gnutls_x509_trust_list_verify_crt2(tl, certs, 1, &vdata, 1, - 0, &status, NULL); + ret = gnutls_x509_trust_list_verify_crt2(tl, certs, 1, &vdata, 1, 0, + &status, NULL); if (ret < 0) { fail("gnutls_x509_trust_list_verify_crt2: %s\n", gnutls_strerror(ret)); @@ -236,16 +236,18 @@ void doit(void) set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); test(lib, GNUTLS_KP_TLS_WWW_SERVER, true); set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); test(lib, GNUTLS_KP_EMAIL_PROTECTION, true); @@ -257,18 +259,20 @@ void doit(void) set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); test(lib, GNUTLS_KP_TLS_WWW_SERVER, false); set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); test(lib, GNUTLS_KP_EMAIL_PROTECTION, true); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/pkcs11/gnutls_pcert_list_import_x509_file.c b/tests/pkcs11/gnutls_pcert_list_import_x509_file.c index 6554609ab4..b6d79c81f6 100644 --- a/tests/pkcs11/gnutls_pcert_list_import_x509_file.c +++ b/tests/pkcs11/gnutls_pcert_list_import_x509_file.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -41,7 +41,7 @@ */ #define CONFIG_NAME "softhsm-import-url" -#define CONFIG CONFIG_NAME".config" +#define CONFIG CONFIG_NAME ".config" #include "../test-chains.h" @@ -52,9 +52,9 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -63,7 +63,7 @@ int pin_func(void *userdata, int attempt, const char *url, const char *label, return -1; } -static int comp_cert(gnutls_pcert_st * pcert, unsigned i) +static int comp_cert(gnutls_pcert_st *pcert, unsigned i) { int ret; gnutls_datum_t data; @@ -109,10 +109,10 @@ static void load_cert(const char *url, unsigned i) fail("error[%d]: %s\n", i, gnutls_strerror(ret)); snprintf(name, sizeof(name), "cert-%d", i); - ret = - gnutls_pkcs11_copy_x509_crt(url, crt, name, - GNUTLS_PKCS11_OBJ_FLAG_LOGIN | - GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE); + ret = gnutls_pkcs11_copy_x509_crt( + url, crt, name, + GNUTLS_PKCS11_OBJ_FLAG_LOGIN | + GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE); if (ret < 0) fail("error[%d]: %s\n", i, gnutls_strerror(ret)); @@ -173,8 +173,9 @@ void doit(void) set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); ret = gnutls_pkcs11_add_provider(lib, NULL); @@ -189,9 +190,8 @@ void doit(void) fail("gnutls_pkcs11_token_init: %s\n", gnutls_strerror(ret)); } - ret = - gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, - GNUTLS_PIN_USER); + ret = gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, + GNUTLS_PIN_USER); if (ret < 0) { fail("gnutls_pkcs11_token_set_pin: %s\n", gnutls_strerror(ret)); } @@ -201,19 +201,17 @@ void doit(void) success("import from URI\n"); pcerts_size = 2; - ret = - gnutls_pcert_list_import_x509_file(pcerts, &pcerts_size, - SOFTHSM_URL ";object=cert-0", - GNUTLS_X509_FMT_PEM, pin_func, - NULL, 0); + ret = gnutls_pcert_list_import_x509_file(pcerts, &pcerts_size, + SOFTHSM_URL ";object=cert-0", + GNUTLS_X509_FMT_PEM, pin_func, + NULL, 0); assert(ret == GNUTLS_E_SHORT_MEMORY_BUFFER); pcerts_size = sizeof(pcerts) / sizeof(pcerts[0]); - ret = - gnutls_pcert_list_import_x509_file(pcerts, &pcerts_size, - SOFTHSM_URL ";object=cert-0", - GNUTLS_X509_FMT_PEM, pin_func, - NULL, 0); + ret = gnutls_pcert_list_import_x509_file(pcerts, &pcerts_size, + SOFTHSM_URL ";object=cert-0", + GNUTLS_X509_FMT_PEM, pin_func, + NULL, 0); if (ret < 0) fail("cannot load certs: %s\n", gnutls_strerror(ret)); diff --git a/tests/pkcs11/gnutls_x509_crt_list_import_url.c b/tests/pkcs11/gnutls_x509_crt_list_import_url.c index 3767bb6a26..5debfe2b09 100644 --- a/tests/pkcs11/gnutls_x509_crt_list_import_url.c +++ b/tests/pkcs11/gnutls_x509_crt_list_import_url.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -41,7 +41,7 @@ */ #define CONFIG_NAME "x509-crt-list-import-url" -#define CONFIG CONFIG_NAME".config" +#define CONFIG CONFIG_NAME ".config" #include "../test-chains.h" @@ -52,9 +52,9 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -104,10 +104,10 @@ static void load_cert(const char *url, unsigned i) fail("error[%d]: %s\n", i, gnutls_strerror(ret)); snprintf(name, sizeof(name), "cert-%d", i); - ret = - gnutls_pkcs11_copy_x509_crt(url, crt, name, - GNUTLS_PKCS11_OBJ_FLAG_LOGIN | - GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE); + ret = gnutls_pkcs11_copy_x509_crt( + url, crt, name, + GNUTLS_PKCS11_OBJ_FLAG_LOGIN | + GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE); if (ret < 0) fail("error[%d]: %s\n", i, gnutls_strerror(ret)); @@ -153,8 +153,9 @@ void doit(void) set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); ret = gnutls_pkcs11_add_provider(lib, NULL); @@ -169,9 +170,8 @@ void doit(void) fail("gnutls_pkcs11_token_init: %s\n", gnutls_strerror(ret)); } - ret = - gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, - GNUTLS_PIN_USER); + ret = gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, + GNUTLS_PIN_USER); if (ret < 0) { fail("gnutls_pkcs11_token_set_pin: %s\n", gnutls_strerror(ret)); } @@ -180,19 +180,17 @@ void doit(void) gnutls_pkcs11_set_pin_function(NULL, NULL); /* try importing without login */ - ret = - gnutls_x509_crt_list_import_url(&crts, &crts_size, - SOFTHSM_URL ";object=cert-0", - pin_func, NULL, 0); + ret = gnutls_x509_crt_list_import_url(&crts, &crts_size, + SOFTHSM_URL ";object=cert-0", + pin_func, NULL, 0); if (ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) fail("cannot load certs: %s\n", gnutls_strerror(ret)); /* try importing with login */ - ret = - gnutls_x509_crt_list_import_url(&crts, &crts_size, - SOFTHSM_URL ";object=cert-0", - pin_func, NULL, - GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_x509_crt_list_import_url(&crts, &crts_size, + SOFTHSM_URL ";object=cert-0", + pin_func, NULL, + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) fail("cannot load certs: %s\n", gnutls_strerror(ret)); diff --git a/tests/pkcs11/list-objects.c b/tests/pkcs11/list-objects.c index 5cc727f766..890e76b6e5 100644 --- a/tests/pkcs11/list-objects.c +++ b/tests/pkcs11/list-objects.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -48,9 +48,9 @@ static void tls_log_func(int level, const char *str) static const char *opt_pin; -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, opt_pin); @@ -124,9 +124,8 @@ int main(int argc, char **argv) flags = 0; } - ret = - gnutls_pkcs11_obj_list_import_url2(&crt_list, &crt_list_size, - url, attrs, obj_flags); + ret = gnutls_pkcs11_obj_list_import_url2(&crt_list, &crt_list_size, url, + attrs, obj_flags); if (ret != 0) { fprintf(stderr, "error at %d: %s\n", __LINE__, gnutls_strerror(ret)); diff --git a/tests/pkcs11/list-tokens.c b/tests/pkcs11/list-tokens.c index a32ca326e4..8fa4b58035 100644 --- a/tests/pkcs11/list-tokens.c +++ b/tests/pkcs11/list-tokens.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -47,10 +47,9 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -int -_gnutls_pkcs11_token_get_url(unsigned int seq, - gnutls_pkcs11_url_type_t detailed, char **url, - unsigned flags); +int _gnutls_pkcs11_token_get_url(unsigned int seq, + gnutls_pkcs11_url_type_t detailed, char **url, + unsigned flags); int main(int argc, char **argv) { @@ -83,8 +82,8 @@ int main(int argc, char **argv) break; case 'm': /* initialize manually - i.e., do no module loading */ - ret = - gnutls_pkcs11_init(GNUTLS_PKCS11_FLAG_MANUAL, NULL); + ret = gnutls_pkcs11_init(GNUTLS_PKCS11_FLAG_MANUAL, + NULL); if (ret != 0) { fprintf(stderr, "error at %d: %s\n", __LINE__, gnutls_strerror(ret)); @@ -122,9 +121,8 @@ int main(int argc, char **argv) break; case 't': /* do trusted module loading */ - ret = - gnutls_pkcs11_init(GNUTLS_PKCS11_FLAG_AUTO_TRUSTED, - NULL); + ret = gnutls_pkcs11_init( + GNUTLS_PKCS11_FLAG_AUTO_TRUSTED, NULL); if (ret != 0) { fprintf(stderr, "error at %d: %s\n", __LINE__, gnutls_strerror(ret)); @@ -134,12 +132,13 @@ int main(int argc, char **argv) case 'v': /* do verification which should trigger trusted module loading */ assert(gnutls_x509_crt_init(&crt) >= 0); - assert(gnutls_x509_crt_import - (crt, &ca3_cert, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_x509_crt_import(crt, &ca3_cert, + GNUTLS_X509_FMT_PEM) >= + 0); assert(gnutls_x509_trust_list_init(&tl, 0) >= 0); - assert(gnutls_x509_trust_list_add_system_trust(tl, 0, 0) - >= 0); + assert(gnutls_x509_trust_list_add_system_trust(tl, 0, + 0) >= 0); gnutls_x509_trust_list_verify_crt2(tl, &crt, 1, NULL, 0, 0, &status, NULL); gnutls_x509_trust_list_deinit(tl, 1); diff --git a/tests/pkcs11/pkcs11-cert-import-url-exts.c b/tests/pkcs11/pkcs11-cert-import-url-exts.c index d5f3a3b18c..6e0b20050d 100644 --- a/tests/pkcs11/pkcs11-cert-import-url-exts.c +++ b/tests/pkcs11/pkcs11-cert-import-url-exts.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -38,12 +38,12 @@ /* Tests the certificate extension override in "trusted" PKCS#11 modules */ #ifdef _WIN32 -# define P11LIB "libpkcs11mock1.dll" +#define P11LIB "libpkcs11mock1.dll" #else -# define P11LIB "libpkcs11mock1.so" +#define P11LIB "libpkcs11mock1.so" #endif -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1424466893; @@ -92,16 +92,16 @@ void doit(void) assert(gnutls_x509_crt_init(&ocrt) >= 0); /* check high level certificate functions */ - ret = - gnutls_x509_crt_import_url(crt, "pkcs11:type=cert;object=cert1", 0); + ret = gnutls_x509_crt_import_url(crt, "pkcs11:type=cert;object=cert1", + 0); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_crt_import_url(ocrt, "pkcs11:type=cert;object=cert1", - GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT); + ret = gnutls_x509_crt_import_url( + ocrt, "pkcs11:type=cert;object=cert1", + GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); @@ -129,9 +129,8 @@ void doit(void) exit(1); } - if (keyusage != - (GNUTLS_KEY_KEY_ENCIPHERMENT | GNUTLS_KEY_ENCIPHER_ONLY | - GNUTLS_KEY_KEY_CERT_SIGN)) { + if (keyusage != (GNUTLS_KEY_KEY_ENCIPHERMENT | + GNUTLS_KEY_ENCIPHER_ONLY | GNUTLS_KEY_KEY_CERT_SIGN)) { fail("Extension does not have the expected key usage!\n"); } diff --git a/tests/pkcs11/pkcs11-cert-import-url4-exts.c b/tests/pkcs11/pkcs11-cert-import-url4-exts.c index af20493fa3..7119af8f6a 100644 --- a/tests/pkcs11/pkcs11-cert-import-url4-exts.c +++ b/tests/pkcs11/pkcs11-cert-import-url4-exts.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -38,12 +38,12 @@ /* Tests the certificate extension override in "trusted" PKCS#11 modules */ #ifdef _WIN32 -# define P11LIB "libpkcs11mock1.dll" +#define P11LIB "libpkcs11mock1.dll" #else -# define P11LIB "libpkcs11mock1.so" +#define P11LIB "libpkcs11mock1.so" #endif -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1424466893; @@ -96,19 +96,16 @@ void doit(void) assert(gnutls_x509_crt_init(&ocrt) >= 0); /* check low level certificate import functions */ - ret = - gnutls_pkcs11_obj_list_import_url4(&plist, &plist_size, - "pkcs11:type=cert;object=cert1", - 0); + ret = gnutls_pkcs11_obj_list_import_url4( + &plist, &plist_size, "pkcs11:type=cert;object=cert1", 0); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); } - ret = - gnutls_pkcs11_obj_list_import_url4(&plist2, &plist2_size, - "pkcs11:type=cert;object=cert1", - GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT); + ret = gnutls_pkcs11_obj_list_import_url4( + &plist2, &plist2_size, "pkcs11:type=cert;object=cert1", + GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); @@ -158,9 +155,8 @@ void doit(void) exit(1); } - if (keyusage != - (GNUTLS_KEY_KEY_ENCIPHERMENT | GNUTLS_KEY_ENCIPHER_ONLY | - GNUTLS_KEY_KEY_CERT_SIGN)) { + if (keyusage != (GNUTLS_KEY_KEY_ENCIPHERMENT | + GNUTLS_KEY_ENCIPHER_ONLY | GNUTLS_KEY_KEY_CERT_SIGN)) { fail("Extension does not have the expected key usage!\n"); } diff --git a/tests/pkcs11/pkcs11-chainverify.c b/tests/pkcs11/pkcs11-chainverify.c index e84ca8f850..235fc92cd9 100644 --- a/tests/pkcs11/pkcs11-chainverify.c +++ b/tests/pkcs11/pkcs11-chainverify.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -44,7 +44,7 @@ static time_t then = DEFAULT_THEN; verifying certificates. To avoid a time bomb, we hard code the current time. This should work fine on systems where the library call to time is resolved at run-time. */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { if (t) *t = then; @@ -57,9 +57,9 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, "1234"); @@ -80,7 +80,7 @@ void doit(void) if (gnutls_fips140_mode_enabled()) exit(77); - /* The overloading of time() seems to work in linux (ELF?) + /* The overloading of time() seems to work in linux (ELF?) * systems only. Disable it on windows. */ #ifdef _WIN32 @@ -104,9 +104,10 @@ void doit(void) gnutls_global_set_log_level(4711); set_softhsm_conf(CONFIG); - snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin 1234 --pin 1234", - bin); + snprintf( + buf, sizeof(buf), + "%s --init-token --slot 0 --label test --so-pin 1234 --pin 1234", + bin); system(buf); ret = gnutls_pkcs11_add_provider(lib, "trusted"); @@ -153,9 +154,8 @@ void doit(void) tmp.data = (unsigned char *)chains[i].chain[j]; tmp.size = strlen(chains[i].chain[j]); - ret = - gnutls_x509_crt_import(certs[j], &tmp, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(certs[j], &tmp, + GNUTLS_X509_FMT_PEM); if (debug > 2) printf("done\n"); if (ret < 0) { @@ -213,12 +213,11 @@ void doit(void) } /* write CA certificate to softhsm */ - ret = - gnutls_pkcs11_copy_x509_crt(SOFTHSM_URL, ca, "test-ca", - GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED - | GNUTLS_PKCS11_OBJ_FLAG_MARK_CA - | - GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO); + ret = gnutls_pkcs11_copy_x509_crt( + SOFTHSM_URL, ca, "test-ca", + GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED | + GNUTLS_PKCS11_OBJ_FLAG_MARK_CA | + GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_crt: %s\n", gnutls_strerror(ret)); @@ -226,9 +225,8 @@ void doit(void) gnutls_x509_trust_list_init(&tl, 0); - ret = - gnutls_x509_trust_list_add_trust_file(tl, SOFTHSM_URL, NULL, - 0, 0, 0); + ret = gnutls_x509_trust_list_add_trust_file(tl, SOFTHSM_URL, + NULL, 0, 0, 0); if (ret < 0) { fail("gnutls_x509_trust_list_add_trust_file: %s\n", gnutls_strerror(ret)); @@ -242,21 +240,19 @@ void doit(void) /* test trust list iteration */ get_ca_iter = NULL; - while (gnutls_x509_trust_list_iter_get_ca - (tl, &get_ca_iter, &get_ca_crt) == 0) { - ret = - gnutls_x509_crt_export2(get_ca_crt, - GNUTLS_X509_FMT_PEM, - &get_ca_datum_test); + while (gnutls_x509_trust_list_iter_get_ca(tl, &get_ca_iter, + &get_ca_crt) == 0) { + ret = gnutls_x509_crt_export2(get_ca_crt, + GNUTLS_X509_FMT_PEM, + &get_ca_datum_test); if (ret < 0) { fail("gnutls_x509_crt_export2: %s\n", gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_crt_export2(ca, GNUTLS_X509_FMT_PEM, - &get_ca_datum); + ret = gnutls_x509_crt_export2(ca, GNUTLS_X509_FMT_PEM, + &get_ca_datum); if (ret < 0) { fail("gnutls_x509_crt_export2: %s\n", gnutls_strerror(ret)); @@ -266,7 +262,9 @@ void doit(void) if (get_ca_datum_test.size != get_ca_datum.size || memcmp(get_ca_datum_test.data, get_ca_datum.data, get_ca_datum.size) != 0) { - fail("gnutls_x509_trist_list_iter_get_ca: Unexpected certificate (%u != %u):\n\n%s\n\nvs.\n\n%s", get_ca_datum.size, get_ca_datum_test.size, get_ca_datum.data, get_ca_datum_test.data); + fail("gnutls_x509_trist_list_iter_get_ca: Unexpected certificate (%u != %u):\n\n%s\n\nvs.\n\n%s", + get_ca_datum.size, get_ca_datum_test.size, + get_ca_datum.data, get_ca_datum_test.data); exit(1); } @@ -284,12 +282,9 @@ void doit(void) then = DEFAULT_THEN; /* make sure that the two functions don't diverge */ - ret = gnutls_x509_trust_list_verify_crt2(tl, certs, j, - vdata, - chains[i].purpose == - NULL ? 0 : 1, - chains[i].verify_flags, - &verify_status, NULL); + ret = gnutls_x509_trust_list_verify_crt2( + tl, certs, j, vdata, chains[i].purpose == NULL ? 0 : 1, + chains[i].verify_flags, &verify_status, NULL); if (ret < 0) { fprintf(stderr, "gnutls_x509_crt_list_verify[%d,%d]: %s\n", @@ -299,14 +294,14 @@ void doit(void) if (verify_status != chains[i].expected_verify_result) { gnutls_datum_t out1, out2; - gnutls_certificate_verification_status_print - (verify_status, GNUTLS_CRT_X509, &out1, 0); - gnutls_certificate_verification_status_print(chains - [i]. - expected_verify_result, - GNUTLS_CRT_X509, - &out2, 0); - fail("chain[%s]:\nverify_status: %d: %s\nexpected: %d: %s\n", chains[i].name, verify_status, out1.data, chains[i].expected_verify_result, out2.data); + gnutls_certificate_verification_status_print( + verify_status, GNUTLS_CRT_X509, &out1, 0); + gnutls_certificate_verification_status_print( + chains[i].expected_verify_result, + GNUTLS_CRT_X509, &out2, 0); + fail("chain[%s]:\nverify_status: %d: %s\nexpected: %d: %s\n", + chains[i].name, verify_status, out1.data, + chains[i].expected_verify_result, out2.data); gnutls_free(out1.data); gnutls_free(out2.data); diff --git a/tests/pkcs11/pkcs11-combo.c b/tests/pkcs11/pkcs11-combo.c index 7a15b13b21..777a299de4 100644 --- a/tests/pkcs11/pkcs11-combo.c +++ b/tests/pkcs11/pkcs11-combo.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -41,132 +41,133 @@ #include "softhsm.h" #define NAME "softhsm-combo" -#define CONFIG NAME".config" +#define CONFIG NAME ".config" /* These CAs have the same DN */ static const char *ca_list[MAX_CHAIN] = { "-----BEGIN CERTIFICATE-----\n" - "MIIHSjCCBjKgAwIBAgIKYRHt9wABAAAAFTANBgkqhkiG9w0BAQUFADBSMQswCQYD\n" - "VQQGEwJVUzEaMBgGA1UEChMRSW50ZWwgQ29ycG9yYXRpb24xJzAlBgNVBAMTHklu\n" - "dGVsIEludHJhbmV0IEJhc2ljIFBvbGljeSBDQTAeFw0xMzAyMDQyMTUyMThaFw0x\n" - "ODA1MjQxOTU5MzlaMFYxCzAJBgNVBAYTAlVTMRowGAYDVQQKExFJbnRlbCBDb3Jw\n" - "b3JhdGlvbjErMCkGA1UEAxMiSW50ZWwgSW50cmFuZXQgQmFzaWMgSXNzdWluZyBD\n" - "QSAyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALn3ogjraWSmK5Wb\n" - "/4e9mENA1F36FBVemaG7L93ZhRRXq4UV0PQM5/4TOe9KAaOlX+a2cuULeeUtN9Rk\n" - "V/nHAVzSWlqc/NTMJfuI/1AD7ICNejQFYLxDMXGjR7eAHtiMz0iTMp9u6YTw4WXh\n" - "WffqTPiqUZ6DEWsMic9dM9yw/JqzycKClLcTD1OCvtw7Fx4tNTu6/ngrYJcTo29e\n" - "BBh/DupgtgnYPYuExEkHmucb4VIDdjfRkPo/BdNqrUSYfYqnUDj5mH+hPzIgppsZ\n" - "Rw0S5PUZGuC1f+Zok+4vZPR+hGG3Pdm2LTUEWSnurlhyfBoM+0yxeHsmL9aHU7zt\n" - "EIzVmKUCAwEAAaOCBBwwggQYMBIGCSsGAQQBgjcVAQQFAgMCAAIwIwYJKwYBBAGC\n" - "NxUCBBYEFMqHyYZOx6LYwRwZ+5vjOyIl9hENMB0GA1UdDgQWBBQ4Y3b6tgU6qVlP\n" - "SoeNoIO3fpE6CzAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMC\n" - "AYYwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBRp6zCRHAOAgE4RFYhG\n" - "pOJBmtNpHzCCAaIGA1UdHwSCAZkwggGVMIIBkaCCAY2gggGJhlFodHRwOi8vd3d3\n" - "LmludGVsLmNvbS9yZXBvc2l0b3J5L0NSTC9JbnRlbCUyMEludHJhbmV0JTIwQmFz\n" - "aWMlMjBQb2xpY3klMjBDQSgxKS5jcmyGWmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuaW50\n" - "ZWwuY29tL3JlcG9zaXRvcnkvQ1JML0ludGVsJTIwSW50cmFuZXQlMjBCYXNpYyUy\n" - "MFBvbGljeSUyMENBKDEpLmNybIaB12xkYXA6Ly8vQ049SW50ZWwlMjBJbnRyYW5l\n" - "dCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSksQ049bWNzaWJwY2EsQ049Q0RQLENO\n" - "PVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3Vy\n" - "YXRpb24sREM9Y29ycCxEQz1pbnRlbCxEQz1jb20/Y2VydGlmaWNhdGVSZXZvY2F0\n" - "aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MIIB\n" - "uQYIKwYBBQUHAQEEggGrMIIBpzBmBggrBgEFBQcwAoZaaHR0cDovL3d3dy5pbnRl\n" - "bC5jb20vcmVwb3NpdG9yeS9jZXJ0aWZpY2F0ZXMvSW50ZWwlMjBJbnRyYW5ldCUy\n" - "MEJhc2ljJTIwUG9saWN5JTIwQ0EoMSkuY3J0MG8GCCsGAQUFBzAChmNodHRwOi8v\n" - "Y2VydGlmaWNhdGVzLmludGVsLmNvbS9yZXBvc2l0b3J5L2NlcnRpZmljYXRlcy9J\n" - "bnRlbCUyMEludHJhbmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgxKS5jcnQwgcsG\n" - "CCsGAQUFBzAChoG+bGRhcDovLy9DTj1JbnRlbCUyMEludHJhbmV0JTIwQmFzaWMl\n" - "MjBQb2xpY3klMjBDQSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMs\n" - "Q049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1jb3JwLERDPWludGVsLERD\n" - "PWNvbT9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNhdGlv\n" - "bkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAsj8cHt2jSAmnIGulE9jXooAc\n" - "qH2xehlI+ko/al+nDnBzbjDYYjVS52XitYg8JGo6j72ijiGlGb/03FcQJRBZmUH6\n" - "znktx2rGTm4IdjL8quhvHthlzXXCozL8GMeeOuZ5rzHlhapKx764a5RuZtyx89uS\n" - "9cECon6oLGesXjFJ8Xrq6ecHZrQwJUpmvZalwvloKACAWqBh8yV12WDnUNZhtp8N\n" - "8rqeJZoy/lXGnTxsSSodO/5Y/CxYJM4W6u4WgvXNJSjO/0qWvb64S+pVLjBzwI+Y\n" - "X6oLqmBovRp1lGPOLjkXZi3EKDR8DmzhtpJq2677RtYowewnFedQ+exH9cXoJw==\n" - "-----END CERTIFICATE-----", + "MIIHSjCCBjKgAwIBAgIKYRHt9wABAAAAFTANBgkqhkiG9w0BAQUFADBSMQswCQYD\n" + "VQQGEwJVUzEaMBgGA1UEChMRSW50ZWwgQ29ycG9yYXRpb24xJzAlBgNVBAMTHklu\n" + "dGVsIEludHJhbmV0IEJhc2ljIFBvbGljeSBDQTAeFw0xMzAyMDQyMTUyMThaFw0x\n" + "ODA1MjQxOTU5MzlaMFYxCzAJBgNVBAYTAlVTMRowGAYDVQQKExFJbnRlbCBDb3Jw\n" + "b3JhdGlvbjErMCkGA1UEAxMiSW50ZWwgSW50cmFuZXQgQmFzaWMgSXNzdWluZyBD\n" + "QSAyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALn3ogjraWSmK5Wb\n" + "/4e9mENA1F36FBVemaG7L93ZhRRXq4UV0PQM5/4TOe9KAaOlX+a2cuULeeUtN9Rk\n" + "V/nHAVzSWlqc/NTMJfuI/1AD7ICNejQFYLxDMXGjR7eAHtiMz0iTMp9u6YTw4WXh\n" + "WffqTPiqUZ6DEWsMic9dM9yw/JqzycKClLcTD1OCvtw7Fx4tNTu6/ngrYJcTo29e\n" + "BBh/DupgtgnYPYuExEkHmucb4VIDdjfRkPo/BdNqrUSYfYqnUDj5mH+hPzIgppsZ\n" + "Rw0S5PUZGuC1f+Zok+4vZPR+hGG3Pdm2LTUEWSnurlhyfBoM+0yxeHsmL9aHU7zt\n" + "EIzVmKUCAwEAAaOCBBwwggQYMBIGCSsGAQQBgjcVAQQFAgMCAAIwIwYJKwYBBAGC\n" + "NxUCBBYEFMqHyYZOx6LYwRwZ+5vjOyIl9hENMB0GA1UdDgQWBBQ4Y3b6tgU6qVlP\n" + "SoeNoIO3fpE6CzAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMC\n" + "AYYwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBRp6zCRHAOAgE4RFYhG\n" + "pOJBmtNpHzCCAaIGA1UdHwSCAZkwggGVMIIBkaCCAY2gggGJhlFodHRwOi8vd3d3\n" + "LmludGVsLmNvbS9yZXBvc2l0b3J5L0NSTC9JbnRlbCUyMEludHJhbmV0JTIwQmFz\n" + "aWMlMjBQb2xpY3klMjBDQSgxKS5jcmyGWmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuaW50\n" + "ZWwuY29tL3JlcG9zaXRvcnkvQ1JML0ludGVsJTIwSW50cmFuZXQlMjBCYXNpYyUy\n" + "MFBvbGljeSUyMENBKDEpLmNybIaB12xkYXA6Ly8vQ049SW50ZWwlMjBJbnRyYW5l\n" + "dCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSksQ049bWNzaWJwY2EsQ049Q0RQLENO\n" + "PVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3Vy\n" + "YXRpb24sREM9Y29ycCxEQz1pbnRlbCxEQz1jb20/Y2VydGlmaWNhdGVSZXZvY2F0\n" + "aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MIIB\n" + "uQYIKwYBBQUHAQEEggGrMIIBpzBmBggrBgEFBQcwAoZaaHR0cDovL3d3dy5pbnRl\n" + "bC5jb20vcmVwb3NpdG9yeS9jZXJ0aWZpY2F0ZXMvSW50ZWwlMjBJbnRyYW5ldCUy\n" + "MEJhc2ljJTIwUG9saWN5JTIwQ0EoMSkuY3J0MG8GCCsGAQUFBzAChmNodHRwOi8v\n" + "Y2VydGlmaWNhdGVzLmludGVsLmNvbS9yZXBvc2l0b3J5L2NlcnRpZmljYXRlcy9J\n" + "bnRlbCUyMEludHJhbmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgxKS5jcnQwgcsG\n" + "CCsGAQUFBzAChoG+bGRhcDovLy9DTj1JbnRlbCUyMEludHJhbmV0JTIwQmFzaWMl\n" + "MjBQb2xpY3klMjBDQSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMs\n" + "Q049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1jb3JwLERDPWludGVsLERD\n" + "PWNvbT9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNhdGlv\n" + "bkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAsj8cHt2jSAmnIGulE9jXooAc\n" + "qH2xehlI+ko/al+nDnBzbjDYYjVS52XitYg8JGo6j72ijiGlGb/03FcQJRBZmUH6\n" + "znktx2rGTm4IdjL8quhvHthlzXXCozL8GMeeOuZ5rzHlhapKx764a5RuZtyx89uS\n" + "9cECon6oLGesXjFJ8Xrq6ecHZrQwJUpmvZalwvloKACAWqBh8yV12WDnUNZhtp8N\n" + "8rqeJZoy/lXGnTxsSSodO/5Y/CxYJM4W6u4WgvXNJSjO/0qWvb64S+pVLjBzwI+Y\n" + "X6oLqmBovRp1lGPOLjkXZi3EKDR8DmzhtpJq2677RtYowewnFedQ+exH9cXoJw==\n" + "-----END CERTIFICATE-----", "-----BEGIN CERTIFICATE-----\n" - "MIIHSjCCBjKgAwIBAgIKYRXxrQABAAAAETANBgkqhkiG9w0BAQUFADBSMQswCQYD\n" - "VQQGEwJVUzEaMBgGA1UEChMRSW50ZWwgQ29ycG9yYXRpb24xJzAlBgNVBAMTHklu\n" - "dGVsIEludHJhbmV0IEJhc2ljIFBvbGljeSBDQTAeFw0wOTA1MTUxODQyNDVaFw0x\n" - "NTA1MTUxODUyNDVaMFYxCzAJBgNVBAYTAlVTMRowGAYDVQQKExFJbnRlbCBDb3Jw\n" - "b3JhdGlvbjErMCkGA1UEAxMiSW50ZWwgSW50cmFuZXQgQmFzaWMgSXNzdWluZyBD\n" - "QSAyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbJOXtXYgfyoch6\n" - "ip5SSjijOXvpIjBxbTl5EGH/VYHmpM2O6SRlKh/uy77QS9m84sRWCJLr8cWwX9oH\n" - "qSmIylgcWvDpVNHx4v506DTTrbK0sbYRQYXRajOzJKeTt7NLeLrngyl45FrI9VAT\n" - "3yqp/2BCG1dUwcBha3dB2UbTkFOMt9o/gqoL6KvgswYMs/oGc/OIjeozdYuhnBT2\n" - "YlT9Ge5pfhOJWXh4DJbxnTmWwRUKq0MXFn0S00KQ/BZOTkc/5DibUmbmMrYi8ra4\n" - "Z2bpnoTq0WNA99O2Lk8IgmkqPdi6HwZwKCE/x01qwP8zo76rvN8sbW9pj2WzS1WF\n" - "tSDPeZECAwEAAaOCBBwwggQYMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYE\n" - "FPwbdyds7Cm03lobLKmI6q59npi+MAsGA1UdDwQEAwIBhjASBgkrBgEEAYI3FQEE\n" - "BQIDAQABMCMGCSsGAQQBgjcVAgQWBBRT1n27C6cZL4QFHaUX2nFSCPxhtTAZBgkr\n" - "BgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAfBgNVHSMEGDAWgBRp6zCRHAOAgE4RFYhG\n" - "pOJBmtNpHzCCAaIGA1UdHwSCAZkwggGVMIIBkaCCAY2gggGJhlFodHRwOi8vd3d3\n" - "LmludGVsLmNvbS9yZXBvc2l0b3J5L0NSTC9JbnRlbCUyMEludHJhbmV0JTIwQmFz\n" - "aWMlMjBQb2xpY3klMjBDQSgxKS5jcmyGWmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuaW50\n" - "ZWwuY29tL3JlcG9zaXRvcnkvQ1JML0ludGVsJTIwSW50cmFuZXQlMjBCYXNpYyUy\n" - "MFBvbGljeSUyMENBKDEpLmNybIaB12xkYXA6Ly8vQ049SW50ZWwlMjBJbnRyYW5l\n" - "dCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSksQ049bWNzaWJwY2EsQ049Q0RQLENO\n" - "PVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3Vy\n" - "YXRpb24sREM9Y29ycCxEQz1pbnRlbCxEQz1jb20/Y2VydGlmaWNhdGVSZXZvY2F0\n" - "aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MIIB\n" - "uQYIKwYBBQUHAQEEggGrMIIBpzBmBggrBgEFBQcwAoZaaHR0cDovL3d3dy5pbnRl\n" - "bC5jb20vcmVwb3NpdG9yeS9jZXJ0aWZpY2F0ZXMvSW50ZWwlMjBJbnRyYW5ldCUy\n" - "MEJhc2ljJTIwUG9saWN5JTIwQ0EoMSkuY3J0MG8GCCsGAQUFBzAChmNodHRwOi8v\n" - "Y2VydGlmaWNhdGVzLmludGVsLmNvbS9yZXBvc2l0b3J5L2NlcnRpZmljYXRlcy9J\n" - "bnRlbCUyMEludHJhbmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgxKS5jcnQwgcsG\n" - "CCsGAQUFBzAChoG+bGRhcDovLy9DTj1JbnRlbCUyMEludHJhbmV0JTIwQmFzaWMl\n" - "MjBQb2xpY3klMjBDQSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMs\n" - "Q049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1jb3JwLERDPWludGVsLERD\n" - "PWNvbT9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNhdGlv\n" - "bkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEArlAkrJXyMCssqAJT3PqnY7wt\n" - "sirq1fTMrVrHdmkpBKDXBQnDcTW1zfZtOPV/QDm3UsFwDBbGq+j/7U9qZ1zYHkv+\n" - "wrBpeFM6dlca/sgegGGAhYnQQwmlSzNXCKHMBltMjT61X8rVjyt1XJnucgat9rnT\n" - "2j8pztqoViVnORsGfT6DDB/bz/6bFKw4FMp1wDaJI7dKh5NUggvH36owTWI7JUvq\n" - "yJ8OI2qmjXrlqGexfwvltIkEk8xzuMIHWQoR8sERL2qf3nb2VYq1s1LbH5uCkZ0l\n" - "w/xgwFbbwjaGJ3TFOmkVKYU77nXSkfK9EXae0UZRU0WmX4t5NNt8jiL56TPpsw==\n" - "-----END CERTIFICATE-----\n", + "MIIHSjCCBjKgAwIBAgIKYRXxrQABAAAAETANBgkqhkiG9w0BAQUFADBSMQswCQYD\n" + "VQQGEwJVUzEaMBgGA1UEChMRSW50ZWwgQ29ycG9yYXRpb24xJzAlBgNVBAMTHklu\n" + "dGVsIEludHJhbmV0IEJhc2ljIFBvbGljeSBDQTAeFw0wOTA1MTUxODQyNDVaFw0x\n" + "NTA1MTUxODUyNDVaMFYxCzAJBgNVBAYTAlVTMRowGAYDVQQKExFJbnRlbCBDb3Jw\n" + "b3JhdGlvbjErMCkGA1UEAxMiSW50ZWwgSW50cmFuZXQgQmFzaWMgSXNzdWluZyBD\n" + "QSAyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbJOXtXYgfyoch6\n" + "ip5SSjijOXvpIjBxbTl5EGH/VYHmpM2O6SRlKh/uy77QS9m84sRWCJLr8cWwX9oH\n" + "qSmIylgcWvDpVNHx4v506DTTrbK0sbYRQYXRajOzJKeTt7NLeLrngyl45FrI9VAT\n" + "3yqp/2BCG1dUwcBha3dB2UbTkFOMt9o/gqoL6KvgswYMs/oGc/OIjeozdYuhnBT2\n" + "YlT9Ge5pfhOJWXh4DJbxnTmWwRUKq0MXFn0S00KQ/BZOTkc/5DibUmbmMrYi8ra4\n" + "Z2bpnoTq0WNA99O2Lk8IgmkqPdi6HwZwKCE/x01qwP8zo76rvN8sbW9pj2WzS1WF\n" + "tSDPeZECAwEAAaOCBBwwggQYMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYE\n" + "FPwbdyds7Cm03lobLKmI6q59npi+MAsGA1UdDwQEAwIBhjASBgkrBgEEAYI3FQEE\n" + "BQIDAQABMCMGCSsGAQQBgjcVAgQWBBRT1n27C6cZL4QFHaUX2nFSCPxhtTAZBgkr\n" + "BgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAfBgNVHSMEGDAWgBRp6zCRHAOAgE4RFYhG\n" + "pOJBmtNpHzCCAaIGA1UdHwSCAZkwggGVMIIBkaCCAY2gggGJhlFodHRwOi8vd3d3\n" + "LmludGVsLmNvbS9yZXBvc2l0b3J5L0NSTC9JbnRlbCUyMEludHJhbmV0JTIwQmFz\n" + "aWMlMjBQb2xpY3klMjBDQSgxKS5jcmyGWmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuaW50\n" + "ZWwuY29tL3JlcG9zaXRvcnkvQ1JML0ludGVsJTIwSW50cmFuZXQlMjBCYXNpYyUy\n" + "MFBvbGljeSUyMENBKDEpLmNybIaB12xkYXA6Ly8vQ049SW50ZWwlMjBJbnRyYW5l\n" + "dCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSksQ049bWNzaWJwY2EsQ049Q0RQLENO\n" + "PVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3Vy\n" + "YXRpb24sREM9Y29ycCxEQz1pbnRlbCxEQz1jb20/Y2VydGlmaWNhdGVSZXZvY2F0\n" + "aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MIIB\n" + "uQYIKwYBBQUHAQEEggGrMIIBpzBmBggrBgEFBQcwAoZaaHR0cDovL3d3dy5pbnRl\n" + "bC5jb20vcmVwb3NpdG9yeS9jZXJ0aWZpY2F0ZXMvSW50ZWwlMjBJbnRyYW5ldCUy\n" + "MEJhc2ljJTIwUG9saWN5JTIwQ0EoMSkuY3J0MG8GCCsGAQUFBzAChmNodHRwOi8v\n" + "Y2VydGlmaWNhdGVzLmludGVsLmNvbS9yZXBvc2l0b3J5L2NlcnRpZmljYXRlcy9J\n" + "bnRlbCUyMEludHJhbmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgxKS5jcnQwgcsG\n" + "CCsGAQUFBzAChoG+bGRhcDovLy9DTj1JbnRlbCUyMEludHJhbmV0JTIwQmFzaWMl\n" + "MjBQb2xpY3klMjBDQSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMs\n" + "Q049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1jb3JwLERDPWludGVsLERD\n" + "PWNvbT9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNhdGlv\n" + "bkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEArlAkrJXyMCssqAJT3PqnY7wt\n" + "sirq1fTMrVrHdmkpBKDXBQnDcTW1zfZtOPV/QDm3UsFwDBbGq+j/7U9qZ1zYHkv+\n" + "wrBpeFM6dlca/sgegGGAhYnQQwmlSzNXCKHMBltMjT61X8rVjyt1XJnucgat9rnT\n" + "2j8pztqoViVnORsGfT6DDB/bz/6bFKw4FMp1wDaJI7dKh5NUggvH36owTWI7JUvq\n" + "yJ8OI2qmjXrlqGexfwvltIkEk8xzuMIHWQoR8sERL2qf3nb2VYq1s1LbH5uCkZ0l\n" + "w/xgwFbbwjaGJ3TFOmkVKYU77nXSkfK9EXae0UZRU0WmX4t5NNt8jiL56TPpsw==\n" + "-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\n" - "MIIHIzCCBgugAwIBAgIKYRok3wABAAAADDANBgkqhkiG9w0BAQUFADBSMQswCQYD\n" - "VQQGEwJVUzEaMBgGA1UEChMRSW50ZWwgQ29ycG9yYXRpb24xJzAlBgNVBAMTHklu\n" - "dGVsIEludHJhbmV0IEJhc2ljIFBvbGljeSBDQTAeFw0wNjA1MjQxOTU2MDFaFw0x\n" - "MjA1MjQyMDA2MDFaMFYxCzAJBgNVBAYTAlVTMRowGAYDVQQKExFJbnRlbCBDb3Jw\n" - "b3JhdGlvbjErMCkGA1UEAxMiSW50ZWwgSW50cmFuZXQgQmFzaWMgSXNzdWluZyBD\n" - "QSAyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANE2pFSB0XqXoRWF\n" - "N7bzDesBAcTGEqcr6GVA+sMcJ5Vt17S8vGesmO2RgP6I49Q58nIhUnT054arUlOx\n" - "NKYbAEiVyGOK5zV2mZS4oW2UazfcpsV1uuO3j02UbzX+qcxQdNqoAHxwoB4nRJuU\n" - "Ijio45jWAssDbD8IKHZpmqRI5wUzbibkWnTZEc0YFO6iF40sNtqVr+uInP07PkQn\n" - "1Ttkyw6isa5Dhcyq6lTVOjnlj29bFYbZxN1uuDnTpUMVeov8oQv5wLyLrDVd1sMg\n" - "Njr2oofepZ8KjF3DKCkfsUekCHA9Pr2K/4hStd/nSwvIdNjCjfznqYadkB6wQ99a\n" - "hTX4uJkCAwEAAaOCA/UwggPxMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYE\n" - "FJunwCR+/af8p76CGTyhUZc3l/4DMAsGA1UdDwQEAwIBhjAQBgkrBgEEAYI3FQEE\n" - "AwIBADAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAfBgNVHSMEGDAWgBRp6zCR\n" - "HAOAgE4RFYhGpOJBmtNpHzCCAaIGA1UdHwSCAZkwggGVMIIBkaCCAY2gggGJhlFo\n" - "dHRwOi8vd3d3LmludGVsLmNvbS9yZXBvc2l0b3J5L0NSTC9JbnRlbCUyMEludHJh\n" - "bmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgxKS5jcmyGWmh0dHA6Ly9jZXJ0aWZp\n" - "Y2F0ZXMuaW50ZWwuY29tL3JlcG9zaXRvcnkvQ1JML0ludGVsJTIwSW50cmFuZXQl\n" - "MjBCYXNpYyUyMFBvbGljeSUyMENBKDEpLmNybIaB12xkYXA6Ly8vQ049SW50ZWwl\n" - "MjBJbnRyYW5ldCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSksQ049bWNzaWJwY2Es\n" - "Q049Q0RQLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENO\n" - "PUNvbmZpZ3VyYXRpb24sREM9Y29ycCxEQz1pbnRlbCxEQz1jb20/Y2VydGlmaWNh\n" - "dGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlv\n" - "blBvaW50MIIBuQYIKwYBBQUHAQEEggGrMIIBpzBmBggrBgEFBQcwAoZaaHR0cDov\n" - "L3d3dy5pbnRlbC5jb20vcmVwb3NpdG9yeS9jZXJ0aWZpY2F0ZXMvSW50ZWwlMjBJ\n" - "bnRyYW5ldCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSkuY3J0MG8GCCsGAQUFBzAC\n" - "hmNodHRwOi8vY2VydGlmaWNhdGVzLmludGVsLmNvbS9yZXBvc2l0b3J5L2NlcnRp\n" - "ZmljYXRlcy9JbnRlbCUyMEludHJhbmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgx\n" - "KS5jcnQwgcsGCCsGAQUFBzAChoG+bGRhcDovLy9DTj1JbnRlbCUyMEludHJhbmV0\n" - "JTIwQmFzaWMlMjBQb2xpY3klMjBDQSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIw\n" - "U2VydmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1jb3JwLERD\n" - "PWludGVsLERDPWNvbT9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2Vy\n" - "dGlmaWNhdGlvbkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAe3SmN0lsGF0h\n" - "zq+NANnUD4YJS31UqreVm4kJv07+9CTBtlB0AVqJ2RcjRosdQmrbhx7R0WwcXSdR\n" - "QnRGhaoDVRNehKiz3Grp6ehJr9LInhCp6WtOeKRlOSb2xgRDJCtzCi07TuAb9h2I\n" - "urpmndeA4NEbPYL1GYEBpKYawUcFCq5yTv0YgZXy53DdBDv9ygRWYGEk7/gPgvCu\n" - "2O1GNs9n25goy+3/aMkHnUyl3MOtiooXJR7eKOEgTPHNe42LQ9KuUz5SoZQN8vSL\n" - "r49IRDC4dgMkGvsC5h0+ftixQ66ni6QJe6SNcpSZrpW5vBE9J+vtDI0gTyq2SYPo\n" - "0fiS3V8p4g==\n" "-----END CERTIFICATE-----\n", + "MIIHIzCCBgugAwIBAgIKYRok3wABAAAADDANBgkqhkiG9w0BAQUFADBSMQswCQYD\n" + "VQQGEwJVUzEaMBgGA1UEChMRSW50ZWwgQ29ycG9yYXRpb24xJzAlBgNVBAMTHklu\n" + "dGVsIEludHJhbmV0IEJhc2ljIFBvbGljeSBDQTAeFw0wNjA1MjQxOTU2MDFaFw0x\n" + "MjA1MjQyMDA2MDFaMFYxCzAJBgNVBAYTAlVTMRowGAYDVQQKExFJbnRlbCBDb3Jw\n" + "b3JhdGlvbjErMCkGA1UEAxMiSW50ZWwgSW50cmFuZXQgQmFzaWMgSXNzdWluZyBD\n" + "QSAyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANE2pFSB0XqXoRWF\n" + "N7bzDesBAcTGEqcr6GVA+sMcJ5Vt17S8vGesmO2RgP6I49Q58nIhUnT054arUlOx\n" + "NKYbAEiVyGOK5zV2mZS4oW2UazfcpsV1uuO3j02UbzX+qcxQdNqoAHxwoB4nRJuU\n" + "Ijio45jWAssDbD8IKHZpmqRI5wUzbibkWnTZEc0YFO6iF40sNtqVr+uInP07PkQn\n" + "1Ttkyw6isa5Dhcyq6lTVOjnlj29bFYbZxN1uuDnTpUMVeov8oQv5wLyLrDVd1sMg\n" + "Njr2oofepZ8KjF3DKCkfsUekCHA9Pr2K/4hStd/nSwvIdNjCjfznqYadkB6wQ99a\n" + "hTX4uJkCAwEAAaOCA/UwggPxMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYE\n" + "FJunwCR+/af8p76CGTyhUZc3l/4DMAsGA1UdDwQEAwIBhjAQBgkrBgEEAYI3FQEE\n" + "AwIBADAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAfBgNVHSMEGDAWgBRp6zCR\n" + "HAOAgE4RFYhGpOJBmtNpHzCCAaIGA1UdHwSCAZkwggGVMIIBkaCCAY2gggGJhlFo\n" + "dHRwOi8vd3d3LmludGVsLmNvbS9yZXBvc2l0b3J5L0NSTC9JbnRlbCUyMEludHJh\n" + "bmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgxKS5jcmyGWmh0dHA6Ly9jZXJ0aWZp\n" + "Y2F0ZXMuaW50ZWwuY29tL3JlcG9zaXRvcnkvQ1JML0ludGVsJTIwSW50cmFuZXQl\n" + "MjBCYXNpYyUyMFBvbGljeSUyMENBKDEpLmNybIaB12xkYXA6Ly8vQ049SW50ZWwl\n" + "MjBJbnRyYW5ldCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSksQ049bWNzaWJwY2Es\n" + "Q049Q0RQLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENO\n" + "PUNvbmZpZ3VyYXRpb24sREM9Y29ycCxEQz1pbnRlbCxEQz1jb20/Y2VydGlmaWNh\n" + "dGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlv\n" + "blBvaW50MIIBuQYIKwYBBQUHAQEEggGrMIIBpzBmBggrBgEFBQcwAoZaaHR0cDov\n" + "L3d3dy5pbnRlbC5jb20vcmVwb3NpdG9yeS9jZXJ0aWZpY2F0ZXMvSW50ZWwlMjBJ\n" + "bnRyYW5ldCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSkuY3J0MG8GCCsGAQUFBzAC\n" + "hmNodHRwOi8vY2VydGlmaWNhdGVzLmludGVsLmNvbS9yZXBvc2l0b3J5L2NlcnRp\n" + "ZmljYXRlcy9JbnRlbCUyMEludHJhbmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgx\n" + "KS5jcnQwgcsGCCsGAQUFBzAChoG+bGRhcDovLy9DTj1JbnRlbCUyMEludHJhbmV0\n" + "JTIwQmFzaWMlMjBQb2xpY3klMjBDQSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIw\n" + "U2VydmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1jb3JwLERD\n" + "PWludGVsLERDPWNvbT9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2Vy\n" + "dGlmaWNhdGlvbkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAe3SmN0lsGF0h\n" + "zq+NANnUD4YJS31UqreVm4kJv07+9CTBtlB0AVqJ2RcjRosdQmrbhx7R0WwcXSdR\n" + "QnRGhaoDVRNehKiz3Grp6ehJr9LInhCp6WtOeKRlOSb2xgRDJCtzCi07TuAb9h2I\n" + "urpmndeA4NEbPYL1GYEBpKYawUcFCq5yTv0YgZXy53DdBDv9ygRWYGEk7/gPgvCu\n" + "2O1GNs9n25goy+3/aMkHnUyl3MOtiooXJR7eKOEgTPHNe42LQ9KuUz5SoZQN8vSL\n" + "r49IRDC4dgMkGvsC5h0+ftixQ66ni6QJe6SNcpSZrpW5vBE9J+vtDI0gTyq2SYPo\n" + "0fiS3V8p4g==\n" + "-----END CERTIFICATE-----\n", NULL }; @@ -174,7 +175,7 @@ static const char *ca_list[MAX_CHAIN] = { verifying certificates. To avoid a time bomb, we hard code the current time. This should work fine on systems where the library call to time is resolved at run-time. */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1256803113; @@ -191,9 +192,9 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -219,7 +220,7 @@ void doit(void) if (gnutls_fips140_mode_enabled()) exit(77); - /* The overloading of time() seems to work in linux (ELF?) + /* The overloading of time() seems to work in linux (ELF?) * systems only. Disable it on windows. */ #ifdef _WIN32 @@ -243,8 +244,9 @@ void doit(void) set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); ret = gnutls_pkcs11_add_provider(lib, "trusted"); @@ -260,8 +262,7 @@ void doit(void) ret = gnutls_x509_crt_init(&certs[j]); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_init[%d,%d]: %s\n", + fprintf(stderr, "gnutls_x509_crt_init[%d,%d]: %s\n", (int)3, (int)j, gnutls_strerror(ret)); exit(1); } @@ -269,21 +270,20 @@ void doit(void) tmp.data = (unsigned char *)ca_list[j]; tmp.size = strlen(ca_list[j]); - ret = - gnutls_x509_crt_import(certs[j], &tmp, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(certs[j], &tmp, + GNUTLS_X509_FMT_PEM); if (debug > 2) printf("done\n"); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_import[%d]: %s\n", + fprintf(stderr, "gnutls_x509_crt_import[%d]: %s\n", (int)j, gnutls_strerror(ret)); exit(1); } gnutls_x509_crt_print(certs[j], GNUTLS_CRT_PRINT_ONELINE, &tmp); if (debug) - printf("\tCertificate %d: %.*s\n", (int)j, - tmp.size, tmp.data); + printf("\tCertificate %d: %.*s\n", (int)j, tmp.size, + tmp.data); gnutls_free(tmp.data); } @@ -351,11 +351,10 @@ void doit(void) for (j = 0; ca_list[j]; j++) { char name[64]; snprintf(name, sizeof(name), "test-ca%d", j); - ret = - gnutls_pkcs11_copy_x509_crt(SOFTHSM_URL, certs[j], name, - GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED - | - GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO); + ret = gnutls_pkcs11_copy_x509_crt( + SOFTHSM_URL, certs[j], name, + GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED | + GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_crt: %s\n", gnutls_strerror(ret)); @@ -365,9 +364,8 @@ void doit(void) gnutls_x509_trust_list_init(&tl, 0); - ret = - gnutls_x509_trust_list_add_trust_file(tl, SOFTHSM_URL, NULL, 0, 0, - 0); + ret = gnutls_x509_trust_list_add_trust_file(tl, SOFTHSM_URL, NULL, 0, 0, + 0); if (ret < 0) { fail("gnutls_x509_trust_list_add_trust_file\n"); exit(1); @@ -380,28 +378,26 @@ void doit(void) } /* extract the issuer of the certificate */ - ret = - gnutls_x509_trust_list_get_issuer(tl, end, &issuer, - GNUTLS_TL_GET_COPY); + ret = gnutls_x509_trust_list_get_issuer(tl, end, &issuer, + GNUTLS_TL_GET_COPY); if (ret < 0) { fail("gnutls_x509_trust_list_get_issuer should have succeeded\n"); exit(1); } gnutls_x509_crt_deinit(issuer); - ret = - gnutls_pkcs11_crt_is_known(SOFTHSM_URL, ca, - GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY | - GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); + ret = gnutls_pkcs11_crt_is_known( + SOFTHSM_URL, ca, + GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY | + GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); if (ret != 0) { fail("gnutls_pkcs11_crt_is_known should have failed!\n"); exit(1); } - ret = gnutls_x509_trust_list_verify_crt2(tl, &end, 1, - NULL, 0, - GNUTLS_VERIFY_DISABLE_TIME_CHECKS, - &verify_status, NULL); + ret = gnutls_x509_trust_list_verify_crt2( + tl, &end, 1, NULL, 0, GNUTLS_VERIFY_DISABLE_TIME_CHECKS, + &verify_status, NULL); if (ret < 0) { fail("gnutls_x509_trust_list_verify_crt2 should have succeeded\n"); exit(1); diff --git a/tests/pkcs11/pkcs11-ec-privkey-test.c b/tests/pkcs11/pkcs11-ec-privkey-test.c index 20ab233eaf..1d3f90c33e 100644 --- a/tests/pkcs11/pkcs11-ec-privkey-test.c +++ b/tests/pkcs11/pkcs11-ec-privkey-test.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -37,7 +37,7 @@ #include "softhsm.h" #define CONFIG_NAME "softhsm-privkey-ecdsa-test" -#define CONFIG CONFIG_NAME".config" +#define CONFIG CONFIG_NAME ".config" /* Tests whether signing with PKCS#11 may produce signed (invalid) * INTEGER values in DSASignatureValue. */ @@ -53,9 +53,9 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -64,8 +64,8 @@ int pin_func(void *userdata, int attempt, const char *url, const char *label, return -1; } -int _gnutls_decode_ber_rs_raw(const gnutls_datum_t * sig_value, - gnutls_datum_t * r, gnutls_datum_t * s); +int _gnutls_decode_ber_rs_raw(const gnutls_datum_t *sig_value, + gnutls_datum_t *r, gnutls_datum_t *s); void doit(void) { @@ -102,8 +102,9 @@ void doit(void) set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); ret = gnutls_pkcs11_add_provider(lib, "trusted"); @@ -115,16 +116,16 @@ void doit(void) ret = gnutls_x509_crt_init(&crt); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_init: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crt_init: %s\n", + gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_crt_import(crt, &server_ecc_cert, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt, &server_ecc_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_import: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crt_import: %s\n", + gnutls_strerror(ret)); exit(1); } @@ -137,17 +138,15 @@ void doit(void) ret = gnutls_x509_privkey_init(&key); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_privkey_init: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_privkey_init: %s\n", + gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_privkey_import(key, &server_ecc_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import(key, &server_ecc_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_privkey_import: %s\n", + fprintf(stderr, "gnutls_x509_privkey_import: %s\n", gnutls_strerror(ret)); exit(1); } @@ -159,9 +158,8 @@ void doit(void) exit(1); } - ret = - gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, - GNUTLS_PIN_USER); + ret = gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, + GNUTLS_PIN_USER); if (ret < 0) { fail("gnutls_pkcs11_token_set_pin: %s\n", gnutls_strerror(ret)); exit(1); @@ -169,20 +167,18 @@ void doit(void) ret = gnutls_pkcs11_copy_x509_crt(SOFTHSM_URL, crt, "cert", GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE | - GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_crt: %s\n", gnutls_strerror(ret)); exit(1); } - ret = - gnutls_pkcs11_copy_x509_privkey(SOFTHSM_URL, key, "cert", - GNUTLS_KEY_DIGITAL_SIGNATURE | - GNUTLS_KEY_KEY_ENCIPHERMENT, - GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE - | - GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE - | GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_pkcs11_copy_x509_privkey( + SOFTHSM_URL, key, "cert", + GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT, + GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE | + GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE | + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_privkey: %s\n", gnutls_strerror(ret)); @@ -193,9 +189,9 @@ void doit(void) assert(gnutls_pubkey_init(&pubkey) == 0); assert(gnutls_pubkey_import_x509(pubkey, crt, 0) == 0); - ret = gnutls_pkcs11_copy_pubkey(SOFTHSM_URL, pubkey, "cert", NULL, - GNUTLS_KEY_DIGITAL_SIGNATURE | - GNUTLS_KEY_KEY_ENCIPHERMENT, 0); + ret = gnutls_pkcs11_copy_pubkey( + SOFTHSM_URL, pubkey, "cert", NULL, + GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT, 0); if (ret < 0) { fail("gnutls_pkcs11_copy_pubkey: %s\n", gnutls_strerror(ret)); } @@ -207,11 +203,9 @@ void doit(void) assert(gnutls_privkey_init(&pkey) == 0); - ret = - gnutls_privkey_import_pkcs11_url(pkey, - SOFTHSM_URL - ";object=cert;object-type=private;pin-value=" - PIN); + ret = gnutls_privkey_import_pkcs11_url( + pkey, + SOFTHSM_URL ";object=cert;object-type=private;pin-value=" PIN); if (ret < 0) { fprintf(stderr, "error in %d: %s\n", __LINE__, gnutls_strerror(ret)); @@ -221,11 +215,10 @@ void doit(void) /* Try to read the public key with public key URI */ assert(gnutls_pubkey_init(&pubkey3) == 0); - ret = - gnutls_pubkey_import_pkcs11_url(pubkey3, - SOFTHSM_URL - ";object=cert;object-type=public;pin-value=" - PIN, 0); + ret = gnutls_pubkey_import_pkcs11_url( + pubkey3, + SOFTHSM_URL ";object=cert;object-type=public;pin-value=" PIN, + 0); if (ret < 0) { fail("error in gnutls_pubkey_import_pkcs11_url: %s\n", gnutls_strerror(ret)); @@ -234,11 +227,9 @@ void doit(void) /* Try to read the public key with certificate URI */ assert(gnutls_pubkey_init(&pubkey4) == 0); - ret = - gnutls_pubkey_import_pkcs11_url(pubkey4, - SOFTHSM_URL - ";object=cert;object-type=cert;pin-value=" - PIN, 0); + ret = gnutls_pubkey_import_pkcs11_url( + pubkey4, + SOFTHSM_URL ";object=cert;object-type=cert;pin-value=" PIN, 0); if (ret < 0) { fail("error in gnutls_pubkey_import_pkcs11_url: %s\n", gnutls_strerror(ret)); @@ -250,8 +241,8 @@ void doit(void) pk = gnutls_pubkey_get_pk_algorithm(pubkey, NULL); assert(gnutls_pubkey_init(&pubkey2) == 0); - assert(gnutls_pubkey_import_x509_raw - (pubkey2, &server_ecc_cert, GNUTLS_X509_FMT_PEM, 0) == 0); + assert(gnutls_pubkey_import_x509_raw(pubkey2, &server_ecc_cert, + GNUTLS_X509_FMT_PEM, 0) == 0); for (i = 0; i < 100; i++) { gnutls_datum_t r = { NULL, 0 }; @@ -259,8 +250,8 @@ void doit(void) /* check whether privkey and pubkey are operational * by signing and verifying */ - assert(gnutls_privkey_sign_data - (pkey, GNUTLS_DIG_SHA256, 0, &testdata, &sig) == 0); + assert(gnutls_privkey_sign_data(pkey, GNUTLS_DIG_SHA256, 0, + &testdata, &sig) == 0); assert(_gnutls_decode_ber_rs_raw(&sig, &r, &s) == 0); if (r.data[0] >= 0x80) { @@ -272,14 +263,15 @@ void doit(void) } /* verify against the raw pubkey */ - assert(gnutls_pubkey_verify_data2 - (pubkey2, gnutls_pk_to_sign(pk, GNUTLS_DIG_SHA256), 0, - &testdata, &sig) == 0); + assert(gnutls_pubkey_verify_data2( + pubkey2, + gnutls_pk_to_sign(pk, GNUTLS_DIG_SHA256), 0, + &testdata, &sig) == 0); /* verify against the pubkey in PKCS #11 */ - assert(gnutls_pubkey_verify_data2 - (pubkey, gnutls_pk_to_sign(pk, GNUTLS_DIG_SHA256), 0, - &testdata, &sig) == 0); + assert(gnutls_pubkey_verify_data2( + pubkey, gnutls_pk_to_sign(pk, GNUTLS_DIG_SHA256), + 0, &testdata, &sig) == 0); gnutls_free(sig.data); gnutls_free(r.data); diff --git a/tests/pkcs11/pkcs11-eddsa-privkey-test.c b/tests/pkcs11/pkcs11-eddsa-privkey-test.c index 478125a761..c1bc81e5e9 100644 --- a/tests/pkcs11/pkcs11-eddsa-privkey-test.c +++ b/tests/pkcs11/pkcs11-eddsa-privkey-test.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -37,7 +37,7 @@ #include "softhsm.h" #define CONFIG_NAME "softhsm-privkey-eddsa-test" -#define CONFIG CONFIG_NAME".config" +#define CONFIG CONFIG_NAME ".config" /* Tests whether signing with PKCS#11 and EDDSA would * generate valid signatures */ @@ -53,9 +53,9 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -64,8 +64,9 @@ int pin_func(void *userdata, int attempt, const char *url, const char *label, return -1; } -#define myfail(fmt, ...) \ - fail("%s (iter %d): "fmt, gnutls_sign_get_name(sigalgo), i, ##__VA_ARGS__) +#define myfail(fmt, ...) \ + fail("%s (iter %d): " fmt, gnutls_sign_get_name(sigalgo), i, \ + ##__VA_ARGS__) static unsigned verify_eddsa_presence(void) { @@ -75,10 +76,9 @@ static unsigned verify_eddsa_presence(void) i = 0; do { - ret = - gnutls_pkcs11_token_get_mechanism("pkcs11:", i++, - &mechanism); - if (ret >= 0 && mechanism == 0x1057 /* CKM_EDDSA */ ) + ret = gnutls_pkcs11_token_get_mechanism("pkcs11:", i++, + &mechanism); + if (ret >= 0 && mechanism == 0x1057 /* CKM_EDDSA */) return 1; } while (ret >= 0); @@ -121,8 +121,9 @@ void doit(void) set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); ret = gnutls_pkcs11_add_provider(lib, NULL); @@ -140,9 +141,8 @@ void doit(void) if (ret < 0) fail("gnutls_x509_crt_init: %s\n", gnutls_strerror(ret)); - ret = - gnutls_x509_crt_import(crt, &server_ca3_eddsa_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt, &server_ca3_eddsa_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("gnutls_x509_crt_import: %s\n", gnutls_strerror(ret)); @@ -158,9 +158,8 @@ void doit(void) fail("gnutls_x509_privkey_init: %s\n", gnutls_strerror(ret)); } - ret = - gnutls_x509_privkey_import(key, &server_ca3_eddsa_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import(key, &server_ca3_eddsa_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("gnutls_x509_privkey_import: %s\n", gnutls_strerror(ret)); } @@ -171,28 +170,25 @@ void doit(void) fail("gnutls_pkcs11_token_init: %s\n", gnutls_strerror(ret)); } - ret = - gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, - GNUTLS_PIN_USER); + ret = gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, + GNUTLS_PIN_USER); if (ret < 0) { fail("gnutls_pkcs11_token_set_pin: %s\n", gnutls_strerror(ret)); } ret = gnutls_pkcs11_copy_x509_crt(SOFTHSM_URL, crt, "cert", GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE | - GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_crt: %s\n", gnutls_strerror(ret)); } - ret = - gnutls_pkcs11_copy_x509_privkey(SOFTHSM_URL, key, "cert", - GNUTLS_KEY_DIGITAL_SIGNATURE | - GNUTLS_KEY_KEY_ENCIPHERMENT, - GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE - | - GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE - | GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_pkcs11_copy_x509_privkey( + SOFTHSM_URL, key, "cert", + GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT, + GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE | + GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE | + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_privkey: %s\n", gnutls_strerror(ret)); @@ -202,9 +198,9 @@ void doit(void) assert(gnutls_pubkey_init(&pubkey) == 0); assert(gnutls_pubkey_import_x509(pubkey, crt, 0) == 0); - ret = gnutls_pkcs11_copy_pubkey(SOFTHSM_URL, pubkey, "cert", NULL, - GNUTLS_KEY_DIGITAL_SIGNATURE | - GNUTLS_KEY_KEY_ENCIPHERMENT, 0); + ret = gnutls_pkcs11_copy_pubkey( + SOFTHSM_URL, pubkey, "cert", NULL, + GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT, 0); if (ret < 0) { fail("gnutls_pkcs11_copy_pubkey: %s\n", gnutls_strerror(ret)); } @@ -216,11 +212,9 @@ void doit(void) assert(gnutls_privkey_init(&pkey) == 0); - ret = - gnutls_privkey_import_pkcs11_url(pkey, - SOFTHSM_URL - ";object=cert;object-type=private;pin-value=" - PIN); + ret = gnutls_privkey_import_pkcs11_url( + pkey, + SOFTHSM_URL ";object=cert;object-type=private;pin-value=" PIN); if (ret < 0) { fail("error in gnutls_privkey_import_pkcs11_url: %s\n", gnutls_strerror(ret)); @@ -229,11 +223,10 @@ void doit(void) /* Try to read the public key with public key URI */ assert(gnutls_pubkey_init(&pubkey3) == 0); - ret = - gnutls_pubkey_import_pkcs11_url(pubkey3, - SOFTHSM_URL - ";object=cert;object-type=public;pin-value=" - PIN, 0); + ret = gnutls_pubkey_import_pkcs11_url( + pubkey3, + SOFTHSM_URL ";object=cert;object-type=public;pin-value=" PIN, + 0); if (ret < 0) { fail("error in gnutls_pubkey_import_pkcs11_url: %s\n", gnutls_strerror(ret)); @@ -242,11 +235,9 @@ void doit(void) /* Try to read the public key with certificate URI */ assert(gnutls_pubkey_init(&pubkey4) == 0); - ret = - gnutls_pubkey_import_pkcs11_url(pubkey4, - SOFTHSM_URL - ";object=cert;object-type=cert;pin-value=" - PIN, 0); + ret = gnutls_pubkey_import_pkcs11_url( + pubkey4, + SOFTHSM_URL ";object=cert;object-type=cert;pin-value=" PIN, 0); if (ret < 0) { fail("error in gnutls_pubkey_import_pkcs11_url: %s\n", gnutls_strerror(ret)); @@ -256,8 +247,8 @@ void doit(void) assert(gnutls_pubkey_import_privkey(pubkey, pkey, 0, 0) == 0); assert(gnutls_pubkey_init(&pubkey2) == 0); - assert(gnutls_pubkey_import_x509_raw - (pubkey2, &server_ca3_eddsa_cert, GNUTLS_X509_FMT_PEM, 0) == 0); + assert(gnutls_pubkey_import_x509_raw(pubkey2, &server_ca3_eddsa_cert, + GNUTLS_X509_FMT_PEM, 0) == 0); /* this is the algorithm supported by the certificate */ sigalgo = GNUTLS_SIGN_EDDSA_ED25519; @@ -265,24 +256,21 @@ void doit(void) for (i = 0; i < 20; i++) { /* check whether privkey and pubkey are operational * by signing and verifying */ - ret = - gnutls_privkey_sign_data2(pkey, sigalgo, 0, - &testdata, &sig); + ret = gnutls_privkey_sign_data2(pkey, sigalgo, 0, &testdata, + &sig); if (ret < 0) myfail("Error signing data %s\n", gnutls_strerror(ret)); /* verify against the pubkey in PKCS #11 */ - ret = - gnutls_pubkey_verify_data2(pubkey, sigalgo, 0, - &testdata, &sig); + ret = gnutls_pubkey_verify_data2(pubkey, sigalgo, 0, &testdata, + &sig); if (ret < 0) myfail("Error verifying data1: %s\n", gnutls_strerror(ret)); /* verify against the raw pubkey */ - ret = - gnutls_pubkey_verify_data2(pubkey2, sigalgo, 0, - &testdata, &sig); + ret = gnutls_pubkey_verify_data2(pubkey2, sigalgo, 0, &testdata, + &sig); if (ret < 0) myfail("Error verifying data2: %s\n", gnutls_strerror(ret)); diff --git a/tests/pkcs11/pkcs11-get-exts.c b/tests/pkcs11/pkcs11-get-exts.c index 9af48373b1..a2a3d99802 100644 --- a/tests/pkcs11/pkcs11-get-exts.c +++ b/tests/pkcs11/pkcs11-get-exts.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -38,9 +38,9 @@ /* Tests the gnutls_pkcs11_obj_get_exts API */ #ifdef _WIN32 -# define P11LIB "libpkcs11mock1.dll" +#define P11LIB "libpkcs11mock1.dll" #else -# define P11LIB "libpkcs11mock1.so" +#define P11LIB "libpkcs11mock1.so" #endif void doit(void) @@ -81,9 +81,8 @@ void doit(void) assert(gnutls_pkcs11_obj_init(&obj) >= 0); /* check extensions */ - ret = - gnutls_pkcs11_obj_import_url(obj, "pkcs11:type=cert;object=cert1", - 0); + ret = gnutls_pkcs11_obj_import_url(obj, "pkcs11:type=cert;object=cert1", + 0); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); @@ -108,9 +107,8 @@ void doit(void) { unsigned ca; int pathlen; - ret = - gnutls_x509_ext_import_basic_constraints(&exts[0].data, &ca, - &pathlen); + ret = gnutls_x509_ext_import_basic_constraints(&exts[0].data, + &ca, &pathlen); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); @@ -129,8 +127,8 @@ void doit(void) { unsigned keyusage; - ret = - gnutls_x509_ext_import_key_usage(&exts[1].data, &keyusage); + ret = gnutls_x509_ext_import_key_usage(&exts[1].data, + &keyusage); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); diff --git a/tests/pkcs11/pkcs11-get-issuer.c b/tests/pkcs11/pkcs11-get-issuer.c index 4eb19d2a04..5c032b34a2 100644 --- a/tests/pkcs11/pkcs11-get-issuer.c +++ b/tests/pkcs11/pkcs11-get-issuer.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -42,7 +42,7 @@ verifying certificates. To avoid a time bomb, we hard code the current time. This should work fine on systems where the library call to time is resolved at run-time. */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1256803113; @@ -59,9 +59,9 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -87,7 +87,7 @@ void doit(void) if (gnutls_fips140_mode_enabled()) exit(77); - /* The overloading of time() seems to work in linux (ELF?) + /* The overloading of time() seems to work in linux (ELF?) * systems only. Disable it on windows. */ #ifdef _WIN32 @@ -127,8 +127,9 @@ void doit(void) set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); ret = gnutls_pkcs11_add_provider(lib, "trusted"); @@ -144,8 +145,7 @@ void doit(void) ret = gnutls_x509_crt_init(&certs[j]); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_init[%d,%d]: %s\n", + fprintf(stderr, "gnutls_x509_crt_init[%d,%d]: %s\n", (int)3, (int)j, gnutls_strerror(ret)); exit(1); } @@ -153,21 +153,20 @@ void doit(void) tmp.data = (unsigned char *)chains[idx].chain[j]; tmp.size = strlen(chains[idx].chain[j]); - ret = - gnutls_x509_crt_import(certs[j], &tmp, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(certs[j], &tmp, + GNUTLS_X509_FMT_PEM); if (debug > 2) printf("done\n"); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_import[%s,%d]: %s\n", + fprintf(stderr, "gnutls_x509_crt_import[%s,%d]: %s\n", chains[idx].name, (int)j, gnutls_strerror(ret)); exit(1); } gnutls_x509_crt_print(certs[j], GNUTLS_CRT_PRINT_ONELINE, &tmp); if (debug) - printf("\tCertificate %d: %.*s\n", (int)j, - tmp.size, tmp.data); + printf("\tCertificate %d: %.*s\n", (int)j, tmp.size, + tmp.data); gnutls_free(tmp.data); } @@ -210,10 +209,10 @@ void doit(void) } /* write CA certificate to softhsm */ - ret = - gnutls_pkcs11_copy_x509_crt(SOFTHSM_URL, ca, "test-ca", - GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED | - GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO); + ret = gnutls_pkcs11_copy_x509_crt( + SOFTHSM_URL, ca, "test-ca", + GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED | + GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_crt: %s\n", gnutls_strerror(ret)); exit(1); @@ -221,9 +220,8 @@ void doit(void) gnutls_x509_trust_list_init(&tl, 0); - ret = - gnutls_x509_trust_list_add_trust_file(tl, SOFTHSM_URL, NULL, 0, 0, - 0); + ret = gnutls_x509_trust_list_add_trust_file(tl, SOFTHSM_URL, NULL, 0, 0, + 0); if (ret < 0) { fail("gnutls_x509_trust_list_add_trust_file\n"); exit(1); @@ -231,9 +229,8 @@ void doit(void) /* extract the issuer of the certificate */ issuer = NULL; - ret = - gnutls_x509_trust_list_get_issuer(tl, certs[2], &issuer, - GNUTLS_TL_GET_COPY); + ret = gnutls_x509_trust_list_get_issuer(tl, certs[2], &issuer, + GNUTLS_TL_GET_COPY); if (ret < 0) { fail("error in gnutls_x509_trust_list_get_issuer\n"); exit(1); diff --git a/tests/pkcs11/pkcs11-get-raw-issuer-exts.c b/tests/pkcs11/pkcs11-get-raw-issuer-exts.c index f0e36e733b..adf5c6e93c 100644 --- a/tests/pkcs11/pkcs11-get-raw-issuer-exts.c +++ b/tests/pkcs11/pkcs11-get-raw-issuer-exts.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,12 +40,12 @@ */ #ifdef _WIN32 -# define P11LIB "libpkcs11mock1.dll" +#define P11LIB "libpkcs11mock1.dll" #else -# define P11LIB "libpkcs11mock1.so" +#define P11LIB "libpkcs11mock1.so" #endif -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1424466893; @@ -95,17 +95,16 @@ void doit(void) assert(gnutls_x509_crt_init(&ocrt) >= 0); /* check high level certificate functions */ - ret = - gnutls_x509_crt_import_url(crt, "pkcs11:type=cert;object=cert1", 0); + ret = gnutls_x509_crt_import_url(crt, "pkcs11:type=cert;object=cert1", + 0); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); } - ret = - gnutls_pkcs11_get_raw_issuer("pkcs11:", crt, &issuer, - GNUTLS_X509_FMT_DER, - GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT); + ret = gnutls_pkcs11_get_raw_issuer( + "pkcs11:", crt, &issuer, GNUTLS_X509_FMT_DER, + GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); @@ -139,9 +138,8 @@ void doit(void) exit(1); } - if (keyusage != - (GNUTLS_KEY_KEY_ENCIPHERMENT | GNUTLS_KEY_ENCIPHER_ONLY | - GNUTLS_KEY_KEY_CERT_SIGN)) { + if (keyusage != (GNUTLS_KEY_KEY_ENCIPHERMENT | + GNUTLS_KEY_ENCIPHER_ONLY | GNUTLS_KEY_KEY_CERT_SIGN)) { fail("Extension does not have the expected key usage!\n"); } diff --git a/tests/pkcs11/pkcs11-import-url-privkey.c b/tests/pkcs11/pkcs11-import-url-privkey.c index caaa82d419..ebdffe04ad 100644 --- a/tests/pkcs11/pkcs11-import-url-privkey.c +++ b/tests/pkcs11/pkcs11-import-url-privkey.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -39,16 +39,16 @@ * some problematic cases. */ #ifdef ALL_CAPS_URI -# define PURI "PKCS11:" +#define PURI "PKCS11:" #else -# define PURI "pkcs11:" +#define PURI "pkcs11:" #endif #ifdef _WIN32 -# define P11LIB "libpkcs11mock1.dll" +#define P11LIB "libpkcs11mock1.dll" #else -# include -# define P11LIB "libpkcs11mock1.so" +#include +#define P11LIB "libpkcs11mock1.so" #endif void doit(void) @@ -81,9 +81,9 @@ void doit(void) exit(1); } - ret = - gnutls_pkcs11_obj_list_import_url4(&obj_list, &obj_list_size, PURI, - GNUTLS_PKCS11_OBJ_FLAG_PRIVKEY); + ret = gnutls_pkcs11_obj_list_import_url4( + &obj_list, &obj_list_size, PURI, + GNUTLS_PKCS11_OBJ_FLAG_PRIVKEY); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); @@ -113,10 +113,9 @@ void doit(void) *pflags = MOCK_FLAG_BROKEN_GET_ATTRIBUTES; - ret = - gnutls_pkcs11_obj_list_import_url4(&obj_list, - &obj_list_size, PURI, - GNUTLS_PKCS11_OBJ_FLAG_PRIVKEY); + ret = gnutls_pkcs11_obj_list_import_url4( + &obj_list, &obj_list_size, PURI, + GNUTLS_PKCS11_OBJ_FLAG_PRIVKEY); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); diff --git a/tests/pkcs11/pkcs11-import-with-pin.c b/tests/pkcs11/pkcs11-import-with-pin.c index cb1aadd3d4..c6f06c0610 100644 --- a/tests/pkcs11/pkcs11-import-with-pin.c +++ b/tests/pkcs11/pkcs11-import-with-pin.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,7 +40,7 @@ * pin-value or pin-source. */ #define CONFIG_NAME "softhsm-import-with-pin" -#define CONFIG CONFIG_NAME".config" +#define CONFIG CONFIG_NAME ".config" #include "../cert-common.h" @@ -53,9 +53,9 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -102,8 +102,9 @@ void doit(void) set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); ret = gnutls_pkcs11_add_provider(lib, "trusted"); @@ -114,15 +115,14 @@ void doit(void) ret = gnutls_x509_privkey_init(&key); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_privkey_init: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_privkey_init: %s\n", + gnutls_strerror(ret)); exit(1); } ret = gnutls_x509_privkey_import(key, &server_key, GNUTLS_X509_FMT_PEM); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_privkey_import: %s\n", + fprintf(stderr, "gnutls_x509_privkey_import: %s\n", gnutls_strerror(ret)); exit(1); } @@ -134,22 +134,19 @@ void doit(void) exit(1); } - ret = - gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, - GNUTLS_PIN_USER); + ret = gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, + GNUTLS_PIN_USER); if (ret < 0) { fail("gnutls_pkcs11_token_set_pin: %s\n", gnutls_strerror(ret)); exit(1); } - ret = - gnutls_pkcs11_copy_x509_privkey(SOFTHSM_URL, key, "cert", - GNUTLS_KEY_DIGITAL_SIGNATURE | - GNUTLS_KEY_KEY_ENCIPHERMENT, - GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE - | - GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE - | GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_pkcs11_copy_x509_privkey( + SOFTHSM_URL, key, "cert", + GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT, + GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE | + GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE | + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_privkey: %s\n", gnutls_strerror(ret)); @@ -163,10 +160,9 @@ void doit(void) /* Test 1 * Try importing with wrong pin-value */ - ret = - gnutls_privkey_import_pkcs11_url(pkey, - SOFTHSM_URL - ";object=cert;object-type=private;pin-value=XXXX"); + ret = gnutls_privkey_import_pkcs11_url( + pkey, + SOFTHSM_URL ";object=cert;object-type=private;pin-value=XXXX"); if (ret != GNUTLS_E_PKCS11_PIN_ERROR) { fprintf(stderr, "unexpected error in %d: %s\n", __LINE__, gnutls_strerror(ret)); @@ -177,11 +173,9 @@ void doit(void) /* Test 2 * Try importing with pin-value */ - ret = - gnutls_privkey_import_pkcs11_url(pkey, - SOFTHSM_URL - ";object=cert;object-type=private;pin-value=" - PIN); + ret = gnutls_privkey_import_pkcs11_url( + pkey, + SOFTHSM_URL ";object=cert;object-type=private;pin-value=" PIN); if (ret < 0) { fprintf(stderr, "error in %d: %s\n", __LINE__, gnutls_strerror(ret)); @@ -189,8 +183,8 @@ void doit(void) } /* check whether privkey is operational by signing */ - assert(gnutls_privkey_sign_data - (pkey, GNUTLS_DIG_SHA256, 0, &testdata, &sig) == 0); + assert(gnutls_privkey_sign_data(pkey, GNUTLS_DIG_SHA256, 0, &testdata, + &sig) == 0); gnutls_free(sig.data); gnutls_privkey_deinit(pkey); @@ -230,8 +224,8 @@ void doit(void) } /* check whether privkey is operational by signing */ - assert(gnutls_privkey_sign_data - (pkey, GNUTLS_DIG_SHA256, 0, &testdata, &sig) == 0); + assert(gnutls_privkey_sign_data(pkey, GNUTLS_DIG_SHA256, 0, &testdata, + &sig) == 0); gnutls_free(sig.data); gnutls_privkey_deinit(pkey); diff --git a/tests/pkcs11/pkcs11-is-known.c b/tests/pkcs11/pkcs11-is-known.c index 7301be35f7..fc471e3f1c 100644 --- a/tests/pkcs11/pkcs11-is-known.c +++ b/tests/pkcs11/pkcs11-is-known.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -38,276 +38,278 @@ #define MAX_CHAIN 16 -#define OBJ_URL SOFTHSM_URL";object=test-ca0;object-type=cert" +#define OBJ_URL SOFTHSM_URL ";object=test-ca0;object-type=cert" #define CONFIG "softhsm-issuer2.config" /* These CAs have the same DN */ static const char *ca_list[MAX_CHAIN] = { "-----BEGIN CERTIFICATE-----\n" - "MIIHSjCCBjKgAwIBAgIKYRHt9wABAAAAFTANBgkqhkiG9w0BAQUFADBSMQswCQYD\n" - "VQQGEwJVUzEaMBgGA1UEChMRSW50ZWwgQ29ycG9yYXRpb24xJzAlBgNVBAMTHklu\n" - "dGVsIEludHJhbmV0IEJhc2ljIFBvbGljeSBDQTAeFw0xMzAyMDQyMTUyMThaFw0x\n" - "ODA1MjQxOTU5MzlaMFYxCzAJBgNVBAYTAlVTMRowGAYDVQQKExFJbnRlbCBDb3Jw\n" - "b3JhdGlvbjErMCkGA1UEAxMiSW50ZWwgSW50cmFuZXQgQmFzaWMgSXNzdWluZyBD\n" - "QSAyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALn3ogjraWSmK5Wb\n" - "/4e9mENA1F36FBVemaG7L93ZhRRXq4UV0PQM5/4TOe9KAaOlX+a2cuULeeUtN9Rk\n" - "V/nHAVzSWlqc/NTMJfuI/1AD7ICNejQFYLxDMXGjR7eAHtiMz0iTMp9u6YTw4WXh\n" - "WffqTPiqUZ6DEWsMic9dM9yw/JqzycKClLcTD1OCvtw7Fx4tNTu6/ngrYJcTo29e\n" - "BBh/DupgtgnYPYuExEkHmucb4VIDdjfRkPo/BdNqrUSYfYqnUDj5mH+hPzIgppsZ\n" - "Rw0S5PUZGuC1f+Zok+4vZPR+hGG3Pdm2LTUEWSnurlhyfBoM+0yxeHsmL9aHU7zt\n" - "EIzVmKUCAwEAAaOCBBwwggQYMBIGCSsGAQQBgjcVAQQFAgMCAAIwIwYJKwYBBAGC\n" - "NxUCBBYEFMqHyYZOx6LYwRwZ+5vjOyIl9hENMB0GA1UdDgQWBBQ4Y3b6tgU6qVlP\n" - "SoeNoIO3fpE6CzAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMC\n" - "AYYwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBRp6zCRHAOAgE4RFYhG\n" - "pOJBmtNpHzCCAaIGA1UdHwSCAZkwggGVMIIBkaCCAY2gggGJhlFodHRwOi8vd3d3\n" - "LmludGVsLmNvbS9yZXBvc2l0b3J5L0NSTC9JbnRlbCUyMEludHJhbmV0JTIwQmFz\n" - "aWMlMjBQb2xpY3klMjBDQSgxKS5jcmyGWmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuaW50\n" - "ZWwuY29tL3JlcG9zaXRvcnkvQ1JML0ludGVsJTIwSW50cmFuZXQlMjBCYXNpYyUy\n" - "MFBvbGljeSUyMENBKDEpLmNybIaB12xkYXA6Ly8vQ049SW50ZWwlMjBJbnRyYW5l\n" - "dCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSksQ049bWNzaWJwY2EsQ049Q0RQLENO\n" - "PVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3Vy\n" - "YXRpb24sREM9Y29ycCxEQz1pbnRlbCxEQz1jb20/Y2VydGlmaWNhdGVSZXZvY2F0\n" - "aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MIIB\n" - "uQYIKwYBBQUHAQEEggGrMIIBpzBmBggrBgEFBQcwAoZaaHR0cDovL3d3dy5pbnRl\n" - "bC5jb20vcmVwb3NpdG9yeS9jZXJ0aWZpY2F0ZXMvSW50ZWwlMjBJbnRyYW5ldCUy\n" - "MEJhc2ljJTIwUG9saWN5JTIwQ0EoMSkuY3J0MG8GCCsGAQUFBzAChmNodHRwOi8v\n" - "Y2VydGlmaWNhdGVzLmludGVsLmNvbS9yZXBvc2l0b3J5L2NlcnRpZmljYXRlcy9J\n" - "bnRlbCUyMEludHJhbmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgxKS5jcnQwgcsG\n" - "CCsGAQUFBzAChoG+bGRhcDovLy9DTj1JbnRlbCUyMEludHJhbmV0JTIwQmFzaWMl\n" - "MjBQb2xpY3klMjBDQSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMs\n" - "Q049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1jb3JwLERDPWludGVsLERD\n" - "PWNvbT9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNhdGlv\n" - "bkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAsj8cHt2jSAmnIGulE9jXooAc\n" - "qH2xehlI+ko/al+nDnBzbjDYYjVS52XitYg8JGo6j72ijiGlGb/03FcQJRBZmUH6\n" - "znktx2rGTm4IdjL8quhvHthlzXXCozL8GMeeOuZ5rzHlhapKx764a5RuZtyx89uS\n" - "9cECon6oLGesXjFJ8Xrq6ecHZrQwJUpmvZalwvloKACAWqBh8yV12WDnUNZhtp8N\n" - "8rqeJZoy/lXGnTxsSSodO/5Y/CxYJM4W6u4WgvXNJSjO/0qWvb64S+pVLjBzwI+Y\n" - "X6oLqmBovRp1lGPOLjkXZi3EKDR8DmzhtpJq2677RtYowewnFedQ+exH9cXoJw==\n" - "-----END CERTIFICATE-----", + "MIIHSjCCBjKgAwIBAgIKYRHt9wABAAAAFTANBgkqhkiG9w0BAQUFADBSMQswCQYD\n" + "VQQGEwJVUzEaMBgGA1UEChMRSW50ZWwgQ29ycG9yYXRpb24xJzAlBgNVBAMTHklu\n" + "dGVsIEludHJhbmV0IEJhc2ljIFBvbGljeSBDQTAeFw0xMzAyMDQyMTUyMThaFw0x\n" + "ODA1MjQxOTU5MzlaMFYxCzAJBgNVBAYTAlVTMRowGAYDVQQKExFJbnRlbCBDb3Jw\n" + "b3JhdGlvbjErMCkGA1UEAxMiSW50ZWwgSW50cmFuZXQgQmFzaWMgSXNzdWluZyBD\n" + "QSAyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALn3ogjraWSmK5Wb\n" + "/4e9mENA1F36FBVemaG7L93ZhRRXq4UV0PQM5/4TOe9KAaOlX+a2cuULeeUtN9Rk\n" + "V/nHAVzSWlqc/NTMJfuI/1AD7ICNejQFYLxDMXGjR7eAHtiMz0iTMp9u6YTw4WXh\n" + "WffqTPiqUZ6DEWsMic9dM9yw/JqzycKClLcTD1OCvtw7Fx4tNTu6/ngrYJcTo29e\n" + "BBh/DupgtgnYPYuExEkHmucb4VIDdjfRkPo/BdNqrUSYfYqnUDj5mH+hPzIgppsZ\n" + "Rw0S5PUZGuC1f+Zok+4vZPR+hGG3Pdm2LTUEWSnurlhyfBoM+0yxeHsmL9aHU7zt\n" + "EIzVmKUCAwEAAaOCBBwwggQYMBIGCSsGAQQBgjcVAQQFAgMCAAIwIwYJKwYBBAGC\n" + "NxUCBBYEFMqHyYZOx6LYwRwZ+5vjOyIl9hENMB0GA1UdDgQWBBQ4Y3b6tgU6qVlP\n" + "SoeNoIO3fpE6CzAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMC\n" + "AYYwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBRp6zCRHAOAgE4RFYhG\n" + "pOJBmtNpHzCCAaIGA1UdHwSCAZkwggGVMIIBkaCCAY2gggGJhlFodHRwOi8vd3d3\n" + "LmludGVsLmNvbS9yZXBvc2l0b3J5L0NSTC9JbnRlbCUyMEludHJhbmV0JTIwQmFz\n" + "aWMlMjBQb2xpY3klMjBDQSgxKS5jcmyGWmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuaW50\n" + "ZWwuY29tL3JlcG9zaXRvcnkvQ1JML0ludGVsJTIwSW50cmFuZXQlMjBCYXNpYyUy\n" + "MFBvbGljeSUyMENBKDEpLmNybIaB12xkYXA6Ly8vQ049SW50ZWwlMjBJbnRyYW5l\n" + "dCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSksQ049bWNzaWJwY2EsQ049Q0RQLENO\n" + "PVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3Vy\n" + "YXRpb24sREM9Y29ycCxEQz1pbnRlbCxEQz1jb20/Y2VydGlmaWNhdGVSZXZvY2F0\n" + "aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MIIB\n" + "uQYIKwYBBQUHAQEEggGrMIIBpzBmBggrBgEFBQcwAoZaaHR0cDovL3d3dy5pbnRl\n" + "bC5jb20vcmVwb3NpdG9yeS9jZXJ0aWZpY2F0ZXMvSW50ZWwlMjBJbnRyYW5ldCUy\n" + "MEJhc2ljJTIwUG9saWN5JTIwQ0EoMSkuY3J0MG8GCCsGAQUFBzAChmNodHRwOi8v\n" + "Y2VydGlmaWNhdGVzLmludGVsLmNvbS9yZXBvc2l0b3J5L2NlcnRpZmljYXRlcy9J\n" + "bnRlbCUyMEludHJhbmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgxKS5jcnQwgcsG\n" + "CCsGAQUFBzAChoG+bGRhcDovLy9DTj1JbnRlbCUyMEludHJhbmV0JTIwQmFzaWMl\n" + "MjBQb2xpY3klMjBDQSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMs\n" + "Q049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1jb3JwLERDPWludGVsLERD\n" + "PWNvbT9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNhdGlv\n" + "bkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAsj8cHt2jSAmnIGulE9jXooAc\n" + "qH2xehlI+ko/al+nDnBzbjDYYjVS52XitYg8JGo6j72ijiGlGb/03FcQJRBZmUH6\n" + "znktx2rGTm4IdjL8quhvHthlzXXCozL8GMeeOuZ5rzHlhapKx764a5RuZtyx89uS\n" + "9cECon6oLGesXjFJ8Xrq6ecHZrQwJUpmvZalwvloKACAWqBh8yV12WDnUNZhtp8N\n" + "8rqeJZoy/lXGnTxsSSodO/5Y/CxYJM4W6u4WgvXNJSjO/0qWvb64S+pVLjBzwI+Y\n" + "X6oLqmBovRp1lGPOLjkXZi3EKDR8DmzhtpJq2677RtYowewnFedQ+exH9cXoJw==\n" + "-----END CERTIFICATE-----", "-----BEGIN CERTIFICATE-----\n" - "MIIHSjCCBjKgAwIBAgIKYRXxrQABAAAAETANBgkqhkiG9w0BAQUFADBSMQswCQYD\n" - "VQQGEwJVUzEaMBgGA1UEChMRSW50ZWwgQ29ycG9yYXRpb24xJzAlBgNVBAMTHklu\n" - "dGVsIEludHJhbmV0IEJhc2ljIFBvbGljeSBDQTAeFw0wOTA1MTUxODQyNDVaFw0x\n" - "NTA1MTUxODUyNDVaMFYxCzAJBgNVBAYTAlVTMRowGAYDVQQKExFJbnRlbCBDb3Jw\n" - "b3JhdGlvbjErMCkGA1UEAxMiSW50ZWwgSW50cmFuZXQgQmFzaWMgSXNzdWluZyBD\n" - "QSAyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbJOXtXYgfyoch6\n" - "ip5SSjijOXvpIjBxbTl5EGH/VYHmpM2O6SRlKh/uy77QS9m84sRWCJLr8cWwX9oH\n" - "qSmIylgcWvDpVNHx4v506DTTrbK0sbYRQYXRajOzJKeTt7NLeLrngyl45FrI9VAT\n" - "3yqp/2BCG1dUwcBha3dB2UbTkFOMt9o/gqoL6KvgswYMs/oGc/OIjeozdYuhnBT2\n" - "YlT9Ge5pfhOJWXh4DJbxnTmWwRUKq0MXFn0S00KQ/BZOTkc/5DibUmbmMrYi8ra4\n" - "Z2bpnoTq0WNA99O2Lk8IgmkqPdi6HwZwKCE/x01qwP8zo76rvN8sbW9pj2WzS1WF\n" - "tSDPeZECAwEAAaOCBBwwggQYMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYE\n" - "FPwbdyds7Cm03lobLKmI6q59npi+MAsGA1UdDwQEAwIBhjASBgkrBgEEAYI3FQEE\n" - "BQIDAQABMCMGCSsGAQQBgjcVAgQWBBRT1n27C6cZL4QFHaUX2nFSCPxhtTAZBgkr\n" - "BgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAfBgNVHSMEGDAWgBRp6zCRHAOAgE4RFYhG\n" - "pOJBmtNpHzCCAaIGA1UdHwSCAZkwggGVMIIBkaCCAY2gggGJhlFodHRwOi8vd3d3\n" - "LmludGVsLmNvbS9yZXBvc2l0b3J5L0NSTC9JbnRlbCUyMEludHJhbmV0JTIwQmFz\n" - "aWMlMjBQb2xpY3klMjBDQSgxKS5jcmyGWmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuaW50\n" - "ZWwuY29tL3JlcG9zaXRvcnkvQ1JML0ludGVsJTIwSW50cmFuZXQlMjBCYXNpYyUy\n" - "MFBvbGljeSUyMENBKDEpLmNybIaB12xkYXA6Ly8vQ049SW50ZWwlMjBJbnRyYW5l\n" - "dCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSksQ049bWNzaWJwY2EsQ049Q0RQLENO\n" - "PVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3Vy\n" - "YXRpb24sREM9Y29ycCxEQz1pbnRlbCxEQz1jb20/Y2VydGlmaWNhdGVSZXZvY2F0\n" - "aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MIIB\n" - "uQYIKwYBBQUHAQEEggGrMIIBpzBmBggrBgEFBQcwAoZaaHR0cDovL3d3dy5pbnRl\n" - "bC5jb20vcmVwb3NpdG9yeS9jZXJ0aWZpY2F0ZXMvSW50ZWwlMjBJbnRyYW5ldCUy\n" - "MEJhc2ljJTIwUG9saWN5JTIwQ0EoMSkuY3J0MG8GCCsGAQUFBzAChmNodHRwOi8v\n" - "Y2VydGlmaWNhdGVzLmludGVsLmNvbS9yZXBvc2l0b3J5L2NlcnRpZmljYXRlcy9J\n" - "bnRlbCUyMEludHJhbmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgxKS5jcnQwgcsG\n" - "CCsGAQUFBzAChoG+bGRhcDovLy9DTj1JbnRlbCUyMEludHJhbmV0JTIwQmFzaWMl\n" - "MjBQb2xpY3klMjBDQSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMs\n" - "Q049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1jb3JwLERDPWludGVsLERD\n" - "PWNvbT9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNhdGlv\n" - "bkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEArlAkrJXyMCssqAJT3PqnY7wt\n" - "sirq1fTMrVrHdmkpBKDXBQnDcTW1zfZtOPV/QDm3UsFwDBbGq+j/7U9qZ1zYHkv+\n" - "wrBpeFM6dlca/sgegGGAhYnQQwmlSzNXCKHMBltMjT61X8rVjyt1XJnucgat9rnT\n" - "2j8pztqoViVnORsGfT6DDB/bz/6bFKw4FMp1wDaJI7dKh5NUggvH36owTWI7JUvq\n" - "yJ8OI2qmjXrlqGexfwvltIkEk8xzuMIHWQoR8sERL2qf3nb2VYq1s1LbH5uCkZ0l\n" - "w/xgwFbbwjaGJ3TFOmkVKYU77nXSkfK9EXae0UZRU0WmX4t5NNt8jiL56TPpsw==\n" - "-----END CERTIFICATE-----\n", + "MIIHSjCCBjKgAwIBAgIKYRXxrQABAAAAETANBgkqhkiG9w0BAQUFADBSMQswCQYD\n" + "VQQGEwJVUzEaMBgGA1UEChMRSW50ZWwgQ29ycG9yYXRpb24xJzAlBgNVBAMTHklu\n" + "dGVsIEludHJhbmV0IEJhc2ljIFBvbGljeSBDQTAeFw0wOTA1MTUxODQyNDVaFw0x\n" + "NTA1MTUxODUyNDVaMFYxCzAJBgNVBAYTAlVTMRowGAYDVQQKExFJbnRlbCBDb3Jw\n" + "b3JhdGlvbjErMCkGA1UEAxMiSW50ZWwgSW50cmFuZXQgQmFzaWMgSXNzdWluZyBD\n" + "QSAyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbJOXtXYgfyoch6\n" + "ip5SSjijOXvpIjBxbTl5EGH/VYHmpM2O6SRlKh/uy77QS9m84sRWCJLr8cWwX9oH\n" + "qSmIylgcWvDpVNHx4v506DTTrbK0sbYRQYXRajOzJKeTt7NLeLrngyl45FrI9VAT\n" + "3yqp/2BCG1dUwcBha3dB2UbTkFOMt9o/gqoL6KvgswYMs/oGc/OIjeozdYuhnBT2\n" + "YlT9Ge5pfhOJWXh4DJbxnTmWwRUKq0MXFn0S00KQ/BZOTkc/5DibUmbmMrYi8ra4\n" + "Z2bpnoTq0WNA99O2Lk8IgmkqPdi6HwZwKCE/x01qwP8zo76rvN8sbW9pj2WzS1WF\n" + "tSDPeZECAwEAAaOCBBwwggQYMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYE\n" + "FPwbdyds7Cm03lobLKmI6q59npi+MAsGA1UdDwQEAwIBhjASBgkrBgEEAYI3FQEE\n" + "BQIDAQABMCMGCSsGAQQBgjcVAgQWBBRT1n27C6cZL4QFHaUX2nFSCPxhtTAZBgkr\n" + "BgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAfBgNVHSMEGDAWgBRp6zCRHAOAgE4RFYhG\n" + "pOJBmtNpHzCCAaIGA1UdHwSCAZkwggGVMIIBkaCCAY2gggGJhlFodHRwOi8vd3d3\n" + "LmludGVsLmNvbS9yZXBvc2l0b3J5L0NSTC9JbnRlbCUyMEludHJhbmV0JTIwQmFz\n" + "aWMlMjBQb2xpY3klMjBDQSgxKS5jcmyGWmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuaW50\n" + "ZWwuY29tL3JlcG9zaXRvcnkvQ1JML0ludGVsJTIwSW50cmFuZXQlMjBCYXNpYyUy\n" + "MFBvbGljeSUyMENBKDEpLmNybIaB12xkYXA6Ly8vQ049SW50ZWwlMjBJbnRyYW5l\n" + "dCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSksQ049bWNzaWJwY2EsQ049Q0RQLENO\n" + "PVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3Vy\n" + "YXRpb24sREM9Y29ycCxEQz1pbnRlbCxEQz1jb20/Y2VydGlmaWNhdGVSZXZvY2F0\n" + "aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MIIB\n" + "uQYIKwYBBQUHAQEEggGrMIIBpzBmBggrBgEFBQcwAoZaaHR0cDovL3d3dy5pbnRl\n" + "bC5jb20vcmVwb3NpdG9yeS9jZXJ0aWZpY2F0ZXMvSW50ZWwlMjBJbnRyYW5ldCUy\n" + "MEJhc2ljJTIwUG9saWN5JTIwQ0EoMSkuY3J0MG8GCCsGAQUFBzAChmNodHRwOi8v\n" + "Y2VydGlmaWNhdGVzLmludGVsLmNvbS9yZXBvc2l0b3J5L2NlcnRpZmljYXRlcy9J\n" + "bnRlbCUyMEludHJhbmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgxKS5jcnQwgcsG\n" + "CCsGAQUFBzAChoG+bGRhcDovLy9DTj1JbnRlbCUyMEludHJhbmV0JTIwQmFzaWMl\n" + "MjBQb2xpY3klMjBDQSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMs\n" + "Q049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1jb3JwLERDPWludGVsLERD\n" + "PWNvbT9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNhdGlv\n" + "bkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEArlAkrJXyMCssqAJT3PqnY7wt\n" + "sirq1fTMrVrHdmkpBKDXBQnDcTW1zfZtOPV/QDm3UsFwDBbGq+j/7U9qZ1zYHkv+\n" + "wrBpeFM6dlca/sgegGGAhYnQQwmlSzNXCKHMBltMjT61X8rVjyt1XJnucgat9rnT\n" + "2j8pztqoViVnORsGfT6DDB/bz/6bFKw4FMp1wDaJI7dKh5NUggvH36owTWI7JUvq\n" + "yJ8OI2qmjXrlqGexfwvltIkEk8xzuMIHWQoR8sERL2qf3nb2VYq1s1LbH5uCkZ0l\n" + "w/xgwFbbwjaGJ3TFOmkVKYU77nXSkfK9EXae0UZRU0WmX4t5NNt8jiL56TPpsw==\n" + "-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\n" - "MIIHIzCCBgugAwIBAgIKYRok3wABAAAADDANBgkqhkiG9w0BAQUFADBSMQswCQYD\n" - "VQQGEwJVUzEaMBgGA1UEChMRSW50ZWwgQ29ycG9yYXRpb24xJzAlBgNVBAMTHklu\n" - "dGVsIEludHJhbmV0IEJhc2ljIFBvbGljeSBDQTAeFw0wNjA1MjQxOTU2MDFaFw0x\n" - "MjA1MjQyMDA2MDFaMFYxCzAJBgNVBAYTAlVTMRowGAYDVQQKExFJbnRlbCBDb3Jw\n" - "b3JhdGlvbjErMCkGA1UEAxMiSW50ZWwgSW50cmFuZXQgQmFzaWMgSXNzdWluZyBD\n" - "QSAyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANE2pFSB0XqXoRWF\n" - "N7bzDesBAcTGEqcr6GVA+sMcJ5Vt17S8vGesmO2RgP6I49Q58nIhUnT054arUlOx\n" - "NKYbAEiVyGOK5zV2mZS4oW2UazfcpsV1uuO3j02UbzX+qcxQdNqoAHxwoB4nRJuU\n" - "Ijio45jWAssDbD8IKHZpmqRI5wUzbibkWnTZEc0YFO6iF40sNtqVr+uInP07PkQn\n" - "1Ttkyw6isa5Dhcyq6lTVOjnlj29bFYbZxN1uuDnTpUMVeov8oQv5wLyLrDVd1sMg\n" - "Njr2oofepZ8KjF3DKCkfsUekCHA9Pr2K/4hStd/nSwvIdNjCjfznqYadkB6wQ99a\n" - "hTX4uJkCAwEAAaOCA/UwggPxMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYE\n" - "FJunwCR+/af8p76CGTyhUZc3l/4DMAsGA1UdDwQEAwIBhjAQBgkrBgEEAYI3FQEE\n" - "AwIBADAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAfBgNVHSMEGDAWgBRp6zCR\n" - "HAOAgE4RFYhGpOJBmtNpHzCCAaIGA1UdHwSCAZkwggGVMIIBkaCCAY2gggGJhlFo\n" - "dHRwOi8vd3d3LmludGVsLmNvbS9yZXBvc2l0b3J5L0NSTC9JbnRlbCUyMEludHJh\n" - "bmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgxKS5jcmyGWmh0dHA6Ly9jZXJ0aWZp\n" - "Y2F0ZXMuaW50ZWwuY29tL3JlcG9zaXRvcnkvQ1JML0ludGVsJTIwSW50cmFuZXQl\n" - "MjBCYXNpYyUyMFBvbGljeSUyMENBKDEpLmNybIaB12xkYXA6Ly8vQ049SW50ZWwl\n" - "MjBJbnRyYW5ldCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSksQ049bWNzaWJwY2Es\n" - "Q049Q0RQLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENO\n" - "PUNvbmZpZ3VyYXRpb24sREM9Y29ycCxEQz1pbnRlbCxEQz1jb20/Y2VydGlmaWNh\n" - "dGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlv\n" - "blBvaW50MIIBuQYIKwYBBQUHAQEEggGrMIIBpzBmBggrBgEFBQcwAoZaaHR0cDov\n" - "L3d3dy5pbnRlbC5jb20vcmVwb3NpdG9yeS9jZXJ0aWZpY2F0ZXMvSW50ZWwlMjBJ\n" - "bnRyYW5ldCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSkuY3J0MG8GCCsGAQUFBzAC\n" - "hmNodHRwOi8vY2VydGlmaWNhdGVzLmludGVsLmNvbS9yZXBvc2l0b3J5L2NlcnRp\n" - "ZmljYXRlcy9JbnRlbCUyMEludHJhbmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgx\n" - "KS5jcnQwgcsGCCsGAQUFBzAChoG+bGRhcDovLy9DTj1JbnRlbCUyMEludHJhbmV0\n" - "JTIwQmFzaWMlMjBQb2xpY3klMjBDQSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIw\n" - "U2VydmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1jb3JwLERD\n" - "PWludGVsLERDPWNvbT9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2Vy\n" - "dGlmaWNhdGlvbkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAe3SmN0lsGF0h\n" - "zq+NANnUD4YJS31UqreVm4kJv07+9CTBtlB0AVqJ2RcjRosdQmrbhx7R0WwcXSdR\n" - "QnRGhaoDVRNehKiz3Grp6ehJr9LInhCp6WtOeKRlOSb2xgRDJCtzCi07TuAb9h2I\n" - "urpmndeA4NEbPYL1GYEBpKYawUcFCq5yTv0YgZXy53DdBDv9ygRWYGEk7/gPgvCu\n" - "2O1GNs9n25goy+3/aMkHnUyl3MOtiooXJR7eKOEgTPHNe42LQ9KuUz5SoZQN8vSL\n" - "r49IRDC4dgMkGvsC5h0+ftixQ66ni6QJe6SNcpSZrpW5vBE9J+vtDI0gTyq2SYPo\n" - "0fiS3V8p4g==\n" "-----END CERTIFICATE-----\n", + "MIIHIzCCBgugAwIBAgIKYRok3wABAAAADDANBgkqhkiG9w0BAQUFADBSMQswCQYD\n" + "VQQGEwJVUzEaMBgGA1UEChMRSW50ZWwgQ29ycG9yYXRpb24xJzAlBgNVBAMTHklu\n" + "dGVsIEludHJhbmV0IEJhc2ljIFBvbGljeSBDQTAeFw0wNjA1MjQxOTU2MDFaFw0x\n" + "MjA1MjQyMDA2MDFaMFYxCzAJBgNVBAYTAlVTMRowGAYDVQQKExFJbnRlbCBDb3Jw\n" + "b3JhdGlvbjErMCkGA1UEAxMiSW50ZWwgSW50cmFuZXQgQmFzaWMgSXNzdWluZyBD\n" + "QSAyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANE2pFSB0XqXoRWF\n" + "N7bzDesBAcTGEqcr6GVA+sMcJ5Vt17S8vGesmO2RgP6I49Q58nIhUnT054arUlOx\n" + "NKYbAEiVyGOK5zV2mZS4oW2UazfcpsV1uuO3j02UbzX+qcxQdNqoAHxwoB4nRJuU\n" + "Ijio45jWAssDbD8IKHZpmqRI5wUzbibkWnTZEc0YFO6iF40sNtqVr+uInP07PkQn\n" + "1Ttkyw6isa5Dhcyq6lTVOjnlj29bFYbZxN1uuDnTpUMVeov8oQv5wLyLrDVd1sMg\n" + "Njr2oofepZ8KjF3DKCkfsUekCHA9Pr2K/4hStd/nSwvIdNjCjfznqYadkB6wQ99a\n" + "hTX4uJkCAwEAAaOCA/UwggPxMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYE\n" + "FJunwCR+/af8p76CGTyhUZc3l/4DMAsGA1UdDwQEAwIBhjAQBgkrBgEEAYI3FQEE\n" + "AwIBADAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAfBgNVHSMEGDAWgBRp6zCR\n" + "HAOAgE4RFYhGpOJBmtNpHzCCAaIGA1UdHwSCAZkwggGVMIIBkaCCAY2gggGJhlFo\n" + "dHRwOi8vd3d3LmludGVsLmNvbS9yZXBvc2l0b3J5L0NSTC9JbnRlbCUyMEludHJh\n" + "bmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgxKS5jcmyGWmh0dHA6Ly9jZXJ0aWZp\n" + "Y2F0ZXMuaW50ZWwuY29tL3JlcG9zaXRvcnkvQ1JML0ludGVsJTIwSW50cmFuZXQl\n" + "MjBCYXNpYyUyMFBvbGljeSUyMENBKDEpLmNybIaB12xkYXA6Ly8vQ049SW50ZWwl\n" + "MjBJbnRyYW5ldCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSksQ049bWNzaWJwY2Es\n" + "Q049Q0RQLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENO\n" + "PUNvbmZpZ3VyYXRpb24sREM9Y29ycCxEQz1pbnRlbCxEQz1jb20/Y2VydGlmaWNh\n" + "dGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlv\n" + "blBvaW50MIIBuQYIKwYBBQUHAQEEggGrMIIBpzBmBggrBgEFBQcwAoZaaHR0cDov\n" + "L3d3dy5pbnRlbC5jb20vcmVwb3NpdG9yeS9jZXJ0aWZpY2F0ZXMvSW50ZWwlMjBJ\n" + "bnRyYW5ldCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSkuY3J0MG8GCCsGAQUFBzAC\n" + "hmNodHRwOi8vY2VydGlmaWNhdGVzLmludGVsLmNvbS9yZXBvc2l0b3J5L2NlcnRp\n" + "ZmljYXRlcy9JbnRlbCUyMEludHJhbmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgx\n" + "KS5jcnQwgcsGCCsGAQUFBzAChoG+bGRhcDovLy9DTj1JbnRlbCUyMEludHJhbmV0\n" + "JTIwQmFzaWMlMjBQb2xpY3klMjBDQSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIw\n" + "U2VydmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1jb3JwLERD\n" + "PWludGVsLERDPWNvbT9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2Vy\n" + "dGlmaWNhdGlvbkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAe3SmN0lsGF0h\n" + "zq+NANnUD4YJS31UqreVm4kJv07+9CTBtlB0AVqJ2RcjRosdQmrbhx7R0WwcXSdR\n" + "QnRGhaoDVRNehKiz3Grp6ehJr9LInhCp6WtOeKRlOSb2xgRDJCtzCi07TuAb9h2I\n" + "urpmndeA4NEbPYL1GYEBpKYawUcFCq5yTv0YgZXy53DdBDv9ygRWYGEk7/gPgvCu\n" + "2O1GNs9n25goy+3/aMkHnUyl3MOtiooXJR7eKOEgTPHNe42LQ9KuUz5SoZQN8vSL\n" + "r49IRDC4dgMkGvsC5h0+ftixQ66ni6QJe6SNcpSZrpW5vBE9J+vtDI0gTyq2SYPo\n" + "0fiS3V8p4g==\n" + "-----END CERTIFICATE-----\n", NULL }; /* this certificate has the same CN as one of the CAs above */ static const char same_dn_cert_str[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIHSjCCBjKgAwIBAgIKYRHt9wABAAAAFTANBgkqhkiG9w0BAQUFADBSMQswCQYD\n" - "VQQGEwJVUzEaMBgGA1UEChMRSW50ZWwgQ29ycG9yYXRpb24xJzAlBgNVBAMTHklu\n" - "dGVsIEludHJhbmV0IEJvc2FjIFBvbGljeSBDQTAeFw0xMzAyMDQyMTUyMThaFw0x\n" - "ODA1MjQxOTU5MzlaMFYxCzAJBgNVBAYTAlVTMRowGAYDVQQKExFJbnRlbCBDb3Jw\n" - "b3JhdGlvbjErMCkGA1UEAxMiSW50ZWwgSW50cmFuZXQgQmFzaWMgSXNzdWluZyBD\n" - "QSAyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALn3ogjraWSmK5Wb\n" - "/4e9mENA1F36FBVemaG7L93ZhRRXq4UV0PQM5/4TOe9KAaOlX+a2cuULeeUtN9Rk\n" - "V/nHAVzSWlqc/NTMJfuI/1AD7ICNejQFYLxDMXGjR7eAHtiMz0iTMp9u6YTw4WXh\n" - "WffqTPiqUZ6DEWsMic9dM9yw/JqzycKClLcTD1OCvtw7Fx4tNTu6/ngrYJcTo29e\n" - "BBh/DupgtgnYPYuExEkHmucb4VIDdjfRkPo/BdNqrUSYfYqnUDj5mH+hPzIgppsZ\n" - "Rw0S5PUZGuC1f+Zok+4vZPR+hGG3Pdm2LTUEWSnurlhyfBoM+0yxeHsmL9aHU7zt\n" - "EIzVmKUCAwEAAaOCBBwwggQYMBIGCSsGAQQBgjcVAQQFAgMCAAIwIwYJKwYBBAGC\n" - "NxUCBBYEFMqHyYZOx6LYwRwZ+5vjOyIl9hENMB0GA1UdDgQWBBQ4Y3b6tgU6qVlP\n" - "SoeNoIO3fpE6CzAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMC\n" - "AYYwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBRp6zCRHAOAgE4RFYhG\n" - "pOJBmtNpHzCCAaIGA1UdHwSCAZkwggGVMIIBkaCCAY2gggGJhlFodHRwOi8vd3d3\n" - "LmludGVsLmNvbS9yZXBvc2l0b3J5L1hYWC9JbnRlbCUyMEludHJhbmV0JTIwQmFz\n" - "aWMlMjBQb2xpY3klMjBDQSgxKS5jcmyGWmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuaW50\n" - "ZWwuY29tL3JlcG9zaXRvcnkvQ1JML0ludGVsJTIwSW50cmFuZXQlMjBCYXNpYyUy\n" - "MFBvbGljeSUyMENBKDEpLmNybIaB12xkYXA6Ly8vQ049SW50ZWwlMjBJbnRyYW5l\n" - "dCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSksQ049bWNzaWJwY2EsQ049Q0RQLENO\n" - "PVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3Vy\n" - "YXRpb24sREM9Y29ycCxEQz1pbnRlbCxEQz1jb20/Y2VydGlmaWNhdGVSZXZvY2F0\n" - "aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MIIB\n" - "uQYIKwYBBQUHAQEEggGrMIIBpzBmBggrBgEFBQcwAoZaaHR0cDovL3d3dy5pbnRl\n" - "bC5jb20vcmVwb3NpdG9yeS9jZXJ0aWZpY2F0ZXMvSW50ZWwlMjBJbnRyYW5ldCUy\n" - "MEJhc2ljJTIwUG9saWN5JTIwQ0EoMSkuY3J0MG8GCCsGAQUFBzAChmNodHRwOi8v\n" - "Y2VydGlmaWNhdGVzLmludGVsLmNvbS9yZXBvc2l0b3J5L2NlcnRpZmljYXRlcy9J\n" - "bnRlbCUyMEludHJhbmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgxKS5jcnQwgcsG\n" - "CCsGAQUFBzAChoG+bGRhcDovLy9DTj1JbnRlbCUyMEludHJhbmV0JTIwQmFzaWMl\n" - "MjBQb2xpY3klMjBDQSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMs\n" - "Q049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1jb3JwLERDPWludGVsLERD\n" - "PWNvbT9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNhdGlv\n" - "bkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAsj8cHt2jSAmnIGulE9jXooAc\n" - "qH2xehlI+ko/al+nDnBzbjDYYjVS52XitYg8JGo6j72ijiGlGb/03FcQJRBZmUH6\n" - "znktx2rGTm4IdjL8quhvHthlzXXCozL8GMeeOuZ5rzHlhapKx764a5RuZtyx89uS\n" - "9cECon6oLGesXjFJ8Xrq6ecHZrQwJUpmvZalwvloKACAWqBh8yV12WDnUNZhtp8N\n" - "8rqeJZoy/lXGnTxsSSodO/5Y/CxYJM4W6u4WgvXNJSjO/0qWvb64S+pVLjBzwI+Y\n" - "X6oLqmBovRp1lGPOLjkXZi3EKDR8DmzhtpJq2677RtYowewnFedQ+exH9cXoJw==\n" - "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIHSjCCBjKgAwIBAgIKYRHt9wABAAAAFTANBgkqhkiG9w0BAQUFADBSMQswCQYD\n" + "VQQGEwJVUzEaMBgGA1UEChMRSW50ZWwgQ29ycG9yYXRpb24xJzAlBgNVBAMTHklu\n" + "dGVsIEludHJhbmV0IEJvc2FjIFBvbGljeSBDQTAeFw0xMzAyMDQyMTUyMThaFw0x\n" + "ODA1MjQxOTU5MzlaMFYxCzAJBgNVBAYTAlVTMRowGAYDVQQKExFJbnRlbCBDb3Jw\n" + "b3JhdGlvbjErMCkGA1UEAxMiSW50ZWwgSW50cmFuZXQgQmFzaWMgSXNzdWluZyBD\n" + "QSAyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALn3ogjraWSmK5Wb\n" + "/4e9mENA1F36FBVemaG7L93ZhRRXq4UV0PQM5/4TOe9KAaOlX+a2cuULeeUtN9Rk\n" + "V/nHAVzSWlqc/NTMJfuI/1AD7ICNejQFYLxDMXGjR7eAHtiMz0iTMp9u6YTw4WXh\n" + "WffqTPiqUZ6DEWsMic9dM9yw/JqzycKClLcTD1OCvtw7Fx4tNTu6/ngrYJcTo29e\n" + "BBh/DupgtgnYPYuExEkHmucb4VIDdjfRkPo/BdNqrUSYfYqnUDj5mH+hPzIgppsZ\n" + "Rw0S5PUZGuC1f+Zok+4vZPR+hGG3Pdm2LTUEWSnurlhyfBoM+0yxeHsmL9aHU7zt\n" + "EIzVmKUCAwEAAaOCBBwwggQYMBIGCSsGAQQBgjcVAQQFAgMCAAIwIwYJKwYBBAGC\n" + "NxUCBBYEFMqHyYZOx6LYwRwZ+5vjOyIl9hENMB0GA1UdDgQWBBQ4Y3b6tgU6qVlP\n" + "SoeNoIO3fpE6CzAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMC\n" + "AYYwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBRp6zCRHAOAgE4RFYhG\n" + "pOJBmtNpHzCCAaIGA1UdHwSCAZkwggGVMIIBkaCCAY2gggGJhlFodHRwOi8vd3d3\n" + "LmludGVsLmNvbS9yZXBvc2l0b3J5L1hYWC9JbnRlbCUyMEludHJhbmV0JTIwQmFz\n" + "aWMlMjBQb2xpY3klMjBDQSgxKS5jcmyGWmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuaW50\n" + "ZWwuY29tL3JlcG9zaXRvcnkvQ1JML0ludGVsJTIwSW50cmFuZXQlMjBCYXNpYyUy\n" + "MFBvbGljeSUyMENBKDEpLmNybIaB12xkYXA6Ly8vQ049SW50ZWwlMjBJbnRyYW5l\n" + "dCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSksQ049bWNzaWJwY2EsQ049Q0RQLENO\n" + "PVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3Vy\n" + "YXRpb24sREM9Y29ycCxEQz1pbnRlbCxEQz1jb20/Y2VydGlmaWNhdGVSZXZvY2F0\n" + "aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MIIB\n" + "uQYIKwYBBQUHAQEEggGrMIIBpzBmBggrBgEFBQcwAoZaaHR0cDovL3d3dy5pbnRl\n" + "bC5jb20vcmVwb3NpdG9yeS9jZXJ0aWZpY2F0ZXMvSW50ZWwlMjBJbnRyYW5ldCUy\n" + "MEJhc2ljJTIwUG9saWN5JTIwQ0EoMSkuY3J0MG8GCCsGAQUFBzAChmNodHRwOi8v\n" + "Y2VydGlmaWNhdGVzLmludGVsLmNvbS9yZXBvc2l0b3J5L2NlcnRpZmljYXRlcy9J\n" + "bnRlbCUyMEludHJhbmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgxKS5jcnQwgcsG\n" + "CCsGAQUFBzAChoG+bGRhcDovLy9DTj1JbnRlbCUyMEludHJhbmV0JTIwQmFzaWMl\n" + "MjBQb2xpY3klMjBDQSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMs\n" + "Q049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1jb3JwLERDPWludGVsLERD\n" + "PWNvbT9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNhdGlv\n" + "bkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAsj8cHt2jSAmnIGulE9jXooAc\n" + "qH2xehlI+ko/al+nDnBzbjDYYjVS52XitYg8JGo6j72ijiGlGb/03FcQJRBZmUH6\n" + "znktx2rGTm4IdjL8quhvHthlzXXCozL8GMeeOuZ5rzHlhapKx764a5RuZtyx89uS\n" + "9cECon6oLGesXjFJ8Xrq6ecHZrQwJUpmvZalwvloKACAWqBh8yV12WDnUNZhtp8N\n" + "8rqeJZoy/lXGnTxsSSodO/5Y/CxYJM4W6u4WgvXNJSjO/0qWvb64S+pVLjBzwI+Y\n" + "X6oLqmBovRp1lGPOLjkXZi3EKDR8DmzhtpJq2677RtYowewnFedQ+exH9cXoJw==\n" + "-----END CERTIFICATE-----\n"; /* this certificate has the same subject and issuer DNs and serial as one of the CAs above */ static const char same_issuer_cert_str[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIHSjCCBjKgAwIBAgIKYRHt9wABAAAAFTANBgkqhkiG9w0BAQUFADBSMQswCQYD\n" - "VQQGEwJVUzEaMBgGA1UEChMRSW50ZWwgQ29ycG9yYXRpb24xJzAlBgNVBAMTHklu\n" - "dGVsIEludHJhbmV0IEJhc2ljIFBvbGljeSBDQTAeFw0xMzAyMDQyMTUyMThaFw0x\n" - "ODA1MjQxOTU5MzlaMFYxCzAJBgNVBAYTAlVTMRowGAYDVQQKExFJbnRlbCBDb3Jw\n" - "b3JhdGlvbjErMCkGA1UEAxMiSW50ZWwgSW50cmFuZXQgQmFzaWMgSXNzdWluZyBD\n" - "QSAyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALn3ogjraWSmK5Wb\n" - "/4e9mENA1F36FBVemaG7L93ZhRRXq4UV0PQM5/4TOe9KAaOlX+a2cuULeeUtN9Rk\n" - "V/nHAVzSWlqc/NTMJfuI/1AD7ICNejQFYLxDMXGjR7eAHtiMz0iTMp9u6YTw4WXh\n" - "WffqTPiqUZ6DEWsMic9dM9yw/JqzycKClLcTD1OCvtw7Fx4tNTu6/ngrYJcTo29e\n" - "BBh/DupgtgnYPYuExEkHmucb4VIDdjfRkPo/BdNqrUSYfYqnUDj5mH+hPzIgppsZ\n" - "Rw0S5PUZGuC1f+Zok+4vZPR+hGG3Pdm2LTUEWSnurlhyfBoM+0yxeHsmL9aHU7zt\n" - "EIzVmKUCAwEAAaOCBBwwggQYMBIGCSsGAQQBgjcVAQQFAgMCAAIwIwYJKwYBBAGC\n" - "NxUCBBYEFMqHyYZOx6LYwRwZ+5vjOyIl9hENMB0GA1UdDgQWBBQ4Y3b6tgU6qVlP\n" - "SoeNoIO3fpE6CzAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMC\n" - "AYYwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBRp6zCRHAOAgE4RFYhG\n" - "pOJBmtNpHzCCAaIGA1UdHwSCAZkwggGVMIIBkaCCAY2gggGJhlFodHRwOi8vd3d3\n" - "LmludGVsLmNvbS9yZXBvc2l0b3J5L1hYWC9JbnRlbCUyMEludHJhbmV0JTIwQmFz\n" - "aWMlMjBQb2xpY3klMjBDQSgxKS5jcmyGWmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuaW50\n" - "ZWwuY29tL3JlcG9zaXRvcnkvQ1JML0ludGVsJTIwSW50cmFuZXQlMjBCYXNpYyUy\n" - "MFBvbGljeSUyMENBKDEpLmNybIaB12xkYXA6Ly8vQ049SW50ZWwlMjBJbnRyYW5l\n" - "dCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSksQ049bWNzaWJwY2EsQ049Q0RQLENO\n" - "PVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3Vy\n" - "YXRpb24sREM9Y29ycCxEQz1pbnRlbCxEQz1jb20/Y2VydGlmaWNhdGVSZXZvY2F0\n" - "aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MIIB\n" - "uQYIKwYBBQUHAQEEggGrMIIBpzBmBggrBgEFBQcwAoZaaHR0cDovL3d3dy5pbnRl\n" - "bC5jb20vcmVwb3NpdG9yeS9jZXJ0aWZpY2F0ZXMvSW50ZWwlMjBJbnRyYW5ldCUy\n" - "MEJhc2ljJTIwUG9saWN5JTIwQ0EoMSkuY3J0MG8GCCsGAQUFBzAChmNodHRwOi8v\n" - "Y2VydGlmaWNhdGVzLmludGVsLmNvbS9yZXBvc2l0b3J5L2NlcnRpZmljYXRlcy9J\n" - "bnRlbCUyMEludHJhbmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgxKS5jcnQwgcsG\n" - "CCsGAQUFBzAChoG+bGRhcDovLy9DTj1JbnRlbCUyMEludHJhbmV0JTIwQmFzaWMl\n" - "MjBQb2xpY3klMjBDQSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMs\n" - "Q049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1jb3JwLERDPWludGVsLERD\n" - "PWNvbT9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNhdGlv\n" - "bkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAsj8cHt2jSAmnIGulE9jXooAc\n" - "qH2xehlI+ko/al+nDnBzbjDYYjVS52XitYg8JGo6j72ijiGlGb/03FcQJRBZmUH6\n" - "znktx2rGTm4IdjL8quhvHthlzXXCozL8GMeeOuZ5rzHlhapKx764a5RuZtyx89uS\n" - "9cECon6oLGesXjFJ8Xrq6ecHZrQwJUpmvZalwvloKACAWqBh8yV12WDnUNZhtp8N\n" - "8rqeJZoy/lXGnTxsSSodO/5Y/CxYJM4W6u4WgvXNJSjO/0qWvb64S+pVLjBzwI+Y\n" - "X6oLqmBovRp1lGPOLjkXZi3EKDR8DmzhtpJq2677RtYowewnFedQ+exH9cXoJw==\n" - "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIHSjCCBjKgAwIBAgIKYRHt9wABAAAAFTANBgkqhkiG9w0BAQUFADBSMQswCQYD\n" + "VQQGEwJVUzEaMBgGA1UEChMRSW50ZWwgQ29ycG9yYXRpb24xJzAlBgNVBAMTHklu\n" + "dGVsIEludHJhbmV0IEJhc2ljIFBvbGljeSBDQTAeFw0xMzAyMDQyMTUyMThaFw0x\n" + "ODA1MjQxOTU5MzlaMFYxCzAJBgNVBAYTAlVTMRowGAYDVQQKExFJbnRlbCBDb3Jw\n" + "b3JhdGlvbjErMCkGA1UEAxMiSW50ZWwgSW50cmFuZXQgQmFzaWMgSXNzdWluZyBD\n" + "QSAyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALn3ogjraWSmK5Wb\n" + "/4e9mENA1F36FBVemaG7L93ZhRRXq4UV0PQM5/4TOe9KAaOlX+a2cuULeeUtN9Rk\n" + "V/nHAVzSWlqc/NTMJfuI/1AD7ICNejQFYLxDMXGjR7eAHtiMz0iTMp9u6YTw4WXh\n" + "WffqTPiqUZ6DEWsMic9dM9yw/JqzycKClLcTD1OCvtw7Fx4tNTu6/ngrYJcTo29e\n" + "BBh/DupgtgnYPYuExEkHmucb4VIDdjfRkPo/BdNqrUSYfYqnUDj5mH+hPzIgppsZ\n" + "Rw0S5PUZGuC1f+Zok+4vZPR+hGG3Pdm2LTUEWSnurlhyfBoM+0yxeHsmL9aHU7zt\n" + "EIzVmKUCAwEAAaOCBBwwggQYMBIGCSsGAQQBgjcVAQQFAgMCAAIwIwYJKwYBBAGC\n" + "NxUCBBYEFMqHyYZOx6LYwRwZ+5vjOyIl9hENMB0GA1UdDgQWBBQ4Y3b6tgU6qVlP\n" + "SoeNoIO3fpE6CzAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMC\n" + "AYYwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBRp6zCRHAOAgE4RFYhG\n" + "pOJBmtNpHzCCAaIGA1UdHwSCAZkwggGVMIIBkaCCAY2gggGJhlFodHRwOi8vd3d3\n" + "LmludGVsLmNvbS9yZXBvc2l0b3J5L1hYWC9JbnRlbCUyMEludHJhbmV0JTIwQmFz\n" + "aWMlMjBQb2xpY3klMjBDQSgxKS5jcmyGWmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuaW50\n" + "ZWwuY29tL3JlcG9zaXRvcnkvQ1JML0ludGVsJTIwSW50cmFuZXQlMjBCYXNpYyUy\n" + "MFBvbGljeSUyMENBKDEpLmNybIaB12xkYXA6Ly8vQ049SW50ZWwlMjBJbnRyYW5l\n" + "dCUyMEJhc2ljJTIwUG9saWN5JTIwQ0EoMSksQ049bWNzaWJwY2EsQ049Q0RQLENO\n" + "PVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3Vy\n" + "YXRpb24sREM9Y29ycCxEQz1pbnRlbCxEQz1jb20/Y2VydGlmaWNhdGVSZXZvY2F0\n" + "aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MIIB\n" + "uQYIKwYBBQUHAQEEggGrMIIBpzBmBggrBgEFBQcwAoZaaHR0cDovL3d3dy5pbnRl\n" + "bC5jb20vcmVwb3NpdG9yeS9jZXJ0aWZpY2F0ZXMvSW50ZWwlMjBJbnRyYW5ldCUy\n" + "MEJhc2ljJTIwUG9saWN5JTIwQ0EoMSkuY3J0MG8GCCsGAQUFBzAChmNodHRwOi8v\n" + "Y2VydGlmaWNhdGVzLmludGVsLmNvbS9yZXBvc2l0b3J5L2NlcnRpZmljYXRlcy9J\n" + "bnRlbCUyMEludHJhbmV0JTIwQmFzaWMlMjBQb2xpY3klMjBDQSgxKS5jcnQwgcsG\n" + "CCsGAQUFBzAChoG+bGRhcDovLy9DTj1JbnRlbCUyMEludHJhbmV0JTIwQmFzaWMl\n" + "MjBQb2xpY3klMjBDQSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMs\n" + "Q049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1jb3JwLERDPWludGVsLERD\n" + "PWNvbT9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNhdGlv\n" + "bkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAsj8cHt2jSAmnIGulE9jXooAc\n" + "qH2xehlI+ko/al+nDnBzbjDYYjVS52XitYg8JGo6j72ijiGlGb/03FcQJRBZmUH6\n" + "znktx2rGTm4IdjL8quhvHthlzXXCozL8GMeeOuZ5rzHlhapKx764a5RuZtyx89uS\n" + "9cECon6oLGesXjFJ8Xrq6ecHZrQwJUpmvZalwvloKACAWqBh8yV12WDnUNZhtp8N\n" + "8rqeJZoy/lXGnTxsSSodO/5Y/CxYJM4W6u4WgvXNJSjO/0qWvb64S+pVLjBzwI+Y\n" + "X6oLqmBovRp1lGPOLjkXZi3EKDR8DmzhtpJq2677RtYowewnFedQ+exH9cXoJw==\n" + "-----END CERTIFICATE-----\n"; /* this certificate is issued by one of the above */ static const char intermediate_str[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIH4DCCBsigAwIBAgIKFpIKYgACAAJ8lTANBgkqhkiG9w0BAQUFADBWMQswCQYD\n" - "VQQGEwJVUzEaMBgGA1UEChMRSW50ZWwgQ29ycG9yYXRpb24xKzApBgNVBAMTIklu\n" - "dGVsIEludHJhbmV0IEJhc2ljIElzc3VpbmcgQ0EgMkIwHhcNMTQwMTA4MTc0MTM5\n" - "WhcNMTcwMTA3MTc0MTM5WjB1MQswCQYDVQQGEwJJRTELMAkGA1UEBxMCSVIxGjAY\n" - "BgNVBAoTEUludGVsIENvcnBvcmF0aW9uMQswCQYDVQQLEwJJVDEWMBQGA1UEAxMN\n" - "dnBuLmludGVsLmNvbTEYMBYGA1UEAxMPc2NzaXIuaW50ZWwuY29tMIIBIjANBgkq\n" - "hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3WoORH5ITJ2lpcgCHex1HBUnmN/bb6s\n" - "sS1Arm50NEHMlqGfbsdCxq2iodMvrGWvdRAPaf/7Ii1UwUhEzxyKYAXC3KRAgioh\n" - "C0pvGmAFq1ciDYRhANPlW92lIgkt83WwGtOcES2u36VmUxBfdQe6rO3ldoZHVofY\n" - "uIG/ubBVLz0NhWMaRYSUzTv/4PKJ4paIS7COUROYsyKwc5wNjTcR2PB7RRW+YHgM\n" - "FkvqPpLjLAGpHdN+wuPNLlUcyzkZVhhXxvQJ9gc5hw/LLQvbmeiGIZCvOVy3ZSfi\n" - "cGw2jkbqKcFttVV52Wild3ZigALZtkKuFnGw5DEIfk4EAZhG8eHfFQIDAQABo4IE\n" - "jzCCBIswCwYDVR0PBAQDAgWgMB0GA1UdDgQWBBR4EAIG7OggvIFAhrB8m0eyhCKV\n" - "GzAfBgNVHSMEGDAWgBQ4Y3b6tgU6qVlPSoeNoIO3fpE6CzCCAbkGA1UdHwSCAbAw\n" - "ggGsMIIBqKCCAaSgggGghoHibGRhcDovLy9DTj1JbnRlbCUyMEludHJhbmV0JTIw\n" - "QmFzaWMlMjBJc3N1aW5nJTIwQ0ElMjAyQigyKSxDTj1BWlNNQ1NJQkVDQTAyLENO\n" - "PUNEUCxDTj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxDTj1TZXJ2aWNlcyxDTj1D\n" - "b25maWd1cmF0aW9uLERDPWNvcnAsREM9aW50ZWwsREM9Y29tP2NlcnRpZmljYXRl\n" - "UmV2b2NhdGlvbkxpc3Q/YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Q\n" - "b2ludIZXaHR0cDovL3d3dy5pbnRlbC5jb20vcmVwb3NpdG9yeS9DUkwvSW50ZWwl\n" - "MjBJbnRyYW5ldCUyMEJhc2ljJTIwSXNzdWluZyUyMENBJTIwMkIoMikuY3JshmBo\n" - "dHRwOi8vY2VydGlmaWNhdGVzLmludGVsLmNvbS9yZXBvc2l0b3J5L0NSTC9JbnRl\n" - "bCUyMEludHJhbmV0JTIwQmFzaWMlMjBJc3N1aW5nJTIwQ0ElMjAyQigyKS5jcmww\n" - "ggHLBggrBgEFBQcBAQSCAb0wggG5MIHRBggrBgEFBQcwAoaBxGxkYXA6Ly8vQ049\n" - "SW50ZWwlMjBJbnRyYW5ldCUyMEJhc2ljJTIwSXNzdWluZyUyMENBJTIwMkIsQ049\n" - "QUlBLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNv\n" - "bmZpZ3VyYXRpb24sREM9Y29ycCxEQz1pbnRlbCxEQz1jb20/Y0FDZXJ0aWZpY2F0\n" - "ZT9iYXNlP29iamVjdENsYXNzPWNlcnRpZmljYXRpb25BdXRob3JpdHkwbAYIKwYB\n" - "BQUHMAKGYGh0dHA6Ly93d3cuaW50ZWwuY29tL3JlcG9zaXRvcnkvY2VydGlmaWNh\n" - "dGVzL0ludGVsJTIwSW50cmFuZXQlMjBCYXNpYyUyMElzc3VpbmclMjBDQSUyMDJC\n" - "KDIpLmNydDB1BggrBgEFBQcwAoZpaHR0cDovL2NlcnRpZmljYXRlcy5pbnRlbC5j\n" - "b20vcmVwb3NpdG9yeS9jZXJ0aWZpY2F0ZXMvSW50ZWwlMjBJbnRyYW5ldCUyMEJh\n" - "c2ljJTIwSXNzdWluZyUyMENBJTIwMkIoMikuY3J0MD0GCSsGAQQBgjcVBwQwMC4G\n" - "JisGAQQBgjcVCIbDjHWEmeVRg/2BKIWOn1OCkcAJZ4eC0UGC37J5AgFkAgERMB0G\n" - "A1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAnBgkrBgEEAYI3FQoEGjAYMAoG\n" - "CCsGAQUFBwMCMAoGCCsGAQUFBwMBMCkGA1UdEQQiMCCCD3Njc2lyLmludGVsLmNv\n" - "bYINdnBuLmludGVsLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEALjO591IHOTt28HZ9\n" - "+Vm2TJp8EJSgWW3luKFAAPUOxix5FgK7mqNQk1052qV8NCQKqChO64f6kl3R29Pp\n" - "yv0ALYaxdYZXkxPuts05gwu9caeH9fK6vGTRk5pWygVIsobS2MypCYFs9VftFw5d\n" - "EPUAOsigQmkBC+k+icYzZDjm4HBGd0mTHwniNsKkkjxSnF4UGH9OYp4+hs9/pWly\n" - "19X4gVWwuxKB59TOe/tVxHBt57zZA3zYyXG+VPzVmklmYLPxVFcmeUDOjWU3x3Wp\n" - "0D5YUmvQlsd4+73IYw0BrvB42bQEFDUU/v0u6mwluk1m0LEdm+jlM/YCbrAgA3O8\n" - "eV1xMQ==\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIH4DCCBsigAwIBAgIKFpIKYgACAAJ8lTANBgkqhkiG9w0BAQUFADBWMQswCQYD\n" + "VQQGEwJVUzEaMBgGA1UEChMRSW50ZWwgQ29ycG9yYXRpb24xKzApBgNVBAMTIklu\n" + "dGVsIEludHJhbmV0IEJhc2ljIElzc3VpbmcgQ0EgMkIwHhcNMTQwMTA4MTc0MTM5\n" + "WhcNMTcwMTA3MTc0MTM5WjB1MQswCQYDVQQGEwJJRTELMAkGA1UEBxMCSVIxGjAY\n" + "BgNVBAoTEUludGVsIENvcnBvcmF0aW9uMQswCQYDVQQLEwJJVDEWMBQGA1UEAxMN\n" + "dnBuLmludGVsLmNvbTEYMBYGA1UEAxMPc2NzaXIuaW50ZWwuY29tMIIBIjANBgkq\n" + "hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3WoORH5ITJ2lpcgCHex1HBUnmN/bb6s\n" + "sS1Arm50NEHMlqGfbsdCxq2iodMvrGWvdRAPaf/7Ii1UwUhEzxyKYAXC3KRAgioh\n" + "C0pvGmAFq1ciDYRhANPlW92lIgkt83WwGtOcES2u36VmUxBfdQe6rO3ldoZHVofY\n" + "uIG/ubBVLz0NhWMaRYSUzTv/4PKJ4paIS7COUROYsyKwc5wNjTcR2PB7RRW+YHgM\n" + "FkvqPpLjLAGpHdN+wuPNLlUcyzkZVhhXxvQJ9gc5hw/LLQvbmeiGIZCvOVy3ZSfi\n" + "cGw2jkbqKcFttVV52Wild3ZigALZtkKuFnGw5DEIfk4EAZhG8eHfFQIDAQABo4IE\n" + "jzCCBIswCwYDVR0PBAQDAgWgMB0GA1UdDgQWBBR4EAIG7OggvIFAhrB8m0eyhCKV\n" + "GzAfBgNVHSMEGDAWgBQ4Y3b6tgU6qVlPSoeNoIO3fpE6CzCCAbkGA1UdHwSCAbAw\n" + "ggGsMIIBqKCCAaSgggGghoHibGRhcDovLy9DTj1JbnRlbCUyMEludHJhbmV0JTIw\n" + "QmFzaWMlMjBJc3N1aW5nJTIwQ0ElMjAyQigyKSxDTj1BWlNNQ1NJQkVDQTAyLENO\n" + "PUNEUCxDTj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxDTj1TZXJ2aWNlcyxDTj1D\n" + "b25maWd1cmF0aW9uLERDPWNvcnAsREM9aW50ZWwsREM9Y29tP2NlcnRpZmljYXRl\n" + "UmV2b2NhdGlvbkxpc3Q/YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Q\n" + "b2ludIZXaHR0cDovL3d3dy5pbnRlbC5jb20vcmVwb3NpdG9yeS9DUkwvSW50ZWwl\n" + "MjBJbnRyYW5ldCUyMEJhc2ljJTIwSXNzdWluZyUyMENBJTIwMkIoMikuY3JshmBo\n" + "dHRwOi8vY2VydGlmaWNhdGVzLmludGVsLmNvbS9yZXBvc2l0b3J5L0NSTC9JbnRl\n" + "bCUyMEludHJhbmV0JTIwQmFzaWMlMjBJc3N1aW5nJTIwQ0ElMjAyQigyKS5jcmww\n" + "ggHLBggrBgEFBQcBAQSCAb0wggG5MIHRBggrBgEFBQcwAoaBxGxkYXA6Ly8vQ049\n" + "SW50ZWwlMjBJbnRyYW5ldCUyMEJhc2ljJTIwSXNzdWluZyUyMENBJTIwMkIsQ049\n" + "QUlBLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNv\n" + "bmZpZ3VyYXRpb24sREM9Y29ycCxEQz1pbnRlbCxEQz1jb20/Y0FDZXJ0aWZpY2F0\n" + "ZT9iYXNlP29iamVjdENsYXNzPWNlcnRpZmljYXRpb25BdXRob3JpdHkwbAYIKwYB\n" + "BQUHMAKGYGh0dHA6Ly93d3cuaW50ZWwuY29tL3JlcG9zaXRvcnkvY2VydGlmaWNh\n" + "dGVzL0ludGVsJTIwSW50cmFuZXQlMjBCYXNpYyUyMElzc3VpbmclMjBDQSUyMDJC\n" + "KDIpLmNydDB1BggrBgEFBQcwAoZpaHR0cDovL2NlcnRpZmljYXRlcy5pbnRlbC5j\n" + "b20vcmVwb3NpdG9yeS9jZXJ0aWZpY2F0ZXMvSW50ZWwlMjBJbnRyYW5ldCUyMEJh\n" + "c2ljJTIwSXNzdWluZyUyMENBJTIwMkIoMikuY3J0MD0GCSsGAQQBgjcVBwQwMC4G\n" + "JisGAQQBgjcVCIbDjHWEmeVRg/2BKIWOn1OCkcAJZ4eC0UGC37J5AgFkAgERMB0G\n" + "A1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAnBgkrBgEEAYI3FQoEGjAYMAoG\n" + "CCsGAQUFBwMCMAoGCCsGAQUFBwMBMCkGA1UdEQQiMCCCD3Njc2lyLmludGVsLmNv\n" + "bYINdnBuLmludGVsLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEALjO591IHOTt28HZ9\n" + "+Vm2TJp8EJSgWW3luKFAAPUOxix5FgK7mqNQk1052qV8NCQKqChO64f6kl3R29Pp\n" + "yv0ALYaxdYZXkxPuts05gwu9caeH9fK6vGTRk5pWygVIsobS2MypCYFs9VftFw5d\n" + "EPUAOsigQmkBC+k+icYzZDjm4HBGd0mTHwniNsKkkjxSnF4UGH9OYp4+hs9/pWly\n" + "19X4gVWwuxKB59TOe/tVxHBt57zZA3zYyXG+VPzVmklmYLPxVFcmeUDOjWU3x3Wp\n" + "0D5YUmvQlsd4+73IYw0BrvB42bQEFDUU/v0u6mwluk1m0LEdm+jlM/YCbrAgA3O8\n" + "eV1xMQ==\n" + "-----END CERTIFICATE-----\n"; /* GnuTLS internally calls time() to find out the current time when verifying certificates. To avoid a time bomb, we hard code the current time. This should work fine on systems where the library call to time is resolved at run-time. */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1412850586; @@ -324,9 +326,9 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -351,7 +353,7 @@ void doit(void) if (gnutls_fips140_mode_enabled()) exit(77); - /* The overloading of time() seems to work in linux (ELF?) + /* The overloading of time() seems to work in linux (ELF?) * systems only. Disable it on windows. */ #ifdef _WIN32 @@ -375,8 +377,9 @@ void doit(void) set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); ret = gnutls_pkcs11_add_provider(lib, "trusted"); @@ -392,8 +395,7 @@ void doit(void) ret = gnutls_x509_crt_init(&certs[j]); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_init[%d,%d]: %s\n", + fprintf(stderr, "gnutls_x509_crt_init[%d,%d]: %s\n", (int)3, (int)j, gnutls_strerror(ret)); exit(1); } @@ -401,21 +403,20 @@ void doit(void) tmp.data = (unsigned char *)ca_list[j]; tmp.size = strlen(ca_list[j]); - ret = - gnutls_x509_crt_import(certs[j], &tmp, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(certs[j], &tmp, + GNUTLS_X509_FMT_PEM); if (debug > 2) printf("done\n"); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_import[%d]: %s\n", + fprintf(stderr, "gnutls_x509_crt_import[%d]: %s\n", (int)j, gnutls_strerror(ret)); exit(1); } gnutls_x509_crt_print(certs[j], GNUTLS_CRT_PRINT_ONELINE, &tmp); if (debug) - printf("\tCertificate %d: %.*s\n", (int)j, - tmp.size, tmp.data); + printf("\tCertificate %d: %.*s\n", (int)j, tmp.size, + tmp.data); gnutls_free(tmp.data); } @@ -485,12 +486,11 @@ void doit(void) for (j = 0; ca_list[j]; j++) { char name[64]; snprintf(name, sizeof(name), "test-ca%d", j); - ret = - gnutls_pkcs11_copy_x509_crt(SOFTHSM_URL, certs[j], name, - GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED - | GNUTLS_PKCS11_OBJ_FLAG_MARK_CA - | - GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO); + ret = gnutls_pkcs11_copy_x509_crt( + SOFTHSM_URL, certs[j], name, + GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED | + GNUTLS_PKCS11_OBJ_FLAG_MARK_CA | + GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_crt: %s\n", gnutls_strerror(ret)); @@ -503,14 +503,14 @@ void doit(void) ret = gnutls_x509_trust_list_add_trust_file(tl, OBJ_URL, NULL, 0, 0, 0); if (ret != 1) { - fail("gnutls_x509_trust_list_add_trust_file (with expl. object 0): %d\n", ret); + fail("gnutls_x509_trust_list_add_trust_file (with expl. object 0): %d\n", + ret); exit(1); } /* extract the issuer of the certificate */ - ret = - gnutls_x509_trust_list_get_issuer(tl, intermediate, &issuer, - GNUTLS_TL_GET_COPY); + ret = gnutls_x509_trust_list_get_issuer(tl, intermediate, &issuer, + GNUTLS_TL_GET_COPY); if (ret < 0) { fail("gnutls_x509_trust_list_get_issuer (with expl. object) should have succeeded\n"); exit(1); @@ -523,46 +523,44 @@ void doit(void) */ gnutls_x509_trust_list_init(&tl, 0); - ret = - gnutls_x509_trust_list_add_trust_file(tl, SOFTHSM_URL, NULL, 0, 0, - 0); + ret = gnutls_x509_trust_list_add_trust_file(tl, SOFTHSM_URL, NULL, 0, 0, + 0); if (ret < 0) { fail("gnutls_x509_trust_list_add_trust_file\n"); exit(1); } /* extract the issuer of the certificate */ - ret = - gnutls_x509_trust_list_get_issuer(tl, intermediate, &issuer, - GNUTLS_TL_GET_COPY); + ret = gnutls_x509_trust_list_get_issuer(tl, intermediate, &issuer, + GNUTLS_TL_GET_COPY); if (ret < 0) { fail("gnutls_x509_trust_list_get_issuer should have succeeded\n"); exit(1); } gnutls_x509_crt_deinit(issuer); - ret = - gnutls_pkcs11_crt_is_known(SOFTHSM_URL, certs[2], - GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY | - GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); + ret = gnutls_pkcs11_crt_is_known( + SOFTHSM_URL, certs[2], + GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY | + GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); if (ret == 0) { fail("error in gnutls_pkcs11_crt_is_known - 0\n"); exit(1); } - ret = - gnutls_pkcs11_crt_is_known(SOFTHSM_URL, certs[0], - GNUTLS_PKCS11_OBJ_FLAG_COMPARE | - GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); + ret = gnutls_pkcs11_crt_is_known( + SOFTHSM_URL, certs[0], + GNUTLS_PKCS11_OBJ_FLAG_COMPARE | + GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); if (ret == 0) { fail("error in gnutls_pkcs11_crt_is_known - 0\n"); exit(1); } - ret = - gnutls_pkcs11_crt_is_known(SOFTHSM_URL, certs[1], - GNUTLS_PKCS11_OBJ_FLAG_COMPARE | - GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); + ret = gnutls_pkcs11_crt_is_known( + SOFTHSM_URL, certs[1], + GNUTLS_PKCS11_OBJ_FLAG_COMPARE | + GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); if (ret == 0) { fail("error in gnutls_pkcs11_crt_is_known - 0\n"); exit(1); @@ -603,54 +601,53 @@ void doit(void) } /* these are invalid certificates but their key matches existing keys, the following should work */ - ret = - gnutls_pkcs11_crt_is_known(SOFTHSM_URL, same_dn, - GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY | - GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); + ret = gnutls_pkcs11_crt_is_known( + SOFTHSM_URL, same_dn, + GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY | + GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); if (ret == 0) { fail("error in gnutls_pkcs11_crt_is_known - did not find a cert that does match key\n"); exit(1); } - ret = - gnutls_pkcs11_crt_is_known(SOFTHSM_URL, same_issuer, - GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY | - GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); + ret = gnutls_pkcs11_crt_is_known( + SOFTHSM_URL, same_issuer, + GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY | + GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); if (ret == 0) { fail("error in gnutls_pkcs11_crt_is_known - did not find a cert that does match key\n"); exit(1); } /* The following check whether the RETRIEVE_TRUSTED implies compare of the certificate */ - ret = - gnutls_pkcs11_crt_is_known(SOFTHSM_URL, same_dn, - GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); + ret = gnutls_pkcs11_crt_is_known( + SOFTHSM_URL, same_dn, GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); if (ret != 0) { fail("error in gnutls_pkcs11_crt_is_known - found a cert that doesn't match\n"); exit(1); } - ret = - gnutls_pkcs11_crt_is_known(SOFTHSM_URL, same_issuer, - GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); + ret = gnutls_pkcs11_crt_is_known( + SOFTHSM_URL, same_issuer, + GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); if (ret != 0) { fail("error in gnutls_pkcs11_crt_is_known - found a cert that doesn't match\n"); exit(1); } - ret = - gnutls_pkcs11_crt_is_known(SOFTHSM_URL, same_dn, - GNUTLS_PKCS11_OBJ_FLAG_COMPARE | - GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); + ret = gnutls_pkcs11_crt_is_known( + SOFTHSM_URL, same_dn, + GNUTLS_PKCS11_OBJ_FLAG_COMPARE | + GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); if (ret != 0) { fail("error in gnutls_pkcs11_crt_is_known - found a cert that doesn't match\n"); exit(1); } - ret = - gnutls_pkcs11_crt_is_known(SOFTHSM_URL, same_issuer, - GNUTLS_PKCS11_OBJ_FLAG_COMPARE | - GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); + ret = gnutls_pkcs11_crt_is_known( + SOFTHSM_URL, same_issuer, + GNUTLS_PKCS11_OBJ_FLAG_COMPARE | + GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED); if (ret != 0) { fail("error in gnutls_pkcs11_crt_is_known - found a cert that doesn't match\n"); exit(1); diff --git a/tests/pkcs11/pkcs11-mechanisms.c b/tests/pkcs11/pkcs11-mechanisms.c index 464abfc831..f35c1ee469 100644 --- a/tests/pkcs11/pkcs11-mechanisms.c +++ b/tests/pkcs11/pkcs11-mechanisms.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -41,12 +41,12 @@ #if defined(HAVE___REGISTER_ATFORK) -# ifdef _WIN32 -# define P11LIB "libpkcs11mock1.dll" -# else -# include -# define P11LIB "libpkcs11mock1.so" -# endif +#ifdef _WIN32 +#define P11LIB "libpkcs11mock1.dll" +#else +#include +#define P11LIB "libpkcs11mock1.so" +#endif static void tls_log_func(int level, const char *str) { @@ -91,11 +91,11 @@ void doit(void) if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) break; success("mech: %lu\n", mech); - ret = - gnutls_pkcs11_token_check_mechanism("pkcs11:", mech, NULL, - 0, 0); + ret = gnutls_pkcs11_token_check_mechanism("pkcs11:", mech, NULL, + 0, 0); if (ret == 0) { - fail("mechanism %ld was reported are supported, but is not found!\n", mech); + fail("mechanism %ld was reported are supported, but is not found!\n", + mech); } } if (debug) diff --git a/tests/pkcs11/pkcs11-mock-ext.h b/tests/pkcs11/pkcs11-mock-ext.h index 83f64b5d36..fc952ba2ad 100644 --- a/tests/pkcs11/pkcs11-mock-ext.h +++ b/tests/pkcs11/pkcs11-mock-ext.h @@ -20,13 +20,13 @@ */ #ifndef PKCS11_MOCK_EXT_H -# define PKCS11_MOCK_EXT_H +#define PKCS11_MOCK_EXT_H /* This flag instructs the module to return CKR_OK on sensitive * objects */ -# define MOCK_FLAG_BROKEN_GET_ATTRIBUTES 1 -# define MOCK_FLAG_ALWAYS_AUTH (1<<1) +#define MOCK_FLAG_BROKEN_GET_ATTRIBUTES 1 +#define MOCK_FLAG_ALWAYS_AUTH (1 << 1) /* simulate the safenet HSMs always auth behavior */ -# define MOCK_FLAG_SAFENET_ALWAYS_AUTH (1<<2) +#define MOCK_FLAG_SAFENET_ALWAYS_AUTH (1 << 2) #endif diff --git a/tests/pkcs11/pkcs11-mock.c b/tests/pkcs11/pkcs11-mock.c index b264ebc2f3..957e0cc2e7 100644 --- a/tests/pkcs11/pkcs11-mock.c +++ b/tests/pkcs11/pkcs11-mock.c @@ -32,118 +32,118 @@ unsigned int pkcs11_mock_flags = 0; * module. */ const char mock_certificate[] = - "\x30\x82\x03\x97\x30\x82\x02\x4f\xa0\x03\x02\x01\x02\x02\x04\x4d" - "\xa7\x54\x21\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x0b" - "\x05\x00\x30\x32\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x42" - "\x45\x31\x0f\x30\x0d\x06\x03\x55\x04\x0a\x13\x06\x47\x6e\x75\x54" - "\x4c\x53\x31\x12\x30\x10\x06\x03\x55\x04\x03\x13\x09\x6c\x6f\x63" - "\x61\x6c\x68\x6f\x73\x74\x30\x1e\x17\x0d\x31\x31\x30\x34\x31\x34" - "\x32\x30\x30\x38\x30\x32\x5a\x17\x0d\x33\x38\x30\x38\x32\x39\x32" - "\x30\x30\x38\x30\x34\x5a\x30\x32\x31\x0b\x30\x09\x06\x03\x55\x04" - "\x06\x13\x02\x42\x45\x31\x0f\x30\x0d\x06\x03\x55\x04\x0a\x13\x06" - "\x47\x6e\x75\x54\x4c\x53\x31\x12\x30\x10\x06\x03\x55\x04\x03\x13" - "\x09\x6c\x6f\x63\x61\x6c\x68\x6f\x73\x74\x30\x82\x01\x52\x30\x0d" - "\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01" - "\x3f\x00\x30\x82\x01\x3a\x02\x82\x01\x31\x00\xdd\xcf\x97\xd2\xa5" - "\x1d\x95\xdd\x86\x18\xd8\xc4\xb9\xad\xa6\x0c\xb4\x9d\xb6\xdc\xfa" - "\xdc\x21\xe1\x3a\x62\x34\x07\xe8\x33\xb2\xe8\x97\xee\x2c\x41\xd2" - "\x12\xf1\x5f\xed\xe4\x76\xff\x65\x26\x1e\x0c\xc7\x41\x15\x69\x5f" - "\x0d\xf9\xad\x89\x14\x8d\xea\xd7\x16\x52\x9a\x47\xc1\xbb\x00\x02" - "\xe4\x88\x45\x73\x78\xa4\xae\xdb\x38\xc3\xc6\x07\xd2\x64\x0e\x87" - "\xed\x74\x8c\x6b\xc4\xc0\x02\x50\x7c\x4e\xa6\xd1\x58\xe9\xe5\x13" - "\x09\xa9\xdb\x5a\xea\xeb\x0f\x06\x80\x5c\x09\xef\x94\xc8\xe9\xfb" - "\x37\x2e\x75\xe1\xac\x93\xad\x9b\x37\x13\x4b\x66\x3a\x76\x33\xd8" - "\xc4\xd7\x4c\xfb\x61\xc8\x92\x21\x07\xfc\xdf\xa9\x88\x54\xe4\xa3" - "\xa9\x47\xd2\x6c\xb8\xe3\x39\x89\x11\x88\x38\x2d\xa2\xdc\x3e\x5e" - "\x4a\xa9\xa4\x8e\xd5\x1f\xb2\xd0\xdd\x41\x3c\xda\x10\x68\x9e\x47" - "\x1b\x65\x02\xa2\xc5\x28\x73\x02\x83\x03\x09\xfd\xf5\x29\x7e\x97" - "\xdc\x2a\x4e\x4b\xaa\x79\x46\x46\x70\x86\x1b\x9b\xb8\xf6\x8a\xbe" - "\x29\x87\x7d\x5f\xda\xa5\x97\x6b\xef\xc8\x43\x09\x43\xe2\x1f\x8a" - "\x16\x7e\x1d\x50\x5d\xf5\xda\x02\xee\xf2\xc3\x2a\x48\xe6\x6b\x30" - "\xea\x02\xd7\xef\xac\x8b\x0c\xb8\xc1\x85\xd8\xbf\x7c\x85\xa8\x1e" - "\x83\xbe\x5c\x26\x2e\x79\x7b\x47\xf5\x4a\x3f\x66\x62\x92\xfd\x41" - "\x20\xb6\x2c\x00\xf0\x52\xca\x26\x06\x2d\x7c\xcf\x7a\x50\x7d\x0f" - "\xcb\xdd\x97\x20\xc8\x6f\xe4\xe0\x50\xf4\xe3\x02\x03\x01\x00\x01" - "\xa3\x55\x30\x53\x30\x0c\x06\x03\x55\x1d\x13\x01\x01\xff\x04\x02" - "\x30\x00\x30\x13\x06\x03\x55\x1d\x25\x04\x0c\x30\x0a\x06\x08\x2b" - "\x06\x01\x05\x05\x07\x03\x01\x30\x0f\x06\x03\x55\x1d\x0f\x01\x01" - "\xff\x04\x05\x03\x03\x07\xa0\x00\x30\x1d\x06\x03\x55\x1d\x0e\x04" - "\x16\x04\x14\x92\x53\xd6\x71\xb9\xf8\x68\xaa\xb3\x53\xf6\x8d\xf5" - "\x39\x45\x66\x9c\xa7\xe5\x31\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7" - "\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x31\x00\x98\xbf\x48\x89\xc1" - "\xe6\xe6\x15\x13\xcc\xfc\xba\xed\xa0\x89\xe5\x86\x45\x30\x73\x68" - "\xb2\x79\x1f\x88\x02\x80\xfb\x2d\xc9\xb8\x21\x55\x8d\xc5\xb7\x56" - "\x1b\xcf\xc3\x76\xee\xd0\xf0\xd9\x22\x3a\x63\x92\xc5\x04\x86\x70" - "\x1e\x42\x33\x2a\x3b\xc4\x14\x08\xc5\x42\x92\x73\x7c\x3e\x39\xc0" - "\xee\x34\xc7\x33\x16\x5f\x93\xae\xcf\x1f\x9a\x30\x09\x51\xfe\x2d" - "\x94\x9c\x28\xad\x2a\x7e\xe4\x14\x81\x45\x6b\x0d\xd7\x11\x21\xfc" - "\xdb\x27\x17\x74\xb4\xcc\x94\x1a\x6e\x9e\x7b\x58\xa9\xe0\x06\x8d" - "\xda\x5f\x60\xe1\xb8\x6f\x28\x68\xb6\x58\xbe\xc5\xac\x36\x47\x37" - "\xf6\xa8\x38\x74\x23\x81\xf3\x22\xbe\x61\xff\x08\x08\x87\xeb\xc2" - "\x8f\x29\x25\x75\x5d\x4c\xeb\xd5\x09\x28\xab\x7b\x99\xf9\x69\x08" - "\xa2\xc6\x02\xd2\x2e\xcd\xfa\xf1\x19\xce\x3f\x44\x6a\xa1\x4b\xa8" - "\x56\xd5\x11\xae\x44\xe3\x68\x05\x50\x57\x8d\x72\x0f\xc7\x21\xdb" - "\x8f\xa3\x50\x78\x5d\x5a\x39\xcb\x90\x3d\x52\x43\x33\xbf\xea\x89" - "\x07\x1a\x92\xcc\x85\x27\xa8\x3d\x34\xb8\x5b\x52\xee\xef\x20\xb9" - "\xb6\xff\xea\xc5\x90\xd3\x47\xc5\x51\x90\xe2\xe6\x3e\x52\xb9\x1e" - "\x79\x18\xbe\xfd\xe2\x24\xbe\x47\x32\x5a\xb0\x03\x6b\xaa\xdb\xc3" - "\xdb\xf6\x60\x44\x08\xb6\x2c\x19\x47\xa2\xf0\x43\x7f\xf0\x07\x97" - "\x57\xab\xec\xa0\xb8\x6a\x49\xce\x08\xe6\xc3\x4d\xf2\xa4\xe9\xb8" - "\x43\xe7\xf0\x84\xd7\x1a\x72\x14\x5d\x82\x1a"; + "\x30\x82\x03\x97\x30\x82\x02\x4f\xa0\x03\x02\x01\x02\x02\x04\x4d" + "\xa7\x54\x21\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x0b" + "\x05\x00\x30\x32\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x42" + "\x45\x31\x0f\x30\x0d\x06\x03\x55\x04\x0a\x13\x06\x47\x6e\x75\x54" + "\x4c\x53\x31\x12\x30\x10\x06\x03\x55\x04\x03\x13\x09\x6c\x6f\x63" + "\x61\x6c\x68\x6f\x73\x74\x30\x1e\x17\x0d\x31\x31\x30\x34\x31\x34" + "\x32\x30\x30\x38\x30\x32\x5a\x17\x0d\x33\x38\x30\x38\x32\x39\x32" + "\x30\x30\x38\x30\x34\x5a\x30\x32\x31\x0b\x30\x09\x06\x03\x55\x04" + "\x06\x13\x02\x42\x45\x31\x0f\x30\x0d\x06\x03\x55\x04\x0a\x13\x06" + "\x47\x6e\x75\x54\x4c\x53\x31\x12\x30\x10\x06\x03\x55\x04\x03\x13" + "\x09\x6c\x6f\x63\x61\x6c\x68\x6f\x73\x74\x30\x82\x01\x52\x30\x0d" + "\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01" + "\x3f\x00\x30\x82\x01\x3a\x02\x82\x01\x31\x00\xdd\xcf\x97\xd2\xa5" + "\x1d\x95\xdd\x86\x18\xd8\xc4\xb9\xad\xa6\x0c\xb4\x9d\xb6\xdc\xfa" + "\xdc\x21\xe1\x3a\x62\x34\x07\xe8\x33\xb2\xe8\x97\xee\x2c\x41\xd2" + "\x12\xf1\x5f\xed\xe4\x76\xff\x65\x26\x1e\x0c\xc7\x41\x15\x69\x5f" + "\x0d\xf9\xad\x89\x14\x8d\xea\xd7\x16\x52\x9a\x47\xc1\xbb\x00\x02" + "\xe4\x88\x45\x73\x78\xa4\xae\xdb\x38\xc3\xc6\x07\xd2\x64\x0e\x87" + "\xed\x74\x8c\x6b\xc4\xc0\x02\x50\x7c\x4e\xa6\xd1\x58\xe9\xe5\x13" + "\x09\xa9\xdb\x5a\xea\xeb\x0f\x06\x80\x5c\x09\xef\x94\xc8\xe9\xfb" + "\x37\x2e\x75\xe1\xac\x93\xad\x9b\x37\x13\x4b\x66\x3a\x76\x33\xd8" + "\xc4\xd7\x4c\xfb\x61\xc8\x92\x21\x07\xfc\xdf\xa9\x88\x54\xe4\xa3" + "\xa9\x47\xd2\x6c\xb8\xe3\x39\x89\x11\x88\x38\x2d\xa2\xdc\x3e\x5e" + "\x4a\xa9\xa4\x8e\xd5\x1f\xb2\xd0\xdd\x41\x3c\xda\x10\x68\x9e\x47" + "\x1b\x65\x02\xa2\xc5\x28\x73\x02\x83\x03\x09\xfd\xf5\x29\x7e\x97" + "\xdc\x2a\x4e\x4b\xaa\x79\x46\x46\x70\x86\x1b\x9b\xb8\xf6\x8a\xbe" + "\x29\x87\x7d\x5f\xda\xa5\x97\x6b\xef\xc8\x43\x09\x43\xe2\x1f\x8a" + "\x16\x7e\x1d\x50\x5d\xf5\xda\x02\xee\xf2\xc3\x2a\x48\xe6\x6b\x30" + "\xea\x02\xd7\xef\xac\x8b\x0c\xb8\xc1\x85\xd8\xbf\x7c\x85\xa8\x1e" + "\x83\xbe\x5c\x26\x2e\x79\x7b\x47\xf5\x4a\x3f\x66\x62\x92\xfd\x41" + "\x20\xb6\x2c\x00\xf0\x52\xca\x26\x06\x2d\x7c\xcf\x7a\x50\x7d\x0f" + "\xcb\xdd\x97\x20\xc8\x6f\xe4\xe0\x50\xf4\xe3\x02\x03\x01\x00\x01" + "\xa3\x55\x30\x53\x30\x0c\x06\x03\x55\x1d\x13\x01\x01\xff\x04\x02" + "\x30\x00\x30\x13\x06\x03\x55\x1d\x25\x04\x0c\x30\x0a\x06\x08\x2b" + "\x06\x01\x05\x05\x07\x03\x01\x30\x0f\x06\x03\x55\x1d\x0f\x01\x01" + "\xff\x04\x05\x03\x03\x07\xa0\x00\x30\x1d\x06\x03\x55\x1d\x0e\x04" + "\x16\x04\x14\x92\x53\xd6\x71\xb9\xf8\x68\xaa\xb3\x53\xf6\x8d\xf5" + "\x39\x45\x66\x9c\xa7\xe5\x31\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7" + "\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x31\x00\x98\xbf\x48\x89\xc1" + "\xe6\xe6\x15\x13\xcc\xfc\xba\xed\xa0\x89\xe5\x86\x45\x30\x73\x68" + "\xb2\x79\x1f\x88\x02\x80\xfb\x2d\xc9\xb8\x21\x55\x8d\xc5\xb7\x56" + "\x1b\xcf\xc3\x76\xee\xd0\xf0\xd9\x22\x3a\x63\x92\xc5\x04\x86\x70" + "\x1e\x42\x33\x2a\x3b\xc4\x14\x08\xc5\x42\x92\x73\x7c\x3e\x39\xc0" + "\xee\x34\xc7\x33\x16\x5f\x93\xae\xcf\x1f\x9a\x30\x09\x51\xfe\x2d" + "\x94\x9c\x28\xad\x2a\x7e\xe4\x14\x81\x45\x6b\x0d\xd7\x11\x21\xfc" + "\xdb\x27\x17\x74\xb4\xcc\x94\x1a\x6e\x9e\x7b\x58\xa9\xe0\x06\x8d" + "\xda\x5f\x60\xe1\xb8\x6f\x28\x68\xb6\x58\xbe\xc5\xac\x36\x47\x37" + "\xf6\xa8\x38\x74\x23\x81\xf3\x22\xbe\x61\xff\x08\x08\x87\xeb\xc2" + "\x8f\x29\x25\x75\x5d\x4c\xeb\xd5\x09\x28\xab\x7b\x99\xf9\x69\x08" + "\xa2\xc6\x02\xd2\x2e\xcd\xfa\xf1\x19\xce\x3f\x44\x6a\xa1\x4b\xa8" + "\x56\xd5\x11\xae\x44\xe3\x68\x05\x50\x57\x8d\x72\x0f\xc7\x21\xdb" + "\x8f\xa3\x50\x78\x5d\x5a\x39\xcb\x90\x3d\x52\x43\x33\xbf\xea\x89" + "\x07\x1a\x92\xcc\x85\x27\xa8\x3d\x34\xb8\x5b\x52\xee\xef\x20\xb9" + "\xb6\xff\xea\xc5\x90\xd3\x47\xc5\x51\x90\xe2\xe6\x3e\x52\xb9\x1e" + "\x79\x18\xbe\xfd\xe2\x24\xbe\x47\x32\x5a\xb0\x03\x6b\xaa\xdb\xc3" + "\xdb\xf6\x60\x44\x08\xb6\x2c\x19\x47\xa2\xf0\x43\x7f\xf0\x07\x97" + "\x57\xab\xec\xa0\xb8\x6a\x49\xce\x08\xe6\xc3\x4d\xf2\xa4\xe9\xb8" + "\x43\xe7\xf0\x84\xd7\x1a\x72\x14\x5d\x82\x1a"; /* ca == true */ const char mock_cert_ext1[] = - "\x30\x0f\x06\x03\x55\x1d\x13\x01\x01\xff\x04\x05\x30\x03\x01\x01\xff"; + "\x30\x0f\x06\x03\x55\x1d\x13\x01\x01\xff\x04\x05\x30\x03\x01\x01\xff"; /* GNUTLS_KEY_ENCIPHER_ONLY | GNUTLS_KEY_KEY_ENCIPHERMENT | GNUTLS_KEY_KEY_CERT_SIGN */ const char mock_cert_ext2[] = - "\x30\x0f\x06\x03\x55\x1d\x0f\x01\x01\xff\x04\x05\x03\x03\x07\x25\x00"; + "\x30\x0f\x06\x03\x55\x1d\x0f\x01\x01\xff\x04\x05\x03\x03\x07\x25\x00"; const char mock_pubkey[] = - "\x30\x82\x01\x52\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01" - "\x01\x05\x00\x03\x82\x01\x3f\x00\x30\x82\x01\x3a\x02\x82\x01\x31" - "\x00\xdd\xcf\x97\xd2\xa5\x1d\x95\xdd\x86\x18\xd8\xc4\xb9\xad\xa6" - "\x0c\xb4\x9d\xb6\xdc\xfa\xdc\x21\xe1\x3a\x62\x34\x07\xe8\x33\xb2" - "\xe8\x97\xee\x2c\x41\xd2\x12\xf1\x5f\xed\xe4\x76\xff\x65\x26\x1e" - "\x0c\xc7\x41\x15\x69\x5f\x0d\xf9\xad\x89\x14\x8d\xea\xd7\x16\x52" - "\x9a\x47\xc1\xbb\x00\x02\xe4\x88\x45\x73\x78\xa4\xae\xdb\x38\xc3" - "\xc6\x07\xd2\x64\x0e\x87\xed\x74\x8c\x6b\xc4\xc0\x02\x50\x7c\x4e" - "\xa6\xd1\x58\xe9\xe5\x13\x09\xa9\xdb\x5a\xea\xeb\x0f\x06\x80\x5c" - "\x09\xef\x94\xc8\xe9\xfb\x37\x2e\x75\xe1\xac\x93\xad\x9b\x37\x13" - "\x4b\x66\x3a\x76\x33\xd8\xc4\xd7\x4c\xfb\x61\xc8\x92\x21\x07\xfc" - "\xdf\xa9\x88\x54\xe4\xa3\xa9\x47\xd2\x6c\xb8\xe3\x39\x89\x11\x88" - "\x38\x2d\xa2\xdc\x3e\x5e\x4a\xa9\xa4\x8e\xd5\x1f\xb2\xd0\xdd\x41" - "\x3c\xda\x10\x68\x9e\x47\x1b\x65\x02\xa2\xc5\x28\x73\x02\x83\x03" - "\x09\xfd\xf5\x29\x7e\x97\xdc\x2a\x4e\x4b\xaa\x79\x46\x46\x70\x86" - "\x1b\x9b\xb8\xf6\x8a\xbe\x29\x87\x7d\x5f\xda\xa5\x97\x6b\xef\xc8" - "\x43\x09\x43\xe2\x1f\x8a\x16\x7e\x1d\x50\x5d\xf5\xda\x02\xee\xf2" - "\xc3\x2a\x48\xe6\x6b\x30\xea\x02\xd7\xef\xac\x8b\x0c\xb8\xc1\x85" - "\xd8\xbf\x7c\x85\xa8\x1e\x83\xbe\x5c\x26\x2e\x79\x7b\x47\xf5\x4a" - "\x3f\x66\x62\x92\xfd\x41\x20\xb6\x2c\x00\xf0\x52\xca\x26\x06\x2d" - "\x7c\xcf\x7a\x50\x7d\x0f\xcb\xdd\x97\x20\xc8\x6f\xe4\xe0\x50\xf4" - "\xe3\x02\x03\x01\x00\x01"; + "\x30\x82\x01\x52\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01" + "\x01\x05\x00\x03\x82\x01\x3f\x00\x30\x82\x01\x3a\x02\x82\x01\x31" + "\x00\xdd\xcf\x97\xd2\xa5\x1d\x95\xdd\x86\x18\xd8\xc4\xb9\xad\xa6" + "\x0c\xb4\x9d\xb6\xdc\xfa\xdc\x21\xe1\x3a\x62\x34\x07\xe8\x33\xb2" + "\xe8\x97\xee\x2c\x41\xd2\x12\xf1\x5f\xed\xe4\x76\xff\x65\x26\x1e" + "\x0c\xc7\x41\x15\x69\x5f\x0d\xf9\xad\x89\x14\x8d\xea\xd7\x16\x52" + "\x9a\x47\xc1\xbb\x00\x02\xe4\x88\x45\x73\x78\xa4\xae\xdb\x38\xc3" + "\xc6\x07\xd2\x64\x0e\x87\xed\x74\x8c\x6b\xc4\xc0\x02\x50\x7c\x4e" + "\xa6\xd1\x58\xe9\xe5\x13\x09\xa9\xdb\x5a\xea\xeb\x0f\x06\x80\x5c" + "\x09\xef\x94\xc8\xe9\xfb\x37\x2e\x75\xe1\xac\x93\xad\x9b\x37\x13" + "\x4b\x66\x3a\x76\x33\xd8\xc4\xd7\x4c\xfb\x61\xc8\x92\x21\x07\xfc" + "\xdf\xa9\x88\x54\xe4\xa3\xa9\x47\xd2\x6c\xb8\xe3\x39\x89\x11\x88" + "\x38\x2d\xa2\xdc\x3e\x5e\x4a\xa9\xa4\x8e\xd5\x1f\xb2\xd0\xdd\x41" + "\x3c\xda\x10\x68\x9e\x47\x1b\x65\x02\xa2\xc5\x28\x73\x02\x83\x03" + "\x09\xfd\xf5\x29\x7e\x97\xdc\x2a\x4e\x4b\xaa\x79\x46\x46\x70\x86" + "\x1b\x9b\xb8\xf6\x8a\xbe\x29\x87\x7d\x5f\xda\xa5\x97\x6b\xef\xc8" + "\x43\x09\x43\xe2\x1f\x8a\x16\x7e\x1d\x50\x5d\xf5\xda\x02\xee\xf2" + "\xc3\x2a\x48\xe6\x6b\x30\xea\x02\xd7\xef\xac\x8b\x0c\xb8\xc1\x85" + "\xd8\xbf\x7c\x85\xa8\x1e\x83\xbe\x5c\x26\x2e\x79\x7b\x47\xf5\x4a" + "\x3f\x66\x62\x92\xfd\x41\x20\xb6\x2c\x00\xf0\x52\xca\x26\x06\x2d" + "\x7c\xcf\x7a\x50\x7d\x0f\xcb\xdd\x97\x20\xc8\x6f\xe4\xe0\x50\xf4" + "\xe3\x02\x03\x01\x00\x01"; const char mock_public_exponent[] = "\x01\x00\x01"; const char mock_modulus[] = - "\xDD\xCF\x97\xD2\xA5\x1D\x95\xDD\x86\x18\xD8\xC4\xB9\xAD\xA6\x0C" - "\xB4\x9D\xB6\xDC\xFA\xDC\x21\xE1\x3A\x62\x34\x07\xE8\x33\xB2\xE8" - "\x97\xEE\x2C\x41\xD2\x12\xF1\x5F\xED\xE4\x76\xFF\x65\x26\x1E\x0C" - "\xC7\x41\x15\x69\x5F\x0D\xF9\xAD\x89\x14\x8D\xEA\xD7\x16\x52\x9A" - "\x47\xC1\xBB\x00\x02\xE4\x88\x45\x73\x78\xA4\xAE\xDB\x38\xC3\xC6" - "\x07\xD2\x64\x0E\x87\xED\x74\x8C\x6B\xC4\xC0\x02\x50\x7C\x4E\xA6" - "\xD1\x58\xE9\xE5\x13\x09\xA9\xDB\x5A\xEA\xEB\x0F\x06\x80\x5C\x09" - "\xEF\x94\xC8\xE9\xFB\x37\x2E\x75\xE1\xAC\x93\xAD\x9B\x37\x13\x4B" - "\x66\x3A\x76\x33\xD8\xC4\xD7\x4C\xFB\x61\xC8\x92\x21\x07\xFC\xDF" - "\xA9\x88\x54\xE4\xA3\xA9\x47\xD2\x6C\xB8\xE3\x39\x89\x11\x88\x38" - "\x2D\xA2\xDC\x3E\x5E\x4A\xA9\xA4\x8E\xD5\x1F\xB2\xD0\xDD\x41\x3C" - "\xDA\x10\x68\x9E\x47\x1B\x65\x02\xA2\xC5\x28\x73\x02\x83\x03\x09" - "\xFD\xF5\x29\x7E\x97\xDC\x2A\x4E\x4B\xAA\x79\x46\x46\x70\x86\x1B" - "\x9B\xB8\xF6\x8A\xBE\x29\x87\x7D\x5F\xDA\xA5\x97\x6B\xEF\xC8\x43" - "\x09\x43\xE2\x1F\x8A\x16\x7E\x1D\x50\x5D\xF5\xDA\x02\xEE\xF2\xC3" - "\x2A\x48\xE6\x6B\x30\xEA\x02\xD7\xEF\xAC\x8B\x0C\xB8\xC1\x85\xD8" - "\xBF\x7C\x85\xA8\x1E\x83\xBE\x5C\x26\x2E\x79\x7B\x47\xF5\x4A\x3F" - "\x66\x62\x92\xFD\x41\x20\xB6\x2C\x00\xF0\x52\xCA\x26\x06\x2D\x7C" - "\xCF\x7A\x50\x7D\x0F\xCB\xDD\x97\x20\xC8\x6F\xE4\xE0\x50\xF4\xE3"; + "\xDD\xCF\x97\xD2\xA5\x1D\x95\xDD\x86\x18\xD8\xC4\xB9\xAD\xA6\x0C" + "\xB4\x9D\xB6\xDC\xFA\xDC\x21\xE1\x3A\x62\x34\x07\xE8\x33\xB2\xE8" + "\x97\xEE\x2C\x41\xD2\x12\xF1\x5F\xED\xE4\x76\xFF\x65\x26\x1E\x0C" + "\xC7\x41\x15\x69\x5F\x0D\xF9\xAD\x89\x14\x8D\xEA\xD7\x16\x52\x9A" + "\x47\xC1\xBB\x00\x02\xE4\x88\x45\x73\x78\xA4\xAE\xDB\x38\xC3\xC6" + "\x07\xD2\x64\x0E\x87\xED\x74\x8C\x6B\xC4\xC0\x02\x50\x7C\x4E\xA6" + "\xD1\x58\xE9\xE5\x13\x09\xA9\xDB\x5A\xEA\xEB\x0F\x06\x80\x5C\x09" + "\xEF\x94\xC8\xE9\xFB\x37\x2E\x75\xE1\xAC\x93\xAD\x9B\x37\x13\x4B" + "\x66\x3A\x76\x33\xD8\xC4\xD7\x4C\xFB\x61\xC8\x92\x21\x07\xFC\xDF" + "\xA9\x88\x54\xE4\xA3\xA9\x47\xD2\x6C\xB8\xE3\x39\x89\x11\x88\x38" + "\x2D\xA2\xDC\x3E\x5E\x4A\xA9\xA4\x8E\xD5\x1F\xB2\xD0\xDD\x41\x3C" + "\xDA\x10\x68\x9E\x47\x1B\x65\x02\xA2\xC5\x28\x73\x02\x83\x03\x09" + "\xFD\xF5\x29\x7E\x97\xDC\x2A\x4E\x4B\xAA\x79\x46\x46\x70\x86\x1B" + "\x9B\xB8\xF6\x8A\xBE\x29\x87\x7D\x5F\xDA\xA5\x97\x6B\xEF\xC8\x43" + "\x09\x43\xE2\x1F\x8A\x16\x7E\x1D\x50\x5D\xF5\xDA\x02\xEE\xF2\xC3" + "\x2A\x48\xE6\x6B\x30\xEA\x02\xD7\xEF\xAC\x8B\x0C\xB8\xC1\x85\xD8" + "\xBF\x7C\x85\xA8\x1E\x83\xBE\x5C\x26\x2E\x79\x7B\x47\xF5\x4A\x3F" + "\x66\x62\x92\xFD\x41\x20\xB6\x2C\x00\xF0\x52\xCA\x26\x06\x2D\x7C" + "\xCF\x7A\x50\x7D\x0F\xCB\xDD\x97\x20\xC8\x6F\xE4\xE0\x50\xF4\xE3"; const char mock_subject[] = - "DN: C=US, O=Test Government, OU=Test Department, OU=Test Agency/serialNumber="; + "DN: C=US, O=Test Government, OU=Test Department, OU=Test Agency/serialNumber="; CK_BBOOL pkcs11_mock_initialized = CK_FALSE; CK_BBOOL pkcs11_mock_session_opened = CK_FALSE; @@ -151,80 +151,78 @@ CK_BBOOL pkcs11_mock_session_reauth = CK_FALSE; static session_ptr_st *mock_session = NULL; -CK_FUNCTION_LIST pkcs11_mock_functions = { - {2, 20}, - &C_Initialize, - &C_Finalize, - &C_GetInfo, - &C_GetFunctionList, - &C_GetSlotList, - &C_GetSlotInfo, - &C_GetTokenInfo, - &C_GetMechanismList, - &C_GetMechanismInfo, - &C_InitToken, - &C_InitPIN, - &C_SetPIN, - &C_OpenSession, - &C_CloseSession, - &C_CloseAllSessions, - &C_GetSessionInfo, - &C_GetOperationState, - &C_SetOperationState, - &C_Login, - &C_Logout, - &C_CreateObject, - &C_CopyObject, - &C_DestroyObject, - &C_GetObjectSize, - &C_GetAttributeValue, - &C_SetAttributeValue, - &C_FindObjectsInit, - &C_FindObjects, - &C_FindObjectsFinal, - &C_EncryptInit, - &C_Encrypt, - &C_EncryptUpdate, - &C_EncryptFinal, - &C_DecryptInit, - &C_Decrypt, - &C_DecryptUpdate, - &C_DecryptFinal, - &C_DigestInit, - &C_Digest, - &C_DigestUpdate, - &C_DigestKey, - &C_DigestFinal, - &C_SignInit, - &C_Sign, - &C_SignUpdate, - &C_SignFinal, - &C_SignRecoverInit, - &C_SignRecover, - &C_VerifyInit, - &C_Verify, - &C_VerifyUpdate, - &C_VerifyFinal, - &C_VerifyRecoverInit, - &C_VerifyRecover, - &C_DigestEncryptUpdate, - &C_DecryptDigestUpdate, - &C_SignEncryptUpdate, - &C_DecryptVerifyUpdate, - &C_GenerateKey, - &C_GenerateKeyPair, - &C_WrapKey, - &C_UnwrapKey, - &C_DeriveKey, - &C_SeedRandom, - &C_GenerateRandom, - &C_GetFunctionStatus, - &C_CancelFunction, - &C_WaitForSlotEvent -}; +CK_FUNCTION_LIST pkcs11_mock_functions = { { 2, 20 }, + &C_Initialize, + &C_Finalize, + &C_GetInfo, + &C_GetFunctionList, + &C_GetSlotList, + &C_GetSlotInfo, + &C_GetTokenInfo, + &C_GetMechanismList, + &C_GetMechanismInfo, + &C_InitToken, + &C_InitPIN, + &C_SetPIN, + &C_OpenSession, + &C_CloseSession, + &C_CloseAllSessions, + &C_GetSessionInfo, + &C_GetOperationState, + &C_SetOperationState, + &C_Login, + &C_Logout, + &C_CreateObject, + &C_CopyObject, + &C_DestroyObject, + &C_GetObjectSize, + &C_GetAttributeValue, + &C_SetAttributeValue, + &C_FindObjectsInit, + &C_FindObjects, + &C_FindObjectsFinal, + &C_EncryptInit, + &C_Encrypt, + &C_EncryptUpdate, + &C_EncryptFinal, + &C_DecryptInit, + &C_Decrypt, + &C_DecryptUpdate, + &C_DecryptFinal, + &C_DigestInit, + &C_Digest, + &C_DigestUpdate, + &C_DigestKey, + &C_DigestFinal, + &C_SignInit, + &C_Sign, + &C_SignUpdate, + &C_SignFinal, + &C_SignRecoverInit, + &C_SignRecover, + &C_VerifyInit, + &C_Verify, + &C_VerifyUpdate, + &C_VerifyFinal, + &C_VerifyRecoverInit, + &C_VerifyRecover, + &C_DigestEncryptUpdate, + &C_DecryptDigestUpdate, + &C_SignEncryptUpdate, + &C_DecryptVerifyUpdate, + &C_GenerateKey, + &C_GenerateKeyPair, + &C_WrapKey, + &C_UnwrapKey, + &C_DeriveKey, + &C_SeedRandom, + &C_GenerateRandom, + &C_GetFunctionStatus, + &C_CancelFunction, + &C_WaitForSlotEvent }; #if defined(HAVE___REGISTER_ATFORK) -extern int __register_atfork(void (*)(void), void(*)(void), void (*)(void), +extern int __register_atfork(void (*)(void), void (*)(void), void (*)(void), void *); extern void *__dso_handle; static unsigned registered_fork_handler = 0; @@ -236,7 +234,7 @@ static void fork_handler(void) if (mock_session) { mock_session->state = CKS_RO_PUBLIC_SESSION; mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_NONE; + PKCS11_MOCK_CK_OPERATION_NONE; free(mock_session->find_label); } free(mock_session); @@ -244,7 +242,8 @@ static void fork_handler(void) } #endif -CK_DEFINE_FUNCTION(CK_RV, C_Initialize) (CK_VOID_PTR pInitArgs) { +CK_DEFINE_FUNCTION(CK_RV, C_Initialize)(CK_VOID_PTR pInitArgs) +{ if (CK_TRUE == pkcs11_mock_initialized) return CKR_CRYPTOKI_ALREADY_INITIALIZED; @@ -260,7 +259,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_Initialize) (CK_VOID_PTR pInitArgs) { return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_Finalize) (CK_VOID_PTR pReserved) { +CK_DEFINE_FUNCTION(CK_RV, C_Finalize)(CK_VOID_PTR pReserved) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; @@ -271,7 +271,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_Finalize) (CK_VOID_PTR pReserved) { return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_GetInfo) (CK_INFO_PTR pInfo) { +CK_DEFINE_FUNCTION(CK_RV, C_GetInfo)(CK_INFO_PTR pInfo) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; @@ -295,8 +296,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetInfo) (CK_INFO_PTR pInfo) { return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, - C_GetFunctionList) (CK_FUNCTION_LIST_PTR_PTR ppFunctionList) +CK_DEFINE_FUNCTION(CK_RV, C_GetFunctionList) +(CK_FUNCTION_LIST_PTR_PTR ppFunctionList) { if (NULL == ppFunctionList) return CKR_ARGUMENTS_BAD; @@ -306,9 +307,9 @@ CK_DEFINE_FUNCTION(CK_RV, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_GetSlotList) (CK_BBOOL tokenPresent, - CK_SLOT_ID_PTR pSlotList, - CK_ULONG_PTR pulCount) { +CK_DEFINE_FUNCTION(CK_RV, C_GetSlotList) +(CK_BBOOL tokenPresent, CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; @@ -330,8 +331,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetSlotList) (CK_BBOOL tokenPresent, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_GetSlotInfo) (CK_SLOT_ID slotID, - CK_SLOT_INFO_PTR pInfo) { +CK_DEFINE_FUNCTION(CK_RV, C_GetSlotInfo) +(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; @@ -357,8 +359,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetSlotInfo) (CK_SLOT_ID slotID, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_GetTokenInfo) (CK_SLOT_ID slotID, - CK_TOKEN_INFO_PTR pInfo) { +CK_DEFINE_FUNCTION(CK_RV, C_GetTokenInfo) +(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; @@ -380,9 +383,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetTokenInfo) (CK_SLOT_ID slotID, memset(pInfo->serialNumber, ' ', sizeof(pInfo->serialNumber)); memcpy(pInfo->serialNumber, PKCS11_MOCK_CK_TOKEN_INFO_SERIAL_NUMBER, strlen(PKCS11_MOCK_CK_TOKEN_INFO_SERIAL_NUMBER)); - pInfo->flags = - CKF_RNG | CKF_LOGIN_REQUIRED | CKF_USER_PIN_INITIALIZED | - CKF_TOKEN_INITIALIZED; + pInfo->flags = CKF_RNG | CKF_LOGIN_REQUIRED | CKF_USER_PIN_INITIALIZED | + CKF_TOKEN_INITIALIZED; if (pkcs11_mock_flags & MOCK_FLAG_SAFENET_ALWAYS_AUTH) pInfo->flags &= ~CKF_LOGIN_REQUIRED; @@ -390,9 +392,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetTokenInfo) (CK_SLOT_ID slotID, pInfo->ulMaxSessionCount = CK_EFFECTIVELY_INFINITE; pInfo->ulSessionCount = (CK_TRUE == pkcs11_mock_session_opened) ? 1 : 0; pInfo->ulMaxRwSessionCount = CK_EFFECTIVELY_INFINITE; - if ((CK_TRUE == pkcs11_mock_session_opened) - && ((CKS_RO_PUBLIC_SESSION != mock_session->state) - && (CKS_RO_USER_FUNCTIONS != mock_session->state))) + if ((CK_TRUE == pkcs11_mock_session_opened) && + ((CKS_RO_PUBLIC_SESSION != mock_session->state) && + (CKS_RO_USER_FUNCTIONS != mock_session->state))) pInfo->ulRwSessionCount = 1; else pInfo->ulRwSessionCount = 0; @@ -411,10 +413,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetTokenInfo) (CK_SLOT_ID slotID, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_GetMechanismList) (CK_SLOT_ID slotID, - CK_MECHANISM_TYPE_PTR - pMechanismList, - CK_ULONG_PTR pulCount) { +CK_DEFINE_FUNCTION(CK_RV, C_GetMechanismList) +(CK_SLOT_ID slotID, CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pulCount) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; @@ -446,9 +447,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetMechanismList) (CK_SLOT_ID slotID, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_GetMechanismInfo) (CK_SLOT_ID slotID, - CK_MECHANISM_TYPE type, - CK_MECHANISM_INFO_PTR pInfo) { +CK_DEFINE_FUNCTION(CK_RV, C_GetMechanismInfo) +(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type, CK_MECHANISM_INFO_PTR pInfo) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; @@ -468,9 +469,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetMechanismInfo) (CK_SLOT_ID slotID, case CKM_RSA_PKCS: pInfo->ulMinKeySize = 1024; pInfo->ulMaxKeySize = 1024; - pInfo->flags = - CKF_ENCRYPT | CKF_DECRYPT | CKF_SIGN | CKF_SIGN_RECOVER | - CKF_VERIFY | CKF_VERIFY_RECOVER | CKF_WRAP | CKF_UNWRAP; + pInfo->flags = CKF_ENCRYPT | CKF_DECRYPT | CKF_SIGN | + CKF_SIGN_RECOVER | CKF_VERIFY | + CKF_VERIFY_RECOVER | CKF_WRAP | CKF_UNWRAP; break; case CKM_SHA1_RSA_PKCS: @@ -522,9 +523,10 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetMechanismInfo) (CK_SLOT_ID slotID, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_InitToken) (CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, - CK_ULONG ulPinLen, - CK_UTF8CHAR_PTR pLabel) { +CK_DEFINE_FUNCTION(CK_RV, C_InitToken) +(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen, + CK_UTF8CHAR_PTR pLabel) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; @@ -534,8 +536,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_InitToken) (CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, if (NULL == pPin) return CKR_ARGUMENTS_BAD; - if ((ulPinLen < PKCS11_MOCK_CK_TOKEN_INFO_MIN_PIN_LEN) - || (ulPinLen > PKCS11_MOCK_CK_TOKEN_INFO_MAX_PIN_LEN)) + if ((ulPinLen < PKCS11_MOCK_CK_TOKEN_INFO_MIN_PIN_LEN) || + (ulPinLen > PKCS11_MOCK_CK_TOKEN_INFO_MAX_PIN_LEN)) return CKR_PIN_LEN_RANGE; if (NULL == pLabel) @@ -547,13 +549,14 @@ CK_DEFINE_FUNCTION(CK_RV, C_InitToken) (CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_InitPIN) (CK_SESSION_HANDLE hSession, - CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen) { +CK_DEFINE_FUNCTION(CK_RV, C_InitPIN) +(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (CKS_RW_SO_FUNCTIONS != mock_session->state) @@ -562,49 +565,49 @@ CK_DEFINE_FUNCTION(CK_RV, C_InitPIN) (CK_SESSION_HANDLE hSession, if (NULL == pPin) return CKR_ARGUMENTS_BAD; - if ((ulPinLen < PKCS11_MOCK_CK_TOKEN_INFO_MIN_PIN_LEN) - || (ulPinLen > PKCS11_MOCK_CK_TOKEN_INFO_MAX_PIN_LEN)) + if ((ulPinLen < PKCS11_MOCK_CK_TOKEN_INFO_MIN_PIN_LEN) || + (ulPinLen > PKCS11_MOCK_CK_TOKEN_INFO_MAX_PIN_LEN)) return CKR_PIN_LEN_RANGE; return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_SetPIN) (CK_SESSION_HANDLE hSession, - CK_UTF8CHAR_PTR pOldPin, CK_ULONG ulOldLen, - CK_UTF8CHAR_PTR pNewPin, - CK_ULONG ulNewLen) { +CK_DEFINE_FUNCTION(CK_RV, C_SetPIN) +(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pOldPin, CK_ULONG ulOldLen, + CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewLen) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; - if ((CKS_RO_PUBLIC_SESSION == mock_session->state) - || (CKS_RO_USER_FUNCTIONS == mock_session->state)) + if ((CKS_RO_PUBLIC_SESSION == mock_session->state) || + (CKS_RO_USER_FUNCTIONS == mock_session->state)) return CKR_SESSION_READ_ONLY; if (NULL == pOldPin) return CKR_ARGUMENTS_BAD; - if ((ulOldLen < PKCS11_MOCK_CK_TOKEN_INFO_MIN_PIN_LEN) - || (ulOldLen > PKCS11_MOCK_CK_TOKEN_INFO_MAX_PIN_LEN)) + if ((ulOldLen < PKCS11_MOCK_CK_TOKEN_INFO_MIN_PIN_LEN) || + (ulOldLen > PKCS11_MOCK_CK_TOKEN_INFO_MAX_PIN_LEN)) return CKR_PIN_LEN_RANGE; if (NULL == pNewPin) return CKR_ARGUMENTS_BAD; - if ((ulNewLen < PKCS11_MOCK_CK_TOKEN_INFO_MIN_PIN_LEN) - || (ulNewLen > PKCS11_MOCK_CK_TOKEN_INFO_MAX_PIN_LEN)) + if ((ulNewLen < PKCS11_MOCK_CK_TOKEN_INFO_MIN_PIN_LEN) || + (ulNewLen > PKCS11_MOCK_CK_TOKEN_INFO_MAX_PIN_LEN)) return CKR_PIN_LEN_RANGE; return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_OpenSession) (CK_SLOT_ID slotID, CK_FLAGS flags, - CK_VOID_PTR pApplication, - CK_NOTIFY Notify, - CK_SESSION_HANDLE_PTR phSession) { +CK_DEFINE_FUNCTION(CK_RV, C_OpenSession) +(CK_SLOT_ID slotID, CK_FLAGS flags, CK_VOID_PTR pApplication, CK_NOTIFY Notify, + CK_SESSION_HANDLE_PTR phSession) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; if (CK_TRUE == pkcs11_mock_session_opened) @@ -629,9 +632,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_OpenSession) (CK_SLOT_ID slotID, CK_FLAGS flags, if (mock_session == NULL) return CKR_HOST_MEMORY; - mock_session->state = - (flags & CKF_RW_SESSION) ? CKS_RW_PUBLIC_SESSION : - CKS_RO_PUBLIC_SESSION; + mock_session->state = (flags & CKF_RW_SESSION) ? CKS_RW_PUBLIC_SESSION : + CKS_RO_PUBLIC_SESSION; mock_session->find_op.find_result = CKR_OBJECT_HANDLE_INVALID; mock_session->find_op.active_operation = PKCS11_MOCK_CK_OPERATION_NONE; @@ -642,12 +644,13 @@ CK_DEFINE_FUNCTION(CK_RV, C_OpenSession) (CK_SLOT_ID slotID, CK_FLAGS flags, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_CloseSession) (CK_SESSION_HANDLE hSession) { +CK_DEFINE_FUNCTION(CK_RV, C_CloseSession)(CK_SESSION_HANDLE hSession) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; pkcs11_mock_session_opened = CK_FALSE; @@ -661,17 +664,19 @@ CK_DEFINE_FUNCTION(CK_RV, C_CloseSession) (CK_SESSION_HANDLE hSession) { return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_CloseAllSessions) (CK_SLOT_ID slotID) { +CK_DEFINE_FUNCTION(CK_RV, C_CloseAllSessions)(CK_SLOT_ID slotID) +{ return C_CloseSession(PKCS11_MOCK_CK_SESSION_ID); } -CK_DEFINE_FUNCTION(CK_RV, C_GetSessionInfo) (CK_SESSION_HANDLE hSession, - CK_SESSION_INFO_PTR pInfo) { +CK_DEFINE_FUNCTION(CK_RV, C_GetSessionInfo) +(CK_SESSION_HANDLE hSession, CK_SESSION_INFO_PTR pInfo) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pInfo) @@ -680,23 +685,23 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetSessionInfo) (CK_SESSION_HANDLE hSession, pInfo->slotID = PKCS11_MOCK_CK_SLOT_ID; pInfo->state = mock_session->state; pInfo->flags = CKF_SERIAL_SESSION; - if ((mock_session->state != CKS_RO_PUBLIC_SESSION) - && (mock_session->state != CKS_RO_USER_FUNCTIONS)) + if ((mock_session->state != CKS_RO_PUBLIC_SESSION) && + (mock_session->state != CKS_RO_USER_FUNCTIONS)) pInfo->flags = pInfo->flags | CKF_RW_SESSION; pInfo->ulDeviceError = 0; return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_GetOperationState) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pOperationState, - CK_ULONG_PTR - pulOperationStateLen) { +CK_DEFINE_FUNCTION(CK_RV, C_GetOperationState) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOperationState, + CK_ULONG_PTR pulOperationStateLen) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pulOperationStateLen) @@ -715,17 +720,16 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetOperationState) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_SetOperationState) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pOperationState, - CK_ULONG ulOperationStateLen, - CK_OBJECT_HANDLE hEncryptionKey, - CK_OBJECT_HANDLE - hAuthenticationKey) { +CK_DEFINE_FUNCTION(CK_RV, C_SetOperationState) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOperationState, + CK_ULONG ulOperationStateLen, CK_OBJECT_HANDLE hEncryptionKey, + CK_OBJECT_HANDLE hAuthenticationKey) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pOperationState) @@ -741,27 +745,28 @@ CK_DEFINE_FUNCTION(CK_RV, C_SetOperationState) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_Login) (CK_SESSION_HANDLE hSession, - CK_USER_TYPE userType, CK_UTF8CHAR_PTR pPin, - CK_ULONG ulPinLen) { +CK_DEFINE_FUNCTION(CK_RV, C_Login) +(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType, CK_UTF8CHAR_PTR pPin, + CK_ULONG ulPinLen) +{ CK_RV rv = CKR_OK; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; - if ((pkcs11_mock_flags & MOCK_FLAG_SAFENET_ALWAYS_AUTH) - && userType == CKU_CONTEXT_SPECIFIC) { + if ((pkcs11_mock_flags & MOCK_FLAG_SAFENET_ALWAYS_AUTH) && + userType == CKU_CONTEXT_SPECIFIC) { return CKR_USER_TYPE_INVALID; } - if ((pkcs11_mock_flags & MOCK_FLAG_ALWAYS_AUTH) - || (pkcs11_mock_flags & MOCK_FLAG_SAFENET_ALWAYS_AUTH)) { - if ((CKU_CONTEXT_SPECIFIC != userType) && (CKU_SO != userType) - && (CKU_USER != userType)) + if ((pkcs11_mock_flags & MOCK_FLAG_ALWAYS_AUTH) || + (pkcs11_mock_flags & MOCK_FLAG_SAFENET_ALWAYS_AUTH)) { + if ((CKU_CONTEXT_SPECIFIC != userType) && + (CKU_SO != userType) && (CKU_USER != userType)) return CKR_USER_TYPE_INVALID; } else if ((CKU_SO != userType) && (CKU_USER != userType)) { return CKR_USER_TYPE_INVALID; @@ -770,8 +775,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_Login) (CK_SESSION_HANDLE hSession, if (NULL == pPin) return CKR_ARGUMENTS_BAD; - if ((ulPinLen < PKCS11_MOCK_CK_TOKEN_INFO_MIN_PIN_LEN) - || (ulPinLen > PKCS11_MOCK_CK_TOKEN_INFO_MAX_PIN_LEN)) + if ((ulPinLen < PKCS11_MOCK_CK_TOKEN_INFO_MIN_PIN_LEN) || + (ulPinLen > PKCS11_MOCK_CK_TOKEN_INFO_MAX_PIN_LEN)) return CKR_PIN_LEN_RANGE; switch (mock_session->state) { @@ -787,32 +792,30 @@ CK_DEFINE_FUNCTION(CK_RV, C_Login) (CK_SESSION_HANDLE hSession, case CKS_RO_USER_FUNCTIONS: case CKS_RW_USER_FUNCTIONS: - rv = (CKU_SO == - userType) ? CKR_USER_ANOTHER_ALREADY_LOGGED_IN : - CKR_USER_ALREADY_LOGGED_IN; + rv = (CKU_SO == userType) ? CKR_USER_ANOTHER_ALREADY_LOGGED_IN : + CKR_USER_ALREADY_LOGGED_IN; break; case CKS_RW_PUBLIC_SESSION: - mock_session->state = - (CKU_SO == - userType) ? CKS_RW_SO_FUNCTIONS : CKS_RW_USER_FUNCTIONS; + mock_session->state = (CKU_SO == userType) ? + CKS_RW_SO_FUNCTIONS : + CKS_RW_USER_FUNCTIONS; break; case CKS_RW_SO_FUNCTIONS: - rv = (CKU_SO == - userType) ? CKR_USER_ALREADY_LOGGED_IN : - CKR_USER_ANOTHER_ALREADY_LOGGED_IN; + rv = (CKU_SO == userType) ? CKR_USER_ALREADY_LOGGED_IN : + CKR_USER_ANOTHER_ALREADY_LOGGED_IN; break; } - if ((pkcs11_mock_flags & MOCK_FLAG_ALWAYS_AUTH - || pkcs11_mock_flags & MOCK_FLAG_SAFENET_ALWAYS_AUTH) - && rv == CKR_USER_ALREADY_LOGGED_IN) { + if ((pkcs11_mock_flags & MOCK_FLAG_ALWAYS_AUTH || + pkcs11_mock_flags & MOCK_FLAG_SAFENET_ALWAYS_AUTH) && + rv == CKR_USER_ALREADY_LOGGED_IN) { rv = 0; } @@ -820,32 +823,33 @@ CK_DEFINE_FUNCTION(CK_RV, C_Login) (CK_SESSION_HANDLE hSession, return rv; } -CK_DEFINE_FUNCTION(CK_RV, C_Logout) (CK_SESSION_HANDLE hSession) { +CK_DEFINE_FUNCTION(CK_RV, C_Logout)(CK_SESSION_HANDLE hSession) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; - if ((mock_session->state == CKS_RO_PUBLIC_SESSION) - || (mock_session->state == CKS_RW_PUBLIC_SESSION)) + if ((mock_session->state == CKS_RO_PUBLIC_SESSION) || + (mock_session->state == CKS_RW_PUBLIC_SESSION)) return CKR_USER_NOT_LOGGED_IN; return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_CreateObject) (CK_SESSION_HANDLE hSession, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulCount, - CK_OBJECT_HANDLE_PTR phObject) { +CK_DEFINE_FUNCTION(CK_RV, C_CreateObject) +(CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, + CK_OBJECT_HANDLE_PTR phObject) +{ CK_ULONG i = 0; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pTemplate) @@ -870,18 +874,17 @@ CK_DEFINE_FUNCTION(CK_RV, C_CreateObject) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_CopyObject) (CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE hObject, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulCount, - CK_OBJECT_HANDLE_PTR phNewObject) { +CK_DEFINE_FUNCTION(CK_RV, C_CopyObject) +(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, + CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phNewObject) +{ CK_ULONG i = 0; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (PKCS11_MOCK_CK_OBJECT_HANDLE_DATA != hObject) @@ -905,13 +908,14 @@ CK_DEFINE_FUNCTION(CK_RV, C_CopyObject) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_DestroyObject) (CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE hObject) { +CK_DEFINE_FUNCTION(CK_RV, C_DestroyObject) +(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if ((PKCS11_MOCK_CK_OBJECT_HANDLE_DATA != hObject) && @@ -923,14 +927,14 @@ CK_DEFINE_FUNCTION(CK_RV, C_DestroyObject) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_GetObjectSize) (CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE hObject, - CK_ULONG_PTR pulSize) { +CK_DEFINE_FUNCTION(CK_RV, C_GetObjectSize) +(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if ((PKCS11_MOCK_CK_OBJECT_HANDLE_DATA != hObject) && @@ -947,17 +951,17 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetObjectSize) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_GetAttributeValue) (CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE hObject, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulCount) { +CK_DEFINE_FUNCTION(CK_RV, C_GetAttributeValue) +(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, + CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) +{ CK_ULONG i = 0; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if ((PKCS11_MOCK_CK_OBJECT_HANDLE_DATA != hObject) && @@ -976,18 +980,18 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetAttributeValue) (CK_SESSION_HANDLE hSession, for (i = 0; i < ulCount; i++) { if (CKA_PUBLIC_KEY_INFO == pTemplate[i].type && - (PKCS11_MOCK_CK_OBJECT_HANDLE_CERTIFICATE == hObject - || PKCS11_MOCK_CK_OBJECT_HANDLE_PUBLIC_KEY == hObject)) { + (PKCS11_MOCK_CK_OBJECT_HANDLE_CERTIFICATE == hObject || + PKCS11_MOCK_CK_OBJECT_HANDLE_PUBLIC_KEY == hObject)) { if (pTemplate[i].ulValueLen < sizeof(mock_pubkey) - 1) { pTemplate[i].ulValueLen = - sizeof(mock_pubkey) - 1; + sizeof(mock_pubkey) - 1; if (pTemplate[i].pValue == NULL) return CKR_OK; else return CKR_BUFFER_TOO_SMALL; } pTemplate[i].ulValueLen = - (CK_ULONG) sizeof(mock_pubkey) - 1; + (CK_ULONG)sizeof(mock_pubkey) - 1; memcpy(pTemplate[i].pValue, mock_pubkey, pTemplate[i].ulValueLen); } else if (CKA_CLASS == pTemplate[i].type) { @@ -1001,9 +1005,10 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetAttributeValue) (CK_SESSION_HANDLE hSession, pTemplate[i].ulValueLen = sizeof(hObject); } else if (CKA_PUBLIC_EXPONENT == pTemplate[i].type && - (PKCS11_MOCK_CK_OBJECT_HANDLE_PUBLIC_KEY == hObject - || PKCS11_MOCK_CK_OBJECT_HANDLE_PRIVATE_KEY == - hObject)) { + (PKCS11_MOCK_CK_OBJECT_HANDLE_PUBLIC_KEY == + hObject || + PKCS11_MOCK_CK_OBJECT_HANDLE_PRIVATE_KEY == + hObject)) { if (NULL != pTemplate[i].pValue) { if (pTemplate[i].ulValueLen < sizeof(mock_public_exponent) - 1) @@ -1012,16 +1017,16 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetAttributeValue) (CK_SESSION_HANDLE hSession, memcpy(pTemplate[i].pValue, mock_public_exponent, sizeof(mock_public_exponent) - - 1); + 1); } pTemplate[i].ulValueLen = - sizeof(mock_public_exponent) - 1; - } else if (CKA_MODULUS == pTemplate[i].type - && (PKCS11_MOCK_CK_OBJECT_HANDLE_PUBLIC_KEY == - hObject - || PKCS11_MOCK_CK_OBJECT_HANDLE_PRIVATE_KEY == - hObject)) { + sizeof(mock_public_exponent) - 1; + } else if (CKA_MODULUS == pTemplate[i].type && + (PKCS11_MOCK_CK_OBJECT_HANDLE_PUBLIC_KEY == + hObject || + PKCS11_MOCK_CK_OBJECT_HANDLE_PRIVATE_KEY == + hObject)) { if (NULL != pTemplate[i].pValue) { if (pTemplate[i].ulValueLen < sizeof(mock_modulus) - 1) @@ -1033,9 +1038,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetAttributeValue) (CK_SESSION_HANDLE hSession, } pTemplate[i].ulValueLen = sizeof(mock_modulus) - 1; - } else if (CKA_SUBJECT == pTemplate[i].type - && PKCS11_MOCK_CK_OBJECT_HANDLE_CERTIFICATE == - hObject) { + } else if (CKA_SUBJECT == pTemplate[i].type && + PKCS11_MOCK_CK_OBJECT_HANDLE_CERTIFICATE == + hObject) { if (NULL != pTemplate[i].pValue) { if (pTemplate[i].ulValueLen < strlen(mock_subject)) @@ -1055,12 +1060,11 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetAttributeValue) (CK_SESSION_HANDLE hSession, else memcpy(pTemplate[i].pValue, PKCS11_MOCK_CK_OBJECT_CKA_LABEL, - strlen - (PKCS11_MOCK_CK_OBJECT_CKA_LABEL)); + strlen(PKCS11_MOCK_CK_OBJECT_CKA_LABEL)); } pTemplate[i].ulValueLen = - strlen(PKCS11_MOCK_CK_OBJECT_CKA_LABEL); + strlen(PKCS11_MOCK_CK_OBJECT_CKA_LABEL); } else if (CKA_KEY_TYPE == pTemplate[i].type) { CK_KEY_TYPE t; if (pTemplate[i].ulValueLen != sizeof(CK_KEY_TYPE)) @@ -1090,20 +1094,19 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetAttributeValue) (CK_SESSION_HANDLE hSession, else memcpy(pTemplate[i].pValue, PKCS11_MOCK_CK_OBJECT_CKA_LABEL, - strlen - (PKCS11_MOCK_CK_OBJECT_CKA_LABEL)); + strlen(PKCS11_MOCK_CK_OBJECT_CKA_LABEL)); } pTemplate[i].ulValueLen = - strlen(PKCS11_MOCK_CK_OBJECT_CKA_LABEL); + strlen(PKCS11_MOCK_CK_OBJECT_CKA_LABEL); } else if (CKA_CERTIFICATE_CATEGORY == pTemplate[i].type) { - CK_ULONG t = 2; /* authority */ + CK_ULONG t = 2; /* authority */ if (pTemplate[i].ulValueLen < sizeof(CK_ULONG)) return CKR_BUFFER_TOO_SMALL; memcpy(pTemplate[i].pValue, &t, sizeof(CK_ULONG)); } else if (CKA_VALUE == pTemplate[i].type) { - if (PKCS11_MOCK_CK_OBJECT_HANDLE_CERTIFICATE_EXTENSION - == hObject) { + if (PKCS11_MOCK_CK_OBJECT_HANDLE_CERTIFICATE_EXTENSION == + hObject) { const void *obj; unsigned obj_len; @@ -1122,7 +1125,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetAttributeValue) (CK_SESSION_HANDLE hSession, else return CKR_BUFFER_TOO_SMALL; } - pTemplate[i].ulValueLen = (CK_ULONG) obj_len; + pTemplate[i].ulValueLen = (CK_ULONG)obj_len; memcpy(pTemplate[i].pValue, obj, pTemplate[i].ulValueLen); } else if (PKCS11_MOCK_CK_OBJECT_HANDLE_CERTIFICATE == @@ -1130,14 +1133,14 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetAttributeValue) (CK_SESSION_HANDLE hSession, if (pTemplate[i].ulValueLen < sizeof(mock_certificate) - 1) { pTemplate[i].ulValueLen = - sizeof(mock_certificate) - 1; + sizeof(mock_certificate) - 1; if (pTemplate[i].pValue == NULL) return CKR_OK; else return CKR_BUFFER_TOO_SMALL; } pTemplate[i].ulValueLen = - (CK_ULONG) sizeof(mock_certificate) - 1; + (CK_ULONG)sizeof(mock_certificate) - 1; memcpy(pTemplate[i].pValue, mock_certificate, pTemplate[i].ulValueLen); } else if (PKCS11_MOCK_CK_OBJECT_HANDLE_PUBLIC_KEY == @@ -1145,39 +1148,36 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetAttributeValue) (CK_SESSION_HANDLE hSession, if (pTemplate[i].ulValueLen < sizeof(mock_pubkey) - 1) { pTemplate[i].ulValueLen = - sizeof(mock_pubkey) - 1; + sizeof(mock_pubkey) - 1; if (pTemplate[i].pValue == NULL) return CKR_OK; else return CKR_BUFFER_TOO_SMALL; } pTemplate[i].ulValueLen = - (CK_ULONG) sizeof(mock_pubkey) - 1; + (CK_ULONG)sizeof(mock_pubkey) - 1; memcpy(pTemplate[i].pValue, mock_pubkey, pTemplate[i].ulValueLen); } else if (PKCS11_MOCK_CK_OBJECT_HANDLE_PRIVATE_KEY == hObject) { - pTemplate[i].ulValueLen = (CK_ULONG) - 1; - if (! - (pkcs11_mock_flags & - MOCK_FLAG_BROKEN_GET_ATTRIBUTES)) { + pTemplate[i].ulValueLen = (CK_ULONG)-1; + if (!(pkcs11_mock_flags & + MOCK_FLAG_BROKEN_GET_ATTRIBUTES)) { return CKR_ATTRIBUTE_SENSITIVE; } } else { if (NULL != pTemplate[i].pValue) { if (pTemplate[i].ulValueLen < - strlen - (PKCS11_MOCK_CK_OBJECT_CKA_VALUE)) + strlen(PKCS11_MOCK_CK_OBJECT_CKA_VALUE)) return CKR_BUFFER_TOO_SMALL; else memcpy(pTemplate[i].pValue, PKCS11_MOCK_CK_OBJECT_CKA_VALUE, - strlen - (PKCS11_MOCK_CK_OBJECT_CKA_VALUE)); + strlen(PKCS11_MOCK_CK_OBJECT_CKA_VALUE)); } pTemplate[i].ulValueLen = - strlen(PKCS11_MOCK_CK_OBJECT_CKA_VALUE); + strlen(PKCS11_MOCK_CK_OBJECT_CKA_VALUE); } } else { return CKR_ATTRIBUTE_TYPE_INVALID; @@ -1187,17 +1187,17 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetAttributeValue) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_SetAttributeValue) (CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE hObject, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulCount) { +CK_DEFINE_FUNCTION(CK_RV, C_SetAttributeValue) +(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, + CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) +{ CK_ULONG i = 0; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if ((PKCS11_MOCK_CK_OBJECT_HANDLE_DATA != hObject) && @@ -1213,8 +1213,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_SetAttributeValue) (CK_SESSION_HANDLE hSession, return CKR_ARGUMENTS_BAD; for (i = 0; i < ulCount; i++) { - if ((CKA_LABEL == pTemplate[i].type) - || (CKA_VALUE == pTemplate[i].type)) { + if ((CKA_LABEL == pTemplate[i].type) || + (CKA_VALUE == pTemplate[i].type)) { if (NULL == pTemplate[i].pValue) return CKR_ATTRIBUTE_VALUE_INVALID; @@ -1228,9 +1228,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_SetAttributeValue) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_FindObjectsInit) (CK_SESSION_HANDLE hSession, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulCount) { +CK_DEFINE_FUNCTION(CK_RV, C_FindObjectsInit) +(CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) +{ CK_ULONG i = 0; CK_ULONG_PTR cka_class_value = NULL; @@ -1241,8 +1241,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_FindObjectsInit) (CK_SESSION_HANDLE hSession, mock_session->find_op.active_operation) return CKR_OPERATION_ACTIVE; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pTemplate) @@ -1261,44 +1261,43 @@ CK_DEFINE_FUNCTION(CK_RV, C_FindObjectsInit) (CK_SESSION_HANDLE hSession, if (CKA_LABEL == pTemplate[i].type) { free(mock_session->find_label); - mock_session->find_label = - strndup(pTemplate[i].pValue, - pTemplate[i].ulValueLen); + mock_session->find_label = strndup( + pTemplate[i].pValue, pTemplate[i].ulValueLen); } else if (CKA_CLASS == pTemplate[i].type) { if (sizeof(CK_ULONG) != pTemplate[i].ulValueLen) return CKR_ATTRIBUTE_VALUE_INVALID; - cka_class_value = (CK_ULONG_PTR) pTemplate[i].pValue; + cka_class_value = (CK_ULONG_PTR)pTemplate[i].pValue; switch (*cka_class_value) { case CKO_DATA: mock_session->find_op.find_result = - PKCS11_MOCK_CK_OBJECT_HANDLE_DATA; + PKCS11_MOCK_CK_OBJECT_HANDLE_DATA; mock_session->find_op.remaining_data = 2; break; case CKO_SECRET_KEY: mock_session->find_op.find_result = - PKCS11_MOCK_CK_OBJECT_HANDLE_SECRET_KEY; + PKCS11_MOCK_CK_OBJECT_HANDLE_SECRET_KEY; mock_session->find_op.remaining_data = 1; break; case CKO_CERTIFICATE: mock_session->find_op.find_result = - PKCS11_MOCK_CK_OBJECT_HANDLE_CERTIFICATE; + PKCS11_MOCK_CK_OBJECT_HANDLE_CERTIFICATE; mock_session->find_op.remaining_data = 1; break; case CKO_PUBLIC_KEY: mock_session->find_op.find_result = - PKCS11_MOCK_CK_OBJECT_HANDLE_PUBLIC_KEY; + PKCS11_MOCK_CK_OBJECT_HANDLE_PUBLIC_KEY; mock_session->find_op.remaining_data = 1; break; case CKO_PRIVATE_KEY: mock_session->find_op.find_result = - PKCS11_MOCK_CK_OBJECT_HANDLE_PRIVATE_KEY; + PKCS11_MOCK_CK_OBJECT_HANDLE_PRIVATE_KEY; mock_session->find_op.remaining_data = 1; break; case CKO_X_CERTIFICATE_EXTENSION: mock_session->find_op.find_result = - PKCS11_MOCK_CK_OBJECT_HANDLE_CERTIFICATE_EXTENSION; + PKCS11_MOCK_CK_OBJECT_HANDLE_CERTIFICATE_EXTENSION; mock_session->find_op.remaining_data = 2; break; } @@ -1310,11 +1309,10 @@ CK_DEFINE_FUNCTION(CK_RV, C_FindObjectsInit) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_FindObjects) (CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE_PTR phObject, - CK_ULONG ulMaxObjectCount, - CK_ULONG_PTR pulObjectCount) { - +CK_DEFINE_FUNCTION(CK_RV, C_FindObjects) +(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE_PTR phObject, + CK_ULONG ulMaxObjectCount, CK_ULONG_PTR pulObjectCount) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; @@ -1322,8 +1320,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_FindObjects) (CK_SESSION_HANDLE hSession, mock_session->find_op.active_operation) return CKR_OPERATION_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if ((NULL == phObject) && (0 < ulMaxObjectCount)) @@ -1371,7 +1369,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_FindObjects) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_FindObjectsFinal) (CK_SESSION_HANDLE hSession) { +CK_DEFINE_FUNCTION(CK_RV, C_FindObjectsFinal)(CK_SESSION_HANDLE hSession) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; @@ -1379,8 +1378,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_FindObjectsFinal) (CK_SESSION_HANDLE hSession) { mock_session->find_op.active_operation) return CKR_OPERATION_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; mock_session->find_op.active_operation = PKCS11_MOCK_CK_OPERATION_NONE; @@ -1388,22 +1387,22 @@ CK_DEFINE_FUNCTION(CK_RV, C_FindObjectsFinal) (CK_SESSION_HANDLE hSession) { return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_EncryptInit) (CK_SESSION_HANDLE hSession, - CK_MECHANISM_PTR pMechanism, - CK_OBJECT_HANDLE hKey) { +CK_DEFINE_FUNCTION(CK_RV, C_EncryptInit) +(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; if ((PKCS11_MOCK_CK_OPERATION_NONE != - mock_session->find_op.active_operation) - && (PKCS11_MOCK_CK_OPERATION_DIGEST != - mock_session->find_op.active_operation) - && (PKCS11_MOCK_CK_OPERATION_SIGN != - mock_session->find_op.active_operation)) + mock_session->find_op.active_operation) && + (PKCS11_MOCK_CK_OPERATION_DIGEST != + mock_session->find_op.active_operation) && + (PKCS11_MOCK_CK_OPERATION_SIGN != + mock_session->find_op.active_operation)) return CKR_OPERATION_ACTIVE; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pMechanism) @@ -1412,8 +1411,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_EncryptInit) (CK_SESSION_HANDLE hSession, switch (pMechanism->mechanism) { case CKM_RSA_PKCS: - if ((NULL != pMechanism->pParameter) - || (0 != pMechanism->ulParameterLen)) + if ((NULL != pMechanism->pParameter) || + (0 != pMechanism->ulParameterLen)) return CKR_MECHANISM_PARAM_INVALID; if (PKCS11_MOCK_CK_OBJECT_HANDLE_PUBLIC_KEY != hKey) @@ -1436,8 +1435,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_EncryptInit) (CK_SESSION_HANDLE hSession, #endif case CKM_DES3_CBC: - if ((NULL == pMechanism->pParameter) - || (8 != pMechanism->ulParameterLen)) + if ((NULL == pMechanism->pParameter) || + (8 != pMechanism->ulParameterLen)) return CKR_MECHANISM_PARAM_INVALID; if (PKCS11_MOCK_CK_OBJECT_HANDLE_SECRET_KEY != hKey) @@ -1447,8 +1446,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_EncryptInit) (CK_SESSION_HANDLE hSession, case CKM_AES_CBC: - if ((NULL == pMechanism->pParameter) - || (16 != pMechanism->ulParameterLen)) + if ((NULL == pMechanism->pParameter) || + (16 != pMechanism->ulParameterLen)) return CKR_MECHANISM_PARAM_INVALID; if (PKCS11_MOCK_CK_OBJECT_HANDLE_SECRET_KEY != hKey) @@ -1464,15 +1463,15 @@ CK_DEFINE_FUNCTION(CK_RV, C_EncryptInit) (CK_SESSION_HANDLE hSession, switch (mock_session->find_op.active_operation) { case PKCS11_MOCK_CK_OPERATION_NONE: mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_ENCRYPT; + PKCS11_MOCK_CK_OPERATION_ENCRYPT; break; case PKCS11_MOCK_CK_OPERATION_DIGEST: mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_DIGEST_ENCRYPT; + PKCS11_MOCK_CK_OPERATION_DIGEST_ENCRYPT; break; case PKCS11_MOCK_CK_OPERATION_SIGN: mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_SIGN_ENCRYPT; + PKCS11_MOCK_CK_OPERATION_SIGN_ENCRYPT; break; default: return CKR_FUNCTION_FAILED; @@ -1481,10 +1480,10 @@ CK_DEFINE_FUNCTION(CK_RV, C_EncryptInit) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_Encrypt) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pData, CK_ULONG ulDataLen, - CK_BYTE_PTR pEncryptedData, - CK_ULONG_PTR pulEncryptedDataLen) { +CK_DEFINE_FUNCTION(CK_RV, C_Encrypt) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, + CK_BYTE_PTR pEncryptedData, CK_ULONG_PTR pulEncryptedDataLen) +{ CK_ULONG i = 0; if (CK_FALSE == pkcs11_mock_initialized) @@ -1494,8 +1493,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_Encrypt) (CK_SESSION_HANDLE hSession, mock_session->find_op.active_operation) return CKR_OPERATION_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pData) @@ -1515,7 +1514,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_Encrypt) (CK_SESSION_HANDLE hSession, pEncryptedData[i] = pData[i] ^ 0xAB; mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_NONE; + PKCS11_MOCK_CK_OPERATION_NONE; } } @@ -1524,11 +1523,10 @@ CK_DEFINE_FUNCTION(CK_RV, C_Encrypt) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_EncryptUpdate) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pPart, - CK_ULONG ulPartLen, - CK_BYTE_PTR pEncryptedPart, - CK_ULONG_PTR pulEncryptedPartLen) { +CK_DEFINE_FUNCTION(CK_RV, C_EncryptUpdate) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen, + CK_BYTE_PTR pEncryptedPart, CK_ULONG_PTR pulEncryptedPartLen) +{ CK_ULONG i = 0; if (CK_FALSE == pkcs11_mock_initialized) @@ -1538,8 +1536,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_EncryptUpdate) (CK_SESSION_HANDLE hSession, mock_session->find_op.active_operation) return CKR_OPERATION_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pPart) @@ -1565,23 +1563,23 @@ CK_DEFINE_FUNCTION(CK_RV, C_EncryptUpdate) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_EncryptFinal) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pLastEncryptedPart, - CK_ULONG_PTR pulLastEncryptedPartLen) +CK_DEFINE_FUNCTION(CK_RV, C_EncryptFinal) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pLastEncryptedPart, + CK_ULONG_PTR pulLastEncryptedPartLen) { if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; if ((PKCS11_MOCK_CK_OPERATION_ENCRYPT != - mock_session->find_op.active_operation) - && (PKCS11_MOCK_CK_OPERATION_DIGEST_ENCRYPT != - mock_session->find_op.active_operation) - && (PKCS11_MOCK_CK_OPERATION_SIGN_ENCRYPT != - mock_session->find_op.active_operation)) + mock_session->find_op.active_operation) && + (PKCS11_MOCK_CK_OPERATION_DIGEST_ENCRYPT != + mock_session->find_op.active_operation) && + (PKCS11_MOCK_CK_OPERATION_SIGN_ENCRYPT != + mock_session->find_op.active_operation)) return CKR_OPERATION_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pulLastEncryptedPartLen) @@ -1591,15 +1589,15 @@ CK_DEFINE_FUNCTION(CK_RV, C_EncryptFinal) (CK_SESSION_HANDLE hSession, switch (mock_session->find_op.active_operation) { case PKCS11_MOCK_CK_OPERATION_ENCRYPT: mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_NONE; + PKCS11_MOCK_CK_OPERATION_NONE; break; case PKCS11_MOCK_CK_OPERATION_DIGEST_ENCRYPT: mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_DIGEST; + PKCS11_MOCK_CK_OPERATION_DIGEST; break; case PKCS11_MOCK_CK_OPERATION_SIGN_ENCRYPT: mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_SIGN; + PKCS11_MOCK_CK_OPERATION_SIGN; break; default: return CKR_FUNCTION_FAILED; @@ -1611,26 +1609,26 @@ CK_DEFINE_FUNCTION(CK_RV, C_EncryptFinal) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_DecryptInit) (CK_SESSION_HANDLE hSession, - CK_MECHANISM_PTR pMechanism, - CK_OBJECT_HANDLE hKey) { +CK_DEFINE_FUNCTION(CK_RV, C_DecryptInit) +(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if ((PKCS11_MOCK_CK_OPERATION_NONE != - mock_session->find_op.active_operation) - && (PKCS11_MOCK_CK_OPERATION_DIGEST != - mock_session->find_op.active_operation) - && (PKCS11_MOCK_CK_OPERATION_VERIFY != - mock_session->find_op.active_operation)) + mock_session->find_op.active_operation) && + (PKCS11_MOCK_CK_OPERATION_DIGEST != + mock_session->find_op.active_operation) && + (PKCS11_MOCK_CK_OPERATION_VERIFY != + mock_session->find_op.active_operation)) return CKR_OPERATION_ACTIVE; - if (pkcs11_mock_flags & MOCK_FLAG_ALWAYS_AUTH - || pkcs11_mock_flags & MOCK_FLAG_SAFENET_ALWAYS_AUTH) { + if (pkcs11_mock_flags & MOCK_FLAG_ALWAYS_AUTH || + pkcs11_mock_flags & MOCK_FLAG_SAFENET_ALWAYS_AUTH) { mock_session->state = CKS_RO_PUBLIC_SESSION; pkcs11_mock_session_reauth = 0; } @@ -1641,8 +1639,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_DecryptInit) (CK_SESSION_HANDLE hSession, switch (pMechanism->mechanism) { case CKM_RSA_PKCS: - if ((NULL != pMechanism->pParameter) - || (0 != pMechanism->ulParameterLen)) + if ((NULL != pMechanism->pParameter) || + (0 != pMechanism->ulParameterLen)) return CKR_MECHANISM_PARAM_INVALID; if (PKCS11_MOCK_CK_OBJECT_HANDLE_PRIVATE_KEY != hKey) @@ -1664,8 +1662,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_DecryptInit) (CK_SESSION_HANDLE hSession, #endif case CKM_DES3_CBC: - if ((NULL == pMechanism->pParameter) - || (8 != pMechanism->ulParameterLen)) + if ((NULL == pMechanism->pParameter) || + (8 != pMechanism->ulParameterLen)) return CKR_MECHANISM_PARAM_INVALID; if (PKCS11_MOCK_CK_OBJECT_HANDLE_SECRET_KEY != hKey) @@ -1675,8 +1673,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_DecryptInit) (CK_SESSION_HANDLE hSession, case CKM_AES_CBC: - if ((NULL == pMechanism->pParameter) - || (16 != pMechanism->ulParameterLen)) + if ((NULL == pMechanism->pParameter) || + (16 != pMechanism->ulParameterLen)) return CKR_MECHANISM_PARAM_INVALID; if (PKCS11_MOCK_CK_OBJECT_HANDLE_SECRET_KEY != hKey) @@ -1692,15 +1690,15 @@ CK_DEFINE_FUNCTION(CK_RV, C_DecryptInit) (CK_SESSION_HANDLE hSession, switch (mock_session->find_op.active_operation) { case PKCS11_MOCK_CK_OPERATION_NONE: mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_DECRYPT; + PKCS11_MOCK_CK_OPERATION_DECRYPT; break; case PKCS11_MOCK_CK_OPERATION_DIGEST: mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_DECRYPT_DIGEST; + PKCS11_MOCK_CK_OPERATION_DECRYPT_DIGEST; break; case PKCS11_MOCK_CK_OPERATION_VERIFY: mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_DECRYPT_VERIFY; + PKCS11_MOCK_CK_OPERATION_DECRYPT_VERIFY; break; default: return CKR_FUNCTION_FAILED; @@ -1709,31 +1707,30 @@ CK_DEFINE_FUNCTION(CK_RV, C_DecryptInit) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_Decrypt) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pEncryptedData, - CK_ULONG ulEncryptedDataLen, - CK_BYTE_PTR pData, - CK_ULONG_PTR pulDataLen) { +CK_DEFINE_FUNCTION(CK_RV, C_Decrypt) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData, + CK_ULONG ulEncryptedDataLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) +{ CK_ULONG i = 0; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (PKCS11_MOCK_CK_OPERATION_DECRYPT != mock_session->find_op.active_operation) return CKR_OPERATION_NOT_INITIALIZED; - if (pkcs11_mock_flags & MOCK_FLAG_ALWAYS_AUTH - || pkcs11_mock_flags & MOCK_FLAG_SAFENET_ALWAYS_AUTH) { + if (pkcs11_mock_flags & MOCK_FLAG_ALWAYS_AUTH || + pkcs11_mock_flags & MOCK_FLAG_SAFENET_ALWAYS_AUTH) { if (!pkcs11_mock_session_reauth) { return CKR_USER_NOT_LOGGED_IN; } - if ((pkcs11_mock_flags & MOCK_FLAG_ALWAYS_AUTH) - && pData != NULL) { + if ((pkcs11_mock_flags & MOCK_FLAG_ALWAYS_AUTH) && + pData != NULL) { pkcs11_mock_session_reauth = 0; } } @@ -1755,7 +1752,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_Decrypt) (CK_SESSION_HANDLE hSession, pData[i] = pEncryptedData[i] ^ 0xAB; mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_NONE; + PKCS11_MOCK_CK_OPERATION_NONE; } } @@ -1764,18 +1761,17 @@ CK_DEFINE_FUNCTION(CK_RV, C_Decrypt) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_DecryptUpdate) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pEncryptedPart, - CK_ULONG ulEncryptedPartLen, - CK_BYTE_PTR pPart, - CK_ULONG_PTR pulPartLen) { +CK_DEFINE_FUNCTION(CK_RV, C_DecryptUpdate) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart, + CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) +{ CK_ULONG i = 0; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (PKCS11_MOCK_CK_OPERATION_DECRYPT != @@ -1805,22 +1801,22 @@ CK_DEFINE_FUNCTION(CK_RV, C_DecryptUpdate) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_DecryptFinal) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pLastPart, - CK_ULONG_PTR pulLastPartLen) { +CK_DEFINE_FUNCTION(CK_RV, C_DecryptFinal) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pLastPart, CK_ULONG_PTR pulLastPartLen) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if ((PKCS11_MOCK_CK_OPERATION_DECRYPT != - mock_session->find_op.active_operation) - && (PKCS11_MOCK_CK_OPERATION_DECRYPT_DIGEST != - mock_session->find_op.active_operation) - && (PKCS11_MOCK_CK_OPERATION_DECRYPT_VERIFY != - mock_session->find_op.active_operation)) + mock_session->find_op.active_operation) && + (PKCS11_MOCK_CK_OPERATION_DECRYPT_DIGEST != + mock_session->find_op.active_operation) && + (PKCS11_MOCK_CK_OPERATION_DECRYPT_VERIFY != + mock_session->find_op.active_operation)) return CKR_OPERATION_NOT_INITIALIZED; if (NULL == pulLastPartLen) @@ -1830,15 +1826,15 @@ CK_DEFINE_FUNCTION(CK_RV, C_DecryptFinal) (CK_SESSION_HANDLE hSession, switch (mock_session->find_op.active_operation) { case PKCS11_MOCK_CK_OPERATION_DECRYPT: mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_NONE; + PKCS11_MOCK_CK_OPERATION_NONE; break; case PKCS11_MOCK_CK_OPERATION_DECRYPT_DIGEST: mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_DIGEST; + PKCS11_MOCK_CK_OPERATION_DIGEST; break; case PKCS11_MOCK_CK_OPERATION_DECRYPT_VERIFY: mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_VERIFY; + PKCS11_MOCK_CK_OPERATION_VERIFY; break; default: return CKR_FUNCTION_FAILED; @@ -1850,21 +1846,22 @@ CK_DEFINE_FUNCTION(CK_RV, C_DecryptFinal) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_DigestInit) (CK_SESSION_HANDLE hSession, - CK_MECHANISM_PTR pMechanism) { +CK_DEFINE_FUNCTION(CK_RV, C_DigestInit) +(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; if ((PKCS11_MOCK_CK_OPERATION_NONE != - mock_session->find_op.active_operation) - && (PKCS11_MOCK_CK_OPERATION_ENCRYPT != - mock_session->find_op.active_operation) - && (PKCS11_MOCK_CK_OPERATION_DECRYPT != - mock_session->find_op.active_operation)) + mock_session->find_op.active_operation) && + (PKCS11_MOCK_CK_OPERATION_ENCRYPT != + mock_session->find_op.active_operation) && + (PKCS11_MOCK_CK_OPERATION_DECRYPT != + mock_session->find_op.active_operation)) return CKR_OPERATION_ACTIVE; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pMechanism) @@ -1873,22 +1870,22 @@ CK_DEFINE_FUNCTION(CK_RV, C_DigestInit) (CK_SESSION_HANDLE hSession, if (CKM_SHA_1 != pMechanism->mechanism) return CKR_MECHANISM_INVALID; - if ((NULL != pMechanism->pParameter) - || (0 != pMechanism->ulParameterLen)) + if ((NULL != pMechanism->pParameter) || + (0 != pMechanism->ulParameterLen)) return CKR_MECHANISM_PARAM_INVALID; switch (mock_session->find_op.active_operation) { case PKCS11_MOCK_CK_OPERATION_NONE: mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_DIGEST; + PKCS11_MOCK_CK_OPERATION_DIGEST; break; case PKCS11_MOCK_CK_OPERATION_ENCRYPT: mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_DIGEST_ENCRYPT; + PKCS11_MOCK_CK_OPERATION_DIGEST_ENCRYPT; break; case PKCS11_MOCK_CK_OPERATION_DECRYPT: mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_DECRYPT_DIGEST; + PKCS11_MOCK_CK_OPERATION_DECRYPT_DIGEST; break; default: return CKR_FUNCTION_FAILED; @@ -1897,14 +1894,13 @@ CK_DEFINE_FUNCTION(CK_RV, C_DigestInit) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_Digest) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pData, CK_ULONG ulDataLen, - CK_BYTE_PTR pDigest, - CK_ULONG_PTR pulDigestLen) { - CK_BYTE hash[20] = - { 0x7B, 0x50, 0x2C, 0x3A, 0x1F, 0x48, 0xC8, 0x60, 0x9A, 0xE2, 0x12, - 0xCD, 0xFB, 0x63, 0x9D, 0xEE, 0x39, 0x67, 0x3F, 0x5E - }; +CK_DEFINE_FUNCTION(CK_RV, C_Digest) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, + CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen) +{ + CK_BYTE hash[20] = { 0x7B, 0x50, 0x2C, 0x3A, 0x1F, 0x48, 0xC8, + 0x60, 0x9A, 0xE2, 0x12, 0xCD, 0xFB, 0x63, + 0x9D, 0xEE, 0x39, 0x67, 0x3F, 0x5E }; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; @@ -1913,8 +1909,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_Digest) (CK_SESSION_HANDLE hSession, mock_session->find_op.active_operation) return CKR_OPERATION_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pData) @@ -1932,7 +1928,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_Digest) (CK_SESSION_HANDLE hSession, } else { memcpy(pDigest, hash, sizeof(hash)); mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_NONE; + PKCS11_MOCK_CK_OPERATION_NONE; } } @@ -1941,9 +1937,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_Digest) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_DigestUpdate) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pPart, - CK_ULONG ulPartLen) { +CK_DEFINE_FUNCTION(CK_RV, C_DigestUpdate) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; @@ -1951,8 +1947,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_DigestUpdate) (CK_SESSION_HANDLE hSession, mock_session->find_op.active_operation) return CKR_OPERATION_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pPart) @@ -1964,8 +1960,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_DigestUpdate) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_DigestKey) (CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE hKey) { +CK_DEFINE_FUNCTION(CK_RV, C_DigestKey) +(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; @@ -1973,8 +1970,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_DigestKey) (CK_SESSION_HANDLE hSession, mock_session->find_op.active_operation) return CKR_OPERATION_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (PKCS11_MOCK_CK_OBJECT_HANDLE_SECRET_KEY != hKey) @@ -1983,27 +1980,26 @@ CK_DEFINE_FUNCTION(CK_RV, C_DigestKey) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_DigestFinal) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pDigest, - CK_ULONG_PTR pulDigestLen) { - CK_BYTE hash[20] = - { 0x7B, 0x50, 0x2C, 0x3A, 0x1F, 0x48, 0xC8, 0x60, 0x9A, 0xE2, 0x12, - 0xCD, 0xFB, 0x63, 0x9D, 0xEE, 0x39, 0x67, 0x3F, 0x5E - }; +CK_DEFINE_FUNCTION(CK_RV, C_DigestFinal) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen) +{ + CK_BYTE hash[20] = { 0x7B, 0x50, 0x2C, 0x3A, 0x1F, 0x48, 0xC8, + 0x60, 0x9A, 0xE2, 0x12, 0xCD, 0xFB, 0x63, + 0x9D, 0xEE, 0x39, 0x67, 0x3F, 0x5E }; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; if ((PKCS11_MOCK_CK_OPERATION_DIGEST != - mock_session->find_op.active_operation) - && (PKCS11_MOCK_CK_OPERATION_DIGEST_ENCRYPT != - mock_session->find_op.active_operation) - && (PKCS11_MOCK_CK_OPERATION_DECRYPT_DIGEST != - mock_session->find_op.active_operation)) + mock_session->find_op.active_operation) && + (PKCS11_MOCK_CK_OPERATION_DIGEST_ENCRYPT != + mock_session->find_op.active_operation) && + (PKCS11_MOCK_CK_OPERATION_DECRYPT_DIGEST != + mock_session->find_op.active_operation)) return CKR_OPERATION_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pulDigestLen) @@ -2018,15 +2014,15 @@ CK_DEFINE_FUNCTION(CK_RV, C_DigestFinal) (CK_SESSION_HANDLE hSession, switch (mock_session->find_op.active_operation) { case PKCS11_MOCK_CK_OPERATION_DIGEST: mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_NONE; + PKCS11_MOCK_CK_OPERATION_NONE; break; case PKCS11_MOCK_CK_OPERATION_DIGEST_ENCRYPT: mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_ENCRYPT; + PKCS11_MOCK_CK_OPERATION_ENCRYPT; break; case PKCS11_MOCK_CK_OPERATION_DECRYPT_DIGEST: mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_DECRYPT; + PKCS11_MOCK_CK_OPERATION_DECRYPT; break; default: return CKR_FUNCTION_FAILED; @@ -2039,24 +2035,24 @@ CK_DEFINE_FUNCTION(CK_RV, C_DigestFinal) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_SignInit) (CK_SESSION_HANDLE hSession, - CK_MECHANISM_PTR pMechanism, - CK_OBJECT_HANDLE hKey) { +CK_DEFINE_FUNCTION(CK_RV, C_SignInit) +(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if ((PKCS11_MOCK_CK_OPERATION_NONE != - mock_session->find_op.active_operation) - && (PKCS11_MOCK_CK_OPERATION_ENCRYPT != - mock_session->find_op.active_operation)) + mock_session->find_op.active_operation) && + (PKCS11_MOCK_CK_OPERATION_ENCRYPT != + mock_session->find_op.active_operation)) return CKR_OPERATION_ACTIVE; - if (pkcs11_mock_flags & MOCK_FLAG_ALWAYS_AUTH - || pkcs11_mock_flags & MOCK_FLAG_SAFENET_ALWAYS_AUTH) { + if (pkcs11_mock_flags & MOCK_FLAG_ALWAYS_AUTH || + pkcs11_mock_flags & MOCK_FLAG_SAFENET_ALWAYS_AUTH) { mock_session->state = CKS_RO_PUBLIC_SESSION; pkcs11_mock_session_reauth = 0; } @@ -2064,10 +2060,10 @@ CK_DEFINE_FUNCTION(CK_RV, C_SignInit) (CK_SESSION_HANDLE hSession, if (NULL == pMechanism) return CKR_ARGUMENTS_BAD; - if ((CKM_RSA_PKCS == pMechanism->mechanism) - || (CKM_SHA1_RSA_PKCS == pMechanism->mechanism)) { - if ((NULL != pMechanism->pParameter) - || (0 != pMechanism->ulParameterLen)) + if ((CKM_RSA_PKCS == pMechanism->mechanism) || + (CKM_SHA1_RSA_PKCS == pMechanism->mechanism)) { + if ((NULL != pMechanism->pParameter) || + (0 != pMechanism->ulParameterLen)) return CKR_MECHANISM_PARAM_INVALID; if (PKCS11_MOCK_CK_OBJECT_HANDLE_PRIVATE_KEY != hKey) @@ -2079,20 +2075,20 @@ CK_DEFINE_FUNCTION(CK_RV, C_SignInit) (CK_SESSION_HANDLE hSession, if (PKCS11_MOCK_CK_OPERATION_NONE == mock_session->find_op.active_operation) mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_SIGN; + PKCS11_MOCK_CK_OPERATION_SIGN; else mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_SIGN_ENCRYPT; + PKCS11_MOCK_CK_OPERATION_SIGN_ENCRYPT; return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_Sign) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pData, CK_ULONG ulDataLen, - CK_BYTE_PTR pSignature, - CK_ULONG_PTR pulSignatureLen) { - CK_BYTE signature[10] = - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09 }; +CK_DEFINE_FUNCTION(CK_RV, C_Sign) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, + CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen) +{ + CK_BYTE signature[10] = { 0x00, 0x01, 0x02, 0x03, 0x04, + 0x05, 0x06, 0x07, 0x08, 0x09 }; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; @@ -2101,18 +2097,18 @@ CK_DEFINE_FUNCTION(CK_RV, C_Sign) (CK_SESSION_HANDLE hSession, mock_session->find_op.active_operation) return CKR_OPERATION_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; - if (pkcs11_mock_flags & MOCK_FLAG_ALWAYS_AUTH - || pkcs11_mock_flags & MOCK_FLAG_SAFENET_ALWAYS_AUTH) { + if (pkcs11_mock_flags & MOCK_FLAG_ALWAYS_AUTH || + pkcs11_mock_flags & MOCK_FLAG_SAFENET_ALWAYS_AUTH) { if (!pkcs11_mock_session_reauth) { return CKR_USER_NOT_LOGGED_IN; } - if ((pkcs11_mock_flags & MOCK_FLAG_ALWAYS_AUTH) - && pSignature != NULL) { + if ((pkcs11_mock_flags & MOCK_FLAG_ALWAYS_AUTH) && + pSignature != NULL) { pkcs11_mock_session_reauth = 0; } } @@ -2132,7 +2128,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_Sign) (CK_SESSION_HANDLE hSession, } else { memcpy(pSignature, signature, sizeof(signature)); mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_NONE; + PKCS11_MOCK_CK_OPERATION_NONE; } } @@ -2141,9 +2137,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_Sign) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_SignUpdate) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pPart, - CK_ULONG ulPartLen) { +CK_DEFINE_FUNCTION(CK_RV, C_SignUpdate) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; @@ -2151,8 +2147,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_SignUpdate) (CK_SESSION_HANDLE hSession, mock_session->find_op.active_operation) return CKR_OPERATION_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pPart) @@ -2164,23 +2160,24 @@ CK_DEFINE_FUNCTION(CK_RV, C_SignUpdate) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_SignFinal) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pSignature, - CK_ULONG_PTR pulSignatureLen) { - CK_BYTE signature[10] = - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09 }; +CK_DEFINE_FUNCTION(CK_RV, C_SignFinal) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, + CK_ULONG_PTR pulSignatureLen) +{ + CK_BYTE signature[10] = { 0x00, 0x01, 0x02, 0x03, 0x04, + 0x05, 0x06, 0x07, 0x08, 0x09 }; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; if ((PKCS11_MOCK_CK_OPERATION_SIGN != - mock_session->find_op.active_operation) - && (PKCS11_MOCK_CK_OPERATION_SIGN_ENCRYPT != - mock_session->find_op.active_operation)) + mock_session->find_op.active_operation) && + (PKCS11_MOCK_CK_OPERATION_SIGN_ENCRYPT != + mock_session->find_op.active_operation)) return CKR_OPERATION_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pulSignatureLen) @@ -2195,10 +2192,10 @@ CK_DEFINE_FUNCTION(CK_RV, C_SignFinal) (CK_SESSION_HANDLE hSession, if (PKCS11_MOCK_CK_OPERATION_SIGN == mock_session->find_op.active_operation) mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_NONE; + PKCS11_MOCK_CK_OPERATION_NONE; else mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_ENCRYPT; + PKCS11_MOCK_CK_OPERATION_ENCRYPT; } } @@ -2207,14 +2204,14 @@ CK_DEFINE_FUNCTION(CK_RV, C_SignFinal) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_SignRecoverInit) (CK_SESSION_HANDLE hSession, - CK_MECHANISM_PTR pMechanism, - CK_OBJECT_HANDLE hKey) { +CK_DEFINE_FUNCTION(CK_RV, C_SignRecoverInit) +(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (PKCS11_MOCK_CK_OPERATION_NONE != @@ -2225,8 +2222,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_SignRecoverInit) (CK_SESSION_HANDLE hSession, return CKR_ARGUMENTS_BAD; if (CKM_RSA_PKCS == pMechanism->mechanism) { - if ((NULL != pMechanism->pParameter) - || (0 != pMechanism->ulParameterLen)) + if ((NULL != pMechanism->pParameter) || + (0 != pMechanism->ulParameterLen)) return CKR_MECHANISM_PARAM_INVALID; if (PKCS11_MOCK_CK_OBJECT_HANDLE_PRIVATE_KEY != hKey) @@ -2236,15 +2233,15 @@ CK_DEFINE_FUNCTION(CK_RV, C_SignRecoverInit) (CK_SESSION_HANDLE hSession, } mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_SIGN_RECOVER; + PKCS11_MOCK_CK_OPERATION_SIGN_RECOVER; return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_SignRecover) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pData, CK_ULONG ulDataLen, - CK_BYTE_PTR pSignature, - CK_ULONG_PTR pulSignatureLen) { +CK_DEFINE_FUNCTION(CK_RV, C_SignRecover) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, + CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen) +{ CK_ULONG i = 0; if (CK_FALSE == pkcs11_mock_initialized) @@ -2254,8 +2251,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_SignRecover) (CK_SESSION_HANDLE hSession, mock_session->find_op.active_operation) return CKR_OPERATION_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pData) @@ -2275,7 +2272,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_SignRecover) (CK_SESSION_HANDLE hSession, pSignature[i] = pData[i] ^ 0xAB; mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_NONE; + PKCS11_MOCK_CK_OPERATION_NONE; } } @@ -2284,29 +2281,29 @@ CK_DEFINE_FUNCTION(CK_RV, C_SignRecover) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_VerifyInit) (CK_SESSION_HANDLE hSession, - CK_MECHANISM_PTR pMechanism, - CK_OBJECT_HANDLE hKey) { +CK_DEFINE_FUNCTION(CK_RV, C_VerifyInit) +(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if ((PKCS11_MOCK_CK_OPERATION_NONE != - mock_session->find_op.active_operation) - && (PKCS11_MOCK_CK_OPERATION_DECRYPT != - mock_session->find_op.active_operation)) + mock_session->find_op.active_operation) && + (PKCS11_MOCK_CK_OPERATION_DECRYPT != + mock_session->find_op.active_operation)) return CKR_OPERATION_ACTIVE; if (NULL == pMechanism) return CKR_ARGUMENTS_BAD; - if ((CKM_RSA_PKCS == pMechanism->mechanism) - || (CKM_SHA1_RSA_PKCS == pMechanism->mechanism)) { - if ((NULL != pMechanism->pParameter) - || (0 != pMechanism->ulParameterLen)) + if ((CKM_RSA_PKCS == pMechanism->mechanism) || + (CKM_SHA1_RSA_PKCS == pMechanism->mechanism)) { + if ((NULL != pMechanism->pParameter) || + (0 != pMechanism->ulParameterLen)) return CKR_MECHANISM_PARAM_INVALID; if (PKCS11_MOCK_CK_OBJECT_HANDLE_PUBLIC_KEY != hKey) @@ -2318,20 +2315,20 @@ CK_DEFINE_FUNCTION(CK_RV, C_VerifyInit) (CK_SESSION_HANDLE hSession, if (PKCS11_MOCK_CK_OPERATION_NONE == mock_session->find_op.active_operation) mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_VERIFY; + PKCS11_MOCK_CK_OPERATION_VERIFY; else mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_DECRYPT_VERIFY; + PKCS11_MOCK_CK_OPERATION_DECRYPT_VERIFY; return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_Verify) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pData, CK_ULONG ulDataLen, - CK_BYTE_PTR pSignature, - CK_ULONG ulSignatureLen) { - CK_BYTE signature[10] = - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09 }; +CK_DEFINE_FUNCTION(CK_RV, C_Verify) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, + CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen) +{ + CK_BYTE signature[10] = { 0x00, 0x01, 0x02, 0x03, 0x04, + 0x05, 0x06, 0x07, 0x08, 0x09 }; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; @@ -2340,8 +2337,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_Verify) (CK_SESSION_HANDLE hSession, mock_session->find_op.active_operation) return CKR_OPERATION_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pData) @@ -2367,9 +2364,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_Verify) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_VerifyUpdate) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pPart, - CK_ULONG ulPartLen) { +CK_DEFINE_FUNCTION(CK_RV, C_VerifyUpdate) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; @@ -2377,8 +2374,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_VerifyUpdate) (CK_SESSION_HANDLE hSession, mock_session->find_op.active_operation) return CKR_OPERATION_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pPart) @@ -2390,23 +2387,23 @@ CK_DEFINE_FUNCTION(CK_RV, C_VerifyUpdate) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_VerifyFinal) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pSignature, - CK_ULONG ulSignatureLen) { - CK_BYTE signature[10] = - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09 }; +CK_DEFINE_FUNCTION(CK_RV, C_VerifyFinal) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen) +{ + CK_BYTE signature[10] = { 0x00, 0x01, 0x02, 0x03, 0x04, + 0x05, 0x06, 0x07, 0x08, 0x09 }; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; if ((PKCS11_MOCK_CK_OPERATION_VERIFY != - mock_session->find_op.active_operation) - && (PKCS11_MOCK_CK_OPERATION_DECRYPT_VERIFY != - mock_session->find_op.active_operation)) + mock_session->find_op.active_operation) && + (PKCS11_MOCK_CK_OPERATION_DECRYPT_VERIFY != + mock_session->find_op.active_operation)) return CKR_OPERATION_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pSignature) @@ -2424,22 +2421,22 @@ CK_DEFINE_FUNCTION(CK_RV, C_VerifyFinal) (CK_SESSION_HANDLE hSession, if (PKCS11_MOCK_CK_OPERATION_VERIFY == mock_session->find_op.active_operation) mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_NONE; + PKCS11_MOCK_CK_OPERATION_NONE; else mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_DECRYPT; + PKCS11_MOCK_CK_OPERATION_DECRYPT; return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_VerifyRecoverInit) (CK_SESSION_HANDLE hSession, - CK_MECHANISM_PTR pMechanism, - CK_OBJECT_HANDLE hKey) { +CK_DEFINE_FUNCTION(CK_RV, C_VerifyRecoverInit) +(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (PKCS11_MOCK_CK_OPERATION_NONE != @@ -2450,8 +2447,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_VerifyRecoverInit) (CK_SESSION_HANDLE hSession, return CKR_ARGUMENTS_BAD; if (CKM_RSA_PKCS == pMechanism->mechanism) { - if ((NULL != pMechanism->pParameter) - || (0 != pMechanism->ulParameterLen)) + if ((NULL != pMechanism->pParameter) || + (0 != pMechanism->ulParameterLen)) return CKR_MECHANISM_PARAM_INVALID; if (PKCS11_MOCK_CK_OBJECT_HANDLE_PUBLIC_KEY != hKey) @@ -2461,16 +2458,15 @@ CK_DEFINE_FUNCTION(CK_RV, C_VerifyRecoverInit) (CK_SESSION_HANDLE hSession, } mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_VERIFY_RECOVER; + PKCS11_MOCK_CK_OPERATION_VERIFY_RECOVER; return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_VerifyRecover) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pSignature, - CK_ULONG ulSignatureLen, - CK_BYTE_PTR pData, - CK_ULONG_PTR pulDataLen) { +CK_DEFINE_FUNCTION(CK_RV, C_VerifyRecover) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen, + CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) +{ CK_ULONG i = 0; if (CK_FALSE == pkcs11_mock_initialized) @@ -2480,8 +2476,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_VerifyRecover) (CK_SESSION_HANDLE hSession, mock_session->find_op.active_operation) return CKR_OPERATION_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pSignature) @@ -2501,7 +2497,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_VerifyRecover) (CK_SESSION_HANDLE hSession, pData[i] = pSignature[i] ^ 0xAB; mock_session->find_op.active_operation = - PKCS11_MOCK_CK_OPERATION_NONE; + PKCS11_MOCK_CK_OPERATION_NONE; } } @@ -2510,12 +2506,10 @@ CK_DEFINE_FUNCTION(CK_RV, C_VerifyRecover) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_DigestEncryptUpdate) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pPart, - CK_ULONG ulPartLen, - CK_BYTE_PTR pEncryptedPart, - CK_ULONG_PTR - pulEncryptedPartLen) { +CK_DEFINE_FUNCTION(CK_RV, C_DigestEncryptUpdate) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen, + CK_BYTE_PTR pEncryptedPart, CK_ULONG_PTR pulEncryptedPartLen) +{ CK_ULONG i = 0; if (CK_FALSE == pkcs11_mock_initialized) @@ -2525,8 +2519,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_DigestEncryptUpdate) (CK_SESSION_HANDLE hSession, mock_session->find_op.active_operation) return CKR_OPERATION_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pPart) @@ -2552,18 +2546,17 @@ CK_DEFINE_FUNCTION(CK_RV, C_DigestEncryptUpdate) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_DecryptDigestUpdate) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pEncryptedPart, - CK_ULONG ulEncryptedPartLen, - CK_BYTE_PTR pPart, - CK_ULONG_PTR pulPartLen) { +CK_DEFINE_FUNCTION(CK_RV, C_DecryptDigestUpdate) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart, + CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) +{ CK_ULONG i = 0; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (PKCS11_MOCK_CK_OPERATION_DECRYPT_DIGEST != @@ -2593,19 +2586,17 @@ CK_DEFINE_FUNCTION(CK_RV, C_DecryptDigestUpdate) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_SignEncryptUpdate) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pPart, - CK_ULONG ulPartLen, - CK_BYTE_PTR pEncryptedPart, - CK_ULONG_PTR - pulEncryptedPartLen) { +CK_DEFINE_FUNCTION(CK_RV, C_SignEncryptUpdate) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen, + CK_BYTE_PTR pEncryptedPart, CK_ULONG_PTR pulEncryptedPartLen) +{ CK_ULONG i = 0; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (PKCS11_MOCK_CK_OPERATION_SIGN_ENCRYPT != @@ -2635,18 +2626,17 @@ CK_DEFINE_FUNCTION(CK_RV, C_SignEncryptUpdate) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_DecryptVerifyUpdate) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pEncryptedPart, - CK_ULONG ulEncryptedPartLen, - CK_BYTE_PTR pPart, - CK_ULONG_PTR pulPartLen) { +CK_DEFINE_FUNCTION(CK_RV, C_DecryptVerifyUpdate) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart, + CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) +{ CK_ULONG i = 0; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (PKCS11_MOCK_CK_OPERATION_DECRYPT_VERIFY != @@ -2676,18 +2666,17 @@ CK_DEFINE_FUNCTION(CK_RV, C_DecryptVerifyUpdate) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_GenerateKey) (CK_SESSION_HANDLE hSession, - CK_MECHANISM_PTR pMechanism, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulCount, - CK_OBJECT_HANDLE_PTR phKey) { +CK_DEFINE_FUNCTION(CK_RV, C_GenerateKey) +(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, + CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey) +{ CK_ULONG i = 0; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pMechanism) @@ -2696,8 +2685,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_GenerateKey) (CK_SESSION_HANDLE hSession, if (CKM_DES3_KEY_GEN != pMechanism->mechanism) return CKR_MECHANISM_INVALID; - if ((NULL != pMechanism->pParameter) - || (0 != pMechanism->ulParameterLen)) + if ((NULL != pMechanism->pParameter) || + (0 != pMechanism->ulParameterLen)) return CKR_MECHANISM_PARAM_INVALID; if (NULL == pTemplate) @@ -2722,26 +2711,19 @@ CK_DEFINE_FUNCTION(CK_RV, C_GenerateKey) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_GenerateKeyPair) (CK_SESSION_HANDLE hSession, - CK_MECHANISM_PTR pMechanism, - CK_ATTRIBUTE_PTR - pPublicKeyTemplate, - CK_ULONG - ulPublicKeyAttributeCount, - CK_ATTRIBUTE_PTR - pPrivateKeyTemplate, - CK_ULONG - ulPrivateKeyAttributeCount, - CK_OBJECT_HANDLE_PTR phPublicKey, - CK_OBJECT_HANDLE_PTR phPrivateKey) +CK_DEFINE_FUNCTION(CK_RV, C_GenerateKeyPair) +(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, + CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount, + CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount, + CK_OBJECT_HANDLE_PTR phPublicKey, CK_OBJECT_HANDLE_PTR phPrivateKey) { CK_ULONG i = 0; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pMechanism) @@ -2750,8 +2732,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_GenerateKeyPair) (CK_SESSION_HANDLE hSession, if (CKM_RSA_PKCS_KEY_PAIR_GEN != pMechanism->mechanism) return CKR_MECHANISM_INVALID; - if ((NULL != pMechanism->pParameter) - || (0 != pMechanism->ulParameterLen)) + if ((NULL != pMechanism->pParameter) || + (0 != pMechanism->ulParameterLen)) return CKR_MECHANISM_PARAM_INVALID; if (NULL == pPublicKeyTemplate) @@ -2794,20 +2776,19 @@ CK_DEFINE_FUNCTION(CK_RV, C_GenerateKeyPair) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_WrapKey) (CK_SESSION_HANDLE hSession, - CK_MECHANISM_PTR pMechanism, - CK_OBJECT_HANDLE hWrappingKey, - CK_OBJECT_HANDLE hKey, - CK_BYTE_PTR pWrappedKey, - CK_ULONG_PTR pulWrappedKeyLen) { - CK_BYTE wrappedKey[10] = - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09 }; +CK_DEFINE_FUNCTION(CK_RV, C_WrapKey) +(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey, + CK_ULONG_PTR pulWrappedKeyLen) +{ + CK_BYTE wrappedKey[10] = { 0x00, 0x01, 0x02, 0x03, 0x04, + 0x05, 0x06, 0x07, 0x08, 0x09 }; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pMechanism) @@ -2816,8 +2797,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_WrapKey) (CK_SESSION_HANDLE hSession, if (CKM_RSA_PKCS != pMechanism->mechanism) return CKR_MECHANISM_INVALID; - if ((NULL != pMechanism->pParameter) - || (0 != pMechanism->ulParameterLen)) + if ((NULL != pMechanism->pParameter) || + (0 != pMechanism->ulParameterLen)) return CKR_MECHANISM_PARAM_INVALID; if (PKCS11_MOCK_CK_OBJECT_HANDLE_PUBLIC_KEY != hWrappingKey) @@ -2838,21 +2819,19 @@ CK_DEFINE_FUNCTION(CK_RV, C_WrapKey) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_UnwrapKey) (CK_SESSION_HANDLE hSession, - CK_MECHANISM_PTR pMechanism, - CK_OBJECT_HANDLE hUnwrappingKey, - CK_BYTE_PTR pWrappedKey, - CK_ULONG ulWrappedKeyLen, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_OBJECT_HANDLE_PTR phKey) { +CK_DEFINE_FUNCTION(CK_RV, C_UnwrapKey) +(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hUnwrappingKey, CK_BYTE_PTR pWrappedKey, + CK_ULONG ulWrappedKeyLen, CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulAttributeCount, CK_OBJECT_HANDLE_PTR phKey) +{ CK_ULONG i = 0; if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pMechanism) @@ -2861,8 +2840,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_UnwrapKey) (CK_SESSION_HANDLE hSession, if (CKM_RSA_PKCS != pMechanism->mechanism) return CKR_MECHANISM_INVALID; - if ((NULL != pMechanism->pParameter) - || (0 != pMechanism->ulParameterLen)) + if ((NULL != pMechanism->pParameter) || + (0 != pMechanism->ulParameterLen)) return CKR_MECHANISM_PARAM_INVALID; if (PKCS11_MOCK_CK_OBJECT_HANDLE_PRIVATE_KEY != hUnwrappingKey) @@ -2896,23 +2875,22 @@ CK_DEFINE_FUNCTION(CK_RV, C_UnwrapKey) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_DeriveKey) (CK_SESSION_HANDLE hSession, - CK_MECHANISM_PTR pMechanism, - CK_OBJECT_HANDLE hBaseKey, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_OBJECT_HANDLE_PTR phKey) { +CK_DEFINE_FUNCTION(CK_RV, C_DeriveKey) +(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hBaseKey, CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulAttributeCount, CK_OBJECT_HANDLE_PTR phKey) +{ return CKR_GENERAL_ERROR; } -CK_DEFINE_FUNCTION(CK_RV, C_SeedRandom) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pSeed, - CK_ULONG ulSeedLen) { +CK_DEFINE_FUNCTION(CK_RV, C_SeedRandom) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == pSeed) @@ -2924,14 +2902,14 @@ CK_DEFINE_FUNCTION(CK_RV, C_SeedRandom) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_GenerateRandom) (CK_SESSION_HANDLE hSession, - CK_BYTE_PTR RandomData, - CK_ULONG ulRandomLen) { +CK_DEFINE_FUNCTION(CK_RV, C_GenerateRandom) +(CK_SESSION_HANDLE hSession, CK_BYTE_PTR RandomData, CK_ULONG ulRandomLen) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; if (NULL == RandomData) @@ -2945,31 +2923,33 @@ CK_DEFINE_FUNCTION(CK_RV, C_GenerateRandom) (CK_SESSION_HANDLE hSession, return CKR_OK; } -CK_DEFINE_FUNCTION(CK_RV, C_GetFunctionStatus) (CK_SESSION_HANDLE hSession) { +CK_DEFINE_FUNCTION(CK_RV, C_GetFunctionStatus)(CK_SESSION_HANDLE hSession) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; return CKR_FUNCTION_NOT_PARALLEL; } -CK_DEFINE_FUNCTION(CK_RV, C_CancelFunction) (CK_SESSION_HANDLE hSession) { +CK_DEFINE_FUNCTION(CK_RV, C_CancelFunction)(CK_SESSION_HANDLE hSession) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; - if ((CK_FALSE == pkcs11_mock_session_opened) - || (PKCS11_MOCK_CK_SESSION_ID != hSession)) + if ((CK_FALSE == pkcs11_mock_session_opened) || + (PKCS11_MOCK_CK_SESSION_ID != hSession)) return CKR_SESSION_HANDLE_INVALID; return CKR_FUNCTION_NOT_PARALLEL; } -CK_DEFINE_FUNCTION(CK_RV, C_WaitForSlotEvent) (CK_FLAGS flags, - CK_SLOT_ID_PTR pSlot, - CK_VOID_PTR pReserved) { +CK_DEFINE_FUNCTION(CK_RV, C_WaitForSlotEvent) +(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot, CK_VOID_PTR pReserved) +{ if (CK_FALSE == pkcs11_mock_initialized) return CKR_CRYPTOKI_NOT_INITIALIZED; diff --git a/tests/pkcs11/pkcs11-mock.h b/tests/pkcs11/pkcs11-mock.h index ef1d4ed91e..b83c77b674 100644 --- a/tests/pkcs11/pkcs11-mock.h +++ b/tests/pkcs11/pkcs11-mock.h @@ -28,14 +28,14 @@ #define CK_PTR * #define CK_DEFINE_FUNCTION(returnType, name) returnType name #define CK_DECLARE_FUNCTION(returnType, name) returnType name -#define CK_DECLARE_FUNCTION_POINTER(returnType, name) returnType (* name) -#define CK_CALLBACK_FUNCTION(returnType, name) returnType (* name) +#define CK_DECLARE_FUNCTION_POINTER(returnType, name) returnType(*name) +#define CK_CALLBACK_FUNCTION(returnType, name) returnType(*name) #include #include #ifndef NULL_PTR -# define NULL_PTR 0 +#define NULL_PTR 0 #endif #define IGNORE(P) (void)(P) diff --git a/tests/pkcs11/pkcs11-mock2.c b/tests/pkcs11/pkcs11-mock2.c index 0e9cab819f..8e62fb5c0f 100644 --- a/tests/pkcs11/pkcs11-mock2.c +++ b/tests/pkcs11/pkcs11-mock2.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -43,18 +43,18 @@ static CK_C_GetMechanismInfo base_C_GetMechanismInfo; static CK_FUNCTION_LIST override_funcs; #ifdef __sun -# pragma fini(mock_deinit) -# pragma init(mock_init) -# define _CONSTRUCTOR -# define _DESTRUCTOR +#pragma fini(mock_deinit) +#pragma init(mock_init) +#define _CONSTRUCTOR +#define _DESTRUCTOR #else -# define _CONSTRUCTOR __attribute__((constructor)) -# define _DESTRUCTOR __attribute__((destructor)) +#define _CONSTRUCTOR __attribute__((constructor)) +#define _DESTRUCTOR __attribute__((destructor)) #endif -static CK_RV -override_C_GetMechanismInfo(CK_SLOT_ID slot_id, - CK_MECHANISM_TYPE type, CK_MECHANISM_INFO * info) +static CK_RV override_C_GetMechanismInfo(CK_SLOT_ID slot_id, + CK_MECHANISM_TYPE type, + CK_MECHANISM_INFO *info) { if (type == CKM_RSA_PKCS_PSS) return CKR_MECHANISM_INVALID; @@ -62,7 +62,7 @@ override_C_GetMechanismInfo(CK_SLOT_ID slot_id, return base_C_GetMechanismInfo(slot_id, type, info); } -CK_RV C_GetFunctionList(CK_FUNCTION_LIST ** function_list) +CK_RV C_GetFunctionList(CK_FUNCTION_LIST **function_list) { CK_C_GetFunctionList func; CK_FUNCTION_LIST *funcs; diff --git a/tests/pkcs11/pkcs11-mock3.c b/tests/pkcs11/pkcs11-mock3.c index dffe300ee0..047a517a77 100644 --- a/tests/pkcs11/pkcs11-mock3.c +++ b/tests/pkcs11/pkcs11-mock3.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -44,13 +44,13 @@ static CK_C_GetAttributeValue base_C_GetAttributeValue; static CK_FUNCTION_LIST override_funcs; #ifdef __sun -# pragma fini(mock_deinit) -# pragma init(mock_init) -# define _CONSTRUCTOR -# define _DESTRUCTOR +#pragma fini(mock_deinit) +#pragma init(mock_init) +#define _CONSTRUCTOR +#define _DESTRUCTOR #else -# define _CONSTRUCTOR __attribute__((constructor)) -# define _DESTRUCTOR __attribute__((destructor)) +#define _CONSTRUCTOR __attribute__((constructor)) +#define _DESTRUCTOR __attribute__((destructor)) #endif /* Should be a date before the activation time of chain[0] in @@ -58,10 +58,10 @@ static CK_FUNCTION_LIST override_funcs; */ #define DISTRUST_AFTER "230314000000Z" -static CK_RV -override_C_GetAttributeValue(CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE hObject, - CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) +static CK_RV override_C_GetAttributeValue(CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hObject, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulCount) { CK_ATTRIBUTE *template; CK_ULONG count = 0, i, offset = ulCount; @@ -89,17 +89,17 @@ override_C_GetAttributeValue(CK_SESSION_HANDLE hSession, if (offset < ulCount) { if (!pTemplate[offset].pValue) { pTemplate[offset].ulValueLen = - sizeof(DISTRUST_AFTER) - 1; + sizeof(DISTRUST_AFTER) - 1; } else if (pTemplate[offset].ulValueLen < sizeof(DISTRUST_AFTER) - 1) { pTemplate[offset].ulValueLen = - CK_UNAVAILABLE_INFORMATION; + CK_UNAVAILABLE_INFORMATION; rv = CKR_BUFFER_TOO_SMALL; } else { memcpy(pTemplate[offset].pValue, DISTRUST_AFTER, sizeof(DISTRUST_AFTER) - 1); pTemplate[offset].ulValueLen = - sizeof(DISTRUST_AFTER) - 1; + sizeof(DISTRUST_AFTER) - 1; } } @@ -112,7 +112,7 @@ override_C_GetAttributeValue(CK_SESSION_HANDLE hSession, return rv; } -CK_RV C_GetFunctionList(CK_FUNCTION_LIST ** function_list) +CK_RV C_GetFunctionList(CK_FUNCTION_LIST **function_list) { CK_C_GetFunctionList func; CK_FUNCTION_LIST *funcs; diff --git a/tests/pkcs11/pkcs11-obj-import.c b/tests/pkcs11/pkcs11-obj-import.c index 07c1a30292..9004b27f95 100644 --- a/tests/pkcs11/pkcs11-obj-import.c +++ b/tests/pkcs11/pkcs11-obj-import.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -34,7 +34,7 @@ #include #define CONFIG_NAME "softhsm-obj-import" -#define CONFIG CONFIG_NAME".config" +#define CONFIG CONFIG_NAME ".config" #include "../utils.h" #include "softhsm.h" @@ -51,9 +51,9 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -93,8 +93,9 @@ void doit(void) set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); ret = gnutls_pkcs11_add_provider(lib, NULL); @@ -106,15 +107,15 @@ void doit(void) ret = gnutls_x509_crt_init(&crt); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_init: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crt_init: %s\n", + gnutls_strerror(ret)); exit(1); } ret = gnutls_x509_crt_import(crt, &server_cert, GNUTLS_X509_FMT_PEM); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_import: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crt_import: %s\n", + gnutls_strerror(ret)); exit(1); } @@ -132,17 +133,17 @@ void doit(void) exit(1); } - ret = - gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, - GNUTLS_PIN_USER); + ret = gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, + GNUTLS_PIN_USER); if (ret < 0) { fail("gnutls_pkcs11_token_set_pin: %s\n", gnutls_strerror(ret)); exit(1); } - ret = gnutls_pkcs11_copy_x509_crt(SOFTHSM_URL, crt, "cert", - GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE - | GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_pkcs11_copy_x509_crt( + SOFTHSM_URL, crt, "cert", + GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE | + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_crt: %s\n", gnutls_strerror(ret)); exit(1); @@ -159,8 +160,8 @@ void doit(void) exit(1); } - assert(gnutls_pkcs11_obj_export_url - (obj, GNUTLS_PKCS11_URL_GENERIC, &url) >= 0); + assert(gnutls_pkcs11_obj_export_url(obj, GNUTLS_PKCS11_URL_GENERIC, + &url) >= 0); assert(url != NULL); gnutls_free(url); @@ -186,76 +187,76 @@ void doit(void) /* The ID is constant and copied from the certificate */ buf_size = sizeof(buf); - assert(gnutls_pkcs11_obj_get_info - (obj, GNUTLS_PKCS11_OBJ_ID_HEX, buf, &buf_size) >= 0); + assert(gnutls_pkcs11_obj_get_info(obj, GNUTLS_PKCS11_OBJ_ID_HEX, buf, + &buf_size) >= 0); assert(buf_size == 60); - assert(memcmp - (buf, - "95:d1:ad:a4:52:e4:c5:61:12:a6:91:13:8d:80:dd:2d:81:22:3e:d4", - 60) == 0); + assert(memcmp(buf, + "95:d1:ad:a4:52:e4:c5:61:12:a6:91:13:8d:80:dd:2d:81:22:3e:d4", + 60) == 0); /* label */ buf_size = sizeof(buf); - assert(gnutls_pkcs11_obj_get_info - (obj, GNUTLS_PKCS11_OBJ_LABEL, buf, &buf_size) >= 0); + assert(gnutls_pkcs11_obj_get_info(obj, GNUTLS_PKCS11_OBJ_LABEL, buf, + &buf_size) >= 0); assert(buf_size == 4); assert(memcmp(buf, "cert", 4) == 0); /* token-label */ buf_size = sizeof(buf); - assert(gnutls_pkcs11_obj_get_info - (obj, GNUTLS_PKCS11_OBJ_TOKEN_LABEL, buf, &buf_size) >= 0); + assert(gnutls_pkcs11_obj_get_info(obj, GNUTLS_PKCS11_OBJ_TOKEN_LABEL, + buf, &buf_size) >= 0); assert(buf_size == 4); assert(memcmp(buf, "test", 4) == 0); /* token-serial */ buf_size = sizeof(buf); - assert(gnutls_pkcs11_obj_get_info - (obj, GNUTLS_PKCS11_OBJ_TOKEN_SERIAL, buf, &buf_size) >= 0); + assert(gnutls_pkcs11_obj_get_info(obj, GNUTLS_PKCS11_OBJ_TOKEN_SERIAL, + buf, &buf_size) >= 0); assert(buf_size != 0); assert(strlen(buf) != 0); /* token-model */ buf_size = sizeof(buf); - assert(gnutls_pkcs11_obj_get_info - (obj, GNUTLS_PKCS11_OBJ_TOKEN_MODEL, buf, &buf_size) >= 0); + assert(gnutls_pkcs11_obj_get_info(obj, GNUTLS_PKCS11_OBJ_TOKEN_MODEL, + buf, &buf_size) >= 0); assert(buf_size != 0); assert(strlen(buf) != 0); /* token-manufacturer */ buf_size = sizeof(buf); - assert(gnutls_pkcs11_obj_get_info - (obj, GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER, buf, - &buf_size) >= 0); + assert(gnutls_pkcs11_obj_get_info(obj, + GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER, + buf, &buf_size) >= 0); assert(buf_size != 0); assert(strlen(buf) != 0); /* token-ID */ buf_size = sizeof(buf); - assert(gnutls_pkcs11_obj_get_info - (obj, GNUTLS_PKCS11_OBJ_ID, buf, &buf_size) >= 0); + assert(gnutls_pkcs11_obj_get_info(obj, GNUTLS_PKCS11_OBJ_ID, buf, + &buf_size) >= 0); assert(buf_size != 0); /* library description */ buf_size = sizeof(buf); - assert(gnutls_pkcs11_obj_get_info - (obj, GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION, buf, - &buf_size) >= 0); + assert(gnutls_pkcs11_obj_get_info(obj, + GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION, + buf, &buf_size) >= 0); assert(buf_size != 0); assert(strlen(buf) != 0); /* library manufacturer */ buf_size = sizeof(buf); - assert(gnutls_pkcs11_obj_get_info - (obj, GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER, buf, - &buf_size) >= 0); + assert(gnutls_pkcs11_obj_get_info( + obj, GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER, buf, + &buf_size) >= 0); assert(buf_size != 0); assert(strlen(buf) != 0); /* library version */ buf_size = sizeof(buf); - assert(gnutls_pkcs11_obj_get_info - (obj, GNUTLS_PKCS11_OBJ_LIBRARY_VERSION, buf, &buf_size) >= 0); + assert(gnutls_pkcs11_obj_get_info(obj, + GNUTLS_PKCS11_OBJ_LIBRARY_VERSION, + buf, &buf_size) >= 0); assert(buf_size != 0); assert(strlen(buf) != 0); diff --git a/tests/pkcs11/pkcs11-obj-raw.c b/tests/pkcs11/pkcs11-obj-raw.c index 5080cdaedd..e4598c80f8 100644 --- a/tests/pkcs11/pkcs11-obj-raw.c +++ b/tests/pkcs11/pkcs11-obj-raw.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -34,7 +34,7 @@ #include #include #ifndef CRYPTOKI_GNU -# define CRYPTOKI_GNU +#define CRYPTOKI_GNU #endif #include @@ -44,23 +44,23 @@ #if defined(HAVE___REGISTER_ATFORK) -# ifdef _WIN32 -# define P11LIB "libpkcs11mock1.dll" -# else -# include -# define P11LIB "libpkcs11mock1.so" -# endif +#ifdef _WIN32 +#define P11LIB "libpkcs11mock1.dll" +#else +#include +#define P11LIB "libpkcs11mock1.so" +#endif static void tls_log_func(int level, const char *str) { fprintf(stderr, "|<%d>| %s", level, str); } -# define PIN "1234" +#define PIN "1234" -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -86,8 +86,8 @@ void doit(void) ck_rv_t rv; gnutls_datum_t data; - data.data = (void *) - "\x38\x17\x0c\x08\xcb\x45\x8f\xd4\x87\x9c\x34\xb6\xf6\x08\x29\x4c\x50\x31\x2b\xbb"; + data.data = + (void *)"\x38\x17\x0c\x08\xcb\x45\x8f\xd4\x87\x9c\x34\xb6\xf6\x08\x29\x4c\x50\x31\x2b\xbb"; data.size = 20; ret = global_init(); @@ -121,20 +121,19 @@ void doit(void) gnutls_pkcs11_obj_set_pin_function(obj, pin_func, NULL); /* unknown object */ - ret = - gnutls_pkcs11_obj_import_url(obj, - "pkcs11:token=unknown;object=invalid;type=private", - GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_pkcs11_obj_import_url( + obj, "pkcs11:token=unknown;object=invalid;type=private", + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); assert(ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE); - ret = - gnutls_pkcs11_obj_import_url(obj, "pkcs11:object=test;type=private", - GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_pkcs11_obj_import_url(obj, + "pkcs11:object=test;type=private", + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); assert(ret >= 0); ret = gnutls_pkcs11_obj_get_ptr(obj, (void **)&mod, (void *)&session, - (void *)&ohandle, - &slot_id, GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + (void *)&ohandle, &slot_id, + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); diff --git a/tests/pkcs11/pkcs11-pin-func.c b/tests/pkcs11/pkcs11-pin-func.c index 17081f0ae4..087e80afd2 100644 --- a/tests/pkcs11/pkcs11-pin-func.c +++ b/tests/pkcs11/pkcs11-pin-func.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -31,9 +31,9 @@ #include #include -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, "xxx"); diff --git a/tests/pkcs11/pkcs11-privkey-always-auth.c b/tests/pkcs11/pkcs11-privkey-always-auth.c index 5cbf46dcc0..5fcc2a69da 100644 --- a/tests/pkcs11/pkcs11-privkey-always-auth.c +++ b/tests/pkcs11/pkcs11-privkey-always-auth.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -45,8 +45,8 @@ void doit(void) #else -# include "utils.h" -# include "pkcs11-mock-ext.h" +#include "utils.h" +#include "pkcs11-mock-ext.h" /* Tests whether a gnutls_privkey_t will work properly with a key marked * as always authenticate */ @@ -54,17 +54,17 @@ void doit(void) static unsigned pin_called = 0; static const char *_pin = "1234"; -# include -# define P11LIB "libpkcs11mock1.so" +#include +#define P11LIB "libpkcs11mock1.so" static void tls_log_func(int level, const char *str) { fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (_pin == NULL) return -1; @@ -106,8 +106,8 @@ void doit(void) *pflags = MOCK_FLAG_ALWAYS_AUTH; } - data.data = (void *) - "\x38\x17\x0c\x08\xcb\x45\x8f\xd4\x87\x9c\x34\xb6\xf6\x08\x29\x4c\x50\x31\x2b\xbb"; + data.data = + (void *)"\x38\x17\x0c\x08\xcb\x45\x8f\xd4\x87\x9c\x34\xb6\xf6\x08\x29\x4c\x50\x31\x2b\xbb"; data.size = 20; ret = global_init(); @@ -137,9 +137,9 @@ void doit(void) gnutls_pkcs11_obj_set_pin_function(obj, pin_func, NULL); - ret = - gnutls_pkcs11_obj_import_url(obj, "pkcs11:object=test;type=private", - GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_pkcs11_obj_import_url(obj, + "pkcs11:object=test;type=private", + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); assert(ret >= 0); ret = gnutls_pkcs11_obj_get_flags(obj, &flags); @@ -155,9 +155,8 @@ void doit(void) gnutls_privkey_set_pin_function(key, pin_func, NULL); - ret = - gnutls_privkey_import_url(key, "pkcs11:object=test", - GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_privkey_import_url(key, "pkcs11:object=test", + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); diff --git a/tests/pkcs11/pkcs11-privkey-export.c b/tests/pkcs11/pkcs11-privkey-export.c index 7d7f6e88c3..4ae6e1ba05 100644 --- a/tests/pkcs11/pkcs11-privkey-export.c +++ b/tests/pkcs11/pkcs11-privkey-export.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -39,10 +39,10 @@ #define PIN "1234" #ifdef _WIN32 -# define P11LIB "libpkcs11mock1.dll" +#define P11LIB "libpkcs11mock1.dll" #else -# include -# define P11LIB "libpkcs11mock1.so" +#include +#define P11LIB "libpkcs11mock1.so" #endif static void tls_log_func(int level, const char *str) @@ -50,9 +50,9 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -103,9 +103,8 @@ void doit(void) gnutls_privkey_set_pin_function(key, pin_func, NULL); - ret = - gnutls_privkey_import_url(key, "pkcs11:object=test", - GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_privkey_import_url(key, "pkcs11:object=test", + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); @@ -130,8 +129,8 @@ void doit(void) ret = gnutls_pubkey_init(&pub); assert(ret >= 0); - ret = - gnutls_pubkey_import_url(pub, "pkcs11:object=test;type=public", 0); + ret = gnutls_pubkey_import_url(pub, "pkcs11:object=test;type=public", + 0); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); diff --git a/tests/pkcs11/pkcs11-privkey-fork-reinit.c b/tests/pkcs11/pkcs11-privkey-fork-reinit.c index 634d9652bd..152a498502 100644 --- a/tests/pkcs11/pkcs11-privkey-fork-reinit.c +++ b/tests/pkcs11/pkcs11-privkey-fork-reinit.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -42,22 +42,22 @@ #if defined(HAVE___REGISTER_ATFORK) -# define PIN "1234" -# ifdef _WIN32 -# define P11LIB "libpkcs11mock1.dll" -# else -# include -# define P11LIB "libpkcs11mock1.so" -# endif +#define PIN "1234" +#ifdef _WIN32 +#define P11LIB "libpkcs11mock1.dll" +#else +#include +#define P11LIB "libpkcs11mock1.so" +#endif static void tls_log_func(int level, const char *str) { fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -74,8 +74,8 @@ void doit(void) gnutls_datum_t sig = { NULL, 0 }, data; pid_t pid; - data.data = (void *) - "\x38\x17\x0c\x08\xcb\x45\x8f\xd4\x87\x9c\x34\xb6\xf6\x08\x29\x4c\x50\x31\x2b\xbb"; + data.data = + (void *)"\x38\x17\x0c\x08\xcb\x45\x8f\xd4\x87\x9c\x34\xb6\xf6\x08\x29\x4c\x50\x31\x2b\xbb"; data.size = 20; ret = global_init(); @@ -109,9 +109,8 @@ void doit(void) gnutls_privkey_set_pin_function(key, pin_func, NULL); - ret = - gnutls_privkey_import_url(key, "pkcs11:object=test", - GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_privkey_import_url(key, "pkcs11:object=test", + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); @@ -135,14 +134,13 @@ void doit(void) WEXITSTATUS(status)); exit(1); } - } else { /* child */ + } else { /* child */ ret = gnutls_pkcs11_reinit(); assert(ret == 0); - ret = - gnutls_privkey_sign_hash(key, GNUTLS_DIG_SHA1, 0, &data, - &sig); + ret = gnutls_privkey_sign_hash(key, GNUTLS_DIG_SHA1, 0, &data, + &sig); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); diff --git a/tests/pkcs11/pkcs11-privkey-fork.c b/tests/pkcs11/pkcs11-privkey-fork.c index 65f2c9bfe9..1d053baab2 100644 --- a/tests/pkcs11/pkcs11-privkey-fork.c +++ b/tests/pkcs11/pkcs11-privkey-fork.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -42,22 +42,22 @@ #if defined(HAVE___REGISTER_ATFORK) -# define PIN "1234" -# ifdef _WIN32 -# define P11LIB "libpkcs11mock1.dll" -# else -# include -# define P11LIB "libpkcs11mock1.so" -# endif +#define PIN "1234" +#ifdef _WIN32 +#define P11LIB "libpkcs11mock1.dll" +#else +#include +#define P11LIB "libpkcs11mock1.so" +#endif static void tls_log_func(int level, const char *str) { fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -74,8 +74,8 @@ void doit(void) gnutls_datum_t sig = { NULL, 0 }, data; pid_t pid; - data.data = (void *) - "\x38\x17\x0c\x08\xcb\x45\x8f\xd4\x87\x9c\x34\xb6\xf6\x08\x29\x4c\x50\x31\x2b\xbb"; + data.data = + (void *)"\x38\x17\x0c\x08\xcb\x45\x8f\xd4\x87\x9c\x34\xb6\xf6\x08\x29\x4c\x50\x31\x2b\xbb"; data.size = 20; ret = global_init(); @@ -109,9 +109,8 @@ void doit(void) gnutls_privkey_set_pin_function(key, pin_func, NULL); - ret = - gnutls_privkey_import_url(key, "pkcs11:object=test", - GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_privkey_import_url(key, "pkcs11:object=test", + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); @@ -135,10 +134,9 @@ void doit(void) WEXITSTATUS(status)); exit(1); } - } else { /* child */ - ret = - gnutls_privkey_sign_hash(key, GNUTLS_DIG_SHA1, 0, &data, - &sig); + } else { /* child */ + ret = gnutls_privkey_sign_hash(key, GNUTLS_DIG_SHA1, 0, &data, + &sig); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); diff --git a/tests/pkcs11/pkcs11-privkey-generate.c b/tests/pkcs11/pkcs11-privkey-generate.c index b7106dbc66..2a58bc9df9 100644 --- a/tests/pkcs11/pkcs11-privkey-generate.c +++ b/tests/pkcs11/pkcs11-privkey-generate.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -45,13 +45,13 @@ void doit(void) #else -# include "../utils.h" -# include "softhsm.h" -# include +#include "../utils.h" +#include "softhsm.h" +#include -# define CONFIG_NAME "softhsm-generate" -# define CONFIG CONFIG_NAME".config" -# define PIN "1234" +#define CONFIG_NAME "softhsm-generate" +#define CONFIG CONFIG_NAME ".config" +#define PIN "1234" /* Tests whether a gnutls_privkey_generate3 will work generate a key * which is marked as sensitive. */ @@ -64,9 +64,9 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (_pin == NULL) return -1; @@ -104,8 +104,9 @@ void doit(void) set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); ret = gnutls_pkcs11_init(GNUTLS_PKCS11_FLAG_MANUAL, NULL); @@ -123,11 +124,10 @@ void doit(void) gnutls_pkcs11_set_pin_function(pin_func, NULL); /* generate sensitive */ - ret = - gnutls_pkcs11_privkey_generate3("pkcs11:token=test", GNUTLS_PK_RSA, - 2048, "testkey", NULL, - GNUTLS_X509_FMT_DER, &out, 0, - GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_pkcs11_privkey_generate3("pkcs11:token=test", + GNUTLS_PK_RSA, 2048, "testkey", + NULL, GNUTLS_X509_FMT_DER, &out, + 0, GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); @@ -137,9 +137,9 @@ void doit(void) assert(out.size > 0); gnutls_pkcs11_obj_set_pin_function(obj, pin_func, NULL); - assert(gnutls_pkcs11_obj_import_url - (obj, "pkcs11:token=test;object=testkey;type=private", - GNUTLS_PKCS11_OBJ_FLAG_LOGIN) >= 0); + assert(gnutls_pkcs11_obj_import_url( + obj, "pkcs11:token=test;object=testkey;type=private", + GNUTLS_PKCS11_OBJ_FLAG_LOGIN) >= 0); assert(gnutls_pkcs11_obj_get_flags(obj, &flags) >= 0); @@ -150,12 +150,11 @@ void doit(void) gnutls_pkcs11_obj_deinit(obj); /* generate non-sensitive */ - ret = - gnutls_pkcs11_privkey_generate3("pkcs11:token=test", GNUTLS_PK_RSA, - 2048, "testkey2", NULL, - GNUTLS_X509_FMT_DER, &out, 0, - GNUTLS_PKCS11_OBJ_FLAG_LOGIN | - GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE); + ret = gnutls_pkcs11_privkey_generate3( + "pkcs11:token=test", GNUTLS_PK_RSA, 2048, "testkey2", NULL, + GNUTLS_X509_FMT_DER, &out, 0, + GNUTLS_PKCS11_OBJ_FLAG_LOGIN | + GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); @@ -165,9 +164,9 @@ void doit(void) assert(out.size > 0); gnutls_pkcs11_obj_set_pin_function(obj, pin_func, NULL); - assert(gnutls_pkcs11_obj_import_url - (obj, "pkcs11:token=test;object=testkey2;type=private", - GNUTLS_PKCS11_OBJ_FLAG_LOGIN) >= 0); + assert(gnutls_pkcs11_obj_import_url( + obj, "pkcs11:token=test;object=testkey2;type=private", + GNUTLS_PKCS11_OBJ_FLAG_LOGIN) >= 0); assert(gnutls_pkcs11_obj_get_flags(obj, &flags) >= 0); diff --git a/tests/pkcs11/pkcs11-privkey-pthread.c b/tests/pkcs11/pkcs11-privkey-pthread.c index ebe6bef7a6..5e464c9519 100644 --- a/tests/pkcs11/pkcs11-privkey-pthread.c +++ b/tests/pkcs11/pkcs11-privkey-pthread.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,11 +35,11 @@ #include #include #ifndef _WIN32 -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include #endif #include "utils.h" @@ -52,20 +52,20 @@ void doit(void) #else -# ifdef _WIN32 -# define P11LIB "libpkcs11mock1.dll" -# else -# include -# define P11LIB "libpkcs11mock1.so" -# endif +#ifdef _WIN32 +#define P11LIB "libpkcs11mock1.dll" +#else +#include +#define P11LIB "libpkcs11mock1.so" +#endif /* Tests whether we can use gnutls_privkey_sign() under multiple threads * with the same key when PKCS#11 is in use. */ -# include "../cert-common.h" +#include "../cert-common.h" -# define PIN "1234" +#define PIN "1234" static const gnutls_datum_t testdata = { (void *)"test test", 9 }; @@ -74,9 +74,9 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -96,9 +96,8 @@ static void *start_thread(void *arg) int ret; gnutls_datum_t sig; - ret = - gnutls_privkey_sign_data(data->pkey, GNUTLS_DIG_SHA256, 0, - &testdata, &sig); + ret = gnutls_privkey_sign_data(data->pkey, GNUTLS_DIG_SHA256, 0, + &testdata, &sig); if (ret < 0) pthread_exit((void *)-2); @@ -107,10 +106,9 @@ static void *start_thread(void *arg) pthread_exit(0); } -# define MAX_THREADS 48 +#define MAX_THREADS 48 -static -void do_thread_stuff(gnutls_privkey_t pkey) +static void do_thread_stuff(gnutls_privkey_t pkey) { int ret; thread_data_st *data; @@ -136,7 +134,6 @@ void do_thread_stuff(gnutls_privkey_t pkey) } } free(data); - } void doit(void) @@ -171,9 +168,8 @@ void doit(void) assert(gnutls_privkey_init(&pkey) == 0); - ret = - gnutls_privkey_import_url(pkey, "pkcs11:object=test", - GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_privkey_import_url(pkey, "pkcs11:object=test", + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fprintf(stderr, "error in %d: %s\n", __LINE__, gnutls_strerror(ret)); @@ -192,7 +188,7 @@ void doit(void) do_thread_stuff(pkey); - cleanup: +cleanup: gnutls_privkey_deinit(pkey); } diff --git a/tests/pkcs11/pkcs11-privkey-safenet-always-auth.c b/tests/pkcs11/pkcs11-privkey-safenet-always-auth.c index 79f41ffec5..4755098418 100644 --- a/tests/pkcs11/pkcs11-privkey-safenet-always-auth.c +++ b/tests/pkcs11/pkcs11-privkey-safenet-always-auth.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -45,8 +45,8 @@ void doit(void) #else -# include "utils.h" -# include "pkcs11-mock-ext.h" +#include "utils.h" +#include "pkcs11-mock-ext.h" /* Tests whether a gnutls_privkey_t will work properly with a key marked * as always authenticate, but on the safenet HSMs where CKA_ALWAYS_AUTHENTICATE @@ -55,17 +55,17 @@ void doit(void) static unsigned pin_called = 0; static const char *_pin = "1234"; -# include -# define P11LIB "libpkcs11mock1.so" +#include +#define P11LIB "libpkcs11mock1.so" static void tls_log_func(int level, const char *str) { fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (_pin == NULL) return -1; @@ -105,8 +105,8 @@ void doit(void) *pflags = MOCK_FLAG_SAFENET_ALWAYS_AUTH; } - data.data = (void *) - "\x38\x17\x0c\x08\xcb\x45\x8f\xd4\x87\x9c\x34\xb6\xf6\x08\x29\x4c\x50\x31\x2b\xbb"; + data.data = + (void *)"\x38\x17\x0c\x08\xcb\x45\x8f\xd4\x87\x9c\x34\xb6\xf6\x08\x29\x4c\x50\x31\x2b\xbb"; data.size = 20; ret = global_init(); @@ -136,9 +136,8 @@ void doit(void) gnutls_privkey_set_pin_function(key, pin_func, NULL); - ret = - gnutls_privkey_import_url(key, "pkcs11:object=test", - GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_privkey_import_url(key, "pkcs11:object=test", + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); diff --git a/tests/pkcs11/pkcs11-privkey.c b/tests/pkcs11/pkcs11-privkey.c index c1b5f2fe8b..952fce9149 100644 --- a/tests/pkcs11/pkcs11-privkey.c +++ b/tests/pkcs11/pkcs11-privkey.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -39,55 +39,52 @@ * the provided password as PIN when PKCS #11 keys are imported */ #define CONFIG_NAME "softhsm-privkey" -#define CONFIG CONFIG_NAME".config" +#define CONFIG CONFIG_NAME ".config" static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICdDCCAd2gAwIBAgIBAzANBgkqhkiG9w0BAQsFADAaMQswCQYDVQQDEwJDQTEL\n" - "MAkGA1UEBhMCQ1owIhgPMjAxMzExMTAwODI1MjdaGA8yMDIwMTIxMzA4MjUyN1ow\n" - "HjEPMA0GA1UEAxMGQ2xpZW50MQswCQYDVQQGEwJDWjCBnzANBgkqhkiG9w0BAQEF\n" - "AAOBjQAwgYkCgYEAvQRIzvKyhr3tqmB4Pe+91DWSFayaNtcrDIT597bhxugVYW8o\n" - "jB206kx5aknAMA3PQGYcGqkLrt+nsJcmOIXDZsC6P4zeOSsF1PPhDAoX3bkUr2lF\n" - "MEt374eKdg1yvyhRxt4DOR6aD4gkC7fVtaYdgV6yXpJGMHV05LBIgQ7QtykCAwEA\n" - "AaOBwTCBvjAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMCMBgGA1Ud\n" - "EQQRMA+BDW5vbmVAbm9uZS5vcmcwDwYDVR0PAQH/BAUDAweAADAdBgNVHQ4EFgQU\n" - "Dbinh11GaaJcTyOpmxPYuttsiGowHwYDVR0jBBgwFoAUEg7aURJAVq70HG3MobA9\n" - "KGF+MwEwLgYDVR0fBCcwJTAjoCGgH4YdaHR0cDovL3d3dy5nZXRjcmwuY3JsL2dl\n" - "dGNybC8wDQYJKoZIhvcNAQELBQADgYEAN/Henso+5zzuFQWTpJXlUsWtRQAFhRY3\n" - "WVt3xtnyPs4pF/LKBp3Ov0GLGBkz5YlyJGFNESSyUviMsH7g7rJM8i7Bph6BQTE9\n" - "XdqbZPc0opfms4EHjmlXj5HQ0f0yoxHnLk43CR+vmbn0JPuurnEKAwjznAJR8GxI\n" - "R2MRyMxdGqs=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICdDCCAd2gAwIBAgIBAzANBgkqhkiG9w0BAQsFADAaMQswCQYDVQQDEwJDQTEL\n" + "MAkGA1UEBhMCQ1owIhgPMjAxMzExMTAwODI1MjdaGA8yMDIwMTIxMzA4MjUyN1ow\n" + "HjEPMA0GA1UEAxMGQ2xpZW50MQswCQYDVQQGEwJDWjCBnzANBgkqhkiG9w0BAQEF\n" + "AAOBjQAwgYkCgYEAvQRIzvKyhr3tqmB4Pe+91DWSFayaNtcrDIT597bhxugVYW8o\n" + "jB206kx5aknAMA3PQGYcGqkLrt+nsJcmOIXDZsC6P4zeOSsF1PPhDAoX3bkUr2lF\n" + "MEt374eKdg1yvyhRxt4DOR6aD4gkC7fVtaYdgV6yXpJGMHV05LBIgQ7QtykCAwEA\n" + "AaOBwTCBvjAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMCMBgGA1Ud\n" + "EQQRMA+BDW5vbmVAbm9uZS5vcmcwDwYDVR0PAQH/BAUDAweAADAdBgNVHQ4EFgQU\n" + "Dbinh11GaaJcTyOpmxPYuttsiGowHwYDVR0jBBgwFoAUEg7aURJAVq70HG3MobA9\n" + "KGF+MwEwLgYDVR0fBCcwJTAjoCGgH4YdaHR0cDovL3d3dy5nZXRjcmwuY3JsL2dl\n" + "dGNybC8wDQYJKoZIhvcNAQELBQADgYEAN/Henso+5zzuFQWTpJXlUsWtRQAFhRY3\n" + "WVt3xtnyPs4pF/LKBp3Ov0GLGBkz5YlyJGFNESSyUviMsH7g7rJM8i7Bph6BQTE9\n" + "XdqbZPc0opfms4EHjmlXj5HQ0f0yoxHnLk43CR+vmbn0JPuurnEKAwjznAJR8GxI\n" + "R2MRyMxdGqs=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXQIBAAKBgQC9BEjO8rKGve2qYHg9773UNZIVrJo21ysMhPn3tuHG6BVhbyiM\n" - "HbTqTHlqScAwDc9AZhwaqQuu36ewlyY4hcNmwLo/jN45KwXU8+EMChfduRSvaUUw\n" - "S3fvh4p2DXK/KFHG3gM5HpoPiCQLt9W1ph2BXrJekkYwdXTksEiBDtC3KQIDAQAB\n" - "AoGBAKXrseIAB5jh9lPeNQ7heXhjwiXGiuTjAkYOIMNDRXPuXH5YLna4yQv3L4mO\n" - "zecg6DI2sCrzA29xoukP9ZweR4RUK2cS4/QggH9UgWP0QUpvj4nogyRkh7UrWyVV\n" - "xbboHcmgqWgNLR8GrEZqlpOWFiT+f+QAx783/khvP5QLNp6BAkEA3YvvqfPpepdv\n" - "UC/Uk/8LbVK0LGTSu2ynyl1fMbos9lkJNFdfPM31K6DHeqziIGSoWCSjAsN/e8V7\n" - "MU7egWtI+QJBANppSlO+PTYHWKeOWE7NkM1yVHxAiav9Oott0JywAH8RarfyTuCB\n" - "iyMJP8Rv920GsciDY4dyx0MBJF0tiH+5G7ECQQDQbU5UPbxyMPXwIo+DjHZbq2sG\n" - "OPRoj5hrsdxVFCoouSsHqwtWUQ1Otjv1FaDHiOs3wX/6oaHV97wmb2S1rRFBAkAq\n" - "prELFXVinaCkZ9m62c3TMOZqtTetTHAoVjOMxZnzNnV+omTg1qtTFjVLqQnKUqpZ\n" - "G79N7g4XeZueTov/VSihAkAwGeDXvQ8NlrBlZACCKp1sUqaJptuJ438Qwztbl3Pq\n" - "E6/8TD5yXtrLt9S2LNAFw1i7LVksUB8IbQNTuuwV7LYI\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXQIBAAKBgQC9BEjO8rKGve2qYHg9773UNZIVrJo21ysMhPn3tuHG6BVhbyiM\n" + "HbTqTHlqScAwDc9AZhwaqQuu36ewlyY4hcNmwLo/jN45KwXU8+EMChfduRSvaUUw\n" + "S3fvh4p2DXK/KFHG3gM5HpoPiCQLt9W1ph2BXrJekkYwdXTksEiBDtC3KQIDAQAB\n" + "AoGBAKXrseIAB5jh9lPeNQ7heXhjwiXGiuTjAkYOIMNDRXPuXH5YLna4yQv3L4mO\n" + "zecg6DI2sCrzA29xoukP9ZweR4RUK2cS4/QggH9UgWP0QUpvj4nogyRkh7UrWyVV\n" + "xbboHcmgqWgNLR8GrEZqlpOWFiT+f+QAx783/khvP5QLNp6BAkEA3YvvqfPpepdv\n" + "UC/Uk/8LbVK0LGTSu2ynyl1fMbos9lkJNFdfPM31K6DHeqziIGSoWCSjAsN/e8V7\n" + "MU7egWtI+QJBANppSlO+PTYHWKeOWE7NkM1yVHxAiav9Oott0JywAH8RarfyTuCB\n" + "iyMJP8Rv920GsciDY4dyx0MBJF0tiH+5G7ECQQDQbU5UPbxyMPXwIo+DjHZbq2sG\n" + "OPRoj5hrsdxVFCoouSsHqwtWUQ1Otjv1FaDHiOs3wX/6oaHV97wmb2S1rRFBAkAq\n" + "prELFXVinaCkZ9m62c3TMOZqtTetTHAoVjOMxZnzNnV+omTg1qtTFjVLqQnKUqpZ\n" + "G79N7g4XeZueTov/VSihAkAwGeDXvQ8NlrBlZACCKp1sUqaJptuJ438Qwztbl3Pq\n" + "E6/8TD5yXtrLt9S2LNAFw1i7LVksUB8IbQNTuuwV7LYI\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; /* GnuTLS internally calls time() to find out the current time when verifying certificates. To avoid a time bomb, we hard code the current time. This should work fine on systems where the library call to time is resolved at run-time. */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1412850586; @@ -104,9 +101,9 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -129,7 +126,7 @@ void doit(void) if (gnutls_fips140_mode_enabled()) exit(77); - /* The overloading of time() seems to work in linux (ELF?) + /* The overloading of time() seems to work in linux (ELF?) * systems only. Disable it on windows. */ #ifdef _WIN32 @@ -153,8 +150,9 @@ void doit(void) set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); ret = gnutls_pkcs11_add_provider(lib, "trusted"); @@ -166,15 +164,15 @@ void doit(void) ret = gnutls_x509_crt_init(&crt); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_init: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crt_init: %s\n", + gnutls_strerror(ret)); exit(1); } ret = gnutls_x509_crt_import(crt, &server_cert, GNUTLS_X509_FMT_PEM); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_import: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crt_import: %s\n", + gnutls_strerror(ret)); exit(1); } @@ -187,15 +185,14 @@ void doit(void) ret = gnutls_x509_privkey_init(&key); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_privkey_init: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_privkey_init: %s\n", + gnutls_strerror(ret)); exit(1); } ret = gnutls_x509_privkey_import(key, &server_key, GNUTLS_X509_FMT_PEM); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_privkey_import: %s\n", + fprintf(stderr, "gnutls_x509_privkey_import: %s\n", gnutls_strerror(ret)); exit(1); } @@ -207,9 +204,8 @@ void doit(void) exit(1); } - ret = - gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, - GNUTLS_PIN_USER); + ret = gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, + GNUTLS_PIN_USER); if (ret < 0) { fail("gnutls_pkcs11_token_set_pin: %s\n", gnutls_strerror(ret)); exit(1); @@ -217,20 +213,18 @@ void doit(void) ret = gnutls_pkcs11_copy_x509_crt(SOFTHSM_URL, crt, "cert", GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE | - GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_crt: %s\n", gnutls_strerror(ret)); exit(1); } - ret = - gnutls_pkcs11_copy_x509_privkey(SOFTHSM_URL, key, "cert", - GNUTLS_KEY_DIGITAL_SIGNATURE | - GNUTLS_KEY_KEY_ENCIPHERMENT, - GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE - | - GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE - | GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_pkcs11_copy_x509_privkey( + SOFTHSM_URL, key, "cert", + GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT, + GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE | + GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE | + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_privkey: %s\n", gnutls_strerror(ret)); @@ -251,13 +245,9 @@ void doit(void) exit(1); } - ret = - gnutls_certificate_set_x509_key_file2(cred, - SOFTHSM_URL - ";object=cert;object-type=cert", - SOFTHSM_URL - ";object=cert;object-type=private", - 0, PIN, 0); + ret = gnutls_certificate_set_x509_key_file2( + cred, SOFTHSM_URL ";object=cert;object-type=cert", + SOFTHSM_URL ";object=cert;object-type=private", 0, PIN, 0); if (ret < 0) { fail("gnutls_certificate_set_x509_key_file2: %s\n", gnutls_strerror(ret)); diff --git a/tests/pkcs11/pkcs11-pubkey-import-ecdsa.c b/tests/pkcs11/pkcs11-pubkey-import-ecdsa.c index 5362524183..b85b0abde3 100644 --- a/tests/pkcs11/pkcs11-pubkey-import-ecdsa.c +++ b/tests/pkcs11/pkcs11-pubkey-import-ecdsa.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,7 +30,7 @@ #include "softhsm.h" #define CONFIG_NAME "softhsm-pubkey-import-ecdsa" -#define CONFIG CONFIG_NAME".config" +#define CONFIG CONFIG_NAME ".config" #include "pkcs11-pubkey-import.c" diff --git a/tests/pkcs11/pkcs11-pubkey-import-rsa.c b/tests/pkcs11/pkcs11-pubkey-import-rsa.c index 682efa6bf3..ec5521ce69 100644 --- a/tests/pkcs11/pkcs11-pubkey-import-rsa.c +++ b/tests/pkcs11/pkcs11-pubkey-import-rsa.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -29,7 +29,7 @@ #include #define CONFIG_NAME "softhsm-pubkey-import-rsa" -#define CONFIG CONFIG_NAME".config" +#define CONFIG CONFIG_NAME ".config" #include "pkcs11-pubkey-import.c" diff --git a/tests/pkcs11/pkcs11-pubkey-import.c b/tests/pkcs11/pkcs11-pubkey-import.c index 12db744dbe..9bbe67e10b 100644 --- a/tests/pkcs11/pkcs11-pubkey-import.c +++ b/tests/pkcs11/pkcs11-pubkey-import.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -50,9 +50,9 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -93,8 +93,9 @@ static void try(int rsa) set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); ret = gnutls_pkcs11_add_provider(lib, "trusted"); @@ -106,17 +107,16 @@ static void try(int rsa) ret = gnutls_x509_crt_init(&crt); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_init: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crt_init: %s\n", + gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_crt_import(crt, rsa ? &server_cert : &server_ecc_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt, rsa ? &server_cert : &server_ecc_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_import: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crt_import: %s\n", + gnutls_strerror(ret)); exit(1); } @@ -129,17 +129,15 @@ static void try(int rsa) ret = gnutls_x509_privkey_init(&key); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_privkey_init: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_privkey_init: %s\n", + gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_privkey_import(key, rsa ? &server_key : &server_ecc_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import( + key, rsa ? &server_key : &server_ecc_key, GNUTLS_X509_FMT_PEM); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_privkey_import: %s\n", + fprintf(stderr, "gnutls_x509_privkey_import: %s\n", gnutls_strerror(ret)); exit(1); } @@ -151,9 +149,8 @@ static void try(int rsa) exit(1); } - ret = - gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, - GNUTLS_PIN_USER); + ret = gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, + GNUTLS_PIN_USER); if (ret < 0) { fail("gnutls_pkcs11_token_set_pin: %s\n", gnutls_strerror(ret)); exit(1); @@ -161,20 +158,18 @@ static void try(int rsa) ret = gnutls_pkcs11_copy_x509_crt(SOFTHSM_URL, crt, "cert", GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE | - GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_crt: %s\n", gnutls_strerror(ret)); exit(1); } - ret = - gnutls_pkcs11_copy_x509_privkey(SOFTHSM_URL, key, "cert", - GNUTLS_KEY_DIGITAL_SIGNATURE | - GNUTLS_KEY_KEY_ENCIPHERMENT, - GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE - | - GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE - | GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_pkcs11_copy_x509_privkey( + SOFTHSM_URL, key, "cert", + GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT, + GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE | + GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE | + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_privkey: %s\n", gnutls_strerror(ret)); @@ -187,11 +182,9 @@ static void try(int rsa) assert(gnutls_privkey_init(&pkey) == 0); - ret = - gnutls_privkey_import_pkcs11_url(pkey, - SOFTHSM_URL - ";object=cert;object-type=private;pin-value=" - PIN); + ret = gnutls_privkey_import_pkcs11_url( + pkey, + SOFTHSM_URL ";object=cert;object-type=private;pin-value=" PIN); if (ret < 0) { fprintf(stderr, "error in %d: %s\n", __LINE__, gnutls_strerror(ret)); @@ -205,22 +198,22 @@ static void try(int rsa) /* check whether privkey and pubkey are operational * by signing and verifying */ - assert(gnutls_privkey_sign_data - (pkey, GNUTLS_DIG_SHA256, 0, &testdata, &sig) == 0); + assert(gnutls_privkey_sign_data(pkey, GNUTLS_DIG_SHA256, 0, &testdata, + &sig) == 0); /* verify against the raw pubkey */ assert(gnutls_pubkey_init(&pubkey2) == 0); - assert(gnutls_pubkey_import_x509_raw - (pubkey2, rsa ? &server_cert : &server_ecc_cert, - GNUTLS_X509_FMT_PEM, 0) == 0); - assert(gnutls_pubkey_verify_data2 - (pubkey2, gnutls_pk_to_sign(pk, GNUTLS_DIG_SHA256), 0, &testdata, - &sig) == 0); + assert(gnutls_pubkey_import_x509_raw( + pubkey2, rsa ? &server_cert : &server_ecc_cert, + GNUTLS_X509_FMT_PEM, 0) == 0); + assert(gnutls_pubkey_verify_data2( + pubkey2, gnutls_pk_to_sign(pk, GNUTLS_DIG_SHA256), 0, + &testdata, &sig) == 0); /* verify against the pubkey in PKCS #11 */ - assert(gnutls_pubkey_verify_data2 - (pubkey, gnutls_pk_to_sign(pk, GNUTLS_DIG_SHA256), 0, &testdata, - &sig) == 0); + assert(gnutls_pubkey_verify_data2( + pubkey, gnutls_pk_to_sign(pk, GNUTLS_DIG_SHA256), 0, + &testdata, &sig) == 0); gnutls_free(sig.data); diff --git a/tests/pkcs11/pkcs11-rsa-pss-privkey-test.c b/tests/pkcs11/pkcs11-rsa-pss-privkey-test.c index 40cb381f09..e812a4b9ce 100644 --- a/tests/pkcs11/pkcs11-rsa-pss-privkey-test.c +++ b/tests/pkcs11/pkcs11-rsa-pss-privkey-test.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -37,7 +37,7 @@ #include "softhsm.h" #define CONFIG_NAME "softhsm-privkey-rsa-pss-test" -#define CONFIG CONFIG_NAME".config" +#define CONFIG CONFIG_NAME ".config" /* Tests whether signing with PKCS#11 and RSA-PSS would * generate valid signatures */ @@ -53,9 +53,9 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -64,8 +64,9 @@ int pin_func(void *userdata, int attempt, const char *url, const char *label, return -1; } -#define myfail(fmt, ...) \ - fail("%s (iter %d): "fmt, gnutls_sign_get_name(sigalgo), i, ##__VA_ARGS__) +#define myfail(fmt, ...) \ + fail("%s (iter %d): " fmt, gnutls_sign_get_name(sigalgo), i, \ + ##__VA_ARGS__) static unsigned verify_rsa_pss_presence(void) { @@ -75,10 +76,9 @@ static unsigned verify_rsa_pss_presence(void) i = 0; do { - ret = - gnutls_pkcs11_token_get_mechanism("pkcs11:", i++, - &mechanism); - if (ret >= 0 && mechanism == 0xd /* CKM_RSA_PKCS_PSS */ ) + ret = gnutls_pkcs11_token_get_mechanism("pkcs11:", i++, + &mechanism); + if (ret >= 0 && mechanism == 0xd /* CKM_RSA_PKCS_PSS */) return 1; } while (ret >= 0); @@ -118,8 +118,9 @@ void doit(void) set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); ret = gnutls_pkcs11_add_provider(lib, NULL); @@ -137,17 +138,16 @@ void doit(void) ret = gnutls_x509_crt_init(&crt); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_init: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crt_init: %s\n", + gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_crt_import(crt, &cli_ca3_rsa_pss_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt, &cli_ca3_rsa_pss_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_import: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crt_import: %s\n", + gnutls_strerror(ret)); exit(1); } @@ -160,17 +160,15 @@ void doit(void) ret = gnutls_x509_privkey_init(&key); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_privkey_init: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_privkey_init: %s\n", + gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_privkey_import(key, &cli_ca3_rsa_pss_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import(key, &cli_ca3_rsa_pss_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_privkey_import: %s\n", + fprintf(stderr, "gnutls_x509_privkey_import: %s\n", gnutls_strerror(ret)); exit(1); } @@ -182,9 +180,8 @@ void doit(void) exit(1); } - ret = - gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, - GNUTLS_PIN_USER); + ret = gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, + GNUTLS_PIN_USER); if (ret < 0) { fail("gnutls_pkcs11_token_set_pin: %s\n", gnutls_strerror(ret)); exit(1); @@ -192,20 +189,18 @@ void doit(void) ret = gnutls_pkcs11_copy_x509_crt(SOFTHSM_URL, crt, "cert", GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE | - GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_crt: %s\n", gnutls_strerror(ret)); exit(1); } - ret = - gnutls_pkcs11_copy_x509_privkey(SOFTHSM_URL, key, "cert", - GNUTLS_KEY_DIGITAL_SIGNATURE | - GNUTLS_KEY_KEY_ENCIPHERMENT, - GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE - | - GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE - | GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_pkcs11_copy_x509_privkey( + SOFTHSM_URL, key, "cert", + GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT, + GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE | + GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE | + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_privkey: %s\n", gnutls_strerror(ret)); @@ -218,11 +213,9 @@ void doit(void) assert(gnutls_privkey_init(&pkey) == 0); - ret = - gnutls_privkey_import_pkcs11_url(pkey, - SOFTHSM_URL - ";object=cert;object-type=private;pin-value=" - PIN); + ret = gnutls_privkey_import_pkcs11_url( + pkey, + SOFTHSM_URL ";object=cert;object-type=private;pin-value=" PIN); if (ret < 0) { fprintf(stderr, "error in %d: %s\n", __LINE__, gnutls_strerror(ret)); @@ -233,8 +226,8 @@ void doit(void) assert(gnutls_pubkey_import_privkey(pubkey, pkey, 0, 0) == 0); assert(gnutls_pubkey_init(&pubkey2) == 0); - assert(gnutls_pubkey_import_x509_raw - (pubkey2, &cli_ca3_rsa_pss_cert, GNUTLS_X509_FMT_PEM, 0) == 0); + assert(gnutls_pubkey_import_x509_raw(pubkey2, &cli_ca3_rsa_pss_cert, + GNUTLS_X509_FMT_PEM, 0) == 0); /* this is the algorithm supported by the certificate */ sigalgo = GNUTLS_SIGN_RSA_PSS_SHA256; @@ -242,24 +235,21 @@ void doit(void) for (i = 0; i < 20; i++) { /* check whether privkey and pubkey are operational * by signing and verifying */ - ret = - gnutls_privkey_sign_data2(pkey, sigalgo, 0, - &testdata, &sig); + ret = gnutls_privkey_sign_data2(pkey, sigalgo, 0, &testdata, + &sig); if (ret < 0) myfail("Error signing data %s\n", gnutls_strerror(ret)); /* verify against the pubkey in PKCS #11 */ - ret = - gnutls_pubkey_verify_data2(pubkey, sigalgo, 0, - &testdata, &sig); + ret = gnutls_pubkey_verify_data2(pubkey, sigalgo, 0, &testdata, + &sig); if (ret < 0) myfail("Error verifying data1: %s\n", gnutls_strerror(ret)); /* verify against the raw pubkey */ - ret = - gnutls_pubkey_verify_data2(pubkey2, sigalgo, 0, - &testdata, &sig); + ret = gnutls_pubkey_verify_data2(pubkey2, sigalgo, 0, &testdata, + &sig); if (ret < 0) myfail("Error verifying data2: %s\n", gnutls_strerror(ret)); diff --git a/tests/pkcs11/pkcs11-token-raw.c b/tests/pkcs11/pkcs11-token-raw.c index 1c2b4d3d5d..05d31d94f5 100644 --- a/tests/pkcs11/pkcs11-token-raw.c +++ b/tests/pkcs11/pkcs11-token-raw.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -34,7 +34,7 @@ #include #include #ifndef CRYPTOKI_GNU -# define CRYPTOKI_GNU +#define CRYPTOKI_GNU #endif #include @@ -44,19 +44,19 @@ #if defined(HAVE___REGISTER_ATFORK) -# ifdef _WIN32 -# define P11LIB "libpkcs11mock1.dll" -# else -# include -# define P11LIB "libpkcs11mock1.so" -# endif +#ifdef _WIN32 +#define P11LIB "libpkcs11mock1.dll" +#else +#include +#define P11LIB "libpkcs11mock1.so" +#endif static void tls_log_func(int level, const char *str) { fprintf(stderr, "|<%d>| %s", level, str); } -# define TOKEN_NAME "whatever" +#define TOKEN_NAME "whatever" void doit(void) { int ret; @@ -100,9 +100,8 @@ void doit(void) size_t size = 1; char *buf = gnutls_malloc(size); assert(buf != NULL); - ret = gnutls_pkcs11_token_get_info(url, - GNUTLS_PKCS11_TOKEN_LABEL, - buf, &size); + ret = gnutls_pkcs11_token_get_info( + url, GNUTLS_PKCS11_TOKEN_LABEL, buf, &size); assert(ret == GNUTLS_E_SHORT_MEMORY_BUFFER); assert(size == strlen(TOKEN_NAME) + 1); @@ -110,18 +109,16 @@ void doit(void) size -= 1; buf = gnutls_realloc(buf, size); assert(buf != NULL); - ret = gnutls_pkcs11_token_get_info(url, - GNUTLS_PKCS11_TOKEN_LABEL, - buf, &size); + ret = gnutls_pkcs11_token_get_info( + url, GNUTLS_PKCS11_TOKEN_LABEL, buf, &size); assert(ret == GNUTLS_E_SHORT_MEMORY_BUFFER); assert(size == strlen(TOKEN_NAME) + 1); /* Testing an exactly fitting buffer */ buf = gnutls_realloc(buf, size); assert(buf != NULL); - ret = gnutls_pkcs11_token_get_info(url, - GNUTLS_PKCS11_TOKEN_LABEL, - buf, &size); + ret = gnutls_pkcs11_token_get_info( + url, GNUTLS_PKCS11_TOKEN_LABEL, buf, &size); assert(ret == 0); assert(strcmp(buf, TOKEN_NAME) == 0); assert(size == strlen(TOKEN_NAME)); @@ -129,13 +126,12 @@ void doit(void) gnutls_free(buf); } - ret = - gnutls_pkcs11_token_get_ptr("pkcs11:token=invalid", (void **)&mod, - &slot_id, 0); + ret = gnutls_pkcs11_token_get_ptr("pkcs11:token=invalid", (void **)&mod, + &slot_id, 0); assert(ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE); - ret = - gnutls_pkcs11_token_get_ptr("pkcs11:", (void **)&mod, &slot_id, 0); + ret = gnutls_pkcs11_token_get_ptr("pkcs11:", (void **)&mod, &slot_id, + 0); if (ret < 0) { fail("%d: %s\n", ret, gnutls_strerror(ret)); exit(1); diff --git a/tests/pkcs11/softhsm.h b/tests/pkcs11/softhsm.h index 9a13cc304b..29dfd0f0a1 100644 --- a/tests/pkcs11/softhsm.h +++ b/tests/pkcs11/softhsm.h @@ -18,31 +18,33 @@ */ #ifndef SOFTHSM_H -# define SOFTHSM_H - -# include - -# define SOFTHSM_V2 - -# ifdef SOFTHSM_V1 -# define SOFTHSM_URL "pkcs11:model=SoftHSM;manufacturer=SoftHSM;serial=1;token=test" -# define LIB1 "/usr/lib64/pkcs11/libsofthsm.so" -# define LIB2 "/usr/lib/pkcs11/libsofthsm.so" -# define LIB3 "/usr/lib/softhsm/libsofthsm.so" -# define LIB4 "/usr/local/lib/softhsm/libsofthsm.so" -# define SOFTHSM_BIN1 "/usr/bin/softhsm" -# define SOFTHSM_BIN2 "/usr/local/bin/softhsm" -# define SOFTHSM_ENV "SOFTHSM_CONF" -# else -# define SOFTHSM_URL "pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;token=test" -# define LIB1 "/usr/lib64/pkcs11/libsofthsm2.so" -# define LIB2 "/usr/lib/pkcs11/libsofthsm2.so" -# define LIB3 "/usr/lib/softhsm/libsofthsm2.so" -# define LIB4 "/usr/lib/x86_64-linux-gnu/softhsm/libsofthsm2.so" -# define SOFTHSM_BIN1 "/usr/bin/softhsm2-util" -# define SOFTHSM_BIN2 "/usr/local/bin/softhsm2-util" -# define SOFTHSM_ENV "SOFTHSM2_CONF" -# endif +#define SOFTHSM_H + +#include + +#define SOFTHSM_V2 + +#ifdef SOFTHSM_V1 +#define SOFTHSM_URL \ + "pkcs11:model=SoftHSM;manufacturer=SoftHSM;serial=1;token=test" +#define LIB1 "/usr/lib64/pkcs11/libsofthsm.so" +#define LIB2 "/usr/lib/pkcs11/libsofthsm.so" +#define LIB3 "/usr/lib/softhsm/libsofthsm.so" +#define LIB4 "/usr/local/lib/softhsm/libsofthsm.so" +#define SOFTHSM_BIN1 "/usr/bin/softhsm" +#define SOFTHSM_BIN2 "/usr/local/bin/softhsm" +#define SOFTHSM_ENV "SOFTHSM_CONF" +#else +#define SOFTHSM_URL \ + "pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;token=test" +#define LIB1 "/usr/lib64/pkcs11/libsofthsm2.so" +#define LIB2 "/usr/lib/pkcs11/libsofthsm2.so" +#define LIB3 "/usr/lib/softhsm/libsofthsm2.so" +#define LIB4 "/usr/lib/x86_64-linux-gnu/softhsm/libsofthsm2.so" +#define SOFTHSM_BIN1 "/usr/bin/softhsm2-util" +#define SOFTHSM_BIN2 "/usr/local/bin/softhsm2-util" +#define SOFTHSM_ENV "SOFTHSM2_CONF" +#endif inline static const char *softhsm_lib(void) { @@ -80,8 +82,7 @@ inline static const char *softhsm_bin(void) return bin; } -static -void set_softhsm_conf(const char *config) +static void set_softhsm_conf(const char *config) { char buf[128]; char db_dir[128]; @@ -96,11 +97,11 @@ void set_softhsm_conf(const char *config) fprintf(stderr, "error writing %s\n", config); exit(1); } -# ifdef SOFTHSM_V1 +#ifdef SOFTHSM_V1 remove(db_dir); snprintf(buf, sizeof(buf), "0:./%s\n", db_dir); fputs(buf, fp); -# else +#else fputs("directories.tokendir = ", fp); fputs(db_dir, fp); fputs("\n", fp); @@ -113,7 +114,7 @@ void set_softhsm_conf(const char *config) snprintf(buf, sizeof(buf), "rm -rf %s\n", db_dir); system(buf); mkdir(db_dir, 0755); -# endif +#endif fclose(fp); setenv(SOFTHSM_ENV, config, 0); diff --git a/tests/pkcs11/tls-neg-pkcs11-key.c b/tests/pkcs11/tls-neg-pkcs11-key.c index 812378610b..4adcd58724 100644 --- a/tests/pkcs11/tls-neg-pkcs11-key.c +++ b/tests/pkcs11/tls-neg-pkcs11-key.c @@ -22,7 +22,7 @@ /* This tests TLS negotiation using the gnutls_privkey_import_ext2() APIs */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,9 +30,9 @@ #include #include #ifndef _WIN32 -# include -# include -# include +#include +#include +#include #endif #include #include @@ -50,11 +50,10 @@ static void tls_log_func(int level, const char *str) } #define CONFIG_NAME "softhsm-neg" -#define CONFIG CONFIG_NAME".config" +#define CONFIG CONFIG_NAME ".config" #define PIN "1234" -#define testfail(fmt, ...) \ - fail("%s: "fmt, name, ##__VA_ARGS__) +#define testfail(fmt, ...) fail("%s: " fmt, name, ##__VA_ARGS__) static unsigned verify_eddsa_presence(void) { @@ -64,10 +63,9 @@ static unsigned verify_eddsa_presence(void) i = 0; do { - ret = - gnutls_pkcs11_token_get_mechanism("pkcs11:", i++, - &mechanism); - if (ret >= 0 && mechanism == 0x1057 /* CKM_EDDSA */ ) + ret = gnutls_pkcs11_token_get_mechanism("pkcs11:", i++, + &mechanism); + if (ret >= 0 && mechanism == 0x1057 /* CKM_EDDSA */) return 1; } while (ret >= 0); @@ -75,7 +73,7 @@ static unsigned verify_eddsa_presence(void) } static gnutls_privkey_t load_virt_privkey(const char *name, - const gnutls_datum_t * txtkey, + const gnutls_datum_t *txtkey, int exp_key_err, unsigned needs_decryption) { @@ -97,11 +95,11 @@ static gnutls_privkey_t load_virt_privkey(const char *name, else flags = GNUTLS_KEY_DIGITAL_SIGNATURE; - ret = gnutls_pkcs11_copy_x509_privkey(SOFTHSM_URL, tmp, "key", flags, - GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE - | - GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE - | GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_pkcs11_copy_x509_privkey( + SOFTHSM_URL, tmp, "key", flags, + GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE | + GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE | + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); gnutls_x509_privkey_deinit(tmp); if (ret < 0) { @@ -132,13 +130,12 @@ static gnutls_privkey_t load_virt_privkey(const char *name, return privkey; } -static -void try_with_key(const char *name, const char *client_prio, - gnutls_kx_algorithm_t client_kx, - gnutls_sign_algorithm_t server_sign_algo, - gnutls_sign_algorithm_t client_sign_algo, - const gnutls_datum_t * serv_cert, - gnutls_privkey_t key, int exp_serv_err) +static void try_with_key(const char *name, const char *client_prio, + gnutls_kx_algorithm_t client_kx, + gnutls_sign_algorithm_t server_sign_algo, + gnutls_sign_algorithm_t client_sign_algo, + const gnutls_datum_t *serv_cert, gnutls_privkey_t key, + int exp_serv_err) { int ret; gnutls_pcert_st pcert_list[4]; @@ -180,9 +177,10 @@ void try_with_key(const char *name, const char *client_prio, gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, s_xcred); - assert(gnutls_priority_set_direct(server, - "NORMAL:+VERS-SSL3.0:+ANON-ECDH:+ANON-DH:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519", - NULL) >= 0); + assert(gnutls_priority_set_direct( + server, + "NORMAL:+VERS-SSL3.0:+ANON-ECDH:+ANON-DH:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519", + NULL) >= 0); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -219,10 +217,10 @@ void try_with_key(const char *name, const char *client_prio, } if (gnutls_kx_get(client) != client_kx) { - testfail - ("%s: got unexpected key exchange algorithm: %s (expected %s)\n", - name, gnutls_kx_get_name(gnutls_kx_get(client)), - gnutls_kx_get_name(client_kx)); + testfail( + "%s: got unexpected key exchange algorithm: %s (expected %s)\n", + name, gnutls_kx_get_name(gnutls_kx_get(client)), + gnutls_kx_get_name(client_kx)); exit(1); } @@ -231,33 +229,33 @@ void try_with_key(const char *name, const char *client_prio, if (version >= GNUTLS_TLS1_2) { ret = gnutls_sign_algorithm_get(server); if (ret != (int)server_sign_algo && server_sign_algo != 0) { - testfail - ("%s: got unexpected server signature algorithm: %d/%s\n", - name, ret, gnutls_sign_get_name(ret)); + testfail( + "%s: got unexpected server signature algorithm: %d/%s\n", + name, ret, gnutls_sign_get_name(ret)); exit(1); } ret = gnutls_sign_algorithm_get_client(server); if (ret != (int)client_sign_algo && client_sign_algo != 0) { - testfail - ("%s: got unexpected client signature algorithm: %d/%s\n", - name, ret, gnutls_sign_get_name(ret)); + testfail( + "%s: got unexpected client signature algorithm: %d/%s\n", + name, ret, gnutls_sign_get_name(ret)); exit(1); } ret = gnutls_sign_algorithm_get(client); if (ret != (int)server_sign_algo && server_sign_algo != 0) { - testfail - ("%s: cl: got unexpected server signature algorithm: %d/%s\n", - name, ret, gnutls_sign_get_name(ret)); + testfail( + "%s: cl: got unexpected server signature algorithm: %d/%s\n", + name, ret, gnutls_sign_get_name(ret)); exit(1); } ret = gnutls_sign_algorithm_get_client(client); if (ret != (int)client_sign_algo && client_sign_algo != 0) { - testfail - ("%s: cl: got unexpected client signature algorithm: %d/%s\n", - name, ret, gnutls_sign_get_name(ret)); + testfail( + "%s: cl: got unexpected client signature algorithm: %d/%s\n", + name, ret, gnutls_sign_get_name(ret)); exit(1); } } @@ -265,7 +263,7 @@ void try_with_key(const char *name, const char *client_prio, gnutls_bye(client, GNUTLS_SHUT_RDWR); gnutls_bye(server, GNUTLS_SHUT_RDWR); - cleanup: +cleanup: gnutls_deinit(client); gnutls_deinit(server); @@ -289,130 +287,127 @@ typedef struct test_st { } test_st; static const test_st tests[] = { - {.name = "tls1.2: rsa-decryption key", - .pk = GNUTLS_PK_RSA, - .prio = "NORMAL:-KX-ALL:+RSA:-VERS-TLS-ALL:+VERS-TLS1.2", - .cert = &server_ca3_localhost_rsa_decrypt_cert, - .key = &server_ca3_key, - .exp_kx = GNUTLS_KX_RSA, - .needs_decryption = 1}, - {.name = "tls1.2: rsa-decryption key, signatures prioritized", - .pk = GNUTLS_PK_RSA, - .prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:+RSA:-VERS-TLS-ALL:+VERS-TLS1.2:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", - .cert = &server_ca3_localhost_cert, - .key = &server_ca3_key, - .exp_kx = GNUTLS_KX_RSA, - .needs_decryption = 1}, - {.name = "tls1.2: ecc key", - .pk = GNUTLS_PK_ECDSA, - .prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.2", - .cert = &server_ca3_localhost_ecc_cert, - .key = &server_ca3_ecc_key, - .exp_kx = GNUTLS_KX_ECDHE_ECDSA}, - {.name = "tls1.2: rsa-sign key", - .pk = GNUTLS_PK_RSA, - .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.2", - .cert = &server_ca3_localhost_cert, - .key = &server_ca3_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA}, - {.name = "tls1.2: rsa-sign key with rsa-pss sigs prioritized", - .pk = GNUTLS_PK_RSA, - .prio = - "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:+SIGN-RSA-SHA512:-VERS-TLS-ALL:+VERS-TLS1.2", - .cert = &server_ca3_localhost_cert, - .key = &server_ca3_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA}, - {.name = "tls1.2: rsa-pss-sign key", - .pk = GNUTLS_PK_RSA_PSS, - .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.2", - .cert = &server_ca3_rsa_pss2_cert, - .key = &server_ca3_rsa_pss2_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA, - .requires_pkcs11_pss = 1, - }, - {.name = "tls1.2: rsa-pss cert, rsa-sign key", - .pk = GNUTLS_PK_RSA, - .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.2", - .cert = &server_ca3_rsa_pss_cert, - .key = &server_ca3_rsa_pss_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA, - .requires_pkcs11_pss = 1, - }, - {.name = "tls1.2: rsa-pss cert, rsa-sign key no PSS signatures", - .pk = GNUTLS_PK_RSA, - .prio = - "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.2:-SIGN-RSA-PSS-SHA256:-SIGN-RSA-PSS-SHA384:-SIGN-RSA-PSS-SHA512:-SIGN-RSA-PSS-RSAE-SHA256:-SIGN-RSA-PSS-RSAE-SHA384:-SIGN-RSA-PSS-RSAE-SHA512", - .cert = &server_ca3_rsa_pss_cert, - .key = &server_ca3_rsa_pss_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA, - .exp_serv_err = GNUTLS_E_NO_CIPHER_SUITES}, - {.name = "tls1.2: ed25519 cert, ed25519 key", - .pk = GNUTLS_PK_EDDSA_ED25519, - .needs_eddsa = 1, - .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA", - .cert = &server_ca3_eddsa_cert, - .key = &server_ca3_eddsa_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA, - .nofips = 1}, - {.name = "tls1.3: ecc key", - .pk = GNUTLS_PK_ECDSA, - .prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.3", - .cert = &server_ca3_localhost_ecc_cert, - .key = &server_ca3_ecc_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA}, - {.name = "tls1.3: rsa-sign key", - .pk = GNUTLS_PK_RSA, - .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.3", - .cert = &server_ca3_localhost_cert, - .key = &server_ca3_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA}, - {.name = "tls1.3: rsa-sign key with rsa-pss sigs prioritized", - .pk = GNUTLS_PK_RSA, - .prio = - "NORMAL:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512:+SIGN-RSA-PSS-RSAE-SHA256:+SIGN-RSA-PSS-RSAE-SHA384:+SIGN-RSA-PSS-RSAE-SHA512:-VERS-TLS-ALL:+VERS-TLS1.3", - .cert = &server_ca3_localhost_cert, - .key = &server_ca3_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA}, - {.name = "tls1.3: rsa-pss-sign key", - .pk = GNUTLS_PK_RSA_PSS, - .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.3", - .cert = &server_ca3_rsa_pss2_cert, - .key = &server_ca3_rsa_pss2_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA, - .requires_pkcs11_pss = 1, - }, - {.name = "tls1.3: rsa-pss cert, rsa-sign key", - .pk = GNUTLS_PK_RSA, - .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.3", - .cert = &server_ca3_rsa_pss_cert, - .key = &server_ca3_rsa_pss_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA, - .requires_pkcs11_pss = 1, - }, - {.name = "tls1.3: rsa-pss cert, rsa-sign key no PSS signatures", - .pk = GNUTLS_PK_RSA, - .prio = - "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.3:-SIGN-RSA-PSS-SHA256:-SIGN-RSA-PSS-SHA384:-SIGN-RSA-PSS-SHA512:-SIGN-RSA-PSS-RSAE-SHA256:-SIGN-RSA-PSS-RSAE-SHA384:-SIGN-RSA-PSS-RSAE-SHA512", - .cert = &server_ca3_rsa_pss_cert, - .key = &server_ca3_rsa_pss_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA, - .exp_serv_err = GNUTLS_E_NO_CIPHER_SUITES}, - {.name = "tls1.3: ed25519 cert, ed25519 key", - .needs_eddsa = 1, - .pk = GNUTLS_PK_EDDSA_ED25519, - .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA", - .cert = &server_ca3_eddsa_cert, - .key = &server_ca3_eddsa_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA, - .nofips = 1} + { .name = "tls1.2: rsa-decryption key", + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:-KX-ALL:+RSA:-VERS-TLS-ALL:+VERS-TLS1.2", + .cert = &server_ca3_localhost_rsa_decrypt_cert, + .key = &server_ca3_key, + .exp_kx = GNUTLS_KX_RSA, + .needs_decryption = 1 }, + { .name = "tls1.2: rsa-decryption key, signatures prioritized", + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:-KX-ALL:+ECDHE-RSA:+RSA:-VERS-TLS-ALL:+VERS-TLS1.2:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", + .cert = &server_ca3_localhost_cert, + .key = &server_ca3_key, + .exp_kx = GNUTLS_KX_RSA, + .needs_decryption = 1 }, + { .name = "tls1.2: ecc key", + .pk = GNUTLS_PK_ECDSA, + .prio = "NORMAL:-KX-ALL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.2", + .cert = &server_ca3_localhost_ecc_cert, + .key = &server_ca3_ecc_key, + .exp_kx = GNUTLS_KX_ECDHE_ECDSA }, + { .name = "tls1.2: rsa-sign key", + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.2", + .cert = &server_ca3_localhost_cert, + .key = &server_ca3_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA }, + { .name = "tls1.2: rsa-sign key with rsa-pss sigs prioritized", + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:+SIGN-RSA-SHA512:-VERS-TLS-ALL:+VERS-TLS1.2", + .cert = &server_ca3_localhost_cert, + .key = &server_ca3_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA }, + { + .name = "tls1.2: rsa-pss-sign key", + .pk = GNUTLS_PK_RSA_PSS, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.2", + .cert = &server_ca3_rsa_pss2_cert, + .key = &server_ca3_rsa_pss2_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA, + .requires_pkcs11_pss = 1, + }, + { + .name = "tls1.2: rsa-pss cert, rsa-sign key", + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.2", + .cert = &server_ca3_rsa_pss_cert, + .key = &server_ca3_rsa_pss_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA, + .requires_pkcs11_pss = 1, + }, + { .name = "tls1.2: rsa-pss cert, rsa-sign key no PSS signatures", + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.2:-SIGN-RSA-PSS-SHA256:-SIGN-RSA-PSS-SHA384:-SIGN-RSA-PSS-SHA512:-SIGN-RSA-PSS-RSAE-SHA256:-SIGN-RSA-PSS-RSAE-SHA384:-SIGN-RSA-PSS-RSAE-SHA512", + .cert = &server_ca3_rsa_pss_cert, + .key = &server_ca3_rsa_pss_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA, + .exp_serv_err = GNUTLS_E_NO_CIPHER_SUITES }, + { .name = "tls1.2: ed25519 cert, ed25519 key", + .pk = GNUTLS_PK_EDDSA_ED25519, + .needs_eddsa = 1, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA", + .cert = &server_ca3_eddsa_cert, + .key = &server_ca3_eddsa_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA, + .nofips = 1 }, + { .name = "tls1.3: ecc key", + .pk = GNUTLS_PK_ECDSA, + .prio = "NORMAL:-KX-ALL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.3", + .cert = &server_ca3_localhost_ecc_cert, + .key = &server_ca3_ecc_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA }, + { .name = "tls1.3: rsa-sign key", + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.3", + .cert = &server_ca3_localhost_cert, + .key = &server_ca3_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA }, + { .name = "tls1.3: rsa-sign key with rsa-pss sigs prioritized", + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512:+SIGN-RSA-PSS-RSAE-SHA256:+SIGN-RSA-PSS-RSAE-SHA384:+SIGN-RSA-PSS-RSAE-SHA512:-VERS-TLS-ALL:+VERS-TLS1.3", + .cert = &server_ca3_localhost_cert, + .key = &server_ca3_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA }, + { + .name = "tls1.3: rsa-pss-sign key", + .pk = GNUTLS_PK_RSA_PSS, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.3", + .cert = &server_ca3_rsa_pss2_cert, + .key = &server_ca3_rsa_pss2_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA, + .requires_pkcs11_pss = 1, + }, + { + .name = "tls1.3: rsa-pss cert, rsa-sign key", + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.3", + .cert = &server_ca3_rsa_pss_cert, + .key = &server_ca3_rsa_pss_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA, + .requires_pkcs11_pss = 1, + }, + { .name = "tls1.3: rsa-pss cert, rsa-sign key no PSS signatures", + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.3:-SIGN-RSA-PSS-SHA256:-SIGN-RSA-PSS-SHA384:-SIGN-RSA-PSS-SHA512:-SIGN-RSA-PSS-RSAE-SHA256:-SIGN-RSA-PSS-RSAE-SHA384:-SIGN-RSA-PSS-RSAE-SHA512", + .cert = &server_ca3_rsa_pss_cert, + .key = &server_ca3_rsa_pss_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA, + .exp_serv_err = GNUTLS_E_NO_CIPHER_SUITES }, + { .name = "tls1.3: ed25519 cert, ed25519 key", + .needs_eddsa = 1, + .pk = GNUTLS_PK_EDDSA_ED25519, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA", + .cert = &server_ca3_eddsa_cert, + .key = &server_ca3_eddsa_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA, + .nofips = 1 } }; -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -422,7 +417,7 @@ int pin_func(void *userdata, int attempt, const char *url, const char *label, } #ifndef CKM_RSA_PKCS_PSS -# define CKM_RSA_PKCS_PSS (0xdUL) +#define CKM_RSA_PKCS_PSS (0xdUL) #endif void doit(void) @@ -453,8 +448,9 @@ void doit(void) gnutls_pkcs11_set_pin_function(pin_func, NULL); set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); ret = gnutls_pkcs11_add_provider(lib, NULL); @@ -474,10 +470,8 @@ void doit(void) success("checking: %s\n", tests[i].name); if (tests[i].requires_pkcs11_pss) { - ret = - gnutls_pkcs11_token_check_mechanism("pkcs11:", - CKM_RSA_PKCS_PSS, - NULL, 0, 0); + ret = gnutls_pkcs11_token_check_mechanism( + "pkcs11:", CKM_RSA_PKCS_PSS, NULL, 0, 0); if (ret == 0) { fprintf(stderr, "softhsm2 doesn't support CKM_RSA_PKCS_PSS; skipping test\n"); @@ -485,17 +479,15 @@ void doit(void) } } - privkey = - load_virt_privkey(tests[i].name, tests[i].key, - tests[i].exp_key_err, - tests[i].needs_decryption); + privkey = load_virt_privkey(tests[i].name, tests[i].key, + tests[i].exp_key_err, + tests[i].needs_decryption); if (privkey == NULL && tests[i].exp_key_err < 0) continue; assert(privkey != 0); - try_with_key(tests[i].name, tests[i].prio, - tests[i].exp_kx, 0, 0, - tests[i].cert, privkey, tests[i].exp_serv_err); + try_with_key(tests[i].name, tests[i].prio, tests[i].exp_kx, 0, + 0, tests[i].cert, privkey, tests[i].exp_serv_err); gnutls_pkcs11_delete_url(SOFTHSM_URL ";object=key", GNUTLS_PKCS11_OBJ_FLAG_LOGIN); diff --git a/tests/pkcs11/tls-neg-pkcs11-no-key.c b/tests/pkcs11/tls-neg-pkcs11-no-key.c index b6df8d2605..d31e44fe99 100644 --- a/tests/pkcs11/tls-neg-pkcs11-no-key.c +++ b/tests/pkcs11/tls-neg-pkcs11-no-key.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,22 +35,22 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "tls13/ext-parse.h" -# include "pkcs11/softhsm.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "tls13/ext-parse.h" +#include "pkcs11/softhsm.h" +#include "utils.h" /* This program tests that TLS 1.3 is disabled as expected. */ @@ -65,16 +65,16 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define P11LIB "libpkcs11mock2.so" +#define P11LIB "libpkcs11mock2.so" -# define PIN "1234" +#define PIN "1234" -# define CONFIG_NAME "softhsm-neg-no-key" -# define CONFIG CONFIG_NAME".config" +#define CONFIG_NAME "softhsm-neg-no-key" +#define CONFIG CONFIG_NAME ".config" -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -100,9 +100,8 @@ static void client(int fd) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(x509_cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(x509_cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -112,15 +111,13 @@ static void client(int fd) gnutls_handshake_set_timeout(session, get_timeout()); - ret = - gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); + ret = gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, + x509_cred); if (ret < 0) fail("cannot set credentials\n"); - ret = - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2", - NULL); + ret = gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2", NULL); if (ret < 0) fail("cannot set priorities\n"); @@ -130,8 +127,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret != 0) fail("handshake failed: %s\n", gnutls_strerror(ret)); @@ -198,16 +194,16 @@ static void server(int fd) ret = gnutls_x509_crt_init(&crt); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_init: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crt_init: %s\n", + gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_crt_import(crt, &server_ca3_cert, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt, &server_ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_import: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crt_import: %s\n", + gnutls_strerror(ret)); exit(1); } @@ -220,17 +216,15 @@ static void server(int fd) ret = gnutls_x509_privkey_init(&key); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_privkey_init: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_privkey_init: %s\n", + gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_privkey_import(key, &server_ca3_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import(key, &server_ca3_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_privkey_import: %s\n", + fprintf(stderr, "gnutls_x509_privkey_import: %s\n", gnutls_strerror(ret)); exit(1); } @@ -242,9 +236,8 @@ static void server(int fd) exit(1); } - ret = - gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, - GNUTLS_PIN_USER); + ret = gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, + GNUTLS_PIN_USER); if (ret < 0) { fail("gnutls_pkcs11_token_set_pin: %s\n", gnutls_strerror(ret)); exit(1); @@ -252,20 +245,18 @@ static void server(int fd) ret = gnutls_pkcs11_copy_x509_crt(SOFTHSM_URL, crt, "cert", GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE | - GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_crt: %s\n", gnutls_strerror(ret)); exit(1); } - ret = - gnutls_pkcs11_copy_x509_privkey(SOFTHSM_URL, key, "cert", - GNUTLS_KEY_DIGITAL_SIGNATURE | - GNUTLS_KEY_KEY_ENCIPHERMENT, - GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE - | - GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE - | GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_pkcs11_copy_x509_privkey( + SOFTHSM_URL, key, "cert", + GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT, + GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE | + GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE | + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_privkey: %s\n", gnutls_strerror(ret)); @@ -281,22 +272,19 @@ static void server(int fd) gnutls_handshake_set_timeout(session, get_timeout()); - assert(gnutls_certificate_set_x509_key_file(x509_cred, - SOFTHSM_URL - ";object=cert;object-type=cert", - SOFTHSM_URL - ";object=cert;object-type=private;pin-value=" - PIN, - GNUTLS_X509_FMT_DER) >= 0); + assert(gnutls_certificate_set_x509_key_file( + x509_cred, SOFTHSM_URL ";object=cert;object-type=cert", + SOFTHSM_URL + ";object=cert;object-type=private;pin-value=" PIN, + GNUTLS_X509_FMT_DER) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2", - NULL); + gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2", NULL); gnutls_transport_set_int(session, fd); @@ -351,8 +339,9 @@ void doit(void) set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); signal(SIGCHLD, SIG_IGN); @@ -383,6 +372,5 @@ void doit(void) client(fd[1]); exit(0); } - } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/pkcs12_encode.c b/tests/pkcs12_encode.c index 48ab4f13c5..87b30bdf26 100644 --- a/tests/pkcs12_encode.c +++ b/tests/pkcs12_encode.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,34 +33,36 @@ #include static char client_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" - "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" - "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" - "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" - "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" - "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" - "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" - "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" - "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" - "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" - "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" + "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" + "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" + "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" + "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" + "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" + "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" + "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" + "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" + "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" + "dc8Siq5JojruiMizAf0pA7in\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t client_dat = { (void *)client_pem, sizeof(client_pem) }; static char ca_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIB5zCCAVKgAwIBAgIERiYdJzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTExWhcNMDgwNDE3MTMyOTExWjAZMRcw\n" - "FQYDVQQDEw5HbnVUTFMgdGVzdCBDQTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA\n" - "vuyYeh1vfmslnuggeEKgZAVmQ5ltSdUY7H25WGSygKMUYZ0KT74v8C780qtcNt9T\n" - "7EPH/N6RvB4BprdssgcQLsthR3XKA84jbjjxNCcaGs33lvOz8A1nf8p3hD+cKfRi\n" - "kfYSW2JazLrtCC4yRCas/SPOUxu78of+3HiTfFm/oXUCAwEAAaNDMEEwDwYDVR0T\n" - "AQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBTpPBz7rZJu5gak\n" - "Viyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAiaIRqGfp1jPpNeVhABK60SU0KIAy\n" - "njuu7kHq5peUgYn8Jd9zNzExBOEp1VOipGsf6G66oQAhDFp2o8zkz7ZH71zR4HEW\n" - "KoX6n5Emn6DvcEH/9pAhnGxNHJAoS7czTKv/JDZJhkqHxyrE1fuLsg5Qv25DTw7+\n" - "PfqUpIhz5Bbm7J4=\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIB5zCCAVKgAwIBAgIERiYdJzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTExWhcNMDgwNDE3MTMyOTExWjAZMRcw\n" + "FQYDVQQDEw5HbnVUTFMgdGVzdCBDQTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA\n" + "vuyYeh1vfmslnuggeEKgZAVmQ5ltSdUY7H25WGSygKMUYZ0KT74v8C780qtcNt9T\n" + "7EPH/N6RvB4BprdssgcQLsthR3XKA84jbjjxNCcaGs33lvOz8A1nf8p3hD+cKfRi\n" + "kfYSW2JazLrtCC4yRCas/SPOUxu78of+3HiTfFm/oXUCAwEAAaNDMEEwDwYDVR0T\n" + "AQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBTpPBz7rZJu5gak\n" + "Viyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAiaIRqGfp1jPpNeVhABK60SU0KIAy\n" + "njuu7kHq5peUgYn8Jd9zNzExBOEp1VOipGsf6G66oQAhDFp2o8zkz7ZH71zR4HEW\n" + "KoX6n5Emn6DvcEH/9pAhnGxNHJAoS7czTKv/JDZJhkqHxyrE1fuLsg5Qv25DTw7+\n" + "PfqUpIhz5Bbm7J4=\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t ca_dat = { (void *)ca_pem, sizeof(ca_pem) }; static void tls_log_func(int level, const char *str) @@ -153,7 +155,7 @@ void doit(void) tests[n_tests].bag_encrypt_flags = GNUTLS_PKCS_USE_PKCS12_RC2_40; if (gnutls_fips140_mode_enabled()) { tests[n_tests].bag_encrypt_expected = - GNUTLS_E_UNWANTED_ALGORITHM; + GNUTLS_E_UNWANTED_ALGORITHM; } else { tests[n_tests].bag_encrypt_expected = 0; } @@ -177,9 +179,8 @@ void doit(void) indx = ret; - ret = gnutls_pkcs12_bag_set_friendly_name(bag, indx, - tests - [i].friendly_name); + ret = gnutls_pkcs12_bag_set_friendly_name( + bag, indx, tests[i].friendly_name); if (ret < 0) { fprintf(stderr, "set_friendly_name: %s (%d)\n", gnutls_strerror(ret), ret); @@ -187,8 +188,8 @@ void doit(void) } size = sizeof(key_id_buf); - ret = gnutls_x509_crt_get_key_id(tests[i].crt, 0, - key_id_buf, &size); + ret = gnutls_x509_crt_get_key_id(tests[i].crt, 0, key_id_buf, + &size); if (ret < 0) { fprintf(stderr, "get_key_id: %s (%d)\n", gnutls_strerror(ret), ret); diff --git a/tests/pkcs12_s2k.c b/tests/pkcs12_s2k.c index dbb52a7f4d..ed97771591 100644 --- a/tests/pkcs12_s2k.c +++ b/tests/pkcs12_s2k.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -38,20 +38,20 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -static const unsigned char *salt[3] = - { (void *)"salt1", (void *)"ltsa22", (void *)"balt33" }; +static const unsigned char *salt[3] = { (void *)"salt1", (void *)"ltsa22", + (void *)"balt33" }; static const char *pw[3] = { "secret1", "verysecret2", "veryverysecret3" }; static const char *values[] = { -/* 1.0 */ + /* 1.0 */ "85a3c676a66f0960f4807144a28c8d61a0001b81846f301a1ac164289879972f", -/* 1.2 */ + /* 1.2 */ "e659da7d5989733a3d268e0bf7752c35c116e5c75919449a98f6812f82a15b16", -/* 1.2 */ + /* 1.2 */ "878b8a88bf6166ce803b7498822205b1ac82870d3aec20807148779375a61f1e", -/* 2.0 */ + /* 2.0 */ "1c845be764371d633c7fd1056967a9940385e110e85b58f826d39ae8561a0019", -/* 2.1 */ + /* 2.1 */ "de8dd3ffd59b65d3d5f59a1f71d7add582741f7752a786c045953e727e4465c0", /* 2.2 */ #ifndef PKCS12_BROKEN_KEYGEN @@ -61,9 +61,9 @@ static const char *values[] = { #endif /* 3.0 */ "1c165e5a291a1539f3dbcf82a3e6ed566eb9d50ad4b0b3b57b599b08f0531236", -/* 3.1 */ + /* 3.1 */ "5c9abee3cde31656eedfc131b7c2f8061032a3c705961ee2306a826c8b4b1a76", -/* 3.2 */ + /* 3.2 */ "a9c94e0acdaeaea54d1b1b681c3b64916396a352dea7ffe635fb2c11d8502e98" }; @@ -76,55 +76,26 @@ static struct { size_t iter; size_t keylen; const char *key; -} tv[] = { - { - 1, "smeg", (void *)"\x0A\x58\xCF\x64\x53\x0D\x82\x3F", 1, - 24, - "8aaae6297b6cb04642ab5b077851284eb7128f1a2a7fbca3"}, { - 2, "smeg", - (void *) - "\x0A\x58\xCF\x64\x53\x0D\x82\x3F", - 1, - 8, - "79993dfe048d3b76"}, - { - 1, "smeg", (void *)"\x64\x2B\x99\xAB\x44\xFB\x4B\x1F", 1, - 24, - "f3a95fec48d7711e985cfe67908c5ab79fa3d7c5caa5d966"}, { - 2, "smeg", - (void *) - "\x64\x2B\x99\xAB\x44\xFB\x4B\x1F", - 1, - 8, - "c0a38d64a79bea1d"}, - { - 3, "smeg", (void *)"\x3D\x83\xC0\xE4\x54\x6A\xC1\x40", 1, - 20, "8d967d88f6caa9d714800ab3d48051d63f73a312"}, { - 1, "queeg", - (void *) - "\x05\xDE\xC9\x59\xAC\xFF\x72\xF7", - 1000, 24, - "ed2034e36328830ff09df1e1a07dd357185dac0d4f9eb3d4"}, { - 2, - "queeg", - (void *) - "\x05\xDE\xC9\x59\xAC\xFF\x72\xF7", - 1000, - 8, - "11dedad7758d4860"}, - { - 1, "queeg", (void *)"\x16\x82\xC0\xFC\x5B\x3F\x7E\xC5", - 1000, 24, - "483dd6e919d7de2e8e648ba8f862f3fbfbdc2bcb2c02957f"}, { - 2, "queeg", - (void *) - "\x16\x82\xC0\xFC\x5B\x3F\x7E\xC5", - 1000, 8, - "9d461d1b00355c50"}, - { - 3, "queeg", (void *)"\x26\x32\x16\xFC\xC2\xFA\xB3\x1C", - 1000, 20, "5ec4c7a80df652294c3925b6489a7ab857c83476"} -}; +} tv[] = { { 1, "smeg", (void *)"\x0A\x58\xCF\x64\x53\x0D\x82\x3F", 1, 24, + "8aaae6297b6cb04642ab5b077851284eb7128f1a2a7fbca3" }, + { 2, "smeg", (void *)"\x0A\x58\xCF\x64\x53\x0D\x82\x3F", 1, 8, + "79993dfe048d3b76" }, + { 1, "smeg", (void *)"\x64\x2B\x99\xAB\x44\xFB\x4B\x1F", 1, 24, + "f3a95fec48d7711e985cfe67908c5ab79fa3d7c5caa5d966" }, + { 2, "smeg", (void *)"\x64\x2B\x99\xAB\x44\xFB\x4B\x1F", 1, 8, + "c0a38d64a79bea1d" }, + { 3, "smeg", (void *)"\x3D\x83\xC0\xE4\x54\x6A\xC1\x40", 1, 20, + "8d967d88f6caa9d714800ab3d48051d63f73a312" }, + { 1, "queeg", (void *)"\x05\xDE\xC9\x59\xAC\xFF\x72\xF7", 1000, 24, + "ed2034e36328830ff09df1e1a07dd357185dac0d4f9eb3d4" }, + { 2, "queeg", (void *)"\x05\xDE\xC9\x59\xAC\xFF\x72\xF7", 1000, 8, + "11dedad7758d4860" }, + { 1, "queeg", (void *)"\x16\x82\xC0\xFC\x5B\x3F\x7E\xC5", 1000, 24, + "483dd6e919d7de2e8e648ba8f862f3fbfbdc2bcb2c02957f" }, + { 2, "queeg", (void *)"\x16\x82\xC0\xFC\x5B\x3F\x7E\xC5", 1000, 8, + "9d461d1b00355c50" }, + { 3, "queeg", (void *)"\x26\x32\x16\xFC\xC2\xFA\xB3\x1C", 1000, 20, + "5ec4c7a80df652294c3925b6489a7ab857c83476" } }; void doit(void) { @@ -142,25 +113,23 @@ void doit(void) x = 0; for (i = 1; i < 4; i++) { for (j = 0; j < 3; j++) { - rc = _gnutls_pkcs12_string_to_key(mac_to_entry - (GNUTLS_MAC_SHA1), i, - salt[j], - strlen((char *) - salt[j]), - j + i + 15, pw[j], - sizeof(key), key); + rc = _gnutls_pkcs12_string_to_key( + mac_to_entry(GNUTLS_MAC_SHA1), i, salt[j], + strlen((char *)salt[j]), j + i + 15, pw[j], + sizeof(key), key); if (rc < 0) - fail("_gnutls_pkcs12_string_to_key failed[0]: %d\n", rc); + fail("_gnutls_pkcs12_string_to_key failed[0]: %d\n", + rc); - if (strcmp(_gnutls_bin2hex(key, sizeof(key), - tmp, sizeof(tmp), NULL), + if (strcmp(_gnutls_bin2hex(key, sizeof(key), tmp, + sizeof(tmp), NULL), values[x]) != 0) fail("_gnutls_pkcs12_string_to_key failed[1]\n"); if (debug) printf("ij: %d.%d: %s\n", i, j, - _gnutls_bin2hex(key, sizeof(key), - tmp, sizeof(tmp), NULL)); + _gnutls_bin2hex(key, sizeof(key), tmp, + sizeof(tmp), NULL)); x++; } } @@ -176,8 +145,8 @@ void doit(void) fail("_gnutls_pkcs12_string_to_key failed[2]: %d\n", rc); - if (memcmp(_gnutls_bin2hex(key, tv[i].keylen, - tmp, sizeof(tmp), NULL), + if (memcmp(_gnutls_bin2hex(key, tv[i].keylen, tmp, sizeof(tmp), + NULL), tv[i].key, tv[i].keylen) != 0) fail("_gnutls_pkcs12_string_to_key failed[3]\n"); diff --git a/tests/pkcs12_s2k_pem.c b/tests/pkcs12_s2k_pem.c index 75ea40b41d..df4a38349f 100644 --- a/tests/pkcs12_s2k_pem.c +++ b/tests/pkcs12_s2k_pem.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* @@ -38,195 +38,195 @@ #include #include -#define X_9607 \ - "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ - "MIICojAcBgoqhkiG9w0BDAEDMA4ECL9rjpW835n6AgIIAASCAoAjs558e/tWq5ho\n" \ - "X3uYORURfasssTfqyZoSaTmEWJGbW7T+QK+ebZ8CyMVbR1ORD3rd6r7cWLsX3Ju0\n" \ - "hGncPFVpwCtwApZKnWCunj4KcsRuWdm1vAauRV2CDkykMzNlsJzAw+BPFKi2B7HL\n" \ - "xn5JymtqrGZF6zRDWW1x1WD3HYlq4FoNuSmNFu4fV0EyalIopIyNmZAY40lQ/FTM\n" \ - "LkTsnH2brIYHV1Bnzd/lXpXLli29OE/4WsPBTvhJLZGbJXp8ExwGuxfDnTFCPS9G\n" \ - "9uOjaBgerl2zjsdPNXBfn8hDNrs7MDqR9aC6rZR0yE1maEPv0YnnzDGRYZl6+j2K\n" \ - "FfWDMGET6SSimYCcZJwr0/xZAdw5e323k1xniCNVfbQhCQ09Cl6XoDI8IK23O8g+\n" \ - "R9o8gCikl98fJlpKjHaKfnscSE0hMzOjyAbYjFxWAlzjffzR5o+P6955dhREpCWy\n" \ - "kL2EOL2VmYfzGG4J62p9U88MXhCLuFOuHL/wtGzXwGnyqZyeZ5p2fYloGPEMVsX7\n" \ - "zHupLUpVZFe4kOBGI/IPWbc2iQTvzDtx9Jvxo5vWmyEwL8C7P/f9+zsIaXiM3Onz\n" \ - "F5qwQfCojesuelGPAfXJxJRLaHicva90+IyRFBSMKxgt3EdHER/R7huA//jzzQp9\n" \ - "eItmiv2UwAafeiPEDT74n6yBCTMPc++cJsMWL0SNIX4jYep55bgzbgGB8t/nQ0Ho\n" \ - "7/1KF1sAO3klAkrcTwL4pX2vLMa//W/H/AAQ2FL/Q+CAP7K5X2rlZxdkFlMuL3Dr\n" \ - "I0UqiStjznkoOeWjj6YT3jOvKGLWHPXqxTkW9Ln4fDvAoI9eq6UWHjf7gLYXxe/q\n" \ - "tTpNnYdy\n" \ - "-----END ENCRYPTED PRIVATE KEY-----\n" +#define X_9607 \ + "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ + "MIICojAcBgoqhkiG9w0BDAEDMA4ECL9rjpW835n6AgIIAASCAoAjs558e/tWq5ho\n" \ + "X3uYORURfasssTfqyZoSaTmEWJGbW7T+QK+ebZ8CyMVbR1ORD3rd6r7cWLsX3Ju0\n" \ + "hGncPFVpwCtwApZKnWCunj4KcsRuWdm1vAauRV2CDkykMzNlsJzAw+BPFKi2B7HL\n" \ + "xn5JymtqrGZF6zRDWW1x1WD3HYlq4FoNuSmNFu4fV0EyalIopIyNmZAY40lQ/FTM\n" \ + "LkTsnH2brIYHV1Bnzd/lXpXLli29OE/4WsPBTvhJLZGbJXp8ExwGuxfDnTFCPS9G\n" \ + "9uOjaBgerl2zjsdPNXBfn8hDNrs7MDqR9aC6rZR0yE1maEPv0YnnzDGRYZl6+j2K\n" \ + "FfWDMGET6SSimYCcZJwr0/xZAdw5e323k1xniCNVfbQhCQ09Cl6XoDI8IK23O8g+\n" \ + "R9o8gCikl98fJlpKjHaKfnscSE0hMzOjyAbYjFxWAlzjffzR5o+P6955dhREpCWy\n" \ + "kL2EOL2VmYfzGG4J62p9U88MXhCLuFOuHL/wtGzXwGnyqZyeZ5p2fYloGPEMVsX7\n" \ + "zHupLUpVZFe4kOBGI/IPWbc2iQTvzDtx9Jvxo5vWmyEwL8C7P/f9+zsIaXiM3Onz\n" \ + "F5qwQfCojesuelGPAfXJxJRLaHicva90+IyRFBSMKxgt3EdHER/R7huA//jzzQp9\n" \ + "eItmiv2UwAafeiPEDT74n6yBCTMPc++cJsMWL0SNIX4jYep55bgzbgGB8t/nQ0Ho\n" \ + "7/1KF1sAO3klAkrcTwL4pX2vLMa//W/H/AAQ2FL/Q+CAP7K5X2rlZxdkFlMuL3Dr\n" \ + "I0UqiStjznkoOeWjj6YT3jOvKGLWHPXqxTkW9Ln4fDvAoI9eq6UWHjf7gLYXxe/q\n" \ + "tTpNnYdy\n" \ + "-----END ENCRYPTED PRIVATE KEY-----\n" -#define X_9671 \ - "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ - "MIICojAcBgoqhkiG9w0BDAEDMA4ECA7RZbNgWxdHAgIIAASCAoAq1B5klspIe7B/\n" \ - "R1pKifO1/29OsAQn9blIbaJ9fg62ivA3QGL0uApZ6eNFz6JEZyiRITJYhgLaWwov\n" \ - "mqKT9NiQ6iiemgxWLSSdvEXVOMRZB17F9PncpEiIBpnrisdD7h9MpS63LuJdEtiK\n" \ - "jpPwFwV3orFJceurq/R3ql2aKYc9MZSzkKd71QImgHYWv+IPCctl40/PZV08yKMn\n" \ - "RCMVFb/YYUrzaWSerroyjz4Kr8V0nEyKpk4YLv7o7WPGn4x8X30z0BRCA9CBwzHY\n" \ - "JMxu1FhOGXr6nx1XeaoCOt9JV8GWb+VzkATABPzFG915ULz0ma1petQyb18QyBsl\n" \ - "K9NZETrGzDYiNxkjqILhY6IRneB97C4kCH55qhXHFk5fjiWndpQ6+BFKqlCqm6Up\n" \ - "d1EF3uuKN+vY6xQbGCgFE4FHL46nb2YaoaqhPp4dj4qnRSllgBvmZbGTd243lAbT\n" \ - "J4dh/gzRwQYdIwbvcNVi9GGSOy/fezAwwXu3ZD9BqqqoCQJajrILuovbcPThy71k\n" \ - "H5EaegQ1rB+0/sn91JUb6w4pwN/54gzZGaz2F0/2xB9u57+PIMC9R8dU7uW/xWfA\n" \ - "WN7YTzPDNfevbx/LIa6VR5gsiRqCnthSsGvWFquRatMv1JrDfFUywFU9zk9W+iA2\n" \ - "rtNpXV140+/BDfHbYYrUIaklJsNP0FRXKpPw9wPHHmbOjHfFK+o8PrtOp3HUsCJm\n" \ - "2VpQtbNl66+rPLZLsbXhuJ5eY/BpRvrj6rDFPs19OAvYyrIsuQY8IdbZyGSKsq4u\n" \ - "UBsHZgPBh718EtWFFrsTNxMlRKoh5MwUSqkLXeDduAFG4N7nhQpDHQ5/KRPrYOMK\n" \ - "ixB1lLUK\n" \ - "-----END ENCRYPTED PRIVATE KEY-----\n" +#define X_9671 \ + "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ + "MIICojAcBgoqhkiG9w0BDAEDMA4ECA7RZbNgWxdHAgIIAASCAoAq1B5klspIe7B/\n" \ + "R1pKifO1/29OsAQn9blIbaJ9fg62ivA3QGL0uApZ6eNFz6JEZyiRITJYhgLaWwov\n" \ + "mqKT9NiQ6iiemgxWLSSdvEXVOMRZB17F9PncpEiIBpnrisdD7h9MpS63LuJdEtiK\n" \ + "jpPwFwV3orFJceurq/R3ql2aKYc9MZSzkKd71QImgHYWv+IPCctl40/PZV08yKMn\n" \ + "RCMVFb/YYUrzaWSerroyjz4Kr8V0nEyKpk4YLv7o7WPGn4x8X30z0BRCA9CBwzHY\n" \ + "JMxu1FhOGXr6nx1XeaoCOt9JV8GWb+VzkATABPzFG915ULz0ma1petQyb18QyBsl\n" \ + "K9NZETrGzDYiNxkjqILhY6IRneB97C4kCH55qhXHFk5fjiWndpQ6+BFKqlCqm6Up\n" \ + "d1EF3uuKN+vY6xQbGCgFE4FHL46nb2YaoaqhPp4dj4qnRSllgBvmZbGTd243lAbT\n" \ + "J4dh/gzRwQYdIwbvcNVi9GGSOy/fezAwwXu3ZD9BqqqoCQJajrILuovbcPThy71k\n" \ + "H5EaegQ1rB+0/sn91JUb6w4pwN/54gzZGaz2F0/2xB9u57+PIMC9R8dU7uW/xWfA\n" \ + "WN7YTzPDNfevbx/LIa6VR5gsiRqCnthSsGvWFquRatMv1JrDfFUywFU9zk9W+iA2\n" \ + "rtNpXV140+/BDfHbYYrUIaklJsNP0FRXKpPw9wPHHmbOjHfFK+o8PrtOp3HUsCJm\n" \ + "2VpQtbNl66+rPLZLsbXhuJ5eY/BpRvrj6rDFPs19OAvYyrIsuQY8IdbZyGSKsq4u\n" \ + "UBsHZgPBh718EtWFFrsTNxMlRKoh5MwUSqkLXeDduAFG4N7nhQpDHQ5/KRPrYOMK\n" \ + "ixB1lLUK\n" \ + "-----END ENCRYPTED PRIVATE KEY-----\n" -#define X_9925 \ - "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ - "MIICojAcBgoqhkiG9w0BDAEDMA4ECDnNkmSKl37mAgIIAASCAoAwttidBRLnnjti\n" \ - "b5BEsc8cO2vzImhJbYCrVDjkTpmS6IYD4FsC8KFDdQJrEYIptrwXn4uDWDUu6bxB\n" \ - "pb02Pj70gZiWBDU+ki1kIbsNc67rNpJfUlIU+po3UovSmrazqcHoW2IftvZo9hDF\n" \ - "FWVjc0D2fSWeaNwS7dimWxoLy1udof6n0c8UxvfnOgfSLg3qwWzc0+iMrbkvRFX5\n" \ - "9+vDCnetQ7ythKldnC5xQxShxaNF4O26D0VXdR9VYbQLslSHAzQi2wJ7Hh1fi62J\n" \ - "VUHvRNOcwhSadwNfQEtvIWoi6LfsUadvvhFAAbeSfQpSfD4iXgfcr3U2WIvjtOcL\n" \ - "cZg9HqRhGzgEuC7FLoov1re7xq3uifw+04qu8i9/fk7hUrldZCrCSKTc6GqsiY8x\n" \ - "JGOcNUgklzy6kbgIWp9O2C5Bxp1WmfnbNSMM9Z9UFTdbEa4Kz7SYd+1a8j1OWlq1\n" \ - "93AcEpD0+fpKuEs+S1RF7RRAs/Ais0VcOmgye0TLvKkhockxl4KT0SbOTeKnmxJ3\n" \ - "RSnPcHUb62EZuhHqpoHi+zjHH56sVy3RhcYsDKIh1Xh7JPGTysflOIno7ABK8Tu7\n" \ - "IcnAOCoBVTjXC5eSSeC3irvZSILHC1tBG8r1C1aSLFmxpOTCqRUwhtbw/FSqEngl\n" \ - "5pvwTz4gquyjCPjIAWlCscAbeqpBxNsmnJ0AGlaesd9/uxrWUScTnAIc+NUB9o8w\n" \ - "i+zXbOqhbKxWGfrQAo+qZtAchQ6EGxXuIxnSRlAEZtsrJt6/FXJaOIb5MvcXA/sQ\n" \ - "O2p1r9W2OZM8Jco2ftALygUFPDiIuELaiTQ8HE1heUZWy+M9gXV6wCGhIVtRYyCg\n" \ - "SSQ62gp7\n" \ - "-----END ENCRYPTED PRIVATE KEY-----\n" +#define X_9925 \ + "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ + "MIICojAcBgoqhkiG9w0BDAEDMA4ECDnNkmSKl37mAgIIAASCAoAwttidBRLnnjti\n" \ + "b5BEsc8cO2vzImhJbYCrVDjkTpmS6IYD4FsC8KFDdQJrEYIptrwXn4uDWDUu6bxB\n" \ + "pb02Pj70gZiWBDU+ki1kIbsNc67rNpJfUlIU+po3UovSmrazqcHoW2IftvZo9hDF\n" \ + "FWVjc0D2fSWeaNwS7dimWxoLy1udof6n0c8UxvfnOgfSLg3qwWzc0+iMrbkvRFX5\n" \ + "9+vDCnetQ7ythKldnC5xQxShxaNF4O26D0VXdR9VYbQLslSHAzQi2wJ7Hh1fi62J\n" \ + "VUHvRNOcwhSadwNfQEtvIWoi6LfsUadvvhFAAbeSfQpSfD4iXgfcr3U2WIvjtOcL\n" \ + "cZg9HqRhGzgEuC7FLoov1re7xq3uifw+04qu8i9/fk7hUrldZCrCSKTc6GqsiY8x\n" \ + "JGOcNUgklzy6kbgIWp9O2C5Bxp1WmfnbNSMM9Z9UFTdbEa4Kz7SYd+1a8j1OWlq1\n" \ + "93AcEpD0+fpKuEs+S1RF7RRAs/Ais0VcOmgye0TLvKkhockxl4KT0SbOTeKnmxJ3\n" \ + "RSnPcHUb62EZuhHqpoHi+zjHH56sVy3RhcYsDKIh1Xh7JPGTysflOIno7ABK8Tu7\n" \ + "IcnAOCoBVTjXC5eSSeC3irvZSILHC1tBG8r1C1aSLFmxpOTCqRUwhtbw/FSqEngl\n" \ + "5pvwTz4gquyjCPjIAWlCscAbeqpBxNsmnJ0AGlaesd9/uxrWUScTnAIc+NUB9o8w\n" \ + "i+zXbOqhbKxWGfrQAo+qZtAchQ6EGxXuIxnSRlAEZtsrJt6/FXJaOIb5MvcXA/sQ\n" \ + "O2p1r9W2OZM8Jco2ftALygUFPDiIuELaiTQ8HE1heUZWy+M9gXV6wCGhIVtRYyCg\n" \ + "SSQ62gp7\n" \ + "-----END ENCRYPTED PRIVATE KEY-----\n" -#define X_9926 \ - "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ - "MIICojAcBgoqhkiG9w0BDAEDMA4ECE8YpbN3dz05AgIIAASCAoC1wuyUEZs/FSTB\n" \ - "llt567hf1L+wiQ24L49ZvLutwb0nkilLHNXUo95mpLfzjnr7ZBbsIPV0RTdxjIKX\n" \ - "IdRD9SzMxeMUJ82obmgE2tTeOi7PqONX838Lmj3ocUR+aFBFTR1V7G2gMpQEapPX\n" \ - "gjv3kgwG5DCSj15NG8ybT4ZHWURyc/57dn0JWXc9/XUbm/+lvwwsuu9YvQ5Z76jE\n" \ - "ufiS8OCHNo1nPMCsUIw6herr2OfC5pj2H1/6bC7L/NPZJ7OM/IQoQOcNxiwx8rBS\n" \ - "zChy7dvPbJYmd5N+066mZiyFGxQwjPziXmqJztnB34P0Yp9dsiE1M+fo//f+QkFW\n" \ - "3HDMJmb+becnUAjiWuQCT/YqNjC4iHn35Jb2COPsV5KPsSaQ+6IaN4vWx7ifvHGD\n" \ - "KzkFcKQ1Be1EiOnUGBqhW4r7ASFKMtqGlTRBoc8PVMdFIpadejGW31Csz5gussa2\n" \ - "OcOLO8kULsT9QsuWyayG4SuTweClCaJ/nGJ/nDnocVPbucqRQBFn9ZRQ0VSLhDLe\n" \ - "B3HYRx3sJ9U+Xay9cgR09hMQ2ZaR/NxYlRshKEt+iiYOS42eMyMXVKfBwQwxl9Lf\n" \ - "ESBz7GF2nOT5VSSgJlAf3nbfhUABgq2zzoybKlFVpnq49Z79rB4b+lkP8jIhV5GA\n" \ - "/aUXssvs68FsqbG+T1nBnFWkJL49XENOrwDApzGllVbtaruoIe9t+qBF6rXVSjWQ\n" \ - "ZATZaSD3gOaM4Oyv+lso4GuONXkaXQRdpBmPLChdLMkcopQOQZtlKU2+rzi4Nm4X\n" \ - "lAAsR4sXmIGYJ3EgQrTDE+igMNr8o2qHIh81zqP7nWtkfTEfFqud6zoGK5aiZ4ma\n" \ - "0StcnRpp\n" \ - "-----END ENCRYPTED PRIVATE KEY-----\n" +#define X_9926 \ + "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ + "MIICojAcBgoqhkiG9w0BDAEDMA4ECE8YpbN3dz05AgIIAASCAoC1wuyUEZs/FSTB\n" \ + "llt567hf1L+wiQ24L49ZvLutwb0nkilLHNXUo95mpLfzjnr7ZBbsIPV0RTdxjIKX\n" \ + "IdRD9SzMxeMUJ82obmgE2tTeOi7PqONX838Lmj3ocUR+aFBFTR1V7G2gMpQEapPX\n" \ + "gjv3kgwG5DCSj15NG8ybT4ZHWURyc/57dn0JWXc9/XUbm/+lvwwsuu9YvQ5Z76jE\n" \ + "ufiS8OCHNo1nPMCsUIw6herr2OfC5pj2H1/6bC7L/NPZJ7OM/IQoQOcNxiwx8rBS\n" \ + "zChy7dvPbJYmd5N+066mZiyFGxQwjPziXmqJztnB34P0Yp9dsiE1M+fo//f+QkFW\n" \ + "3HDMJmb+becnUAjiWuQCT/YqNjC4iHn35Jb2COPsV5KPsSaQ+6IaN4vWx7ifvHGD\n" \ + "KzkFcKQ1Be1EiOnUGBqhW4r7ASFKMtqGlTRBoc8PVMdFIpadejGW31Csz5gussa2\n" \ + "OcOLO8kULsT9QsuWyayG4SuTweClCaJ/nGJ/nDnocVPbucqRQBFn9ZRQ0VSLhDLe\n" \ + "B3HYRx3sJ9U+Xay9cgR09hMQ2ZaR/NxYlRshKEt+iiYOS42eMyMXVKfBwQwxl9Lf\n" \ + "ESBz7GF2nOT5VSSgJlAf3nbfhUABgq2zzoybKlFVpnq49Z79rB4b+lkP8jIhV5GA\n" \ + "/aUXssvs68FsqbG+T1nBnFWkJL49XENOrwDApzGllVbtaruoIe9t+qBF6rXVSjWQ\n" \ + "ZATZaSD3gOaM4Oyv+lso4GuONXkaXQRdpBmPLChdLMkcopQOQZtlKU2+rzi4Nm4X\n" \ + "lAAsR4sXmIGYJ3EgQrTDE+igMNr8o2qHIh81zqP7nWtkfTEfFqud6zoGK5aiZ4ma\n" \ + "0StcnRpp\n" \ + "-----END ENCRYPTED PRIVATE KEY-----\n" -#define X_9927 \ - "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ - "MIICojAcBgoqhkiG9w0BDAEDMA4ECC6HV5s66uQrAgIIAASCAoAgQMR7E4EoMQSq\n" \ - "kFslHKebFtjtrCqEPW5lADxpJg8+FNOT6GCCnu8yslrmMa4l/MIs8jfkoKhP9O8W\n" \ - "IjQpwG5IGr0ZyfxYPZFTatrQ7+MvtMoQMBTxVt20oW4kT3tTF4KDf0BUsB9JCoET\n" \ - "DehlFSPTjDJav8fGbdEMhfbY6+6iBodnW7a3Ibil+7CQGeRIGDO7mEu5rBbI1fJb\n" \ - "tGEHkCd6Gvv20r/EIi6Fol9Fwc5eKxgFioIuZo3Tmqrr/9g09sv+qwkzoNFmpqby\n" \ - "AqCbgOOsckc3AXm4xZ7AX7zNSFXbfhiX1EyVvhwfJ6jiqHr32K8o5I4Cb/lzpB+q\n" \ - "WPMU/rF5bsTj0+/eySx8zkIUF/Jst9E+XtzlTFtMVzNpFYfzg3E+0qnT8KJtZJGr\n" \ - "Azz9aCNidjkjRVHUubrZ5qbjrv1eAYnFkgyw+UTyIJBeec6CRH5zob22ZMb5jKFz\n" \ - "d9reY1LZ38cQIoKThPdv9vKRVEd1I7T5MKv656+QegfqA7Kefwa0uK+TvvqBLTd1\n" \ - "mxgtkDvrID3PLZK9tVsOLMJcY1PFCNHB6T2EghMVEmMnROVLCqIN+MeraLhHemUe\n" \ - "rf6HFlOcYPV+5V8gI/DM2Fw/V+YgCzv380Z6HouZ4K1nwvEf53renettQmKxK/Fd\n" \ - "X74KqRSs6FtANdVUziGkrvNfssRjjLHxD08VfLAcpijRfNslxDIXQIASWqn3TPFY\n" \ - "uDs32vonOVrj2Zy8fIBRmENmGe5b/jnp055NLo6MWCFR3hmmeFBuXk6o1K6io3Le\n" \ - "oaeWr7BJFIxXZZ8zNUlBLGZinY50oM09DFOpiAUTQtkm8NuAThLcqmWvbw8LWmL4\n" \ - "ed6Pdtej\n" \ - "-----END ENCRYPTED PRIVATE KEY-----\n" +#define X_9927 \ + "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ + "MIICojAcBgoqhkiG9w0BDAEDMA4ECC6HV5s66uQrAgIIAASCAoAgQMR7E4EoMQSq\n" \ + "kFslHKebFtjtrCqEPW5lADxpJg8+FNOT6GCCnu8yslrmMa4l/MIs8jfkoKhP9O8W\n" \ + "IjQpwG5IGr0ZyfxYPZFTatrQ7+MvtMoQMBTxVt20oW4kT3tTF4KDf0BUsB9JCoET\n" \ + "DehlFSPTjDJav8fGbdEMhfbY6+6iBodnW7a3Ibil+7CQGeRIGDO7mEu5rBbI1fJb\n" \ + "tGEHkCd6Gvv20r/EIi6Fol9Fwc5eKxgFioIuZo3Tmqrr/9g09sv+qwkzoNFmpqby\n" \ + "AqCbgOOsckc3AXm4xZ7AX7zNSFXbfhiX1EyVvhwfJ6jiqHr32K8o5I4Cb/lzpB+q\n" \ + "WPMU/rF5bsTj0+/eySx8zkIUF/Jst9E+XtzlTFtMVzNpFYfzg3E+0qnT8KJtZJGr\n" \ + "Azz9aCNidjkjRVHUubrZ5qbjrv1eAYnFkgyw+UTyIJBeec6CRH5zob22ZMb5jKFz\n" \ + "d9reY1LZ38cQIoKThPdv9vKRVEd1I7T5MKv656+QegfqA7Kefwa0uK+TvvqBLTd1\n" \ + "mxgtkDvrID3PLZK9tVsOLMJcY1PFCNHB6T2EghMVEmMnROVLCqIN+MeraLhHemUe\n" \ + "rf6HFlOcYPV+5V8gI/DM2Fw/V+YgCzv380Z6HouZ4K1nwvEf53renettQmKxK/Fd\n" \ + "X74KqRSs6FtANdVUziGkrvNfssRjjLHxD08VfLAcpijRfNslxDIXQIASWqn3TPFY\n" \ + "uDs32vonOVrj2Zy8fIBRmENmGe5b/jnp055NLo6MWCFR3hmmeFBuXk6o1K6io3Le\n" \ + "oaeWr7BJFIxXZZ8zNUlBLGZinY50oM09DFOpiAUTQtkm8NuAThLcqmWvbw8LWmL4\n" \ + "ed6Pdtej\n" \ + "-----END ENCRYPTED PRIVATE KEY-----\n" -#define X_9928 \ - "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ - "MIICojAcBgoqhkiG9w0BDAEDMA4ECC1OO648bIPcAgIIAASCAoDiQoIuNdleFu2V\n" \ - "I8MUwZ6I0Om2+2yHSrk7Jxd0mbIYnT832dVsWg53SkcBYggnN1bByej0qtf2pdBx\n" \ - "EKsOjU9T6XmOZyFjJKX6MK6syqFYI4Y67OzdiDS8FVMCYX8NhhsYlE1aqvBjvnjq\n" \ - "tgpR0pJg8uJ3FmUu1N/6ayjGtI9JbZFt+BkqbZxIfdaZhlXx1vgU2MtuxDultlJu\n" \ - "rjvzcCGG0z0GcVEmXUwVccvLqwnL6UnYkVAmhCzj4UvxYsMt6Dp8FPSQi54jmZKx\n" \ - "4LAOGGGZcKoOTJYCrUkW2RAV/GzbhT1kOJR2/Pw21Yw/WkVKyNE8LHghu6xr3pXy\n" \ - "MPmCn0fE751Vjefb6NOYIjvmMexaZVzBCZ6kuxEQBlGDi15lohnpZLcFilS7l5IY\n" \ - "nWZJ9qPX19O0RG9NgQ4xpxoPBdrxqP5HuieKgvAZ7RXDXeKlW/4z/Fo2dBjPc0YJ\n" \ - "Y5QPOK+i2Zux9VtMbxkXBeO7KsiosNQthFP+HitlIs72MHUsBZucEnZ9ny0S+blG\n" \ - "gKYK9xuuAPGscqaI6fcicFOc0ZmphMn5YP6D0nN9esqo44s9JX7SyLRPuHW+dH0/\n" \ - "Bdg9LikS8ROBs3Yuy9ksGHMbMsguum3mOwiY8f2NXQwVs3b7VfkIDMbYAjMGcriE\n" \ - "CsW1Z4EzQP2qCFVJYz6S3xSsKtgg3QeWKCtvGRJDbzCnaQGCrrHzyBlGZzr5NJkr\n" \ - "4x7MxbWppvVTMySJ+Y3V2DR+Q1nW5P7qzWaY9tE9d8unCym5C/S2CE/39jQ9zMmL\n" \ - "56qvh2swSrCEKInhQyqV+4msSYVElrQY0DGbg/N6TsKvN37zCqKKBIxhyb/5b2Kv\n" \ - "QvN7D2Ch\n" \ - "-----END ENCRYPTED PRIVATE KEY-----\n" +#define X_9928 \ + "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ + "MIICojAcBgoqhkiG9w0BDAEDMA4ECC1OO648bIPcAgIIAASCAoDiQoIuNdleFu2V\n" \ + "I8MUwZ6I0Om2+2yHSrk7Jxd0mbIYnT832dVsWg53SkcBYggnN1bByej0qtf2pdBx\n" \ + "EKsOjU9T6XmOZyFjJKX6MK6syqFYI4Y67OzdiDS8FVMCYX8NhhsYlE1aqvBjvnjq\n" \ + "tgpR0pJg8uJ3FmUu1N/6ayjGtI9JbZFt+BkqbZxIfdaZhlXx1vgU2MtuxDultlJu\n" \ + "rjvzcCGG0z0GcVEmXUwVccvLqwnL6UnYkVAmhCzj4UvxYsMt6Dp8FPSQi54jmZKx\n" \ + "4LAOGGGZcKoOTJYCrUkW2RAV/GzbhT1kOJR2/Pw21Yw/WkVKyNE8LHghu6xr3pXy\n" \ + "MPmCn0fE751Vjefb6NOYIjvmMexaZVzBCZ6kuxEQBlGDi15lohnpZLcFilS7l5IY\n" \ + "nWZJ9qPX19O0RG9NgQ4xpxoPBdrxqP5HuieKgvAZ7RXDXeKlW/4z/Fo2dBjPc0YJ\n" \ + "Y5QPOK+i2Zux9VtMbxkXBeO7KsiosNQthFP+HitlIs72MHUsBZucEnZ9ny0S+blG\n" \ + "gKYK9xuuAPGscqaI6fcicFOc0ZmphMn5YP6D0nN9esqo44s9JX7SyLRPuHW+dH0/\n" \ + "Bdg9LikS8ROBs3Yuy9ksGHMbMsguum3mOwiY8f2NXQwVs3b7VfkIDMbYAjMGcriE\n" \ + "CsW1Z4EzQP2qCFVJYz6S3xSsKtgg3QeWKCtvGRJDbzCnaQGCrrHzyBlGZzr5NJkr\n" \ + "4x7MxbWppvVTMySJ+Y3V2DR+Q1nW5P7qzWaY9tE9d8unCym5C/S2CE/39jQ9zMmL\n" \ + "56qvh2swSrCEKInhQyqV+4msSYVElrQY0DGbg/N6TsKvN37zCqKKBIxhyb/5b2Kv\n" \ + "QvN7D2Ch\n" \ + "-----END ENCRYPTED PRIVATE KEY-----\n" -#define X_9929 \ - "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ - "MIICojAcBgoqhkiG9w0BDAEDMA4ECAPza28YOfuMAgIIAASCAoBg+t7v3fo4gOZX\n" \ - "+/IY3xln+5pVj6LKXXgHWydK25TLD3oxlrecVKmnWWZuQIcPVosItr+KfwRMfkY5\n" \ - "BKUQZyu02ZO/u9cXe3XsmZLpiWAXVCaRfHhXkZ24PxQGIVikDc8KyHEAhX/P+e9m\n" \ - "jJEneTP+hdQvZmJGKKqOG95HkqlnH5KJhM8W7BjDgPBeCjaBcc9AzCWX+WdY4Nbn\n" \ - "LONjhe0nXPuVArLayru67q62LUf/NZOM6j7gbYe0ki94rXddabpOIGBhf9qP1pWc\n" \ - "m5RBntEOtlbuosUYhlOpse91SBM2nHnOzM1fIxX6J9p/AlctvtB+Zoqx4OEwbRxT\n" \ - "hNpCUo+3rwmAAOz6CntGHpmfFKrzc0r37aoSjnlQJKTxDRJHN43+eqbdtNpaQfDH\n" \ - "0pS4o84oO3/CgnJ45Bx3HJXNlg3YvKhHWav8wtHX085URoc8h/OJ3PiKBi7+5AYR\n" \ - "CLAaJjtTC0ReaOXjyGfhzzuux7UDl+MW0D69vaz2t7HSR2tQ4tYnA4fciqirSKdL\n" \ - "wFgewXRNxNkQKo149YfE2weMGXW/DYGRXl8RMUwGsur10nesfUBZfLPYW014rDm+\n" \ - "QjGa2bcYJMUnAtUz1ctaQNV8T4HM3SwXABSbuczDGM4FpFCd51tjJDh8vxdmZpGJ\n" \ - "KEhWsvXcrlzBpVyW5CX/TixVYzautBdOM2cN+yniLjHAkHBWCF39LoAQatbHNFSq\n" \ - "FpADIpMiGFyGMxf029s2JgdNvkgR2aUL0ed2hGP9kKyLio+RNF5HD7mbbBM4d06P\n" \ - "t79aRgHvQAOeHJPfz9LleOoRUpg1gb8jmLDtKkWe+JGtsEDCPeb0HTvlL4ttGrZ4\n" \ - "LoIPCVbz\n" \ - "-----END ENCRYPTED PRIVATE KEY-----\n" +#define X_9929 \ + "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ + "MIICojAcBgoqhkiG9w0BDAEDMA4ECAPza28YOfuMAgIIAASCAoBg+t7v3fo4gOZX\n" \ + "+/IY3xln+5pVj6LKXXgHWydK25TLD3oxlrecVKmnWWZuQIcPVosItr+KfwRMfkY5\n" \ + "BKUQZyu02ZO/u9cXe3XsmZLpiWAXVCaRfHhXkZ24PxQGIVikDc8KyHEAhX/P+e9m\n" \ + "jJEneTP+hdQvZmJGKKqOG95HkqlnH5KJhM8W7BjDgPBeCjaBcc9AzCWX+WdY4Nbn\n" \ + "LONjhe0nXPuVArLayru67q62LUf/NZOM6j7gbYe0ki94rXddabpOIGBhf9qP1pWc\n" \ + "m5RBntEOtlbuosUYhlOpse91SBM2nHnOzM1fIxX6J9p/AlctvtB+Zoqx4OEwbRxT\n" \ + "hNpCUo+3rwmAAOz6CntGHpmfFKrzc0r37aoSjnlQJKTxDRJHN43+eqbdtNpaQfDH\n" \ + "0pS4o84oO3/CgnJ45Bx3HJXNlg3YvKhHWav8wtHX085URoc8h/OJ3PiKBi7+5AYR\n" \ + "CLAaJjtTC0ReaOXjyGfhzzuux7UDl+MW0D69vaz2t7HSR2tQ4tYnA4fciqirSKdL\n" \ + "wFgewXRNxNkQKo149YfE2weMGXW/DYGRXl8RMUwGsur10nesfUBZfLPYW014rDm+\n" \ + "QjGa2bcYJMUnAtUz1ctaQNV8T4HM3SwXABSbuczDGM4FpFCd51tjJDh8vxdmZpGJ\n" \ + "KEhWsvXcrlzBpVyW5CX/TixVYzautBdOM2cN+yniLjHAkHBWCF39LoAQatbHNFSq\n" \ + "FpADIpMiGFyGMxf029s2JgdNvkgR2aUL0ed2hGP9kKyLio+RNF5HD7mbbBM4d06P\n" \ + "t79aRgHvQAOeHJPfz9LleOoRUpg1gb8jmLDtKkWe+JGtsEDCPeb0HTvlL4ttGrZ4\n" \ + "LoIPCVbz\n" \ + "-----END ENCRYPTED PRIVATE KEY-----\n" -#define X_9930 \ - "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ - "MIICojAcBgoqhkiG9w0BDAEDMA4ECM70GUHLNxJ7AgIIAASCAoBSzIR/pzL/Kz0k\n" \ - "QYJburqvHquGAa/xevMdelJdqAKPfqMuaOOhbZUkpp1Yf/jswyrzImgOnkb2stO8\n" \ - "hsa3gTZLk3j1LA5JXb89Pm+dqv1gXWJco7dnq8JJEhTt7Mr6rm/P1uV9UBXlgv+E\n" \ - "2F+b8GBDikMw38zqRGtg3GPjFaZKcL7tqwRm390t57cWSbqLLaNmRIxcf5TARHEs\n" \ - "TZEU+BHF2JoFE7rXPdUJAJwsw35C5JS4DXwEUBVoEeI3jXl3yDOqu20uekbrndL5\n" \ - "seACup8mQp5nHUBNk6RMg7/8/hqeRU9IFyCstvFqjtvbPvJLEML8jSyd+XoZU1tm\n" \ - "VpnU7KcN3bSN/BK4QzChGr5sD/2rteceBIJjDsHR7FjHJQIKlTxMok3taM84knnw\n" \ - "QcO0T0vbsmUqbs1MltGcUgm3p6Jp/NyeHZGfDqu4TEZcHE+mrNVVReRHL3O55UpC\n" \ - "AyZeJDu9nQKe62Y6oGcOUOuZkoodfh9M1V44f9guOv5b+2VIFgUIZTOVHLkmb3Nx\n" \ - "r6rUn2++N02II7zkvR1aHILZw/JnqHQC5bpK6qlTNUN3kNy5DHg4iAHGuKUxksK0\n" \ - "qziPL/VYfos0/81O4mNI3yo3D2WA6usgy+MZyDY0u4uAbcz4irE1ACHj3cgBHx2j\n" \ - "RemyLdgPX+kPXr5wKHKk4U93nIgZXbshuuG5CrwtJqXslx6dG6FYChaUJsc/kCga\n" \ - "JFkHnOZk3tMxxyVBaBKUnyFxbxFBORgYGGAEKJ4RYT0ge8sSkVo4NNsNjLw74+d6\n" \ - "zlt7NLEhDn+IuaocYejf4Do5W+jIfkpZXF/w6DRHyJ3l2CHV/c9AN/lltTQYIg4Y\n" \ - "twhxefdG\n" \ - "-----END ENCRYPTED PRIVATE KEY-----\n" +#define X_9930 \ + "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ + "MIICojAcBgoqhkiG9w0BDAEDMA4ECM70GUHLNxJ7AgIIAASCAoBSzIR/pzL/Kz0k\n" \ + "QYJburqvHquGAa/xevMdelJdqAKPfqMuaOOhbZUkpp1Yf/jswyrzImgOnkb2stO8\n" \ + "hsa3gTZLk3j1LA5JXb89Pm+dqv1gXWJco7dnq8JJEhTt7Mr6rm/P1uV9UBXlgv+E\n" \ + "2F+b8GBDikMw38zqRGtg3GPjFaZKcL7tqwRm390t57cWSbqLLaNmRIxcf5TARHEs\n" \ + "TZEU+BHF2JoFE7rXPdUJAJwsw35C5JS4DXwEUBVoEeI3jXl3yDOqu20uekbrndL5\n" \ + "seACup8mQp5nHUBNk6RMg7/8/hqeRU9IFyCstvFqjtvbPvJLEML8jSyd+XoZU1tm\n" \ + "VpnU7KcN3bSN/BK4QzChGr5sD/2rteceBIJjDsHR7FjHJQIKlTxMok3taM84knnw\n" \ + "QcO0T0vbsmUqbs1MltGcUgm3p6Jp/NyeHZGfDqu4TEZcHE+mrNVVReRHL3O55UpC\n" \ + "AyZeJDu9nQKe62Y6oGcOUOuZkoodfh9M1V44f9guOv5b+2VIFgUIZTOVHLkmb3Nx\n" \ + "r6rUn2++N02II7zkvR1aHILZw/JnqHQC5bpK6qlTNUN3kNy5DHg4iAHGuKUxksK0\n" \ + "qziPL/VYfos0/81O4mNI3yo3D2WA6usgy+MZyDY0u4uAbcz4irE1ACHj3cgBHx2j\n" \ + "RemyLdgPX+kPXr5wKHKk4U93nIgZXbshuuG5CrwtJqXslx6dG6FYChaUJsc/kCga\n" \ + "JFkHnOZk3tMxxyVBaBKUnyFxbxFBORgYGGAEKJ4RYT0ge8sSkVo4NNsNjLw74+d6\n" \ + "zlt7NLEhDn+IuaocYejf4Do5W+jIfkpZXF/w6DRHyJ3l2CHV/c9AN/lltTQYIg4Y\n" \ + "twhxefdG\n" \ + "-----END ENCRYPTED PRIVATE KEY-----\n" -#define X_9931 \ - "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ - "MIICojAcBgoqhkiG9w0BDAEDMA4ECO6DyRswVDToAgIIAASCAoB3xqmr0evfZnxk\n" \ - "Gq/DsbmwGVpO1BQnv+50u8+roflrmHp+TdX/gkPdXDQCqqpK/2J/oaGMCtKEiO8R\n" \ - "/pxSKcCX3+7leF01FF4z3rEcTVRej0mR6IAzk5QZR4Y0jXzay7Quj2zFJQTASdRy\n" \ - "6o9HQt5YuDyMFY30yjungmg6sYLBLZ2XypCJYH3eUQx9BjwsbGqVnXRQ6oezL5tD\n" \ - "K+tRH41OK2pzFqhnpRvbfPtNDmUnMLUnahGBubRzNQgHE0iNGIYpOawpVabj15H2\n" \ - "4lQ9KBREaqLqiV/VMPFYcRd8tBjE2pRs3yhJ9bjl73gdh6qVvcXIqBBQcRtNbpQ/\n" \ - "WKFzVz5dMCEzS+LhMT2m0GtTYqn8IqRuDgF7P8+347k4wKvrA2XgwP0bvh+IBb4e\n" \ - "nMQuJaKsnMZZPgAPqfIqWsn3cw27iEb5ros+My4KMlMbKBvH2HTXx5YkYJfbRLJ1\n" \ - "oe0mUxshTSOJeOjsfkStsP7QCSIvVb76t2Jo6HKIXEylXFAzj39lea6aysx6KX4c\n" \ - "aC/9XDlhqs0GGcJE3ILbiePTWWiASWjS08ggQasMZsT4VYUaIl3ti1N1cK9xwkaD\n" \ - "BE12JvWEtPd7MtGouPGijXycAtNgPw17vWg/3O11vTKDAHse90dOOpqYpXFN9Cfi\n" \ - "wa72WOkxFEZDuzV/dmjXX1WN82MoXs7pkHLvTgCmdydQ0ZJABYZj1+ZnF5eR6zLo\n" \ - "LAJnV3gOY0DGLORuoifEWMRlzDyYQOBN9smK9xKDtA6CHUuB9jRHKBevQrFy4+Ed\n" \ - "trCmsp9qXPzGvmJOA1YEgnZZPvXjAB7TCv2VrftKgebzbQE2mOoF1YcT1PIB7dFL\n" \ - "AopQ9gdD\n" \ - "-----END ENCRYPTED PRIVATE KEY-----\n" +#define X_9931 \ + "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ + "MIICojAcBgoqhkiG9w0BDAEDMA4ECO6DyRswVDToAgIIAASCAoB3xqmr0evfZnxk\n" \ + "Gq/DsbmwGVpO1BQnv+50u8+roflrmHp+TdX/gkPdXDQCqqpK/2J/oaGMCtKEiO8R\n" \ + "/pxSKcCX3+7leF01FF4z3rEcTVRej0mR6IAzk5QZR4Y0jXzay7Quj2zFJQTASdRy\n" \ + "6o9HQt5YuDyMFY30yjungmg6sYLBLZ2XypCJYH3eUQx9BjwsbGqVnXRQ6oezL5tD\n" \ + "K+tRH41OK2pzFqhnpRvbfPtNDmUnMLUnahGBubRzNQgHE0iNGIYpOawpVabj15H2\n" \ + "4lQ9KBREaqLqiV/VMPFYcRd8tBjE2pRs3yhJ9bjl73gdh6qVvcXIqBBQcRtNbpQ/\n" \ + "WKFzVz5dMCEzS+LhMT2m0GtTYqn8IqRuDgF7P8+347k4wKvrA2XgwP0bvh+IBb4e\n" \ + "nMQuJaKsnMZZPgAPqfIqWsn3cw27iEb5ros+My4KMlMbKBvH2HTXx5YkYJfbRLJ1\n" \ + "oe0mUxshTSOJeOjsfkStsP7QCSIvVb76t2Jo6HKIXEylXFAzj39lea6aysx6KX4c\n" \ + "aC/9XDlhqs0GGcJE3ILbiePTWWiASWjS08ggQasMZsT4VYUaIl3ti1N1cK9xwkaD\n" \ + "BE12JvWEtPd7MtGouPGijXycAtNgPw17vWg/3O11vTKDAHse90dOOpqYpXFN9Cfi\n" \ + "wa72WOkxFEZDuzV/dmjXX1WN82MoXs7pkHLvTgCmdydQ0ZJABYZj1+ZnF5eR6zLo\n" \ + "LAJnV3gOY0DGLORuoifEWMRlzDyYQOBN9smK9xKDtA6CHUuB9jRHKBevQrFy4+Ed\n" \ + "trCmsp9qXPzGvmJOA1YEgnZZPvXjAB7TCv2VrftKgebzbQE2mOoF1YcT1PIB7dFL\n" \ + "AopQ9gdD\n" \ + "-----END ENCRYPTED PRIVATE KEY-----\n" -#define X_9932 \ - "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ - "MIICojAcBgoqhkiG9w0BDAEDMA4ECEKkETmhIXPkAgIIAASCAoBzNPQiMSQC6RSk\n" \ - "5Lk5cAbP1r//rE3IA0MNVy2ZwM4UZAQYHCxHkMpParGXwKt3/me064RXRwKOg9UT\n" \ - "nGx5/2A/AI2061A5M0KPVFE41IWQWoVGaiCaAzUDSF2Y+SL9yuLVqEES0gDQgUv5\n" \ - "uVnGyrbSo7sT8MSdvBuzdgmVluiaEVQhfwWJ9f8Q+ebQ1WVkeftzCe9yp1PLj8Yl\n" \ - "VCQ6X5qXqsApJ34Y62wXGqNbEvBkRyKbSqfqMI837tAVdMCdbsEE7wavzxGW6F9h\n" \ - "+igbPZO1NSzY0FZX1eQYqKZxfbkQmyDPLFT2S7BVv2wmihnC/SeZTcOoM+QoWG9j\n" \ - "XNLr1oqbeNxOnELmOXSrOekzbI7GhUcphYEIOBG/4B7ZP3cZ6TEw1EygXUan09XZ\n" \ - "Uz/CFbBTfX1uXHkMSzWwowXpx12vjH78KrRn69WBMGn/YjUheDLjwCDhJQK2CRDH\n" \ - "LbNBvZ7ezy1qHX90jrIdQnQzAoynu1OCfbd+84U2VifAszTcRvPMdiLlJh9MeyFY\n" \ - "8xDmmeNYGTVuDvAuzTlqbGablgQJu80VZ8CgQSW/0x7+oPozichza9tOd19aMDJ4\n" \ - "f8REy/9DAn1jRq/Cy/JFQoTpq3NtcWf9+NPHCwOMjaL63m6fIPXw6s9hnq8WMVIS\n" \ - "mtf5Jkvf402+8jhw1IqTVJasOMTRn62KsRt9a4JcWtorECA42wZGXjge3K9HYk4T\n" \ - "IVXq39VmeRP/9WveDwjkIThMl+0v5fl6Baaz/krXOIRfL6LV3RpkqPF4j/wneXgZ\n" \ - "7cMySs/FL96y6A+yJv281IQadYCqj7nPy92IYESQIcYjA8nd8hvsOxpnaMjXZjui\n" \ - "UWl07o3w\n" \ - "-----END ENCRYPTED PRIVATE KEY-----\n" +#define X_9932 \ + "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ + "MIICojAcBgoqhkiG9w0BDAEDMA4ECEKkETmhIXPkAgIIAASCAoBzNPQiMSQC6RSk\n" \ + "5Lk5cAbP1r//rE3IA0MNVy2ZwM4UZAQYHCxHkMpParGXwKt3/me064RXRwKOg9UT\n" \ + "nGx5/2A/AI2061A5M0KPVFE41IWQWoVGaiCaAzUDSF2Y+SL9yuLVqEES0gDQgUv5\n" \ + "uVnGyrbSo7sT8MSdvBuzdgmVluiaEVQhfwWJ9f8Q+ebQ1WVkeftzCe9yp1PLj8Yl\n" \ + "VCQ6X5qXqsApJ34Y62wXGqNbEvBkRyKbSqfqMI837tAVdMCdbsEE7wavzxGW6F9h\n" \ + "+igbPZO1NSzY0FZX1eQYqKZxfbkQmyDPLFT2S7BVv2wmihnC/SeZTcOoM+QoWG9j\n" \ + "XNLr1oqbeNxOnELmOXSrOekzbI7GhUcphYEIOBG/4B7ZP3cZ6TEw1EygXUan09XZ\n" \ + "Uz/CFbBTfX1uXHkMSzWwowXpx12vjH78KrRn69WBMGn/YjUheDLjwCDhJQK2CRDH\n" \ + "LbNBvZ7ezy1qHX90jrIdQnQzAoynu1OCfbd+84U2VifAszTcRvPMdiLlJh9MeyFY\n" \ + "8xDmmeNYGTVuDvAuzTlqbGablgQJu80VZ8CgQSW/0x7+oPozichza9tOd19aMDJ4\n" \ + "f8REy/9DAn1jRq/Cy/JFQoTpq3NtcWf9+NPHCwOMjaL63m6fIPXw6s9hnq8WMVIS\n" \ + "mtf5Jkvf402+8jhw1IqTVJasOMTRn62KsRt9a4JcWtorECA42wZGXjge3K9HYk4T\n" \ + "IVXq39VmeRP/9WveDwjkIThMl+0v5fl6Baaz/krXOIRfL6LV3RpkqPF4j/wneXgZ\n" \ + "7cMySs/FL96y6A+yJv281IQadYCqj7nPy92IYESQIcYjA8nd8hvsOxpnaMjXZjui\n" \ + "UWl07o3w\n" \ + "-----END ENCRYPTED PRIVATE KEY-----\n" static struct { const char *name; @@ -234,31 +234,11 @@ static struct { const char *pkcs12key; int expected_result; } keys[] = { - { - "x_9607", "123456", X_9607, 0}, { - "x_9671", "123456", X_9671, 0}, { - "x_9925", - "123456", - X_9925, - 0}, { - "x_9926", - "123456", - X_9926, - 0}, - { - "x_9927", "123456", X_9927, 0}, { - "x_9928", "123456", X_9928, 0}, { - "x_9929", - "123456", - X_9929, - 0}, { - "x_9930", - "123456", - X_9930, - 0}, - { - "x_9931", "123456", X_9931, 0}, { - "x_9932", "123456", X_9932, 0} + { "x_9607", "123456", X_9607, 0 }, { "x_9671", "123456", X_9671, 0 }, + { "x_9925", "123456", X_9925, 0 }, { "x_9926", "123456", X_9926, 0 }, + { "x_9927", "123456", X_9927, 0 }, { "x_9928", "123456", X_9928, 0 }, + { "x_9929", "123456", X_9929, 0 }, { "x_9930", "123456", X_9930, 0 }, + { "x_9931", "123456", X_9931, 0 }, { "x_9932", "123456", X_9932, 0 } }; int main(void) @@ -282,9 +262,8 @@ int main(void) tmp.data = (unsigned char *)keys[i].pkcs12key; tmp.size = strlen((char *)tmp.data); - ret = gnutls_x509_privkey_import_pkcs8(key, &tmp, - GNUTLS_X509_FMT_PEM, - keys[i].password, 0); + ret = gnutls_x509_privkey_import_pkcs8( + key, &tmp, GNUTLS_X509_FMT_PEM, keys[i].password, 0); gnutls_x509_privkey_deinit(key); if (ret != keys[i].expected_result) { @@ -292,7 +271,6 @@ int main(void) gnutls_strerror(ret)); return 1; } - } gnutls_global_deinit(); diff --git a/tests/pkcs12_simple.c b/tests/pkcs12_simple.c index d411ed83c8..d18c44d918 100644 --- a/tests/pkcs12_simple.c +++ b/tests/pkcs12_simple.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -66,9 +66,8 @@ void doit(void) filename = "pkcs12-decode/pkcs12_5certs.p12"; if (debug) - success - ("Reading PKCS#12 blob from `%s' using password `%s'.\n", - filename, password); + success("Reading PKCS#12 blob from `%s' using password `%s'.\n", + filename, password); ret = gnutls_load_file(filename, &data); if (ret < 0) @@ -82,10 +81,9 @@ void doit(void) if (debug) success("Read file OK\n"); - ret = - gnutls_pkcs12_simple_parse(pkcs12, password, &pkey, &chain, - &chain_size, &extras, &extras_size, - NULL, 0); + ret = gnutls_pkcs12_simple_parse(pkcs12, password, &pkey, &chain, + &chain_size, &extras, &extras_size, + NULL, 0); if (ret < 0) fail("pkcs12_simple_parse failed %d: %s\n", ret, gnutls_strerror(ret)); @@ -134,9 +132,8 @@ void doit(void) fail("gnutls_x509_privkey_init failed %d: %s\n", ret, gnutls_strerror(ret)); - ret = - gnutls_x509_privkey_import2(pkey, &data, GNUTLS_X509_FMT_DER, - password, 0); + ret = gnutls_x509_privkey_import2(pkey, &data, GNUTLS_X509_FMT_DER, + password, 0); if (ret < 0) fail("gnutls_x509_privkey_import2 failed %d: %s\n", ret, gnutls_strerror(ret)); diff --git a/tests/pkcs7-cat-parse.c b/tests/pkcs7-cat-parse.c index 4059818ee9..286ce66660 100644 --- a/tests/pkcs7-cat-parse.c +++ b/tests/pkcs7-cat-parse.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -34,51 +34,51 @@ #include "utils.h" const char pkcs7_data[] = - "-----BEGIN PKCS7-----\n" - "MIIHSwYJKoZIhvcNAQcCoIIHPDCCBzgCAQExCzAJBgUrDgMCGgUAMIICNwYJKwYB\n" - "BAGCNwoBoIICKDCCAiQwDAYKKwYBBAGCNwwBAQQQu/ZNvyszUkS6h2Pwl4hELRcN\n" - "MTYxMDExMTcxMzAyWjAOBgorBgEEAYI3DAECBQAwggGVMIIBkQRSRQA1ADIAMgAx\n" - "ADUANAAwAEQAQwA0AEIAOQA3ADQARgA1ADQARABCADQARQAzADkAMABCAEYARgA0\n" - "ADEAMwAyADMAOQA5AEMAOAAwADMANwAAADGCATkwQAYKKwYBBAGCNwwCATEyMDAe\n" - "CABGAGkAbABlAgQQAQABBB5zAGEAbQBiAGEAcAAxADAAMAAwAC4AaQBuAGYAAAAw\n" - "RQYKKwYBBAGCNwIBBDE3MDUwEAYKKwYBBAGCNwIBGaICgAAwITAJBgUrDgMCGgUA\n" - "BBTlIhVA3EuXT1TbTjkL/0EyOZyANzBKBgorBgEEAYI3DAIBMTwwOh4MAE8AUwBB\n" - "AHQAdAByAgQQAQABBCQyADoANgAuADAALAAyADoANgAuADEALAAyADoANgAuADQA\n" - "AAAwYgYKKwYBBAGCNwwCAjFUMFIeTAB7AEQARQAzADUAMQBBADQAMgAtADgARQA1\n" - "ADkALQAxADEARAAwAC0AOABDADQANwAtADAAMABDADAANABGAEMAMgA5ADUARQBF\n" - "AH0CAgIAoEowSDBGBgorBgEEAYI3DAIBBDgwNh4EAE8AUwIEEAEAAQQoVgBpAHMA\n" - "dABhAFgAOAA2ACwANwBYADgANgAsADEAMABYADgANgAAAKCCAwwwggMIMIIB8KAD\n" - "AgECAhAWVsiyv5uzsk5vNBHNz/C1MA0GCSqGSIb3DQEBBQUAMC0xKzApBgNVBAMT\n" - "IldES1Rlc3RDZXJ0IGFzbiwxMzEyMDY3OTU0ODA0ODM0NTMwHhcNMTYxMDExMTcx\n" - "MjI4WhcNMjYxMDExMDAwMDAwWjAtMSswKQYDVQQDEyJXREtUZXN0Q2VydCBhc24s\n" - "MTMxMjA2Nzk1NDgwNDgzNDUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC\n" - "AQEApD6uPRvnduA8nsL3gd/OdTZzk+p0P9vAQ9kVbRFG39/UuSIIm7nyNO47Tu7h\n" - "CBuK8q5zwY31naKaOkLJMwTpUonI/rwFEhrt7EwFNi2aRVeyEbqLlwCzFK5rJGzP\n" - "wDp4vcKpWPsqD5mOKBOXOIbQt5l8MiKM91iRqvwEEg1Eba8hKF3P/MHT2ZaxMy4O\n" - "QdJdgjovSQfqihA5qG1wwXXTQvWeQHvt1TO+vUNTcnbO0YnIuG+c0WDljn4UVLYo\n" - "2HFk1c7MkTfYX3OzdUbxXpMsHbbQun2XU2v+yQRgViHUDe4G6pGz4ur/aN52DEFk\n" - "qIUCAeJWBhG4pQvMCl20L/19DwIDAQABoyQwIjALBgNVHQ8EBAMCBDAwEwYDVR0l\n" - "BAwwCgYIKwYBBQUHAwMwDQYJKoZIhvcNAQEFBQADggEBAE5t7t5lXUYJGh8xu412\n" - "yREBlUxQT4Uid9Kc/GmmwiQvinKMWwjdowxtfnRR/ZzrbD5AVVQIaM6JSgzLEH3x\n" - "0geN9FqMxcaJVksnUcx9iqWm94bznoPz9FXlgQ+e6lx9vCEP1butyUhj7m8yi0pk\n" - "D8nXwf8cszaPY2tjqMa8o77/W6pDUjIGJHNIsZJwIN/qJT3Sxs9Nb8qwLfjKB7Fp\n" - "aLgC9BAb73rWdW2uQSGtWO9Bvf7/fcgOk2Su1CFZTf/ZoqFbtTQ+Qwl92buUFmTl\n" - "yo9gVmPHXZWfeYaIDwTen2FI43WmLEsge8Xlfv+TpFLTby2BWnKgtxBsHA6L9Fem\n" - "xrwxggHZMIIB1QIBATBBMC0xKzApBgNVBAMTIldES1Rlc3RDZXJ0IGFzbiwxMzEy\n" - "MDY3OTU0ODA0ODM0NTMCEBZWyLK/m7OyTm80Ec3P8LUwCQYFKw4DAhoFAKBvMBAG\n" - "CisGAQQBgjcCAQwxAjAAMBgGCSqGSIb3DQEJAzELBgkrBgEEAYI3CgEwHAYKKwYB\n" - "BAGCNwIBCzEOMAwGCisGAQQBgjcCARUwIwYJKoZIhvcNAQkEMRYEFJBgjwiqs2u+\n" - "74y1Cb725gOFBYr6MA0GCSqGSIb3DQEBAQUABIIBAI4vlVYFKOLdIfs/7kx9ADl5\n" - "zaniHZMgjKiLAljglGCzkfO46IMdOP9/KfmTTTwWBtaP9s7fv9O0XGyOl2qH8Ufg\n" - "2d+0iS7CI8CqwF1Q8NLPYrSl2peKAPNibfIVbLR2+RUJ7zHxevdVou9Dt36A59mW\n" - "BZ78THyix0mVJ1ZivfzFwarChq5S4YI2fpbugTFftlr8YkRB78ki5J2sXICkcWtU\n" - "JRBZqhvsFlsghRWbUKyp20YyPNTgaGelumFj57OLGCVGAejxme/iF8EkmrUV8zs/\n" - "FKuAqJdZ8QPdLD5sKyOL8a19md0tYpCV2ThOWD8okm8PrSMfz4fWlIKpTOi/KE0=\n" - "-----END PKCS7-----\n"; + "-----BEGIN PKCS7-----\n" + "MIIHSwYJKoZIhvcNAQcCoIIHPDCCBzgCAQExCzAJBgUrDgMCGgUAMIICNwYJKwYB\n" + "BAGCNwoBoIICKDCCAiQwDAYKKwYBBAGCNwwBAQQQu/ZNvyszUkS6h2Pwl4hELRcN\n" + "MTYxMDExMTcxMzAyWjAOBgorBgEEAYI3DAECBQAwggGVMIIBkQRSRQA1ADIAMgAx\n" + "ADUANAAwAEQAQwA0AEIAOQA3ADQARgA1ADQARABCADQARQAzADkAMABCAEYARgA0\n" + "ADEAMwAyADMAOQA5AEMAOAAwADMANwAAADGCATkwQAYKKwYBBAGCNwwCATEyMDAe\n" + "CABGAGkAbABlAgQQAQABBB5zAGEAbQBiAGEAcAAxADAAMAAwAC4AaQBuAGYAAAAw\n" + "RQYKKwYBBAGCNwIBBDE3MDUwEAYKKwYBBAGCNwIBGaICgAAwITAJBgUrDgMCGgUA\n" + "BBTlIhVA3EuXT1TbTjkL/0EyOZyANzBKBgorBgEEAYI3DAIBMTwwOh4MAE8AUwBB\n" + "AHQAdAByAgQQAQABBCQyADoANgAuADAALAAyADoANgAuADEALAAyADoANgAuADQA\n" + "AAAwYgYKKwYBBAGCNwwCAjFUMFIeTAB7AEQARQAzADUAMQBBADQAMgAtADgARQA1\n" + "ADkALQAxADEARAAwAC0AOABDADQANwAtADAAMABDADAANABGAEMAMgA5ADUARQBF\n" + "AH0CAgIAoEowSDBGBgorBgEEAYI3DAIBBDgwNh4EAE8AUwIEEAEAAQQoVgBpAHMA\n" + "dABhAFgAOAA2ACwANwBYADgANgAsADEAMABYADgANgAAAKCCAwwwggMIMIIB8KAD\n" + "AgECAhAWVsiyv5uzsk5vNBHNz/C1MA0GCSqGSIb3DQEBBQUAMC0xKzApBgNVBAMT\n" + "IldES1Rlc3RDZXJ0IGFzbiwxMzEyMDY3OTU0ODA0ODM0NTMwHhcNMTYxMDExMTcx\n" + "MjI4WhcNMjYxMDExMDAwMDAwWjAtMSswKQYDVQQDEyJXREtUZXN0Q2VydCBhc24s\n" + "MTMxMjA2Nzk1NDgwNDgzNDUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC\n" + "AQEApD6uPRvnduA8nsL3gd/OdTZzk+p0P9vAQ9kVbRFG39/UuSIIm7nyNO47Tu7h\n" + "CBuK8q5zwY31naKaOkLJMwTpUonI/rwFEhrt7EwFNi2aRVeyEbqLlwCzFK5rJGzP\n" + "wDp4vcKpWPsqD5mOKBOXOIbQt5l8MiKM91iRqvwEEg1Eba8hKF3P/MHT2ZaxMy4O\n" + "QdJdgjovSQfqihA5qG1wwXXTQvWeQHvt1TO+vUNTcnbO0YnIuG+c0WDljn4UVLYo\n" + "2HFk1c7MkTfYX3OzdUbxXpMsHbbQun2XU2v+yQRgViHUDe4G6pGz4ur/aN52DEFk\n" + "qIUCAeJWBhG4pQvMCl20L/19DwIDAQABoyQwIjALBgNVHQ8EBAMCBDAwEwYDVR0l\n" + "BAwwCgYIKwYBBQUHAwMwDQYJKoZIhvcNAQEFBQADggEBAE5t7t5lXUYJGh8xu412\n" + "yREBlUxQT4Uid9Kc/GmmwiQvinKMWwjdowxtfnRR/ZzrbD5AVVQIaM6JSgzLEH3x\n" + "0geN9FqMxcaJVksnUcx9iqWm94bznoPz9FXlgQ+e6lx9vCEP1butyUhj7m8yi0pk\n" + "D8nXwf8cszaPY2tjqMa8o77/W6pDUjIGJHNIsZJwIN/qJT3Sxs9Nb8qwLfjKB7Fp\n" + "aLgC9BAb73rWdW2uQSGtWO9Bvf7/fcgOk2Su1CFZTf/ZoqFbtTQ+Qwl92buUFmTl\n" + "yo9gVmPHXZWfeYaIDwTen2FI43WmLEsge8Xlfv+TpFLTby2BWnKgtxBsHA6L9Fem\n" + "xrwxggHZMIIB1QIBATBBMC0xKzApBgNVBAMTIldES1Rlc3RDZXJ0IGFzbiwxMzEy\n" + "MDY3OTU0ODA0ODM0NTMCEBZWyLK/m7OyTm80Ec3P8LUwCQYFKw4DAhoFAKBvMBAG\n" + "CisGAQQBgjcCAQwxAjAAMBgGCSqGSIb3DQEJAzELBgkrBgEEAYI3CgEwHAYKKwYB\n" + "BAGCNwIBCzEOMAwGCisGAQQBgjcCARUwIwYJKoZIhvcNAQkEMRYEFJBgjwiqs2u+\n" + "74y1Cb725gOFBYr6MA0GCSqGSIb3DQEBAQUABIIBAI4vlVYFKOLdIfs/7kx9ADl5\n" + "zaniHZMgjKiLAljglGCzkfO46IMdOP9/KfmTTTwWBtaP9s7fv9O0XGyOl2qH8Ufg\n" + "2d+0iS7CI8CqwF1Q8NLPYrSl2peKAPNibfIVbLR2+RUJ7zHxevdVou9Dt36A59mW\n" + "BZ78THyix0mVJ1ZivfzFwarChq5S4YI2fpbugTFftlr8YkRB78ki5J2sXICkcWtU\n" + "JRBZqhvsFlsghRWbUKyp20YyPNTgaGelumFj57OLGCVGAejxme/iF8EkmrUV8zs/\n" + "FKuAqJdZ8QPdLD5sKyOL8a19md0tYpCV2ThOWD8okm8PrSMfz4fWlIKpTOi/KE0=\n" + "-----END PKCS7-----\n"; const unsigned char der_content[] = - "\x30\x82\x02\x24\x30\x0c\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x0c\x01\x01\x04\x10\xbb\xf6\x4d\xbf\x2b\x33\x52\x44\xba\x87\x63\xf0\x97\x88\x44\x2d\x17\x0d\x31\x36\x31\x30\x31\x31\x31\x37\x31\x33\x30\x32\x5a\x30\x0e\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x0c\x01\x02\x05\x00\x30\x82\x01\x95\x30\x82\x01\x91\x04\x52\x45\x00\x35\x00\x32\x00\x32\x00\x31\x00\x35\x00\x34\x00\x30\x00\x44\x00\x43\x00\x34\x00\x42\x00\x39\x00\x37\x00\x34\x00\x46\x00\x35\x00\x34\x00\x44\x00\x42\x00\x34\x00\x45\x00\x33\x00\x39\x00\x30\x00\x42\x00\x46\x00\x46\x00\x34\x00\x31\x00\x33\x00\x32\x00\x33\x00\x39\x00\x39\x00\x43\x00\x38\x00\x30\x00\x33\x00\x37\x00\x00\x00\x31\x82\x01\x39\x30\x40\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x0c\x02\x01\x31\x32\x30\x30\x1e\x08\x00\x46\x00\x69\x00\x6c\x00\x65\x02\x04\x10\x01\x00\x01\x04\x1e\x73\x00\x61\x00\x6d\x00\x62\x00\x61\x00\x70\x00\x31\x00\x30\x00\x30\x00\x30\x00\x2e\x00\x69\x00\x6e\x00\x66\x00\x00\x00\x30\x45\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x02\x01\x04\x31\x37\x30\x35\x30\x10\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x02\x01\x19\xa2\x02\x80\x00\x30\x21\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\xe5\x22\x15\x40\xdc\x4b\x97\x4f\x54\xdb\x4e\x39\x0b\xff\x41\x32\x39\x9c\x80\x37\x30\x4a\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x0c\x02\x01\x31\x3c\x30\x3a\x1e\x0c\x00\x4f\x00\x53\x00\x41\x00\x74\x00\x74\x00\x72\x02\x04\x10\x01\x00\x01\x04\x24\x32\x00\x3a\x00\x36\x00\x2e\x00\x30\x00\x2c\x00\x32\x00\x3a\x00\x36\x00\x2e\x00\x31\x00\x2c\x00\x32\x00\x3a\x00\x36\x00\x2e\x00\x34\x00\x00\x00\x30\x62\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x0c\x02\x02\x31\x54\x30\x52\x1e\x4c\x00\x7b\x00\x44\x00\x45\x00\x33\x00\x35\x00\x31\x00\x41\x00\x34\x00\x32\x00\x2d\x00\x38\x00\x45\x00\x35\x00\x39\x00\x2d\x00\x31\x00\x31\x00\x44\x00\x30\x00\x2d\x00\x38\x00\x43\x00\x34\x00\x37\x00\x2d\x00\x30\x00\x30\x00\x43\x00\x30\x00\x34\x00\x46\x00\x43\x00\x32\x00\x39\x00\x35\x00\x45\x00\x45\x00\x7d\x02\x02\x02\x00\xa0\x4a\x30\x48\x30\x46\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x0c\x02\x01\x04\x38\x30\x36\x1e\x04\x00\x4f\x00\x53\x02\x04\x10\x01\x00\x01\x04\x28\x56\x00\x69\x00\x73\x00\x74\x00\x61\x00\x58\x00\x38\x00\x36\x00\x2c\x00\x37\x00\x58\x00\x38\x00\x36\x00\x2c\x00\x31\x00\x30\x00\x58\x00\x38\x00\x36\x00\x00\x00"; -#define der_content_size (sizeof(der_content)-1) + "\x30\x82\x02\x24\x30\x0c\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x0c\x01\x01\x04\x10\xbb\xf6\x4d\xbf\x2b\x33\x52\x44\xba\x87\x63\xf0\x97\x88\x44\x2d\x17\x0d\x31\x36\x31\x30\x31\x31\x31\x37\x31\x33\x30\x32\x5a\x30\x0e\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x0c\x01\x02\x05\x00\x30\x82\x01\x95\x30\x82\x01\x91\x04\x52\x45\x00\x35\x00\x32\x00\x32\x00\x31\x00\x35\x00\x34\x00\x30\x00\x44\x00\x43\x00\x34\x00\x42\x00\x39\x00\x37\x00\x34\x00\x46\x00\x35\x00\x34\x00\x44\x00\x42\x00\x34\x00\x45\x00\x33\x00\x39\x00\x30\x00\x42\x00\x46\x00\x46\x00\x34\x00\x31\x00\x33\x00\x32\x00\x33\x00\x39\x00\x39\x00\x43\x00\x38\x00\x30\x00\x33\x00\x37\x00\x00\x00\x31\x82\x01\x39\x30\x40\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x0c\x02\x01\x31\x32\x30\x30\x1e\x08\x00\x46\x00\x69\x00\x6c\x00\x65\x02\x04\x10\x01\x00\x01\x04\x1e\x73\x00\x61\x00\x6d\x00\x62\x00\x61\x00\x70\x00\x31\x00\x30\x00\x30\x00\x30\x00\x2e\x00\x69\x00\x6e\x00\x66\x00\x00\x00\x30\x45\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x02\x01\x04\x31\x37\x30\x35\x30\x10\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x02\x01\x19\xa2\x02\x80\x00\x30\x21\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\xe5\x22\x15\x40\xdc\x4b\x97\x4f\x54\xdb\x4e\x39\x0b\xff\x41\x32\x39\x9c\x80\x37\x30\x4a\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x0c\x02\x01\x31\x3c\x30\x3a\x1e\x0c\x00\x4f\x00\x53\x00\x41\x00\x74\x00\x74\x00\x72\x02\x04\x10\x01\x00\x01\x04\x24\x32\x00\x3a\x00\x36\x00\x2e\x00\x30\x00\x2c\x00\x32\x00\x3a\x00\x36\x00\x2e\x00\x31\x00\x2c\x00\x32\x00\x3a\x00\x36\x00\x2e\x00\x34\x00\x00\x00\x30\x62\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x0c\x02\x02\x31\x54\x30\x52\x1e\x4c\x00\x7b\x00\x44\x00\x45\x00\x33\x00\x35\x00\x31\x00\x41\x00\x34\x00\x32\x00\x2d\x00\x38\x00\x45\x00\x35\x00\x39\x00\x2d\x00\x31\x00\x31\x00\x44\x00\x30\x00\x2d\x00\x38\x00\x43\x00\x34\x00\x37\x00\x2d\x00\x30\x00\x30\x00\x43\x00\x30\x00\x34\x00\x46\x00\x43\x00\x32\x00\x39\x00\x35\x00\x45\x00\x45\x00\x7d\x02\x02\x02\x00\xa0\x4a\x30\x48\x30\x46\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x0c\x02\x01\x04\x38\x30\x36\x1e\x04\x00\x4f\x00\x53\x02\x04\x10\x01\x00\x01\x04\x28\x56\x00\x69\x00\x73\x00\x74\x00\x61\x00\x58\x00\x38\x00\x36\x00\x2c\x00\x37\x00\x58\x00\x38\x00\x36\x00\x2c\x00\x31\x00\x30\x00\x58\x00\x38\x00\x36\x00\x00\x00"; +#define der_content_size (sizeof(der_content) - 1) const gnutls_datum_t pkcs7_pem = { (void *)pkcs7_data, sizeof(pkcs7_data) - 1 }; static void tls_log_func(int level, const char *str) @@ -118,9 +118,8 @@ void doit(void) assert(strcmp(oid, "1.3.6.1.4.1.311.10.1") == 0); - ret = - gnutls_pkcs7_get_embedded_data(pkcs7, GNUTLS_PKCS7_EDATA_GET_RAW, - &data); + ret = gnutls_pkcs7_get_embedded_data(pkcs7, GNUTLS_PKCS7_EDATA_GET_RAW, + &data); if (ret < 0) { fail("error in gnutls_pkcs7_get_embedded_data: %s\n", gnutls_strerror(ret)); diff --git a/tests/pkcs7-gen.c b/tests/pkcs7-gen.c index 2d23570754..8020afa76c 100644 --- a/tests/pkcs7-gen.c +++ b/tests/pkcs7-gen.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,41 +33,42 @@ #include "utils.h" static char pem1_cert[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" - "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" - "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" - "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" - "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" - "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" - "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" - "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" - "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" - "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" - "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" + "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" + "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" + "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" + "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" + "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" + "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" + "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" + "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" + "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" + "dc8Siq5JojruiMizAf0pA7in\n" + "-----END CERTIFICATE-----\n"; static char pem1_key[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" - "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" - "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" - "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" - "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" - "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" - "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" - "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" - "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" - "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" - "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" - "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" - "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" + "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" + "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" + "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" + "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" + "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" + "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" + "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" + "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" + "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" + "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" + "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" + "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" + "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t cert = { (void *)pem1_cert, sizeof(pem1_cert) - 1 }; const gnutls_datum_t key = { (void *)pem1_key, sizeof(pem1_key) - 1 }; -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1199142000; @@ -115,9 +116,8 @@ void doit(void) exit(1); } - ret = - gnutls_privkey_import_x509_raw(pkey, &key, GNUTLS_X509_FMT_PEM, 0, - 0); + ret = gnutls_privkey_import_x509_raw(pkey, &key, GNUTLS_X509_FMT_PEM, 0, + 0); if (ret < 0) { fail("error in %d: %s\n", __LINE__, gnutls_strerror(ret)); exit(1); @@ -136,33 +136,29 @@ void doit(void) exit(1); } - ret = - gnutls_pkcs7_add_attr(&list1, "1.2.3.4", &data1, - GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING); + ret = gnutls_pkcs7_add_attr(&list1, "1.2.3.4", &data1, + GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING); if (ret < 0) { fail("error in %d: %s\n", __LINE__, gnutls_strerror(ret)); exit(1); } - ret = - gnutls_pkcs7_add_attr(&list1, "2.3.4", &data2, - GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING); + ret = gnutls_pkcs7_add_attr(&list1, "2.3.4", &data2, + GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING); if (ret < 0) { fail("error in %d: %s\n", __LINE__, gnutls_strerror(ret)); exit(1); } - ret = - gnutls_pkcs7_add_attr(&list2, "2.3.4", &data3, - GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING); + ret = gnutls_pkcs7_add_attr(&list2, "2.3.4", &data3, + GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING); if (ret < 0) { fail("error in %d: %s\n", __LINE__, gnutls_strerror(ret)); exit(1); } - ret = - gnutls_pkcs7_sign(pkcs7, crt, pkey, &data3, list1, list2, - GNUTLS_DIG_SHA256, 0); + ret = gnutls_pkcs7_sign(pkcs7, crt, pkey, &data3, list1, list2, + GNUTLS_DIG_SHA256, 0); if (ret < 0) { fail("error in %d: %s\n", __LINE__, gnutls_strerror(ret)); exit(1); @@ -213,46 +209,43 @@ void doit(void) } gnutls_free(data.data); - ret = - gnutls_pkcs7_get_attr(info.signed_attrs, 2, &oid, &data, - GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING); + ret = gnutls_pkcs7_get_attr(info.signed_attrs, 2, &oid, &data, + GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING); if (ret < 0) { fail("error in %d: %s\n", __LINE__, gnutls_strerror(ret)); exit(1); } - if (strcmp(oid, "1.2.3.4") != 0 || data.size != data1.size - || memcmp(data.data, data1.data, data.size) != 0) { + if (strcmp(oid, "1.2.3.4") != 0 || data.size != data1.size || + memcmp(data.data, data1.data, data.size) != 0) { fail("error in %d: %s\n", __LINE__, oid); exit(1); } gnutls_free(data.data); - ret = - gnutls_pkcs7_get_attr(info.signed_attrs, 3, &oid, &data, - GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING); + ret = gnutls_pkcs7_get_attr(info.signed_attrs, 3, &oid, &data, + GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING); if (ret < 0) { fail("error in %d: %s\n", __LINE__, gnutls_strerror(ret)); exit(1); } - if (strcmp(oid, "2.3.4") != 0 || data.size != data2.size - || memcmp(data.data, data2.data, data.size) != 0) { + if (strcmp(oid, "2.3.4") != 0 || data.size != data2.size || + memcmp(data.data, data2.data, data.size) != 0) { fail("error in %d: %s\n", __LINE__, oid); exit(1); } gnutls_free(data.data); - ret = - gnutls_pkcs7_get_attr(info.unsigned_attrs, 0, &oid, &data, - GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING); + ret = gnutls_pkcs7_get_attr(info.unsigned_attrs, 0, &oid, &data, + GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING); if (ret < 0) { fail("error in %d: %s\n", __LINE__, gnutls_strerror(ret)); exit(1); } - if (strcmp(oid, "2.3.4") != 0 || data.size != data3.size - || memcmp(data.data, data3.data, data.size) != 0) { + if (strcmp(oid, "2.3.4") != 0 || data.size != data3.size || + memcmp(data.data, data3.data, data.size) != 0) { fail("error in %d: %s\n", __LINE__, oid); exit(1); } diff --git a/tests/pkcs7-verify-double-free.c b/tests/pkcs7-verify-double-free.c index f75b46a7a5..2aab7b6105 100644 --- a/tests/pkcs7-verify-double-free.c +++ b/tests/pkcs7-verify-double-free.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,127 +30,129 @@ #include "utils.h" static char rca_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDCjCCAfKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQKDApFeGFt\n" - "cGxlIENBMCAXDTE3MDcyMTE0NDMzNloYDzIyMjIwNzIxMTQ0MzM2WjAVMRMwEQYD\n" - "VQQKDApFeGFtcGxlIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA\n" - "v8hnKPJ/IA0SQB/A/a0Uh+npZ67vsgIMrtTQo0r0kJkmkBz5323xO3DVuJfB3QmX\n" - "v9zvoeCQLuDvWar5Aixfxgm6s5Q+yPvJj9t3NebDrU+Y4+qyewBIJUF8EF/5iBPC\n" - "ZHONmzbfIRWvQWGGgb2CRcOHp2J7AY/QLB6LsWPaLjs/DHva28Q13JaTTHIpdu8v\n" - "t6vHr0nXf66DN4MvtoF3N+o+v3snJCMsfXOqASi4tbWR7gtOfCfiz9uBjh0W2Dut\n" - "/jclBQkJkLe6esNSM+f4YiOpctVDjmfj8yoHCp394vt0wFqhG38wsTFAyVP6qIcf\n" - "5zoSu9ovEt2cTkhnZHjiiwIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud\n" - "DwEB/wQEAwIBBjAdBgNVHQ4EFgQUhjeO6Uc5imbjOl2I2ltVA27Hu9YwHwYDVR0j\n" - "BBgwFoAUhjeO6Uc5imbjOl2I2ltVA27Hu9YwDQYJKoZIhvcNAQELBQADggEBAD+r\n" - "i/7FsbG0OFKGF2+JOnth6NjJQcMfM8LiglqAuBUijrv7vltoZ0Z3FJH1Vi4OeMXn\n" - "l7X/9tWUve0uFl75MfjDrf0+lCEdYRY1LCba2BrUgpbbkLywVUdnbsvndehegCgS\n" - "jss2/zys3Hlo3ZaHlTMQ/NQ4nrxcxkjOvkZSEOqgxJTLpzm6pr7YUts4k6c6lNiB\n" - "FSiJiDzsJCmWR9C3fBbUlfDfTJYGN3JwqX270KchXDElo8gNoDnF7jBMpLFFSEKm\n" - "MyfbNLX/srh+CEfZaN/OZV4A3MQ0L8vQEp6M4CJhvRLIuMVabZ2coJ0AzystrOMU\n" - "LirBWjg89RoAjFQ7bTE=\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIDCjCCAfKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQKDApFeGFt\n" + "cGxlIENBMCAXDTE3MDcyMTE0NDMzNloYDzIyMjIwNzIxMTQ0MzM2WjAVMRMwEQYD\n" + "VQQKDApFeGFtcGxlIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA\n" + "v8hnKPJ/IA0SQB/A/a0Uh+npZ67vsgIMrtTQo0r0kJkmkBz5323xO3DVuJfB3QmX\n" + "v9zvoeCQLuDvWar5Aixfxgm6s5Q+yPvJj9t3NebDrU+Y4+qyewBIJUF8EF/5iBPC\n" + "ZHONmzbfIRWvQWGGgb2CRcOHp2J7AY/QLB6LsWPaLjs/DHva28Q13JaTTHIpdu8v\n" + "t6vHr0nXf66DN4MvtoF3N+o+v3snJCMsfXOqASi4tbWR7gtOfCfiz9uBjh0W2Dut\n" + "/jclBQkJkLe6esNSM+f4YiOpctVDjmfj8yoHCp394vt0wFqhG38wsTFAyVP6qIcf\n" + "5zoSu9ovEt2cTkhnZHjiiwIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud\n" + "DwEB/wQEAwIBBjAdBgNVHQ4EFgQUhjeO6Uc5imbjOl2I2ltVA27Hu9YwHwYDVR0j\n" + "BBgwFoAUhjeO6Uc5imbjOl2I2ltVA27Hu9YwDQYJKoZIhvcNAQELBQADggEBAD+r\n" + "i/7FsbG0OFKGF2+JOnth6NjJQcMfM8LiglqAuBUijrv7vltoZ0Z3FJH1Vi4OeMXn\n" + "l7X/9tWUve0uFl75MfjDrf0+lCEdYRY1LCba2BrUgpbbkLywVUdnbsvndehegCgS\n" + "jss2/zys3Hlo3ZaHlTMQ/NQ4nrxcxkjOvkZSEOqgxJTLpzm6pr7YUts4k6c6lNiB\n" + "FSiJiDzsJCmWR9C3fBbUlfDfTJYGN3JwqX270KchXDElo8gNoDnF7jBMpLFFSEKm\n" + "MyfbNLX/srh+CEfZaN/OZV4A3MQ0L8vQEp6M4CJhvRLIuMVabZ2coJ0AzystrOMU\n" + "LirBWjg89RoAjFQ7bTE=\n" + "-----END CERTIFICATE-----\n"; static char ca_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDFzCCAf+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQKDApFeGFt\n" - "cGxlIENBMCAXDTE3MDcyMTE0NDQzNFoYDzIyMjIwNzIxMTQ0NDM0WjAiMSAwHgYD\n" - "VQQKDBdFeGFtcGxlIGludGVybWVkaWF0ZSBDQTCCASIwDQYJKoZIhvcNAQEBBQAD\n" - "ggEPADCCAQoCggEBAKb9ACB8u//sP6MfNU1OsVw68xz3eTPLgKxS0vpqexm6iGVg\n" - "ug/o9uYRLzqiEukv/eyz9WzHmY7sqlOJjOFdv92+SaNg79Jc51WHPFXgea4/qyfr\n" - "4y14PGs0SNxm6T44sXurUs7cXydQVUgnq2VCaWFOTUdxXoAWkV8r8GaUoPD/klVz\n" - "RqxSZVETmX1XBKhsMnnov41kRwVph2C+VfUspsbaUZaz/o/S1/nokhXRACzKsMBr\n" - "obqiGxbY35uVzsmbAW5ErhQz98AWJL3Bub1fsEMXg6OEMmPH4AtX888dTIYZNw0E\n" - "bUIESspz1kjJQTtVQDHTprhwz16YiSVeUonlLgMCAwEAAaNjMGEwDwYDVR0TAQH/\n" - "BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFPBjxDWjMhjXERirKF9O\n" - "o/5Cllc5MB8GA1UdIwQYMBaAFIY3julHOYpm4zpdiNpbVQNux7vWMA0GCSqGSIb3\n" - "DQEBCwUAA4IBAQCTm+vv3hBa6lL5IT+Fw8aTxQ2Ne7mZ5oyazhvXYwwfKNMX3SML\n" - "W2JdPaL64ZwbxxxYvW401o5Z0CEgru3YFrsqB/hEdl0Uf8UWWJmE1rRa+miTmbjt\n" - "lrLNCWdrs6CiwvsPITTHg7jevB4KyZYsTSxQFcyr3N3xF+6EmOTC4IkhPPnXYXcp\n" - "248ih+WOavSYoRvzgB/Dip1WnPYU2mfIV3O8JReRryngA0TzWCLPLUoWR3R4jwtC\n" - "+1uSLoqaenz3qv3F1WEbke37az9YJuXx/5D8CqFQiZ62TUUtI6fYd8mkMBM4Qfh6\n" - "NW9XrCkI9wlpL5K9HllhuW0BhKeJkuPpyQ2p\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIDFzCCAf+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQKDApFeGFt\n" + "cGxlIENBMCAXDTE3MDcyMTE0NDQzNFoYDzIyMjIwNzIxMTQ0NDM0WjAiMSAwHgYD\n" + "VQQKDBdFeGFtcGxlIGludGVybWVkaWF0ZSBDQTCCASIwDQYJKoZIhvcNAQEBBQAD\n" + "ggEPADCCAQoCggEBAKb9ACB8u//sP6MfNU1OsVw68xz3eTPLgKxS0vpqexm6iGVg\n" + "ug/o9uYRLzqiEukv/eyz9WzHmY7sqlOJjOFdv92+SaNg79Jc51WHPFXgea4/qyfr\n" + "4y14PGs0SNxm6T44sXurUs7cXydQVUgnq2VCaWFOTUdxXoAWkV8r8GaUoPD/klVz\n" + "RqxSZVETmX1XBKhsMnnov41kRwVph2C+VfUspsbaUZaz/o/S1/nokhXRACzKsMBr\n" + "obqiGxbY35uVzsmbAW5ErhQz98AWJL3Bub1fsEMXg6OEMmPH4AtX888dTIYZNw0E\n" + "bUIESspz1kjJQTtVQDHTprhwz16YiSVeUonlLgMCAwEAAaNjMGEwDwYDVR0TAQH/\n" + "BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFPBjxDWjMhjXERirKF9O\n" + "o/5Cllc5MB8GA1UdIwQYMBaAFIY3julHOYpm4zpdiNpbVQNux7vWMA0GCSqGSIb3\n" + "DQEBCwUAA4IBAQCTm+vv3hBa6lL5IT+Fw8aTxQ2Ne7mZ5oyazhvXYwwfKNMX3SML\n" + "W2JdPaL64ZwbxxxYvW401o5Z0CEgru3YFrsqB/hEdl0Uf8UWWJmE1rRa+miTmbjt\n" + "lrLNCWdrs6CiwvsPITTHg7jevB4KyZYsTSxQFcyr3N3xF+6EmOTC4IkhPPnXYXcp\n" + "248ih+WOavSYoRvzgB/Dip1WnPYU2mfIV3O8JReRryngA0TzWCLPLUoWR3R4jwtC\n" + "+1uSLoqaenz3qv3F1WEbke37az9YJuXx/5D8CqFQiZ62TUUtI6fYd8mkMBM4Qfh6\n" + "NW9XrCkI9wlpL5K9HllhuW0BhKeJkuPpyQ2p\n" + "-----END CERTIFICATE-----\n"; static char ee_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDIjCCAgqgAwIBAgIBATANBgkqhkiG9w0BAQsFADAiMSAwHgYDVQQKDBdFeGFt\n" - "cGxlIGludGVybWVkaWF0ZSBDQTAgFw0yMjA3MjExNDQ1MzdaGA8yMjIyMDcyMTE0\n" - "NDUzN1owFTETMBEGA1UEAwwKSm9obiBTbWl0aDCCASIwDQYJKoZIhvcNAQEBBQAD\n" - "ggEPADCCAQoCggEBAMb1uuxppBFY+WVD45iyHUq7DkIJNNOI/JRaybVJfPktWq2E\n" - "eNe7XhV05KKnqZTbDO2iYqNHqGhZ8pz/IstDRTZP3z/q1vXTG0P9Gx28rEy5TaUY\n" - "QjtD+ZoFUQm0ORMDBjd8jikqtJ87hKeuOPMH4rzdydotMaPQSm7KLzHBGBr6gg7z\n" - "g1IxPWkhMyHapoMqqrhjwjzoTY97UIXpZTEoIA+KpEC8f9CciBtL0i1MPBjWozB6\n" - "Jma9q5iEwZXuRr3cnPYeIPlK2drgDZCMuSFcYiT8ApLw5OhKqY1m2EvfZ2ox2s9R\n" - "68/HzYdPi3kZwiNEtlBvMlpt5yKBJAflp76d7DkCAwEAAaNuMGwwCwYDVR0PBAQD\n" - "AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAdBgNVHQ4EFgQUc+Mi\n" - "kr8WMCk00SQo+P2iggp/oQkwHwYDVR0jBBgwFoAU8GPENaMyGNcRGKsoX06j/kKW\n" - "VzkwDQYJKoZIhvcNAQELBQADggEBAKU9+CUR0Jcfybd1+8Aqgh1RH96yQygnVuyt\n" - "Na9rFz4fM3ij9tGXDHXrkZw8bW1dWLU9quu8zeTxKxc3aiDIw739Alz0tukttDo7\n" - "dW7YqIb77zsIsWB9p7G9dlxT6ieUy+5IKk69BbeK8KR0vAciAG4KVQxPhuPy/LGX\n" - "PzqlJIJ4h61s3UOroReHPB1keLZgpORqrvtpClOmABH9TLFRJA/WFg8Q2XYB/p0x\n" - "l/pWiaoBC+8wK9cDoMUK5yOwXeuCLffCb+UlAD0+z/qxJ2pisE8E9X8rRKRrWI+i\n" - "G7LtJCEn86EQK8KuRlJxKgj8lClZhoULB0oL4jbblBuNow9WRmM=\n" - "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIDIjCCAgqgAwIBAgIBATANBgkqhkiG9w0BAQsFADAiMSAwHgYDVQQKDBdFeGFt\n" + "cGxlIGludGVybWVkaWF0ZSBDQTAgFw0yMjA3MjExNDQ1MzdaGA8yMjIyMDcyMTE0\n" + "NDUzN1owFTETMBEGA1UEAwwKSm9obiBTbWl0aDCCASIwDQYJKoZIhvcNAQEBBQAD\n" + "ggEPADCCAQoCggEBAMb1uuxppBFY+WVD45iyHUq7DkIJNNOI/JRaybVJfPktWq2E\n" + "eNe7XhV05KKnqZTbDO2iYqNHqGhZ8pz/IstDRTZP3z/q1vXTG0P9Gx28rEy5TaUY\n" + "QjtD+ZoFUQm0ORMDBjd8jikqtJ87hKeuOPMH4rzdydotMaPQSm7KLzHBGBr6gg7z\n" + "g1IxPWkhMyHapoMqqrhjwjzoTY97UIXpZTEoIA+KpEC8f9CciBtL0i1MPBjWozB6\n" + "Jma9q5iEwZXuRr3cnPYeIPlK2drgDZCMuSFcYiT8ApLw5OhKqY1m2EvfZ2ox2s9R\n" + "68/HzYdPi3kZwiNEtlBvMlpt5yKBJAflp76d7DkCAwEAAaNuMGwwCwYDVR0PBAQD\n" + "AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAdBgNVHQ4EFgQUc+Mi\n" + "kr8WMCk00SQo+P2iggp/oQkwHwYDVR0jBBgwFoAU8GPENaMyGNcRGKsoX06j/kKW\n" + "VzkwDQYJKoZIhvcNAQELBQADggEBAKU9+CUR0Jcfybd1+8Aqgh1RH96yQygnVuyt\n" + "Na9rFz4fM3ij9tGXDHXrkZw8bW1dWLU9quu8zeTxKxc3aiDIw739Alz0tukttDo7\n" + "dW7YqIb77zsIsWB9p7G9dlxT6ieUy+5IKk69BbeK8KR0vAciAG4KVQxPhuPy/LGX\n" + "PzqlJIJ4h61s3UOroReHPB1keLZgpORqrvtpClOmABH9TLFRJA/WFg8Q2XYB/p0x\n" + "l/pWiaoBC+8wK9cDoMUK5yOwXeuCLffCb+UlAD0+z/qxJ2pisE8E9X8rRKRrWI+i\n" + "G7LtJCEn86EQK8KuRlJxKgj8lClZhoULB0oL4jbblBuNow9WRmM=\n" + "-----END CERTIFICATE-----\n"; static char msg_pem[] = - "-----BEGIN PKCS7-----\n" - "MIIK2QYJKoZIhvcNAQcCoIIKyjCCCsYCAQExDTALBglghkgBZQMEAgEwCwYJKoZI\n" - "hvcNAQcBoIIJTzCCAwowggHyoAMCAQICAQEwDQYJKoZIhvcNAQELBQAwFTETMBEG\n" - "A1UECgwKRXhhbXBsZSBDQTAgFw0xNzA3MjExNDQzMjFaGA8yMjIyMDcyMTE0NDMy\n" - "MVowFTETMBEGA1UECgwKRXhhbXBsZSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP\n" - "ADCCAQoCggEBAL51eyE4j8wAKQKMGlO9HEY2iaGvsdPSJmidSdmCi1jnNK39Lx4Y\n" - "31h279hSHF5wtI6VM91HHfeLf1mjEZHlKrXXJQzBPLpbHWapD778drHBitOP8e56\n" - "fDMIfofLV4tkMk8690vPe4cJH1UHGspMyz6EQF9kPRaW80XtMV/6dalgL/9Esmaw\n" - "XBNPJAS1VutDuXQkJ/3/rWFLmkpYHHtGPjX782YRmT1s+VOVTsLqmKx0TEL8A381\n" - "bbElHPUAMjPcyWR5qqA8KWnS5Dwqk3LwI0AvuhQytCq0S7Xl4DXauvxwTRXv0UU7\n" - "W8r3MLAw9DnlnJiD/RFjw5rbGO3wMePk/qUCAwEAAaNjMGEwDwYDVR0TAQH/BAUw\n" - "AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFIh2KRoKJoe2VtpOwWMkRAkR\n" - "mLWKMB8GA1UdIwQYMBaAFIh2KRoKJoe2VtpOwWMkRAkRmLWKMA0GCSqGSIb3DQEB\n" - "CwUAA4IBAQBovvlOjoy0MCT5U0eWfcPQQjY4Ssrn3IiPNlVkqSNo+FHX+2baTLVQ\n" - "5QTHxwXwzdIJiwtjFWDdGEQXqmuIvnFG+u/whGbeg6oQygfnQ5Y+q6epOxCsPgLQ\n" - "mKKEaF7mvh8DauUx4QSbYCNGCctOZuB1vlN9bJ3/5QbH+2pFPOfCr5CAyPDwHo6S\n" - "qO3yPcutRwT9xS7gXEHM9HhLp+DmdCGh4eVBPiFilyZm1d92lWxU8oxoSfXgzDT/\n" - "GCzlMykNZNs4JD9QmiRClP/3U0dQbOhah/Fda+N+L90xaqEgGcvwKKZa3pzo59pl\n" - "BbkcIP4YPyHeinwkgAn5UVJg9DOxNCS0MIIDFzCCAf+gAwIBAgIBAjANBgkqhkiG\n" - "9w0BAQsFADAVMRMwEQYDVQQKDApFeGFtcGxlIENBMCAXDTE3MDcyMTE0NDQxM1oY\n" - "DzIyMjIwNzIxMTQ0NDEzWjAiMSAwHgYDVQQKDBdFeGFtcGxlIGludGVybWVkaWF0\n" - "ZSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMPFDEvDANwvhviu\n" - "pwXTvaKyxyX94jVu1wgAhIRyQBVRiMbrn8MEufLG8oA0vKd8s92gv/lWe1jFb2rn\n" - "91jMkZWsjWjiJFD6SzqFfBo+XxOGikEqO1MAf92UqavmSGlXVRG1Vy7T7dWibZP0\n" - "WODhHYWayR0Y6owSz5IqNfrHXzDME+lSJxHgRFI7pK+b0OgiVmvyXDKFPvyU6GrP\n" - "lxXDi/XbjyPvC5gpiwtTgm+s8KERwmdlfZUNjkh2PpHx1g1joijHT3wIvO/Pek1E\n" - "C+Xs6w3XxGgL6TTL7FDuv4AjZVX9KK66/yBhX3aN8bkqAg+hs9XNk3zzWC0XEFOS\n" - "Qoh2va0CAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw\n" - "HQYDVR0OBBYEFHwi/7dUWGjkMWJctOm7MCjjQj1cMB8GA1UdIwQYMBaAFIh2KRoK\n" - "Joe2VtpOwWMkRAkRmLWKMA0GCSqGSIb3DQEBCwUAA4IBAQCF6sHCBdYRwBwvfCve\n" - "og9cPnmPqZrG4AtmSvtoSsMvgvKb/4z3/gG8oPtTBkeRcAHoMoEp/oA+B2ylwIAc\n" - "S5U7jx+lYH/Pqih0X/OcOLbaMv8uzGSGQxk+L9LuuIT6E/THfRRIPEvkDkzC+/uk\n" - "7vUbG17bSEWeF0o/6sjzAY2aH1jnbCDyu0UC78GXkc6bZ5QlH98uLMDMrOmqcZjS\n" - "JFfvuRDQyKV5yBdBkYaobsIWSQDsgYxJzf/2y8c3r+HXqT+jhrXPWJ3btgMPxpu7\n" - "E8KmoFgp9EM+48oYlXJ66rk08/KjaVmgN7R+Hm3e2+MFT2kme4fBKalLjcazTe3x\n" - "0FisMIIDIjCCAgqgAwIBAgIBATANBgkqhkiG9w0BAQsFADAiMSAwHgYDVQQKDBdF\n" - "eGFtcGxlIGludGVybWVkaWF0ZSBDQTAgFw0yMjA3MjExNDQ1MzBaGA8yMjIyMDcy\n" - "MTE0NDUzMVowFTETMBEGA1UEAwwKSm9obiBTbWl0aDCCASIwDQYJKoZIhvcNAQEB\n" - "BQADggEPADCCAQoCggEBAMjhSqhdD5RjmOm6W3hG7zkgKBP9whRN/SipcdEMlkgc\n" - "F/U3QMu66qIfKwheNdWalC1JLtruLDWP92ysa6Vw+CCG8aSax1AgB//RKQB7kgPA\n" - "9js9hi/oCdBmCv2HJxhWSLz+MVoxgzW4C7S9FenI+btxe/99Uw4nOw7kwjsYDLKr\n" - "tMw8myv7aCW/63CuBYGtohiZupM3RI3kKFcZots+KRPLlZpjv+I2h9xSln8VxKNb\n" - "XiMrYwGfHB7iX7ghe1TvFjKatEUhsqa7AvIq7nfe/cyq97f0ODQO814njgZtk5iQ\n" - "JVavXHdhTVaypt1HdAFMuHX5UATylHxx9tRCgSIijUsCAwEAAaNuMGwwCwYDVR0P\n" - "BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAdBgNVHQ4EFgQU\n" - "31+vHl4E/2Jpnwinbzf+d7usshcwHwYDVR0jBBgwFoAUfCL/t1RYaOQxYly06bsw\n" - "KONCPVwwDQYJKoZIhvcNAQELBQADggEBAAWe63DcNwmleQ3INFGDJZ/m2I/R/cBa\n" - "nnrxgR5Ey1ljHdA/x1z1JLTGmGVwqGExs5DNG9Q//Pmc9pZ1yPa8J4Xf8AvFcmkY\n" - "mWoH1HvW0xu/RF1UN5SAoD2PRQ+Vq4OSPD58IlEu/u4o1wZV7Wl91Cv6VNpiAb63\n" - "j9PA1YacOpOtcRqG59Vuj9HFm9f30ejHVo2+KJcpo290cR3Zg4fOm8mtjeMdt/QS\n" - "Atq+RqPAQ7yxqvEEv8zPIZj2kAOQm3mh/yYqBrR68lQUD/dBTP7ApIZkhUK3XK6U\n" - "nf9JvoF6Fn2+Cnqb//FLBgHSnoeqeQNwDLUXTsD02iYxHzJrhokSY4YxggFQMIIB\n" - "TAIBATAnMCIxIDAeBgNVBAoMF0V4YW1wbGUgaW50ZXJtZWRpYXRlIENBAgEBMAsG\n" - "CWCGSAFlAwQCATANBgkqhkiG9w0BAQEFAASCAQATHg6wNsBcs/Ub1GQfKwTpKCk5\n" - "8QXuNnZ0u7b6mKgrSY2Gf47fpL2aRgaR+BAQncbctu5EH/IL38pWjaGtOhFAj/5q\n" - "7luVQW11kuyJN3Bd/dtLqawWOwMmAIEigw6X50l5ZHnEVzFfxt+RKTNhk4XWVtbi\n" - "2iIlITOplW0rnvxYAwCxKL9ocaB7etK8au7ixMxbFp75Ts4iLX8dhlAFdCuFCk8k\n" - "B8mi9HHuwr3QYRqMPW61hu1wBL3yB8eoZNOwPXb0gkIh6ZvgptxgQzm/cc+Iw9fP\n" - "QkR0fTM7ElJ5QZmSV98AUbZDHmDvpmcjcUxfSPMc3IoT8T300usRu7QHqKJi\n" - "-----END PKCS7-----\n"; + "-----BEGIN PKCS7-----\n" + "MIIK2QYJKoZIhvcNAQcCoIIKyjCCCsYCAQExDTALBglghkgBZQMEAgEwCwYJKoZI\n" + "hvcNAQcBoIIJTzCCAwowggHyoAMCAQICAQEwDQYJKoZIhvcNAQELBQAwFTETMBEG\n" + "A1UECgwKRXhhbXBsZSBDQTAgFw0xNzA3MjExNDQzMjFaGA8yMjIyMDcyMTE0NDMy\n" + "MVowFTETMBEGA1UECgwKRXhhbXBsZSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP\n" + "ADCCAQoCggEBAL51eyE4j8wAKQKMGlO9HEY2iaGvsdPSJmidSdmCi1jnNK39Lx4Y\n" + "31h279hSHF5wtI6VM91HHfeLf1mjEZHlKrXXJQzBPLpbHWapD778drHBitOP8e56\n" + "fDMIfofLV4tkMk8690vPe4cJH1UHGspMyz6EQF9kPRaW80XtMV/6dalgL/9Esmaw\n" + "XBNPJAS1VutDuXQkJ/3/rWFLmkpYHHtGPjX782YRmT1s+VOVTsLqmKx0TEL8A381\n" + "bbElHPUAMjPcyWR5qqA8KWnS5Dwqk3LwI0AvuhQytCq0S7Xl4DXauvxwTRXv0UU7\n" + "W8r3MLAw9DnlnJiD/RFjw5rbGO3wMePk/qUCAwEAAaNjMGEwDwYDVR0TAQH/BAUw\n" + "AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFIh2KRoKJoe2VtpOwWMkRAkR\n" + "mLWKMB8GA1UdIwQYMBaAFIh2KRoKJoe2VtpOwWMkRAkRmLWKMA0GCSqGSIb3DQEB\n" + "CwUAA4IBAQBovvlOjoy0MCT5U0eWfcPQQjY4Ssrn3IiPNlVkqSNo+FHX+2baTLVQ\n" + "5QTHxwXwzdIJiwtjFWDdGEQXqmuIvnFG+u/whGbeg6oQygfnQ5Y+q6epOxCsPgLQ\n" + "mKKEaF7mvh8DauUx4QSbYCNGCctOZuB1vlN9bJ3/5QbH+2pFPOfCr5CAyPDwHo6S\n" + "qO3yPcutRwT9xS7gXEHM9HhLp+DmdCGh4eVBPiFilyZm1d92lWxU8oxoSfXgzDT/\n" + "GCzlMykNZNs4JD9QmiRClP/3U0dQbOhah/Fda+N+L90xaqEgGcvwKKZa3pzo59pl\n" + "BbkcIP4YPyHeinwkgAn5UVJg9DOxNCS0MIIDFzCCAf+gAwIBAgIBAjANBgkqhkiG\n" + "9w0BAQsFADAVMRMwEQYDVQQKDApFeGFtcGxlIENBMCAXDTE3MDcyMTE0NDQxM1oY\n" + "DzIyMjIwNzIxMTQ0NDEzWjAiMSAwHgYDVQQKDBdFeGFtcGxlIGludGVybWVkaWF0\n" + "ZSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMPFDEvDANwvhviu\n" + "pwXTvaKyxyX94jVu1wgAhIRyQBVRiMbrn8MEufLG8oA0vKd8s92gv/lWe1jFb2rn\n" + "91jMkZWsjWjiJFD6SzqFfBo+XxOGikEqO1MAf92UqavmSGlXVRG1Vy7T7dWibZP0\n" + "WODhHYWayR0Y6owSz5IqNfrHXzDME+lSJxHgRFI7pK+b0OgiVmvyXDKFPvyU6GrP\n" + "lxXDi/XbjyPvC5gpiwtTgm+s8KERwmdlfZUNjkh2PpHx1g1joijHT3wIvO/Pek1E\n" + "C+Xs6w3XxGgL6TTL7FDuv4AjZVX9KK66/yBhX3aN8bkqAg+hs9XNk3zzWC0XEFOS\n" + "Qoh2va0CAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw\n" + "HQYDVR0OBBYEFHwi/7dUWGjkMWJctOm7MCjjQj1cMB8GA1UdIwQYMBaAFIh2KRoK\n" + "Joe2VtpOwWMkRAkRmLWKMA0GCSqGSIb3DQEBCwUAA4IBAQCF6sHCBdYRwBwvfCve\n" + "og9cPnmPqZrG4AtmSvtoSsMvgvKb/4z3/gG8oPtTBkeRcAHoMoEp/oA+B2ylwIAc\n" + "S5U7jx+lYH/Pqih0X/OcOLbaMv8uzGSGQxk+L9LuuIT6E/THfRRIPEvkDkzC+/uk\n" + "7vUbG17bSEWeF0o/6sjzAY2aH1jnbCDyu0UC78GXkc6bZ5QlH98uLMDMrOmqcZjS\n" + "JFfvuRDQyKV5yBdBkYaobsIWSQDsgYxJzf/2y8c3r+HXqT+jhrXPWJ3btgMPxpu7\n" + "E8KmoFgp9EM+48oYlXJ66rk08/KjaVmgN7R+Hm3e2+MFT2kme4fBKalLjcazTe3x\n" + "0FisMIIDIjCCAgqgAwIBAgIBATANBgkqhkiG9w0BAQsFADAiMSAwHgYDVQQKDBdF\n" + "eGFtcGxlIGludGVybWVkaWF0ZSBDQTAgFw0yMjA3MjExNDQ1MzBaGA8yMjIyMDcy\n" + "MTE0NDUzMVowFTETMBEGA1UEAwwKSm9obiBTbWl0aDCCASIwDQYJKoZIhvcNAQEB\n" + "BQADggEPADCCAQoCggEBAMjhSqhdD5RjmOm6W3hG7zkgKBP9whRN/SipcdEMlkgc\n" + "F/U3QMu66qIfKwheNdWalC1JLtruLDWP92ysa6Vw+CCG8aSax1AgB//RKQB7kgPA\n" + "9js9hi/oCdBmCv2HJxhWSLz+MVoxgzW4C7S9FenI+btxe/99Uw4nOw7kwjsYDLKr\n" + "tMw8myv7aCW/63CuBYGtohiZupM3RI3kKFcZots+KRPLlZpjv+I2h9xSln8VxKNb\n" + "XiMrYwGfHB7iX7ghe1TvFjKatEUhsqa7AvIq7nfe/cyq97f0ODQO814njgZtk5iQ\n" + "JVavXHdhTVaypt1HdAFMuHX5UATylHxx9tRCgSIijUsCAwEAAaNuMGwwCwYDVR0P\n" + "BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAdBgNVHQ4EFgQU\n" + "31+vHl4E/2Jpnwinbzf+d7usshcwHwYDVR0jBBgwFoAUfCL/t1RYaOQxYly06bsw\n" + "KONCPVwwDQYJKoZIhvcNAQELBQADggEBAAWe63DcNwmleQ3INFGDJZ/m2I/R/cBa\n" + "nnrxgR5Ey1ljHdA/x1z1JLTGmGVwqGExs5DNG9Q//Pmc9pZ1yPa8J4Xf8AvFcmkY\n" + "mWoH1HvW0xu/RF1UN5SAoD2PRQ+Vq4OSPD58IlEu/u4o1wZV7Wl91Cv6VNpiAb63\n" + "j9PA1YacOpOtcRqG59Vuj9HFm9f30ejHVo2+KJcpo290cR3Zg4fOm8mtjeMdt/QS\n" + "Atq+RqPAQ7yxqvEEv8zPIZj2kAOQm3mh/yYqBrR68lQUD/dBTP7ApIZkhUK3XK6U\n" + "nf9JvoF6Fn2+Cnqb//FLBgHSnoeqeQNwDLUXTsD02iYxHzJrhokSY4YxggFQMIIB\n" + "TAIBATAnMCIxIDAeBgNVBAoMF0V4YW1wbGUgaW50ZXJtZWRpYXRlIENBAgEBMAsG\n" + "CWCGSAFlAwQCATANBgkqhkiG9w0BAQEFAASCAQATHg6wNsBcs/Ub1GQfKwTpKCk5\n" + "8QXuNnZ0u7b6mKgrSY2Gf47fpL2aRgaR+BAQncbctu5EH/IL38pWjaGtOhFAj/5q\n" + "7luVQW11kuyJN3Bd/dtLqawWOwMmAIEigw6X50l5ZHnEVzFfxt+RKTNhk4XWVtbi\n" + "2iIlITOplW0rnvxYAwCxKL9ocaB7etK8au7ixMxbFp75Ts4iLX8dhlAFdCuFCk8k\n" + "B8mi9HHuwr3QYRqMPW61hu1wBL3yB8eoZNOwPXb0gkIh6ZvgptxgQzm/cc+Iw9fP\n" + "QkR0fTM7ElJ5QZmSV98AUbZDHmDvpmcjcUxfSPMc3IoT8T300usRu7QHqKJi\n" + "-----END PKCS7-----\n"; const gnutls_datum_t rca_datum = { (void *)rca_pem, sizeof(rca_pem) - 1 }; const gnutls_datum_t ca_datum = { (void *)ca_pem, sizeof(ca_pem) - 1 }; @@ -162,12 +164,13 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s |<%d>| %s", "err", level, str); } -#define CHECK(X)\ -{\ - r = X;\ - if (r < 0)\ - fail("error in %d: %s\n", __LINE__, gnutls_strerror(r));\ -}\ +#define CHECK(X) \ + { \ + r = X; \ + if (r < 0) \ + fail("error in %d: %s\n", __LINE__, \ + gnutls_strerror(r)); \ + } void doit(void) { @@ -185,8 +188,8 @@ void doit(void) } // Import certificates CHECK(gnutls_x509_crt_init(&rca_cert)); - CHECK(gnutls_x509_crt_import - (rca_cert, &rca_datum, GNUTLS_X509_FMT_PEM)); + CHECK(gnutls_x509_crt_import(rca_cert, &rca_datum, + GNUTLS_X509_FMT_PEM)); CHECK(gnutls_x509_crt_init(&ca_cert)); CHECK(gnutls_x509_crt_import(ca_cert, &ca_datum, GNUTLS_X509_FMT_PEM)); CHECK(gnutls_x509_crt_init(&ee_cert)); @@ -194,8 +197,8 @@ void doit(void) // Setup trust store CHECK(gnutls_x509_trust_list_init(&tlist, 0)); - CHECK(gnutls_x509_trust_list_add_named_crt - (tlist, rca_cert, "rca", 3, 0)); + CHECK(gnutls_x509_trust_list_add_named_crt(tlist, rca_cert, "rca", 3, + 0)); CHECK(gnutls_x509_trust_list_add_named_crt(tlist, ca_cert, "ca", 2, 0)); CHECK(gnutls_x509_trust_list_add_named_crt(tlist, ee_cert, "ee", 2, 0)); diff --git a/tests/pkcs7.c b/tests/pkcs7.c index 11bb2f121d..dfd5f48c36 100644 --- a/tests/pkcs7.c +++ b/tests/pkcs7.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include "config.h" +#include "config.h" #endif #include @@ -40,7 +40,7 @@ #define CERT_DIR "pkcs7-interesting" -static int getnextfile(DIR ** dirp, gnutls_datum_t * der, int *exp_ret) +static int getnextfile(DIR **dirp, gnutls_datum_t *der, int *exp_ret) { struct dirent *d; char path[256]; @@ -67,7 +67,7 @@ static int getnextfile(DIR ** dirp, gnutls_datum_t * der, int *exp_ret) #ifdef _DIRENT_HAVE_D_TYPE && d->d_type == DT_REG #endif - ) { + ) { if (strstr(d->d_name, ".der") == 0) continue; if (strstr(d->d_name, ".err") != 0) @@ -85,7 +85,7 @@ static int getnextfile(DIR ** dirp, gnutls_datum_t * der, int *exp_ret) d->d_name); success("Loading errfile %s\n", path); ret = gnutls_load_file(path, &local); - if (ret < 0) { /* not found assume success */ + if (ret < 0) { /* not found assume success */ *exp_ret = 0; } else { *exp_ret = atoi((char *)local.data); @@ -98,7 +98,7 @@ static int getnextfile(DIR ** dirp, gnutls_datum_t * der, int *exp_ret) } while (d != NULL); closedir(*dirp); - return -1; /* finished */ + return -1; /* finished */ } void doit(void) @@ -125,9 +125,8 @@ void doit(void) if (ret == 0) { /* attempt to fully decode */ gnutls_datum_t out; - ret = - gnutls_pkcs7_print(cert, GNUTLS_CRT_PRINT_FULL, - &out); + ret = gnutls_pkcs7_print(cert, GNUTLS_CRT_PRINT_FULL, + &out); if (ret < 0) { fail("print: %s\n", gnutls_strerror(ret)); } diff --git a/tests/pkcs8-key-decode-encrypted.c b/tests/pkcs8-key-decode-encrypted.c index 9afb75ad6b..59f9768d07 100644 --- a/tests/pkcs8-key-decode-encrypted.c +++ b/tests/pkcs8-key-decode-encrypted.c @@ -27,38 +27,35 @@ #include "utils.h" -#define PRIVATE_KEY \ - "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ +#define PRIVATE_KEY \ + "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ "MIHeMEkGCSqGSIb3DQEFDTA8MBsGCSqGSIb3DQEFDDAOBAiebBrnqPv4owICCAAw\n" \ "HQYJYIZIAWUDBAEqBBBykFR6i1My/DYFBYrz1lmABIGQ3XGpp3+v/ENC1S+X7Ay6\n" \ "JoquYKuMw6yUmWoGFvPIPA9UWqMve2Uj4l2l96Sywd6iNFP63ow6pIq4wUP6REuY\n" \ "ZhCgoAOQomeFqhAhkw6QJCygp5vw2rh9OZ5tiP/Ko6IDTA2rSas91nepHpQOb247\n" \ - "zta5XzXb5TRkBsVU8tAPADP+wS/vBCS05ne1wmhdD6c6\n" \ + "zta5XzXb5TRkBsVU8tAPADP+wS/vBCS05ne1wmhdD6c6\n" \ "-----END ENCRYPTED PRIVATE KEY-----\n" static int test_decode(void) { gnutls_x509_privkey_t key; - const gnutls_datum_t data = { - (unsigned char *)PRIVATE_KEY, - strlen(PRIVATE_KEY) - }; + const gnutls_datum_t data = { (unsigned char *)PRIVATE_KEY, + strlen(PRIVATE_KEY) }; int err; if ((err = gnutls_x509_privkey_init(&key)) < 0) { fail("Failed to init key %s\n", gnutls_strerror(err)); } - err = gnutls_x509_privkey_import_pkcs8(key, &data, - GNUTLS_X509_FMT_PEM, "", 0); + err = gnutls_x509_privkey_import_pkcs8(key, &data, GNUTLS_X509_FMT_PEM, + "", 0); if (err != GNUTLS_E_DECRYPTION_FAILED) { fail("Unexpected error code: %s/%d\n", gnutls_strerror(err), err); } - err = gnutls_x509_privkey_import_pkcs8(key, &data, - GNUTLS_X509_FMT_PEM, "password", - 0); + err = gnutls_x509_privkey_import_pkcs8(key, &data, GNUTLS_X509_FMT_PEM, + "password", 0); if (err != 0) { fail("Unexpected error code: %s\n", gnutls_strerror(err)); } diff --git a/tests/pkcs8-key-decode.c b/tests/pkcs8-key-decode.c index 177d0aa795..f8b5b8e729 100644 --- a/tests/pkcs8-key-decode.c +++ b/tests/pkcs8-key-decode.c @@ -27,33 +27,31 @@ #include "utils.h" -#define PRIVATE_KEY \ - "-----BEGIN PRIVATE KEY-----\n" \ - "MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBALVcr\n" \ - "BL40Tm6yq88FBhJNw1aaoCjmtg0l4dWQZ/e9Fimx4ARxFpT+ji4FE\n" \ - "Cgl9s/SGqC+1nvlkm9ViSo0j7MKDbnDB+VRHDvMAzQhA2X7e8M0n9\n" \ - "rPolUY2lIVC83q0BBaOBkCj2RSmT2xTEbbC2xLukSrg2WP/ihVOxc\n" \ - "kXRuyFtzAgMBAAECgYB7slBexDwXrtItAMIH6m/U+LUpNe0Xx48OL\n" \ - "IOn4a4whNgO/o84uIwygUK27ZGFZT0kAGAk8CdF9hA6ArcbQ62s1H\n" \ - "myxrUbF9/mrLsQw1NEqpuUk9Ay2Tx5U/wPx35S3W/X2AvR/ZpTnCn\n" \ - "2q/7ym9fyiSoj86drD7BTvmKXlOnOwQJBAPOFMp4mMa9NGpGuEssO\n" \ - "m3Uwbp6lhcP0cA9MK+iOmeANpoKWfBdk5O34VbmeXnGYWEkrnX+9J\n" \ - "bM4wVhnnBWtgBMCQQC+qAEmvwcfhauERKYznMVUVksyeuhxhCe7EK\n" \ - "mPh+U2+g0WwdKvGDgO0PPt1gq0ILEjspMDeMHVdTwkaVBo/uMhAkA\n" \ - "Z5SsZyCP2aTOPFDypXRdI4eqRcjaEPOUBq27r3uYb/jeboVb2weLa\n" \ - "L1MmVuHiIHoa5clswPdWVI2y0em2IGoDAkBPSp/v9VKJEZabk9Frd\n" \ - "a+7u4fanrM9QrEjY3KhduslSilXZZSxrWjjAJPyPiqFb3M8XXA26W\n" \ - "nz1KYGnqYKhLcBAkB7dt57n9xfrhDpuyVEv+Uv1D3VVAhZlsaZ5Pp\n" \ - "dcrhrkJn2sa/+O8OKvdrPSeeu/N5WwYhJf61+CPoenMp7IFci\n" \ - "-----END PRIVATE KEY-----\n" +#define PRIVATE_KEY \ + "-----BEGIN PRIVATE KEY-----\n" \ + "MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBALVcr\n" \ + "BL40Tm6yq88FBhJNw1aaoCjmtg0l4dWQZ/e9Fimx4ARxFpT+ji4FE\n" \ + "Cgl9s/SGqC+1nvlkm9ViSo0j7MKDbnDB+VRHDvMAzQhA2X7e8M0n9\n" \ + "rPolUY2lIVC83q0BBaOBkCj2RSmT2xTEbbC2xLukSrg2WP/ihVOxc\n" \ + "kXRuyFtzAgMBAAECgYB7slBexDwXrtItAMIH6m/U+LUpNe0Xx48OL\n" \ + "IOn4a4whNgO/o84uIwygUK27ZGFZT0kAGAk8CdF9hA6ArcbQ62s1H\n" \ + "myxrUbF9/mrLsQw1NEqpuUk9Ay2Tx5U/wPx35S3W/X2AvR/ZpTnCn\n" \ + "2q/7ym9fyiSoj86drD7BTvmKXlOnOwQJBAPOFMp4mMa9NGpGuEssO\n" \ + "m3Uwbp6lhcP0cA9MK+iOmeANpoKWfBdk5O34VbmeXnGYWEkrnX+9J\n" \ + "bM4wVhnnBWtgBMCQQC+qAEmvwcfhauERKYznMVUVksyeuhxhCe7EK\n" \ + "mPh+U2+g0WwdKvGDgO0PPt1gq0ILEjspMDeMHVdTwkaVBo/uMhAkA\n" \ + "Z5SsZyCP2aTOPFDypXRdI4eqRcjaEPOUBq27r3uYb/jeboVb2weLa\n" \ + "L1MmVuHiIHoa5clswPdWVI2y0em2IGoDAkBPSp/v9VKJEZabk9Frd\n" \ + "a+7u4fanrM9QrEjY3KhduslSilXZZSxrWjjAJPyPiqFb3M8XXA26W\n" \ + "nz1KYGnqYKhLcBAkB7dt57n9xfrhDpuyVEv+Uv1D3VVAhZlsaZ5Pp\n" \ + "dcrhrkJn2sa/+O8OKvdrPSeeu/N5WwYhJf61+CPoenMp7IFci\n" \ + "-----END PRIVATE KEY-----\n" static int test_load(void) { gnutls_x509_privkey_t key; - const gnutls_datum_t data = { - (unsigned char *)PRIVATE_KEY, - strlen(PRIVATE_KEY) - }; + const gnutls_datum_t data = { (unsigned char *)PRIVATE_KEY, + strlen(PRIVATE_KEY) }; int err; if ((err = gnutls_x509_privkey_init(&key)) < 0) { diff --git a/tests/post-client-hello-change-prio.c b/tests/post-client-hello-change-prio.c index 6999cbe617..7a25cd5b90 100644 --- a/tests/post-client-hello-change-prio.c +++ b/tests/post-client-hello-change-prio.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -44,8 +44,8 @@ const char *override_prio = NULL; static int post_client_hello_callback(gnutls_session_t session) { if (override_prio) { - assert(gnutls_priority_set_direct(session, override_prio, NULL) - >= 0); + assert(gnutls_priority_set_direct(session, override_prio, + NULL) >= 0); } pch_ok = 1; return 0; @@ -56,9 +56,8 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static -void start(const char *name, const char *client_prio, const char *server_prio, - int expected) +static void start(const char *name, const char *client_prio, + const char *server_prio, int expected) { /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -81,8 +80,8 @@ void start(const char *name, const char *client_prio, const char *server_prio, /* Init server */ assert(gnutls_certificate_allocate_credentials(&serverx509cred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, + assert(gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&server, GNUTLS_SERVER) >= 0); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); @@ -90,8 +89,8 @@ void start(const char *name, const char *client_prio, const char *server_prio, gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); - gnutls_handshake_set_post_client_hello_function(server, - post_client_hello_callback); + gnutls_handshake_set_post_client_hello_function( + server, post_client_hello_callback); assert(gnutls_certificate_allocate_credentials(&clientx509cred) >= 0); assert(gnutls_init(&client, GNUTLS_CLIENT) >= 0); @@ -149,9 +148,8 @@ void doit(void) "NORMAL:-VERS-ALL:+VERS-TLS1.2", "NORMAL:-VERS-TLS1.2:-VERS-TLS1.1:-VERS-TLS1.0:-VERS-SSL3.0", -1); override_prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2"; - start - ("client tls1.2-only, server tls1.2-disabled initially, but allow it afterwards", - "NORMAL:-VERS-ALL:+VERS-TLS1.2", - "NORMAL:-VERS-TLS1.2:-VERS-TLS1.1:-VERS-TLS1.0:-VERS-SSL3.0", - GNUTLS_TLS1_2); + start("client tls1.2-only, server tls1.2-disabled initially, but allow it afterwards", + "NORMAL:-VERS-ALL:+VERS-TLS1.2", + "NORMAL:-VERS-TLS1.2:-VERS-TLS1.1:-VERS-TLS1.0:-VERS-SSL3.0", + GNUTLS_TLS1_2); } diff --git a/tests/prf.c b/tests/prf.c index a2987ca187..f4b8af5158 100644 --- a/tests/prf.c +++ b/tests/prf.c @@ -18,7 +18,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,18 +33,18 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -66,94 +66,89 @@ static void client_log_func(int level, const char *str) static pid_t child; static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDIzCCAgugAwIBAgIMUz8PCR2sdRK56V6OMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTEwIhgPMjAxNDA0MDQxOTU5MDVaGA85OTk5MTIzMTIzNTk1OVow\n" - "EzERMA8GA1UEAxMIc2VydmVyLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" - "AoIBAQDZ3dCzh9gOTOiOb2dtrPu91fYYgC/ey0ACYjQxaru7FZwnuXPhQK9KHsIV\n" - "YRIyo49wjKZddkHet2sbpFAAeETZh8UUWLRb/mupyaSJMycaYCNjLZCUJTztvXxJ\n" - "CCNfbtgvKC+Vu1mu94KBPatslgvnsamH7AiL5wmwRRqdH/Z93XaEvuRG6Zk0Sh9q\n" - "ZMdCboGfjtmGEJ1V+z5CR+IyH4sckzd8WJW6wBSEwgliGaXnc75xKtFWBZV2njNr\n" - "8V1TOYOdLEbiF4wduVExL5TKq2ywNkRpUfK2I1BcWS5D9Te/QT7aSdE08rL6ztmZ\n" - "IhILSrMOfoLnJ4lzXspz3XLlEuhnAgMBAAGjdzB1MAwGA1UdEwEB/wQCMAAwFAYD\n" - "VR0RBA0wC4IJbG9jYWxob3N0MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFJXR\n" - "raRS5MVhEqaRE42A3S2BIj7UMB8GA1UdIwQYMBaAFP6S7AyMRO2RfkANgo8YsCl8\n" - "JfJkMA0GCSqGSIb3DQEBCwUAA4IBAQCQ62+skMVZYrGbpab8RI9IG6xH8kEndvFj\n" - "J7wBBZCOlcjOj+HQ7a2buF5zGKRwAOSznKcmvZ7l5DPdsd0t5/VT9LKSbQ6+CfGr\n" - "Xs5qPaDJnRhZkOILCvXJ9qyO+79WNMsg9pWnxkTK7aWR5OYE+1Qw1jG681HMkWTm\n" - "nt7et9bdiNNpvA+L55569XKbdtJLs3hn5gEQFgS7EaEj59aC4vzSTFcidowCoa43\n" - "7JmfSfC9YaAIFH2vriyU0QNf2y7cG5Hpkge+U7uMzQrsT77Q3SDB9WkyPAFNSB4Q\n" - "B/r+OtZXOnQhLlMV7h4XGlWruFEaOBVjFHSdMGUh+DtaLvd1bVXI\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIDATCCAemgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwNDA0MTk1OTA1WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvhyQfsUm3T0xK\n" - "jiBXO3H6Y27b7lmCRYZQCmXCl2sUsGDL7V9biavTt3+sorWtH542/cTGDh5n8591\n" - "7rVxAB/VASmN55O3fjZyFGrjusjhXBla0Yxe5rZ/7/Pjrq84T7gc/IXiX9Sums/c\n" - "o9AeoykfhsjV2ubhh4h+8uPsHDTcAFTxq3mQaoldwnW2nmjDFzaKLtQdnyFf41o6\n" - "nsJCK/J9PtpdCID5Zb+eQfu5Yhk1iUHe8a9TOstCHtgBq61YzufDHUQk3zsT+VZM\n" - "20lDvSBnHdWLjxoea587JbkvtH8xRR8ThwABSb98qPnhJ8+A7mpO89QO1wxZM85A\n" - "xEweQlMHAgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" - "ADAdBgNVHQ4EFgQU/pLsDIxE7ZF+QA2CjxiwKXwl8mQwHwYDVR0jBBgwFoAUGD0R\n" - "Yr2H7kfjQUcBMxSTCDQnhu0wDQYJKoZIhvcNAQELBQADggEBANEXLUV+Z1PGTn7M\n" - "3rPT/m/EamcrZJ3vFWrnfN91ws5llyRUKNhx6222HECh3xRSxH9YJONsbv2zY6sd\n" - "ztY7lvckL4xOgWAjoCVTx3hqbZjDxpLRsvraw1PlqBHlRQVWLKlEQ55+tId2zgMX\n" - "Z+wxM7FlU/6yWVPODIxrqYQd2KqaEp4aLIklw6Hi4HD6DnQJikjsJ6Noe0qyX1Tx\n" - "uZ8mgP/G47Fe2d2H29kJ1iJ6hp1XOqyWrVIh/jONcnTvWS8aMqS3MU0EJH2Pb1Qa\n" - "KGIvbd/3H9LykFTP/b7Imdv2fZxXIK8jC+jbF1w6rdBCVNA0p30X/jonoC3vynEK\n" - "5cK0cgs=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIIDIzCCAgugAwIBAgIMUz8PCR2sdRK56V6OMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTEwIhgPMjAxNDA0MDQxOTU5MDVaGA85OTk5MTIzMTIzNTk1OVow\n" + "EzERMA8GA1UEAxMIc2VydmVyLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQDZ3dCzh9gOTOiOb2dtrPu91fYYgC/ey0ACYjQxaru7FZwnuXPhQK9KHsIV\n" + "YRIyo49wjKZddkHet2sbpFAAeETZh8UUWLRb/mupyaSJMycaYCNjLZCUJTztvXxJ\n" + "CCNfbtgvKC+Vu1mu94KBPatslgvnsamH7AiL5wmwRRqdH/Z93XaEvuRG6Zk0Sh9q\n" + "ZMdCboGfjtmGEJ1V+z5CR+IyH4sckzd8WJW6wBSEwgliGaXnc75xKtFWBZV2njNr\n" + "8V1TOYOdLEbiF4wduVExL5TKq2ywNkRpUfK2I1BcWS5D9Te/QT7aSdE08rL6ztmZ\n" + "IhILSrMOfoLnJ4lzXspz3XLlEuhnAgMBAAGjdzB1MAwGA1UdEwEB/wQCMAAwFAYD\n" + "VR0RBA0wC4IJbG9jYWxob3N0MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFJXR\n" + "raRS5MVhEqaRE42A3S2BIj7UMB8GA1UdIwQYMBaAFP6S7AyMRO2RfkANgo8YsCl8\n" + "JfJkMA0GCSqGSIb3DQEBCwUAA4IBAQCQ62+skMVZYrGbpab8RI9IG6xH8kEndvFj\n" + "J7wBBZCOlcjOj+HQ7a2buF5zGKRwAOSznKcmvZ7l5DPdsd0t5/VT9LKSbQ6+CfGr\n" + "Xs5qPaDJnRhZkOILCvXJ9qyO+79WNMsg9pWnxkTK7aWR5OYE+1Qw1jG681HMkWTm\n" + "nt7et9bdiNNpvA+L55569XKbdtJLs3hn5gEQFgS7EaEj59aC4vzSTFcidowCoa43\n" + "7JmfSfC9YaAIFH2vriyU0QNf2y7cG5Hpkge+U7uMzQrsT77Q3SDB9WkyPAFNSB4Q\n" + "B/r+OtZXOnQhLlMV7h4XGlWruFEaOBVjFHSdMGUh+DtaLvd1bVXI\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIDATCCAemgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwNDA0MTk1OTA1WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvhyQfsUm3T0xK\n" + "jiBXO3H6Y27b7lmCRYZQCmXCl2sUsGDL7V9biavTt3+sorWtH542/cTGDh5n8591\n" + "7rVxAB/VASmN55O3fjZyFGrjusjhXBla0Yxe5rZ/7/Pjrq84T7gc/IXiX9Sums/c\n" + "o9AeoykfhsjV2ubhh4h+8uPsHDTcAFTxq3mQaoldwnW2nmjDFzaKLtQdnyFf41o6\n" + "nsJCK/J9PtpdCID5Zb+eQfu5Yhk1iUHe8a9TOstCHtgBq61YzufDHUQk3zsT+VZM\n" + "20lDvSBnHdWLjxoea587JbkvtH8xRR8ThwABSb98qPnhJ8+A7mpO89QO1wxZM85A\n" + "xEweQlMHAgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQU/pLsDIxE7ZF+QA2CjxiwKXwl8mQwHwYDVR0jBBgwFoAUGD0R\n" + "Yr2H7kfjQUcBMxSTCDQnhu0wDQYJKoZIhvcNAQELBQADggEBANEXLUV+Z1PGTn7M\n" + "3rPT/m/EamcrZJ3vFWrnfN91ws5llyRUKNhx6222HECh3xRSxH9YJONsbv2zY6sd\n" + "ztY7lvckL4xOgWAjoCVTx3hqbZjDxpLRsvraw1PlqBHlRQVWLKlEQ55+tId2zgMX\n" + "Z+wxM7FlU/6yWVPODIxrqYQd2KqaEp4aLIklw6Hi4HD6DnQJikjsJ6Noe0qyX1Tx\n" + "uZ8mgP/G47Fe2d2H29kJ1iJ6hp1XOqyWrVIh/jONcnTvWS8aMqS3MU0EJH2Pb1Qa\n" + "KGIvbd/3H9LykFTP/b7Imdv2fZxXIK8jC+jbF1w6rdBCVNA0p30X/jonoC3vynEK\n" + "5cK0cgs=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIEpQIBAAKCAQEA2d3Qs4fYDkzojm9nbaz7vdX2GIAv3stAAmI0MWq7uxWcJ7lz\n" - "4UCvSh7CFWESMqOPcIymXXZB3rdrG6RQAHhE2YfFFFi0W/5rqcmkiTMnGmAjYy2Q\n" - "lCU87b18SQgjX27YLygvlbtZrveCgT2rbJYL57Gph+wIi+cJsEUanR/2fd12hL7k\n" - "RumZNEofamTHQm6Bn47ZhhCdVfs+QkfiMh+LHJM3fFiVusAUhMIJYhml53O+cSrR\n" - "VgWVdp4za/FdUzmDnSxG4heMHblRMS+UyqtssDZEaVHytiNQXFkuQ/U3v0E+2knR\n" - "NPKy+s7ZmSISC0qzDn6C5yeJc17Kc91y5RLoZwIDAQABAoIBAQCRXAu5HPOsZufq\n" - "0K2DYZz9BdqSckR+M8HbVUZZiksDAeIUJwoHyi6qF2eK+B86JiK4Bz+gsBw2ys3t\n" - "vW2bQqM9N/boIl8D2fZfbCgZWkXGtUonC+mgzk+el4Rq/cEMFVqr6/YDwuKNeJpc\n" - "PJc5dcsvpTvlcjgpj9bJAvJEz2SYiIUpvtG4WNMGGapVZZPDvWn4/isY+75T5oDf\n" - "1X5jG0lN9uoUjcuGuThN7gxjwlRkcvEOPHjXc6rxfrWIDdiz/91V46PwpqVDpRrg\n" - "ig6U7+ckS0Oy2v32x0DaDhwAfDJ2RNc9az6Z+11lmY3LPkjG/p8Klcmgvt4/lwkD\n" - "OYRC5QGRAoGBAPFdud6nmVt9h1DL0o4R6snm6P3K81Ds765VWVmpzJkK3+bwe4PQ\n" - "GQQ0I0zN4hXkDMwHETS+EVWllqkK/d4dsE3volYtyTti8zthIATlgSEJ81x/ChAQ\n" - "vvXxgx+zPUnb1mUwy+X+6urTHe4bxN2ypg6ROIUmT+Hx1ITG40LRRiPTAoGBAOcT\n" - "WR8DTrj42xbxAUpz9vxJ15ZMwuIpk3ShE6+CWqvaXHF22Ju4WFwRNlW2zVLH6UMt\n" - "nNfOzyDoryoiu0+0mg0wSmgdJbtCSHoI2GeiAnjGn5i8flQlPQ8bdwwmU6g6I/EU\n" - "QRbGK/2XLmlrGN52gVy9UX0NsAA5fEOsAJiFj1CdAoGBAN9i3nbq6O2bNVSa/8mL\n" - "XaD1vGe/oQgh8gaIaYSpuXlfbjCAG+C4BZ81XgJkfj3CbfGbDNqimsqI0fKsAJ/F\n" - "HHpVMgrOn3L+Np2bW5YMj0Fzwy+1SCvsQ8C+gJwjOLMV6syGp/+6udMSB55rRv3k\n" - "rPnIf+YDumUke4tTw9wAcgkPAoGASHMkiji7QfuklbjSsslRMyDj21gN8mMevH6U\n" - "cX7pduBsA5dDqu9NpPAwnQdHsSDE3i868d8BykuqQAfLut3hPylY6vPYlLHfj4Oe\n" - "dj+xjrSX7YeMBE34qvfth32s1R4FjtzO25keyc/Q2XSew4FcZftlxVO5Txi3AXC4\n" - "bxnRKXECgYEAva+og7/rK+ZjboJVNxhFrwHp9bXhz4tzrUaWNvJD2vKJ5ZcThHcX\n" - "zCig8W7eXHLPLDhi9aWZ3kUZ1RLhrFc/6dujtVtU9z2w1tmn1I+4Zi6D6L4DzKdg\n" - "nMRLFoXufs/qoaJTqa8sQvKa+ceJAF04+gGtw617cuaZdZ3SYRLR2dk=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; - -static const -gnutls_datum_t hrnd = { (void *) - "\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIEpQIBAAKCAQEA2d3Qs4fYDkzojm9nbaz7vdX2GIAv3stAAmI0MWq7uxWcJ7lz\n" + "4UCvSh7CFWESMqOPcIymXXZB3rdrG6RQAHhE2YfFFFi0W/5rqcmkiTMnGmAjYy2Q\n" + "lCU87b18SQgjX27YLygvlbtZrveCgT2rbJYL57Gph+wIi+cJsEUanR/2fd12hL7k\n" + "RumZNEofamTHQm6Bn47ZhhCdVfs+QkfiMh+LHJM3fFiVusAUhMIJYhml53O+cSrR\n" + "VgWVdp4za/FdUzmDnSxG4heMHblRMS+UyqtssDZEaVHytiNQXFkuQ/U3v0E+2knR\n" + "NPKy+s7ZmSISC0qzDn6C5yeJc17Kc91y5RLoZwIDAQABAoIBAQCRXAu5HPOsZufq\n" + "0K2DYZz9BdqSckR+M8HbVUZZiksDAeIUJwoHyi6qF2eK+B86JiK4Bz+gsBw2ys3t\n" + "vW2bQqM9N/boIl8D2fZfbCgZWkXGtUonC+mgzk+el4Rq/cEMFVqr6/YDwuKNeJpc\n" + "PJc5dcsvpTvlcjgpj9bJAvJEz2SYiIUpvtG4WNMGGapVZZPDvWn4/isY+75T5oDf\n" + "1X5jG0lN9uoUjcuGuThN7gxjwlRkcvEOPHjXc6rxfrWIDdiz/91V46PwpqVDpRrg\n" + "ig6U7+ckS0Oy2v32x0DaDhwAfDJ2RNc9az6Z+11lmY3LPkjG/p8Klcmgvt4/lwkD\n" + "OYRC5QGRAoGBAPFdud6nmVt9h1DL0o4R6snm6P3K81Ds765VWVmpzJkK3+bwe4PQ\n" + "GQQ0I0zN4hXkDMwHETS+EVWllqkK/d4dsE3volYtyTti8zthIATlgSEJ81x/ChAQ\n" + "vvXxgx+zPUnb1mUwy+X+6urTHe4bxN2ypg6ROIUmT+Hx1ITG40LRRiPTAoGBAOcT\n" + "WR8DTrj42xbxAUpz9vxJ15ZMwuIpk3ShE6+CWqvaXHF22Ju4WFwRNlW2zVLH6UMt\n" + "nNfOzyDoryoiu0+0mg0wSmgdJbtCSHoI2GeiAnjGn5i8flQlPQ8bdwwmU6g6I/EU\n" + "QRbGK/2XLmlrGN52gVy9UX0NsAA5fEOsAJiFj1CdAoGBAN9i3nbq6O2bNVSa/8mL\n" + "XaD1vGe/oQgh8gaIaYSpuXlfbjCAG+C4BZ81XgJkfj3CbfGbDNqimsqI0fKsAJ/F\n" + "HHpVMgrOn3L+Np2bW5YMj0Fzwy+1SCvsQ8C+gJwjOLMV6syGp/+6udMSB55rRv3k\n" + "rPnIf+YDumUke4tTw9wAcgkPAoGASHMkiji7QfuklbjSsslRMyDj21gN8mMevH6U\n" + "cX7pduBsA5dDqu9NpPAwnQdHsSDE3i868d8BykuqQAfLut3hPylY6vPYlLHfj4Oe\n" + "dj+xjrSX7YeMBE34qvfth32s1R4FjtzO25keyc/Q2XSew4FcZftlxVO5Txi3AXC4\n" + "bxnRKXECgYEAva+og7/rK+ZjboJVNxhFrwHp9bXhz4tzrUaWNvJD2vKJ5ZcThHcX\n" + "zCig8W7eXHLPLDhi9aWZ3kUZ1RLhrFc/6dujtVtU9z2w1tmn1I+4Zi6D6L4DzKdg\n" + "nMRLFoXufs/qoaJTqa8sQvKa+ceJAF04+gGtw617cuaZdZ3SYRLR2dk=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; + +static const gnutls_datum_t hrnd = { + (void *)"\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32 }; -static const -gnutls_datum_t hsrnd = { (void *) - "\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", +static const gnutls_datum_t hsrnd = { + (void *)"\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32 }; -static void dump(const char *name, const uint8_t * data, unsigned data_size) +static void dump(const char *name, const uint8_t *data, unsigned data_size) { unsigned i; @@ -163,44 +158,51 @@ static void dump(const char *name, const uint8_t * data, unsigned data_size) fprintf(stderr, "\n"); } -static gnutls_datum_t master = { (void *) - "\x44\x66\x44\xa9\xb6\x29\xed\x6e\xd6\x93\x15\xdb\xf0\x7d\x4b\x2e\x18\xb1\x9d\xed\xff\x6a\x86\x76\xc9\x0e\x16\xab\xc2\x10\xbb\x17\x99\x24\xb1\xd9\xb9\x95\xe7\xea\xea\xea\xea\xea\xff\xaa\xac", +static gnutls_datum_t master = { + (void *)"\x44\x66\x44\xa9\xb6\x29\xed\x6e\xd6\x93\x15\xdb\xf0\x7d\x4b\x2e\x18\xb1\x9d\xed\xff\x6a\x86\x76\xc9\x0e\x16\xab\xc2\x10\xbb\x17\x99\x24\xb1\xd9\xb9\x95\xe7\xea\xea\xea\xea\xea\xff\xaa\xac", 48 }; static gnutls_datum_t sess_id = { (void *)"\xd9\xb9\x95\xe7\xea", 5 }; -# define TRY(label_size, label, extra_size, extra, size, exp) \ - { \ - ret = gnutls_prf_rfc5705(session, label_size, label, extra_size, extra, size, \ - (void*)key_material); \ - if (ret < 0) { \ - fprintf(stderr, "gnutls_prf_rfc5705: error in %d\n", __LINE__); \ - gnutls_perror(ret); \ - exit(1); \ - } \ - if (memcmp(key_material, exp, size) != 0) { \ - fprintf(stderr, "gnutls_prf_rfc5705: output doesn't match for '%s'\n", label); \ - dump("got ", key_material, size); \ - dump("expected ", exp, size); \ - exit(1); \ - } \ +#define TRY(label_size, label, extra_size, extra, size, exp) \ + { \ + ret = gnutls_prf_rfc5705(session, label_size, label, \ + extra_size, extra, size, \ + (void *)key_material); \ + if (ret < 0) { \ + fprintf(stderr, "gnutls_prf_rfc5705: error in %d\n", \ + __LINE__); \ + gnutls_perror(ret); \ + exit(1); \ + } \ + if (memcmp(key_material, exp, size) != 0) { \ + fprintf(stderr, \ + "gnutls_prf_rfc5705: output doesn't match for '%s'\n", \ + label); \ + dump("got ", key_material, size); \ + dump("expected ", exp, size); \ + exit(1); \ + } \ } -# define TRY_OLD(label_size, label, extra_size, extra, size, exp) \ - { \ - ret = gnutls_prf(session, label_size, label, 1, extra_size, extra, size, \ - (void*)key_material); \ - if (ret < 0) { \ - fprintf(stderr, "gnutls_prf: error in %d\n", __LINE__); \ - gnutls_perror(ret); \ - exit(1); \ - } \ - if (memcmp(key_material, exp, size) != 0) { \ - fprintf(stderr, "gnutls_prf: output doesn't match for '%s'\n", label); \ - dump("got ", key_material, size); \ - dump("expected ", exp, size); \ - exit(1); \ - } \ +#define TRY_OLD(label_size, label, extra_size, extra, size, exp) \ + { \ + ret = gnutls_prf(session, label_size, label, 1, extra_size, \ + extra, size, (void *)key_material); \ + if (ret < 0) { \ + fprintf(stderr, "gnutls_prf: error in %d\n", \ + __LINE__); \ + gnutls_perror(ret); \ + exit(1); \ + } \ + if (memcmp(key_material, exp, size) != 0) { \ + fprintf(stderr, \ + "gnutls_prf: output doesn't match for '%s'\n", \ + label); \ + dump("got ", key_material, size); \ + dump("expected ", exp, size); \ + exit(1); \ + } \ } static void check_prfs(gnutls_session_t session) { @@ -208,19 +210,19 @@ static void check_prfs(gnutls_session_t session) unsigned char key_material2[512]; int ret; - TRY(13, "key expansion", 0, NULL, 34, (uint8_t *) - "\xcf\x3e\x1c\x03\x47\x1a\xdf\x4a\x8e\x74\xc6\xda\xcd\xda\x22\xa4\x8e\xa5\xf7\x62\xef\xd6\x47\xe7\x41\x20\xea\x44\xb8\x5d\x66\x87\x0a\x61"); - TRY(6, "hello", 0, NULL, 31, (uint8_t *) - "\x83\x6c\xc7\x8e\x1b\x62\xc7\x06\x17\x99\x37\x95\x2e\xb8\x42\x5c\x42\xcd\x75\x65\x2c\xa3\x16\x2b\xab\x0a\xcf\xfc\xc8\x90\x30"); - TRY(7, "context", 5, "abcd\xfa", 31, (uint8_t *) - "\x5b\xc7\x72\xe9\xda\xe4\x79\x3e\xfe\x9a\xc5\x6f\xf4\x8d\x5a\xfe\x4c\x8d\x16\xa7\xf0\x13\x13\xf1\x93\xdd\x4b\x43\x65\xc1\x94"); - TRY(12, "null-context", 0, "", 31, (uint8_t *) - "\xd7\xb6\xff\x3d\xf7\xbe\x0e\xf2\xd0\xbf\x55\x0b\x56\xac\xfb\x3c\x1d\x5c\xaa\xa8\x71\x45\xf5\xd5\x71\x35\xa2\x35\x83\xc2\xe0"); + TRY(13, "key expansion", 0, NULL, 34, + (uint8_t *)"\xcf\x3e\x1c\x03\x47\x1a\xdf\x4a\x8e\x74\xc6\xda\xcd\xda\x22\xa4\x8e\xa5\xf7\x62\xef\xd6\x47\xe7\x41\x20\xea\x44\xb8\x5d\x66\x87\x0a\x61"); + TRY(6, "hello", 0, NULL, 31, + (uint8_t *)"\x83\x6c\xc7\x8e\x1b\x62\xc7\x06\x17\x99\x37\x95\x2e\xb8\x42\x5c\x42\xcd\x75\x65\x2c\xa3\x16\x2b\xab\x0a\xcf\xfc\xc8\x90\x30"); + TRY(7, "context", 5, "abcd\xfa", 31, + (uint8_t *)"\x5b\xc7\x72\xe9\xda\xe4\x79\x3e\xfe\x9a\xc5\x6f\xf4\x8d\x5a\xfe\x4c\x8d\x16\xa7\xf0\x13\x13\xf1\x93\xdd\x4b\x43\x65\xc1\x94"); + TRY(12, "null-context", 0, "", 31, + (uint8_t *)"\xd7\xb6\xff\x3d\xf7\xbe\x0e\xf2\xd0\xbf\x55\x0b\x56\xac\xfb\x3c\x1d\x5c\xaa\xa8\x71\x45\xf5\xd5\x71\x35\xa2\x35\x83\xc2\xe0"); - TRY_OLD(6, "hello", 0, NULL, 31, (uint8_t *) - "\x53\x35\x9b\x1c\xbf\xf2\x50\x85\xa1\xbc\x42\xfb\x45\x92\xc3\xbe\x20\x24\x24\xe2\xeb\x6e\xf7\x4f\xc0\xee\xe3\xaa\x46\x36\xfd"); - TRY_OLD(7, "context", 5, "abcd\xfa", 31, (uint8_t *) - "\x5f\x75\xb7\x61\x76\x4c\x1e\x86\x4b\x7d\x2e\x6c\x09\x91\xfd\x1e\xe6\xe8\xee\xf9\x86\x6a\x80\xfe\xf3\xbe\x96\xd0\x47\xf5\x9e"); + TRY_OLD(6, "hello", 0, NULL, 31, + (uint8_t *)"\x53\x35\x9b\x1c\xbf\xf2\x50\x85\xa1\xbc\x42\xfb\x45\x92\xc3\xbe\x20\x24\x24\xe2\xeb\x6e\xf7\x4f\xc0\xee\xe3\xaa\x46\x36\xfd"); + TRY_OLD(7, "context", 5, "abcd\xfa", 31, + (uint8_t *)"\x5f\x75\xb7\x61\x76\x4c\x1e\x86\x4b\x7d\x2e\x6c\x09\x91\xfd\x1e\xe6\xe8\xee\xf9\x86\x6a\x80\xfe\xf3\xbe\x96\xd0\x47\xf5\x9e"); /* check whether gnutls_prf matches gnutls_prf_rfc5705 when no context is given */ ret = gnutls_prf(session, 4, "aaaa", 0, 0, NULL, 64, @@ -281,9 +283,10 @@ static void client(int fd) } /* Use default priorities */ - ret = gnutls_priority_set_direct(session, - "NONE:+VERS-TLS1.0:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA", - &err); + ret = gnutls_priority_set_direct( + session, + "NONE:+VERS-TLS1.0:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA", + &err); if (ret < 0) { fail("client: priority set failed (%s): %s\n", gnutls_strerror(ret), err); @@ -298,11 +301,10 @@ static void client(int fd) gnutls_handshake_set_random(session, &hrnd); gnutls_transport_set_int(session, fd); - if (gnutls_prf - (session, 4, "aaaa", 0, 0, NULL, sizeof(err), - (char *)&err) != GNUTLS_E_INVALID_REQUEST - || gnutls_prf_rfc5705(session, 4, "aaaa", 0, NULL, sizeof(err), - (char *)&err) != GNUTLS_E_INVALID_REQUEST) { + if (gnutls_prf(session, 4, "aaaa", 0, 0, NULL, sizeof(err), + (char *)&err) != GNUTLS_E_INVALID_REQUEST || + gnutls_prf_rfc5705(session, 4, "aaaa", 0, NULL, sizeof(err), + (char *)&err) != GNUTLS_E_INVALID_REQUEST) { fprintf(stderr, "unexpected prf error code\n"); exit(1); } @@ -311,8 +313,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed: %s\n", strerror(ret)); @@ -324,8 +325,8 @@ static void client(int fd) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); ret = gnutls_cipher_get(session); if (ret != GNUTLS_CIPHER_AES_128_CBC) { @@ -394,9 +395,8 @@ static void server(int fd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - ret = gnutls_priority_set_direct(session, - "NORMAL:-KX-ALL:+RSA:%NO_SESSION_HASH", - NULL); + ret = gnutls_priority_set_direct( + session, "NORMAL:-KX-ALL:+RSA:%NO_SESSION_HASH", NULL); if (ret < 0) { fail("server: priority set failed (%s)\n\n", gnutls_strerror(ret)); @@ -414,9 +414,8 @@ static void server(int fd) exit(1); } - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, serverx509cred); gnutls_handshake_set_random(session, &hsrnd); @@ -424,8 +423,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -438,8 +436,8 @@ static void server(int fd) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* do not wait for the peer to close the connection. */ @@ -495,4 +493,4 @@ void doit(void) start(); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/priorities-groups.c b/tests/priorities-groups.c index a4fe228748..b75d03f065 100644 --- a/tests/priorities-groups.c +++ b/tests/priorities-groups.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,9 +30,9 @@ #include "utils.h" -static void -try_prio(const char *prio, unsigned group_size, const unsigned int *group_list, - unsigned curve_size, const unsigned int *curve_list) +static void try_prio(const char *prio, unsigned group_size, + const unsigned int *group_list, unsigned curve_size, + const unsigned int *curve_list) { int ret; gnutls_priority_t p; @@ -101,9 +101,9 @@ void doit(void) list1[2] = GNUTLS_GROUP_FFDHE2048; list2[0] = GNUTLS_ECC_CURVE_SECP256R1; list2[1] = GNUTLS_ECC_CURVE_SECP384R1; - try_prio - ("NORMAL:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-FFDHE2048", - 3, list1, 2, list2); + try_prio( + "NORMAL:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-FFDHE2048", + 3, list1, 2, list2); memset(list1, 0, sizeof(list1)); memset(list2, 0, sizeof(list2)); @@ -113,7 +113,7 @@ void doit(void) list1[3] = GNUTLS_GROUP_FFDHE3072; list2[0] = GNUTLS_ECC_CURVE_SECP521R1; list2[1] = GNUTLS_ECC_CURVE_SECP384R1; - try_prio - ("NORMAL:-CURVE-ALL:+CURVE-SECP521R1:+GROUP-SECP384R1:+GROUP-FFDHE2048:+GROUP-FFDHE3072", - 4, list1, 2, list2); + try_prio( + "NORMAL:-CURVE-ALL:+CURVE-SECP521R1:+GROUP-SECP384R1:+GROUP-FFDHE2048:+GROUP-FFDHE3072", + 4, list1, 2, list2); } diff --git a/tests/priorities.c b/tests/priorities.c index 45d187e542..738859f062 100644 --- a/tests/priorities.c +++ b/tests/priorities.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -31,9 +31,8 @@ #include "utils.h" -static void -try_prio(const char *prio, unsigned expected_cs, unsigned expected_ciphers, - unsigned line) +static void try_prio(const char *prio, unsigned expected_cs, + unsigned expected_ciphers, unsigned line) { int ret; gnutls_priority_t p; @@ -61,7 +60,6 @@ try_prio(const char *prio, unsigned expected_cs, unsigned expected_ciphers, count++; /* fprintf(stderr, "%s\n", gnutls_cipher_suite_info(si, NULL, NULL, NULL, NULL, NULL)); */ } - } ret = gnutls_priority_cipher_list(p, &t); @@ -114,7 +112,7 @@ void doit(void) int sec256_cs = 12; int normal_cs = 29; int pfs_cs = 23; - int null_normal_cs = 28; /* disables TLS1.3 CS */ + int null_normal_cs = 28; /* disables TLS1.3 CS */ int normal_ciphers = 7; if (gnutls_fips140_mode_enabled()) { @@ -131,10 +129,15 @@ void doit(void) if (!gnutls_fips140_mode_enabled()) { try_prio("PFS", pfs_cs, normal_ciphers, __LINE__); - try_prio("NORMAL:+CIPHER-ALL", normal_cs, 7, __LINE__); /* all (except null) */ - try_prio("NORMAL:-CIPHER-ALL:+NULL", null, 1, __LINE__); /* null */ - try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL", null_normal_cs, 8, __LINE__); /* should be null + all */ - try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL:-CIPHER-ALL:+AES-128-CBC", 4, 1, __LINE__); /* should be null + all */ + try_prio("NORMAL:+CIPHER-ALL", normal_cs, 7, + __LINE__); /* all (except null) */ + try_prio("NORMAL:-CIPHER-ALL:+NULL", null, 1, + __LINE__); /* null */ + try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL", null_normal_cs, + 8, __LINE__); /* should be null + all */ + try_prio( + "NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL:-CIPHER-ALL:+AES-128-CBC", + 4, 1, __LINE__); /* should be null + all */ #ifdef ENABLE_GOST try_prio("NONE:+VERS-TLS1.2:+GOST", 1, 1, __LINE__); #endif @@ -143,17 +146,19 @@ void doit(void) try_prio("PERFORMANCE", normal_cs, normal_ciphers, __LINE__); try_prio("SECURE256", sec256_cs, 4, __LINE__); try_prio("SECURE128", sec128_cs, 7, __LINE__); - try_prio("SECURE128:+SECURE256", sec128_cs, 7, __LINE__); /* should be the same as SECURE128 */ - try_prio("SECURE128:+SECURE256:+NORMAL", normal_cs, 7, __LINE__); /* should be the same as NORMAL */ + try_prio("SECURE128:+SECURE256", sec128_cs, 7, + __LINE__); /* should be the same as SECURE128 */ + try_prio("SECURE128:+SECURE256:+NORMAL", normal_cs, 7, + __LINE__); /* should be the same as NORMAL */ try_prio("SUITEB192", 1, 1, __LINE__); try_prio("SUITEB128", 2, 2, __LINE__); /* check legacy strings */ try_prio("NORMAL:+RSA-EXPORT:+ARCFOUR-40", normal_cs, normal_ciphers, __LINE__); - try_prio_err - ("NORMAL:-VERS-ALL:+VERS-TLS1.2:-SIGN-ALL:+SIGN-ECDSA-SECP256R1-SHA256", - GNUTLS_E_NO_PRIORITIES_WERE_SET); + try_prio_err( + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-SIGN-ALL:+SIGN-ECDSA-SECP256R1-SHA256", + GNUTLS_E_NO_PRIORITIES_WERE_SET); try_prio_err("NORMAL:-VERS-ALL:+VERS-TLS1.2:-SIGN-ALL", GNUTLS_E_NO_PRIORITIES_WERE_SET); try_prio_err("NORMAL:-VERS-ALL:+VERS-DTLS1.2:-SIGN-ALL", diff --git a/tests/priority-init2.c b/tests/priority-init2.c index 3165fa0ad0..13fc6a1424 100644 --- a/tests/priority-init2.c +++ b/tests/priority-init2.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -83,8 +83,8 @@ static void start(struct test_st *test) gnutls_global_set_log_level(6); assert(gnutls_certificate_allocate_credentials(&serverx509cred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, + assert(gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&server, GNUTLS_SERVER) >= 0); @@ -94,15 +94,16 @@ static void start(struct test_st *test) if (ret < 0) fail("error: %s\n", gnutls_strerror(ret)); } else { - ret = - gnutls_priority_init2(&cache, test->add_prio, &ep, - GNUTLS_PRIORITY_INIT_DEF_APPEND); + ret = gnutls_priority_init2(&cache, test->add_prio, &ep, + GNUTLS_PRIORITY_INIT_DEF_APPEND); if (ret < 0) { if (test->exp_err == ret) { - if (strchr(_gnutls_default_priority_string, '@') - != 0) { + if (strchr(_gnutls_default_priority_string, + '@') != 0) { if (ep != test->add_prio) { - fail("error expected error on start of string[%d]: %s\n", test->err_pos, test->add_prio); + fail("error expected error on start of string[%d]: %s\n", + test->err_pos, + test->add_prio); } } else { if (ep - test->add_prio != @@ -110,7 +111,9 @@ static void start(struct test_st *test) fprintf(stderr, "diff: %d\n", (int)(ep - test->add_prio)); - fail("error expected error on different position[%d]: %s\n", test->err_pos, test->add_prio); + fail("error expected error on different position[%d]: %s\n", + test->err_pos, + test->add_prio); } } goto cleanup; @@ -129,9 +132,8 @@ static void start(struct test_st *test) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -169,8 +171,8 @@ static void start(struct test_st *test) if (test->exp_vers != gnutls_protocol_get_version(server)) { fail("expected version %s, got %s\n", gnutls_protocol_get_name(test->exp_vers), - gnutls_protocol_get_name - (gnutls_protocol_get_version(server))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(server))); } } @@ -247,7 +249,7 @@ static void start(struct test_st *test) gnutls_deinit(client); gnutls_certificate_free_credentials(clientx509cred); - cleanup: +cleanup: gnutls_priority_deinit(cache); gnutls_deinit(server); @@ -258,42 +260,36 @@ static void start(struct test_st *test) } struct test_st tests[] = { - { - .name = "additional flag", - .def_prio = "NORMAL", - .add_prio = "%FORCE_ETM", - .exp_err = 0}, - { - .name = "additional flag typo1", - .def_prio = "NORMAL", - .add_prio = ":%FORCE_ETM", - .exp_err = GNUTLS_E_INVALID_REQUEST, - .err_pos = 0}, - { - .name = "additional flag typo2", - .def_prio = "NORMAL", - .add_prio = "%FORCE_ETM::%NO_TICKETS", - .exp_err = GNUTLS_E_INVALID_REQUEST, - .err_pos = 11}, - { - .name = "additional flag typo3", - .def_prio = "NORMAL", - .add_prio = "%FORCE_ETM:%%NO_TICKETS", - .exp_err = GNUTLS_E_INVALID_REQUEST, - .err_pos = 11}, - { - .name = "additional flag typo3 (with resolved def prio)", - .def_prio = "@HELLO", - .add_prio = "%FORCE_ETM:%%NO_TICKETS", - .exp_err = GNUTLS_E_INVALID_REQUEST, - .err_pos = 0}, - { - .name = "additional flag for version (functional)", - .def_prio = "NORMAL", - .add_prio = "-VERS-ALL:+VERS-TLS1.1", - .exp_etm = 1, - .exp_err = 0, - .exp_vers = GNUTLS_TLS1_1} + { .name = "additional flag", + .def_prio = "NORMAL", + .add_prio = "%FORCE_ETM", + .exp_err = 0 }, + { .name = "additional flag typo1", + .def_prio = "NORMAL", + .add_prio = ":%FORCE_ETM", + .exp_err = GNUTLS_E_INVALID_REQUEST, + .err_pos = 0 }, + { .name = "additional flag typo2", + .def_prio = "NORMAL", + .add_prio = "%FORCE_ETM::%NO_TICKETS", + .exp_err = GNUTLS_E_INVALID_REQUEST, + .err_pos = 11 }, + { .name = "additional flag typo3", + .def_prio = "NORMAL", + .add_prio = "%FORCE_ETM:%%NO_TICKETS", + .exp_err = GNUTLS_E_INVALID_REQUEST, + .err_pos = 11 }, + { .name = "additional flag typo3 (with resolved def prio)", + .def_prio = "@HELLO", + .add_prio = "%FORCE_ETM:%%NO_TICKETS", + .exp_err = GNUTLS_E_INVALID_REQUEST, + .err_pos = 0 }, + { .name = "additional flag for version (functional)", + .def_prio = "NORMAL", + .add_prio = "-VERS-ALL:+VERS-TLS1.1", + .exp_etm = 1, + .exp_err = 0, + .exp_vers = GNUTLS_TLS1_1 } }; void doit(void) diff --git a/tests/priority-mix.c b/tests/priority-mix.c index 45181e18a7..20ea83cbaa 100644 --- a/tests/priority-mix.c +++ b/tests/priority-mix.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -41,7 +41,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1461671166; @@ -76,9 +76,8 @@ void doit(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); @@ -93,9 +92,8 @@ void doit(void) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -108,8 +106,8 @@ void doit(void) if (ret < 0) exit(1); - assert(gnutls_priority_set_direct(client, - "PFS:%PROFILE_ULTRA", NULL) >= 0); + assert(gnutls_priority_set_direct(client, "PFS:%PROFILE_ULTRA", NULL) >= + 0); assert(gnutls_priority_set_direct(client, "NORMAL", NULL) >= 0); gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); @@ -132,9 +130,8 @@ void doit(void) { unsigned status; - ret = - gnutls_certificate_verify_peers3(client, "localhost", - &status); + ret = gnutls_certificate_verify_peers3(client, "localhost", + &status); if (ret < 0) { fail("could not verify certificate: %s\n", gnutls_strerror(ret)); diff --git a/tests/priority-set.c b/tests/priority-set.c index 81825628cf..f712f454d0 100644 --- a/tests/priority-set.c +++ b/tests/priority-set.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -45,7 +45,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1461671166; @@ -80,9 +80,8 @@ void doit(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); @@ -97,9 +96,8 @@ void doit(void) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); diff --git a/tests/priority-set2.c b/tests/priority-set2.c index c4c7ca63f9..421fdc9c36 100644 --- a/tests/priority-set2.c +++ b/tests/priority-set2.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -45,7 +45,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1461671166; @@ -80,9 +80,8 @@ void doit(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); @@ -97,9 +96,8 @@ void doit(void) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); diff --git a/tests/privkey-keygen.c b/tests/privkey-keygen.c index f7e6319479..6bc8059d37 100644 --- a/tests/privkey-keygen.c +++ b/tests/privkey-keygen.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -42,9 +42,9 @@ static int sec_param[MAX_TRIES] = #ifdef ENABLE_FIPS140 -{ GNUTLS_SEC_PARAM_MEDIUM, GNUTLS_SEC_PARAM_HIGH }; + { GNUTLS_SEC_PARAM_MEDIUM, GNUTLS_SEC_PARAM_HIGH }; #else -{ GNUTLS_SEC_PARAM_LOW, GNUTLS_SEC_PARAM_MEDIUM }; + { GNUTLS_SEC_PARAM_LOW, GNUTLS_SEC_PARAM_MEDIUM }; #endif static void tls_log_func(int level, const char *str) @@ -52,10 +52,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s |<%d>| %s", "privkey-keygen", level, str); } -const gnutls_datum_t raw_data = { - (void *)"hello there", - 11 -}; +const gnutls_datum_t raw_data = { (void *)"hello there", 11 }; static void sign_verify_data(gnutls_pk_algorithm_t algorithm, gnutls_x509_privkey_t pkey) @@ -87,18 +84,17 @@ static void sign_verify_data(gnutls_pk_algorithm_t algorithm, vflags |= GNUTLS_VERIFY_ALLOW_BROKEN; /* sign arbitrary data */ - ret = gnutls_privkey_sign_data(privkey, digest, 0, - &raw_data, &signature); + ret = gnutls_privkey_sign_data(privkey, digest, 0, &raw_data, + &signature); if (ret < 0) fail("gnutls_privkey_sign_data\n"); /* verify data */ - ret = - gnutls_pubkey_verify_data2(pubkey, - gnutls_pk_to_sign - (gnutls_pubkey_get_pk_algorithm - (pubkey, NULL), digest), vflags, - &raw_data, &signature); + ret = gnutls_pubkey_verify_data2( + pubkey, + gnutls_pk_to_sign(gnutls_pubkey_get_pk_algorithm(pubkey, NULL), + digest), + vflags, &raw_data, &signature); if (ret < 0) fail("gnutls_pubkey_verify_data2\n"); @@ -172,17 +168,21 @@ void doit(void) } FIPS_PUSH_CONTEXT(); - ret = - gnutls_x509_privkey_generate(pkey, algorithm, - gnutls_sec_param_to_pk_bits - (algorithm, - sec_param[i]), 0); + ret = gnutls_x509_privkey_generate( + pkey, algorithm, + gnutls_sec_param_to_pk_bits(algorithm, + sec_param[i]), + 0); if (ret < 0) { - fail("gnutls_x509_privkey_generate (%s-%d): %s (%d)\n", gnutls_pk_algorithm_get_name(algorithm), gnutls_sec_param_to_pk_bits(algorithm, sec_param[i]), gnutls_strerror(ret), ret); + fail("gnutls_x509_privkey_generate (%s-%d): %s (%d)\n", + gnutls_pk_algorithm_get_name(algorithm), + gnutls_sec_param_to_pk_bits(algorithm, + sec_param[i]), + gnutls_strerror(ret), ret); } else if (debug) { success("Key[%s] generation ok: %d\n", - gnutls_pk_algorithm_get_name - (algorithm), ret); + gnutls_pk_algorithm_get_name(algorithm), + ret); } if (is_approved_pk_algo(algorithm)) { FIPS_POP_CONTEXT(APPROVED); @@ -192,7 +192,9 @@ void doit(void) ret = gnutls_x509_privkey_verify_params(pkey); if (ret < 0) { - fail("gnutls_x509_privkey_generate (%s): %s (%d)\n", gnutls_pk_algorithm_get_name(algorithm), gnutls_strerror(ret), ret); + fail("gnutls_x509_privkey_generate (%s): %s (%d)\n", + gnutls_pk_algorithm_get_name(algorithm), + gnutls_strerror(ret), ret); } /* include test of cpy */ @@ -205,7 +207,9 @@ void doit(void) ret = gnutls_x509_privkey_verify_params(pkey); if (ret < 0) { - fail("gnutls_x509_privkey_generate after cpy (%s): %s (%d)\n", gnutls_pk_algorithm_get_name(algorithm), gnutls_strerror(ret), ret); + fail("gnutls_x509_privkey_generate after cpy (%s): %s (%d)\n", + gnutls_pk_algorithm_get_name(algorithm), + gnutls_strerror(ret), ret); } FIPS_PUSH_CONTEXT(); diff --git a/tests/privkey-verify-broken.c b/tests/privkey-verify-broken.c index a9f72cc254..8937eadeeb 100644 --- a/tests/privkey-verify-broken.c +++ b/tests/privkey-verify-broken.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -39,10 +39,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } -const gnutls_datum_t raw_data = { - (void *)"hello there", - 11 -}; +const gnutls_datum_t raw_data = { (void *)"hello there", 11 }; static int sign_verify_data(gnutls_x509_privkey_t pkey, gnutls_sign_algorithm_t algo, unsigned vflags) @@ -68,8 +65,8 @@ static int sign_verify_data(gnutls_x509_privkey_t pkey, if (ret < 0) fail("gnutls_pubkey_import_x509\n"); - ret = gnutls_privkey_sign_data(privkey, dig, sflags, - &raw_data, &signature); + ret = gnutls_privkey_sign_data(privkey, dig, sflags, &raw_data, + &signature); if (ret < 0) { ret = -1; goto cleanup; @@ -82,15 +79,15 @@ static int sign_verify_data(gnutls_x509_privkey_t pkey, if (ret < 0) fail("gnutls_pubkey_import_privkey\n"); - ret = gnutls_pubkey_verify_data2(pubkey, algo, - vflags, &raw_data, &signature); + ret = gnutls_pubkey_verify_data2(pubkey, algo, vflags, &raw_data, + &signature); if (ret < 0) { ret = -1; goto cleanup; } ret = 0; - cleanup: +cleanup: if (pubkey) gnutls_pubkey_deinit(pubkey); gnutls_privkey_deinit(privkey); @@ -129,13 +126,12 @@ void doit(void) fail("succeeded verification with MD5!\n"); if (!gnutls_fips140_mode_enabled()) { - if (sign_verify_data - (pkey, GNUTLS_SIGN_RSA_MD5, - GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5) < 0) + if (sign_verify_data(pkey, GNUTLS_SIGN_RSA_MD5, + GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5) < 0) fail("failed verification with MD5 and override flags!\n"); - if (sign_verify_data - (pkey, GNUTLS_SIGN_RSA_MD5, GNUTLS_VERIFY_ALLOW_BROKEN) < 0) + if (sign_verify_data(pkey, GNUTLS_SIGN_RSA_MD5, + GNUTLS_VERIFY_ALLOW_BROKEN) < 0) fail("failed verification with MD5 and override flags2!\n"); } diff --git a/tests/protocol-set-allowlist.c b/tests/protocol-set-allowlist.c index f75261e4f7..6fb9665c21 100644 --- a/tests/protocol-set-allowlist.c +++ b/tests/protocol-set-allowlist.c @@ -53,9 +53,12 @@ * connect -> connection established: (TLS1.1)-(RSA)-(AES-128-CBC)-(SHA1) */ -#define _assert(cond, format, ...) if (!(cond)) \ +#define _assert(cond, format, ...) \ + if (!(cond)) \ _fail("Assertion `" #cond "` failed: " format "\n", ##__VA_ARGS__) -#define _check(cond) if (!(cond)) _fail("Assertion `" #cond "` failed.") +#define _check(cond) \ + if (!(cond)) \ + _fail("Assertion `" #cond "` failed.") unsigned parse_port(const char *port_str); gnutls_protocol_t parse_protocol(const char *name); @@ -130,23 +133,21 @@ void cmd_connect(const char *ca_file, unsigned port) return; } - _check(gnutls_server_name_set(session, GNUTLS_NAME_DNS, - "example.com", + _check(gnutls_server_name_set(session, GNUTLS_NAME_DNS, "example.com", strlen("example.com")) >= 0); gnutls_session_set_verify_cert(session, "example.com", 0); _check(gnutls_certificate_allocate_credentials(&cred) >= 0); - _check(gnutls_certificate_set_x509_trust_file(cred, - ca_file, - GNUTLS_X509_FMT_PEM) == - 1); + _check(gnutls_certificate_set_x509_trust_file( + cred, ca_file, GNUTLS_X509_FMT_PEM) == 1); _check(gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, cred) >= 0); sock = tcp_connect("127.0.0.1", port); _assert(sock != -1, "Connection to 127.0.0.1:%u has failed!", port); - _assert(setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, - &sock_flags, sizeof(int)) == 0, "setsockopt failed"); + _assert(setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, &sock_flags, + sizeof(int)) == 0, + "setsockopt failed"); gnutls_transport_set_int(session, sock); gnutls_handshake_set_timeout(session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT); @@ -175,9 +176,9 @@ void cmd_protocol_set_disabled(const char *name) int ret; ret = gnutls_protocol_set_enabled(parse_protocol(name), 0); printf("protocol_set_disabled %s -> %s\n", name, - ret == 0 ? "OK" : + ret == 0 ? "OK" : ret == GNUTLS_E_INVALID_REQUEST ? "INVALID_REQUEST" : - gnutls_strerror(ret)); + gnutls_strerror(ret)); } void cmd_protocol_set_enabled(const char *name) @@ -185,9 +186,9 @@ void cmd_protocol_set_enabled(const char *name) int ret; ret = gnutls_protocol_set_enabled(parse_protocol(name), 1); printf("protocol_set_enabled %s -> %s\n", name, - ret == 0 ? "OK" : + ret == 0 ? "OK" : ret == GNUTLS_E_INVALID_REQUEST ? "INVALID_REQUEST" : - gnutls_strerror(ret)); + gnutls_strerror(ret)); } void cmd_reinit(void) diff --git a/tests/psk-file.c b/tests/psk-file.c index e2868407b3..d9c6453f03 100644 --- a/tests/psk-file.c +++ b/tests/psk-file.c @@ -23,7 +23,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,18 +40,18 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# endif -# include -# include -# include -# include +#include +#include +#include +#if !defined(_WIN32) +#include +#endif +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static char hexchar(unsigned int val) { @@ -94,11 +94,11 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -# define MAX_BUF 1024 -# define MSG "Hello TLS" +#define MAX_BUF 1024 +#define MSG "Hello TLS" -static void client(int sd, const char *prio, const gnutls_datum_t * user, - const gnutls_datum_t * key, unsigned expect_hint, +static void client(int sd, const char *prio, const gnutls_datum_t *user, + const gnutls_datum_t *key, unsigned expect_hint, int expect_fail, int exp_kx, unsigned binary_user) { int ret, ii, kx; @@ -196,7 +196,7 @@ static void client(int sd, const char *prio, const gnutls_datum_t * user, gnutls_kx_get_name(exp_kx), gnutls_kx_get_name(kx)); } - end: +end: close(sd); @@ -210,9 +210,9 @@ static void client(int sd, const char *prio, const gnutls_datum_t * user, /* This is a sample TLS 1.0 echo server, for PSK authentication. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 -static void server(int sd, const char *prio, const gnutls_datum_t * user, +static void server(int sd, const char *prio, const gnutls_datum_t *user, bool no_cred, int expect_fail, int exp_kx, unsigned binary_user) { @@ -241,7 +241,8 @@ static void server(int sd, const char *prio, const gnutls_datum_t * user, gnutls_psk_set_server_credentials_hint(server_pskcred, "hint"); ret = gnutls_psk_set_server_credentials_file(server_pskcred, psk_file); if (ret < 0) { - fail("server: gnutls_psk_set_server_credentials_file failed (%s)\n\n", gnutls_strerror(ret)); + fail("server: gnutls_psk_set_server_credentials_file failed (%s)\n\n", + gnutls_strerror(ret)); return; } @@ -262,8 +263,9 @@ static void server(int sd, const char *prio, const gnutls_datum_t * user, * test client reads our fatal alert, otherwise it might exit * with GNUTLS_E_PUSH_ERROR instead */ gnutls_session_force_valid(session); - while ((gnutls_record_recv_seq(session, buf, sizeof(buf), seq)) - >= 0) ; + while ((gnutls_record_recv_seq(session, buf, sizeof(buf), + seq)) >= 0) + ; if (expect_fail) { if (ret != expect_fail) { @@ -273,9 +275,8 @@ static void server(int sd, const char *prio, const gnutls_datum_t * user, } if (debug) - success - ("server: Handshake has failed - expected (%s)\n\n", - gnutls_strerror(ret)); + success("server: Handshake has failed - expected (%s)\n\n", + gnutls_strerror(ret)); } else { fail("server: Handshake has failed (%s)\n\n", gnutls_strerror(ret)); @@ -295,11 +296,11 @@ static void server(int sd, const char *prio, const gnutls_datum_t * user, if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { - fail("server: Received corrupted data(%d). Closing...\n", ret); + fail("server: Received corrupted data(%d). Closing...\n", + ret); break; } else if (ret > 0) { /* echo data back to the client @@ -324,8 +325,8 @@ static void server(int sd, const char *prio, const gnutls_datum_t * user, if (binary_user) { char pskid_bin[1024], userdata_bin[1024]; - if (gnutls_psk_server_get_username2 - (session, &pskid_binary)) + if (gnutls_psk_server_get_username2(session, + &pskid_binary)) fail("server: Could not get binary pskid\n"); if (memcmp(pskid_binary.data, user->data, user->size) != @@ -334,13 +335,15 @@ static void server(int sd, const char *prio, const gnutls_datum_t * user, sizeof(userdata_bin)); hex_encode(pskid_binary.data, pskid_binary.size, pskid_bin, sizeof(pskid_bin)); - fail("server: binary username (%s) does not match expected (%s)\n", pskid_bin, userdata_bin); + fail("server: binary username (%s) does not match expected (%s)\n", + pskid_bin, userdata_bin); } } else { pskid = gnutls_psk_server_get_username(session); - if (pskid == NULL - || strcmp(pskid, (const char *)user->data) != 0) { - fail("server: username (%s), does not match expected (%s)\n", pskid, (const char *)user->data); + if (pskid == NULL || + strcmp(pskid, (const char *)user->data) != 0) { + fail("server: username (%s), does not match expected (%s)\n", + pskid, (const char *)user->data); } } } @@ -350,7 +353,7 @@ static void server(int sd, const char *prio, const gnutls_datum_t * user, gnutls_kx_get_name(exp_kx), gnutls_kx_get_name(kx)); } - end: +end: close(sd); gnutls_deinit(session); @@ -363,7 +366,7 @@ static void server(int sd, const char *prio, const gnutls_datum_t * user, } static void print_user(const char *caption, const char *prio, - const gnutls_datum_t * user, unsigned binary_user) + const gnutls_datum_t *user, unsigned binary_user) { char hexuser[100]; @@ -375,11 +378,11 @@ static void print_user(const char *caption, const char *prio, (const char *)user->data); } -static -void run_test3(const char *prio, const char *sprio, const gnutls_datum_t * user, - const gnutls_datum_t * key, bool no_cred, unsigned expect_hint, - int exp_kx, int expect_fail_cli, int expect_fail_serv, - unsigned binary_user) +static void run_test3(const char *prio, const char *sprio, + const gnutls_datum_t *user, const gnutls_datum_t *key, + bool no_cred, unsigned expect_hint, int exp_kx, + int expect_fail_cli, int expect_fail_serv, + unsigned binary_user) { pid_t child; int err; @@ -422,37 +425,34 @@ void run_test3(const char *prio, const char *sprio, const gnutls_datum_t * user, } } -static -void run_test2(const char *prio, const char *sprio, const gnutls_datum_t * user, - const gnutls_datum_t * key, unsigned expect_hint, int exp_kx, - int expect_fail_cli, int expect_fail_serv, unsigned binary_user) +static void run_test2(const char *prio, const char *sprio, + const gnutls_datum_t *user, const gnutls_datum_t *key, + unsigned expect_hint, int exp_kx, int expect_fail_cli, + int expect_fail_serv, unsigned binary_user) { run_test3(prio, sprio, user, key, 0, expect_hint, exp_kx, expect_fail_cli, expect_fail_serv, binary_user); } -static -void run_test_ok(const char *prio, const gnutls_datum_t * user, - const gnutls_datum_t * key, unsigned expect_hint, - int expect_fail, unsigned binary_user) +static void run_test_ok(const char *prio, const gnutls_datum_t *user, + const gnutls_datum_t *key, unsigned expect_hint, + int expect_fail, unsigned binary_user) { run_test2(prio, NULL, user, key, expect_hint, GNUTLS_KX_PSK, expect_fail, expect_fail, binary_user); } -static -void run_ectest_ok(const char *prio, const gnutls_datum_t * user, - const gnutls_datum_t * key, unsigned expect_hint, - int expect_fail, unsigned binary_user) +static void run_ectest_ok(const char *prio, const gnutls_datum_t *user, + const gnutls_datum_t *key, unsigned expect_hint, + int expect_fail, unsigned binary_user) { run_test2(prio, NULL, user, key, expect_hint, GNUTLS_KX_ECDHE_PSK, expect_fail, expect_fail, binary_user); } -static -void run_dhtest_ok(const char *prio, const gnutls_datum_t * user, - const gnutls_datum_t * key, unsigned expect_hint, - int expect_fail, unsigned binary_user) +static void run_dhtest_ok(const char *prio, const gnutls_datum_t *user, + const gnutls_datum_t *key, unsigned expect_hint, + int expect_fail, unsigned binary_user) { run_test2(prio, NULL, user, key, expect_hint, GNUTLS_KX_DHE_PSK, expect_fail, expect_fail, binary_user); @@ -460,22 +460,23 @@ void run_dhtest_ok(const char *prio, const gnutls_datum_t * user, void doit(void) { - char hexuser[] = { 0xde, 0xad, 0xbe, 0xef }, - nulluser1[] = { 0 }, nulluser2[] = { 0, 0, 0xaa, 0 }; + char hexuser[] = { 0xde, 0xad, 0xbe, 0xef }, nulluser1[] = { 0 }, + nulluser2[] = { 0, 0, 0xaa, 0 }; const gnutls_datum_t user_jas = { (void *)"jas", strlen("jas") }; - const gnutls_datum_t user_unknown = - { (void *)"unknown", strlen("unknown") }; - const gnutls_datum_t user_nonhex = - { (void *)"non-hex", strlen("non-hex") }; + const gnutls_datum_t user_unknown = { (void *)"unknown", + strlen("unknown") }; + const gnutls_datum_t user_nonhex = { (void *)"non-hex", + strlen("non-hex") }; const gnutls_datum_t user_hex = { (void *)hexuser, sizeof(hexuser) }; - const gnutls_datum_t user_null_1 = - { (void *)nulluser1, sizeof(nulluser1) }; - const gnutls_datum_t user_null_2 = - { (void *)nulluser2, sizeof(nulluser2) }; - const gnutls_datum_t key = - { (void *)"9e32cf7786321a828ef7668f09fb35db", 32 }; - const gnutls_datum_t wrong_key = - { (void *)"9e31cf7786321a828ef7668f09fb35db", 32 }; + const gnutls_datum_t user_null_1 = { (void *)nulluser1, + sizeof(nulluser1) }; + const gnutls_datum_t user_null_2 = { (void *)nulluser2, + sizeof(nulluser2) }; + const gnutls_datum_t key = { (void *)"9e32cf7786321a828ef7668f09fb35db", + 32 }; + const gnutls_datum_t wrong_key = { + (void *)"9e31cf7786321a828ef7668f09fb35db", 32 + }; run_test_ok("NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+PSK", &user_jas, &key, 1, 0, 0); @@ -562,63 +563,63 @@ void doit(void) 0, 1); /* test priorities of DHE-PSK and PSK */ - run_ectest_ok - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+DHE-PSK:+PSK:-GROUP-DH-ALL", - &user_jas, &key, 0, 0, 0); - run_ectest_ok - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+DHE-PSK:+PSK:-GROUP-DH-ALL", - &user_hex, &key, 0, 0, 1); - run_ectest_ok - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+DHE-PSK:+PSK:-GROUP-DH-ALL", - &user_null_1, &key, 0, 0, 1); - run_ectest_ok - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+DHE-PSK:+PSK:-GROUP-DH-ALL", - &user_null_2, &key, 0, 0, 1); - run_test_ok - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+PSK:+DHE-PSK:-GROUP-DH-ALL", - &user_jas, &key, 0, 0, 0); - run_test_ok - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+PSK:+DHE-PSK:-GROUP-DH-ALL", - &user_hex, &key, 0, 0, 1); - run_test_ok - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+PSK:+DHE-PSK:-GROUP-DH-ALL", - &user_null_1, &key, 0, 0, 1); - run_test_ok - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+PSK:+DHE-PSK:-GROUP-DH-ALL", - &user_null_2, &key, 0, 0, 1); - run_test2 - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+DHE-PSK:+PSK:-GROUP-DH-ALL", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+PSK:+DHE-PSK:%SERVER_PRECEDENCE:-GROUP-DH-ALL", - &user_jas, &key, 0, GNUTLS_KX_PSK, 0, 0, 0); - run_test2 - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+DHE-PSK:+PSK:-GROUP-DH-ALL", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+PSK:+DHE-PSK:%SERVER_PRECEDENCE:-GROUP-DH-ALL", - &user_hex, &key, 0, GNUTLS_KX_PSK, 0, 0, 1); - run_test2 - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+DHE-PSK:+PSK:-GROUP-DH-ALL", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+PSK:+DHE-PSK:%SERVER_PRECEDENCE:-GROUP-DH-ALL", - &user_null_1, &key, 0, GNUTLS_KX_PSK, 0, 0, 1); - run_test2 - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+DHE-PSK:+PSK:-GROUP-DH-ALL", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+PSK:+DHE-PSK:%SERVER_PRECEDENCE:-GROUP-DH-ALL", - &user_null_2, &key, 0, GNUTLS_KX_PSK, 0, 0, 1); + run_ectest_ok( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+DHE-PSK:+PSK:-GROUP-DH-ALL", + &user_jas, &key, 0, 0, 0); + run_ectest_ok( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+DHE-PSK:+PSK:-GROUP-DH-ALL", + &user_hex, &key, 0, 0, 1); + run_ectest_ok( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+DHE-PSK:+PSK:-GROUP-DH-ALL", + &user_null_1, &key, 0, 0, 1); + run_ectest_ok( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+DHE-PSK:+PSK:-GROUP-DH-ALL", + &user_null_2, &key, 0, 0, 1); + run_test_ok( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+PSK:+DHE-PSK:-GROUP-DH-ALL", + &user_jas, &key, 0, 0, 0); + run_test_ok( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+PSK:+DHE-PSK:-GROUP-DH-ALL", + &user_hex, &key, 0, 0, 1); + run_test_ok( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+PSK:+DHE-PSK:-GROUP-DH-ALL", + &user_null_1, &key, 0, 0, 1); + run_test_ok( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+PSK:+DHE-PSK:-GROUP-DH-ALL", + &user_null_2, &key, 0, 0, 1); + run_test2( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+DHE-PSK:+PSK:-GROUP-DH-ALL", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+PSK:+DHE-PSK:%SERVER_PRECEDENCE:-GROUP-DH-ALL", + &user_jas, &key, 0, GNUTLS_KX_PSK, 0, 0, 0); + run_test2( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+DHE-PSK:+PSK:-GROUP-DH-ALL", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+PSK:+DHE-PSK:%SERVER_PRECEDENCE:-GROUP-DH-ALL", + &user_hex, &key, 0, GNUTLS_KX_PSK, 0, 0, 1); + run_test2( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+DHE-PSK:+PSK:-GROUP-DH-ALL", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+PSK:+DHE-PSK:%SERVER_PRECEDENCE:-GROUP-DH-ALL", + &user_null_1, &key, 0, GNUTLS_KX_PSK, 0, 0, 1); + run_test2( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+DHE-PSK:+PSK:-GROUP-DH-ALL", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+PSK:+DHE-PSK:%SERVER_PRECEDENCE:-GROUP-DH-ALL", + &user_null_2, &key, 0, GNUTLS_KX_PSK, 0, 0, 1); /* try with PRF that doesn't match binder (SHA256) */ - run_test2 - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-256-GCM:+PSK:+DHE-PSK", - NULL, &user_jas, &key, 0, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, - GNUTLS_E_NO_CIPHER_SUITES, 0); - run_test2 - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-256-GCM:+PSK:+DHE-PSK", - NULL, &user_hex, &key, 0, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, - GNUTLS_E_NO_CIPHER_SUITES, 1); - run_test2 - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-256-GCM:+PSK:+DHE-PSK", - NULL, &user_null_1, &key, 0, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, - GNUTLS_E_NO_CIPHER_SUITES, 1); - run_test2 - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-256-GCM:+PSK:+DHE-PSK", - NULL, &user_null_2, &key, 0, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, - GNUTLS_E_NO_CIPHER_SUITES, 1); + run_test2( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-256-GCM:+PSK:+DHE-PSK", + NULL, &user_jas, &key, 0, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, + GNUTLS_E_NO_CIPHER_SUITES, 0); + run_test2( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-256-GCM:+PSK:+DHE-PSK", + NULL, &user_hex, &key, 0, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, + GNUTLS_E_NO_CIPHER_SUITES, 1); + run_test2( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-256-GCM:+PSK:+DHE-PSK", + NULL, &user_null_1, &key, 0, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, + GNUTLS_E_NO_CIPHER_SUITES, 1); + run_test2( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-256-GCM:+PSK:+DHE-PSK", + NULL, &user_null_2, &key, 0, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, + GNUTLS_E_NO_CIPHER_SUITES, 1); /* try with no groups and PSK */ run_test_ok("NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK:-GROUP-ALL", &user_jas, &key, 0, 0, 0); @@ -683,22 +684,22 @@ void doit(void) GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER, 1); /* try with HelloRetryRequest and PSK */ - run_test2 - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-FFDHE4096", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-ALL:+GROUP-FFDHE4096", - &user_jas, &key, 0, GNUTLS_KX_DHE_PSK, 0, 0, 0); - run_test2 - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-FFDHE4096", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-ALL:+GROUP-FFDHE4096", - &user_hex, &key, 0, GNUTLS_KX_DHE_PSK, 0, 0, 1); - run_test2 - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-FFDHE4096", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-ALL:+GROUP-FFDHE4096", - &user_null_1, &key, 0, GNUTLS_KX_DHE_PSK, 0, 0, 1); - run_test2 - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-FFDHE4096", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-ALL:+GROUP-FFDHE4096", - &user_null_2, &key, 0, GNUTLS_KX_DHE_PSK, 0, 0, 1); + run_test2( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-FFDHE4096", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-ALL:+GROUP-FFDHE4096", + &user_jas, &key, 0, GNUTLS_KX_DHE_PSK, 0, 0, 0); + run_test2( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-FFDHE4096", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-ALL:+GROUP-FFDHE4096", + &user_hex, &key, 0, GNUTLS_KX_DHE_PSK, 0, 0, 1); + run_test2( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-FFDHE4096", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-ALL:+GROUP-FFDHE4096", + &user_null_1, &key, 0, GNUTLS_KX_DHE_PSK, 0, 0, 1); + run_test2( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-FFDHE4096", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-ALL:+GROUP-FFDHE4096", + &user_null_2, &key, 0, GNUTLS_KX_DHE_PSK, 0, 0, 1); /* try without server credentials */ run_test3("NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK:+DHE-PSK", NULL, @@ -715,4 +716,4 @@ void doit(void) GNUTLS_E_INSUFFICIENT_CREDENTIALS, 1); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/pskself.c b/tests/pskself.c index dd00009167..ae46d4221e 100644 --- a/tests/pskself.c +++ b/tests/pskself.c @@ -23,7 +23,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -39,16 +39,16 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# endif -# include -# include +#include +#include +#include +#if !defined(_WIN32) +#include +#endif +#include +#include -# include "utils.h" +#include "utils.h" /* A very basic TLS client, with PSK authentication. */ @@ -60,8 +60,8 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -# define MAX_BUF 1024 -# define MSG "Hello TLS" +#define MAX_BUF 1024 +#define MSG "Hello TLS" static void client(int sd, const char *prio, unsigned exp_hint) { @@ -142,7 +142,7 @@ static void client(int sd, const char *prio, unsigned exp_hint) gnutls_bye(session, GNUTLS_SHUT_RDWR); - end: +end: close(sd); @@ -156,12 +156,12 @@ static void client(int sd, const char *prio, unsigned exp_hint) /* This is a sample TLS 1.0 echo server, for PSK authentication. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 /* These are global */ -static int -pskfunc(gnutls_session_t session, const char *username, gnutls_datum_t * key) +static int pskfunc(gnutls_session_t session, const char *username, + gnutls_datum_t *key) { if (debug) printf("psk: username %s\n", username); @@ -242,11 +242,11 @@ static void server(int sd, const char *prio) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { - fail("server: Received corrupted data(%d). Closing...\n", ret); + fail("server: Received corrupted data(%d). Closing...\n", + ret); break; } else if (ret > 0) { /* echo data back to the client @@ -269,8 +269,7 @@ static void server(int sd, const char *prio) success("server: finished\n"); } -static -void run_test(const char *prio, unsigned exp_hint) +static void run_test(const char *prio, unsigned exp_hint) { pid_t child; int err; @@ -315,12 +314,12 @@ void doit(void) run_test("NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+DHE-PSK", 1); run_test("NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK", 0); - run_test - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048:+DHE-PSK", - 0); - run_test - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+ECDHE-PSK", - 0); + run_test( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048:+DHE-PSK", + 0); + run_test( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+ECDHE-PSK", + 0); /* the following should work once we support PSK without DH */ run_test("NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+PSK", 0); @@ -331,4 +330,4 @@ void doit(void) gnutls_dh_params_deinit(dh_params); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/pskself2.c b/tests/pskself2.c index b658ea67ba..4d9dc108fc 100644 --- a/tests/pskself2.c +++ b/tests/pskself2.c @@ -24,7 +24,7 @@ /* Parts copied from pskself.c. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,17 +40,17 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# endif -# include -# include +#include +#include +#include +#if !defined(_WIN32) +#include +#endif +#include +#include -# include "utils.h" -# include "extras/hex.h" +#include "utils.h" +#include "extras/hex.h" /* A very basic TLS client, with PSK authentication. */ @@ -62,8 +62,8 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -# define MAX_BUF 1024 -# define MSG "Hello TLS" +#define MAX_BUF 1024 +#define MSG "Hello TLS" static void client(int sd, const char *prio, unsigned exp_hint) { @@ -157,7 +157,7 @@ static void client(int sd, const char *prio, unsigned exp_hint) gnutls_bye(session, GNUTLS_SHUT_RDWR); - end: +end: close(sd); @@ -172,13 +172,12 @@ static void client(int sd, const char *prio, unsigned exp_hint) /* This is a sample TLS 1.0 echo server, for PSK authentication. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 /* These are global */ -static int -pskfunc(gnutls_session_t session, const gnutls_datum_t * username, - gnutls_datum_t * key) +static int pskfunc(gnutls_session_t session, const gnutls_datum_t *username, + gnutls_datum_t *key) { if (debug) printf("psk: Got username with length %d\n", username->size); @@ -199,8 +198,8 @@ static void server(int sd, const char *prio) int ret; gnutls_session_t session; gnutls_datum_t psk_username; - char buffer[MAX_BUF + 1], expected_psk_username[] = - { 0xDE, 0xAD, 0xBE, 0xEF }; + char buffer[MAX_BUF + 1], + expected_psk_username[] = { 0xDE, 0xAD, 0xBE, 0xEF }; /* this must be called once in the program */ @@ -242,8 +241,8 @@ static void server(int sd, const char *prio) if (gnutls_psk_server_get_username2(session, &psk_username) < 0) fail("server: Could not get PSK username\n"); - if (psk_username.size != 4 - || memcmp(psk_username.data, expected_psk_username, 4)) + if (psk_username.size != 4 || + memcmp(psk_username.data, expected_psk_username, 4)) fail("server: Unexpected PSK username\n"); success("server: PSK username length: %d\n", psk_username.size); @@ -259,11 +258,11 @@ static void server(int sd, const char *prio) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { - fail("server: Received corrupted data(%d). Closing...\n", ret); + fail("server: Received corrupted data(%d). Closing...\n", + ret); break; } else if (ret > 0) { /* echo data back to the client @@ -286,8 +285,7 @@ static void server(int sd, const char *prio) success("server: finished\n"); } -static -void run_test(const char *prio, unsigned exp_hint) +static void run_test(const char *prio, unsigned exp_hint) { pid_t child; int err; @@ -330,19 +328,19 @@ void doit(void) run_test("NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+DHE-PSK", 1); run_test("NORMAL:-VERS-ALL:+VERS-TLS1.2:+PSK", 0); - run_test - ("NORMAL:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE2048:+DHE-PSK", - 0); - run_test - ("NORMAL:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-SECP256R1:+ECDHE-PSK", - 0); + run_test( + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE2048:+DHE-PSK", + 0); + run_test( + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-SECP256R1:+ECDHE-PSK", + 0); run_test("NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK", 0); - run_test - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048:+DHE-PSK", - 0); - run_test - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+ECDHE-PSK", - 0); + run_test( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048:+DHE-PSK", + 0); + run_test( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+ECDHE-PSK", + 0); /* the following should work once we support PSK without DH */ run_test("NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+PSK", 0); @@ -351,4 +349,4 @@ void doit(void) run_test("NORMAL:-KX-ALL:+DHE-PSK", 0); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/pubkey-import-export.c b/tests/pubkey-import-export.c index 5986493c45..788e0b4c30 100644 --- a/tests/pubkey-import-export.c +++ b/tests/pubkey-import-export.c @@ -18,7 +18,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -34,25 +34,23 @@ #include "cert-common.h" static char rsa_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" - "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" - "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" - "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" - "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" - "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" - "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" - "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" - "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" - "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" - "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" - "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" - "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t rsa_key = { (void *)rsa_key_pem, - sizeof(rsa_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" + "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" + "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" + "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" + "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" + "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" + "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" + "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" + "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" + "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" + "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" + "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" + "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t rsa_key = { (void *)rsa_key_pem, sizeof(rsa_key_pem) }; static void dump(const char *name, unsigned char *buf, int buf_size) { @@ -64,45 +62,45 @@ static void dump(const char *name, unsigned char *buf, int buf_size) } unsigned char dsa_p[] = - "\x00\xb9\x84\xf5\x5a\x81\xbe\x1a\x0d\xc5\x8a\x73\x8f\x0c\x9b\x2f\x9b\xb6\x0e\x4b\xc3\x74\x1a\x7f\x64\xad\x9d\xf3\x28\xc5\xa0\x47\xbc\x9b\x57\x56\xf1\x97\xd5\x7e\x37\x03\xe9\xf2\x4c\xf4\xe3\x8b\x7f\x30\xa3\x5d\x2f\xbb\xa1\xa2\x37\xc2\xea\x35\x8f\x1f\xb1\x5f\xa6\xa2\x5f\x01\xf1\x23\x36\x2b\xe4\x4f\x2f\x2d\xdd\x9d\xd5\x3a\xa6\x39\xaf\x7a\x51\x7c\xd2\x25\x8e\x97\x74\xcf\x1e\xc5\x7b\x4b\x76\x43\x81\x07\x1f\x06\x14\xb8\x6e\x58\x12\xe1\x90\xe2\x37\x6f\xd2\x1b\xec\x68\xc5\x58\xe2\xe6\x30\xe0\x6a\x5e\x2c\x63\x78\xec\x07"; + "\x00\xb9\x84\xf5\x5a\x81\xbe\x1a\x0d\xc5\x8a\x73\x8f\x0c\x9b\x2f\x9b\xb6\x0e\x4b\xc3\x74\x1a\x7f\x64\xad\x9d\xf3\x28\xc5\xa0\x47\xbc\x9b\x57\x56\xf1\x97\xd5\x7e\x37\x03\xe9\xf2\x4c\xf4\xe3\x8b\x7f\x30\xa3\x5d\x2f\xbb\xa1\xa2\x37\xc2\xea\x35\x8f\x1f\xb1\x5f\xa6\xa2\x5f\x01\xf1\x23\x36\x2b\xe4\x4f\x2f\x2d\xdd\x9d\xd5\x3a\xa6\x39\xaf\x7a\x51\x7c\xd2\x25\x8e\x97\x74\xcf\x1e\xc5\x7b\x4b\x76\x43\x81\x07\x1f\x06\x14\xb8\x6e\x58\x12\xe1\x90\xe2\x37\x6f\xd2\x1b\xec\x68\xc5\x58\xe2\xe6\x30\xe0\x6a\x5e\x2c\x63\x78\xec\x07"; unsigned char dsa_q[] = - "\x00\x9f\x56\x8c\x48\x64\x2f\xfe\x8d\xaa\x7a\x6d\x96\xdb\x04\x5d\x16\xef\x08\xa5\x71"; + "\x00\x9f\x56\x8c\x48\x64\x2f\xfe\x8d\xaa\x7a\x6d\x96\xdb\x04\x5d\x16\xef\x08\xa5\x71"; unsigned char dsa_g[] = - "\x62\x06\x7e\xe4\x5c\x76\x08\xb7\x46\x1a\x5d\xd7\x97\xd4\x2a\x21\xfb\x1f\x31\xc9\xd2\xf4\xfa\x39\xd8\x27\xd1\x9b\xfc\x27\x5d\xa7\x0a\xa7\x1a\xfc\x53\xc1\x2f\x43\xc2\x37\xc8\x85\x7f\x3d\x4c\xab\x5d\x81\x32\xfb\x1d\x5e\x1e\x54\x11\x16\x20\xc6\x80\x5a\xd9\x8c\x9b\x43\xf0\xdd\x6b\xa0\xf4\xc3\xf2\x8a\x9c\x39\xd2\x1c\x7b\x0f\xef\xfa\x28\x93\x8f\xd2\xa1\x22\xeb\xdc\xe0\x8a\x8b\xad\x28\x0e\xcf\xef\x09\x85\xe9\x36\xbd\x8b\x7a\x50\xd5\x7b\xf7\x25\x0d\x6c\x60\x11\xc4\xef\x70\x90\xcf\xd6\x1b\xeb\xbb\x8e\xc6\x3e\x3a\x97"; + "\x62\x06\x7e\xe4\x5c\x76\x08\xb7\x46\x1a\x5d\xd7\x97\xd4\x2a\x21\xfb\x1f\x31\xc9\xd2\xf4\xfa\x39\xd8\x27\xd1\x9b\xfc\x27\x5d\xa7\x0a\xa7\x1a\xfc\x53\xc1\x2f\x43\xc2\x37\xc8\x85\x7f\x3d\x4c\xab\x5d\x81\x32\xfb\x1d\x5e\x1e\x54\x11\x16\x20\xc6\x80\x5a\xd9\x8c\x9b\x43\xf0\xdd\x6b\xa0\xf4\xc3\xf2\x8a\x9c\x39\xd2\x1c\x7b\x0f\xef\xfa\x28\x93\x8f\xd2\xa1\x22\xeb\xdc\xe0\x8a\x8b\xad\x28\x0e\xcf\xef\x09\x85\xe9\x36\xbd\x8b\x7a\x50\xd5\x7b\xf7\x25\x0d\x6c\x60\x11\xc4\xef\x70\x90\xcf\xd6\x1b\xeb\xbb\x8e\xc6\x3e\x3a\x97"; unsigned char dsa_y[] = - "\x0f\x8a\x87\x57\xf2\xd1\xc2\xdc\xac\xdf\x4b\x8b\x0f\x8b\xba\x29\xf7\xe1\x03\xe4\x55\xfa\xb2\x98\x07\xd6\xfd\x12\xb1\x80\xbc\xf5\xba\xb4\x50\xd4\x7f\xa0\x0e\x43\xe7\x9f\xc9\x78\x11\x5f\xe5\xe4\x0c\x2c\x6b\x6a\xa4\x35\xdc\xbd\x54\xe5\x60\x36\x9a\x31\xd1\x8a\x59\x6e\x6b\x1c\xba\xbd\x2e\xba\xeb\x7c\x87\xef\xda\xc8\xdd\xa1\xeb\xa4\x83\xe6\x8b\xad\xfa\xfa\x8e\x5b\xd7\x37\xc8\x32\x3e\x96\xc2\x3e\xf4\x43\xda\x7d\x91\x02\x0f\xb7\xbc\xf8\xef\x8f\xf7\x41\x00\x5e\x96\xdf\x0f\x08\x96\xdc\xea\xb2\xe9\x06\x82\xaf\xd2\x2f"; + "\x0f\x8a\x87\x57\xf2\xd1\xc2\xdc\xac\xdf\x4b\x8b\x0f\x8b\xba\x29\xf7\xe1\x03\xe4\x55\xfa\xb2\x98\x07\xd6\xfd\x12\xb1\x80\xbc\xf5\xba\xb4\x50\xd4\x7f\xa0\x0e\x43\xe7\x9f\xc9\x78\x11\x5f\xe5\xe4\x0c\x2c\x6b\x6a\xa4\x35\xdc\xbd\x54\xe5\x60\x36\x9a\x31\xd1\x8a\x59\x6e\x6b\x1c\xba\xbd\x2e\xba\xeb\x7c\x87\xef\xda\xc8\xdd\xa1\xeb\xa4\x83\xe6\x8b\xad\xfa\xfa\x8e\x5b\xd7\x37\xc8\x32\x3e\x96\xc2\x3e\xf4\x43\xda\x7d\x91\x02\x0f\xb7\xbc\xf8\xef\x8f\xf7\x41\x00\x5e\x96\xdf\x0f\x08\x96\xdc\xea\xb2\xe9\x06\x82\xaf\xd2\x2f"; unsigned char dsa_x[] = - "\x4b\x9f\xeb\xff\x6c\x9a\x02\x83\x41\x5e\x37\x81\x8e\x00\x86\x31\xe8\xb6\x9b\xc1"; + "\x4b\x9f\xeb\xff\x6c\x9a\x02\x83\x41\x5e\x37\x81\x8e\x00\x86\x31\xe8\xb6\x9b\xc1"; unsigned char rsa_m[] = - "\x00\xbb\x66\x43\xf5\xf2\xc5\xd7\xb6\x8c\xcc\xc5\xdf\xf5\x88\x3b\xb1\xc9\x4b\x6a\x0e\xa1\xad\x20\x50\x40\x08\x80\xa1\x4f\x5c\xa3\xd0\xf8\x6c\xcf\xe6\x3c\xf7\xec\x04\x76\x13\x17\x8b\x64\x89\x22\x5b\xc0\xdd\x53\x7c\x3b\xed\x7c\x04\xbb\x80\xb9\x28\xbe\x8e\x9b\xc6\x8e\xa0\xa5\x12\xcb\xf5\x57\x1e\xa2\xe7\xbb\xb7\x33\x49\x9f\xe3\xbb\x4a\xae\x6a\x4d\x68\xff\xc9\x11\xe2\x32\x8d\xce\x3d\x80\x0b\x8d\x75\xef\xd8\x00\x81\x8f\x28\x04\x03\xa0\x22\x8d\x61\x04\x07\xfa\xb6\x37\x7d\x21\x07\x49\xd2\x09\x61\x69\x98\x90\xa3\x58\xa9"; + "\x00\xbb\x66\x43\xf5\xf2\xc5\xd7\xb6\x8c\xcc\xc5\xdf\xf5\x88\x3b\xb1\xc9\x4b\x6a\x0e\xa1\xad\x20\x50\x40\x08\x80\xa1\x4f\x5c\xa3\xd0\xf8\x6c\xcf\xe6\x3c\xf7\xec\x04\x76\x13\x17\x8b\x64\x89\x22\x5b\xc0\xdd\x53\x7c\x3b\xed\x7c\x04\xbb\x80\xb9\x28\xbe\x8e\x9b\xc6\x8e\xa0\xa5\x12\xcb\xf5\x57\x1e\xa2\xe7\xbb\xb7\x33\x49\x9f\xe3\xbb\x4a\xae\x6a\x4d\x68\xff\xc9\x11\xe2\x32\x8d\xce\x3d\x80\x0b\x8d\x75\xef\xd8\x00\x81\x8f\x28\x04\x03\xa0\x22\x8d\x61\x04\x07\xfa\xb6\x37\x7d\x21\x07\x49\xd2\x09\x61\x69\x98\x90\xa3\x58\xa9"; unsigned char rsa_e[] = "\x01\x00\x01"; unsigned char rsa_d[] = - "\x0e\x99\x80\x44\x6e\x42\x43\x14\xbe\x01\xeb\x0d\x90\x69\xa9\x6a\xe7\xa9\x88\x2c\xf5\x24\x11\x7f\x27\x09\xf2\x89\x7e\xaf\x13\x35\x21\xd1\x8a\x5d\xdf\xd4\x99\xce\xdc\x2b\x0f\x1b\xc5\x3c\x98\xd0\x68\xa5\x65\x8e\x69\x75\xce\x42\x69\x20\x35\x6c\xaa\xf1\xdd\xc9\x57\x6c\x7b\xc3\x3e\x42\x7e\xa1\xc3\x8c\x76\xa7\x9a\xe8\x81\xdb\xe1\x84\x82\xf5\x99\xd5\xa8\xee\x35\x9e\x54\x94\xc5\x44\xa0\x7b\xcc\xb7\x4c\x3e\xcd\xf2\x49\xdb\x5c\x21\x06\x85\xf6\x75\x00\x43\x62\x89\x12\xf9\x5d\x90\xed\xe6\xfd\xb4\x49\x14\x4a\x79\xe2\x4d"; + "\x0e\x99\x80\x44\x6e\x42\x43\x14\xbe\x01\xeb\x0d\x90\x69\xa9\x6a\xe7\xa9\x88\x2c\xf5\x24\x11\x7f\x27\x09\xf2\x89\x7e\xaf\x13\x35\x21\xd1\x8a\x5d\xdf\xd4\x99\xce\xdc\x2b\x0f\x1b\xc5\x3c\x98\xd0\x68\xa5\x65\x8e\x69\x75\xce\x42\x69\x20\x35\x6c\xaa\xf1\xdd\xc9\x57\x6c\x7b\xc3\x3e\x42\x7e\xa1\xc3\x8c\x76\xa7\x9a\xe8\x81\xdb\xe1\x84\x82\xf5\x99\xd5\xa8\xee\x35\x9e\x54\x94\xc5\x44\xa0\x7b\xcc\xb7\x4c\x3e\xcd\xf2\x49\xdb\x5c\x21\x06\x85\xf6\x75\x00\x43\x62\x89\x12\xf9\x5d\x90\xed\xe6\xfd\xb4\x49\x14\x4a\x79\xe2\x4d"; unsigned char rsa_p[] = - "\x00\xd8\xcb\xe4\x65\x4e\x6c\x11\x0f\xa8\x72\xed\x4b\x4c\x8d\x1d\x07\xdc\x24\x99\x25\xe4\x3c\xb2\xf3\x02\xc4\x72\xe6\x3a\x5b\x86\xf4\x7d\x54\x2a\x4e\x79\x64\x16\x1f\x45\x3b\x17\x9e\x2a\x94\x90\x90\x59\xe7\x0b\x95\xd4\xbf\xa9\x47\xd1\x0a\x71\xaf\x3d\x6b\xed\x55"; + "\x00\xd8\xcb\xe4\x65\x4e\x6c\x11\x0f\xa8\x72\xed\x4b\x4c\x8d\x1d\x07\xdc\x24\x99\x25\xe4\x3c\xb2\xf3\x02\xc4\x72\xe6\x3a\x5b\x86\xf4\x7d\x54\x2a\x4e\x79\x64\x16\x1f\x45\x3b\x17\x9e\x2a\x94\x90\x90\x59\xe7\x0b\x95\xd4\xbf\xa9\x47\xd1\x0a\x71\xaf\x3d\x6b\xed\x55"; unsigned char rsa_q[] = - "\x00\xdd\x49\x81\x7a\x5c\x04\xbf\x6b\xbd\x70\x05\x35\x42\x32\xa3\x9b\x08\xee\xd4\x98\x17\x6e\xb8\xc4\xa2\x12\xbe\xdc\x1e\x72\xd0\x44\x84\x5c\xf0\x30\x35\x04\xfd\x4e\xb0\xcc\xd6\x6f\x40\xcb\x16\x13\x58\xbc\x57\xf7\x77\x48\xe5\x0c\x0d\x14\x9b\x66\x6e\xd8\xde\x05"; + "\x00\xdd\x49\x81\x7a\x5c\x04\xbf\x6b\xbd\x70\x05\x35\x42\x32\xa3\x9b\x08\xee\xd4\x98\x17\x6e\xb8\xc4\xa2\x12\xbe\xdc\x1e\x72\xd0\x44\x84\x5c\xf0\x30\x35\x04\xfd\x4e\xb0\xcc\xd6\x6f\x40\xcb\x16\x13\x58\xbc\x57\xf7\x77\x48\xe5\x0c\x0d\x14\x9b\x66\x6e\xd8\xde\x05"; unsigned char rsa_u[] = - "\x4a\x74\x5c\x95\x83\x54\xa3\xb0\x71\x35\xba\x02\x3a\x7d\x4a\x8c\x2d\x9a\x26\x77\x60\x36\x28\xd4\xb1\x7d\x8a\x06\xf8\x89\xa2\xef\xb1\x66\x46\x7d\xb9\xd4\xde\xbc\xa3\xbe\x46\xfa\x62\xe1\x63\x82\xdc\xdb\x64\x36\x47\x59\x00\xa8\xf3\xf7\x0e\xb4\xe0\x66\x3d\xd9"; + "\x4a\x74\x5c\x95\x83\x54\xa3\xb0\x71\x35\xba\x02\x3a\x7d\x4a\x8c\x2d\x9a\x26\x77\x60\x36\x28\xd4\xb1\x7d\x8a\x06\xf8\x89\xa2\xef\xb1\x66\x46\x7d\xb9\xd4\xde\xbc\xa3\xbe\x46\xfa\x62\xe1\x63\x82\xdc\xdb\x64\x36\x47\x59\x00\xa8\xf3\xf7\x0e\xb4\xe0\x66\x3d\xd9"; unsigned char rsa_e1[] = - "\x45\x20\x96\x5e\x1b\x28\x68\x34\x46\xf1\x06\x6b\x09\x28\xc1\xc5\xfc\xd3\x0a\xa6\x43\x65\x7b\x65\xf3\x4e\xf2\x98\x28\xa9\x80\x99\xba\xd0\xb8\x80\xb7\x42\x4b\xaf\x82\xe2\xb9\xc0\x2c\x31\x9c\xfa\xfa\x3f\xaa\xb9\x06\xd2\x6a\x46\xc5\x08\x00\x81\xf1\x22\xd5\xd5"; + "\x45\x20\x96\x5e\x1b\x28\x68\x34\x46\xf1\x06\x6b\x09\x28\xc1\xc5\xfc\xd3\x0a\xa6\x43\x65\x7b\x65\xf3\x4e\xf2\x98\x28\xa9\x80\x99\xba\xd0\xb8\x80\xb7\x42\x4b\xaf\x82\xe2\xb9\xc0\x2c\x31\x9c\xfa\xfa\x3f\xaa\xb9\x06\xd2\x6a\x46\xc5\x08\x00\x81\xf1\x22\xd5\xd5"; unsigned char rsa_e2[] = - "\x00\xa6\x50\x60\xa7\xfe\x10\xf3\x6d\x9e\x6b\x5a\xfe\xb4\x4a\x2a\xfc\x92\xb2\x2d\xc6\x41\x96\x4d\xf8\x3b\x77\xab\x4a\xf4\xf7\x85\xe0\x79\x3b\x00\xaa\xba\xae\x8d\x53\x5f\x3e\x14\xcc\x78\xfe\x2a\x11\x50\x57\xfe\x25\x57\xd9\xc9\x8c\x4d\x28\x77\xc3\x7c\xfc\x31\xa1"; + "\x00\xa6\x50\x60\xa7\xfe\x10\xf3\x6d\x9e\x6b\x5a\xfe\xb4\x4a\x2a\xfc\x92\xb2\x2d\xc6\x41\x96\x4d\xf8\x3b\x77\xab\x4a\xf4\xf7\x85\xe0\x79\x3b\x00\xaa\xba\xae\x8d\x53\x5f\x3e\x14\xcc\x78\xfe\x2a\x11\x50\x57\xfe\x25\x57\xd9\xc9\x8c\x4d\x28\x77\xc3\x7c\xfc\x31\xa1"; unsigned char ecc_x[] = - "\x3c\x15\x6f\x1d\x48\x3e\x64\x59\x13\x2c\x6d\x04\x1a\x38\x0d\x30\x5c\xe4\x3f\x55\xcb\xd9\x17\x15\x46\x72\x71\x92\xc1\xf8\xc6\x33"; + "\x3c\x15\x6f\x1d\x48\x3e\x64\x59\x13\x2c\x6d\x04\x1a\x38\x0d\x30\x5c\xe4\x3f\x55\xcb\xd9\x17\x15\x46\x72\x71\x92\xc1\xf8\xc6\x33"; unsigned char ecc_y[] = - "\x3d\x04\x2e\xc8\xc1\x0f\xc0\x50\x04\x7b\x9f\xc9\x48\xb5\x40\xfa\x6f\x93\x82\x59\x61\x5e\x72\x57\xcb\x83\x06\xbd\xcc\x82\x94\xc1"; + "\x3d\x04\x2e\xc8\xc1\x0f\xc0\x50\x04\x7b\x9f\xc9\x48\xb5\x40\xfa\x6f\x93\x82\x59\x61\x5e\x72\x57\xcb\x83\x06\xbd\xcc\x82\x94\xc1"; unsigned char ecc_k[] = - "\x00\xfd\x2b\x00\x80\xf3\x36\x5f\x11\x32\x65\xe3\x8d\x30\x33\x3b\x47\xf5\xce\xf8\x13\xe5\x4c\xc2\xcf\xfd\xe8\x05\x6a\xca\xc9\x41\xb1"; + "\x00\xfd\x2b\x00\x80\xf3\x36\x5f\x11\x32\x65\xe3\x8d\x30\x33\x3b\x47\xf5\xce\xf8\x13\xe5\x4c\xc2\xcf\xfd\xe8\x05\x6a\xca\xc9\x41\xb1"; unsigned char false_ed25519_x[] = - "\xac\xac\x9a\xb3\xc3\x41\x8d\x41\x22\x21\xc1\x84\xa7\xb8\x70\xfb\x44\x6e\xc7\x7e\x20\x87\x7b\xd9\x22\xa4\x5d\xd2\x97\x09\xd5\x48"; + "\xac\xac\x9a\xb3\xc3\x41\x8d\x41\x22\x21\xc1\x84\xa7\xb8\x70\xfb\x44\x6e\xc7\x7e\x20\x87\x7b\xd9\x22\xa4\x5d\xd2\x97\x09\xd5\x48"; unsigned char ed25519_x[] = - "\xab\xaf\x98\xb3\xc3\x41\x8d\x41\x22\x21\xc1\x86\xa7\xb8\x70\xfb\x44\x6e\xc7\x7e\x20\x87\x7b\xd9\x22\xa4\x5d\xd2\x97\x09\xd5\x48"; + "\xab\xaf\x98\xb3\xc3\x41\x8d\x41\x22\x21\xc1\x86\xa7\xb8\x70\xfb\x44\x6e\xc7\x7e\x20\x87\x7b\xd9\x22\xa4\x5d\xd2\x97\x09\xd5\x48"; unsigned char ed25519_k[] = - "\x1c\xa9\x23\xdc\x35\xa8\xfd\xd6\x2d\xa8\x98\xb9\x60\x7b\xce\x10\x3d\xf4\x64\xc6\xe5\x4b\x0a\x65\x56\x6a\x3c\x73\x65\x51\xa2\x2f"; + "\x1c\xa9\x23\xdc\x35\xa8\xfd\xd6\x2d\xa8\x98\xb9\x60\x7b\xce\x10\x3d\xf4\x64\xc6\xe5\x4b\x0a\x65\x56\x6a\x3c\x73\x65\x51\xa2\x2f"; gnutls_datum_t _dsa_p = { dsa_p, sizeof(dsa_p) - 1 }; gnutls_datum_t _dsa_q = { dsa_q, sizeof(dsa_q) - 1 }; @@ -123,17 +121,17 @@ gnutls_datum_t _ecc_x = { ecc_x, sizeof(ecc_x) - 1 }; gnutls_datum_t _ecc_y = { ecc_y, sizeof(ecc_y) - 1 }; gnutls_datum_t _ecc_k = { ecc_k, sizeof(ecc_k) - 1 }; -gnutls_datum_t _false_ed25519_x = - { false_ed25519_x, sizeof(false_ed25519_x) - 1 }; +gnutls_datum_t _false_ed25519_x = { false_ed25519_x, + sizeof(false_ed25519_x) - 1 }; gnutls_datum_t _ed25519_x = { ed25519_x, sizeof(ed25519_x) - 1 }; gnutls_datum_t _ed25519_k = { ed25519_k, sizeof(ed25519_k) - 1 }; unsigned char ecc_params[] = "\x06\x08\x2a\x86\x48\xce\x3d\x03\x01\x07"; unsigned char ecc_point[] = - "\x04\x41\x04\x3c\x15\x6f\x1d\x48\x3e\x64\x59\x13\x2c\x6d\x04\x1a\x38\x0d\x30\x5c\xe4\x3f\x55\xcb\xd9\x17\x15\x46\x72\x71\x92\xc1\xf8\xc6\x33\x3d\x04\x2e\xc8\xc1\x0f\xc0\x50\x04\x7b\x9f\xc9\x48\xb5\x40\xfa\x6f\x93\x82\x59\x61\x5e\x72\x57\xcb\x83\x06\xbd\xcc\x82\x94\xc1"; + "\x04\x41\x04\x3c\x15\x6f\x1d\x48\x3e\x64\x59\x13\x2c\x6d\x04\x1a\x38\x0d\x30\x5c\xe4\x3f\x55\xcb\xd9\x17\x15\x46\x72\x71\x92\xc1\xf8\xc6\x33\x3d\x04\x2e\xc8\xc1\x0f\xc0\x50\x04\x7b\x9f\xc9\x48\xb5\x40\xfa\x6f\x93\x82\x59\x61\x5e\x72\x57\xcb\x83\x06\xbd\xcc\x82\x94\xc1"; -#define CMP(name, dat, v) cmp(name, __LINE__, dat, v, sizeof(v)-1) -static int cmp(const char *name, int line, gnutls_datum_t * v1, +#define CMP(name, dat, v) cmp(name, __LINE__, dat, v, sizeof(v) - 1) +static int cmp(const char *name, int line, gnutls_datum_t *v1, unsigned char *v2, unsigned size) { if (size != v1->size) { @@ -153,8 +151,8 @@ static int cmp(const char *name, int line, gnutls_datum_t * v1, } /* leading zero on v2 is ignored */ -#define CMP_NO_LZ(name, dat, v) cmp_no_lz(name, __LINE__, dat, v, sizeof(v)-1) -static int cmp_no_lz(const char *name, int line, gnutls_datum_t * v1, +#define CMP_NO_LZ(name, dat, v) cmp_no_lz(name, __LINE__, dat, v, sizeof(v) - 1) +static int cmp_no_lz(const char *name, int line, gnutls_datum_t *v1, unsigned char *i2, unsigned size) { gnutls_datum_t v2; @@ -182,8 +180,7 @@ static int cmp_no_lz(const char *name, int line, gnutls_datum_t * v1, return 0; } -static -int check_pubkey_import_export(void) +static int check_pubkey_import_export(void) { gnutls_pubkey_t key; gnutls_datum_t p, q, g, y, x; @@ -198,9 +195,8 @@ int check_pubkey_import_export(void) if (ret < 0) fail("error\n"); - ret = - gnutls_pubkey_import_dsa_raw(key, &_dsa_p, &_dsa_q, &_dsa_g, - &_dsa_y); + ret = gnutls_pubkey_import_dsa_raw(key, &_dsa_p, &_dsa_q, &_dsa_g, + &_dsa_y); if (ret < 0) fail("error\n"); @@ -222,9 +218,8 @@ int check_pubkey_import_export(void) gnutls_free(g.data); gnutls_free(y.data); - ret = - gnutls_pubkey_export_dsa_raw2(key, &p, &q, &g, &y, - GNUTLS_EXPORT_FLAG_NO_LZ); + ret = gnutls_pubkey_export_dsa_raw2(key, &p, &q, &g, &y, + GNUTLS_EXPORT_FLAG_NO_LZ); if (ret < 0) fail("error: %s\n", gnutls_strerror(ret)); @@ -261,9 +256,8 @@ int check_pubkey_import_export(void) gnutls_free(m.data); gnutls_free(e.data); - ret = - gnutls_pubkey_export_rsa_raw2(key, &m, &e, - GNUTLS_EXPORT_FLAG_NO_LZ); + ret = gnutls_pubkey_export_rsa_raw2(key, &m, &e, + GNUTLS_EXPORT_FLAG_NO_LZ); if (ret < 0) fail("error\n"); @@ -278,9 +272,8 @@ int check_pubkey_import_export(void) if (ret < 0) fail("error\n"); - ret = - gnutls_pubkey_import_ecc_raw(key, GNUTLS_ECC_CURVE_SECP256R1, - &_ecc_x, &_ecc_y); + ret = gnutls_pubkey_import_ecc_raw(key, GNUTLS_ECC_CURVE_SECP256R1, + &_ecc_x, &_ecc_y); if (ret < 0) fail("error\n"); @@ -302,9 +295,8 @@ int check_pubkey_import_export(void) gnutls_free(x.data); gnutls_free(y.data); - ret = - gnutls_pubkey_export_ecc_raw2(key, &curve, &x, &y, - GNUTLS_EXPORT_FLAG_NO_LZ); + ret = gnutls_pubkey_export_ecc_raw2(key, &curve, &x, &y, + GNUTLS_EXPORT_FLAG_NO_LZ); if (ret < 0) fail("error\n"); @@ -324,15 +316,13 @@ int check_pubkey_import_export(void) fail("error\n"); /* test whether an invalid size would fail */ - ret = - gnutls_pubkey_import_ecc_raw(key, GNUTLS_ECC_CURVE_ED25519, &_rsa_m, - NULL); + ret = gnutls_pubkey_import_ecc_raw(key, GNUTLS_ECC_CURVE_ED25519, + &_rsa_m, NULL); if (ret != GNUTLS_E_INVALID_REQUEST) fail("error\n"); - ret = - gnutls_pubkey_import_ecc_raw(key, GNUTLS_ECC_CURVE_ED25519, - &_ed25519_x, NULL); + ret = gnutls_pubkey_import_ecc_raw(key, GNUTLS_ECC_CURVE_ED25519, + &_ed25519_x, NULL); if (ret < 0) fail("error\n"); diff --git a/tests/random-art.c b/tests/random-art.c index 8afa87aa9e..b730a45b5f 100644 --- a/tests/random-art.c +++ b/tests/random-art.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -42,9 +42,8 @@ static void encode(const char *test_name, const char *type, unsigned key_size, int ret; gnutls_datum_t out; - ret = - gnutls_random_art(GNUTLS_RANDOM_ART_OPENSSH, type, key_size, input, - input_size, &out); + ret = gnutls_random_art(GNUTLS_RANDOM_ART_OPENSSH, type, key_size, + input, input_size, &out); if (ret < 0) { fail("%s: gnutls_random_art: %s\n", test_name, gnutls_strerror(ret)); @@ -52,12 +51,14 @@ static void encode(const char *test_name, const char *type, unsigned key_size, } if (strlen(expected) != out.size) { - fail("%s: gnutls_random_art: output has incorrect size (%d, expected %d)\n%s\n", test_name, (int)out.size, (int)strlen(expected), out.data); + fail("%s: gnutls_random_art: output has incorrect size (%d, expected %d)\n%s\n", + test_name, (int)out.size, (int)strlen(expected), out.data); exit(1); } if (strncasecmp(expected, (char *)out.data, out.size) != 0) { - fail("%s: gnutls_random_art: output does not match the expected:\n%s\n", test_name, out.data); + fail("%s: gnutls_random_art: output does not match the expected:\n%s\n", + test_name, out.data); exit(1); } @@ -76,54 +77,54 @@ struct encode_tests_st { }; struct encode_tests_st encode_tests[] = { - { - .name = "key1", - .raw = (void *) - "\x38\x17\x0c\x08\xcb\x45\x8f\xd4\x87\x9c\x34\xb6\xf6\x08\x29\x4c\x50\x31\x2b\xbb", - .raw_size = 20, - .key_type = "RSA", - .key_size = 2048, - .art = "+--[ RSA 2048]----+\n" - "|.o*++==o |\n" - "| + *.===. |\n" - "|. * + +.o |\n" - "| o . o + . |\n" - "|. + S |\n" - "| . o |\n" - "|E |\n" - "| |\n" "| |\n" "+-----------------+"}, - { - .name = "key2", - .raw = (void *) - "\xf8\xa7\x1c\x08\x76\x47\x2c\x08\x38\x17\x0c\x08\x38\x17\x0c\x08\xcb\x45\x8f\xd4\x87\x9c\xa4\xb6\xf6\xf8\x29\xfc\x50\x3f\x2b\xbb", - .raw_size = 32, - .key_type = "RSA", - .key_size = 3072, - .art = "+--[ RSA 3072]----+\n" - "|@*=*+.o |\n" - "|O.B.+* o |\n" - "|.* +..o o |\n" - "| . . + |\n" - "| oo.o S |\n" - "| ..+o.+ |\n" - "| .o ..oo . |\n" - "| oo...o+ |\n" "| oE+.o |\n" "+-----------------+"}, - { - .name = "key3", - .raw = (void *) - "\x38\xf7\x0c\x08\xcb\x34\x8a\xd4\xb7\x9c\x34\xb4\xf6\x08\x29\x4c\x50\x3f\x2b\xbb", - .raw_size = 20, - .key_type = "ECDSA", - .key_size = 256, - .art = "+--[ECDSA 256]---+\n" - "|oo. . |\n" - "|o ..o . |\n" - "| + +** |\n" - "|...+***o |\n" - "|. o +=+.S |\n" - "| o o + |\n" - "| . o |\n" - "| . |\n" "| E |\n" "+-----------------+"} + { .name = "key1", + .raw = (void *)"\x38\x17\x0c\x08\xcb\x45\x8f\xd4\x87\x9c\x34\xb6\xf6\x08\x29\x4c\x50\x31\x2b\xbb", + .raw_size = 20, + .key_type = "RSA", + .key_size = 2048, + .art = "+--[ RSA 2048]----+\n" + "|.o*++==o |\n" + "| + *.===. |\n" + "|. * + +.o |\n" + "| o . o + . |\n" + "|. + S |\n" + "| . o |\n" + "|E |\n" + "| |\n" + "| |\n" + "+-----------------+" }, + { .name = "key2", + .raw = (void *)"\xf8\xa7\x1c\x08\x76\x47\x2c\x08\x38\x17\x0c\x08\x38\x17\x0c\x08\xcb\x45\x8f\xd4\x87\x9c\xa4\xb6\xf6\xf8\x29\xfc\x50\x3f\x2b\xbb", + .raw_size = 32, + .key_type = "RSA", + .key_size = 3072, + .art = "+--[ RSA 3072]----+\n" + "|@*=*+.o |\n" + "|O.B.+* o |\n" + "|.* +..o o |\n" + "| . . + |\n" + "| oo.o S |\n" + "| ..+o.+ |\n" + "| .o ..oo . |\n" + "| oo...o+ |\n" + "| oE+.o |\n" + "+-----------------+" }, + { .name = "key3", + .raw = (void *)"\x38\xf7\x0c\x08\xcb\x34\x8a\xd4\xb7\x9c\x34\xb4\xf6\x08\x29\x4c\x50\x3f\x2b\xbb", + .raw_size = 20, + .key_type = "ECDSA", + .key_size = 256, + .art = "+--[ECDSA 256]---+\n" + "|oo. . |\n" + "|o ..o . |\n" + "| + +** |\n" + "|...+***o |\n" + "|. o +=+.S |\n" + "| o o + |\n" + "| . o |\n" + "| . |\n" + "| E |\n" + "+-----------------+" } }; void doit(void) diff --git a/tests/rawpk-api.c b/tests/rawpk-api.c index 42ca87a013..a3607b964f 100644 --- a/tests/rawpk-api.c +++ b/tests/rawpk-api.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -62,14 +62,13 @@ void doit(void) assert(gnutls_certificate_allocate_credentials(&cred) >= 0); assert((pcert = gnutls_calloc(1, sizeof(*pcert))) != NULL); assert(gnutls_pubkey_init(&pubkey) >= 0); - assert(gnutls_pubkey_import - (pubkey, &rawpk_public_key1, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_pubkey_import(pubkey, &rawpk_public_key1, + GNUTLS_X509_FMT_PEM) >= 0); /* Tests for gnutls_certificate_set_rawpk_key_mem() */ success("Testing gnutls_certificate_set_rawpk_key_mem()...\n"); // Positive tests - ret = gnutls_certificate_set_rawpk_key_mem(cred, - &rawpk_public_key2, + ret = gnutls_certificate_set_rawpk_key_mem(cred, &rawpk_public_key2, &rawpk_private_key2, GNUTLS_X509_FMT_PEM, NULL, 0, NULL, 0, 0); @@ -77,18 +76,17 @@ void doit(void) fail("Failed to load credentials with error: %d\n", ret); } // Negative tests - ret = gnutls_certificate_set_rawpk_key_mem(cred, - NULL, &rawpk_private_key2, + ret = gnutls_certificate_set_rawpk_key_mem(cred, NULL, + &rawpk_private_key2, GNUTLS_X509_FMT_PEM, NULL, 0, NULL, 0, 0); if (ret != GNUTLS_E_INSUFFICIENT_CREDENTIALS) { fail("Failed to detect falsy input. Expected error: %d\n", GNUTLS_E_INSUFFICIENT_CREDENTIALS); } - ret = gnutls_certificate_set_rawpk_key_mem(cred, - &rawpk_public_key2, NULL, - GNUTLS_X509_FMT_PEM, NULL, 0, - NULL, 0, 0); + ret = gnutls_certificate_set_rawpk_key_mem(cred, &rawpk_public_key2, + NULL, GNUTLS_X509_FMT_PEM, + NULL, 0, NULL, 0, 0); if (ret != GNUTLS_E_INSUFFICIENT_CREDENTIALS) { fail("Failed to detect falsy input. Expected error: %d\n", GNUTLS_E_INSUFFICIENT_CREDENTIALS); @@ -97,27 +95,24 @@ void doit(void) /* Tests for gnutls_certificate_set_rawpk_key_file() */ success("Testing gnutls_certificate_set_rawpk_key_file()...\n"); // Positive tests - ret = - gnutls_certificate_set_rawpk_key_file(cred, rawpk_pub_path, - rawpk_priv_path, - GNUTLS_X509_FMT_PEM, NULL, 0, - NULL, 0, 0, 0); + ret = gnutls_certificate_set_rawpk_key_file(cred, rawpk_pub_path, + rawpk_priv_path, + GNUTLS_X509_FMT_PEM, NULL, + 0, NULL, 0, 0, 0); if (ret < 0) { fail("Failed to load credentials with error: %d\n", ret); } // Negative tests - ret = - gnutls_certificate_set_rawpk_key_file(cred, NULL, rawpk_priv_path, - GNUTLS_X509_FMT_PEM, NULL, 0, - NULL, 0, 0, 0); + ret = gnutls_certificate_set_rawpk_key_file(cred, NULL, rawpk_priv_path, + GNUTLS_X509_FMT_PEM, NULL, + 0, NULL, 0, 0, 0); if (ret != GNUTLS_E_INSUFFICIENT_CREDENTIALS) { fail("Failed to detect falsy input. Expected error: %d\n", GNUTLS_E_INSUFFICIENT_CREDENTIALS); } - ret = - gnutls_certificate_set_rawpk_key_file(cred, rawpk_pub_path, NULL, - GNUTLS_X509_FMT_PEM, NULL, 0, - NULL, 0, 0, 0); + ret = gnutls_certificate_set_rawpk_key_file(cred, rawpk_pub_path, NULL, + GNUTLS_X509_FMT_PEM, NULL, + 0, NULL, 0, 0, 0); if (ret != GNUTLS_E_INSUFFICIENT_CREDENTIALS) { fail("Failed to detect falsy input. Expected error: %d\n", GNUTLS_E_INSUFFICIENT_CREDENTIALS); @@ -128,7 +123,8 @@ void doit(void) // Positive tests ret = gnutls_pcert_import_rawpk(pcert, pubkey, 0); if (ret < 0) { - fail("Failed to import raw public-key into pcert with error: %d\n", ret); + fail("Failed to import raw public-key into pcert with error: %d\n", + ret); } // Negative tests ret = gnutls_pcert_import_rawpk(pcert, NULL, 0); @@ -142,16 +138,15 @@ void doit(void) /* Tests for gnutls_pcert_import_rawpk_raw() */ success("Testing gnutls_pcert_import_rawpk_raw()...\n"); // Positive tests - ret = - gnutls_pcert_import_rawpk_raw(pcert, &rawpk_public_key1, - GNUTLS_X509_FMT_PEM, 0, 0); + ret = gnutls_pcert_import_rawpk_raw(pcert, &rawpk_public_key1, + GNUTLS_X509_FMT_PEM, 0, 0); if (ret < 0) { - fail("Failed to import raw public-key into pcert with error: %d\n", ret); + fail("Failed to import raw public-key into pcert with error: %d\n", + ret); } // Negative tests - ret = - gnutls_pcert_import_rawpk_raw(pcert, NULL, GNUTLS_X509_FMT_PEM, 0, - 0); + ret = gnutls_pcert_import_rawpk_raw(pcert, NULL, GNUTLS_X509_FMT_PEM, 0, + 0); if (ret != GNUTLS_E_INSUFFICIENT_CREDENTIALS) { fail("Failed to detect falsy input. Expected error: %d\n", GNUTLS_E_INSUFFICIENT_CREDENTIALS); diff --git a/tests/record-pad.c b/tests/record-pad.c index 8eb00b0642..a38a73616f 100644 --- a/tests/record-pad.c +++ b/tests/record-pad.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,23 +35,23 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" - -# define MAX_BUF 1024 -# define HIGH(x) (3*x) +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" + +#define MAX_BUF 1024 +#define HIGH(x) (3 * x) static void terminate(void); static size_t total; @@ -121,8 +121,7 @@ static void client(int fd, struct test_st *test) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -135,13 +134,13 @@ static void client(int fd, struct test_st *test) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { do { - ret = - gnutls_record_recv(session, buffer, sizeof(buffer)); + ret = gnutls_record_recv(session, buffer, + sizeof(buffer)); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); } while (ret > 0); @@ -158,7 +157,7 @@ static void client(int fd, struct test_st *test) gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -216,8 +215,7 @@ static void server(int fd, struct test_st *test) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -230,8 +228,8 @@ static void server(int fd, struct test_st *test) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); gnutls_transport_set_push_function(session, push); @@ -239,16 +237,16 @@ static void server(int fd, struct test_st *test) total = 0; do { - ret = - gnutls_record_send2(session, buffer, - test->data, test->pad, 0); + ret = gnutls_record_send2(session, buffer, test->data, + test->pad, 0); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (test->sret < 0) { if (ret >= 0) fail("server: expected failure got success!\n"); if (ret != test->sret) - fail("server: expected different failure: '%s', got: '%s'\n", gnutls_strerror(test->sret), gnutls_strerror(ret)); + fail("server: expected different failure: '%s', got: '%s'\n", + gnutls_strerror(test->sret), gnutls_strerror(ret)); goto finish; } @@ -258,14 +256,14 @@ static void server(int fd, struct test_st *test) } expected = - test->data + test->pad + gnutls_record_overhead_size(session); + test->data + test->pad + gnutls_record_overhead_size(session); if (total != expected) { fail("Sent data (%u) are lower than expected (%u)\n", (unsigned)total, (unsigned)expected); terminate(); } - finish: +finish: /* do not wait for the peer to close the connection. */ gnutls_bye(session, GNUTLS_SHUT_WR); @@ -314,7 +312,7 @@ static void start(struct test_st *test) } } -# define AES_GCM "NONE:+VERS-TLS1.3:+AES-256-GCM:+AEAD:+SIGN-ALL:+GROUP-ALL" +#define AES_GCM "NONE:+VERS-TLS1.3:+AES-256-GCM:+AEAD:+SIGN-ALL:+GROUP-ALL" static void ch_handler(int sig) { @@ -325,61 +323,52 @@ static void ch_handler(int sig) } struct test_st tests[] = { - { - .name = "AES-GCM with max pad", - .pad = HIGH(MAX_BUF + 1) - (MAX_BUF + 1), - .data = MAX_BUF, - .prio = AES_GCM, - .flags = 0}, - { - .name = "AES-GCM with zero pad", - .pad = 0, - .data = MAX_BUF, - .prio = AES_GCM, - .flags = 0}, - { - .name = "AES-GCM with 1-byte pad", - .pad = 1, - .data = MAX_BUF, - .prio = AES_GCM, - .flags = 0}, - { - .name = "AES-GCM with pad, but no data", - .pad = 16, - .data = 0, - .prio = AES_GCM, - .flags = 0}, - { - .name = "AES-GCM with max pad and safe padding check", - .pad = HIGH(MAX_BUF + 1) - (MAX_BUF + 1), - .data = MAX_BUF, - .prio = AES_GCM, - .flags = GNUTLS_SAFE_PADDING_CHECK}, - { - .name = "AES-GCM with zero pad and safe padding check", - .pad = 0, - .data = MAX_BUF, - .prio = AES_GCM, - .flags = GNUTLS_SAFE_PADDING_CHECK}, - { - .name = "AES-GCM with 1-byte pad and safe padding check", - .pad = 1, - .data = MAX_BUF, - .prio = AES_GCM, - .flags = GNUTLS_SAFE_PADDING_CHECK}, - { - .name = "AES-GCM with pad, but no data and safe padding check", - .pad = 16, - .data = 0, - .prio = AES_GCM, - .flags = GNUTLS_SAFE_PADDING_CHECK}, - { - .name = "AES-GCM with pad, but no data and no pad", - .pad = 0, - .data = 0, - .prio = AES_GCM, - .flags = GNUTLS_SAFE_PADDING_CHECK, - .sret = GNUTLS_E_INVALID_REQUEST}, + { .name = "AES-GCM with max pad", + .pad = HIGH(MAX_BUF + 1) - (MAX_BUF + 1), + .data = MAX_BUF, + .prio = AES_GCM, + .flags = 0 }, + { .name = "AES-GCM with zero pad", + .pad = 0, + .data = MAX_BUF, + .prio = AES_GCM, + .flags = 0 }, + { .name = "AES-GCM with 1-byte pad", + .pad = 1, + .data = MAX_BUF, + .prio = AES_GCM, + .flags = 0 }, + { .name = "AES-GCM with pad, but no data", + .pad = 16, + .data = 0, + .prio = AES_GCM, + .flags = 0 }, + { .name = "AES-GCM with max pad and safe padding check", + .pad = HIGH(MAX_BUF + 1) - (MAX_BUF + 1), + .data = MAX_BUF, + .prio = AES_GCM, + .flags = GNUTLS_SAFE_PADDING_CHECK }, + { .name = "AES-GCM with zero pad and safe padding check", + .pad = 0, + .data = MAX_BUF, + .prio = AES_GCM, + .flags = GNUTLS_SAFE_PADDING_CHECK }, + { .name = "AES-GCM with 1-byte pad and safe padding check", + .pad = 1, + .data = MAX_BUF, + .prio = AES_GCM, + .flags = GNUTLS_SAFE_PADDING_CHECK }, + { .name = "AES-GCM with pad, but no data and safe padding check", + .pad = 16, + .data = 0, + .prio = AES_GCM, + .flags = GNUTLS_SAFE_PADDING_CHECK }, + { .name = "AES-GCM with pad, but no data and no pad", + .pad = 0, + .data = 0, + .prio = AES_GCM, + .flags = GNUTLS_SAFE_PADDING_CHECK, + .sret = GNUTLS_E_INVALID_REQUEST }, }; void doit(void) @@ -392,4 +381,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/record-retvals.c b/tests/record-retvals.c index 827405b1d7..7b9a9cd9d6 100644 --- a/tests/record-retvals.c +++ b/tests/record-retvals.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,18 +35,18 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -65,50 +65,47 @@ static void client_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; /* A very basic TLS client, with anonymous authentication. */ -# define MAX_BUF 24*1024 +#define MAX_BUF 24 * 1024 static void client(int fd, const char *prio, int ign) { @@ -154,8 +151,7 @@ static void client(int fd, const char *prio, int ign) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client (%s): Handshake has failed (%s)\n\n", prio, @@ -168,8 +164,8 @@ static void client(int fd, const char *prio, int ign) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* Test sending */ for (i = 1; i < 16384; i++) { @@ -184,7 +180,8 @@ static void client(int fd, const char *prio, int ign) } if (ret > 0 && ret != (int)i) { - fail("server (%s): Error sending %d byte packet: sent: %d\n", prio, i, ret); + fail("server (%s): Error sending %d byte packet: sent: %d\n", + prio, i, ret); exit(1); } } @@ -196,19 +193,20 @@ static void client(int fd, const char *prio, int ign) } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { - fail("server (%s): Error sending %d byte packet: %s\n", - prio, i, gnutls_strerror(ret)); + fail("server (%s): Error sending %d byte packet: %s\n", prio, i, + gnutls_strerror(ret)); exit(1); } else if (ign == 0 && ret != 16384) { - fail("server (%s): Error sending %d byte packet; sent %d bytes instead of 16384\n", prio, i, ret); + fail("server (%s): Error sending %d byte packet; sent %d bytes instead of 16384\n", + prio, i, ret); exit(1); } memset(buffer, 0xff, sizeof(buffer)); ret = gnutls_record_send(session, buffer, 4); if (ret < 0) { - fail("server (%s): Error sending 4 byte packet: %s\n", - prio, gnutls_strerror(ret)); + fail("server (%s): Error sending 4 byte packet: %s\n", prio, + gnutls_strerror(ret)); exit(1); } @@ -235,7 +233,7 @@ static void client(int fd, const char *prio, int ign) gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -301,8 +299,7 @@ static void server(int fd, const char *prio, int ign) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -315,8 +312,8 @@ static void server(int fd, const char *prio, int ign) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* Here we do both a receive and a send test because if valgrind * detects an error on the peer, the main process will never know. @@ -329,7 +326,7 @@ static void server(int fd, const char *prio, int ign) ret = gnutls_record_recv(session, buffer, MAX_BUF); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret > 0 && ret != (int)i) { - if (ret == 4 && (uint8_t) buffer[0] == 0xff) { + if (ret == 4 && (uint8_t)buffer[0] == 0xff) { break; } else { fail("error receiving message[%d]: ret: %d\n", @@ -364,11 +361,12 @@ static void server(int fd, const char *prio, int ign) } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { - fail("server (%s): Error sending %d byte packet: %s\n", - prio, i, gnutls_strerror(ret)); + fail("server (%s): Error sending %d byte packet: %s\n", prio, i, + gnutls_strerror(ret)); terminate(); } else if (ign == 0 && ret != 16384) { - fail("server (%s): Error sending %d byte packet; sent %d bytes instead of 16384\n", prio, i, ret); + fail("server (%s): Error sending %d byte packet; sent %d bytes instead of 16384\n", + prio, i, ret); terminate(); } @@ -417,15 +415,22 @@ static void start(const char *prio, int ign) } } -# define AES_CBC "NONE:+VERS-TLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" -# define AES_CBC_SHA256 "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" -# define AES_GCM "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" -# define TLS13_AES_GCM "NONE:+VERS-TLS1.3:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+CURVE-ALL" +#define AES_CBC \ + "NONE:+VERS-TLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" +#define AES_CBC_SHA256 \ + "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" +#define AES_GCM \ + "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" +#define TLS13_AES_GCM \ + "NONE:+VERS-TLS1.3:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+CURVE-ALL" -# define ARCFOUR_SHA1 "NONE:+VERS-TLS1.0:-CIPHER-ALL:+ARCFOUR-128:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" -# define ARCFOUR_MD5 "NONE:+VERS-TLS1.0:-CIPHER-ALL:+ARCFOUR-128:+MD5:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL:+RSA" +#define ARCFOUR_SHA1 \ + "NONE:+VERS-TLS1.0:-CIPHER-ALL:+ARCFOUR-128:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL" +#define ARCFOUR_MD5 \ + "NONE:+VERS-TLS1.0:-CIPHER-ALL:+ARCFOUR-128:+MD5:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL:+RSA" -# define NULL_SHA1 "NONE:+VERS-TLS1.0:-CIPHER-ALL:+NULL:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+RSA:+CURVE-ALL" +#define NULL_SHA1 \ + "NONE:+VERS-TLS1.0:-CIPHER-ALL:+NULL:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+RSA:+CURVE-ALL" static void ch_handler(int sig) { @@ -452,4 +457,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/record-sendfile.c b/tests/record-sendfile.c index aab7890cb4..9b02afb2ec 100644 --- a/tests/record-sendfile.c +++ b/tests/record-sendfile.c @@ -19,7 +19,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -34,23 +34,23 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" static void server_log_func(int level, const char *str) { @@ -62,9 +62,9 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 -# define MSG "Hello world!" -# define OFFSET 2 +#define MAX_BUF 1024 +#define MSG "Hello world!" +#define OFFSET 2 static void client(int fd, const char *prio) { @@ -93,8 +93,7 @@ static void client(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -106,8 +105,7 @@ static void client(int fd, const char *prio) memset(buffer, 0, sizeof(buffer)); do { ret = gnutls_record_recv(session, buffer, sizeof(buffer)); - } - while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); + } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret == 0) { success("client: Peer has closed the TLS connection\n"); @@ -132,7 +130,7 @@ static void client(int fd, const char *prio) } ret = 0; - end: +end: close(fd); @@ -160,9 +158,8 @@ static void server(int fd, const char *prio) } gnutls_certificate_allocate_credentials(&x509_cred); - ret = gnutls_certificate_set_x509_key_mem(x509_cred, &server_cert, - &server_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + x509_cred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -177,8 +174,7 @@ static void server(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("server: Handshake has failed (%s)\n\n", @@ -209,8 +205,8 @@ static void server(int fd, const char *prio) } do { - ret = - gnutls_record_send_file(session, fileno(fp), &offset, 512); + ret = gnutls_record_send_file(session, fileno(fp), &offset, + 512); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { @@ -225,7 +221,7 @@ static void server(int fd, const char *prio) gnutls_strerror(ret)); ret = 0; - end: +end: close(fd); gnutls_deinit(session); @@ -237,8 +233,7 @@ static void server(int fd, const char *prio) success("server: finished\n"); } -static -void run(const char *prio) +static void run(const char *prio) { int fd[2]; int ret; @@ -268,7 +263,6 @@ void run(const char *prio) client(fd[1], prio); exit(0); } - } void doit(void) @@ -278,4 +272,4 @@ void doit(void) run("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM"); run("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-256-GCM"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/record-sizes-range.c b/tests/record-sizes-range.c index 07cbcb3959..81452e2795 100644 --- a/tests/record-sizes-range.c +++ b/tests/record-sizes-range.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -42,22 +42,22 @@ static void tls_log_func(int level, const char *str) /* This test attempts to transfer various sizes using AES-128-CBC. */ -#define MAX_BUF 32*1024 +#define MAX_BUF 32 * 1024 #define MAX_SEND 16384 static char buffer1[MAX_BUF + 1]; static char buffer[MAX_BUF + 1]; -static void try_send(gnutls_session_t client, gnutls_session_t server, - void *b1, ssize_t b1_size, void *b2, ssize_t b2_size, - gnutls_range_st * range) +static void try_send(gnutls_session_t client, gnutls_session_t server, void *b1, + ssize_t b1_size, void *b2, ssize_t b2_size, + gnutls_range_st *range) { int ret, recvd; /* Try sending various other sizes */ ret = gnutls_record_send_range(client, b1, b1_size, range); if (ret < 0) { - fprintf(stderr, "Error sending %d bytes: %s\n", - (int)b1_size, gnutls_strerror(ret)); + fprintf(stderr, "Error sending %d bytes: %s\n", (int)b1_size, + gnutls_strerror(ret)); exit(1); } @@ -75,15 +75,13 @@ static void try_send(gnutls_session_t client, gnutls_session_t server, exit(1); } recvd += ret; - } - while (recvd < b1_size); + } while (recvd < b1_size); if (recvd != b1_size) { fprintf(stderr, "Couldn't receive %d bytes, received %d\n", (int)b1_size, recvd); exit(1); } - } void doit(void) @@ -113,9 +111,10 @@ void doit(void) gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM); gnutls_anon_set_server_dh_params(s_anoncred, dh_params); gnutls_init(&server, GNUTLS_SERVER); - gnutls_priority_set_direct(server, - "NONE:+VERS-TLS1.2:+AES-128-CBC:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-DH", - NULL); + gnutls_priority_set_direct( + server, + "NONE:+VERS-TLS1.2:+AES-128-CBC:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-DH", + NULL); gnutls_credentials_set(server, GNUTLS_CRD_ANON, s_anoncred); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); @@ -124,9 +123,10 @@ void doit(void) /* Init client */ gnutls_anon_allocate_client_credentials(&c_anoncred); gnutls_init(&client, GNUTLS_CLIENT); - gnutls_priority_set_direct(client, - "NONE:+VERS-TLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-DH", - NULL); + gnutls_priority_set_direct( + client, + "NONE:+VERS-TLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-DH", + NULL); gnutls_credentials_set(client, GNUTLS_CRD_ANON, c_anoncred); gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); @@ -146,7 +146,7 @@ void doit(void) try_send(client, server, buffer1, MAX_SEND, buffer, MAX_BUF, &range); try_send(client, server, buffer1, 1024, buffer, MAX_BUF, &range); try_send(client, server, buffer1, 4096, buffer, MAX_BUF, &range); - /*try_send(client, server, buffer1, 128, buffer, MAX_BUF, &range) */ ; + /*try_send(client, server, buffer1, 128, buffer, MAX_BUF, &range) */; if (debug) fputs("\n", stdout); diff --git a/tests/record-sizes.c b/tests/record-sizes.c index 8961c7f17a..dc72a29b50 100644 --- a/tests/record-sizes.c +++ b/tests/record-sizes.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -77,9 +77,10 @@ void doit(void) gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM); gnutls_anon_set_server_dh_params(s_anoncred, dh_params); gnutls_init(&server, GNUTLS_SERVER); - gnutls_priority_set_direct(server, - "NONE:+VERS-TLS1.2:+ARCFOUR-128:+MD5:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-DH", - NULL); + gnutls_priority_set_direct( + server, + "NONE:+VERS-TLS1.2:+ARCFOUR-128:+MD5:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-DH", + NULL); gnutls_credentials_set(server, GNUTLS_CRD_ANON, s_anoncred); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); @@ -88,9 +89,10 @@ void doit(void) /* Init client */ gnutls_anon_allocate_client_credentials(&c_anoncred); gnutls_init(&client, GNUTLS_CLIENT); - gnutls_priority_set_direct(client, - "NONE:+VERS-TLS1.2:+CIPHER-ALL:+ARCFOUR-128:+MD5:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-DH", - NULL); + gnutls_priority_set_direct( + client, + "NONE:+VERS-TLS1.2:+CIPHER-ALL:+ARCFOUR-128:+MD5:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-DH", + NULL); gnutls_credentials_set(client, GNUTLS_CRD_ANON, c_anoncred); gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); @@ -107,8 +109,8 @@ void doit(void) /* try the maximum allowed */ ret = gnutls_record_send(client, b1, MAX_BUF); if (ret < 0) { - fprintf(stderr, "Error sending %d bytes: %s\n", - (int)MAX_BUF, gnutls_strerror(ret)); + fprintf(stderr, "Error sending %d bytes: %s\n", (int)MAX_BUF, + gnutls_strerror(ret)); exit(1); } @@ -119,8 +121,8 @@ void doit(void) ret = gnutls_record_recv(server, buffer, MAX_BUF); if (ret < 0) { - fprintf(stderr, "Error receiving %d bytes: %s\n", - (int)MAX_BUF, gnutls_strerror(ret)); + fprintf(stderr, "Error receiving %d bytes: %s\n", (int)MAX_BUF, + gnutls_strerror(ret)); exit(1); } diff --git a/tests/record-timeouts.c b/tests/record-timeouts.c index 5a465a3793..aa9c1c805b 100644 --- a/tests/record-timeouts.c +++ b/tests/record-timeouts.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -89,9 +89,8 @@ static void start(const char *prio) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); diff --git a/tests/recv-data-before-handshake.c b/tests/recv-data-before-handshake.c index 9e0432235e..f1a0ba751b 100644 --- a/tests/recv-data-before-handshake.c +++ b/tests/recv-data-before-handshake.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,19 +35,19 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "cert-common.h" +#include "utils.h" static void terminate(void); @@ -68,7 +68,7 @@ static void client_log_func(int level, const char *str) static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { int ret; char c = 0; @@ -94,7 +94,7 @@ static int handshake_callback(gnutls_session_t session, unsigned int htype, return 0; } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, const char *prio) { @@ -130,8 +130,7 @@ static void client(int fd, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret == GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM) { /* success */ @@ -148,8 +147,8 @@ static void client(int fd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { do { @@ -168,7 +167,7 @@ static void client(int fd, const char *prio) gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -235,14 +234,14 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* do not wait for the peer to close the connection. */ gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); gnutls_deinit(session); @@ -259,8 +258,7 @@ static void ch_handler(int sig) return; } -static -void start(const char *prio) +static void start(const char *prio) { int fd[2]; int ret, status = 0; @@ -302,4 +300,4 @@ void doit(void) start("NORMAL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/rehandshake-ext-secret.c b/tests/rehandshake-ext-secret.c index 93d26ca4c7..6906a0143e 100644 --- a/tests/rehandshake-ext-secret.c +++ b/tests/rehandshake-ext-secret.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -65,9 +65,8 @@ static void try(unsigned onclient) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); gnutls_priority_set_direct(server, "NORMAL:-VERS-ALL:+VERS-TLS1.2", @@ -98,26 +97,26 @@ static void try(unsigned onclient) onclient); } - if ((gnutls_session_get_flags(server) & GNUTLS_SFLAGS_EXT_MASTER_SECRET) - == 0) { + if ((gnutls_session_get_flags(server) & + GNUTLS_SFLAGS_EXT_MASTER_SECRET) == 0) { fail("%d: ext master secret was not detected by server\n", onclient); } - if ((gnutls_session_get_flags(client) & GNUTLS_SFLAGS_EXT_MASTER_SECRET) - == 0) { + if ((gnutls_session_get_flags(client) & + GNUTLS_SFLAGS_EXT_MASTER_SECRET) == 0) { fail("%d: ext master secret was not detected by client\n", onclient); } if (onclient) - gnutls_priority_set_direct(client, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:%NO_SESSION_HASH", - NULL); + gnutls_priority_set_direct( + client, + "NORMAL:-VERS-ALL:+VERS-TLS1.2:%NO_SESSION_HASH", NULL); else - gnutls_priority_set_direct(server, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:%NO_SESSION_HASH", - NULL); + gnutls_priority_set_direct( + server, + "NORMAL:-VERS-ALL:+VERS-TLS1.2:%NO_SESSION_HASH", NULL); sret = gnutls_rehandshake(server); if (debug) { diff --git a/tests/rehandshake-switch-cert-allow.c b/tests/rehandshake-switch-cert-allow.c index f7b497164c..53b565f18d 100644 --- a/tests/rehandshake-switch-cert-allow.c +++ b/tests/rehandshake-switch-cert-allow.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -66,12 +66,10 @@ static void try(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); gnutls_certificate_allocate_credentials(&serverx509cred2); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); - gnutls_certificate_set_x509_key_mem(serverx509cred2, - &server2_cert, &server2_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred2, &server2_cert, + &server2_key, GNUTLS_X509_FMT_PEM); gnutls_dh_params_init(&dh_params); gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM); @@ -80,8 +78,8 @@ static void try(void) gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); - gnutls_priority_set_direct(server, - "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL); + gnutls_priority_set_direct(server, "NORMAL:-VERS-ALL:+VERS-TLS1.2", + NULL); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -92,9 +90,8 @@ static void try(void) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -107,10 +104,8 @@ static void try(void) if (ret < 0) exit(1); - ret = - gnutls_priority_set_direct(client, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA", - NULL); + ret = gnutls_priority_set_direct( + client, "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA", NULL); if (ret < 0) exit(1); @@ -121,7 +116,8 @@ static void try(void) HANDSHAKE(client, server); if (gnutls_kx_get(client) != GNUTLS_KX_RSA) { - fail("got unexpected key exchange algorithm: %s (expected RSA)\n", gnutls_kx_get_name(gnutls_kx_get(client))); + fail("got unexpected key exchange algorithm: %s (expected RSA)\n", + gnutls_kx_get_name(gnutls_kx_get(client))); exit(1); } diff --git a/tests/rehandshake-switch-cert-client-allow.c b/tests/rehandshake-switch-cert-client-allow.c index 8d21c6a100..626ccf96dd 100644 --- a/tests/rehandshake-switch-cert-client-allow.c +++ b/tests/rehandshake-switch-cert-client-allow.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -65,9 +65,8 @@ static void try(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_dh_params_init(&dh_params); gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM); @@ -77,8 +76,8 @@ static void try(void) gnutls_certificate_server_set_request(server, GNUTLS_CERT_REQUEST); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); - gnutls_priority_set_direct(server, - "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL); + gnutls_priority_set_direct(server, "NORMAL:-VERS-ALL:+VERS-TLS1.2", + NULL); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -89,15 +88,13 @@ static void try(void) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_key_mem(clientx509cred, &cli_cert, - &cli_key, GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + clientx509cred, &cli_cert, &cli_key, GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -105,16 +102,14 @@ static void try(void) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_key_mem(clientx509cred2, &server2_cert, - &server2_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem(clientx509cred2, + &server2_cert, &server2_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred2, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred2, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -127,10 +122,8 @@ static void try(void) if (ret < 0) exit(1); - ret = - gnutls_priority_set_direct(client, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA", - NULL); + ret = gnutls_priority_set_direct( + client, "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA", NULL); if (ret < 0) exit(1); @@ -141,7 +134,8 @@ static void try(void) HANDSHAKE(client, server); if (gnutls_kx_get(client) != GNUTLS_KX_RSA) { - fail("got unexpected key exchange algorithm: %s (expected RSA)\n", gnutls_kx_get_name(gnutls_kx_get(client))); + fail("got unexpected key exchange algorithm: %s (expected RSA)\n", + gnutls_kx_get_name(gnutls_kx_get(client))); exit(1); } diff --git a/tests/rehandshake-switch-cert-client.c b/tests/rehandshake-switch-cert-client.c index 6d92e2a1b1..70f6cb5fd9 100644 --- a/tests/rehandshake-switch-cert-client.c +++ b/tests/rehandshake-switch-cert-client.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -65,9 +65,8 @@ static void try(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_dh_params_init(&dh_params); gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM); @@ -77,8 +76,8 @@ static void try(void) gnutls_certificate_server_set_request(server, GNUTLS_CERT_REQUEST); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); - gnutls_priority_set_direct(server, - "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL); + gnutls_priority_set_direct(server, "NORMAL:-VERS-ALL:+VERS-TLS1.2", + NULL); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -89,15 +88,13 @@ static void try(void) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_key_mem(clientx509cred, &cli_cert, - &cli_key, GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + clientx509cred, &cli_cert, &cli_key, GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -105,16 +102,14 @@ static void try(void) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_key_mem(clientx509cred2, &server2_cert, - &server2_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem(clientx509cred2, + &server2_cert, &server2_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred2, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred2, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -127,10 +122,8 @@ static void try(void) if (ret < 0) exit(1); - ret = - gnutls_priority_set_direct(client, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA", - NULL); + ret = gnutls_priority_set_direct( + client, "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA", NULL); if (ret < 0) exit(1); @@ -141,7 +134,8 @@ static void try(void) HANDSHAKE(client, server); if (gnutls_kx_get(client) != GNUTLS_KX_RSA) { - fail("got unexpected key exchange algorithm: %s (expected RSA)\n", gnutls_kx_get_name(gnutls_kx_get(client))); + fail("got unexpected key exchange algorithm: %s (expected RSA)\n", + gnutls_kx_get_name(gnutls_kx_get(client))); exit(1); } diff --git a/tests/rehandshake-switch-cert.c b/tests/rehandshake-switch-cert.c index 5c161b8e70..d00c2e6ba6 100644 --- a/tests/rehandshake-switch-cert.c +++ b/tests/rehandshake-switch-cert.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -66,12 +66,10 @@ static void try(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); gnutls_certificate_allocate_credentials(&serverx509cred2); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); - gnutls_certificate_set_x509_key_mem(serverx509cred2, - &server2_cert, &server2_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred2, &server2_cert, + &server2_key, GNUTLS_X509_FMT_PEM); gnutls_dh_params_init(&dh_params); gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM); @@ -80,8 +78,8 @@ static void try(void) gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); - gnutls_priority_set_direct(server, - "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL); + gnutls_priority_set_direct(server, "NORMAL:-VERS-ALL:+VERS-TLS1.2", + NULL); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -92,9 +90,8 @@ static void try(void) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -107,10 +104,8 @@ static void try(void) if (ret < 0) exit(1); - ret = - gnutls_priority_set_direct(client, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA", - NULL); + ret = gnutls_priority_set_direct( + client, "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA", NULL); if (ret < 0) exit(1); @@ -121,7 +116,8 @@ static void try(void) HANDSHAKE(client, server); if (gnutls_kx_get(client) != GNUTLS_KX_RSA) { - fail("got unexpected key exchange algorithm: %s (expected RSA)\n", gnutls_kx_get_name(gnutls_kx_get(client))); + fail("got unexpected key exchange algorithm: %s (expected RSA)\n", + gnutls_kx_get_name(gnutls_kx_get(client))); exit(1); } diff --git a/tests/rehandshake-switch-psk-id.c b/tests/rehandshake-switch-psk-id.c index b699940c0c..675aa8a7b7 100644 --- a/tests/rehandshake-switch-psk-id.c +++ b/tests/rehandshake-switch-psk-id.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -43,8 +43,8 @@ static void tls_log_func(int level, const char *str) #include "cert-common.h" -static int -pskfunc(gnutls_session_t session, const char *username, gnutls_datum_t * key) +static int pskfunc(gnutls_session_t session, const char *username, + gnutls_datum_t *key) { if (debug) printf("psk: username %s\n", username); @@ -134,7 +134,9 @@ static void try(const char *prio, gnutls_kx_algorithm_t kx, HANDSHAKE(client, server); if (gnutls_kx_get(client) != kx) { - fail("got unexpected key exchange algorithm: %s (expected %s)\n", gnutls_kx_get_name(gnutls_kx_get(client)), gnutls_kx_get_name(kx)); + fail("got unexpected key exchange algorithm: %s (expected %s)\n", + gnutls_kx_get_name(gnutls_kx_get(client)), + gnutls_kx_get_name(kx)); exit(1); } diff --git a/tests/rehandshake-switch-srp-id.c b/tests/rehandshake-switch-srp-id.c index 9aa8f371d2..769b2e63d5 100644 --- a/tests/rehandshake-switch-srp-id.c +++ b/tests/rehandshake-switch-srp-id.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -34,12 +34,12 @@ int main(void) #else -# include -# include -# include -# include -# include "utils.h" -# include "eagain-common.h" +#include +#include +#include +#include +#include "utils.h" +#include "eagain-common.h" /* This test checks whether the server switching certificates is detected * by the client */ @@ -51,44 +51,35 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -# include "cert-common.h" +#include "cert-common.h" -# define VERIF_TEST1 "CEqjUZBlkQCocfOR0E4AsPZKOFYPGjKFMHW7KDcnpE4sH4.iGMbkygb/bViRNjskF9/TQdD46Mvlt6pLs5MZoTn8mO3G.RGyXdWuIrhnVn29p41Cpc5RhTLaeUm3asW6LF60VTKnGERC0eB37xZUsaTpzmaTNdD4mOoYCN3bD9Y" -# define VERIF_TEST2 "EEbMk8afwXz/0oV5Yo9To7V6c6xkYid8meqEByxM33XjM4xeKUjeN7Ft2.xvjo4S6Js7mEs9Ov.uZtBp3ugCAbvl6G7bdfYF6z.tAD4mNYhH7iI7SwQy.ntmbJ3uJ1qB5MHW7ajSdWvA7l3SSsyyAVMe9HVQcxZKJRf4mzwm06s" +#define VERIF_TEST1 \ + "CEqjUZBlkQCocfOR0E4AsPZKOFYPGjKFMHW7KDcnpE4sH4.iGMbkygb/bViRNjskF9/TQdD46Mvlt6pLs5MZoTn8mO3G.RGyXdWuIrhnVn29p41Cpc5RhTLaeUm3asW6LF60VTKnGERC0eB37xZUsaTpzmaTNdD4mOoYCN3bD9Y" +#define VERIF_TEST2 \ + "EEbMk8afwXz/0oV5Yo9To7V6c6xkYid8meqEByxM33XjM4xeKUjeN7Ft2.xvjo4S6Js7mEs9Ov.uZtBp3ugCAbvl6G7bdfYF6z.tAD4mNYhH7iI7SwQy.ntmbJ3uJ1qB5MHW7ajSdWvA7l3SSsyyAVMe9HVQcxZKJRf4mzwm06s" -# define SALT_TEST1 "3a3xX3Myzb9YJn5X0R7sbx" -# define SALT_TEST2 "25J9FArvl1ZDrTSFsvZ4Jb" +#define SALT_TEST1 "3a3xX3Myzb9YJn5X0R7sbx" +#define SALT_TEST2 "25J9FArvl1ZDrTSFsvZ4Jb" -# define PRIME "Ewl2hcjiutMd3Fu2lgFnUXWSc67TVyy2vwYCKoS9MLsrdJVT9RgWTCuEqWJrfB6uE3LsE9GkOlaZabS7M29sj5TnzUqOLJMjiwEzArfiLr9WbMRANlF68N5AVLcPWvNx6Zjl3m5Scp0BzJBz9TkgfhzKJZ.WtP3Mv/67I/0wmRZ" -gnutls_datum_t tprime = { - .data = (void *)PRIME, - .size = sizeof(PRIME) - 1 -}; +#define PRIME \ + "Ewl2hcjiutMd3Fu2lgFnUXWSc67TVyy2vwYCKoS9MLsrdJVT9RgWTCuEqWJrfB6uE3LsE9GkOlaZabS7M29sj5TnzUqOLJMjiwEzArfiLr9WbMRANlF68N5AVLcPWvNx6Zjl3m5Scp0BzJBz9TkgfhzKJZ.WtP3Mv/67I/0wmRZ" +gnutls_datum_t tprime = { .data = (void *)PRIME, .size = sizeof(PRIME) - 1 }; -gnutls_datum_t test1_verif = { - .data = (void *)VERIF_TEST1, - .size = sizeof(VERIF_TEST1) - 1 -}; +gnutls_datum_t test1_verif = { .data = (void *)VERIF_TEST1, + .size = sizeof(VERIF_TEST1) - 1 }; -gnutls_datum_t test2_verif = { - .data = (void *)VERIF_TEST2, - .size = sizeof(VERIF_TEST2) - 1 -}; +gnutls_datum_t test2_verif = { .data = (void *)VERIF_TEST2, + .size = sizeof(VERIF_TEST2) - 1 }; -gnutls_datum_t test1_salt = { - .data = (void *)SALT_TEST1, - .size = sizeof(SALT_TEST1) - 1 -}; +gnutls_datum_t test1_salt = { .data = (void *)SALT_TEST1, + .size = sizeof(SALT_TEST1) - 1 }; -gnutls_datum_t test2_salt = { - .data = (void *)SALT_TEST2, - .size = sizeof(SALT_TEST2) - 1 -}; +gnutls_datum_t test2_salt = { .data = (void *)SALT_TEST2, + .size = sizeof(SALT_TEST2) - 1 }; -static int -srpfunc(gnutls_session_t session, const char *username, - gnutls_datum_t * salt, gnutls_datum_t * verifier, - gnutls_datum_t * generator, gnutls_datum_t * prime) +static int srpfunc(gnutls_session_t session, const char *username, + gnutls_datum_t *salt, gnutls_datum_t *verifier, + gnutls_datum_t *generator, gnutls_datum_t *prime) { int ret; if (debug) @@ -152,9 +143,8 @@ static void try(const char *prio, gnutls_kx_algorithm_t kx, gnutls_srp_allocate_server_credentials(&server_srp_cred); gnutls_certificate_allocate_credentials(&server_x509_cred); - gnutls_certificate_set_x509_key_mem(server_x509_cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(server_x509_cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_dh_params_init(&dh_params); gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM); @@ -195,9 +185,8 @@ static void try(const char *prio, gnutls_kx_algorithm_t kx, if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(client_x509_cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(client_x509_cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -217,7 +206,9 @@ static void try(const char *prio, gnutls_kx_algorithm_t kx, HANDSHAKE(client, server); if (gnutls_kx_get(client) != kx) { - fail("got unexpected key exchange algorithm: %s (expected %s)\n", gnutls_kx_get_name(gnutls_kx_get(client)), gnutls_kx_get_name(kx)); + fail("got unexpected key exchange algorithm: %s (expected %s)\n", + gnutls_kx_get_name(gnutls_kx_get(client)), + gnutls_kx_get_name(kx)); exit(1); } diff --git a/tests/resume-dtls.c b/tests/resume-dtls.c index 1b3a0350ac..5eed31f814 100644 --- a/tests/resume-dtls.c +++ b/tests/resume-dtls.c @@ -23,7 +23,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -38,19 +38,19 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# endif -# include -# include -# include -# include -# include +#include +#include +#include +#if !defined(_WIN32) +#include +#endif +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void wrap_db_init(void); static void wrap_db_deinit(void); @@ -58,7 +58,7 @@ static int wrap_db_store(void *dbf, gnutls_datum_t key, gnutls_datum_t data); static gnutls_datum_t wrap_db_fetch(void *dbf, gnutls_datum_t key); static int wrap_db_delete(void *dbf, gnutls_datum_t key); -# define TLS_SESSION_CACHE 50 +#define TLS_SESSION_CACHE 50 struct params_res { const char *desc; @@ -71,19 +71,19 @@ struct params_res { pid_t child; struct params_res resume_tests[] = { - {"try to resume from db", 50, 0, 0, 1}, - {"try to resume from session ticket", 0, 1, 1, 1}, - {"try to resume from session ticket (server only)", 0, 1, 0, 0}, - {"try to resume from session ticket (client only)", 0, 0, 1, 0}, - {NULL, -1} + { "try to resume from db", 50, 0, 0, 1 }, + { "try to resume from session ticket", 0, 1, 1, 1 }, + { "try to resume from session ticket (server only)", 0, 1, 0, 0 }, + { "try to resume from session ticket (client only)", 0, 0, 1, 0 }, + { NULL, -1 } }; /* A very basic TLS client, with anonymous authentication. */ -# define SESSIONS 2 -# define MAX_BUF 5*1024 -# define MSG "Hello TLS" +#define SESSIONS 2 +#define MAX_BUF 5 * 1024 +#define MSG "Hello TLS" static void tls_log_func(int level, const char *str) { @@ -121,13 +121,15 @@ static void client(int sds[], struct params_res *params) /* Use default priorities */ if (params->enable_session_ticket_client) - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH", + NULL); else - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH:%NO_TICKETS", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH:%NO_TICKETS", + NULL); /* put the anonymous credentials to the current session */ @@ -159,19 +161,18 @@ static void client(int sds[], struct params_res *params) success("client: Handshake was completed\n"); } - if (t == 0) { /* the first time we connect */ + if (t == 0) { /* the first time we connect */ /* get the session data size */ ret = gnutls_session_get_data2(session, &session_data); if (ret < 0) fail("Getting resume data failed\n"); - } else { /* the second time we connect */ + } else { /* the second time we connect */ /* check if we actually resumed the previous session */ if (gnutls_session_is_resumed(session) != 0) { if (params->expect_resume) { if (debug) - success - ("- Previous session was resumed\n"); + success("- Previous session was resumed\n"); } else fail("- Previous session was resumed\n"); } else { @@ -179,8 +180,7 @@ static void client(int sds[], struct params_res *params) fail("*** Previous session was NOT resumed\n"); } else { if (debug) - success - ("*** Previous session was NOT resumed (expected)\n"); + success("*** Previous session was NOT resumed (expected)\n"); } } } @@ -190,8 +190,7 @@ static void client(int sds[], struct params_res *params) ret = gnutls_record_recv(session, buffer, MAX_BUF); if (ret == 0) { if (debug) - success - ("client: Peer has closed the TLS connection\n"); + success("client: Peer has closed the TLS connection\n"); goto end; } else if (ret < 0) { fail("client: Error: %s\n", gnutls_strerror(ret)); @@ -213,14 +212,14 @@ static void client(int sds[], struct params_res *params) gnutls_deinit(session); } - end: +end: gnutls_anon_free_client_credentials(anoncred); } /* This is a sample TLS 1.0 echo server, for anonymous authentication only. */ -# define DH_BITS 1024 +#define DH_BITS 1024 /* These are global */ @@ -286,9 +285,10 @@ static void server(int sds[], struct params_res *params) gnutls_init(&session, GNUTLS_SERVER | GNUTLS_DATAGRAM); - gnutls_priority_set_direct(session, - "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH", - NULL); + gnutls_priority_set_direct( + session, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH", + NULL); gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); gnutls_dh_set_prime_bits(session, DH_BITS); @@ -301,8 +301,8 @@ static void server(int sds[], struct params_res *params) } if (params->enable_session_ticket_server) - gnutls_session_ticket_enable_server(session, - &session_ticket_key); + gnutls_session_ticket_enable_server( + session, &session_ticket_key); gnutls_transport_set_int(session, sd); gnutls_dtls_set_timeouts(session, get_dtls_retransmit_timeout(), @@ -310,9 +310,8 @@ static void server(int sds[], struct params_res *params) do { ret = gnutls_handshake(session); - } while (ret < 0 - && (ret == GNUTLS_E_INTERRUPTED - || ret == GNUTLS_E_AGAIN)); + } while (ret < 0 && (ret == GNUTLS_E_INTERRUPTED || + ret == GNUTLS_E_AGAIN)); if (ret < 0) { close(sd); gnutls_deinit(session); @@ -333,12 +332,12 @@ static void server(int sds[], struct params_res *params) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { kill(child, SIGTERM); - fail("server: Received corrupted data(%d). Closing...\n", ret); + fail("server: Received corrupted data(%d). Closing...\n", + ret); break; } else if (ret > 0) { /* echo data back to the client @@ -427,8 +426,8 @@ void doit(void) * and session data. */ -# define MAX_SESSION_ID_SIZE 32 -# define MAX_SESSION_DATA_SIZE 1024 +#define MAX_SESSION_ID_SIZE 32 +#define MAX_SESSION_DATA_SIZE 1024 typedef struct { unsigned char session_id[MAX_SESSION_ID_SIZE]; @@ -443,7 +442,6 @@ static int cache_db_ptr = 0; static void wrap_db_init(void) { - /* allocate cache_db */ cache_db = calloc(1, TLS_SESSION_CACHE * sizeof(CACHE)); } @@ -563,7 +561,6 @@ static int wrap_db_delete(void *dbf, gnutls_datum_t key) for (i = 0; i < TLS_SESSION_CACHE; i++) { if (key.size == cache_db[i].session_id_size && memcmp(key.data, cache_db[i].session_id, key.size) == 0) { - cache_db[i].session_id_size = 0; cache_db[i].session_data_size = 0; @@ -572,7 +569,6 @@ static int wrap_db_delete(void *dbf, gnutls_datum_t key) } return -1; - } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/resume-lifetime.c b/tests/resume-lifetime.c index 4114251ed0..e655cec07c 100644 --- a/tests/resume-lifetime.c +++ b/tests/resume-lifetime.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -45,14 +45,13 @@ static void tls_log_func(int level, const char *str) } struct hsk_st { - unsigned sent_nst; /* whether the new session ticket was sent */ - unsigned sent_psk; /* whether the PSK extension was sent */ - unsigned sleep_at_finished; /* how long to wait at finished message reception */ - + unsigned sent_nst; /* whether the new session ticket was sent */ + unsigned sent_psk; /* whether the PSK extension was sent */ + unsigned sleep_at_finished; /* how long to wait at finished message reception */ }; -static int ext_hook_func(void *ctx, unsigned tls_id, - const unsigned char *data, unsigned size) +static int ext_hook_func(void *ctx, unsigned tls_id, const unsigned char *data, + unsigned size) { if (tls_id == 41) { struct hsk_st *h = ctx; @@ -63,7 +62,7 @@ static int ext_hook_func(void *ctx, unsigned tls_id, static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { struct hsk_st *h = gnutls_session_get_ptr(session); @@ -86,8 +85,8 @@ static int handshake_callback(gnutls_session_t session, unsigned int htype, /* Returns true if resumed */ static unsigned handshake(const char *prio, unsigned t, - const gnutls_datum_t * sdata, gnutls_datum_t * ndata, - gnutls_datum_t * skey, struct hsk_st *h) + const gnutls_datum_t *sdata, gnutls_datum_t *ndata, + gnutls_datum_t *skey, struct hsk_st *h) { int ret; /* Server stuff. */ @@ -105,8 +104,8 @@ static unsigned handshake(const char *prio, unsigned t, gnutls_global_set_log_level(6); assert(gnutls_certificate_allocate_credentials(&serverx509cred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, + assert(gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&server, GNUTLS_SERVER) >= 0); @@ -120,13 +119,12 @@ static unsigned handshake(const char *prio, unsigned t, gnutls_db_set_cache_expiration(server, t); assert(gnutls_session_ticket_enable_server(server, skey) >= 0); - gnutls_handshake_set_hook_function(server, -1, - GNUTLS_HOOK_POST, + gnutls_handshake_set_hook_function(server, -1, GNUTLS_HOOK_POST, handshake_callback); assert(gnutls_certificate_allocate_credentials(&clientx509cred) >= 0); - assert(gnutls_certificate_set_x509_trust_mem - (clientx509cred, &ca_cert, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&client, GNUTLS_CLIENT) >= 0); assert(gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, @@ -138,8 +136,8 @@ static unsigned handshake(const char *prio, unsigned t, gnutls_transport_set_ptr(client, client); if (sdata) { - assert(gnutls_session_set_data(client, sdata->data, sdata->size) - >= 0); + assert(gnutls_session_set_data(client, sdata->data, + sdata->size) >= 0); } memset(buf, 0, sizeof(buf)); diff --git a/tests/resume-with-false-start.c b/tests/resume-with-false-start.c index be8596ec03..bc5d93e0b9 100644 --- a/tests/resume-with-false-start.c +++ b/tests/resume-with-false-start.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,7 +40,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1461671166; @@ -74,9 +74,8 @@ void doit(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); @@ -90,9 +89,8 @@ void doit(void) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -105,8 +103,8 @@ void doit(void) if (ret < 0) exit(1); - assert(gnutls_priority_set_direct - (client, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL) >= 0); + assert(gnutls_priority_set_direct( + client, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL) >= 0); gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); gnutls_transport_set_ptr(client, client); diff --git a/tests/resume-with-previous-stek.c b/tests/resume-with-previous-stek.c index 799d00db22..71d8a765a2 100644 --- a/tests/resume-with-previous-stek.c +++ b/tests/resume-with-previous-stek.c @@ -20,7 +20,7 @@ * */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,36 +33,35 @@ int main(int argc, char **argv) } #else -# include -# include -# include -# include -# include -# include -# include "utils.h" -# include "cert-common.h" -# include "virt-time.h" +#include +#include +#include +#include +#include +#include +#include "utils.h" +#include "cert-common.h" +#include "virt-time.h" -# define TICKET_EXPIRATION 1 /* seconds */ -# define TICKET_ROTATION_PERIOD 3 /* seconds */ +#define TICKET_EXPIRATION 1 /* seconds */ +#define TICKET_ROTATION_PERIOD 3 /* seconds */ unsigned num_stek_rotations; -static void stek_rotation_callback(const gnutls_datum_t * prev_key, - const gnutls_datum_t * new_key, uint64_t t) +static void stek_rotation_callback(const gnutls_datum_t *prev_key, + const gnutls_datum_t *new_key, uint64_t t) { num_stek_rotations++; success("STEK was rotated!\n"); } static int client_handshake(gnutls_session_t session, - gnutls_datum_t * session_data, int resume) + gnutls_datum_t *session_data, int resume) { int ret; if (resume) { - if ((ret = gnutls_session_set_data(session, - session_data->data, + if ((ret = gnutls_session_set_data(session, session_data->data, session_data->size)) < 0) { fail("client: Could not get session data\n"); } @@ -84,7 +83,8 @@ static int client_handshake(gnutls_session_t session, success("client: Success: Session was NOT resumed\n"); if (!resume) { - if ((ret = gnutls_session_get_data2(session, session_data)) < 0) { + if ((ret = gnutls_session_get_data2(session, session_data)) < + 0) { fail("client: Could not get session data\n"); } } @@ -103,8 +103,8 @@ static void client(int fd, int *resume, unsigned rounds, const char *prio) gnutls_certificate_credentials_t clientx509cred = NULL; for (unsigned i = 0; i < rounds; i++) { - assert(gnutls_certificate_allocate_credentials(&clientx509cred) - >= 0); + assert(gnutls_certificate_allocate_credentials( + &clientx509cred) >= 0); assert(gnutls_init(&session, GNUTLS_CLIENT) >= 0); assert(gnutls_priority_set_direct(session, prio, NULL) >= 0); @@ -130,12 +130,11 @@ static void client(int fd, int *resume, unsigned rounds, const char *prio) gnutls_free(session_data.data); } -typedef void (*gnutls_stek_rotation_callback_t)(const gnutls_datum_t * prev_key, - const gnutls_datum_t * new_key, +typedef void (*gnutls_stek_rotation_callback_t)(const gnutls_datum_t *prev_key, + const gnutls_datum_t *new_key, uint64_t t); -void _gnutls_set_session_ticket_key_rotation_callback(gnutls_session_t session, - gnutls_stek_rotation_callback_t - cb); +void _gnutls_set_session_ticket_key_rotation_callback( + gnutls_session_t session, gnutls_stek_rotation_callback_t cb); static void server(int fd, unsigned rounds, const char *prio) { @@ -153,13 +152,11 @@ static void server(int fd, unsigned rounds, const char *prio) for (unsigned i = 0; i < rounds; i++) { assert(gnutls_init(&session, GNUTLS_SERVER) >= 0); - assert(gnutls_certificate_allocate_credentials(&serverx509cred) - >= 0); - retval = - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, - &server_key, - GNUTLS_X509_FMT_PEM); + assert(gnutls_certificate_allocate_credentials( + &serverx509cred) >= 0); + retval = gnutls_certificate_set_x509_key_mem( + serverx509cred, &server_cert, &server_key, + GNUTLS_X509_FMT_PEM); if (retval < 0) fail("error setting key: %s\n", gnutls_strerror(retval)); @@ -169,11 +166,11 @@ static void server(int fd, unsigned rounds, const char *prio) serverx509cred); gnutls_db_set_cache_expiration(session, TICKET_EXPIRATION); - _gnutls_set_session_ticket_key_rotation_callback(session, - stek_rotation_callback); + _gnutls_set_session_ticket_key_rotation_callback( + session, stek_rotation_callback); - retval = gnutls_session_ticket_enable_server(session, - &session_ticket_key); + retval = gnutls_session_ticket_enable_server( + session, &session_ticket_key); if (retval != GNUTLS_E_SUCCESS) { fail("server: Could not enable session tickets: %s\n", gnutls_strerror(retval)); @@ -186,8 +183,8 @@ static void server(int fd, unsigned rounds, const char *prio) do { retval = gnutls_handshake(session); - } while (retval == GNUTLS_E_AGAIN - || retval == GNUTLS_E_INTERRUPTED); + } while (retval == GNUTLS_E_AGAIN || + retval == GNUTLS_E_INTERRUPTED); if (retval < 0) { fail("server: Handshake failed: %s\n", diff --git a/tests/resume-with-record-size-limit.c b/tests/resume-with-record-size-limit.c index 370130dfae..a323bdbefa 100644 --- a/tests/resume-with-record-size-limit.c +++ b/tests/resume-with-record-size-limit.c @@ -24,7 +24,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,31 +40,34 @@ int main(int argc, char **argv) #else -# ifndef _GNU_SOURCE -# define _GNU_SOURCE -# endif -# include -# include -# include -# include -# if !defined(_WIN32) -# include -# endif -# include -# include -# include -# include -# include -# include "utils.h" -# include "cert-common.h" -# include "virt-time.h" - -# define SKIP8(pos, total) { \ - uint8_t _s; \ - if (pos+1 > total) fail("error\n"); \ - _s = msg->data[pos]; \ - if ((size_t)(pos+1+_s) > total) fail("error\n"); \ - pos += 1+_s; \ +#ifndef _GNU_SOURCE +#define _GNU_SOURCE +#endif +#include +#include +#include +#include +#if !defined(_WIN32) +#include +#endif +#include +#include +#include +#include +#include +#include "utils.h" +#include "cert-common.h" +#include "virt-time.h" + +#define SKIP8(pos, total) \ + { \ + uint8_t _s; \ + if (pos + 1 > total) \ + fail("error\n"); \ + _s = msg->data[pos]; \ + if ((size_t)(pos + 1 + _s) > total) \ + fail("error\n"); \ + pos += 1 + _s; \ } pid_t child; @@ -72,14 +75,14 @@ pid_t child; /* A very basic TLS client, with anonymous authentication. */ -# define SESSIONS 2 -# define MAX_BUF 5*1024 -# define MSG "Hello TLS" +#define SESSIONS 2 +#define MAX_BUF 5 * 1024 +#define MSG "Hello TLS" /* 2^13, which is not supported by max_fragment_length */ -# define MAX_DATA_SIZE 8192 +#define MAX_DATA_SIZE 8192 -# define HANDSHAKE_SESSION_ID_POS (2+32) +#define HANDSHAKE_SESSION_ID_POS (2 + 32) static void tls_log_func(int level, const char *str) { @@ -90,7 +93,7 @@ static void tls_log_func(int level, const char *str) static int ext_callback(void *ctx, unsigned tls_id, const unsigned char *data, unsigned size) { - if (tls_id == 28) { /* record size limit */ + if (tls_id == 28) { /* record size limit */ uint16_t max_data_size; assert(size == 2); @@ -104,7 +107,7 @@ static int ext_callback(void *ctx, unsigned tls_id, const unsigned char *data, static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { int ret; unsigned pos; @@ -154,8 +157,8 @@ static void client(int sds[], const char *prio) gnutls_certificate_allocate_credentials(&clientx509cred); - assert(gnutls_certificate_set_x509_key_mem(clientx509cred, - &cli_cert, &cli_key, + assert(gnutls_certificate_set_x509_key_mem(clientx509cred, &cli_cert, + &cli_key, GNUTLS_X509_FMT_PEM) >= 0); for (t = 0; t < SESSIONS; t++) { @@ -172,8 +175,8 @@ static void client(int sds[], const char *prio) clientx509cred); if (t == 0) { - ret = - gnutls_record_set_max_size(session, MAX_DATA_SIZE); + ret = gnutls_record_set_max_size(session, + MAX_DATA_SIZE); if (ret < 0) fail("gnutls_set_max_size: %s\n", gnutls_strerror(ret)); @@ -214,7 +217,7 @@ static void client(int sds[], const char *prio) if (ret < 0) fail("Getting resume data failed\n"); - } else { /* the second time we connect */ + } else { /* the second time we connect */ /* check if we actually resumed the previous session */ if (gnutls_session_is_resumed(session) == 0) { fail("- Previous session was resumed but NOT expected\n"); @@ -228,8 +231,7 @@ static void client(int sds[], const char *prio) } while (ret == GNUTLS_E_AGAIN); if (ret == 0) { if (debug) - success - ("client: Peer has closed the TLS connection\n"); + success("client: Peer has closed the TLS connection\n"); break; } else if (ret < 0) { fail("client: Error: %s\n", gnutls_strerror(ret)); @@ -285,8 +287,8 @@ static void server(int sds[], const char *prio) } gnutls_certificate_allocate_credentials(&serverx509cred); - assert(gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, + assert(gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM) >= 0); gnutls_session_ticket_key_generate(&session_ticket_key); @@ -340,12 +342,12 @@ static void server(int sds[], const char *prio) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { kill(child, SIGTERM); - fail("server: Received corrupted data(%d). Closing...\n", ret); + fail("server: Received corrupted data(%d). Closing...\n", + ret); break; } else if (ret > 0) { /* echo data back to the client @@ -424,4 +426,4 @@ void doit(void) run("NORMAL:-VERS-ALL:+VERS-TLS1.3"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/resume-with-stek-expiration.c b/tests/resume-with-stek-expiration.c index d1d4841624..3651c5577b 100644 --- a/tests/resume-with-stek-expiration.c +++ b/tests/resume-with-stek-expiration.c @@ -20,7 +20,7 @@ * */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,15 +33,15 @@ int main(int argc, char **argv) } #else -# include -# include -# include -# include -# include -# include -# include "utils.h" -# include "cert-common.h" -# include "virt-time.h" +#include +#include +#include +#include +#include +#include +#include "utils.h" +#include "cert-common.h" +#include "virt-time.h" /* * This will set the following values: @@ -49,25 +49,24 @@ int main(int argc, char **argv) * - Ticket key expiration: 1 second. * - Session ticket key rotation period: 3 seconds. */ -# define TICKET_EXPIRATION 1 /* seconds */ +#define TICKET_EXPIRATION 1 /* seconds */ unsigned num_stek_rotations; -static void stek_rotation_callback(const gnutls_datum_t * prev_key, - const gnutls_datum_t * new_key, uint64_t t) +static void stek_rotation_callback(const gnutls_datum_t *prev_key, + const gnutls_datum_t *new_key, uint64_t t) { num_stek_rotations++; success("STEK was rotated!\n"); } -typedef void (*gnutls_stek_rotation_callback_t)(const gnutls_datum_t * prev_key, - const gnutls_datum_t * new_key, +typedef void (*gnutls_stek_rotation_callback_t)(const gnutls_datum_t *prev_key, + const gnutls_datum_t *new_key, uint64_t t); -void _gnutls_set_session_ticket_key_rotation_callback(gnutls_session_t session, - gnutls_stek_rotation_callback_t - cb); +void _gnutls_set_session_ticket_key_rotation_callback( + gnutls_session_t session, gnutls_stek_rotation_callback_t cb); -static int handshake(gnutls_session_t session, gnutls_datum_t * session_data, +static int handshake(gnutls_session_t session, gnutls_datum_t *session_data, int resumption_should_succeed) { int ret; @@ -109,14 +108,13 @@ static int handshake(gnutls_session_t session, gnutls_datum_t * session_data, } static int resume_and_close(gnutls_session_t session, - gnutls_datum_t * session_data, + gnutls_datum_t *session_data, int resumption_should_succeed) { int ret; - ret = - gnutls_session_set_data(session, session_data->data, - session_data->size); + ret = gnutls_session_set_data(session, session_data->data, + session_data->size); if (ret < 0) { gnutls_perror(ret); fail("client: Could not get session data\n"); @@ -178,8 +176,8 @@ static void client(int fd, int *resumption_should_succeed, gnutls_deinit(session); for (unsigned i = 1; i < num_sessions; i++) { - assert(gnutls_certificate_allocate_credentials(&clientx509cred) - >= 0); + assert(gnutls_certificate_allocate_credentials( + &clientx509cred) >= 0); /* Initialize TLS layer */ assert(gnutls_init(&session, GNUTLS_CLIENT) >= 0); @@ -191,8 +189,8 @@ static void client(int fd, int *resumption_should_succeed, gnutls_transport_set_int(session, fd); - if (resume_and_close - (session, &session_data, resumption_should_succeed[i]) < 0) + if (resume_and_close(session, &session_data, + resumption_should_succeed[i]) < 0) return; if (clientx509cred) @@ -220,20 +218,19 @@ static void server(int fd, int *resumption_should_succeed, fail("gnutls_init() failed\n"); } - assert(gnutls_certificate_allocate_credentials(&serverx509cred) - >= 0); - assert(gnutls_certificate_set_x509_key_mem - (serverx509cred, &server_cert, &server_key, - GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_allocate_credentials( + &serverx509cred) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + serverx509cred, &server_cert, &server_key, + GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_priority_set_direct(session, prio, NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, serverx509cred); - retval = - gnutls_session_ticket_enable_server(session, - &session_ticket_key); + retval = gnutls_session_ticket_enable_server( + session, &session_ticket_key); if (retval != GNUTLS_E_SUCCESS) { gnutls_perror(retval); fail("server: Could not enable session tickets\n"); @@ -241,16 +238,16 @@ static void server(int fd, int *resumption_should_succeed, gnutls_db_set_cache_expiration(session, TICKET_EXPIRATION); - _gnutls_set_session_ticket_key_rotation_callback(session, - stek_rotation_callback); + _gnutls_set_session_ticket_key_rotation_callback( + session, stek_rotation_callback); gnutls_transport_set_int(session, fd); gnutls_handshake_set_timeout(session, get_timeout()); do { retval = gnutls_handshake(session); - } while (retval == GNUTLS_E_AGAIN - || retval == GNUTLS_E_INTERRUPTED); + } while (retval == GNUTLS_E_AGAIN || + retval == GNUTLS_E_INTERRUPTED); if (retval < 0) { fail("server: Handshake failed: %s\n", @@ -263,14 +260,12 @@ static void server(int fd, int *resumption_should_succeed, if (!resumption_should_succeed[i]) fail("server: Session was resumed (but should not)\n"); else - success - ("server: Success: Session was resumed\n"); + success("server: Success: Session was resumed\n"); } else { if (resumption_should_succeed[i]) fail("server: Session was not resumed (but should)\n"); else - success - ("server: Success: Session was NOT resumed\n"); + success("server: Success: Session was NOT resumed\n"); } gnutls_bye(session, GNUTLS_SHUT_RDWR); diff --git a/tests/resume.c b/tests/resume.c index 83e750af66..429453756c 100644 --- a/tests/resume.c +++ b/tests/resume.c @@ -24,7 +24,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,23 +40,23 @@ int main(int argc, char **argv) #else -# ifndef _GNU_SOURCE -# define _GNU_SOURCE -# endif -# include -# include -# include -# if !defined(_WIN32) -# include -# endif -# include -# include -# include -# include -# include -# include "utils.h" -# include "cert-common.h" -# include "virt-time.h" +#ifndef _GNU_SOURCE +#define _GNU_SOURCE +#endif +#include +#include +#include +#if !defined(_WIN32) +#include +#endif +#include +#include +#include +#include +#include +#include "utils.h" +#include "cert-common.h" +#include "virt-time.h" static void wrap_db_init(void); static void wrap_db_deinit(void); @@ -64,7 +64,7 @@ static int wrap_db_store(void *dbf, gnutls_datum_t key, gnutls_datum_t data); static gnutls_datum_t wrap_db_fetch(void *dbf, gnutls_datum_t key); static int wrap_db_delete(void *dbf, gnutls_datum_t key); -# define TLS_SESSION_CACHE 50 +#define TLS_SESSION_CACHE 50 enum session_ticket_enablement { ST_NONE = 0, @@ -96,185 +96,180 @@ struct params_res { pid_t child; struct params_res resume_tests[] = { -# ifndef TLS13 - {.desc = "try to resume from db", - .enable_db = 1, - .enable_session_ticket_server = ST_NONE, - .enable_session_ticket_client = ST_NONE, - .expect_resume = 1}, - {.desc = "try to resume from db with post_client_hello", - .enable_db = 1, - .enable_session_ticket_server = ST_NONE, - .enable_session_ticket_client = ST_NONE, - .call_post_client_hello = 1, - .expect_resume = 1}, - {.desc = "try to resume from db using resumed session's data", - .enable_db = 1, - .enable_session_ticket_server = ST_NONE, - .enable_session_ticket_client = ST_NONE, - .try_resumed_data = 1, - .expect_resume = 1}, - {.desc = "try to resume from db and check ALPN", - .enable_db = 1, - .enable_session_ticket_server = ST_NONE, - .enable_session_ticket_client = ST_NONE, - .try_alpn = 1, - .expect_resume = 1}, - {.desc = "try to resume from db (ext master secret -> none)", - .enable_db = 1, - .enable_session_ticket_server = ST_NONE, - .enable_session_ticket_client = ST_NONE, - .expect_resume = 0, - .first_no_ext_master = 0, - .second_no_ext_master = 1, - .no_fips = 1}, - {.desc = "try to resume from db (none -> ext master secret)", - .enable_db = 1, - .enable_session_ticket_server = ST_NONE, - .enable_session_ticket_client = ST_NONE, - .expect_resume = 0, - .first_no_ext_master = 1, - .second_no_ext_master = 0, - .no_fips = 1}, -# endif -# if defined(TLS13) +#ifndef TLS13 + { .desc = "try to resume from db", + .enable_db = 1, + .enable_session_ticket_server = ST_NONE, + .enable_session_ticket_client = ST_NONE, + .expect_resume = 1 }, + { .desc = "try to resume from db with post_client_hello", + .enable_db = 1, + .enable_session_ticket_server = ST_NONE, + .enable_session_ticket_client = ST_NONE, + .call_post_client_hello = 1, + .expect_resume = 1 }, + { .desc = "try to resume from db using resumed session's data", + .enable_db = 1, + .enable_session_ticket_server = ST_NONE, + .enable_session_ticket_client = ST_NONE, + .try_resumed_data = 1, + .expect_resume = 1 }, + { .desc = "try to resume from db and check ALPN", + .enable_db = 1, + .enable_session_ticket_server = ST_NONE, + .enable_session_ticket_client = ST_NONE, + .try_alpn = 1, + .expect_resume = 1 }, + { .desc = "try to resume from db (ext master secret -> none)", + .enable_db = 1, + .enable_session_ticket_server = ST_NONE, + .enable_session_ticket_client = ST_NONE, + .expect_resume = 0, + .first_no_ext_master = 0, + .second_no_ext_master = 1, + .no_fips = 1 }, + { .desc = "try to resume from db (none -> ext master secret)", + .enable_db = 1, + .enable_session_ticket_server = ST_NONE, + .enable_session_ticket_client = ST_NONE, + .expect_resume = 0, + .first_no_ext_master = 1, + .second_no_ext_master = 0, + .no_fips = 1 }, +#endif +#if defined(TLS13) /* only makes sense under TLS1.3 as negotiation involves a new * handshake with different parameters */ - {.desc = "try to resume from session ticket (different cipher order)", - .enable_db = 0, - .enable_session_ticket_server = ST_ALL, - .enable_session_ticket_client = ST_ALL, - .change_ciphersuite = 1, - .expect_resume = 1}, - {.desc = "try to resume from session ticket with post_client_hello", - .enable_db = 0, - .enable_session_ticket_server = ST_ALL, - .enable_session_ticket_client = ST_ALL, - .call_post_client_hello = 1, - .expect_resume = 1}, -# endif -# if defined(TLS13) && !defined(USE_PSK) - {.desc = "try to resume from session ticket (early start)", - .enable_db = 0, - .enable_session_ticket_server = ST_ALL, - .enable_session_ticket_client = ST_ALL, - .early_start = 1, - .expect_resume = 1}, -# endif -# if defined(TLS13) && defined(USE_PSK) + { .desc = "try to resume from session ticket (different cipher order)", + .enable_db = 0, + .enable_session_ticket_server = ST_ALL, + .enable_session_ticket_client = ST_ALL, + .change_ciphersuite = 1, + .expect_resume = 1 }, + { .desc = "try to resume from session ticket with post_client_hello", + .enable_db = 0, + .enable_session_ticket_server = ST_ALL, + .enable_session_ticket_client = ST_ALL, + .call_post_client_hello = 1, + .expect_resume = 1 }, +#endif +#if defined(TLS13) && !defined(USE_PSK) + { .desc = "try to resume from session ticket (early start)", + .enable_db = 0, + .enable_session_ticket_server = ST_ALL, + .enable_session_ticket_client = ST_ALL, + .early_start = 1, + .expect_resume = 1 }, +#endif +#if defined(TLS13) && defined(USE_PSK) /* early start should no happen on PSK. */ - {.desc = "try to resume from session ticket (early start)", - .enable_db = 0, - .enable_session_ticket_server = ST_ALL, - .enable_session_ticket_client = ST_ALL, - .no_early_start = 1, - .expect_resume = 1}, -# endif - {.desc = "try to resume from session ticket", - .enable_db = 0, - .enable_session_ticket_server = ST_ALL, - .enable_session_ticket_client = ST_ALL, - .expect_resume = 1}, -# ifdef TLS13 - {.desc = - "try to resume from session ticket (session ticket disabled for TLS 1.2)", - .enable_db = 0, - .enable_session_ticket_server = ST_TLS13_ONLY, - .enable_session_ticket_client = ST_TLS13_ONLY, - .expect_resume = 1}, -# else - {.desc = - "try to resume from session ticket (session ticket disabled for TLS 1.2)", - .enable_db = 0, - .enable_session_ticket_server = ST_TLS13_ONLY, - .enable_session_ticket_client = ST_TLS13_ONLY, - .expect_resume = 0}, -# endif - {.desc = "try to resume from session ticket (client cert)", - .enable_db = 0, - .client_cert = 1, - .enable_session_ticket_server = ST_ALL, - .enable_session_ticket_client = ST_ALL, - .expect_resume = 1}, - {.desc = "try to resume from session ticket (expired)", - .enable_db = 0, - .enable_session_ticket_server = ST_ALL, - .enable_session_ticket_client = ST_ALL, - .expire_ticket = 1, - .expect_resume = 0}, - {.desc = - "try to resume from session ticket using resumed session's data", - .enable_db = 0, - .enable_session_ticket_server = ST_ALL, - .enable_session_ticket_client = ST_ALL, - .try_resumed_data = 1, - .expect_resume = 1}, -# ifndef TLS13 - {.desc = - "try to resume from session ticket (ext master secret -> none)", - .enable_db = 0, - .enable_session_ticket_server = ST_ALL, - .enable_session_ticket_client = ST_ALL, - .expect_resume = 0, - .first_no_ext_master = 0, - .second_no_ext_master = 1, - .no_fips = 1}, - {.desc = - "try to resume from session ticket (none -> ext master secret)", - .enable_db = 0, - .enable_session_ticket_server = ST_ALL, - .enable_session_ticket_client = ST_ALL, - .expect_resume = 0, - .first_no_ext_master = 1, - .second_no_ext_master = 0, - .no_fips = 1}, - {.desc = "try to resume from session ticket (server only)", - .enable_db = 0, - .enable_session_ticket_server = ST_ALL, - .enable_session_ticket_client = ST_NONE, - .expect_resume = 0}, - {.desc = "try to resume from session ticket (client only)", - .enable_db = 0, - .enable_session_ticket_server = ST_NONE, - .enable_session_ticket_client = ST_ALL, - .expect_resume = 0}, - {.desc = "try to resume from db and ticket", - .enable_db = 1, - .enable_session_ticket_server = ST_ALL, - .enable_session_ticket_client = ST_ALL, - .expect_resume = 1}, - {.desc = "try to resume from db and different SNI", - .enable_db = 1, - .try_sni = 1, - .try_diff_sni = 1, - .expect_resume = 0}, - {.desc = "try to resume with ticket and different SNI", - .enable_session_ticket_server = ST_ALL, - .enable_session_ticket_client = ST_ALL, - .try_sni = 1, - .try_diff_sni = 1, - .expect_resume = 0}, - {.desc = "try to resume from db and same SNI", - .enable_db = 1, - .try_sni = 1, - .expect_resume = 1}, -# endif - {.desc = "try to resume with ticket and same SNI", - .enable_session_ticket_server = ST_ALL, - .enable_session_ticket_client = ST_ALL, - .try_sni = 1, - .expect_resume = 1}, - {NULL, -1} + { .desc = "try to resume from session ticket (early start)", + .enable_db = 0, + .enable_session_ticket_server = ST_ALL, + .enable_session_ticket_client = ST_ALL, + .no_early_start = 1, + .expect_resume = 1 }, +#endif + { .desc = "try to resume from session ticket", + .enable_db = 0, + .enable_session_ticket_server = ST_ALL, + .enable_session_ticket_client = ST_ALL, + .expect_resume = 1 }, +#ifdef TLS13 + { .desc = "try to resume from session ticket (session ticket disabled for TLS 1.2)", + .enable_db = 0, + .enable_session_ticket_server = ST_TLS13_ONLY, + .enable_session_ticket_client = ST_TLS13_ONLY, + .expect_resume = 1 }, +#else + { .desc = "try to resume from session ticket (session ticket disabled for TLS 1.2)", + .enable_db = 0, + .enable_session_ticket_server = ST_TLS13_ONLY, + .enable_session_ticket_client = ST_TLS13_ONLY, + .expect_resume = 0 }, +#endif + { .desc = "try to resume from session ticket (client cert)", + .enable_db = 0, + .client_cert = 1, + .enable_session_ticket_server = ST_ALL, + .enable_session_ticket_client = ST_ALL, + .expect_resume = 1 }, + { .desc = "try to resume from session ticket (expired)", + .enable_db = 0, + .enable_session_ticket_server = ST_ALL, + .enable_session_ticket_client = ST_ALL, + .expire_ticket = 1, + .expect_resume = 0 }, + { .desc = "try to resume from session ticket using resumed session's data", + .enable_db = 0, + .enable_session_ticket_server = ST_ALL, + .enable_session_ticket_client = ST_ALL, + .try_resumed_data = 1, + .expect_resume = 1 }, +#ifndef TLS13 + { .desc = "try to resume from session ticket (ext master secret -> none)", + .enable_db = 0, + .enable_session_ticket_server = ST_ALL, + .enable_session_ticket_client = ST_ALL, + .expect_resume = 0, + .first_no_ext_master = 0, + .second_no_ext_master = 1, + .no_fips = 1 }, + { .desc = "try to resume from session ticket (none -> ext master secret)", + .enable_db = 0, + .enable_session_ticket_server = ST_ALL, + .enable_session_ticket_client = ST_ALL, + .expect_resume = 0, + .first_no_ext_master = 1, + .second_no_ext_master = 0, + .no_fips = 1 }, + { .desc = "try to resume from session ticket (server only)", + .enable_db = 0, + .enable_session_ticket_server = ST_ALL, + .enable_session_ticket_client = ST_NONE, + .expect_resume = 0 }, + { .desc = "try to resume from session ticket (client only)", + .enable_db = 0, + .enable_session_ticket_server = ST_NONE, + .enable_session_ticket_client = ST_ALL, + .expect_resume = 0 }, + { .desc = "try to resume from db and ticket", + .enable_db = 1, + .enable_session_ticket_server = ST_ALL, + .enable_session_ticket_client = ST_ALL, + .expect_resume = 1 }, + { .desc = "try to resume from db and different SNI", + .enable_db = 1, + .try_sni = 1, + .try_diff_sni = 1, + .expect_resume = 0 }, + { .desc = "try to resume with ticket and different SNI", + .enable_session_ticket_server = ST_ALL, + .enable_session_ticket_client = ST_ALL, + .try_sni = 1, + .try_diff_sni = 1, + .expect_resume = 0 }, + { .desc = "try to resume from db and same SNI", + .enable_db = 1, + .try_sni = 1, + .expect_resume = 1 }, +#endif + { .desc = "try to resume with ticket and same SNI", + .enable_session_ticket_server = ST_ALL, + .enable_session_ticket_client = ST_ALL, + .try_sni = 1, + .expect_resume = 1 }, + { NULL, -1 } }; /* A very basic TLS client, with anonymous authentication. */ -# define SESSIONS 3 -# define MAX_BUF 5*1024 -# define MSG "Hello TLS" +#define SESSIONS 3 +#define MAX_BUF 5 * 1024 +#define MSG "Hello TLS" -# define HANDSHAKE_SESSION_ID_POS (2+32) +#define HANDSHAKE_SESSION_ID_POS (2 + 32) static void tls_log_func(int level, const char *str) { @@ -285,14 +280,14 @@ static void tls_log_func(int level, const char *str) static int post_client_hello_callback(gnutls_session_t session) { /* switches the supported ciphersuites to something compatible */ - assert(gnutls_priority_set_direct - (session, gnutls_session_get_ptr(session), NULL) >= 0); + assert(gnutls_priority_set_direct( + session, gnutls_session_get_ptr(session), NULL) >= 0); return 0; } static int hsk_hook_cb(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * _msg) + const gnutls_datum_t *_msg) { unsigned size; gnutls_datum_t msg = { _msg->data, _msg->size }; @@ -362,8 +357,8 @@ static void verify_alpn(gnutls_session_t session, struct params_res *params, exit(1); } - if (strlen(str) != selected.size - || memcmp(str, selected.data, selected.size) != 0) { + if (strlen(str) != selected.size || + memcmp(str, selected.data, selected.size) != 0) { fail("expected protocol %s, got %.*s\n", str, selected.size, selected.data); exit(1); @@ -373,7 +368,7 @@ static void verify_alpn(gnutls_session_t session, struct params_res *params, success("ALPN got: %s\n", str); } -static void verify_group(gnutls_session_t session, gnutls_group_t * group, +static void verify_group(gnutls_session_t session, gnutls_group_t *group, unsigned counter) { if (counter == 0) { @@ -393,7 +388,7 @@ static void verify_server_params(gnutls_session_t session, unsigned counter, { static char id[GNUTLS_MAX_SESSION_ID]; static size_t id_size = 0; -# if defined(USE_PSK) +#if defined(USE_PSK) const char *username; username = gnutls_psk_server_get_username(session); if (counter != 0) { @@ -403,12 +398,11 @@ static void verify_server_params(gnutls_session_t session, unsigned counter, if (strcmp(username, "test") != 0) fail("wrong username was returned on server side resumption\n"); } -# endif +#endif if (counter == 0 && params->early_start) { - if (! - (gnutls_session_get_flags(session) & - GNUTLS_SFLAGS_EARLY_START)) { + if (!(gnutls_session_get_flags(session) & + GNUTLS_SFLAGS_EARLY_START)) { fail("early start did not happen on %d!\n", counter); } } @@ -422,10 +416,11 @@ static void verify_server_params(gnutls_session_t session, unsigned counter, if (params->no_early_start) { if (gnutls_session_get_flags(session) & GNUTLS_SFLAGS_EARLY_START) { - fail("early start did happen on %d but was not expected!\n", counter); + fail("early start did happen on %d but was not expected!\n", + counter); } } -# if defined(USE_X509) +#if defined(USE_X509) unsigned int l; if (gnutls_certificate_type_get(session) != GNUTLS_CRT_X509) @@ -441,9 +436,10 @@ static void verify_server_params(gnutls_session_t session, unsigned counter, if (params->client_cert) { if (gnutls_certificate_get_peers(session, &l) == NULL || l < 1) - fail("no client certificate returned on server side (%s)\n", counter ? "resumed session" : "first session"); + fail("no client certificate returned on server side (%s)\n", + counter ? "resumed session" : "first session"); } -# endif +#endif /* verify whether the session ID remains the same between sessions */ if (counter == 0) { @@ -471,22 +467,22 @@ static void verify_server_params(gnutls_session_t session, unsigned counter, static void verify_client_params(gnutls_session_t session, unsigned counter) { -# if defined(USE_X509) +#if defined(USE_X509) unsigned int l; if (gnutls_certificate_get_peers(session, &l) == NULL || l < 1) fail("no server certificate returned on client side (%s)\n", counter ? "resumed session" : "first session"); -# else +#else return; -# endif +#endif } -# ifdef TLS12 -# define VERS_STR "+VERS-TLS1.2" -# endif -# ifdef TLS13 -# define VERS_STR "-VERS-ALL:+VERS-TLS1.3" -# endif +#ifdef TLS12 +#define VERS_STR "+VERS-TLS1.2" +#endif +#ifdef TLS13 +#define VERS_STR "-VERS-ALL:+VERS-TLS1.3" +#endif static void client(int sds[], struct params_res *params) { @@ -498,17 +494,23 @@ static void client(int sds[], struct params_res *params) char prio_str[256]; const char *dns_name1 = "example.com"; const char *dns_name2 = "www.example.com"; -# ifdef USE_PSK -# define PRIO_STR "NONE:"VERS_STR":+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+PSK:+CURVE-ALL" +#ifdef USE_PSK +#define PRIO_STR \ + "NONE:" VERS_STR \ + ":+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+PSK:+CURVE-ALL" const gnutls_datum_t pskkey = { (void *)"DEADBEEF", 8 }; gnutls_psk_client_credentials_t pskcred; -# elif defined(USE_ANON) -# define PRIO_STR "NONE:"VERS_STR":+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+ANON-DH:+CURVE-ALL" +#elif defined(USE_ANON) +#define PRIO_STR \ + "NONE:" VERS_STR \ + ":+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+ANON-DH:+CURVE-ALL" gnutls_anon_client_credentials_t anoncred; -# elif defined(USE_X509) -# define PRIO_STR "NONE:"VERS_STR":+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ECDHE-RSA:+RSA:+CURVE-ALL" +#elif defined(USE_X509) +#define PRIO_STR \ + "NONE:" VERS_STR \ + ":+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ECDHE-RSA:+RSA:+CURVE-ALL" gnutls_certificate_credentials_t clientx509cred; -# endif +#endif /* Need to enable anonymous KX specifically. */ @@ -521,22 +523,21 @@ static void client(int sds[], struct params_res *params) gnutls_global_set_log_function(tls_log_func); gnutls_global_set_log_level(4); } -# ifdef USE_PSK +#ifdef USE_PSK gnutls_psk_allocate_client_credentials(&pskcred); gnutls_psk_set_client_credentials(pskcred, "test", &pskkey, GNUTLS_PSK_KEY_HEX); -# elif defined(USE_ANON) +#elif defined(USE_ANON) gnutls_anon_allocate_client_credentials(&anoncred); -# elif defined(USE_X509) +#elif defined(USE_X509) gnutls_certificate_allocate_credentials(&clientx509cred); if (params->client_cert) { - assert(gnutls_certificate_set_x509_key_mem(clientx509cred, - &cli_cert, &cli_key, - GNUTLS_X509_FMT_PEM) - >= 0); + assert(gnutls_certificate_set_x509_key_mem( + clientx509cred, &cli_cert, &cli_key, + GNUTLS_X509_FMT_PEM) >= 0); } -# endif +#endif for (t = 0; t < SESSIONS; t++) { int sd = sds[t]; @@ -584,14 +585,14 @@ static void client(int sds[], struct params_res *params) /* put the anonymous credentials to the current session */ -# ifdef USE_PSK +#ifdef USE_PSK gnutls_credentials_set(session, GNUTLS_CRD_PSK, pskcred); -# elif defined(USE_ANON) +#elif defined(USE_ANON) gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); -# elif defined(USE_X509) +#elif defined(USE_X509) gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, clientx509cred); -# endif +#endif if (t > 0) { /* if this is not the first time we connect */ @@ -614,10 +615,9 @@ static void client(int sds[], struct params_res *params) } if (ext_master_secret_check) - gnutls_handshake_set_hook_function(session, - GNUTLS_HANDSHAKE_SERVER_HELLO, - GNUTLS_HOOK_PRE, - hsk_hook_cb); + gnutls_handshake_set_hook_function( + session, GNUTLS_HANDSHAKE_SERVER_HELLO, + GNUTLS_HOOK_PRE, hsk_hook_cb); gnutls_transport_set_int(session, sd); /* Perform the TLS handshake @@ -639,19 +639,19 @@ static void client(int sds[], struct params_res *params) ext_master_secret_check = 0; if (t == 0) { ext_master_secret_check = - gnutls_session_ext_master_secret_status(session); + gnutls_session_ext_master_secret_status( + session); /* get the session data size */ ret = gnutls_session_get_data2(session, &session_data); if (ret < 0) fail("Getting resume data failed\n"); - } else { /* the second time we connect */ + } else { /* the second time we connect */ if (params->try_resumed_data) { gnutls_free(session_data.data); - ret = - gnutls_session_get_data2(session, - &session_data); + ret = gnutls_session_get_data2(session, + &session_data); if (ret < 0) fail("Getting resume data failed\n"); } @@ -660,8 +660,7 @@ static void client(int sds[], struct params_res *params) if (gnutls_session_is_resumed(session) != 0) { if (params->expect_resume) { if (debug) - success - ("- Previous session was resumed\n"); + success("- Previous session was resumed\n"); } else fail("- Previous session was resumed but NOT expected\n"); } else { @@ -669,8 +668,7 @@ static void client(int sds[], struct params_res *params) fail("*** Previous session was NOT resumed\n"); } else { if (debug) - success - ("*** Previous session was NOT resumed (expected)\n"); + success("*** Previous session was NOT resumed (expected)\n"); } } @@ -678,7 +676,10 @@ static void client(int sds[], struct params_res *params) /* check if the expected cipher was negotiated */ if (gnutls_cipher_get(session) != GNUTLS_CIPHER_AES_128_GCM) { - fail("negotiated different cipher: %s\n", gnutls_cipher_get_name(gnutls_cipher_get(session))); + fail("negotiated different cipher: %s\n", + gnutls_cipher_get_name( + gnutls_cipher_get( + session))); } } } @@ -696,8 +697,7 @@ static void client(int sds[], struct params_res *params) } while (ret == GNUTLS_E_AGAIN); if (ret == 0) { if (debug) - success - ("client: Peer has closed the TLS connection\n"); + success("client: Peer has closed the TLS connection\n"); goto end; } else if (ret < 0) { fail("client: Error: %s\n", gnutls_strerror(ret)); @@ -720,30 +720,30 @@ static void client(int sds[], struct params_res *params) } gnutls_free(session_data.data); - end: -# ifdef USE_PSK +end: +#ifdef USE_PSK gnutls_psk_free_client_credentials(pskcred); -# elif defined(USE_ANON) +#elif defined(USE_ANON) gnutls_anon_free_client_credentials(anoncred); -# elif defined(USE_X509) +#elif defined(USE_X509) gnutls_certificate_free_credentials(clientx509cred); -# endif +#endif } -# define DH_BITS 1024 +#define DH_BITS 1024 /* These are global */ static gnutls_datum_t session_ticket_key = { NULL, 0 }; static gnutls_dh_params_t dh_params; -# ifdef USE_PSK +#ifdef USE_PSK gnutls_psk_server_credentials_t pskcred; -# elif defined(USE_ANON) +#elif defined(USE_ANON) gnutls_anon_server_credentials_t anoncred; -# elif defined(USE_X509) +#elif defined(USE_X509) gnutls_certificate_credentials_t serverx509cred; -# endif +#endif static int generate_dh_params(void) { @@ -763,19 +763,19 @@ static void global_stop(void) if (debug) success("global stop\n"); -# ifdef USE_PSK +#ifdef USE_PSK gnutls_psk_free_server_credentials(pskcred); -# elif defined(USE_ANON) +#elif defined(USE_ANON) gnutls_anon_free_server_credentials(anoncred); -# elif defined(USE_X509) +#elif defined(USE_X509) gnutls_certificate_free_credentials(serverx509cred); -# endif +#endif gnutls_dh_params_deinit(dh_params); } -# ifdef USE_PSK -static int -pskfunc(gnutls_session_t session, const char *username, gnutls_datum_t * key) +#ifdef USE_PSK +static int pskfunc(gnutls_session_t session, const char *username, + gnutls_datum_t *key) { if (debug) printf("psk: username %s\n", username); @@ -787,7 +787,7 @@ pskfunc(gnutls_session_t session, const char *username, gnutls_datum_t * key) key->size = 4; return 0; } -# endif +#endif static void server(int sds[], struct params_res *params) { @@ -809,26 +809,26 @@ static void server(int sds[], struct params_res *params) gnutls_global_set_log_function(tls_log_func); gnutls_global_set_log_level(4); } -# ifdef USE_PSK +#ifdef USE_PSK gnutls_psk_allocate_server_credentials(&pskcred); gnutls_psk_set_server_credentials_function(pskcred, pskfunc); -# elif defined(USE_ANON) +#elif defined(USE_ANON) gnutls_anon_allocate_server_credentials(&anoncred); -# elif defined(USE_X509) +#elif defined(USE_X509) gnutls_certificate_allocate_credentials(&serverx509cred); - assert(gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, + assert(gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM) >= 0); -# endif +#endif if (debug) success("Launched, generating DH parameters...\n"); generate_dh_params(); -# if USE_ANON +#if USE_ANON gnutls_anon_set_server_dh_params(anoncred, dh_params); -# endif +#endif if (params->enable_db) { wrap_db_init(); @@ -845,15 +845,15 @@ static void server(int sds[], struct params_res *params) /* avoid calling all the priority functions, since the defaults * are adequate. */ - assert(gnutls_priority_set_direct(session, - PRIO_STR, NULL) >= 0); + assert(gnutls_priority_set_direct(session, PRIO_STR, NULL) >= + 0); -# if defined(USE_X509) +#if defined(USE_X509) if (params->client_cert) { - gnutls_certificate_server_set_request(session, - GNUTLS_CERT_REQUIRE); + gnutls_certificate_server_set_request( + session, GNUTLS_CERT_REQUIRE); } -# endif +#endif gnutls_dh_set_prime_bits(session, DH_BITS); @@ -865,8 +865,8 @@ static void server(int sds[], struct params_res *params) } if (params->enable_session_ticket_server) - gnutls_session_ticket_enable_server(session, - &session_ticket_key); + gnutls_session_ticket_enable_server( + session, &session_ticket_key); append_alpn(session, params, t); @@ -874,21 +874,21 @@ static void server(int sds[], struct params_res *params) gnutls_db_set_cache_expiration(session, 45); virt_sec_sleep(60); } -# ifdef USE_PSK +#ifdef USE_PSK gnutls_credentials_set(session, GNUTLS_CRD_PSK, pskcred); -# elif defined(USE_ANON) +#elif defined(USE_ANON) gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); -# elif defined(USE_X509) +#elif defined(USE_X509) gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, serverx509cred); -# endif +#endif gnutls_transport_set_int(session, sd); gnutls_handshake_set_timeout(session, get_timeout()); if (params->call_post_client_hello) { gnutls_session_set_ptr(session, PRIO_STR); - gnutls_handshake_set_post_client_hello_function(session, - post_client_hello_callback); + gnutls_handshake_set_post_client_hello_function( + session, post_client_hello_callback); } do { @@ -928,12 +928,12 @@ static void server(int sds[], struct params_res *params) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { kill(child, SIGTERM); - fail("server: Received corrupted data(%d). Closing...\n", ret); + fail("server: Received corrupted data(%d). Closing...\n", + ret); break; } else if (ret > 0) { /* echo data back to the client @@ -1025,8 +1025,8 @@ void doit(void) * and session data. */ -# define MAX_SESSION_ID_SIZE 32 -# define MAX_SESSION_DATA_SIZE 1024 +#define MAX_SESSION_ID_SIZE 32 +#define MAX_SESSION_DATA_SIZE 1024 typedef struct { unsigned char session_id[MAX_SESSION_ID_SIZE]; @@ -1041,7 +1041,6 @@ static int cache_db_ptr = 0; static void wrap_db_init(void) { - /* allocate cache_db */ cache_db = calloc(1, TLS_SESSION_CACHE * sizeof(CACHE)); } @@ -1057,7 +1056,7 @@ static int wrap_db_store(void *dbf, gnutls_datum_t key, gnutls_datum_t data) { time_t t, e, now = time(0); -# ifdef DEBUG_CACHE +#ifdef DEBUG_CACHE if (debug) { unsigned int i; fprintf(stderr, "resume db storing (%d-%d): ", key.size, @@ -1072,7 +1071,7 @@ static int wrap_db_store(void *dbf, gnutls_datum_t key, gnutls_datum_t data) } fprintf(stderr, "\n"); } -# endif +#endif /* check the correctness of gnutls_db_check_entry_time() */ t = gnutls_db_check_entry_time(&data); @@ -1143,7 +1142,7 @@ static gnutls_datum_t wrap_db_fetch(void *dbf, gnutls_datum_t key) memcpy(res.data, cache_db[i].session_data, res.size); -# ifdef DEBUG_CACHE +#ifdef DEBUG_CACHE if (debug) { unsigned int j; printf("data:\n"); @@ -1154,7 +1153,7 @@ static gnutls_datum_t wrap_db_fetch(void *dbf, gnutls_datum_t key) } printf("\n"); } -# endif +#endif return res; } } @@ -1174,7 +1173,6 @@ static int wrap_db_delete(void *dbf, gnutls_datum_t key) for (i = 0; i < TLS_SESSION_CACHE; i++) { if (key.size == cache_db[i].session_id_size && memcmp(key.data, cache_db[i].session_id, key.size) == 0) { - cache_db[i].session_id_size = 0; cache_db[i].session_data_size = 0; @@ -1183,7 +1181,6 @@ static int wrap_db_delete(void *dbf, gnutls_datum_t key) } return -1; - } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/rfc7633-missing.c b/tests/rfc7633-missing.c index 5591f560e6..731151c1ba 100644 --- a/tests/rfc7633-missing.c +++ b/tests/rfc7633-missing.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,19 +35,19 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" /* This program tests that handshakes fail if the server does not include the * requested certificate status with the server certificate having @@ -58,7 +58,7 @@ int main(void) * Remark: Doesn't the MUST in section 4.3.3 para. 1 overrule the SHOULD of 4.2.3.1 para. 1? */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1464610242; if (t) @@ -78,57 +78,53 @@ static void client_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICBzCCAXCgAwIBAgIMVpjt8TL5Io/frpvkMA0GCSqGSIb3DQEBCwUAMCIxIDAe\n" - "BgNVBAMTF0dudVRMUyB0ZXN0IGNlcnRpZmljYXRlMB4XDTE2MDExNTEzMDI0MVoX\n" - "DTMyMDYxOTEzMDI0MVowIjEgMB4GA1UEAxMXR251VExTIHRlc3QgY2VydGlmaWNh\n" - "dGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANe6XK+jDPAuqSdWqlOOqOt/\n" - "gXVMa5i+Suq3HvhLw2rE2g0AuOpMEx82FpPecu/GpF6ybrbKCohVdZCW7aZXvAw7\n" - "dg2XHr3p7H/Tqez7hWSga6BIznd+c5wxE/89yK6lYG7Ztoxamm+2vp9qvafwoDMn\n" - "9bcdkuWWnHNS1p/WyI6xAgMBAAGjQjBAMBEGCCsGAQUFBwEYBAUwAwIBBTAMBgNV\n" - "HRMBAf8EAjAAMB0GA1UdDgQWBBRTSzvcXshETAIgvzlIb0z+zSVSEDANBgkqhkiG\n" - "9w0BAQsFAAOBgQB+VcJuLPL2PMog0HZ8RRbqVvLU5d209ROg3s1oXUBFW8+AV+71\n" - "CsHg9Xx7vqKVwyKGI9ghds1B44lNPxGH2Sk1v2czjKbzwujo9+kLnDS6i0jyrDdn\n" - "um4ivpkwmlUFSQVXvENLwe9gTlIgN4+0I9WLcMTCDtHWkcxMRwCm2BMsXw==\n" - "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICBzCCAXCgAwIBAgIMVpjt8TL5Io/frpvkMA0GCSqGSIb3DQEBCwUAMCIxIDAe\n" + "BgNVBAMTF0dudVRMUyB0ZXN0IGNlcnRpZmljYXRlMB4XDTE2MDExNTEzMDI0MVoX\n" + "DTMyMDYxOTEzMDI0MVowIjEgMB4GA1UEAxMXR251VExTIHRlc3QgY2VydGlmaWNh\n" + "dGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANe6XK+jDPAuqSdWqlOOqOt/\n" + "gXVMa5i+Suq3HvhLw2rE2g0AuOpMEx82FpPecu/GpF6ybrbKCohVdZCW7aZXvAw7\n" + "dg2XHr3p7H/Tqez7hWSga6BIznd+c5wxE/89yK6lYG7Ztoxamm+2vp9qvafwoDMn\n" + "9bcdkuWWnHNS1p/WyI6xAgMBAAGjQjBAMBEGCCsGAQUFBwEYBAUwAwIBBTAMBgNV\n" + "HRMBAf8EAjAAMB0GA1UdDgQWBBRTSzvcXshETAIgvzlIb0z+zSVSEDANBgkqhkiG\n" + "9w0BAQsFAAOBgQB+VcJuLPL2PMog0HZ8RRbqVvLU5d209ROg3s1oXUBFW8+AV+71\n" + "CsHg9Xx7vqKVwyKGI9ghds1B44lNPxGH2Sk1v2czjKbzwujo9+kLnDS6i0jyrDdn\n" + "um4ivpkwmlUFSQVXvENLwe9gTlIgN4+0I9WLcMTCDtHWkcxMRwCm2BMsXw==\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; static int received = 0; static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { fail("received status request\n"); received = 1; return 0; } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, const char *prio) { @@ -170,8 +166,7 @@ static void client(int fd, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret == GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM) { /* success */ @@ -187,8 +182,8 @@ static void client(int fd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (received == 1) { fail("client: received certificate status when we shouldn't.\n"); @@ -200,16 +195,16 @@ static void client(int fd, const char *prio) gnutls_strerror(ret)); } else { if (status & GNUTLS_CERT_MISSING_OCSP_STATUS) { - success - ("client: Validation failed with GNUTLS_CERT_MISSING_OCSP_STATUS\n"); + success("client: Validation failed with GNUTLS_CERT_MISSING_OCSP_STATUS\n"); } else { - fail("client: Validation status does not include GNUTLS_CERT_MISSING_OCSP_STATUS. Status is %d\n", status); + fail("client: Validation status does not include GNUTLS_CERT_MISSING_OCSP_STATUS. Status is %d\n", + status); } } gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -266,14 +261,14 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* do not wait for the peer to close the connection. */ gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); gnutls_deinit(session); @@ -337,4 +332,4 @@ void doit(void) start("default", "NORMAL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/rfc7633-ok.c b/tests/rfc7633-ok.c index 71fc91a348..a7861e36af 100644 --- a/tests/rfc7633-ok.c +++ b/tests/rfc7633-ok.c @@ -22,7 +22,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -38,20 +38,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "utils.h" -# include "cert-common.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "utils.h" +#include "cert-common.h" /* This program tests that handshakes succeed if the server includes the * requested certificate status with the server certificate having @@ -60,7 +60,7 @@ int main(void) * See RFC 7633 */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1559941819; if (t) @@ -135,13 +135,13 @@ static int received = 0; static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { received = 1; return 0; } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, const char *prio) { @@ -159,8 +159,8 @@ static void client(int fd, const char *prio) } assert(gnutls_certificate_allocate_credentials(&x509_cred) >= 0); - assert(gnutls_certificate_set_x509_trust_mem - (x509_cred, &ca3_cert, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(x509_cred, &ca3_cert, + GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&session, GNUTLS_CLIENT) >= 0); @@ -177,8 +177,7 @@ static void client(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed: %s\n", gnutls_strerror(ret)); } else { @@ -188,11 +187,11 @@ static void client(int fd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); - if (received == 0 - && gnutls_protocol_get_version(session) == GNUTLS_TLS1_2) { + if (received == 0 && + gnutls_protocol_get_version(session) == GNUTLS_TLS1_2) { fail("client: did not receive certificate status when we should.\n"); } @@ -203,9 +202,10 @@ static void client(int fd, const char *prio) } else { if (status) { gnutls_datum_t tmp; - assert(gnutls_certificate_verification_status_print - (status, GNUTLS_CRT_X509, &tmp, 0) >= 0); - fail("client: Validation status is not success (%x: %s)\n", status, (char *)tmp.data); + assert(gnutls_certificate_verification_status_print( + status, GNUTLS_CRT_X509, &tmp, 0) >= 0); + fail("client: Validation status is not success (%x: %s)\n", + status, (char *)tmp.data); } } @@ -221,7 +221,7 @@ static void client(int fd, const char *prio) } static int status_func(gnutls_session_t session, void *ptr, - gnutls_datum_t * resp) + gnutls_datum_t *resp) { resp->data = gnutls_malloc(sizeof(ocsp_resp)); if (resp->data == NULL) @@ -250,9 +250,9 @@ static void server(int fd, const char *prio) } assert(gnutls_certificate_allocate_credentials(&x509_cred) >= 0); - assert(gnutls_certificate_set_x509_key_mem - (x509_cred, &server_ca3_tlsfeat_cert, &server_ca3_key, - GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + x509_cred, &server_ca3_tlsfeat_cert, &server_ca3_key, + GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&session, GNUTLS_SERVER) >= 0); @@ -279,8 +279,8 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* do not wait for the peer to close the connection. */ @@ -349,4 +349,4 @@ void doit(void) start("default", "NORMAL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/rng-fork.c b/tests/rng-fork.c index 56ef086b01..dec5592be6 100644 --- a/tests/rng-fork.c +++ b/tests/rng-fork.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,7 +30,7 @@ #include #include #if !defined(_WIN32) -# include +#include #endif #include "utils.h" @@ -47,7 +47,7 @@ static void dump(const char *name, unsigned char *buf, int buf_size) printf("\n"); } -# define FILENAME "./rng-test" +#define FILENAME "./rng-test" void doit(void) { @@ -92,12 +92,14 @@ void doit(void) remove(FILENAME); if (ret != sizeof(buf1)) { - fail("error testing the random generator (%u).\n", i); + fail("error testing the random generator (%u).\n", + i); return; } if (memcmp(buf1, buf2, sizeof(buf1)) == 0) { - fail("error in the random generator (%u). Produces same valus after fork()\n", i); + fail("error in the random generator (%u). Produces same valus after fork()\n", + i); return; } if (debug) diff --git a/tests/rng-no-onload.c b/tests/rng-no-onload.c index 0b3b8da18c..77c1c5d59d 100644 --- a/tests/rng-no-onload.c +++ b/tests/rng-no-onload.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -47,7 +47,7 @@ static int _rnd_called = 0; * calls. */ int __attribute__((visibility("protected"))) - gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len) +gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len) { _rnd_called = 1; @@ -68,4 +68,4 @@ void doit(void) gnutls_global_deinit(); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/rng-op-key.c b/tests/rng-op-key.c index cfdc8a2529..28e7f71523 100644 --- a/tests/rng-op-key.c +++ b/tests/rng-op-key.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -29,7 +29,7 @@ #include #include #if !defined(_WIN32) -# include +#include #endif #include "utils.h" diff --git a/tests/rng-op-nonce.c b/tests/rng-op-nonce.c index eb23ed7d46..6602fd1383 100644 --- a/tests/rng-op-nonce.c +++ b/tests/rng-op-nonce.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -29,7 +29,7 @@ #include #include #if !defined(_WIN32) -# include +#include #endif #include "utils.h" diff --git a/tests/rng-op-random.c b/tests/rng-op-random.c index 7349fc4c2c..b2c7d79cba 100644 --- a/tests/rng-op-random.c +++ b/tests/rng-op-random.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -29,7 +29,7 @@ #include #include #if !defined(_WIN32) -# include +#include #endif #include "utils.h" diff --git a/tests/rng-op.c b/tests/rng-op.c index a765794fc0..fa3b8ee156 100644 --- a/tests/rng-op.c +++ b/tests/rng-op.c @@ -22,7 +22,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,7 +30,7 @@ #include #include #if !defined(_WIN32) -# include +#include #endif #include "utils.h" @@ -60,7 +60,7 @@ static void try(int rnd) } } -#define TMP_SIZE (65*1024) +#define TMP_SIZE (65 * 1024) tmp = malloc(TMP_SIZE); if (tmp == NULL) { fail("memory error\n"); @@ -70,7 +70,8 @@ static void try(int rnd) for (i = 0; i <= 65539; i++) { ret = gnutls_rnd(rnd, tmp, TMP_SIZE); if (ret < 0) { - fail("Error iterating RNG-%d more than %u times for %d data\n", rnd, i, TMP_SIZE); + fail("Error iterating RNG-%d more than %u times for %d data\n", + rnd, i, TMP_SIZE); exit(1); } } diff --git a/tests/rng-pthread.c b/tests/rng-pthread.c index 9c2f3932b7..345f25e25e 100644 --- a/tests/rng-pthread.c +++ b/tests/rng-pthread.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,11 +33,11 @@ #include #include #ifndef _WIN32 -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include #endif #include "utils.h" @@ -76,10 +76,9 @@ static void *start_thread(void *arg) pthread_exit(0); } -# define MAX_THREADS 48 +#define MAX_THREADS 48 -static -void do_thread_stuff(unsigned level) +static void do_thread_stuff(unsigned level) { int ret; thread_data_st *data; @@ -101,16 +100,15 @@ void do_thread_stuff(unsigned level) pthread_join(data[i].id, NULL); for (j = 0; j < MAX_THREADS; j++) { if (i != j) { - if (memcmp - (data[i].buf, data[j].buf, - sizeof(data[i].buf)) == 0) { - fail("identical data found in thread %d and %d\n", i, j); + if (memcmp(data[i].buf, data[j].buf, + sizeof(data[i].buf)) == 0) { + fail("identical data found in thread %d and %d\n", + i, j); } } } } free(data); - } void doit(void) @@ -124,4 +122,4 @@ void doit(void) gnutls_global_deinit(); } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/rng-sigint.c b/tests/rng-sigint.c index eae4c0972e..acc10f6a9d 100644 --- a/tests/rng-sigint.c +++ b/tests/rng-sigint.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -29,19 +29,20 @@ /* This program verifies whether the low-level random functions can operate * properly, even if interrupted by signals */ -#if defined(HAVE_SETITIMER) && (defined(HAVE_LINUX_GETRANDOM) || defined(__linux__)) +#if defined(HAVE_SETITIMER) && \ + (defined(HAVE_LINUX_GETRANDOM) || defined(__linux__)) -# include -# include -# include -# include -# include -# include -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include "utils.h" -# define _gnutls_debug_log printf -# define gnutls_assert() -# define gnutls_assert_val(val) val +#define _gnutls_debug_log printf +#define gnutls_assert() +#define gnutls_assert_val(val) val int _rnd_system_entropy_init(void); void _rnd_system_entropy_deinit(void); @@ -49,8 +50,8 @@ void _rnd_system_entropy_deinit(void); typedef int (*get_entropy_func)(void *rnd, size_t size); get_entropy_func _rnd_get_system_entropy; -# define RND_NO_INCLUDES -# include "../lib/nettle/sysrng-linux.c" +#define RND_NO_INCLUDES +#include "../lib/nettle/sysrng-linux.c" static volatile int stop_loop = 0; @@ -92,9 +93,8 @@ void doit(void) gnutls_strerror(ret)); } - if (memcmp - (empty, buf + sizeof(buf) - sizeof(empty) - 1, - sizeof(empty)) == 0) { + if (memcmp(empty, buf + sizeof(buf) - sizeof(empty) - 1, + sizeof(empty)) == 0) { fail("_rnd_get_system_entropy: did not fill buffer\n"); } } @@ -102,7 +102,7 @@ void doit(void) _rnd_system_entropy_deinit(); } #else -void doit(void); /* prototype to avoid warning with -Wmissing-prototypes */ +void doit(void); /* prototype to avoid warning with -Wmissing-prototypes */ void doit(void) { diff --git a/tests/rsa-encrypt-decrypt.c b/tests/rsa-encrypt-decrypt.c index 7676b0388a..795217e806 100644 --- a/tests/rsa-encrypt-decrypt.c +++ b/tests/rsa-encrypt-decrypt.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,9 +30,9 @@ #include #include #ifndef _WIN32 -# include -# include -# include +#include +#include +#include #endif #include #include @@ -43,56 +43,49 @@ /* sha1 hash of "hello" string */ const gnutls_datum_t hash_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", 20 }; -const gnutls_datum_t raw_data = { - (void *)"hello there", - 11 -}; +const gnutls_datum_t raw_data = { (void *)"hello there", 11 }; static char pem1_cert[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" - "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" - "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" - "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" - "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" - "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" - "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" - "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" - "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" - "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" - "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" + "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" + "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" + "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" + "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" + "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" + "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" + "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" + "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" + "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" + "dc8Siq5JojruiMizAf0pA7in\n" + "-----END CERTIFICATE-----\n"; static char pem1_key[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" - "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" - "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" - "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" - "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" - "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" - "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" - "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" - "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" - "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" - "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" - "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" - "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t cert_dat[] = { - {(void *)pem1_cert, sizeof(pem1_cert)} -}; - -const gnutls_datum_t key_dat[] = { - {(void *)pem1_key, sizeof(pem1_key)} -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" + "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" + "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" + "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" + "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" + "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" + "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" + "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" + "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" + "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" + "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" + "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" + "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t cert_dat[] = { { (void *)pem1_cert, sizeof(pem1_cert) } }; + +const gnutls_datum_t key_dat[] = { { (void *)pem1_key, sizeof(pem1_key) } }; void doit(void) { @@ -114,9 +107,8 @@ void doit(void) if (ret < 0) fail("gnutls_x509_privkey_init\n"); - ret = - gnutls_x509_privkey_import(key, &key_dat[i], - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import(key, &key_dat[i], + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("gnutls_x509_privkey_import\n"); @@ -136,9 +128,8 @@ void doit(void) if (ret < 0) fail("gnutls_x509_crt_init\n"); - ret = - gnutls_x509_crt_import(crt, &cert_dat[i], - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt, &cert_dat[i], + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("gnutls_x509_crt_import\n"); @@ -162,9 +153,8 @@ void doit(void) /* try again with fixed length API */ memset(out2.data, 'A', out2.size); - ret = - gnutls_privkey_decrypt_data2(privkey, 0, &out, out2.data, - out2.size); + ret = gnutls_privkey_decrypt_data2(privkey, 0, &out, out2.data, + out2.size); if (ret < 0) fail("gnutls_privkey_decrypt_data\n"); @@ -190,9 +180,8 @@ void doit(void) /* try again with fixed length API */ memset(out2.data, 'A', out2.size); - ret = - gnutls_privkey_decrypt_data2(privkey, 0, &out, out2.data, - out2.size); + ret = gnutls_privkey_decrypt_data2(privkey, 0, &out, out2.data, + out2.size); if (ret < 0) fail("gnutls_privkey_decrypt_data\n"); diff --git a/tests/rsa-illegal-import.c b/tests/rsa-illegal-import.c index ca6e3301c8..86881a2e4d 100644 --- a/tests/rsa-illegal-import.c +++ b/tests/rsa-illegal-import.c @@ -18,7 +18,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -36,50 +36,46 @@ * on illegal key input */ static unsigned char rsa_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXQIBAAKBgQCpTrErF6KeHfaSBfQXLkw2AkrteEFca/jbWk2S0df5cRrsuC+R\n" - "nrpHnk4prJISVQZzF+s5qgzulvRaMD0vnlCDKPjDgRLkFyiT3pW5JZJqTKiILQBw\n" - "z6rqlQO7UWWqetc/gl9SHTq/vX5CDbA5Nxc9HJLkPX5Xl3wA12PAYmraugIDAQAB\n" - "AoGABMjQgOM+GTHHkgDREQah6LTP4T4QusfiVHCM2KVNcSMdG6tozLirkvKKSusx\n" - "hYsZj48ReqOvkd56MUJDuGDE7aQqhsrDnTgTnoYH7dFSY6acUucj5F6yeircFth4\n" - "lRko09HKZ5Fd1ngstPU35GsekUMq8vaHDrRzleydp+Z5lMECQQDP/cy68Jt7tMZT\n" - "oQQLhsddyoQG+2JiWz3PT9P9d5WdkMqzOYt6ADZ2m8HpmMcv32LQHtriSxy7JqXW\n" - "3uSnowkEAkEA0GMOXvV/8QnWKU2/byp3HVDQP57Vq/M37BhMbxoZDAHCaIz7v8k2\n" - "D7UBQdTeiUsm6gFJ1+E6YCnmTxdPRVuN6QJBALLLOQAGL5Jy/v4K7yA9dwpgOYiK\n" - "9rMYPhUFSXWdI+cz/Zt9vzFcF3V0RYhaRfgYLqg7retTqFoVSgBg0OxuUSMCQBtF\n" - "q37QAGOKVwXmz/P7icVDa024OtybIyl58J7luntwy4GlWdk6uyGJHdYAxvMO69Pa\n" - "QVDIgDxPn32gXlaEaekCQQCVhXc3zc+VX3nM4iCpXhlET2N75ULzsR+r6CdvtwSB\n" - "vXMBcuCE1aJHZDxqRx8XFZDZl+Ij/jrBMmtI15ebDuzH\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t rsa_key = { rsa_key_pem, - sizeof(rsa_key_pem) - 1 -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXQIBAAKBgQCpTrErF6KeHfaSBfQXLkw2AkrteEFca/jbWk2S0df5cRrsuC+R\n" + "nrpHnk4prJISVQZzF+s5qgzulvRaMD0vnlCDKPjDgRLkFyiT3pW5JZJqTKiILQBw\n" + "z6rqlQO7UWWqetc/gl9SHTq/vX5CDbA5Nxc9HJLkPX5Xl3wA12PAYmraugIDAQAB\n" + "AoGABMjQgOM+GTHHkgDREQah6LTP4T4QusfiVHCM2KVNcSMdG6tozLirkvKKSusx\n" + "hYsZj48ReqOvkd56MUJDuGDE7aQqhsrDnTgTnoYH7dFSY6acUucj5F6yeircFth4\n" + "lRko09HKZ5Fd1ngstPU35GsekUMq8vaHDrRzleydp+Z5lMECQQDP/cy68Jt7tMZT\n" + "oQQLhsddyoQG+2JiWz3PT9P9d5WdkMqzOYt6ADZ2m8HpmMcv32LQHtriSxy7JqXW\n" + "3uSnowkEAkEA0GMOXvV/8QnWKU2/byp3HVDQP57Vq/M37BhMbxoZDAHCaIz7v8k2\n" + "D7UBQdTeiUsm6gFJ1+E6YCnmTxdPRVuN6QJBALLLOQAGL5Jy/v4K7yA9dwpgOYiK\n" + "9rMYPhUFSXWdI+cz/Zt9vzFcF3V0RYhaRfgYLqg7retTqFoVSgBg0OxuUSMCQBtF\n" + "q37QAGOKVwXmz/P7icVDa024OtybIyl58J7luntwy4GlWdk6uyGJHdYAxvMO69Pa\n" + "QVDIgDxPn32gXlaEaekCQQCVhXc3zc+VX3nM4iCpXhlET2N75ULzsR+r6CdvtwSB\n" + "vXMBcuCE1aJHZDxqRx8XFZDZl+Ij/jrBMmtI15ebDuzH\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t rsa_key = { rsa_key_pem, sizeof(rsa_key_pem) - 1 }; static unsigned char p8_rsa_pem[] = - "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" - "MIICojAcBgoqhkiG9w0BDAEDMA4ECDxZ1/EW+8XWAgIUYASCAoBR6R3Z341vSRvs\n" - "/LMErKcKkAQ3THTZBpmYgR2mrJUjJBivzOuRTCRpgtjuQ4ht2Q7KV943mJXsqAFI\n" - "Jly5fuVQ5YmRGLW+LE5sv+AGwmsii/PvGfGa9al56tHLDSeXV2VH4fly45bQ7ipr\n" - "PZBiEgBToF/jqDFWleH2GTCnSLpc4B2cKkMO2c5RYrCCGNRK/jr1xVUDVzeiXZwE\n" - "dbdDaV2UG/Oeo7F48UmvuWgS9YSFSUJ4fKG1KLlAQMKtAQKX+B4oL6Jbeb1jwSCX\n" - "Q1H9hHXHTXbPGaIncPugotZNArwwrhesTszFE4NFMbg3QNKL1fabJJFIcOYIktwL\n" - "7HG3pSiU2rqUZgS59OMJgL4jJm1lipo8ruNIl/YCpZTombOAV2Wbvq/I0SbRRXbX\n" - "12lco8bQO1dgSkhhe58Vrs+ChaNajtNi8SjLS+Pi1tYYAVQjcQdxCGh4q8aZUhDv\n" - "5yRp/TUOMaZqkY6YzRAlERb9jzVeh97EsOURzLu8pQgVjcNDOUAZF67KSqlSGMh7\n" - "PdqknM/j8KaWmVMAUn4+PuWohkyjd1/1QhCnEtFZ1lbIfWrKXV76U7zyy0OTvFKw\n" - "qemHUbryOJu0dQHziWmdtJpS7abSuhoMnrByZD+jDfQoSX7BzmdmCQGinltITYY1\n" - "3iChqWC7jY02CiKZqTcdwkImvmDtDYOBr0uQSgBa4eh7nYmmcpdY4I6V5qAdo30w\n" - "oXNEMqM53Syx36Fp70/Vmy0KmK8+2T4UgxGVJEgTDsEhiwJtTXxdzgxc5npbTePa\n" - "abhFyIXIpqoUYZ9GPU8UjNEuF//wPY6klBp6VP0ixO6RqQKzbwr85EXbzoceBrLo\n" - "eng1/Czj\n" "-----END ENCRYPTED PRIVATE KEY-----\n"; - -const gnutls_datum_t p8_rsa_key = { p8_rsa_pem, - sizeof(p8_rsa_pem) - 1 -}; - -static -int check_x509_privkey(void) + "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" + "MIICojAcBgoqhkiG9w0BDAEDMA4ECDxZ1/EW+8XWAgIUYASCAoBR6R3Z341vSRvs\n" + "/LMErKcKkAQ3THTZBpmYgR2mrJUjJBivzOuRTCRpgtjuQ4ht2Q7KV943mJXsqAFI\n" + "Jly5fuVQ5YmRGLW+LE5sv+AGwmsii/PvGfGa9al56tHLDSeXV2VH4fly45bQ7ipr\n" + "PZBiEgBToF/jqDFWleH2GTCnSLpc4B2cKkMO2c5RYrCCGNRK/jr1xVUDVzeiXZwE\n" + "dbdDaV2UG/Oeo7F48UmvuWgS9YSFSUJ4fKG1KLlAQMKtAQKX+B4oL6Jbeb1jwSCX\n" + "Q1H9hHXHTXbPGaIncPugotZNArwwrhesTszFE4NFMbg3QNKL1fabJJFIcOYIktwL\n" + "7HG3pSiU2rqUZgS59OMJgL4jJm1lipo8ruNIl/YCpZTombOAV2Wbvq/I0SbRRXbX\n" + "12lco8bQO1dgSkhhe58Vrs+ChaNajtNi8SjLS+Pi1tYYAVQjcQdxCGh4q8aZUhDv\n" + "5yRp/TUOMaZqkY6YzRAlERb9jzVeh97EsOURzLu8pQgVjcNDOUAZF67KSqlSGMh7\n" + "PdqknM/j8KaWmVMAUn4+PuWohkyjd1/1QhCnEtFZ1lbIfWrKXV76U7zyy0OTvFKw\n" + "qemHUbryOJu0dQHziWmdtJpS7abSuhoMnrByZD+jDfQoSX7BzmdmCQGinltITYY1\n" + "3iChqWC7jY02CiKZqTcdwkImvmDtDYOBr0uQSgBa4eh7nYmmcpdY4I6V5qAdo30w\n" + "oXNEMqM53Syx36Fp70/Vmy0KmK8+2T4UgxGVJEgTDsEhiwJtTXxdzgxc5npbTePa\n" + "abhFyIXIpqoUYZ9GPU8UjNEuF//wPY6klBp6VP0ixO6RqQKzbwr85EXbzoceBrLo\n" + "eng1/Czj\n" + "-----END ENCRYPTED PRIVATE KEY-----\n"; + +const gnutls_datum_t p8_rsa_key = { p8_rsa_pem, sizeof(p8_rsa_pem) - 1 }; + +static int check_x509_privkey(void) { gnutls_x509_privkey_t key; int ret; @@ -99,8 +95,7 @@ int check_x509_privkey(void) return 0; } -static -int check_pkcs8_privkey1(void) +static int check_pkcs8_privkey1(void) { gnutls_x509_privkey_t key; int ret; @@ -111,9 +106,8 @@ int check_pkcs8_privkey1(void) if (ret < 0) fail("error: %s\n", gnutls_strerror(ret)); - ret = - gnutls_x509_privkey_import_pkcs8(key, &p8_rsa_key, - GNUTLS_X509_FMT_PEM, "1234", 0); + ret = gnutls_x509_privkey_import_pkcs8(key, &p8_rsa_key, + GNUTLS_X509_FMT_PEM, "1234", 0); if (ret != GNUTLS_E_PK_INVALID_PRIVKEY) fail("error: %s\n", gnutls_strerror(ret)); @@ -122,8 +116,7 @@ int check_pkcs8_privkey1(void) return 0; } -static -int check_pkcs8_privkey2(void) +static int check_pkcs8_privkey2(void) { gnutls_privkey_t key; int ret; @@ -134,9 +127,8 @@ int check_pkcs8_privkey2(void) if (ret < 0) fail("error: %s\n", gnutls_strerror(ret)); - ret = - gnutls_privkey_import_x509_raw(key, &p8_rsa_key, - GNUTLS_X509_FMT_PEM, "1234", 0); + ret = gnutls_privkey_import_x509_raw(key, &p8_rsa_key, + GNUTLS_X509_FMT_PEM, "1234", 0); if (ret != GNUTLS_E_PK_INVALID_PRIVKEY) fail("error: %s\n", gnutls_strerror(ret)); @@ -150,7 +142,8 @@ void doit(void) if (gnutls_fips140_mode_enabled()) exit(77); -#if NETTLE_VERSION_MAJOR < 3 || (NETTLE_VERSION_MAJOR == 3 && NETTLE_VERSION_MINOR <= 2) +#if NETTLE_VERSION_MAJOR < 3 || \ + (NETTLE_VERSION_MAJOR == 3 && NETTLE_VERSION_MINOR <= 2) /* These checks are enforced only on new versions of nettle */ exit(77); #else diff --git a/tests/rsa-psk-cb.c b/tests/rsa-psk-cb.c index c743491049..b84b7d415b 100644 --- a/tests/rsa-psk-cb.c +++ b/tests/rsa-psk-cb.c @@ -24,7 +24,7 @@ /* Tests the RSA-PSK ciphersuites under TLS1.2 */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,15 +40,15 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include -# include -# include -# include -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include "cert-common.h" +#include "utils.h" /* A very basic TLS client, with PSK authentication. */ @@ -60,9 +60,8 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static -int psk_cli_func(gnutls_session_t session, char **username, - gnutls_datum_t * key) +static int psk_cli_func(gnutls_session_t session, char **username, + gnutls_datum_t *key) { *username = gnutls_malloc(5); assert(*username != NULL); @@ -79,8 +78,8 @@ int psk_cli_func(gnutls_session_t session, char **username, return 0; } -# define MAX_BUF 1024 -# define MSG "Hello TLS" +#define MAX_BUF 1024 +#define MSG "Hello TLS" static void client(int sd) { @@ -108,9 +107,10 @@ static void client(int sd) gnutls_init(&session, GNUTLS_CLIENT); /* Use default priorities */ - assert(gnutls_priority_set_direct - (session, "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA-PSK", - NULL) >= 0); + assert(gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA-PSK", + NULL) >= 0); /* put the anonymous credentials to the current session */ @@ -155,7 +155,7 @@ static void client(int sd) gnutls_bye(session, GNUTLS_SHUT_RDWR); - end: +end: close(sd); @@ -170,11 +170,10 @@ static void client(int sd) /* This is a sample TLS 1.0 echo server, for PSK authentication. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 -static int -psk_server_func(gnutls_session_t session, const char *username, - gnutls_datum_t * key) +static int psk_server_func(gnutls_session_t session, const char *username, + gnutls_datum_t *key) { if (debug) printf("psk: username %s\n", username); @@ -218,18 +217,18 @@ static void server(int sd) psk_server_func); gnutls_psk_set_server_credentials_hint(server_pskcred, "hint"); gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&session, GNUTLS_SERVER); /* avoid calling all the priority functions, since the defaults * are adequate. */ - assert(gnutls_priority_set_direct - (session, "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA-PSK", - NULL) >= 0); + assert(gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA-PSK", + NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_PSK, server_pskcred); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, serverx509cred); @@ -256,11 +255,11 @@ static void server(int sd) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { - fail("server: Received corrupted data(%d). Closing...\n", ret); + fail("server: Received corrupted data(%d). Closing...\n", + ret); break; } else if (ret > 0) { /* echo data back to the client @@ -317,4 +316,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/rsa-psk.c b/tests/rsa-psk.c index 78dd5f32d2..2ed463f3c3 100644 --- a/tests/rsa-psk.c +++ b/tests/rsa-psk.c @@ -24,7 +24,7 @@ /* Tests the RSA-PSK ciphersuites under TLS1.2 */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,15 +40,15 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include -# include -# include -# include -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include "cert-common.h" +#include "utils.h" /* A very basic TLS client, with PSK authentication. */ @@ -60,8 +60,8 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -# define MAX_BUF 1024 -# define MSG "Hello TLS" +#define MAX_BUF 1024 +#define MSG "Hello TLS" static void client(int sd) { @@ -91,9 +91,9 @@ static void client(int sd) gnutls_init(&session, GNUTLS_CLIENT); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA-PSK", - NULL); + gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA-PSK", + NULL); /* put the anonymous credentials to the current session */ @@ -138,7 +138,7 @@ static void client(int sd) gnutls_bye(session, GNUTLS_SHUT_RDWR); - end: +end: close(sd); @@ -153,11 +153,10 @@ static void client(int sd) /* This is a sample TLS 1.0 echo server, for PSK authentication. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 -static int -psk_server_func(gnutls_session_t session, const char *username, - gnutls_datum_t * key) +static int psk_server_func(gnutls_session_t session, const char *username, + gnutls_datum_t *key) { if (debug) printf("psk: username %s\n", username); @@ -201,18 +200,17 @@ static void server(int sd) psk_server_func); gnutls_psk_set_server_credentials_hint(server_pskcred, "hint"); gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&session, GNUTLS_SERVER); /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA-PSK", - NULL); + gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA-PSK", + NULL); gnutls_credentials_set(session, GNUTLS_CRD_PSK, server_pskcred); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, serverx509cred); @@ -239,11 +237,11 @@ static void server(int sd) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { - fail("server: Received corrupted data(%d). Closing...\n", ret); + fail("server: Received corrupted data(%d). Closing...\n", + ret); break; } else if (ret > 0) { /* echo data back to the client @@ -300,4 +298,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/rsa-rsa-pss.c b/tests/rsa-rsa-pss.c index ec5e84c774..bced5cc1d2 100644 --- a/tests/rsa-rsa-pss.c +++ b/tests/rsa-rsa-pss.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -41,25 +41,22 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "<%d>| %s", level, str); } -const gnutls_datum_t raw_data = { - (void *)"hello there", - 11 -}; +const gnutls_datum_t raw_data = { (void *)"hello there", 11 }; static gnutls_fips140_context_t fips_context; -static void inv_sign_check(unsigned sigalgo, - gnutls_privkey_t privkey, int exp_error) +static void inv_sign_check(unsigned sigalgo, gnutls_privkey_t privkey, + int exp_error) { int ret; gnutls_datum_t signature; - ret = gnutls_privkey_sign_data2(privkey, sigalgo, 0, - &raw_data, &signature); + ret = gnutls_privkey_sign_data2(privkey, sigalgo, 0, &raw_data, + &signature); if (ret != exp_error) fail("gnutls_privkey_sign_data succeeded with %s and %s: %s\n", - gnutls_pk_get_name(gnutls_privkey_get_pk_algorithm - (privkey, NULL)), + gnutls_pk_get_name( + gnutls_privkey_get_pk_algorithm(privkey, NULL)), gnutls_sign_get_name(sigalgo), gnutls_strerror(ret)); if (ret == 0) @@ -85,7 +82,6 @@ static void inv_encryption_check(gnutls_pk_algorithm_t algorithm, gnutls_pk_get_name(algorithm), gnutls_strerror(ret)); gnutls_pubkey_deinit(pubkey); - } static void sign_verify_data(unsigned sigalgo, gnutls_privkey_t privkey, @@ -97,15 +93,15 @@ static void sign_verify_data(unsigned sigalgo, gnutls_privkey_t privkey, gnutls_datum_t signature = { NULL, 0 }; fips_push_context(fips_context); - ret = gnutls_privkey_sign_data2(privkey, sigalgo, sign_flags, - &raw_data, &signature); + ret = gnutls_privkey_sign_data2(privkey, sigalgo, sign_flags, &raw_data, + &signature); fips_pop_context(fips_context, sign_exp_state); if (ret != sign_exp_error) - fail("gnutls_x509_privkey_sign_data returned unexpected error: %s\n", gnutls_strerror(ret)); + fail("gnutls_x509_privkey_sign_data returned unexpected error: %s\n", + gnutls_strerror(ret)); if (ret < 0) { - success - ("skipping verification as signing is expected to fail\n"); + success("skipping verification as signing is expected to fail\n"); } else { gnutls_pubkey_t pubkey; @@ -116,11 +112,11 @@ static void sign_verify_data(unsigned sigalgo, gnutls_privkey_t privkey, if (ret < 0) fail("gnutls_pubkey_import_privkey\n"); - ret = gnutls_pubkey_verify_data2(pubkey, sigalgo, - verify_flags, &raw_data, - &signature); + ret = gnutls_pubkey_verify_data2(pubkey, sigalgo, verify_flags, + &raw_data, &signature); if (ret != verify_exp_error) - fail("gnutls_pubkey_verify_data2 returned unexpected error: %s\n", gnutls_strerror(ret)); + fail("gnutls_pubkey_verify_data2 returned unexpected error: %s\n", + gnutls_strerror(ret)); gnutls_pubkey_deinit(pubkey); } @@ -128,9 +124,9 @@ static void sign_verify_data(unsigned sigalgo, gnutls_privkey_t privkey, gnutls_free(signature.data); } -static void -prepare_keys(gnutls_privkey_t * pkey_rsa_pss, gnutls_privkey_t * pkey_rsa, - gnutls_digest_algorithm_t dig, size_t salt_size) +static void prepare_keys(gnutls_privkey_t *pkey_rsa_pss, + gnutls_privkey_t *pkey_rsa, + gnutls_digest_algorithm_t dig, size_t salt_size) { gnutls_privkey_t pkey; gnutls_x509_privkey_t tkey; @@ -158,16 +154,16 @@ prepare_keys(gnutls_privkey_t * pkey_rsa_pss, gnutls_privkey_t * pkey_rsa, /* import RSA-PSS version of key */ assert(gnutls_privkey_init(pkey_rsa_pss) >= 0); - assert(gnutls_privkey_import_x509_raw - (*pkey_rsa_pss, &tmp, GNUTLS_X509_FMT_PEM, NULL, 0) >= 0); + assert(gnutls_privkey_import_x509_raw( + *pkey_rsa_pss, &tmp, GNUTLS_X509_FMT_PEM, NULL, 0) >= 0); gnutls_free(tmp.data); /* import RSA version of key */ gnutls_x509_privkey_export2(tkey, GNUTLS_X509_FMT_PEM, &tmp); assert(gnutls_privkey_init(pkey_rsa) >= 0); - assert(gnutls_privkey_import_x509_raw - (*pkey_rsa, &tmp, GNUTLS_X509_FMT_PEM, NULL, 0) >= 0); + assert(gnutls_privkey_import_x509_raw( + *pkey_rsa, &tmp, GNUTLS_X509_FMT_PEM, NULL, 0) >= 0); gnutls_x509_privkey_deinit(tkey); gnutls_free(tmp.data); @@ -248,19 +244,17 @@ void doit(void) /* Use the mismatched salt length with the digest length */ prepare_keys(&pkey_rsa_pss, &pkey_rsa, GNUTLS_DIG_SHA256, 48); - sign_verify_data(GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, pkey_rsa_pss, - 0, 0, 0, 0, GNUTLS_FIPS140_OP_NOT_APPROVED); + sign_verify_data(GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, pkey_rsa_pss, 0, 0, 0, + 0, GNUTLS_FIPS140_OP_NOT_APPROVED); sign_verify_data(GNUTLS_SIGN_RSA_PSS_SHA256, pkey_rsa_pss, - GNUTLS_PRIVKEY_FLAG_RSA_PSS_FIXED_SALT_LENGTH, - 0, GNUTLS_E_CONSTRAINT_ERROR, 0, + GNUTLS_PRIVKEY_FLAG_RSA_PSS_FIXED_SALT_LENGTH, 0, + GNUTLS_E_CONSTRAINT_ERROR, 0, /* The error is caught before calling the actual * signing operation. */ GNUTLS_FIPS140_OP_INITIAL); - sign_verify_data(GNUTLS_SIGN_RSA_PSS_SHA256, pkey_rsa_pss, - 0, - GNUTLS_VERIFY_RSA_PSS_FIXED_SALT_LENGTH, - 0, + sign_verify_data(GNUTLS_SIGN_RSA_PSS_SHA256, pkey_rsa_pss, 0, + GNUTLS_VERIFY_RSA_PSS_FIXED_SALT_LENGTH, 0, GNUTLS_E_PK_SIG_VERIFY_FAILED, GNUTLS_FIPS140_OP_NOT_APPROVED); @@ -271,16 +265,14 @@ void doit(void) sign_verify_data(GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, pkey_rsa, 0, 0, 0, 0, GNUTLS_FIPS140_OP_NOT_APPROVED); sign_verify_data(GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, pkey_rsa, - GNUTLS_PRIVKEY_FLAG_RSA_PSS_FIXED_SALT_LENGTH, - 0, GNUTLS_E_CONSTRAINT_ERROR, 0, + GNUTLS_PRIVKEY_FLAG_RSA_PSS_FIXED_SALT_LENGTH, 0, + GNUTLS_E_CONSTRAINT_ERROR, 0, /* The error is caught before calling the actual * signing operation. */ GNUTLS_FIPS140_OP_INITIAL); - sign_verify_data(GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, pkey_rsa, - 0, - GNUTLS_VERIFY_RSA_PSS_FIXED_SALT_LENGTH, - 0, + sign_verify_data(GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, pkey_rsa, 0, + GNUTLS_VERIFY_RSA_PSS_FIXED_SALT_LENGTH, 0, GNUTLS_E_PK_SIG_VERIFY_FAILED, GNUTLS_FIPS140_OP_NOT_APPROVED); diff --git a/tests/safe-renegotiation/srn0.c b/tests/safe-renegotiation/srn0.c index 905aa2aed5..9521599e98 100644 --- a/tests/safe-renegotiation/srn0.c +++ b/tests/safe-renegotiation/srn0.c @@ -28,7 +28,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -47,45 +47,42 @@ static void tls_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; void doit(void) { @@ -106,9 +103,8 @@ void doit(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); gnutls_priority_set_direct(server, "NORMAL:-VERS-ALL:+VERS-TLS1.2", @@ -135,10 +131,10 @@ void doit(void) exit(1); } - if (! - (gnutls_session_get_flags(client) & - GNUTLS_SFLAGS_SAFE_RENEGOTIATION) -|| !(gnutls_session_get_flags(server) & GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { + if (!(gnutls_session_get_flags(client) & + GNUTLS_SFLAGS_SAFE_RENEGOTIATION) || + !(gnutls_session_get_flags(server) & + GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { tls_log_func(0, "Session not using safe renegotiation!\n"); exit(1); } @@ -162,17 +158,19 @@ void doit(void) if (!gnutls_safe_renegotiation_status(client) || !gnutls_safe_renegotiation_status(server)) { - tls_log_func(0, - "Rehandshaked session not using safe renegotiation!\n"); + tls_log_func( + 0, + "Rehandshaked session not using safe renegotiation!\n"); exit(1); } - if (! - (gnutls_session_get_flags(client) & - GNUTLS_SFLAGS_SAFE_RENEGOTIATION) -|| !(gnutls_session_get_flags(server) & GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { - tls_log_func(0, - "Rehandshaked session not using safe renegotiation!\n"); + if (!(gnutls_session_get_flags(client) & + GNUTLS_SFLAGS_SAFE_RENEGOTIATION) || + !(gnutls_session_get_flags(server) & + GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { + tls_log_func( + 0, + "Rehandshaked session not using safe renegotiation!\n"); exit(1); } diff --git a/tests/safe-renegotiation/srn1.c b/tests/safe-renegotiation/srn1.c index 3f29c051b9..fcf2541f37 100644 --- a/tests/safe-renegotiation/srn1.c +++ b/tests/safe-renegotiation/srn1.c @@ -27,7 +27,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -46,45 +46,42 @@ static void tls_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; void doit(void) { @@ -105,14 +102,13 @@ void doit(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); - gnutls_priority_set_direct(server, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION", - NULL); + gnutls_priority_set_direct( + server, "NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION", + NULL); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -121,24 +117,25 @@ void doit(void) gnutls_certificate_allocate_credentials(&clientx509cred); gnutls_init(&client, GNUTLS_CLIENT); gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, clientx509cred); - gnutls_priority_set_direct(client, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION", - NULL); + gnutls_priority_set_direct( + client, + "NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION", + NULL); gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); gnutls_transport_set_ptr(client, client); /* Check that initially no session use the extension. */ - if (gnutls_safe_renegotiation_status(server) - || gnutls_safe_renegotiation_status(client)) { + if (gnutls_safe_renegotiation_status(server) || + gnutls_safe_renegotiation_status(client)) { puts("Client or server using extension before handshake?"); abort(); } if ((gnutls_session_get_flags(client) & - GNUTLS_SFLAGS_SAFE_RENEGOTIATION) - || (gnutls_session_get_flags(server) & - GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { + GNUTLS_SFLAGS_SAFE_RENEGOTIATION) || + (gnutls_session_get_flags(server) & + GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { puts("Client or server using extension before handshake?"); abort(); } diff --git a/tests/safe-renegotiation/srn2.c b/tests/safe-renegotiation/srn2.c index 3857b000fe..b0bec754db 100644 --- a/tests/safe-renegotiation/srn2.c +++ b/tests/safe-renegotiation/srn2.c @@ -25,7 +25,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -44,45 +44,42 @@ static void tls_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; void doit(void) { @@ -103,9 +100,8 @@ void doit(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); gnutls_priority_set_direct(server, "NORMAL:-VERS-ALL:+VERS-TLS1.2", @@ -125,16 +121,16 @@ void doit(void) gnutls_transport_set_ptr(client, client); /* Check that initially no session use the extension. */ - if (gnutls_safe_renegotiation_status(server) - || gnutls_safe_renegotiation_status(client)) { + if (gnutls_safe_renegotiation_status(server) || + gnutls_safe_renegotiation_status(client)) { puts("Client or server using extension before handshake?"); abort(); } if ((gnutls_session_get_flags(client) & - GNUTLS_SFLAGS_SAFE_RENEGOTIATION) - || (gnutls_session_get_flags(server) & - GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { + GNUTLS_SFLAGS_SAFE_RENEGOTIATION) || + (gnutls_session_get_flags(server) & + GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { puts("Client or server using extension before handshake?"); abort(); } @@ -142,16 +138,16 @@ void doit(void) HANDSHAKE(client, server); /* Check that both sessions use the extension. */ - if (!gnutls_safe_renegotiation_status(server) - || !gnutls_safe_renegotiation_status(client)) { + if (!gnutls_safe_renegotiation_status(server) || + !gnutls_safe_renegotiation_status(client)) { puts("Client or server not using safe renegotiation extension?"); abort(); } - if (! - (gnutls_session_get_flags(client) & - GNUTLS_SFLAGS_SAFE_RENEGOTIATION) -|| !(gnutls_session_get_flags(server) & GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { + if (!(gnutls_session_get_flags(client) & + GNUTLS_SFLAGS_SAFE_RENEGOTIATION) || + !(gnutls_session_get_flags(server) & + GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { puts("Client or server not using safe renegotiation extension?"); abort(); } @@ -174,16 +170,16 @@ void doit(void) HANDSHAKE(client, server); /* Check that session still use the extension. */ - if (!gnutls_safe_renegotiation_status(server) - || !gnutls_safe_renegotiation_status(client)) { + if (!gnutls_safe_renegotiation_status(server) || + !gnutls_safe_renegotiation_status(client)) { puts("Client or server not using safe renegotiation extension?"); abort(); } - if (! - (gnutls_session_get_flags(client) & - GNUTLS_SFLAGS_SAFE_RENEGOTIATION) -|| !(gnutls_session_get_flags(server) & GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { + if (!(gnutls_session_get_flags(client) & + GNUTLS_SFLAGS_SAFE_RENEGOTIATION) || + !(gnutls_session_get_flags(server) & + GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { puts("Client or server not using safe renegotiation extension?"); abort(); } diff --git a/tests/safe-renegotiation/srn3.c b/tests/safe-renegotiation/srn3.c index 049c41f610..cd019e63f4 100644 --- a/tests/safe-renegotiation/srn3.c +++ b/tests/safe-renegotiation/srn3.c @@ -27,7 +27,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -46,45 +46,42 @@ static void tls_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; void doit(void) { @@ -105,14 +102,14 @@ void doit(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); - gnutls_priority_set_direct(server, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION", - NULL); + gnutls_priority_set_direct( + server, + "NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION", + NULL); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -121,30 +118,30 @@ void doit(void) gnutls_certificate_allocate_credentials(&clientx509cred); gnutls_init(&client, GNUTLS_CLIENT); gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, clientx509cred); - gnutls_priority_set_direct(client, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION", - NULL); + gnutls_priority_set_direct( + client, "NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION", + NULL); gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); gnutls_transport_set_ptr(client, client); /* Check that initially no session use the extension. */ - if (gnutls_safe_renegotiation_status(server) - || gnutls_safe_renegotiation_status(client)) { + if (gnutls_safe_renegotiation_status(server) || + gnutls_safe_renegotiation_status(client)) { puts("Client or server using extension before handshake?"); abort(); } if ((gnutls_session_get_flags(client) & - GNUTLS_SFLAGS_SAFE_RENEGOTIATION) - || (gnutls_session_get_flags(server) & - GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { + GNUTLS_SFLAGS_SAFE_RENEGOTIATION) || + (gnutls_session_get_flags(server) & + GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { puts("Client or server using extension before handshake?"); abort(); } - HANDSHAKE_EXPECT(client, server, - GNUTLS_E_SAFE_RENEGOTIATION_FAILED, GNUTLS_E_AGAIN); + HANDSHAKE_EXPECT(client, server, GNUTLS_E_SAFE_RENEGOTIATION_FAILED, + GNUTLS_E_AGAIN); gnutls_bye(client, GNUTLS_SHUT_RDWR); gnutls_bye(server, GNUTLS_SHUT_RDWR); diff --git a/tests/safe-renegotiation/srn4.c b/tests/safe-renegotiation/srn4.c index 685725262f..caa6baa9b1 100644 --- a/tests/safe-renegotiation/srn4.c +++ b/tests/safe-renegotiation/srn4.c @@ -27,7 +27,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -46,45 +46,42 @@ static void tls_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; void doit(void) { @@ -105,9 +102,8 @@ void doit(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); gnutls_priority_set_direct(server, "NORMAL:-VERS-ALL:+VERS-TLS1.2", @@ -120,9 +116,10 @@ void doit(void) gnutls_certificate_allocate_credentials(&clientx509cred); gnutls_init(&client, GNUTLS_CLIENT); gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, clientx509cred); - gnutls_priority_set_direct(client, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION", - NULL); + gnutls_priority_set_direct( + client, + "NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION", + NULL); gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); gnutls_transport_set_ptr(client, client); @@ -131,17 +128,17 @@ void doit(void) if (gnutls_safe_renegotiation_status(client) || gnutls_safe_renegotiation_status(server)) { - tls_log_func(0, - "Session using safe renegotiation but shouldn't!\n"); + tls_log_func( + 0, "Session using safe renegotiation but shouldn't!\n"); exit(1); } if ((gnutls_session_get_flags(client) & - GNUTLS_SFLAGS_SAFE_RENEGOTIATION) - || (gnutls_session_get_flags(server) & - GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { - tls_log_func(0, - "Session using safe renegotiation but shouldn't!\n"); + GNUTLS_SFLAGS_SAFE_RENEGOTIATION) || + (gnutls_session_get_flags(server) & + GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { + tls_log_func( + 0, "Session using safe renegotiation but shouldn't!\n"); exit(1); } @@ -165,17 +162,17 @@ void doit(void) if (gnutls_safe_renegotiation_status(client) || gnutls_safe_renegotiation_status(server)) { - tls_log_func(0, - "Rehandshaked session using safe renegotiation!\n"); + tls_log_func( + 0, "Rehandshaked session using safe renegotiation!\n"); exit(1); } if ((gnutls_session_get_flags(client) & - GNUTLS_SFLAGS_SAFE_RENEGOTIATION) - || (gnutls_session_get_flags(server) & - GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { - tls_log_func(0, - "Rehandshaked session using safe renegotiation!\n"); + GNUTLS_SFLAGS_SAFE_RENEGOTIATION) || + (gnutls_session_get_flags(server) & + GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { + tls_log_func( + 0, "Rehandshaked session using safe renegotiation!\n"); exit(1); } diff --git a/tests/safe-renegotiation/srn5.c b/tests/safe-renegotiation/srn5.c index 5f820b5cf0..57dbe143f4 100644 --- a/tests/safe-renegotiation/srn5.c +++ b/tests/safe-renegotiation/srn5.c @@ -28,7 +28,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -47,45 +47,42 @@ static void tls_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; void doit(void) { @@ -106,14 +103,14 @@ void doit(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); - gnutls_priority_set_direct(server, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION", - NULL); + gnutls_priority_set_direct( + server, + "NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION", + NULL); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -143,11 +140,12 @@ void doit(void) } if ((gnutls_session_get_flags(client) & - GNUTLS_SFLAGS_SAFE_RENEGOTIATION) - || (gnutls_session_get_flags(server) & - GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { - tls_log_func(0, - "Server or client thinks it is using safe renegotiation!\n"); + GNUTLS_SFLAGS_SAFE_RENEGOTIATION) || + (gnutls_session_get_flags(server) & + GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { + tls_log_func( + 0, + "Server or client thinks it is using safe renegotiation!\n"); exit(1); } @@ -166,22 +164,22 @@ void doit(void) abort(); } - HANDSHAKE_EXPECT(client, server, - GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED, GNUTLS_E_AGAIN); + HANDSHAKE_EXPECT(client, server, GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED, + GNUTLS_E_AGAIN); if (gnutls_safe_renegotiation_status(client) || gnutls_safe_renegotiation_status(server)) { - tls_log_func(0, - "Rehandshaked session using safe renegotiation!\n"); + tls_log_func( + 0, "Rehandshaked session using safe renegotiation!\n"); exit(1); } if ((gnutls_session_get_flags(client) & - GNUTLS_SFLAGS_SAFE_RENEGOTIATION) - || (gnutls_session_get_flags(server) & - GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { - tls_log_func(0, - "Rehandshaked session using safe renegotiation!\n"); + GNUTLS_SFLAGS_SAFE_RENEGOTIATION) || + (gnutls_session_get_flags(server) & + GNUTLS_SFLAGS_SAFE_RENEGOTIATION)) { + tls_log_func( + 0, "Rehandshaked session using safe renegotiation!\n"); exit(1); } diff --git a/tests/sec-params.c b/tests/sec-params.c index 5f41c0d8f2..8d7bac5c1c 100644 --- a/tests/sec-params.c +++ b/tests/sec-params.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include diff --git a/tests/seccomp.c b/tests/seccomp.c index a3148fea27..86442a543b 100644 --- a/tests/seccomp.c +++ b/tests/seccomp.c @@ -23,12 +23,12 @@ #ifdef HAVE_LIBSECCOMP -# include -# include -# include -# if defined(__linux__) -# include -# endif +#include +#include +#include +#if defined(__linux__) +#include +#endif int disable_system_calls(void) { @@ -41,13 +41,16 @@ int disable_system_calls(void) fprintf(stderr, "could not initialize seccomp"); return -1; } -# define ADD_SYSCALL(name, ...) \ - ret = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(name), __VA_ARGS__); \ - /* libseccomp returns EDOM for pseudo-syscalls due to a bug */ \ - if (ret < 0 && ret != -EDOM) { \ - fprintf(stderr, "could not add " #name " to seccomp filter: %s", strerror(-ret)); \ - ret = -1; \ - goto fail; \ +#define ADD_SYSCALL(name, ...) \ + ret = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(name), \ + __VA_ARGS__); \ + /* libseccomp returns EDOM for pseudo-syscalls due to a bug */ \ + if (ret < 0 && ret != -EDOM) { \ + fprintf(stderr, \ + "could not add " #name " to seccomp filter: %s", \ + strerror(-ret)); \ + ret = -1; \ + goto fail; \ } ADD_SYSCALL(nanosleep, 0); @@ -55,9 +58,9 @@ int disable_system_calls(void) ADD_SYSCALL(time, 0); ADD_SYSCALL(getpid, 0); ADD_SYSCALL(gettimeofday, 0); -# if defined(HAVE_CLOCK_GETTIME) +#if defined(HAVE_CLOCK_GETTIME) ADD_SYSCALL(clock_gettime, 0); -# endif +#endif ADD_SYSCALL(getrusage, 0); @@ -73,9 +76,9 @@ int disable_system_calls(void) /* to read from /dev/urandom */ ADD_SYSCALL(read, 0); -# ifdef SYS_getrandom +#ifdef SYS_getrandom ADD_SYSCALL(getrandom, 0); -# endif +#endif /* we use it in select */ ADD_SYSCALL(sigprocmask, 0); @@ -109,7 +112,7 @@ int disable_system_calls(void) ret = 0; - fail: +fail: seccomp_release(ctx); return ret; } diff --git a/tests/send-client-cert.c b/tests/send-client-cert.c index 27c4c4edb7..30e813a9a0 100644 --- a/tests/send-client-cert.c +++ b/tests/send-client-cert.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -89,15 +89,11 @@ static void try(const char *prio, unsigned expect, unsigned ca_type) gnutls_certificate_server_set_request(server, GNUTLS_CERT_REQUEST); if (ca_type == CORRECT_CA) { - ret = - gnutls_certificate_set_x509_trust_mem(serverx509cred, - &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem( + serverx509cred, &ca3_cert, GNUTLS_X509_FMT_PEM); } else if (ca_type == INCORRECT_CA || ca_type == INCORRECT_CA_FORCE) { - ret = - gnutls_certificate_set_x509_trust_mem(serverx509cred, - &unknown_ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem( + serverx509cred, &unknown_ca_cert, GNUTLS_X509_FMT_PEM); } else if (ca_type == NO_CA) { ret = 0; } else { @@ -127,9 +123,8 @@ static void try(const char *prio, unsigned expect, unsigned ca_type) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -167,7 +162,8 @@ static void try(const char *prio, unsigned expect, unsigned ca_type) } } else { if (gnutls_certificate_get_ours(client) != NULL) { - fail("Test %d: client sent a certificate, although not expected\n", ca_type); + fail("Test %d: client sent a certificate, although not expected\n", + ca_type); exit(1); } } diff --git a/tests/send-data-before-handshake.c b/tests/send-data-before-handshake.c index e932e14dc7..fe4c98b60e 100644 --- a/tests/send-data-before-handshake.c +++ b/tests/send-data-before-handshake.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,19 +35,19 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "cert-common.h" +#include "utils.h" /* This program tests that a client cannot send any unencrypted data * during the handshake process. That is to ensure we protect buggy clients @@ -66,7 +66,7 @@ static void client_log_func(int level, const char *str) static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { int ret; char c = 0; @@ -88,7 +88,7 @@ static int handshake_callback(gnutls_session_t session, unsigned int htype, return 0; } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, const char *prio) { @@ -124,8 +124,7 @@ static void client(int fd, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret == GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM) { /* success */ @@ -142,8 +141,8 @@ static void client(int fd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { do { @@ -162,7 +161,7 @@ static void client(int fd, const char *prio) gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -219,14 +218,14 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* do not wait for the peer to close the connection. */ gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); gnutls_deinit(session); @@ -243,8 +242,7 @@ static void ch_handler(int sig) return; } -static -void start(const char *prio) +static void start(const char *prio) { int fd[2]; int ret, status = 0; @@ -287,4 +285,4 @@ void doit(void) start("NORMAL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/server-kx-neg-common.c b/tests/server-kx-neg-common.c index 42f71751cd..fac3302167 100644 --- a/tests/server-kx-neg-common.c +++ b/tests/server-kx-neg-common.c @@ -46,9 +46,8 @@ typedef struct test_case_st { const char *server_prio; } test_case_st; -static int -serv_psk_func(gnutls_session_t session, const char *username, - gnutls_datum_t * key) +static int serv_psk_func(gnutls_session_t session, const char *username, + gnutls_datum_t *key) { key->data = gnutls_malloc(4); assert(key->data != NULL); @@ -61,22 +60,17 @@ serv_psk_func(gnutls_session_t session, const char *username, } #define SALT_TEST1 "3a3xX3Myzb9YJn5X0R7sbx" -#define VERIF_TEST1 "CEqjUZBlkQCocfOR0E4AsPZKOFYPGjKFMHW7KDcnpE4sH4.iGMbkygb/bViRNjskF9/TQdD46Mvlt6pLs5MZoTn8mO3G.RGyXdWuIrhnVn29p41Cpc5RhTLaeUm3asW6LF60VTKnGERC0eB37xZUsaTpzmaTNdD4mOoYCN3bD9Y" -#define PRIME "Ewl2hcjiutMd3Fu2lgFnUXWSc67TVyy2vwYCKoS9MLsrdJVT9RgWTCuEqWJrfB6uE3LsE9GkOlaZabS7M29sj5TnzUqOLJMjiwEzArfiLr9WbMRANlF68N5AVLcPWvNx6Zjl3m5Scp0BzJBz9TkgfhzKJZ.WtP3Mv/67I/0wmRZ" -gnutls_datum_t tprime = { - .data = (void *)PRIME, - .size = sizeof(PRIME) - 1 -}; - -gnutls_datum_t test1_verif = { - .data = (void *)VERIF_TEST1, - .size = sizeof(VERIF_TEST1) - 1 -}; - -gnutls_datum_t test1_salt = { - .data = (void *)SALT_TEST1, - .size = sizeof(SALT_TEST1) - 1 -}; +#define VERIF_TEST1 \ + "CEqjUZBlkQCocfOR0E4AsPZKOFYPGjKFMHW7KDcnpE4sH4.iGMbkygb/bViRNjskF9/TQdD46Mvlt6pLs5MZoTn8mO3G.RGyXdWuIrhnVn29p41Cpc5RhTLaeUm3asW6LF60VTKnGERC0eB37xZUsaTpzmaTNdD4mOoYCN3bD9Y" +#define PRIME \ + "Ewl2hcjiutMd3Fu2lgFnUXWSc67TVyy2vwYCKoS9MLsrdJVT9RgWTCuEqWJrfB6uE3LsE9GkOlaZabS7M29sj5TnzUqOLJMjiwEzArfiLr9WbMRANlF68N5AVLcPWvNx6Zjl3m5Scp0BzJBz9TkgfhzKJZ.WtP3Mv/67I/0wmRZ" +gnutls_datum_t tprime = { .data = (void *)PRIME, .size = sizeof(PRIME) - 1 }; + +gnutls_datum_t test1_verif = { .data = (void *)VERIF_TEST1, + .size = sizeof(VERIF_TEST1) - 1 }; + +gnutls_datum_t test1_salt = { .data = (void *)SALT_TEST1, + .size = sizeof(SALT_TEST1) - 1 }; const char *side; #define switch_side(str) side = str @@ -87,10 +81,9 @@ static void tls_log_func(int level, const char *str) } #ifdef ENABLE_SRP -static int -serv_srp_func(gnutls_session_t session, const char *username, - gnutls_datum_t * salt, gnutls_datum_t * verifier, - gnutls_datum_t * generator, gnutls_datum_t * prime) +static int serv_srp_func(gnutls_session_t session, const char *username, + gnutls_datum_t *salt, gnutls_datum_t *verifier, + gnutls_datum_t *generator, gnutls_datum_t *prime) { int ret; if (debug) @@ -120,7 +113,7 @@ serv_srp_func(gnutls_session_t session, const char *username, } #endif -static void try(test_case_st * test) +static void try(test_case_st *test) { int sret, cret, ret; gnutls_anon_client_credentials_t c_anon_cred; @@ -133,8 +126,8 @@ static void try(test_case_st * test) gnutls_srp_server_credentials_t s_srp_cred; gnutls_srp_client_credentials_t c_srp_cred; #endif - const gnutls_datum_t p3_2048 = - { (void *)pkcs3_2048, strlen(pkcs3_2048) }; + const gnutls_datum_t p3_2048 = { (void *)pkcs3_2048, + strlen(pkcs3_2048) }; gnutls_dh_params_t dh_params = NULL; gnutls_session_t server, client; @@ -170,11 +163,11 @@ static void try(test_case_st * test) if (test->have_anon_cred) { gnutls_credentials_set(server, GNUTLS_CRD_ANON, s_anon_cred); if (test->have_anon_dh_params) - gnutls_anon_set_server_known_dh_params(s_anon_cred, - GNUTLS_SEC_PARAM_MEDIUM); + gnutls_anon_set_server_known_dh_params( + s_anon_cred, GNUTLS_SEC_PARAM_MEDIUM); else if (test->have_anon_exp_dh_params) { - ret = gnutls_dh_params_import_pkcs3(dh_params, &p3_2048, - GNUTLS_X509_FMT_PEM); + ret = gnutls_dh_params_import_pkcs3( + dh_params, &p3_2048, GNUTLS_X509_FMT_PEM); assert(ret >= 0); gnutls_anon_set_server_dh_params(s_anon_cred, dh_params); @@ -185,11 +178,11 @@ static void try(test_case_st * test) gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, s_cert_cred); if (test->have_cert_dh_params) - gnutls_certificate_set_known_dh_params(s_cert_cred, - GNUTLS_SEC_PARAM_MEDIUM); + gnutls_certificate_set_known_dh_params( + s_cert_cred, GNUTLS_SEC_PARAM_MEDIUM); else if (test->have_cert_exp_dh_params) { - ret = gnutls_dh_params_import_pkcs3(dh_params, &p3_2048, - GNUTLS_X509_FMT_PEM); + ret = gnutls_dh_params_import_pkcs3( + dh_params, &p3_2048, GNUTLS_X509_FMT_PEM); assert(ret >= 0); gnutls_certificate_set_dh_params(s_cert_cred, dh_params); @@ -199,11 +192,11 @@ static void try(test_case_st * test) if (test->have_psk_cred) { gnutls_credentials_set(server, GNUTLS_CRD_PSK, s_psk_cred); if (test->have_psk_dh_params) - gnutls_psk_set_server_known_dh_params(s_psk_cred, - GNUTLS_SEC_PARAM_MEDIUM); + gnutls_psk_set_server_known_dh_params( + s_psk_cred, GNUTLS_SEC_PARAM_MEDIUM); else if (test->have_psk_exp_dh_params) { - ret = gnutls_dh_params_import_pkcs3(dh_params, &p3_2048, - GNUTLS_X509_FMT_PEM); + ret = gnutls_dh_params_import_pkcs3( + dh_params, &p3_2048, GNUTLS_X509_FMT_PEM); assert(ret >= 0); gnutls_psk_set_server_dh_params(s_psk_cred, dh_params); } @@ -221,39 +214,43 @@ static void try(test_case_st * test) #endif if (test->have_rsa_decrypt_cert) { - assert(gnutls_certificate_set_x509_key_mem - (s_cert_cred, &server_ca3_localhost_rsa_decrypt_cert, - &server_ca3_key, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + s_cert_cred, + &server_ca3_localhost_rsa_decrypt_cert, + &server_ca3_key, GNUTLS_X509_FMT_PEM) >= 0); } if (test->have_ecc_sign_cert) { - assert(gnutls_certificate_set_x509_key_mem - (s_cert_cred, &server_ca3_localhost_ecc_cert, - &server_ca3_ecc_key, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + s_cert_cred, &server_ca3_localhost_ecc_cert, + &server_ca3_ecc_key, GNUTLS_X509_FMT_PEM) >= 0); } if (test->have_ed25519_sign_cert) { - assert(gnutls_certificate_set_x509_key_mem - (s_cert_cred, &server_ca3_eddsa_cert, - &server_ca3_eddsa_key, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + s_cert_cred, &server_ca3_eddsa_cert, + &server_ca3_eddsa_key, + GNUTLS_X509_FMT_PEM) >= 0); } if (test->have_rsa_sign_cert) { - assert(gnutls_certificate_set_x509_key_mem - (s_cert_cred, &server_ca3_localhost_rsa_sign_cert, - &server_ca3_key, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + s_cert_cred, &server_ca3_localhost_rsa_sign_cert, + &server_ca3_key, GNUTLS_X509_FMT_PEM) >= 0); } if (test->have_gost12_256_cert) { - assert(gnutls_certificate_set_x509_key_mem - (s_cert_cred, &server_ca3_gost12_256_cert, - &server_ca3_gost12_256_key, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + s_cert_cred, &server_ca3_gost12_256_cert, + &server_ca3_gost12_256_key, + GNUTLS_X509_FMT_PEM) >= 0); } if (test->have_gost12_512_cert) { - assert(gnutls_certificate_set_x509_key_mem - (s_cert_cred, &server_ca3_gost12_512_cert, - &server_ca3_gost12_512_key, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + s_cert_cred, &server_ca3_gost12_512_cert, + &server_ca3_gost12_512_key, + GNUTLS_X509_FMT_PEM) >= 0); } /* client does everything */ @@ -264,8 +261,8 @@ static void try(test_case_st * test) gnutls_credentials_set(client, GNUTLS_CRD_SRP, c_srp_cred); #endif - assert(gnutls_psk_set_client_credentials - (c_psk_cred, "psk", &pskkey, GNUTLS_PSK_KEY_HEX) >= 0); + assert(gnutls_psk_set_client_credentials(c_psk_cred, "psk", &pskkey, + GNUTLS_PSK_KEY_HEX) >= 0); #ifdef ENABLE_SRP assert(gnutls_srp_set_client_credentials(c_srp_cred, "test1", "test") >= @@ -284,12 +281,13 @@ static void try(test_case_st * test) HANDSHAKE_EXPECT(client, server, test->client_ret, test->server_ret); - if (test->client_ret == 0 && test->server_ret == 0 && test->exp_version) { + if (test->client_ret == 0 && test->server_ret == 0 && + test->exp_version) { if (gnutls_protocol_get_version(client) != test->exp_version) fail("expected version (%s) does not match %s\n", gnutls_protocol_get_name(test->exp_version), - gnutls_protocol_get_name - (gnutls_protocol_get_version(client))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(client))); } gnutls_deinit(server); diff --git a/tests/server-secrets.h b/tests/server-secrets.h index 6549e89a57..4f911adc37 100644 --- a/tests/server-secrets.h +++ b/tests/server-secrets.h @@ -22,345 +22,345 @@ */ #ifndef GNUTLS_TESTS_SERVER_SECRETS_H -# define GNUTLS_TESTS_SERVER_SECRETS_H +#define GNUTLS_TESTS_SERVER_SECRETS_H static const struct secret server_normal_0[] = { { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\x24\x24\xaf\xad\xa8\x0e\x40\xc6\xa1\xc3\x05\xff\x5a\xe5\x04\xb9\xc4\xc2\xff\xd6\x2b\x9a\xb8\x43\x85\x78\x92\x1e\x69\x44\x3d\xe2", - (const uint8_t *) - "\xdc\x47\xf1\x8b\x33\xd6\x08\x26\xa1\xad\xd9\xb0\x81\xee\x32\x01\xb6\xfc\xce\x9a\xa0\x35\xd1\x30\x61\x85\x2d\xff\x3d\xb1\xe5\x49", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - NULL, - (const uint8_t *) - "\x03\x38\xcf\x43\x68\x90\x01\x7a\xdb\x06\x7d\x92\x08\xcf\x67\x22\x41\xa7\xd3\xe7\x7e\x3a\xaf\x50\xd6\x5c\xaa\xfe\x90\xa4\x87\xa2", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\x5c\x6f\xe8\x8b\xac\x0a\x7b\x04\x76\x9f\xe8\x2a\x7c\x06\x19\x4c\xa7\x51\x5c\xfe\xb9\x31\x25\x0d\x3b\x07\x78\xa9\xdd\x2d\x27\x72", - NULL, - }, + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\x24\x24\xaf\xad\xa8\x0e\x40\xc6\xa1\xc3\x05\xff\x5a\xe5\x04\xb9\xc4\xc2\xff\xd6\x2b\x9a\xb8\x43\x85\x78\x92\x1e\x69\x44\x3d\xe2", + (const uint8_t + *)"\xdc\x47\xf1\x8b\x33\xd6\x08\x26\xa1\xad\xd9\xb0\x81\xee\x32\x01\xb6\xfc\xce\x9a\xa0\x35\xd1\x30\x61\x85\x2d\xff\x3d\xb1\xe5\x49", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + NULL, + (const uint8_t + *)"\x03\x38\xcf\x43\x68\x90\x01\x7a\xdb\x06\x7d\x92\x08\xcf\x67\x22\x41\xa7\xd3\xe7\x7e\x3a\xaf\x50\xd6\x5c\xaa\xfe\x90\xa4\x87\xa2", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\x5c\x6f\xe8\x8b\xac\x0a\x7b\x04\x76\x9f\xe8\x2a\x7c\x06\x19\x4c\xa7\x51\x5c\xfe\xb9\x31\x25\x0d\x3b\x07\x78\xa9\xdd\x2d\x27\x72", + NULL, + }, }; static const struct secret server_normal_1[] = { { - GNUTLS_ENCRYPTION_LEVEL_EARLY, - 32, - (const uint8_t *) - "\x6f\x16\x97\x8e\x90\x94\x77\x40\x0f\x00\xff\x79\x1c\x15\x20\x19\xeb\xc6\x10\x59\x8f\x92\xac\xab\xe6\xc8\x3c\x12\x30\x94\x91\x12", - NULL, - }, - { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - NULL, - (const uint8_t *) - "\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", - }, - { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", - NULL, - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - NULL, - (const uint8_t *) - "\xf8\xa9\xd5\xe6\x18\xbb\xb7\x07\x1d\xb3\x8f\x78\x61\x30\x63\x01\xa5\x49\xc6\x05\x92\x7f\x67\x98\x72\x76\x75\xb1\x31\x1f\x14\xf9", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\xab\xa3\xf5\x4f\xcc\x3f\xd7\xb7\x23\x73\x51\x6e\x64\xc1\xaa\x6b\xa9\x77\x30\x58\xe6\xd4\xf5\xe9\xa5\xd2\x0d\x35\x42\x65\xda\xf1", - NULL, - }, + GNUTLS_ENCRYPTION_LEVEL_EARLY, + 32, + (const uint8_t + *)"\x6f\x16\x97\x8e\x90\x94\x77\x40\x0f\x00\xff\x79\x1c\x15\x20\x19\xeb\xc6\x10\x59\x8f\x92\xac\xab\xe6\xc8\x3c\x12\x30\x94\x91\x12", + NULL, + }, + { + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + NULL, + (const uint8_t + *)"\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", + }, + { + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", + NULL, + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + NULL, + (const uint8_t + *)"\xf8\xa9\xd5\xe6\x18\xbb\xb7\x07\x1d\xb3\x8f\x78\x61\x30\x63\x01\xa5\x49\xc6\x05\x92\x7f\x67\x98\x72\x76\x75\xb1\x31\x1f\x14\xf9", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\xab\xa3\xf5\x4f\xcc\x3f\xd7\xb7\x23\x73\x51\x6e\x64\xc1\xaa\x6b\xa9\x77\x30\x58\xe6\xd4\xf5\xe9\xa5\xd2\x0d\x35\x42\x65\xda\xf1", + NULL, + }, }; static const struct secret server_normal_2[] = { { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", - (const uint8_t *) - "\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - NULL, - (const uint8_t *) - "\xd8\xdf\x24\xd6\xe1\xdc\x86\x3b\x88\x3d\x2b\xad\x56\xec\x22\xd4\x5c\xaf\xa9\x24\xa3\x90\x20\xa1\xae\x77\x5c\x7d\xef\x3d\xcc\x5b", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\x8d\x02\xe0\xe8\x5f\x9a\xcc\xc7\x8c\x81\x3b\x58\x5f\xa9\xdb\xfd\x98\xb1\x1f\xcc\x3e\x7b\xca\xe7\xef\x05\x4c\x84\x6c\xe1\x11\x25", - NULL, - }, + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", + (const uint8_t + *)"\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + NULL, + (const uint8_t + *)"\xd8\xdf\x24\xd6\xe1\xdc\x86\x3b\x88\x3d\x2b\xad\x56\xec\x22\xd4\x5c\xaf\xa9\x24\xa3\x90\x20\xa1\xae\x77\x5c\x7d\xef\x3d\xcc\x5b", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\x8d\x02\xe0\xe8\x5f\x9a\xcc\xc7\x8c\x81\x3b\x58\x5f\xa9\xdb\xfd\x98\xb1\x1f\xcc\x3e\x7b\xca\xe7\xef\x05\x4c\x84\x6c\xe1\x11\x25", + NULL, + }, }; static const struct secret server_small_0[] = { { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\x24\x24\xaf\xad\xa8\x0e\x40\xc6\xa1\xc3\x05\xff\x5a\xe5\x04\xb9\xc4\xc2\xff\xd6\x2b\x9a\xb8\x43\x85\x78\x92\x1e\x69\x44\x3d\xe2", - (const uint8_t *) - "\xdc\x47\xf1\x8b\x33\xd6\x08\x26\xa1\xad\xd9\xb0\x81\xee\x32\x01\xb6\xfc\xce\x9a\xa0\x35\xd1\x30\x61\x85\x2d\xff\x3d\xb1\xe5\x49", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - NULL, - (const uint8_t *) - "\x03\x38\xcf\x43\x68\x90\x01\x7a\xdb\x06\x7d\x92\x08\xcf\x67\x22\x41\xa7\xd3\xe7\x7e\x3a\xaf\x50\xd6\x5c\xaa\xfe\x90\xa4\x87\xa2", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\x5c\x6f\xe8\x8b\xac\x0a\x7b\x04\x76\x9f\xe8\x2a\x7c\x06\x19\x4c\xa7\x51\x5c\xfe\xb9\x31\x25\x0d\x3b\x07\x78\xa9\xdd\x2d\x27\x72", - NULL, - }, + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\x24\x24\xaf\xad\xa8\x0e\x40\xc6\xa1\xc3\x05\xff\x5a\xe5\x04\xb9\xc4\xc2\xff\xd6\x2b\x9a\xb8\x43\x85\x78\x92\x1e\x69\x44\x3d\xe2", + (const uint8_t + *)"\xdc\x47\xf1\x8b\x33\xd6\x08\x26\xa1\xad\xd9\xb0\x81\xee\x32\x01\xb6\xfc\xce\x9a\xa0\x35\xd1\x30\x61\x85\x2d\xff\x3d\xb1\xe5\x49", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + NULL, + (const uint8_t + *)"\x03\x38\xcf\x43\x68\x90\x01\x7a\xdb\x06\x7d\x92\x08\xcf\x67\x22\x41\xa7\xd3\xe7\x7e\x3a\xaf\x50\xd6\x5c\xaa\xfe\x90\xa4\x87\xa2", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\x5c\x6f\xe8\x8b\xac\x0a\x7b\x04\x76\x9f\xe8\x2a\x7c\x06\x19\x4c\xa7\x51\x5c\xfe\xb9\x31\x25\x0d\x3b\x07\x78\xa9\xdd\x2d\x27\x72", + NULL, + }, }; static const struct secret server_small_1[] = { { - GNUTLS_ENCRYPTION_LEVEL_EARLY, - 32, - (const uint8_t *) - "\x6f\x16\x97\x8e\x90\x94\x77\x40\x0f\x00\xff\x79\x1c\x15\x20\x19\xeb\xc6\x10\x59\x8f\x92\xac\xab\xe6\xc8\x3c\x12\x30\x94\x91\x12", - NULL, - }, - { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - NULL, - (const uint8_t *) - "\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", - }, - { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", - NULL, - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - NULL, - (const uint8_t *) - "\xf8\xa9\xd5\xe6\x18\xbb\xb7\x07\x1d\xb3\x8f\x78\x61\x30\x63\x01\xa5\x49\xc6\x05\x92\x7f\x67\x98\x72\x76\x75\xb1\x31\x1f\x14\xf9", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\xab\xa3\xf5\x4f\xcc\x3f\xd7\xb7\x23\x73\x51\x6e\x64\xc1\xaa\x6b\xa9\x77\x30\x58\xe6\xd4\xf5\xe9\xa5\xd2\x0d\x35\x42\x65\xda\xf1", - NULL, - }, + GNUTLS_ENCRYPTION_LEVEL_EARLY, + 32, + (const uint8_t + *)"\x6f\x16\x97\x8e\x90\x94\x77\x40\x0f\x00\xff\x79\x1c\x15\x20\x19\xeb\xc6\x10\x59\x8f\x92\xac\xab\xe6\xc8\x3c\x12\x30\x94\x91\x12", + NULL, + }, + { + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + NULL, + (const uint8_t + *)"\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", + }, + { + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", + NULL, + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + NULL, + (const uint8_t + *)"\xf8\xa9\xd5\xe6\x18\xbb\xb7\x07\x1d\xb3\x8f\x78\x61\x30\x63\x01\xa5\x49\xc6\x05\x92\x7f\x67\x98\x72\x76\x75\xb1\x31\x1f\x14\xf9", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\xab\xa3\xf5\x4f\xcc\x3f\xd7\xb7\x23\x73\x51\x6e\x64\xc1\xaa\x6b\xa9\x77\x30\x58\xe6\xd4\xf5\xe9\xa5\xd2\x0d\x35\x42\x65\xda\xf1", + NULL, + }, }; static const struct secret server_small_2[] = { { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", - (const uint8_t *) - "\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - NULL, - (const uint8_t *) - "\xd8\xdf\x24\xd6\xe1\xdc\x86\x3b\x88\x3d\x2b\xad\x56\xec\x22\xd4\x5c\xaf\xa9\x24\xa3\x90\x20\xa1\xae\x77\x5c\x7d\xef\x3d\xcc\x5b", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\x8d\x02\xe0\xe8\x5f\x9a\xcc\xc7\x8c\x81\x3b\x58\x5f\xa9\xdb\xfd\x98\xb1\x1f\xcc\x3e\x7b\xca\xe7\xef\x05\x4c\x84\x6c\xe1\x11\x25", - NULL, - }, + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", + (const uint8_t + *)"\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + NULL, + (const uint8_t + *)"\xd8\xdf\x24\xd6\xe1\xdc\x86\x3b\x88\x3d\x2b\xad\x56\xec\x22\xd4\x5c\xaf\xa9\x24\xa3\x90\x20\xa1\xae\x77\x5c\x7d\xef\x3d\xcc\x5b", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\x8d\x02\xe0\xe8\x5f\x9a\xcc\xc7\x8c\x81\x3b\x58\x5f\xa9\xdb\xfd\x98\xb1\x1f\xcc\x3e\x7b\xca\xe7\xef\x05\x4c\x84\x6c\xe1\x11\x25", + NULL, + }, }; static const struct secret server_empty_0[] = { { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\x24\x24\xaf\xad\xa8\x0e\x40\xc6\xa1\xc3\x05\xff\x5a\xe5\x04\xb9\xc4\xc2\xff\xd6\x2b\x9a\xb8\x43\x85\x78\x92\x1e\x69\x44\x3d\xe2", - (const uint8_t *) - "\xdc\x47\xf1\x8b\x33\xd6\x08\x26\xa1\xad\xd9\xb0\x81\xee\x32\x01\xb6\xfc\xce\x9a\xa0\x35\xd1\x30\x61\x85\x2d\xff\x3d\xb1\xe5\x49", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - NULL, - (const uint8_t *) - "\x03\x38\xcf\x43\x68\x90\x01\x7a\xdb\x06\x7d\x92\x08\xcf\x67\x22\x41\xa7\xd3\xe7\x7e\x3a\xaf\x50\xd6\x5c\xaa\xfe\x90\xa4\x87\xa2", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\x5c\x6f\xe8\x8b\xac\x0a\x7b\x04\x76\x9f\xe8\x2a\x7c\x06\x19\x4c\xa7\x51\x5c\xfe\xb9\x31\x25\x0d\x3b\x07\x78\xa9\xdd\x2d\x27\x72", - NULL, - }, + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\x24\x24\xaf\xad\xa8\x0e\x40\xc6\xa1\xc3\x05\xff\x5a\xe5\x04\xb9\xc4\xc2\xff\xd6\x2b\x9a\xb8\x43\x85\x78\x92\x1e\x69\x44\x3d\xe2", + (const uint8_t + *)"\xdc\x47\xf1\x8b\x33\xd6\x08\x26\xa1\xad\xd9\xb0\x81\xee\x32\x01\xb6\xfc\xce\x9a\xa0\x35\xd1\x30\x61\x85\x2d\xff\x3d\xb1\xe5\x49", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + NULL, + (const uint8_t + *)"\x03\x38\xcf\x43\x68\x90\x01\x7a\xdb\x06\x7d\x92\x08\xcf\x67\x22\x41\xa7\xd3\xe7\x7e\x3a\xaf\x50\xd6\x5c\xaa\xfe\x90\xa4\x87\xa2", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\x5c\x6f\xe8\x8b\xac\x0a\x7b\x04\x76\x9f\xe8\x2a\x7c\x06\x19\x4c\xa7\x51\x5c\xfe\xb9\x31\x25\x0d\x3b\x07\x78\xa9\xdd\x2d\x27\x72", + NULL, + }, }; static const struct secret server_empty_1[] = { { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\x87\x07\x01\xdc\x13\xdc\xb7\x93\x26\x53\xff\xa4\x2d\x28\xed\xca\xef\x5b\xa7\x94\x17\x26\xdf\x1f\x8c\x7b\x79\x32\x55\x5e\xcb\x79", - (const uint8_t *) - "\xac\xc2\x07\x48\xba\x3d\x59\x2f\x5f\xce\x79\xda\xa6\x04\x4b\x55\x06\x2c\x9f\x0e\xdf\xda\x42\x51\x9d\x0b\xd9\x39\x4b\x8c\xb2\x7e", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - NULL, - (const uint8_t *) - "\x73\x16\xe6\x0a\x66\xe1\x81\xd8\x74\xfa\x25\xe3\xf3\x1a\xf2\x4d\x84\xd6\xc6\x7a\x1b\x27\x79\x0a\x09\x9e\xd2\xd4\x1d\xdf\x0f\x53", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\x5f\x8e\xfe\x3e\xa0\x41\x27\x9e\xbb\xba\xf2\xa9\x22\xc6\x06\x58\xb5\xbf\x6e\x29\x3d\x84\x10\x4e\x3f\xe3\xc0\x1f\x7a\x2c\xf5\x21", - NULL, - }, + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\x87\x07\x01\xdc\x13\xdc\xb7\x93\x26\x53\xff\xa4\x2d\x28\xed\xca\xef\x5b\xa7\x94\x17\x26\xdf\x1f\x8c\x7b\x79\x32\x55\x5e\xcb\x79", + (const uint8_t + *)"\xac\xc2\x07\x48\xba\x3d\x59\x2f\x5f\xce\x79\xda\xa6\x04\x4b\x55\x06\x2c\x9f\x0e\xdf\xda\x42\x51\x9d\x0b\xd9\x39\x4b\x8c\xb2\x7e", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + NULL, + (const uint8_t + *)"\x73\x16\xe6\x0a\x66\xe1\x81\xd8\x74\xfa\x25\xe3\xf3\x1a\xf2\x4d\x84\xd6\xc6\x7a\x1b\x27\x79\x0a\x09\x9e\xd2\xd4\x1d\xdf\x0f\x53", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\x5f\x8e\xfe\x3e\xa0\x41\x27\x9e\xbb\xba\xf2\xa9\x22\xc6\x06\x58\xb5\xbf\x6e\x29\x3d\x84\x10\x4e\x3f\xe3\xc0\x1f\x7a\x2c\xf5\x21", + NULL, + }, }; static const struct secret server_empty_2[] = { { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\x87\x07\x01\xdc\x13\xdc\xb7\x93\x26\x53\xff\xa4\x2d\x28\xed\xca\xef\x5b\xa7\x94\x17\x26\xdf\x1f\x8c\x7b\x79\x32\x55\x5e\xcb\x79", - (const uint8_t *) - "\xac\xc2\x07\x48\xba\x3d\x59\x2f\x5f\xce\x79\xda\xa6\x04\x4b\x55\x06\x2c\x9f\x0e\xdf\xda\x42\x51\x9d\x0b\xd9\x39\x4b\x8c\xb2\x7e", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - NULL, - (const uint8_t *) - "\x73\x16\xe6\x0a\x66\xe1\x81\xd8\x74\xfa\x25\xe3\xf3\x1a\xf2\x4d\x84\xd6\xc6\x7a\x1b\x27\x79\x0a\x09\x9e\xd2\xd4\x1d\xdf\x0f\x53", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\x5f\x8e\xfe\x3e\xa0\x41\x27\x9e\xbb\xba\xf2\xa9\x22\xc6\x06\x58\xb5\xbf\x6e\x29\x3d\x84\x10\x4e\x3f\xe3\xc0\x1f\x7a\x2c\xf5\x21", - NULL, - }, + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\x87\x07\x01\xdc\x13\xdc\xb7\x93\x26\x53\xff\xa4\x2d\x28\xed\xca\xef\x5b\xa7\x94\x17\x26\xdf\x1f\x8c\x7b\x79\x32\x55\x5e\xcb\x79", + (const uint8_t + *)"\xac\xc2\x07\x48\xba\x3d\x59\x2f\x5f\xce\x79\xda\xa6\x04\x4b\x55\x06\x2c\x9f\x0e\xdf\xda\x42\x51\x9d\x0b\xd9\x39\x4b\x8c\xb2\x7e", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + NULL, + (const uint8_t + *)"\x73\x16\xe6\x0a\x66\xe1\x81\xd8\x74\xfa\x25\xe3\xf3\x1a\xf2\x4d\x84\xd6\xc6\x7a\x1b\x27\x79\x0a\x09\x9e\xd2\xd4\x1d\xdf\x0f\x53", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\x5f\x8e\xfe\x3e\xa0\x41\x27\x9e\xbb\xba\xf2\xa9\x22\xc6\x06\x58\xb5\xbf\x6e\x29\x3d\x84\x10\x4e\x3f\xe3\xc0\x1f\x7a\x2c\xf5\x21", + NULL, + }, }; static const struct secret server_explicit_0[] = { { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\x24\x24\xaf\xad\xa8\x0e\x40\xc6\xa1\xc3\x05\xff\x5a\xe5\x04\xb9\xc4\xc2\xff\xd6\x2b\x9a\xb8\x43\x85\x78\x92\x1e\x69\x44\x3d\xe2", - (const uint8_t *) - "\xdc\x47\xf1\x8b\x33\xd6\x08\x26\xa1\xad\xd9\xb0\x81\xee\x32\x01\xb6\xfc\xce\x9a\xa0\x35\xd1\x30\x61\x85\x2d\xff\x3d\xb1\xe5\x49", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - NULL, - (const uint8_t *) - "\x03\x38\xcf\x43\x68\x90\x01\x7a\xdb\x06\x7d\x92\x08\xcf\x67\x22\x41\xa7\xd3\xe7\x7e\x3a\xaf\x50\xd6\x5c\xaa\xfe\x90\xa4\x87\xa2", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\x5c\x6f\xe8\x8b\xac\x0a\x7b\x04\x76\x9f\xe8\x2a\x7c\x06\x19\x4c\xa7\x51\x5c\xfe\xb9\x31\x25\x0d\x3b\x07\x78\xa9\xdd\x2d\x27\x72", - NULL, - }, + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\x24\x24\xaf\xad\xa8\x0e\x40\xc6\xa1\xc3\x05\xff\x5a\xe5\x04\xb9\xc4\xc2\xff\xd6\x2b\x9a\xb8\x43\x85\x78\x92\x1e\x69\x44\x3d\xe2", + (const uint8_t + *)"\xdc\x47\xf1\x8b\x33\xd6\x08\x26\xa1\xad\xd9\xb0\x81\xee\x32\x01\xb6\xfc\xce\x9a\xa0\x35\xd1\x30\x61\x85\x2d\xff\x3d\xb1\xe5\x49", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + NULL, + (const uint8_t + *)"\x03\x38\xcf\x43\x68\x90\x01\x7a\xdb\x06\x7d\x92\x08\xcf\x67\x22\x41\xa7\xd3\xe7\x7e\x3a\xaf\x50\xd6\x5c\xaa\xfe\x90\xa4\x87\xa2", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\x5c\x6f\xe8\x8b\xac\x0a\x7b\x04\x76\x9f\xe8\x2a\x7c\x06\x19\x4c\xa7\x51\x5c\xfe\xb9\x31\x25\x0d\x3b\x07\x78\xa9\xdd\x2d\x27\x72", + NULL, + }, }; static const struct secret server_explicit_1[] = { { - GNUTLS_ENCRYPTION_LEVEL_EARLY, - 32, - (const uint8_t *) - "\x6f\x16\x97\x8e\x90\x94\x77\x40\x0f\x00\xff\x79\x1c\x15\x20\x19\xeb\xc6\x10\x59\x8f\x92\xac\xab\xe6\xc8\x3c\x12\x30\x94\x91\x12", - NULL, - }, - { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - NULL, - (const uint8_t *) - "\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", - }, - { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", - NULL, - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - NULL, - (const uint8_t *) - "\xf8\xa9\xd5\xe6\x18\xbb\xb7\x07\x1d\xb3\x8f\x78\x61\x30\x63\x01\xa5\x49\xc6\x05\x92\x7f\x67\x98\x72\x76\x75\xb1\x31\x1f\x14\xf9", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\xab\xa3\xf5\x4f\xcc\x3f\xd7\xb7\x23\x73\x51\x6e\x64\xc1\xaa\x6b\xa9\x77\x30\x58\xe6\xd4\xf5\xe9\xa5\xd2\x0d\x35\x42\x65\xda\xf1", - NULL, - }, + GNUTLS_ENCRYPTION_LEVEL_EARLY, + 32, + (const uint8_t + *)"\x6f\x16\x97\x8e\x90\x94\x77\x40\x0f\x00\xff\x79\x1c\x15\x20\x19\xeb\xc6\x10\x59\x8f\x92\xac\xab\xe6\xc8\x3c\x12\x30\x94\x91\x12", + NULL, + }, + { + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + NULL, + (const uint8_t + *)"\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", + }, + { + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", + NULL, + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + NULL, + (const uint8_t + *)"\xf8\xa9\xd5\xe6\x18\xbb\xb7\x07\x1d\xb3\x8f\x78\x61\x30\x63\x01\xa5\x49\xc6\x05\x92\x7f\x67\x98\x72\x76\x75\xb1\x31\x1f\x14\xf9", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\xab\xa3\xf5\x4f\xcc\x3f\xd7\xb7\x23\x73\x51\x6e\x64\xc1\xaa\x6b\xa9\x77\x30\x58\xe6\xd4\xf5\xe9\xa5\xd2\x0d\x35\x42\x65\xda\xf1", + NULL, + }, }; static const struct secret server_explicit_2[] = { { - GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, - 32, - (const uint8_t *) - "\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", - (const uint8_t *) - "\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - NULL, - (const uint8_t *) - "\xd8\xdf\x24\xd6\xe1\xdc\x86\x3b\x88\x3d\x2b\xad\x56\xec\x22\xd4\x5c\xaf\xa9\x24\xa3\x90\x20\xa1\xae\x77\x5c\x7d\xef\x3d\xcc\x5b", - }, - { - GNUTLS_ENCRYPTION_LEVEL_APPLICATION, - 32, - (const uint8_t *) - "\x8d\x02\xe0\xe8\x5f\x9a\xcc\xc7\x8c\x81\x3b\x58\x5f\xa9\xdb\xfd\x98\xb1\x1f\xcc\x3e\x7b\xca\xe7\xef\x05\x4c\x84\x6c\xe1\x11\x25", - NULL, - }, + GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE, + 32, + (const uint8_t + *)"\xe7\xf5\x57\x48\x54\x71\xae\xc0\xba\x8d\x12\x90\xc5\x25\xef\xe3\xc7\xea\x39\x09\x24\xe8\x20\x6d\x03\x8d\x80\x1e\xdd\x24\xbb\x5a", + (const uint8_t + *)"\xf0\x91\x46\x67\xe1\x36\xb5\xd2\x30\x71\xc9\x1d\xcc\x56\xc3\x9d\xee\xfa\x26\xdb\xe4\xe2\x17\xb7\x3d\xb9\x27\x6a\x7c\xa5\xe7\xa9", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + NULL, + (const uint8_t + *)"\xd8\xdf\x24\xd6\xe1\xdc\x86\x3b\x88\x3d\x2b\xad\x56\xec\x22\xd4\x5c\xaf\xa9\x24\xa3\x90\x20\xa1\xae\x77\x5c\x7d\xef\x3d\xcc\x5b", + }, + { + GNUTLS_ENCRYPTION_LEVEL_APPLICATION, + 32, + (const uint8_t + *)"\x8d\x02\xe0\xe8\x5f\x9a\xcc\xc7\x8c\x81\x3b\x58\x5f\xa9\xdb\xfd\x98\xb1\x1f\xcc\x3e\x7b\xca\xe7\xef\x05\x4c\x84\x6c\xe1\x11\x25", + NULL, + }, }; -#endif /* GNUTLS_TESTS_SERVER_SECRETS_H */ +#endif /* GNUTLS_TESTS_SERVER_SECRETS_H */ diff --git a/tests/server-sign-md5-rep.c b/tests/server-sign-md5-rep.c index c7f31c9e63..06dabf34ad 100644 --- a/tests/server-sign-md5-rep.c +++ b/tests/server-sign-md5-rep.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,20 +40,20 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "utils.h" -# include "cert-common.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "utils.h" +#include "cert-common.h" pid_t child; @@ -65,50 +65,35 @@ static void tls_log_func(int level, const char *str) static unsigned char tls1_hello[] = { 0x16, 0x03, 0x01, 0x01, 0x5E, 0x01, 0x00, 0x01, 0x5A, 0x03, 0x03, 0x59, - 0x52, 0x41, 0x54, 0xD5, - 0x52, 0x62, 0x63, 0x69, 0x1B, 0x46, 0xBE, 0x33, 0xCC, 0xC4, 0xC3, 0xB3, - 0x6C, 0xCD, 0xEC, 0x96, - 0xF7, 0x7A, 0xCA, 0xE9, 0xFB, 0x85, 0x95, 0x83, 0x51, 0xE4, 0x69, 0x00, - 0x00, 0xD4, 0xC0, 0x30, + 0x52, 0x41, 0x54, 0xD5, 0x52, 0x62, 0x63, 0x69, 0x1B, 0x46, 0xBE, 0x33, + 0xCC, 0xC4, 0xC3, 0xB3, 0x6C, 0xCD, 0xEC, 0x96, 0xF7, 0x7A, 0xCA, 0xE9, + 0xFB, 0x85, 0x95, 0x83, 0x51, 0xE4, 0x69, 0x00, 0x00, 0xD4, 0xC0, 0x30, 0xCC, 0xA8, 0xC0, 0x8B, 0xC0, 0x14, 0xC0, 0x28, 0xC0, 0x77, 0xC0, 0x2F, - 0xC0, 0x8A, 0xC0, 0x13, - 0xC0, 0x27, 0xC0, 0x76, 0xC0, 0x12, 0xC0, 0x2C, 0xC0, 0xAD, 0xCC, 0xA9, - 0xC0, 0x87, 0xC0, 0x0A, - 0xC0, 0x24, 0xC0, 0x73, 0xC0, 0x2B, 0xC0, 0xAC, 0xC0, 0x86, 0xC0, 0x09, - 0xC0, 0x23, 0xC0, 0x72, + 0xC0, 0x8A, 0xC0, 0x13, 0xC0, 0x27, 0xC0, 0x76, 0xC0, 0x12, 0xC0, 0x2C, + 0xC0, 0xAD, 0xCC, 0xA9, 0xC0, 0x87, 0xC0, 0x0A, 0xC0, 0x24, 0xC0, 0x73, + 0xC0, 0x2B, 0xC0, 0xAC, 0xC0, 0x86, 0xC0, 0x09, 0xC0, 0x23, 0xC0, 0x72, 0xC0, 0x08, 0x00, 0x9D, 0xC0, 0x9D, 0xC0, 0x7B, 0x00, 0x35, 0x00, 0x3D, - 0x00, 0x84, 0x00, 0xC0, - 0x00, 0x9C, 0xC0, 0x9C, 0xC0, 0x7A, 0x00, 0x2F, 0x00, 0x3C, 0x00, 0x41, - 0x00, 0xBA, 0x00, 0x0A, - 0x00, 0x9F, 0xC0, 0x9F, 0xCC, 0xAA, 0xC0, 0x7D, 0x00, 0x39, 0x00, 0x6B, - 0x00, 0x88, 0x00, 0xC4, + 0x00, 0x84, 0x00, 0xC0, 0x00, 0x9C, 0xC0, 0x9C, 0xC0, 0x7A, 0x00, 0x2F, + 0x00, 0x3C, 0x00, 0x41, 0x00, 0xBA, 0x00, 0x0A, 0x00, 0x9F, 0xC0, 0x9F, + 0xCC, 0xAA, 0xC0, 0x7D, 0x00, 0x39, 0x00, 0x6B, 0x00, 0x88, 0x00, 0xC4, 0x00, 0x9E, 0xC0, 0x9E, 0xC0, 0x7C, 0x00, 0x33, 0x00, 0x67, 0x00, 0x45, - 0x00, 0xBE, 0x00, 0x16, - 0x00, 0xA3, 0xC0, 0x81, 0x00, 0x38, 0x00, 0x6A, 0x00, 0x87, 0x00, 0xC3, - 0x00, 0xA2, 0xC0, 0x80, - 0x00, 0x32, 0x00, 0x40, 0x00, 0x44, 0x00, 0xBD, 0x00, 0x13, 0x00, 0xA9, - 0xC0, 0xA5, 0xCC, 0xAB, + 0x00, 0xBE, 0x00, 0x16, 0x00, 0xA3, 0xC0, 0x81, 0x00, 0x38, 0x00, 0x6A, + 0x00, 0x87, 0x00, 0xC3, 0x00, 0xA2, 0xC0, 0x80, 0x00, 0x32, 0x00, 0x40, + 0x00, 0x44, 0x00, 0xBD, 0x00, 0x13, 0x00, 0xA9, 0xC0, 0xA5, 0xCC, 0xAB, 0xC0, 0x8F, 0x00, 0x8D, 0x00, 0xAF, 0xC0, 0x95, 0x00, 0xA8, 0xC0, 0xA4, - 0xC0, 0x8E, 0x00, 0x8C, - 0x00, 0xAE, 0xC0, 0x94, 0x00, 0x8B, 0x00, 0xAB, 0xC0, 0xA7, 0xCC, 0xAD, - 0xC0, 0x91, 0x00, 0x91, - 0x00, 0xB3, 0xC0, 0x97, 0x00, 0xAA, 0xC0, 0xA6, 0xC0, 0x90, 0x00, 0x90, - 0x00, 0xB2, 0xC0, 0x96, + 0xC0, 0x8E, 0x00, 0x8C, 0x00, 0xAE, 0xC0, 0x94, 0x00, 0x8B, 0x00, 0xAB, + 0xC0, 0xA7, 0xCC, 0xAD, 0xC0, 0x91, 0x00, 0x91, 0x00, 0xB3, 0xC0, 0x97, + 0x00, 0xAA, 0xC0, 0xA6, 0xC0, 0x90, 0x00, 0x90, 0x00, 0xB2, 0xC0, 0x96, 0x00, 0x8F, 0xCC, 0xAC, 0xC0, 0x36, 0xC0, 0x38, 0xC0, 0x9B, 0xC0, 0x35, - 0xC0, 0x37, 0xC0, 0x9A, - 0xC0, 0x34, 0x01, 0x00, 0x00, 0x5D, 0x00, 0x17, 0x00, 0x00, 0x00, 0x16, - 0x00, 0x00, 0x00, 0x05, - 0x00, 0x05, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x13, 0x00, - 0x11, 0x00, 0x00, 0x0E, + 0xC0, 0x37, 0xC0, 0x9A, 0xC0, 0x34, 0x01, 0x00, 0x00, 0x5D, 0x00, 0x17, + 0x00, 0x00, 0x00, 0x16, 0x00, 0x00, 0x00, 0x05, 0x00, 0x05, 0x01, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x13, 0x00, 0x11, 0x00, 0x00, 0x0E, 0x77, 0x77, 0x77, 0x2E, 0x67, 0x6F, 0x6F, 0x67, 0x6C, 0x65, 0x2E, 0x63, - 0x6F, 0x6D, 0xFF, 0x01, - 0x00, 0x01, 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x0A, 0x00, 0x08, 0x00, - 0x06, 0x00, 0x17, 0x00, - 0x18, 0x00, 0x19, 0x00, 0x0B, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0D, 0x00, - 0x16, 0x00, 0x14, 0x01, + 0x6F, 0x6D, 0xFF, 0x01, 0x00, 0x01, 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, + 0x0A, 0x00, 0x08, 0x00, 0x06, 0x00, 0x17, 0x00, 0x18, 0x00, 0x19, 0x00, + 0x0B, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0D, 0x00, 0x16, 0x00, 0x14, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, - 0x01, 0x01, 0x01, 0x01, - 0x01, 0x01, 0x01 + 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }; static void client(int sd) @@ -186,8 +171,9 @@ static void server(int sd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - assert(gnutls_priority_set_direct - (session, "NORMAL:-VERS-ALL:+VERS-TLS1.2:-RSA", NULL) >= 0); + assert(gnutls_priority_set_direct(session, + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-RSA", + NULL) >= 0); gnutls_handshake_set_timeout(session, get_timeout()); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -250,4 +236,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/server_ecdsa_key.c b/tests/server_ecdsa_key.c index 633135ceeb..30b1057e8f 100644 --- a/tests/server_ecdsa_key.c +++ b/tests/server_ecdsa_key.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -28,10 +28,10 @@ #include #include #if !defined(_WIN32) -# include -# include -# include -# include +#include +#include +#include +#include #endif #include #include @@ -67,26 +67,22 @@ void doit(void) assert(gnutls_certificate_allocate_credentials(&cli_cred) >= 0); - ret = - gnutls_certificate_set_x509_trust_mem(cli_cred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(cli_cred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); /* test gnutls_certificate_flags() */ gnutls_certificate_allocate_credentials(&serv_cred); - ret = - gnutls_certificate_set_x509_trust_mem(serv_cred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(serv_cred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); - ret = - gnutls_certificate_set_x509_key_mem(serv_cred, - &server_ca3_localhost_ecc_cert, - &server_ca3_ecc_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + serv_cred, &server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in error code\n"); exit(1); @@ -95,9 +91,10 @@ void doit(void) test_cli_serv_expect(serv_cred, cli_cred, "NORMAL", "NORMAL:-VERS-TLS1.1:+VERS-TLS1.2:-SIGN-ALL", NULL, 0, 0); - test_cli_serv_expect(serv_cred, cli_cred, "NORMAL", - "NORMAL:-SIGN-ECDSA-SHA224:-SIGN-ECDSA-SHA1:-SIGN-ECDSA-SHA256:-SIGN-ECDSA-SHA384:-SIGN-ECDSA-SHA512:-SIGN-ECDSA-SECP256R1-SHA256:-SIGN-ECDSA-SECP384R1-SHA384:-SIGN-ECDSA-SECP521R1-SHA512", - NULL, GNUTLS_E_NO_CIPHER_SUITES, GNUTLS_E_AGAIN); + test_cli_serv_expect( + serv_cred, cli_cred, "NORMAL", + "NORMAL:-SIGN-ECDSA-SHA224:-SIGN-ECDSA-SHA1:-SIGN-ECDSA-SHA256:-SIGN-ECDSA-SHA384:-SIGN-ECDSA-SHA512:-SIGN-ECDSA-SECP256R1-SHA256:-SIGN-ECDSA-SECP384R1-SHA384:-SIGN-ECDSA-SECP521R1-SHA512", + NULL, GNUTLS_E_NO_CIPHER_SUITES, GNUTLS_E_AGAIN); gnutls_certificate_free_credentials(serv_cred); gnutls_certificate_free_credentials(cli_cred); diff --git a/tests/session-export-funcs.c b/tests/session-export-funcs.c index 3a81b008cd..34b3c5ccaa 100644 --- a/tests/session-export-funcs.c +++ b/tests/session-export-funcs.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -44,8 +44,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static -void start(const char *prio) +static void start(const char *prio) { int ret; /* Server stuff. */ @@ -74,9 +73,8 @@ void start(const char *prio) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server2_cert, &server2_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server2_cert, + &server2_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); @@ -94,9 +92,8 @@ void start(const char *prio) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca2_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca2_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -168,8 +165,8 @@ void start(const char *prio) fail("error in client's master secret\n"); } - if (v1.size != v2.size - || memcmp(v1.data, v2.data, v1.size) != 0) { + if (v1.size != v2.size || + memcmp(v1.data, v2.data, v1.size) != 0) { fail("master secret don't match!\n"); } } diff --git a/tests/session-rdn-read.c b/tests/session-rdn-read.c index 4c97769911..62e408a530 100644 --- a/tests/session-rdn-read.c +++ b/tests/session-rdn-read.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -52,12 +52,11 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static int -cert_callback(gnutls_session_t session, - const gnutls_datum_t * req_ca_rdn, int nreqs, - const gnutls_pk_algorithm_t * pk_algos, - int pk_algos_length, gnutls_pcert_st ** pcert, - unsigned int *pcert_length, gnutls_privkey_t * pkey) +static int cert_callback(gnutls_session_t session, + const gnutls_datum_t *req_ca_rdn, int nreqs, + const gnutls_pk_algorithm_t *pk_algos, + int pk_algos_length, gnutls_pcert_st **pcert, + unsigned int *pcert_length, gnutls_privkey_t *pkey) { unsigned i; @@ -108,14 +107,14 @@ static void start(const char *prio) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - assert(gnutls_certificate_set_x509_key_mem - (serverx509cred, &server_cert, &server_key, - GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, + GNUTLS_X509_FMT_PEM) >= 0); - assert(gnutls_certificate_set_x509_trust_mem - (serverx509cred, CA1_PTR, GNUTLS_X509_FMT_PEM) >= 0); - assert(gnutls_certificate_set_x509_trust_mem - (serverx509cred, CA2_PTR, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(serverx509cred, CA1_PTR, + GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(serverx509cred, CA2_PTR, + GNUTLS_X509_FMT_PEM) >= 0); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); @@ -131,9 +130,8 @@ static void start(const char *prio) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -170,7 +168,7 @@ static void start(const char *prio) reset_buffers(); } -static void find_dn(const gnutls_datum_t * cert, gnutls_datum_t * dn) +static void find_dn(const gnutls_datum_t *cert, gnutls_datum_t *dn) { gnutls_x509_crt_t crt; diff --git a/tests/session-tickets-missing.c b/tests/session-tickets-missing.c index 0caca7528d..7bba7e3e7a 100644 --- a/tests/session-tickets-missing.c +++ b/tests/session-tickets-missing.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -36,21 +36,21 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" /* This program tests that handshakes do not include a session ticket * if the flag GNUTLS_NO_TICKETS is specified under TLS 1.2. @@ -59,7 +59,7 @@ int main(void) * result in a ticket being sent. */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1464610242; if (t) @@ -82,7 +82,7 @@ static int sent = 0; static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { if (htype != GNUTLS_HANDSHAKE_NEW_SESSION_TICKET) return 0; @@ -91,7 +91,7 @@ static int handshake_callback(gnutls_session_t session, unsigned int htype, return 0; } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, const char *prio, unsigned int flags) { @@ -128,8 +128,7 @@ static void client(int fd, const char *prio, unsigned int flags) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret == GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM) { /* success */ @@ -146,12 +145,12 @@ static void client(int fd, const char *prio, unsigned int flags) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -226,8 +225,8 @@ static void server(int fd, const char *prio, unsigned int flags) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (sent != 0) { fail("new session ticket was sent\n"); @@ -238,7 +237,7 @@ static void server(int fd, const char *prio, unsigned int flags) */ gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); gnutls_deinit(session); gnutls_free(skey.data); @@ -256,9 +255,8 @@ static void ch_handler(int sig) return; } -static -void start2(const char *prio, const char *sprio, unsigned int flags, - unsigned int sflags) +static void start2(const char *prio, const char *sprio, unsigned int flags, + unsigned int sflags) { int fd[2]; int ret, status = 0; @@ -297,8 +295,7 @@ void start2(const char *prio, const char *sprio, unsigned int flags, return; } -static -void start(const char *prio, unsigned int flags) +static void start(const char *prio, unsigned int flags) { start2(prio, prio, GNUTLS_NO_TICKETS, flags); } @@ -315,4 +312,4 @@ void doit(void) start("NORMAL", GNUTLS_NO_TICKETS); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/session-tickets-ok.c b/tests/session-tickets-ok.c index 4c1709411d..75cb2c1b99 100644 --- a/tests/session-tickets-ok.c +++ b/tests/session-tickets-ok.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,20 +35,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" static void terminate(void); @@ -69,7 +69,7 @@ static int sent = 0; static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { if (htype != GNUTLS_HANDSHAKE_NEW_SESSION_TICKET) return 0; @@ -80,7 +80,7 @@ static int handshake_callback(gnutls_session_t session, unsigned int htype, return 0; } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, const char *prio) { @@ -107,8 +107,7 @@ static void client(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed: %s\n", gnutls_strerror(ret)); @@ -120,8 +119,8 @@ static void client(int fd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); gnutls_bye(session, GNUTLS_SHUT_WR); @@ -200,8 +199,8 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (sent == 0) { fail("client: didn't send new sessiont ticket\n"); @@ -212,7 +211,7 @@ static void server(int fd, const char *prio) */ gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); gnutls_deinit(session); gnutls_free(skey.data); @@ -230,8 +229,7 @@ static void ch_handler(int sig) return; } -static -void start(const char *prio) +static void start(const char *prio) { int fd[2]; int ret, status = 0; @@ -276,4 +274,4 @@ void doit(void) start("NORMAL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/set-default-prio.c b/tests/set-default-prio.c index 06c8a9ad2a..a8586b4f7f 100644 --- a/tests/set-default-prio.c +++ b/tests/set-default-prio.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -82,8 +82,8 @@ static void start(struct test_st *test) gnutls_global_set_log_level(6); assert(gnutls_certificate_allocate_credentials(&serverx509cred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, + assert(gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&server, GNUTLS_SERVER) >= 0); @@ -93,17 +93,18 @@ static void start(struct test_st *test) if (ret < 0) fail("error: %s\n", gnutls_strerror(ret)); } else { - ret = - gnutls_set_default_priority_append(server, test->add_prio, - &ep, 0); + ret = gnutls_set_default_priority_append(server, test->add_prio, + &ep, 0); if (ret < 0) { if (test->exp_err == ret) { /* the &ep value is only accurate when the default priorities are not overridden; * otherwise it should be a pointer to the start of the string */ - if (strchr(_gnutls_default_priority_string, '@') - != 0) { + if (strchr(_gnutls_default_priority_string, + '@') != 0) { if (ep != test->add_prio) { - fail("error expected error on start of string[%d]: %s\n", test->err_pos, test->add_prio); + fail("error expected error on start of string[%d]: %s\n", + test->err_pos, + test->add_prio); } } else { if (ep - test->add_prio != @@ -111,7 +112,9 @@ static void start(struct test_st *test) fprintf(stderr, "diff: %d\n", (int)(ep - test->add_prio)); - fail("error expected error on different position[%d]: %s\n", test->err_pos, test->add_prio); + fail("error expected error on different position[%d]: %s\n", + test->err_pos, + test->add_prio); } } goto cleanup; @@ -129,9 +132,8 @@ static void start(struct test_st *test) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -169,8 +171,8 @@ static void start(struct test_st *test) if (test->exp_vers != gnutls_protocol_get_version(server)) { fail("expected version %s, got %s\n", gnutls_protocol_get_name(test->exp_vers), - gnutls_protocol_get_name - (gnutls_protocol_get_version(server))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(server))); } } @@ -247,7 +249,7 @@ static void start(struct test_st *test) gnutls_deinit(client); gnutls_certificate_free_credentials(clientx509cred); - cleanup: +cleanup: gnutls_deinit(server); gnutls_certificate_free_credentials(serverx509cred); @@ -257,42 +259,36 @@ static void start(struct test_st *test) } struct test_st tests[] = { - { - .name = "additional flag", - .def_prio = "NORMAL", - .add_prio = "%FORCE_ETM", - .exp_err = 0}, - { - .name = "additional flag typo1", - .def_prio = "NORMAL", - .add_prio = ":%FORCE_ETM", - .exp_err = GNUTLS_E_INVALID_REQUEST, - .err_pos = 0}, - { - .name = "additional flag typo2", - .def_prio = "NORMAL", - .add_prio = "%FORCE_ETM::%NO_TICKETS", - .exp_err = GNUTLS_E_INVALID_REQUEST, - .err_pos = 11}, - { - .name = "additional flag typo3", - .def_prio = "NORMAL", - .add_prio = "%FORCE_ETM:%%NO_TICKETS", - .exp_err = GNUTLS_E_INVALID_REQUEST, - .err_pos = 11}, - { - .name = "additional flag typo3 (with resolved def prio)", - .def_prio = "@HELLO", - .add_prio = "%FORCE_ETM:%%NO_TICKETS", - .exp_err = GNUTLS_E_INVALID_REQUEST, - .err_pos = 0}, - { - .name = "additional flag for version (functional)", - .def_prio = "NORMAL", - .add_prio = "-VERS-ALL:+VERS-TLS1.1", - .exp_err = 0, - .exp_etm = 1, - .exp_vers = GNUTLS_TLS1_1} + { .name = "additional flag", + .def_prio = "NORMAL", + .add_prio = "%FORCE_ETM", + .exp_err = 0 }, + { .name = "additional flag typo1", + .def_prio = "NORMAL", + .add_prio = ":%FORCE_ETM", + .exp_err = GNUTLS_E_INVALID_REQUEST, + .err_pos = 0 }, + { .name = "additional flag typo2", + .def_prio = "NORMAL", + .add_prio = "%FORCE_ETM::%NO_TICKETS", + .exp_err = GNUTLS_E_INVALID_REQUEST, + .err_pos = 11 }, + { .name = "additional flag typo3", + .def_prio = "NORMAL", + .add_prio = "%FORCE_ETM:%%NO_TICKETS", + .exp_err = GNUTLS_E_INVALID_REQUEST, + .err_pos = 11 }, + { .name = "additional flag typo3 (with resolved def prio)", + .def_prio = "@HELLO", + .add_prio = "%FORCE_ETM:%%NO_TICKETS", + .exp_err = GNUTLS_E_INVALID_REQUEST, + .err_pos = 0 }, + { .name = "additional flag for version (functional)", + .def_prio = "NORMAL", + .add_prio = "-VERS-ALL:+VERS-TLS1.1", + .exp_err = 0, + .exp_etm = 1, + .exp_vers = GNUTLS_TLS1_1 } }; void doit(void) diff --git a/tests/set_key.c b/tests/set_key.c index 0ef21bde03..c2da806615 100644 --- a/tests/set_key.c +++ b/tests/set_key.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,10 +30,10 @@ #include #include #if !defined(_WIN32) -# include -# include -# include -# include +#include +#include +#include +#include #endif #include #include @@ -54,7 +54,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "<%d>| %s", level, str); } -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1473673819; if (t) @@ -64,8 +64,8 @@ static time_t mytime(time_t * t) } static unsigned import_key(gnutls_certificate_credentials_t xcred, - const gnutls_datum_t * skey, - const gnutls_datum_t * cert) + const gnutls_datum_t *skey, + const gnutls_datum_t *cert) { gnutls_pcert_st pcert_list[16]; gnutls_privkey_t key; @@ -84,9 +84,8 @@ static unsigned import_key(gnutls_certificate_credentials_t xcred, gnutls_strerror(ret)); } - ret = - gnutls_privkey_import_x509_raw(key, skey, GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_privkey_import_x509_raw(key, skey, GNUTLS_X509_FMT_PEM, + NULL, 0); if (ret < 0) { fail("error in key import: %s\n", gnutls_strerror(ret)); } @@ -111,9 +110,9 @@ static unsigned import_key(gnutls_certificate_credentials_t xcred, exit(1); } - if (tcert.size != pcert_list[i].cert.size - || memcmp(tcert.data, pcert_list[i].cert.data, - tcert.size) != 0) { + if (tcert.size != pcert_list[i].cert.size || + memcmp(tcert.data, pcert_list[i].cert.data, tcert.size) != + 0) { fail("error in %d: cert %d: %s\n", __LINE__, i, "ca cert don't match"); exit(1); @@ -145,9 +144,8 @@ static void basic(void) gnutls_certificate_set_flags(x509_cred, GNUTLS_CERTIFICATE_API_V2); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); @@ -202,9 +200,8 @@ static void failure_mode(void) gnutls_strerror(ret)); } - ret = - gnutls_privkey_import_x509_raw(key, &server_ecc_key, - GNUTLS_X509_FMT_PEM, NULL, 0); + ret = gnutls_privkey_import_x509_raw(key, &server_ecc_key, + GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) { fail("error in key import: %s\n", gnutls_strerror(ret)); } @@ -219,7 +216,7 @@ static void failure_mode(void) fail("gnutls_certificate_set_key succeeded unexpectedly\n"); - cleanup: +cleanup: for (i = 0; i < pcert_list_size; i++) { gnutls_pcert_deinit(&pcert_list[i]); } @@ -257,24 +254,22 @@ static void auto_parse(void) assert(gnutls_certificate_allocate_credentials(&clicred) >= 0); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); pcert_list_size = sizeof(pcert_list) / sizeof(pcert_list[0]); - ret = gnutls_pcert_list_import_x509_raw(pcert_list, &pcert_list_size, - &server_ca3_localhost_cert_chain, - GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_pcert_list_import_x509_raw( + pcert_list, &pcert_list_size, &server_ca3_localhost_cert_chain, + GNUTLS_X509_FMT_PEM, 0); if (ret < 0) { fail("error in gnutls_pcert_list_import_x509_raw: %s\n", gnutls_strerror(ret)); } - ret = - gnutls_privkey_import_x509_raw(key, &server_ca3_key, - GNUTLS_X509_FMT_PEM, NULL, 0); + ret = gnutls_privkey_import_x509_raw(key, &server_ca3_key, + GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) { fail("error in key import: %s\n", gnutls_strerror(ret)); } @@ -291,32 +286,34 @@ static void auto_parse(void) assert(gnutls_privkey_init(&second_key) >= 0); pcert_list_size = 2; - ret = gnutls_pcert_list_import_x509_raw(second_pcert, &pcert_list_size, - &server_ca3_localhost6_cert_chain, - GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_pcert_list_import_x509_raw( + second_pcert, &pcert_list_size, + &server_ca3_localhost6_cert_chain, GNUTLS_X509_FMT_PEM, 0); if (ret < 0) { fail("error in gnutls_pcert_list_import_x509_raw: %s\n", gnutls_strerror(ret)); } - ret = - gnutls_privkey_import_x509_raw(second_key, &server_ca3_key, - GNUTLS_X509_FMT_PEM, NULL, 0); + ret = gnutls_privkey_import_x509_raw(second_key, &server_ca3_key, + GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) { fail("error in key import: %s\n", gnutls_strerror(ret)); } - ret = gnutls_certificate_set_key(x509_cred, NULL, 0, second_pcert, - 2, second_key); + ret = gnutls_certificate_set_key(x509_cred, NULL, 0, second_pcert, 2, + second_key); if (ret < 0) { fail("error in gnutls_certificate_set_key: %s\n", gnutls_strerror(ret)); exit(1); } - test_cli_serv(x509_cred, clicred, "NORMAL", "localhost", NULL, NULL, NULL); /* the DNS name of the first cert */ - test_cli_serv(x509_cred, clicred, "NORMAL", "localhost6", NULL, NULL, NULL); /* the DNS name of ECC cert */ - test_cli_serv(x509_cred, clicred, "NORMAL", "www.none.org", NULL, NULL, NULL); /* the DNS name of ECC cert */ + test_cli_serv(x509_cred, clicred, "NORMAL", "localhost", NULL, NULL, + NULL); /* the DNS name of the first cert */ + test_cli_serv(x509_cred, clicred, "NORMAL", "localhost6", NULL, NULL, + NULL); /* the DNS name of ECC cert */ + test_cli_serv(x509_cred, clicred, "NORMAL", "www.none.org", NULL, NULL, + NULL); /* the DNS name of ECC cert */ gnutls_certificate_free_credentials(x509_cred); gnutls_certificate_free_credentials(clicred); diff --git a/tests/set_key_utf8.c b/tests/set_key_utf8.c index 5717f77816..3e7c6ccbb3 100644 --- a/tests/set_key_utf8.c +++ b/tests/set_key_utf8.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,10 +30,10 @@ #include #include #if !defined(_WIN32) -# include -# include -# include -# include +#include +#include +#include +#include #endif #include #include @@ -54,7 +54,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "<%d>| %s", level, str); } -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1473674242; if (t) @@ -88,24 +88,22 @@ static void auto_parse(void) assert(gnutls_certificate_allocate_credentials(&clicred) >= 0); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); pcert_list_size = sizeof(pcert_list) / sizeof(pcert_list[0]); - ret = gnutls_pcert_list_import_x509_raw(pcert_list, &pcert_list_size, - &server_ca3_localhost_cert_chain, - GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_pcert_list_import_x509_raw( + pcert_list, &pcert_list_size, &server_ca3_localhost_cert_chain, + GNUTLS_X509_FMT_PEM, 0); if (ret < 0) { fail("error in gnutls_pcert_list_import_x509_raw: %s\n", gnutls_strerror(ret)); } - ret = - gnutls_privkey_import_x509_raw(key, &server_ca3_key, - GNUTLS_X509_FMT_PEM, NULL, 0); + ret = gnutls_privkey_import_x509_raw(key, &server_ca3_key, + GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) { fail("error in key import: %s\n", gnutls_strerror(ret)); } @@ -130,24 +128,27 @@ static void auto_parse(void) gnutls_strerror(ret)); } - ret = - gnutls_privkey_import_x509_raw(second_key, &server_ca3_key, - GNUTLS_X509_FMT_PEM, NULL, 0); + ret = gnutls_privkey_import_x509_raw(second_key, &server_ca3_key, + GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) { fail("error in key import: %s\n", gnutls_strerror(ret)); } - ret = gnutls_certificate_set_key(x509_cred, NULL, 0, second_pcert, - 1, second_key); + ret = gnutls_certificate_set_key(x509_cred, NULL, 0, second_pcert, 1, + second_key); if (ret < 0) { fail("error in gnutls_certificate_set_key: %s\n", gnutls_strerror(ret)); exit(1); } - test_cli_serv(x509_cred, clicred, "NORMAL", "localhost", NULL, NULL, NULL); /* the DNS name of the first cert */ - test_cli_serv(x509_cred, clicred, "NORMAL", "简体中文.εξτρα.com", NULL, NULL, NULL); /* the second DNS name of cert */ - test_cli_serv(x509_cred, clicred, "NORMAL", "xn--fiqu1az03c18t.xn--mxah1amo.com", NULL, NULL, NULL); /* its IDNA equivalent */ + test_cli_serv(x509_cred, clicred, "NORMAL", "localhost", NULL, NULL, + NULL); /* the DNS name of the first cert */ + test_cli_serv(x509_cred, clicred, "NORMAL", "简体中文.εξτρα.com", NULL, + NULL, NULL); /* the second DNS name of cert */ + test_cli_serv(x509_cred, clicred, "NORMAL", + "xn--fiqu1az03c18t.xn--mxah1amo.com", NULL, NULL, + NULL); /* its IDNA equivalent */ /* the raw DNS should result to verification failure as the advertized name should * not be considered and the first cert should be provided */ diff --git a/tests/set_known_dh_params_anon.c b/tests/set_known_dh_params_anon.c index 843e198105..03145239f6 100644 --- a/tests/set_known_dh_params_anon.c +++ b/tests/set_known_dh_params_anon.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,10 +30,10 @@ #include #include #if !defined(_WIN32) -# include -# include -# include -# include +#include +#include +#include +#include #endif #include #include @@ -68,25 +68,25 @@ void doit(void) assert(gnutls_anon_allocate_client_credentials(&clicred) >= 0); assert(gnutls_anon_allocate_server_credentials(&servcred) >= 0); - assert(gnutls_anon_set_server_known_dh_params - (servcred, GNUTLS_SEC_PARAM_LEGACY) >= 0); - assert(test_cli_serv_anon(servcred, clicred, "NORMAL:-KX-ALL:+ANON-DH") - >= 0); - - assert(gnutls_anon_set_server_known_dh_params - (servcred, GNUTLS_SEC_PARAM_NORMAL) >= 0); - assert(test_cli_serv_anon(servcred, clicred, "NORMAL:-KX-ALL:+ANON-DH") - >= 0); - - assert(gnutls_anon_set_server_known_dh_params - (servcred, GNUTLS_SEC_PARAM_HIGH) >= 0); - assert(test_cli_serv_anon(servcred, clicred, "NORMAL:-KX-ALL:+ANON-DH") - >= 0); - - assert(gnutls_anon_set_server_known_dh_params - (servcred, GNUTLS_SEC_PARAM_ULTRA) >= 0); - assert(test_cli_serv_anon(servcred, clicred, "NORMAL:-KX-ALL:+ANON-DH") - >= 0); + assert(gnutls_anon_set_server_known_dh_params( + servcred, GNUTLS_SEC_PARAM_LEGACY) >= 0); + assert(test_cli_serv_anon(servcred, clicred, + "NORMAL:-KX-ALL:+ANON-DH") >= 0); + + assert(gnutls_anon_set_server_known_dh_params( + servcred, GNUTLS_SEC_PARAM_NORMAL) >= 0); + assert(test_cli_serv_anon(servcred, clicred, + "NORMAL:-KX-ALL:+ANON-DH") >= 0); + + assert(gnutls_anon_set_server_known_dh_params( + servcred, GNUTLS_SEC_PARAM_HIGH) >= 0); + assert(test_cli_serv_anon(servcred, clicred, + "NORMAL:-KX-ALL:+ANON-DH") >= 0); + + assert(gnutls_anon_set_server_known_dh_params( + servcred, GNUTLS_SEC_PARAM_ULTRA) >= 0); + assert(test_cli_serv_anon(servcred, clicred, + "NORMAL:-KX-ALL:+ANON-DH") >= 0); gnutls_anon_free_server_credentials(servcred); gnutls_anon_free_client_credentials(clicred); diff --git a/tests/set_known_dh_params_psk.c b/tests/set_known_dh_params_psk.c index 92b12e5603..dc5661a9d8 100644 --- a/tests/set_known_dh_params_psk.c +++ b/tests/set_known_dh_params_psk.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,10 +30,10 @@ #include #include #if !defined(_WIN32) -# include -# include -# include -# include +#include +#include +#include +#include #endif #include #include @@ -52,8 +52,8 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "<%d>| %s", level, str); } -static int -pskfunc(gnutls_session_t session, const char *username, gnutls_datum_t * key) +static int pskfunc(gnutls_session_t session, const char *username, + gnutls_datum_t *key) { if (debug) printf("psk callback to get %s's password\n", username); @@ -88,25 +88,25 @@ void doit(void) assert(gnutls_psk_set_client_credentials(clicred, "test", &key, GNUTLS_PSK_KEY_HEX) >= 0); - assert(gnutls_psk_set_server_known_dh_params - (servcred, GNUTLS_SEC_PARAM_LEGACY) >= 0); - assert(test_cli_serv_psk(servcred, clicred, "NORMAL:-KX-ALL:+DHE-PSK") - >= 0); - - assert(gnutls_psk_set_server_known_dh_params - (servcred, GNUTLS_SEC_PARAM_NORMAL) >= 0); - assert(test_cli_serv_psk(servcred, clicred, "NORMAL:-KX-ALL:+DHE-PSK") - >= 0); - - assert(gnutls_psk_set_server_known_dh_params - (servcred, GNUTLS_SEC_PARAM_HIGH) >= 0); - assert(test_cli_serv_psk(servcred, clicred, "NORMAL:-KX-ALL:+DHE-PSK") - >= 0); - - assert(gnutls_psk_set_server_known_dh_params - (servcred, GNUTLS_SEC_PARAM_ULTRA) >= 0); - assert(test_cli_serv_psk(servcred, clicred, "NORMAL:-KX-ALL:+DHE-PSK") - >= 0); + assert(gnutls_psk_set_server_known_dh_params( + servcred, GNUTLS_SEC_PARAM_LEGACY) >= 0); + assert(test_cli_serv_psk(servcred, clicred, + "NORMAL:-KX-ALL:+DHE-PSK") >= 0); + + assert(gnutls_psk_set_server_known_dh_params( + servcred, GNUTLS_SEC_PARAM_NORMAL) >= 0); + assert(test_cli_serv_psk(servcred, clicred, + "NORMAL:-KX-ALL:+DHE-PSK") >= 0); + + assert(gnutls_psk_set_server_known_dh_params( + servcred, GNUTLS_SEC_PARAM_HIGH) >= 0); + assert(test_cli_serv_psk(servcred, clicred, + "NORMAL:-KX-ALL:+DHE-PSK") >= 0); + + assert(gnutls_psk_set_server_known_dh_params( + servcred, GNUTLS_SEC_PARAM_ULTRA) >= 0); + assert(test_cli_serv_psk(servcred, clicred, + "NORMAL:-KX-ALL:+DHE-PSK") >= 0); gnutls_psk_free_server_credentials(servcred); gnutls_psk_free_client_credentials(clicred); diff --git a/tests/set_known_dh_params_x509.c b/tests/set_known_dh_params_x509.c index d94ad5d2fc..bed6609010 100644 --- a/tests/set_known_dh_params_x509.c +++ b/tests/set_known_dh_params_x509.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,10 +30,10 @@ #include #include #if !defined(_WIN32) -# include -# include -# include -# include +#include +#include +#include +#include #endif #include #include @@ -69,39 +69,36 @@ void doit(void) assert(gnutls_certificate_allocate_credentials(&clicred) >= 0); assert(gnutls_certificate_allocate_credentials(&x509_cred) >= 0); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); - ret = - gnutls_certificate_set_x509_key_mem(x509_cred, - &server_ca3_localhost_cert_chain, - &server_ca3_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + x509_cred, &server_ca3_localhost_cert_chain, &server_ca3_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in error code\n"); exit(1); } - assert(gnutls_certificate_set_known_dh_params - (x509_cred, GNUTLS_SEC_PARAM_LEGACY) >= 0); + assert(gnutls_certificate_set_known_dh_params( + x509_cred, GNUTLS_SEC_PARAM_LEGACY) >= 0); test_cli_serv(x509_cred, clicred, "NORMAL:-KX-ALL:+DHE-RSA", "localhost", NULL, NULL, NULL); - assert(gnutls_certificate_set_known_dh_params - (x509_cred, GNUTLS_SEC_PARAM_NORMAL) >= 0); + assert(gnutls_certificate_set_known_dh_params( + x509_cred, GNUTLS_SEC_PARAM_NORMAL) >= 0); test_cli_serv(x509_cred, clicred, "NORMAL:-KX-ALL:+DHE-RSA", "localhost", NULL, NULL, NULL); - assert(gnutls_certificate_set_known_dh_params - (x509_cred, GNUTLS_SEC_PARAM_HIGH) >= 0); + assert(gnutls_certificate_set_known_dh_params( + x509_cred, GNUTLS_SEC_PARAM_HIGH) >= 0); test_cli_serv(x509_cred, clicred, "NORMAL:-KX-ALL:+DHE-RSA", "localhost", NULL, NULL, NULL); - assert(gnutls_certificate_set_known_dh_params - (x509_cred, GNUTLS_SEC_PARAM_ULTRA) >= 0); + assert(gnutls_certificate_set_known_dh_params( + x509_cred, GNUTLS_SEC_PARAM_ULTRA) >= 0); test_cli_serv(x509_cred, clicred, "NORMAL:-KX-ALL:+DHE-RSA", "localhost", NULL, NULL, NULL); diff --git a/tests/set_pkcs12_cred.c b/tests/set_pkcs12_cred.c index f68daf4dd5..06082e3d65 100644 --- a/tests/set_pkcs12_cred.c +++ b/tests/set_pkcs12_cred.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -38,12 +38,10 @@ typedef struct { const char *pass; } files_st; -files_st files[] = { - {"client.p12", "foobar"}, - {"cert-ca.p12", "1234"}, /* 2 certs, one is a CA */ - {"pkcs12_2certs.p12", ""}, /* 2 certs, on is unrelated */ - {NULL, NULL} -}; +files_st files[] = { { "client.p12", "foobar" }, + { "cert-ca.p12", "1234" }, /* 2 certs, one is a CA */ + { "pkcs12_2certs.p12", "" }, /* 2 certs, on is unrelated */ + { NULL, NULL } }; void doit(void) { @@ -66,10 +64,10 @@ void doit(void) gnutls_global_set_log_level(4711); for (i = 0; files[i].file != NULL; i++) { - ret = gnutls_certificate_allocate_credentials(&x509cred); if (ret < 0) - fail("gnutls_certificate_allocate_credentials failed %d\n", ret); + fail("gnutls_certificate_allocate_credentials failed %d\n", + ret); path = getenv("PKCS12PATH"); if (!path) @@ -78,15 +76,10 @@ void doit(void) snprintf(file, sizeof(file), "%s/%s", path, files[i].file); if (debug) - success - ("Reading PKCS#12 blob from `%s' using password `%s'.\n", - file, files[i].pass); - ret = - gnutls_certificate_set_x509_simple_pkcs12_file(x509cred, - file, - GNUTLS_X509_FMT_DER, - files - [i].pass); + success("Reading PKCS#12 blob from `%s' using password `%s'.\n", + file, files[i].pass); + ret = gnutls_certificate_set_x509_simple_pkcs12_file( + x509cred, file, GNUTLS_X509_FMT_DER, files[i].pass); if (ret < 0) fail("x509_pkcs12 failed %d: %s\n", ret, gnutls_strerror(ret)); diff --git a/tests/set_x509_key.c b/tests/set_x509_key.c index 129ce2fdd5..698acc2126 100644 --- a/tests/set_x509_key.c +++ b/tests/set_x509_key.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,10 +30,10 @@ #include #include #if !defined(_WIN32) -# include -# include -# include -# include +#include +#include +#include +#include #endif #include #include @@ -44,7 +44,7 @@ #include "cert-common.h" #include "utils.h" -#define MIN(x,y) (((x)<(y))?(x):(y)) +#define MIN(x, y) (((x) < (y)) ? (x) : (y)) /* Test for gnutls_certificate_set_x509_key() * @@ -55,7 +55,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "<%d>| %s", level, str); } -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1461671166; if (t) @@ -64,7 +64,7 @@ static time_t mytime(time_t * t) return then; } -static void compare(const gnutls_datum_t * der, const void *ipem) +static void compare(const gnutls_datum_t *der, const void *ipem) { gnutls_datum_t pem = { (void *)ipem, strlen((char *)ipem) }; gnutls_datum_t new_der; @@ -75,8 +75,8 @@ static void compare(const gnutls_datum_t * der, const void *ipem) fail("error: %s\n", gnutls_strerror(ret)); } - if (der->size != new_der.size - || memcmp(der->data, new_der.data, der->size) != 0) { + if (der->size != new_der.size || + memcmp(der->data, new_der.data, der->size) != 0) { fail("error in %d: %s\n", __LINE__, "cert don't match"); exit(1); } @@ -85,7 +85,7 @@ static void compare(const gnutls_datum_t * der, const void *ipem) } static int import_key(gnutls_certificate_credentials_t xcred, - const gnutls_datum_t * skey, const gnutls_datum_t * cert) + const gnutls_datum_t *skey, const gnutls_datum_t *cert) { gnutls_x509_privkey_t key; gnutls_x509_crt_t *crt_list; @@ -95,9 +95,8 @@ static int import_key(gnutls_certificate_credentials_t xcred, assert(gnutls_x509_privkey_init(&key) >= 0); - ret = - gnutls_x509_crt_list_import2(&crt_list, &crt_list_size, cert, - GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_x509_crt_list_import2(&crt_list, &crt_list_size, cert, + GNUTLS_X509_FMT_PEM, 0); if (ret < 0) { fail("error in gnutls_x509_crt_list_import2: %s\n", gnutls_strerror(ret)); @@ -108,8 +107,8 @@ static int import_key(gnutls_certificate_credentials_t xcred, fail("error in key import: %s\n", gnutls_strerror(ret)); } - ret = gnutls_certificate_set_x509_key(xcred, crt_list, - crt_list_size, key); + ret = gnutls_certificate_set_x509_key(xcred, crt_list, crt_list_size, + key); if (ret < 0) { success("error in gnutls_certificate_set_x509_key: %s\n", gnutls_strerror(ret)); @@ -132,7 +131,7 @@ static int import_key(gnutls_certificate_credentials_t xcred, compare(&tcert, cert->data + i); } - cleanup: +cleanup: gnutls_x509_privkey_deinit(key); for (i = 0; i < crt_list_size; i++) { gnutls_x509_crt_deinit(crt_list[i]); @@ -164,9 +163,8 @@ static void basic(void) gnutls_certificate_set_flags(x509_cred, GNUTLS_CERTIFICATE_API_V2); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); diff --git a/tests/set_x509_key_file-late.c b/tests/set_x509_key_file-late.c index bb7e5374e6..8609cd079d 100644 --- a/tests/set_x509_key_file-late.c +++ b/tests/set_x509_key_file-late.c @@ -25,7 +25,7 @@ * is called */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,8 +40,7 @@ #include "utils.h" static unsigned set_cert(gnutls_certificate_credentials_t xcred, - const gnutls_datum_t * key, - const gnutls_datum_t * cert) + const gnutls_datum_t *key, const gnutls_datum_t *cert) { const char *certfile; FILE *fp; @@ -56,9 +55,8 @@ static unsigned set_cert(gnutls_certificate_credentials_t xcred, assert(fwrite(key->data, 1, key->size, fp) > 0); fclose(fp); - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile, certfile, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile, certfile, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); @@ -66,10 +64,9 @@ static unsigned set_cert(gnutls_certificate_credentials_t xcred, return ret; } -static -int handshake_hook_func(gnutls_session_t session, unsigned int htype, - unsigned when, unsigned int incoming, - const gnutls_datum_t * msg) +static int handshake_hook_func(gnutls_session_t session, unsigned int htype, + unsigned when, unsigned int incoming, + const gnutls_datum_t *msg) { gnutls_certificate_credentials_t xcred; int idx; @@ -79,8 +76,8 @@ int handshake_hook_func(gnutls_session_t session, unsigned int htype, assert(gnutls_certificate_allocate_credentials(&xcred) >= 0); gnutls_certificate_set_flags(xcred, GNUTLS_CERTIFICATE_API_V2); - idx = - set_cert(xcred, &server_ca3_key, &server_ca3_localhost6_cert_chain); + idx = set_cert(xcred, &server_ca3_key, + &server_ca3_localhost6_cert_chain); assert(idx == 0); idx = set_cert(xcred, &server_ca3_key, &server_ca3_localhost_cert); @@ -102,9 +99,8 @@ static void start(const char *prio) assert(gnutls_certificate_allocate_credentials(&clicred) >= 0); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &subca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &subca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); @@ -134,8 +130,8 @@ static void start(const char *prio) HANDSHAKE(client, server); - assert(gnutls_credentials_get - (server, GNUTLS_CRD_CERTIFICATE, (void *)&xcred) >= 0); + assert(gnutls_credentials_get(server, GNUTLS_CRD_CERTIFICATE, + (void *)&xcred) >= 0); gnutls_deinit(client); gnutls_deinit(server); diff --git a/tests/set_x509_key_file.c b/tests/set_x509_key_file.c index 044149d11b..2cc4100b51 100644 --- a/tests/set_x509_key_file.c +++ b/tests/set_x509_key_file.c @@ -24,7 +24,7 @@ * when the GNUTLS_CERTIFICATE_API_V2 is set */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -36,7 +36,7 @@ #include "cert-common.h" #include "utils.h" -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1470002400; if (t) @@ -45,7 +45,7 @@ static time_t mytime(time_t * t) return then; } -static void compare(const gnutls_datum_t * der, const void *ipem) +static void compare(const gnutls_datum_t *der, const void *ipem) { gnutls_datum_t pem = { (void *)ipem, strlen((char *)ipem) }; gnutls_datum_t new_der; @@ -56,8 +56,8 @@ static void compare(const gnutls_datum_t * der, const void *ipem) fail("error: %s\n", gnutls_strerror(ret)); } - if (der->size != new_der.size - || memcmp(der->data, new_der.data, der->size) != 0) { + if (der->size != new_der.size || + memcmp(der->data, new_der.data, der->size) != 0) { fail("error in %d: %s\n", __LINE__, "cert don't match"); exit(1); } @@ -66,8 +66,7 @@ static void compare(const gnutls_datum_t * der, const void *ipem) } static unsigned set_cert(gnutls_certificate_credentials_t xcred, - const gnutls_datum_t * key, - const gnutls_datum_t * cert) + const gnutls_datum_t *key, const gnutls_datum_t *cert) { const char *certfile; FILE *fp; @@ -82,9 +81,8 @@ static unsigned set_cert(gnutls_certificate_credentials_t xcred, assert(fwrite(key->data, 1, key->size, fp) > 0); fclose(fp); - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile, certfile, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile, certfile, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); @@ -93,7 +91,7 @@ static unsigned set_cert(gnutls_certificate_credentials_t xcred, } static void verify_written_cert(gnutls_certificate_credentials_t xcred, - unsigned idx, const gnutls_datum_t * cert, + unsigned idx, const gnutls_datum_t *cert, unsigned ncerts) { int ret; @@ -135,9 +133,8 @@ void doit(void) track_temp_files(); /* this will fail */ - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile, keyfile, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile, keyfile, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret != GNUTLS_E_FILE_ERROR) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); @@ -148,16 +145,15 @@ void doit(void) gnutls_certificate_set_flags(xcred, GNUTLS_CERTIFICATE_API_V2); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &subca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &subca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); success("Testing store of certificates\n"); - idx = - set_cert(xcred, &server_ca3_key, &server_ca3_localhost6_cert_chain); + idx = set_cert(xcred, &server_ca3_key, + &server_ca3_localhost6_cert_chain); verify_written_cert(xcred, idx, &server_ca3_localhost6_cert_chain, 2); assert(idx == 0); @@ -169,7 +165,8 @@ void doit(void) success("Tested store of %d\n", idx); - test_cli_serv(xcred, clicred, "NORMAL", "localhost", NULL, NULL, NULL); /* the DNS name of the first cert */ + test_cli_serv(xcred, clicred, "NORMAL", "localhost", NULL, NULL, + NULL); /* the DNS name of the first cert */ idx = set_cert(xcred, &server_key, &server_cert); verify_written_cert(xcred, idx, &server_cert, 2); diff --git a/tests/set_x509_key_file_der.c b/tests/set_x509_key_file_der.c index 32dfaede97..53dc30ced8 100644 --- a/tests/set_x509_key_file_der.c +++ b/tests/set_x509_key_file_der.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,7 +33,7 @@ #include "cert-common.h" #include "utils.h" -static void compare(const gnutls_datum_t * der, const void *ipem) +static void compare(const gnutls_datum_t *der, const void *ipem) { gnutls_datum_t pem = { (void *)ipem, strlen((char *)ipem) }; gnutls_datum_t new_der; @@ -44,8 +44,8 @@ static void compare(const gnutls_datum_t * der, const void *ipem) fail("error: %s\n", gnutls_strerror(ret)); } - if (der->size != new_der.size - || memcmp(der->data, new_der.data, der->size) != 0) { + if (der->size != new_der.size || + memcmp(der->data, new_der.data, der->size) != 0) { fail("error in %d: %s\n", __LINE__, "cert don't match"); exit(1); } @@ -91,9 +91,8 @@ void doit(void) assert(gnutls_certificate_allocate_credentials(&clicred) >= 0); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca2_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca2_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); @@ -103,9 +102,8 @@ void doit(void) write_der(certfile, "CERTIFICATE", (char *)server2_cert_pem); write_der(keyfile, "RSA PRIVATE KEY", (char *)server2_key_pem); - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile, keyfile, - GNUTLS_X509_FMT_DER, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile, keyfile, GNUTLS_X509_FMT_DER, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); @@ -121,7 +119,8 @@ void doit(void) remove(certfile); remove(keyfile); - test_cli_serv(xcred, clicred, "NORMAL", "localhost", NULL, NULL, NULL); /* the DNS name of the first cert */ + test_cli_serv(xcred, clicred, "NORMAL", "localhost", NULL, NULL, + NULL); /* the DNS name of the first cert */ gnutls_certificate_free_credentials(xcred); gnutls_certificate_free_credentials(clicred); diff --git a/tests/set_x509_key_file_legacy.c b/tests/set_x509_key_file_legacy.c index 84f6fda85c..5a1ce0ce31 100644 --- a/tests/set_x509_key_file_legacy.c +++ b/tests/set_x509_key_file_legacy.c @@ -24,7 +24,7 @@ * when the GNUTLS_CERTIFICATE_API_V2 is not set */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -36,7 +36,7 @@ #include "cert-common.h" #include "utils.h" -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1470002400; if (t) @@ -45,7 +45,7 @@ static time_t mytime(time_t * t) return then; } -static void compare(const gnutls_datum_t * der, const void *ipem) +static void compare(const gnutls_datum_t *der, const void *ipem) { gnutls_datum_t pem = { (void *)ipem, strlen((char *)ipem) }; gnutls_datum_t new_der; @@ -56,8 +56,8 @@ static void compare(const gnutls_datum_t * der, const void *ipem) fail("error: %s\n", gnutls_strerror(ret)); } - if (der->size != new_der.size - || memcmp(der->data, new_der.data, der->size) != 0) { + if (der->size != new_der.size || + memcmp(der->data, new_der.data, der->size) != 0) { fail("error in %d: %s\n", __LINE__, "cert don't match"); exit(1); } @@ -66,8 +66,7 @@ static void compare(const gnutls_datum_t * der, const void *ipem) } static unsigned set_cert(gnutls_certificate_credentials_t xcred, - const gnutls_datum_t * key, - const gnutls_datum_t * cert) + const gnutls_datum_t *key, const gnutls_datum_t *cert) { const char *certfile; FILE *fp; @@ -82,9 +81,8 @@ static unsigned set_cert(gnutls_certificate_credentials_t xcred, assert(fwrite(key->data, 1, key->size, fp) > 0); fclose(fp); - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile, certfile, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile, certfile, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); @@ -93,7 +91,7 @@ static unsigned set_cert(gnutls_certificate_credentials_t xcred, } static void verify_written_cert(gnutls_certificate_credentials_t xcred, - unsigned idx, const gnutls_datum_t * cert, + unsigned idx, const gnutls_datum_t *cert, unsigned ncerts) { int ret; @@ -135,9 +133,8 @@ void doit(void) track_temp_files(); /* this will fail */ - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile, keyfile, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile, keyfile, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret != GNUTLS_E_FILE_ERROR) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); @@ -146,16 +143,15 @@ void doit(void) assert(gnutls_certificate_allocate_credentials(&xcred) >= 0); assert(gnutls_certificate_allocate_credentials(&clicred) >= 0); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &subca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &subca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); success("Testing store of certificates\n"); - idx = - set_cert(xcred, &server_ca3_key, &server_ca3_localhost6_cert_chain); + idx = set_cert(xcred, &server_ca3_key, + &server_ca3_localhost6_cert_chain); verify_written_cert(xcred, idx, &server_ca3_localhost6_cert_chain, 2); assert(idx == 0); @@ -166,7 +162,8 @@ void doit(void) success("Tested store of %d\n", idx); - test_cli_serv(xcred, clicred, "NORMAL", "localhost", NULL, NULL, NULL); /* the DNS name of the first cert */ + test_cli_serv(xcred, clicred, "NORMAL", "localhost", NULL, NULL, + NULL); /* the DNS name of the first cert */ idx = set_cert(xcred, &server_key, &server_cert); assert(idx == 0); diff --git a/tests/set_x509_key_file_ocsp.c b/tests/set_x509_key_file_ocsp.c index 69e9296f14..9ed5170584 100644 --- a/tests/set_x509_key_file_ocsp.c +++ b/tests/set_x509_key_file_ocsp.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -31,13 +31,13 @@ #ifdef ENABLE_OCSP -# include "cert-common.h" -# include "utils.h" +#include "cert-common.h" +#include "utils.h" /* Tests whether setting an OCSP response to a server * is working as expected */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1469186559; if (t) @@ -47,207 +47,140 @@ static time_t mytime(time_t * t) } static const unsigned char _resp[] = { - 0x30, 0x82, 0x06, 0x45, 0x0A, 0x01, 0x00, 0xA0, - 0x82, 0x06, 0x3E, 0x30, 0x82, 0x06, 0x3A, 0x06, - 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, - 0x01, 0x01, 0x04, 0x82, 0x06, 0x2B, 0x30, 0x82, - 0x06, 0x27, 0x30, 0x81, 0x9E, 0xA2, 0x16, 0x04, - 0x14, 0x1E, 0xA5, 0xBD, 0xCA, 0x59, 0x64, 0x55, - 0x85, 0xAC, 0xDA, 0x54, 0x34, 0x23, 0x40, 0xD1, - 0xF6, 0xBD, 0xC3, 0xB0, 0xF6, 0x18, 0x0F, 0x32, - 0x30, 0x31, 0x37, 0x31, 0x31, 0x31, 0x39, 0x30, - 0x39, 0x34, 0x33, 0x34, 0x37, 0x5A, 0x30, 0x73, - 0x30, 0x71, 0x30, 0x49, 0x30, 0x09, 0x06, 0x05, - 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, - 0x14, 0xD1, 0xB1, 0x64, 0x8B, 0x8C, 0x9F, 0x0D, - 0xD1, 0x6B, 0xA3, 0x8A, 0xCD, 0x2B, 0x50, 0x17, - 0xD5, 0xF9, 0xCF, 0xC0, 0x64, 0x04, 0x14, 0x5F, - 0x60, 0xCF, 0x61, 0x90, 0x55, 0xDF, 0x84, 0x43, - 0x14, 0x8A, 0x60, 0x2A, 0xB2, 0xF5, 0x7A, 0xF4, - 0x43, 0x18, 0xEF, 0x02, 0x10, 0x28, 0x2E, 0x96, - 0xB3, 0x6B, 0x76, 0xD6, 0xD8, 0x52, 0x46, 0xED, - 0xBB, 0x31, 0xB2, 0x0C, 0x98, 0x80, 0x00, 0x18, - 0x0F, 0x32, 0x30, 0x31, 0x37, 0x31, 0x31, 0x31, - 0x39, 0x30, 0x39, 0x34, 0x33, 0x34, 0x37, 0x5A, - 0xA0, 0x11, 0x18, 0x0F, 0x32, 0x30, 0x31, 0x37, - 0x31, 0x31, 0x32, 0x36, 0x30, 0x39, 0x34, 0x33, - 0x34, 0x37, 0x5A, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, - 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x54, - 0x66, 0x9D, 0x96, 0x6B, 0x9D, 0x71, 0x18, 0x86, - 0x90, 0x5D, 0xD9, 0x54, 0x9C, 0xC4, 0x7F, 0x18, - 0x51, 0xE9, 0xFE, 0xF3, 0xE6, 0x48, 0x60, 0x89, - 0x74, 0xFD, 0xF1, 0x6D, 0xDB, 0x1F, 0x5A, 0x28, - 0x3D, 0x16, 0xEA, 0xA6, 0xD6, 0xE0, 0xAA, 0x42, - 0xF9, 0x5B, 0x76, 0xA1, 0x59, 0xDA, 0x30, 0x8D, - 0x08, 0x18, 0xDD, 0x60, 0x39, 0x0B, 0x90, 0x64, - 0x11, 0x1E, 0x9D, 0xA2, 0x70, 0x18, 0xAD, 0xC6, - 0x27, 0xD3, 0xF1, 0xBA, 0x11, 0x4E, 0xF6, 0x9D, - 0x6C, 0xC5, 0xEB, 0xD6, 0xB7, 0x43, 0x9D, 0x32, - 0x31, 0xC9, 0x24, 0x19, 0xB9, 0x47, 0x1C, 0x61, - 0x09, 0x8F, 0xAA, 0x42, 0x5B, 0xAF, 0x66, 0x0F, - 0x23, 0xAA, 0x80, 0xC0, 0x85, 0x7F, 0x00, 0x08, - 0xCA, 0x30, 0xE4, 0xC8, 0xDA, 0x2F, 0xC4, 0xD2, - 0x7E, 0x86, 0xCC, 0xDA, 0x6D, 0xD4, 0x7E, 0x40, - 0x66, 0xD8, 0x5C, 0x27, 0x83, 0xDA, 0x10, 0x8F, - 0x91, 0xA8, 0xE6, 0x9D, 0x44, 0x13, 0xF1, 0x04, - 0x4E, 0xC9, 0xF9, 0xC8, 0xA2, 0xED, 0x9C, 0x9F, - 0x05, 0xDA, 0xFA, 0x4A, 0xEA, 0xD2, 0x72, 0xF9, - 0xF1, 0xF6, 0xDB, 0xFF, 0xF8, 0x55, 0x0E, 0x92, - 0x75, 0xD6, 0x83, 0xBC, 0x7A, 0x95, 0xBE, 0xBF, - 0x8D, 0xD5, 0xA3, 0x23, 0x02, 0x32, 0xF8, 0x60, - 0xF7, 0x7C, 0x46, 0xC6, 0x69, 0x7E, 0xB7, 0x23, - 0xE1, 0x36, 0xC2, 0xEE, 0xBD, 0xFF, 0x3C, 0x05, - 0x5E, 0x07, 0x0C, 0xA6, 0x64, 0x65, 0x82, 0x46, - 0xC9, 0x67, 0x73, 0xC9, 0x15, 0xC8, 0xFA, 0x0F, - 0x73, 0xB5, 0x48, 0x0F, 0x0E, 0x6F, 0x43, 0xE8, - 0x8D, 0x7A, 0x21, 0x88, 0x12, 0x08, 0x37, 0x18, - 0x67, 0x66, 0x05, 0xD1, 0x2C, 0x4D, 0xE8, 0xA6, - 0x1B, 0x4D, 0x29, 0xD4, 0xEF, 0x79, 0x83, 0xDB, - 0xCA, 0x6E, 0xBC, 0xE4, 0xCA, 0x50, 0xB0, 0x73, - 0xEF, 0xD6, 0xC7, 0x69, 0xF6, 0x16, 0x1E, 0xA0, - 0x82, 0x04, 0x6E, 0x30, 0x82, 0x04, 0x6A, 0x30, - 0x82, 0x04, 0x66, 0x30, 0x82, 0x03, 0x4E, 0xA0, - 0x03, 0x02, 0x01, 0x02, 0x02, 0x10, 0x6F, 0x93, - 0x87, 0x5C, 0x4B, 0x9E, 0x94, 0x93, 0xF8, 0x5F, - 0x16, 0xA7, 0x05, 0x86, 0x82, 0x8C, 0x30, 0x0D, - 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x7E, 0x31, - 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, - 0x13, 0x02, 0x55, 0x53, 0x31, 0x1D, 0x30, 0x1B, - 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x14, 0x53, - 0x79, 0x6D, 0x61, 0x6E, 0x74, 0x65, 0x63, 0x20, - 0x43, 0x6F, 0x72, 0x70, 0x6F, 0x72, 0x61, 0x74, - 0x69, 0x6F, 0x6E, 0x31, 0x1F, 0x30, 0x1D, 0x06, - 0x03, 0x55, 0x04, 0x0B, 0x13, 0x16, 0x53, 0x79, - 0x6D, 0x61, 0x6E, 0x74, 0x65, 0x63, 0x20, 0x54, - 0x72, 0x75, 0x73, 0x74, 0x20, 0x4E, 0x65, 0x74, - 0x77, 0x6F, 0x72, 0x6B, 0x31, 0x2F, 0x30, 0x2D, - 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x26, 0x53, - 0x79, 0x6D, 0x61, 0x6E, 0x74, 0x65, 0x63, 0x20, - 0x43, 0x6C, 0x61, 0x73, 0x73, 0x20, 0x33, 0x20, - 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x20, 0x53, - 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x43, 0x41, - 0x20, 0x2D, 0x20, 0x47, 0x34, 0x30, 0x1E, 0x17, - 0x0D, 0x31, 0x37, 0x31, 0x30, 0x31, 0x30, 0x30, - 0x30, 0x30, 0x30, 0x30, 0x30, 0x5A, 0x17, 0x0D, - 0x31, 0x38, 0x30, 0x31, 0x30, 0x38, 0x32, 0x33, - 0x35, 0x39, 0x35, 0x39, 0x5A, 0x30, 0x40, 0x31, - 0x3E, 0x30, 0x3C, 0x06, 0x03, 0x55, 0x04, 0x03, - 0x13, 0x35, 0x53, 0x79, 0x6D, 0x61, 0x6E, 0x74, - 0x65, 0x63, 0x20, 0x43, 0x6C, 0x61, 0x73, 0x73, - 0x20, 0x33, 0x20, 0x53, 0x65, 0x63, 0x75, 0x72, - 0x65, 0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, - 0x20, 0x43, 0x41, 0x20, 0x2D, 0x20, 0x47, 0x34, - 0x20, 0x4F, 0x43, 0x53, 0x50, 0x20, 0x52, 0x65, - 0x73, 0x70, 0x6F, 0x6E, 0x64, 0x65, 0x72, 0x30, - 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, - 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, - 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, - 0xBA, 0xB1, 0x3E, 0xBD, 0xF0, 0x1E, 0x19, 0x16, - 0xEA, 0x20, 0x44, 0x73, 0x1F, 0xD8, 0x85, 0x17, - 0xC4, 0xBF, 0x86, 0xF0, 0x75, 0x46, 0x02, 0xA8, - 0x5B, 0x7F, 0xA8, 0xF8, 0xB2, 0x08, 0x08, 0x55, - 0x01, 0xDD, 0x5B, 0xA4, 0x0B, 0xBD, 0x8A, 0x0A, - 0x87, 0x90, 0x62, 0x21, 0x59, 0x67, 0x33, 0x36, - 0x77, 0x49, 0xAB, 0x69, 0x4B, 0xDB, 0xB8, 0xFC, - 0x27, 0xA9, 0x81, 0x4A, 0x1F, 0x5F, 0x7D, 0x5C, - 0xC2, 0xE6, 0x54, 0x12, 0xFB, 0xA7, 0xEB, 0x9F, - 0xB5, 0xAC, 0x05, 0xBE, 0xA9, 0x58, 0xAA, 0x49, - 0x32, 0xEE, 0x73, 0xE8, 0x2F, 0xB1, 0xD3, 0x2E, - 0x13, 0xBC, 0x26, 0x23, 0xA0, 0x82, 0xD4, 0x25, - 0x20, 0x34, 0xAE, 0x16, 0x48, 0xFB, 0x55, 0x2B, - 0x58, 0xC9, 0xC4, 0x84, 0xAC, 0xF7, 0xC4, 0x78, - 0x62, 0xB7, 0xBF, 0xA2, 0x32, 0xC7, 0x34, 0x1C, - 0xDF, 0x9E, 0xFE, 0xA8, 0x04, 0x85, 0xAF, 0xCB, - 0x5A, 0xD6, 0xC6, 0x68, 0x9F, 0x28, 0x03, 0xB7, - 0x98, 0x8E, 0xD4, 0xA5, 0xE1, 0x18, 0xD1, 0x64, - 0x79, 0x67, 0x04, 0x33, 0x6C, 0x4B, 0xE0, 0xCF, - 0x34, 0xFC, 0x81, 0x27, 0x98, 0x16, 0xBB, 0xA3, - 0x9F, 0xE1, 0x4D, 0x2B, 0x71, 0x21, 0x41, 0x90, - 0xFF, 0x20, 0xB8, 0x4A, 0xCF, 0xB2, 0x2D, 0xB1, - 0xF8, 0x89, 0x40, 0xBC, 0xB3, 0x9F, 0x94, 0x1C, - 0xF4, 0x68, 0xEA, 0x7B, 0x31, 0x29, 0xDA, 0x71, - 0xCC, 0x37, 0x9A, 0xF9, 0x36, 0x0B, 0x58, 0x11, - 0x6F, 0x28, 0x14, 0x6F, 0xAF, 0x57, 0x6B, 0xD7, - 0xBD, 0x36, 0x98, 0xF4, 0x6C, 0x84, 0xF8, 0x48, - 0xF1, 0xBF, 0x88, 0xEB, 0x5C, 0x06, 0x8B, 0x02, - 0xF1, 0xDF, 0x6A, 0xFD, 0x61, 0xCF, 0x05, 0x5E, - 0xB5, 0x99, 0x85, 0x31, 0x41, 0x1D, 0xE5, 0x67, - 0x5C, 0x83, 0xA2, 0xBA, 0x9C, 0x9C, 0x37, 0x44, - 0xEF, 0xBC, 0x0E, 0xDE, 0xBF, 0x91, 0x5B, 0x1F, - 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, - 0x1C, 0x30, 0x82, 0x01, 0x18, 0x30, 0x0F, 0x06, - 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, - 0x01, 0x05, 0x04, 0x02, 0x05, 0x00, 0x30, 0x22, - 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x1B, 0x30, - 0x19, 0xA4, 0x17, 0x30, 0x15, 0x31, 0x13, 0x30, - 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0A, - 0x54, 0x47, 0x56, 0x2D, 0x45, 0x2D, 0x33, 0x32, - 0x35, 0x36, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, - 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x5F, - 0x60, 0xCF, 0x61, 0x90, 0x55, 0xDF, 0x84, 0x43, - 0x14, 0x8A, 0x60, 0x2A, 0xB2, 0xF5, 0x7A, 0xF4, - 0x43, 0x18, 0xEF, 0x30, 0x1D, 0x06, 0x03, 0x55, - 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x1E, 0xA5, - 0xBD, 0xCA, 0x59, 0x64, 0x55, 0x85, 0xAC, 0xDA, - 0x54, 0x34, 0x23, 0x40, 0xD1, 0xF6, 0xBD, 0xC3, - 0xB0, 0xF6, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, - 0x13, 0x01, 0x01, 0xFF, 0x04, 0x02, 0x30, 0x00, - 0x30, 0x6E, 0x06, 0x03, 0x55, 0x1D, 0x20, 0x04, - 0x67, 0x30, 0x65, 0x30, 0x63, 0x06, 0x0B, 0x60, - 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x07, - 0x17, 0x03, 0x30, 0x54, 0x30, 0x26, 0x06, 0x08, - 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x01, - 0x16, 0x1A, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, - 0x2F, 0x77, 0x77, 0x77, 0x2E, 0x73, 0x79, 0x6D, - 0x61, 0x75, 0x74, 0x68, 0x2E, 0x63, 0x6F, 0x6D, - 0x2F, 0x63, 0x70, 0x73, 0x30, 0x2A, 0x06, 0x08, - 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x02, - 0x30, 0x1E, 0x1A, 0x1C, 0x20, 0x20, 0x68, 0x74, - 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x77, 0x77, 0x77, - 0x2E, 0x73, 0x79, 0x6D, 0x61, 0x75, 0x74, 0x68, - 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x72, 0x70, 0x61, - 0x30, 0x13, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, - 0x0C, 0x30, 0x0A, 0x06, 0x08, 0x2B, 0x06, 0x01, - 0x05, 0x05, 0x07, 0x03, 0x09, 0x30, 0x0E, 0x06, - 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, - 0x04, 0x03, 0x02, 0x07, 0x80, 0x30, 0x0D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, - 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, - 0x00, 0x45, 0xFF, 0xCA, 0xD2, 0xAC, 0x71, 0xBE, - 0xA5, 0x62, 0x86, 0x93, 0x30, 0xD0, 0xE5, 0xE5, - 0x87, 0xFC, 0xAA, 0x29, 0x73, 0x36, 0xD6, 0x66, - 0x33, 0xC4, 0xCB, 0xC5, 0x6E, 0xC6, 0x2C, 0x8C, - 0x8E, 0xEE, 0x4D, 0xC2, 0xFA, 0xB3, 0xC0, 0xE7, - 0x11, 0x02, 0x69, 0x7A, 0xC5, 0x89, 0x28, 0x86, - 0x31, 0xD5, 0x14, 0x43, 0x5A, 0x20, 0xB7, 0xBD, - 0x1C, 0x0B, 0x1C, 0x3C, 0x84, 0x58, 0xBA, 0x56, - 0x14, 0x5B, 0xB8, 0x38, 0x97, 0x18, 0x66, 0xD6, - 0x12, 0x51, 0x4B, 0x5A, 0x2D, 0x0D, 0x00, 0xA7, - 0xBA, 0x5A, 0xC9, 0x0C, 0x4B, 0x10, 0xDE, 0xF5, - 0xAE, 0x56, 0xA5, 0x24, 0xC6, 0x3E, 0x5E, 0xD9, - 0xF1, 0x39, 0x76, 0x0C, 0xD7, 0x4A, 0xBF, 0x19, - 0x1F, 0x14, 0xA4, 0x18, 0xEC, 0x0F, 0x5D, 0x47, - 0x00, 0x75, 0xF0, 0x4E, 0xB3, 0xA1, 0xB4, 0x81, - 0x7B, 0x97, 0xAC, 0x0A, 0xA8, 0x5E, 0x92, 0xCC, - 0xB0, 0x80, 0x53, 0x66, 0xFF, 0xC6, 0x1B, 0x71, - 0xAF, 0xE3, 0x46, 0x55, 0x9D, 0x26, 0x51, 0x97, - 0xB0, 0x66, 0x9D, 0x06, 0x70, 0xC5, 0x04, 0x78, - 0xBC, 0x99, 0x42, 0xBA, 0x77, 0x82, 0x0E, 0xE8, - 0x92, 0x18, 0x4A, 0x72, 0x92, 0x13, 0x25, 0x7F, - 0x40, 0x15, 0xF7, 0xA8, 0x07, 0xA2, 0xAD, 0x03, - 0xBA, 0x1C, 0xF2, 0x93, 0xBE, 0x14, 0x72, 0x69, - 0x2B, 0x85, 0xAC, 0x2E, 0x2C, 0xBF, 0x1C, 0xC6, - 0x6C, 0x91, 0xF3, 0x2F, 0xF0, 0xB0, 0x8A, 0xC3, - 0xB8, 0xAC, 0x9B, 0xD1, 0xA1, 0x4C, 0xB7, 0x34, - 0xCA, 0xC6, 0x90, 0x15, 0xA7, 0x39, 0xB4, 0xF1, - 0xED, 0x54, 0x53, 0x5C, 0x29, 0x6F, 0xCE, 0x97, - 0x3E, 0x72, 0x79, 0x24, 0xEA, 0xC8, 0x87, 0x21, - 0x5F, 0x40, 0xBF, 0x53, 0x37, 0x8E, 0xCA, 0x0B, - 0x44, 0xD0, 0x4B, 0x6E, 0xAD, 0x94, 0xFB, 0x0F, - 0x33, 0xFE, 0x86, 0xDF, 0x4C, 0xE9, 0x94, 0xBB, + 0x30, 0x82, 0x06, 0x45, 0x0A, 0x01, 0x00, 0xA0, 0x82, 0x06, 0x3E, 0x30, + 0x82, 0x06, 0x3A, 0x06, 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, + 0x01, 0x01, 0x04, 0x82, 0x06, 0x2B, 0x30, 0x82, 0x06, 0x27, 0x30, 0x81, + 0x9E, 0xA2, 0x16, 0x04, 0x14, 0x1E, 0xA5, 0xBD, 0xCA, 0x59, 0x64, 0x55, + 0x85, 0xAC, 0xDA, 0x54, 0x34, 0x23, 0x40, 0xD1, 0xF6, 0xBD, 0xC3, 0xB0, + 0xF6, 0x18, 0x0F, 0x32, 0x30, 0x31, 0x37, 0x31, 0x31, 0x31, 0x39, 0x30, + 0x39, 0x34, 0x33, 0x34, 0x37, 0x5A, 0x30, 0x73, 0x30, 0x71, 0x30, 0x49, + 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, + 0x14, 0xD1, 0xB1, 0x64, 0x8B, 0x8C, 0x9F, 0x0D, 0xD1, 0x6B, 0xA3, 0x8A, + 0xCD, 0x2B, 0x50, 0x17, 0xD5, 0xF9, 0xCF, 0xC0, 0x64, 0x04, 0x14, 0x5F, + 0x60, 0xCF, 0x61, 0x90, 0x55, 0xDF, 0x84, 0x43, 0x14, 0x8A, 0x60, 0x2A, + 0xB2, 0xF5, 0x7A, 0xF4, 0x43, 0x18, 0xEF, 0x02, 0x10, 0x28, 0x2E, 0x96, + 0xB3, 0x6B, 0x76, 0xD6, 0xD8, 0x52, 0x46, 0xED, 0xBB, 0x31, 0xB2, 0x0C, + 0x98, 0x80, 0x00, 0x18, 0x0F, 0x32, 0x30, 0x31, 0x37, 0x31, 0x31, 0x31, + 0x39, 0x30, 0x39, 0x34, 0x33, 0x34, 0x37, 0x5A, 0xA0, 0x11, 0x18, 0x0F, + 0x32, 0x30, 0x31, 0x37, 0x31, 0x31, 0x32, 0x36, 0x30, 0x39, 0x34, 0x33, + 0x34, 0x37, 0x5A, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x54, + 0x66, 0x9D, 0x96, 0x6B, 0x9D, 0x71, 0x18, 0x86, 0x90, 0x5D, 0xD9, 0x54, + 0x9C, 0xC4, 0x7F, 0x18, 0x51, 0xE9, 0xFE, 0xF3, 0xE6, 0x48, 0x60, 0x89, + 0x74, 0xFD, 0xF1, 0x6D, 0xDB, 0x1F, 0x5A, 0x28, 0x3D, 0x16, 0xEA, 0xA6, + 0xD6, 0xE0, 0xAA, 0x42, 0xF9, 0x5B, 0x76, 0xA1, 0x59, 0xDA, 0x30, 0x8D, + 0x08, 0x18, 0xDD, 0x60, 0x39, 0x0B, 0x90, 0x64, 0x11, 0x1E, 0x9D, 0xA2, + 0x70, 0x18, 0xAD, 0xC6, 0x27, 0xD3, 0xF1, 0xBA, 0x11, 0x4E, 0xF6, 0x9D, + 0x6C, 0xC5, 0xEB, 0xD6, 0xB7, 0x43, 0x9D, 0x32, 0x31, 0xC9, 0x24, 0x19, + 0xB9, 0x47, 0x1C, 0x61, 0x09, 0x8F, 0xAA, 0x42, 0x5B, 0xAF, 0x66, 0x0F, + 0x23, 0xAA, 0x80, 0xC0, 0x85, 0x7F, 0x00, 0x08, 0xCA, 0x30, 0xE4, 0xC8, + 0xDA, 0x2F, 0xC4, 0xD2, 0x7E, 0x86, 0xCC, 0xDA, 0x6D, 0xD4, 0x7E, 0x40, + 0x66, 0xD8, 0x5C, 0x27, 0x83, 0xDA, 0x10, 0x8F, 0x91, 0xA8, 0xE6, 0x9D, + 0x44, 0x13, 0xF1, 0x04, 0x4E, 0xC9, 0xF9, 0xC8, 0xA2, 0xED, 0x9C, 0x9F, + 0x05, 0xDA, 0xFA, 0x4A, 0xEA, 0xD2, 0x72, 0xF9, 0xF1, 0xF6, 0xDB, 0xFF, + 0xF8, 0x55, 0x0E, 0x92, 0x75, 0xD6, 0x83, 0xBC, 0x7A, 0x95, 0xBE, 0xBF, + 0x8D, 0xD5, 0xA3, 0x23, 0x02, 0x32, 0xF8, 0x60, 0xF7, 0x7C, 0x46, 0xC6, + 0x69, 0x7E, 0xB7, 0x23, 0xE1, 0x36, 0xC2, 0xEE, 0xBD, 0xFF, 0x3C, 0x05, + 0x5E, 0x07, 0x0C, 0xA6, 0x64, 0x65, 0x82, 0x46, 0xC9, 0x67, 0x73, 0xC9, + 0x15, 0xC8, 0xFA, 0x0F, 0x73, 0xB5, 0x48, 0x0F, 0x0E, 0x6F, 0x43, 0xE8, + 0x8D, 0x7A, 0x21, 0x88, 0x12, 0x08, 0x37, 0x18, 0x67, 0x66, 0x05, 0xD1, + 0x2C, 0x4D, 0xE8, 0xA6, 0x1B, 0x4D, 0x29, 0xD4, 0xEF, 0x79, 0x83, 0xDB, + 0xCA, 0x6E, 0xBC, 0xE4, 0xCA, 0x50, 0xB0, 0x73, 0xEF, 0xD6, 0xC7, 0x69, + 0xF6, 0x16, 0x1E, 0xA0, 0x82, 0x04, 0x6E, 0x30, 0x82, 0x04, 0x6A, 0x30, + 0x82, 0x04, 0x66, 0x30, 0x82, 0x03, 0x4E, 0xA0, 0x03, 0x02, 0x01, 0x02, + 0x02, 0x10, 0x6F, 0x93, 0x87, 0x5C, 0x4B, 0x9E, 0x94, 0x93, 0xF8, 0x5F, + 0x16, 0xA7, 0x05, 0x86, 0x82, 0x8C, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x7E, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, + 0x31, 0x1D, 0x30, 0x1B, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x14, 0x53, + 0x79, 0x6D, 0x61, 0x6E, 0x74, 0x65, 0x63, 0x20, 0x43, 0x6F, 0x72, 0x70, + 0x6F, 0x72, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x31, 0x1F, 0x30, 0x1D, 0x06, + 0x03, 0x55, 0x04, 0x0B, 0x13, 0x16, 0x53, 0x79, 0x6D, 0x61, 0x6E, 0x74, + 0x65, 0x63, 0x20, 0x54, 0x72, 0x75, 0x73, 0x74, 0x20, 0x4E, 0x65, 0x74, + 0x77, 0x6F, 0x72, 0x6B, 0x31, 0x2F, 0x30, 0x2D, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x13, 0x26, 0x53, 0x79, 0x6D, 0x61, 0x6E, 0x74, 0x65, 0x63, 0x20, + 0x43, 0x6C, 0x61, 0x73, 0x73, 0x20, 0x33, 0x20, 0x53, 0x65, 0x63, 0x75, + 0x72, 0x65, 0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x43, 0x41, + 0x20, 0x2D, 0x20, 0x47, 0x34, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x37, 0x31, + 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5A, 0x17, 0x0D, + 0x31, 0x38, 0x30, 0x31, 0x30, 0x38, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, + 0x5A, 0x30, 0x40, 0x31, 0x3E, 0x30, 0x3C, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x13, 0x35, 0x53, 0x79, 0x6D, 0x61, 0x6E, 0x74, 0x65, 0x63, 0x20, 0x43, + 0x6C, 0x61, 0x73, 0x73, 0x20, 0x33, 0x20, 0x53, 0x65, 0x63, 0x75, 0x72, + 0x65, 0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x43, 0x41, 0x20, + 0x2D, 0x20, 0x47, 0x34, 0x20, 0x4F, 0x43, 0x53, 0x50, 0x20, 0x52, 0x65, + 0x73, 0x70, 0x6F, 0x6E, 0x64, 0x65, 0x72, 0x30, 0x82, 0x01, 0x22, 0x30, + 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, + 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A, 0x02, + 0x82, 0x01, 0x01, 0x00, 0xBA, 0xB1, 0x3E, 0xBD, 0xF0, 0x1E, 0x19, 0x16, + 0xEA, 0x20, 0x44, 0x73, 0x1F, 0xD8, 0x85, 0x17, 0xC4, 0xBF, 0x86, 0xF0, + 0x75, 0x46, 0x02, 0xA8, 0x5B, 0x7F, 0xA8, 0xF8, 0xB2, 0x08, 0x08, 0x55, + 0x01, 0xDD, 0x5B, 0xA4, 0x0B, 0xBD, 0x8A, 0x0A, 0x87, 0x90, 0x62, 0x21, + 0x59, 0x67, 0x33, 0x36, 0x77, 0x49, 0xAB, 0x69, 0x4B, 0xDB, 0xB8, 0xFC, + 0x27, 0xA9, 0x81, 0x4A, 0x1F, 0x5F, 0x7D, 0x5C, 0xC2, 0xE6, 0x54, 0x12, + 0xFB, 0xA7, 0xEB, 0x9F, 0xB5, 0xAC, 0x05, 0xBE, 0xA9, 0x58, 0xAA, 0x49, + 0x32, 0xEE, 0x73, 0xE8, 0x2F, 0xB1, 0xD3, 0x2E, 0x13, 0xBC, 0x26, 0x23, + 0xA0, 0x82, 0xD4, 0x25, 0x20, 0x34, 0xAE, 0x16, 0x48, 0xFB, 0x55, 0x2B, + 0x58, 0xC9, 0xC4, 0x84, 0xAC, 0xF7, 0xC4, 0x78, 0x62, 0xB7, 0xBF, 0xA2, + 0x32, 0xC7, 0x34, 0x1C, 0xDF, 0x9E, 0xFE, 0xA8, 0x04, 0x85, 0xAF, 0xCB, + 0x5A, 0xD6, 0xC6, 0x68, 0x9F, 0x28, 0x03, 0xB7, 0x98, 0x8E, 0xD4, 0xA5, + 0xE1, 0x18, 0xD1, 0x64, 0x79, 0x67, 0x04, 0x33, 0x6C, 0x4B, 0xE0, 0xCF, + 0x34, 0xFC, 0x81, 0x27, 0x98, 0x16, 0xBB, 0xA3, 0x9F, 0xE1, 0x4D, 0x2B, + 0x71, 0x21, 0x41, 0x90, 0xFF, 0x20, 0xB8, 0x4A, 0xCF, 0xB2, 0x2D, 0xB1, + 0xF8, 0x89, 0x40, 0xBC, 0xB3, 0x9F, 0x94, 0x1C, 0xF4, 0x68, 0xEA, 0x7B, + 0x31, 0x29, 0xDA, 0x71, 0xCC, 0x37, 0x9A, 0xF9, 0x36, 0x0B, 0x58, 0x11, + 0x6F, 0x28, 0x14, 0x6F, 0xAF, 0x57, 0x6B, 0xD7, 0xBD, 0x36, 0x98, 0xF4, + 0x6C, 0x84, 0xF8, 0x48, 0xF1, 0xBF, 0x88, 0xEB, 0x5C, 0x06, 0x8B, 0x02, + 0xF1, 0xDF, 0x6A, 0xFD, 0x61, 0xCF, 0x05, 0x5E, 0xB5, 0x99, 0x85, 0x31, + 0x41, 0x1D, 0xE5, 0x67, 0x5C, 0x83, 0xA2, 0xBA, 0x9C, 0x9C, 0x37, 0x44, + 0xEF, 0xBC, 0x0E, 0xDE, 0xBF, 0x91, 0x5B, 0x1F, 0x02, 0x03, 0x01, 0x00, + 0x01, 0xA3, 0x82, 0x01, 0x1C, 0x30, 0x82, 0x01, 0x18, 0x30, 0x0F, 0x06, + 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x05, 0x04, 0x02, + 0x05, 0x00, 0x30, 0x22, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x1B, 0x30, + 0x19, 0xA4, 0x17, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, + 0x04, 0x03, 0x13, 0x0A, 0x54, 0x47, 0x56, 0x2D, 0x45, 0x2D, 0x33, 0x32, + 0x35, 0x36, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30, + 0x16, 0x80, 0x14, 0x5F, 0x60, 0xCF, 0x61, 0x90, 0x55, 0xDF, 0x84, 0x43, + 0x14, 0x8A, 0x60, 0x2A, 0xB2, 0xF5, 0x7A, 0xF4, 0x43, 0x18, 0xEF, 0x30, + 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x1E, 0xA5, + 0xBD, 0xCA, 0x59, 0x64, 0x55, 0x85, 0xAC, 0xDA, 0x54, 0x34, 0x23, 0x40, + 0xD1, 0xF6, 0xBD, 0xC3, 0xB0, 0xF6, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, + 0x13, 0x01, 0x01, 0xFF, 0x04, 0x02, 0x30, 0x00, 0x30, 0x6E, 0x06, 0x03, + 0x55, 0x1D, 0x20, 0x04, 0x67, 0x30, 0x65, 0x30, 0x63, 0x06, 0x0B, 0x60, + 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x07, 0x17, 0x03, 0x30, 0x54, + 0x30, 0x26, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x01, + 0x16, 0x1A, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x77, 0x77, 0x77, + 0x2E, 0x73, 0x79, 0x6D, 0x61, 0x75, 0x74, 0x68, 0x2E, 0x63, 0x6F, 0x6D, + 0x2F, 0x63, 0x70, 0x73, 0x30, 0x2A, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, + 0x05, 0x07, 0x02, 0x02, 0x30, 0x1E, 0x1A, 0x1C, 0x20, 0x20, 0x68, 0x74, + 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x77, 0x77, 0x77, 0x2E, 0x73, 0x79, 0x6D, + 0x61, 0x75, 0x74, 0x68, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x72, 0x70, 0x61, + 0x30, 0x13, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x0C, 0x30, 0x0A, 0x06, + 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x09, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x07, + 0x80, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x45, 0xFF, 0xCA, + 0xD2, 0xAC, 0x71, 0xBE, 0xA5, 0x62, 0x86, 0x93, 0x30, 0xD0, 0xE5, 0xE5, + 0x87, 0xFC, 0xAA, 0x29, 0x73, 0x36, 0xD6, 0x66, 0x33, 0xC4, 0xCB, 0xC5, + 0x6E, 0xC6, 0x2C, 0x8C, 0x8E, 0xEE, 0x4D, 0xC2, 0xFA, 0xB3, 0xC0, 0xE7, + 0x11, 0x02, 0x69, 0x7A, 0xC5, 0x89, 0x28, 0x86, 0x31, 0xD5, 0x14, 0x43, + 0x5A, 0x20, 0xB7, 0xBD, 0x1C, 0x0B, 0x1C, 0x3C, 0x84, 0x58, 0xBA, 0x56, + 0x14, 0x5B, 0xB8, 0x38, 0x97, 0x18, 0x66, 0xD6, 0x12, 0x51, 0x4B, 0x5A, + 0x2D, 0x0D, 0x00, 0xA7, 0xBA, 0x5A, 0xC9, 0x0C, 0x4B, 0x10, 0xDE, 0xF5, + 0xAE, 0x56, 0xA5, 0x24, 0xC6, 0x3E, 0x5E, 0xD9, 0xF1, 0x39, 0x76, 0x0C, + 0xD7, 0x4A, 0xBF, 0x19, 0x1F, 0x14, 0xA4, 0x18, 0xEC, 0x0F, 0x5D, 0x47, + 0x00, 0x75, 0xF0, 0x4E, 0xB3, 0xA1, 0xB4, 0x81, 0x7B, 0x97, 0xAC, 0x0A, + 0xA8, 0x5E, 0x92, 0xCC, 0xB0, 0x80, 0x53, 0x66, 0xFF, 0xC6, 0x1B, 0x71, + 0xAF, 0xE3, 0x46, 0x55, 0x9D, 0x26, 0x51, 0x97, 0xB0, 0x66, 0x9D, 0x06, + 0x70, 0xC5, 0x04, 0x78, 0xBC, 0x99, 0x42, 0xBA, 0x77, 0x82, 0x0E, 0xE8, + 0x92, 0x18, 0x4A, 0x72, 0x92, 0x13, 0x25, 0x7F, 0x40, 0x15, 0xF7, 0xA8, + 0x07, 0xA2, 0xAD, 0x03, 0xBA, 0x1C, 0xF2, 0x93, 0xBE, 0x14, 0x72, 0x69, + 0x2B, 0x85, 0xAC, 0x2E, 0x2C, 0xBF, 0x1C, 0xC6, 0x6C, 0x91, 0xF3, 0x2F, + 0xF0, 0xB0, 0x8A, 0xC3, 0xB8, 0xAC, 0x9B, 0xD1, 0xA1, 0x4C, 0xB7, 0x34, + 0xCA, 0xC6, 0x90, 0x15, 0xA7, 0x39, 0xB4, 0xF1, 0xED, 0x54, 0x53, 0x5C, + 0x29, 0x6F, 0xCE, 0x97, 0x3E, 0x72, 0x79, 0x24, 0xEA, 0xC8, 0x87, 0x21, + 0x5F, 0x40, 0xBF, 0x53, 0x37, 0x8E, 0xCA, 0x0B, 0x44, 0xD0, 0x4B, 0x6E, + 0xAD, 0x94, 0xFB, 0x0F, 0x33, 0xFE, 0x86, 0xDF, 0x4C, 0xE9, 0x94, 0xBB, 0x3F }; @@ -270,8 +203,8 @@ static void check_response(gnutls_session_t session, void *priv) fail("not expected response, but received one\n"); } - if (resp.size != exp_resp->size - || memcmp(resp.data, exp_resp->data, resp.size) != 0) { + if (resp.size != exp_resp->size || + memcmp(resp.data, exp_resp->data, resp.size) != 0) { fail("did not receive the expected response\n"); } @@ -281,9 +214,8 @@ static void check_response(gnutls_session_t session, void *priv) fail("did not receive the expected value (%d)\n", ret); } - ret = - gnutls_ocsp_status_request_is_checked(session, - GNUTLS_OCSP_SR_IS_AVAIL); + ret = gnutls_ocsp_status_request_is_checked(session, + GNUTLS_OCSP_SR_IS_AVAIL); if (ret == 0) { fail("did not receive the expected value (%d)\n", ret); } @@ -311,34 +243,29 @@ void doit(void) fp = fopen(certfile, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (server_localhost_ca3_cert_chain_pem, 1, - strlen(server_localhost_ca3_cert_chain_pem), fp) > 0); - assert(fwrite - (server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), - fp) > 0); + assert(fwrite(server_localhost_ca3_cert_chain_pem, 1, + strlen(server_localhost_ca3_cert_chain_pem), fp) > 0); + assert(fwrite(server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), + fp) > 0); fclose(fp); /* set cert with localhost name */ - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile, certfile, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile, certfile, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); fp = fopen(certfile, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (server_localhost6_ca3_cert_chain_pem, 1, - strlen(server_localhost6_ca3_cert_chain_pem), fp) > 0); - assert(fwrite - (server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), - fp) > 0); + assert(fwrite(server_localhost6_ca3_cert_chain_pem, 1, + strlen(server_localhost6_ca3_cert_chain_pem), fp) > 0); + assert(fwrite(server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), + fp) > 0); fclose(fp); - gnutls_certificate_set_flags(xcred, - GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK); + gnutls_certificate_set_flags( + xcred, GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK); /* set OCSP response */ ocspfile1 = get_tmpname(ocspname1); @@ -348,9 +275,8 @@ void doit(void) assert(fwrite(ocsp_resp1.data, 1, ocsp_resp1.size, fp) > 0); fclose(fp); - ret = - gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile1, - 0); + ret = gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile1, + 0); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); @@ -374,16 +300,19 @@ void doit(void) GNUTLS_VERIFY_DISABLE_CRL_CHECKS) fail("error in gnutls_certificate_set_verify_flags\n"); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in setting trust cert: %s\n", gnutls_strerror(ret)); } - test_cli_serv(xcred, clicred, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2", "localhost", &ocsp_resp1, check_response, NULL); /* the DNS name of the first cert */ + test_cli_serv(xcred, clicred, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2", + "localhost", &ocsp_resp1, check_response, + NULL); /* the DNS name of the first cert */ - test_cli_serv(xcred, clicred, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", "localhost", &ocsp_resp1, check_response, NULL); /* the DNS name of the first cert */ + test_cli_serv(xcred, clicred, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", + "localhost", &ocsp_resp1, check_response, + NULL); /* the DNS name of the first cert */ gnutls_certificate_free_credentials(xcred); gnutls_certificate_free_credentials(clicred); diff --git a/tests/set_x509_key_file_ocsp_multi2.c b/tests/set_x509_key_file_ocsp_multi2.c index 1741cdc63b..3026bb48e3 100644 --- a/tests/set_x509_key_file_ocsp_multi2.c +++ b/tests/set_x509_key_file_ocsp_multi2.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -32,14 +32,14 @@ #ifdef ENABLE_OCSP -# include "cert-common.h" -# include "utils.h" +#include "cert-common.h" +#include "utils.h" /* Tests whether setting an OCSP response to a server with multiple * certificate sets, is working as expected. It tests * gnutls_certificate_set_ocsp_status_request_function2 */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1469186559; if (t) @@ -48,19 +48,22 @@ static time_t mytime(time_t * t) return then; } -# define RESP1 "\x30\x82\x06\x8C\x0A\x01\x00\xA0\x82\x06\x85\x30\x82\x06\x81\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\x72\x30\x82\x06\x6E\x30\x82\x01\x07\xA1\x69\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\x30\x64\x30\x62\x30\x3A\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\x13\x9D\xA0\x9E\xF4\x32\xAB\x8F\xE2\x89\x56\x67\xFA\xD0\xD4\xE3\x35\x86\x71\xB9\x04\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\x02\x01\x1D\x80\x00\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\xA0\x11\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x39\x32\x38\x5A\xA1\x23\x30\x21\x30\x1F\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x16\x89\x7D\x91\x3A\xB5\x25\xA4\x45\xFE\xC9\xFD\xC2\xE5\x08\xA4\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x4E\xAD\x6B\x2B\xF7\xF2\xBF\xA9\x23\x1E\x3A\x0B\x06\xDB\x55\x53\x2B\x64\x54\x11\x32\xBF\x60\xF7\x4F\xE0\x8E\x9B\xA0\xA2\x4C\x79\xC3\x2A\xE0\x43\xF7\x40\x1A\xDC\xB9\xB4\x25\xEF\x48\x01\x97\x8C\xF5\x1E\xDB\xD1\x30\x37\x73\x69\xD6\xA7\x7A\x2D\x8E\xDE\x5C\xAA\xEA\x39\xB9\x52\xAA\x25\x1E\x74\x7D\xF9\x78\x95\x8A\x92\x1F\x98\x21\xF4\x60\x7F\xD3\x28\xEE\x47\x9C\xBF\xE2\x5D\xF6\x3F\x68\x0A\xD6\xFF\x08\xC1\xDC\x95\x1E\x29\xD7\x3E\x85\xD5\x65\xA4\x4B\xC0\xAF\xC3\x78\xAB\x06\x98\x88\x19\x8A\x64\xA6\x83\x91\x87\x13\xDB\x17\xCC\x46\xBD\xAB\x4E\xC7\x16\xD1\xF8\x35\xFD\x27\xC8\xF6\x6B\xEB\x37\xB8\x08\x6F\xE2\x6F\xB4\x7E\xD5\x68\xDB\x7F\x5D\x5E\x36\x38\xF2\x77\x59\x13\xE7\x3E\x4D\x67\x5F\xDB\xA2\xF5\x5D\x7C\xBF\xBD\xB5\x37\x33\x51\x36\x63\xF8\x21\x1E\xFC\x73\x8F\x32\x69\xBB\x97\xA7\xBD\xF1\xB6\xE0\x40\x09\x68\xEA\xD5\x93\xB8\xBB\x39\x8D\xA8\x16\x1B\xBF\x04\x7A\xBC\x18\x43\x01\xE9\x3C\x19\x5C\x4D\x4B\x98\xD8\x23\x37\x39\xA4\xC4\xDD\xED\x9C\xEC\x37\xAB\x66\x44\x9B\xE7\x5B\x5D\x32\xA2\xDB\xA6\x0B\x3B\x8C\xE1\xF5\xDB\xCB\x7D\x58\xA0\x82\x04\x4B\x30\x82\x04\x47\x30\x82\x04\x43\x30\x82\x03\x2B\xA0\x03\x02\x01\x02\x02\x01\x1E\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x1E\x17\x0D\x30\x39\x31\x31\x32\x34\x31\x32\x35\x31\x35\x33\x5A\x17\x0D\x31\x34\x31\x31\x32\x33\x31\x32\x35\x31\x35\x33\x5A\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\xBC\x05\x3E\x4B\xBE\xC6\xB1\x33\x48\x0E\xC3\xD4\x0C\xEF\x83\x0B\xBD\xBC\x57\x5F\x14\xEF\xF5\x6D\x0B\xFF\xFA\x01\x9C\xFA\x21\x6D\x5C\xAE\x79\x29\x74\xFE\xBD\xAB\x70\x87\x98\x6B\x48\x35\x79\xE3\xE0\xC1\x14\x41\x1F\x0A\xF7\xE7\xA3\xA6\xDA\x6B\xFF\xCD\x74\xE9\x95\x00\x38\xAA\xD6\x3A\x60\xC6\x64\xA1\xE6\x02\x39\x58\x4E\xFD\xF2\x78\x08\x63\xB6\xD7\x7A\x96\x79\x62\x18\x39\xEE\x27\x8D\x3B\xA2\x3D\x48\x88\xDB\x43\xD6\x6A\x77\x20\x6A\x27\x39\x50\xE0\x02\x50\x19\xF2\x7A\xCF\x78\x23\x99\x01\xD4\xE5\xB1\xD1\x31\xE6\x6B\x84\xAF\xD0\x77\x41\x46\x85\xB0\x3B\xE6\x6A\x00\x0F\x3B\x7E\x95\x7F\x59\xA8\x22\xE8\x49\x49\x05\xC8\xCB\x6C\xEE\x47\xA7\x2D\xC9\x74\x5B\xEB\x8C\xD5\x99\xC2\xE2\x70\xDB\xEA\x87\x43\x84\x0E\x4F\x83\x1C\xA6\xEB\x1F\x22\x38\x17\x69\x9B\x72\x12\x95\x48\x71\xB2\x7B\x92\x73\x52\xAB\xE3\x1A\xA5\xD3\xF4\x44\x14\xBA\xC3\x35\xDA\x91\x6C\x7D\xB4\xC2\x00\x07\xD8\x0A\x51\xF1\x0D\x4C\xD9\x7A\xD1\x99\xE6\xA8\x8D\x0A\x80\xA8\x91\xDD\x8A\xA2\x6B\xF6\xDB\xB0\x3E\xC9\x71\xA9\xE0\x39\xC3\xA3\x58\x0D\x87\xD0\xB2\xA7\x9C\xB7\x69\x02\x03\x01\x00\x01\xA3\x82\x01\x1A\x30\x82\x01\x16\x30\x09\x06\x03\x55\x1D\x13\x04\x02\x30\x00\x30\x0B\x06\x03\x55\x1D\x0F\x04\x04\x03\x02\x03\xA8\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x34\x91\x6E\x91\x32\xBF\x35\x25\x43\xCC\x28\x74\xEF\x82\xC2\x57\x92\x79\x13\x73\x30\x6D\x06\x03\x55\x1D\x23\x04\x66\x30\x64\x80\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\xA1\x49\xA4\x47\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x82\x01\x00\x30\x1E\x06\x03\x55\x1D\x11\x04\x17\x30\x15\x82\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x13\x06\x03\x55\x1D\x25\x04\x0C\x30\x0A\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x39\x06\x03\x55\x1D\x1F\x04\x32\x30\x30\x30\x2E\xA0\x2C\xA0\x2A\x86\x28\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x2F\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x63\x72\x6C\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x03\x82\x01\x01\x00\x6D\x78\xD7\x66\x90\xA6\xEB\xDD\xB5\x09\x48\xA4\xDA\x27\xFA\xAC\xB1\xBC\x8F\x8C\xBE\xCC\x8C\x09\xA2\x40\x0D\x6C\x4A\xAE\x72\x22\x1E\xC8\xAF\x6D\xF1\x12\xAF\xD7\x40\x51\x79\xD4\xDD\xB2\x0C\xDB\x97\x84\xB6\x24\xD5\xF5\xA8\xBB\xC0\x4B\xF9\x7F\x71\xF7\xB0\x65\x42\x4A\x7D\xFE\x76\x7E\x05\xD2\x46\xB8\x7D\xB3\x39\x4C\x5C\xB1\xFA\xB9\xEE\x3B\x70\x33\x39\x57\x1A\xB9\x95\x51\x33\x00\x25\x1B\x4C\xAA\xB4\xA7\x55\xAF\x63\x6D\x6F\x88\x17\x6A\x7F\xB0\x97\xDE\x49\x14\x6A\x27\x6A\xB0\x42\x80\xD6\xA6\x9B\xEF\x04\x5E\x11\x7D\xD5\x8E\x54\x20\xA2\x76\xD4\x66\x58\xAC\x9C\x12\xD3\xF5\xCA\x54\x98\xCA\x21\xEC\xC1\x55\xA1\x2F\x68\x0B\x5D\x04\x50\xD2\x5E\x70\x25\xD8\x13\xD9\x44\x51\x0E\x8A\x42\x08\x18\x84\xE6\x61\xCE\x5A\x7D\x7B\x81\x35\x90\xC3\xD4\x9D\x19\xB6\x37\xEE\x8F\x63\x5C\xDA\xD8\xF0\x64\x60\x39\xEB\x9B\x1C\x54\x66\x75\x76\xB5\x0A\x58\xB9\x3F\x91\xE1\x21\x9C\xA0\x50\x15\x97\xB6\x7E\x41\xBC\xD0\xC4\x21\x4C\xF5\xD7\xF0\x13\xF8\x77\xE9\x74\xC4\x8A\x0E\x20\x17\x32\xAE\x38\xC2\xA5\xA8\x62\x85\x17\xB1\xA2\xD3\x22\x9F\x95\xB7\xA3\x4C" +#define RESP1 \ + "\x30\x82\x06\x8C\x0A\x01\x00\xA0\x82\x06\x85\x30\x82\x06\x81\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\x72\x30\x82\x06\x6E\x30\x82\x01\x07\xA1\x69\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\x30\x64\x30\x62\x30\x3A\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\x13\x9D\xA0\x9E\xF4\x32\xAB\x8F\xE2\x89\x56\x67\xFA\xD0\xD4\xE3\x35\x86\x71\xB9\x04\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\x02\x01\x1D\x80\x00\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\xA0\x11\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x39\x32\x38\x5A\xA1\x23\x30\x21\x30\x1F\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x16\x89\x7D\x91\x3A\xB5\x25\xA4\x45\xFE\xC9\xFD\xC2\xE5\x08\xA4\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x4E\xAD\x6B\x2B\xF7\xF2\xBF\xA9\x23\x1E\x3A\x0B\x06\xDB\x55\x53\x2B\x64\x54\x11\x32\xBF\x60\xF7\x4F\xE0\x8E\x9B\xA0\xA2\x4C\x79\xC3\x2A\xE0\x43\xF7\x40\x1A\xDC\xB9\xB4\x25\xEF\x48\x01\x97\x8C\xF5\x1E\xDB\xD1\x30\x37\x73\x69\xD6\xA7\x7A\x2D\x8E\xDE\x5C\xAA\xEA\x39\xB9\x52\xAA\x25\x1E\x74\x7D\xF9\x78\x95\x8A\x92\x1F\x98\x21\xF4\x60\x7F\xD3\x28\xEE\x47\x9C\xBF\xE2\x5D\xF6\x3F\x68\x0A\xD6\xFF\x08\xC1\xDC\x95\x1E\x29\xD7\x3E\x85\xD5\x65\xA4\x4B\xC0\xAF\xC3\x78\xAB\x06\x98\x88\x19\x8A\x64\xA6\x83\x91\x87\x13\xDB\x17\xCC\x46\xBD\xAB\x4E\xC7\x16\xD1\xF8\x35\xFD\x27\xC8\xF6\x6B\xEB\x37\xB8\x08\x6F\xE2\x6F\xB4\x7E\xD5\x68\xDB\x7F\x5D\x5E\x36\x38\xF2\x77\x59\x13\xE7\x3E\x4D\x67\x5F\xDB\xA2\xF5\x5D\x7C\xBF\xBD\xB5\x37\x33\x51\x36\x63\xF8\x21\x1E\xFC\x73\x8F\x32\x69\xBB\x97\xA7\xBD\xF1\xB6\xE0\x40\x09\x68\xEA\xD5\x93\xB8\xBB\x39\x8D\xA8\x16\x1B\xBF\x04\x7A\xBC\x18\x43\x01\xE9\x3C\x19\x5C\x4D\x4B\x98\xD8\x23\x37\x39\xA4\xC4\xDD\xED\x9C\xEC\x37\xAB\x66\x44\x9B\xE7\x5B\x5D\x32\xA2\xDB\xA6\x0B\x3B\x8C\xE1\xF5\xDB\xCB\x7D\x58\xA0\x82\x04\x4B\x30\x82\x04\x47\x30\x82\x04\x43\x30\x82\x03\x2B\xA0\x03\x02\x01\x02\x02\x01\x1E\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x1E\x17\x0D\x30\x39\x31\x31\x32\x34\x31\x32\x35\x31\x35\x33\x5A\x17\x0D\x31\x34\x31\x31\x32\x33\x31\x32\x35\x31\x35\x33\x5A\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\xBC\x05\x3E\x4B\xBE\xC6\xB1\x33\x48\x0E\xC3\xD4\x0C\xEF\x83\x0B\xBD\xBC\x57\x5F\x14\xEF\xF5\x6D\x0B\xFF\xFA\x01\x9C\xFA\x21\x6D\x5C\xAE\x79\x29\x74\xFE\xBD\xAB\x70\x87\x98\x6B\x48\x35\x79\xE3\xE0\xC1\x14\x41\x1F\x0A\xF7\xE7\xA3\xA6\xDA\x6B\xFF\xCD\x74\xE9\x95\x00\x38\xAA\xD6\x3A\x60\xC6\x64\xA1\xE6\x02\x39\x58\x4E\xFD\xF2\x78\x08\x63\xB6\xD7\x7A\x96\x79\x62\x18\x39\xEE\x27\x8D\x3B\xA2\x3D\x48\x88\xDB\x43\xD6\x6A\x77\x20\x6A\x27\x39\x50\xE0\x02\x50\x19\xF2\x7A\xCF\x78\x23\x99\x01\xD4\xE5\xB1\xD1\x31\xE6\x6B\x84\xAF\xD0\x77\x41\x46\x85\xB0\x3B\xE6\x6A\x00\x0F\x3B\x7E\x95\x7F\x59\xA8\x22\xE8\x49\x49\x05\xC8\xCB\x6C\xEE\x47\xA7\x2D\xC9\x74\x5B\xEB\x8C\xD5\x99\xC2\xE2\x70\xDB\xEA\x87\x43\x84\x0E\x4F\x83\x1C\xA6\xEB\x1F\x22\x38\x17\x69\x9B\x72\x12\x95\x48\x71\xB2\x7B\x92\x73\x52\xAB\xE3\x1A\xA5\xD3\xF4\x44\x14\xBA\xC3\x35\xDA\x91\x6C\x7D\xB4\xC2\x00\x07\xD8\x0A\x51\xF1\x0D\x4C\xD9\x7A\xD1\x99\xE6\xA8\x8D\x0A\x80\xA8\x91\xDD\x8A\xA2\x6B\xF6\xDB\xB0\x3E\xC9\x71\xA9\xE0\x39\xC3\xA3\x58\x0D\x87\xD0\xB2\xA7\x9C\xB7\x69\x02\x03\x01\x00\x01\xA3\x82\x01\x1A\x30\x82\x01\x16\x30\x09\x06\x03\x55\x1D\x13\x04\x02\x30\x00\x30\x0B\x06\x03\x55\x1D\x0F\x04\x04\x03\x02\x03\xA8\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x34\x91\x6E\x91\x32\xBF\x35\x25\x43\xCC\x28\x74\xEF\x82\xC2\x57\x92\x79\x13\x73\x30\x6D\x06\x03\x55\x1D\x23\x04\x66\x30\x64\x80\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\xA1\x49\xA4\x47\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x82\x01\x00\x30\x1E\x06\x03\x55\x1D\x11\x04\x17\x30\x15\x82\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x13\x06\x03\x55\x1D\x25\x04\x0C\x30\x0A\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x39\x06\x03\x55\x1D\x1F\x04\x32\x30\x30\x30\x2E\xA0\x2C\xA0\x2A\x86\x28\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x2F\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x63\x72\x6C\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x03\x82\x01\x01\x00\x6D\x78\xD7\x66\x90\xA6\xEB\xDD\xB5\x09\x48\xA4\xDA\x27\xFA\xAC\xB1\xBC\x8F\x8C\xBE\xCC\x8C\x09\xA2\x40\x0D\x6C\x4A\xAE\x72\x22\x1E\xC8\xAF\x6D\xF1\x12\xAF\xD7\x40\x51\x79\xD4\xDD\xB2\x0C\xDB\x97\x84\xB6\x24\xD5\xF5\xA8\xBB\xC0\x4B\xF9\x7F\x71\xF7\xB0\x65\x42\x4A\x7D\xFE\x76\x7E\x05\xD2\x46\xB8\x7D\xB3\x39\x4C\x5C\xB1\xFA\xB9\xEE\x3B\x70\x33\x39\x57\x1A\xB9\x95\x51\x33\x00\x25\x1B\x4C\xAA\xB4\xA7\x55\xAF\x63\x6D\x6F\x88\x17\x6A\x7F\xB0\x97\xDE\x49\x14\x6A\x27\x6A\xB0\x42\x80\xD6\xA6\x9B\xEF\x04\x5E\x11\x7D\xD5\x8E\x54\x20\xA2\x76\xD4\x66\x58\xAC\x9C\x12\xD3\xF5\xCA\x54\x98\xCA\x21\xEC\xC1\x55\xA1\x2F\x68\x0B\x5D\x04\x50\xD2\x5E\x70\x25\xD8\x13\xD9\x44\x51\x0E\x8A\x42\x08\x18\x84\xE6\x61\xCE\x5A\x7D\x7B\x81\x35\x90\xC3\xD4\x9D\x19\xB6\x37\xEE\x8F\x63\x5C\xDA\xD8\xF0\x64\x60\x39\xEB\x9B\x1C\x54\x66\x75\x76\xB5\x0A\x58\xB9\x3F\x91\xE1\x21\x9C\xA0\x50\x15\x97\xB6\x7E\x41\xBC\xD0\xC4\x21\x4C\xF5\xD7\xF0\x13\xF8\x77\xE9\x74\xC4\x8A\x0E\x20\x17\x32\xAE\x38\xC2\xA5\xA8\x62\x85\x17\xB1\xA2\xD3\x22\x9F\x95\xB7\xA3\x4C" -static gnutls_datum_t ocsp_resp1 = - { (unsigned char *)RESP1, sizeof(RESP1) - 1 }; +static gnutls_datum_t ocsp_resp1 = { (unsigned char *)RESP1, + sizeof(RESP1) - 1 }; -# define RESP2 "\x30\x82\x06\x8C\x0A\x01\x00\xA0\x82\x06\x85\x30\x82\x06\x81\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\x72\x30\x82\x06\x6E\x30\x82\x01\x07\xA1\x69\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\x30\x64\x30\x62\x30\x3A\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\x13\x9D\xA0\x9E\xF4\x32\xAB\x8F\xE2\x89\x56\x67\xFA\xD0\xD4\xE3\x35\x86\x71\xB9\x04\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\x02\x01\x1D\x80\x00\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\xA0\x11\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x39\x32\x38\x5A\xA1\x23\x30\x21\x30\x1F\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x16\x89\x7D\x91\x3A\xB5\x25\xA4\x45\xFE\xC9\xFD\xC2\xE5\x08\xA4\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x4E\xAD\x6B\x2B\xF7\xF2\xBF\xA9\x23\x1E\x3A\x0B\x06\xDB\x55\x53\x2B\x64\x54\x11\x32\xBF\x60\xF7\x4F\xE0\x8E\x9B\xA0\xA2\x4C\x79\xC3\x2A\xE0\x43\xF7\x40\x1A\xDC\xB9\xB4\x25\xEF\x48\x01\x97\x8C\xF5\x1E\xDB\xD1\x30\x37\x73\x69\xD6\xA7\x7A\x2D\x8E\xDE\x5C\xAA\xEA\x39\xB9\x52\xAA\x25\x1E\x74\x7D\xF9\x78\x95\x8A\x92\x1F\x98\x21\xF4\x60\x7F\xD3\x28\xEE\x47\x9C\xBF\xE2\x5D\xF6\x3F\x68\x0A\xD6\xFF\x08\xC1\xDC\x95\x1E\x29\xD7\x3E\x85\xD5\x65\xA4\x4B\xC0\xAF\xC3\x78\xAB\x06\x98\x88\x19\x8A\x64\xA6\x83\x91\x87\x13\xDB\x17\xCC\x46\xBD\xAB\x4E\xC7\x16\xD1\xF8\x35\xFD\x27\xC8\xF6\x6B\xEB\x37\xB8\x08\x6F\xE2\x6F\xB4\x7E\xD5\x68\xDB\x7F\x5D\x5E\x36\x38\xF2\x77\x59\x13\xE7\x3E\x4D\x67\x5F\xDB\xA2\xF5\x5D\x7C\xBF\xBD\xB5\x37\x33\x51\x36\x63\xF8\x21\x1E\xFC\x73\x8F\x32\x69\xBB\x97\xA7\xBD\xF1\xB6\xE0\x40\x09\x68\xEA\xD5\x93\xB8\xBB\x39\x8D\xA8\x16\x1B\xBF\x04\x7A\xBC\x18\x43\x01\xE9\x3C\x19\x5C\x4D\x4B\x98\xD8\x23\x37\x39\xA4\xC4\xDD\xED\x9C\xEC\x37\xAB\x66\x44\x9B\xE7\x5B\x5D\x32\xA2\xDB\xA6\x0B\x3B\x8C\xE1\xF5\xDB\xCB\x7D\x58\xA0\x82\x04\x4B\x30\x82\x04\x47\x30\x82\x04\x43\x30\x82\x03\x2B\xA0\x03\x02\x01\x02\x02\x01\x1E\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x1E\x17\x0D\x30\x39\x31\x31\x32\x34\x31\x32\x35\x31\x35\x33\x5A\x17\x0D\x31\x34\x31\x31\x32\x33\x31\x32\x35\x31\x35\x33\x5A\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\xBC\x05\x3E\x4B\xBE\xC6\xB1\x33\x48\x0E\xC3\xD4\x0C\xEF\x83\x0B\xBD\xBC\x57\x5F\x14\xEF\xF5\x6D\x0B\xFF\xFA\x01\x9C\xFA\x21\x6D\x5C\xAE\x79\x29\x74\xFE\xBD\xAB\x70\x87\x98\x6B\x48\x35\x79\xE3\xE0\xC1\x14\x41\x1F\x0A\xF7\xE7\xA3\xA6\xDA\x6B\xFF\xCD\x74\xE9\x95\x00\x38\xAA\xD6\x3A\x60\xC6\x64\xA1\xE6\x02\x39\x58\x4E\xFD\xF2\x78\x08\x63\xB6\xD7\x7A\x96\x79\x62\x18\x39\xEE\x27\x8D\x3B\xA2\x3D\x48\x88\xDB\x43\xD6\x6A\x77\x20\x6A\x27\x39\x50\xE0\x02\x50\x19\xF2\x7A\xCF\x78\x23\x99\x01\xD4\xE5\xB1\xD1\x31\xE6\x6B\x84\xAF\xD0\x77\x41\x46\x85\xB0\x3B\xE6\x6A\x00\x0F\x3B\x7E\x95\x7F\x59\xA8\x22\xE8\x49\x49\x05\xC8\xCB\x6C\xEE\x47\xA7\x2D\xC9\x74\x5B\xEB\x8C\xD5\x99\xC2\xE2\x70\xDB\xEA\x87\x43\x84\x0E\x4F\x83\x1C\xA6\xEB\x1F\x22\x38\x17\x69\x9B\x72\x12\x95\x48\x71\xB2\x7B\x92\x73\x52\xAB\xE3\x1A\xA5\xD3\xF4\x44\x14\xBA\xC3\x35\xDA\x91\x6C\x7D\xB4\xC2\x00\x07\xD8\x0A\x51\xF1\x0D\x4C\xD9\x7A\xD1\x99\xE6\xA8\x8D\x0A\x80\xA8\x91\xDD\x8A\xA2\x6B\xF6\xDB\xB0\x3E\xC9\x71\xA9\xE0\x39\xC3\xA3\x58\x0D\x87\xD0\xB2\xA7\x9C\xB7\x69\x02\x03\x01\x00\x01\xA3\x82\x01\x1A\x30\x82\x01\x16\x30\x09\x06\x03\x55\x1D\x13\x04\x02\x30\x00\x30\x0B\x06\x03\x55\x1D\x0F\x04\x04\x03\x02\x03\xA8\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x34\x91\x6E\x91\x32\xBF\x35\x25\x43\xCC\x28\x74\xEF\x82\xC2\x57\x92\x79\x13\x73\x30\x6D\x06\x03\x55\x1D\x23\x04\x66\x30\x64\x80\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\xA1\x49\xA4\x47\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x82\x01\x00\x30\x1E\x06\x03\x55\x1D\x11\x04\x17\x30\x15\x82\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x13\x06\x03\x55\x1D\x25\x04\x0C\x30\x0A\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x39\x06\x03\x55\x1D\x1F\x04\x32\x30\x30\x30\x2E\xA0\x2C\xA0\x2A\x86\x28\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x2F\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x63\x72\x6C\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x03\x82\x01\x01\x00\x6D\x78\xD7\x66\x90\xA6\xEB\xDD\xB5\x09\x48\xA4\xDA\x27\xFA\xAC\xB1\xBC\x8F\x8C\xBE\xCC\x8C\x09\xA2\x40\x0D\x6C\x4A\xAE\x72\x22\x1E\xC8\xAF\x6D\xF1\x12\xAF\xD7\x40\x51\x79\xD4\xDD\xB2\x0C\xDB\x97\x84\xB6\x24\xD5\xF5\xA8\xBB\xC0\x4B\xF9\x7F\x71\xF7\xB0\x65\x42\x4A\x7D\xFE\x76\x7E\x05\xD2\x46\xB8\x7D\xB3\x39\x4C\x5C\xB1\xFA\xB9\xEE\x3B\x70\x33\x39\x57\x1A\xB9\x95\x51\x33\x00\x25\x1B\x4C\xAA\xB4\xA7\x55\xAF\x63\x6D\x6F\x88\x17\x6A\x7F\xB0\x97\xDE\x49\x14\x6A\x27\x6A\xB0\x42\x80\xD6\xA6\x9B\xEF\x04\x5E\x11\x7D\xD5\x8E\x54\x20\xA2\x76\xD4\x66\x58\xAC\x9C\x12\xD3\xF5\xCA\x54\x98\xCA\x21\xEC\xC1\x55\xA1\x2F\x68\x0B\x5D\x04\x50\xD2\x5E\x70\x25\xD8\x13\xD9\x44\x51\x0E\x8A\x42\x08\x18\x84\xE6\x61\xCE\x5A\x7D\x7B\x81\x35\x90\xC3\xD4\x9D\x19\xB6\x37\xEE\x8F\x63\x5C\xDA\xD8\xF0\x64\x60\x39\xEB\x9B\x1C\x54\x66\x75\x76\xB5\x0A\x58\xB9\x3F\x91\xE1\x21\x9C\xA0\x50\x15\x97\xB6\x7E\x41\xBC\xD0\xC4\x21\x4C\xF5\xD7\xF0\x13\xF8\x77\xE9\x74\xC4\x8A\x0E\x20\x17\x32\xAE\x38\xC2\xA5\xA8\x62\x85\x17\xB1\xA2\xD3\x22\x9F\x95\xB7\xA3\x4C" +#define RESP2 \ + "\x30\x82\x06\x8C\x0A\x01\x00\xA0\x82\x06\x85\x30\x82\x06\x81\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\x72\x30\x82\x06\x6E\x30\x82\x01\x07\xA1\x69\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\x30\x64\x30\x62\x30\x3A\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\x13\x9D\xA0\x9E\xF4\x32\xAB\x8F\xE2\x89\x56\x67\xFA\xD0\xD4\xE3\x35\x86\x71\xB9\x04\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\x02\x01\x1D\x80\x00\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\xA0\x11\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x39\x32\x38\x5A\xA1\x23\x30\x21\x30\x1F\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x16\x89\x7D\x91\x3A\xB5\x25\xA4\x45\xFE\xC9\xFD\xC2\xE5\x08\xA4\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x4E\xAD\x6B\x2B\xF7\xF2\xBF\xA9\x23\x1E\x3A\x0B\x06\xDB\x55\x53\x2B\x64\x54\x11\x32\xBF\x60\xF7\x4F\xE0\x8E\x9B\xA0\xA2\x4C\x79\xC3\x2A\xE0\x43\xF7\x40\x1A\xDC\xB9\xB4\x25\xEF\x48\x01\x97\x8C\xF5\x1E\xDB\xD1\x30\x37\x73\x69\xD6\xA7\x7A\x2D\x8E\xDE\x5C\xAA\xEA\x39\xB9\x52\xAA\x25\x1E\x74\x7D\xF9\x78\x95\x8A\x92\x1F\x98\x21\xF4\x60\x7F\xD3\x28\xEE\x47\x9C\xBF\xE2\x5D\xF6\x3F\x68\x0A\xD6\xFF\x08\xC1\xDC\x95\x1E\x29\xD7\x3E\x85\xD5\x65\xA4\x4B\xC0\xAF\xC3\x78\xAB\x06\x98\x88\x19\x8A\x64\xA6\x83\x91\x87\x13\xDB\x17\xCC\x46\xBD\xAB\x4E\xC7\x16\xD1\xF8\x35\xFD\x27\xC8\xF6\x6B\xEB\x37\xB8\x08\x6F\xE2\x6F\xB4\x7E\xD5\x68\xDB\x7F\x5D\x5E\x36\x38\xF2\x77\x59\x13\xE7\x3E\x4D\x67\x5F\xDB\xA2\xF5\x5D\x7C\xBF\xBD\xB5\x37\x33\x51\x36\x63\xF8\x21\x1E\xFC\x73\x8F\x32\x69\xBB\x97\xA7\xBD\xF1\xB6\xE0\x40\x09\x68\xEA\xD5\x93\xB8\xBB\x39\x8D\xA8\x16\x1B\xBF\x04\x7A\xBC\x18\x43\x01\xE9\x3C\x19\x5C\x4D\x4B\x98\xD8\x23\x37\x39\xA4\xC4\xDD\xED\x9C\xEC\x37\xAB\x66\x44\x9B\xE7\x5B\x5D\x32\xA2\xDB\xA6\x0B\x3B\x8C\xE1\xF5\xDB\xCB\x7D\x58\xA0\x82\x04\x4B\x30\x82\x04\x47\x30\x82\x04\x43\x30\x82\x03\x2B\xA0\x03\x02\x01\x02\x02\x01\x1E\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x1E\x17\x0D\x30\x39\x31\x31\x32\x34\x31\x32\x35\x31\x35\x33\x5A\x17\x0D\x31\x34\x31\x31\x32\x33\x31\x32\x35\x31\x35\x33\x5A\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\xBC\x05\x3E\x4B\xBE\xC6\xB1\x33\x48\x0E\xC3\xD4\x0C\xEF\x83\x0B\xBD\xBC\x57\x5F\x14\xEF\xF5\x6D\x0B\xFF\xFA\x01\x9C\xFA\x21\x6D\x5C\xAE\x79\x29\x74\xFE\xBD\xAB\x70\x87\x98\x6B\x48\x35\x79\xE3\xE0\xC1\x14\x41\x1F\x0A\xF7\xE7\xA3\xA6\xDA\x6B\xFF\xCD\x74\xE9\x95\x00\x38\xAA\xD6\x3A\x60\xC6\x64\xA1\xE6\x02\x39\x58\x4E\xFD\xF2\x78\x08\x63\xB6\xD7\x7A\x96\x79\x62\x18\x39\xEE\x27\x8D\x3B\xA2\x3D\x48\x88\xDB\x43\xD6\x6A\x77\x20\x6A\x27\x39\x50\xE0\x02\x50\x19\xF2\x7A\xCF\x78\x23\x99\x01\xD4\xE5\xB1\xD1\x31\xE6\x6B\x84\xAF\xD0\x77\x41\x46\x85\xB0\x3B\xE6\x6A\x00\x0F\x3B\x7E\x95\x7F\x59\xA8\x22\xE8\x49\x49\x05\xC8\xCB\x6C\xEE\x47\xA7\x2D\xC9\x74\x5B\xEB\x8C\xD5\x99\xC2\xE2\x70\xDB\xEA\x87\x43\x84\x0E\x4F\x83\x1C\xA6\xEB\x1F\x22\x38\x17\x69\x9B\x72\x12\x95\x48\x71\xB2\x7B\x92\x73\x52\xAB\xE3\x1A\xA5\xD3\xF4\x44\x14\xBA\xC3\x35\xDA\x91\x6C\x7D\xB4\xC2\x00\x07\xD8\x0A\x51\xF1\x0D\x4C\xD9\x7A\xD1\x99\xE6\xA8\x8D\x0A\x80\xA8\x91\xDD\x8A\xA2\x6B\xF6\xDB\xB0\x3E\xC9\x71\xA9\xE0\x39\xC3\xA3\x58\x0D\x87\xD0\xB2\xA7\x9C\xB7\x69\x02\x03\x01\x00\x01\xA3\x82\x01\x1A\x30\x82\x01\x16\x30\x09\x06\x03\x55\x1D\x13\x04\x02\x30\x00\x30\x0B\x06\x03\x55\x1D\x0F\x04\x04\x03\x02\x03\xA8\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x34\x91\x6E\x91\x32\xBF\x35\x25\x43\xCC\x28\x74\xEF\x82\xC2\x57\x92\x79\x13\x73\x30\x6D\x06\x03\x55\x1D\x23\x04\x66\x30\x64\x80\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\xA1\x49\xA4\x47\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x82\x01\x00\x30\x1E\x06\x03\x55\x1D\x11\x04\x17\x30\x15\x82\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x13\x06\x03\x55\x1D\x25\x04\x0C\x30\x0A\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x39\x06\x03\x55\x1D\x1F\x04\x32\x30\x30\x30\x2E\xA0\x2C\xA0\x2A\x86\x28\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x2F\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x63\x72\x6C\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x03\x82\x01\x01\x00\x6D\x78\xD7\x66\x90\xA6\xEB\xDD\xB5\x09\x48\xA4\xDA\x27\xFA\xAC\xB1\xBC\x8F\x8C\xBE\xCC\x8C\x09\xA2\x40\x0D\x6C\x4A\xAE\x72\x22\x1E\xC8\xAF\x6D\xF1\x12\xAF\xD7\x40\x51\x79\xD4\xDD\xB2\x0C\xDB\x97\x84\xB6\x24\xD5\xF5\xA8\xBB\xC0\x4B\xF9\x7F\x71\xF7\xB0\x65\x42\x4A\x7D\xFE\x76\x7E\x05\xD2\x46\xB8\x7D\xB3\x39\x4C\x5C\xB1\xFA\xB9\xEE\x3B\x70\x33\x39\x57\x1A\xB9\x95\x51\x33\x00\x25\x1B\x4C\xAA\xB4\xA7\x55\xAF\x63\x6D\x6F\x88\x17\x6A\x7F\xB0\x97\xDE\x49\x14\x6A\x27\x6A\xB0\x42\x80\xD6\xA6\x9B\xEF\x04\x5E\x11\x7D\xD5\x8E\x54\x20\xA2\x76\xD4\x66\x58\xAC\x9C\x12\xD3\xF5\xCA\x54\x98\xCA\x21\xEC\xC1\x55\xA1\x2F\x68\x0B\x5D\x04\x50\xD2\x5E\x70\x25\xD8\x13\xD9\x44\x51\x0E\x8A\x42\x08\x18\x84\xE6\x61\xCE\x5A\x7D\x7B\x81\x35\x90\xC3\xD4\x9D\x19\xB6\x37\xEE\x8F\x63\x5C\xDA\xD8\xF0\x64\x60\x39\xEB\x9B\x1C\x54\x66\x75\x76\xB5\x0A\x58\xB9\x3F\x91\xE1\x21\x9C\xA0\x50\x15\x97\xB6\x7E\x41\xBC\xD0\xC4\x21\x4C\xF5\xD7\xF0\x13\xF8\x77\xE9\x74\xC4\x8A\x0E\x20\x17\x32\xAE\x38\xC2\xA5\xA8\x62\x85\x17\xB1\xA2\xD3\x22\x9F\x95\xB7\xA3\x4C" -static gnutls_datum_t ocsp_resp2 = - { (unsigned char *)RESP2, sizeof(RESP2) - 1 }; +static gnutls_datum_t ocsp_resp2 = { (unsigned char *)RESP2, + sizeof(RESP2) - 1 }; -# define RESP3 "\x30\x82\x01\xd3\x0a\x01\x00\xa0\x82\x01\xcc\x30\x82\x01\xc8\x06\x09\x2b\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x01\xb9\x30\x82\x01\xb5\x30\x81\x9e\xa2\x16\x04\x14\x50\xea\x73\x89\xdb\x29\xfb\x10\x8f\x9e\xe5\x01\x20\xd4\xde\x79\x99\x48\x83\xf7\x18\x0f\x32\x30\x31\x34\x30\x39\x30\x34\x30\x35\x34\x39\x30\x30\x5a\x30\x73\x30\x71\x30\x49\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\xed\x48\xad\xdd\xcb\x7b\x00\xe2\x0e\x84\x2a\xa9\xb4\x09\xf1\xac\x30\x34\xcf\x96\x04\x14\x50\xea\x73\x89\xdb\x29\xfb\x10\x8f\x9e\xe5\x01\x20\xd4\xde\x79\x99\x48\x83\xf7\x02\x10\x02\x01\x48\x91\x5d\xfd\x5e\xb6\xe0\x02\x90\xa9\x67\xb0\xe4\x64\x80\x00\x18\x0f\x32\x30\x31\x34\x30\x39\x30\x34\x30\x35\x34\x39\x30\x30\x5a\xa0\x11\x18\x0f\x32\x30\x31\x34\x30\x39\x31\x31\x30\x36\x30\x34\x30\x30\x5a\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x6e\x5e\x5e\x81\xff\x3f\x4d\xc7\x53\xc7\x1b\xf3\xd3\x1d\xdc\x9a\xc7\xce\x77\x2c\x67\x56\x13\x98\x91\x02\x01\x76\xdc\x48\xb2\x1f\x9b\x17\xea\xbf\x2c\x0a\xf5\x1d\x98\x90\x3c\x5f\x55\xc2\xff\x4b\x9a\xbc\xa6\x83\x9e\xab\x2b\xeb\x9d\x01\xea\x3b\x5f\xbe\x03\x29\x70\x63\x2a\xa4\x1d\xa8\xab\x69\xb2\x64\xba\x5d\x73\x91\x5c\x92\xf3\x69\xd4\xc9\x39\x9c\x7c\x7d\xa2\x47\x92\xc2\x56\xfe\xa1\x0d\x4a\x69\xff\xda\x48\xc5\x5e\xd8\xab\x39\x88\x6a\x06\xfa\x07\x57\xd6\x48\xb5\xce\xc9\x5f\xa5\x96\xfe\x37\x18\x5e\x7f\x35\x51\xc1\x9e\x79\x5a\x26\xba\x67\x67\x38\x2a\x80\x75\x42\x99\x68\x3e\xec\x2f\x7e\x2d\xa1\xa6\xbe\x9f\x01\x51\x22\x88\x3a\xc9\x9c\xed\x51\xef\x21\x66\x7e\xa9\xd0\x3f\x13\x9c\xbb\xd2\x94\x14\x6f\x4b\xd9\xc4\xf5\x2c\xf5\x7d\x07\x68\xf3\x51\xac\xda\xc2\x09\x66\xa9\x3d\xed\xad\x02\x4d\x9c\x11\x29\x1a\x54\xfb\x1e\x7e\x36\xf4\xbb\x0d\x08\x8c\x6a\x42\x08\x10\x29\x08\x7c\x56\x0b\x18\x47\xff\x87\x11\xfd\xb2\xfb\xc9\x22\x7f\xe3\x1f\x7b\xf9\x98\xaa\x3a\x32\xb6\x2f\x02\xba\xb6\xc1\xdc\xc3\x5d\xb5\x4b\xae\x5d\x29\x6a\x31\xde\xcd" -static gnutls_datum_t ocsp_resp3 = - { (unsigned char *)RESP3, sizeof(RESP3) - 1 }; +#define RESP3 \ + "\x30\x82\x01\xd3\x0a\x01\x00\xa0\x82\x01\xcc\x30\x82\x01\xc8\x06\x09\x2b\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x01\xb9\x30\x82\x01\xb5\x30\x81\x9e\xa2\x16\x04\x14\x50\xea\x73\x89\xdb\x29\xfb\x10\x8f\x9e\xe5\x01\x20\xd4\xde\x79\x99\x48\x83\xf7\x18\x0f\x32\x30\x31\x34\x30\x39\x30\x34\x30\x35\x34\x39\x30\x30\x5a\x30\x73\x30\x71\x30\x49\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\xed\x48\xad\xdd\xcb\x7b\x00\xe2\x0e\x84\x2a\xa9\xb4\x09\xf1\xac\x30\x34\xcf\x96\x04\x14\x50\xea\x73\x89\xdb\x29\xfb\x10\x8f\x9e\xe5\x01\x20\xd4\xde\x79\x99\x48\x83\xf7\x02\x10\x02\x01\x48\x91\x5d\xfd\x5e\xb6\xe0\x02\x90\xa9\x67\xb0\xe4\x64\x80\x00\x18\x0f\x32\x30\x31\x34\x30\x39\x30\x34\x30\x35\x34\x39\x30\x30\x5a\xa0\x11\x18\x0f\x32\x30\x31\x34\x30\x39\x31\x31\x30\x36\x30\x34\x30\x30\x5a\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x6e\x5e\x5e\x81\xff\x3f\x4d\xc7\x53\xc7\x1b\xf3\xd3\x1d\xdc\x9a\xc7\xce\x77\x2c\x67\x56\x13\x98\x91\x02\x01\x76\xdc\x48\xb2\x1f\x9b\x17\xea\xbf\x2c\x0a\xf5\x1d\x98\x90\x3c\x5f\x55\xc2\xff\x4b\x9a\xbc\xa6\x83\x9e\xab\x2b\xeb\x9d\x01\xea\x3b\x5f\xbe\x03\x29\x70\x63\x2a\xa4\x1d\xa8\xab\x69\xb2\x64\xba\x5d\x73\x91\x5c\x92\xf3\x69\xd4\xc9\x39\x9c\x7c\x7d\xa2\x47\x92\xc2\x56\xfe\xa1\x0d\x4a\x69\xff\xda\x48\xc5\x5e\xd8\xab\x39\x88\x6a\x06\xfa\x07\x57\xd6\x48\xb5\xce\xc9\x5f\xa5\x96\xfe\x37\x18\x5e\x7f\x35\x51\xc1\x9e\x79\x5a\x26\xba\x67\x67\x38\x2a\x80\x75\x42\x99\x68\x3e\xec\x2f\x7e\x2d\xa1\xa6\xbe\x9f\x01\x51\x22\x88\x3a\xc9\x9c\xed\x51\xef\x21\x66\x7e\xa9\xd0\x3f\x13\x9c\xbb\xd2\x94\x14\x6f\x4b\xd9\xc4\xf5\x2c\xf5\x7d\x07\x68\xf3\x51\xac\xda\xc2\x09\x66\xa9\x3d\xed\xad\x02\x4d\x9c\x11\x29\x1a\x54\xfb\x1e\x7e\x36\xf4\xbb\x0d\x08\x8c\x6a\x42\x08\x10\x29\x08\x7c\x56\x0b\x18\x47\xff\x87\x11\xfd\xb2\xfb\xc9\x22\x7f\xe3\x1f\x7b\xf9\x98\xaa\x3a\x32\xb6\x2f\x02\xba\xb6\xc1\xdc\xc3\x5d\xb5\x4b\xae\x5d\x29\x6a\x31\xde\xcd" +static gnutls_datum_t ocsp_resp3 = { (unsigned char *)RESP3, + sizeof(RESP3) - 1 }; static void check_response(gnutls_session_t session, void *priv) { @@ -79,14 +82,14 @@ static void check_response(gnutls_session_t session, void *priv) fail("not expected response, but received one\n"); } - if (resp.size != exp_resp->size - || memcmp(resp.data, exp_resp->data, resp.size) != 0) { + if (resp.size != exp_resp->size || + memcmp(resp.data, exp_resp->data, resp.size) != 0) { fail("did not receive the expected response\n"); } } static int ocsp_func(gnutls_session_t session, void *ptr, - gnutls_datum_t * ocsp_response) + gnutls_datum_t *ocsp_response) { gnutls_datum_t *c = ptr; ocsp_response->data = gnutls_malloc(c->size); @@ -115,7 +118,7 @@ void doit(void) char certname2[TMPNAME_SIZE]; char certname3[TMPNAME_SIZE]; FILE *fp; - unsigned index1, index2, index3; /* indexes of certs */ + unsigned index1, index2, index3; /* indexes of certs */ global_init(); gnutls_global_set_time_function(mytime); @@ -135,17 +138,14 @@ void doit(void) fp = fopen(certfile1, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (server_localhost_ca3_cert_chain_pem, 1, - strlen(server_localhost_ca3_cert_chain_pem), fp) > 0); - assert(fwrite - (server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), - fp) > 0); + assert(fwrite(server_localhost_ca3_cert_chain_pem, 1, + strlen(server_localhost_ca3_cert_chain_pem), fp) > 0); + assert(fwrite(server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), + fp) > 0); fclose(fp); - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile1, certfile1, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile1, certfile1, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); index1 = ret; @@ -156,17 +156,14 @@ void doit(void) fp = fopen(certfile2, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (server_localhost6_ca3_cert_chain_pem, 1, - strlen(server_localhost6_ca3_cert_chain_pem), fp) > 0); - assert(fwrite - (server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), - fp) > 0); + assert(fwrite(server_localhost6_ca3_cert_chain_pem, 1, + strlen(server_localhost6_ca3_cert_chain_pem), fp) > 0); + assert(fwrite(server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), + fp) > 0); fclose(fp); - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile2, certfile2, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile2, certfile2, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); index2 = ret; @@ -174,12 +171,10 @@ void doit(void) fp = fopen(certfile2, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (server_localhost6_ca3_cert_chain_pem, 1, - strlen(server_localhost6_ca3_cert_chain_pem), fp) > 0); - assert(fwrite - (server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), - fp) > 0); + assert(fwrite(server_localhost6_ca3_cert_chain_pem, 1, + strlen(server_localhost6_ca3_cert_chain_pem), fp) > 0); + assert(fwrite(server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), + fp) > 0); fclose(fp); /* set ECC cert */ @@ -192,9 +187,8 @@ void doit(void) assert(fwrite(ecc_key, 1, strlen(ecc_key), fp) > 0); fclose(fp); - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile3, certfile3, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile3, certfile3, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); index3 = ret; @@ -202,42 +196,34 @@ void doit(void) fp = fopen(certfile3, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (server_localhost6_ca3_cert_chain_pem, 1, - strlen(server_localhost6_ca3_cert_chain_pem), fp) > 0); - assert(fwrite - (server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), - fp) > 0); + assert(fwrite(server_localhost6_ca3_cert_chain_pem, 1, + strlen(server_localhost6_ca3_cert_chain_pem), fp) > 0); + assert(fwrite(server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), + fp) > 0); fclose(fp); /* set OCSP response1 */ - ret = - gnutls_certificate_set_ocsp_status_request_function2(xcred, index1, - ocsp_func, - &ocsp_resp1); + ret = gnutls_certificate_set_ocsp_status_request_function2( + xcred, index1, ocsp_func, &ocsp_resp1); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); /* set OCSP response2 */ - ret = - gnutls_certificate_set_ocsp_status_request_function2(xcred, index2, - ocsp_func, - &ocsp_resp2); + ret = gnutls_certificate_set_ocsp_status_request_function2( + xcred, index2, ocsp_func, &ocsp_resp2); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); /* set OCSP response3 */ - ret = - gnutls_certificate_set_ocsp_status_request_function2(xcred, index3, - ocsp_func, - &ocsp_resp3); + ret = gnutls_certificate_set_ocsp_status_request_function2( + xcred, index3, ocsp_func, &ocsp_resp3); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); /* set an OCSP response outside the bounds */ - assert(gnutls_certificate_set_ocsp_status_request_function2 - (xcred, 34, ocsp_func, - NULL) == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE); + assert(gnutls_certificate_set_ocsp_status_request_function2( + xcred, 34, ocsp_func, NULL) == + GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE); /* make sure that our invalid OCSP responses are not considered in verification */ @@ -247,9 +233,8 @@ void doit(void) GNUTLS_VERIFY_DISABLE_CRL_CHECKS) fail("error in gnutls_certificate_set_verify_flags\n"); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in setting trust cert: %s\n", gnutls_strerror(ret)); } @@ -263,9 +248,10 @@ void doit(void) "NORMAL:-ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.2", "localhost6", &ocsp_resp2, check_response, NULL); success("TLS1.2 + resp3\n"); - test_cli_serv(xcred, clicred, - "NORMAL:-ECDHE-RSA:-RSA:-DHE-RSA:-VERS-TLS-ALL:+VERS-TLS1.2", - NULL, &ocsp_resp3, check_response, NULL); + test_cli_serv( + xcred, clicred, + "NORMAL:-ECDHE-RSA:-RSA:-DHE-RSA:-VERS-TLS-ALL:+VERS-TLS1.2", + NULL, &ocsp_resp3, check_response, NULL); success("TLS1.3 + resp1\n"); test_cli_serv(xcred, clicred, @@ -276,9 +262,10 @@ void doit(void) "NORMAL:-ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.3", "localhost6", &ocsp_resp2, check_response, NULL); success("TLS1.3 + resp3\n"); - test_cli_serv(xcred, clicred, - "NORMAL:-SIGN-ALL:+SIGN-ECDSA-SECP256R1-SHA256:-ECDHE-RSA:-RSA:-DHE-RSA:-VERS-TLS-ALL:+VERS-TLS1.3", - NULL, &ocsp_resp3, check_response, NULL); + test_cli_serv( + xcred, clicred, + "NORMAL:-SIGN-ALL:+SIGN-ECDSA-SECP256R1-SHA256:-ECDHE-RSA:-RSA:-DHE-RSA:-VERS-TLS-ALL:+VERS-TLS1.3", + NULL, &ocsp_resp3, check_response, NULL); gnutls_certificate_free_credentials(xcred); gnutls_certificate_free_credentials(clicred); diff --git a/tests/set_x509_key_mem.c b/tests/set_x509_key_mem.c index c63da9f48f..154f7a1269 100644 --- a/tests/set_x509_key_mem.c +++ b/tests/set_x509_key_mem.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,10 +30,10 @@ #include #include #if !defined(_WIN32) -# include -# include -# include -# include +#include +#include +#include +#include #endif #include #include @@ -69,15 +69,13 @@ void doit(void) assert(gnutls_certificate_allocate_credentials(&clicred) >= 0); gnutls_certificate_allocate_credentials(&x509_cred); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); - ret = gnutls_certificate_set_x509_key_mem(x509_cred, &cli_cert, - &server_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + x509_cred, &cli_cert, &server_key, GNUTLS_X509_FMT_PEM); if (ret != GNUTLS_E_CERTIFICATE_KEY_MISMATCH) { fail("error in error code\n"); exit(1); @@ -90,21 +88,17 @@ void doit(void) gnutls_certificate_set_flags(x509_cred, GNUTLS_CERTIFICATE_SKIP_KEY_CERT_MATCH); - ret = - gnutls_certificate_set_x509_key_mem(x509_cred, - &server_ca3_localhost6_cert_chain, - &server_ca3_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + x509_cred, &server_ca3_localhost6_cert_chain, &server_ca3_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in error code\n"); exit(1); } - ret = - gnutls_certificate_set_x509_key_mem(x509_cred, - &server_ca3_localhost_cert_chain, - &server_ca3_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + x509_cred, &server_ca3_localhost_cert_chain, &server_ca3_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in error code\n"); exit(1); diff --git a/tests/set_x509_key_utf8.c b/tests/set_x509_key_utf8.c index c93f61eaa8..660a3f0d88 100644 --- a/tests/set_x509_key_utf8.c +++ b/tests/set_x509_key_utf8.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,10 +30,10 @@ #include #include #if !defined(_WIN32) -# include -# include -# include -# include +#include +#include +#include +#include #endif #include #include @@ -44,7 +44,7 @@ #include "cert-common.h" #include "utils.h" -#define MIN(x,y) (((x)<(y))?(x):(y)) +#define MIN(x, y) (((x) < (y)) ? (x) : (y)) /* Test for gnutls_certificate_set_x509_key() * @@ -55,7 +55,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "<%d>| %s", level, str); } -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1473674242; if (t) @@ -64,7 +64,7 @@ static time_t mytime(time_t * t) return then; } -static void compare(const gnutls_datum_t * der, const void *ipem) +static void compare(const gnutls_datum_t *der, const void *ipem) { gnutls_datum_t pem = { (void *)ipem, strlen((char *)ipem) }; gnutls_datum_t new_der; @@ -75,8 +75,8 @@ static void compare(const gnutls_datum_t * der, const void *ipem) fail("error: %s\n", gnutls_strerror(ret)); } - if (der->size != new_der.size - || memcmp(der->data, new_der.data, der->size) != 0) { + if (der->size != new_der.size || + memcmp(der->data, new_der.data, der->size) != 0) { fail("error in %d: %s\n", __LINE__, "cert don't match"); exit(1); } @@ -85,7 +85,7 @@ static void compare(const gnutls_datum_t * der, const void *ipem) } static int import_key(gnutls_certificate_credentials_t xcred, - const gnutls_datum_t * skey, const gnutls_datum_t * cert) + const gnutls_datum_t *skey, const gnutls_datum_t *cert) { gnutls_x509_privkey_t key; gnutls_x509_crt_t *crt_list; @@ -95,9 +95,8 @@ static int import_key(gnutls_certificate_credentials_t xcred, assert(gnutls_x509_privkey_init(&key) >= 0); - ret = - gnutls_x509_crt_list_import2(&crt_list, &crt_list_size, cert, - GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_x509_crt_list_import2(&crt_list, &crt_list_size, cert, + GNUTLS_X509_FMT_PEM, 0); if (ret < 0) { fail("error in gnutls_x509_crt_list_import2: %s\n", gnutls_strerror(ret)); @@ -108,8 +107,8 @@ static int import_key(gnutls_certificate_credentials_t xcred, fail("error in key import: %s\n", gnutls_strerror(ret)); } - ret = gnutls_certificate_set_x509_key(xcred, crt_list, - crt_list_size, key); + ret = gnutls_certificate_set_x509_key(xcred, crt_list, crt_list_size, + key); if (ret < 0) { success("error in gnutls_certificate_set_x509_key: %s\n", gnutls_strerror(ret)); @@ -132,7 +131,7 @@ static int import_key(gnutls_certificate_credentials_t xcred, compare(&tcert, cert->data + i); } - cleanup: +cleanup: gnutls_x509_privkey_deinit(key); for (i = 0; i < crt_list_size; i++) { gnutls_x509_crt_deinit(crt_list[i]); @@ -168,27 +167,28 @@ void doit(void) gnutls_certificate_set_flags(x509_cred, GNUTLS_CERTIFICATE_API_V2); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); - idx = - import_key(x509_cred, &server_ca3_key, - &server_ca3_localhost_cert_chain); + idx = import_key(x509_cred, &server_ca3_key, + &server_ca3_localhost_cert_chain); assert(idx == 0); - idx = - import_key(x509_cred, &server_ca3_key, - &server_ca3_localhost_utf8_cert); + idx = import_key(x509_cred, &server_ca3_key, + &server_ca3_localhost_utf8_cert); assert(idx == 1); test_cli_serv(x509_cred, clicred, "NORMAL", "localhost", NULL, NULL, NULL); - test_cli_serv(x509_cred, clicred, "NORMAL", "www.xn--kxawhku.com", NULL, NULL, NULL); /* the previous name in IDNA format */ - test_cli_serv(x509_cred, clicred, "NORMAL", "简体中文.εξτρα.com", NULL, NULL, NULL); /* the second DNS name of cert */ - test_cli_serv(x509_cred, clicred, "NORMAL", "xn--fiqu1az03c18t.xn--mxah1amo.com", NULL, NULL, NULL); /* its IDNA equivalent */ + test_cli_serv(x509_cred, clicred, "NORMAL", "www.xn--kxawhku.com", NULL, + NULL, NULL); /* the previous name in IDNA format */ + test_cli_serv(x509_cred, clicred, "NORMAL", "简体中文.εξτρα.com", NULL, + NULL, NULL); /* the second DNS name of cert */ + test_cli_serv(x509_cred, clicred, "NORMAL", + "xn--fiqu1az03c18t.xn--mxah1amo.com", NULL, NULL, + NULL); /* its IDNA equivalent */ test_cli_serv_expect(x509_cred, clicred, "NORMAL", "NORMAL", "raw:简体中文.εξτρα.com", diff --git a/tests/set_x509_ocsp_multi_cli.c b/tests/set_x509_ocsp_multi_cli.c index a99ffb991e..7dda1cf21e 100644 --- a/tests/set_x509_ocsp_multi_cli.c +++ b/tests/set_x509_ocsp_multi_cli.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -31,14 +31,14 @@ #ifdef ENABLE_OCSP -# include "cert-common.h" -# include "ocsp-common.h" -# include "utils.h" +#include "cert-common.h" +#include "ocsp-common.h" +#include "utils.h" /* Tests whether setting an OCSP response to a client * is working as expected */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = OCSP_RESP_DATE; if (t) @@ -74,8 +74,8 @@ static void check_serv(gnutls_session_t session, void *priv) fail("not expected response, but received one\n"); } - if (resp.size != exp_resp->size - || memcmp(resp.data, exp_resp->data, resp.size) != 0) { + if (resp.size != exp_resp->size || + memcmp(resp.data, exp_resp->data, resp.size) != 0) { fail("did not receive the expected response\n"); } @@ -86,9 +86,9 @@ static void check_serv(gnutls_session_t session, void *priv) fail("no intermediate response was received\n"); } - if (resp.size != ocsp_subca3_unknown.size - || memcmp(resp.data, ocsp_subca3_unknown.data, - resp.size) != 0) { + if (resp.size != ocsp_subca3_unknown.size || + memcmp(resp.data, ocsp_subca3_unknown.data, resp.size) != + 0) { fail("did not receive the expected intermediate response\n"); } } @@ -97,9 +97,8 @@ static void check_serv(gnutls_session_t session, void *priv) if (ret != 0) fail("error in verification (%s)\n", gnutls_strerror(ret)); - ret = - gnutls_ocsp_status_request_is_checked(session, - GNUTLS_OCSP_SR_IS_AVAIL); + ret = gnutls_ocsp_status_request_is_checked(session, + GNUTLS_OCSP_SR_IS_AVAIL); if (ret == 0) { fail("did not receive the expected value (%d)\n", ret); } @@ -145,23 +144,19 @@ void doit(void) fp = fopen(certfile1, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (server_localhost_ca3_cert_chain_pem, 1, - strlen(server_localhost_ca3_cert_chain_pem), fp) > 0); - assert(fwrite - (server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), - fp) > 0); + assert(fwrite(server_localhost_ca3_cert_chain_pem, 1, + strlen(server_localhost_ca3_cert_chain_pem), fp) > 0); + assert(fwrite(server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), + fp) > 0); fclose(fp); - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile1, certfile1, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile1, certfile1, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); - ret = - gnutls_certificate_set_x509_key_file2(clicred, certfile1, certfile1, - GNUTLS_X509_FMT_PEM, NULL, 0); + ret = gnutls_certificate_set_x509_key_file2( + clicred, certfile1, certfile1, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); index1 = ret; @@ -171,21 +166,16 @@ void doit(void) fp = fopen(ocspfile1, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (ocsp_subca3_unknown_pem.data, 1, ocsp_subca3_unknown_pem.size, - fp) > 0); - assert(fwrite - (ocsp_ca3_localhost_unknown_pem.data, 1, - ocsp_ca3_localhost_unknown_pem.size, fp) > 0); - assert(fwrite - (ocsp_ca3_localhost6_unknown_pem.data, 1, - ocsp_ca3_localhost6_unknown_pem.size, fp) > 0); + assert(fwrite(ocsp_subca3_unknown_pem.data, 1, + ocsp_subca3_unknown_pem.size, fp) > 0); + assert(fwrite(ocsp_ca3_localhost_unknown_pem.data, 1, + ocsp_ca3_localhost_unknown_pem.size, fp) > 0); + assert(fwrite(ocsp_ca3_localhost6_unknown_pem.data, 1, + ocsp_ca3_localhost6_unknown_pem.size, fp) > 0); fclose(fp); - ret = - gnutls_certificate_set_ocsp_status_request_file2(clicred, ocspfile1, - index1, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_ocsp_status_request_file2( + clicred, ocspfile1, index1, GNUTLS_X509_FMT_PEM); if (ret != GNUTLS_E_OCSP_MISMATCH_WITH_CERTS) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); @@ -194,24 +184,19 @@ void doit(void) fp = fopen(ocspfile1, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (ocsp_subca3_unknown_pem.data, 1, ocsp_subca3_unknown_pem.size, - fp) > 0); - assert(fwrite - (ocsp_ca3_localhost_unknown_pem.data, 1, - ocsp_ca3_localhost_unknown_pem.size, fp) > 0); + assert(fwrite(ocsp_subca3_unknown_pem.data, 1, + ocsp_subca3_unknown_pem.size, fp) > 0); + assert(fwrite(ocsp_ca3_localhost_unknown_pem.data, 1, + ocsp_ca3_localhost_unknown_pem.size, fp) > 0); fclose(fp); - ret = - gnutls_certificate_set_ocsp_status_request_file2(clicred, ocspfile1, - index1, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_ocsp_status_request_file2( + clicred, ocspfile1, index1, GNUTLS_X509_FMT_PEM); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in setting trust cert: %s\n", gnutls_strerror(ret)); } @@ -228,7 +213,7 @@ void doit(void) if (t != 1509625639) fail("error in OCSP validity time: %ld\n", (long int)t); -# define PRIO "NORMAL:-ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.3" +#define PRIO "NORMAL:-ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.3" _test_cli_serv(xcred, clicred, PRIO, PRIO, "localhost", &ocsp_ca3_localhost_unknown, check_cli, check_serv, 0, 1, 0, 0); diff --git a/tests/set_x509_ocsp_multi_invalid.c b/tests/set_x509_ocsp_multi_invalid.c index e590e75845..ba50560a4e 100644 --- a/tests/set_x509_ocsp_multi_invalid.c +++ b/tests/set_x509_ocsp_multi_invalid.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -31,13 +31,13 @@ #ifdef ENABLE_OCSP -# include "cert-common.h" -# include "utils.h" +#include "cert-common.h" +#include "utils.h" /* Tests whether setting an OCSP response to a server with multiple * certificate sets, is working as expected */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1469186559; if (t) @@ -46,19 +46,22 @@ static time_t mytime(time_t * t) return then; } -# define RESP1 "\x30\x82\x06\x8C\x0A\x01\x00\xA0\x82\x06\x85\x30\x82\x06\x81\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\x72\x30\x82\x06\x6E\x30\x82\x01\x07\xA1\x69\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\x30\x64\x30\x62\x30\x3A\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\x13\x9D\xA0\x9E\xF4\x32\xAB\x8F\xE2\x89\x56\x67\xFA\xD0\xD4\xE3\x35\x86\x71\xB9\x04\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\x02\x01\x1D\x80\x00\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\xA0\x11\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x39\x32\x38\x5A\xA1\x23\x30\x21\x30\x1F\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x16\x89\x7D\x91\x3A\xB5\x25\xA4\x45\xFE\xC9\xFD\xC2\xE5\x08\xA4\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x4E\xAD\x6B\x2B\xF7\xF2\xBF\xA9\x23\x1E\x3A\x0B\x06\xDB\x55\x53\x2B\x64\x54\x11\x32\xBF\x60\xF7\x4F\xE0\x8E\x9B\xA0\xA2\x4C\x79\xC3\x2A\xE0\x43\xF7\x40\x1A\xDC\xB9\xB4\x25\xEF\x48\x01\x97\x8C\xF5\x1E\xDB\xD1\x30\x37\x73\x69\xD6\xA7\x7A\x2D\x8E\xDE\x5C\xAA\xEA\x39\xB9\x52\xAA\x25\x1E\x74\x7D\xF9\x78\x95\x8A\x92\x1F\x98\x21\xF4\x60\x7F\xD3\x28\xEE\x47\x9C\xBF\xE2\x5D\xF6\x3F\x68\x0A\xD6\xFF\x08\xC1\xDC\x95\x1E\x29\xD7\x3E\x85\xD5\x65\xA4\x4B\xC0\xAF\xC3\x78\xAB\x06\x98\x88\x19\x8A\x64\xA6\x83\x91\x87\x13\xDB\x17\xCC\x46\xBD\xAB\x4E\xC7\x16\xD1\xF8\x35\xFD\x27\xC8\xF6\x6B\xEB\x37\xB8\x08\x6F\xE2\x6F\xB4\x7E\xD5\x68\xDB\x7F\x5D\x5E\x36\x38\xF2\x77\x59\x13\xE7\x3E\x4D\x67\x5F\xDB\xA2\xF5\x5D\x7C\xBF\xBD\xB5\x37\x33\x51\x36\x63\xF8\x21\x1E\xFC\x73\x8F\x32\x69\xBB\x97\xA7\xBD\xF1\xB6\xE0\x40\x09\x68\xEA\xD5\x93\xB8\xBB\x39\x8D\xA8\x16\x1B\xBF\x04\x7A\xBC\x18\x43\x01\xE9\x3C\x19\x5C\x4D\x4B\x98\xD8\x23\x37\x39\xA4\xC4\xDD\xED\x9C\xEC\x37\xAB\x66\x44\x9B\xE7\x5B\x5D\x32\xA2\xDB\xA6\x0B\x3B\x8C\xE1\xF5\xDB\xCB\x7D\x58\xA0\x82\x04\x4B\x30\x82\x04\x47\x30\x82\x04\x43\x30\x82\x03\x2B\xA0\x03\x02\x01\x02\x02\x01\x1E\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x1E\x17\x0D\x30\x39\x31\x31\x32\x34\x31\x32\x35\x31\x35\x33\x5A\x17\x0D\x31\x34\x31\x31\x32\x33\x31\x32\x35\x31\x35\x33\x5A\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\xBC\x05\x3E\x4B\xBE\xC6\xB1\x33\x48\x0E\xC3\xD4\x0C\xEF\x83\x0B\xBD\xBC\x57\x5F\x14\xEF\xF5\x6D\x0B\xFF\xFA\x01\x9C\xFA\x21\x6D\x5C\xAE\x79\x29\x74\xFE\xBD\xAB\x70\x87\x98\x6B\x48\x35\x79\xE3\xE0\xC1\x14\x41\x1F\x0A\xF7\xE7\xA3\xA6\xDA\x6B\xFF\xCD\x74\xE9\x95\x00\x38\xAA\xD6\x3A\x60\xC6\x64\xA1\xE6\x02\x39\x58\x4E\xFD\xF2\x78\x08\x63\xB6\xD7\x7A\x96\x79\x62\x18\x39\xEE\x27\x8D\x3B\xA2\x3D\x48\x88\xDB\x43\xD6\x6A\x77\x20\x6A\x27\x39\x50\xE0\x02\x50\x19\xF2\x7A\xCF\x78\x23\x99\x01\xD4\xE5\xB1\xD1\x31\xE6\x6B\x84\xAF\xD0\x77\x41\x46\x85\xB0\x3B\xE6\x6A\x00\x0F\x3B\x7E\x95\x7F\x59\xA8\x22\xE8\x49\x49\x05\xC8\xCB\x6C\xEE\x47\xA7\x2D\xC9\x74\x5B\xEB\x8C\xD5\x99\xC2\xE2\x70\xDB\xEA\x87\x43\x84\x0E\x4F\x83\x1C\xA6\xEB\x1F\x22\x38\x17\x69\x9B\x72\x12\x95\x48\x71\xB2\x7B\x92\x73\x52\xAB\xE3\x1A\xA5\xD3\xF4\x44\x14\xBA\xC3\x35\xDA\x91\x6C\x7D\xB4\xC2\x00\x07\xD8\x0A\x51\xF1\x0D\x4C\xD9\x7A\xD1\x99\xE6\xA8\x8D\x0A\x80\xA8\x91\xDD\x8A\xA2\x6B\xF6\xDB\xB0\x3E\xC9\x71\xA9\xE0\x39\xC3\xA3\x58\x0D\x87\xD0\xB2\xA7\x9C\xB7\x69\x02\x03\x01\x00\x01\xA3\x82\x01\x1A\x30\x82\x01\x16\x30\x09\x06\x03\x55\x1D\x13\x04\x02\x30\x00\x30\x0B\x06\x03\x55\x1D\x0F\x04\x04\x03\x02\x03\xA8\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x34\x91\x6E\x91\x32\xBF\x35\x25\x43\xCC\x28\x74\xEF\x82\xC2\x57\x92\x79\x13\x73\x30\x6D\x06\x03\x55\x1D\x23\x04\x66\x30\x64\x80\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\xA1\x49\xA4\x47\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x82\x01\x00\x30\x1E\x06\x03\x55\x1D\x11\x04\x17\x30\x15\x82\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x13\x06\x03\x55\x1D\x25\x04\x0C\x30\x0A\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x39\x06\x03\x55\x1D\x1F\x04\x32\x30\x30\x30\x2E\xA0\x2C\xA0\x2A\x86\x28\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x2F\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x63\x72\x6C\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x03\x82\x01\x01\x00\x6D\x78\xD7\x66\x90\xA6\xEB\xDD\xB5\x09\x48\xA4\xDA\x27\xFA\xAC\xB1\xBC\x8F\x8C\xBE\xCC\x8C\x09\xA2\x40\x0D\x6C\x4A\xAE\x72\x22\x1E\xC8\xAF\x6D\xF1\x12\xAF\xD7\x40\x51\x79\xD4\xDD\xB2\x0C\xDB\x97\x84\xB6\x24\xD5\xF5\xA8\xBB\xC0\x4B\xF9\x7F\x71\xF7\xB0\x65\x42\x4A\x7D\xFE\x76\x7E\x05\xD2\x46\xB8\x7D\xB3\x39\x4C\x5C\xB1\xFA\xB9\xEE\x3B\x70\x33\x39\x57\x1A\xB9\x95\x51\x33\x00\x25\x1B\x4C\xAA\xB4\xA7\x55\xAF\x63\x6D\x6F\x88\x17\x6A\x7F\xB0\x97\xDE\x49\x14\x6A\x27\x6A\xB0\x42\x80\xD6\xA6\x9B\xEF\x04\x5E\x11\x7D\xD5\x8E\x54\x20\xA2\x76\xD4\x66\x58\xAC\x9C\x12\xD3\xF5\xCA\x54\x98\xCA\x21\xEC\xC1\x55\xA1\x2F\x68\x0B\x5D\x04\x50\xD2\x5E\x70\x25\xD8\x13\xD9\x44\x51\x0E\x8A\x42\x08\x18\x84\xE6\x61\xCE\x5A\x7D\x7B\x81\x35\x90\xC3\xD4\x9D\x19\xB6\x37\xEE\x8F\x63\x5C\xDA\xD8\xF0\x64\x60\x39\xEB\x9B\x1C\x54\x66\x75\x76\xB5\x0A\x58\xB9\x3F\x91\xE1\x21\x9C\xA0\x50\x15\x97\xB6\x7E\x41\xBC\xD0\xC4\x21\x4C\xF5\xD7\xF0\x13\xF8\x77\xE9\x74\xC4\x8A\x0E\x20\x17\x32\xAE\x38\xC2\xA5\xA8\x62\x85\x17\xB1\xA2\xD3\x22\x9F\x95\xB7\xA3\x4C" +#define RESP1 \ + "\x30\x82\x06\x8C\x0A\x01\x00\xA0\x82\x06\x85\x30\x82\x06\x81\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\x72\x30\x82\x06\x6E\x30\x82\x01\x07\xA1\x69\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\x30\x64\x30\x62\x30\x3A\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\x13\x9D\xA0\x9E\xF4\x32\xAB\x8F\xE2\x89\x56\x67\xFA\xD0\xD4\xE3\x35\x86\x71\xB9\x04\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\x02\x01\x1D\x80\x00\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\xA0\x11\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x39\x32\x38\x5A\xA1\x23\x30\x21\x30\x1F\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x16\x89\x7D\x91\x3A\xB5\x25\xA4\x45\xFE\xC9\xFD\xC2\xE5\x08\xA4\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x4E\xAD\x6B\x2B\xF7\xF2\xBF\xA9\x23\x1E\x3A\x0B\x06\xDB\x55\x53\x2B\x64\x54\x11\x32\xBF\x60\xF7\x4F\xE0\x8E\x9B\xA0\xA2\x4C\x79\xC3\x2A\xE0\x43\xF7\x40\x1A\xDC\xB9\xB4\x25\xEF\x48\x01\x97\x8C\xF5\x1E\xDB\xD1\x30\x37\x73\x69\xD6\xA7\x7A\x2D\x8E\xDE\x5C\xAA\xEA\x39\xB9\x52\xAA\x25\x1E\x74\x7D\xF9\x78\x95\x8A\x92\x1F\x98\x21\xF4\x60\x7F\xD3\x28\xEE\x47\x9C\xBF\xE2\x5D\xF6\x3F\x68\x0A\xD6\xFF\x08\xC1\xDC\x95\x1E\x29\xD7\x3E\x85\xD5\x65\xA4\x4B\xC0\xAF\xC3\x78\xAB\x06\x98\x88\x19\x8A\x64\xA6\x83\x91\x87\x13\xDB\x17\xCC\x46\xBD\xAB\x4E\xC7\x16\xD1\xF8\x35\xFD\x27\xC8\xF6\x6B\xEB\x37\xB8\x08\x6F\xE2\x6F\xB4\x7E\xD5\x68\xDB\x7F\x5D\x5E\x36\x38\xF2\x77\x59\x13\xE7\x3E\x4D\x67\x5F\xDB\xA2\xF5\x5D\x7C\xBF\xBD\xB5\x37\x33\x51\x36\x63\xF8\x21\x1E\xFC\x73\x8F\x32\x69\xBB\x97\xA7\xBD\xF1\xB6\xE0\x40\x09\x68\xEA\xD5\x93\xB8\xBB\x39\x8D\xA8\x16\x1B\xBF\x04\x7A\xBC\x18\x43\x01\xE9\x3C\x19\x5C\x4D\x4B\x98\xD8\x23\x37\x39\xA4\xC4\xDD\xED\x9C\xEC\x37\xAB\x66\x44\x9B\xE7\x5B\x5D\x32\xA2\xDB\xA6\x0B\x3B\x8C\xE1\xF5\xDB\xCB\x7D\x58\xA0\x82\x04\x4B\x30\x82\x04\x47\x30\x82\x04\x43\x30\x82\x03\x2B\xA0\x03\x02\x01\x02\x02\x01\x1E\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x1E\x17\x0D\x30\x39\x31\x31\x32\x34\x31\x32\x35\x31\x35\x33\x5A\x17\x0D\x31\x34\x31\x31\x32\x33\x31\x32\x35\x31\x35\x33\x5A\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\xBC\x05\x3E\x4B\xBE\xC6\xB1\x33\x48\x0E\xC3\xD4\x0C\xEF\x83\x0B\xBD\xBC\x57\x5F\x14\xEF\xF5\x6D\x0B\xFF\xFA\x01\x9C\xFA\x21\x6D\x5C\xAE\x79\x29\x74\xFE\xBD\xAB\x70\x87\x98\x6B\x48\x35\x79\xE3\xE0\xC1\x14\x41\x1F\x0A\xF7\xE7\xA3\xA6\xDA\x6B\xFF\xCD\x74\xE9\x95\x00\x38\xAA\xD6\x3A\x60\xC6\x64\xA1\xE6\x02\x39\x58\x4E\xFD\xF2\x78\x08\x63\xB6\xD7\x7A\x96\x79\x62\x18\x39\xEE\x27\x8D\x3B\xA2\x3D\x48\x88\xDB\x43\xD6\x6A\x77\x20\x6A\x27\x39\x50\xE0\x02\x50\x19\xF2\x7A\xCF\x78\x23\x99\x01\xD4\xE5\xB1\xD1\x31\xE6\x6B\x84\xAF\xD0\x77\x41\x46\x85\xB0\x3B\xE6\x6A\x00\x0F\x3B\x7E\x95\x7F\x59\xA8\x22\xE8\x49\x49\x05\xC8\xCB\x6C\xEE\x47\xA7\x2D\xC9\x74\x5B\xEB\x8C\xD5\x99\xC2\xE2\x70\xDB\xEA\x87\x43\x84\x0E\x4F\x83\x1C\xA6\xEB\x1F\x22\x38\x17\x69\x9B\x72\x12\x95\x48\x71\xB2\x7B\x92\x73\x52\xAB\xE3\x1A\xA5\xD3\xF4\x44\x14\xBA\xC3\x35\xDA\x91\x6C\x7D\xB4\xC2\x00\x07\xD8\x0A\x51\xF1\x0D\x4C\xD9\x7A\xD1\x99\xE6\xA8\x8D\x0A\x80\xA8\x91\xDD\x8A\xA2\x6B\xF6\xDB\xB0\x3E\xC9\x71\xA9\xE0\x39\xC3\xA3\x58\x0D\x87\xD0\xB2\xA7\x9C\xB7\x69\x02\x03\x01\x00\x01\xA3\x82\x01\x1A\x30\x82\x01\x16\x30\x09\x06\x03\x55\x1D\x13\x04\x02\x30\x00\x30\x0B\x06\x03\x55\x1D\x0F\x04\x04\x03\x02\x03\xA8\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x34\x91\x6E\x91\x32\xBF\x35\x25\x43\xCC\x28\x74\xEF\x82\xC2\x57\x92\x79\x13\x73\x30\x6D\x06\x03\x55\x1D\x23\x04\x66\x30\x64\x80\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\xA1\x49\xA4\x47\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x82\x01\x00\x30\x1E\x06\x03\x55\x1D\x11\x04\x17\x30\x15\x82\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x13\x06\x03\x55\x1D\x25\x04\x0C\x30\x0A\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x39\x06\x03\x55\x1D\x1F\x04\x32\x30\x30\x30\x2E\xA0\x2C\xA0\x2A\x86\x28\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x2F\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x63\x72\x6C\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x03\x82\x01\x01\x00\x6D\x78\xD7\x66\x90\xA6\xEB\xDD\xB5\x09\x48\xA4\xDA\x27\xFA\xAC\xB1\xBC\x8F\x8C\xBE\xCC\x8C\x09\xA2\x40\x0D\x6C\x4A\xAE\x72\x22\x1E\xC8\xAF\x6D\xF1\x12\xAF\xD7\x40\x51\x79\xD4\xDD\xB2\x0C\xDB\x97\x84\xB6\x24\xD5\xF5\xA8\xBB\xC0\x4B\xF9\x7F\x71\xF7\xB0\x65\x42\x4A\x7D\xFE\x76\x7E\x05\xD2\x46\xB8\x7D\xB3\x39\x4C\x5C\xB1\xFA\xB9\xEE\x3B\x70\x33\x39\x57\x1A\xB9\x95\x51\x33\x00\x25\x1B\x4C\xAA\xB4\xA7\x55\xAF\x63\x6D\x6F\x88\x17\x6A\x7F\xB0\x97\xDE\x49\x14\x6A\x27\x6A\xB0\x42\x80\xD6\xA6\x9B\xEF\x04\x5E\x11\x7D\xD5\x8E\x54\x20\xA2\x76\xD4\x66\x58\xAC\x9C\x12\xD3\xF5\xCA\x54\x98\xCA\x21\xEC\xC1\x55\xA1\x2F\x68\x0B\x5D\x04\x50\xD2\x5E\x70\x25\xD8\x13\xD9\x44\x51\x0E\x8A\x42\x08\x18\x84\xE6\x61\xCE\x5A\x7D\x7B\x81\x35\x90\xC3\xD4\x9D\x19\xB6\x37\xEE\x8F\x63\x5C\xDA\xD8\xF0\x64\x60\x39\xEB\x9B\x1C\x54\x66\x75\x76\xB5\x0A\x58\xB9\x3F\x91\xE1\x21\x9C\xA0\x50\x15\x97\xB6\x7E\x41\xBC\xD0\xC4\x21\x4C\xF5\xD7\xF0\x13\xF8\x77\xE9\x74\xC4\x8A\x0E\x20\x17\x32\xAE\x38\xC2\xA5\xA8\x62\x85\x17\xB1\xA2\xD3\x22\x9F\x95\xB7\xA3\x4C" -static gnutls_datum_t ocsp_resp1 = - { (unsigned char *)RESP1, sizeof(RESP1) - 1 }; +static gnutls_datum_t ocsp_resp1 = { (unsigned char *)RESP1, + sizeof(RESP1) - 1 }; -# define RESP2 "\x30\x82\x06\x8C\x0A\x01\x00\xA0\x82\x06\x85\x30\x82\x06\x81\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\x72\x30\x82\x06\x6E\x30\x82\x01\x07\xA1\x69\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\x30\x64\x30\x62\x30\x3A\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\x13\x9D\xA0\x9E\xF4\x32\xAB\x8F\xE2\x89\x56\x67\xFA\xD0\xD4\xE3\x35\x86\x71\xB9\x04\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\x02\x01\x1D\x80\x00\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\xA0\x11\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x39\x32\x38\x5A\xA1\x23\x30\x21\x30\x1F\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x16\x89\x7D\x91\x3A\xB5\x25\xA4\x45\xFE\xC9\xFD\xC2\xE5\x08\xA4\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x4E\xAD\x6B\x2B\xF7\xF2\xBF\xA9\x23\x1E\x3A\x0B\x06\xDB\x55\x53\x2B\x64\x54\x11\x32\xBF\x60\xF7\x4F\xE0\x8E\x9B\xA0\xA2\x4C\x79\xC3\x2A\xE0\x43\xF7\x40\x1A\xDC\xB9\xB4\x25\xEF\x48\x01\x97\x8C\xF5\x1E\xDB\xD1\x30\x37\x73\x69\xD6\xA7\x7A\x2D\x8E\xDE\x5C\xAA\xEA\x39\xB9\x52\xAA\x25\x1E\x74\x7D\xF9\x78\x95\x8A\x92\x1F\x98\x21\xF4\x60\x7F\xD3\x28\xEE\x47\x9C\xBF\xE2\x5D\xF6\x3F\x68\x0A\xD6\xFF\x08\xC1\xDC\x95\x1E\x29\xD7\x3E\x85\xD5\x65\xA4\x4B\xC0\xAF\xC3\x78\xAB\x06\x98\x88\x19\x8A\x64\xA6\x83\x91\x87\x13\xDB\x17\xCC\x46\xBD\xAB\x4E\xC7\x16\xD1\xF8\x35\xFD\x27\xC8\xF6\x6B\xEB\x37\xB8\x08\x6F\xE2\x6F\xB4\x7E\xD5\x68\xDB\x7F\x5D\x5E\x36\x38\xF2\x77\x59\x13\xE7\x3E\x4D\x67\x5F\xDB\xA2\xF5\x5D\x7C\xBF\xBD\xB5\x37\x33\x51\x36\x63\xF8\x21\x1E\xFC\x73\x8F\x32\x69\xBB\x97\xA7\xBD\xF1\xB6\xE0\x40\x09\x68\xEA\xD5\x93\xB8\xBB\x39\x8D\xA8\x16\x1B\xBF\x04\x7A\xBC\x18\x43\x01\xE9\x3C\x19\x5C\x4D\x4B\x98\xD8\x23\x37\x39\xA4\xC4\xDD\xED\x9C\xEC\x37\xAB\x66\x44\x9B\xE7\x5B\x5D\x32\xA2\xDB\xA6\x0B\x3B\x8C\xE1\xF5\xDB\xCB\x7D\x58\xA0\x82\x04\x4B\x30\x82\x04\x47\x30\x82\x04\x43\x30\x82\x03\x2B\xA0\x03\x02\x01\x02\x02\x01\x1E\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x1E\x17\x0D\x30\x39\x31\x31\x32\x34\x31\x32\x35\x31\x35\x33\x5A\x17\x0D\x31\x34\x31\x31\x32\x33\x31\x32\x35\x31\x35\x33\x5A\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\xBC\x05\x3E\x4B\xBE\xC6\xB1\x33\x48\x0E\xC3\xD4\x0C\xEF\x83\x0B\xBD\xBC\x57\x5F\x14\xEF\xF5\x6D\x0B\xFF\xFA\x01\x9C\xFA\x21\x6D\x5C\xAE\x79\x29\x74\xFE\xBD\xAB\x70\x87\x98\x6B\x48\x35\x79\xE3\xE0\xC1\x14\x41\x1F\x0A\xF7\xE7\xA3\xA6\xDA\x6B\xFF\xCD\x74\xE9\x95\x00\x38\xAA\xD6\x3A\x60\xC6\x64\xA1\xE6\x02\x39\x58\x4E\xFD\xF2\x78\x08\x63\xB6\xD7\x7A\x96\x79\x62\x18\x39\xEE\x27\x8D\x3B\xA2\x3D\x48\x88\xDB\x43\xD6\x6A\x77\x20\x6A\x27\x39\x50\xE0\x02\x50\x19\xF2\x7A\xCF\x78\x23\x99\x01\xD4\xE5\xB1\xD1\x31\xE6\x6B\x84\xAF\xD0\x77\x41\x46\x85\xB0\x3B\xE6\x6A\x00\x0F\x3B\x7E\x95\x7F\x59\xA8\x22\xE8\x49\x49\x05\xC8\xCB\x6C\xEE\x47\xA7\x2D\xC9\x74\x5B\xEB\x8C\xD5\x99\xC2\xE2\x70\xDB\xEA\x87\x43\x84\x0E\x4F\x83\x1C\xA6\xEB\x1F\x22\x38\x17\x69\x9B\x72\x12\x95\x48\x71\xB2\x7B\x92\x73\x52\xAB\xE3\x1A\xA5\xD3\xF4\x44\x14\xBA\xC3\x35\xDA\x91\x6C\x7D\xB4\xC2\x00\x07\xD8\x0A\x51\xF1\x0D\x4C\xD9\x7A\xD1\x99\xE6\xA8\x8D\x0A\x80\xA8\x91\xDD\x8A\xA2\x6B\xF6\xDB\xB0\x3E\xC9\x71\xA9\xE0\x39\xC3\xA3\x58\x0D\x87\xD0\xB2\xA7\x9C\xB7\x69\x02\x03\x01\x00\x01\xA3\x82\x01\x1A\x30\x82\x01\x16\x30\x09\x06\x03\x55\x1D\x13\x04\x02\x30\x00\x30\x0B\x06\x03\x55\x1D\x0F\x04\x04\x03\x02\x03\xA8\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x34\x91\x6E\x91\x32\xBF\x35\x25\x43\xCC\x28\x74\xEF\x82\xC2\x57\x92\x79\x13\x73\x30\x6D\x06\x03\x55\x1D\x23\x04\x66\x30\x64\x80\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\xA1\x49\xA4\x47\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x82\x01\x00\x30\x1E\x06\x03\x55\x1D\x11\x04\x17\x30\x15\x82\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x13\x06\x03\x55\x1D\x25\x04\x0C\x30\x0A\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x39\x06\x03\x55\x1D\x1F\x04\x32\x30\x30\x30\x2E\xA0\x2C\xA0\x2A\x86\x28\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x2F\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x63\x72\x6C\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x03\x82\x01\x01\x00\x6D\x78\xD7\x66\x90\xA6\xEB\xDD\xB5\x09\x48\xA4\xDA\x27\xFA\xAC\xB1\xBC\x8F\x8C\xBE\xCC\x8C\x09\xA2\x40\x0D\x6C\x4A\xAE\x72\x22\x1E\xC8\xAF\x6D\xF1\x12\xAF\xD7\x40\x51\x79\xD4\xDD\xB2\x0C\xDB\x97\x84\xB6\x24\xD5\xF5\xA8\xBB\xC0\x4B\xF9\x7F\x71\xF7\xB0\x65\x42\x4A\x7D\xFE\x76\x7E\x05\xD2\x46\xB8\x7D\xB3\x39\x4C\x5C\xB1\xFA\xB9\xEE\x3B\x70\x33\x39\x57\x1A\xB9\x95\x51\x33\x00\x25\x1B\x4C\xAA\xB4\xA7\x55\xAF\x63\x6D\x6F\x88\x17\x6A\x7F\xB0\x97\xDE\x49\x14\x6A\x27\x6A\xB0\x42\x80\xD6\xA6\x9B\xEF\x04\x5E\x11\x7D\xD5\x8E\x54\x20\xA2\x76\xD4\x66\x58\xAC\x9C\x12\xD3\xF5\xCA\x54\x98\xCA\x21\xEC\xC1\x55\xA1\x2F\x68\x0B\x5D\x04\x50\xD2\x5E\x70\x25\xD8\x13\xD9\x44\x51\x0E\x8A\x42\x08\x18\x84\xE6\x61\xCE\x5A\x7D\x7B\x81\x35\x90\xC3\xD4\x9D\x19\xB6\x37\xEE\x8F\x63\x5C\xDA\xD8\xF0\x64\x60\x39\xEB\x9B\x1C\x54\x66\x75\x76\xB5\x0A\x58\xB9\x3F\x91\xE1\x21\x9C\xA0\x50\x15\x97\xB6\x7E\x41\xBC\xD0\xC4\x21\x4C\xF5\xD7\xF0\x13\xF8\x77\xE9\x74\xC4\x8A\x0E\x20\x17\x32\xAE\x38\xC2\xA5\xA8\x62\x85\x17\xB1\xA2\xD3\x22\x9F\x95\xB7\xA3\x4C" +#define RESP2 \ + "\x30\x82\x06\x8C\x0A\x01\x00\xA0\x82\x06\x85\x30\x82\x06\x81\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\x72\x30\x82\x06\x6E\x30\x82\x01\x07\xA1\x69\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\x30\x64\x30\x62\x30\x3A\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\x13\x9D\xA0\x9E\xF4\x32\xAB\x8F\xE2\x89\x56\x67\xFA\xD0\xD4\xE3\x35\x86\x71\xB9\x04\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\x02\x01\x1D\x80\x00\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\xA0\x11\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x39\x32\x38\x5A\xA1\x23\x30\x21\x30\x1F\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x16\x89\x7D\x91\x3A\xB5\x25\xA4\x45\xFE\xC9\xFD\xC2\xE5\x08\xA4\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x4E\xAD\x6B\x2B\xF7\xF2\xBF\xA9\x23\x1E\x3A\x0B\x06\xDB\x55\x53\x2B\x64\x54\x11\x32\xBF\x60\xF7\x4F\xE0\x8E\x9B\xA0\xA2\x4C\x79\xC3\x2A\xE0\x43\xF7\x40\x1A\xDC\xB9\xB4\x25\xEF\x48\x01\x97\x8C\xF5\x1E\xDB\xD1\x30\x37\x73\x69\xD6\xA7\x7A\x2D\x8E\xDE\x5C\xAA\xEA\x39\xB9\x52\xAA\x25\x1E\x74\x7D\xF9\x78\x95\x8A\x92\x1F\x98\x21\xF4\x60\x7F\xD3\x28\xEE\x47\x9C\xBF\xE2\x5D\xF6\x3F\x68\x0A\xD6\xFF\x08\xC1\xDC\x95\x1E\x29\xD7\x3E\x85\xD5\x65\xA4\x4B\xC0\xAF\xC3\x78\xAB\x06\x98\x88\x19\x8A\x64\xA6\x83\x91\x87\x13\xDB\x17\xCC\x46\xBD\xAB\x4E\xC7\x16\xD1\xF8\x35\xFD\x27\xC8\xF6\x6B\xEB\x37\xB8\x08\x6F\xE2\x6F\xB4\x7E\xD5\x68\xDB\x7F\x5D\x5E\x36\x38\xF2\x77\x59\x13\xE7\x3E\x4D\x67\x5F\xDB\xA2\xF5\x5D\x7C\xBF\xBD\xB5\x37\x33\x51\x36\x63\xF8\x21\x1E\xFC\x73\x8F\x32\x69\xBB\x97\xA7\xBD\xF1\xB6\xE0\x40\x09\x68\xEA\xD5\x93\xB8\xBB\x39\x8D\xA8\x16\x1B\xBF\x04\x7A\xBC\x18\x43\x01\xE9\x3C\x19\x5C\x4D\x4B\x98\xD8\x23\x37\x39\xA4\xC4\xDD\xED\x9C\xEC\x37\xAB\x66\x44\x9B\xE7\x5B\x5D\x32\xA2\xDB\xA6\x0B\x3B\x8C\xE1\xF5\xDB\xCB\x7D\x58\xA0\x82\x04\x4B\x30\x82\x04\x47\x30\x82\x04\x43\x30\x82\x03\x2B\xA0\x03\x02\x01\x02\x02\x01\x1E\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x1E\x17\x0D\x30\x39\x31\x31\x32\x34\x31\x32\x35\x31\x35\x33\x5A\x17\x0D\x31\x34\x31\x31\x32\x33\x31\x32\x35\x31\x35\x33\x5A\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\xBC\x05\x3E\x4B\xBE\xC6\xB1\x33\x48\x0E\xC3\xD4\x0C\xEF\x83\x0B\xBD\xBC\x57\x5F\x14\xEF\xF5\x6D\x0B\xFF\xFA\x01\x9C\xFA\x21\x6D\x5C\xAE\x79\x29\x74\xFE\xBD\xAB\x70\x87\x98\x6B\x48\x35\x79\xE3\xE0\xC1\x14\x41\x1F\x0A\xF7\xE7\xA3\xA6\xDA\x6B\xFF\xCD\x74\xE9\x95\x00\x38\xAA\xD6\x3A\x60\xC6\x64\xA1\xE6\x02\x39\x58\x4E\xFD\xF2\x78\x08\x63\xB6\xD7\x7A\x96\x79\x62\x18\x39\xEE\x27\x8D\x3B\xA2\x3D\x48\x88\xDB\x43\xD6\x6A\x77\x20\x6A\x27\x39\x50\xE0\x02\x50\x19\xF2\x7A\xCF\x78\x23\x99\x01\xD4\xE5\xB1\xD1\x31\xE6\x6B\x84\xAF\xD0\x77\x41\x46\x85\xB0\x3B\xE6\x6A\x00\x0F\x3B\x7E\x95\x7F\x59\xA8\x22\xE8\x49\x49\x05\xC8\xCB\x6C\xEE\x47\xA7\x2D\xC9\x74\x5B\xEB\x8C\xD5\x99\xC2\xE2\x70\xDB\xEA\x87\x43\x84\x0E\x4F\x83\x1C\xA6\xEB\x1F\x22\x38\x17\x69\x9B\x72\x12\x95\x48\x71\xB2\x7B\x92\x73\x52\xAB\xE3\x1A\xA5\xD3\xF4\x44\x14\xBA\xC3\x35\xDA\x91\x6C\x7D\xB4\xC2\x00\x07\xD8\x0A\x51\xF1\x0D\x4C\xD9\x7A\xD1\x99\xE6\xA8\x8D\x0A\x80\xA8\x91\xDD\x8A\xA2\x6B\xF6\xDB\xB0\x3E\xC9\x71\xA9\xE0\x39\xC3\xA3\x58\x0D\x87\xD0\xB2\xA7\x9C\xB7\x69\x02\x03\x01\x00\x01\xA3\x82\x01\x1A\x30\x82\x01\x16\x30\x09\x06\x03\x55\x1D\x13\x04\x02\x30\x00\x30\x0B\x06\x03\x55\x1D\x0F\x04\x04\x03\x02\x03\xA8\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x34\x91\x6E\x91\x32\xBF\x35\x25\x43\xCC\x28\x74\xEF\x82\xC2\x57\x92\x79\x13\x73\x30\x6D\x06\x03\x55\x1D\x23\x04\x66\x30\x64\x80\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\xA1\x49\xA4\x47\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x82\x01\x00\x30\x1E\x06\x03\x55\x1D\x11\x04\x17\x30\x15\x82\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x13\x06\x03\x55\x1D\x25\x04\x0C\x30\x0A\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x39\x06\x03\x55\x1D\x1F\x04\x32\x30\x30\x30\x2E\xA0\x2C\xA0\x2A\x86\x28\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x2F\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x63\x72\x6C\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x03\x82\x01\x01\x00\x6D\x78\xD7\x66\x90\xA6\xEB\xDD\xB5\x09\x48\xA4\xDA\x27\xFA\xAC\xB1\xBC\x8F\x8C\xBE\xCC\x8C\x09\xA2\x40\x0D\x6C\x4A\xAE\x72\x22\x1E\xC8\xAF\x6D\xF1\x12\xAF\xD7\x40\x51\x79\xD4\xDD\xB2\x0C\xDB\x97\x84\xB6\x24\xD5\xF5\xA8\xBB\xC0\x4B\xF9\x7F\x71\xF7\xB0\x65\x42\x4A\x7D\xFE\x76\x7E\x05\xD2\x46\xB8\x7D\xB3\x39\x4C\x5C\xB1\xFA\xB9\xEE\x3B\x70\x33\x39\x57\x1A\xB9\x95\x51\x33\x00\x25\x1B\x4C\xAA\xB4\xA7\x55\xAF\x63\x6D\x6F\x88\x17\x6A\x7F\xB0\x97\xDE\x49\x14\x6A\x27\x6A\xB0\x42\x80\xD6\xA6\x9B\xEF\x04\x5E\x11\x7D\xD5\x8E\x54\x20\xA2\x76\xD4\x66\x58\xAC\x9C\x12\xD3\xF5\xCA\x54\x98\xCA\x21\xEC\xC1\x55\xA1\x2F\x68\x0B\x5D\x04\x50\xD2\x5E\x70\x25\xD8\x13\xD9\x44\x51\x0E\x8A\x42\x08\x18\x84\xE6\x61\xCE\x5A\x7D\x7B\x81\x35\x90\xC3\xD4\x9D\x19\xB6\x37\xEE\x8F\x63\x5C\xDA\xD8\xF0\x64\x60\x39\xEB\x9B\x1C\x54\x66\x75\x76\xB5\x0A\x58\xB9\x3F\x91\xE1\x21\x9C\xA0\x50\x15\x97\xB6\x7E\x41\xBC\xD0\xC4\x21\x4C\xF5\xD7\xF0\x13\xF8\x77\xE9\x74\xC4\x8A\x0E\x20\x17\x32\xAE\x38\xC2\xA5\xA8\x62\x85\x17\xB1\xA2\xD3\x22\x9F\x95\xB7\xA3\x4C" -static gnutls_datum_t ocsp_resp2 = - { (unsigned char *)RESP2, sizeof(RESP2) - 1 }; +static gnutls_datum_t ocsp_resp2 = { (unsigned char *)RESP2, + sizeof(RESP2) - 1 }; -# define RESP3 "\x30\x82\x01\xd3\x0a\x01\x00\xa0\x82\x01\xcc\x30\x82\x01\xc8\x06\x09\x2b\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x01\xb9\x30\x82\x01\xb5\x30\x81\x9e\xa2\x16\x04\x14\x50\xea\x73\x89\xdb\x29\xfb\x10\x8f\x9e\xe5\x01\x20\xd4\xde\x79\x99\x48\x83\xf7\x18\x0f\x32\x30\x31\x34\x30\x39\x30\x34\x30\x35\x34\x39\x30\x30\x5a\x30\x73\x30\x71\x30\x49\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\xed\x48\xad\xdd\xcb\x7b\x00\xe2\x0e\x84\x2a\xa9\xb4\x09\xf1\xac\x30\x34\xcf\x96\x04\x14\x50\xea\x73\x89\xdb\x29\xfb\x10\x8f\x9e\xe5\x01\x20\xd4\xde\x79\x99\x48\x83\xf7\x02\x10\x02\x01\x48\x91\x5d\xfd\x5e\xb6\xe0\x02\x90\xa9\x67\xb0\xe4\x64\x80\x00\x18\x0f\x32\x30\x31\x34\x30\x39\x30\x34\x30\x35\x34\x39\x30\x30\x5a\xa0\x11\x18\x0f\x32\x30\x31\x34\x30\x39\x31\x31\x30\x36\x30\x34\x30\x30\x5a\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x6e\x5e\x5e\x81\xff\x3f\x4d\xc7\x53\xc7\x1b\xf3\xd3\x1d\xdc\x9a\xc7\xce\x77\x2c\x67\x56\x13\x98\x91\x02\x01\x76\xdc\x48\xb2\x1f\x9b\x17\xea\xbf\x2c\x0a\xf5\x1d\x98\x90\x3c\x5f\x55\xc2\xff\x4b\x9a\xbc\xa6\x83\x9e\xab\x2b\xeb\x9d\x01\xea\x3b\x5f\xbe\x03\x29\x70\x63\x2a\xa4\x1d\xa8\xab\x69\xb2\x64\xba\x5d\x73\x91\x5c\x92\xf3\x69\xd4\xc9\x39\x9c\x7c\x7d\xa2\x47\x92\xc2\x56\xfe\xa1\x0d\x4a\x69\xff\xda\x48\xc5\x5e\xd8\xab\x39\x88\x6a\x06\xfa\x07\x57\xd6\x48\xb5\xce\xc9\x5f\xa5\x96\xfe\x37\x18\x5e\x7f\x35\x51\xc1\x9e\x79\x5a\x26\xba\x67\x67\x38\x2a\x80\x75\x42\x99\x68\x3e\xec\x2f\x7e\x2d\xa1\xa6\xbe\x9f\x01\x51\x22\x88\x3a\xc9\x9c\xed\x51\xef\x21\x66\x7e\xa9\xd0\x3f\x13\x9c\xbb\xd2\x94\x14\x6f\x4b\xd9\xc4\xf5\x2c\xf5\x7d\x07\x68\xf3\x51\xac\xda\xc2\x09\x66\xa9\x3d\xed\xad\x02\x4d\x9c\x11\x29\x1a\x54\xfb\x1e\x7e\x36\xf4\xbb\x0d\x08\x8c\x6a\x42\x08\x10\x29\x08\x7c\x56\x0b\x18\x47\xff\x87\x11\xfd\xb2\xfb\xc9\x22\x7f\xe3\x1f\x7b\xf9\x98\xaa\x3a\x32\xb6\x2f\x02\xba\xb6\xc1\xdc\xc3\x5d\xb5\x4b\xae\x5d\x29\x6a\x31\xde\xcd" -static gnutls_datum_t ocsp_resp3 = - { (unsigned char *)RESP3, sizeof(RESP3) - 1 }; +#define RESP3 \ + "\x30\x82\x01\xd3\x0a\x01\x00\xa0\x82\x01\xcc\x30\x82\x01\xc8\x06\x09\x2b\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x01\xb9\x30\x82\x01\xb5\x30\x81\x9e\xa2\x16\x04\x14\x50\xea\x73\x89\xdb\x29\xfb\x10\x8f\x9e\xe5\x01\x20\xd4\xde\x79\x99\x48\x83\xf7\x18\x0f\x32\x30\x31\x34\x30\x39\x30\x34\x30\x35\x34\x39\x30\x30\x5a\x30\x73\x30\x71\x30\x49\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\xed\x48\xad\xdd\xcb\x7b\x00\xe2\x0e\x84\x2a\xa9\xb4\x09\xf1\xac\x30\x34\xcf\x96\x04\x14\x50\xea\x73\x89\xdb\x29\xfb\x10\x8f\x9e\xe5\x01\x20\xd4\xde\x79\x99\x48\x83\xf7\x02\x10\x02\x01\x48\x91\x5d\xfd\x5e\xb6\xe0\x02\x90\xa9\x67\xb0\xe4\x64\x80\x00\x18\x0f\x32\x30\x31\x34\x30\x39\x30\x34\x30\x35\x34\x39\x30\x30\x5a\xa0\x11\x18\x0f\x32\x30\x31\x34\x30\x39\x31\x31\x30\x36\x30\x34\x30\x30\x5a\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x6e\x5e\x5e\x81\xff\x3f\x4d\xc7\x53\xc7\x1b\xf3\xd3\x1d\xdc\x9a\xc7\xce\x77\x2c\x67\x56\x13\x98\x91\x02\x01\x76\xdc\x48\xb2\x1f\x9b\x17\xea\xbf\x2c\x0a\xf5\x1d\x98\x90\x3c\x5f\x55\xc2\xff\x4b\x9a\xbc\xa6\x83\x9e\xab\x2b\xeb\x9d\x01\xea\x3b\x5f\xbe\x03\x29\x70\x63\x2a\xa4\x1d\xa8\xab\x69\xb2\x64\xba\x5d\x73\x91\x5c\x92\xf3\x69\xd4\xc9\x39\x9c\x7c\x7d\xa2\x47\x92\xc2\x56\xfe\xa1\x0d\x4a\x69\xff\xda\x48\xc5\x5e\xd8\xab\x39\x88\x6a\x06\xfa\x07\x57\xd6\x48\xb5\xce\xc9\x5f\xa5\x96\xfe\x37\x18\x5e\x7f\x35\x51\xc1\x9e\x79\x5a\x26\xba\x67\x67\x38\x2a\x80\x75\x42\x99\x68\x3e\xec\x2f\x7e\x2d\xa1\xa6\xbe\x9f\x01\x51\x22\x88\x3a\xc9\x9c\xed\x51\xef\x21\x66\x7e\xa9\xd0\x3f\x13\x9c\xbb\xd2\x94\x14\x6f\x4b\xd9\xc4\xf5\x2c\xf5\x7d\x07\x68\xf3\x51\xac\xda\xc2\x09\x66\xa9\x3d\xed\xad\x02\x4d\x9c\x11\x29\x1a\x54\xfb\x1e\x7e\x36\xf4\xbb\x0d\x08\x8c\x6a\x42\x08\x10\x29\x08\x7c\x56\x0b\x18\x47\xff\x87\x11\xfd\xb2\xfb\xc9\x22\x7f\xe3\x1f\x7b\xf9\x98\xaa\x3a\x32\xb6\x2f\x02\xba\xb6\xc1\xdc\xc3\x5d\xb5\x4b\xae\x5d\x29\x6a\x31\xde\xcd" +static gnutls_datum_t ocsp_resp3 = { (unsigned char *)RESP3, + sizeof(RESP3) - 1 }; static void check_response(gnutls_session_t session, void *priv) { @@ -77,8 +80,8 @@ static void check_response(gnutls_session_t session, void *priv) fail("not expected response, but received one\n"); } - if (resp.size != exp_resp->size - || memcmp(resp.data, exp_resp->data, resp.size) != 0) { + if (resp.size != exp_resp->size || + memcmp(resp.data, exp_resp->data, resp.size) != 0) { fail("did not receive the expected response\n"); } } @@ -103,7 +106,7 @@ void doit(void) char certname2[TMPNAME_SIZE], ocspname2[TMPNAME_SIZE]; char certname3[TMPNAME_SIZE], ocspname3[TMPNAME_SIZE]; FILE *fp; - unsigned index1, index2, index3; /* indexes of certs */ + unsigned index1, index2, index3; /* indexes of certs */ global_init(); gnutls_global_set_time_function(mytime); @@ -123,17 +126,14 @@ void doit(void) fp = fopen(certfile1, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (server_localhost_ca3_cert_chain_pem, 1, - strlen(server_localhost_ca3_cert_chain_pem), fp) > 0); - assert(fwrite - (server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), - fp) > 0); + assert(fwrite(server_localhost_ca3_cert_chain_pem, 1, + strlen(server_localhost_ca3_cert_chain_pem), fp) > 0); + assert(fwrite(server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), + fp) > 0); fclose(fp); - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile1, certfile1, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile1, certfile1, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); index1 = ret; @@ -144,17 +144,14 @@ void doit(void) fp = fopen(certfile2, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (server_localhost6_ca3_cert_chain_pem, 1, - strlen(server_localhost6_ca3_cert_chain_pem), fp) > 0); - assert(fwrite - (server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), - fp) > 0); + assert(fwrite(server_localhost6_ca3_cert_chain_pem, 1, + strlen(server_localhost6_ca3_cert_chain_pem), fp) > 0); + assert(fwrite(server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), + fp) > 0); fclose(fp); - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile2, certfile2, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile2, certfile2, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); index2 = ret; @@ -162,12 +159,10 @@ void doit(void) fp = fopen(certfile2, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (server_localhost6_ca3_cert_chain_pem, 1, - strlen(server_localhost6_ca3_cert_chain_pem), fp) > 0); - assert(fwrite - (server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), - fp) > 0); + assert(fwrite(server_localhost6_ca3_cert_chain_pem, 1, + strlen(server_localhost6_ca3_cert_chain_pem), fp) > 0); + assert(fwrite(server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), + fp) > 0); fclose(fp); /* set ECC cert */ @@ -180,9 +175,8 @@ void doit(void) assert(fwrite(ecc_key, 1, strlen(ecc_key), fp) > 0); fclose(fp); - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile3, certfile3, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile3, certfile3, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); index3 = ret; @@ -190,12 +184,10 @@ void doit(void) fp = fopen(certfile3, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (server_localhost6_ca3_cert_chain_pem, 1, - strlen(server_localhost6_ca3_cert_chain_pem), fp) > 0); - assert(fwrite - (server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), - fp) > 0); + assert(fwrite(server_localhost6_ca3_cert_chain_pem, 1, + strlen(server_localhost6_ca3_cert_chain_pem), fp) > 0); + assert(fwrite(server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), + fp) > 0); fclose(fp); /* set OCSP response1 */ @@ -206,20 +198,18 @@ void doit(void) assert(fwrite(ocsp_resp1.data, 1, ocsp_resp1.size, fp) > 0); fclose(fp); - ret = - gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile1, - index1); + ret = gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile1, + index1); if (ret != GNUTLS_E_OCSP_MISMATCH_WITH_CERTS) fail("unexpected error in setting invalid ocsp file: %s\n", gnutls_strerror(ret)); - gnutls_certificate_set_flags(xcred, - GNUTLS_CERTIFICATE_API_V2 | - GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK); + gnutls_certificate_set_flags( + xcred, GNUTLS_CERTIFICATE_API_V2 | + GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK); - ret = - gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile1, - index1); + ret = gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile1, + index1); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); @@ -231,9 +221,8 @@ void doit(void) assert(fwrite(ocsp_resp2.data, 1, ocsp_resp2.size, fp) > 0); fclose(fp); - ret = - gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile2, - index2); + ret = gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile2, + index2); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); @@ -245,15 +234,15 @@ void doit(void) assert(fwrite(ocsp_resp3.data, 1, ocsp_resp3.size, fp) > 0); fclose(fp); - ret = - gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile3, - index3); + ret = gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile3, + index3); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); /* set an OCSP response outside the bounds */ - assert(gnutls_certificate_set_ocsp_status_request_file - (xcred, ocspfile3, 34) == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE); + assert(gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile3, + 34) == + GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE); /* make sure that our invalid OCSP responses are not considered in verification */ @@ -263,9 +252,8 @@ void doit(void) GNUTLS_VERIFY_DISABLE_CRL_CHECKS) fail("error in gnutls_certificate_set_verify_flags\n"); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in setting trust cert: %s\n", gnutls_strerror(ret)); } @@ -276,9 +264,10 @@ void doit(void) test_cli_serv(xcred, clicred, "NORMAL:-ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.2", "localhost6", &ocsp_resp2, check_response, NULL); - test_cli_serv(xcred, clicred, - "NORMAL:-ECDHE-RSA:-RSA:-DHE-RSA:-VERS-TLS-ALL:+VERS-TLS1.2", - NULL, &ocsp_resp3, check_response, NULL); + test_cli_serv( + xcred, clicred, + "NORMAL:-ECDHE-RSA:-RSA:-DHE-RSA:-VERS-TLS-ALL:+VERS-TLS1.2", + NULL, &ocsp_resp3, check_response, NULL); test_cli_serv(xcred, clicred, "NORMAL:-ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.3", @@ -286,9 +275,10 @@ void doit(void) test_cli_serv(xcred, clicred, "NORMAL:-ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.3", "localhost6", &ocsp_resp2, check_response, NULL); - test_cli_serv(xcred, clicred, - "NORMAL:-SIGN-ALL:+SIGN-ECDSA-SECP256R1-SHA256:-ECDHE-RSA:-DHE-RSA:-RSA:-VERS-TLS-ALL:+VERS-TLS1.3", - NULL, &ocsp_resp3, check_response, NULL); + test_cli_serv( + xcred, clicred, + "NORMAL:-SIGN-ALL:+SIGN-ECDSA-SECP256R1-SHA256:-ECDHE-RSA:-DHE-RSA:-RSA:-VERS-TLS-ALL:+VERS-TLS1.3", + NULL, &ocsp_resp3, check_response, NULL); gnutls_certificate_free_credentials(xcred); gnutls_certificate_free_credentials(clicred); diff --git a/tests/set_x509_ocsp_multi_pem.c b/tests/set_x509_ocsp_multi_pem.c index 3deff6337a..a1fe5b717f 100644 --- a/tests/set_x509_ocsp_multi_pem.c +++ b/tests/set_x509_ocsp_multi_pem.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -31,14 +31,14 @@ #ifdef ENABLE_OCSP -# include "cert-common.h" -# include "ocsp-common.h" -# include "utils.h" +#include "cert-common.h" +#include "ocsp-common.h" +#include "utils.h" /* Tests whether setting an OCSP response to a server with multiple * certificate sets, is working as expected */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = OCSP_RESP_DATE; if (t) @@ -64,8 +64,8 @@ static void check_response(gnutls_session_t session, void *priv) fail("not expected response, but received one\n"); } - if (resp.size != exp_resp->size - || memcmp(resp.data, exp_resp->data, resp.size) != 0) { + if (resp.size != exp_resp->size || + memcmp(resp.data, exp_resp->data, resp.size) != 0) { fail("did not receive the expected response\n"); } @@ -76,9 +76,9 @@ static void check_response(gnutls_session_t session, void *priv) fail("no intermediate response was received\n"); } - if (resp.size != ocsp_subca3_unknown.size - || memcmp(resp.data, ocsp_subca3_unknown.data, - resp.size) != 0) { + if (resp.size != ocsp_subca3_unknown.size || + memcmp(resp.data, ocsp_subca3_unknown.data, resp.size) != + 0) { fail("did not receive the expected intermediate response\n"); } } @@ -88,9 +88,8 @@ static void check_response(gnutls_session_t session, void *priv) fail("did not receive the expected value (%d)\n", ret); } - ret = - gnutls_ocsp_status_request_is_checked(session, - GNUTLS_OCSP_SR_IS_AVAIL); + ret = gnutls_ocsp_status_request_is_checked(session, + GNUTLS_OCSP_SR_IS_AVAIL); if (ret == 0) { fail("did not receive the expected value (%d)\n", ret); } @@ -131,17 +130,14 @@ void doit(void) fp = fopen(certfile1, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (server_localhost_ca3_cert_chain_pem, 1, - strlen(server_localhost_ca3_cert_chain_pem), fp) > 0); - assert(fwrite - (server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), - fp) > 0); + assert(fwrite(server_localhost_ca3_cert_chain_pem, 1, + strlen(server_localhost_ca3_cert_chain_pem), fp) > 0); + assert(fwrite(server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), + fp) > 0); fclose(fp); - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile1, certfile1, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile1, certfile1, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); index1 = ret; @@ -151,21 +147,16 @@ void doit(void) fp = fopen(ocspfile1, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (ocsp_subca3_unknown_pem.data, 1, ocsp_subca3_unknown_pem.size, - fp) > 0); - assert(fwrite - (ocsp_ca3_localhost_unknown_pem.data, 1, - ocsp_ca3_localhost_unknown_pem.size, fp) > 0); - assert(fwrite - (ocsp_ca3_localhost6_unknown_pem.data, 1, - ocsp_ca3_localhost6_unknown_pem.size, fp) > 0); + assert(fwrite(ocsp_subca3_unknown_pem.data, 1, + ocsp_subca3_unknown_pem.size, fp) > 0); + assert(fwrite(ocsp_ca3_localhost_unknown_pem.data, 1, + ocsp_ca3_localhost_unknown_pem.size, fp) > 0); + assert(fwrite(ocsp_ca3_localhost6_unknown_pem.data, 1, + ocsp_ca3_localhost6_unknown_pem.size, fp) > 0); fclose(fp); - ret = - gnutls_certificate_set_ocsp_status_request_file2(xcred, ocspfile1, - index1, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_ocsp_status_request_file2( + xcred, ocspfile1, index1, GNUTLS_X509_FMT_PEM); if (ret != GNUTLS_E_OCSP_MISMATCH_WITH_CERTS) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); @@ -174,24 +165,19 @@ void doit(void) fp = fopen(ocspfile1, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (ocsp_subca3_unknown_pem.data, 1, ocsp_subca3_unknown_pem.size, - fp) > 0); - assert(fwrite - (ocsp_ca3_localhost_unknown_pem.data, 1, - ocsp_ca3_localhost_unknown_pem.size, fp) > 0); + assert(fwrite(ocsp_subca3_unknown_pem.data, 1, + ocsp_subca3_unknown_pem.size, fp) > 0); + assert(fwrite(ocsp_ca3_localhost_unknown_pem.data, 1, + ocsp_ca3_localhost_unknown_pem.size, fp) > 0); fclose(fp); - ret = - gnutls_certificate_set_ocsp_status_request_file2(xcred, ocspfile1, - index1, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_ocsp_status_request_file2( + xcred, ocspfile1, index1, GNUTLS_X509_FMT_PEM); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in setting trust cert: %s\n", gnutls_strerror(ret)); } diff --git a/tests/set_x509_ocsp_multi_unknown.c b/tests/set_x509_ocsp_multi_unknown.c index ddff1128aa..f29d472f74 100644 --- a/tests/set_x509_ocsp_multi_unknown.c +++ b/tests/set_x509_ocsp_multi_unknown.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -31,14 +31,14 @@ #ifdef ENABLE_OCSP -# include "cert-common.h" -# include "ocsp-common.h" -# include "utils.h" +#include "cert-common.h" +#include "ocsp-common.h" +#include "utils.h" /* Tests whether setting an OCSP response to a server with multiple * certificate sets, is working as expected */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = OCSP_RESP_DATE; if (t) @@ -64,8 +64,8 @@ static void check_response(gnutls_session_t session, void *priv) fail("not expected response, but received one\n"); } - if (resp.size != exp_resp->size - || memcmp(resp.data, exp_resp->data, resp.size) != 0) { + if (resp.size != exp_resp->size || + memcmp(resp.data, exp_resp->data, resp.size) != 0) { fail("did not receive the expected response\n"); } @@ -76,9 +76,9 @@ static void check_response(gnutls_session_t session, void *priv) fail("no intermediate response was received\n"); } - if (resp.size != ocsp_subca3_unknown.size - || memcmp(resp.data, ocsp_subca3_unknown.data, - resp.size) != 0) { + if (resp.size != ocsp_subca3_unknown.size || + memcmp(resp.data, ocsp_subca3_unknown.data, resp.size) != + 0) { fail("did not receive the expected intermediate response\n"); } } @@ -103,7 +103,7 @@ void doit(void) char certname2[TMPNAME_SIZE], ocspname2[TMPNAME_SIZE]; char ocspname3[TMPNAME_SIZE]; FILE *fp; - unsigned index1, index2; /* indexes of certs */ + unsigned index1, index2; /* indexes of certs */ global_init(); gnutls_global_set_time_function(mytime); @@ -123,17 +123,14 @@ void doit(void) fp = fopen(certfile1, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (server_localhost_ca3_cert_chain_pem, 1, - strlen(server_localhost_ca3_cert_chain_pem), fp) > 0); - assert(fwrite - (server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), - fp) > 0); + assert(fwrite(server_localhost_ca3_cert_chain_pem, 1, + strlen(server_localhost_ca3_cert_chain_pem), fp) > 0); + assert(fwrite(server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), + fp) > 0); fclose(fp); - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile1, certfile1, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile1, certfile1, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); index1 = ret; @@ -144,17 +141,14 @@ void doit(void) fp = fopen(certfile2, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (server_localhost6_ca3_cert_chain_pem, 1, - strlen(server_localhost6_ca3_cert_chain_pem), fp) > 0); - assert(fwrite - (server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), - fp) > 0); + assert(fwrite(server_localhost6_ca3_cert_chain_pem, 1, + strlen(server_localhost6_ca3_cert_chain_pem), fp) > 0); + assert(fwrite(server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), + fp) > 0); fclose(fp); - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile2, certfile2, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile2, certfile2, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); index2 = ret; @@ -164,14 +158,12 @@ void doit(void) fp = fopen(ocspfile1, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (ocsp_ca3_localhost_unknown.data, 1, - ocsp_ca3_localhost_unknown.size, fp) > 0); + assert(fwrite(ocsp_ca3_localhost_unknown.data, 1, + ocsp_ca3_localhost_unknown.size, fp) > 0); fclose(fp); - ret = - gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile1, - index1); + ret = gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile1, + index1); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); @@ -180,14 +172,12 @@ void doit(void) fp = fopen(ocspfile2, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (ocsp_ca3_localhost6_unknown.data, 1, - ocsp_ca3_localhost6_unknown.size, fp) > 0); + assert(fwrite(ocsp_ca3_localhost6_unknown.data, 1, + ocsp_ca3_localhost6_unknown.size, fp) > 0); fclose(fp); - ret = - gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile2, - index2); + ret = gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile2, + index2); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); @@ -196,29 +186,25 @@ void doit(void) fp = fopen(ocspfile3, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (ocsp_ca3_localhost_unknown_sha1.data, 1, - ocsp_ca3_localhost_unknown_sha1.size, fp) > 0); + assert(fwrite(ocsp_ca3_localhost_unknown_sha1.data, 1, + ocsp_ca3_localhost_unknown_sha1.size, fp) > 0); fclose(fp); - ret = - gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile3, - index1); + ret = gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile3, + index1); if (ret != 0) fail("setting duplicate didn't succeed as expected: %s\n", gnutls_strerror(ret)); - ret = - gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile3, - index2); + ret = gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile3, + index2); if (ret != GNUTLS_E_OCSP_MISMATCH_WITH_CERTS) fail("setting invalid didn't fail as expected: %s\n", gnutls_strerror(ret)); /* re-set the previous duplicate set for index1 to the expected */ - ret = - gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile1, - index1); + ret = gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile1, + index1); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); @@ -226,25 +212,22 @@ void doit(void) fp = fopen(ocspfile3, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite(ocsp_subca3_unknown.data, 1, ocsp_subca3_unknown.size, fp) - > 0); + assert(fwrite(ocsp_subca3_unknown.data, 1, ocsp_subca3_unknown.size, + fp) > 0); fclose(fp); - ret = - gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile3, - index1); + ret = gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile3, + index1); if (ret < 0) fail("setting subCA failed: %s\n", gnutls_strerror(ret)); - ret = - gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile3, - index2); + ret = gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile3, + index2); if (ret < 0) fail("setting subCA failed: %s\n", gnutls_strerror(ret)); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in setting trust cert: %s\n", gnutls_strerror(ret)); } diff --git a/tests/set_x509_pkcs12_key.c b/tests/set_x509_pkcs12_key.c index 69ca38ddf8..0461a0d325 100644 --- a/tests/set_x509_pkcs12_key.c +++ b/tests/set_x509_pkcs12_key.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,7 +33,7 @@ #include "cert-common.h" #include "utils.h" -static void compare(const gnutls_datum_t * der, const void *ipem) +static void compare(const gnutls_datum_t *der, const void *ipem) { gnutls_datum_t pem = { (void *)ipem, strlen((char *)ipem) }; gnutls_datum_t new_der; @@ -44,8 +44,8 @@ static void compare(const gnutls_datum_t * der, const void *ipem) fail("error: %s\n", gnutls_strerror(ret)); } - if (der->size != new_der.size - || memcmp(der->data, new_der.data, der->size) != 0) { + if (der->size != new_der.size || + memcmp(der->data, new_der.data, der->size) != 0) { fail("error in %d: %s\n", __LINE__, "cert don't match"); exit(1); } @@ -70,20 +70,19 @@ void doit(void) assert(gnutls_certificate_allocate_credentials(&xcred) >= 0); /* this will fail */ - ret = gnutls_certificate_set_x509_simple_pkcs12_file(xcred, certfile, - GNUTLS_X509_FMT_PEM, - "1234"); + ret = gnutls_certificate_set_x509_simple_pkcs12_file( + xcred, certfile, GNUTLS_X509_FMT_PEM, "1234"); if (ret != GNUTLS_E_FILE_ERROR) - fail("gnutls_certificate_set_x509_simple_pkcs12_file failed: %s\n", gnutls_strerror(ret)); + fail("gnutls_certificate_set_x509_simple_pkcs12_file failed: %s\n", + gnutls_strerror(ret)); gnutls_certificate_free_credentials(xcred); assert(gnutls_certificate_allocate_credentials(&clicred) >= 0); assert(gnutls_certificate_allocate_credentials(&xcred) >= 0); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); @@ -93,16 +92,15 @@ void doit(void) if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (server_ca3_pkcs12_pem, 1, strlen((char *)server_ca3_pkcs12_pem), - fp) > 0); + assert(fwrite(server_ca3_pkcs12_pem, 1, + strlen((char *)server_ca3_pkcs12_pem), fp) > 0); fclose(fp); - ret = gnutls_certificate_set_x509_simple_pkcs12_file(xcred, certfile, - GNUTLS_X509_FMT_PEM, - "1234"); + ret = gnutls_certificate_set_x509_simple_pkcs12_file( + xcred, certfile, GNUTLS_X509_FMT_PEM, "1234"); if (ret < 0) - fail("gnutls_certificate_set_x509_simple_pkcs12_file failed: %s\n", gnutls_strerror(ret)); + fail("gnutls_certificate_set_x509_simple_pkcs12_file failed: %s\n", + gnutls_strerror(ret)); /* verify whether the stored certificate match the ones we have */ ret = gnutls_certificate_get_crt_raw(xcred, 0, 0, &tcert); @@ -115,7 +113,8 @@ void doit(void) remove(certfile); - test_cli_serv(xcred, clicred, "NORMAL", "localhost", NULL, NULL, NULL); /* the DNS name of the first cert */ + test_cli_serv(xcred, clicred, "NORMAL", "localhost", NULL, NULL, + NULL); /* the DNS name of the first cert */ gnutls_certificate_free_credentials(xcred); gnutls_certificate_free_credentials(clicred); diff --git a/tests/setcredcrash.c b/tests/setcredcrash.c index 90a933f1ec..d88abd39d9 100644 --- a/tests/setcredcrash.c +++ b/tests/setcredcrash.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include diff --git a/tests/sign-is-secure.c b/tests/sign-is-secure.c index bb95ae55aa..924e51cdd5 100644 --- a/tests/sign-is-secure.c +++ b/tests/sign-is-secure.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -32,46 +32,46 @@ #include "utils.h" -#define CHECK_SECURE_SIG(sig) \ - ret = gnutls_sign_is_secure2(sig, 0); \ - if (ret == 0) { \ +#define CHECK_SECURE_SIG(sig) \ + ret = gnutls_sign_is_secure2(sig, 0); \ + if (ret == 0) { \ fail("error testing %d/%s\n", sig, gnutls_sign_get_name(sig)); \ - } \ - ret = gnutls_sign_is_secure(sig); \ - if (ret == 0) { \ + } \ + ret = gnutls_sign_is_secure(sig); \ + if (ret == 0) { \ fail("error testing %d/%s\n", sig, gnutls_sign_get_name(sig)); \ } -#define CHECK_INSECURE_SIG(sig) \ - ret = gnutls_sign_is_secure2(sig, 0); \ - if (ret != 0) { \ +#define CHECK_INSECURE_SIG(sig) \ + ret = gnutls_sign_is_secure2(sig, 0); \ + if (ret != 0) { \ fail("error testing %d/%s\n", sig, gnutls_sign_get_name(sig)); \ - } \ - ret = gnutls_sign_is_secure2(sig, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS); \ - if (ret != 0) { \ + } \ + ret = gnutls_sign_is_secure2(sig, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS); \ + if (ret != 0) { \ fail("error testing %d/%s\n", sig, gnutls_sign_get_name(sig)); \ - } \ - ret = gnutls_sign_is_secure(sig); \ - if (ret != 0) { \ + } \ + ret = gnutls_sign_is_secure(sig); \ + if (ret != 0) { \ fail("error testing %d/%s\n", sig, gnutls_sign_get_name(sig)); \ } #ifndef ALLOW_SHA1 -# define CHECK_INSECURE_FOR_CERTS_SIG(sig) \ - ret = gnutls_sign_is_secure2(sig, 0); \ - if (ret == 0) { \ +#define CHECK_INSECURE_FOR_CERTS_SIG(sig) \ + ret = gnutls_sign_is_secure2(sig, 0); \ + if (ret == 0) { \ fail("error testing %d/%s\n", sig, gnutls_sign_get_name(sig)); \ - } \ - ret = gnutls_sign_is_secure2(sig, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS); \ - if (ret != 0) { \ + } \ + ret = gnutls_sign_is_secure2(sig, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS); \ + if (ret != 0) { \ fail("error testing %d/%s\n", sig, gnutls_sign_get_name(sig)); \ - } \ - ret = gnutls_sign_is_secure(sig); \ - if (ret == 0) { \ + } \ + ret = gnutls_sign_is_secure(sig); \ + if (ret == 0) { \ fail("error testing %d/%s\n", sig, gnutls_sign_get_name(sig)); \ } #else -# define CHECK_INSECURE_FOR_CERTS_SIG(sig) +#define CHECK_INSECURE_FOR_CERTS_SIG(sig) #endif void doit(void) @@ -89,12 +89,12 @@ void doit(void) for (i = 1; i <= GNUTLS_SIGN_MAX; i++) { #ifndef ALLOW_SHA1 - if (i == GNUTLS_SIGN_RSA_SHA1 || i == GNUTLS_SIGN_DSA_SHA1 - || i == GNUTLS_SIGN_ECDSA_SHA1) + if (i == GNUTLS_SIGN_RSA_SHA1 || i == GNUTLS_SIGN_DSA_SHA1 || + i == GNUTLS_SIGN_ECDSA_SHA1) continue; #endif - if (i == GNUTLS_SIGN_GOST_94 || i == GNUTLS_SIGN_RSA_MD5 - || i == GNUTLS_SIGN_RSA_MD2 || i == GNUTLS_SIGN_UNKNOWN) + if (i == GNUTLS_SIGN_GOST_94 || i == GNUTLS_SIGN_RSA_MD5 || + i == GNUTLS_SIGN_RSA_MD2 || i == GNUTLS_SIGN_UNKNOWN) continue; /* skip any unused elements */ if (gnutls_sign_algorithm_get_name(i) == NULL) diff --git a/tests/sign-pk-api.c b/tests/sign-pk-api.c index bf8ad7b45f..89edca4c7c 100644 --- a/tests/sign-pk-api.c +++ b/tests/sign-pk-api.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -32,10 +32,11 @@ #include "utils.h" -#define ALGO_MATCHES(sig, pk, val) \ - ret = gnutls_sign_supports_pk_algorithm(sig, pk); \ - if (ret != val) { \ - fail("error testing %s with %s\n", gnutls_sign_get_name(sig), gnutls_pk_get_name(pk)); \ +#define ALGO_MATCHES(sig, pk, val) \ + ret = gnutls_sign_supports_pk_algorithm(sig, pk); \ + if (ret != val) { \ + fail("error testing %s with %s\n", gnutls_sign_get_name(sig), \ + gnutls_pk_get_name(pk)); \ } void doit(void) @@ -63,5 +64,4 @@ void doit(void) ALGO_MATCHES(GNUTLS_SIGN_RSA_SHA256, GNUTLS_PK_RSA_PSS, 0); ALGO_MATCHES(GNUTLS_SIGN_RSA_SHA384, GNUTLS_PK_RSA_PSS, 0); ALGO_MATCHES(GNUTLS_SIGN_RSA_SHA512, GNUTLS_PK_RSA_PSS, 0); - } diff --git a/tests/sign-verify-data-newapi.c b/tests/sign-verify-data-newapi.c index 2371fb3553..0a86e722d6 100644 --- a/tests/sign-verify-data-newapi.c +++ b/tests/sign-verify-data-newapi.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -29,9 +29,9 @@ #include #include #ifndef _WIN32 -# include -# include -# include +#include +#include +#include #endif #include #include @@ -50,22 +50,19 @@ static void tls_log_func(int level, const char *str) /* sha1 hash of "hello" string */ const gnutls_datum_t raw_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", 20 }; const gnutls_datum_t invalid_raw_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x3c\xd9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x3c\xd9\xae\xa9\x43\x4d", 20 }; #define tests common_key_tests -#define testfail(fmt, ...) \ - fail("%s: "fmt, tests[i].name, ##__VA_ARGS__) +#define testfail(fmt, ...) fail("%s: " fmt, tests[i].name, ##__VA_ARGS__) void doit(void) { @@ -98,10 +95,8 @@ void doit(void) if (ret < 0) testfail("gnutls_pubkey_init\n"); - ret = - gnutls_privkey_import_x509_raw(privkey, &tests[i].key, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_privkey_import_x509_raw( + privkey, &tests[i].key, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) testfail("gnutls_privkey_import_x509\n"); @@ -114,9 +109,8 @@ void doit(void) if (ret < 0) testfail("gnutls_x509_crt_init\n"); - ret = - gnutls_x509_crt_import(crt, &tests[i].cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt, &tests[i].cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) testfail("gnutls_x509_crt_import\n"); @@ -124,45 +118,40 @@ void doit(void) if (ret < 0) testfail("gnutls_x509_pubkey_import\n"); - ret = - gnutls_pubkey_verify_data2(pubkey, tests[i].sigalgo, 0, - &raw_data, &signature); + ret = gnutls_pubkey_verify_data2(pubkey, tests[i].sigalgo, 0, + &raw_data, &signature); if (ret < 0) testfail("gnutls_x509_pubkey_verify_data2\n"); /* Test functionality of GNUTLS_VERIFY_DISABLE_CA_SIGN flag (see issue #754) */ - ret = - gnutls_pubkey_verify_data2(pubkey, tests[i].sigalgo, - GNUTLS_VERIFY_DISABLE_CA_SIGN, - &raw_data, &signature); + ret = gnutls_pubkey_verify_data2(pubkey, tests[i].sigalgo, + GNUTLS_VERIFY_DISABLE_CA_SIGN, + &raw_data, &signature); if (ret < 0) testfail("gnutls_x509_pubkey_verify_data2\n"); /* should fail */ - ret = - gnutls_pubkey_verify_data2(pubkey, tests[i].sigalgo, 0, - &invalid_raw_data, &signature); + ret = gnutls_pubkey_verify_data2(pubkey, tests[i].sigalgo, 0, + &invalid_raw_data, &signature); if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) - testfail - ("gnutls_x509_pubkey_verify_data2-2 (hashed data)\n"); - - sign_algo = - gnutls_pk_to_sign(gnutls_pubkey_get_pk_algorithm - (pubkey, NULL), tests[i].digest); - ret = - gnutls_pubkey_verify_data2(pubkey, sign_algo, 0, - &raw_data, &signature); + testfail( + "gnutls_x509_pubkey_verify_data2-2 (hashed data)\n"); + + sign_algo = gnutls_pk_to_sign( + gnutls_pubkey_get_pk_algorithm(pubkey, NULL), + tests[i].digest); + ret = gnutls_pubkey_verify_data2(pubkey, sign_algo, 0, + &raw_data, &signature); if (ret < 0) - testfail - ("gnutls_x509_pubkey_verify_data2-1 (hashed data)\n"); + testfail( + "gnutls_x509_pubkey_verify_data2-1 (hashed data)\n"); /* should fail */ - ret = - gnutls_pubkey_verify_data2(pubkey, sign_algo, 0, - &invalid_raw_data, &signature); + ret = gnutls_pubkey_verify_data2(pubkey, sign_algo, 0, + &invalid_raw_data, &signature); if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) - testfail - ("gnutls_x509_pubkey_verify_data2-2 (hashed data)\n"); + testfail( + "gnutls_x509_pubkey_verify_data2-2 (hashed data)\n"); /* test the raw interface */ gnutls_free(signature.data); diff --git a/tests/sign-verify-data.c b/tests/sign-verify-data.c index f358a38110..7422baca87 100644 --- a/tests/sign-verify-data.c +++ b/tests/sign-verify-data.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -28,9 +28,9 @@ #include #include #ifndef _WIN32 -# include -# include -# include +#include +#include +#include #endif #include #include @@ -49,22 +49,19 @@ static void tls_log_func(int level, const char *str) /* sha1 hash of "hello" string */ const gnutls_datum_t raw_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", 20 }; const gnutls_datum_t invalid_raw_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x3c\xd9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x3c\xd9\xae\xa9\x43\x4d", 20 }; #define tests common_key_tests -#define testfail(fmt, ...) \ - fail("%s: "fmt, tests[i].name, ##__VA_ARGS__) +#define testfail(fmt, ...) fail("%s: " fmt, tests[i].name, ##__VA_ARGS__) void doit(void) { @@ -97,17 +94,14 @@ void doit(void) if (ret < 0) testfail("gnutls_pubkey_init\n"); - ret = - gnutls_privkey_import_x509_raw(privkey, &tests[i].key, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_privkey_import_x509_raw( + privkey, &tests[i].key, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) testfail("gnutls_privkey_import_x509\n"); - ret = - gnutls_privkey_sign_data(privkey, tests[i].digest, - tests[i].sign_flags, &raw_data, - &signature); + ret = gnutls_privkey_sign_data(privkey, tests[i].digest, + tests[i].sign_flags, &raw_data, + &signature); if (ret < 0) testfail("gnutls_x509_privkey_sign_hash\n"); @@ -115,9 +109,8 @@ void doit(void) if (ret < 0) testfail("gnutls_x509_crt_init\n"); - ret = - gnutls_x509_crt_import(crt, &tests[i].cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt, &tests[i].cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) testfail("gnutls_x509_crt_import\n"); @@ -125,37 +118,33 @@ void doit(void) if (ret < 0) testfail("gnutls_x509_pubkey_import\n"); - ret = - gnutls_pubkey_verify_data2(pubkey, tests[i].sigalgo, 0, - &raw_data, &signature); + ret = gnutls_pubkey_verify_data2(pubkey, tests[i].sigalgo, 0, + &raw_data, &signature); if (ret < 0) testfail("gnutls_x509_pubkey_verify_data2\n"); /* should fail */ - ret = - gnutls_pubkey_verify_data2(pubkey, tests[i].sigalgo, 0, - &invalid_raw_data, &signature); + ret = gnutls_pubkey_verify_data2(pubkey, tests[i].sigalgo, 0, + &invalid_raw_data, &signature); if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) - testfail - ("gnutls_x509_pubkey_verify_data2-2 (hashed data)\n"); - - sign_algo = - gnutls_pk_to_sign(gnutls_pubkey_get_pk_algorithm - (pubkey, NULL), tests[i].digest); - ret = - gnutls_pubkey_verify_data2(pubkey, sign_algo, 0, - &raw_data, &signature); + testfail( + "gnutls_x509_pubkey_verify_data2-2 (hashed data)\n"); + + sign_algo = gnutls_pk_to_sign( + gnutls_pubkey_get_pk_algorithm(pubkey, NULL), + tests[i].digest); + ret = gnutls_pubkey_verify_data2(pubkey, sign_algo, 0, + &raw_data, &signature); if (ret < 0) - testfail - ("gnutls_x509_pubkey_verify_data2-1 (hashed data)\n"); + testfail( + "gnutls_x509_pubkey_verify_data2-1 (hashed data)\n"); /* should fail */ - ret = - gnutls_pubkey_verify_data2(pubkey, sign_algo, 0, - &invalid_raw_data, &signature); + ret = gnutls_pubkey_verify_data2(pubkey, sign_algo, 0, + &invalid_raw_data, &signature); if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) - testfail - ("gnutls_x509_pubkey_verify_data2-2 (hashed data)\n"); + testfail( + "gnutls_x509_pubkey_verify_data2-2 (hashed data)\n"); /* test the raw interface */ gnutls_free(signature.data); diff --git a/tests/sign-verify-deterministic.c b/tests/sign-verify-deterministic.c index fa30ab2315..a41a04a921 100644 --- a/tests/sign-verify-deterministic.c +++ b/tests/sign-verify-deterministic.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -28,9 +28,9 @@ #include #include #ifndef _WIN32 -# include -# include -# include +#include +#include +#include #endif #include #include @@ -59,91 +59,82 @@ struct _key_tests_st { /* Test vectors from RFC 6979 */ static const char dsa_privkey_rfc6979[] = - "-----BEGIN DSA PRIVATE KEY-----\n" - "MIIBugIBAAKBgQCG9coD3P6yJQY/+DCgx2m53Z1hU62R184n94fEMni0R+ZTO4ax\n" - "i+1uiki3hKFMJSxb4Nv2C4bWOFvS8S+3Y+2Ic6v9P1ui4KjApZCC6sBWk15Sna98\n" - "YQRniZx3re38hGyIGHC3sZsrWPm+BSGhcALjvda4ZoXukLPZobAreCsXeQIVAJlv\n" - "ln9sjjiNnijQHiBfupV6VpixAoGAB7D5JUYVC2JRS7dx4qDAzjh/A72mxWtQUgn/\n" - "Jf08Ez2Ju82X6QTgkRTZp9796t/JB46lRNLkAa7sxAu5+794/YeZWhChwny3eJtZ\n" - "S6fvtcQyap/lmgcOE223cXVGStykF75dzi9A0QpGo6OUPyarf9nAOY/4x27gpWgm\n" - "qKiPHb0CgYBd9eAd7THQKX4nThaRwZL+WGj++eGahHdkVLEAzxb2U5IZWji5BSPi\n" - "VC7mGHHARAy4fDIvxLTS7F4efsdm4b6NTOk1Q33BHDyP1CYziTPr/nOcs0ZfTTZo\n" - "xeRzUIJTseaC9ly9xPrpPC6iEjkOVJBahuIiMXC0Tqp9pd2f/Pt/OwIUQRYCyxmm\n" - "zMNElNedmO8eftWvJfc=\n" "-----END DSA PRIVATE KEY-----\n"; + "-----BEGIN DSA PRIVATE KEY-----\n" + "MIIBugIBAAKBgQCG9coD3P6yJQY/+DCgx2m53Z1hU62R184n94fEMni0R+ZTO4ax\n" + "i+1uiki3hKFMJSxb4Nv2C4bWOFvS8S+3Y+2Ic6v9P1ui4KjApZCC6sBWk15Sna98\n" + "YQRniZx3re38hGyIGHC3sZsrWPm+BSGhcALjvda4ZoXukLPZobAreCsXeQIVAJlv\n" + "ln9sjjiNnijQHiBfupV6VpixAoGAB7D5JUYVC2JRS7dx4qDAzjh/A72mxWtQUgn/\n" + "Jf08Ez2Ju82X6QTgkRTZp9796t/JB46lRNLkAa7sxAu5+794/YeZWhChwny3eJtZ\n" + "S6fvtcQyap/lmgcOE223cXVGStykF75dzi9A0QpGo6OUPyarf9nAOY/4x27gpWgm\n" + "qKiPHb0CgYBd9eAd7THQKX4nThaRwZL+WGj++eGahHdkVLEAzxb2U5IZWji5BSPi\n" + "VC7mGHHARAy4fDIvxLTS7F4efsdm4b6NTOk1Q33BHDyP1CYziTPr/nOcs0ZfTTZo\n" + "xeRzUIJTseaC9ly9xPrpPC6iEjkOVJBahuIiMXC0Tqp9pd2f/Pt/OwIUQRYCyxmm\n" + "zMNElNedmO8eftWvJfc=\n" + "-----END DSA PRIVATE KEY-----\n"; static const char ecdsa_secp256r1_privkey_rfc6979[] = - "-----BEGIN EC PRIVATE KEY-----\n" - "MHgCAQEEIQDJr6nYRbp1FmtcIVdnsdaTTlDD2zbomxJ7imIrEg9nIaAKBggqhkjO\n" - "PQMBB6FEA0IABGD+1LolWp0xyWHrdMY1bWjASbiSO2H6bOZpYi5g8p+2eQP+EAi4\n" - "vJmkGunpVii8ZPLxsgwtfp9Rd6PClNRGIpk=\n" "-----END EC PRIVATE KEY-----\n"; + "-----BEGIN EC PRIVATE KEY-----\n" + "MHgCAQEEIQDJr6nYRbp1FmtcIVdnsdaTTlDD2zbomxJ7imIrEg9nIaAKBggqhkjO\n" + "PQMBB6FEA0IABGD+1LolWp0xyWHrdMY1bWjASbiSO2H6bOZpYi5g8p+2eQP+EAi4\n" + "vJmkGunpVii8ZPLxsgwtfp9Rd6PClNRGIpk=\n" + "-----END EC PRIVATE KEY-----\n"; static const char sample[] = "sample"; -static const -struct _key_tests_st tests[] = { - { - .name = "dsa key", - .key = {(void *)dsa_privkey_rfc6979, sizeof(dsa_privkey_rfc6979) - 1}, - .msg = {(void *)sample, sizeof(sample) - 1}, - .sig = {(void *) - "\x30\x2d\x02\x15\x00\x81\xf2\xf5\x85\x0b\xe5\xbc\x12\x3c\x43\xf7\x1a\x30\x33\xe9\x38\x46\x11\xc5\x45\x02\x14\x4c\xdd\x91\x4b\x65\xeb\x6c\x66\xa8\xaa\xad\x27\x29\x9b\xee\x6b\x03\x5f\x5e\x89", - 47}, - .pk = GNUTLS_PK_DSA, - .digest = GNUTLS_DIG_SHA256, - .sigalgo = GNUTLS_SIGN_DSA_SHA256, - .sign_flags = GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE}, - { - .name = "ecdsa key", - .key = {(void *)ecdsa_secp256r1_privkey_rfc6979, - sizeof(ecdsa_secp256r1_privkey_rfc6979) - 1}, - .msg = {(void *)sample, sizeof(sample) - 1}, - .sig = {(void *) - "\x30\x46\x02\x21\x00\xef\xd4\x8b\x2a\xac\xb6\xa8\xfd\x11\x40\xdd\x9c\xd4\x5e\x81\xd6\x9d\x2c\x87\x7b\x56\xaa\xf9\x91\xc3\x4d\x0e\xa8\x4e\xaf\x37\x16\x02\x21\x00\xf7\xcb\x1c\x94\x2d\x65\x7c\x41\xd4\x36\xc7\xa1\xb6\xe2\x9f\x65\xf3\xe9\x00\xdb\xb9\xaf\xf4\x06\x4d\xc4\xab\x2f\x84\x3a\xcd\xa8", - 72}, - .pk = GNUTLS_PK_ECDSA, - .digest = GNUTLS_DIG_SHA256, - .sigalgo = GNUTLS_SIGN_ECDSA_SECP256R1_SHA256, - .sign_flags = GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE}, - { - .name = "ecdsa key", - .key = {(void *)ecdsa_secp256r1_privkey_rfc6979, - sizeof(ecdsa_secp256r1_privkey_rfc6979) - 1}, - .msg = {(void *)sample, sizeof(sample) - 1}, - .sig = {(void *) - "\x30\x46\x02\x21\x00\xef\xd4\x8b\x2a\xac\xb6\xa8\xfd\x11\x40\xdd\x9c\xd4\x5e\x81\xd6\x9d\x2c\x87\x7b\x56\xaa\xf9\x91\xc3\x4d\x0e\xa8\x4e\xaf\x37\x16\x02\x21\x00\xf7\xcb\x1c\x94\x2d\x65\x7c\x41\xd4\x36\xc7\xa1\xb6\xe2\x9f\x65\xf3\xe9\x00\xdb\xb9\xaf\xf4\x06\x4d\xc4\xab\x2f\x84\x3a\xcd\xa8", - 72}, - .pk = GNUTLS_PK_ECDSA, - .digest = GNUTLS_DIG_SHA256, - .sigalgo = GNUTLS_SIGN_ECDSA_SHA256, - .sign_flags = GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE}, - { - .name = "ecdsa key (q bits < h bits)", - .key = {(void *)ecdsa_secp256r1_privkey_rfc6979, - sizeof(ecdsa_secp256r1_privkey_rfc6979) - 1}, - .msg = {(void *)sample, sizeof(sample) - 1}, - .sig = {(void *) - "\x30\x44\x02\x20\x0e\xaf\xea\x03\x9b\x20\xe9\xb4\x23\x09\xfb\x1d\x89\xe2\x13\x05\x7c\xbf\x97\x3d\xc0\xcf\xc8\xf1\x29\xed\xdd\xc8\x00\xef\x77\x19\x02\x20\x48\x61\xf0\x49\x1e\x69\x98\xb9\x45\x51\x93\xe3\x4e\x7b\x0d\x28\x4d\xdd\x71\x49\xa7\x4b\x95\xb9\x26\x1f\x13\xab\xde\x94\x09\x54", - 70}, - .pk = GNUTLS_PK_ECDSA, - .digest = GNUTLS_DIG_SHA384, - .sigalgo = GNUTLS_SIGN_ECDSA_SHA384, - .sign_flags = GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE}, - { - .name = "ecdsa key (q bits > h bits)", - .key = {(void *)ecdsa_secp256r1_privkey_rfc6979, - sizeof(ecdsa_secp256r1_privkey_rfc6979) - 1}, - .msg = {(void *)sample, sizeof(sample) - 1}, - .sig = {(void *) - "\x30\x45\x02\x20\x53\xb2\xff\xf5\xd1\x75\x2b\x2c\x68\x9d\xf2\x57\xc0\x4c\x40\xa5\x87\xfa\xba\xbb\x3f\x6f\xc2\x70\x2f\x13\x43\xaf\x7c\xa9\xaa\x3f\x02\x21\x00\xb9\xaf\xb6\x4f\xdc\x03\xdc\x1a\x13\x1c\x7d\x23\x86\xd1\x1e\x34\x9f\x07\x0a\xa4\x32\xa4\xac\xc9\x18\xbe\xa9\x88\xbf\x75\xc7\x4c", - 71}, - .pk = GNUTLS_PK_ECDSA, - .digest = GNUTLS_DIG_SHA224, - .sigalgo = GNUTLS_SIGN_ECDSA_SHA224, - .sign_flags = GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE} +static const struct _key_tests_st tests[] = { + { .name = "dsa key", + .key = { (void *)dsa_privkey_rfc6979, + sizeof(dsa_privkey_rfc6979) - 1 }, + .msg = { (void *)sample, sizeof(sample) - 1 }, + .sig = { (void *)"\x30\x2d\x02\x15\x00\x81\xf2\xf5\x85\x0b\xe5\xbc\x12\x3c\x43\xf7\x1a\x30\x33\xe9\x38\x46\x11\xc5\x45\x02\x14\x4c\xdd\x91\x4b\x65\xeb\x6c\x66\xa8\xaa\xad\x27\x29\x9b\xee\x6b\x03\x5f\x5e\x89", + 47 }, + .pk = GNUTLS_PK_DSA, + .digest = GNUTLS_DIG_SHA256, + .sigalgo = GNUTLS_SIGN_DSA_SHA256, + .sign_flags = GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE }, + { .name = "ecdsa key", + .key = { (void *)ecdsa_secp256r1_privkey_rfc6979, + sizeof(ecdsa_secp256r1_privkey_rfc6979) - 1 }, + .msg = { (void *)sample, sizeof(sample) - 1 }, + .sig = { (void *)"\x30\x46\x02\x21\x00\xef\xd4\x8b\x2a\xac\xb6\xa8\xfd\x11\x40\xdd\x9c\xd4\x5e\x81\xd6\x9d\x2c\x87\x7b\x56\xaa\xf9\x91\xc3\x4d\x0e\xa8\x4e\xaf\x37\x16\x02\x21\x00\xf7\xcb\x1c\x94\x2d\x65\x7c\x41\xd4\x36\xc7\xa1\xb6\xe2\x9f\x65\xf3\xe9\x00\xdb\xb9\xaf\xf4\x06\x4d\xc4\xab\x2f\x84\x3a\xcd\xa8", + 72 }, + .pk = GNUTLS_PK_ECDSA, + .digest = GNUTLS_DIG_SHA256, + .sigalgo = GNUTLS_SIGN_ECDSA_SECP256R1_SHA256, + .sign_flags = GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE }, + { .name = "ecdsa key", + .key = { (void *)ecdsa_secp256r1_privkey_rfc6979, + sizeof(ecdsa_secp256r1_privkey_rfc6979) - 1 }, + .msg = { (void *)sample, sizeof(sample) - 1 }, + .sig = { (void *)"\x30\x46\x02\x21\x00\xef\xd4\x8b\x2a\xac\xb6\xa8\xfd\x11\x40\xdd\x9c\xd4\x5e\x81\xd6\x9d\x2c\x87\x7b\x56\xaa\xf9\x91\xc3\x4d\x0e\xa8\x4e\xaf\x37\x16\x02\x21\x00\xf7\xcb\x1c\x94\x2d\x65\x7c\x41\xd4\x36\xc7\xa1\xb6\xe2\x9f\x65\xf3\xe9\x00\xdb\xb9\xaf\xf4\x06\x4d\xc4\xab\x2f\x84\x3a\xcd\xa8", + 72 }, + .pk = GNUTLS_PK_ECDSA, + .digest = GNUTLS_DIG_SHA256, + .sigalgo = GNUTLS_SIGN_ECDSA_SHA256, + .sign_flags = GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE }, + { .name = "ecdsa key (q bits < h bits)", + .key = { (void *)ecdsa_secp256r1_privkey_rfc6979, + sizeof(ecdsa_secp256r1_privkey_rfc6979) - 1 }, + .msg = { (void *)sample, sizeof(sample) - 1 }, + .sig = { (void *)"\x30\x44\x02\x20\x0e\xaf\xea\x03\x9b\x20\xe9\xb4\x23\x09\xfb\x1d\x89\xe2\x13\x05\x7c\xbf\x97\x3d\xc0\xcf\xc8\xf1\x29\xed\xdd\xc8\x00\xef\x77\x19\x02\x20\x48\x61\xf0\x49\x1e\x69\x98\xb9\x45\x51\x93\xe3\x4e\x7b\x0d\x28\x4d\xdd\x71\x49\xa7\x4b\x95\xb9\x26\x1f\x13\xab\xde\x94\x09\x54", + 70 }, + .pk = GNUTLS_PK_ECDSA, + .digest = GNUTLS_DIG_SHA384, + .sigalgo = GNUTLS_SIGN_ECDSA_SHA384, + .sign_flags = GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE }, + { .name = "ecdsa key (q bits > h bits)", + .key = { (void *)ecdsa_secp256r1_privkey_rfc6979, + sizeof(ecdsa_secp256r1_privkey_rfc6979) - 1 }, + .msg = { (void *)sample, sizeof(sample) - 1 }, + .sig = { (void *)"\x30\x45\x02\x20\x53\xb2\xff\xf5\xd1\x75\x2b\x2c\x68\x9d\xf2\x57\xc0\x4c\x40\xa5\x87\xfa\xba\xbb\x3f\x6f\xc2\x70\x2f\x13\x43\xaf\x7c\xa9\xaa\x3f\x02\x21\x00\xb9\xaf\xb6\x4f\xdc\x03\xdc\x1a\x13\x1c\x7d\x23\x86\xd1\x1e\x34\x9f\x07\x0a\xa4\x32\xa4\xac\xc9\x18\xbe\xa9\x88\xbf\x75\xc7\x4c", + 71 }, + .pk = GNUTLS_PK_ECDSA, + .digest = GNUTLS_DIG_SHA224, + .sigalgo = GNUTLS_SIGN_ECDSA_SHA224, + .sign_flags = GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE } }; -#define testfail(fmt, ...) \ - fail("%s: "fmt, tests[i].name, ##__VA_ARGS__) +#define testfail(fmt, ...) fail("%s: " fmt, tests[i].name, ##__VA_ARGS__) void doit(void) { @@ -174,22 +165,19 @@ void doit(void) signature.data = NULL; signature.size = 0; - ret = - gnutls_privkey_import_x509_raw(privkey, &tests[i].key, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_privkey_import_x509_raw( + privkey, &tests[i].key, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) testfail("gnutls_privkey_import_x509_raw\n"); - ret = - gnutls_privkey_sign_data(privkey, tests[i].digest, - tests[i].sign_flags, &tests[i].msg, - &signature); + ret = gnutls_privkey_sign_data(privkey, tests[i].digest, + tests[i].sign_flags, + &tests[i].msg, &signature); if (gnutls_fips140_mode_enabled()) { /* deterministic ECDSA/DSA is prohibited under FIPS */ if (ret != GNUTLS_E_INVALID_REQUEST) - testfail - ("gnutls_privkey_sign_data unexpectedly succeeds\n"); + testfail( + "gnutls_privkey_sign_data unexpectedly succeeds\n"); success(" - skipping\n"); goto next; } else { @@ -198,22 +186,21 @@ void doit(void) } if (signature.size != tests[i].sig.size || - memcmp(signature.data, tests[i].sig.data, - signature.size) != 0) + memcmp(signature.data, tests[i].sig.data, signature.size) != + 0) testfail("signature does not match"); ret = gnutls_pubkey_import_privkey(pubkey, privkey, 0, 0); if (ret < 0) testfail("gnutls_pubkey_import_privkey\n"); - ret = - gnutls_pubkey_verify_data2(pubkey, tests[i].sigalgo, 0, - &tests[i].msg, &signature); + ret = gnutls_pubkey_verify_data2(pubkey, tests[i].sigalgo, 0, + &tests[i].msg, &signature); if (ret < 0) testfail("gnutls_pubkey_verify_data2\n"); success(" - pass"); - next: + next: gnutls_free(signature.data); gnutls_privkey_deinit(privkey); gnutls_pubkey_deinit(pubkey); diff --git a/tests/sign-verify-ed25519-rfc8080.c b/tests/sign-verify-ed25519-rfc8080.c index 343af225c2..98ee231cd7 100644 --- a/tests/sign-verify-ed25519-rfc8080.c +++ b/tests/sign-verify-ed25519-rfc8080.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -28,9 +28,9 @@ #include #include #ifndef _WIN32 -# include -# include -# include +#include +#include +#include #endif #include #include @@ -48,25 +48,23 @@ static void tls_log_func(int level, const char *str) /* Values from RFC8080 */ static unsigned char ed25519_x[] = - "\x97\x4d\x96\xa2\x2d\x22\x4b\xc0\x1a\xdb\x91\x50\x91\x47\x7d\x44\xcc\xd9\x1c\x9a\x41\xa1\x14\x30\x01\x01\x17\xd5\x2c\x59\x24\x0e"; + "\x97\x4d\x96\xa2\x2d\x22\x4b\xc0\x1a\xdb\x91\x50\x91\x47\x7d\x44\xcc\xd9\x1c\x9a\x41\xa1\x14\x30\x01\x01\x17\xd5\x2c\x59\x24\x0e"; static unsigned char ed25519_k[] = - "\x38\x32\x32\x36\x30\x33\x38\x34\x36\x32\x38\x30\x38\x30\x31\x32\x32\x36\x34\x35\x31\x39\x30\x32\x30\x34\x31\x34\x32\x32\x36\x32"; + "\x38\x32\x32\x36\x30\x33\x38\x34\x36\x32\x38\x30\x38\x30\x31\x32\x32\x36\x34\x35\x31\x39\x30\x32\x30\x34\x31\x34\x32\x32\x36\x32"; static gnutls_datum_t _ed25519_x = { ed25519_x, sizeof(ed25519_x) - 1 }; static gnutls_datum_t _ed25519_k = { ed25519_k, sizeof(ed25519_k) - 1 }; /* sha1 hash of "hello" string */ const gnutls_datum_t raw_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", 20 }; const gnutls_datum_t invalid_raw_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x3c\xd9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x3c\xd9\xae\xa9\x43\x4d", 20 }; @@ -87,9 +85,8 @@ void doit(void) if (ret < 0) fail("error\n"); - ret = - gnutls_privkey_import_ecc_raw(key, GNUTLS_ECC_CURVE_ED25519, - &_ed25519_x, NULL, &_ed25519_k); + ret = gnutls_privkey_import_ecc_raw(key, GNUTLS_ECC_CURVE_ED25519, + &_ed25519_x, NULL, &_ed25519_k); if (ret < 0) fail("error\n"); @@ -97,8 +94,8 @@ void doit(void) if (ret != 0) fail("error: %s\n", gnutls_strerror(ret)); - ret = gnutls_privkey_sign_data(key, GNUTLS_DIG_SHA512, 0, - &raw_data, &signature); + ret = gnutls_privkey_sign_data(key, GNUTLS_DIG_SHA512, 0, &raw_data, + &signature); if (ret < 0) fail("gnutls_x509_privkey_sign_hash\n"); @@ -111,9 +108,8 @@ void doit(void) if (ret < 0) fail("gnutls_x509_pubkey_import\n"); - ret = - gnutls_pubkey_verify_data2(pubkey, GNUTLS_SIGN_EDDSA_ED25519, 0, - &raw_data, &signature); + ret = gnutls_pubkey_verify_data2(pubkey, GNUTLS_SIGN_EDDSA_ED25519, 0, + &raw_data, &signature); if (ret < 0) fail("gnutls_x509_pubkey_verify_data2\n"); @@ -124,15 +120,13 @@ void doit(void) if (ret < 0) fail("gnutls_privkey_init\n"); - ret = - gnutls_pubkey_import_ecc_raw(pubkey, GNUTLS_ECC_CURVE_ED25519, - &_ed25519_x, NULL); + ret = gnutls_pubkey_import_ecc_raw(pubkey, GNUTLS_ECC_CURVE_ED25519, + &_ed25519_x, NULL); if (ret < 0) fail("gnutls_x509_pubkey_import_ecc_raw\n"); - ret = - gnutls_pubkey_verify_data2(pubkey, GNUTLS_SIGN_EDDSA_ED25519, 0, - &raw_data, &signature); + ret = gnutls_pubkey_verify_data2(pubkey, GNUTLS_SIGN_EDDSA_ED25519, 0, + &raw_data, &signature); if (ret < 0) fail("gnutls_x509_pubkey_verify_data2\n"); diff --git a/tests/sign-verify-ext.c b/tests/sign-verify-ext.c index 73ef50d8a6..6ae40ace1e 100644 --- a/tests/sign-verify-ext.c +++ b/tests/sign-verify-ext.c @@ -22,7 +22,7 @@ /* This tests the gnutls_privkey_import_ext2() APIs */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,9 +30,9 @@ #include #include #ifndef _WIN32 -# include -# include -# include +#include +#include +#include #endif #include #include @@ -48,37 +48,31 @@ static void tls_log_func(int level, const char *str) /* sha1 hash of "hello" string */ const gnutls_datum_t sha1_hash_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", 20 }; const gnutls_datum_t sha256_hash_data = { - (void *) - "\x2c\xf2\x4d\xba\x5f\xb0\xa3\x0e\x26\xe8\x3b\x2a\xc5\xb9\xe2\x9e" - "\x1b\x16\x1e\x5c\x1f\xa7\x42\x5e\x73\x04\x33\x62\x93\x8b\x98\x24", + (void *)"\x2c\xf2\x4d\xba\x5f\xb0\xa3\x0e\x26\xe8\x3b\x2a\xc5\xb9\xe2\x9e" + "\x1b\x16\x1e\x5c\x1f\xa7\x42\x5e\x73\x04\x33\x62\x93\x8b\x98\x24", 32 }; -const gnutls_datum_t raw_data = { - (void *)"hello", - 5 -}; +const gnutls_datum_t raw_data = { (void *)"hello", 5 }; struct key_cb_data { - gnutls_privkey_t rkey; /* the real thing */ + gnutls_privkey_t rkey; /* the real thing */ }; -static -int key_cb_sign_func(gnutls_privkey_t key, void *userdata, - const gnutls_datum_t * data, gnutls_datum_t * signature) +static int key_cb_sign_func(gnutls_privkey_t key, void *userdata, + const gnutls_datum_t *data, + gnutls_datum_t *signature) { struct key_cb_data *p = userdata; - return gnutls_privkey_sign_hash(p->rkey, 0, - GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, data, - signature); + return gnutls_privkey_sign_hash( + p->rkey, 0, GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, data, signature); } static void key_cb_deinit_func(gnutls_privkey_t key, void *userdata) @@ -88,7 +82,7 @@ static void key_cb_deinit_func(gnutls_privkey_t key, void *userdata) free(userdata); } -static gnutls_privkey_t load_virt_privkey(const gnutls_datum_t * txtkey, +static gnutls_privkey_t load_virt_privkey(const gnutls_datum_t *txtkey, gnutls_pk_algorithm_t pk) { gnutls_privkey_t privkey; @@ -108,16 +102,15 @@ static gnutls_privkey_t load_virt_privkey(const gnutls_datum_t * txtkey, if (ret < 0) fail("gnutls_privkey_init\n"); - ret = - gnutls_privkey_import_x509_raw(userdata->rkey, txtkey, - GNUTLS_X509_FMT_PEM, NULL, 0); + ret = gnutls_privkey_import_x509_raw(userdata->rkey, txtkey, + GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("gnutls_privkey_import\n"); - ret = - gnutls_privkey_import_ext2(privkey, pk, userdata, key_cb_sign_func, - NULL, key_cb_deinit_func, - GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE); + ret = gnutls_privkey_import_ext2(privkey, pk, userdata, + key_cb_sign_func, NULL, + key_cb_deinit_func, + GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE); if (ret < 0) fail("gnutls_privkey_import_ext2\n"); @@ -125,8 +118,7 @@ static gnutls_privkey_t load_virt_privkey(const gnutls_datum_t * txtkey, } #define tests common_key_tests -#define testfail(fmt, ...) \ - fail("%s: "fmt, tests[i].name, ##__VA_ARGS__) +#define testfail(fmt, ...) fail("%s: " fmt, tests[i].name, ##__VA_ARGS__) void doit(void) { @@ -146,8 +138,8 @@ void doit(void) gnutls_global_set_log_level(6); for (i = 0; i < sizeof(tests) / sizeof(tests[0]); i++) { - if (tests[i].pk == GNUTLS_PK_RSA_PSS - || tests[i].pk == GNUTLS_PK_EDDSA_ED25519) + if (tests[i].pk == GNUTLS_PK_RSA_PSS || + tests[i].pk == GNUTLS_PK_EDDSA_ED25519) continue; success("testing: %s - %s\n", tests[i].name, @@ -165,40 +157,37 @@ void doit(void) if (ret < 0) testfail("gnutls_privkey_init\n"); - ret = - gnutls_privkey_sign_hash(privkey, tests[i].digest, - tests[i].sign_flags, hash_data, - &signature2); + ret = gnutls_privkey_sign_hash(privkey, tests[i].digest, + tests[i].sign_flags, hash_data, + &signature2); if (ret < 0) testfail("gnutls_privkey_sign_hash\n"); - ret = - gnutls_privkey_sign_data(privkey, tests[i].digest, - tests[i].sign_flags, &raw_data, - &signature); + ret = gnutls_privkey_sign_data(privkey, tests[i].digest, + tests[i].sign_flags, &raw_data, + &signature); if (ret < 0) testfail("gnutls_x509_privkey_sign_hash\n"); - ret = - gnutls_pubkey_import_x509_raw(pubkey, &tests[i].cert, - GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_pubkey_import_x509_raw(pubkey, &tests[i].cert, + GNUTLS_X509_FMT_PEM, 0); if (ret < 0) testfail("gnutls_x509_pubkey_import\n"); - ret = - gnutls_pubkey_verify_hash2(pubkey, tests[i].sigalgo, - GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, - hash_data, &signature); + ret = gnutls_pubkey_verify_hash2( + pubkey, tests[i].sigalgo, + GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, hash_data, + &signature); if (ret < 0) testfail("gnutls_pubkey_verify_hash2\n"); - ret = - gnutls_pubkey_verify_hash2(pubkey, tests[i].sigalgo, - GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, - hash_data, &signature2); + ret = gnutls_pubkey_verify_hash2( + pubkey, tests[i].sigalgo, + GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, hash_data, + &signature2); if (ret < 0) - testfail - ("gnutls_pubkey_verify_hash2-1 (hashed data)\n"); + testfail( + "gnutls_pubkey_verify_hash2-1 (hashed data)\n"); /* test the raw interface */ gnutls_free(signature.data); @@ -206,45 +195,41 @@ void doit(void) if (gnutls_pubkey_get_pk_algorithm(pubkey, NULL) == GNUTLS_PK_RSA) { - - ret = - gnutls_privkey_sign_hash(privkey, - tests[i].digest, - GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, - hash_data, &signature); + ret = gnutls_privkey_sign_hash( + privkey, tests[i].digest, + GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, hash_data, + &signature); if (ret < 0) testfail("gnutls_privkey_sign_hash: %s\n", gnutls_strerror(ret)); - sign_algo = - gnutls_pk_to_sign - (gnutls_pubkey_get_pk_algorithm(pubkey, NULL), - tests[i].digest); + sign_algo = gnutls_pk_to_sign( + gnutls_pubkey_get_pk_algorithm(pubkey, NULL), + tests[i].digest); - ret = - gnutls_pubkey_verify_hash2(pubkey, sign_algo, - GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, - hash_data, &signature); + ret = gnutls_pubkey_verify_hash2( + pubkey, sign_algo, + GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, hash_data, + &signature); if (ret < 0) - testfail - ("gnutls_pubkey_verify_hash-3 (raw hashed data)\n"); + testfail( + "gnutls_pubkey_verify_hash-3 (raw hashed data)\n"); gnutls_free(signature.data); /* test the legacy API */ - ret = - gnutls_privkey_sign_raw_data(privkey, 0, - hash_data, &signature); + ret = gnutls_privkey_sign_raw_data( + privkey, 0, hash_data, &signature); if (ret < 0) testfail("gnutls_privkey_sign_raw_data: %s\n", gnutls_strerror(ret)); - ret = - gnutls_pubkey_verify_hash2(pubkey, sign_algo, - GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, - hash_data, &signature); + ret = gnutls_pubkey_verify_hash2( + pubkey, sign_algo, + GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, hash_data, + &signature); if (ret < 0) - testfail - ("gnutls_pubkey_verify_hash-4 (legacy raw hashed data)\n"); + testfail( + "gnutls_pubkey_verify_hash-4 (legacy raw hashed data)\n"); } gnutls_free(signature.data); gnutls_free(signature2.data); diff --git a/tests/sign-verify-ext4.c b/tests/sign-verify-ext4.c index 1aba291b2e..4c0ab77b48 100644 --- a/tests/sign-verify-ext4.c +++ b/tests/sign-verify-ext4.c @@ -22,7 +22,7 @@ /* This tests the gnutls_privkey_import_ext4() APIs */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,9 +30,9 @@ #include #include #ifndef _WIN32 -# include -# include -# include +#include +#include +#include #endif #include #include @@ -48,26 +48,21 @@ static void tls_log_func(int level, const char *str) /* sha1 hash of "hello" string */ const gnutls_datum_t sha1_hash_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", 20 }; const gnutls_datum_t sha256_hash_data = { - (void *) - "\x2c\xf2\x4d\xba\x5f\xb0\xa3\x0e\x26\xe8\x3b\x2a\xc5\xb9\xe2\x9e" - "\x1b\x16\x1e\x5c\x1f\xa7\x42\x5e\x73\x04\x33\x62\x93\x8b\x98\x24", + (void *)"\x2c\xf2\x4d\xba\x5f\xb0\xa3\x0e\x26\xe8\x3b\x2a\xc5\xb9\xe2\x9e" + "\x1b\x16\x1e\x5c\x1f\xa7\x42\x5e\x73\x04\x33\x62\x93\x8b\x98\x24", 32 }; -const gnutls_datum_t raw_data = { - (void *)"hello", - 5 -}; +const gnutls_datum_t raw_data = { (void *)"hello", 5 }; struct key_cb_data { - gnutls_privkey_t rkey; /* the real thing */ + gnutls_privkey_t rkey; /* the real thing */ unsigned pk; unsigned sig; unsigned bits; @@ -94,11 +89,10 @@ static int key_cb_info_func(gnutls_privkey_t key, unsigned int flags, return -1; } -static -int key_cb_sign_data_func(gnutls_privkey_t key, gnutls_sign_algorithm_t sig, - void *userdata, unsigned int flags, - const gnutls_datum_t * data, - gnutls_datum_t * signature) +static int key_cb_sign_data_func(gnutls_privkey_t key, + gnutls_sign_algorithm_t sig, void *userdata, + unsigned int flags, const gnutls_datum_t *data, + gnutls_datum_t *signature) { struct key_cb_data *p = userdata; @@ -108,20 +102,19 @@ int key_cb_sign_data_func(gnutls_privkey_t key, gnutls_sign_algorithm_t sig, return gnutls_privkey_sign_data2(p->rkey, sig, 0, data, signature); } -static -int key_cb_sign_hash_func(gnutls_privkey_t key, gnutls_sign_algorithm_t sig, - void *userdata, unsigned int flags, - const gnutls_datum_t * data, - gnutls_datum_t * signature) +static int key_cb_sign_hash_func(gnutls_privkey_t key, + gnutls_sign_algorithm_t sig, void *userdata, + unsigned int flags, const gnutls_datum_t *data, + gnutls_datum_t *signature) { struct key_cb_data *p = userdata; if (sig == GNUTLS_SIGN_RSA_RAW) { if (debug) fprintf(stderr, "signing digestinfo with: raw RSA\n"); - return gnutls_privkey_sign_hash(p->rkey, 0, - GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, - data, signature); + return gnutls_privkey_sign_hash( + p->rkey, 0, GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, data, + signature); } else { if (debug) fprintf(stderr, "signing hash with: %s\n", @@ -138,7 +131,7 @@ static void key_cb_deinit_func(gnutls_privkey_t key, void *userdata) free(userdata); } -static gnutls_privkey_t load_virt_privkey(const gnutls_datum_t * txtkey, +static gnutls_privkey_t load_virt_privkey(const gnutls_datum_t *txtkey, gnutls_pk_algorithm_t pk, gnutls_sign_algorithm_t sig) { @@ -159,9 +152,8 @@ static gnutls_privkey_t load_virt_privkey(const gnutls_datum_t * txtkey, if (ret < 0) fail("gnutls_privkey_init\n"); - ret = - gnutls_privkey_import_x509_raw(userdata->rkey, txtkey, - GNUTLS_X509_FMT_PEM, NULL, 0); + ret = gnutls_privkey_import_x509_raw(userdata->rkey, txtkey, + GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("gnutls_privkey_import\n"); @@ -172,8 +164,7 @@ static gnutls_privkey_t load_virt_privkey(const gnutls_datum_t * txtkey, ret = gnutls_privkey_import_ext4(privkey, userdata, key_cb_sign_data_func, - key_cb_sign_hash_func, - NULL, + key_cb_sign_hash_func, NULL, key_cb_deinit_func, key_cb_info_func, GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE); if (ret < 0) @@ -183,8 +174,7 @@ static gnutls_privkey_t load_virt_privkey(const gnutls_datum_t * txtkey, } #define tests common_key_tests -#define testfail(fmt, ...) \ - fail("%s: "fmt, tests[i].name, ##__VA_ARGS__) +#define testfail(fmt, ...) fail("%s: " fmt, tests[i].name, ##__VA_ARGS__) void doit(void) { @@ -213,96 +203,88 @@ void doit(void) hash_data = &sha256_hash_data; } - privkey = - load_virt_privkey(&tests[i].key, tests[i].pk, - tests[i].sigalgo); + privkey = load_virt_privkey(&tests[i].key, tests[i].pk, + tests[i].sigalgo); ret = gnutls_pubkey_init(&pubkey); if (ret < 0) testfail("gnutls_privkey_init\n"); - ret = - gnutls_privkey_sign_data2(privkey, tests[i].sigalgo, - tests[i].sign_flags, &raw_data, - &signature); + ret = gnutls_privkey_sign_data2(privkey, tests[i].sigalgo, + tests[i].sign_flags, &raw_data, + &signature); if (ret < 0) testfail("gnutls_x509_privkey_sign_hash\n"); - ret = - gnutls_pubkey_import_x509_raw(pubkey, &tests[i].cert, - GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_pubkey_import_x509_raw(pubkey, &tests[i].cert, + GNUTLS_X509_FMT_PEM, 0); if (ret < 0) testfail("gnutls_x509_pubkey_import\n"); - ret = - gnutls_pubkey_verify_data2(pubkey, tests[i].sigalgo, - GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, - &raw_data, &signature); + ret = gnutls_pubkey_verify_data2( + pubkey, tests[i].sigalgo, + GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, &raw_data, + &signature); if (ret < 0) testfail("gnutls_pubkey_verify_data2\n"); gnutls_free(signature.data); if (!tests[i].data_only) { - ret = - gnutls_privkey_sign_hash(privkey, tests[i].digest, - tests[i].sign_flags, - hash_data, &signature2); + ret = gnutls_privkey_sign_hash(privkey, tests[i].digest, + tests[i].sign_flags, + hash_data, &signature2); if (ret < 0) testfail("gnutls_privkey_sign_hash\n"); - ret = - gnutls_pubkey_verify_hash2(pubkey, tests[i].sigalgo, - GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, - hash_data, &signature2); + ret = gnutls_pubkey_verify_hash2( + pubkey, tests[i].sigalgo, + GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, hash_data, + &signature2); if (ret < 0) - testfail - ("gnutls_pubkey_verify_hash2-1 (hashed data)\n"); + testfail( + "gnutls_pubkey_verify_hash2-1 (hashed data)\n"); gnutls_free(signature2.data); } if (gnutls_pubkey_get_pk_algorithm(pubkey, NULL) == GNUTLS_PK_RSA) { - - ret = - gnutls_privkey_sign_hash(privkey, - tests[i].digest, - GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, - hash_data, &signature); + ret = gnutls_privkey_sign_hash( + privkey, tests[i].digest, + GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, hash_data, + &signature); if (ret < 0) testfail("gnutls_privkey_sign_hash: %s\n", gnutls_strerror(ret)); - sign_algo = - gnutls_pk_to_sign - (gnutls_pubkey_get_pk_algorithm(pubkey, NULL), - tests[i].digest); + sign_algo = gnutls_pk_to_sign( + gnutls_pubkey_get_pk_algorithm(pubkey, NULL), + tests[i].digest); - ret = - gnutls_pubkey_verify_hash2(pubkey, sign_algo, - GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, - hash_data, &signature); + ret = gnutls_pubkey_verify_hash2( + pubkey, sign_algo, + GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, hash_data, + &signature); if (ret < 0) - testfail - ("gnutls_pubkey_verify_hash-3 (raw hashed data)\n"); + testfail( + "gnutls_pubkey_verify_hash-3 (raw hashed data)\n"); gnutls_free(signature.data); /* test the legacy API */ - ret = - gnutls_privkey_sign_raw_data(privkey, 0, - hash_data, &signature); + ret = gnutls_privkey_sign_raw_data( + privkey, 0, hash_data, &signature); if (ret < 0) testfail("gnutls_privkey_sign_raw_data: %s\n", gnutls_strerror(ret)); - ret = - gnutls_pubkey_verify_hash2(pubkey, sign_algo, - GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, - hash_data, &signature); + ret = gnutls_pubkey_verify_hash2( + pubkey, sign_algo, + GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, hash_data, + &signature); if (ret < 0) - testfail - ("gnutls_pubkey_verify_hash-4 (legacy raw hashed data)\n"); + testfail( + "gnutls_pubkey_verify_hash-4 (legacy raw hashed data)\n"); } gnutls_free(signature.data); gnutls_free(signature2.data); diff --git a/tests/sign-verify-newapi.c b/tests/sign-verify-newapi.c index 68efe03e4d..ee3bddfe6c 100644 --- a/tests/sign-verify-newapi.c +++ b/tests/sign-verify-newapi.c @@ -22,7 +22,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,9 +30,9 @@ #include #include #ifndef _WIN32 -# include -# include -# include +#include +#include +#include #endif #include #include @@ -48,41 +48,33 @@ static void tls_log_func(int level, const char *str) /* sha1 hash of "hello" string */ const gnutls_datum_t sha1_hash_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", 20 }; const gnutls_datum_t sha256_hash_data = { - (void *) - "\x2c\xf2\x4d\xba\x5f\xb0\xa3\x0e\x26\xe8\x3b\x2a\xc5\xb9\xe2\x9e" - "\x1b\x16\x1e\x5c\x1f\xa7\x42\x5e\x73\x04\x33\x62\x93\x8b\x98\x24", + (void *)"\x2c\xf2\x4d\xba\x5f\xb0\xa3\x0e\x26\xe8\x3b\x2a\xc5\xb9\xe2\x9e" + "\x1b\x16\x1e\x5c\x1f\xa7\x42\x5e\x73\x04\x33\x62\x93\x8b\x98\x24", 32 }; const gnutls_datum_t sha256_invalid_hash_data = { - (void *) - "\x2c\xf2\x4d\xba\x5f\xb1\xa3\x0e\x26\xe8\x3b\x2a\xc5\xb9\xe2\x9e" - "\x1b\x16\x1e\x5c\x1f\xa3\x42\x5e\x73\x04\x33\x62\x93\x8b\x98\x24", + (void *)"\x2c\xf2\x4d\xba\x5f\xb1\xa3\x0e\x26\xe8\x3b\x2a\xc5\xb9\xe2\x9e" + "\x1b\x16\x1e\x5c\x1f\xa3\x42\x5e\x73\x04\x33\x62\x93\x8b\x98\x24", 32 }; const gnutls_datum_t sha1_invalid_hash_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xca\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x2c\xb9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xca\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x2c\xb9\xae\xa9\x43\x4d", 20 }; -const gnutls_datum_t raw_data = { - (void *)"hello", - 5 -}; +const gnutls_datum_t raw_data = { (void *)"hello", 5 }; #define tests common_key_tests -#define testfail(fmt, ...) \ - fail("%s: "fmt, tests[i].name, ##__VA_ARGS__) +#define testfail(fmt, ...) fail("%s: " fmt, tests[i].name, ##__VA_ARGS__) void doit(void) { @@ -123,9 +115,8 @@ void doit(void) if (ret < 0) testfail("gnutls_x509_privkey_init\n"); - ret = - gnutls_x509_privkey_import(key, &tests[i].key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import(key, &tests[i].key, + GNUTLS_X509_FMT_PEM); if (ret < 0) testfail("gnutls_x509_privkey_import\n"); @@ -155,9 +146,8 @@ void doit(void) if (ret < 0) testfail("gnutls_x509_crt_init\n"); - ret = - gnutls_x509_crt_import(crt, &tests[i].cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt, &tests[i].cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) testfail("gnutls_x509_crt_import\n"); @@ -165,59 +155,56 @@ void doit(void) if (ret < 0) testfail("gnutls_x509_pubkey_import\n"); - ret = - gnutls_pubkey_verify_hash2(pubkey, tests[i].sigalgo, - GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, - hash_data, &signature); + ret = gnutls_pubkey_verify_hash2( + pubkey, tests[i].sigalgo, + GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, hash_data, + &signature); if (ret < 0) testfail("gnutls_x509_pubkey_verify_hash2\n"); /* Test functionality of GNUTLS_VERIFY_DISABLE_CA_SIGN (see issue #754) */ - ret = - gnutls_pubkey_verify_hash2(pubkey, tests[i].sigalgo, - GNUTLS_VERIFY_DISABLE_CA_SIGN, - hash_data, &signature); + ret = gnutls_pubkey_verify_hash2(pubkey, tests[i].sigalgo, + GNUTLS_VERIFY_DISABLE_CA_SIGN, + hash_data, &signature); if (ret < 0) - testfail - ("gnutls_x509_pubkey_verify_hash2 with GNUTLS_VERIFY_DISABLE_CA_SIGN\n"); + testfail( + "gnutls_x509_pubkey_verify_hash2 with GNUTLS_VERIFY_DISABLE_CA_SIGN\n"); - ret = - gnutls_pubkey_verify_hash2(pubkey, tests[i].sigalgo, - GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, - hash_data, &signature2); + ret = gnutls_pubkey_verify_hash2( + pubkey, tests[i].sigalgo, + GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, hash_data, + &signature2); if (ret < 0) - testfail - ("gnutls_x509_pubkey_verify_hash-1 (hashed data)\n"); + testfail( + "gnutls_x509_pubkey_verify_hash-1 (hashed data)\n"); /* should fail */ - ret = - gnutls_pubkey_verify_hash2(pubkey, tests[i].sigalgo, - GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, - invalid_hash_data, &signature2); + ret = gnutls_pubkey_verify_hash2( + pubkey, tests[i].sigalgo, + GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, invalid_hash_data, + &signature2); if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) - testfail - ("gnutls_x509_pubkey_verify_hash-2 (hashed data)\n"); + testfail( + "gnutls_x509_pubkey_verify_hash-2 (hashed data)\n"); - sign_algo = - gnutls_pk_to_sign(gnutls_pubkey_get_pk_algorithm - (pubkey, NULL), tests[i].digest); + sign_algo = gnutls_pk_to_sign( + gnutls_pubkey_get_pk_algorithm(pubkey, NULL), + tests[i].digest); - ret = - gnutls_pubkey_verify_hash2(pubkey, sign_algo, - GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, - hash_data, &signature2); + ret = gnutls_pubkey_verify_hash2( + pubkey, sign_algo, GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, + hash_data, &signature2); if (ret < 0) - testfail - ("gnutls_x509_pubkey_verify_hash2-1 (hashed data)\n"); + testfail( + "gnutls_x509_pubkey_verify_hash2-1 (hashed data)\n"); /* should fail */ - ret = - gnutls_pubkey_verify_hash2(pubkey, sign_algo, - GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, - invalid_hash_data, &signature2); + ret = gnutls_pubkey_verify_hash2( + pubkey, sign_algo, GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, + invalid_hash_data, &signature2); if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) - testfail - ("gnutls_x509_pubkey_verify_hash2-2 (hashed data)\n"); + testfail( + "gnutls_x509_pubkey_verify_hash2-2 (hashed data)\n"); /* test the raw interface */ gnutls_free(signature.data); @@ -225,39 +212,36 @@ void doit(void) if (gnutls_pubkey_get_pk_algorithm(pubkey, NULL) == GNUTLS_PK_RSA) { - - ret = - gnutls_privkey_sign_hash2(privkey, - tests[i].sigalgo, - GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, - hash_data, &signature); + ret = gnutls_privkey_sign_hash2( + privkey, tests[i].sigalgo, + GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, hash_data, + &signature); if (ret < 0) testfail("gnutls_privkey_sign_hash: %s\n", gnutls_strerror(ret)); - ret = - gnutls_pubkey_verify_hash2(pubkey, tests[i].sigalgo, - GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, - hash_data, &signature); + ret = gnutls_pubkey_verify_hash2( + pubkey, tests[i].sigalgo, + GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, hash_data, + &signature); if (ret < 0) - testfail - ("gnutls_pubkey_verify_hash-3 (raw hashed data)\n"); + testfail( + "gnutls_pubkey_verify_hash-3 (raw hashed data)\n"); gnutls_free(signature.data); /* test the legacy API */ - ret = - gnutls_privkey_sign_raw_data(privkey, 0, - hash_data, &signature); + ret = gnutls_privkey_sign_raw_data( + privkey, 0, hash_data, &signature); if (ret < 0) testfail("gnutls_privkey_sign_raw_data: %s\n", gnutls_strerror(ret)); - ret = - gnutls_pubkey_verify_hash2(pubkey, sign_algo, - GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, - hash_data, &signature); + ret = gnutls_pubkey_verify_hash2( + pubkey, sign_algo, + GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, hash_data, + &signature); if (ret < 0) - testfail - ("gnutls_pubkey_verify_hash-4 (legacy raw hashed data)\n"); + testfail( + "gnutls_pubkey_verify_hash-4 (legacy raw hashed data)\n"); } gnutls_free(signature.data); gnutls_free(signature2.data); diff --git a/tests/sign-verify.c b/tests/sign-verify.c index b37c7eb74a..533a6c6a8b 100644 --- a/tests/sign-verify.c +++ b/tests/sign-verify.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,9 +30,9 @@ #include #include #ifndef _WIN32 -# include -# include -# include +#include +#include +#include #endif #include #include @@ -48,41 +48,33 @@ static void tls_log_func(int level, const char *str) /* sha1 hash of "hello" string */ const gnutls_datum_t sha1_hash_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", 20 }; const gnutls_datum_t sha256_hash_data = { - (void *) - "\x2c\xf2\x4d\xba\x5f\xb0\xa3\x0e\x26\xe8\x3b\x2a\xc5\xb9\xe2\x9e" - "\x1b\x16\x1e\x5c\x1f\xa7\x42\x5e\x73\x04\x33\x62\x93\x8b\x98\x24", + (void *)"\x2c\xf2\x4d\xba\x5f\xb0\xa3\x0e\x26\xe8\x3b\x2a\xc5\xb9\xe2\x9e" + "\x1b\x16\x1e\x5c\x1f\xa7\x42\x5e\x73\x04\x33\x62\x93\x8b\x98\x24", 32 }; const gnutls_datum_t sha256_invalid_hash_data = { - (void *) - "\x2c\xf2\x4d\xba\x5f\xb1\xa3\x0e\x26\xe8\x3b\x2a\xc5\xb9\xe2\x9e" - "\x1b\x16\x1e\x5c\x1f\xa3\x42\x5e\x73\x04\x33\x62\x93\x8b\x98\x24", + (void *)"\x2c\xf2\x4d\xba\x5f\xb1\xa3\x0e\x26\xe8\x3b\x2a\xc5\xb9\xe2\x9e" + "\x1b\x16\x1e\x5c\x1f\xa3\x42\x5e\x73\x04\x33\x62\x93\x8b\x98\x24", 32 }; const gnutls_datum_t sha1_invalid_hash_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xca\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x2c\xb9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xca\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x2c\xb9\xae\xa9\x43\x4d", 20 }; -const gnutls_datum_t raw_data = { - (void *)"hello", - 5 -}; +const gnutls_datum_t raw_data = { (void *)"hello", 5 }; #define tests common_key_tests -#define testfail(fmt, ...) \ - fail("%s: "fmt, tests[i].name, ##__VA_ARGS__) +#define testfail(fmt, ...) fail("%s: " fmt, tests[i].name, ##__VA_ARGS__) void doit(void) { @@ -123,9 +115,8 @@ void doit(void) if (ret < 0) testfail("gnutls_x509_privkey_init\n"); - ret = - gnutls_x509_privkey_import(key, &tests[i].key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import(key, &tests[i].key, + GNUTLS_X509_FMT_PEM); if (ret < 0) testfail("gnutls_x509_privkey_import\n"); @@ -141,17 +132,15 @@ void doit(void) if (ret < 0) testfail("gnutls_privkey_import_x509\n"); - ret = - gnutls_privkey_sign_hash(privkey, tests[i].digest, - tests[i].sign_flags, hash_data, - &signature2); + ret = gnutls_privkey_sign_hash(privkey, tests[i].digest, + tests[i].sign_flags, hash_data, + &signature2); if (ret < 0) testfail("gnutls_privkey_sign_hash\n"); - ret = - gnutls_privkey_sign_data(privkey, tests[i].digest, - tests[i].sign_flags, &raw_data, - &signature); + ret = gnutls_privkey_sign_data(privkey, tests[i].digest, + tests[i].sign_flags, &raw_data, + &signature); if (ret < 0) testfail("gnutls_x509_privkey_sign_hash\n"); @@ -159,9 +148,8 @@ void doit(void) if (ret < 0) testfail("gnutls_x509_crt_init\n"); - ret = - gnutls_x509_crt_import(crt, &tests[i].cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt, &tests[i].cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) testfail("gnutls_x509_crt_import\n"); @@ -169,95 +157,89 @@ void doit(void) if (ret < 0) testfail("gnutls_x509_pubkey_import\n"); - ret = - gnutls_pubkey_verify_hash2(pubkey, tests[i].sigalgo, - GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, - hash_data, &signature); + ret = gnutls_pubkey_verify_hash2( + pubkey, tests[i].sigalgo, + GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, hash_data, + &signature); if (ret < 0) testfail("gnutls_x509_pubkey_verify_hash2\n"); - ret = - gnutls_pubkey_verify_hash2(pubkey, tests[i].sigalgo, - GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, - hash_data, &signature2); + ret = gnutls_pubkey_verify_hash2( + pubkey, tests[i].sigalgo, + GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, hash_data, + &signature2); if (ret < 0) - testfail - ("gnutls_x509_pubkey_verify_hash-1 (hashed data)\n"); + testfail( + "gnutls_x509_pubkey_verify_hash-1 (hashed data)\n"); /* should fail */ - ret = - gnutls_pubkey_verify_hash2(pubkey, tests[i].sigalgo, - GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, - invalid_hash_data, &signature2); + ret = gnutls_pubkey_verify_hash2( + pubkey, tests[i].sigalgo, + GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, invalid_hash_data, + &signature2); if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) - testfail - ("gnutls_x509_pubkey_verify_hash-2 (hashed data)\n"); + testfail( + "gnutls_x509_pubkey_verify_hash-2 (hashed data)\n"); - sign_algo = - gnutls_pk_to_sign(gnutls_pubkey_get_pk_algorithm - (pubkey, NULL), tests[i].digest); + sign_algo = gnutls_pk_to_sign( + gnutls_pubkey_get_pk_algorithm(pubkey, NULL), + tests[i].digest); - ret = - gnutls_pubkey_verify_hash2(pubkey, sign_algo, - GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, - hash_data, &signature2); + ret = gnutls_pubkey_verify_hash2( + pubkey, sign_algo, GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, + hash_data, &signature2); if (ret < 0) - testfail - ("gnutls_x509_pubkey_verify_hash2-1 (hashed data)\n"); + testfail( + "gnutls_x509_pubkey_verify_hash2-1 (hashed data)\n"); /* should fail */ - ret = - gnutls_pubkey_verify_hash2(pubkey, sign_algo, - GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, - invalid_hash_data, &signature2); + ret = gnutls_pubkey_verify_hash2( + pubkey, sign_algo, GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, + invalid_hash_data, &signature2); if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) - testfail - ("gnutls_x509_pubkey_verify_hash2-2 (hashed data)\n"); + testfail( + "gnutls_x509_pubkey_verify_hash2-2 (hashed data)\n"); /* test the raw interface */ gnutls_free(signature.data); if (gnutls_pubkey_get_pk_algorithm(pubkey, NULL) == GNUTLS_PK_RSA) { - - ret = - gnutls_privkey_sign_hash(privkey, - tests[i].digest, - GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, - hash_data, &signature); + ret = gnutls_privkey_sign_hash( + privkey, tests[i].digest, + GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, hash_data, + &signature); if (ret < 0) testfail("gnutls_privkey_sign_hash: %s\n", gnutls_strerror(ret)); - sign_algo = - gnutls_pk_to_sign - (gnutls_pubkey_get_pk_algorithm(pubkey, NULL), - tests[i].digest); + sign_algo = gnutls_pk_to_sign( + gnutls_pubkey_get_pk_algorithm(pubkey, NULL), + tests[i].digest); - ret = - gnutls_pubkey_verify_hash2(pubkey, sign_algo, - GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, - hash_data, &signature); + ret = gnutls_pubkey_verify_hash2( + pubkey, sign_algo, + GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, hash_data, + &signature); if (ret < 0) - testfail - ("gnutls_pubkey_verify_hash-3 (raw hashed data)\n"); + testfail( + "gnutls_pubkey_verify_hash-3 (raw hashed data)\n"); gnutls_free(signature.data); /* test the legacy API */ - ret = - gnutls_privkey_sign_raw_data(privkey, 0, - hash_data, &signature); + ret = gnutls_privkey_sign_raw_data( + privkey, 0, hash_data, &signature); if (ret < 0) testfail("gnutls_privkey_sign_raw_data: %s\n", gnutls_strerror(ret)); - ret = - gnutls_pubkey_verify_hash2(pubkey, sign_algo, - GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, - hash_data, &signature); + ret = gnutls_pubkey_verify_hash2( + pubkey, sign_algo, + GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, hash_data, + &signature); if (ret < 0) - testfail - ("gnutls_pubkey_verify_hash-4 (legacy raw hashed data)\n"); + testfail( + "gnutls_pubkey_verify_hash-4 (legacy raw hashed data)\n"); } gnutls_free(signature.data); gnutls_free(signature2.data); diff --git a/tests/simple.c b/tests/simple.c index 626d8714c5..98423f0272 100644 --- a/tests/simple.c +++ b/tests/simple.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -28,18 +28,20 @@ #include "utils.h" -#define CHECK_OK(x,y,z) \ - if (x >= 0 && y >= 0 && z >= 0) { \ - if (!gnutls_check_version_numeric(x, y, z)) { \ - fail("error in gnutls_check_version_numeric %d.%d.%d: %d\n", x, y, z, __LINE__); \ - exit(1); \ - } \ +#define CHECK_OK(x, y, z) \ + if (x >= 0 && y >= 0 && z >= 0) { \ + if (!gnutls_check_version_numeric(x, y, z)) { \ + fail("error in gnutls_check_version_numeric %d.%d.%d: %d\n", \ + x, y, z, __LINE__); \ + exit(1); \ + } \ } -#define CHECK_FAIL(x,y,z) \ - if (gnutls_check_version_numeric(x, y, z)) { \ - fail("error in neg gnutls_check_version_numeric %d.%d.%d: %d\n", x, y, z, __LINE__); \ - exit(1); \ +#define CHECK_FAIL(x, y, z) \ + if (gnutls_check_version_numeric(x, y, z)) { \ + fail("error in neg gnutls_check_version_numeric %d.%d.%d: %d\n", \ + x, y, z, __LINE__); \ + exit(1); \ } void doit(void) @@ -50,20 +52,20 @@ void doit(void) gnutls_check_version(NULL)); } - if (!gnutls_check_version_numeric - (GNUTLS_VERSION_MAJOR, GNUTLS_VERSION_MINOR, - GNUTLS_VERSION_PATCH)) { + if (!gnutls_check_version_numeric(GNUTLS_VERSION_MAJOR, + GNUTLS_VERSION_MINOR, + GNUTLS_VERSION_PATCH)) { fail("error in gnutls_check_version_numeric 1\n"); exit(1); } CHECK_FAIL(99, 9, 9) - CHECK_FAIL(90, 1, 0) - CHECK_FAIL(90, 0, 0) - CHECK_OK(2, 0, 0) - CHECK_OK(2, 99, 99) - CHECK_OK(3, 0, 0) - if (!gnutls_check_version(GNUTLS_VERSION)) + CHECK_FAIL(90, 1, 0) + CHECK_FAIL(90, 0, 0) + CHECK_OK(2, 0, 0) + CHECK_OK(2, 99, 99) + CHECK_OK(3, 0, 0) + if (!gnutls_check_version(GNUTLS_VERSION)) fail("gnutls_check_version ERROR\n"); { @@ -77,15 +79,14 @@ void doit(void) for (i = 0; algs[i]; i++) { if (debug) - printf("pk_list[%d] = %d = %s = %d\n", - (int)i, algs[i], - gnutls_pk_algorithm_get_name(algs - [i]), - gnutls_pk_get_id - (gnutls_pk_algorithm_get_name(algs[i]))); - if (gnutls_pk_get_id - (gnutls_pk_algorithm_get_name(algs[i])) - != algs[i]) + printf("pk_list[%d] = %d = %s = %d\n", (int)i, + algs[i], + gnutls_pk_algorithm_get_name(algs[i]), + gnutls_pk_get_id( + gnutls_pk_algorithm_get_name( + algs[i]))); + if (gnutls_pk_get_id(gnutls_pk_algorithm_get_name( + algs[i])) != algs[i]) fail("gnutls_pk id doesn't match\n"); } @@ -110,16 +111,14 @@ void doit(void) gnutls_digest_algorithm_t hash; if (debug) - printf("sign_list[%d] = %d = %s = %d\n", - (int)i, algs[i], - gnutls_sign_algorithm_get_name(algs - [i]), - gnutls_sign_get_id - (gnutls_sign_algorithm_get_name - (algs[i]))); - if (gnutls_sign_get_id - (gnutls_sign_algorithm_get_name(algs[i])) != - algs[i]) + printf("sign_list[%d] = %d = %s = %d\n", (int)i, + algs[i], + gnutls_sign_algorithm_get_name(algs[i]), + gnutls_sign_get_id( + gnutls_sign_algorithm_get_name( + algs[i]))); + if (gnutls_sign_get_id(gnutls_sign_algorithm_get_name( + algs[i])) != algs[i]) fail("gnutls_sign id for %s doesn't match\n", gnutls_sign_algorithm_get_name(algs[i])); @@ -127,14 +126,17 @@ void doit(void) if (hash != GNUTLS_DIG_UNKNOWN) { const char *name = gnutls_digest_get_name(hash); gnutls_digest_algorithm_t hash2 = - gnutls_digest_get_id(name); + gnutls_digest_get_id(name); /* gnutls_digest_get_id returns * GNUTLS_DIG_UNKNOWN if the algorithm is not * compiled in. */ - if (hash2 != GNUTLS_DIG_UNKNOWN - && hash2 != hash) - fail("gnutls_digest id for %s doesn't match %s\n", gnutls_sign_algorithm_get_name(algs[i]), name); + if (hash2 != GNUTLS_DIG_UNKNOWN && + hash2 != hash) + fail("gnutls_digest id for %s doesn't match %s\n", + gnutls_sign_algorithm_get_name( + algs[i]), + name); } } diff --git a/tests/slow/cipher-api-test.c b/tests/slow/cipher-api-test.c index 34d46d8e90..8485001db2 100644 --- a/tests/slow/cipher-api-test.c +++ b/tests/slow/cipher-api-test.c @@ -43,16 +43,16 @@ int main(int argc, char **argv) } #else -# include -# include -# include -# include -# include - -# define AES_GCM_ENCRYPT_PLAINTEXT_MAX ((1ULL << 36) - 32) -# if SIZE_MAX >= AES_GCM_ENCRYPT_PLAINTEXT_MAX -# define TEST_AES_GCM_ENCRYPT_PLAINTEXT_SIZE 1 -# endif +#include +#include +#include +#include +#include + +#define AES_GCM_ENCRYPT_PLAINTEXT_MAX ((1ULL << 36) - 32) +#if SIZE_MAX >= AES_GCM_ENCRYPT_PLAINTEXT_MAX +#define TEST_AES_GCM_ENCRYPT_PLAINTEXT_SIZE 1 +#endif static void tls_log_func(int level, const char *str) { @@ -131,12 +131,12 @@ static void test_cipher_invalid_partial(int algo) ret = global_init(); if (ret < 0) { - fail("Cannot initialize library\n"); /*errcode 1 */ + fail("Cannot initialize library\n"); /*errcode 1 */ } ret = gnutls_cipher_init(&ch, algo, &key, &iv); if (ret < 0) - fail("gnutls_cipher_init failed\n"); /*errcode 1 */ + fail("gnutls_cipher_init failed\n"); /*errcode 1 */ /* try encrypting in a way that violates nettle's block conventions */ ret = gnutls_cipher_encrypt(ch, data, sizeof(data) - 1); @@ -199,19 +199,18 @@ static void test_aead_happy(int algo) fail("gnutls_aead_cipher_init failed\n"); ctext_len = sizeof(ctext); - ret = gnutls_aead_cipher_encrypt(ch, iv.data, iv.size, - auth, sizeof(auth), tag_len, - ptext, sizeof(ptext), - ctext, &ctext_len); + ret = gnutls_aead_cipher_encrypt(ch, iv.data, iv.size, auth, + sizeof(auth), tag_len, ptext, + sizeof(ptext), ctext, &ctext_len); if (ret < 0) fail("could not encrypt data\n"); if (ctext_len != sizeof(ptext) + tag_len) fail("output ciphertext length mismatch\n"); - ret = gnutls_aead_cipher_decrypt(ch, iv.data, iv.size, - auth, sizeof(auth), tag_len, - ctext, ctext_len, ptext, &ptext_len); + ret = gnutls_aead_cipher_decrypt(ch, iv.data, iv.size, auth, + sizeof(auth), tag_len, ctext, + ctext_len, ptext, &ptext_len); if (ret < 0) fail("could not decrypt data: %s\n", gnutls_strerror(ret)); @@ -255,12 +254,12 @@ static void test_aead_invalid_add_auth(int algo) ret = global_init(); if (ret < 0) { - fail("Cannot initialize library\n"); /*errcode 1 */ + fail("Cannot initialize library\n"); /*errcode 1 */ } ret = gnutls_cipher_init(&ch, algo, &key, &iv); if (ret < 0) - fail("gnutls_cipher_init failed\n"); /*errcode 1 */ + fail("gnutls_cipher_init failed\n"); /*errcode 1 */ ret = gnutls_cipher_add_auth(ch, data, sizeof(data) - 1); if (ret < 0) @@ -308,12 +307,12 @@ static void test_aead_invalid_partial_encrypt(int algo) ret = global_init(); if (ret < 0) { - fail("Cannot initialize library\n"); /*errcode 1 */ + fail("Cannot initialize library\n"); /*errcode 1 */ } ret = gnutls_cipher_init(&ch, algo, &key, &iv); if (ret < 0) - fail("gnutls_cipher_init failed\n"); /*errcode 1 */ + fail("gnutls_cipher_init failed\n"); /*errcode 1 */ /* try encrypting in a way that violates nettle's AEAD conventions */ ret = gnutls_cipher_encrypt(ch, data, sizeof(data) - 1); @@ -378,10 +377,9 @@ static void test_aead_invalid_short_decrypt(int algo) fail("gnutls_aead_cipher_init failed\n"); ctext_len = sizeof(ctext); - ret = gnutls_aead_cipher_encrypt(ch, iv.data, iv.size, - auth, sizeof(auth), tag_len, - ptext, sizeof(ptext), - ctext, &ctext_len); + ret = gnutls_aead_cipher_encrypt(ch, iv.data, iv.size, auth, + sizeof(auth), tag_len, ptext, + sizeof(ptext), ctext, &ctext_len); if (ret < 0) fail("could not encrypt data\n"); @@ -389,9 +387,9 @@ static void test_aead_invalid_short_decrypt(int algo) fail("output ciphertext length mismatch\n"); ptext_len = 0; - ret = gnutls_aead_cipher_decrypt(ch, iv.data, iv.size, - auth, sizeof(auth), tag_len, - ctext, ctext_len, ptext, &ptext_len); + ret = gnutls_aead_cipher_decrypt(ch, iv.data, iv.size, auth, + sizeof(auth), tag_len, ctext, + ctext_len, ptext, &ptext_len); if (ret >= 0) fail("succeeded in decrypting data onto a short buffer\n"); if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) @@ -405,7 +403,7 @@ static void test_aead_invalid_short_decrypt(int algo) return; } -# ifdef TEST_AES_GCM_ENCRYPT_PLAINTEXT_SIZE +#ifdef TEST_AES_GCM_ENCRYPT_PLAINTEXT_SIZE /* Test whether an invalid call to gnutls_cipher_encrypt() with too * long message is caught */ static void test_aead_invalid_too_long_encrypt(int algo) @@ -441,12 +439,12 @@ static void test_aead_invalid_too_long_encrypt(int algo) ret = global_init(); if (ret < 0) { - fail("Cannot initialize library\n"); /*errcode 1 */ + fail("Cannot initialize library\n"); /*errcode 1 */ } ret = gnutls_cipher_init(&ch, algo, &key, &iv); if (ret < 0) - fail("gnutls_cipher_init failed\n"); /*errcode 1 */ + fail("gnutls_cipher_init failed\n"); /*errcode 1 */ /* Test exceeding AES-GCM plaintext limit */ ret = gnutls_cipher_encrypt(ch, data, sizeof(data)); @@ -471,7 +469,7 @@ static void test_aead_invalid_too_long_encrypt(int algo) gnutls_global_deinit(); return; } -# endif +#endif static void check_status(int status) { @@ -510,8 +508,7 @@ static void fork_subtest(subtest func, int algo) } }; -static -void start(const char *name, int algo, unsigned aead) +static void start(const char *name, int algo, unsigned aead) { success("trying %s\n", name); @@ -538,11 +535,11 @@ void start(const char *name, int algo, unsigned aead) success("trying %s: test_aead_invalid_short_decrypt\n", name); fork_subtest(test_aead_invalid_short_decrypt, algo); -# if TEST_AES_GCM_ENCRYPT_PLAINTEXT_SIZE +#if TEST_AES_GCM_ENCRYPT_PLAINTEXT_SIZE success("trying %s: test_aead_invalid_too_long_encrypt\n", name); fork_subtest(test_aead_invalid_too_long_encrypt, algo); -# endif +#endif } } diff --git a/tests/slow/cipher-openssl-compat.c b/tests/slow/cipher-openssl-compat.c index 663f73e0b1..108a7b02e1 100644 --- a/tests/slow/cipher-openssl-compat.c +++ b/tests/slow/cipher-openssl-compat.c @@ -14,11 +14,11 @@ * with openssl. */ -#define BSIZE (64*1024+12) -#define B2SIZE (1024+7) +#define BSIZE (64 * 1024 + 12) +#define B2SIZE (1024 + 7) static unsigned char buffer_auth[B2SIZE]; static unsigned char orig_plain_data[BSIZE]; -static unsigned char enc_data[BSIZE + 32]; /* allow for tag */ +static unsigned char enc_data[BSIZE + 32]; /* allow for tag */ static unsigned char dec_data[BSIZE]; static int cipher_test(const char *ocipher, gnutls_cipher_algorithm_t gcipher, @@ -52,13 +52,11 @@ static int cipher_test(const char *ocipher, gnutls_cipher_algorithm_t gcipher, #endif } - for (i = 0; i < 32; i++) { /* try with multiple keys and nonces */ - assert(gnutls_rnd - (GNUTLS_RND_NONCE, orig_plain_data, - sizeof(orig_plain_data)) >= 0); - assert(gnutls_rnd - (GNUTLS_RND_NONCE, buffer_auth, - sizeof(buffer_auth)) >= 0); + for (i = 0; i < 32; i++) { /* try with multiple keys and nonces */ + assert(gnutls_rnd(GNUTLS_RND_NONCE, orig_plain_data, + sizeof(orig_plain_data)) >= 0); + assert(gnutls_rnd(GNUTLS_RND_NONCE, buffer_auth, + sizeof(buffer_auth)) >= 0); assert(gnutls_rnd(GNUTLS_RND_NONCE, key, sizeof(key)) >= 0); assert(gnutls_rnd(GNUTLS_RND_NONCE, nonce, sizeof(nonce)) >= 0); @@ -70,13 +68,11 @@ static int cipher_test(const char *ocipher, gnutls_cipher_algorithm_t gcipher, dnonce.size = gnutls_cipher_get_iv_size(gcipher); enc_data_size = sizeof(enc_data); - assert(gnutls_aead_cipher_encrypt(hd, dnonce.data, dnonce.size, - buffer_auth, - sizeof(buffer_auth), tag_size, - orig_plain_data, - sizeof(orig_plain_data), - enc_data, - &enc_data_size) >= 0); + assert(gnutls_aead_cipher_encrypt( + hd, dnonce.data, dnonce.size, buffer_auth, + sizeof(buffer_auth), tag_size, orig_plain_data, + sizeof(orig_plain_data), enc_data, + &enc_data_size) >= 0); if (debug) success("encrypted %d bytes, to %d\n", @@ -94,10 +90,11 @@ static int cipher_test(const char *ocipher, gnutls_cipher_algorithm_t gcipher, ocipher, gnutls_strerror(ret)); } - if (dec_data_size != sizeof(orig_plain_data) - || memcmp(dec_data, orig_plain_data, - sizeof(orig_plain_data)) != 0) { - fail("gnutls encrypt-decrypt failed (got: %d, expected: %d)\n", (int)dec_data_size, (int)sizeof(orig_plain_data)); + if (dec_data_size != sizeof(orig_plain_data) || + memcmp(dec_data, orig_plain_data, + sizeof(orig_plain_data)) != 0) { + fail("gnutls encrypt-decrypt failed (got: %d, expected: %d)\n", + (int)dec_data_size, (int)sizeof(orig_plain_data)); } gnutls_aead_cipher_deinit(hd); @@ -105,82 +102,80 @@ static int cipher_test(const char *ocipher, gnutls_cipher_algorithm_t gcipher, ctx = EVP_CIPHER_CTX_new(); #if OPENSSL_VERSION_NUMBER >= 0x10100000L - if (gcipher == GNUTLS_CIPHER_AES_128_CCM - || gcipher == GNUTLS_CIPHER_AES_256_CCM) { + if (gcipher == GNUTLS_CIPHER_AES_128_CCM || + gcipher == GNUTLS_CIPHER_AES_256_CCM) { assert(EVP_CipherInit_ex(ctx, evp_cipher, 0, 0, 0, 0) > 0); - assert(EVP_CIPHER_CTX_ctrl - (ctx, EVP_CTRL_CCM_SET_IVLEN, dnonce.size, - 0) == 1); - assert(EVP_CIPHER_CTX_ctrl - (ctx, EVP_CTRL_CCM_SET_TAG, tag_size, - enc_data + enc_data_size - tag_size) == 1); + assert(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, + dnonce.size, 0) == 1); + assert(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, + tag_size, + enc_data + enc_data_size - + tag_size) == 1); assert(EVP_CipherInit_ex(ctx, 0, 0, key, nonce, 0) > 0); dec_data_size2 = sizeof(dec_data); /* Add plain size */ - assert(EVP_CipherUpdate - (ctx, NULL, &dec_data_size2, NULL, - enc_data_size - tag_size) > 0); + assert(EVP_CipherUpdate(ctx, NULL, &dec_data_size2, + NULL, + enc_data_size - tag_size) > 0); /* Add AAD */ - assert(EVP_CipherUpdate - (ctx, NULL, &dec_data_size2, buffer_auth, - sizeof(buffer_auth)) > 0); + assert(EVP_CipherUpdate(ctx, NULL, &dec_data_size2, + buffer_auth, + sizeof(buffer_auth)) > 0); /* Decrypt */ - assert(EVP_CipherUpdate - (ctx, dec_data, &dec_data_size2, enc_data, - enc_data_size - tag_size) > 0); + assert(EVP_CipherUpdate(ctx, dec_data, &dec_data_size2, + enc_data, + enc_data_size - tag_size) > 0); dec_data_size = dec_data_size2; dec_data_size2 = tag_size; - if (dec_data_size != sizeof(orig_plain_data) - || memcmp(dec_data, orig_plain_data, - sizeof(orig_plain_data)) != 0) { + if (dec_data_size != sizeof(orig_plain_data) || + memcmp(dec_data, orig_plain_data, + sizeof(orig_plain_data)) != 0) { fail("openssl decrypt failed for %s\n", ocipher); } } else #endif { - assert(EVP_CipherInit_ex - (ctx, evp_cipher, NULL, key, nonce, 0) > 0); + assert(EVP_CipherInit_ex(ctx, evp_cipher, NULL, key, + nonce, 0) > 0); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, tag_size, enc_data + enc_data_size - - tag_size); + tag_size); dec_data_size2 = sizeof(dec_data); /* Add AAD */ - assert(EVP_CipherUpdate - (ctx, NULL, &dec_data_size2, buffer_auth, - sizeof(buffer_auth)) > 0); + assert(EVP_CipherUpdate(ctx, NULL, &dec_data_size2, + buffer_auth, + sizeof(buffer_auth)) > 0); /* Decrypt */ - assert(EVP_CipherUpdate - (ctx, dec_data, &dec_data_size2, enc_data, - enc_data_size - tag_size) > 0); + assert(EVP_CipherUpdate(ctx, dec_data, &dec_data_size2, + enc_data, + enc_data_size - tag_size) > 0); dec_data_size = dec_data_size2; dec_data_size2 = tag_size; assert(EVP_CipherFinal_ex(ctx, tag, &dec_data_size2) > 0); - if (dec_data_size != sizeof(orig_plain_data) - || memcmp(dec_data, orig_plain_data, - sizeof(orig_plain_data)) != 0) { + if (dec_data_size != sizeof(orig_plain_data) || + memcmp(dec_data, orig_plain_data, + sizeof(orig_plain_data)) != 0) { fail("openssl decrypt failed for %s\n", ocipher); } - } EVP_CIPHER_CTX_free(ctx); - } return 0; diff --git a/tests/slow/cipher-test.c b/tests/slow/cipher-test.c index da7e7e7673..9c7087d632 100644 --- a/tests/slow/cipher-test.c +++ b/tests/slow/cipher-test.c @@ -20,7 +20,7 @@ int main(int argc, char **argv) exit(77); } #else -# include +#include static void handle_sigill(int sig) { diff --git a/tests/slow/gendh.c b/tests/slow/gendh.c index 67fe722505..f90530508e 100644 --- a/tests/slow/gendh.c +++ b/tests/slow/gendh.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include diff --git a/tests/slow/hash-large.c b/tests/slow/hash-large.c index 3817e1c38b..0b350de9c7 100644 --- a/tests/slow/hash-large.c +++ b/tests/slow/hash-large.c @@ -19,7 +19,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,23 +35,23 @@ void doit(void) exit(77); } -#else /* working test */ +#else /* working test */ /* Test hashing on very large buffers >= 2^31 */ -# if !defined(_WIN32) -# include -# include +#if !defined(_WIN32) +#include +#include static void exit_77(int signo) { _exit(77); } -# endif +#endif -# define MIN(x,y) ((x)<(y))?(x):(y) +#define MIN(x, y) ((x) < (y)) ? (x) : (y) -# include +#include static size_t _mmap_size; static void *get_mem(size_t size) @@ -80,26 +80,27 @@ void doit(void) if (sizeof(size) <= 4) exit(77); -# if !defined(_WIN32) +#if !defined(_WIN32) signal(SIGSEGV, exit_77); signal(SIGBUS, exit_77); -# endif +#endif global_init(); - size = (ssize_t) UINT_MAX + (ssize_t) 64 *1024; + size = (ssize_t)UINT_MAX + (ssize_t)64 * 1024; buf = get_mem(size); if (buf == NULL) exit(77); - if (size < (ssize_t) UINT_MAX) + if (size < (ssize_t)UINT_MAX) exit(77); err = gnutls_hash_fast(GNUTLS_DIG_SHA256, buf, size, digest); if (err < 0) fail("gnutls_hash_fast(SHA256) failed: %d\n", err); else { -# define SHA256_HASH "\x80\x92\xd9\xbe\x54\xa0\xe9\xd7\x7c\xb8\xe4\x2d\xd3\x7c\x19\xfe\x4e\x68\x84\x33\x71\xef\x1c\x81\xd6\x44\x36\x52\x06\xd8\x4b\x8a" +#define SHA256_HASH \ + "\x80\x92\xd9\xbe\x54\xa0\xe9\xd7\x7c\xb8\xe4\x2d\xd3\x7c\x19\xfe\x4e\x68\x84\x33\x71\xef\x1c\x81\xd6\x44\x36\x52\x06\xd8\x4b\x8a" if (memcmp(digest, SHA256_HASH, 32) == 0) { if (debug) success("gnutls_hash_fast(SHA256) %lu OK\n", @@ -141,7 +142,8 @@ void doit(void) if (err < 0) fail("gnutls_hash_fast(SHA1) failed: %d\n", err); else { -# define SHA1_HASH "\x75\xd2\x67\x3f\xec\x73\xe4\x57\xb8\x40\xb3\xb5\xf1\xc7\xa8\x1a\x2d\x11\x7e\xd9" +#define SHA1_HASH \ + "\x75\xd2\x67\x3f\xec\x73\xe4\x57\xb8\x40\xb3\xb5\xf1\xc7\xa8\x1a\x2d\x11\x7e\xd9" if (memcmp(digest, SHA1_HASH, 20) == 0) { if (debug) success("gnutls_hash_fast(SHA1) OK\n"); @@ -151,13 +153,13 @@ void doit(void) } } - err = - gnutls_hmac_fast(GNUTLS_MAC_SHA1, "keykeykey", 9, buf, size, - digest); + err = gnutls_hmac_fast(GNUTLS_MAC_SHA1, "keykeykey", 9, buf, size, + digest); if (err < 0) fail("gnutls_hmac_fast(SHA1) failed: %d\n", err); else { -# define SHA1_MAC "\xe2\xe9\x84\x48\x53\xe3\x0b\xfe\x45\x04\xf6\x6b\x5b\x6d\x4d\x2c\xa3\x0f\xcf\x23" +#define SHA1_MAC \ + "\xe2\xe9\x84\x48\x53\xe3\x0b\xfe\x45\x04\xf6\x6b\x5b\x6d\x4d\x2c\xa3\x0f\xcf\x23" if (memcmp(digest, SHA1_MAC, 20) == 0) { if (debug) success("gnutls_hmac_fast(SHA1) OK\n"); diff --git a/tests/spki-abstract.c b/tests/spki-abstract.c index 60e9557375..110c60c13f 100644 --- a/tests/spki-abstract.c +++ b/tests/spki-abstract.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -55,17 +55,16 @@ static void pubkey_check(void) ret = gnutls_pubkey_init(&pubkey); if (ret < 0) { - fprintf(stderr, - "gnutls_pubkey_init: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_pubkey_init: %s\n", + gnutls_strerror(ret)); exit(1); } - ret = - gnutls_pubkey_import_x509_raw(pubkey, &server_ca3_rsa_pss2_cert, - GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_pubkey_import_x509_raw(pubkey, &server_ca3_rsa_pss2_cert, + GNUTLS_X509_FMT_PEM, 0); if (ret < 0) { - fprintf(stderr, - "gnutls_pubkey_import: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_pubkey_import: %s\n", + gnutls_strerror(ret)); exit(1); } @@ -101,17 +100,16 @@ static void key_check(void) ret = gnutls_privkey_init(&key); if (ret < 0) { - fprintf(stderr, - "gnutls_privkey_init: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_privkey_init: %s\n", + gnutls_strerror(ret)); exit(1); } - ret = - gnutls_privkey_import_x509_raw(key, &server_ca3_rsa_pss2_key, - GNUTLS_X509_FMT_PEM, NULL, 0); + ret = gnutls_privkey_import_x509_raw(key, &server_ca3_rsa_pss2_key, + GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) { - fprintf(stderr, - "gnutls_privkey_import: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_privkey_import: %s\n", + gnutls_strerror(ret)); exit(1); } diff --git a/tests/spki.c b/tests/spki.c index ff47ff3a4b..88d97e2b37 100644 --- a/tests/spki.c +++ b/tests/spki.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -63,8 +63,8 @@ static void crq_check(void) ret = gnutls_x509_crq_init(&crq); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crq_init: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crq_init: %s\n", + gnutls_strerror(ret)); exit(1); } @@ -127,17 +127,16 @@ static void cert_check(void) ret = gnutls_x509_crt_init(&crt); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_init: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crt_init: %s\n", + gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_crt_import(crt, &server_ca3_rsa_pss2_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt, &server_ca3_rsa_pss2_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_import: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crt_import: %s\n", + gnutls_strerror(ret)); exit(1); } @@ -185,17 +184,15 @@ static void key_check(void) ret = gnutls_x509_privkey_init(&key); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_privkey_init: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_privkey_init: %s\n", + gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_privkey_import(key, &server_ca3_rsa_pss2_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import(key, &server_ca3_rsa_pss2_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_privkey_import: %s\n", + fprintf(stderr, "gnutls_x509_privkey_import: %s\n", gnutls_strerror(ret)); exit(1); } diff --git a/tests/srp.c b/tests/srp.c index 1fc582c901..d2b0689553 100644 --- a/tests/srp.c +++ b/tests/srp.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -36,17 +36,17 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); @@ -64,45 +64,42 @@ static void client_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; static void client(int fd, const char *prio, const char *user, const char *pass, int exp_err) @@ -144,8 +141,7 @@ static void client(int fd, const char *prio, const char *user, const char *pass, */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0 && ret == exp_err) { if (debug) @@ -164,11 +160,11 @@ static void client(int fd, const char *prio, const char *user, const char *pass, if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); gnutls_deinit(session); @@ -212,9 +208,8 @@ static void server(int fd, const char *prio) "tpasswd.conf"); gnutls_certificate_allocate_credentials(&s_x509_cred); - gnutls_certificate_set_x509_key_mem(s_x509_cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(s_x509_cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); assert(gnutls_init(&session, GNUTLS_SERVER) >= 0); @@ -231,8 +226,7 @@ static void server(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -245,8 +239,8 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); kx = gnutls_kx_get(session); if (kx != GNUTLS_KX_SRP && kx != GNUTLS_KX_SRP_RSA && @@ -311,23 +305,23 @@ static void start(const char *name, const char *prio, const char *user, /* test1-7 are valid users, test9 uses parameter 9 which is disallowed by the RFC5054 spec */ const char *tpasswd_file = - "test:CsrY0PxYlYCAa8UuWUrcjpqBvG6ImlAdGwEUh3tN2DSDBbMWTvnUl7A8Hw7l0zFHwyLH5rh0llrmu/v.Df2FjDEGy0s0rYR5ARE2XlXPl66xhevHj5vitD0Qvq/J0x1v0zMWJSgq/Ah2MoOrw9aBEsQUgf9MddiHQKjE3Vetoq3:3h3cfS0WrBgPUsldDASSK0:1\n" - "test2:1J14yVX4iBa97cySs2/SduwnSbHxiz7WieE761psJQDxkc5flpumEwXbAgK5PrSZ0aZ6q7zyrAN1apJR1QQPAdyScJ6Jw4zjDP7AnezUVGbUNMJXhsI0NPwSc0c/415XfrnM1139yjWCr1qkcYMoN4bALppMMLB8glJkxy7t.3cmH9MkRRAjXXdUgAvHw2ZFLmB/8TlZDhnDS78xCSgLQs.oubZEEIgOWl7BT2.aW76fW3yKWdVrrHQDYPtR4hKx:11rUG9wSMLHe2Cu2p7dmFY:2\n" - "test3:LVJZDDuElMHuRt5/fcx64AhJ4erhFvbIhv/XCtD0tJI3OC6yEBzthZ1FSqblri9qtsvboPApbFHwP9WEluGtCOuzOON4LS8sSeQDBO.PaqjTnsmXKPYMKa.SuLXFuRTtdiFRwX2ZRy3GIWoCvxJtPDWCEYGBWfnjjGEYmQWvo534JVtVDyMaFItYlMTOtBSgsg488oJ5hIAU6jVyIQZGPVv8OHsPCpEt2UlTixzI9nAgQ0WL5ShKaAq0dksF/AY7UMKm0oHbtZeqAx6YcBzLbBhNvcEqYzH95ONpr.cUh91iRhVzdVscsFweSCtWsQrVT4zmSRwdsljeFQPqFbdeK:iWkELSVg3JxmyEq.XbjAW:3\n" - "test4:YziHBXMYwzekToUa6xL1Iq/4AXwpJWO9.Z6.Y6HHGt4eUcZEvVEw4eKEzPmj.K7US59u.X29F9D7xU62yiomPk5t8/3MzDCywlrAvcCVDhXwC3YpZEFl8OgAlp9izNrDErYY33cReBwH8ILHgFBJ2zo3xZqlWjWMrR50fW2J.MMitnx5GoR9dotZWLj9Zti0kODt5bUUeMcJmK/CJorwEtXz6OvuqGIdjrAZDp.5379KFO2smEVb7Qx6JiIDhEqODMMgXJZMSYSbKMgxXC9D.xN/IOn1/TnD.rNHN6LTrGChmbtKpCpuSJb2Bq2dwLFVxE/2UH4/ubYs/s5w9OcN60ypogvmtIWBqW2GyyfbLzHXiNDpJwV.tOktYEvRUG/fF59GF9hISbOIZ.7BhOK.z.iX4T7dEnHhDW16V.QScdOofcrhihb3Fi3Ym8ZpAqBlmlgLGsaGX23idkdF8xHZxJF1cuPosQ1jHjlrhcZotvChJdV3DZdl3m3isKK.bwF8:3QcZGdH5RkBBbB9R/cyNL4:4\n" - "test5:Ei8lv19Vi3.zrgd2DT6hHNVdd1FS2rTOg5N.ZHfIe6tsquMOQdP5JNVDqHaZL/Hr.ecaH5Y0fYCrdRby4iYWOvXvRadXBGP7noJl5II9qF84J8KUWGpdWOkKyIqXmRsdvafX2wB90JfMar7SyV0whR7taEV3fAWzQXVS7sHBA6Iyuj6qW1AIg/ObwYBR94xJuI8uKX4vGB0ptl90IS1nkI68OK.1PIt47IDdmJRxDxtbq3smZevPH9HxGCbWyPa7wp9GXmt7jjY/KhRnehLCaCWR3qpfTzqqYaohLFQ5KpkhCv0V5hFASioi1d5iVUsmJCCwWvHWf8fLKLSQ16D.yUNp6jH9AnrzBzybT5jdK647RxKpvogU67rDo4GQCMEjqoHfxExHz/LTN1mtDbX.MkphO71zGpE.bBMopQZvOzUJfpOjJwWADenalLvD6MXu4/.Hwf.cNH/cv/ueTRkXD8Fmsj0cmNkdLCel2qi3COWJxNP/B5ICQ5MnHg.S7qDSloYRcTvbU/FKGyoar8nhUdrl6w5sBwn1DKg3yijBucqEnOAPyLOmpAku8kTsbgoGVdQbEXdb7sUliLv9OnAARddRjIvAbO1mnWxHxFekBCmD5EtMVfGUUGM/ubQzjvH7PjsCCgBjo3nTPoCNGxzREich8/ChRdUvkzEuBvZXIc2:1nhQGuJI7yz9b0xtvpI87B:5\n" - "test7:6aCMlT0VUuuEnX.pn/K7cfQN1.EefEE9UiwzkBT2a4gdT4OY04pcl7kuKLEwvbb9bSfJWjAF8i8vMT.gg1ZSQTBAcWiBzAwHnnnKv4IgtsT0RAoAjYNjVxe26IMeE/XEdcS9OnOzSdEh2uy6.c9wqgzk0pph.KsQaMV4ivjeoUTdY8ccIiGGrLZcLaScCDeLMH.Ow7HFqMCIa07erJ7W2Xe/i7.0lm1p.oiTFbjNLv.6KXXihivldmz.ca9Dg2mqtp2SMCHul4wMDS3UFXka5/H/BwDFgT72OZpyy.wv9yL2ThHHiQtmc4.jkVutZUFH4gMxdln/3UyZDaXyj.UELFbRsA5VTrOcyqpg3nMqRLnBESC//fQjQPDzsIUG4TYeufCxfX6OK3BQq/KSYCIq08lIRRa1qoLE9FAcsnRO6PQXNtjatPJzgwW9mHZy32Bcy0dAu0mlR.35VGt9B72uAo3H8C6fzgLZHAQmAYvcz2b/LV4bT.FUeZz.D5XDIhxHDzLZOFgpZuYXivgf6B.1MgDd227L6AzVl.tfLF6Tr03Sfa5.FNoZLO.WHyHCje1GWGphLjg/C22QjBvV7NBwW50BkJBDO6HARaR/eZCE5qzmwAqrLbhd3DXYBD/0JSWysm3MO8u2Yhq47Vs8ZbcD835lIObjGOfzQL8iFQerO0H.pPQbwVewUg7fyP/TzSXsSQf0.7Otx6fUObWGEAJyY4Zk3YjBj0lwfQGDYuXjKnHxLgpWzWPtRvUbUxrPJMSFyJwGo8lJC5jZdfk/g/zShzgbib0LrYxwYoD1GvEcrLg/ylqEwDQh4/q7brzkpKUu.i4815rvCbPsqe7qFb6t4keDcNboSsFpRAiDttj8b8mcs/aq1YmPv/RKDO1DEu.QIabsJvdw7hw7sKz4m3OGdQEiFtktvihG0HDhY9UyfVTYm4WysZTx4Lf6WdwIFdkGLZJmhk8KdGPsHfSIo4fyIZieLkWa40e0ez5VevkcPN4C2AjXhVKUM5/9Cx09T38I8ZGIxGC.gF8JnXFarLcFjytuaNA7AlzuiEKlYKNf5AGNBXPoeScMJ.AghZLA0ZbsfbDbHUCSljnIuBhAFs8fL6ML/IqX59sORDYEiGKZnybedKYPgdZSRyy1T/qCDcDy6K/9sA4/gDzJ9ZdhUeasmn4GyXgJoHZ5VvT.ctilLkA36cAD8mHI1f8rcKAcsc5XtdQ5Mqqq6VkeXFAD37lnIc3/oVzBUKpHkyO.k0ibhKHkkmldQVpn1d/qUfhQxKq2S5FaOvqDUohERPoKLfEpsO8cd6NOUnwpGAx8wonNlNNIPaW2rJnRJc67zpznrzyXtTbbURl6eJJ/1nLtQy3xw:2Wva3rbYQapchVRUFxMTxT:7\n" - "test9:1UVtxG4aVjfnc6dPKMq6Cqin3rfrSoqOsGuD0Y6m4CnKqk190gb60JggCPwYbTgISssluub1TjmKlJeEfO18rXxyZgdn3KGJ3mBFLJ5x2t.kOyNRRpMGTK//7FMGiVQeJ12Mlh5p0faixLlHggR3P5e6LjpEZxsTTmU5d8pmACijdkOkuI8uDWKa4Aw.djIoAfUBhmgYGXCzx8axafeRJlZ/QYlx7tAAqdbIVrW2ES3cYTPCT/Yo8Le3IvjPH7Emw5TpIiQa/mcbEO043ewsUCEU9pSwQEyPj0ieXC5fGnTEk2KQ4ZzStgyUBDT4LgB8XGWT/DIQu13pIhwHy6yCuQ:3QFKSzbKxgN9qsll55ZlDu:9"; + "test:CsrY0PxYlYCAa8UuWUrcjpqBvG6ImlAdGwEUh3tN2DSDBbMWTvnUl7A8Hw7l0zFHwyLH5rh0llrmu/v.Df2FjDEGy0s0rYR5ARE2XlXPl66xhevHj5vitD0Qvq/J0x1v0zMWJSgq/Ah2MoOrw9aBEsQUgf9MddiHQKjE3Vetoq3:3h3cfS0WrBgPUsldDASSK0:1\n" + "test2:1J14yVX4iBa97cySs2/SduwnSbHxiz7WieE761psJQDxkc5flpumEwXbAgK5PrSZ0aZ6q7zyrAN1apJR1QQPAdyScJ6Jw4zjDP7AnezUVGbUNMJXhsI0NPwSc0c/415XfrnM1139yjWCr1qkcYMoN4bALppMMLB8glJkxy7t.3cmH9MkRRAjXXdUgAvHw2ZFLmB/8TlZDhnDS78xCSgLQs.oubZEEIgOWl7BT2.aW76fW3yKWdVrrHQDYPtR4hKx:11rUG9wSMLHe2Cu2p7dmFY:2\n" + "test3:LVJZDDuElMHuRt5/fcx64AhJ4erhFvbIhv/XCtD0tJI3OC6yEBzthZ1FSqblri9qtsvboPApbFHwP9WEluGtCOuzOON4LS8sSeQDBO.PaqjTnsmXKPYMKa.SuLXFuRTtdiFRwX2ZRy3GIWoCvxJtPDWCEYGBWfnjjGEYmQWvo534JVtVDyMaFItYlMTOtBSgsg488oJ5hIAU6jVyIQZGPVv8OHsPCpEt2UlTixzI9nAgQ0WL5ShKaAq0dksF/AY7UMKm0oHbtZeqAx6YcBzLbBhNvcEqYzH95ONpr.cUh91iRhVzdVscsFweSCtWsQrVT4zmSRwdsljeFQPqFbdeK:iWkELSVg3JxmyEq.XbjAW:3\n" + "test4:YziHBXMYwzekToUa6xL1Iq/4AXwpJWO9.Z6.Y6HHGt4eUcZEvVEw4eKEzPmj.K7US59u.X29F9D7xU62yiomPk5t8/3MzDCywlrAvcCVDhXwC3YpZEFl8OgAlp9izNrDErYY33cReBwH8ILHgFBJ2zo3xZqlWjWMrR50fW2J.MMitnx5GoR9dotZWLj9Zti0kODt5bUUeMcJmK/CJorwEtXz6OvuqGIdjrAZDp.5379KFO2smEVb7Qx6JiIDhEqODMMgXJZMSYSbKMgxXC9D.xN/IOn1/TnD.rNHN6LTrGChmbtKpCpuSJb2Bq2dwLFVxE/2UH4/ubYs/s5w9OcN60ypogvmtIWBqW2GyyfbLzHXiNDpJwV.tOktYEvRUG/fF59GF9hISbOIZ.7BhOK.z.iX4T7dEnHhDW16V.QScdOofcrhihb3Fi3Ym8ZpAqBlmlgLGsaGX23idkdF8xHZxJF1cuPosQ1jHjlrhcZotvChJdV3DZdl3m3isKK.bwF8:3QcZGdH5RkBBbB9R/cyNL4:4\n" + "test5:Ei8lv19Vi3.zrgd2DT6hHNVdd1FS2rTOg5N.ZHfIe6tsquMOQdP5JNVDqHaZL/Hr.ecaH5Y0fYCrdRby4iYWOvXvRadXBGP7noJl5II9qF84J8KUWGpdWOkKyIqXmRsdvafX2wB90JfMar7SyV0whR7taEV3fAWzQXVS7sHBA6Iyuj6qW1AIg/ObwYBR94xJuI8uKX4vGB0ptl90IS1nkI68OK.1PIt47IDdmJRxDxtbq3smZevPH9HxGCbWyPa7wp9GXmt7jjY/KhRnehLCaCWR3qpfTzqqYaohLFQ5KpkhCv0V5hFASioi1d5iVUsmJCCwWvHWf8fLKLSQ16D.yUNp6jH9AnrzBzybT5jdK647RxKpvogU67rDo4GQCMEjqoHfxExHz/LTN1mtDbX.MkphO71zGpE.bBMopQZvOzUJfpOjJwWADenalLvD6MXu4/.Hwf.cNH/cv/ueTRkXD8Fmsj0cmNkdLCel2qi3COWJxNP/B5ICQ5MnHg.S7qDSloYRcTvbU/FKGyoar8nhUdrl6w5sBwn1DKg3yijBucqEnOAPyLOmpAku8kTsbgoGVdQbEXdb7sUliLv9OnAARddRjIvAbO1mnWxHxFekBCmD5EtMVfGUUGM/ubQzjvH7PjsCCgBjo3nTPoCNGxzREich8/ChRdUvkzEuBvZXIc2:1nhQGuJI7yz9b0xtvpI87B:5\n" + "test7:6aCMlT0VUuuEnX.pn/K7cfQN1.EefEE9UiwzkBT2a4gdT4OY04pcl7kuKLEwvbb9bSfJWjAF8i8vMT.gg1ZSQTBAcWiBzAwHnnnKv4IgtsT0RAoAjYNjVxe26IMeE/XEdcS9OnOzSdEh2uy6.c9wqgzk0pph.KsQaMV4ivjeoUTdY8ccIiGGrLZcLaScCDeLMH.Ow7HFqMCIa07erJ7W2Xe/i7.0lm1p.oiTFbjNLv.6KXXihivldmz.ca9Dg2mqtp2SMCHul4wMDS3UFXka5/H/BwDFgT72OZpyy.wv9yL2ThHHiQtmc4.jkVutZUFH4gMxdln/3UyZDaXyj.UELFbRsA5VTrOcyqpg3nMqRLnBESC//fQjQPDzsIUG4TYeufCxfX6OK3BQq/KSYCIq08lIRRa1qoLE9FAcsnRO6PQXNtjatPJzgwW9mHZy32Bcy0dAu0mlR.35VGt9B72uAo3H8C6fzgLZHAQmAYvcz2b/LV4bT.FUeZz.D5XDIhxHDzLZOFgpZuYXivgf6B.1MgDd227L6AzVl.tfLF6Tr03Sfa5.FNoZLO.WHyHCje1GWGphLjg/C22QjBvV7NBwW50BkJBDO6HARaR/eZCE5qzmwAqrLbhd3DXYBD/0JSWysm3MO8u2Yhq47Vs8ZbcD835lIObjGOfzQL8iFQerO0H.pPQbwVewUg7fyP/TzSXsSQf0.7Otx6fUObWGEAJyY4Zk3YjBj0lwfQGDYuXjKnHxLgpWzWPtRvUbUxrPJMSFyJwGo8lJC5jZdfk/g/zShzgbib0LrYxwYoD1GvEcrLg/ylqEwDQh4/q7brzkpKUu.i4815rvCbPsqe7qFb6t4keDcNboSsFpRAiDttj8b8mcs/aq1YmPv/RKDO1DEu.QIabsJvdw7hw7sKz4m3OGdQEiFtktvihG0HDhY9UyfVTYm4WysZTx4Lf6WdwIFdkGLZJmhk8KdGPsHfSIo4fyIZieLkWa40e0ez5VevkcPN4C2AjXhVKUM5/9Cx09T38I8ZGIxGC.gF8JnXFarLcFjytuaNA7AlzuiEKlYKNf5AGNBXPoeScMJ.AghZLA0ZbsfbDbHUCSljnIuBhAFs8fL6ML/IqX59sORDYEiGKZnybedKYPgdZSRyy1T/qCDcDy6K/9sA4/gDzJ9ZdhUeasmn4GyXgJoHZ5VvT.ctilLkA36cAD8mHI1f8rcKAcsc5XtdQ5Mqqq6VkeXFAD37lnIc3/oVzBUKpHkyO.k0ibhKHkkmldQVpn1d/qUfhQxKq2S5FaOvqDUohERPoKLfEpsO8cd6NOUnwpGAx8wonNlNNIPaW2rJnRJc67zpznrzyXtTbbURl6eJJ/1nLtQy3xw:2Wva3rbYQapchVRUFxMTxT:7\n" + "test9:1UVtxG4aVjfnc6dPKMq6Cqin3rfrSoqOsGuD0Y6m4CnKqk190gb60JggCPwYbTgISssluub1TjmKlJeEfO18rXxyZgdn3KGJ3mBFLJ5x2t.kOyNRRpMGTK//7FMGiVQeJ12Mlh5p0faixLlHggR3P5e6LjpEZxsTTmU5d8pmACijdkOkuI8uDWKa4Aw.djIoAfUBhmgYGXCzx8axafeRJlZ/QYlx7tAAqdbIVrW2ES3cYTPCT/Yo8Le3IvjPH7Emw5TpIiQa/mcbEO043ewsUCEU9pSwQEyPj0ieXC5fGnTEk2KQ4ZzStgyUBDT4LgB8XGWT/DIQu13pIhwHy6yCuQ:3QFKSzbKxgN9qsll55ZlDu:9"; /* 1-7 are from SRP RFC5054 spec, and 9 is the FFDHE 2048-bit prime */ const char *tpasswd_conf_file = - "1:Ewl2hcjiutMd3Fu2lgFnUXWSc67TVyy2vwYCKoS9MLsrdJVT9RgWTCuEqWJrfB6uE3LsE9GkOlaZabS7M29sj5TnzUqOLJMjiwEzArfiLr9WbMRANlF68N5AVLcPWvNx6Zjl3m5Scp0BzJBz9TkgfhzKJZ.WtP3Mv/67I/0wmRZ:2\n" - "2:dUyyhxav9tgnyIg65wHxkzkb7VIPh4o0lkwfOKiPp4rVJrzLRYVBtb76gKlaO7ef5LYGEw3G.4E0jbMxcYBetDy2YdpiP/3GWJInoBbvYHIRO9uBuxgsFKTKWu7RnR7yTau/IrFTdQ4LY/q.AvoCzMxV0PKvD9Odso/LFIItn8PbTov3VMn/ZEH2SqhtpBUkWtmcIkEflhX/YY/fkBKfBbe27/zUaKUUZEUYZ2H2nlCL60.JIPeZJSzsu/xHDVcx:2\n" - "3:2iQzj1CagQc/5ctbuJYLWlhtAsPHc7xWVyCPAKFRLWKADpASkqe9djWPFWTNTdeJtL8nAhImCn3Sr/IAdQ1FrGw0WvQUstPx3FO9KNcXOwisOQ1VlL.gheAHYfbYyBaxXL.NcJx9TUwgWDT0hRzFzqSrdGGTN3FgSTA1v4QnHtEygNj3eZ.u0MThqWUaDiP87nqha7XnT66bkTCkQ8.7T8L4KZjIImrNrUftedTTBi.WCi.zlrBxDuOM0da0JbUkQlXqvp0yvJAPpC11nxmmZOAbQOywZGmu9nhZNuwTlxjfIro0FOdthaDTuZRL9VL7MRPUDo/DQEyW.d4H.UIlzp:2\n" - "4:///////////93zgY8MZ2DCJ6Oek0t1pHAG9E28fdp7G22xwcEnER8b5A27cED0JTxvKPiyqwGnimAmfjybyKDq/XDMrjKS95v8MrTc9UViRqJ4BffZVjQml/NBRq1hVjxZXh.rg9dwMkdoGHV4iVvaaePb7iv5izmW1ykA5ZlmMOsaWs75NJccaMFwZz9CzVWsLT8zoZhPOSOlDM88LIkvxLAGTmbfPjPmmrJagyc0JnT6m8oXWXV3AGNaOkDiuxuvvtB1WEXWER9uEYx0UYZxN5NV1lJ5B9tYlBzfLO5nWvbKbywfLgvHNI9XYO.WKG5NAEMeggn2sjCnSD151wCwXL8QlV7BfaxFk515ZRxmgAwd5NNGOCVREN3uMcuUJ7g/MkZDi9CzSUZ9JWIYLXdSxZqYOQqkvhyI/w1jcA26JOTW9pFiXgP58VAnWNUo0Ck.4NLtfXNMnt2OZ0kjb6uWZYJw1qvQinGzjR/E3z48vBWj4WgJhIol//////////:5\n" - "5:F//////////oG/QeY5emZJ4ncABWDmSqIa2JWYAPynq0Wk.fZiJco9HIWXvZZG4tU.L6RFDEaCRC2iARV9V53TFuJLjRL72HUI5jNPYNdx6z4n2wQOtxMiB/rosz0QtxUuuQ/jQYP.bhfya4NnB7.P9A6PHxEHRFS80VBYXOxy5cDf8DXnLqvff5Z.e/IJFNuDbNIFSewsM76BpLY25KhkUrIa7S9QMRMSCDKvAl9W4yNHi2CeO8Nmoa5v6BZREE.EUTomO3eO3coU3ekm7ee.rnLtmRqnIoTuho/QLM1SOEPL9VEgLQkKLqYOOcFe541LoZbgAgiGjhJCN3GHGUZEeLI6htnowPEpxXGHOs.yAYkfnLrq637spbm.5fk7anwlrhepR2JFN7eoKu4ebOPtEuz8c6jBkQ/4l.WRPYWXas7O2Spx8QcHI7oiO5tiW3BlX5rTwOLriTmc8mBhPHk88ua.WTEMhCKFRM/pW/H2EIuBH8AaX204QSZmIfuVcruXncX2zkbiccSCd66hquZmQb6WqjXKBsYM3wSegr4pesxl2smJUZlakZlmK7xxAfYXyMKTEQy1TcRAMJw2Gmw8ZEw66KLldxHzXAN3EujUlk1lTTY5mI1pG1f4drR1QgPEqwfYDZzt1Xl.tt92cm8zDz3N9D0OncV//////////:5\n" - "7:3//////////yaFsg8XQC8qnCPYYu3S7D4f0au8YcVCT08BlgOx4viYKKe8UOuq1DtlbHcppJf36p0h2ctoNnGtJ.4rRMrHmaNaXRLsObv.nlHCGkccD.rh2/zSjlG6j.tkE6lxMecVfQwV915yIn/cIIXcKUpaMpt207oueME/1PZQI3OSLTEQQHO/gFqapr.3PLqZtAEjbXnYyrOWXLAxdjKf1t2Mbcrd33LEIhoO1F5qR0ZA625yCf1UHYuspZlZddSi60w60vidWwBi1wAFjSLTy6zCKidUAylsbLWN63cLINpgbMhb5T8c69Zw1H0LSevQYgh4BQqp5mq4K7epg5KXgzySkcJi.uK4MDll2ehgSLTT1WnzivSFXQRXvCUhzQwCsmaprnwCbE1A9M6TpkFI9XhIxclnB/e6sOe8PDXs0dC.o6faKXyh61Tx80oxuHTNUc5TR7S9YC2wsKRY2E9Fe7Jbgp53srlyuFqGZak2qI2f8GW16d8y4gU7vjU8SPeGlRfR9fd39nXgzE8y6fHeDBOL2zebW.dAAjHCwDkxmji4texvBexy51..ogOeV5b7Jcl0NPcoba.WaCEY8pkXXb5Rv.qVOIbmpkBNhxWRtNOXS4WSq0QH9zMmMgcJjEgOZO/TmOR/jzoGfi2FJVGroJG2X98sm/gqqdnm9i7KtB9W9aRUoNKUTZswDxtu/vG6hPvJ3kNRE2z1C06ki6fJxP0ds34NboUmXbg96De.s.lFcnJjHCvikixKknlRVnH7vimbIpCWKL4hrwz2RxZq0JUCqhzPWye1nakIxF0owXNHSXq3z8BNpcvq/lRLNd0lHfWCWhMeG36G2noUMUV9Vxx7wFCZgNf.Dio8lWyTHRV/M5h5IzG7iYj1LAhCZsr.lqZXs1JCNj8FW3VWfvSLxlARuoW6eTMBjyNQTlLGgZsA7x/mwndCiQCJrLpQLidiBlAMCZX/wDTkF0He13wFPZz8OEuIlorR2tHqrkQK.HvjlX5PTAEIRnB.vUGuTtosgJBVZDY.nD1pkJ6wEyWojesTqm1q7wU/Yln7xILszfDhf2HcEgjZd5hazMWq8xHqA/79U2EF5ilZdMKju/sullo4YjaY8Yu4f0Dy1nFhLwWQ8/37D7FyP6pgC6jBoyY6BuE5tVgTIt.Ym8VeUMWp0.rRtJe6Appriw9ufcqg4/W/HFWjtp4Eu7IhQZP5b.YPe2LTmMJp7CK8HeKT.Qj86LtjVg6nrH2zVkTDS/hpQyCUpw9eDP16zEk7dv902KEBI1niruYQ02xLxZWhoHaDflm2RaULMEH7LdVfgfumKE9sLfJVo1zMw82vRd5WoO3TcEtJt///////////:J\n" - "9:3//////////wtuL5YYkqgQhznM82SzFF7OkSM3pYqsbQdXDa4KP3Fxp9ETpYIRFlbzB.DZOmnrsFQ1iWAkn65wqzyUrTNzPM4aC/KVNmPkq8LZPLKzxHhpjLSJNdzNoJMOJmnmuEQBT.AcYThpx.Xo7V5OeJQjvpKmhCfFI3fvUhmAiOAp9FjXqGYfIxB8u/kvQjgtODVqQ1rFGgFUEKtqhbRjvsDoknaB1wV8xWfjS9u2/E7Dz.Bim3G4pIWqBs6HSlwSwOM3/uvF4ZBkye63m/ux6qnlhNCxjVoyBi8W1SMEyODz5eEonlDA9i6ox/g8Qq8uOIXSb///////////:2\n"; + "1:Ewl2hcjiutMd3Fu2lgFnUXWSc67TVyy2vwYCKoS9MLsrdJVT9RgWTCuEqWJrfB6uE3LsE9GkOlaZabS7M29sj5TnzUqOLJMjiwEzArfiLr9WbMRANlF68N5AVLcPWvNx6Zjl3m5Scp0BzJBz9TkgfhzKJZ.WtP3Mv/67I/0wmRZ:2\n" + "2:dUyyhxav9tgnyIg65wHxkzkb7VIPh4o0lkwfOKiPp4rVJrzLRYVBtb76gKlaO7ef5LYGEw3G.4E0jbMxcYBetDy2YdpiP/3GWJInoBbvYHIRO9uBuxgsFKTKWu7RnR7yTau/IrFTdQ4LY/q.AvoCzMxV0PKvD9Odso/LFIItn8PbTov3VMn/ZEH2SqhtpBUkWtmcIkEflhX/YY/fkBKfBbe27/zUaKUUZEUYZ2H2nlCL60.JIPeZJSzsu/xHDVcx:2\n" + "3:2iQzj1CagQc/5ctbuJYLWlhtAsPHc7xWVyCPAKFRLWKADpASkqe9djWPFWTNTdeJtL8nAhImCn3Sr/IAdQ1FrGw0WvQUstPx3FO9KNcXOwisOQ1VlL.gheAHYfbYyBaxXL.NcJx9TUwgWDT0hRzFzqSrdGGTN3FgSTA1v4QnHtEygNj3eZ.u0MThqWUaDiP87nqha7XnT66bkTCkQ8.7T8L4KZjIImrNrUftedTTBi.WCi.zlrBxDuOM0da0JbUkQlXqvp0yvJAPpC11nxmmZOAbQOywZGmu9nhZNuwTlxjfIro0FOdthaDTuZRL9VL7MRPUDo/DQEyW.d4H.UIlzp:2\n" + "4:///////////93zgY8MZ2DCJ6Oek0t1pHAG9E28fdp7G22xwcEnER8b5A27cED0JTxvKPiyqwGnimAmfjybyKDq/XDMrjKS95v8MrTc9UViRqJ4BffZVjQml/NBRq1hVjxZXh.rg9dwMkdoGHV4iVvaaePb7iv5izmW1ykA5ZlmMOsaWs75NJccaMFwZz9CzVWsLT8zoZhPOSOlDM88LIkvxLAGTmbfPjPmmrJagyc0JnT6m8oXWXV3AGNaOkDiuxuvvtB1WEXWER9uEYx0UYZxN5NV1lJ5B9tYlBzfLO5nWvbKbywfLgvHNI9XYO.WKG5NAEMeggn2sjCnSD151wCwXL8QlV7BfaxFk515ZRxmgAwd5NNGOCVREN3uMcuUJ7g/MkZDi9CzSUZ9JWIYLXdSxZqYOQqkvhyI/w1jcA26JOTW9pFiXgP58VAnWNUo0Ck.4NLtfXNMnt2OZ0kjb6uWZYJw1qvQinGzjR/E3z48vBWj4WgJhIol//////////:5\n" + "5:F//////////oG/QeY5emZJ4ncABWDmSqIa2JWYAPynq0Wk.fZiJco9HIWXvZZG4tU.L6RFDEaCRC2iARV9V53TFuJLjRL72HUI5jNPYNdx6z4n2wQOtxMiB/rosz0QtxUuuQ/jQYP.bhfya4NnB7.P9A6PHxEHRFS80VBYXOxy5cDf8DXnLqvff5Z.e/IJFNuDbNIFSewsM76BpLY25KhkUrIa7S9QMRMSCDKvAl9W4yNHi2CeO8Nmoa5v6BZREE.EUTomO3eO3coU3ekm7ee.rnLtmRqnIoTuho/QLM1SOEPL9VEgLQkKLqYOOcFe541LoZbgAgiGjhJCN3GHGUZEeLI6htnowPEpxXGHOs.yAYkfnLrq637spbm.5fk7anwlrhepR2JFN7eoKu4ebOPtEuz8c6jBkQ/4l.WRPYWXas7O2Spx8QcHI7oiO5tiW3BlX5rTwOLriTmc8mBhPHk88ua.WTEMhCKFRM/pW/H2EIuBH8AaX204QSZmIfuVcruXncX2zkbiccSCd66hquZmQb6WqjXKBsYM3wSegr4pesxl2smJUZlakZlmK7xxAfYXyMKTEQy1TcRAMJw2Gmw8ZEw66KLldxHzXAN3EujUlk1lTTY5mI1pG1f4drR1QgPEqwfYDZzt1Xl.tt92cm8zDz3N9D0OncV//////////:5\n" + "7:3//////////yaFsg8XQC8qnCPYYu3S7D4f0au8YcVCT08BlgOx4viYKKe8UOuq1DtlbHcppJf36p0h2ctoNnGtJ.4rRMrHmaNaXRLsObv.nlHCGkccD.rh2/zSjlG6j.tkE6lxMecVfQwV915yIn/cIIXcKUpaMpt207oueME/1PZQI3OSLTEQQHO/gFqapr.3PLqZtAEjbXnYyrOWXLAxdjKf1t2Mbcrd33LEIhoO1F5qR0ZA625yCf1UHYuspZlZddSi60w60vidWwBi1wAFjSLTy6zCKidUAylsbLWN63cLINpgbMhb5T8c69Zw1H0LSevQYgh4BQqp5mq4K7epg5KXgzySkcJi.uK4MDll2ehgSLTT1WnzivSFXQRXvCUhzQwCsmaprnwCbE1A9M6TpkFI9XhIxclnB/e6sOe8PDXs0dC.o6faKXyh61Tx80oxuHTNUc5TR7S9YC2wsKRY2E9Fe7Jbgp53srlyuFqGZak2qI2f8GW16d8y4gU7vjU8SPeGlRfR9fd39nXgzE8y6fHeDBOL2zebW.dAAjHCwDkxmji4texvBexy51..ogOeV5b7Jcl0NPcoba.WaCEY8pkXXb5Rv.qVOIbmpkBNhxWRtNOXS4WSq0QH9zMmMgcJjEgOZO/TmOR/jzoGfi2FJVGroJG2X98sm/gqqdnm9i7KtB9W9aRUoNKUTZswDxtu/vG6hPvJ3kNRE2z1C06ki6fJxP0ds34NboUmXbg96De.s.lFcnJjHCvikixKknlRVnH7vimbIpCWKL4hrwz2RxZq0JUCqhzPWye1nakIxF0owXNHSXq3z8BNpcvq/lRLNd0lHfWCWhMeG36G2noUMUV9Vxx7wFCZgNf.Dio8lWyTHRV/M5h5IzG7iYj1LAhCZsr.lqZXs1JCNj8FW3VWfvSLxlARuoW6eTMBjyNQTlLGgZsA7x/mwndCiQCJrLpQLidiBlAMCZX/wDTkF0He13wFPZz8OEuIlorR2tHqrkQK.HvjlX5PTAEIRnB.vUGuTtosgJBVZDY.nD1pkJ6wEyWojesTqm1q7wU/Yln7xILszfDhf2HcEgjZd5hazMWq8xHqA/79U2EF5ilZdMKju/sullo4YjaY8Yu4f0Dy1nFhLwWQ8/37D7FyP6pgC6jBoyY6BuE5tVgTIt.Ym8VeUMWp0.rRtJe6Appriw9ufcqg4/W/HFWjtp4Eu7IhQZP5b.YPe2LTmMJp7CK8HeKT.Qj86LtjVg6nrH2zVkTDS/hpQyCUpw9eDP16zEk7dv902KEBI1niruYQ02xLxZWhoHaDflm2RaULMEH7LdVfgfumKE9sLfJVo1zMw82vRd5WoO3TcEtJt///////////:J\n" + "9:3//////////wtuL5YYkqgQhznM82SzFF7OkSM3pYqsbQdXDa4KP3Fxp9ETpYIRFlbzB.DZOmnrsFQ1iWAkn65wqzyUrTNzPM4aC/KVNmPkq8LZPLKzxHhpjLSJNdzNoJMOJmnmuEQBT.AcYThpx.Xo7V5OeJQjvpKmhCfFI3fvUhmAiOAp9FjXqGYfIxB8u/kvQjgtODVqQ1rFGgFUEKtqhbRjvsDoknaB1wV8xWfjS9u2/E7Dz.Bim3G4pIWqBs6HSlwSwOM3/uvF4ZBkye63m/ux6qnlhNCxjVoyBi8W1SMEyODz5eEonlDA9i6ox/g8Qq8uOIXSb///////////:2\n"; void doit(void) { @@ -378,4 +372,4 @@ void doit(void) remove("tpasswd.conf"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/srpbase64.c b/tests/srpbase64.c index 28a95fc4fc..3de3e2cedc 100644 --- a/tests/srpbase64.c +++ b/tests/srpbase64.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,7 +35,7 @@ #ifdef ENABLE_SRP -static void encode(const char *test_name, const gnutls_datum_t * raw, +static void encode(const char *test_name, const gnutls_datum_t *raw, const char *expected) { int ret; @@ -49,12 +49,14 @@ static void encode(const char *test_name, const gnutls_datum_t * raw, } if (strlen(expected) != out.size) { - fail("%s: gnutls_srp_base64_encode2: output has incorrect size (%d, expected %d)\n", test_name, (int)out.size, (int)strlen(expected)); + fail("%s: gnutls_srp_base64_encode2: output has incorrect size (%d, expected %d)\n", + test_name, (int)out.size, (int)strlen(expected)); exit(1); } if (strncasecmp(expected, (char *)out.data, out.size) != 0) { - fail("%s: gnutls_srp_base64_encode2: output does not match the expected\n", test_name); + fail("%s: gnutls_srp_base64_encode2: output does not match the expected\n", + test_name); exit(1); } @@ -70,12 +72,14 @@ static void encode(const char *test_name, const gnutls_datum_t * raw, } if (raw->size != out.size) { - fail("%s: gnutls_srp_base64_decode2: output has incorrect size (%d, expected %d)\n", test_name, out.size, raw->size); + fail("%s: gnutls_srp_base64_decode2: output has incorrect size (%d, expected %d)\n", + test_name, out.size, raw->size); exit(1); } if (memcmp(raw->data, out.data, out.size) != 0) { - fail("%s: gnutls_srp_base64_decode2: output does not match the expected\n", test_name); + fail("%s: gnutls_srp_base64_decode2: output does not match the expected\n", + test_name); exit(1); } @@ -84,7 +88,7 @@ static void encode(const char *test_name, const gnutls_datum_t * raw, return; } -static void decode(const char *test_name, const gnutls_datum_t * raw, +static void decode(const char *test_name, const gnutls_datum_t *raw, const char *hex, int res) { int ret; @@ -94,7 +98,7 @@ static void decode(const char *test_name, const gnutls_datum_t * raw, in.size = strlen(hex); ret = gnutls_srp_base64_decode2(&in, &out); if (ret < 0) { - if (res == ret) /* expected */ + if (res == ret) /* expected */ return; fail("%s: gnutls_srp_base64_decode2: %d/%s\n", test_name, ret, gnutls_strerror(ret)); @@ -102,17 +106,20 @@ static void decode(const char *test_name, const gnutls_datum_t * raw, } if (res != 0) { - fail("%s: gnutls_srp_base64_decode2: expected failure, but succeeded!\n", test_name); + fail("%s: gnutls_srp_base64_decode2: expected failure, but succeeded!\n", + test_name); exit(1); } if (raw->size != out.size) { - fail("%s: gnutls_srp_base64_decode2: output has incorrect size (%d, expected %d)\n", test_name, out.size, raw->size); + fail("%s: gnutls_srp_base64_decode2: output has incorrect size (%d, expected %d)\n", + test_name, out.size, raw->size); exit(1); } if (memcmp(raw->data, out.data, out.size) != 0) { - fail("%s: gnutls_srp_base64_decode2: output does not match the expected\n", test_name); + fail("%s: gnutls_srp_base64_decode2: output does not match the expected\n", + test_name); exit(1); } @@ -128,20 +135,14 @@ struct encode_tests_st { }; struct encode_tests_st encode_tests[] = { - { - .name = "rnd1", - .sb64 = "3scaQAX6bwA8FQKirWBpbu", - .raw = {(void *) - "\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78", - 16} - }, - { - .name = "rnd2", - .sb64 = "id/k5HdTEqyZFPsLpdvYyGjxv", - .raw = {(void *) - "\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", - 19} - } + { .name = "rnd1", + .sb64 = "3scaQAX6bwA8FQKirWBpbu", + .raw = { (void *)"\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78", + 16 } }, + { .name = "rnd2", + .sb64 = "id/k5HdTEqyZFPsLpdvYyGjxv", + .raw = { (void *)"\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", + 19 } } }; struct decode_tests_st { @@ -152,27 +153,21 @@ struct decode_tests_st { }; struct decode_tests_st decode_tests[] = { - { - .name = "dec-rnd1", - .sb64 = "3scaQAX6bwA8FQKirWBpbu", - .raw = {(void *) - "\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78", - 16}, - .res = 0}, - { - .name = "dec-rnd2", - .sb64 = "id/k5HdTEqyZFPsLpdvYyGjxv", - .raw = {(void *) - "\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", - 19}, - .res = 0}, - { - .name = "dec-extra-chars", - .sb64 = " id/k5HdTEqyZFPsLpdvYyGjxv ", - .raw = {(void *) - "\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", - 19}, - .res = GNUTLS_E_BASE64_DECODING_ERROR} + { .name = "dec-rnd1", + .sb64 = "3scaQAX6bwA8FQKirWBpbu", + .raw = { (void *)"\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78", + 16 }, + .res = 0 }, + { .name = "dec-rnd2", + .sb64 = "id/k5HdTEqyZFPsLpdvYyGjxv", + .raw = { (void *)"\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", + 19 }, + .res = 0 }, + { .name = "dec-extra-chars", + .sb64 = " id/k5HdTEqyZFPsLpdvYyGjxv ", + .raw = { (void *)"\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", + 19 }, + .res = GNUTLS_E_BASE64_DECODING_ERROR } }; void doit(void) diff --git a/tests/ssl2-hello.c b/tests/ssl2-hello.c index 578cff6c10..7d4bb79fd7 100644 --- a/tests/ssl2-hello.c +++ b/tests/ssl2-hello.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -43,17 +43,17 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# endif -# include -# include +#include +#include +#include +#if !defined(_WIN32) +#include +#endif +#include +#include -# include "utils.h" -# include "cert-common.h" +#include "utils.h" +#include "cert-common.h" pid_t child; @@ -67,12 +67,12 @@ static void tls_log_func(int level, const char *str) */ static unsigned char ssl2_hello[] = - "\x80\x59\x01\x03\x01\x00\x30\x00\x00\x00\x20\x00\x00\x39\x00\x00" - "\x38\x00\x00\x35\x00\x00\x16\x00\x00\x13\x00\x00\x0a\x00\x00\x33" - "\x00\x00\x32\x00\x00\x2f\x00\x00\x07\x00\x00\x05\x00\x00\x04\x00" - "\x00\x15\x00\x00\x12\x00\x00\x09\x00\x00\xff\xb1\xc9\x95\x1a\x02" - "\x6c\xd6\x42\x11\x6e\x99\xe2\x84\x97\xc9\x17\x53\xaf\x53\xf7\xfc" - "\x8d\x1e\x72\x87\x18\x53\xee\xa6\x7d\x18\xc6"; + "\x80\x59\x01\x03\x01\x00\x30\x00\x00\x00\x20\x00\x00\x39\x00\x00" + "\x38\x00\x00\x35\x00\x00\x16\x00\x00\x13\x00\x00\x0a\x00\x00\x33" + "\x00\x00\x32\x00\x00\x2f\x00\x00\x07\x00\x00\x05\x00\x00\x04\x00" + "\x00\x15\x00\x00\x12\x00\x00\x09\x00\x00\xff\xb1\xc9\x95\x1a\x02" + "\x6c\xd6\x42\x11\x6e\x99\xe2\x84\x97\xc9\x17\x53\xaf\x53\xf7\xfc" + "\x8d\x1e\x72\x87\x18\x53\xee\xa6\x7d\x18\xc6"; static unsigned char tls_alert[] = "\x15\x03\x01\x00\x02\x02\x5A"; @@ -135,8 +135,8 @@ static void server(int sd) gnutls_transport_set_int(session, sd); ret = gnutls_handshake(session); - if (ret != GNUTLS_E_FATAL_ALERT_RECEIVED - || gnutls_alert_get(session) != GNUTLS_A_USER_CANCELED) { + if (ret != GNUTLS_E_FATAL_ALERT_RECEIVED || + gnutls_alert_get(session) != GNUTLS_A_USER_CANCELED) { fail("server: Handshake failed unexpectedly (%s)\n\n", gnutls_strerror(ret)); return; @@ -190,4 +190,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/ssl30-cert-key-exchange.c b/tests/ssl30-cert-key-exchange.c index c816445959..f6dc0b8d36 100644 --- a/tests/ssl30-cert-key-exchange.c +++ b/tests/ssl30-cert-key-exchange.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the various certificate key exchange methods supported diff --git a/tests/ssl30-cipher-neg.c b/tests/ssl30-cipher-neg.c index af4d63ce1a..cda894ba9a 100644 --- a/tests/ssl30-cipher-neg.c +++ b/tests/ssl30-cipher-neg.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the ciphersuite negotiation for various key exchange @@ -38,82 +38,70 @@ #include "cipher-neg-common.c" test_case_st tests[] = { - { - .name = "server SSL 3.0: AES-128-CBC (server)", - .cipher = GNUTLS_CIPHER_AES_128_CBC, - .server_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+VERS-SSL3.0:+AES-128-CBC"}, - { - .name = "both SSL 3.0: AES-128-CBC (server)", - .cipher = GNUTLS_CIPHER_AES_128_CBC, - .server_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+AES-128-CBC:+VERS-SSL3.0"}, - { - .name = "client SSL 3.0: AES-128-CBC (client)", - .cipher = GNUTLS_CIPHER_AES_128_CBC, - .server_prio = "NORMAL:+VERS-SSL3.0:+AES-128-CBC", - .client_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0"}, - { - .name = "both SSL 3.0: AES-128-CBC (client)", - .cipher = GNUTLS_CIPHER_AES_128_CBC, - .server_prio = "NORMAL:+AES-128-CBC:+VERS-SSL3.0", - .client_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0"}, - { - .name = "server SSL 3.0: 3DES-CBC (server)", - .cipher = GNUTLS_CIPHER_3DES_CBC, - .server_prio = - "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+VERS-SSL3.0:+3DES-CBC"}, - { - .name = "both SSL 3.0: 3DES-CBC (server)", - .cipher = GNUTLS_CIPHER_3DES_CBC, - .server_prio = - "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+3DES-CBC:+VERS-SSL3.0"}, - { - .name = "client SSL 3.0: 3DES-CBC (client)", - .cipher = GNUTLS_CIPHER_3DES_CBC, - .server_prio = "NORMAL:+VERS-SSL3.0:+3DES-CBC", - .client_prio = - "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0"}, - { - .name = "both SSL 3.0: 3DES-CBC (client)", - .cipher = GNUTLS_CIPHER_3DES_CBC, - .server_prio = "NORMAL:+3DES-CBC:+VERS-SSL3.0", - .client_prio = - "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0"}, - { - .name = "server SSL 3.0: ARCFOUR-128 (server)", - .cipher = GNUTLS_CIPHER_ARCFOUR_128, - .not_on_fips = 1, - .server_prio = - "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+VERS-SSL3.0:+ARCFOUR-128"}, - { - .name = "both SSL 3.0: ARCFOUR-128 (server)", - .cipher = GNUTLS_CIPHER_ARCFOUR_128, - .not_on_fips = 1, - .server_prio = - "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+ARCFOUR-128:+VERS-SSL3.0"}, - { - .name = "client SSL 3.0: ARCFOUR-128 (client)", - .cipher = GNUTLS_CIPHER_ARCFOUR_128, - .not_on_fips = 1, - .server_prio = "NORMAL:+VERS-SSL3.0:+ARCFOUR-128", - .client_prio = - "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0"}, - { - .name = "both SSL 3.0: ARCFOUR-128 (client)", - .cipher = GNUTLS_CIPHER_ARCFOUR_128, - .not_on_fips = 1, - .server_prio = "NORMAL:+ARCFOUR-128:+VERS-SSL3.0", - .client_prio = - "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0"} + { .name = "server SSL 3.0: AES-128-CBC (server)", + .cipher = GNUTLS_CIPHER_AES_128_CBC, + .server_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+VERS-SSL3.0:+AES-128-CBC" }, + { .name = "both SSL 3.0: AES-128-CBC (server)", + .cipher = GNUTLS_CIPHER_AES_128_CBC, + .server_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+AES-128-CBC:+VERS-SSL3.0" }, + { .name = "client SSL 3.0: AES-128-CBC (client)", + .cipher = GNUTLS_CIPHER_AES_128_CBC, + .server_prio = "NORMAL:+VERS-SSL3.0:+AES-128-CBC", + .client_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0" }, + { .name = "both SSL 3.0: AES-128-CBC (client)", + .cipher = GNUTLS_CIPHER_AES_128_CBC, + .server_prio = "NORMAL:+AES-128-CBC:+VERS-SSL3.0", + .client_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0" }, + { .name = "server SSL 3.0: 3DES-CBC (server)", + .cipher = GNUTLS_CIPHER_3DES_CBC, + .server_prio = + "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+VERS-SSL3.0:+3DES-CBC" }, + { .name = "both SSL 3.0: 3DES-CBC (server)", + .cipher = GNUTLS_CIPHER_3DES_CBC, + .server_prio = + "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+3DES-CBC:+VERS-SSL3.0" }, + { .name = "client SSL 3.0: 3DES-CBC (client)", + .cipher = GNUTLS_CIPHER_3DES_CBC, + .server_prio = "NORMAL:+VERS-SSL3.0:+3DES-CBC", + .client_prio = + "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0" }, + { .name = "both SSL 3.0: 3DES-CBC (client)", + .cipher = GNUTLS_CIPHER_3DES_CBC, + .server_prio = "NORMAL:+3DES-CBC:+VERS-SSL3.0", + .client_prio = + "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0" }, + { .name = "server SSL 3.0: ARCFOUR-128 (server)", + .cipher = GNUTLS_CIPHER_ARCFOUR_128, + .not_on_fips = 1, + .server_prio = + "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+VERS-SSL3.0:+ARCFOUR-128" }, + { .name = "both SSL 3.0: ARCFOUR-128 (server)", + .cipher = GNUTLS_CIPHER_ARCFOUR_128, + .not_on_fips = 1, + .server_prio = + "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+ARCFOUR-128:+VERS-SSL3.0" }, + { .name = "client SSL 3.0: ARCFOUR-128 (client)", + .cipher = GNUTLS_CIPHER_ARCFOUR_128, + .not_on_fips = 1, + .server_prio = "NORMAL:+VERS-SSL3.0:+ARCFOUR-128", + .client_prio = + "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0" }, + { .name = "both SSL 3.0: ARCFOUR-128 (client)", + .cipher = GNUTLS_CIPHER_ARCFOUR_128, + .not_on_fips = 1, + .server_prio = "NORMAL:+ARCFOUR-128:+VERS-SSL3.0", + .client_prio = + "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-SSL3.0" } }; void doit(void) diff --git a/tests/ssl30-server-kx-neg.c b/tests/ssl30-server-kx-neg.c index e8085e03e8..537f5a4c2f 100644 --- a/tests/ssl30-server-kx-neg.c +++ b/tests/ssl30-server-kx-neg.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the ciphersuite negotiation for various key exchange @@ -38,108 +38,94 @@ #include "server-kx-neg-common.c" test_case_st tests[] = { - { - .name = "SSL 3.0 ANON-DH without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-SSL3.0", - .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-SSL3.0"}, - { - .name = "SSL 3.0 ANON-DH with cred but no DH params", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_anon_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-SSL3.0", - .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-SSL3.0"}, - { - .name = "SSL 3.0 ANON-DH with cred and DH params", - .server_ret = 0, - .client_ret = 0, - .have_anon_cred = 1, - .have_anon_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-SSL3.0", - .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-SSL3.0"}, - { - .name = "SSL 3.0 DHE-RSA without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0"}, - { - .name = "SSL 3.0 DHE-RSA with cred but no DH params or cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0"}, - { - .name = "SSL 3.0 DHE-RSA with cred and cert but no DH params", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0"}, - { - .name = "SSL 3.0 DHE-RSA with cred and DH params but no cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_cert_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0"}, - { - .name = - "SSL 3.0 DHE-RSA with cred and incompatible cert and DH params", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_rsa_decrypt_cert = 1, - .have_ecc_sign_cert = 1, - .have_cert_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0"}, - { - .name = "SSL 3.0 DHE-RSA with cred and cert and DH params", - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_cert_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0"}, - { - .name = "SSL 3.0 DHE-RSA with cred and multiple certs and DH params", - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_ecc_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .have_cert_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0"}, - { - .name = "SSL 3.0 DHE-PSK without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-SSL3.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-SSL3.0"}, - { - .name = "SSL 3.0 DHE-PSK with cred but no DH params", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_psk_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-SSL3.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-SSL3.0"}, - { - .name = "SSL 3.0 DHE-PSK with cred DH params", - .client_ret = 0, - .server_ret = 0, - .have_psk_cred = 1, - .have_psk_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-SSL3.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-SSL3.0"} + { .name = "SSL 3.0 ANON-DH without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-SSL3.0", + .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-SSL3.0" }, + { .name = "SSL 3.0 ANON-DH with cred but no DH params", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_anon_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-SSL3.0", + .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-SSL3.0" }, + { .name = "SSL 3.0 ANON-DH with cred and DH params", + .server_ret = 0, + .client_ret = 0, + .have_anon_cred = 1, + .have_anon_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-SSL3.0", + .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-SSL3.0" }, + { .name = "SSL 3.0 DHE-RSA without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0" }, + { .name = "SSL 3.0 DHE-RSA with cred but no DH params or cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0" }, + { .name = "SSL 3.0 DHE-RSA with cred and cert but no DH params", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0" }, + { .name = "SSL 3.0 DHE-RSA with cred and DH params but no cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_cert_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0" }, + { .name = "SSL 3.0 DHE-RSA with cred and incompatible cert and DH params", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_rsa_decrypt_cert = 1, + .have_ecc_sign_cert = 1, + .have_cert_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0" }, + { .name = "SSL 3.0 DHE-RSA with cred and cert and DH params", + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_cert_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0" }, + { .name = "SSL 3.0 DHE-RSA with cred and multiple certs and DH params", + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_ecc_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .have_cert_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-SSL3.0" }, + { .name = "SSL 3.0 DHE-PSK without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-SSL3.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-SSL3.0" }, + { .name = "SSL 3.0 DHE-PSK with cred but no DH params", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_psk_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-SSL3.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-SSL3.0" }, + { .name = "SSL 3.0 DHE-PSK with cred DH params", + .client_ret = 0, + .server_ret = 0, + .have_psk_cred = 1, + .have_psk_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-SSL3.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-SSL3.0" } }; void doit(void) diff --git a/tests/status-request-ext.c b/tests/status-request-ext.c index c4eb7b3491..4dedc0cd05 100644 --- a/tests/status-request-ext.c +++ b/tests/status-request-ext.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,18 +35,18 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "cert-common.h" +#include "utils.h" /* This program tests that the server does not send the * status request extension if no status response exists. That @@ -64,24 +64,30 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define SKIP16(pos, total) { \ - uint16_t _s; \ - if (pos+2 > total) fail("error\n"); \ - _s = (msg->data[pos] << 8) | msg->data[pos+1]; \ - if ((size_t)(pos+2+_s) > total) fail("error\n"); \ - pos += 2+_s; \ +#define SKIP16(pos, total) \ + { \ + uint16_t _s; \ + if (pos + 2 > total) \ + fail("error\n"); \ + _s = (msg->data[pos] << 8) | msg->data[pos + 1]; \ + if ((size_t)(pos + 2 + _s) > total) \ + fail("error\n"); \ + pos += 2 + _s; \ } -# define SKIP8(pos, total) { \ - uint8_t _s; \ - if (pos+1 > total) fail("error\n"); \ - _s = msg->data[pos]; \ - if ((size_t)(pos+1+_s) > total) fail("error\n"); \ - pos += 1+_s; \ +#define SKIP8(pos, total) \ + { \ + uint8_t _s; \ + if (pos + 1 > total) \ + fail("error\n"); \ + _s = msg->data[pos]; \ + if ((size_t)(pos + 1 + _s) > total) \ + fail("error\n"); \ + pos += 1 + _s; \ } -# define TLS_EXT_STATUS_REQUEST 5 -# define HANDSHAKE_SESSION_ID_POS 34 +#define TLS_EXT_STATUS_REQUEST 5 +#define HANDSHAKE_SESSION_ID_POS 34 /* This returns either the application-specific ID extension contents, * or the session ID contents. The former is used on the new protocol, @@ -106,7 +112,7 @@ static void client_log_func(int level, const char *str) */ static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { size_t pos = 0; /* A client hello packet. We can get the session ID and figure @@ -142,7 +148,7 @@ static int handshake_callback(gnutls_session_t session, unsigned int htype, pos += 2; if (type != TLS_EXT_STATUS_REQUEST) { SKIP16(pos, msg->size); - } else { /* found */ + } else { /* found */ fail("found extension, although no status response\n"); break; } @@ -151,7 +157,7 @@ static int handshake_callback(gnutls_session_t session, unsigned int htype, return 0; } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, const char *prio) { @@ -186,8 +192,7 @@ static void client(int fd, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret == GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM) { /* success */ @@ -203,12 +208,12 @@ static void client(int fd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -270,14 +275,14 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* do not wait for the peer to close the connection. */ gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); gnutls_deinit(session); @@ -338,4 +343,4 @@ void doit(void) start("default", "NORMAL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/status-request-ok.c b/tests/status-request-ok.c index 3a324cef74..6310366336 100644 --- a/tests/status-request-ok.c +++ b/tests/status-request-ok.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,18 +35,18 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" /* This program tests the status request extension and that receiving the * certificate status works. @@ -63,63 +63,61 @@ static void client_log_func(int level, const char *str) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; static int sent = 0; static int received = 0; static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { success("received status request\n"); received = 1; return 0; } -# define RESP "\x30\x82\x06\x8C\x0A\x01\x00\xA0\x82\x06\x85\x30\x82\x06\x81\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\x72\x30\x82\x06\x6E\x30\x82\x01\x07\xA1\x69\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\x30\x64\x30\x62\x30\x3A\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\x13\x9D\xA0\x9E\xF4\x32\xAB\x8F\xE2\x89\x56\x67\xFA\xD0\xD4\xE3\x35\x86\x71\xB9\x04\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\x02\x01\x1D\x80\x00\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\xA0\x11\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x39\x32\x38\x5A\xA1\x23\x30\x21\x30\x1F\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x16\x89\x7D\x91\x3A\xB5\x25\xA4\x45\xFE\xC9\xFD\xC2\xE5\x08\xA4\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x4E\xAD\x6B\x2B\xF7\xF2\xBF\xA9\x23\x1E\x3A\x0B\x06\xDB\x55\x53\x2B\x64\x54\x11\x32\xBF\x60\xF7\x4F\xE0\x8E\x9B\xA0\xA2\x4C\x79\xC3\x2A\xE0\x43\xF7\x40\x1A\xDC\xB9\xB4\x25\xEF\x48\x01\x97\x8C\xF5\x1E\xDB\xD1\x30\x37\x73\x69\xD6\xA7\x7A\x2D\x8E\xDE\x5C\xAA\xEA\x39\xB9\x52\xAA\x25\x1E\x74\x7D\xF9\x78\x95\x8A\x92\x1F\x98\x21\xF4\x60\x7F\xD3\x28\xEE\x47\x9C\xBF\xE2\x5D\xF6\x3F\x68\x0A\xD6\xFF\x08\xC1\xDC\x95\x1E\x29\xD7\x3E\x85\xD5\x65\xA4\x4B\xC0\xAF\xC3\x78\xAB\x06\x98\x88\x19\x8A\x64\xA6\x83\x91\x87\x13\xDB\x17\xCC\x46\xBD\xAB\x4E\xC7\x16\xD1\xF8\x35\xFD\x27\xC8\xF6\x6B\xEB\x37\xB8\x08\x6F\xE2\x6F\xB4\x7E\xD5\x68\xDB\x7F\x5D\x5E\x36\x38\xF2\x77\x59\x13\xE7\x3E\x4D\x67\x5F\xDB\xA2\xF5\x5D\x7C\xBF\xBD\xB5\x37\x33\x51\x36\x63\xF8\x21\x1E\xFC\x73\x8F\x32\x69\xBB\x97\xA7\xBD\xF1\xB6\xE0\x40\x09\x68\xEA\xD5\x93\xB8\xBB\x39\x8D\xA8\x16\x1B\xBF\x04\x7A\xBC\x18\x43\x01\xE9\x3C\x19\x5C\x4D\x4B\x98\xD8\x23\x37\x39\xA4\xC4\xDD\xED\x9C\xEC\x37\xAB\x66\x44\x9B\xE7\x5B\x5D\x32\xA2\xDB\xA6\x0B\x3B\x8C\xE1\xF5\xDB\xCB\x7D\x58\xA0\x82\x04\x4B\x30\x82\x04\x47\x30\x82\x04\x43\x30\x82\x03\x2B\xA0\x03\x02\x01\x02\x02\x01\x1E\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x1E\x17\x0D\x30\x39\x31\x31\x32\x34\x31\x32\x35\x31\x35\x33\x5A\x17\x0D\x31\x34\x31\x31\x32\x33\x31\x32\x35\x31\x35\x33\x5A\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\xBC\x05\x3E\x4B\xBE\xC6\xB1\x33\x48\x0E\xC3\xD4\x0C\xEF\x83\x0B\xBD\xBC\x57\x5F\x14\xEF\xF5\x6D\x0B\xFF\xFA\x01\x9C\xFA\x21\x6D\x5C\xAE\x79\x29\x74\xFE\xBD\xAB\x70\x87\x98\x6B\x48\x35\x79\xE3\xE0\xC1\x14\x41\x1F\x0A\xF7\xE7\xA3\xA6\xDA\x6B\xFF\xCD\x74\xE9\x95\x00\x38\xAA\xD6\x3A\x60\xC6\x64\xA1\xE6\x02\x39\x58\x4E\xFD\xF2\x78\x08\x63\xB6\xD7\x7A\x96\x79\x62\x18\x39\xEE\x27\x8D\x3B\xA2\x3D\x48\x88\xDB\x43\xD6\x6A\x77\x20\x6A\x27\x39\x50\xE0\x02\x50\x19\xF2\x7A\xCF\x78\x23\x99\x01\xD4\xE5\xB1\xD1\x31\xE6\x6B\x84\xAF\xD0\x77\x41\x46\x85\xB0\x3B\xE6\x6A\x00\x0F\x3B\x7E\x95\x7F\x59\xA8\x22\xE8\x49\x49\x05\xC8\xCB\x6C\xEE\x47\xA7\x2D\xC9\x74\x5B\xEB\x8C\xD5\x99\xC2\xE2\x70\xDB\xEA\x87\x43\x84\x0E\x4F\x83\x1C\xA6\xEB\x1F\x22\x38\x17\x69\x9B\x72\x12\x95\x48\x71\xB2\x7B\x92\x73\x52\xAB\xE3\x1A\xA5\xD3\xF4\x44\x14\xBA\xC3\x35\xDA\x91\x6C\x7D\xB4\xC2\x00\x07\xD8\x0A\x51\xF1\x0D\x4C\xD9\x7A\xD1\x99\xE6\xA8\x8D\x0A\x80\xA8\x91\xDD\x8A\xA2\x6B\xF6\xDB\xB0\x3E\xC9\x71\xA9\xE0\x39\xC3\xA3\x58\x0D\x87\xD0\xB2\xA7\x9C\xB7\x69\x02\x03\x01\x00\x01\xA3\x82\x01\x1A\x30\x82\x01\x16\x30\x09\x06\x03\x55\x1D\x13\x04\x02\x30\x00\x30\x0B\x06\x03\x55\x1D\x0F\x04\x04\x03\x02\x03\xA8\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x34\x91\x6E\x91\x32\xBF\x35\x25\x43\xCC\x28\x74\xEF\x82\xC2\x57\x92\x79\x13\x73\x30\x6D\x06\x03\x55\x1D\x23\x04\x66\x30\x64\x80\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\xA1\x49\xA4\x47\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x82\x01\x00\x30\x1E\x06\x03\x55\x1D\x11\x04\x17\x30\x15\x82\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x13\x06\x03\x55\x1D\x25\x04\x0C\x30\x0A\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x39\x06\x03\x55\x1D\x1F\x04\x32\x30\x30\x30\x2E\xA0\x2C\xA0\x2A\x86\x28\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x2F\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x63\x72\x6C\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x03\x82\x01\x01\x00\x6D\x78\xD7\x66\x90\xA6\xEB\xDD\xB5\x09\x48\xA4\xDA\x27\xFA\xAC\xB1\xBC\x8F\x8C\xBE\xCC\x8C\x09\xA2\x40\x0D\x6C\x4A\xAE\x72\x22\x1E\xC8\xAF\x6D\xF1\x12\xAF\xD7\x40\x51\x79\xD4\xDD\xB2\x0C\xDB\x97\x84\xB6\x24\xD5\xF5\xA8\xBB\xC0\x4B\xF9\x7F\x71\xF7\xB0\x65\x42\x4A\x7D\xFE\x76\x7E\x05\xD2\x46\xB8\x7D\xB3\x39\x4C\x5C\xB1\xFA\xB9\xEE\x3B\x70\x33\x39\x57\x1A\xB9\x95\x51\x33\x00\x25\x1B\x4C\xAA\xB4\xA7\x55\xAF\x63\x6D\x6F\x88\x17\x6A\x7F\xB0\x97\xDE\x49\x14\x6A\x27\x6A\xB0\x42\x80\xD6\xA6\x9B\xEF\x04\x5E\x11\x7D\xD5\x8E\x54\x20\xA2\x76\xD4\x66\x58\xAC\x9C\x12\xD3\xF5\xCA\x54\x98\xCA\x21\xEC\xC1\x55\xA1\x2F\x68\x0B\x5D\x04\x50\xD2\x5E\x70\x25\xD8\x13\xD9\x44\x51\x0E\x8A\x42\x08\x18\x84\xE6\x61\xCE\x5A\x7D\x7B\x81\x35\x90\xC3\xD4\x9D\x19\xB6\x37\xEE\x8F\x63\x5C\xDA\xD8\xF0\x64\x60\x39\xEB\x9B\x1C\x54\x66\x75\x76\xB5\x0A\x58\xB9\x3F\x91\xE1\x21\x9C\xA0\x50\x15\x97\xB6\x7E\x41\xBC\xD0\xC4\x21\x4C\xF5\xD7\xF0\x13\xF8\x77\xE9\x74\xC4\x8A\x0E\x20\x17\x32\xAE\x38\xC2\xA5\xA8\x62\x85\x17\xB1\xA2\xD3\x22\x9F\x95\xB7\xA3\x4C" -# define RESP_SIZE (sizeof(RESP)-1) +#define RESP \ + "\x30\x82\x06\x8C\x0A\x01\x00\xA0\x82\x06\x85\x30\x82\x06\x81\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\x72\x30\x82\x06\x6E\x30\x82\x01\x07\xA1\x69\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\x30\x64\x30\x62\x30\x3A\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\x13\x9D\xA0\x9E\xF4\x32\xAB\x8F\xE2\x89\x56\x67\xFA\xD0\xD4\xE3\x35\x86\x71\xB9\x04\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\x02\x01\x1D\x80\x00\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\xA0\x11\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x39\x32\x38\x5A\xA1\x23\x30\x21\x30\x1F\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x16\x89\x7D\x91\x3A\xB5\x25\xA4\x45\xFE\xC9\xFD\xC2\xE5\x08\xA4\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x4E\xAD\x6B\x2B\xF7\xF2\xBF\xA9\x23\x1E\x3A\x0B\x06\xDB\x55\x53\x2B\x64\x54\x11\x32\xBF\x60\xF7\x4F\xE0\x8E\x9B\xA0\xA2\x4C\x79\xC3\x2A\xE0\x43\xF7\x40\x1A\xDC\xB9\xB4\x25\xEF\x48\x01\x97\x8C\xF5\x1E\xDB\xD1\x30\x37\x73\x69\xD6\xA7\x7A\x2D\x8E\xDE\x5C\xAA\xEA\x39\xB9\x52\xAA\x25\x1E\x74\x7D\xF9\x78\x95\x8A\x92\x1F\x98\x21\xF4\x60\x7F\xD3\x28\xEE\x47\x9C\xBF\xE2\x5D\xF6\x3F\x68\x0A\xD6\xFF\x08\xC1\xDC\x95\x1E\x29\xD7\x3E\x85\xD5\x65\xA4\x4B\xC0\xAF\xC3\x78\xAB\x06\x98\x88\x19\x8A\x64\xA6\x83\x91\x87\x13\xDB\x17\xCC\x46\xBD\xAB\x4E\xC7\x16\xD1\xF8\x35\xFD\x27\xC8\xF6\x6B\xEB\x37\xB8\x08\x6F\xE2\x6F\xB4\x7E\xD5\x68\xDB\x7F\x5D\x5E\x36\x38\xF2\x77\x59\x13\xE7\x3E\x4D\x67\x5F\xDB\xA2\xF5\x5D\x7C\xBF\xBD\xB5\x37\x33\x51\x36\x63\xF8\x21\x1E\xFC\x73\x8F\x32\x69\xBB\x97\xA7\xBD\xF1\xB6\xE0\x40\x09\x68\xEA\xD5\x93\xB8\xBB\x39\x8D\xA8\x16\x1B\xBF\x04\x7A\xBC\x18\x43\x01\xE9\x3C\x19\x5C\x4D\x4B\x98\xD8\x23\x37\x39\xA4\xC4\xDD\xED\x9C\xEC\x37\xAB\x66\x44\x9B\xE7\x5B\x5D\x32\xA2\xDB\xA6\x0B\x3B\x8C\xE1\xF5\xDB\xCB\x7D\x58\xA0\x82\x04\x4B\x30\x82\x04\x47\x30\x82\x04\x43\x30\x82\x03\x2B\xA0\x03\x02\x01\x02\x02\x01\x1E\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x1E\x17\x0D\x30\x39\x31\x31\x32\x34\x31\x32\x35\x31\x35\x33\x5A\x17\x0D\x31\x34\x31\x31\x32\x33\x31\x32\x35\x31\x35\x33\x5A\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\xBC\x05\x3E\x4B\xBE\xC6\xB1\x33\x48\x0E\xC3\xD4\x0C\xEF\x83\x0B\xBD\xBC\x57\x5F\x14\xEF\xF5\x6D\x0B\xFF\xFA\x01\x9C\xFA\x21\x6D\x5C\xAE\x79\x29\x74\xFE\xBD\xAB\x70\x87\x98\x6B\x48\x35\x79\xE3\xE0\xC1\x14\x41\x1F\x0A\xF7\xE7\xA3\xA6\xDA\x6B\xFF\xCD\x74\xE9\x95\x00\x38\xAA\xD6\x3A\x60\xC6\x64\xA1\xE6\x02\x39\x58\x4E\xFD\xF2\x78\x08\x63\xB6\xD7\x7A\x96\x79\x62\x18\x39\xEE\x27\x8D\x3B\xA2\x3D\x48\x88\xDB\x43\xD6\x6A\x77\x20\x6A\x27\x39\x50\xE0\x02\x50\x19\xF2\x7A\xCF\x78\x23\x99\x01\xD4\xE5\xB1\xD1\x31\xE6\x6B\x84\xAF\xD0\x77\x41\x46\x85\xB0\x3B\xE6\x6A\x00\x0F\x3B\x7E\x95\x7F\x59\xA8\x22\xE8\x49\x49\x05\xC8\xCB\x6C\xEE\x47\xA7\x2D\xC9\x74\x5B\xEB\x8C\xD5\x99\xC2\xE2\x70\xDB\xEA\x87\x43\x84\x0E\x4F\x83\x1C\xA6\xEB\x1F\x22\x38\x17\x69\x9B\x72\x12\x95\x48\x71\xB2\x7B\x92\x73\x52\xAB\xE3\x1A\xA5\xD3\xF4\x44\x14\xBA\xC3\x35\xDA\x91\x6C\x7D\xB4\xC2\x00\x07\xD8\x0A\x51\xF1\x0D\x4C\xD9\x7A\xD1\x99\xE6\xA8\x8D\x0A\x80\xA8\x91\xDD\x8A\xA2\x6B\xF6\xDB\xB0\x3E\xC9\x71\xA9\xE0\x39\xC3\xA3\x58\x0D\x87\xD0\xB2\xA7\x9C\xB7\x69\x02\x03\x01\x00\x01\xA3\x82\x01\x1A\x30\x82\x01\x16\x30\x09\x06\x03\x55\x1D\x13\x04\x02\x30\x00\x30\x0B\x06\x03\x55\x1D\x0F\x04\x04\x03\x02\x03\xA8\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x34\x91\x6E\x91\x32\xBF\x35\x25\x43\xCC\x28\x74\xEF\x82\xC2\x57\x92\x79\x13\x73\x30\x6D\x06\x03\x55\x1D\x23\x04\x66\x30\x64\x80\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\xA1\x49\xA4\x47\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x82\x01\x00\x30\x1E\x06\x03\x55\x1D\x11\x04\x17\x30\x15\x82\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x13\x06\x03\x55\x1D\x25\x04\x0C\x30\x0A\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x39\x06\x03\x55\x1D\x1F\x04\x32\x30\x30\x30\x2E\xA0\x2C\xA0\x2A\x86\x28\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x2F\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x63\x72\x6C\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x03\x82\x01\x01\x00\x6D\x78\xD7\x66\x90\xA6\xEB\xDD\xB5\x09\x48\xA4\xDA\x27\xFA\xAC\xB1\xBC\x8F\x8C\xBE\xCC\x8C\x09\xA2\x40\x0D\x6C\x4A\xAE\x72\x22\x1E\xC8\xAF\x6D\xF1\x12\xAF\xD7\x40\x51\x79\xD4\xDD\xB2\x0C\xDB\x97\x84\xB6\x24\xD5\xF5\xA8\xBB\xC0\x4B\xF9\x7F\x71\xF7\xB0\x65\x42\x4A\x7D\xFE\x76\x7E\x05\xD2\x46\xB8\x7D\xB3\x39\x4C\x5C\xB1\xFA\xB9\xEE\x3B\x70\x33\x39\x57\x1A\xB9\x95\x51\x33\x00\x25\x1B\x4C\xAA\xB4\xA7\x55\xAF\x63\x6D\x6F\x88\x17\x6A\x7F\xB0\x97\xDE\x49\x14\x6A\x27\x6A\xB0\x42\x80\xD6\xA6\x9B\xEF\x04\x5E\x11\x7D\xD5\x8E\x54\x20\xA2\x76\xD4\x66\x58\xAC\x9C\x12\xD3\xF5\xCA\x54\x98\xCA\x21\xEC\xC1\x55\xA1\x2F\x68\x0B\x5D\x04\x50\xD2\x5E\x70\x25\xD8\x13\xD9\x44\x51\x0E\x8A\x42\x08\x18\x84\xE6\x61\xCE\x5A\x7D\x7B\x81\x35\x90\xC3\xD4\x9D\x19\xB6\x37\xEE\x8F\x63\x5C\xDA\xD8\xF0\x64\x60\x39\xEB\x9B\x1C\x54\x66\x75\x76\xB5\x0A\x58\xB9\x3F\x91\xE1\x21\x9C\xA0\x50\x15\x97\xB6\x7E\x41\xBC\xD0\xC4\x21\x4C\xF5\xD7\xF0\x13\xF8\x77\xE9\x74\xC4\x8A\x0E\x20\x17\x32\xAE\x38\xC2\xA5\xA8\x62\x85\x17\xB1\xA2\xD3\x22\x9F\x95\xB7\xA3\x4C" +#define RESP_SIZE (sizeof(RESP) - 1) static int status_func(gnutls_session_t session, void *ptr, - gnutls_datum_t * resp) + gnutls_datum_t *resp) { resp->data = gnutls_malloc(RESP_SIZE); if (resp->data == NULL) @@ -131,7 +129,7 @@ static int status_func(gnutls_session_t session, void *ptr, return 0; } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd) { @@ -171,8 +169,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret == GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM) { /* success */ @@ -188,8 +185,8 @@ static void client(int fd) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (received == 0) { fail("client: didn't receive status request\n"); @@ -197,7 +194,7 @@ static void client(int fd) gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -258,8 +255,8 @@ static void server(int fd) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (sent == 0) { fail("status request was sent\n"); @@ -270,7 +267,7 @@ static void server(int fd) */ gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); gnutls_deinit(session); @@ -324,4 +321,4 @@ void doit(void) return; } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/status-request-revoked.c b/tests/status-request-revoked.c index 657dd9faf3..60abc688dd 100644 --- a/tests/status-request-revoked.c +++ b/tests/status-request-revoked.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -36,19 +36,19 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" /* This program tests that the client does not send the * status request extension if GNUTLS_NO_DEFAULT_EXTENSIONS is set. @@ -64,7 +64,7 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1586000000; @@ -75,174 +75,173 @@ static time_t mytime(time_t * t) } static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEKjCCAhKgAwIBAgIIRiBQA6KFBj0wDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" - "AxMEaWNhMTAeFw0xOTEwMjQxNDA1MDBaFw0yMDEwMjQxNDAzMDBaMBoxGDAWBgNV\n" - "BAMTD3Rlc3Quc2VydmVyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC\n" - "ggEBAKgBiCBLx9eqe2tcCdkyDvQb3UZMR/Gs1mHaiW9zUbqnHkMD/N+0B+JRcfW2\n" - "P5WnQRTlSrWM/gFJh+va0Wtnu0VZWdBHhyR8Vq62DskNRSXUSTsQVqktaMmA/yPY\n" - "iYtY5069WUBoa1GD23BRaeoinLtmBEaUIvsAdCPQ5bCdaVSFOLlnuDxF6/bOAQAC\n" - "5EJ3UDAdqqGmHCQAJcKiCim2ttCIquLqAsgalHMKKBAdEm01o+LO6FOHK1OkwA1W\n" - "GiDNaojEojMS87x9VjmdiamvPuAALLAMMQ3fh8DxqAWA4pfkYWJKehnlPHdjPfkO\n" - "GjUvpezsWev5PBJKp5x6ce9vlgMCAwEAAaN/MH0wCQYDVR0TBAIwADALBgNVHQ8E\n" - "BAMCA4gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwGgYDVR0RBBMwEYIPdGVzdC5zZXJ2\n" - "ZXIuY29tMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovLzEwLjEu\n" - "Mi4yNDI6ODg4ODANBgkqhkiG9w0BAQsFAAOCAgEAK9Bo7i8Mj7t8l+nZqQ6ezG6d\n" - "sq5FYkr2h+T5C0Pt2RscMYAKRdBjAXmCTy1jhaojUVIupm/pK1YQAOgSQF5PMhLl\n" - "3W1SiLl2aU1A0HjHpHvN81YP5VeceHgoJrA5VYGYQohIyH9zfSJNb5TyhQcIHiqZ\n" - "aSC64c7sSywHC4vEHYyYu0LVMic4y7EWM2Y5Vh3xhB28jq5ixChCxG/i6rHt1fC+\n" - "1YsKQaE+sAY4QVjMYE8g4SldqMDpnSCiHDFBfWMGD5hGvp4WMfNXpuiDG9M8wAcT\n" - "A93NxnZqmUdksK/waGS7/uj/eY1hMU2Z/TVhaCDk146hH+lOUf6CnwM3MXLOALaz\n" - "eHyfbm/P8XniWhzBQIiY+5wYVath9YlOkRZhAMKRglRNpwXoTKZiJNkqrwaz6RnB\n" - "S19QByi+L6tFP7AxLFd7DKv4FbI2FWh5GyCrqa8rNc3Bh/oxDR0iAUetEFQUjkxN\n" - "x5A0mOnKds0UoTq3nI5t6obgzAjFkiMgVMXyXo4HqfzpAtqIgZd+PJn5snFoJ6Xh\n" - "NPjCYbfBb9LQFlfodWVg0W4mjfp0HypFaBIudgw0ANdQUUOosWFi0H2msj7CJf4G\n" - "crMZmsCvD+xKfwKqph+tH0/e/xFeFmVOSVI78ESJhpRcQ9ODiOA98FTR4W1Nv9gd\n" - "2GOAQzJDUd051fcRBXQ=\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIEvzCCAqegAwIBAgIIV9UmBssMHTUwDQYJKoZIhvcNAQELBQAwETEPMA0GA1UE\n" - "AxMGcm9vdGNhMB4XDTE5MTAyNDE0MDQwMFoXDTIwMTAyNDE0MDMwMFowDzENMAsG\n" - "A1UEAxMEaWNhMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALY5o80n\n" - "QOQWNJnWOEL6Vg/UH84r9TP4ZWKlWmC4K+pi0S+8x7uFBUyxFffS/SaWeoxI2wBm\n" - "ezMjAl1gFQTCxsojxfgS9Ky9fbxdaADeLKW7B8UHRzrKO8I9Khhe82oU87vAYUFX\n" - "cC0ALIE4zpcdezmr53ACloYfTwDy4onl6VKVjwhfZ6PglwZRkOLjSRMbmSScJPGF\n" - "pMx29dhXEFeCyAdqU+H9Bhu0cIwHUeFp4BM1j8NsW6GHLIzioc5f70EX76M9FyRA\n" - "EB/csmEGX37vNjPmmyki6SJ2nFoa7C9o3ty7IzoUdrU8Cfj9o6WdEfCRlIuxLWra\n" - "LFQrduuhk3sZYU2adZa3hJJ3Y+jx0lUBO4TxtO1Maf39Rfp4BzK1WybjCpDnO/Xg\n" - "kU5hDjQX9zRWYPcwPMGEv3wJAezTsp/mx8UGtIlWVpd0z/oVoKvOrGaxx0RYq5SP\n" - "mutaKDCvQ0j6t9wc69fyG5d9iNA3INXLhkFiZqEKpwZsi7RaSjD615EX2GqdIoZ0\n" - "Ib4NEtpMv12/7ti1VFVxNNMaDNiOKRg7/Ha5SrRnCabyEuykSUnxjttNjBEazn1M\n" - "VWIel0scvDtRFDFGklFuABOJmoYGkAPnIpN+H/l17/VtSWBsPy1rnlfgK2ftm773\n" - "5kiEQJn42uh+jbgWaBdt9Q1B+VeV51pnjjc7AgMBAAGjHTAbMAwGA1UdEwQFMAMB\n" - "Af8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQBgm8eEsLeGo5eI4plQ\n" - "WtqvyKrrvpa9YachqmQfoARbMBJg4J0Eq3u3yjL1kUHZ5f0IkXeiaw/w5u2oxZTe\n" - "SHHJCCd54NhLzBeTV/GQuDnWqU+GZP3ay+SkzjAMbfkHibVlRZLkeVnDZLRGd5jb\n" - "RMXRj1LMVagI1xVM3Y4PEcDw+Bhp4XFHBUcxtcqFrjJQBbJJYE9A2QiPwoDQlYoy\n" - "gSvVffbb04bDM01pbYOfPL9t1IIiq7KHHOq0vWzvoU+hnAx+U30wNSaeshKuixNa\n" - "PpWKZ1hoejkhddeiypFqhS54oOxaCxArXPFIl/mLPJlztf/s1Xumi0W4fkIACtoY\n" - "SFilawtsf/vC/WesFsQ502IkFpjYCeUavk8nAfZPZg1BwQ+ZLcwZXBuCtqyn9Mk9\n" - "3UgHAiwMLDqeSQShjHWkBeLr5IOYMubT6SuLpd13rz2WOj6ETq7zizUanV8yAeaT\n" - "x/pn1/rVpbzrbEAL5RkYlUK0ZbwpKjTLygiHUXFqpiID4L1OXoJbtbgSQlXFTEXV\n" - "AnG40QNerXjQ8b+BlmFmCY2nxtNFgtVLUHb4vyG1mUcNIYafH+9TD5tUdzDVZP90\n" - "NnU+8i3Ah3qk9B4Cv9wdHY4Mq/m2jTZd060oGb5l5381Ju5tr2BE+xPXCzSk7TsL\n" - "tdq43/hGqq4D2YGCc9E0WnOVxw==\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIEwTCCAqmgAwIBAgIIFv+PS+AkgjowDQYJKoZIhvcNAQELBQAwETEPMA0GA1UE\n" - "AxMGcm9vdGNhMB4XDTE5MTAyNDE0MDMwMFoXDTIwMTAyNDE0MDMwMFowETEPMA0G\n" - "A1UEAxMGcm9vdGNhMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtjmj\n" - "zSdA5BY0mdY4QvpWD9Qfziv1M/hlYqVaYLgr6mLRL7zHu4UFTLEV99L9JpZ6jEjb\n" - "AGZ7MyMCXWAVBMLGyiPF+BL0rL19vF1oAN4spbsHxQdHOso7wj0qGF7zahTzu8Bh\n" - "QVdwLQAsgTjOlx17OavncAKWhh9PAPLiieXpUpWPCF9no+CXBlGQ4uNJExuZJJwk\n" - "8YWkzHb12FcQV4LIB2pT4f0GG7RwjAdR4WngEzWPw2xboYcsjOKhzl/vQRfvoz0X\n" - "JEAQH9yyYQZffu82M+abKSLpInacWhrsL2je3LsjOhR2tTwJ+P2jpZ0R8JGUi7Et\n" - "atosVCt266GTexlhTZp1lreEkndj6PHSVQE7hPG07Uxp/f1F+ngHMrVbJuMKkOc7\n" - "9eCRTmEONBf3NFZg9zA8wYS/fAkB7NOyn+bHxQa0iVZWl3TP+hWgq86sZrHHRFir\n" - "lI+a61ooMK9DSPq33Bzr1/Ibl32I0Dcg1cuGQWJmoQqnBmyLtFpKMPrXkRfYap0i\n" - "hnQhvg0S2ky/Xb/u2LVUVXE00xoM2I4pGDv8drlKtGcJpvIS7KRJSfGO202MERrO\n" - "fUxVYh6XSxy8O1EUMUaSUW4AE4mahgaQA+cik34f+XXv9W1JYGw/LWueV+ArZ+2b\n" - "vvfmSIRAmfja6H6NuBZoF231DUH5V5XnWmeONzsCAwEAAaMdMBswDAYDVR0TBAUw\n" - "AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBAAk7UHoAWMRlcCtH\n" - "qPH4YOuqqhMEqrJ3nRrRffDmRNCy/R2OpYRmI37HItaWmAB/aGK6H3nQG5fHY1/e\n" - "Ypn/uwpYyvpMtYZgeNNFHckXcWQo3C7wOlCwQzWzI9po0zRp3EqTNBneKa4cZoe0\n" - "FxcMfLbHL4SRKE08PZ3NBRW4n01fjjSs3o4cXvhD6puMTwjL581tWhgmfTrYGMvH\n" - "i7/XSUuFKzj74dA1LioEvbi5qy4kCvy1zxLMySXRd8ZtdnlS/tP3dTx+f1qCZaH6\n" - "E3jE7pi24yRmQaiNaO8Ap4uKcPaMXCsqg+TNTID3QJx6hDgQYsD7P64cUJXXhT/S\n" - "bmdawUaWhwZXVCm2VIpYI3GYhnEVpovyqHOsopNfrabCzvuVB/d4wJBO9MJUk/0l\n" - "BBCTJx3DluvkjKlDWxVDgpofElbU+77mEKLLki4G0f12biJLXOoS+jYayHSKbNlT\n" - "5qzXO3swPMNyS1iBdJtmsh3d5JxHa96UlBgKa5pZY2vk+rHUP0j5aLPMqqCixOpE\n" - "rYX6hvg898wlR2enXY//dgnvgprDW9Fs1x/PdaFx6p1EFpGuJX/td7CK633MsRbu\n" - "dirhB+L70skZjiGGR/kY0i6edHFiMoqmyXm3ML9ID3ZWfQV9gDCCIKvz9SqpW08q\n" - "dZHbP85IPw8a3Lzour7HV3acvaKA\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIEKjCCAhKgAwIBAgIIRiBQA6KFBj0wDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" + "AxMEaWNhMTAeFw0xOTEwMjQxNDA1MDBaFw0yMDEwMjQxNDAzMDBaMBoxGDAWBgNV\n" + "BAMTD3Rlc3Quc2VydmVyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC\n" + "ggEBAKgBiCBLx9eqe2tcCdkyDvQb3UZMR/Gs1mHaiW9zUbqnHkMD/N+0B+JRcfW2\n" + "P5WnQRTlSrWM/gFJh+va0Wtnu0VZWdBHhyR8Vq62DskNRSXUSTsQVqktaMmA/yPY\n" + "iYtY5069WUBoa1GD23BRaeoinLtmBEaUIvsAdCPQ5bCdaVSFOLlnuDxF6/bOAQAC\n" + "5EJ3UDAdqqGmHCQAJcKiCim2ttCIquLqAsgalHMKKBAdEm01o+LO6FOHK1OkwA1W\n" + "GiDNaojEojMS87x9VjmdiamvPuAALLAMMQ3fh8DxqAWA4pfkYWJKehnlPHdjPfkO\n" + "GjUvpezsWev5PBJKp5x6ce9vlgMCAwEAAaN/MH0wCQYDVR0TBAIwADALBgNVHQ8E\n" + "BAMCA4gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwGgYDVR0RBBMwEYIPdGVzdC5zZXJ2\n" + "ZXIuY29tMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovLzEwLjEu\n" + "Mi4yNDI6ODg4ODANBgkqhkiG9w0BAQsFAAOCAgEAK9Bo7i8Mj7t8l+nZqQ6ezG6d\n" + "sq5FYkr2h+T5C0Pt2RscMYAKRdBjAXmCTy1jhaojUVIupm/pK1YQAOgSQF5PMhLl\n" + "3W1SiLl2aU1A0HjHpHvN81YP5VeceHgoJrA5VYGYQohIyH9zfSJNb5TyhQcIHiqZ\n" + "aSC64c7sSywHC4vEHYyYu0LVMic4y7EWM2Y5Vh3xhB28jq5ixChCxG/i6rHt1fC+\n" + "1YsKQaE+sAY4QVjMYE8g4SldqMDpnSCiHDFBfWMGD5hGvp4WMfNXpuiDG9M8wAcT\n" + "A93NxnZqmUdksK/waGS7/uj/eY1hMU2Z/TVhaCDk146hH+lOUf6CnwM3MXLOALaz\n" + "eHyfbm/P8XniWhzBQIiY+5wYVath9YlOkRZhAMKRglRNpwXoTKZiJNkqrwaz6RnB\n" + "S19QByi+L6tFP7AxLFd7DKv4FbI2FWh5GyCrqa8rNc3Bh/oxDR0iAUetEFQUjkxN\n" + "x5A0mOnKds0UoTq3nI5t6obgzAjFkiMgVMXyXo4HqfzpAtqIgZd+PJn5snFoJ6Xh\n" + "NPjCYbfBb9LQFlfodWVg0W4mjfp0HypFaBIudgw0ANdQUUOosWFi0H2msj7CJf4G\n" + "crMZmsCvD+xKfwKqph+tH0/e/xFeFmVOSVI78ESJhpRcQ9ODiOA98FTR4W1Nv9gd\n" + "2GOAQzJDUd051fcRBXQ=\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIEvzCCAqegAwIBAgIIV9UmBssMHTUwDQYJKoZIhvcNAQELBQAwETEPMA0GA1UE\n" + "AxMGcm9vdGNhMB4XDTE5MTAyNDE0MDQwMFoXDTIwMTAyNDE0MDMwMFowDzENMAsG\n" + "A1UEAxMEaWNhMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALY5o80n\n" + "QOQWNJnWOEL6Vg/UH84r9TP4ZWKlWmC4K+pi0S+8x7uFBUyxFffS/SaWeoxI2wBm\n" + "ezMjAl1gFQTCxsojxfgS9Ky9fbxdaADeLKW7B8UHRzrKO8I9Khhe82oU87vAYUFX\n" + "cC0ALIE4zpcdezmr53ACloYfTwDy4onl6VKVjwhfZ6PglwZRkOLjSRMbmSScJPGF\n" + "pMx29dhXEFeCyAdqU+H9Bhu0cIwHUeFp4BM1j8NsW6GHLIzioc5f70EX76M9FyRA\n" + "EB/csmEGX37vNjPmmyki6SJ2nFoa7C9o3ty7IzoUdrU8Cfj9o6WdEfCRlIuxLWra\n" + "LFQrduuhk3sZYU2adZa3hJJ3Y+jx0lUBO4TxtO1Maf39Rfp4BzK1WybjCpDnO/Xg\n" + "kU5hDjQX9zRWYPcwPMGEv3wJAezTsp/mx8UGtIlWVpd0z/oVoKvOrGaxx0RYq5SP\n" + "mutaKDCvQ0j6t9wc69fyG5d9iNA3INXLhkFiZqEKpwZsi7RaSjD615EX2GqdIoZ0\n" + "Ib4NEtpMv12/7ti1VFVxNNMaDNiOKRg7/Ha5SrRnCabyEuykSUnxjttNjBEazn1M\n" + "VWIel0scvDtRFDFGklFuABOJmoYGkAPnIpN+H/l17/VtSWBsPy1rnlfgK2ftm773\n" + "5kiEQJn42uh+jbgWaBdt9Q1B+VeV51pnjjc7AgMBAAGjHTAbMAwGA1UdEwQFMAMB\n" + "Af8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQBgm8eEsLeGo5eI4plQ\n" + "WtqvyKrrvpa9YachqmQfoARbMBJg4J0Eq3u3yjL1kUHZ5f0IkXeiaw/w5u2oxZTe\n" + "SHHJCCd54NhLzBeTV/GQuDnWqU+GZP3ay+SkzjAMbfkHibVlRZLkeVnDZLRGd5jb\n" + "RMXRj1LMVagI1xVM3Y4PEcDw+Bhp4XFHBUcxtcqFrjJQBbJJYE9A2QiPwoDQlYoy\n" + "gSvVffbb04bDM01pbYOfPL9t1IIiq7KHHOq0vWzvoU+hnAx+U30wNSaeshKuixNa\n" + "PpWKZ1hoejkhddeiypFqhS54oOxaCxArXPFIl/mLPJlztf/s1Xumi0W4fkIACtoY\n" + "SFilawtsf/vC/WesFsQ502IkFpjYCeUavk8nAfZPZg1BwQ+ZLcwZXBuCtqyn9Mk9\n" + "3UgHAiwMLDqeSQShjHWkBeLr5IOYMubT6SuLpd13rz2WOj6ETq7zizUanV8yAeaT\n" + "x/pn1/rVpbzrbEAL5RkYlUK0ZbwpKjTLygiHUXFqpiID4L1OXoJbtbgSQlXFTEXV\n" + "AnG40QNerXjQ8b+BlmFmCY2nxtNFgtVLUHb4vyG1mUcNIYafH+9TD5tUdzDVZP90\n" + "NnU+8i3Ah3qk9B4Cv9wdHY4Mq/m2jTZd060oGb5l5381Ju5tr2BE+xPXCzSk7TsL\n" + "tdq43/hGqq4D2YGCc9E0WnOVxw==\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIEwTCCAqmgAwIBAgIIFv+PS+AkgjowDQYJKoZIhvcNAQELBQAwETEPMA0GA1UE\n" + "AxMGcm9vdGNhMB4XDTE5MTAyNDE0MDMwMFoXDTIwMTAyNDE0MDMwMFowETEPMA0G\n" + "A1UEAxMGcm9vdGNhMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtjmj\n" + "zSdA5BY0mdY4QvpWD9Qfziv1M/hlYqVaYLgr6mLRL7zHu4UFTLEV99L9JpZ6jEjb\n" + "AGZ7MyMCXWAVBMLGyiPF+BL0rL19vF1oAN4spbsHxQdHOso7wj0qGF7zahTzu8Bh\n" + "QVdwLQAsgTjOlx17OavncAKWhh9PAPLiieXpUpWPCF9no+CXBlGQ4uNJExuZJJwk\n" + "8YWkzHb12FcQV4LIB2pT4f0GG7RwjAdR4WngEzWPw2xboYcsjOKhzl/vQRfvoz0X\n" + "JEAQH9yyYQZffu82M+abKSLpInacWhrsL2je3LsjOhR2tTwJ+P2jpZ0R8JGUi7Et\n" + "atosVCt266GTexlhTZp1lreEkndj6PHSVQE7hPG07Uxp/f1F+ngHMrVbJuMKkOc7\n" + "9eCRTmEONBf3NFZg9zA8wYS/fAkB7NOyn+bHxQa0iVZWl3TP+hWgq86sZrHHRFir\n" + "lI+a61ooMK9DSPq33Bzr1/Ibl32I0Dcg1cuGQWJmoQqnBmyLtFpKMPrXkRfYap0i\n" + "hnQhvg0S2ky/Xb/u2LVUVXE00xoM2I4pGDv8drlKtGcJpvIS7KRJSfGO202MERrO\n" + "fUxVYh6XSxy8O1EUMUaSUW4AE4mahgaQA+cik34f+XXv9W1JYGw/LWueV+ArZ+2b\n" + "vvfmSIRAmfja6H6NuBZoF231DUH5V5XnWmeONzsCAwEAAaMdMBswDAYDVR0TBAUw\n" + "AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBAAk7UHoAWMRlcCtH\n" + "qPH4YOuqqhMEqrJ3nRrRffDmRNCy/R2OpYRmI37HItaWmAB/aGK6H3nQG5fHY1/e\n" + "Ypn/uwpYyvpMtYZgeNNFHckXcWQo3C7wOlCwQzWzI9po0zRp3EqTNBneKa4cZoe0\n" + "FxcMfLbHL4SRKE08PZ3NBRW4n01fjjSs3o4cXvhD6puMTwjL581tWhgmfTrYGMvH\n" + "i7/XSUuFKzj74dA1LioEvbi5qy4kCvy1zxLMySXRd8ZtdnlS/tP3dTx+f1qCZaH6\n" + "E3jE7pi24yRmQaiNaO8Ap4uKcPaMXCsqg+TNTID3QJx6hDgQYsD7P64cUJXXhT/S\n" + "bmdawUaWhwZXVCm2VIpYI3GYhnEVpovyqHOsopNfrabCzvuVB/d4wJBO9MJUk/0l\n" + "BBCTJx3DluvkjKlDWxVDgpofElbU+77mEKLLki4G0f12biJLXOoS+jYayHSKbNlT\n" + "5qzXO3swPMNyS1iBdJtmsh3d5JxHa96UlBgKa5pZY2vk+rHUP0j5aLPMqqCixOpE\n" + "rYX6hvg898wlR2enXY//dgnvgprDW9Fs1x/PdaFx6p1EFpGuJX/td7CK633MsRbu\n" + "dirhB+L70skZjiGGR/kY0i6edHFiMoqmyXm3ML9ID3ZWfQV9gDCCIKvz9SqpW08q\n" + "dZHbP85IPw8a3Lzour7HV3acvaKA\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) - 1 -}; + sizeof(server_cert_pem) - 1 }; static unsigned char ca_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEwTCCAqmgAwIBAgIIFv+PS+AkgjowDQYJKoZIhvcNAQELBQAwETEPMA0GA1UE\n" - "AxMGcm9vdGNhMB4XDTE5MTAyNDE0MDMwMFoXDTIwMTAyNDE0MDMwMFowETEPMA0G\n" - "A1UEAxMGcm9vdGNhMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtjmj\n" - "zSdA5BY0mdY4QvpWD9Qfziv1M/hlYqVaYLgr6mLRL7zHu4UFTLEV99L9JpZ6jEjb\n" - "AGZ7MyMCXWAVBMLGyiPF+BL0rL19vF1oAN4spbsHxQdHOso7wj0qGF7zahTzu8Bh\n" - "QVdwLQAsgTjOlx17OavncAKWhh9PAPLiieXpUpWPCF9no+CXBlGQ4uNJExuZJJwk\n" - "8YWkzHb12FcQV4LIB2pT4f0GG7RwjAdR4WngEzWPw2xboYcsjOKhzl/vQRfvoz0X\n" - "JEAQH9yyYQZffu82M+abKSLpInacWhrsL2je3LsjOhR2tTwJ+P2jpZ0R8JGUi7Et\n" - "atosVCt266GTexlhTZp1lreEkndj6PHSVQE7hPG07Uxp/f1F+ngHMrVbJuMKkOc7\n" - "9eCRTmEONBf3NFZg9zA8wYS/fAkB7NOyn+bHxQa0iVZWl3TP+hWgq86sZrHHRFir\n" - "lI+a61ooMK9DSPq33Bzr1/Ibl32I0Dcg1cuGQWJmoQqnBmyLtFpKMPrXkRfYap0i\n" - "hnQhvg0S2ky/Xb/u2LVUVXE00xoM2I4pGDv8drlKtGcJpvIS7KRJSfGO202MERrO\n" - "fUxVYh6XSxy8O1EUMUaSUW4AE4mahgaQA+cik34f+XXv9W1JYGw/LWueV+ArZ+2b\n" - "vvfmSIRAmfja6H6NuBZoF231DUH5V5XnWmeONzsCAwEAAaMdMBswDAYDVR0TBAUw\n" - "AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBAAk7UHoAWMRlcCtH\n" - "qPH4YOuqqhMEqrJ3nRrRffDmRNCy/R2OpYRmI37HItaWmAB/aGK6H3nQG5fHY1/e\n" - "Ypn/uwpYyvpMtYZgeNNFHckXcWQo3C7wOlCwQzWzI9po0zRp3EqTNBneKa4cZoe0\n" - "FxcMfLbHL4SRKE08PZ3NBRW4n01fjjSs3o4cXvhD6puMTwjL581tWhgmfTrYGMvH\n" - "i7/XSUuFKzj74dA1LioEvbi5qy4kCvy1zxLMySXRd8ZtdnlS/tP3dTx+f1qCZaH6\n" - "E3jE7pi24yRmQaiNaO8Ap4uKcPaMXCsqg+TNTID3QJx6hDgQYsD7P64cUJXXhT/S\n" - "bmdawUaWhwZXVCm2VIpYI3GYhnEVpovyqHOsopNfrabCzvuVB/d4wJBO9MJUk/0l\n" - "BBCTJx3DluvkjKlDWxVDgpofElbU+77mEKLLki4G0f12biJLXOoS+jYayHSKbNlT\n" - "5qzXO3swPMNyS1iBdJtmsh3d5JxHa96UlBgKa5pZY2vk+rHUP0j5aLPMqqCixOpE\n" - "rYX6hvg898wlR2enXY//dgnvgprDW9Fs1x/PdaFx6p1EFpGuJX/td7CK633MsRbu\n" - "dirhB+L70skZjiGGR/kY0i6edHFiMoqmyXm3ML9ID3ZWfQV9gDCCIKvz9SqpW08q\n" - "dZHbP85IPw8a3Lzour7HV3acvaKA\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t ca_cert = { ca_cert_pem, - sizeof(ca_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIIEwTCCAqmgAwIBAgIIFv+PS+AkgjowDQYJKoZIhvcNAQELBQAwETEPMA0GA1UE\n" + "AxMGcm9vdGNhMB4XDTE5MTAyNDE0MDMwMFoXDTIwMTAyNDE0MDMwMFowETEPMA0G\n" + "A1UEAxMGcm9vdGNhMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtjmj\n" + "zSdA5BY0mdY4QvpWD9Qfziv1M/hlYqVaYLgr6mLRL7zHu4UFTLEV99L9JpZ6jEjb\n" + "AGZ7MyMCXWAVBMLGyiPF+BL0rL19vF1oAN4spbsHxQdHOso7wj0qGF7zahTzu8Bh\n" + "QVdwLQAsgTjOlx17OavncAKWhh9PAPLiieXpUpWPCF9no+CXBlGQ4uNJExuZJJwk\n" + "8YWkzHb12FcQV4LIB2pT4f0GG7RwjAdR4WngEzWPw2xboYcsjOKhzl/vQRfvoz0X\n" + "JEAQH9yyYQZffu82M+abKSLpInacWhrsL2je3LsjOhR2tTwJ+P2jpZ0R8JGUi7Et\n" + "atosVCt266GTexlhTZp1lreEkndj6PHSVQE7hPG07Uxp/f1F+ngHMrVbJuMKkOc7\n" + "9eCRTmEONBf3NFZg9zA8wYS/fAkB7NOyn+bHxQa0iVZWl3TP+hWgq86sZrHHRFir\n" + "lI+a61ooMK9DSPq33Bzr1/Ibl32I0Dcg1cuGQWJmoQqnBmyLtFpKMPrXkRfYap0i\n" + "hnQhvg0S2ky/Xb/u2LVUVXE00xoM2I4pGDv8drlKtGcJpvIS7KRJSfGO202MERrO\n" + "fUxVYh6XSxy8O1EUMUaSUW4AE4mahgaQA+cik34f+XXv9W1JYGw/LWueV+ArZ+2b\n" + "vvfmSIRAmfja6H6NuBZoF231DUH5V5XnWmeONzsCAwEAAaMdMBswDAYDVR0TBAUw\n" + "AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBAAk7UHoAWMRlcCtH\n" + "qPH4YOuqqhMEqrJ3nRrRffDmRNCy/R2OpYRmI37HItaWmAB/aGK6H3nQG5fHY1/e\n" + "Ypn/uwpYyvpMtYZgeNNFHckXcWQo3C7wOlCwQzWzI9po0zRp3EqTNBneKa4cZoe0\n" + "FxcMfLbHL4SRKE08PZ3NBRW4n01fjjSs3o4cXvhD6puMTwjL581tWhgmfTrYGMvH\n" + "i7/XSUuFKzj74dA1LioEvbi5qy4kCvy1zxLMySXRd8ZtdnlS/tP3dTx+f1qCZaH6\n" + "E3jE7pi24yRmQaiNaO8Ap4uKcPaMXCsqg+TNTID3QJx6hDgQYsD7P64cUJXXhT/S\n" + "bmdawUaWhwZXVCm2VIpYI3GYhnEVpovyqHOsopNfrabCzvuVB/d4wJBO9MJUk/0l\n" + "BBCTJx3DluvkjKlDWxVDgpofElbU+77mEKLLki4G0f12biJLXOoS+jYayHSKbNlT\n" + "5qzXO3swPMNyS1iBdJtmsh3d5JxHa96UlBgKa5pZY2vk+rHUP0j5aLPMqqCixOpE\n" + "rYX6hvg898wlR2enXY//dgnvgprDW9Fs1x/PdaFx6p1EFpGuJX/td7CK633MsRbu\n" + "dirhB+L70skZjiGGR/kY0i6edHFiMoqmyXm3ML9ID3ZWfQV9gDCCIKvz9SqpW08q\n" + "dZHbP85IPw8a3Lzour7HV3acvaKA\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t ca_cert = { ca_cert_pem, sizeof(ca_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIEogIBAAKCAQEAqAGIIEvH16p7a1wJ2TIO9BvdRkxH8azWYdqJb3NRuqceQwP8\n" - "37QH4lFx9bY/ladBFOVKtYz+AUmH69rRa2e7RVlZ0EeHJHxWrrYOyQ1FJdRJOxBW\n" - "qS1oyYD/I9iJi1jnTr1ZQGhrUYPbcFFp6iKcu2YERpQi+wB0I9DlsJ1pVIU4uWe4\n" - "PEXr9s4BAALkQndQMB2qoaYcJAAlwqIKKba20Iiq4uoCyBqUcwooEB0SbTWj4s7o\n" - "U4crU6TADVYaIM1qiMSiMxLzvH1WOZ2Jqa8+4AAssAwxDd+HwPGoBYDil+RhYkp6\n" - "GeU8d2M9+Q4aNS+l7OxZ6/k8EkqnnHpx72+WAwIDAQABAoIBAEw4Ba3BM3SgH0Xh\n" - "h4ZFs4sDaSuPR8RYiRnzrw4k3xsy3gPBN2O1pS4DjRPQDqCyNFBqha4/vKyQ010o\n" - "9IEpmkgn9RsMmD7xOdIhPivwHULAQEjPbMFrnHJuV1HH1v6k4qtSM7+In8dnbpJS\n" - "HR7ffQN3kNEEO6pr1kS5bLrnbvWsjpKcqELOMJfJY+uMS/GhITfrhWtm0PagZ1ze\n" - "w/WYHTkgzGOgBeJuOjb6jCfLOuNDsP/RKALnq7eGeHce8w1tRFkpnxHrCquisgaQ\n" - "ZpFIwG8r8VgwRgd/ydjD1+jMgIwx1NW2GBnX91uLCe6/hTMDAub6TPYZkqiHIlDZ\n" - "UcMg5eECgYEA0kdGFO4XjlpLg5y5FmZSNH0UhEYbn67PTb9DMi3ecDPH5zSjbiYa\n" - "0JCFYQqRTPBl6D/cRIIIaWJOBIg7DgzELFTqnZlpWuenSef9sHNIQp/6XhT75aLD\n" - "EUJgcP3oyV0MOhGp48ZnYgmbnBZuoQKpuWV39IqqgSlAUKjTcFQAV9UCgYEAzIk/\n" - "eTkd1tOh+K22pGBaz8hHi5+YJ/YpHKSjryI2I0PgtmrWL8S284pySkGU+oFV4N8Z\n" - "Ajh5+26DVWxQK8LAqRYlgrooF/+85FJuGx47BhnTCVxmypOZILJ0jeJk8StBrAUk\n" - "TvcEVcQr8kFSvUPyz1codEFTECsMYbKP37aeuncCgYBnOa3hoG/X5eOkHE+P+3Ln\n" - "aW+k73WoEfyaQgYOoA3OLt03VtPTwsjvEcMoPDPP/UNJm+/Zgav3b9a0ytuSrhmv\n" - "WZBDBYh+o7Gvyj7zW+RhMH+Lp+lwdVIlKtyFG2AnWZIi/4DS3BbsPaMyIKD2UYRY\n" - "CsO0PE4vUbzM29PQFKyGcQKBgG3hrf/p92XZ/EIk0OIuAZtu9UDFVHDjheKlcGo9\n" - "7uezJ53Yd4jiHYdo8U2DPg32PbS5Ji5TOPUiwdu6fLeFwQsVosFAURnTgh8HSa+3\n" - "5e25Ie79fRuHf9RZCtTOs3v8ySMpAACMJAAPi6xx+4lCX8eUA1+xWHZvKg+yZijB\n" - "azSxAoGABIvXwUi1NaRDF/fMDiwiwnlJf8FdfY3RBbM1X3ZJbhzqxGL3Hfc4vRcB\n" - "zl7xUnP5Ot9trof6AjHsYCRW+FFjrbUs0x56KoIDCTsd8uArmquyKnSrQb+Zu4FK\n" - "b9M8/NMq3h3Ub+yO/YBm1HOSWeJs8pNSMU72j3QhorNIjAsLGyE=\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIEogIBAAKCAQEAqAGIIEvH16p7a1wJ2TIO9BvdRkxH8azWYdqJb3NRuqceQwP8\n" + "37QH4lFx9bY/ladBFOVKtYz+AUmH69rRa2e7RVlZ0EeHJHxWrrYOyQ1FJdRJOxBW\n" + "qS1oyYD/I9iJi1jnTr1ZQGhrUYPbcFFp6iKcu2YERpQi+wB0I9DlsJ1pVIU4uWe4\n" + "PEXr9s4BAALkQndQMB2qoaYcJAAlwqIKKba20Iiq4uoCyBqUcwooEB0SbTWj4s7o\n" + "U4crU6TADVYaIM1qiMSiMxLzvH1WOZ2Jqa8+4AAssAwxDd+HwPGoBYDil+RhYkp6\n" + "GeU8d2M9+Q4aNS+l7OxZ6/k8EkqnnHpx72+WAwIDAQABAoIBAEw4Ba3BM3SgH0Xh\n" + "h4ZFs4sDaSuPR8RYiRnzrw4k3xsy3gPBN2O1pS4DjRPQDqCyNFBqha4/vKyQ010o\n" + "9IEpmkgn9RsMmD7xOdIhPivwHULAQEjPbMFrnHJuV1HH1v6k4qtSM7+In8dnbpJS\n" + "HR7ffQN3kNEEO6pr1kS5bLrnbvWsjpKcqELOMJfJY+uMS/GhITfrhWtm0PagZ1ze\n" + "w/WYHTkgzGOgBeJuOjb6jCfLOuNDsP/RKALnq7eGeHce8w1tRFkpnxHrCquisgaQ\n" + "ZpFIwG8r8VgwRgd/ydjD1+jMgIwx1NW2GBnX91uLCe6/hTMDAub6TPYZkqiHIlDZ\n" + "UcMg5eECgYEA0kdGFO4XjlpLg5y5FmZSNH0UhEYbn67PTb9DMi3ecDPH5zSjbiYa\n" + "0JCFYQqRTPBl6D/cRIIIaWJOBIg7DgzELFTqnZlpWuenSef9sHNIQp/6XhT75aLD\n" + "EUJgcP3oyV0MOhGp48ZnYgmbnBZuoQKpuWV39IqqgSlAUKjTcFQAV9UCgYEAzIk/\n" + "eTkd1tOh+K22pGBaz8hHi5+YJ/YpHKSjryI2I0PgtmrWL8S284pySkGU+oFV4N8Z\n" + "Ajh5+26DVWxQK8LAqRYlgrooF/+85FJuGx47BhnTCVxmypOZILJ0jeJk8StBrAUk\n" + "TvcEVcQr8kFSvUPyz1codEFTECsMYbKP37aeuncCgYBnOa3hoG/X5eOkHE+P+3Ln\n" + "aW+k73WoEfyaQgYOoA3OLt03VtPTwsjvEcMoPDPP/UNJm+/Zgav3b9a0ytuSrhmv\n" + "WZBDBYh+o7Gvyj7zW+RhMH+Lp+lwdVIlKtyFG2AnWZIi/4DS3BbsPaMyIKD2UYRY\n" + "CsO0PE4vUbzM29PQFKyGcQKBgG3hrf/p92XZ/EIk0OIuAZtu9UDFVHDjheKlcGo9\n" + "7uezJ53Yd4jiHYdo8U2DPg32PbS5Ji5TOPUiwdu6fLeFwQsVosFAURnTgh8HSa+3\n" + "5e25Ie79fRuHf9RZCtTOs3v8ySMpAACMJAAPi6xx+4lCX8eUA1+xWHZvKg+yZijB\n" + "azSxAoGABIvXwUi1NaRDF/fMDiwiwnlJf8FdfY3RBbM1X3ZJbhzqxGL3Hfc4vRcB\n" + "zl7xUnP5Ot9trof6AjHsYCRW+FFjrbUs0x56KoIDCTsd8uArmquyKnSrQb+Zu4FK\n" + "b9M8/NMq3h3Ub+yO/YBm1HOSWeJs8pNSMU72j3QhorNIjAsLGyE=\n" + "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) - 1 -}; + sizeof(server_key_pem) - 1 }; static int sent = 0; static int received = 0; static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { success("received status request\n"); received = 1; return 0; } -# define RESP "\x30\x82\x05\xa3\x0a\x01\x00\xa0\x82\x05\x9c\x30\x82\x05\x98\x06\x09\x2b\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x05\x89\x30\x82\x05\x85\x30\x81\x80\xa1\x02\x30\x00\x18\x0f\x32\x30\x31\x39\x31\x32\x30\x35\x31\x38\x30\x31\x30\x34\x5a\x30\x69\x30\x67\x30\x41\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\x46\x2c\x91\xc8\xd2\x57\xe2\xb8\xb1\xd3\xd0\x99\xc1\xfe\x38\x51\x0e\x17\xa9\x50\x04\x14\x11\x92\x6c\xe3\xa7\x50\x77\x21\xfe\x95\xfa\xca\x6d\x3f\xc7\xa9\xaf\xa4\x9e\x82\x02\x08\x46\x20\x50\x03\xa2\x85\x06\x3d\xa1\x11\x18\x0f\x32\x30\x31\x39\x31\x32\x30\x35\x31\x35\x32\x37\x35\x35\x5a\x18\x0f\x32\x30\x31\x39\x31\x32\x30\x35\x31\x38\x30\x31\x30\x34\x5a\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x05\x88\x2c\x3d\x57\xf4\x75\xbf\x7f\xbe\x9e\x0f\xdf\x8f\x6c\x5f\x08\x56\xc4\x04\xc6\xd6\x3c\xfa\x33\x54\x3e\x42\x1c\x77\xda\x3a\x2a\x48\xcf\xfd\xf1\x6e\xb5\x1d\x94\x06\xfa\xfd\xf8\xba\xec\x66\xc3\x22\x7c\x43\xaa\x48\xaa\x58\x3a\xdc\x2a\x55\x44\x78\xc5\x6e\x0d\x1e\x66\xff\x79\x33\xb3\x26\x22\x86\xa0\x0a\xc0\x59\xb1\xdf\x6d\x07\x2d\x86\x2d\x5b\x0b\x29\x0f\xf3\xc1\x39\x21\x05\xf9\xdb\xdd\x47\x11\x6b\x83\xa0\xc7\x24\xbc\xaa\x42\x43\x9e\x20\x1f\x63\x10\x6c\xeb\x94\x7a\x9c\x44\xaa\x24\xfb\xde\x8f\x49\x92\x1c\xc7\x45\x21\xca\xf9\x1a\x11\x54\x4f\x68\xab\xf0\xce\xd3\x0a\xdc\x9f\xc3\x5d\x8d\x7e\xd4\x96\x30\x74\x31\x95\x04\x55\x8d\xf5\xdf\x3f\x34\x8b\x32\xfc\xf0\x4d\x10\xc6\xc4\x46\xfc\x6a\xb1\xa3\x5c\x9a\xde\xf2\x22\xc3\x5f\x08\x8a\x70\x65\xff\xaa\xf5\xc0\x14\x8b\x13\x47\xff\x0c\x72\x6a\x09\x51\xeb\xec\x92\xc5\xfd\x41\x37\x11\x12\x57\x7b\x47\x9e\x25\xd5\xf2\x10\xc2\xf7\xae\x0e\x72\xfb\x2d\x4f\x8d\x54\xe6\x5a\x71\x2b\xfa\x2b\x9c\xd7\x59\xe5\x31\x30\x21\x3f\x7f\xa7\x85\x07\x31\x93\x9d\x6d\x54\xb2\x40\xa9\x78\xef\x24\xc7\xa0\x82\x03\xea\x30\x82\x03\xe6\x30\x82\x03\xe2\x30\x82\x01\xca\xa0\x03\x02\x01\x02\x02\x08\x68\xfe\x28\x8e\x92\xfb\xa8\x37\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x0b\x05\x00\x30\x11\x31\x0f\x30\x0d\x06\x03\x55\x04\x03\x13\x06\x72\x6f\x6f\x74\x63\x61\x30\x1e\x17\x0d\x31\x39\x31\x31\x32\x30\x31\x36\x32\x34\x30\x30\x5a\x17\x0d\x32\x30\x31\x30\x32\x34\x31\x34\x30\x33\x30\x30\x5a\x30\x00\x30\x82\x01\x22\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x00\x30\x82\x01\x0a\x02\x82\x01\x01\x00\xa8\x01\x88\x20\x4b\xc7\xd7\xaa\x7b\x6b\x5c\x09\xd9\x32\x0e\xf4\x1b\xdd\x46\x4c\x47\xf1\xac\xd6\x61\xda\x89\x6f\x73\x51\xba\xa7\x1e\x43\x03\xfc\xdf\xb4\x07\xe2\x51\x71\xf5\xb6\x3f\x95\xa7\x41\x14\xe5\x4a\xb5\x8c\xfe\x01\x49\x87\xeb\xda\xd1\x6b\x67\xbb\x45\x59\x59\xd0\x47\x87\x24\x7c\x56\xae\xb6\x0e\xc9\x0d\x45\x25\xd4\x49\x3b\x10\x56\xa9\x2d\x68\xc9\x80\xff\x23\xd8\x89\x8b\x58\xe7\x4e\xbd\x59\x40\x68\x6b\x51\x83\xdb\x70\x51\x69\xea\x22\x9c\xbb\x66\x04\x46\x94\x22\xfb\x00\x74\x23\xd0\xe5\xb0\x9d\x69\x54\x85\x38\xb9\x67\xb8\x3c\x45\xeb\xf6\xce\x01\x00\x02\xe4\x42\x77\x50\x30\x1d\xaa\xa1\xa6\x1c\x24\x00\x25\xc2\xa2\x0a\x29\xb6\xb6\xd0\x88\xaa\xe2\xea\x02\xc8\x1a\x94\x73\x0a\x28\x10\x1d\x12\x6d\x35\xa3\xe2\xce\xe8\x53\x87\x2b\x53\xa4\xc0\x0d\x56\x1a\x20\xcd\x6a\x88\xc4\xa2\x33\x12\xf3\xbc\x7d\x56\x39\x9d\x89\xa9\xaf\x3e\xe0\x00\x2c\xb0\x0c\x31\x0d\xdf\x87\xc0\xf1\xa8\x05\x80\xe2\x97\xe4\x61\x62\x4a\x7a\x19\xe5\x3c\x77\x63\x3d\xf9\x0e\x1a\x35\x2f\xa5\xec\xec\x59\xeb\xf9\x3c\x12\x4a\xa7\x9c\x7a\x71\xef\x6f\x96\x03\x02\x03\x01\x00\x01\xa3\x4f\x30\x4d\x30\x09\x06\x03\x55\x1d\x13\x04\x02\x30\x00\x30\x0b\x06\x03\x55\x1d\x0f\x04\x04\x03\x02\x07\x80\x30\x13\x06\x03\x55\x1d\x25\x04\x0c\x30\x0a\x06\x08\x2b\x06\x01\x05\x05\x07\x03\x09\x30\x1e\x06\x09\x60\x86\x48\x01\x86\xf8\x42\x01\x0d\x04\x11\x16\x0f\x78\x63\x61\x20\x63\x65\x72\x74\x69\x66\x69\x63\x61\x74\x65\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x02\x01\x00\x82\x9d\x8f\xa1\x17\x9b\x3b\xee\x86\x1c\xee\x33\xeb\x80\x71\xb5\x7e\x6b\xd7\xcf\x7d\x9a\x8b\x80\x2b\x3c\x65\xde\xe1\x65\x00\x3b\x4a\x27\x7a\x5d\x63\x19\x4e\x59\xde\xfa\x38\x01\x2b\x09\x91\xc1\x70\x81\x8c\x87\x9b\x17\x68\x22\x88\xf2\x57\x8f\x15\x52\x12\x0f\x1d\x43\x2b\xff\x83\x00\x2f\xd0\xf5\xc7\x93\xd4\xf2\x14\xfd\x94\xcc\x9f\x72\x75\x99\x44\x54\xdc\x6a\x39\x75\x80\xd7\x07\x9c\xb9\x67\xe3\xac\x4b\x72\x9f\xe0\x5d\x00\x6e\x60\xc5\x26\xaf\x9f\xf7\x94\xaa\xb1\xa2\x6f\xa0\xe4\xe8\x0d\x1c\x4e\x34\xe8\xa5\x06\x5c\x31\x64\x09\xf3\x67\xea\xe8\x45\x68\xc1\x13\x21\x41\x38\x9c\x2c\xf9\x6c\xb8\x79\xf4\xae\x8c\x27\x12\xa3\x0a\x0f\x12\x56\xbc\xda\x77\x23\xf0\xe2\xa2\x81\xf9\xdd\x0d\x69\x77\xc3\x3d\x08\x9d\xfe\xac\x18\x14\x83\x49\x67\xde\x85\x3a\x09\xd4\x4f\xec\x85\x85\xbc\xab\xd1\xc8\x01\x83\x74\x34\xc0\x03\x4e\x52\x3c\xb2\xed\x3b\xc0\x66\xa7\x41\xbf\x77\x3b\xcc\x12\xee\xf9\x2f\xd8\x50\x6d\x54\xc5\xf8\x5e\x14\x61\x81\x24\xdb\xcb\xf3\xb4\x25\x84\xc6\x3b\x99\x35\x07\x2e\xd0\xb3\x05\x38\xdf\x64\x21\x71\x9e\xe2\xf2\xce\xbc\x27\x80\x4e\x53\x97\xd3\xe1\xc1\x15\x46\x24\x0c\xc5\x86\x0e\x5b\xdf\x22\xb9\xfe\x35\xd6\xf0\x53\xda\x8f\x9b\x9c\x77\x7e\x9e\x41\x6f\x8e\xbc\x7b\xd4\xf0\x6c\x4f\xac\xe2\x91\x69\x8f\x67\x48\xb0\xc8\x80\x06\x10\xb1\x33\xf9\x8b\xf0\x01\x5d\x49\x9a\x5a\x59\xec\xc6\xb4\xad\x79\x9a\x32\x87\x81\x18\xce\x77\xf6\xc6\xa5\xce\x8b\x36\xee\xc6\xcc\x6b\xd7\x76\xbb\x99\xc1\x34\x2c\xda\x6a\x5f\x1d\x47\xc6\x9e\x98\xa0\x1d\xf0\xd4\x8b\x27\x8a\xa4\x7b\x56\xd8\x7c\x12\xa2\x51\x6e\xd1\x52\xa9\xa5\x31\x77\x9f\xf5\x06\xb4\xba\xb4\x60\x24\x55\xa2\x9d\x4b\x02\xcb\xa7\x62\xa5\x3d\x74\x9e\x47\x9e\x14\x84\x0b\x24\xe0\x01\x13\x9c\xf1\x62\xbd\x78\x18\x9b\xa5\xdf\xd8\x77\x7c\xa9\xc7\x09\x94\x61\x79\x41\x60\x2f\xcc\xe1\x15\x28\x3c\x17\x1d\xb6\x95\x78\x28\x91\x9e\xd1\xbc\xd6\x71\xff\x29\x2f\x22\xed\x24\x26\x81\xb8\xb6\x14\x80\x04\x00\x95\xdf\x50\x46\xe6\xa1\xff\x56\x94\xbc\x11\x48\x5c\xbf\xca\xb7\x4f\xac\xa1\x34\x40\x80\x0d\x88\x27\x73\x76\x24\x1a\xa9\x86\x36\x56\x3c\x84\xb8\x97\x38\xa8\x0e\x14\xab\x83\xca\x6b\x64\x7f\xa7\xfb\x86\x63\xc2\x40\xfc" -# define RESP_SIZE (sizeof(RESP)-1) +#define RESP \ + "\x30\x82\x05\xa3\x0a\x01\x00\xa0\x82\x05\x9c\x30\x82\x05\x98\x06\x09\x2b\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x05\x89\x30\x82\x05\x85\x30\x81\x80\xa1\x02\x30\x00\x18\x0f\x32\x30\x31\x39\x31\x32\x30\x35\x31\x38\x30\x31\x30\x34\x5a\x30\x69\x30\x67\x30\x41\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\x46\x2c\x91\xc8\xd2\x57\xe2\xb8\xb1\xd3\xd0\x99\xc1\xfe\x38\x51\x0e\x17\xa9\x50\x04\x14\x11\x92\x6c\xe3\xa7\x50\x77\x21\xfe\x95\xfa\xca\x6d\x3f\xc7\xa9\xaf\xa4\x9e\x82\x02\x08\x46\x20\x50\x03\xa2\x85\x06\x3d\xa1\x11\x18\x0f\x32\x30\x31\x39\x31\x32\x30\x35\x31\x35\x32\x37\x35\x35\x5a\x18\x0f\x32\x30\x31\x39\x31\x32\x30\x35\x31\x38\x30\x31\x30\x34\x5a\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x05\x88\x2c\x3d\x57\xf4\x75\xbf\x7f\xbe\x9e\x0f\xdf\x8f\x6c\x5f\x08\x56\xc4\x04\xc6\xd6\x3c\xfa\x33\x54\x3e\x42\x1c\x77\xda\x3a\x2a\x48\xcf\xfd\xf1\x6e\xb5\x1d\x94\x06\xfa\xfd\xf8\xba\xec\x66\xc3\x22\x7c\x43\xaa\x48\xaa\x58\x3a\xdc\x2a\x55\x44\x78\xc5\x6e\x0d\x1e\x66\xff\x79\x33\xb3\x26\x22\x86\xa0\x0a\xc0\x59\xb1\xdf\x6d\x07\x2d\x86\x2d\x5b\x0b\x29\x0f\xf3\xc1\x39\x21\x05\xf9\xdb\xdd\x47\x11\x6b\x83\xa0\xc7\x24\xbc\xaa\x42\x43\x9e\x20\x1f\x63\x10\x6c\xeb\x94\x7a\x9c\x44\xaa\x24\xfb\xde\x8f\x49\x92\x1c\xc7\x45\x21\xca\xf9\x1a\x11\x54\x4f\x68\xab\xf0\xce\xd3\x0a\xdc\x9f\xc3\x5d\x8d\x7e\xd4\x96\x30\x74\x31\x95\x04\x55\x8d\xf5\xdf\x3f\x34\x8b\x32\xfc\xf0\x4d\x10\xc6\xc4\x46\xfc\x6a\xb1\xa3\x5c\x9a\xde\xf2\x22\xc3\x5f\x08\x8a\x70\x65\xff\xaa\xf5\xc0\x14\x8b\x13\x47\xff\x0c\x72\x6a\x09\x51\xeb\xec\x92\xc5\xfd\x41\x37\x11\x12\x57\x7b\x47\x9e\x25\xd5\xf2\x10\xc2\xf7\xae\x0e\x72\xfb\x2d\x4f\x8d\x54\xe6\x5a\x71\x2b\xfa\x2b\x9c\xd7\x59\xe5\x31\x30\x21\x3f\x7f\xa7\x85\x07\x31\x93\x9d\x6d\x54\xb2\x40\xa9\x78\xef\x24\xc7\xa0\x82\x03\xea\x30\x82\x03\xe6\x30\x82\x03\xe2\x30\x82\x01\xca\xa0\x03\x02\x01\x02\x02\x08\x68\xfe\x28\x8e\x92\xfb\xa8\x37\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x0b\x05\x00\x30\x11\x31\x0f\x30\x0d\x06\x03\x55\x04\x03\x13\x06\x72\x6f\x6f\x74\x63\x61\x30\x1e\x17\x0d\x31\x39\x31\x31\x32\x30\x31\x36\x32\x34\x30\x30\x5a\x17\x0d\x32\x30\x31\x30\x32\x34\x31\x34\x30\x33\x30\x30\x5a\x30\x00\x30\x82\x01\x22\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x00\x30\x82\x01\x0a\x02\x82\x01\x01\x00\xa8\x01\x88\x20\x4b\xc7\xd7\xaa\x7b\x6b\x5c\x09\xd9\x32\x0e\xf4\x1b\xdd\x46\x4c\x47\xf1\xac\xd6\x61\xda\x89\x6f\x73\x51\xba\xa7\x1e\x43\x03\xfc\xdf\xb4\x07\xe2\x51\x71\xf5\xb6\x3f\x95\xa7\x41\x14\xe5\x4a\xb5\x8c\xfe\x01\x49\x87\xeb\xda\xd1\x6b\x67\xbb\x45\x59\x59\xd0\x47\x87\x24\x7c\x56\xae\xb6\x0e\xc9\x0d\x45\x25\xd4\x49\x3b\x10\x56\xa9\x2d\x68\xc9\x80\xff\x23\xd8\x89\x8b\x58\xe7\x4e\xbd\x59\x40\x68\x6b\x51\x83\xdb\x70\x51\x69\xea\x22\x9c\xbb\x66\x04\x46\x94\x22\xfb\x00\x74\x23\xd0\xe5\xb0\x9d\x69\x54\x85\x38\xb9\x67\xb8\x3c\x45\xeb\xf6\xce\x01\x00\x02\xe4\x42\x77\x50\x30\x1d\xaa\xa1\xa6\x1c\x24\x00\x25\xc2\xa2\x0a\x29\xb6\xb6\xd0\x88\xaa\xe2\xea\x02\xc8\x1a\x94\x73\x0a\x28\x10\x1d\x12\x6d\x35\xa3\xe2\xce\xe8\x53\x87\x2b\x53\xa4\xc0\x0d\x56\x1a\x20\xcd\x6a\x88\xc4\xa2\x33\x12\xf3\xbc\x7d\x56\x39\x9d\x89\xa9\xaf\x3e\xe0\x00\x2c\xb0\x0c\x31\x0d\xdf\x87\xc0\xf1\xa8\x05\x80\xe2\x97\xe4\x61\x62\x4a\x7a\x19\xe5\x3c\x77\x63\x3d\xf9\x0e\x1a\x35\x2f\xa5\xec\xec\x59\xeb\xf9\x3c\x12\x4a\xa7\x9c\x7a\x71\xef\x6f\x96\x03\x02\x03\x01\x00\x01\xa3\x4f\x30\x4d\x30\x09\x06\x03\x55\x1d\x13\x04\x02\x30\x00\x30\x0b\x06\x03\x55\x1d\x0f\x04\x04\x03\x02\x07\x80\x30\x13\x06\x03\x55\x1d\x25\x04\x0c\x30\x0a\x06\x08\x2b\x06\x01\x05\x05\x07\x03\x09\x30\x1e\x06\x09\x60\x86\x48\x01\x86\xf8\x42\x01\x0d\x04\x11\x16\x0f\x78\x63\x61\x20\x63\x65\x72\x74\x69\x66\x69\x63\x61\x74\x65\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x02\x01\x00\x82\x9d\x8f\xa1\x17\x9b\x3b\xee\x86\x1c\xee\x33\xeb\x80\x71\xb5\x7e\x6b\xd7\xcf\x7d\x9a\x8b\x80\x2b\x3c\x65\xde\xe1\x65\x00\x3b\x4a\x27\x7a\x5d\x63\x19\x4e\x59\xde\xfa\x38\x01\x2b\x09\x91\xc1\x70\x81\x8c\x87\x9b\x17\x68\x22\x88\xf2\x57\x8f\x15\x52\x12\x0f\x1d\x43\x2b\xff\x83\x00\x2f\xd0\xf5\xc7\x93\xd4\xf2\x14\xfd\x94\xcc\x9f\x72\x75\x99\x44\x54\xdc\x6a\x39\x75\x80\xd7\x07\x9c\xb9\x67\xe3\xac\x4b\x72\x9f\xe0\x5d\x00\x6e\x60\xc5\x26\xaf\x9f\xf7\x94\xaa\xb1\xa2\x6f\xa0\xe4\xe8\x0d\x1c\x4e\x34\xe8\xa5\x06\x5c\x31\x64\x09\xf3\x67\xea\xe8\x45\x68\xc1\x13\x21\x41\x38\x9c\x2c\xf9\x6c\xb8\x79\xf4\xae\x8c\x27\x12\xa3\x0a\x0f\x12\x56\xbc\xda\x77\x23\xf0\xe2\xa2\x81\xf9\xdd\x0d\x69\x77\xc3\x3d\x08\x9d\xfe\xac\x18\x14\x83\x49\x67\xde\x85\x3a\x09\xd4\x4f\xec\x85\x85\xbc\xab\xd1\xc8\x01\x83\x74\x34\xc0\x03\x4e\x52\x3c\xb2\xed\x3b\xc0\x66\xa7\x41\xbf\x77\x3b\xcc\x12\xee\xf9\x2f\xd8\x50\x6d\x54\xc5\xf8\x5e\x14\x61\x81\x24\xdb\xcb\xf3\xb4\x25\x84\xc6\x3b\x99\x35\x07\x2e\xd0\xb3\x05\x38\xdf\x64\x21\x71\x9e\xe2\xf2\xce\xbc\x27\x80\x4e\x53\x97\xd3\xe1\xc1\x15\x46\x24\x0c\xc5\x86\x0e\x5b\xdf\x22\xb9\xfe\x35\xd6\xf0\x53\xda\x8f\x9b\x9c\x77\x7e\x9e\x41\x6f\x8e\xbc\x7b\xd4\xf0\x6c\x4f\xac\xe2\x91\x69\x8f\x67\x48\xb0\xc8\x80\x06\x10\xb1\x33\xf9\x8b\xf0\x01\x5d\x49\x9a\x5a\x59\xec\xc6\xb4\xad\x79\x9a\x32\x87\x81\x18\xce\x77\xf6\xc6\xa5\xce\x8b\x36\xee\xc6\xcc\x6b\xd7\x76\xbb\x99\xc1\x34\x2c\xda\x6a\x5f\x1d\x47\xc6\x9e\x98\xa0\x1d\xf0\xd4\x8b\x27\x8a\xa4\x7b\x56\xd8\x7c\x12\xa2\x51\x6e\xd1\x52\xa9\xa5\x31\x77\x9f\xf5\x06\xb4\xba\xb4\x60\x24\x55\xa2\x9d\x4b\x02\xcb\xa7\x62\xa5\x3d\x74\x9e\x47\x9e\x14\x84\x0b\x24\xe0\x01\x13\x9c\xf1\x62\xbd\x78\x18\x9b\xa5\xdf\xd8\x77\x7c\xa9\xc7\x09\x94\x61\x79\x41\x60\x2f\xcc\xe1\x15\x28\x3c\x17\x1d\xb6\x95\x78\x28\x91\x9e\xd1\xbc\xd6\x71\xff\x29\x2f\x22\xed\x24\x26\x81\xb8\xb6\x14\x80\x04\x00\x95\xdf\x50\x46\xe6\xa1\xff\x56\x94\xbc\x11\x48\x5c\xbf\xca\xb7\x4f\xac\xa1\x34\x40\x80\x0d\x88\x27\x73\x76\x24\x1a\xa9\x86\x36\x56\x3c\x84\xb8\x97\x38\xa8\x0e\x14\xab\x83\xca\x6b\x64\x7f\xa7\xfb\x86\x63\xc2\x40\xfc" +#define RESP_SIZE (sizeof(RESP) - 1) static int status_func(gnutls_session_t session, void *ptr, - gnutls_datum_t * resp) + gnutls_datum_t *resp) { resp->data = gnutls_malloc(RESP_SIZE); if (resp->data == NULL) @@ -254,7 +253,7 @@ static int status_func(gnutls_session_t session, void *ptr, return 0; } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static int cert_verify_callback(gnutls_session_t session) { @@ -315,8 +314,7 @@ static void client(int fd, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed: %s\n", gnutls_strerror(ret)); @@ -327,8 +325,8 @@ static void client(int fd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (received == 0) { fail("client: didn't receive status request\n"); @@ -395,8 +393,8 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (sent == 0) { fail("status request was sent\n"); @@ -407,7 +405,7 @@ static void server(int fd, const char *prio) */ gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); gnutls_deinit(session); @@ -424,8 +422,7 @@ static void ch_handler(int sig) return; } -static -void start(const char *prio) +static void start(const char *prio) { pid_t child; int fd[2]; @@ -468,4 +465,4 @@ void doit(void) start("NORMAL:-VERS-ALL:+VERS-TLS1.3"); start("NORMAL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/status-request.c b/tests/status-request.c index feb3530e17..49b0acd702 100644 --- a/tests/status-request.c +++ b/tests/status-request.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,20 +35,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" /* This program tests that the client does not send the * status request extension if GNUTLS_NO_DEFAULT_EXTENSIONS is set. @@ -66,17 +66,18 @@ static void client_log_func(int level, const char *str) static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { fail("received status request\n"); exit(1); } -# define RESP "\x30\x82\x06\x8C\x0A\x01\x00\xA0\x82\x06\x85\x30\x82\x06\x81\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\x72\x30\x82\x06\x6E\x30\x82\x01\x07\xA1\x69\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\x30\x64\x30\x62\x30\x3A\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\x13\x9D\xA0\x9E\xF4\x32\xAB\x8F\xE2\x89\x56\x67\xFA\xD0\xD4\xE3\x35\x86\x71\xB9\x04\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\x02\x01\x1D\x80\x00\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\xA0\x11\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x39\x32\x38\x5A\xA1\x23\x30\x21\x30\x1F\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x16\x89\x7D\x91\x3A\xB5\x25\xA4\x45\xFE\xC9\xFD\xC2\xE5\x08\xA4\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x4E\xAD\x6B\x2B\xF7\xF2\xBF\xA9\x23\x1E\x3A\x0B\x06\xDB\x55\x53\x2B\x64\x54\x11\x32\xBF\x60\xF7\x4F\xE0\x8E\x9B\xA0\xA2\x4C\x79\xC3\x2A\xE0\x43\xF7\x40\x1A\xDC\xB9\xB4\x25\xEF\x48\x01\x97\x8C\xF5\x1E\xDB\xD1\x30\x37\x73\x69\xD6\xA7\x7A\x2D\x8E\xDE\x5C\xAA\xEA\x39\xB9\x52\xAA\x25\x1E\x74\x7D\xF9\x78\x95\x8A\x92\x1F\x98\x21\xF4\x60\x7F\xD3\x28\xEE\x47\x9C\xBF\xE2\x5D\xF6\x3F\x68\x0A\xD6\xFF\x08\xC1\xDC\x95\x1E\x29\xD7\x3E\x85\xD5\x65\xA4\x4B\xC0\xAF\xC3\x78\xAB\x06\x98\x88\x19\x8A\x64\xA6\x83\x91\x87\x13\xDB\x17\xCC\x46\xBD\xAB\x4E\xC7\x16\xD1\xF8\x35\xFD\x27\xC8\xF6\x6B\xEB\x37\xB8\x08\x6F\xE2\x6F\xB4\x7E\xD5\x68\xDB\x7F\x5D\x5E\x36\x38\xF2\x77\x59\x13\xE7\x3E\x4D\x67\x5F\xDB\xA2\xF5\x5D\x7C\xBF\xBD\xB5\x37\x33\x51\x36\x63\xF8\x21\x1E\xFC\x73\x8F\x32\x69\xBB\x97\xA7\xBD\xF1\xB6\xE0\x40\x09\x68\xEA\xD5\x93\xB8\xBB\x39\x8D\xA8\x16\x1B\xBF\x04\x7A\xBC\x18\x43\x01\xE9\x3C\x19\x5C\x4D\x4B\x98\xD8\x23\x37\x39\xA4\xC4\xDD\xED\x9C\xEC\x37\xAB\x66\x44\x9B\xE7\x5B\x5D\x32\xA2\xDB\xA6\x0B\x3B\x8C\xE1\xF5\xDB\xCB\x7D\x58\xA0\x82\x04\x4B\x30\x82\x04\x47\x30\x82\x04\x43\x30\x82\x03\x2B\xA0\x03\x02\x01\x02\x02\x01\x1E\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x1E\x17\x0D\x30\x39\x31\x31\x32\x34\x31\x32\x35\x31\x35\x33\x5A\x17\x0D\x31\x34\x31\x31\x32\x33\x31\x32\x35\x31\x35\x33\x5A\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\xBC\x05\x3E\x4B\xBE\xC6\xB1\x33\x48\x0E\xC3\xD4\x0C\xEF\x83\x0B\xBD\xBC\x57\x5F\x14\xEF\xF5\x6D\x0B\xFF\xFA\x01\x9C\xFA\x21\x6D\x5C\xAE\x79\x29\x74\xFE\xBD\xAB\x70\x87\x98\x6B\x48\x35\x79\xE3\xE0\xC1\x14\x41\x1F\x0A\xF7\xE7\xA3\xA6\xDA\x6B\xFF\xCD\x74\xE9\x95\x00\x38\xAA\xD6\x3A\x60\xC6\x64\xA1\xE6\x02\x39\x58\x4E\xFD\xF2\x78\x08\x63\xB6\xD7\x7A\x96\x79\x62\x18\x39\xEE\x27\x8D\x3B\xA2\x3D\x48\x88\xDB\x43\xD6\x6A\x77\x20\x6A\x27\x39\x50\xE0\x02\x50\x19\xF2\x7A\xCF\x78\x23\x99\x01\xD4\xE5\xB1\xD1\x31\xE6\x6B\x84\xAF\xD0\x77\x41\x46\x85\xB0\x3B\xE6\x6A\x00\x0F\x3B\x7E\x95\x7F\x59\xA8\x22\xE8\x49\x49\x05\xC8\xCB\x6C\xEE\x47\xA7\x2D\xC9\x74\x5B\xEB\x8C\xD5\x99\xC2\xE2\x70\xDB\xEA\x87\x43\x84\x0E\x4F\x83\x1C\xA6\xEB\x1F\x22\x38\x17\x69\x9B\x72\x12\x95\x48\x71\xB2\x7B\x92\x73\x52\xAB\xE3\x1A\xA5\xD3\xF4\x44\x14\xBA\xC3\x35\xDA\x91\x6C\x7D\xB4\xC2\x00\x07\xD8\x0A\x51\xF1\x0D\x4C\xD9\x7A\xD1\x99\xE6\xA8\x8D\x0A\x80\xA8\x91\xDD\x8A\xA2\x6B\xF6\xDB\xB0\x3E\xC9\x71\xA9\xE0\x39\xC3\xA3\x58\x0D\x87\xD0\xB2\xA7\x9C\xB7\x69\x02\x03\x01\x00\x01\xA3\x82\x01\x1A\x30\x82\x01\x16\x30\x09\x06\x03\x55\x1D\x13\x04\x02\x30\x00\x30\x0B\x06\x03\x55\x1D\x0F\x04\x04\x03\x02\x03\xA8\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x34\x91\x6E\x91\x32\xBF\x35\x25\x43\xCC\x28\x74\xEF\x82\xC2\x57\x92\x79\x13\x73\x30\x6D\x06\x03\x55\x1D\x23\x04\x66\x30\x64\x80\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\xA1\x49\xA4\x47\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x82\x01\x00\x30\x1E\x06\x03\x55\x1D\x11\x04\x17\x30\x15\x82\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x13\x06\x03\x55\x1D\x25\x04\x0C\x30\x0A\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x39\x06\x03\x55\x1D\x1F\x04\x32\x30\x30\x30\x2E\xA0\x2C\xA0\x2A\x86\x28\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x2F\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x63\x72\x6C\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x03\x82\x01\x01\x00\x6D\x78\xD7\x66\x90\xA6\xEB\xDD\xB5\x09\x48\xA4\xDA\x27\xFA\xAC\xB1\xBC\x8F\x8C\xBE\xCC\x8C\x09\xA2\x40\x0D\x6C\x4A\xAE\x72\x22\x1E\xC8\xAF\x6D\xF1\x12\xAF\xD7\x40\x51\x79\xD4\xDD\xB2\x0C\xDB\x97\x84\xB6\x24\xD5\xF5\xA8\xBB\xC0\x4B\xF9\x7F\x71\xF7\xB0\x65\x42\x4A\x7D\xFE\x76\x7E\x05\xD2\x46\xB8\x7D\xB3\x39\x4C\x5C\xB1\xFA\xB9\xEE\x3B\x70\x33\x39\x57\x1A\xB9\x95\x51\x33\x00\x25\x1B\x4C\xAA\xB4\xA7\x55\xAF\x63\x6D\x6F\x88\x17\x6A\x7F\xB0\x97\xDE\x49\x14\x6A\x27\x6A\xB0\x42\x80\xD6\xA6\x9B\xEF\x04\x5E\x11\x7D\xD5\x8E\x54\x20\xA2\x76\xD4\x66\x58\xAC\x9C\x12\xD3\xF5\xCA\x54\x98\xCA\x21\xEC\xC1\x55\xA1\x2F\x68\x0B\x5D\x04\x50\xD2\x5E\x70\x25\xD8\x13\xD9\x44\x51\x0E\x8A\x42\x08\x18\x84\xE6\x61\xCE\x5A\x7D\x7B\x81\x35\x90\xC3\xD4\x9D\x19\xB6\x37\xEE\x8F\x63\x5C\xDA\xD8\xF0\x64\x60\x39\xEB\x9B\x1C\x54\x66\x75\x76\xB5\x0A\x58\xB9\x3F\x91\xE1\x21\x9C\xA0\x50\x15\x97\xB6\x7E\x41\xBC\xD0\xC4\x21\x4C\xF5\xD7\xF0\x13\xF8\x77\xE9\x74\xC4\x8A\x0E\x20\x17\x32\xAE\x38\xC2\xA5\xA8\x62\x85\x17\xB1\xA2\xD3\x22\x9F\x95\xB7\xA3\x4C" -# define RESP_SIZE (sizeof(RESP)-1) +#define RESP \ + "\x30\x82\x06\x8C\x0A\x01\x00\xA0\x82\x06\x85\x30\x82\x06\x81\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\x72\x30\x82\x06\x6E\x30\x82\x01\x07\xA1\x69\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\x30\x64\x30\x62\x30\x3A\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\x13\x9D\xA0\x9E\xF4\x32\xAB\x8F\xE2\x89\x56\x67\xFA\xD0\xD4\xE3\x35\x86\x71\xB9\x04\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\x02\x01\x1D\x80\x00\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\xA0\x11\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x39\x32\x38\x5A\xA1\x23\x30\x21\x30\x1F\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x16\x89\x7D\x91\x3A\xB5\x25\xA4\x45\xFE\xC9\xFD\xC2\xE5\x08\xA4\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x4E\xAD\x6B\x2B\xF7\xF2\xBF\xA9\x23\x1E\x3A\x0B\x06\xDB\x55\x53\x2B\x64\x54\x11\x32\xBF\x60\xF7\x4F\xE0\x8E\x9B\xA0\xA2\x4C\x79\xC3\x2A\xE0\x43\xF7\x40\x1A\xDC\xB9\xB4\x25\xEF\x48\x01\x97\x8C\xF5\x1E\xDB\xD1\x30\x37\x73\x69\xD6\xA7\x7A\x2D\x8E\xDE\x5C\xAA\xEA\x39\xB9\x52\xAA\x25\x1E\x74\x7D\xF9\x78\x95\x8A\x92\x1F\x98\x21\xF4\x60\x7F\xD3\x28\xEE\x47\x9C\xBF\xE2\x5D\xF6\x3F\x68\x0A\xD6\xFF\x08\xC1\xDC\x95\x1E\x29\xD7\x3E\x85\xD5\x65\xA4\x4B\xC0\xAF\xC3\x78\xAB\x06\x98\x88\x19\x8A\x64\xA6\x83\x91\x87\x13\xDB\x17\xCC\x46\xBD\xAB\x4E\xC7\x16\xD1\xF8\x35\xFD\x27\xC8\xF6\x6B\xEB\x37\xB8\x08\x6F\xE2\x6F\xB4\x7E\xD5\x68\xDB\x7F\x5D\x5E\x36\x38\xF2\x77\x59\x13\xE7\x3E\x4D\x67\x5F\xDB\xA2\xF5\x5D\x7C\xBF\xBD\xB5\x37\x33\x51\x36\x63\xF8\x21\x1E\xFC\x73\x8F\x32\x69\xBB\x97\xA7\xBD\xF1\xB6\xE0\x40\x09\x68\xEA\xD5\x93\xB8\xBB\x39\x8D\xA8\x16\x1B\xBF\x04\x7A\xBC\x18\x43\x01\xE9\x3C\x19\x5C\x4D\x4B\x98\xD8\x23\x37\x39\xA4\xC4\xDD\xED\x9C\xEC\x37\xAB\x66\x44\x9B\xE7\x5B\x5D\x32\xA2\xDB\xA6\x0B\x3B\x8C\xE1\xF5\xDB\xCB\x7D\x58\xA0\x82\x04\x4B\x30\x82\x04\x47\x30\x82\x04\x43\x30\x82\x03\x2B\xA0\x03\x02\x01\x02\x02\x01\x1E\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x1E\x17\x0D\x30\x39\x31\x31\x32\x34\x31\x32\x35\x31\x35\x33\x5A\x17\x0D\x31\x34\x31\x31\x32\x33\x31\x32\x35\x31\x35\x33\x5A\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\xBC\x05\x3E\x4B\xBE\xC6\xB1\x33\x48\x0E\xC3\xD4\x0C\xEF\x83\x0B\xBD\xBC\x57\x5F\x14\xEF\xF5\x6D\x0B\xFF\xFA\x01\x9C\xFA\x21\x6D\x5C\xAE\x79\x29\x74\xFE\xBD\xAB\x70\x87\x98\x6B\x48\x35\x79\xE3\xE0\xC1\x14\x41\x1F\x0A\xF7\xE7\xA3\xA6\xDA\x6B\xFF\xCD\x74\xE9\x95\x00\x38\xAA\xD6\x3A\x60\xC6\x64\xA1\xE6\x02\x39\x58\x4E\xFD\xF2\x78\x08\x63\xB6\xD7\x7A\x96\x79\x62\x18\x39\xEE\x27\x8D\x3B\xA2\x3D\x48\x88\xDB\x43\xD6\x6A\x77\x20\x6A\x27\x39\x50\xE0\x02\x50\x19\xF2\x7A\xCF\x78\x23\x99\x01\xD4\xE5\xB1\xD1\x31\xE6\x6B\x84\xAF\xD0\x77\x41\x46\x85\xB0\x3B\xE6\x6A\x00\x0F\x3B\x7E\x95\x7F\x59\xA8\x22\xE8\x49\x49\x05\xC8\xCB\x6C\xEE\x47\xA7\x2D\xC9\x74\x5B\xEB\x8C\xD5\x99\xC2\xE2\x70\xDB\xEA\x87\x43\x84\x0E\x4F\x83\x1C\xA6\xEB\x1F\x22\x38\x17\x69\x9B\x72\x12\x95\x48\x71\xB2\x7B\x92\x73\x52\xAB\xE3\x1A\xA5\xD3\xF4\x44\x14\xBA\xC3\x35\xDA\x91\x6C\x7D\xB4\xC2\x00\x07\xD8\x0A\x51\xF1\x0D\x4C\xD9\x7A\xD1\x99\xE6\xA8\x8D\x0A\x80\xA8\x91\xDD\x8A\xA2\x6B\xF6\xDB\xB0\x3E\xC9\x71\xA9\xE0\x39\xC3\xA3\x58\x0D\x87\xD0\xB2\xA7\x9C\xB7\x69\x02\x03\x01\x00\x01\xA3\x82\x01\x1A\x30\x82\x01\x16\x30\x09\x06\x03\x55\x1D\x13\x04\x02\x30\x00\x30\x0B\x06\x03\x55\x1D\x0F\x04\x04\x03\x02\x03\xA8\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x34\x91\x6E\x91\x32\xBF\x35\x25\x43\xCC\x28\x74\xEF\x82\xC2\x57\x92\x79\x13\x73\x30\x6D\x06\x03\x55\x1D\x23\x04\x66\x30\x64\x80\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\xA1\x49\xA4\x47\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x82\x01\x00\x30\x1E\x06\x03\x55\x1D\x11\x04\x17\x30\x15\x82\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x13\x06\x03\x55\x1D\x25\x04\x0C\x30\x0A\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x39\x06\x03\x55\x1D\x1F\x04\x32\x30\x30\x30\x2E\xA0\x2C\xA0\x2A\x86\x28\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x2F\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x63\x72\x6C\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x03\x82\x01\x01\x00\x6D\x78\xD7\x66\x90\xA6\xEB\xDD\xB5\x09\x48\xA4\xDA\x27\xFA\xAC\xB1\xBC\x8F\x8C\xBE\xCC\x8C\x09\xA2\x40\x0D\x6C\x4A\xAE\x72\x22\x1E\xC8\xAF\x6D\xF1\x12\xAF\xD7\x40\x51\x79\xD4\xDD\xB2\x0C\xDB\x97\x84\xB6\x24\xD5\xF5\xA8\xBB\xC0\x4B\xF9\x7F\x71\xF7\xB0\x65\x42\x4A\x7D\xFE\x76\x7E\x05\xD2\x46\xB8\x7D\xB3\x39\x4C\x5C\xB1\xFA\xB9\xEE\x3B\x70\x33\x39\x57\x1A\xB9\x95\x51\x33\x00\x25\x1B\x4C\xAA\xB4\xA7\x55\xAF\x63\x6D\x6F\x88\x17\x6A\x7F\xB0\x97\xDE\x49\x14\x6A\x27\x6A\xB0\x42\x80\xD6\xA6\x9B\xEF\x04\x5E\x11\x7D\xD5\x8E\x54\x20\xA2\x76\xD4\x66\x58\xAC\x9C\x12\xD3\xF5\xCA\x54\x98\xCA\x21\xEC\xC1\x55\xA1\x2F\x68\x0B\x5D\x04\x50\xD2\x5E\x70\x25\xD8\x13\xD9\x44\x51\x0E\x8A\x42\x08\x18\x84\xE6\x61\xCE\x5A\x7D\x7B\x81\x35\x90\xC3\xD4\x9D\x19\xB6\x37\xEE\x8F\x63\x5C\xDA\xD8\xF0\x64\x60\x39\xEB\x9B\x1C\x54\x66\x75\x76\xB5\x0A\x58\xB9\x3F\x91\xE1\x21\x9C\xA0\x50\x15\x97\xB6\x7E\x41\xBC\xD0\xC4\x21\x4C\xF5\xD7\xF0\x13\xF8\x77\xE9\x74\xC4\x8A\x0E\x20\x17\x32\xAE\x38\xC2\xA5\xA8\x62\x85\x17\xB1\xA2\xD3\x22\x9F\x95\xB7\xA3\x4C" +#define RESP_SIZE (sizeof(RESP) - 1) static int status_func(gnutls_session_t session, void *ptr, - gnutls_datum_t * resp) + gnutls_datum_t *resp) { resp->data = gnutls_malloc(RESP_SIZE); if (resp->data == NULL) @@ -87,10 +88,10 @@ static int status_func(gnutls_session_t session, void *ptr, return 0; } -# define MAX_BUF 1024 +#define MAX_BUF 1024 /* Keep backward compatibility */ -# define GNUTLS_NO_EXTENSIONS GNUTLS_NO_DEFAULT_EXTENSIONS +#define GNUTLS_NO_EXTENSIONS GNUTLS_NO_DEFAULT_EXTENSIONS static void client(int fd, const char *prio) { @@ -110,8 +111,8 @@ static void client(int fd, const char *prio) /* Initialize TLS session */ - assert(gnutls_init - (&session, GNUTLS_CLIENT | GNUTLS_NO_DEFAULT_EXTENSIONS) >= 0); + assert(gnutls_init(&session, + GNUTLS_CLIENT | GNUTLS_NO_DEFAULT_EXTENSIONS) >= 0); assert(gnutls_priority_set_direct(session, prio, NULL) >= 0); @@ -125,8 +126,7 @@ static void client(int fd, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret == GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM) { /* success */ @@ -145,8 +145,8 @@ static void client(int fd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { do { @@ -164,7 +164,7 @@ static void client(int fd, const char *prio) gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -228,14 +228,14 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* do not wait for the peer to close the connection. */ gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); gnutls_deinit(session); @@ -252,8 +252,7 @@ static void ch_handler(int sig) return; } -static -void start(const char *prio) +static void start(const char *prio) { pid_t child; int fd[2]; @@ -302,4 +301,4 @@ void doit(void) start("NORMAL:-VERS-ALL:+VERS-TLS1.3"); start("NORMAL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/str-idna.c b/tests/str-idna.c index bd7f9e21ed..a6d1a90360 100644 --- a/tests/str-idna.c +++ b/tests/str-idna.c @@ -33,38 +33,44 @@ #define GLOBAL_FLAGS 0 -#define MATCH_FUNC(fname, str, normalized) \ -static void fname(void **glob_state) \ -{ \ - gnutls_datum_t out; \ - int ret = gnutls_idna_map(str, strlen(str), &out, GLOBAL_FLAGS); \ - if (normalized == NULL) { /* expect failure */ \ - assert_int_not_equal(ret, 0); \ - return; \ - } else { \ - assert_int_equal(ret, 0); \ - } \ - assert_int_equal(strcmp((char*)out.data, (char*)normalized), 0); \ - gnutls_free(out.data); \ -} +#define MATCH_FUNC(fname, str, normalized) \ + static void fname(void **glob_state) \ + { \ + gnutls_datum_t out; \ + int ret = \ + gnutls_idna_map(str, strlen(str), &out, GLOBAL_FLAGS); \ + if (normalized == NULL) { /* expect failure */ \ + assert_int_not_equal(ret, 0); \ + return; \ + } else { \ + assert_int_equal(ret, 0); \ + } \ + assert_int_equal(strcmp((char *)out.data, (char *)normalized), \ + 0); \ + gnutls_free(out.data); \ + } -#define MATCH_FUNC_TWO_WAY(fname, str, normalized) \ -static void fname##_reverse(void **glob_state) \ -{ \ - gnutls_datum_t out; \ - int ret; \ - if (normalized == NULL) \ - return; \ - ret = gnutls_idna_reverse_map(normalized, strlen(normalized), &out, 0); \ - assert_int_equal(ret, 0); \ - \ - assert_int_equal(strcmp((char*)out.data, (char*)str), 0); \ - gnutls_free(out.data); \ -} \ -MATCH_FUNC(fname, str, normalized) +#define MATCH_FUNC_TWO_WAY(fname, str, normalized) \ + static void fname##_reverse(void **glob_state) \ + { \ + gnutls_datum_t out; \ + int ret; \ + if (normalized == NULL) \ + return; \ + ret = gnutls_idna_reverse_map(normalized, strlen(normalized), \ + &out, 0); \ + assert_int_equal(ret, 0); \ + \ + assert_int_equal(strcmp((char *)out.data, (char *)str), 0); \ + gnutls_free(out.data); \ + } \ + MATCH_FUNC(fname, str, normalized) -#define EMPTY_FUNC(name) static void name(void **glob_state) { \ - return; } +#define EMPTY_FUNC(name) \ + static void name(void **glob_state) \ + { \ + return; \ + } /* some vectors taken from: * https://www.unicode.org/Public/idna/9.0.0/IdnaTest.txt diff --git a/tests/str-unicode.c b/tests/str-unicode.c index d0601326bb..4f4c985ab3 100644 --- a/tests/str-unicode.c +++ b/tests/str-unicode.c @@ -30,35 +30,42 @@ #include #include -#define MATCH_FUNC(fname, password, normalized) \ -static void fname(void **glob_state) \ -{ \ - const char *pwd_normalized = normalized; \ - gnutls_datum_t out; \ - int ret = gnutls_utf8_password_normalize((uint8_t*)password, strlen(password), &out, 0); \ - if (pwd_normalized == NULL) { /* expect failure */ \ - assert_int_not_equal(ret, 0); \ - } else { \ - assert_int_equal(ret, 0); \ - assert_int_equal(strcmp((char*)out.data, (char*)pwd_normalized), 0); \ - gnutls_free(out.data); \ - } \ -} +#define MATCH_FUNC(fname, password, normalized) \ + static void fname(void **glob_state) \ + { \ + const char *pwd_normalized = normalized; \ + gnutls_datum_t out; \ + int ret = gnutls_utf8_password_normalize( \ + (uint8_t *)password, strlen(password), &out, 0); \ + if (pwd_normalized == NULL) { /* expect failure */ \ + assert_int_not_equal(ret, 0); \ + } else { \ + assert_int_equal(ret, 0); \ + assert_int_equal(strcmp((char *)out.data, \ + (char *)pwd_normalized), \ + 0); \ + gnutls_free(out.data); \ + } \ + } -#define INVALID_MATCH_FUNC(fname, password, normalized) \ -static void inv_##fname(void **glob_state) \ -{ \ - const char *pwd_normalized = normalized; \ - gnutls_datum_t out; \ - int ret = gnutls_utf8_password_normalize((uint8_t*)password, strlen(password), &out, GNUTLS_UTF8_IGNORE_ERRS); \ - if (pwd_normalized == NULL) { \ - assert_int_not_equal(ret, 0); \ - } else { \ - assert_int_equal(ret, 0); \ - assert_int_equal(strcmp((char*)out.data, (char*)pwd_normalized), 0); \ - gnutls_free(out.data); \ - } \ -} +#define INVALID_MATCH_FUNC(fname, password, normalized) \ + static void inv_##fname(void **glob_state) \ + { \ + const char *pwd_normalized = normalized; \ + gnutls_datum_t out; \ + int ret = gnutls_utf8_password_normalize( \ + (uint8_t *)password, strlen(password), &out, \ + GNUTLS_UTF8_IGNORE_ERRS); \ + if (pwd_normalized == NULL) { \ + assert_int_not_equal(ret, 0); \ + } else { \ + assert_int_equal(ret, 0); \ + assert_int_equal(strcmp((char *)out.data, \ + (char *)pwd_normalized), \ + 0); \ + gnutls_free(out.data); \ + } \ + } MATCH_FUNC(test_ascii, "correct horse battery staple", "correct horse battery staple"); @@ -79,10 +86,14 @@ MATCH_FUNC(test_compatibility, "char \xcf\x90\xe2\x84\xb5", MATCH_FUNC(test_invalid_ignorable1, "my ignorable char is \xe2\x80\x8f", NULL); MATCH_FUNC(test_invalid_ignorable2, "my ignorable char is \xe1\x85\x9f", NULL); MATCH_FUNC(test_invalid_ignorable3, "my ignorable char is \xef\xbf\xbf", NULL); -MATCH_FUNC(test_invalid_exception1, "my exception is \xc2\xb7", NULL); /* CONTEXTO - disallowed */ -MATCH_FUNC(test_invalid_exception2, "my exception is \xcf\x82", "my exception is ς"); /* PVALID */ -MATCH_FUNC(test_invalid_exception3, "my exception is \xd9\xa2", NULL); /* CONTEXT0/PVALID */ -MATCH_FUNC(test_invalid_exception4, "my exception is \xe3\x80\xae", NULL); /* CONTEXT0/DISALLOWED */ +MATCH_FUNC(test_invalid_exception1, "my exception is \xc2\xb7", + NULL); /* CONTEXTO - disallowed */ +MATCH_FUNC(test_invalid_exception2, "my exception is \xcf\x82", + "my exception is ς"); /* PVALID */ +MATCH_FUNC(test_invalid_exception3, "my exception is \xd9\xa2", + NULL); /* CONTEXT0/PVALID */ +MATCH_FUNC(test_invalid_exception4, "my exception is \xe3\x80\xae", + NULL); /* CONTEXT0/DISALLOWED */ MATCH_FUNC(test_invalid_join_control, "my exception is \xe2\x80\x8d", NULL); INVALID_MATCH_FUNC(test_ascii, "correct horse battery staple", @@ -95,7 +106,8 @@ INVALID_MATCH_FUNC(test_invalid_exception1, "my exception is \xc2\xb7", "my exception is ·"); INVALID_MATCH_FUNC(test_invalid_exception3, "my exception is \xd9\xa2", "my exception is \xd9\xa2"); -INVALID_MATCH_FUNC(test_invalid_exception4, "my exception is \xe3\x80\xae", "my exception is \xe3\x80\xae"); /* CONTEXT0/DISALLOWED */ +INVALID_MATCH_FUNC(test_invalid_exception4, "my exception is \xe3\x80\xae", + "my exception is \xe3\x80\xae"); /* CONTEXT0/DISALLOWED */ INVALID_MATCH_FUNC(test_invalid_join_control, "my exception is \xe2\x80\x8d", "my exception is \xe2\x80\x8d"); diff --git a/tests/strict-der.c b/tests/strict-der.c index e1cdd26b95..7dabb790e6 100644 --- a/tests/strict-der.c +++ b/tests/strict-der.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,10 +30,10 @@ #include #include #if !defined(_WIN32) -# include -# include -# include -# include +#include +#include +#include +#include #endif #include #include @@ -54,32 +54,33 @@ static void tls_log_func(int level, const char *str) * gnutls versions that would still be parsed and the wrong DER was * "corrected" but now we should reject these */ static unsigned char cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIFXzCCBEegAwIBAgIQHYWDpKNVUzEFx4Pq8yjxbTANBgkqhkiG9w0BAQUFADCBtTELMAkGA1UE\n" - "BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBO\n" - "ZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t\n" - "L3JwYSAoYykxMDEvMC0GA1UEAxMmVmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0g\n" - "RzMwHxcOMTQwMjI3MDAwMDAwWgAXDTE1MDIyODIzNTk1OVowZzELMAkGA1UEBhMCVVMxEzARBgNV\n" - "BAgTCldhc2hpbmd0b24xEDAOBgNVBAcUB1NlYXR0bGUxGDAWBgNVBAoUD0FtYXpvbi5jb20gSW5j\n" - "LjEXMBUGA1UEAxQOd3d3LmFtYXpvbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB\n" - "AQCXX4njj63+AK39SJXnf4ove+NO2Z46WgeccZuPUOD89/ucZg9C2K3uwo59QO1t2ZR5IucxVWaV\n" - "vSW/9z30hA2ObJco5Cw9o3ZdoFXn0rYUmbWMW+XmL+/bSBDdFPQGfP1WhsFKJJfJ9TIrXBAsTSzH\n" - "uC6qFZktvZ1yE0081+bdyOHVHjAQzSPsYFaSUqccMwPvy/sMaI+Um+GCf2PolJJwpI1+j6WmTEVg\n" - "RBNHarxtNqpcV3rAFdJ5imL427agMqFur4Iz/OYeoCRBEiKk02ctRzoBaTvF09OQqRg3I4T9bE71\n" - "xe1cdWo/sQ4nRiy1tfPBt+aBSiIRMh0Fdle780QFAgMBAAGjggG1MIIBsTBQBgNVHREESTBHghF1\n" - "ZWRhdGEuYW1hem9uLmNvbYIKYW1hem9uLmNvbYIIYW16bi5jb22CDHd3dy5hbXpuLmNvbYIOd3d3\n" - "LmFtYXpvbi5jb20wCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH\n" - "AwEGCCsGAQUFBwMCMEMGA1UdIAQ8MDowOAYKYIZIAYb4RQEHNjAqMCgGCCsGAQUFBwIBFhxodHRw\n" - "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMB8GA1UdIwQYMBaAFA1EXBZTRMGCfh0gqyX0AWPYvnml\n" - "MEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9TVlJTZWN1cmUtRzMtY3JsLnZlcmlzaWduLmNvbS9T\n" - "VlJTZWN1cmVHMy5jcmwwdgYIKwYBBQUHAQEEajBoMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC52\n" - "ZXJpc2lnbi5jb20wQAYIKwYBBQUHMAKGNGh0dHA6Ly9TVlJTZWN1cmUtRzMtYWlhLnZlcmlzaWdu\n" - "LmNvbS9TVlJTZWN1cmVHMy5jZXIwDQYJKoZIhvcNAQEFBQADggEBADnmX45CNMkf57rQjB6ef7gf\n" - "3r5AfKiGMYdSim4TwU5qcpJicYiyqwQXAQbvZFuZTGzT0jXJROLAsjdHcQiR8D5u7mzVMbJg0kz0\n" - "yTsdDM5dFmVWme3l958NZI/I0qCtH+Z/O0cyivOTMARbBJ+92dqQ78U3He9gRNE9VCS3FNgObhwC\n" - "cr5tkKTlgSESpSRyBwnLucY4+ci5xjvYndHIzoxII/X9TKOIc2sC+b0H5KP8RcQLAO9G5Nra7+eJ\n" - "IC74ZgFvgejqTd2f8QeJljTsNxvG4P7vqQi73fCkTuVfCk5YDtTU2joGAujgBd1EjTIbjWYeoebV\n" - "gN5gPKxa/GbGsoQ=\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIFXzCCBEegAwIBAgIQHYWDpKNVUzEFx4Pq8yjxbTANBgkqhkiG9w0BAQUFADCBtTELMAkGA1UE\n" + "BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBO\n" + "ZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t\n" + "L3JwYSAoYykxMDEvMC0GA1UEAxMmVmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0g\n" + "RzMwHxcOMTQwMjI3MDAwMDAwWgAXDTE1MDIyODIzNTk1OVowZzELMAkGA1UEBhMCVVMxEzARBgNV\n" + "BAgTCldhc2hpbmd0b24xEDAOBgNVBAcUB1NlYXR0bGUxGDAWBgNVBAoUD0FtYXpvbi5jb20gSW5j\n" + "LjEXMBUGA1UEAxQOd3d3LmFtYXpvbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB\n" + "AQCXX4njj63+AK39SJXnf4ove+NO2Z46WgeccZuPUOD89/ucZg9C2K3uwo59QO1t2ZR5IucxVWaV\n" + "vSW/9z30hA2ObJco5Cw9o3ZdoFXn0rYUmbWMW+XmL+/bSBDdFPQGfP1WhsFKJJfJ9TIrXBAsTSzH\n" + "uC6qFZktvZ1yE0081+bdyOHVHjAQzSPsYFaSUqccMwPvy/sMaI+Um+GCf2PolJJwpI1+j6WmTEVg\n" + "RBNHarxtNqpcV3rAFdJ5imL427agMqFur4Iz/OYeoCRBEiKk02ctRzoBaTvF09OQqRg3I4T9bE71\n" + "xe1cdWo/sQ4nRiy1tfPBt+aBSiIRMh0Fdle780QFAgMBAAGjggG1MIIBsTBQBgNVHREESTBHghF1\n" + "ZWRhdGEuYW1hem9uLmNvbYIKYW1hem9uLmNvbYIIYW16bi5jb22CDHd3dy5hbXpuLmNvbYIOd3d3\n" + "LmFtYXpvbi5jb20wCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH\n" + "AwEGCCsGAQUFBwMCMEMGA1UdIAQ8MDowOAYKYIZIAYb4RQEHNjAqMCgGCCsGAQUFBwIBFhxodHRw\n" + "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMB8GA1UdIwQYMBaAFA1EXBZTRMGCfh0gqyX0AWPYvnml\n" + "MEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9TVlJTZWN1cmUtRzMtY3JsLnZlcmlzaWduLmNvbS9T\n" + "VlJTZWN1cmVHMy5jcmwwdgYIKwYBBQUHAQEEajBoMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC52\n" + "ZXJpc2lnbi5jb20wQAYIKwYBBQUHMAKGNGh0dHA6Ly9TVlJTZWN1cmUtRzMtYWlhLnZlcmlzaWdu\n" + "LmNvbS9TVlJTZWN1cmVHMy5jZXIwDQYJKoZIhvcNAQEFBQADggEBADnmX45CNMkf57rQjB6ef7gf\n" + "3r5AfKiGMYdSim4TwU5qcpJicYiyqwQXAQbvZFuZTGzT0jXJROLAsjdHcQiR8D5u7mzVMbJg0kz0\n" + "yTsdDM5dFmVWme3l958NZI/I0qCtH+Z/O0cyivOTMARbBJ+92dqQ78U3He9gRNE9VCS3FNgObhwC\n" + "cr5tkKTlgSESpSRyBwnLucY4+ci5xjvYndHIzoxII/X9TKOIc2sC+b0H5KP8RcQLAO9G5Nra7+eJ\n" + "IC74ZgFvgejqTd2f8QeJljTsNxvG4P7vqQi73fCkTuVfCk5YDtTU2joGAujgBd1EjTIbjWYeoebV\n" + "gN5gPKxa/GbGsoQ=\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t cert = { cert_pem, sizeof(cert_pem) - 1 }; diff --git a/tests/suite/eagain-cli.c b/tests/suite/eagain-cli.c index 2d05dbccb3..b3de2b9702 100644 --- a/tests/suite/eagain-cli.c +++ b/tests/suite/eagain-cli.c @@ -41,8 +41,8 @@ EV_P; ev_io remote_w; gnutls_session_t session; -static const char -*SSL_GNUTLS_PRINT_HANDSHAKE_STATUS(gnutls_handshake_description_t status) +static const char * +SSL_GNUTLS_PRINT_HANDSHAKE_STATUS(gnutls_handshake_description_t status) { return gnutls_handshake_description_get_name(status); } @@ -53,7 +53,7 @@ static const char static int _tcp_connect_eagain(void) { const char *PORT = getenv("PORT"); - const char *SERVER = "127.0.0.1"; //verisign.com + const char *SERVER = "127.0.0.1"; //verisign.com int err, sd; int flag = 1, curstate = 0; struct sockaddr_in sa; @@ -76,8 +76,8 @@ static int _tcp_connect_eagain(void) } /* lower the send buffers to force EAGAIN */ - assert(setsockopt - (sd, IPPROTO_TCP, TCP_NODELAY, (char *)&flag, sizeof(int)) >= 0); + assert(setsockopt(sd, IPPROTO_TCP, TCP_NODELAY, (char *)&flag, + sizeof(int)) >= 0); assert(fcntl(sd, F_SETFL, O_NONBLOCK) >= 0); return sd; @@ -85,14 +85,14 @@ static int _tcp_connect_eagain(void) static void tcp_close(int sd) { - shutdown(sd, SHUT_RDWR); /* no more receptions */ + shutdown(sd, SHUT_RDWR); /* no more receptions */ close(sd); } /* We provide this helper to ensure that we test EAGAIN while writing * even on a reliable connection */ -static ssize_t -_client_push(gnutls_transport_ptr_t tr, const void *data, size_t len) +static ssize_t _client_push(gnutls_transport_ptr_t tr, const void *data, + size_t len) { struct timeval tv; @@ -125,7 +125,7 @@ static int _client_pull_timeout(gnutls_transport_ptr_t ptr, unsigned int ms) return gnutls_system_recv_timeout(ptr, ms); } -static void _process_data(EV_P_ ev_io * w, int revents) +static void _process_data(EV_P_ ev_io *w, int revents) { static int ret = -1, lastret = 0; static unsigned int count = 0; @@ -163,24 +163,23 @@ static void _process_data(EV_P_ ev_io * w, int revents) fprintf(stderr, "gnutls returned with: %s - %s\n", gnutls_strerror_name(ret), gnutls_strerror(ret)); - if ((ret == GNUTLS_E_WARNING_ALERT_RECEIVED) - || (ret == GNUTLS_E_FATAL_ALERT_RECEIVED)) + if ((ret == GNUTLS_E_WARNING_ALERT_RECEIVED) || + (ret == GNUTLS_E_FATAL_ALERT_RECEIVED)) fprintf(stderr, "Also received alert: %s\n", - gnutls_alert_get_name - (gnutls_alert_get(session))); + gnutls_alert_get_name( + gnutls_alert_get(session))); fprintf(stderr, "last out: %s\n", - SSL_GNUTLS_PRINT_HANDSHAKE_STATUS - (gnutls_handshake_get_last_out(session))); + SSL_GNUTLS_PRINT_HANDSHAKE_STATUS( + gnutls_handshake_get_last_out(session))); fprintf(stderr, "last in: %s\n", - SSL_GNUTLS_PRINT_HANDSHAKE_STATUS - (gnutls_handshake_get_last_in(session))); + SSL_GNUTLS_PRINT_HANDSHAKE_STATUS( + gnutls_handshake_get_last_in(session))); } if (gnutls_error_is_fatal(ret)) { fprintf(stderr, "yarrr this be an error!"); exit(1); } - } if (ret == GNUTLS_E_SUCCESS) { @@ -212,16 +211,16 @@ static void try(const char *name, const char *prio) assert(gnutls_init(&session, GNUTLS_CLIENT) >= 0); gnutls_transport_set_push_function(session, _client_push); gnutls_transport_set_pull_function(session, _client_pull); - gnutls_transport_set_pull_timeout_function(session, - _client_pull_timeout); + gnutls_transport_set_pull_timeout_function( + session, _client_pull_timeout); gnutls_handshake_set_timeout(session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT); assert(gnutls_priority_set_direct(session, prio, NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, c_certcred); - gnutls_server_name_set(session, GNUTLS_NAME_DNS, - "localhost", strlen("localhost")); + gnutls_server_name_set(session, GNUTLS_NAME_DNS, "localhost", + strlen("localhost")); sd = _tcp_connect_eagain(); diff --git a/tests/suite/mini-record-timing.c b/tests/suite/mini-record-timing.c index 01309c7680..b4b763a44f 100644 --- a/tests/suite/mini-record-timing.c +++ b/tests/suite/mini-record-timing.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,29 +35,29 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include //#define USE_RDTSC //#define TEST_ETM -# include -# include -# include -# ifdef USE_RDTSC -# include -# endif +#include +#include +#include +#ifdef USE_RDTSC +#include +#endif -# ifdef DEBUG +#ifdef DEBUG static void server_log_func(int level, const char *str) { fprintf(stderr, "server|<%d>| %s", level, str); @@ -67,22 +67,22 @@ static void client_log_func(int level, const char *str) { fprintf(stderr, "client|<%d>| %s", level, str); } -# endif +#endif -# ifndef _POSIX_TIMERS -# error need posix timers -# endif +#ifndef _POSIX_TIMERS +#error need posix timers +#endif -# define CLOCK_TO_USE CLOCK_MONOTONIC +#define CLOCK_TO_USE CLOCK_MONOTONIC //#define CLOCK_TO_USE CLOCK_MONOTONIC_RAW //#define CLOCK_TO_USE CLOCK_PROCESS_CPUTIME_ID /* This program tests the robustness of record * decoding. */ -# define MAX_PER_POINT (8*1024) -# define WARM_UP (2) -# define MAX_BUF 1024 +#define MAX_PER_POINT (8 * 1024) +#define WARM_UP (2) +#define MAX_BUF 1024 struct point_st { unsigned char byte1; @@ -113,8 +113,8 @@ static ssize_t push(gnutls_transport_ptr_t tr, const void *_data, size_t len) return send(fd, _data, len, 0); } -static ssize_t -push_crippled(gnutls_transport_ptr_t tr, const void *_data, size_t len) +static ssize_t push_crippled(gnutls_transport_ptr_t tr, const void *_data, + size_t len) { int fd = (long int)tr; unsigned char *data = (void *)_data; @@ -144,16 +144,16 @@ push_crippled(gnutls_transport_ptr_t tr, const void *_data, size_t len) return send(fd, data, len, 0); } -# ifndef USE_RDTSC +#ifndef USE_RDTSC static unsigned long timespec_sub_ns(struct timespec *a, struct timespec *b) { return (a->tv_sec - b->tv_sec) * 1000 * 1000 * 1000 + a->tv_nsec - - b->tv_nsec; + b->tv_nsec; } -# endif +#endif -static void -client(int fd, const char *prio, unsigned int text_size, struct test_st *test) +static void client(int fd, const char *prio, unsigned int text_size, + struct test_st *test) { int ret; char buffer[MAX_BUF + 1]; @@ -174,10 +174,10 @@ client(int fd, const char *prio, unsigned int text_size, struct test_st *test) memset(text, test->fill, text_size); -# ifdef DEBUG +#ifdef DEBUG gnutls_global_set_log_function(client_log_func); gnutls_global_set_log_level(6); -# endif +#endif gnutls_psk_allocate_client_credentials(&pskcred); gnutls_psk_set_client_credentials(pskcred, "test", &key, @@ -205,8 +205,7 @@ client(int fd, const char *prio, unsigned int text_size, struct test_st *test) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fprintf(stderr, "client: Handshake failed: %s\n", @@ -223,7 +222,7 @@ client(int fd, const char *prio, unsigned int text_size, struct test_st *test) gnutls_transport_set_push_function(session, push_crippled); - restart: +restart: do { ret = gnutls_record_send(session, text, text_size); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); @@ -231,8 +230,8 @@ client(int fd, const char *prio, unsigned int text_size, struct test_st *test) do { ret = gnutls_record_recv(session, buffer, sizeof(buffer)); - } while (ret < 0 - && (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED)); + } while (ret < 0 && + (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED)); if (ret > 0) { struct point_st *point_ptr = NULL; @@ -256,7 +255,7 @@ client(int fd, const char *prio, unsigned int text_size, struct test_st *test) memcpy(&measurement, buffer, sizeof(measurement)); if (point_ptr->midx < MAX_PER_POINT) { point_ptr->smeasurements[point_ptr->midx] = - measurement; + measurement; point_ptr->midx++; point_idx++; @@ -270,7 +269,7 @@ client(int fd, const char *prio, unsigned int text_size, struct test_st *test) abort(); } - finish: +finish: fprintf(stderr, "\ntest completed\n"); gnutls_transport_set_push_function(session, push); @@ -294,10 +293,9 @@ client(int fd, const char *prio, unsigned int text_size, struct test_st *test) fprintf(fp, "%u,", (unsigned)test->points[i].byte1); for (j = 0; j < MAX_PER_POINT; j++) { fprintf(fp, "%u%s", - (unsigned)test-> - points[i].smeasurements[j], + (unsigned)test->points[i] + .smeasurements[j], (j != MAX_PER_POINT - 1) ? "," : ""); - } fprintf(fp, "\n"); } @@ -319,8 +317,8 @@ client(int fd, const char *prio, unsigned int text_size, struct test_st *test) free(text); } -static int -pskfunc(gnutls_session_t session, const char *username, gnutls_datum_t * key) +static int pskfunc(gnutls_session_t session, const char *username, + gnutls_datum_t *key) { key->data = gnutls_malloc(4); key->data[0] = 0xDE; @@ -338,12 +336,12 @@ static void server(int fd, const char *prio) gnutls_session_t session; gnutls_psk_server_credentials_t server_pskcred; const char *err; -# ifndef USE_RDTSC +#ifndef USE_RDTSC struct timespec start, stop; -# else +#else uint64_t c1, c2; unsigned int i1; -# endif +#endif static unsigned long measurement; setpriority(PRIO_PROCESS, getpid(), -15); @@ -351,10 +349,10 @@ static void server(int fd, const char *prio) gnutls_global_init(); memset(buffer, 0, sizeof(buffer)); -# ifdef DEBUG +#ifdef DEBUG gnutls_global_set_log_function(server_log_func); gnutls_global_set_log_level(6); -# endif +#endif assert(gnutls_psk_allocate_server_credentials(&server_pskcred) >= 0); gnutls_psk_set_server_credentials_function(server_pskcred, pskfunc); assert(gnutls_init(&session, GNUTLS_SERVER) >= 0); @@ -373,58 +371,55 @@ static void server(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { -# ifdef GNUTLS_E_PREMATURE_TERMINATION - if (ret != GNUTLS_E_PREMATURE_TERMINATION - && ret != GNUTLS_E_UNEXPECTED_PACKET_LENGTH) -# else +#ifdef GNUTLS_E_PREMATURE_TERMINATION + if (ret != GNUTLS_E_PREMATURE_TERMINATION && + ret != GNUTLS_E_UNEXPECTED_PACKET_LENGTH) +#else if (ret != GNUTLS_E_UNEXPECTED_PACKET_LENGTH) -# endif +#endif { - fprintf(stderr, - "server: Handshake has failed (%s)\n\n", + fprintf(stderr, "server: Handshake has failed (%s)\n\n", gnutls_strerror(ret)); exit(1); } goto finish; } -# ifdef TEST_ETM +#ifdef TEST_ETM assert(gnutls_session_etm_status(session) != 0); -# else +#else assert(gnutls_session_etm_status(session) == 0); -# endif +#endif - restart: +restart: do { ret = recv(fd, buffer, 1, MSG_PEEK); } while (ret == -1 && errno == EAGAIN); -# ifdef USE_RDTSC +#ifdef USE_RDTSC c1 = __rdtscp(&i1); -# else +#else clock_gettime(CLOCK_TO_USE, &start); -# endif +#endif do { ret = gnutls_record_recv(session, buffer, sizeof(buffer)); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); -# ifdef USE_RDTSC +#ifdef USE_RDTSC c2 = __rdtscp(&i1); measurement = c2 - c1; -# else +#else clock_gettime(CLOCK_TO_USE, &stop); measurement = timespec_sub_ns(&stop, &start); -# endif +#endif if (ret == GNUTLS_E_DECRYPTION_FAILED) { gnutls_session_force_valid(session); do { - ret = - gnutls_record_send(session, &measurement, - sizeof(measurement)); + ret = gnutls_record_send(session, &measurement, + sizeof(measurement)); /* GNUTLS_AL_FATAL, GNUTLS_A_BAD_RECORD_MAC); */ } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); @@ -441,7 +436,7 @@ static void server(int fd, const char *prio) */ gnutls_bye(session, GNUTLS_SHUT_WR); - finish: +finish: close(fd); gnutls_deinit(session); @@ -516,7 +511,7 @@ static void ch_handler(int sig) return; } -# define NPOINTS 256 +#define NPOINTS 256 static struct point_st all_points[NPOINTS]; static struct point_st all_points_one[NPOINTS]; @@ -524,87 +519,73 @@ static struct point_st all_points_one[NPOINTS]; * when manipulating the last record byte (pad) * for AES-SHA1. */ -static struct test_st test_sha1 = { - .points = all_points, - .npoints = NPOINTS, - .text_size = 18 * 16, - .name = "sha1", - .file = "out-sha1.txt", - .fill = 0x00, - .desc = NULL -}; +static struct test_st test_sha1 = { .points = all_points, + .npoints = NPOINTS, + .text_size = 18 * 16, + .name = "sha1", + .file = "out-sha1.txt", + .fill = 0x00, + .desc = NULL }; /* Test that outputs a graph of the timings * when manipulating the last record byte (pad) * for AES-SHA256. */ -static struct test_st test_sha256 = { - .points = all_points, - .npoints = NPOINTS, - .text_size = 17 * 16, - .name = "sha256", - .file = "out-sha256.txt", - .fill = 0x00, - .desc = NULL -}; - -static struct test_st test_sha256_new = { - .points = all_points, - .npoints = NPOINTS, - .text_size = 1024 * 16, - .name = "sha256-new", - .file = "out-sha256-new.txt", - .fill = 0xff, - .desc = NULL -}; - -static struct test_st test_sha384 = { - .points = all_points, - .npoints = NPOINTS, - .text_size = 33 * 16, - .name = "sha384", - .file = "out-sha384.txt", - .fill = 0x00, - .desc = NULL -}; +static struct test_st test_sha256 = { .points = all_points, + .npoints = NPOINTS, + .text_size = 17 * 16, + .name = "sha256", + .file = "out-sha256.txt", + .fill = 0x00, + .desc = NULL }; + +static struct test_st test_sha256_new = { .points = all_points, + .npoints = NPOINTS, + .text_size = 1024 * 16, + .name = "sha256-new", + .file = "out-sha256-new.txt", + .fill = 0xff, + .desc = NULL }; + +static struct test_st test_sha384 = { .points = all_points, + .npoints = NPOINTS, + .text_size = 33 * 16, + .name = "sha384", + .file = "out-sha384.txt", + .fill = 0x00, + .desc = NULL }; /* Test that outputs a graph of the timings * when manipulating the last record byte (pad) * for AES-SHA1, on a short message. */ -static struct test_st test_sha1_short = { - .points = all_points, - .npoints = NPOINTS, - .text_size = 16 * 2, - .name = "sha1-short", - .file = "out-sha1-short.txt", - .fill = 0x00, - .desc = NULL -}; +static struct test_st test_sha1_short = { .points = all_points, + .npoints = NPOINTS, + .text_size = 16 * 2, + .name = "sha1-short", + .file = "out-sha1-short.txt", + .fill = 0x00, + .desc = NULL }; /* Test that outputs a graph of the timings * when manipulating the last record byte (pad) * for AES-SHA256. */ -static struct test_st test_sha256_short = { - .points = all_points, - .npoints = NPOINTS, - .text_size = 16 * 2, - .name = "sha256-short", - .file = "out-sha256-short.txt", - .fill = 0x00, - .desc = NULL -}; - -static struct test_st test_sha384_short = { - .points = all_points, - .npoints = NPOINTS, - .text_size = 16 * 2, - .name = "sha384-short", - .file = "out-sha384-short.txt", - .fill = 0x00, - .desc = NULL -}; +static struct test_st test_sha256_short = { .points = all_points, + .npoints = NPOINTS, + .text_size = 16 * 2, + .name = "sha256-short", + .file = "out-sha256-short.txt", + .fill = 0x00, + .desc = NULL }; + +static struct test_st test_sha384_short = { .points = all_points, + .npoints = NPOINTS, + .text_size = 16 * 2, + .name = "sha384-short", + .file = "out-sha384-short.txt", + .fill = 0x00, + .desc = NULL }; /* Test that outputs a graph of the timings * when manipulating the last record byte (pad) @@ -613,15 +594,13 @@ static struct test_st test_sha384_short = { * (i.e. we want to see whether the padding * [1,1] shows up in the measurements) */ -static struct test_st test_sha1_one = { - .points = all_points_one, - .npoints = NPOINTS, - .text_size = 16 * 2, - .name = "sha1-one", - .file = "out-sha1-one.txt", - .fill = 0x00, - .desc = NULL -}; +static struct test_st test_sha1_one = { .points = all_points_one, + .npoints = NPOINTS, + .text_size = 16 * 2, + .name = "sha1-one", + .file = "out-sha1-one.txt", + .fill = 0x00, + .desc = NULL }; int main(int argc, char **argv) { @@ -676,9 +655,8 @@ int main(int argc, char **argv) for (i = 0; i < 256; i++) { all_points[i].byte1 = i; all_points[i].byte2 = 0; - all_points[i].smeasurements = - malloc(MAX_PER_POINT * - sizeof(all_points[i].smeasurements[0])); + all_points[i].smeasurements = malloc( + MAX_PER_POINT * sizeof(all_points[i].smeasurements[0])); } memset(&all_points_one, 0, sizeof(all_points_one)); @@ -689,13 +667,14 @@ int main(int argc, char **argv) } remove(test->file); - snprintf(prio, sizeof(prio), -# ifdef TEST_ETM - "NONE:+COMP-NULL:+AES-128-CBC:+AES-256-CBC:+%s:+PSK:+VERS-TLS1.2:+VERS-TLS1.1:+SIGN-ALL:+CURVE-ALL", -# else - "NONE:+COMP-NULL:+AES-128-CBC:+AES-256-CBC:+%s:+PSK:%%NO_ETM:+VERS-TLS1.2:+VERS-TLS1.1:+SIGN-ALL:+CURVE-ALL", -# endif - hash); + snprintf( + prio, sizeof(prio), +#ifdef TEST_ETM + "NONE:+COMP-NULL:+AES-128-CBC:+AES-256-CBC:+%s:+PSK:+VERS-TLS1.2:+VERS-TLS1.1:+SIGN-ALL:+CURVE-ALL", +#else + "NONE:+COMP-NULL:+AES-128-CBC:+AES-256-CBC:+%s:+PSK:%%NO_ETM:+VERS-TLS1.2:+VERS-TLS1.1:+SIGN-ALL:+CURVE-ALL", +#endif + hash); printf("\nAES-%s (calculating different padding timings)\n", hash); start(prio, test->text_size, test); @@ -705,4 +684,4 @@ int main(int argc, char **argv) return 0; } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/suite/prime-check.c b/tests/suite/prime-check.c index 3482a4beb8..a298a89179 100644 --- a/tests/suite/prime-check.c +++ b/tests/suite/prime-check.c @@ -25,7 +25,7 @@ /* Tests whether the included parameters are indeed prime */ -static void test_prime(const gnutls_datum_t * prime, const gnutls_datum_t * _q) +static void test_prime(const gnutls_datum_t *prime, const gnutls_datum_t *_q) { mpz_t p; unsigned bits = prime->size * 8; diff --git a/tests/suite/rng.c b/tests/suite/rng.c index 6dcd4ca777..630c5646ea 100644 --- a/tests/suite/rng.c +++ b/tests/suite/rng.c @@ -19,7 +19,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include diff --git a/tests/system-override-curves-allowlist.c b/tests/system-override-curves-allowlist.c index 0ecf184533..551ba342b1 100644 --- a/tests/system-override-curves-allowlist.c +++ b/tests/system-override-curves-allowlist.c @@ -45,9 +45,12 @@ #include "utils.h" -#define _assert(cond, format, ...) if (!(cond)) \ +#define _assert(cond, format, ...) \ + if (!(cond)) \ _fail("Assertion `" #cond "` failed: " format "\n", ##__VA_ARGS__) -#define _check(cond) if (!(cond)) _fail("Assertion `" #cond "` failed.\n") +#define _check(cond) \ + if (!(cond)) \ + _fail("Assertion `" #cond "` failed.\n") gnutls_ecc_curve_t unlocked_ecc_curve_get_id(const char *curve); gnutls_pk_algorithm_t curve_name_to_pk(const char *curve); diff --git a/tests/system-override-hash.c b/tests/system-override-hash.c index 15af1e8880..6aa4936f4b 100644 --- a/tests/system-override-hash.c +++ b/tests/system-override-hash.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include diff --git a/tests/system-override-sig-tls.c b/tests/system-override-sig-tls.c index 8851c5d323..d0dbd29b1b 100644 --- a/tests/system-override-sig-tls.c +++ b/tests/system-override-sig-tls.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,20 +33,26 @@ #include #include "utils.h" -#define SKIP16(pos, total) { \ - uint16_t _s; \ - if (pos+2 > total) fail("error\n"); \ - _s = (msg->data[pos] << 8) | msg->data[pos+1]; \ - if ((size_t)(pos+2+_s) > total) fail("error\n"); \ - pos += 2+_s; \ +#define SKIP16(pos, total) \ + { \ + uint16_t _s; \ + if (pos + 2 > total) \ + fail("error\n"); \ + _s = (msg->data[pos] << 8) | msg->data[pos + 1]; \ + if ((size_t)(pos + 2 + _s) > total) \ + fail("error\n"); \ + pos += 2 + _s; \ } -#define SKIP8(pos, total) { \ - uint8_t _s; \ - if (pos+1 > total) fail("error\n"); \ - _s = msg->data[pos]; \ - if ((size_t)(pos+1+_s) > total) fail("error\n"); \ - pos += 1+_s; \ +#define SKIP8(pos, total) \ + { \ + uint8_t _s; \ + if (pos + 1 > total) \ + fail("error\n"); \ + _s = msg->data[pos]; \ + if ((size_t)(pos + 1 + _s) > total) \ + fail("error\n"); \ + pos += 1 + _s; \ } #define HANDSHAKE_SESSION_ID_POS 34 @@ -65,16 +71,16 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -#define PRIO "NORMAL:-VERS-ALL:+VERS-TLS1.3:-SIGN-ALL:" \ +#define PRIO \ + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-SIGN-ALL:" \ "+SIGN-RSA-PSS-RSAE-SHA256:+SIGN-RSA-PSS-RSAE-SHA384" /* rsa_pss_rsae_sha384 */ #define SIGALGS_EXP "\x00\x02\x08\x05" -static int -ext_callback(void *ctx, unsigned tls_id, - const unsigned char *data, unsigned size) +static int ext_callback(void *ctx, unsigned tls_id, const unsigned char *data, + unsigned size) { - if (tls_id == 13) { /* signature algorithms */ + if (tls_id == 13) { /* signature algorithms */ if (size != sizeof(SIGALGS_EXP) - 1) { fail("invalid signature_algorithms length: %u != 4\n", size); @@ -86,10 +92,9 @@ ext_callback(void *ctx, unsigned tls_id, return 0; } -static int -handshake_callback(gnutls_session_t session, unsigned int htype, - unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) +static int handshake_callback(gnutls_session_t session, unsigned int htype, + unsigned post, unsigned int incoming, + const gnutls_datum_t *msg) { assert(post); @@ -133,9 +138,8 @@ void doit(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server2_cert, &server2_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server2_cert, + &server2_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); @@ -153,9 +157,8 @@ void doit(void) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca2_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca2_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -178,8 +181,7 @@ void doit(void) client_pull_timeout_func); gnutls_transport_set_ptr(client, client); - gnutls_handshake_set_hook_function(client, - GNUTLS_HANDSHAKE_ANY, + gnutls_handshake_set_hook_function(client, GNUTLS_HANDSHAKE_ANY, GNUTLS_HOOK_POST, handshake_callback); diff --git a/tests/system-override-sig.c b/tests/system-override-sig.c index e0c933e3a8..4b797c29d4 100644 --- a/tests/system-override-sig.c +++ b/tests/system-override-sig.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -43,15 +43,13 @@ void doit(void) /* check whether the values set by the calling script are the expected */ assert(gnutls_sign_is_secure(GNUTLS_SIGN_RSA_SHA256) != 0); - assert(gnutls_sign_is_secure2 - (GNUTLS_SIGN_RSA_SHA256, - GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0); + assert(gnutls_sign_is_secure2(GNUTLS_SIGN_RSA_SHA256, + GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0); assert(gnutls_sign_is_secure(GNUTLS_SIGN_RSA_SHA1) == 0); - assert(gnutls_sign_is_secure2 - (GNUTLS_SIGN_RSA_SHA1, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0); + assert(gnutls_sign_is_secure2(GNUTLS_SIGN_RSA_SHA1, + GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0); assert(gnutls_sign_is_secure(GNUTLS_SIGN_RSA_SHA512) == 0); - assert(gnutls_sign_is_secure2 - (GNUTLS_SIGN_RSA_SHA512, - GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0); + assert(gnutls_sign_is_secure2(GNUTLS_SIGN_RSA_SHA512, + GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0); assert(gnutls_sign_is_secure(GNUTLS_SIGN_RSA_MD5) == 0); } diff --git a/tests/system-prio-file.c b/tests/system-prio-file.c index 1aec0493d4..164c3fbf25 100644 --- a/tests/system-prio-file.c +++ b/tests/system-prio-file.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -58,7 +58,7 @@ static void try_prio(const char *prio, const char *expected_str) exit(1); } - ok: +ok: gnutls_free(p); gnutls_global_deinit(); } @@ -70,8 +70,9 @@ void doit(void) try_prio("@HELLO1", "NORMAL"); try_prio("@HELLO1:+AES-256-CBC:+AEAD", "NORMAL:+AES-256-CBC:+AEAD"); try_prio("@HELLO2", "NORMAL:+AES-128-CBC"); - try_prio("@HELLO3", - "NONE:+VERS-TLS-ALL:-VERS-SSL3.0:+AEAD:+SHA1:+SHA256:+SHA384:+ECDHE-RSA:+ECDHE-ECDSA:+RSA:+DHE-RSA:+DHE-DSS:+AES-256-GCM:+AES-256-CBC:+CAMELLIA-256-GCM:+CAMELLIA-256-CBC:+AES-128-GCM:+AES-128-CBC:+CAMELLIA-128-GCM:+CAMELLIA-128-CBC:+3DES-CBC:+SIGN-ALL:-SIGN-RSA-MD5:+CURVE-ALL:+COMP-NULL:%PROFILE_LOW"); + try_prio( + "@HELLO3", + "NONE:+VERS-TLS-ALL:-VERS-SSL3.0:+AEAD:+SHA1:+SHA256:+SHA384:+ECDHE-RSA:+ECDHE-ECDSA:+RSA:+DHE-RSA:+DHE-DSS:+AES-256-GCM:+AES-256-CBC:+CAMELLIA-256-GCM:+CAMELLIA-256-CBC:+AES-128-GCM:+AES-128-CBC:+CAMELLIA-128-GCM:+CAMELLIA-128-CBC:+3DES-CBC:+SIGN-ALL:-SIGN-RSA-MD5:+CURVE-ALL:+COMP-NULL:%PROFILE_LOW"); try_prio("@HELLO1,HELLO2", "NORMAL"); try_prio("@HELLO1,HELLO2:+AES-128-CBC", "NORMAL:+AES-128-CBC"); try_prio("@HELLO1,HELLO1", "NORMAL"); diff --git a/tests/test-chains-issuer-aia.h b/tests/test-chains-issuer-aia.h index 3bd8415a3d..59069567a3 100644 --- a/tests/test-chains-issuer-aia.h +++ b/tests/test-chains-issuer-aia.h @@ -21,7 +21,7 @@ */ #ifndef GNUTLS_TESTS_TEST_CHAINS_ISSUER_AIA_H -# define GNUTLS_TESTS_TEST_CHAINS_ISSUER_AIA_H +#define GNUTLS_TESTS_TEST_CHAINS_ISSUER_AIA_H #define MAX_CHAIN 1 @@ -127,7 +127,7 @@ static const char *missing_cert_aia_ca[] = { }; #if defined __clang__ || __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 5) -# pragma GCC diagnostic pop +#pragma GCC diagnostic pop #endif -#endif /* GNUTLS_TESTS_TEST_CHAINS_ISSUER_AIA_H */ +#endif /* GNUTLS_TESTS_TEST_CHAINS_ISSUER_AIA_H */ diff --git a/tests/test-chains-issuer.h b/tests/test-chains-issuer.h index c612e7132e..00a29a22ba 100644 --- a/tests/test-chains-issuer.h +++ b/tests/test-chains-issuer.h @@ -22,11 +22,12 @@ */ #ifndef GNUTLS_TESTS_TEST_CHAINS_ISSUER_H -# define GNUTLS_TESTS_TEST_CHAINS_ISSUER_H +#define GNUTLS_TESTS_TEST_CHAINS_ISSUER_H -# define MAX_CHAIN 15 +#define MAX_CHAIN 15 -# define SERVER_CERT "-----BEGIN CERTIFICATE-----\n" \ +#define SERVER_CERT \ + "-----BEGIN CERTIFICATE-----\n" \ "MIIDATCCAbmgAwIBAgIUQdvdegP8JFszFHLfV4+lrEdafzAwPQYJKoZIhvcNAQEK\n" \ "MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC\n" \ "AUAwDzENMAsGA1UEAxMEQ0EtNTAgFw0yMDA0MjAxMTI2NDFaGA85OTk5MTIzMTIz\n" \ @@ -43,10 +44,11 @@ "5woB5KENnYfoAWaYmXa1EPRh2xb2XDI0uCHg1bPljg61/T2cJZ4VfkOvsKgFAI4p\n" \ "lAKQCZSKbEY1oWDdDhVcSipYu2E88RXczvcnEQV3C3p6CGcf8xclZdZIwMAyXYAK\n" \ "oNccbSIfDlN4iD+2bztCRWHD6hWL1NJsFqmv3Ts8eYU8z8J8NdhtCXr76lFkFmDx\n" \ - "+lfZEv4=\n" \ + "+lfZEv4=\n" \ "-----END CERTIFICATE-----\n" -# define CA_CERT_5 "-----BEGIN CERTIFICATE-----\n" \ +#define CA_CERT_5 \ + "-----BEGIN CERTIFICATE-----\n" \ "MIIDojCCAlqgAwIBAgIUHRb3xJ2ZGqqgdC/pBq/sDtAwvtowPQYJKoZIhvcNAQEK\n" \ "MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC\n" \ "AUAwDzENMAsGA1UEAxMEQ0EtNDAgFw0yMDA0MjAxMTI2NDFaGA85OTk5MTIzMTIz\n" \ @@ -66,10 +68,11 @@ "XveeQysCKsDEfdrfn1mACQj8eC4lL9KJcHptHdTSLfa58MV2Qe5smCIByXxendO5\n" \ "UQHZy5UrzWAdtO7y75vXeXynsXAqcE4TTNjdFiCnn6Q5/pVyW14kepfjaOzQFP7H\n" \ "QlnHtgQDRAlQuB1aGseb6jn2Joy33itpBthvtgBosZIqsMyPoX5YzjqZUSjfPZOP\n" \ - "/aOd/5HR4ZPDWfHdIWbXogYX0ndhNg==\n" \ + "/aOd/5HR4ZPDWfHdIWbXogYX0ndhNg==\n" \ "-----END CERTIFICATE-----\n" -# define CA_CERT_4 "-----BEGIN CERTIFICATE-----\n" \ +#define CA_CERT_4 \ + "-----BEGIN CERTIFICATE-----\n" \ "MIIDojCCAlqgAwIBAgIUGybZZ1e/iFUKafPdh8xUbh7YVnwwPQYJKoZIhvcNAQEK\n" \ "MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC\n" \ "AUAwDzENMAsGA1UEAxMEQ0EtMzAgFw0yMDA0MjAxMTI2NDFaGA85OTk5MTIzMTIz\n" \ @@ -89,10 +92,11 @@ "wQ7s/JNNk/SZt4bKjX9GrTscZmOVtrwpZ6uQBHITScsr4V431G6wojZ09iEG0yFQ\n" \ "ZD8ECn2ZOPVQXIswa75NelcGKup838HoDIjQ3vIvrx8rqf5HRg4t9mXzjECzXHVy\n" \ "8wDamoE3fLAZZX2RxOWnHfjI8qB83qYyR5kN002EFJ/e060SPia1rTHyLqLngRtq\n" \ - "xgR9bRjZf++h/dg6L87b26J5KdDafw==\n" \ + "xgR9bRjZf++h/dg6L87b26J5KdDafw==\n" \ "-----END CERTIFICATE-----\n" -# define CA_CERT_3 "-----BEGIN CERTIFICATE-----\n" \ +#define CA_CERT_3 \ + "-----BEGIN CERTIFICATE-----\n" \ "MIIDojCCAlqgAwIBAgIUHRkWa8ZOaRrqjxigoEhxJHMLM2UwPQYJKoZIhvcNAQEK\n" \ "MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC\n" \ "AUAwDzENMAsGA1UEAxMEQ0EtMjAgFw0yMDA0MjAxMTI2NDFaGA85OTk5MTIzMTIz\n" \ @@ -112,10 +116,11 @@ "jTu7jvLbRSHkBQFimWorPfgf15nlXSCBtejEwvDLXlptLbKEa3q7VFXDzCyeiKGb\n" \ "IHRozrAP5qiyIjYFJevXrZ/7bWDwMcJrB0uSQN9TD2mJjNXTCHu3GYnEmnu7KRpb\n" \ "M3OdswIyjIFYvwlYGe2+GbigSaMZY9KCHR7vkJ1JGdxfh+CADcbL4fwj3kOpyEoe\n" \ - "TTqtWQ93AfQnd2Vm3/SAr/+jSuMbSA==\n" \ + "TTqtWQ93AfQnd2Vm3/SAr/+jSuMbSA==\n" \ "-----END CERTIFICATE-----\n" -# define CA_CERT_2 "-----BEGIN CERTIFICATE-----\n" \ +#define CA_CERT_2 \ + "-----BEGIN CERTIFICATE-----\n" \ "MIIDojCCAlqgAwIBAgIUVd3TT33d1fy/8INiIKhudYmRE5swPQYJKoZIhvcNAQEK\n" \ "MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC\n" \ "AUAwDzENMAsGA1UEAxMEQ0EtMTAgFw0yMDA0MjAxMTI2NDFaGA85OTk5MTIzMTIz\n" \ @@ -135,10 +140,11 @@ "FTYE+42MFBr6f5SNp9Q+ZUcjSK5DO7yNiyKDFfNffFGxHmnmGj2LhgyrvYA/aNyB\n" \ "2ichlfihcKkExGBN44ODoK+8/W8oiMt541AvPyJxTJjxWjeJ42EBXO+J5k8wRuCu\n" \ "nXCW5OjnEIExXGKZLlieH4t8kUyHlrTlHO7spiqA/QM7GUtBQfJTLdPFmvHU3Jtw\n" \ - "qGN2PrhXyLoaUfIpNbWO9Jmj2GYaWg==\n" \ + "qGN2PrhXyLoaUfIpNbWO9Jmj2GYaWg==\n" \ "-----END CERTIFICATE-----\n" -# define CA_CERT_1 "-----BEGIN CERTIFICATE-----\n" \ +#define CA_CERT_1 \ + "-----BEGIN CERTIFICATE-----\n" \ "MIICxjCCAiegAwIBAgIUKnsCQlR0jpxEnpzqxbi+Y2rqwpMwCgYIKoZIzj0EAwQw\n" \ "DzENMAsGA1UEAxMEQ0EtMDAgFw0yMDA0MjAxMTI2NDFaGA85OTk5MTIzMTIzNTk1\n" \ "OVowDzENMAsGA1UEAxMEQ0EtMTCCAVIwPQYJKoZIhvcNAQEKMDCgDTALBglghkgB\n" \ @@ -153,10 +159,11 @@ "BgNVHSMEGDAWgBRBWngghShY2X+P7m45LPH1V4p5czAKBggqhkjOPQQDBAOBjAAw\n" \ "gYgCQgHnvF1Dq32xBBEME4UlVsVeOflvGw5Sr/hVhbUZ1KfAQIV2ZuBuvJNMBrj8\n" \ "Pzi/nhRuV8vH5xabyQb9RYVcJ8oilQJCAdduIVVvL6DmUBOJfz1znsxPA5JCBBY2\n" \ - "pAOhFZBrNXE2zZrgttgR6TG4Obst1fQzL3RsmqAYAuWSpKPNz6Hdq+kl\n" \ + "pAOhFZBrNXE2zZrgttgR6TG4Obst1fQzL3RsmqAYAuWSpKPNz6Hdq+kl\n" \ "-----END CERTIFICATE-----\n" -# define CA_CERT_0 "-----BEGIN CERTIFICATE-----\n" \ +#define CA_CERT_0 \ + "-----BEGIN CERTIFICATE-----\n" \ "MIIB7TCCAU6gAwIBAgIUWmldb3tGP48wFh5P/cmVytYv5JcwCgYIKoZIzj0EAwQw\n" \ "DzENMAsGA1UEAxMEQ0EtMDAgFw0yMDA0MjAxMTI2NDFaGA85OTk5MTIzMTIzNTk1\n" \ "OVowDzENMAsGA1UEAxMEQ0EtMDCBmzAQBgcqhkjOPQIBBgUrgQQAIwOBhgAEAarU\n" \ @@ -167,10 +174,11 @@ "8fVXinlzMAoGCCqGSM49BAMEA4GMADCBiAJCAcmtP2IVnOTF2wHhfUn13qsUpqyc\n" \ "3kCI1ueg75NgR7xgpL9JQ1CnPaUbCp+5ROKf5IHn8f1jjZIu45WpiWhnZDkkAkIA\n" \ "pCTZn7t7memhMJUqrHGywx2gR9fgID/REZUZdVe9KcTzWvwSrbffDMCcf10SpM6C\n" \ - "/YXiDLiWNiK+WV8Z557eWKI=\n" \ + "/YXiDLiWNiK+WV8Z557eWKI=\n" \ "-----END CERTIFICATE-----\n" -# define UNRELATED "-----BEGIN CERTIFICATE-----\n" \ +#define UNRELATED \ + "-----BEGIN CERTIFICATE-----\n" \ "MIIEaDCCAqCgAwIBAgIMWXi5rBKSNwkPo4olMD0GCSqGSIb3DQEBCjAwoA0wCwYJ\n" \ "YIZIAWUDBAIDoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCA6IDAgFAMA8xDTAL\n" \ "BgNVBAMTBENBLTAwIBcNMTcwNzI2MTU0NzU2WhgPOTk5OTEyMzEyMzU5NTlaMA8x\n" \ @@ -194,16 +202,11 @@ "3eoeffRfWQXO2y0/K9TUqZM+6n10N32ZkR45I+XSQ13qS73l4QS4djay9z/bAMeb\n" \ "/zgaf6J790LULzDBEvhPZLNn4bBu/t7WVj2NI+frQvAHyQ9ZhBYkow84qF+//zK9\n" \ "d/VzQbBQOJFX9TWdWgUxklrWnXE0gmxzGBdq+cMQyHulVVbgShftCRJ8jn8e0Cl1\n" \ - "dl+Cpj08yyLpT9/ZmL8ytgD3Iobw0wPHppb/jQ==\n" \ + "dl+Cpj08yyLpT9/ZmL8ytgD3Iobw0wPHppb/jQ==\n" \ "-----END CERTIFICATE-----\n" static const char *missing_middle_single[] = { - SERVER_CERT, - CA_CERT_5, - CA_CERT_4, - CA_CERT_2, - CA_CERT_1, - NULL, + SERVER_CERT, CA_CERT_5, CA_CERT_4, CA_CERT_2, CA_CERT_1, NULL, }; static const char *missing_middle_single_insert[] = { @@ -212,11 +215,7 @@ static const char *missing_middle_single_insert[] = { }; static const char *missing_middle_multiple[] = { - SERVER_CERT, - CA_CERT_5, - CA_CERT_4, - CA_CERT_1, - NULL, + SERVER_CERT, CA_CERT_5, CA_CERT_4, CA_CERT_1, NULL, }; static const char *missing_middle_multiple_insert[] = { @@ -225,12 +224,7 @@ static const char *missing_middle_multiple_insert[] = { }; static const char *missing_last_single[] = { - SERVER_CERT, - CA_CERT_5, - CA_CERT_4, - CA_CERT_3, - CA_CERT_2, - NULL, + SERVER_CERT, CA_CERT_5, CA_CERT_4, CA_CERT_3, CA_CERT_2, NULL, }; static const char *missing_last_single_insert[] = { @@ -239,11 +233,7 @@ static const char *missing_last_single_insert[] = { }; static const char *missing_last_multiple[] = { - SERVER_CERT, - CA_CERT_5, - CA_CERT_4, - CA_CERT_3, - NULL, + SERVER_CERT, CA_CERT_5, CA_CERT_4, CA_CERT_3, NULL, }; static const char *missing_last_multiple_insert[] = { @@ -252,11 +242,7 @@ static const char *missing_last_multiple_insert[] = { }; static const char *missing_skip_single[] = { - SERVER_CERT, - CA_CERT_5, - CA_CERT_3, - CA_CERT_1, - NULL, + SERVER_CERT, CA_CERT_5, CA_CERT_3, CA_CERT_1, NULL, }; static const char *missing_skip_single_insert[] = { @@ -279,45 +265,23 @@ static const char *missing_skip_multiple_insert[] = { }; static const char *missing_middle_single_unsorted[] = { - SERVER_CERT, - CA_CERT_1, - CA_CERT_2, - CA_CERT_4, - CA_CERT_5, - NULL, + SERVER_CERT, CA_CERT_1, CA_CERT_2, CA_CERT_4, CA_CERT_5, NULL, }; static const char *missing_middle_multiple_unsorted[] = { - SERVER_CERT, - CA_CERT_1, - CA_CERT_4, - CA_CERT_5, - NULL, + SERVER_CERT, CA_CERT_1, CA_CERT_4, CA_CERT_5, NULL, }; static const char *missing_last_single_unsorted[] = { - SERVER_CERT, - CA_CERT_2, - CA_CERT_3, - CA_CERT_4, - CA_CERT_5, - NULL, + SERVER_CERT, CA_CERT_2, CA_CERT_3, CA_CERT_4, CA_CERT_5, NULL, }; static const char *missing_last_multiple_unsorted[] = { - SERVER_CERT, - CA_CERT_3, - CA_CERT_4, - CA_CERT_5, - NULL, + SERVER_CERT, CA_CERT_3, CA_CERT_4, CA_CERT_5, NULL, }; static const char *missing_skip_single_unsorted[] = { - SERVER_CERT, - CA_CERT_1, - CA_CERT_3, - CA_CERT_5, - NULL, + SERVER_CERT, CA_CERT_1, CA_CERT_3, CA_CERT_5, NULL, }; static const char *missing_skip_multiple_unsorted[] = { @@ -339,77 +303,33 @@ static const char *missing_middle_unrelated_extra_insert[] = { }; static const char *missing_middle_single_duplicate[] = { - SERVER_CERT, - SERVER_CERT, - CA_CERT_5, - CA_CERT_5, - CA_CERT_4, - CA_CERT_4, - CA_CERT_2, - CA_CERT_2, - CA_CERT_1, - CA_CERT_1, - NULL, + SERVER_CERT, SERVER_CERT, CA_CERT_5, CA_CERT_5, CA_CERT_4, CA_CERT_4, + CA_CERT_2, CA_CERT_2, CA_CERT_1, CA_CERT_1, NULL, }; static const char *missing_middle_multiple_duplicate[] = { - SERVER_CERT, - SERVER_CERT, - CA_CERT_5, - CA_CERT_5, - CA_CERT_4, - CA_CERT_4, - CA_CERT_1, - CA_CERT_1, - NULL, + SERVER_CERT, SERVER_CERT, CA_CERT_5, CA_CERT_5, CA_CERT_4, + CA_CERT_4, CA_CERT_1, CA_CERT_1, NULL, }; static const char *missing_last_single_duplicate[] = { - SERVER_CERT, - SERVER_CERT, - CA_CERT_5, - CA_CERT_5, - CA_CERT_4, - CA_CERT_4, - CA_CERT_3, - CA_CERT_3, - CA_CERT_2, - CA_CERT_2, - NULL, + SERVER_CERT, SERVER_CERT, CA_CERT_5, CA_CERT_5, CA_CERT_4, CA_CERT_4, + CA_CERT_3, CA_CERT_3, CA_CERT_2, CA_CERT_2, NULL, }; static const char *missing_last_multiple_duplicate[] = { - SERVER_CERT, - SERVER_CERT, - CA_CERT_5, - CA_CERT_5, - CA_CERT_4, - CA_CERT_4, - CA_CERT_3, - CA_CERT_3, - NULL, + SERVER_CERT, SERVER_CERT, CA_CERT_5, CA_CERT_5, CA_CERT_4, + CA_CERT_4, CA_CERT_3, CA_CERT_3, NULL, }; static const char *missing_skip_single_duplicate[] = { - SERVER_CERT, - SERVER_CERT, - CA_CERT_5, - CA_CERT_5, - CA_CERT_3, - CA_CERT_3, - CA_CERT_1, - CA_CERT_1, - NULL, + SERVER_CERT, SERVER_CERT, CA_CERT_5, CA_CERT_5, CA_CERT_3, + CA_CERT_3, CA_CERT_1, CA_CERT_1, NULL, }; static const char *missing_skip_multiple_duplicate[] = { - SERVER_CERT, - SERVER_CERT, - CA_CERT_5, - CA_CERT_5, - CA_CERT_3, - CA_CERT_3, - NULL, + SERVER_CERT, SERVER_CERT, CA_CERT_5, CA_CERT_5, + CA_CERT_3, CA_CERT_3, NULL, }; static const char *missing_ca[] = { @@ -418,15 +338,8 @@ static const char *missing_ca[] = { }; static const char *middle_single_duplicate_ca[] = { - SERVER_CERT, - CA_CERT_5, - CA_CERT_0, - CA_CERT_4, - CA_CERT_0, - CA_CERT_2, - CA_CERT_0, - CA_CERT_1, - NULL, + SERVER_CERT, CA_CERT_5, CA_CERT_0, CA_CERT_4, CA_CERT_0, + CA_CERT_2, CA_CERT_0, CA_CERT_1, NULL, }; static const char *missing_middle_single_duplicate_ca_unrelated_insert[] = { @@ -442,95 +355,95 @@ static struct chains { unsigned int verify_flags; unsigned int expected_verify_result; } chains[] = { - {"middle single - no sort", missing_middle_single, - missing_middle_single_insert, missing_ca, - GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, 0}, - {"middle multiple - no sort", missing_middle_multiple, - missing_middle_multiple_insert, missing_ca, - GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, 0}, - {"last single - no sort", missing_last_single, - missing_last_single_insert, missing_ca, - GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, 0}, - {"last multiple - no sort", missing_last_multiple, - missing_last_multiple_insert, missing_ca, - GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, 0}, - {"skip single - no sort", missing_skip_single, - missing_skip_single_insert, missing_ca, - GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, 0}, - {"skip multiple - no sort", missing_skip_multiple, - missing_skip_multiple_insert, missing_ca, - GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, 0}, - {"middle single unsorted - no sort", missing_middle_single_unsorted, - missing_middle_single_insert, missing_ca, - GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, - GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND}, - {"middle multiple unsorted - no sort", missing_middle_multiple_unsorted, - missing_middle_multiple_insert, missing_ca, - GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, - GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND}, - {"last single unsorted - no sort", missing_last_single_unsorted, - missing_last_single_insert, missing_ca, - GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, - GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND}, - {"last multiple unsorted - no sort", missing_last_multiple_unsorted, - missing_last_multiple_insert, missing_ca, - GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, - GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND}, - {"skip single unsorted - no sort", missing_skip_single_unsorted, - missing_skip_single_insert, missing_ca, - GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, - GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND}, - {"skip multiple unsorted - no sort", missing_skip_multiple_unsorted, - missing_skip_multiple_insert, missing_ca, - GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, - GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND}, - {"middle single", missing_middle_single, missing_middle_single_insert, - missing_ca, 0, 0}, - {"middle multiple", missing_middle_multiple, - missing_middle_multiple_insert, missing_ca, 0, 0}, - {"last single", missing_last_single, missing_last_single_insert, - missing_ca, 0, 0}, - {"last multiple", missing_last_multiple, missing_last_multiple_insert, - missing_ca, 0, 0}, - {"skip single", missing_skip_single, missing_skip_single_insert, - missing_ca, 0, 0}, - {"skip multiple", missing_skip_multiple, missing_skip_multiple_insert, - missing_ca, 0, 0}, - {"middle single unsorted", missing_middle_single_unsorted, - missing_middle_single_insert, missing_ca, 0, 0}, - {"middle multiple unsorted", missing_middle_multiple_unsorted, - missing_middle_multiple_insert, missing_ca, 0, 0}, - {"last single unsorted", missing_last_single_unsorted, - missing_last_single_insert, missing_ca, 0, 0}, - {"last multiple unsorted", missing_last_multiple_unsorted, - missing_last_multiple_insert, missing_ca, 0, 0}, - {"skip single unsorted", missing_skip_single_unsorted, - missing_skip_single_insert, missing_ca, 0, 0}, - {"skip multiple unsorted", missing_skip_multiple_unsorted, - missing_skip_multiple_insert, missing_ca, 0, 0}, - {"unrelated", missing_middle_single, missing_middle_unrelated_insert, - missing_ca, 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND}, - {"unrelated extra", missing_middle_single, - missing_middle_unrelated_extra_insert, missing_ca, 0, 0}, - {"middle single duplicate", missing_middle_single_duplicate, - missing_middle_single_insert, missing_ca, 0, 0}, - {"middle multiple duplicate", missing_middle_multiple_duplicate, - missing_middle_multiple_insert, missing_ca, 0, 0}, - {"last single duplicate", missing_last_single_duplicate, - missing_last_single_insert, missing_ca, 0, 0}, - {"last multiple duplicate", missing_last_multiple_duplicate, - missing_last_multiple_insert, missing_ca, 0, 0}, - {"skip single duplicate", missing_skip_single_duplicate, - missing_skip_single_insert, missing_ca, 0, 0}, - {"skip multiple duplicate", missing_skip_multiple_duplicate, - missing_skip_multiple_insert, missing_ca, 0, 0}, - {"middle single duplicate ca", middle_single_duplicate_ca, - missing_middle_single_insert, missing_ca, 0, 0}, - {"middle single duplicate ca - insert unrelated", - middle_single_duplicate_ca, - missing_middle_single_duplicate_ca_unrelated_insert, missing_ca, 0, - GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND}, - {NULL, NULL, NULL, NULL}, + { "middle single - no sort", missing_middle_single, + missing_middle_single_insert, missing_ca, + GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, 0 }, + { "middle multiple - no sort", missing_middle_multiple, + missing_middle_multiple_insert, missing_ca, + GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, 0 }, + { "last single - no sort", missing_last_single, + missing_last_single_insert, missing_ca, + GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, 0 }, + { "last multiple - no sort", missing_last_multiple, + missing_last_multiple_insert, missing_ca, + GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, 0 }, + { "skip single - no sort", missing_skip_single, + missing_skip_single_insert, missing_ca, + GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, 0 }, + { "skip multiple - no sort", missing_skip_multiple, + missing_skip_multiple_insert, missing_ca, + GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, 0 }, + { "middle single unsorted - no sort", missing_middle_single_unsorted, + missing_middle_single_insert, missing_ca, + GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND }, + { "middle multiple unsorted - no sort", + missing_middle_multiple_unsorted, missing_middle_multiple_insert, + missing_ca, GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND }, + { "last single unsorted - no sort", missing_last_single_unsorted, + missing_last_single_insert, missing_ca, + GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND }, + { "last multiple unsorted - no sort", missing_last_multiple_unsorted, + missing_last_multiple_insert, missing_ca, + GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND }, + { "skip single unsorted - no sort", missing_skip_single_unsorted, + missing_skip_single_insert, missing_ca, + GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND }, + { "skip multiple unsorted - no sort", missing_skip_multiple_unsorted, + missing_skip_multiple_insert, missing_ca, + GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND }, + { "middle single", missing_middle_single, missing_middle_single_insert, + missing_ca, 0, 0 }, + { "middle multiple", missing_middle_multiple, + missing_middle_multiple_insert, missing_ca, 0, 0 }, + { "last single", missing_last_single, missing_last_single_insert, + missing_ca, 0, 0 }, + { "last multiple", missing_last_multiple, missing_last_multiple_insert, + missing_ca, 0, 0 }, + { "skip single", missing_skip_single, missing_skip_single_insert, + missing_ca, 0, 0 }, + { "skip multiple", missing_skip_multiple, missing_skip_multiple_insert, + missing_ca, 0, 0 }, + { "middle single unsorted", missing_middle_single_unsorted, + missing_middle_single_insert, missing_ca, 0, 0 }, + { "middle multiple unsorted", missing_middle_multiple_unsorted, + missing_middle_multiple_insert, missing_ca, 0, 0 }, + { "last single unsorted", missing_last_single_unsorted, + missing_last_single_insert, missing_ca, 0, 0 }, + { "last multiple unsorted", missing_last_multiple_unsorted, + missing_last_multiple_insert, missing_ca, 0, 0 }, + { "skip single unsorted", missing_skip_single_unsorted, + missing_skip_single_insert, missing_ca, 0, 0 }, + { "skip multiple unsorted", missing_skip_multiple_unsorted, + missing_skip_multiple_insert, missing_ca, 0, 0 }, + { "unrelated", missing_middle_single, missing_middle_unrelated_insert, + missing_ca, 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND }, + { "unrelated extra", missing_middle_single, + missing_middle_unrelated_extra_insert, missing_ca, 0, 0 }, + { "middle single duplicate", missing_middle_single_duplicate, + missing_middle_single_insert, missing_ca, 0, 0 }, + { "middle multiple duplicate", missing_middle_multiple_duplicate, + missing_middle_multiple_insert, missing_ca, 0, 0 }, + { "last single duplicate", missing_last_single_duplicate, + missing_last_single_insert, missing_ca, 0, 0 }, + { "last multiple duplicate", missing_last_multiple_duplicate, + missing_last_multiple_insert, missing_ca, 0, 0 }, + { "skip single duplicate", missing_skip_single_duplicate, + missing_skip_single_insert, missing_ca, 0, 0 }, + { "skip multiple duplicate", missing_skip_multiple_duplicate, + missing_skip_multiple_insert, missing_ca, 0, 0 }, + { "middle single duplicate ca", middle_single_duplicate_ca, + missing_middle_single_insert, missing_ca, 0, 0 }, + { "middle single duplicate ca - insert unrelated", + middle_single_duplicate_ca, + missing_middle_single_duplicate_ca_unrelated_insert, missing_ca, 0, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND }, + { NULL, NULL, NULL, NULL }, }; -#endif /* GNUTLS_TESTS_TEST_CHAINS_ISSUER_H */ +#endif /* GNUTLS_TESTS_TEST_CHAINS_ISSUER_H */ diff --git a/tests/test-chains.h b/tests/test-chains.h index 69d430e65f..9ce23764da 100644 --- a/tests/test-chains.h +++ b/tests/test-chains.h @@ -21,7 +21,7 @@ */ #ifndef GNUTLS_TESTS_TEST_CHAINS_H -# define GNUTLS_TESTS_TEST_CHAINS_H +#define GNUTLS_TESTS_TEST_CHAINS_H #define MAX_CHAIN 10 @@ -364,7 +364,6 @@ static const char *rsa_pss_chain_with_diff_mgf_oid_fail[] = { "-----END CERTIFICATE-----\n" }; - static const char *rsa_pss_chain_increasing_salt_size_ok[] = { "-----BEGIN CERTIFICATE-----\n" "MIIEsTCCAumgAwIBAgIMWXnOxy72g1dtZFCEMD0GCSqGSIb3DQEBCjAwoA0wCwYJ\n" @@ -1251,2185 +1250,2187 @@ static const char *unknown_critical_extension_on_root[] = { /* the key purpose in the intermediate certificate is not the expected one */ static const char *kp_fail1[] = { - "-----BEGIN CERTIFICATE-----\n" - "MIIDOjCCAiKgAwIBAgIMVB/VrzLxJphTIbssMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTEwIhgPMjAxNDA5MjIwNzU0MjNaGA85OTk5MTIzMTIzNTk1OVow\n" - "EzERMA8GA1UEAxMIc2VydmVyLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" - "AoIBAQCjtW076msqq69wke2Nc8NMD6UpxVQ1oteCh91lhIgGS+KBunt+C1Hfnipr\n" - "iTEC0A7/DWGynWZBcK8LHbVyG32fP45S7BcR1SimbE0HD1aWFSboQegghrF+NISG\n" - "HJgUTvTvUKn8pEUxowHfU3eGM3er4QZ7hyerijOb8/W2PFqkDjEZse6uPzKOoawL\n" - "Trm88cCuzSwKuE3Fftvc6tfzorXVKiFIGlbNBw+bpCVUMpjx4w5Ug4BbJpD/e7Hf\n" - "U+BCkjfKzWMDJ54rUQLbYUTh4QknHUoZ0W+RMKpeEM4esHt7HdJtZYKh/Lzi5GjB\n" - "VRAfAA+5khCRwC2uJv1cpzqVjDOHAgMBAAGjgY0wgYowDAYDVR0TAQH/BAIwADAU\n" - "BgNVHREEDTALgglsb2NhbGhvc3QwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0P\n" - "AQH/BAUDAwegADAdBgNVHQ4EFgQU7Vhq5oDQ/UgzdS+yRZGbBuD5GxcwHwYDVR0j\n" - "BBgwFoAUWXJAO7Nmy8yMdi66LZQGgaO+plkwDQYJKoZIhvcNAQELBQADggEBABSD\n" - "xzc5ZeUpD+6dvIwptMYLLL5qMI5/GmhSHRuI7pPkf7JMOrfOfPaDRKJY2HIoHRB+\n" - "68iUeE+C3I17lpuXcTGU4OvLrqBQ19orSfWvaQMl8yOR0Uzjn98jc4wuA2nMOnBu\n" - "nV8Yx/rJvBK/uJYBjDaMdKtddBvdUoaOco8tflOLDBz7aBKTO31qynKGWgtPDasG\n" - "DsshOcDgstMwhcBXbIrliDvDhBeWZnjG6E+9yf1ppUoVMp8UU6H12lA3en1GzI3v\n" - "E9NHhkJkFk6uUIp09sWLfw/MGiU/rIb9Kj7qjOoE0RAirOJdqSnb+XRwtD5U8u2Y\n" - "JcxB7MEBdJsNPbxRVtc=\n" - "-----END CERTIFICATE-----\n", - "-----BEGIN CERTIFICATE-----\n" - "MIIDFjCCAf6gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwOTIyMDc1NDIzWhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyxSDH68ZW2CHV\n" - "6aozE8LMXnOZXDOuli49867VsS7SLr49jxL6jzLx/oJN3JfITcn+ohYNifnA7TBa\n" - "VeDSXMTG9tJrU8FlOTCk2Vsc939YiJ9tKNX4rPD+OeSbWgxOnVlkI5zZYnq/+i1E\n" - "UvahCHyP93GXl0zR9hsSptJPD27mX653clPqPoTNBA+qSDTb/GK0Yvgfioaqk0PO\n" - "q8pcKjZ2N+qg7st+y5Rj/92g9E6vpdHt9DBfL1THkeaJ0VKfvsea8fj1y1AwwWvT\n" - "9TWIYCLCiYYtMv2Oqsf3lMMU+Zs5DO1FqHglXrnwjGMN6tf57OYol72Pih3enejM\n" - "Syb2U2z3AgMBAAGjeTB3MA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYB\n" - "BQUHAwkwDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUWXJAO7Nmy8yMdi66LZQG\n" - "gaO+plkwHwYDVR0jBBgwFoAU8DKVyOiO2uYcwEgw+8kRGgRXCPYwDQYJKoZIhvcN\n" - "AQELBQADggEBAHudcSXdtTdRoMkxRZUxPu3RaJFaFJr+y0SU+3gBBjbMuYIUD5b5\n" - "neTl5NDwtgPQS41ldf7oMVWaFGdV6OZzkfPqWgNCsDPy7xSGHXLQ11SSNsw+J9mW\n" - "zVdiM+BQOWvd4WJ0FKJ+pO1WVyTiIaqnSmETzgviX93YueV53h7Z02sGifp4X2Xh\n" - "aauF8xrG62ELNBC5kYFkAWrnNtSMuykbpfZT+l4nFI9ytxHLRFMaH2jpbfdL0pmQ\n" - "oktFJ1fln6N0S71doSUTvfy2iPcvVqjIKW6YD/Pyrr6ThEbVSGzY4FogzUMQf3fN\n" - "J2Q6Eb+S3ZB28Sm377QU5XKQ1ANpOa4ozHk=\n" - "-----END CERTIFICATE-----\n", - NULL, - "-----BEGIN CERTIFICATE-----\n" - "MIIC9TCCAd2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwOTIyMDc1NDIzWhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYp4Ek815xc7wy\n" - "5AEJ2AzJSyTnVWR4HTsaWBOVGCpE7Jrz3hHPUzE/9gRM1Oq5ROWJ7DUVFoD9pP8A\n" - "if2hRYwSqCNaMswMj3ReDLm2iKROrFhYR9Rr6kcucmRDcrN1SqmmIvZT80uxPXhT\n" - "TRVWYHc9kjGvgC3U16O+265d44mgxGw2UMwMirh5X5u6JFrfTShBXj08UJoNsj+1\n" - "6Tp/x6+vO8iaGWcRPetAWzwMGNSH4CanWuHZBdL7jLV/OamfvKhBHhEGF/JN1KDn\n" - "MSLrQJib8T2WVfVdmLWM6FbDiw2i1KeleCij354MNuI+Azr8aTJma5cI1BWU5Ndq\n" - "tbHShdCxAgMBAAGjWDBWMA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYB\n" - "BQUHAwEwDwYDVR0PAQH/BAUDAwcGADAdBgNVHQ4EFgQU8DKVyOiO2uYcwEgw+8kR\n" - "GgRXCPYwDQYJKoZIhvcNAQELBQADggEBAD4RUNg3EQ5yJ1LfXWKFTXIhSg6B92Y8\n" - "QTSq+1RWEDP51J7i60A0yTDZi0XZUrfNIv+0gzw8F9l/QEWM+IXXnHUhhluZW/xf\n" - "PiQPtz3Tv5uMIxs24vMIZYeMzXJ+N1rY2JbYsEWhkfSsJA8LD08gw0azlPKx/wXy\n" - "aBlknDfeCcrpXhnJdpMxj/N7nLPTQuPe7/VmZjYc8VkopjKMrZS+3KcEoXbr5Zjr\n" - "zm2mY/IHu6AZgtsWMhakONbH6I9rsZt5VlTPO72VmkjYtHhFfvjs2fPH1Gdu52y7\n" - "P4gcTXWeMficO8uzeHv17J0+qBBYxRe5Fkri1i1JRjJcBqVaK3JPUzQ=\n" - "-----END CERTIFICATE-----\n"}; + "-----BEGIN CERTIFICATE-----\n" + "MIIDOjCCAiKgAwIBAgIMVB/VrzLxJphTIbssMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTEwIhgPMjAxNDA5MjIwNzU0MjNaGA85OTk5MTIzMTIzNTk1OVow\n" + "EzERMA8GA1UEAxMIc2VydmVyLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQCjtW076msqq69wke2Nc8NMD6UpxVQ1oteCh91lhIgGS+KBunt+C1Hfnipr\n" + "iTEC0A7/DWGynWZBcK8LHbVyG32fP45S7BcR1SimbE0HD1aWFSboQegghrF+NISG\n" + "HJgUTvTvUKn8pEUxowHfU3eGM3er4QZ7hyerijOb8/W2PFqkDjEZse6uPzKOoawL\n" + "Trm88cCuzSwKuE3Fftvc6tfzorXVKiFIGlbNBw+bpCVUMpjx4w5Ug4BbJpD/e7Hf\n" + "U+BCkjfKzWMDJ54rUQLbYUTh4QknHUoZ0W+RMKpeEM4esHt7HdJtZYKh/Lzi5GjB\n" + "VRAfAA+5khCRwC2uJv1cpzqVjDOHAgMBAAGjgY0wgYowDAYDVR0TAQH/BAIwADAU\n" + "BgNVHREEDTALgglsb2NhbGhvc3QwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0P\n" + "AQH/BAUDAwegADAdBgNVHQ4EFgQU7Vhq5oDQ/UgzdS+yRZGbBuD5GxcwHwYDVR0j\n" + "BBgwFoAUWXJAO7Nmy8yMdi66LZQGgaO+plkwDQYJKoZIhvcNAQELBQADggEBABSD\n" + "xzc5ZeUpD+6dvIwptMYLLL5qMI5/GmhSHRuI7pPkf7JMOrfOfPaDRKJY2HIoHRB+\n" + "68iUeE+C3I17lpuXcTGU4OvLrqBQ19orSfWvaQMl8yOR0Uzjn98jc4wuA2nMOnBu\n" + "nV8Yx/rJvBK/uJYBjDaMdKtddBvdUoaOco8tflOLDBz7aBKTO31qynKGWgtPDasG\n" + "DsshOcDgstMwhcBXbIrliDvDhBeWZnjG6E+9yf1ppUoVMp8UU6H12lA3en1GzI3v\n" + "E9NHhkJkFk6uUIp09sWLfw/MGiU/rIb9Kj7qjOoE0RAirOJdqSnb+XRwtD5U8u2Y\n" + "JcxB7MEBdJsNPbxRVtc=\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIIDFjCCAf6gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwOTIyMDc1NDIzWhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyxSDH68ZW2CHV\n" + "6aozE8LMXnOZXDOuli49867VsS7SLr49jxL6jzLx/oJN3JfITcn+ohYNifnA7TBa\n" + "VeDSXMTG9tJrU8FlOTCk2Vsc939YiJ9tKNX4rPD+OeSbWgxOnVlkI5zZYnq/+i1E\n" + "UvahCHyP93GXl0zR9hsSptJPD27mX653clPqPoTNBA+qSDTb/GK0Yvgfioaqk0PO\n" + "q8pcKjZ2N+qg7st+y5Rj/92g9E6vpdHt9DBfL1THkeaJ0VKfvsea8fj1y1AwwWvT\n" + "9TWIYCLCiYYtMv2Oqsf3lMMU+Zs5DO1FqHglXrnwjGMN6tf57OYol72Pih3enejM\n" + "Syb2U2z3AgMBAAGjeTB3MA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYB\n" + "BQUHAwkwDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUWXJAO7Nmy8yMdi66LZQG\n" + "gaO+plkwHwYDVR0jBBgwFoAU8DKVyOiO2uYcwEgw+8kRGgRXCPYwDQYJKoZIhvcN\n" + "AQELBQADggEBAHudcSXdtTdRoMkxRZUxPu3RaJFaFJr+y0SU+3gBBjbMuYIUD5b5\n" + "neTl5NDwtgPQS41ldf7oMVWaFGdV6OZzkfPqWgNCsDPy7xSGHXLQ11SSNsw+J9mW\n" + "zVdiM+BQOWvd4WJ0FKJ+pO1WVyTiIaqnSmETzgviX93YueV53h7Z02sGifp4X2Xh\n" + "aauF8xrG62ELNBC5kYFkAWrnNtSMuykbpfZT+l4nFI9ytxHLRFMaH2jpbfdL0pmQ\n" + "oktFJ1fln6N0S71doSUTvfy2iPcvVqjIKW6YD/Pyrr6ThEbVSGzY4FogzUMQf3fN\n" + "J2Q6Eb+S3ZB28Sm377QU5XKQ1ANpOa4ozHk=\n" + "-----END CERTIFICATE-----\n", + NULL, + "-----BEGIN CERTIFICATE-----\n" + "MIIC9TCCAd2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwOTIyMDc1NDIzWhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYp4Ek815xc7wy\n" + "5AEJ2AzJSyTnVWR4HTsaWBOVGCpE7Jrz3hHPUzE/9gRM1Oq5ROWJ7DUVFoD9pP8A\n" + "if2hRYwSqCNaMswMj3ReDLm2iKROrFhYR9Rr6kcucmRDcrN1SqmmIvZT80uxPXhT\n" + "TRVWYHc9kjGvgC3U16O+265d44mgxGw2UMwMirh5X5u6JFrfTShBXj08UJoNsj+1\n" + "6Tp/x6+vO8iaGWcRPetAWzwMGNSH4CanWuHZBdL7jLV/OamfvKhBHhEGF/JN1KDn\n" + "MSLrQJib8T2WVfVdmLWM6FbDiw2i1KeleCij354MNuI+Azr8aTJma5cI1BWU5Ndq\n" + "tbHShdCxAgMBAAGjWDBWMA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYB\n" + "BQUHAwEwDwYDVR0PAQH/BAUDAwcGADAdBgNVHQ4EFgQU8DKVyOiO2uYcwEgw+8kR\n" + "GgRXCPYwDQYJKoZIhvcNAQELBQADggEBAD4RUNg3EQ5yJ1LfXWKFTXIhSg6B92Y8\n" + "QTSq+1RWEDP51J7i60A0yTDZi0XZUrfNIv+0gzw8F9l/QEWM+IXXnHUhhluZW/xf\n" + "PiQPtz3Tv5uMIxs24vMIZYeMzXJ+N1rY2JbYsEWhkfSsJA8LD08gw0azlPKx/wXy\n" + "aBlknDfeCcrpXhnJdpMxj/N7nLPTQuPe7/VmZjYc8VkopjKMrZS+3KcEoXbr5Zjr\n" + "zm2mY/IHu6AZgtsWMhakONbH6I9rsZt5VlTPO72VmkjYtHhFfvjs2fPH1Gdu52y7\n" + "P4gcTXWeMficO8uzeHv17J0+qBBYxRe5Fkri1i1JRjJcBqVaK3JPUzQ=\n" + "-----END CERTIFICATE-----\n" +}; /* the key purpose in the anchor certificate is not the expected one */ static const char *kp_fail2[] = { - "-----BEGIN CERTIFICATE-----\n" - "MIIDIzCCAgugAwIBAgIMVB/V7wN6fXUuqVU3MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTEwIhgPMjAxNDA5MjIwNzU1MjdaGA85OTk5MTIzMTIzNTk1OVow\n" - "EzERMA8GA1UEAxMIc2VydmVyLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" - "AoIBAQDlUn8aFZ8w0fXI0ewO8+UQ0KKw1hUbH9A7DLJKj/bEyFepKh7JKnBTugs8\n" - "LEE0BKxMjC2smx5sbIKPGRljva6qST6j52HjWQfVMjL4u3M8eH9y+t/ltatMUZ6a\n" - "GFpchgNNp66/PW5F2aar73H+KpIBT+Lz0mfpjY48LS+c/ZaLfufbbJ49eNPIZPgk\n" - "nsrX+41YCC3axlUCXeBxdAkCaE3ff5G/pWBPKg+Mx7iS4bjvOAPgjX8cM/ZqLfP5\n" - "5o+AQqocXw1/uouvpO7rsww+0PgVQnZxoVX2QK3i8l2kIoIBLNaSLTx617tlKZgL\n" - "6KW+6B4BJePzNN5UsOgWMo4ZIq9pAgMBAAGjdzB1MAwGA1UdEwEB/wQCMAAwFAYD\n" - "VR0RBA0wC4IJbG9jYWxob3N0MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFJBE\n" - "Ci49lpyQRB7rCapUONuivibPMB8GA1UdIwQYMBaAFOjA+VXcj2Ujv5sKm7aczyNr\n" - "bTvOMA0GCSqGSIb3DQEBCwUAA4IBAQAUnlwhZzSUkD4IZ3g4HgfGD0Tlf7ZMZbUw\n" - "wtdM9sGzYS9n4r2Wn1pVHEzlzqyI1UCnZq2cqYcDfLUncIBYTOveGyrkzq791Mnx\n" - "1HbmcsjQbEWr/ywCEX55ZWGiDrLkK85TRS+BYNVA4sZnAzvzKwwKOMOGfiKcj7rq\n" - "XBWpUSbRua29uQOk+P1US10bxiD777OZtp+woJlAUPaB3U4XZsbCCbl/ln2BgpoP\n" - "61Qn3BdnfSrl+BsjlpDBUItnyVICCRRH109XpHmvXC0SnceGnl0S0rZhFXMZ5uhK\n" - "icfV5FLumEOPw+pmFIY9z1B/e/EQfbWuhycQT2J5R1RfrwMbRI8D\n" - "-----END CERTIFICATE-----\n", - "-----BEGIN CERTIFICATE-----\n" - "MIIDFjCCAf6gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwOTIyMDc1NTI2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvp14uRd38IoFu\n" - "CW+O/T5k4eLDbll8hZkoJkV6fm7oGQ0LcZRvhvQaHRxO50QzzNYoLMpDVw9cMMJr\n" - "cyy0C7jehOOLX4JVTWPyoynOycHTmqs9BZmjx5H/cFZRxYg9MQFmIDVj7jjaLf6u\n" - "vqDR02ab+tHesT9Zc/r/0THAqPoFio3rVXNyQpMQbsywxFRqhG0X0JkQ63xBKJQ/\n" - "ZvlfNyLnM6D1cG2Kjq1hbjyTNdofGUHY+CGuuoEAqIRnKR80rpUw5cdxy2bAjBgN\n" - "ubCD7QQlxMUmARjwAgM6lhWB+EXhbcMqZ+dmL0elmST8E8Y5sY/UkEorzigIHjr2\n" - "Tyl0/LSzAgMBAAGjeTB3MA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYB\n" - "BQUHAwkwDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQU6MD5VdyPZSO/mwqbtpzP\n" - "I2ttO84wHwYDVR0jBBgwFoAUEjFgu7hCgPDa1wiPd0d1kW33LNIwDQYJKoZIhvcN\n" - "AQELBQADggEBALB1rjTwAzC0ZFSTyGg6wYo0S/zo+RKFbezHQf+TVQ6mUjbAs6Zs\n" - "KdTm5rvWXd669RqN9pVWZhlP4gBHAe/0koIjZQ92LOkqosEGsfWbzKfy0Ey3+MWs\n" - "2d5Qwunzm7D/PnsrYCtZoNIIr0KiAMjyfW3cBB/n1vcaZDAnHnkoUWLUfsgoBFxq\n" - "yGHJU966soKKl6yMAz8+pn8SDkXFjGXNCJSEcLFq2mwSVTJO2bLDKsnknAdkJr2A\n" - "1n3vudMERHj4IjXo798Qj/qGozYECDgKLBzBN6+8HUA2r+qelNl04EI+neFaQ5bb\n" - "nU6OfwULZEc+I9iucS+6I1hXmqqI/jcBIRM=\n" - "-----END CERTIFICATE-----\n", - NULL, - "-----BEGIN CERTIFICATE-----\n" - "MIIC9TCCAd2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwOTIyMDc1NTI2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW9zXIvd+4Qf7Q\n" - "dzGbDAR+tc8rOac7FE+YJkWTx+fcIjtaiXaPRA5r7xCUawBAPaH4DvRqmqxwG+Js\n" - "CD3YMERMh184XHkPWX/s8P14lwmzm/k65GF7PLTcGEwQN67PgRkvV9l9iXq2Krgk\n" - "syfAd+7mTqkx63PPJgVqIa8Sk9Ljdp/GBlvAaFRpm8fvsKmRwDO+AjLTLw7Ou4kN\n" - "XQwPejnoreUb19dK5naA5ODrliv7mPc082g9o8NGULMcidGndBry5D/hYSY2zvUJ\n" - "lxy8M0LHQxdx1d3UIAY5i+sT5OUQBRvoXETZup7Ve6aoKfBc63PWiNAe7wuyGpWR\n" - "4dLskuZjAgMBAAGjWDBWMA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYB\n" - "BQUHAwEwDwYDVR0PAQH/BAUDAwcGADAdBgNVHQ4EFgQUEjFgu7hCgPDa1wiPd0d1\n" - "kW33LNIwDQYJKoZIhvcNAQELBQADggEBAFePqEhyTZeZhm+1l10cre94O/0awOTk\n" - "mDLhJJY2AI9zqAgnaWXg7YAf7nz3Z1Jez02fu7F8c9r7E010YE1W+2kECuM4uN6r\n" - "9X7VnUW9VRXgiLFIi7mLFtqh+VnwR3xvnKYRFM12pXDFoWhyYfFWVUeNnXdKSN6E\n" - "4sMPBoyuSB47yit4BUkEanbnGbZG74G7ldRg9HXJqmkOJl+1HALpAstBE/MCM7TF\n" - "lXgkj8eCaQwOKcK6bl+BM7dExwmYbOY/ILsDHx3/AB/eT7K8kKwE+pAzmHPobX4A\n" - "np3FeZ2muHFtNx32NuatbIk1VI2pbskc0iQLwBl06SLDR/5Hq848MDM=\n" - "-----END CERTIFICATE-----\n"}; + "-----BEGIN CERTIFICATE-----\n" + "MIIDIzCCAgugAwIBAgIMVB/V7wN6fXUuqVU3MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTEwIhgPMjAxNDA5MjIwNzU1MjdaGA85OTk5MTIzMTIzNTk1OVow\n" + "EzERMA8GA1UEAxMIc2VydmVyLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQDlUn8aFZ8w0fXI0ewO8+UQ0KKw1hUbH9A7DLJKj/bEyFepKh7JKnBTugs8\n" + "LEE0BKxMjC2smx5sbIKPGRljva6qST6j52HjWQfVMjL4u3M8eH9y+t/ltatMUZ6a\n" + "GFpchgNNp66/PW5F2aar73H+KpIBT+Lz0mfpjY48LS+c/ZaLfufbbJ49eNPIZPgk\n" + "nsrX+41YCC3axlUCXeBxdAkCaE3ff5G/pWBPKg+Mx7iS4bjvOAPgjX8cM/ZqLfP5\n" + "5o+AQqocXw1/uouvpO7rsww+0PgVQnZxoVX2QK3i8l2kIoIBLNaSLTx617tlKZgL\n" + "6KW+6B4BJePzNN5UsOgWMo4ZIq9pAgMBAAGjdzB1MAwGA1UdEwEB/wQCMAAwFAYD\n" + "VR0RBA0wC4IJbG9jYWxob3N0MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFJBE\n" + "Ci49lpyQRB7rCapUONuivibPMB8GA1UdIwQYMBaAFOjA+VXcj2Ujv5sKm7aczyNr\n" + "bTvOMA0GCSqGSIb3DQEBCwUAA4IBAQAUnlwhZzSUkD4IZ3g4HgfGD0Tlf7ZMZbUw\n" + "wtdM9sGzYS9n4r2Wn1pVHEzlzqyI1UCnZq2cqYcDfLUncIBYTOveGyrkzq791Mnx\n" + "1HbmcsjQbEWr/ywCEX55ZWGiDrLkK85TRS+BYNVA4sZnAzvzKwwKOMOGfiKcj7rq\n" + "XBWpUSbRua29uQOk+P1US10bxiD777OZtp+woJlAUPaB3U4XZsbCCbl/ln2BgpoP\n" + "61Qn3BdnfSrl+BsjlpDBUItnyVICCRRH109XpHmvXC0SnceGnl0S0rZhFXMZ5uhK\n" + "icfV5FLumEOPw+pmFIY9z1B/e/EQfbWuhycQT2J5R1RfrwMbRI8D\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIIDFjCCAf6gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwOTIyMDc1NTI2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvp14uRd38IoFu\n" + "CW+O/T5k4eLDbll8hZkoJkV6fm7oGQ0LcZRvhvQaHRxO50QzzNYoLMpDVw9cMMJr\n" + "cyy0C7jehOOLX4JVTWPyoynOycHTmqs9BZmjx5H/cFZRxYg9MQFmIDVj7jjaLf6u\n" + "vqDR02ab+tHesT9Zc/r/0THAqPoFio3rVXNyQpMQbsywxFRqhG0X0JkQ63xBKJQ/\n" + "ZvlfNyLnM6D1cG2Kjq1hbjyTNdofGUHY+CGuuoEAqIRnKR80rpUw5cdxy2bAjBgN\n" + "ubCD7QQlxMUmARjwAgM6lhWB+EXhbcMqZ+dmL0elmST8E8Y5sY/UkEorzigIHjr2\n" + "Tyl0/LSzAgMBAAGjeTB3MA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYB\n" + "BQUHAwkwDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQU6MD5VdyPZSO/mwqbtpzP\n" + "I2ttO84wHwYDVR0jBBgwFoAUEjFgu7hCgPDa1wiPd0d1kW33LNIwDQYJKoZIhvcN\n" + "AQELBQADggEBALB1rjTwAzC0ZFSTyGg6wYo0S/zo+RKFbezHQf+TVQ6mUjbAs6Zs\n" + "KdTm5rvWXd669RqN9pVWZhlP4gBHAe/0koIjZQ92LOkqosEGsfWbzKfy0Ey3+MWs\n" + "2d5Qwunzm7D/PnsrYCtZoNIIr0KiAMjyfW3cBB/n1vcaZDAnHnkoUWLUfsgoBFxq\n" + "yGHJU966soKKl6yMAz8+pn8SDkXFjGXNCJSEcLFq2mwSVTJO2bLDKsnknAdkJr2A\n" + "1n3vudMERHj4IjXo798Qj/qGozYECDgKLBzBN6+8HUA2r+qelNl04EI+neFaQ5bb\n" + "nU6OfwULZEc+I9iucS+6I1hXmqqI/jcBIRM=\n" + "-----END CERTIFICATE-----\n", + NULL, + "-----BEGIN CERTIFICATE-----\n" + "MIIC9TCCAd2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwOTIyMDc1NTI2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW9zXIvd+4Qf7Q\n" + "dzGbDAR+tc8rOac7FE+YJkWTx+fcIjtaiXaPRA5r7xCUawBAPaH4DvRqmqxwG+Js\n" + "CD3YMERMh184XHkPWX/s8P14lwmzm/k65GF7PLTcGEwQN67PgRkvV9l9iXq2Krgk\n" + "syfAd+7mTqkx63PPJgVqIa8Sk9Ljdp/GBlvAaFRpm8fvsKmRwDO+AjLTLw7Ou4kN\n" + "XQwPejnoreUb19dK5naA5ODrliv7mPc082g9o8NGULMcidGndBry5D/hYSY2zvUJ\n" + "lxy8M0LHQxdx1d3UIAY5i+sT5OUQBRvoXETZup7Ve6aoKfBc63PWiNAe7wuyGpWR\n" + "4dLskuZjAgMBAAGjWDBWMA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYB\n" + "BQUHAwEwDwYDVR0PAQH/BAUDAwcGADAdBgNVHQ4EFgQUEjFgu7hCgPDa1wiPd0d1\n" + "kW33LNIwDQYJKoZIhvcNAQELBQADggEBAFePqEhyTZeZhm+1l10cre94O/0awOTk\n" + "mDLhJJY2AI9zqAgnaWXg7YAf7nz3Z1Jez02fu7F8c9r7E010YE1W+2kECuM4uN6r\n" + "9X7VnUW9VRXgiLFIi7mLFtqh+VnwR3xvnKYRFM12pXDFoWhyYfFWVUeNnXdKSN6E\n" + "4sMPBoyuSB47yit4BUkEanbnGbZG74G7ldRg9HXJqmkOJl+1HALpAstBE/MCM7TF\n" + "lXgkj8eCaQwOKcK6bl+BM7dExwmYbOY/ILsDHx3/AB/eT7K8kKwE+pAzmHPobX4A\n" + "np3FeZ2muHFtNx32NuatbIk1VI2pbskc0iQLwBl06SLDR/5Hq848MDM=\n" + "-----END CERTIFICATE-----\n" +}; /* the key purposes in all certificates match */ static const char *kp_ok[] = { - "-----BEGIN CERTIFICATE-----\n" - "MIIDIzCCAgugAwIBAgIMVB/WCA0b8cgGIwgHMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTEwIhgPMjAxNDA5MjIwNzU1NTJaGA85OTk5MTIzMTIzNTk1OVow\n" - "EzERMA8GA1UEAxMIc2VydmVyLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" - "AoIBAQDACAXnEalw36OPk35Kv8Goj7xRaeaAz4W4w1vUZ6IJCiNIzIknvlnU5vi8\n" - "MigzloHYXmhHRyfHGggoPZyGtDNiKIeZLRE81CVS9UzM4Uu5naKmU4zBMmmqEvvh\n" - "/IHHDXd+Ky89WXcI4rTFjzGzvViQinN+1E7BViFplOBvGHB0qa/v2saqyoD9HRJL\n" - "RKYbSGG85T1u8B7M7mdnBuQyk12r6lsxsNfScnkNH04jUtgL1i+Susd7zo1waqi+\n" - "lXvvW5P8gB9cfa32cXsBNGReOZoVk7G60JjLDmB+fWetVn7o42wG0gZ6TsSTsrqn\n" - "WLNMOxw3W8WLapR4vwU2BzjTZfRjAgMBAAGjdzB1MAwGA1UdEwEB/wQCMAAwFAYD\n" - "VR0RBA0wC4IJbG9jYWxob3N0MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFDL9\n" - "2DAwMqU6DnAE8/MOefs0AFO8MB8GA1UdIwQYMBaAFO47x5DoYJnwbtfPj/PIxKmH\n" - "JZQqMA0GCSqGSIb3DQEBCwUAA4IBAQBv3kR0R0VIu4mJ7oERxCPosJafnJPOGRMz\n" - "7F4zk3j7kwaP6OGHRJwcvxNLRAr+YIXheFDEJTwkEtA5pbir9wIG0fb+FT/o4ggs\n" - "4r2DqEZo9rZNatPMTKswbA3kmeKxRUe/AVsqeSz5Na5HNrHAGFZplUpyGMHT09f1\n" - "rHfOTlsq8dorGtE14UyJc9CY1GhHZVNFSPgyaKxSTVBr4qsD1WVKPcARWjL9Qp7E\n" - "0Gnh/O+eLdC4V7izmAfaS7kwyYiyJoWSvce4hMweEfWytOaBJMDg4pFDLabhfJpo\n" - "IZXCSc3/qHmf03lU+ntppPOXdl5niZ0YnwRmf8uYJb13EAepaiyQ\n" - "-----END CERTIFICATE-----\n", - "-----BEGIN CERTIFICATE-----\n" - "MIIDFjCCAf6gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwOTIyMDc1NTUyWhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp39LwuWEO/TO7\n" - "0X9G8P3+EoWL8TDyGmAGST3+qM9pSunLkIeYnY9RtiT8/W5Tt1G7GD7RaU1J+IoL\n" - "UsEOpT/Apx2Pl3AcXLQlhrtSSZj+yBBWSvY2C+Affhr34sIEYXlE85DseSvotJb/\n" - "ebHoOFPziji95gR+l9L7aQe7RKaebTfNGbSuTzn1e1YYmnJqtNmfLcrgALblCYBm\n" - "XMlJRy5NCiWk1D/BNIGsp7Qqtx5yE/h+92bY7js7s/Vzmbhs3LmFYoKMvBOWqbrc\n" - "OQCFZxLX4jaNg64OEVOX+OqbAy+bssoMWiXAZfBz3018Xnf88lrsYVL1ZH6QDQL7\n" - "sEIZ/IBPAgMBAAGjeTB3MA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYB\n" - "BQUHAwkwDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQU7jvHkOhgmfBu18+P88jE\n" - "qYcllCowHwYDVR0jBBgwFoAU1fwQDT/4ciYUpHQqev0LK+2shjswDQYJKoZIhvcN\n" - "AQELBQADggEBABjGLC1H8oL/TjwBBbrFSwRtmbY1ElLO6lZvniWnfsOk7R/DdoBb\n" - "rzNcdUOcXoH6RbuZ4XA2ROqLb9RAor/V+A4CWHLLfToHKTYFE4vH7iN99gk+OEy6\n" - "G7CR2jYNHVikrX3eEUqdMby9+mY1K9GAz8+MojBUTPllc7Gzp0TsLzWXxvhSR84Z\n" - "zVJAS7bE605pKeABTD3b4aSskn0yt4UYEgVfw2hOnXDaZMfQLgp46z2PBuKXo+Xq\n" - "JpqbTJMuWA96J4A51RloNWBESzYhBCppeGIlGOhryqMDreVJ+MxZiuqgcbvm/7qc\n" - "QTLpHAc7dU1/X8/QgqKZIVnpWbmGRNsnTuU=\n" - "-----END CERTIFICATE-----\n", - NULL, - "-----BEGIN CERTIFICATE-----\n" - "MIIC9TCCAd2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwOTIyMDc1NTUyWhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoyMH9n/NaDPOx\n" - "+LFRDvrIPyCpc1cCfq/CLjdcUYll6IYCDn/p2XTSFFCzeLY37yyAX7VuHcbfAQWD\n" - "0Ax8IL5EUBdQ0BVEkw5ck5pOsqbnLU991zAvUpN1C+u7ogB92atTaeDR9TUE4bMX\n" - "EW+k6us9WQQe9A/w5rnOr9baR+lvndQW6Mun+7bhhX0KdezUosTd6xfW9tOXSOso\n" - "jkk9wW+PKdRCmfmqENNLMAIkQ6RES5LTO9KFGlbaCfJjxPVmT7V53nRsY4j+v1rT\n" - "nNMK6JshtbjQCaVM3nvXXQCJ0nRtUGUcS2JeRpc1C6h+TsHPDo7kNPKGYLDi5Zps\n" - "9WOArkLVAgMBAAGjWDBWMA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYB\n" - "BQUHAwkwDwYDVR0PAQH/BAUDAwcGADAdBgNVHQ4EFgQU1fwQDT/4ciYUpHQqev0L\n" - "K+2shjswDQYJKoZIhvcNAQELBQADggEBABoD6Zl+A3DU4KTa4n+002J4ddl85O4+\n" - "Qj1NOFfGZ8qP8S5SuzlUIUzRMvIacCSXOwcBFer4UtKe5x/O5i9F1G4eKt09vGGF\n" - "+XZNjhBOOqqEVUEcwCMecdU5aDaFWx3g7ixrzOlA17Ida/j/QtJZVyhJJBm9wxfW\n" - "peFcl/aR3/PPn3eULbTTMK+mUe96PwW2FrEA7ecNBxhCkcIvt42IWqkqTD/1Mg6B\n" - "BukSgD3VAQumnglSuu+G+F+KJ0zFPdmu6IaudpQ92hM6NeK1vJiiP1Mv0ALsk04C\n" - "Byazcl/VWffXsBIE8OI3k25rFXGn5IAVxzLNGpRFhWfKXbREXICC868=\n" - "-----END CERTIFICATE-----\n"}; + "-----BEGIN CERTIFICATE-----\n" + "MIIDIzCCAgugAwIBAgIMVB/WCA0b8cgGIwgHMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTEwIhgPMjAxNDA5MjIwNzU1NTJaGA85OTk5MTIzMTIzNTk1OVow\n" + "EzERMA8GA1UEAxMIc2VydmVyLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQDACAXnEalw36OPk35Kv8Goj7xRaeaAz4W4w1vUZ6IJCiNIzIknvlnU5vi8\n" + "MigzloHYXmhHRyfHGggoPZyGtDNiKIeZLRE81CVS9UzM4Uu5naKmU4zBMmmqEvvh\n" + "/IHHDXd+Ky89WXcI4rTFjzGzvViQinN+1E7BViFplOBvGHB0qa/v2saqyoD9HRJL\n" + "RKYbSGG85T1u8B7M7mdnBuQyk12r6lsxsNfScnkNH04jUtgL1i+Susd7zo1waqi+\n" + "lXvvW5P8gB9cfa32cXsBNGReOZoVk7G60JjLDmB+fWetVn7o42wG0gZ6TsSTsrqn\n" + "WLNMOxw3W8WLapR4vwU2BzjTZfRjAgMBAAGjdzB1MAwGA1UdEwEB/wQCMAAwFAYD\n" + "VR0RBA0wC4IJbG9jYWxob3N0MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFDL9\n" + "2DAwMqU6DnAE8/MOefs0AFO8MB8GA1UdIwQYMBaAFO47x5DoYJnwbtfPj/PIxKmH\n" + "JZQqMA0GCSqGSIb3DQEBCwUAA4IBAQBv3kR0R0VIu4mJ7oERxCPosJafnJPOGRMz\n" + "7F4zk3j7kwaP6OGHRJwcvxNLRAr+YIXheFDEJTwkEtA5pbir9wIG0fb+FT/o4ggs\n" + "4r2DqEZo9rZNatPMTKswbA3kmeKxRUe/AVsqeSz5Na5HNrHAGFZplUpyGMHT09f1\n" + "rHfOTlsq8dorGtE14UyJc9CY1GhHZVNFSPgyaKxSTVBr4qsD1WVKPcARWjL9Qp7E\n" + "0Gnh/O+eLdC4V7izmAfaS7kwyYiyJoWSvce4hMweEfWytOaBJMDg4pFDLabhfJpo\n" + "IZXCSc3/qHmf03lU+ntppPOXdl5niZ0YnwRmf8uYJb13EAepaiyQ\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIIDFjCCAf6gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwOTIyMDc1NTUyWhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp39LwuWEO/TO7\n" + "0X9G8P3+EoWL8TDyGmAGST3+qM9pSunLkIeYnY9RtiT8/W5Tt1G7GD7RaU1J+IoL\n" + "UsEOpT/Apx2Pl3AcXLQlhrtSSZj+yBBWSvY2C+Affhr34sIEYXlE85DseSvotJb/\n" + "ebHoOFPziji95gR+l9L7aQe7RKaebTfNGbSuTzn1e1YYmnJqtNmfLcrgALblCYBm\n" + "XMlJRy5NCiWk1D/BNIGsp7Qqtx5yE/h+92bY7js7s/Vzmbhs3LmFYoKMvBOWqbrc\n" + "OQCFZxLX4jaNg64OEVOX+OqbAy+bssoMWiXAZfBz3018Xnf88lrsYVL1ZH6QDQL7\n" + "sEIZ/IBPAgMBAAGjeTB3MA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYB\n" + "BQUHAwkwDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQU7jvHkOhgmfBu18+P88jE\n" + "qYcllCowHwYDVR0jBBgwFoAU1fwQDT/4ciYUpHQqev0LK+2shjswDQYJKoZIhvcN\n" + "AQELBQADggEBABjGLC1H8oL/TjwBBbrFSwRtmbY1ElLO6lZvniWnfsOk7R/DdoBb\n" + "rzNcdUOcXoH6RbuZ4XA2ROqLb9RAor/V+A4CWHLLfToHKTYFE4vH7iN99gk+OEy6\n" + "G7CR2jYNHVikrX3eEUqdMby9+mY1K9GAz8+MojBUTPllc7Gzp0TsLzWXxvhSR84Z\n" + "zVJAS7bE605pKeABTD3b4aSskn0yt4UYEgVfw2hOnXDaZMfQLgp46z2PBuKXo+Xq\n" + "JpqbTJMuWA96J4A51RloNWBESzYhBCppeGIlGOhryqMDreVJ+MxZiuqgcbvm/7qc\n" + "QTLpHAc7dU1/X8/QgqKZIVnpWbmGRNsnTuU=\n" + "-----END CERTIFICATE-----\n", + NULL, + "-----BEGIN CERTIFICATE-----\n" + "MIIC9TCCAd2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwOTIyMDc1NTUyWhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoyMH9n/NaDPOx\n" + "+LFRDvrIPyCpc1cCfq/CLjdcUYll6IYCDn/p2XTSFFCzeLY37yyAX7VuHcbfAQWD\n" + "0Ax8IL5EUBdQ0BVEkw5ck5pOsqbnLU991zAvUpN1C+u7ogB92atTaeDR9TUE4bMX\n" + "EW+k6us9WQQe9A/w5rnOr9baR+lvndQW6Mun+7bhhX0KdezUosTd6xfW9tOXSOso\n" + "jkk9wW+PKdRCmfmqENNLMAIkQ6RES5LTO9KFGlbaCfJjxPVmT7V53nRsY4j+v1rT\n" + "nNMK6JshtbjQCaVM3nvXXQCJ0nRtUGUcS2JeRpc1C6h+TsHPDo7kNPKGYLDi5Zps\n" + "9WOArkLVAgMBAAGjWDBWMA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYB\n" + "BQUHAwkwDwYDVR0PAQH/BAUDAwcGADAdBgNVHQ4EFgQU1fwQDT/4ciYUpHQqev0L\n" + "K+2shjswDQYJKoZIhvcNAQELBQADggEBABoD6Zl+A3DU4KTa4n+002J4ddl85O4+\n" + "Qj1NOFfGZ8qP8S5SuzlUIUzRMvIacCSXOwcBFer4UtKe5x/O5i9F1G4eKt09vGGF\n" + "+XZNjhBOOqqEVUEcwCMecdU5aDaFWx3g7ixrzOlA17Ida/j/QtJZVyhJJBm9wxfW\n" + "peFcl/aR3/PPn3eULbTTMK+mUe96PwW2FrEA7ecNBxhCkcIvt42IWqkqTD/1Mg6B\n" + "BukSgD3VAQumnglSuu+G+F+KJ0zFPdmu6IaudpQ92hM6NeK1vJiiP1Mv0ALsk04C\n" + "Byazcl/VWffXsBIE8OI3k25rFXGn5IAVxzLNGpRFhWfKXbREXICC868=\n" + "-----END CERTIFICATE-----\n" +}; /* This is the same chain as modified1 but with no modification */ static const char *modified2[] = { - "-----BEGIN CERTIFICATE-----\n" - "MIIFXjCCBEagAwIBAgIQHYWDpKNVUzEFx4Pq8yjxbTANBgkqhkiG9w0BAQUFADCB\n" - "tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" - "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" - "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm\n" - "VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTQwMjI3\n" - "MDAwMDAwWhcNMTUwMjI4MjM1OTU5WjBnMQswCQYDVQQGEwJVUzETMBEGA1UECBMK\n" - "V2FzaGluZ3RvbjEQMA4GA1UEBxQHU2VhdHRsZTEYMBYGA1UEChQPQW1hem9uLmNv\n" - "bSBJbmMuMRcwFQYDVQQDFA53d3cuYW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEB\n" - "BQADggEPADCCAQoCggEBAJdfieOPrf4Arf1Iled/ii97407ZnjpaB5xxm49Q4Pz3\n" - "+5xmD0LYre7Cjn1A7W3ZlHki5zFVZpW9Jb/3PfSEDY5slyjkLD2jdl2gVefSthSZ\n" - "tYxb5eYv79tIEN0U9AZ8/VaGwUokl8n1MitcECxNLMe4LqoVmS29nXITTTzX5t3I\n" - "4dUeMBDNI+xgVpJSpxwzA+/L+wxoj5Sb4YJ/Y+iUknCkjX6PpaZMRWBEE0dqvG02\n" - "qlxXesAV0nmKYvjbtqAyoW6vgjP85h6gJEESIqTTZy1HOgFpO8XT05CpGDcjhP1s\n" - "TvXF7Vx1aj+xDidGLLW188G35oFKIhEyHQV2V7vzRAUCAwEAAaOCAbUwggGxMFAG\n" - "A1UdEQRJMEeCEXVlZGF0YS5hbWF6b24uY29tggphbWF6b24uY29tgghhbXpuLmNv\n" - "bYIMd3d3LmFtem4uY29tgg53d3cuYW1hem9uLmNvbTAJBgNVHRMEAjAAMA4GA1Ud\n" - "DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwQwYDVR0g\n" - "BDwwOjA4BgpghkgBhvhFAQc2MCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZl\n" - "cmlzaWduLmNvbS9jcHMwHwYDVR0jBBgwFoAUDURcFlNEwYJ+HSCrJfQBY9i+eaUw\n" - "RQYDVR0fBD4wPDA6oDigNoY0aHR0cDovL1NWUlNlY3VyZS1HMy1jcmwudmVyaXNp\n" - "Z24uY29tL1NWUlNlY3VyZUczLmNybDB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUH\n" - "MAGGGGh0dHA6Ly9vY3NwLnZlcmlzaWduLmNvbTBABggrBgEFBQcwAoY0aHR0cDov\n" - "L1NWUlNlY3VyZS1HMy1haWEudmVyaXNpZ24uY29tL1NWUlNlY3VyZUczLmNlcjAN\n" - "BgkqhkiG9w0BAQUFAAOCAQEAOeZfjkI0yR/nutCMHp5/uB/evkB8qIYxh1KKbhPB\n" - "TmpykmJxiLKrBBcBBu9kW5lMbNPSNclE4sCyN0dxCJHwPm7ubNUxsmDSTPTJOx0M\n" - "zl0WZVaZ7eX3nw1kj8jSoK0f5n87RzKK85MwBFsEn73Z2pDvxTcd72BE0T1UJLcU\n" - "2A5uHAJyvm2QpOWBIRKlJHIHCcu5xjj5yLnGO9id0cjOjEgj9f1Mo4hzawL5vQfk\n" - "o/xFxAsA70bk2trv54kgLvhmAW+B6OpN3Z/xB4mWNOw3G8bg/u+pCLvd8KRO5V8K\n" - "TlgO1NTaOgYC6OAF3USNMhuNZh6h5tWA3mA8rFr8ZsayhA==\n" - "-----END CERTIFICATE-----\n", - "-----BEGIN CERTIFICATE-----\n" - "MIIF7DCCBNSgAwIBAgIQbsx6pacDIAm4zrz06VLUkTANBgkqhkiG9w0BAQUFADCB\n" - "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" - "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n" - "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n" - "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n" - "aG9yaXR5IC0gRzUwHhcNMTAwMjA4MDAwMDAwWhcNMjAwMjA3MjM1OTU5WjCBtTEL\n" - "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n" - "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n" - "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMmVmVy\n" - "aVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwggEiMA0GCSqGSIb3\n" - "DQEBAQUAA4IBDwAwggEKAoIBAQCxh4QfwgxF9byrJZenraI+nLr2wTm4i8rCrFbG\n" - "5btljkRPTc5v7QlK1K9OEJxoiy6Ve4mbE8riNDTB81vzSXtig0iBdNGIeGwCU/m8\n" - "f0MmV1gzgzszChew0E6RJK2GfWQS3HRKNKEdCuqWHQsV/KNLO85jiND4LQyUhhDK\n" - "tpo9yus3nABINYYpUHjoRWPNGUFP9ZXse5jUxHGzUL4os4+guVOc9cosI6n9FAbo\n" - "GLSa6Dxugf3kzTU2s1HTaewSulZub5tXxYsU5w7HnO1KVGrJTcW/EbGuHGeBy0RV\n" - "M5l/JJs/U0V/hhrzPPptf4H1uErT9YU3HLWm0AnkGHs4TvoPAgMBAAGjggHfMIIB\n" - "2zA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLnZlcmlz\n" - "aWduLmNvbTASBgNVHRMBAf8ECDAGAQH/AgEAMHAGA1UdIARpMGcwZQYLYIZIAYb4\n" - "RQEHFwMwVjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2Nw\n" - "czAqBggrBgEFBQcCAjAeGhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDQG\n" - "A1UdHwQtMCswKaAnoCWGI2h0dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUu\n" - "Y3JsMA4GA1UdDwEB/wQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglp\n" - "bWFnZS9naWYwITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNo\n" - "dHRwOi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjAoBgNVHREEITAfpB0w\n" - "GzEZMBcGA1UEAxMQVmVyaVNpZ25NUEtJLTItNjAdBgNVHQ4EFgQUDURcFlNEwYJ+\n" - "HSCrJfQBY9i+eaUwHwYDVR0jBBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJ\n" - "KoZIhvcNAQEFBQADggEBAAyDJO/dwwzZWJz+NrbrioBL0aP3nfPMU++CnqOh5pfB\n" - "WJ11bOAdG0z60cEtBcDqbrIicFXZIDNAMwfCZYP6j0M3m+oOmmxw7vacgDvZN/R6\n" - "bezQGH1JSsqZxxkoor7YdyT3hSaGbYcFQEFn0Sc67dxIHSLNCwuLvPSxe/20majp\n" - "dirhGi2HbnTTiN0eIsbfFrYrghQKlFzyUOyvzv9iNw2tZdMGQVPtAhTItVgooazg\n" - "W+yzf5VK+wPIrSbb5mZ4EkrZn0L74ZjmQoObj49nJOhhGbXdzbULJgWOw27EyHW4\n" - "Rs/iGAZeqa6ogZpHFt4MKGwlJ7net4RYxh84HqTEy2Y=\n" - "-----END CERTIFICATE-----\n", - NULL, - "-----BEGIN CERTIFICATE-----\n" - "MIIExjCCBC+gAwIBAgIQNZcxh/OHOgcyfs5YDJt+2jANBgkqhkiG9w0BAQUFADBf\n" - "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" - "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" - "HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx\n" - "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n" - "dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv\n" - "ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz\n" - "IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi\n" - "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8\n" - "RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb\n" - "ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR\n" - "TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/\n" - "Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH\n" - "iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB\n" - "AAGjggGRMIIBjTAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0\n" - "dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjA9\n" - "BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVy\n" - "aXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwNAYD\n" - "VR0lBC0wKwYJYIZIAYb4QgQBBgpghkgBhvhFAQgBBggrBgEFBQcDAQYIKwYBBQUH\n" - "AwIwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUr\n" - "DgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNp\n" - "Z24uY29tL3ZzbG9nby5naWYwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhho\n" - "dHRwOi8vb2NzcC52ZXJpc2lnbi5jb20wDQYJKoZIhvcNAQEFBQADgYEADyWuSO0b\n" - "M4VMDLXC1/5N1oMoTEFlYAALd0hxgv5/21oOIMzS6ke8ZEJhRDR0MIGBJopK90Rd\n" - "fjSAqLiD4gnXbSPdie0oCL1jWhFXCMSe2uJoKK/dUDzsgiHYAMJVRFBwQa2DF3m6\n" - "CPMr3u00HUSe0gST9MsFFy0JLS1j7/YmC3s=\n" - "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIFXjCCBEagAwIBAgIQHYWDpKNVUzEFx4Pq8yjxbTANBgkqhkiG9w0BAQUFADCB\n" + "tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" + "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" + "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm\n" + "VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTQwMjI3\n" + "MDAwMDAwWhcNMTUwMjI4MjM1OTU5WjBnMQswCQYDVQQGEwJVUzETMBEGA1UECBMK\n" + "V2FzaGluZ3RvbjEQMA4GA1UEBxQHU2VhdHRsZTEYMBYGA1UEChQPQW1hem9uLmNv\n" + "bSBJbmMuMRcwFQYDVQQDFA53d3cuYW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEB\n" + "BQADggEPADCCAQoCggEBAJdfieOPrf4Arf1Iled/ii97407ZnjpaB5xxm49Q4Pz3\n" + "+5xmD0LYre7Cjn1A7W3ZlHki5zFVZpW9Jb/3PfSEDY5slyjkLD2jdl2gVefSthSZ\n" + "tYxb5eYv79tIEN0U9AZ8/VaGwUokl8n1MitcECxNLMe4LqoVmS29nXITTTzX5t3I\n" + "4dUeMBDNI+xgVpJSpxwzA+/L+wxoj5Sb4YJ/Y+iUknCkjX6PpaZMRWBEE0dqvG02\n" + "qlxXesAV0nmKYvjbtqAyoW6vgjP85h6gJEESIqTTZy1HOgFpO8XT05CpGDcjhP1s\n" + "TvXF7Vx1aj+xDidGLLW188G35oFKIhEyHQV2V7vzRAUCAwEAAaOCAbUwggGxMFAG\n" + "A1UdEQRJMEeCEXVlZGF0YS5hbWF6b24uY29tggphbWF6b24uY29tgghhbXpuLmNv\n" + "bYIMd3d3LmFtem4uY29tgg53d3cuYW1hem9uLmNvbTAJBgNVHRMEAjAAMA4GA1Ud\n" + "DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwQwYDVR0g\n" + "BDwwOjA4BgpghkgBhvhFAQc2MCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZl\n" + "cmlzaWduLmNvbS9jcHMwHwYDVR0jBBgwFoAUDURcFlNEwYJ+HSCrJfQBY9i+eaUw\n" + "RQYDVR0fBD4wPDA6oDigNoY0aHR0cDovL1NWUlNlY3VyZS1HMy1jcmwudmVyaXNp\n" + "Z24uY29tL1NWUlNlY3VyZUczLmNybDB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUH\n" + "MAGGGGh0dHA6Ly9vY3NwLnZlcmlzaWduLmNvbTBABggrBgEFBQcwAoY0aHR0cDov\n" + "L1NWUlNlY3VyZS1HMy1haWEudmVyaXNpZ24uY29tL1NWUlNlY3VyZUczLmNlcjAN\n" + "BgkqhkiG9w0BAQUFAAOCAQEAOeZfjkI0yR/nutCMHp5/uB/evkB8qIYxh1KKbhPB\n" + "TmpykmJxiLKrBBcBBu9kW5lMbNPSNclE4sCyN0dxCJHwPm7ubNUxsmDSTPTJOx0M\n" + "zl0WZVaZ7eX3nw1kj8jSoK0f5n87RzKK85MwBFsEn73Z2pDvxTcd72BE0T1UJLcU\n" + "2A5uHAJyvm2QpOWBIRKlJHIHCcu5xjj5yLnGO9id0cjOjEgj9f1Mo4hzawL5vQfk\n" + "o/xFxAsA70bk2trv54kgLvhmAW+B6OpN3Z/xB4mWNOw3G8bg/u+pCLvd8KRO5V8K\n" + "TlgO1NTaOgYC6OAF3USNMhuNZh6h5tWA3mA8rFr8ZsayhA==\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIIF7DCCBNSgAwIBAgIQbsx6pacDIAm4zrz06VLUkTANBgkqhkiG9w0BAQUFADCB\n" + "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" + "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n" + "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n" + "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n" + "aG9yaXR5IC0gRzUwHhcNMTAwMjA4MDAwMDAwWhcNMjAwMjA3MjM1OTU5WjCBtTEL\n" + "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n" + "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n" + "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMmVmVy\n" + "aVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwggEiMA0GCSqGSIb3\n" + "DQEBAQUAA4IBDwAwggEKAoIBAQCxh4QfwgxF9byrJZenraI+nLr2wTm4i8rCrFbG\n" + "5btljkRPTc5v7QlK1K9OEJxoiy6Ve4mbE8riNDTB81vzSXtig0iBdNGIeGwCU/m8\n" + "f0MmV1gzgzszChew0E6RJK2GfWQS3HRKNKEdCuqWHQsV/KNLO85jiND4LQyUhhDK\n" + "tpo9yus3nABINYYpUHjoRWPNGUFP9ZXse5jUxHGzUL4os4+guVOc9cosI6n9FAbo\n" + "GLSa6Dxugf3kzTU2s1HTaewSulZub5tXxYsU5w7HnO1KVGrJTcW/EbGuHGeBy0RV\n" + "M5l/JJs/U0V/hhrzPPptf4H1uErT9YU3HLWm0AnkGHs4TvoPAgMBAAGjggHfMIIB\n" + "2zA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLnZlcmlz\n" + "aWduLmNvbTASBgNVHRMBAf8ECDAGAQH/AgEAMHAGA1UdIARpMGcwZQYLYIZIAYb4\n" + "RQEHFwMwVjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2Nw\n" + "czAqBggrBgEFBQcCAjAeGhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDQG\n" + "A1UdHwQtMCswKaAnoCWGI2h0dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUu\n" + "Y3JsMA4GA1UdDwEB/wQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglp\n" + "bWFnZS9naWYwITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNo\n" + "dHRwOi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjAoBgNVHREEITAfpB0w\n" + "GzEZMBcGA1UEAxMQVmVyaVNpZ25NUEtJLTItNjAdBgNVHQ4EFgQUDURcFlNEwYJ+\n" + "HSCrJfQBY9i+eaUwHwYDVR0jBBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJ\n" + "KoZIhvcNAQEFBQADggEBAAyDJO/dwwzZWJz+NrbrioBL0aP3nfPMU++CnqOh5pfB\n" + "WJ11bOAdG0z60cEtBcDqbrIicFXZIDNAMwfCZYP6j0M3m+oOmmxw7vacgDvZN/R6\n" + "bezQGH1JSsqZxxkoor7YdyT3hSaGbYcFQEFn0Sc67dxIHSLNCwuLvPSxe/20majp\n" + "dirhGi2HbnTTiN0eIsbfFrYrghQKlFzyUOyvzv9iNw2tZdMGQVPtAhTItVgooazg\n" + "W+yzf5VK+wPIrSbb5mZ4EkrZn0L74ZjmQoObj49nJOhhGbXdzbULJgWOw27EyHW4\n" + "Rs/iGAZeqa6ogZpHFt4MKGwlJ7net4RYxh84HqTEy2Y=\n" + "-----END CERTIFICATE-----\n", + NULL, + "-----BEGIN CERTIFICATE-----\n" + "MIIExjCCBC+gAwIBAgIQNZcxh/OHOgcyfs5YDJt+2jANBgkqhkiG9w0BAQUFADBf\n" + "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" + "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" + "HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx\n" + "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n" + "dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv\n" + "ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz\n" + "IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi\n" + "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8\n" + "RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb\n" + "ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR\n" + "TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/\n" + "Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH\n" + "iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB\n" + "AAGjggGRMIIBjTAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0\n" + "dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjA9\n" + "BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVy\n" + "aXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwNAYD\n" + "VR0lBC0wKwYJYIZIAYb4QgQBBgpghkgBhvhFAQgBBggrBgEFBQcDAQYIKwYBBQUH\n" + "AwIwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUr\n" + "DgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNp\n" + "Z24uY29tL3ZzbG9nby5naWYwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhho\n" + "dHRwOi8vb2NzcC52ZXJpc2lnbi5jb20wDQYJKoZIhvcNAQEFBQADgYEADyWuSO0b\n" + "M4VMDLXC1/5N1oMoTEFlYAALd0hxgv5/21oOIMzS6ke8ZEJhRDR0MIGBJopK90Rd\n" + "fjSAqLiD4gnXbSPdie0oCL1jWhFXCMSe2uJoKK/dUDzsgiHYAMJVRFBwQa2DF3m6\n" + "CPMr3u00HUSe0gST9MsFFy0JLS1j7/YmC3s=\n" + "-----END CERTIFICATE-----\n" }; /* Empty intersection of 2 permitted DNS names, * non-intuitive constraints order (more specific higher) */ static const char *nc_bad0[] = { - /* Alternative DNSname: two.example.org */ - "-----BEGIN CERTIFICATE-----\n" - "MIIEJzCCAo+gAwIBAgIMV4T0BxqceieCt/KBMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTIwIBcNMTYwNzEyMTM0MzM1WhgPOTk5OTEyMzEyMzU5NTlaMBMx\n" - "ETAPBgNVBAMTCHNlcnZlci0zMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC\n" - "AYEAm1IOBuzu9Pya9O3FKhQKus22xPlm+fVex8EV+p3IymnZGZUlDeTX5OcxCOm4\n" - "G87KNl/UQjgCB6n2FPiIYFbH9skxyvW8ZlG+M4so5yg7mwRjB8QPe0yEOLyxaLaa\n" - "uNp9icjtPJgPpIrEgppevfiP4iXrRGakzpjayazVCDTp9+XAhdWEi43mN6fgpM8V\n" - "Yc5sstkEueCjIfhApBzReMTvEUs3jCtmpqIvm07zVLpCh3sWh5MPSZtcw6UiKZdb\n" - "rRoaypznSkQDGQXCTZ92gSnkg0m86OIOHNQcxLXqfbrNJ7QZBf1wpi04s4DHNHSC\n" - "k9TpKe/dbDO4vgMgBNrcZ/9B7y95Pe+XJawG3klGhz2zGG7DmvWNygtUcM9nqk/P\n" - "f7TQhwsU4McmyxvVb09OVwk/2zEaPswv6MFvoxOskcQ5aYhJZs6wLDG3hh8yE4fr\n" - "BBvJb53flMnuSIWLfzeGUg4eeS8xP7ORApwLM0K0VGLaT4V9lpmWFLot0hv7XAcH\n" - "jeTVAgMBAAGjfTB7MAwGA1UdEwEB/wQCMAAwGgYDVR0RBBMwEYIPdHdvLmV4YW1w\n" - "bGUub3JnMA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFERr13TeLMJ3q5QS2W4O\n" - "HiqwpM0RMB8GA1UdIwQYMBaAFDTfJRBdiC6+QinO/HA/E7TWxeHrMA0GCSqGSIb3\n" - "DQEBCwUAA4IBgQAiOgI7RgzjDBHgliXb2Q9iuCq/o/08Fz2he8AzTJ0fw+Xd+g40\n" - "HWnhZZxlnSq/XFircrHwLuMyG2B6HJ9gXWg7SI/5PG9fVz0USC0tcxKzA87iB2sx\n" - "KWzdfmzBM32ioTFEisH9YQqCVXc3Umol15r3dAZsKGRKQzYjVG8APJS4LYZTX918\n" - "Yg06jCmp+ZhyRHVhQ1NbrX9geOK8tuZoTQ/10iI1+eIF50a43qA0H8YDuyQbrZA3\n" - "ECdVIQVCUQTVlTx+JMl7DoZnm+m+BrisAAuq/4TeJwm2Es3IF4SPB/pwaZyx8YnK\n" - "xqne/auI6Rq7nfsi3owxBjjX1YamlmM6UWdvIsejsy92im2G0+J5s55yw+fCGXE5\n" - "5mItHVWOiviaPa95NU3NeD8RkUUFI568GM8GnIcSfJi1yxed8UApbCiZMbIIN8fl\n" - "5mMgyZv2QJXbJxhIiCQixn8nYsj2iaJu9Ns6zd5cFaQSmQxIEUfCiNZ9kO0xwpor\n" - "tHWgZdawxv2CfGg=\n" - "-----END CERTIFICATE-----\n", - /* Name Constraints (critical): + /* Alternative DNSname: two.example.org */ + "-----BEGIN CERTIFICATE-----\n" + "MIIEJzCCAo+gAwIBAgIMV4T0BxqceieCt/KBMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTIwIBcNMTYwNzEyMTM0MzM1WhgPOTk5OTEyMzEyMzU5NTlaMBMx\n" + "ETAPBgNVBAMTCHNlcnZlci0zMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC\n" + "AYEAm1IOBuzu9Pya9O3FKhQKus22xPlm+fVex8EV+p3IymnZGZUlDeTX5OcxCOm4\n" + "G87KNl/UQjgCB6n2FPiIYFbH9skxyvW8ZlG+M4so5yg7mwRjB8QPe0yEOLyxaLaa\n" + "uNp9icjtPJgPpIrEgppevfiP4iXrRGakzpjayazVCDTp9+XAhdWEi43mN6fgpM8V\n" + "Yc5sstkEueCjIfhApBzReMTvEUs3jCtmpqIvm07zVLpCh3sWh5MPSZtcw6UiKZdb\n" + "rRoaypznSkQDGQXCTZ92gSnkg0m86OIOHNQcxLXqfbrNJ7QZBf1wpi04s4DHNHSC\n" + "k9TpKe/dbDO4vgMgBNrcZ/9B7y95Pe+XJawG3klGhz2zGG7DmvWNygtUcM9nqk/P\n" + "f7TQhwsU4McmyxvVb09OVwk/2zEaPswv6MFvoxOskcQ5aYhJZs6wLDG3hh8yE4fr\n" + "BBvJb53flMnuSIWLfzeGUg4eeS8xP7ORApwLM0K0VGLaT4V9lpmWFLot0hv7XAcH\n" + "jeTVAgMBAAGjfTB7MAwGA1UdEwEB/wQCMAAwGgYDVR0RBBMwEYIPdHdvLmV4YW1w\n" + "bGUub3JnMA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFERr13TeLMJ3q5QS2W4O\n" + "HiqwpM0RMB8GA1UdIwQYMBaAFDTfJRBdiC6+QinO/HA/E7TWxeHrMA0GCSqGSIb3\n" + "DQEBCwUAA4IBgQAiOgI7RgzjDBHgliXb2Q9iuCq/o/08Fz2he8AzTJ0fw+Xd+g40\n" + "HWnhZZxlnSq/XFircrHwLuMyG2B6HJ9gXWg7SI/5PG9fVz0USC0tcxKzA87iB2sx\n" + "KWzdfmzBM32ioTFEisH9YQqCVXc3Umol15r3dAZsKGRKQzYjVG8APJS4LYZTX918\n" + "Yg06jCmp+ZhyRHVhQ1NbrX9geOK8tuZoTQ/10iI1+eIF50a43qA0H8YDuyQbrZA3\n" + "ECdVIQVCUQTVlTx+JMl7DoZnm+m+BrisAAuq/4TeJwm2Es3IF4SPB/pwaZyx8YnK\n" + "xqne/auI6Rq7nfsi3owxBjjX1YamlmM6UWdvIsejsy92im2G0+J5s55yw+fCGXE5\n" + "5mItHVWOiviaPa95NU3NeD8RkUUFI568GM8GnIcSfJi1yxed8UApbCiZMbIIN8fl\n" + "5mMgyZv2QJXbJxhIiCQixn8nYsj2iaJu9Ns6zd5cFaQSmQxIEUfCiNZ9kO0xwpor\n" + "tHWgZdawxv2CfGg=\n" + "-----END CERTIFICATE-----\n", + /* Name Constraints (critical): Permitted: DNSname: example.org */ - "-----BEGIN CERTIFICATE-----\n" - "MIIEIDCCAoigAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" - "MCAXDTE2MDcxMjEzNDMzNVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0yMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAtpx8p5POIgdnDbBr\n" - "fH1kByvm2PP+iN4UJhJYY1V7EMiucC/CU5HoYhi/KpBwoY+28oaISEMr0KEf/3rv\n" - "CTZRBxuqxCboK6+u/dDOlyYeM0dU57jpKmgCrETLMq92QaIEhNzv88cTaWP0OGzv\n" - "2klLqim5AJC2J/XWqHGprfdhf9GCWurMT+km7LPIClDHfwnmrPHuNhelfPCVzKpO\n" - "9S9+Lq5KpaV45DRQtMve5NjUju1q9LotEeEdlu5bnomIK3SyfS+n5AZnLNVAqmMg\n" - "kSB1ymtWqn4wiw3hCBz8biSlkeowdh37cm3j0za27R3IjFnIQLD44Ena3pTU8v+P\n" - "4/k1OML8UWXpigP5QuTSASx0fXiShHf3baY1HnEqULfYvi+IUb6wMs/3f13NVVBE\n" - "z+LsjiWlwqB0fK5lefO32cEDvtSMlIxgt3FUDCo3/rLAh4ZorURONh4MUWiODTSl\n" - "417JOLB/miH37jodViv6zfbtTvw/+GbZM9TnvHlzqvZj5nLFAgMBAAGjgYQwgYEw\n" - "DwYDVR0TAQH/BAUwAwEB/zAdBgNVHR4BAf8EEzARoA8wDYILZXhhbXBsZS5vcmcw\n" - "DwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUNN8lEF2ILr5CKc78cD8TtNbF4esw\n" - "HwYDVR0jBBgwFoAU4SfGxDtCWqGQsk7xBIooEZNCoMYwDQYJKoZIhvcNAQELBQAD\n" - "ggGBABJZw4MHkE+8Fg+r/ET/kJ0n0NtsB57O3ogPpe/0/EWpsEJsjnRzimfu5NjS\n" - "PIcEKk/l2Ij8vbmDxb1uNsZmeYphdjb+w/D44OnxahxeLELwZPHWpJLvuf5S8bsz\n" - "Z0bZFNkDUXYbKDX8kWr1gNCKURBS344fRfe8HzZsG68stouvCuOh5pvre7mGGMJI\n" - "5/OMISmQiKIGLpUi1YOSRM25VMZ6GnzgYiN/bcZU1ph+R0lQv7/RRZ7oiaYmFBTi\n" - "FfWIE2hsJla3mbhCnUUp18MpRu4+gPirCVhNQ+ii9FPklcIhXxOrq6cqfX/YAcWO\n" - "uF70tZK/+Z7UXqGYJeQ8pdmlzjNGSH7Q6D+QKNAjZ+Ovb7zEh3NmyTT2XEykMR6+\n" - "bQYaGGcRu8Uvz4wHDaqeUuF/vgTiFaJ8kwNGX8Xb1x+ok5QrJAKZzvy59kojz8L0\n" - "ukQ6SqsvZ6SkJRbHHEh39YPNdC66O58KTiayjKgxQmVHsMOhraI1+YmPntCNBqNN\n" - "AvhLDg==\n" - "-----END CERTIFICATE-----\n", - /* Name Constraints (critical): + "-----BEGIN CERTIFICATE-----\n" + "MIIEIDCCAoigAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" + "MCAXDTE2MDcxMjEzNDMzNVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0yMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAtpx8p5POIgdnDbBr\n" + "fH1kByvm2PP+iN4UJhJYY1V7EMiucC/CU5HoYhi/KpBwoY+28oaISEMr0KEf/3rv\n" + "CTZRBxuqxCboK6+u/dDOlyYeM0dU57jpKmgCrETLMq92QaIEhNzv88cTaWP0OGzv\n" + "2klLqim5AJC2J/XWqHGprfdhf9GCWurMT+km7LPIClDHfwnmrPHuNhelfPCVzKpO\n" + "9S9+Lq5KpaV45DRQtMve5NjUju1q9LotEeEdlu5bnomIK3SyfS+n5AZnLNVAqmMg\n" + "kSB1ymtWqn4wiw3hCBz8biSlkeowdh37cm3j0za27R3IjFnIQLD44Ena3pTU8v+P\n" + "4/k1OML8UWXpigP5QuTSASx0fXiShHf3baY1HnEqULfYvi+IUb6wMs/3f13NVVBE\n" + "z+LsjiWlwqB0fK5lefO32cEDvtSMlIxgt3FUDCo3/rLAh4ZorURONh4MUWiODTSl\n" + "417JOLB/miH37jodViv6zfbtTvw/+GbZM9TnvHlzqvZj5nLFAgMBAAGjgYQwgYEw\n" + "DwYDVR0TAQH/BAUwAwEB/zAdBgNVHR4BAf8EEzARoA8wDYILZXhhbXBsZS5vcmcw\n" + "DwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUNN8lEF2ILr5CKc78cD8TtNbF4esw\n" + "HwYDVR0jBBgwFoAU4SfGxDtCWqGQsk7xBIooEZNCoMYwDQYJKoZIhvcNAQELBQAD\n" + "ggGBABJZw4MHkE+8Fg+r/ET/kJ0n0NtsB57O3ogPpe/0/EWpsEJsjnRzimfu5NjS\n" + "PIcEKk/l2Ij8vbmDxb1uNsZmeYphdjb+w/D44OnxahxeLELwZPHWpJLvuf5S8bsz\n" + "Z0bZFNkDUXYbKDX8kWr1gNCKURBS344fRfe8HzZsG68stouvCuOh5pvre7mGGMJI\n" + "5/OMISmQiKIGLpUi1YOSRM25VMZ6GnzgYiN/bcZU1ph+R0lQv7/RRZ7oiaYmFBTi\n" + "FfWIE2hsJla3mbhCnUUp18MpRu4+gPirCVhNQ+ii9FPklcIhXxOrq6cqfX/YAcWO\n" + "uF70tZK/+Z7UXqGYJeQ8pdmlzjNGSH7Q6D+QKNAjZ+Ovb7zEh3NmyTT2XEykMR6+\n" + "bQYaGGcRu8Uvz4wHDaqeUuF/vgTiFaJ8kwNGX8Xb1x+ok5QrJAKZzvy59kojz8L0\n" + "ukQ6SqsvZ6SkJRbHHEh39YPNdC66O58KTiayjKgxQmVHsMOhraI1+YmPntCNBqNN\n" + "AvhLDg==\n" + "-----END CERTIFICATE-----\n", + /* Name Constraints (critical): Permitted: DNSname: one.example.com */ - "-----BEGIN CERTIFICATE-----\n" - "MIIEJDCCAoygAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCAXDTE2MDcxMjEzNDMzNFoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0xMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAt7EPrrm4e4JEPXVI\n" - "3s6eNQCyQv24LU9HD+7hDMEOFf//DoHeb8QqSDJdiCk+Hax5ydKZR2h4HZRmj5HO\n" - "s6nxh0AWL645fKcvfk9Oj3r1roLWxH9Kk/UR246s7FcujhDzEz3LEOZUedeMY2CS\n" - "tyjPLsKoP0jiDslRk0Yt4m7OfayB71B26qq92SzRr2YlMvf6AWHEiZhCRqVNidDV\n" - "LxdMwqIkO8s93DN8Kw74X8U5o5vTjmmDiW1HVrqsxOuImnjQ4qTUiDv0JbzTQbTp\n" - "uPOlJ5u/qMTK1jsGDcgfnojHLrsyuuTPR4v6Rmebpi0HHrT2PkxLeGtQEUxM7TeS\n" - "Ccq+eva9zm4UngonS2/nkfYawLDkP3XQ7cJQueNKLC5etDr9NqhFaD624InblWGy\n" - "V7jtEJRwRPH9FeMG7HyWb4BHYz36dCsMLbsCrCLIH8H7r/1nswVxlL5SRwiL06fK\n" - "11pwae1uyNgQuvjno4zHKM5V+mJe1Tz//2X3bfb7crFPQgsxAgMBAAGjgYgwgYUw\n" - "DwYDVR0TAQH/BAUwAwEB/zAhBgNVHR4BAf8EFzAVoBMwEYIPb25lLmV4YW1wbGUu\n" - "Y29tMA8GA1UdDwEB/wQFAwMHBAAwHQYDVR0OBBYEFOEnxsQ7QlqhkLJO8QSKKBGT\n" - "QqDGMB8GA1UdIwQYMBaAFJm3gYrByx1mGmb4CnWXtNzxwGapMA0GCSqGSIb3DQEB\n" - "CwUAA4IBgQAU53SjH5nO+ah/pAQaIDuxaJ6yaFWt1ZuW8riu/dTqn9vI0R4K6WCh\n" - "EZ/rf4Z4YWMLm0+wI/+1CbFHtuZ9savA4qx7rtXQw5mF1JTEBsBM/chiXZ50euKW\n" - "DRE2e8egOESxDQWk5cnaAxtbiRYXu/KYGqFcGeRvSoy85gIwfjBtweYn+rOwM9Yi\n" - "9JsrKwsdFlzvzB6+ozDMCHncqtkU3DqI9QD80oP033z45EJxWxOhd6YhnrZN9SKp\n" - "E/lnc/XuY3NflVE5PGT5efrfGkAfbp2fWPfvc2PP0Lh172zoPy3mBwcXpWdij+H2\n" - "JCzwEqzxQzLpACtFy0kwq9HhzfgcdbbFmUbNweIf30eVG0XQ35myZy9Q1LQINhaj\n" - "UN0Ao7qtLUtC8z5DlUFMuEHQBLhFkmuRHJHCkFRqLO0nHFYmKxtQ2nNmbHt1909s\n" - "I20OEegNTFV8luCbFahoILckFlsbep9P4d0wOMjZuJkLyModK7Yx+CdOpq6/Cegg\n" - "gt+aIvJzHEY=\n" - "-----END CERTIFICATE-----\n", - "-----BEGIN CERTIFICATE-----\n" - "MIID3jCCAkagAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCAXDTE2MDcxMjEzNDMzM1oYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0wMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAmmrn3nN2bIFYipZN\n" - "ED4nbWSc0ZYDbo8VzqjCKNVhMbYJlu07tV0qDK/1IDHf9awo5AladB4NEH3oJi9c\n" - "sCtiBtJ9UnqD+gxsJFNtpOfNRfelOE8R7suXAxDxJto7YLtXnLCcMx+UMkhlDfVi\n" - "Yy5Hqua//+EFyffokOPJ0/JCxFvTd9ldbNnxgLL27yDJBL1e4SMSw03/wKoLS0nW\n" - "Sjzcu1+Y2sdj6CNVDtZjGmDLMNtyykX4BDz71PrlR1euktkuHS1HMthQdj3rSWjU\n" - "Rehe7LxjYG548SpnIVA93EOfDyqLhjpKUL8+rA0cKBIsaJK+TyUNQ8XYa98djBAj\n" - "gjRYRsPkZt/FH2BTg+4XSHWMrmfEbxyxqAf6euUkY4Z+Y2xkUHQl5GdYk44Rb/+4\n" - "NxSBBKSj+6SqK2f0o3WTHXwJTeX+B0rV2x507hFqf6lRGzwzffrXKqH3yxfqbycl\n" - "XlahOiBJ1xKNrR0XGeq9yPcrWv/RYvYt4JJp9OV1U2Mz3DRRAgMBAAGjQzBBMA8G\n" - "A1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUmbeBisHL\n" - "HWYaZvgKdZe03PHAZqkwDQYJKoZIhvcNAQELBQADggGBABaf05+i07lJI74gv87t\n" - "87BuaYEvySlQuUqycCvEs31RXFxJQhpHS7RvqPw6vqDv418SZwd/hNaC7a1JU0gL\n" - "Zuha61y9u6/HbmeCBSgXYcd+4M/2oPz6WcJ9uoOZk8D2NxafubVtyXH26O6tMEnK\n" - "0JJuV6q7fsqvIHf+tvRs/fTD7gKtyAsj1OoO3EjkRRQPnHOR4anXr1jxDFvldHEs\n" - "qhlibWotfyvS4BvSk8nEo+/hrXs86cQDqCg1bbbz04sTQVHW1/kCKYl7c/HQGnTT\n" - "I3Yc7pFq7n5sNP31XN1a8VaGiKseNXmxjhS9XlIvQ1qB5ObE+Dm0tWQbrDo73udb\n" - "dW+I2/Pcij0tGBi8Cxe/PZKv5wio4NpWGTNiF6PMSaUp+lqX2iLYfjjl7osr3Hph\n" - "gnwxlST3q0Av0+91jCfj6IZ9YRHLakceaRxcj8zLoVGpQqTdJjuH4Sy7nKoL58G1\n" - "96Asqk2NsUztvRfw5pYFoe7ZUgsa4M+0/nZxOPd2UeodMA==\n" - "-----END CERTIFICATE-----\n", - NULL + "-----BEGIN CERTIFICATE-----\n" + "MIIEJDCCAoygAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCAXDTE2MDcxMjEzNDMzNFoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0xMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAt7EPrrm4e4JEPXVI\n" + "3s6eNQCyQv24LU9HD+7hDMEOFf//DoHeb8QqSDJdiCk+Hax5ydKZR2h4HZRmj5HO\n" + "s6nxh0AWL645fKcvfk9Oj3r1roLWxH9Kk/UR246s7FcujhDzEz3LEOZUedeMY2CS\n" + "tyjPLsKoP0jiDslRk0Yt4m7OfayB71B26qq92SzRr2YlMvf6AWHEiZhCRqVNidDV\n" + "LxdMwqIkO8s93DN8Kw74X8U5o5vTjmmDiW1HVrqsxOuImnjQ4qTUiDv0JbzTQbTp\n" + "uPOlJ5u/qMTK1jsGDcgfnojHLrsyuuTPR4v6Rmebpi0HHrT2PkxLeGtQEUxM7TeS\n" + "Ccq+eva9zm4UngonS2/nkfYawLDkP3XQ7cJQueNKLC5etDr9NqhFaD624InblWGy\n" + "V7jtEJRwRPH9FeMG7HyWb4BHYz36dCsMLbsCrCLIH8H7r/1nswVxlL5SRwiL06fK\n" + "11pwae1uyNgQuvjno4zHKM5V+mJe1Tz//2X3bfb7crFPQgsxAgMBAAGjgYgwgYUw\n" + "DwYDVR0TAQH/BAUwAwEB/zAhBgNVHR4BAf8EFzAVoBMwEYIPb25lLmV4YW1wbGUu\n" + "Y29tMA8GA1UdDwEB/wQFAwMHBAAwHQYDVR0OBBYEFOEnxsQ7QlqhkLJO8QSKKBGT\n" + "QqDGMB8GA1UdIwQYMBaAFJm3gYrByx1mGmb4CnWXtNzxwGapMA0GCSqGSIb3DQEB\n" + "CwUAA4IBgQAU53SjH5nO+ah/pAQaIDuxaJ6yaFWt1ZuW8riu/dTqn9vI0R4K6WCh\n" + "EZ/rf4Z4YWMLm0+wI/+1CbFHtuZ9savA4qx7rtXQw5mF1JTEBsBM/chiXZ50euKW\n" + "DRE2e8egOESxDQWk5cnaAxtbiRYXu/KYGqFcGeRvSoy85gIwfjBtweYn+rOwM9Yi\n" + "9JsrKwsdFlzvzB6+ozDMCHncqtkU3DqI9QD80oP033z45EJxWxOhd6YhnrZN9SKp\n" + "E/lnc/XuY3NflVE5PGT5efrfGkAfbp2fWPfvc2PP0Lh172zoPy3mBwcXpWdij+H2\n" + "JCzwEqzxQzLpACtFy0kwq9HhzfgcdbbFmUbNweIf30eVG0XQ35myZy9Q1LQINhaj\n" + "UN0Ao7qtLUtC8z5DlUFMuEHQBLhFkmuRHJHCkFRqLO0nHFYmKxtQ2nNmbHt1909s\n" + "I20OEegNTFV8luCbFahoILckFlsbep9P4d0wOMjZuJkLyModK7Yx+CdOpq6/Cegg\n" + "gt+aIvJzHEY=\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIID3jCCAkagAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCAXDTE2MDcxMjEzNDMzM1oYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0wMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAmmrn3nN2bIFYipZN\n" + "ED4nbWSc0ZYDbo8VzqjCKNVhMbYJlu07tV0qDK/1IDHf9awo5AladB4NEH3oJi9c\n" + "sCtiBtJ9UnqD+gxsJFNtpOfNRfelOE8R7suXAxDxJto7YLtXnLCcMx+UMkhlDfVi\n" + "Yy5Hqua//+EFyffokOPJ0/JCxFvTd9ldbNnxgLL27yDJBL1e4SMSw03/wKoLS0nW\n" + "Sjzcu1+Y2sdj6CNVDtZjGmDLMNtyykX4BDz71PrlR1euktkuHS1HMthQdj3rSWjU\n" + "Rehe7LxjYG548SpnIVA93EOfDyqLhjpKUL8+rA0cKBIsaJK+TyUNQ8XYa98djBAj\n" + "gjRYRsPkZt/FH2BTg+4XSHWMrmfEbxyxqAf6euUkY4Z+Y2xkUHQl5GdYk44Rb/+4\n" + "NxSBBKSj+6SqK2f0o3WTHXwJTeX+B0rV2x507hFqf6lRGzwzffrXKqH3yxfqbycl\n" + "XlahOiBJ1xKNrR0XGeq9yPcrWv/RYvYt4JJp9OV1U2Mz3DRRAgMBAAGjQzBBMA8G\n" + "A1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUmbeBisHL\n" + "HWYaZvgKdZe03PHAZqkwDQYJKoZIhvcNAQELBQADggGBABaf05+i07lJI74gv87t\n" + "87BuaYEvySlQuUqycCvEs31RXFxJQhpHS7RvqPw6vqDv418SZwd/hNaC7a1JU0gL\n" + "Zuha61y9u6/HbmeCBSgXYcd+4M/2oPz6WcJ9uoOZk8D2NxafubVtyXH26O6tMEnK\n" + "0JJuV6q7fsqvIHf+tvRs/fTD7gKtyAsj1OoO3EjkRRQPnHOR4anXr1jxDFvldHEs\n" + "qhlibWotfyvS4BvSk8nEo+/hrXs86cQDqCg1bbbz04sTQVHW1/kCKYl7c/HQGnTT\n" + "I3Yc7pFq7n5sNP31XN1a8VaGiKseNXmxjhS9XlIvQ1qB5ObE+Dm0tWQbrDo73udb\n" + "dW+I2/Pcij0tGBi8Cxe/PZKv5wio4NpWGTNiF6PMSaUp+lqX2iLYfjjl7osr3Hph\n" + "gnwxlST3q0Av0+91jCfj6IZ9YRHLakceaRxcj8zLoVGpQqTdJjuH4Sy7nKoL58G1\n" + "96Asqk2NsUztvRfw5pYFoe7ZUgsa4M+0/nZxOPd2UeodMA==\n" + "-----END CERTIFICATE-----\n", + NULL }; /* Name constraints: Empty excluded DNSname, empty Common name */ static const char *nc_bad1[] = { -/* DNSname: localhost + /* DNSname: localhost DNSname: www.example.com Common name: (empty) */ -"-----BEGIN CERTIFICATE-----\n" -"MIIDSzCCAjOgAwIBAgIMU/xqxDpxZ3J5cUcrMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" -"BgNVBAMTBENBLTEwIhgPMjAxNDA4MjYxMTA4NTJaGA85OTk5MTIzMTIzNTk1OVow\n" -"EzERMA8GA1UEChMIc2VydmVyLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" -"AoIBAQDP3GV/JSLCCmx09hJINJZC8fSUBE1IVbZsY/q00rZOw5KwPioLiMOIup7W\n" -"na8YJ2ama0GJjU86PlJDhBH6soaY24ZCW5kKhvfnSw2TkpW6umL7psvuBslRoMxA\n" -"t12MpapZDFZixZjV44Bstuyt9sI1ze3au+5C7E4+z40o/3uvbIiN2iz4bPgwPIMu\n" -"5V/bVTei6uAcu4fNHh/AGnAUJa201QsUhM4+VRFc0XmanjSulySD3obwERDneqab\n" -"77gnIP6zwuFXxHgucbmzU8DIgVhes2k4v6AB1nPxlpUL5+E+W4XDg4ckGGkfxgcn\n" -"dGYvuv3pwIyHvb7Z0A8D6bE435cnAgMBAAGjgZ4wgZswDAYDVR0TAQH/BAIwADAl\n" -"BgNVHREEHjAcgglsb2NhbGhvc3SCD3d3dy5leGFtcGxlLmNvbTATBgNVHSUEDDAK\n" -"BggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBS5dbTqiPbhe7Fg\n" -"e/Bs92qsNgWSzjAfBgNVHSMEGDAWgBSgAJcc9Q5KDpAhkrMORPJSboq3vzANBgkq\n" -"hkiG9w0BAQsFAAOCAQEAdkVCQQ5mCuV5WTqCeH7AtXxYM7IV7q6O7uqirKwDUzGD\n" -"wB5shurAPMn9IG46O68P+BPLMfwszFDgszNrjuMsKb7hLT5+pVsd6XRQeimPJ5rN\n" -"/szMfALLAcw8Yxt+1YbxlgUgybFsiK2zdBpAshU+FzMRvFfq9rnqW/VXM0J6ghz3\n" -"VqLbviOY5KpCLzfG0yM+CTcKXVFau9QZK962AfXzUwaCymw1cRHzQlpdMQtTtcIp\n" -"nci6MKXViEdeHbPLcZe9+vzSSpFh5u/l47w+2B1oz7mndFFpxkw37zDaVH5yAFxK\n" -"+5VijiKxH6nmniLUX8Zsv82YBaO0liNb2fOZopxQGQ==\n" -"-----END CERTIFICATE-----\n", -/* Name Constraints (critical): + "-----BEGIN CERTIFICATE-----\n" + "MIIDSzCCAjOgAwIBAgIMU/xqxDpxZ3J5cUcrMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTEwIhgPMjAxNDA4MjYxMTA4NTJaGA85OTk5MTIzMTIzNTk1OVow\n" + "EzERMA8GA1UEChMIc2VydmVyLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQDP3GV/JSLCCmx09hJINJZC8fSUBE1IVbZsY/q00rZOw5KwPioLiMOIup7W\n" + "na8YJ2ama0GJjU86PlJDhBH6soaY24ZCW5kKhvfnSw2TkpW6umL7psvuBslRoMxA\n" + "t12MpapZDFZixZjV44Bstuyt9sI1ze3au+5C7E4+z40o/3uvbIiN2iz4bPgwPIMu\n" + "5V/bVTei6uAcu4fNHh/AGnAUJa201QsUhM4+VRFc0XmanjSulySD3obwERDneqab\n" + "77gnIP6zwuFXxHgucbmzU8DIgVhes2k4v6AB1nPxlpUL5+E+W4XDg4ckGGkfxgcn\n" + "dGYvuv3pwIyHvb7Z0A8D6bE435cnAgMBAAGjgZ4wgZswDAYDVR0TAQH/BAIwADAl\n" + "BgNVHREEHjAcgglsb2NhbGhvc3SCD3d3dy5leGFtcGxlLmNvbTATBgNVHSUEDDAK\n" + "BggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBS5dbTqiPbhe7Fg\n" + "e/Bs92qsNgWSzjAfBgNVHSMEGDAWgBSgAJcc9Q5KDpAhkrMORPJSboq3vzANBgkq\n" + "hkiG9w0BAQsFAAOCAQEAdkVCQQ5mCuV5WTqCeH7AtXxYM7IV7q6O7uqirKwDUzGD\n" + "wB5shurAPMn9IG46O68P+BPLMfwszFDgszNrjuMsKb7hLT5+pVsd6XRQeimPJ5rN\n" + "/szMfALLAcw8Yxt+1YbxlgUgybFsiK2zdBpAshU+FzMRvFfq9rnqW/VXM0J6ghz3\n" + "VqLbviOY5KpCLzfG0yM+CTcKXVFau9QZK962AfXzUwaCymw1cRHzQlpdMQtTtcIp\n" + "nci6MKXViEdeHbPLcZe9+vzSSpFh5u/l47w+2B1oz7mndFFpxkw37zDaVH5yAFxK\n" + "+5VijiKxH6nmniLUX8Zsv82YBaO0liNb2fOZopxQGQ==\n" + "-----END CERTIFICATE-----\n", + /* Name Constraints (critical): * Excluded DNSname: (empty) */ -"-----BEGIN CERTIFICATE-----\n" -"MIIDFTCCAf2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" -"MCIYDzIwMTQwODI2MTEwODUyWhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" -"BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+iPUnEs+qmj2U\n" -"Rz8plNAE/CpeUxUfNNVonluu4DzulsxAJMN78g+Oqx+ggdkECZxHLISkzErMgiuv\n" -"bG+nr9yxjyHH2YoOAgzgknar5JkOBkKp1bIvyA950ZSygMFEHX1qoaM+F/1/DKjG\n" -"NmMCNUpR0c4m+K22s72LnrpMLMmCZU0fnqngb1+F+iZE6emhcX5Z5D0QTJTAeiYK\n" -"ArnO0rpVEvU0o3nwe3dDrT0YyoCYrzCsCOKUa2wFtkOzLZKJbMBRMflL+fBmtj/Q\n" -"7xUe7ox62ZEqSD7W+Po48/mIuSOhx7u+yToBZ60wKGz9OkQ/JwykkK5ZgI+nPWGT\n" -"1au1K4V7AgMBAAGjeDB2MA8GA1UdEwEB/wQFMAMBAf8wEgYDVR0eAQH/BAgwBqEE\n" -"MAKCADAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBSgAJcc9Q5KDpAhkrMORPJS\n" -"boq3vzAfBgNVHSMEGDAWgBQ/lKQpHoyEFz7J+Wn6eT5qxgYQpjANBgkqhkiG9w0B\n" -"AQsFAAOCAQEAoMeZ0cnHes8bWRHLvrGc6wpwVnxYx2CBF9Xd3k4YMNunwBF9oM+T\n" -"ZYSMo4k7C1XZ154avBIyiCne3eU7/oHG1nkqY9ndN5LMyL8KFOniETBY3BdKtlGA\n" -"N+pDiQsrWG6mtqQ+kHFJICnGEDDByGB2eH+oAS+8gNtSfamLuTWYMI6ANjA9OWan\n" -"rkIA7ta97UiH2flvKRctqvZ0n6Vp3n3aUc53FkAbTnxOCBNCBx/veCgD/r74WbcY\n" -"jiwh2RE//3D3Oo7zhUlwQEWQSa/7poG5e6bl7oj4JYjpwSmESCYokT83Iqeb9lwO\n" -"D+dr9zs1tCudW9xz3sUg6IBXhZ4UvegTNg==\n" -"-----END CERTIFICATE-----\n", -"-----BEGIN CERTIFICATE-----\n" -"MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" -"MCIYDzIwMTQwODI2MTEwODUyWhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" -"BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2cd2vlg/9nuzi\n" -"6S6/qyJRnaUoFutajTwGqfQKZpbqXI7TcFZwKidzAZlZiU+sAvkY8d/9cadlbrde\n" -"S9HGv31QmexWjgWAMGNpeyiPlXIN8xGzIbZRM3FCih0bnIyibdwgAuU14dUrChGD\n" -"sQ4SAmRUpThkB8anvC10PIsxfnifBwJI6dGQZb1KOxVOIWg7Gb5tNFkZILBGv8wk\n" -"cbycIBYC3lRX8svUj9mMiro53f+4ZGbi4DcSLIdw4ebAczfBd+uHM2jkHFZUNuAY\n" -"7rGZAAuqEh5IE0QHS9CV6mg6Pf9+sLGMBZUbix2sxRntAEyz8+kO7W2zgmKPla4+\n" -"y54cIUmBAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" -"ADAdBgNVHQ4EFgQUP5SkKR6MhBc+yflp+nk+asYGEKYwDQYJKoZIhvcNAQELBQAD\n" -"ggEBAC4N4dUoGDTGf93DtjEcZzqGoAd6TsCYy6k5zeYMZFwogfArg0IMurcFDLeN\n" -"PXe3xl9RiUjbiZMaHWju81kIO34z0NLd705XR9QFEc+xiuZOMmm4SxciAF5xo+Hh\n" -"Fhc9cVa8Icm2ju86Q4yhJziYrElH8VwHTBE0k+RE1cK65F5PQFGGBlpGm9EMcYTv\n" -"EQQATPLuWwKRAFNJBx2t3DAeMseo/Iq6Snd/UfdqgLkV61YtbzqL8bu+a8rgMAYz\n" -"ovgORsI48TlbU4H7YI+vzPO33tRV2m4dOxppMHzv8Ie2LIIfqYn0HRd87c06djEA\n" -"EpXfXGqxjX5vAtNPO5fGGzghol4=\n" -"-----END CERTIFICATE-----", -NULL + "-----BEGIN CERTIFICATE-----\n" + "MIIDFTCCAf2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwODI2MTEwODUyWhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+iPUnEs+qmj2U\n" + "Rz8plNAE/CpeUxUfNNVonluu4DzulsxAJMN78g+Oqx+ggdkECZxHLISkzErMgiuv\n" + "bG+nr9yxjyHH2YoOAgzgknar5JkOBkKp1bIvyA950ZSygMFEHX1qoaM+F/1/DKjG\n" + "NmMCNUpR0c4m+K22s72LnrpMLMmCZU0fnqngb1+F+iZE6emhcX5Z5D0QTJTAeiYK\n" + "ArnO0rpVEvU0o3nwe3dDrT0YyoCYrzCsCOKUa2wFtkOzLZKJbMBRMflL+fBmtj/Q\n" + "7xUe7ox62ZEqSD7W+Po48/mIuSOhx7u+yToBZ60wKGz9OkQ/JwykkK5ZgI+nPWGT\n" + "1au1K4V7AgMBAAGjeDB2MA8GA1UdEwEB/wQFMAMBAf8wEgYDVR0eAQH/BAgwBqEE\n" + "MAKCADAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBSgAJcc9Q5KDpAhkrMORPJS\n" + "boq3vzAfBgNVHSMEGDAWgBQ/lKQpHoyEFz7J+Wn6eT5qxgYQpjANBgkqhkiG9w0B\n" + "AQsFAAOCAQEAoMeZ0cnHes8bWRHLvrGc6wpwVnxYx2CBF9Xd3k4YMNunwBF9oM+T\n" + "ZYSMo4k7C1XZ154avBIyiCne3eU7/oHG1nkqY9ndN5LMyL8KFOniETBY3BdKtlGA\n" + "N+pDiQsrWG6mtqQ+kHFJICnGEDDByGB2eH+oAS+8gNtSfamLuTWYMI6ANjA9OWan\n" + "rkIA7ta97UiH2flvKRctqvZ0n6Vp3n3aUc53FkAbTnxOCBNCBx/veCgD/r74WbcY\n" + "jiwh2RE//3D3Oo7zhUlwQEWQSa/7poG5e6bl7oj4JYjpwSmESCYokT83Iqeb9lwO\n" + "D+dr9zs1tCudW9xz3sUg6IBXhZ4UvegTNg==\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwODI2MTEwODUyWhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2cd2vlg/9nuzi\n" + "6S6/qyJRnaUoFutajTwGqfQKZpbqXI7TcFZwKidzAZlZiU+sAvkY8d/9cadlbrde\n" + "S9HGv31QmexWjgWAMGNpeyiPlXIN8xGzIbZRM3FCih0bnIyibdwgAuU14dUrChGD\n" + "sQ4SAmRUpThkB8anvC10PIsxfnifBwJI6dGQZb1KOxVOIWg7Gb5tNFkZILBGv8wk\n" + "cbycIBYC3lRX8svUj9mMiro53f+4ZGbi4DcSLIdw4ebAczfBd+uHM2jkHFZUNuAY\n" + "7rGZAAuqEh5IE0QHS9CV6mg6Pf9+sLGMBZUbix2sxRntAEyz8+kO7W2zgmKPla4+\n" + "y54cIUmBAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQUP5SkKR6MhBc+yflp+nk+asYGEKYwDQYJKoZIhvcNAQELBQAD\n" + "ggEBAC4N4dUoGDTGf93DtjEcZzqGoAd6TsCYy6k5zeYMZFwogfArg0IMurcFDLeN\n" + "PXe3xl9RiUjbiZMaHWju81kIO34z0NLd705XR9QFEc+xiuZOMmm4SxciAF5xo+Hh\n" + "Fhc9cVa8Icm2ju86Q4yhJziYrElH8VwHTBE0k+RE1cK65F5PQFGGBlpGm9EMcYTv\n" + "EQQATPLuWwKRAFNJBx2t3DAeMseo/Iq6Snd/UfdqgLkV61YtbzqL8bu+a8rgMAYz\n" + "ovgORsI48TlbU4H7YI+vzPO33tRV2m4dOxppMHzv8Ie2LIIfqYn0HRd87c06djEA\n" + "EpXfXGqxjX5vAtNPO5fGGzghol4=\n" + "-----END CERTIFICATE-----", + NULL }; /* Name constraints: Multiple-level constraints, intersection empty */ static const char *nc_bad2[] = { -/* DNSname: www.example.com */ -"-----BEGIN CERTIFICATE-----\n" -"MIIDQDCCAiigAwIBAgIMU/x5DBI1pGSO2eYZMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" -"BgNVBAMTBENBLTMwIhgPMjAxNDA4MjYxMjA5NDhaGA85OTk5MTIzMTIzNTk1OVow\n" -"EzERMA8GA1UEChMIc2VydmVyLTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" -"AoIBAQDL/hbj+RVDQ5sA4VR2FZ+P+/jju7jkUFUovwhCrWpGXFs0WDokcOkcXc3f\n" -"0yturFWazVEKaaZECiDpGf6iXmNoJA6fPT+G0gPlIL6wh4wKQG+vwVYsX5ZkXOMR\n" -"sl7BqCpeCChkth54mClEwOYW3WohdXqiJfxoFVdgnisbqkxYtz9aXzYE71cZIFAx\n" -"nL7V/gY+G/m0iZCdfh7YEDlT+qtLkGyHsyyTxwUH4yyqcsFl4WWG6wAdKF5U69yw\n" -"uo61J5wpE+yDyS0u4Cjw67d29OIHsT7GAq+fP69vMoEHPvPUM/aA68AycybV2OYt\n" -"8OJAyZqf/6zvnlrbLuk08kWf1TD3AgMBAAGjgZMwgZAwDAYDVR0TAQH/BAIwADAa\n" -"BgNVHREEEzARgg93d3cuZXhhbXBsZS5jb20wEwYDVR0lBAwwCgYIKwYBBQUHAwEw\n" -"DwYDVR0PAQH/BAUDAwegADAdBgNVHQ4EFgQUz+XUeM8bwvK3BD7NVRRYSeZSlA0w\n" -"HwYDVR0jBBgwFoAU/n2NeCCnwHQwFpKwi42A3H+w9W8wDQYJKoZIhvcNAQELBQAD\n" -"ggEBAPJZO19PhmxQ1ZRDLQWZWxuQgD2Wwy8sS+wnlUo/TZM7+pT5ICjLdEKgETPd\n" -"HOqgAMQFaUpp5vx1jUBmmKdPOmwEnV/2zbw3GrYwAQjxunXD66iHjYbodl9zBumM\n" -"NXDGsHnKYNu9sPdQSMLC7OEOrKvEhH2afOvYDORQbSGXh7+3js7Mzggy0NoYtxnK\n" -"4wqt6g73SFkV82mTQpUBK218ROjuWVBUmWxq2JU+qvsAKbhz+Tjr9+kmFcNBRgmA\n" -"Zga26uoQhd6YP9DKbCvf3sK4bi6A5NROeLf9BzJHWkGani4F9wOjRmLVnLlB3BPi\n" -"tHZaLDU9fUnf6I6p3nu6LPTH3JU=\n" -"-----END CERTIFICATE-----\n", -/* Name Constraints (critical): + /* DNSname: www.example.com */ + "-----BEGIN CERTIFICATE-----\n" + "MIIDQDCCAiigAwIBAgIMU/x5DBI1pGSO2eYZMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTMwIhgPMjAxNDA4MjYxMjA5NDhaGA85OTk5MTIzMTIzNTk1OVow\n" + "EzERMA8GA1UEChMIc2VydmVyLTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQDL/hbj+RVDQ5sA4VR2FZ+P+/jju7jkUFUovwhCrWpGXFs0WDokcOkcXc3f\n" + "0yturFWazVEKaaZECiDpGf6iXmNoJA6fPT+G0gPlIL6wh4wKQG+vwVYsX5ZkXOMR\n" + "sl7BqCpeCChkth54mClEwOYW3WohdXqiJfxoFVdgnisbqkxYtz9aXzYE71cZIFAx\n" + "nL7V/gY+G/m0iZCdfh7YEDlT+qtLkGyHsyyTxwUH4yyqcsFl4WWG6wAdKF5U69yw\n" + "uo61J5wpE+yDyS0u4Cjw67d29OIHsT7GAq+fP69vMoEHPvPUM/aA68AycybV2OYt\n" + "8OJAyZqf/6zvnlrbLuk08kWf1TD3AgMBAAGjgZMwgZAwDAYDVR0TAQH/BAIwADAa\n" + "BgNVHREEEzARgg93d3cuZXhhbXBsZS5jb20wEwYDVR0lBAwwCgYIKwYBBQUHAwEw\n" + "DwYDVR0PAQH/BAUDAwegADAdBgNVHQ4EFgQUz+XUeM8bwvK3BD7NVRRYSeZSlA0w\n" + "HwYDVR0jBBgwFoAU/n2NeCCnwHQwFpKwi42A3H+w9W8wDQYJKoZIhvcNAQELBQAD\n" + "ggEBAPJZO19PhmxQ1ZRDLQWZWxuQgD2Wwy8sS+wnlUo/TZM7+pT5ICjLdEKgETPd\n" + "HOqgAMQFaUpp5vx1jUBmmKdPOmwEnV/2zbw3GrYwAQjxunXD66iHjYbodl9zBumM\n" + "NXDGsHnKYNu9sPdQSMLC7OEOrKvEhH2afOvYDORQbSGXh7+3js7Mzggy0NoYtxnK\n" + "4wqt6g73SFkV82mTQpUBK218ROjuWVBUmWxq2JU+qvsAKbhz+Tjr9+kmFcNBRgmA\n" + "Zga26uoQhd6YP9DKbCvf3sK4bi6A5NROeLf9BzJHWkGani4F9wOjRmLVnLlB3BPi\n" + "tHZaLDU9fUnf6I6p3nu6LPTH3JU=\n" + "-----END CERTIFICATE-----\n", + /* Name Constraints (critical): Permitted: DNSname: example.com */ -"-----BEGIN CERTIFICATE-----\n" -"MIIDIjCCAgqgAwIBAgIBAzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0y\n" -"MCIYDzIwMTQwODI2MTIwOTQ4WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" -"BENBLTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD6kCE6KmDCkagX\n" -"fvq0rx73h7zn23phJYBmugfp5fPQYIJ1463dGmlFK4Lfkz2V4StgM2mbFFEkcyVC\n" -"pz+PyeSDgyWJJ/RwG690lLfu5JfNLvwxj/rFNK6rS7EpADew6RgURCpEMt6z1uEk\n" -"+IQsxKoXQmAcdtc/ubPFWInotg7Avoid0sG69s/+hq/nlGE9A8JMFnsLh/n01d+F\n" -"9dWsjrNiZ+mfTE8w0MVTq4+8mvmPmnjKsiu0rgqaVTmYpZW5chz9gGrZCr/Wr5CL\n" -"zPsAYaWie+wo8cR5qMEoX+JPHqM8eP9K1v+uYc03aD3u1/QYdxY73OLn31+jYAqq\n" -"tRJjgSERAgMBAAGjgYQwgYEwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHR4BAf8EEzAR\n" -"oA8wDYILZXhhbXBsZS5jb20wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQU/n2N\n" -"eCCnwHQwFpKwi42A3H+w9W8wHwYDVR0jBBgwFoAUJ2ngSf1CqeYVG3eUNcH7Lt6/\n" -"ECUwDQYJKoZIhvcNAQELBQADggEBAIQruSBUyQ268Js61XT3nlr1Y9HxmKA2DIuM\n" -"WcAicE1XIpuxDpZ/VmKH0/o2JVR1A7uwSMEnHdShHixMbpYrHRDnZITxs2lsJijE\n" -"r7YdqadH7EbjDIXv1DJcPnNaeqFPbyXEWqLYoQf6UPBLVRWeKISPN0hMaIZv4Y/X\n" -"OcBceajAr0XGxASRFDky26M01AVPZoYjgT7vLp835yk9BY5+q0GxlSJl6HbQ5ESA\n" -"IoC3Limt72niobmvEryQDq7qUUoR7hB1SMKfyX/qktxT3UCBLKXHsp80ECJ2A7Sd\n" -"YrHjFE6LnWHwGJFYZ1eYKiOjglVRGv3+bNX07bQBWKzRbLWYM+0=\n" -"-----END CERTIFICATE-----\n", -/* Name Constraints (critical): + "-----BEGIN CERTIFICATE-----\n" + "MIIDIjCCAgqgAwIBAgIBAzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0y\n" + "MCIYDzIwMTQwODI2MTIwOTQ4WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD6kCE6KmDCkagX\n" + "fvq0rx73h7zn23phJYBmugfp5fPQYIJ1463dGmlFK4Lfkz2V4StgM2mbFFEkcyVC\n" + "pz+PyeSDgyWJJ/RwG690lLfu5JfNLvwxj/rFNK6rS7EpADew6RgURCpEMt6z1uEk\n" + "+IQsxKoXQmAcdtc/ubPFWInotg7Avoid0sG69s/+hq/nlGE9A8JMFnsLh/n01d+F\n" + "9dWsjrNiZ+mfTE8w0MVTq4+8mvmPmnjKsiu0rgqaVTmYpZW5chz9gGrZCr/Wr5CL\n" + "zPsAYaWie+wo8cR5qMEoX+JPHqM8eP9K1v+uYc03aD3u1/QYdxY73OLn31+jYAqq\n" + "tRJjgSERAgMBAAGjgYQwgYEwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHR4BAf8EEzAR\n" + "oA8wDYILZXhhbXBsZS5jb20wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQU/n2N\n" + "eCCnwHQwFpKwi42A3H+w9W8wHwYDVR0jBBgwFoAUJ2ngSf1CqeYVG3eUNcH7Lt6/\n" + "ECUwDQYJKoZIhvcNAQELBQADggEBAIQruSBUyQ268Js61XT3nlr1Y9HxmKA2DIuM\n" + "WcAicE1XIpuxDpZ/VmKH0/o2JVR1A7uwSMEnHdShHixMbpYrHRDnZITxs2lsJijE\n" + "r7YdqadH7EbjDIXv1DJcPnNaeqFPbyXEWqLYoQf6UPBLVRWeKISPN0hMaIZv4Y/X\n" + "OcBceajAr0XGxASRFDky26M01AVPZoYjgT7vLp835yk9BY5+q0GxlSJl6HbQ5ESA\n" + "IoC3Limt72niobmvEryQDq7qUUoR7hB1SMKfyX/qktxT3UCBLKXHsp80ECJ2A7Sd\n" + "YrHjFE6LnWHwGJFYZ1eYKiOjglVRGv3+bNX07bQBWKzRbLWYM+0=\n" + "-----END CERTIFICATE-----\n", + /* Name Constraints (critical): Excluded: DNSname: example.com */ -"-----BEGIN CERTIFICATE-----\n" -"MIIDIjCCAgqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" -"MCIYDzIwMTQwODI2MTIwOTQ4WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" -"BENBLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUbGpRRMdnTzbG\n" -"R7J9qYJoHOhgRp3lEa9sBP7/pNNIsEhXmvzBu5J0buJpAfRPmWcoZauKsVrKnE69\n" -"CFlTDVCIahQ5gtJkGdjrDrQDFFCMnKC04Lhq+EmbASBTn5GRQwJqEUi9xRpj0yOL\n" -"0XGlMp4JS44eAL4giywzPtOAZaJlr4kdOnSPK2SHFVwQGfQiNmzD5ajmsjM3k4o3\n" -"R2gXAsudyasQzRAjFyeo2ry7klPUPS5RHJ6B2n87e9kLGrYb8+O9I9FNc/w4J49W\n" -"AovVr5vcs9Km25jLUn43KDprDhpXddEraz6WyZJRMTZVRRUizET3gmojZFFD4zOQ\n" -"mneVYerpAgMBAAGjgYQwgYEwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHR4BAf8EEzAR\n" -"oQ8wDYILZXhhbXBsZS5jb20wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUJ2ng\n" -"Sf1CqeYVG3eUNcH7Lt6/ECUwHwYDVR0jBBgwFoAUyFGHFFLCWYOQTLmh8jJpGyxS\n" -"bSUwDQYJKoZIhvcNAQELBQADggEBALGFCZXC1KPBBPMtLJNfhNBtBBC4i5q+1Qeo\n" -"aJL7dKVuBn79WAuND8rvJvrPKpGTmyxkcnqRXSBVH3c+Xi+v5ykLrtHJ2x4TOrmg\n" -"RBAaBqDuecQ9Ec0dCc5ODKwjdI/wEOGAS4sfrMXzQCv+UJqi2lE0fo/xDmS/azCc\n" -"WUjFSQOuWnCJIIAIyWlF2bPtdtiaydHKkTcG7c/zwrxRaWE2Q2G+dm+itpJ7sCtx\n" -"ZFfGMLUl7mDadhiYrxq1SnwrObMwbngPNZyUBi2G7jnXlyFc9X/w6fVIULLxN+bn\n" -"IzHWcRrBZ/ShdvCStmgbTlKNtvg0LWAk7QWzy2ibaXS5jp2r+Fc=\n" -"-----END CERTIFICATE-----\n", -/* Name Constraints (critical): + "-----BEGIN CERTIFICATE-----\n" + "MIIDIjCCAgqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" + "MCIYDzIwMTQwODI2MTIwOTQ4WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUbGpRRMdnTzbG\n" + "R7J9qYJoHOhgRp3lEa9sBP7/pNNIsEhXmvzBu5J0buJpAfRPmWcoZauKsVrKnE69\n" + "CFlTDVCIahQ5gtJkGdjrDrQDFFCMnKC04Lhq+EmbASBTn5GRQwJqEUi9xRpj0yOL\n" + "0XGlMp4JS44eAL4giywzPtOAZaJlr4kdOnSPK2SHFVwQGfQiNmzD5ajmsjM3k4o3\n" + "R2gXAsudyasQzRAjFyeo2ry7klPUPS5RHJ6B2n87e9kLGrYb8+O9I9FNc/w4J49W\n" + "AovVr5vcs9Km25jLUn43KDprDhpXddEraz6WyZJRMTZVRRUizET3gmojZFFD4zOQ\n" + "mneVYerpAgMBAAGjgYQwgYEwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHR4BAf8EEzAR\n" + "oQ8wDYILZXhhbXBsZS5jb20wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUJ2ng\n" + "Sf1CqeYVG3eUNcH7Lt6/ECUwHwYDVR0jBBgwFoAUyFGHFFLCWYOQTLmh8jJpGyxS\n" + "bSUwDQYJKoZIhvcNAQELBQADggEBALGFCZXC1KPBBPMtLJNfhNBtBBC4i5q+1Qeo\n" + "aJL7dKVuBn79WAuND8rvJvrPKpGTmyxkcnqRXSBVH3c+Xi+v5ykLrtHJ2x4TOrmg\n" + "RBAaBqDuecQ9Ec0dCc5ODKwjdI/wEOGAS4sfrMXzQCv+UJqi2lE0fo/xDmS/azCc\n" + "WUjFSQOuWnCJIIAIyWlF2bPtdtiaydHKkTcG7c/zwrxRaWE2Q2G+dm+itpJ7sCtx\n" + "ZFfGMLUl7mDadhiYrxq1SnwrObMwbngPNZyUBi2G7jnXlyFc9X/w6fVIULLxN+bn\n" + "IzHWcRrBZ/ShdvCStmgbTlKNtvg0LWAk7QWzy2ibaXS5jp2r+Fc=\n" + "-----END CERTIFICATE-----\n", + /* Name Constraints (critical): Excluded: DNSname: example.net Excluded: DNSname: example.org */ -"-----BEGIN CERTIFICATE-----\n" -"MIIDMTCCAhmgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" -"MCIYDzIwMTQwODI2MTIwOTQ3WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" -"BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsnSNH0g4bvAXx\n" -"zJAfs+XFWpNIpJtD/1H3Ei0ezfH5Ug7GNpHKlYKLCIShqCFj9WSwzSyKNGCHafdt\n" -"PPhKo9uAo2bSaBZjmzxfqSOGDEXZ+4LlRgSPX2Arc0i97ZsPf0nkWLfrxlTOAQIm\n" -"DxDNrWlGrCl1dfPiB+EyMzo+++MCdTGEsdEdRFm85QNjOOTiaTeUpUh5G27+hbuk\n" -"PaRlZ1GHJYlrLHK/2qw9/Mw+gNnfn/Efw+lNeYuQ3tco8IAMN0jB8x1hDfOxTx93\n" -"mrFzAdGTfsYZc31YapATk2re8IJGeKSCY4XP2HvYZEE1fYdw8ZcqZ/Gv1RdXyxvc\n" -"6oT5r/PNAgMBAAGjgZMwgZAwDwYDVR0TAQH/BAUwAwEB/zAsBgNVHR4BAf8EIjAg\n" -"oR4wDYILZXhhbXBsZS5uZXQwDYILZXhhbXBsZS5vcmcwDwYDVR0PAQH/BAUDAwcE\n" -"ADAdBgNVHQ4EFgQUyFGHFFLCWYOQTLmh8jJpGyxSbSUwHwYDVR0jBBgwFoAUTBVq\n" -"WCSLkLZte75Q9bgKeM851qowDQYJKoZIhvcNAQELBQADggEBAGKVEQfAzrWj8wmQ\n" -"l4sm+i/pgK0I07jNMvgUDsvAmjlkndWxoX1ROe0Nd2I3d5te0+G9MR6CTOByr8VE\n" -"NLyXEsrk++BsfLk/0UNFHwq97QLTzzyEXQYQnDza8R1jdlr7XpGZOoWczi08yMAk\n" -"UiJyq2xaqerTlIYp01T9a3Nb5tWFyUVekJeyJQakj2VLaKkl4hCfK3h/HFBNJ3yf\n" -"AvBu77wQeh6n8osNDCpW9e1KRAGisDCFrTMUlyxQIK/OXhjLzu7qDKShdNnfNRmc\n" -"H4W9ODLIm8AX1S0udg9OebPhNWfM2bDFzI/dIX+yHp6q0oepbT11rKG8G+5M25uU\n" -"AUhTFC4=\n" -"-----END CERTIFICATE-----\n", -"-----BEGIN CERTIFICATE-----\n" -"MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" -"MCIYDzIwMTQwODI2MTIwOTQ3WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" -"BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZSS6SaBALkN4W\n" -"Tao6pqaDmi1edtBskNHdO/lYomElQtIkw6wQHlJjIdjF3vnhEWU9+HOIZrWKth4X\n" -"u+naDZquOb4GWPq/X6/KBoQ4hq/XZJaFEDPeciNcVeylWVlHi1OeGm8uHZxAK/6d\n" -"wpGoe/0K+QaLFdbm/srw1LGvCwbLwNDKePX9TgOfVKdZtGZUdDDo6TXUmhNG+QeP\n" -"7Fv1n2PjQFkXiRwVLgJj06DvR+ft81x2gjEVS+vxWg0+cbJvBI2ItpNGnIWvbwl7\n" -"BTyNRjvsi7ljFn+SfaRBLXE4aygQFQ9UCHNNYtkBO73BXv/SgcFXzSDDN5ZMfpg9\n" -"SSWkEApFAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" -"ADAdBgNVHQ4EFgQUTBVqWCSLkLZte75Q9bgKeM851qowDQYJKoZIhvcNAQELBQAD\n" -"ggEBAH3bezfaVpnyqZRJsZ8sHAIpJWa03mHl/mqRpT0qg45Agzwo7yb5dubiHUBJ\n" -"BK/kAMhICjHAH+6E5XubGVSFvbzBX1FeKQQgzghN4niosOCLZPUtl8gJGZlsOoCy\n" -"6HldkxXa26GBZR0NvJb/p83VA7w5Zlp5j7Rp2VkWwRniaPex39dogDX3IwnoZKzL\n" -"ogyeNQPG2qLDBdZRAVng0eJK1Ml5PHxoEkcFwFsxd4B1cJV0VCMk7X7oEc9qBtUB\n" -"Ye/bst72puWDK1lBhT6EFhDDbY9xKm7pvUkGx80gWm9JZ0xGCaoM4tyEAaCd9tYZ\n" -"JFvnIEGJGeGjlRLJZGS4mZ/Q5mI=\n" -"-----END CERTIFICATE-----\n", -NULL + "-----BEGIN CERTIFICATE-----\n" + "MIIDMTCCAhmgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwODI2MTIwOTQ3WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsnSNH0g4bvAXx\n" + "zJAfs+XFWpNIpJtD/1H3Ei0ezfH5Ug7GNpHKlYKLCIShqCFj9WSwzSyKNGCHafdt\n" + "PPhKo9uAo2bSaBZjmzxfqSOGDEXZ+4LlRgSPX2Arc0i97ZsPf0nkWLfrxlTOAQIm\n" + "DxDNrWlGrCl1dfPiB+EyMzo+++MCdTGEsdEdRFm85QNjOOTiaTeUpUh5G27+hbuk\n" + "PaRlZ1GHJYlrLHK/2qw9/Mw+gNnfn/Efw+lNeYuQ3tco8IAMN0jB8x1hDfOxTx93\n" + "mrFzAdGTfsYZc31YapATk2re8IJGeKSCY4XP2HvYZEE1fYdw8ZcqZ/Gv1RdXyxvc\n" + "6oT5r/PNAgMBAAGjgZMwgZAwDwYDVR0TAQH/BAUwAwEB/zAsBgNVHR4BAf8EIjAg\n" + "oR4wDYILZXhhbXBsZS5uZXQwDYILZXhhbXBsZS5vcmcwDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQUyFGHFFLCWYOQTLmh8jJpGyxSbSUwHwYDVR0jBBgwFoAUTBVq\n" + "WCSLkLZte75Q9bgKeM851qowDQYJKoZIhvcNAQELBQADggEBAGKVEQfAzrWj8wmQ\n" + "l4sm+i/pgK0I07jNMvgUDsvAmjlkndWxoX1ROe0Nd2I3d5te0+G9MR6CTOByr8VE\n" + "NLyXEsrk++BsfLk/0UNFHwq97QLTzzyEXQYQnDza8R1jdlr7XpGZOoWczi08yMAk\n" + "UiJyq2xaqerTlIYp01T9a3Nb5tWFyUVekJeyJQakj2VLaKkl4hCfK3h/HFBNJ3yf\n" + "AvBu77wQeh6n8osNDCpW9e1KRAGisDCFrTMUlyxQIK/OXhjLzu7qDKShdNnfNRmc\n" + "H4W9ODLIm8AX1S0udg9OebPhNWfM2bDFzI/dIX+yHp6q0oepbT11rKG8G+5M25uU\n" + "AUhTFC4=\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwODI2MTIwOTQ3WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZSS6SaBALkN4W\n" + "Tao6pqaDmi1edtBskNHdO/lYomElQtIkw6wQHlJjIdjF3vnhEWU9+HOIZrWKth4X\n" + "u+naDZquOb4GWPq/X6/KBoQ4hq/XZJaFEDPeciNcVeylWVlHi1OeGm8uHZxAK/6d\n" + "wpGoe/0K+QaLFdbm/srw1LGvCwbLwNDKePX9TgOfVKdZtGZUdDDo6TXUmhNG+QeP\n" + "7Fv1n2PjQFkXiRwVLgJj06DvR+ft81x2gjEVS+vxWg0+cbJvBI2ItpNGnIWvbwl7\n" + "BTyNRjvsi7ljFn+SfaRBLXE4aygQFQ9UCHNNYtkBO73BXv/SgcFXzSDDN5ZMfpg9\n" + "SSWkEApFAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQUTBVqWCSLkLZte75Q9bgKeM851qowDQYJKoZIhvcNAQELBQAD\n" + "ggEBAH3bezfaVpnyqZRJsZ8sHAIpJWa03mHl/mqRpT0qg45Agzwo7yb5dubiHUBJ\n" + "BK/kAMhICjHAH+6E5XubGVSFvbzBX1FeKQQgzghN4niosOCLZPUtl8gJGZlsOoCy\n" + "6HldkxXa26GBZR0NvJb/p83VA7w5Zlp5j7Rp2VkWwRniaPex39dogDX3IwnoZKzL\n" + "ogyeNQPG2qLDBdZRAVng0eJK1Ml5PHxoEkcFwFsxd4B1cJV0VCMk7X7oEc9qBtUB\n" + "Ye/bst72puWDK1lBhT6EFhDDbY9xKm7pvUkGx80gWm9JZ0xGCaoM4tyEAaCd9tYZ\n" + "JFvnIEGJGeGjlRLJZGS4mZ/Q5mI=\n" + "-----END CERTIFICATE-----\n", + NULL }; /* Name constraints: DNSname in excluded range */ static const char *nc_bad3[] = { -/* CN=www.example.com */ -"-----BEGIN CERTIFICATE-----\n" -"MIIDPDCCAiSgAwIBAgIMU/xvqR+qZTQTaWIIMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" -"BgNVBAMTBENBLTEwIhgPMjAxNDA4MjYxMTI5NDVaGA85OTk5MTIzMTIzNTk1OVow\n" -"LTEYMBYGA1UEAxMPd3d3LmV4YW1wbGUuY29tMREwDwYDVQQKEwhzZXJ2ZXItMjCC\n" -"ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ46qo4PFrBfYlQXSgtbk/rO\n" -"0aO8/Gh/bIh4c/JX0RfqC55bnfbkO9SwwR+eU76INyVb1exmd7qsl4R2EgS8V3Gf\n" -"3K5k4tNecMfxT98MWiuSSp8Q8+affUF5t9TSLujL1dckMlPfH9hdxCYhJGH51mkf\n" -"wr3oEmwNXsA9OQ8oxq2i8WxQTJGUXkwx/k2L2NRF3L8vjRnXRfKSISkkDXeKYMvo\n" -"V5ElQwlKo0sonttUIGOVav8Cf4GnFQzSJW+RfANTniGIq16jE+flKz1kQYRLLoeA\n" -"fgH/1vI1v5xqMURNW/BQlawAE0HGj4MAyfebhsWmhqmcNqGBf1OfHMNdB1vamGkC\n" -"AwEAAaN2MHQwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNV\n" -"HQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBRiCra2BJERmr2/+Klot32criLTbTAfBgNV\n" -"HSMEGDAWgBToCEW507CZ42L/fn7H+DLcx+zW/DANBgkqhkiG9w0BAQsFAAOCAQEA\n" -"fsG45/VuJzw5DRbrE6o67T3EgFfPCzr+xc0JmTJSCHvWIx+2O1VspmJiArNTwQ5O\n" -"l8Hq2Sag9Wi0cyRC8lVKPbC7Im2fZ4m4endOhiEmaOHBCru5bIFRwDvtG3u+yEYI\n" -"rzRU+6PdwmLYwc+ks8qEqACw772nElJxOWXmYEMtFpYh8eujfzjmUGIJyTotrm72\n" -"WX8phKA/xogZaSLD21t8u77PE/JEcJ2LXAa9dq6pGYru1vyuRqq8ZeWiVAAqD6hZ\n" -"cglKk8dLi6esywQMGEGqhRx9y1A0mPZO+M599GOgWTbShUB3pUyaLLLLnD9Dciwq\n" -"4E4iP9rdfgStOfz12BsKOw==\n" -"-----END CERTIFICATE-----\n", -/* Name Constraints (critical): + /* CN=www.example.com */ + "-----BEGIN CERTIFICATE-----\n" + "MIIDPDCCAiSgAwIBAgIMU/xvqR+qZTQTaWIIMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTEwIhgPMjAxNDA4MjYxMTI5NDVaGA85OTk5MTIzMTIzNTk1OVow\n" + "LTEYMBYGA1UEAxMPd3d3LmV4YW1wbGUuY29tMREwDwYDVQQKEwhzZXJ2ZXItMjCC\n" + "ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ46qo4PFrBfYlQXSgtbk/rO\n" + "0aO8/Gh/bIh4c/JX0RfqC55bnfbkO9SwwR+eU76INyVb1exmd7qsl4R2EgS8V3Gf\n" + "3K5k4tNecMfxT98MWiuSSp8Q8+affUF5t9TSLujL1dckMlPfH9hdxCYhJGH51mkf\n" + "wr3oEmwNXsA9OQ8oxq2i8WxQTJGUXkwx/k2L2NRF3L8vjRnXRfKSISkkDXeKYMvo\n" + "V5ElQwlKo0sonttUIGOVav8Cf4GnFQzSJW+RfANTniGIq16jE+flKz1kQYRLLoeA\n" + "fgH/1vI1v5xqMURNW/BQlawAE0HGj4MAyfebhsWmhqmcNqGBf1OfHMNdB1vamGkC\n" + "AwEAAaN2MHQwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNV\n" + "HQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBRiCra2BJERmr2/+Klot32criLTbTAfBgNV\n" + "HSMEGDAWgBToCEW507CZ42L/fn7H+DLcx+zW/DANBgkqhkiG9w0BAQsFAAOCAQEA\n" + "fsG45/VuJzw5DRbrE6o67T3EgFfPCzr+xc0JmTJSCHvWIx+2O1VspmJiArNTwQ5O\n" + "l8Hq2Sag9Wi0cyRC8lVKPbC7Im2fZ4m4endOhiEmaOHBCru5bIFRwDvtG3u+yEYI\n" + "rzRU+6PdwmLYwc+ks8qEqACw772nElJxOWXmYEMtFpYh8eujfzjmUGIJyTotrm72\n" + "WX8phKA/xogZaSLD21t8u77PE/JEcJ2LXAa9dq6pGYru1vyuRqq8ZeWiVAAqD6hZ\n" + "cglKk8dLi6esywQMGEGqhRx9y1A0mPZO+M599GOgWTbShUB3pUyaLLLLnD9Dciwq\n" + "4E4iP9rdfgStOfz12BsKOw==\n" + "-----END CERTIFICATE-----\n", + /* Name Constraints (critical): Excluded: DNSname: example.com */ -"-----BEGIN CERTIFICATE-----\n" -"MIIDIjCCAgqgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" -"MCIYDzIwMTQwODI2MTEyOTQ1WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" -"BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW2Z64Ax+MNj1j\n" -"2QM9hjP4ybs+mz51vfDAlDVVdh2bzJOHyjTIlzI71QloH9aPuv5d92tTxe7/7afY\n" -"fWC61AF0WKj7x8h570IW0Zye4ITEnDLlqk5Bn46IP9fWDq5xYVEGMaYT4l409Fyw\n" -"JUZjfXqMefAXhj55wZoz+WMM0AB5LABlojLkV+iPMVJgfYWhcVijd92Yebp8R2/+\n" -"z1nF0vQtV01tatWTEiJajPRHZCwVe71rXEf02nYiqCw5RwLZrsug5LZ+K8LoBbeE\n" -"ezcJT5y8uf4mpTmTj2Po7Kby22yl1wkVV925a2Of7ufDL3d56SIM1foNXAAmlFar\n" -"M5Y9hIZLAgMBAAGjgYQwgYEwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHR4BAf8EEzAR\n" -"oQ8wDYILZXhhbXBsZS5jb20wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQU6AhF\n" -"udOwmeNi/35+x/gy3Mfs1vwwHwYDVR0jBBgwFoAUWU1t/YrnYJGhEfuoDj42A4ui\n" -"j0gwDQYJKoZIhvcNAQELBQADggEBAMj2jjHmYLWxGMkLOIQ/MGtvchZ+v6vmEl7m\n" -"GaoHkz0sxFeJqs7mwcybvwG4tlHB/PhaLTH4HfN6PLNbRA4oamr3gFsEtd/JRihw\n" -"X/5CvdJdu/d7uN36yrD5ZTJmt5v1sAXqzkVYXHUSQLOLTIVfwQfUv8IrxTWgbhNI\n" -"mIi55bjCyOWYzZsZ5kTDNFcBkoYiMks2fVuUdP8xrxoweedVswUdkwg1TyWLikG3\n" -"47VuQP3eA7+zEkFUeywG89DTOpDURAlvBzaVTjKn++3RgH/A4Wa+MX6HTHXjxBIU\n" -"1uGcMjhPjc99F81RaYdIlFsQiQ74b5RwdSvGo0e67ssgar0XKgw=\n" -"-----END CERTIFICATE-----\n", -"-----BEGIN CERTIFICATE-----\n" -"MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" -"MCIYDzIwMTQwODI2MTEyOTQ1WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" -"BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYTAYDM0lZ+RMg\n" -"M1M3q4n6H/VebQ1CG1ztkinGzj7eH+fNyi9Wq5EqB/0S7jVPEuD0o5jBrwI6XFoS\n" -"MQiWtqWHGh47qijX8y/oc75Sn/2b1gGF3zDWM9LygZZW2+QOIrvK5TcU+rAmXKsA\n" -"765z0nTIbL3vNr9n0yEM3E13tk3Qjqx+OLhJ/ZyLKW+w+BuhLp79LcVtjNnlVfvC\n" -"nVgLvo69YGdJxhPUjjVqKwTlvptyzELQSSQMenPmvhz2kRXjQ/6jog4tb1qkzfpP\n" -"eYB0MVgSLeWBgNF3VLTSH06RHvXEQcdP2e3AR67sJxd6UJ4vOo1widQs0yWTZpCB\n" -"ZJawOPqDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" -"ADAdBgNVHQ4EFgQUWU1t/YrnYJGhEfuoDj42A4uij0gwDQYJKoZIhvcNAQELBQAD\n" -"ggEBACUbydVQKZi5ulzn/lQK5x/DZySJflrevZ1plV7BVBhZhlvBO0VARGNn+NW5\n" -"G9RqY+itmyBbW/Fl43gWiHQynYneK9tYBub7WeJqr9iTX4zvI7V8fk/vbyfVRODX\n" -"cJ8JzeLYqi6Hm1PK7Q9dz0rgyulXeuCyDeQ4jzoGIm2l7atUoGZB0f9YCJyeV2ew\n" -"t8jMZr2sSVMgvT87S/EHMe5q5YAJQzDBAadH64icaxW3e03UeH6JYblohsZVQTIE\n" -"wl60jozIStml73oyocfytsErDdKArrSSHxHaygAqoVu+9O5U90vwK6VDuGF0YzZj\n" -"ZKOAu2HuFHpCMbYzUYi3FMOUU5k=\n" -"-----END CERTIFICATE-----\n", -NULL + "-----BEGIN CERTIFICATE-----\n" + "MIIDIjCCAgqgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwODI2MTEyOTQ1WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW2Z64Ax+MNj1j\n" + "2QM9hjP4ybs+mz51vfDAlDVVdh2bzJOHyjTIlzI71QloH9aPuv5d92tTxe7/7afY\n" + "fWC61AF0WKj7x8h570IW0Zye4ITEnDLlqk5Bn46IP9fWDq5xYVEGMaYT4l409Fyw\n" + "JUZjfXqMefAXhj55wZoz+WMM0AB5LABlojLkV+iPMVJgfYWhcVijd92Yebp8R2/+\n" + "z1nF0vQtV01tatWTEiJajPRHZCwVe71rXEf02nYiqCw5RwLZrsug5LZ+K8LoBbeE\n" + "ezcJT5y8uf4mpTmTj2Po7Kby22yl1wkVV925a2Of7ufDL3d56SIM1foNXAAmlFar\n" + "M5Y9hIZLAgMBAAGjgYQwgYEwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHR4BAf8EEzAR\n" + "oQ8wDYILZXhhbXBsZS5jb20wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQU6AhF\n" + "udOwmeNi/35+x/gy3Mfs1vwwHwYDVR0jBBgwFoAUWU1t/YrnYJGhEfuoDj42A4ui\n" + "j0gwDQYJKoZIhvcNAQELBQADggEBAMj2jjHmYLWxGMkLOIQ/MGtvchZ+v6vmEl7m\n" + "GaoHkz0sxFeJqs7mwcybvwG4tlHB/PhaLTH4HfN6PLNbRA4oamr3gFsEtd/JRihw\n" + "X/5CvdJdu/d7uN36yrD5ZTJmt5v1sAXqzkVYXHUSQLOLTIVfwQfUv8IrxTWgbhNI\n" + "mIi55bjCyOWYzZsZ5kTDNFcBkoYiMks2fVuUdP8xrxoweedVswUdkwg1TyWLikG3\n" + "47VuQP3eA7+zEkFUeywG89DTOpDURAlvBzaVTjKn++3RgH/A4Wa+MX6HTHXjxBIU\n" + "1uGcMjhPjc99F81RaYdIlFsQiQ74b5RwdSvGo0e67ssgar0XKgw=\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwODI2MTEyOTQ1WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYTAYDM0lZ+RMg\n" + "M1M3q4n6H/VebQ1CG1ztkinGzj7eH+fNyi9Wq5EqB/0S7jVPEuD0o5jBrwI6XFoS\n" + "MQiWtqWHGh47qijX8y/oc75Sn/2b1gGF3zDWM9LygZZW2+QOIrvK5TcU+rAmXKsA\n" + "765z0nTIbL3vNr9n0yEM3E13tk3Qjqx+OLhJ/ZyLKW+w+BuhLp79LcVtjNnlVfvC\n" + "nVgLvo69YGdJxhPUjjVqKwTlvptyzELQSSQMenPmvhz2kRXjQ/6jog4tb1qkzfpP\n" + "eYB0MVgSLeWBgNF3VLTSH06RHvXEQcdP2e3AR67sJxd6UJ4vOo1widQs0yWTZpCB\n" + "ZJawOPqDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQUWU1t/YrnYJGhEfuoDj42A4uij0gwDQYJKoZIhvcNAQELBQAD\n" + "ggEBACUbydVQKZi5ulzn/lQK5x/DZySJflrevZ1plV7BVBhZhlvBO0VARGNn+NW5\n" + "G9RqY+itmyBbW/Fl43gWiHQynYneK9tYBub7WeJqr9iTX4zvI7V8fk/vbyfVRODX\n" + "cJ8JzeLYqi6Hm1PK7Q9dz0rgyulXeuCyDeQ4jzoGIm2l7atUoGZB0f9YCJyeV2ew\n" + "t8jMZr2sSVMgvT87S/EHMe5q5YAJQzDBAadH64icaxW3e03UeH6JYblohsZVQTIE\n" + "wl60jozIStml73oyocfytsErDdKArrSSHxHaygAqoVu+9O5U90vwK6VDuGF0YzZj\n" + "ZKOAu2HuFHpCMbYzUYi3FMOUU5k=\n" + "-----END CERTIFICATE-----\n", + NULL }; /* Name constraints: Multiple-level constraints, different subdomains */ static const char *nc_bad4[] = { -/* DNSname: sub2.example.org */ -"-----BEGIN CERTIFICATE-----\n" -"MIIDMjCCAhqgAwIBAgIBBzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0y\n" -"MCAXDTA0MDIyOTA3MjE0MloYDzk5OTkxMjMxMjM1OTU5WjARMQ8wDQYDVQQDEwZz\n" -"ZXJ2ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtq4QWPb53ClQL\n" -"hpCyCf2oX/WnrX2FaPv8m4J29fpkSTn7uuasEjLzwKvltXPJp5fE9jJnX2JyrS5z\n" -"tBGcH7/OnxEOGtZN19gLQLRPqCjzGkez7moQEbpnO/M8xeUuil4CbuhcnTA93vjf\n" -"i2mxQMgjS/Ffblbbv5QR6R97Eu01w2gbar7S0nj3ctl2lYiBWFIcBVbunVgtlC8L\n" -"JgW6tv6jay/GZSUBTw8ijh0o0S1ZEVqoOBszDdLHFwO6m3XpMNocYKh2Eva9LcA+\n" -"NmVWywaAk84RiMttMjlc+Y3Q3UhEemgh0RTE5oEIFjV9Am4uBM8LcwvmIat2oYtM\n" -"rbhczTG9AgMBAAGjgZQwgZEwDAYDVR0TAQH/BAIwADAbBgNVHREEFDASghBzdWIy\n" -"LmV4YW1wbGUub3JnMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMH\n" -"oAAwHQYDVR0OBBYEFM2roPUnRWzJSXG+5jGoBJDX5ZshMB8GA1UdIwQYMBaAFM2r\n" -"oPUnRWzJSXG+5jGoBJDX5ZshMA0GCSqGSIb3DQEBCwUAA4IBAQARXEGjiewd62mb\n" -"kiJ5ezzxgsnfLBlhBdrt6bTEWS1Ehnnx1HMfnerFuSmjk8SGsVXgHsqmzY5cg3Sy\n" -"449+VqkMESOiQRmj4DmNNLu25ShLWlcfDPXBFZavPtNKUrBEWfthI7ZvHBeNe18O\n" -"kkgYJGKLmMm5+Bz2uDOTBTPUmZkX98sUZgdcFyN8OI2q22MLWed0a+ZNZFRUN/Iw\n" -"9gg6fzSmMBShAIxei04CZE2Wx32a9tr+mNqHa+Puch2s2EqlYJBlDGa2QgMWA8IP\n" -"09CHQRxeICqV+cX6zJP4znQFqySX5rWWeD4FKkdQr8T1IX1bCcGKCkj1ulEntOjK\n" -"8ZOkdWuv\n" -"-----END CERTIFICATE-----\n", -/* Name Constraints (critical): + /* DNSname: sub2.example.org */ + "-----BEGIN CERTIFICATE-----\n" + "MIIDMjCCAhqgAwIBAgIBBzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0y\n" + "MCAXDTA0MDIyOTA3MjE0MloYDzk5OTkxMjMxMjM1OTU5WjARMQ8wDQYDVQQDEwZz\n" + "ZXJ2ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtq4QWPb53ClQL\n" + "hpCyCf2oX/WnrX2FaPv8m4J29fpkSTn7uuasEjLzwKvltXPJp5fE9jJnX2JyrS5z\n" + "tBGcH7/OnxEOGtZN19gLQLRPqCjzGkez7moQEbpnO/M8xeUuil4CbuhcnTA93vjf\n" + "i2mxQMgjS/Ffblbbv5QR6R97Eu01w2gbar7S0nj3ctl2lYiBWFIcBVbunVgtlC8L\n" + "JgW6tv6jay/GZSUBTw8ijh0o0S1ZEVqoOBszDdLHFwO6m3XpMNocYKh2Eva9LcA+\n" + "NmVWywaAk84RiMttMjlc+Y3Q3UhEemgh0RTE5oEIFjV9Am4uBM8LcwvmIat2oYtM\n" + "rbhczTG9AgMBAAGjgZQwgZEwDAYDVR0TAQH/BAIwADAbBgNVHREEFDASghBzdWIy\n" + "LmV4YW1wbGUub3JnMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMH\n" + "oAAwHQYDVR0OBBYEFM2roPUnRWzJSXG+5jGoBJDX5ZshMB8GA1UdIwQYMBaAFM2r\n" + "oPUnRWzJSXG+5jGoBJDX5ZshMA0GCSqGSIb3DQEBCwUAA4IBAQARXEGjiewd62mb\n" + "kiJ5ezzxgsnfLBlhBdrt6bTEWS1Ehnnx1HMfnerFuSmjk8SGsVXgHsqmzY5cg3Sy\n" + "449+VqkMESOiQRmj4DmNNLu25ShLWlcfDPXBFZavPtNKUrBEWfthI7ZvHBeNe18O\n" + "kkgYJGKLmMm5+Bz2uDOTBTPUmZkX98sUZgdcFyN8OI2q22MLWed0a+ZNZFRUN/Iw\n" + "9gg6fzSmMBShAIxei04CZE2Wx32a9tr+mNqHa+Puch2s2EqlYJBlDGa2QgMWA8IP\n" + "09CHQRxeICqV+cX6zJP4znQFqySX5rWWeD4FKkdQr8T1IX1bCcGKCkj1ulEntOjK\n" + "8ZOkdWuv\n" + "-----END CERTIFICATE-----\n", + /* Name Constraints (critical): Permitted: DNSname: sub1.example.org */ -"-----BEGIN CERTIFICATE-----\n" -"MIIDQjCCAiqgAwIBAgIBBzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" -"MCAXDTA0MDIyOTA3MjE0MloYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" -"QS0yMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArauEFj2+dwpUC4aQ\n" -"sgn9qF/1p619hWj7/JuCdvX6ZEk5+7rmrBIy88Cr5bVzyaeXxPYyZ19icq0uc7QR\n" -"nB+/zp8RDhrWTdfYC0C0T6go8xpHs+5qEBG6ZzvzPMXlLopeAm7oXJ0wPd7434tp\n" -"sUDII0vxX25W27+UEekfexLtNcNoG2q+0tJ493LZdpWIgVhSHAVW7p1YLZQvCyYF\n" -"urb+o2svxmUlAU8PIo4dKNEtWRFaqDgbMw3SxxcDupt16TDaHGCodhL2vS3APjZl\n" -"VssGgJPOEYjLbTI5XPmN0N1IRHpoIdEUxOaBCBY1fQJuLgTPC3ML5iGrdqGLTK24\n" -"XM0xvQIDAQABo4GmMIGjMA8GA1UdEwEB/wQFMAMBAf8wGwYDVR0RBBQwEoIQc3Vi\n" -"MS5leGFtcGxlLm9yZzAiBgNVHR4BAf8EGDAWoBQwEoIQc3ViMS5leGFtcGxlLm9y\n" -"ZzAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBTNq6D1J0VsyUlxvuYxqASQ1+Wb\n" -"ITAfBgNVHSMEGDAWgBTNq6D1J0VsyUlxvuYxqASQ1+WbITANBgkqhkiG9w0BAQsF\n" -"AAOCAQEAR8wKnufviUhLtx0og+P/F52BcdQGgVoBdIpix57DeBQTn9PXuF70hPjg\n" -"a/ZeSR2b65JnyO49i9bBX8ctg/FR+LBHdxMRcIN+VxyKFBtyFc2cxW5a4BWaD9SG\n" -"hW6gzWviV3XwTfTKuY8h710cEP73Yyu1FOuejI34Jiz0sNXqhPc+08k9maFicjfk\n" -"Ftpft0y0YM1DJmUMDMQkpShb4kojLwsSYTxU8DTRHXvBHrAdH4Np50tm6FYIXUNS\n" -"iXlrg/c4VPwEsf5/sR+Ga60LPejZsrvhtvimUsGdNNVVWRtsgcT2jHXxyR1N1vJx\n" -"qPlLDNLLWp9nfCk/55QqSf34dcKomg==\n" -"-----END CERTIFICATE-----\n", -/* Name Constraints (critical): + "-----BEGIN CERTIFICATE-----\n" + "MIIDQjCCAiqgAwIBAgIBBzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" + "MCAXDTA0MDIyOTA3MjE0MloYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0yMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArauEFj2+dwpUC4aQ\n" + "sgn9qF/1p619hWj7/JuCdvX6ZEk5+7rmrBIy88Cr5bVzyaeXxPYyZ19icq0uc7QR\n" + "nB+/zp8RDhrWTdfYC0C0T6go8xpHs+5qEBG6ZzvzPMXlLopeAm7oXJ0wPd7434tp\n" + "sUDII0vxX25W27+UEekfexLtNcNoG2q+0tJ493LZdpWIgVhSHAVW7p1YLZQvCyYF\n" + "urb+o2svxmUlAU8PIo4dKNEtWRFaqDgbMw3SxxcDupt16TDaHGCodhL2vS3APjZl\n" + "VssGgJPOEYjLbTI5XPmN0N1IRHpoIdEUxOaBCBY1fQJuLgTPC3ML5iGrdqGLTK24\n" + "XM0xvQIDAQABo4GmMIGjMA8GA1UdEwEB/wQFMAMBAf8wGwYDVR0RBBQwEoIQc3Vi\n" + "MS5leGFtcGxlLm9yZzAiBgNVHR4BAf8EGDAWoBQwEoIQc3ViMS5leGFtcGxlLm9y\n" + "ZzAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBTNq6D1J0VsyUlxvuYxqASQ1+Wb\n" + "ITAfBgNVHSMEGDAWgBTNq6D1J0VsyUlxvuYxqASQ1+WbITANBgkqhkiG9w0BAQsF\n" + "AAOCAQEAR8wKnufviUhLtx0og+P/F52BcdQGgVoBdIpix57DeBQTn9PXuF70hPjg\n" + "a/ZeSR2b65JnyO49i9bBX8ctg/FR+LBHdxMRcIN+VxyKFBtyFc2cxW5a4BWaD9SG\n" + "hW6gzWviV3XwTfTKuY8h710cEP73Yyu1FOuejI34Jiz0sNXqhPc+08k9maFicjfk\n" + "Ftpft0y0YM1DJmUMDMQkpShb4kojLwsSYTxU8DTRHXvBHrAdH4Np50tm6FYIXUNS\n" + "iXlrg/c4VPwEsf5/sR+Ga60LPejZsrvhtvimUsGdNNVVWRtsgcT2jHXxyR1N1vJx\n" + "qPlLDNLLWp9nfCk/55QqSf34dcKomg==\n" + "-----END CERTIFICATE-----\n", + /* Name Constraints (critical): Permitted: DNSname: example.org */ -"-----BEGIN CERTIFICATE-----\n" -"MIIDIDCCAgigAwIBAgIBBzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" -"MCAXDTA0MDIyOTA3MjE0MloYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" -"QS0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArauEFj2+dwpUC4aQ\n" -"sgn9qF/1p619hWj7/JuCdvX6ZEk5+7rmrBIy88Cr5bVzyaeXxPYyZ19icq0uc7QR\n" -"nB+/zp8RDhrWTdfYC0C0T6go8xpHs+5qEBG6ZzvzPMXlLopeAm7oXJ0wPd7434tp\n" -"sUDII0vxX25W27+UEekfexLtNcNoG2q+0tJ493LZdpWIgVhSHAVW7p1YLZQvCyYF\n" -"urb+o2svxmUlAU8PIo4dKNEtWRFaqDgbMw3SxxcDupt16TDaHGCodhL2vS3APjZl\n" -"VssGgJPOEYjLbTI5XPmN0N1IRHpoIdEUxOaBCBY1fQJuLgTPC3ML5iGrdqGLTK24\n" -"XM0xvQIDAQABo4GEMIGBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0eAQH/BBMwEaAP\n" -"MA2CC2V4YW1wbGUub3JnMA8GA1UdDwEB/wQFAwMHBAAwHQYDVR0OBBYEFM2roPUn\n" -"RWzJSXG+5jGoBJDX5ZshMB8GA1UdIwQYMBaAFM2roPUnRWzJSXG+5jGoBJDX5Zsh\n" -"MA0GCSqGSIb3DQEBCwUAA4IBAQBr5K+BzFT2skeVkZ0fR8g6KcevlvAP7sOm8Ktm\n" -"nINBFi9ercrD4XAqkRTCYxDZ/6D9s10lf+CW4QLw2GOQer1D+znBzZZCqFfZ2+uL\n" -"ibQ+pth5IgsSxkxctowv7x3Y4C95TNAcWs9bWIHKgLqXhotk6mccEvxkyaPIL5yX\n" -"U2bs+tNpaqiwdCNjTJCo1+xdQwWZfk/oOMBn6Fihuc6eGP6L6Zj2J7TqO2hafrs4\n" -"lg1rYDU+cTtDy/eVt2UoYXLDnIm2EPcnTAaR6K3cLlh1HbeaUTDU2nE04riE8ntA\n" -"Mpu+t5TUUq+Zcx17zn54/W5oLC0wCGzzyLhh3/mLh6RLDYub\n" -"-----END CERTIFICATE-----\n", -"-----BEGIN CERTIFICATE-----\n" -"MIIC3jCCAcagAwIBAgIBBzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" -"MCAXDTA0MDIyOTA3MjE0MloYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" -"QS0wMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArauEFj2+dwpUC4aQ\n" -"sgn9qF/1p619hWj7/JuCdvX6ZEk5+7rmrBIy88Cr5bVzyaeXxPYyZ19icq0uc7QR\n" -"nB+/zp8RDhrWTdfYC0C0T6go8xpHs+5qEBG6ZzvzPMXlLopeAm7oXJ0wPd7434tp\n" -"sUDII0vxX25W27+UEekfexLtNcNoG2q+0tJ493LZdpWIgVhSHAVW7p1YLZQvCyYF\n" -"urb+o2svxmUlAU8PIo4dKNEtWRFaqDgbMw3SxxcDupt16TDaHGCodhL2vS3APjZl\n" -"VssGgJPOEYjLbTI5XPmN0N1IRHpoIdEUxOaBCBY1fQJuLgTPC3ML5iGrdqGLTK24\n" -"XM0xvQIDAQABo0MwQTAPBgNVHRMBAf8EBTADAQH/MA8GA1UdDwEB/wQFAwMHBAAw\n" -"HQYDVR0OBBYEFM2roPUnRWzJSXG+5jGoBJDX5ZshMA0GCSqGSIb3DQEBCwUAA4IB\n" -"AQBtm548YFAtyKUyUyfz/iDPwgFq3PtxN0gfA2ZgrHG0vXDq49eDv7sQueTjY21T\n" -"GGkgyEEOlcbPzDC7hMrfaYSEGwrwbTkrWnrqk0rorFjjkjlKkx/9EuDQ/gjyQGrn\n" -"EvnFWwmxq+vambeRGxPWFRR9r+ugbL/xciZfT6OyoU8SZY4EpFu3e4ydmskdkt7R\n" -"qRPOpaHBuKygw4Uq5mhNaZDMy3FjtP+wt84UOOZbjqFQ8K8AZdAaDp3TDBtzoHED\n" -"lgv+PQMzYNnSsPVdvBC2fkgIWzZlyjeGMMtkUp3E7FeyFU1302g3xINRBmUcoO0c\n" -"jo6K7k6FZy3n6DsJ0q/os2wA\n" -"-----END CERTIFICATE-----\n", -NULL + "-----BEGIN CERTIFICATE-----\n" + "MIIDIDCCAgigAwIBAgIBBzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCAXDTA0MDIyOTA3MjE0MloYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArauEFj2+dwpUC4aQ\n" + "sgn9qF/1p619hWj7/JuCdvX6ZEk5+7rmrBIy88Cr5bVzyaeXxPYyZ19icq0uc7QR\n" + "nB+/zp8RDhrWTdfYC0C0T6go8xpHs+5qEBG6ZzvzPMXlLopeAm7oXJ0wPd7434tp\n" + "sUDII0vxX25W27+UEekfexLtNcNoG2q+0tJ493LZdpWIgVhSHAVW7p1YLZQvCyYF\n" + "urb+o2svxmUlAU8PIo4dKNEtWRFaqDgbMw3SxxcDupt16TDaHGCodhL2vS3APjZl\n" + "VssGgJPOEYjLbTI5XPmN0N1IRHpoIdEUxOaBCBY1fQJuLgTPC3ML5iGrdqGLTK24\n" + "XM0xvQIDAQABo4GEMIGBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0eAQH/BBMwEaAP\n" + "MA2CC2V4YW1wbGUub3JnMA8GA1UdDwEB/wQFAwMHBAAwHQYDVR0OBBYEFM2roPUn\n" + "RWzJSXG+5jGoBJDX5ZshMB8GA1UdIwQYMBaAFM2roPUnRWzJSXG+5jGoBJDX5Zsh\n" + "MA0GCSqGSIb3DQEBCwUAA4IBAQBr5K+BzFT2skeVkZ0fR8g6KcevlvAP7sOm8Ktm\n" + "nINBFi9ercrD4XAqkRTCYxDZ/6D9s10lf+CW4QLw2GOQer1D+znBzZZCqFfZ2+uL\n" + "ibQ+pth5IgsSxkxctowv7x3Y4C95TNAcWs9bWIHKgLqXhotk6mccEvxkyaPIL5yX\n" + "U2bs+tNpaqiwdCNjTJCo1+xdQwWZfk/oOMBn6Fihuc6eGP6L6Zj2J7TqO2hafrs4\n" + "lg1rYDU+cTtDy/eVt2UoYXLDnIm2EPcnTAaR6K3cLlh1HbeaUTDU2nE04riE8ntA\n" + "Mpu+t5TUUq+Zcx17zn54/W5oLC0wCGzzyLhh3/mLh6RLDYub\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIIC3jCCAcagAwIBAgIBBzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCAXDTA0MDIyOTA3MjE0MloYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0wMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArauEFj2+dwpUC4aQ\n" + "sgn9qF/1p619hWj7/JuCdvX6ZEk5+7rmrBIy88Cr5bVzyaeXxPYyZ19icq0uc7QR\n" + "nB+/zp8RDhrWTdfYC0C0T6go8xpHs+5qEBG6ZzvzPMXlLopeAm7oXJ0wPd7434tp\n" + "sUDII0vxX25W27+UEekfexLtNcNoG2q+0tJ493LZdpWIgVhSHAVW7p1YLZQvCyYF\n" + "urb+o2svxmUlAU8PIo4dKNEtWRFaqDgbMw3SxxcDupt16TDaHGCodhL2vS3APjZl\n" + "VssGgJPOEYjLbTI5XPmN0N1IRHpoIdEUxOaBCBY1fQJuLgTPC3ML5iGrdqGLTK24\n" + "XM0xvQIDAQABo0MwQTAPBgNVHRMBAf8EBTADAQH/MA8GA1UdDwEB/wQFAwMHBAAw\n" + "HQYDVR0OBBYEFM2roPUnRWzJSXG+5jGoBJDX5ZshMA0GCSqGSIb3DQEBCwUAA4IB\n" + "AQBtm548YFAtyKUyUyfz/iDPwgFq3PtxN0gfA2ZgrHG0vXDq49eDv7sQueTjY21T\n" + "GGkgyEEOlcbPzDC7hMrfaYSEGwrwbTkrWnrqk0rorFjjkjlKkx/9EuDQ/gjyQGrn\n" + "EvnFWwmxq+vambeRGxPWFRR9r+ugbL/xciZfT6OyoU8SZY4EpFu3e4ydmskdkt7R\n" + "qRPOpaHBuKygw4Uq5mhNaZDMy3FjtP+wt84UOOZbjqFQ8K8AZdAaDp3TDBtzoHED\n" + "lgv+PQMzYNnSsPVdvBC2fkgIWzZlyjeGMMtkUp3E7FeyFU1302g3xINRBmUcoO0c\n" + "jo6K7k6FZy3n6DsJ0q/os2wA\n" + "-----END CERTIFICATE-----\n", + NULL }; /* Name constraints: IPAddress_v4 in excluded range */ static const char *nc_bad5[] = { - /* IPAddress: 203.0.113.10 */ - "-----BEGIN CERTIFICATE-----\n" - "MIIEHDCCAoSgAwIBAgIMV3OYdiegYYrQTBXhMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTEwIBcNMTYwNjI5MDk0NDIyWhgPOTk5OTEyMzEyMzU5NTlaMBMx\n" - "ETAPBgNVBAMTCHNlcnZlci0yMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC\n" - "AYEA3Gp+KHwqvpNlEVkKyW1etHhOCXJPde/OJ7INv5RAd2xH5pQJI/mY7ET8RAz3\n" - "oh4t9Ev65yljuhE1Q5qDGkjZrAhSpY8OwIQ7ZKtxH6zdKTsegAr60cfShgk2bDef\n" - "wxbz92UBccyqzTQqWdi0Xvt9nVOkNL6EJWJ9eOW7s5fQgeEBlHYIzZyZs8ndiYqw\n" - "Hpy6gg4XG777A0pgq96o8ybNBIHALV9aq1UGLWXGvEbi+yc6pQMYCg7OMcZq9aVO\n" - "KBlR6HIxEohhFIWctmQDwd6ey73YV5XrDTRB7Qpe66/pqygQZNqMSaa4KL4z9KcL\n" - "YNUtIFC39ivNBGT1gM5V3c69mkR38kYwRy0UU7C84/8t45+e6ZmSqe63RKKioaJU\n" - "LlTCgHXwI1oeYlt7Pnm0kaWgArDJxBk5n1YxEoqkVXJ+lFy/qIF67Dosv3bNh2PU\n" - "iPpLmbuFmdqq+E9DENeqji21CcPkvY1ekdib4JLolNJCVaRLnXPc5o0UEZrhCqfq\n" - "UYfBAgMBAAGjcjBwMAwGA1UdEwEB/wQCMAAwDwYDVR0RBAgwBocEywBxCjAPBgNV\n" - "HQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBRcj6YutTxQa7DfoqMSjPPQgv+p0TAfBgNV\n" - "HSMEGDAWgBSSabOPqlecJ2jDyxpE3oaYyIBWBDANBgkqhkiG9w0BAQsFAAOCAYEA\n" - "OyCT0ywwikYVSKEK2npyzAx7mkbkfrAHmkcCnVEgRonXKIWOL8lbRQp0m85ynVea\n" - "aTfAVc0SNc7DMPR4tw+1gCpgsqhGEuip2Ltol9bhUovzfIpveUdJgeCI/NHBPAHH\n" - "kwYgua8dcOwjb2SDCieXvWlE5DZUHWHNYxgTKQVB/WfAjmQbuF5olusFc2UtSk3z\n" - "cnpBDb0+jUHfqCo8On+Wk5cc76mCvrcl9DLRFvPWN6T5IhisGVA93M1lIMQ9J9jN\n" - "Q8SxZ7OeNaOXhBX2j27KzV7IXy0vqajdQDui1XV3Cos+EUFAt4Es8gUg5I8gNETl\n" - "DqGglGUz2fVnLAQLClnVkZ0ExF3kDao7JwU2nl2XbzPcwwGGqLf06s5sEWinAZ2x\n" - "k4L6YBjhauxndIkk0567/+GVeUaJxtruYA9rn/vJO6kEZXUy9eY0BF3GXQ4CKYG/\n" - "FmFqfCwQ71LshpMsKncFp66QESAwmq9qaUqXoWSYtRABJKb9gYH42Fx0EY7QFjhq\n" - "-----END CERTIFICATE-----\n", - /* Name Constraints (critical): + /* IPAddress: 203.0.113.10 */ + "-----BEGIN CERTIFICATE-----\n" + "MIIEHDCCAoSgAwIBAgIMV3OYdiegYYrQTBXhMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTEwIBcNMTYwNjI5MDk0NDIyWhgPOTk5OTEyMzEyMzU5NTlaMBMx\n" + "ETAPBgNVBAMTCHNlcnZlci0yMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC\n" + "AYEA3Gp+KHwqvpNlEVkKyW1etHhOCXJPde/OJ7INv5RAd2xH5pQJI/mY7ET8RAz3\n" + "oh4t9Ev65yljuhE1Q5qDGkjZrAhSpY8OwIQ7ZKtxH6zdKTsegAr60cfShgk2bDef\n" + "wxbz92UBccyqzTQqWdi0Xvt9nVOkNL6EJWJ9eOW7s5fQgeEBlHYIzZyZs8ndiYqw\n" + "Hpy6gg4XG777A0pgq96o8ybNBIHALV9aq1UGLWXGvEbi+yc6pQMYCg7OMcZq9aVO\n" + "KBlR6HIxEohhFIWctmQDwd6ey73YV5XrDTRB7Qpe66/pqygQZNqMSaa4KL4z9KcL\n" + "YNUtIFC39ivNBGT1gM5V3c69mkR38kYwRy0UU7C84/8t45+e6ZmSqe63RKKioaJU\n" + "LlTCgHXwI1oeYlt7Pnm0kaWgArDJxBk5n1YxEoqkVXJ+lFy/qIF67Dosv3bNh2PU\n" + "iPpLmbuFmdqq+E9DENeqji21CcPkvY1ekdib4JLolNJCVaRLnXPc5o0UEZrhCqfq\n" + "UYfBAgMBAAGjcjBwMAwGA1UdEwEB/wQCMAAwDwYDVR0RBAgwBocEywBxCjAPBgNV\n" + "HQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBRcj6YutTxQa7DfoqMSjPPQgv+p0TAfBgNV\n" + "HSMEGDAWgBSSabOPqlecJ2jDyxpE3oaYyIBWBDANBgkqhkiG9w0BAQsFAAOCAYEA\n" + "OyCT0ywwikYVSKEK2npyzAx7mkbkfrAHmkcCnVEgRonXKIWOL8lbRQp0m85ynVea\n" + "aTfAVc0SNc7DMPR4tw+1gCpgsqhGEuip2Ltol9bhUovzfIpveUdJgeCI/NHBPAHH\n" + "kwYgua8dcOwjb2SDCieXvWlE5DZUHWHNYxgTKQVB/WfAjmQbuF5olusFc2UtSk3z\n" + "cnpBDb0+jUHfqCo8On+Wk5cc76mCvrcl9DLRFvPWN6T5IhisGVA93M1lIMQ9J9jN\n" + "Q8SxZ7OeNaOXhBX2j27KzV7IXy0vqajdQDui1XV3Cos+EUFAt4Es8gUg5I8gNETl\n" + "DqGglGUz2fVnLAQLClnVkZ0ExF3kDao7JwU2nl2XbzPcwwGGqLf06s5sEWinAZ2x\n" + "k4L6YBjhauxndIkk0567/+GVeUaJxtruYA9rn/vJO6kEZXUy9eY0BF3GXQ4CKYG/\n" + "FmFqfCwQ71LshpMsKncFp66QESAwmq9qaUqXoWSYtRABJKb9gYH42Fx0EY7QFjhq\n" + "-----END CERTIFICATE-----\n", + /* Name Constraints (critical): Permitted: IPAddress: 203.0.113.0/24 Excluded: IPAddress: 203.0.113.0/26 */ - "-----BEGIN CERTIFICATE-----\n" - "MIIEKzCCApOgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCAXDTE2MDYyOTA5NDQyMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0xMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA33/Xbt7c8Y+UxoU3\n" - "4O0f+OTJF59lqe4UJK9owqXpiyt4d4hWwZV9EkPT9ZaysPaL05+AXdfXsfUz3ClE\n" - "RPvK1zjR7WBqhu7dQ8RGNomaP0gY7eVqa0/OcDe1Z4ogmf27WbAUVR4xDZP18Qqy\n" - "HB9BDStOJ24wbVfYgbJq3djb886yHDch5/mtdI4/C6aZqayaLjmoNs7UovuRlQV/\n" - "Tdid3rleUeoH9xFD3CeI+PZMIbhyQww66qMiCkrTtUN3EOtrsvWwuxUTH1dedEI3\n" - "tboI8UO+e2VJsDjbdzGIV0+HnvwoPQHYRlrog4RW9pNSTst+DeA4XY8+/FVnfhdT\n" - "vDdbcmit4BxdtZf9npP5iaIQTOHNntdAAPOFCoALiCMF0parEKNwNFHa98hXr+Nj\n" - "u4/oQM57fMcOC1z4y1pt6HK0zzFNhwHUrZUlAgcnXJ9bW510m6vu2LEFgJb7mM3L\n" - "ku+ddujNOoL0BxsaaUJCh2IP2xC0rXGi6tNwR1Bv5RBnenDxAgMBAAGjgY8wgYww\n" - "DwYDVR0TAQH/BAUwAwEB/zAoBgNVHR4BAf8EHjAcoAwwCocIywBxAP///wChDDAK\n" - "hwjLAHEA////wDAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBSSabOPqlecJ2jD\n" - "yxpE3oaYyIBWBDAfBgNVHSMEGDAWgBTAJHQ/p0WPW1fW+sKB5zbefu6HDTANBgkq\n" - "hkiG9w0BAQsFAAOCAYEAbPahfACWMab9ccrS+pBdz+4hiy+LmvOP4FRFDz/zOCsG\n" - "iZc61cYPWmRYWGsyWz2CksTg+Ktx/85PPvKTmEctK9NSehUgKESur3CPTp32k8YZ\n" - "4NMXYXtwNYLPe5F6uehdPst5h7lg3Rz2pPqKopQ8lfv2qYTjtNCJFZ9wCtijqWwJ\n" - "gZA9kFfPlHeY7kdnTY/Uhw1UVC0ty6daWXkKq4fhiiCXqcIO81GQHwOYySQSJef+\n" - "KQ3m7QHascLKSzAISbK9Ncy/C/fIcM7pQmODKPwY/K3V1CQky6jmoZQ5LUbpXEW3\n" - "qOjCElV2WMnkj5WuxDUeoVEKtnFGXI0UY5EY1z89GP7BatbNKLyodfp9qgjuXgr9\n" - "DacHAUWOH6sH/wg4d5pgySVJeos5l6DzwgkyECaAGFM2t08waO2Xk9SgpmfMCxCM\n" - "Gop4d5bIEMC8qScQmA4S1wfuoQQRRZiy2A4QckXoJ1OxLj1XVgossO21h8f9uNFJ\n" - "nfnYYSRbIp+X0mo7JjHO\n" - "-----END CERTIFICATE-----\n", - "-----BEGIN CERTIFICATE-----\n" - "MIID3jCCAkagAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCAXDTE2MDYyOTA5NDQyMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0wMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAs4uT4SEkVU0hdD6p\n" - "aAkXBPeVl2y37jNB88rwam6kbHKfTQ/JpTpiXULo/dCmw0fr8np/FfoMZTUk8DMm\n" - "zIsPjgx0yDx/PeUeA1Jw+KA60rApvxhtHhw2XLkF9hkU3YVwdcKfe1Cy3ZUT+3Xr\n" - "rfoLLyRTR8qhj2wS/ARTx989cGbOpMGgFQxOrFZhm8N2/ORYDYJQYNTeqjEmHsuu\n" - "wR0lvKj81hVe3mu6OsK4THbVpfeNW52zWW1FXwE3xbEXuckhzs2ZAc7t7SWzqD0u\n" - "8lVWb6vXI7LGv217EpIRwtqa9zUHXLt4UqV+kqiUxLUOjxfitJI8CPYGPhc7aocC\n" - "popaFqZJcLYvSJJY6Ya2ihZ4VyXQoXD+N8nQsFIm6dernNYQH2rB8plknAWbQqUG\n" - "bhjTKX/oF2LCk8ow0KumqQre1UgcPLNiLQRAhyVdXgCMQ1bd0mFrwXUT2m2X+0sn\n" - "DmW1by2bH2cevKtVaVMHq1Y6K7mcMb7pyQak7gFYAdu3D1u5AgMBAAGjQzBBMA8G\n" - "A1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUwCR0P6dF\n" - "j1tX1vrCgec23n7uhw0wDQYJKoZIhvcNAQELBQADggGBABfMsNqRJrgIsQdneT1B\n" - "s6fXdAlPkvbRvnScn+i/OOQxolgDQwge9A+0JxqTMtvxs+X5ahi79pPzqqzH1iYV\n" - "2eBY1JpmYbdOYBVoLUQG7GG6ZRJWcDtAjGhnxgoc+lxVePpSsiZWpXFzAYbV7jQa\n" - "2BXvzAk+uuBCUqKhrkmGZ+ZdQ8SlDjrQyblhKLy3vPi2LhfeNwTWAv2Qx8V2XRyB\n" - "BQSchuMBq19mSppzjN+e5ixiRoNx02fH8dfZ0bu4ONUZcoECwuCmKW6UchQTL8Yf\n" - "GJH9beqEAHevvE8Qn5aZcpX/BPBpx5jzOFXAD4Oqg+tY9T/vfgdElD2fQOI0gJQV\n" - "bzC83bbAkqrjeZXyn0srzegPRyVczuv26SYGjhBsLVk5pAt6Msfnu5g3MC3BjKgc\n" - "/gYV2bFtj3NMu8bAPYkKE9G/+0PT/a3/B5k3iw9FMxuZD/vjYIdSo/oloM+Ht9WG\n" - "EYaTPDOTm4sXdqMVlPIyhwxADNrPnlAke68rKN7H5ChozQ==\n" - "-----END CERTIFICATE-----\n", - NULL + "-----BEGIN CERTIFICATE-----\n" + "MIIEKzCCApOgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCAXDTE2MDYyOTA5NDQyMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0xMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA33/Xbt7c8Y+UxoU3\n" + "4O0f+OTJF59lqe4UJK9owqXpiyt4d4hWwZV9EkPT9ZaysPaL05+AXdfXsfUz3ClE\n" + "RPvK1zjR7WBqhu7dQ8RGNomaP0gY7eVqa0/OcDe1Z4ogmf27WbAUVR4xDZP18Qqy\n" + "HB9BDStOJ24wbVfYgbJq3djb886yHDch5/mtdI4/C6aZqayaLjmoNs7UovuRlQV/\n" + "Tdid3rleUeoH9xFD3CeI+PZMIbhyQww66qMiCkrTtUN3EOtrsvWwuxUTH1dedEI3\n" + "tboI8UO+e2VJsDjbdzGIV0+HnvwoPQHYRlrog4RW9pNSTst+DeA4XY8+/FVnfhdT\n" + "vDdbcmit4BxdtZf9npP5iaIQTOHNntdAAPOFCoALiCMF0parEKNwNFHa98hXr+Nj\n" + "u4/oQM57fMcOC1z4y1pt6HK0zzFNhwHUrZUlAgcnXJ9bW510m6vu2LEFgJb7mM3L\n" + "ku+ddujNOoL0BxsaaUJCh2IP2xC0rXGi6tNwR1Bv5RBnenDxAgMBAAGjgY8wgYww\n" + "DwYDVR0TAQH/BAUwAwEB/zAoBgNVHR4BAf8EHjAcoAwwCocIywBxAP///wChDDAK\n" + "hwjLAHEA////wDAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBSSabOPqlecJ2jD\n" + "yxpE3oaYyIBWBDAfBgNVHSMEGDAWgBTAJHQ/p0WPW1fW+sKB5zbefu6HDTANBgkq\n" + "hkiG9w0BAQsFAAOCAYEAbPahfACWMab9ccrS+pBdz+4hiy+LmvOP4FRFDz/zOCsG\n" + "iZc61cYPWmRYWGsyWz2CksTg+Ktx/85PPvKTmEctK9NSehUgKESur3CPTp32k8YZ\n" + "4NMXYXtwNYLPe5F6uehdPst5h7lg3Rz2pPqKopQ8lfv2qYTjtNCJFZ9wCtijqWwJ\n" + "gZA9kFfPlHeY7kdnTY/Uhw1UVC0ty6daWXkKq4fhiiCXqcIO81GQHwOYySQSJef+\n" + "KQ3m7QHascLKSzAISbK9Ncy/C/fIcM7pQmODKPwY/K3V1CQky6jmoZQ5LUbpXEW3\n" + "qOjCElV2WMnkj5WuxDUeoVEKtnFGXI0UY5EY1z89GP7BatbNKLyodfp9qgjuXgr9\n" + "DacHAUWOH6sH/wg4d5pgySVJeos5l6DzwgkyECaAGFM2t08waO2Xk9SgpmfMCxCM\n" + "Gop4d5bIEMC8qScQmA4S1wfuoQQRRZiy2A4QckXoJ1OxLj1XVgossO21h8f9uNFJ\n" + "nfnYYSRbIp+X0mo7JjHO\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIID3jCCAkagAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCAXDTE2MDYyOTA5NDQyMVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0wMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAs4uT4SEkVU0hdD6p\n" + "aAkXBPeVl2y37jNB88rwam6kbHKfTQ/JpTpiXULo/dCmw0fr8np/FfoMZTUk8DMm\n" + "zIsPjgx0yDx/PeUeA1Jw+KA60rApvxhtHhw2XLkF9hkU3YVwdcKfe1Cy3ZUT+3Xr\n" + "rfoLLyRTR8qhj2wS/ARTx989cGbOpMGgFQxOrFZhm8N2/ORYDYJQYNTeqjEmHsuu\n" + "wR0lvKj81hVe3mu6OsK4THbVpfeNW52zWW1FXwE3xbEXuckhzs2ZAc7t7SWzqD0u\n" + "8lVWb6vXI7LGv217EpIRwtqa9zUHXLt4UqV+kqiUxLUOjxfitJI8CPYGPhc7aocC\n" + "popaFqZJcLYvSJJY6Ya2ihZ4VyXQoXD+N8nQsFIm6dernNYQH2rB8plknAWbQqUG\n" + "bhjTKX/oF2LCk8ow0KumqQre1UgcPLNiLQRAhyVdXgCMQ1bd0mFrwXUT2m2X+0sn\n" + "DmW1by2bH2cevKtVaVMHq1Y6K7mcMb7pyQak7gFYAdu3D1u5AgMBAAGjQzBBMA8G\n" + "A1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUwCR0P6dF\n" + "j1tX1vrCgec23n7uhw0wDQYJKoZIhvcNAQELBQADggGBABfMsNqRJrgIsQdneT1B\n" + "s6fXdAlPkvbRvnScn+i/OOQxolgDQwge9A+0JxqTMtvxs+X5ahi79pPzqqzH1iYV\n" + "2eBY1JpmYbdOYBVoLUQG7GG6ZRJWcDtAjGhnxgoc+lxVePpSsiZWpXFzAYbV7jQa\n" + "2BXvzAk+uuBCUqKhrkmGZ+ZdQ8SlDjrQyblhKLy3vPi2LhfeNwTWAv2Qx8V2XRyB\n" + "BQSchuMBq19mSppzjN+e5ixiRoNx02fH8dfZ0bu4ONUZcoECwuCmKW6UchQTL8Yf\n" + "GJH9beqEAHevvE8Qn5aZcpX/BPBpx5jzOFXAD4Oqg+tY9T/vfgdElD2fQOI0gJQV\n" + "bzC83bbAkqrjeZXyn0srzegPRyVczuv26SYGjhBsLVk5pAt6Msfnu5g3MC3BjKgc\n" + "/gYV2bFtj3NMu8bAPYkKE9G/+0PT/a3/B5k3iw9FMxuZD/vjYIdSo/oloM+Ht9WG\n" + "EYaTPDOTm4sXdqMVlPIyhwxADNrPnlAke68rKN7H5ChozQ==\n" + "-----END CERTIFICATE-----\n", + NULL }; - /* Different name constraint types (testing symmetry of merging) */ static const char *nc_bad6[] = { - /* Subject alternative name (not critical): + /* Subject alternative name (not critical): DNSname: ddd.com */ - "-----BEGIN CERTIFICATE-----\n" - "MIIEHzCCAoegAwIBAgIMV5diNwZSNyHAsK8oMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTIwIBcNMTYwNzI2MTMxNDMxWhgPOTk5OTEyMzEyMzU5NTlaMBMx\n" - "ETAPBgNVBAMTCHNlcnZlci0zMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC\n" - "AYEAv27tPNVuhJu/74JaGtQH4s4ZWnIsvEiqVCUveI3YCZYNTeE0FC5fzyqcsx3Z\n" - "K9R8WVlF7SCadNY8E7aTjFiO7x3vcHvwW6eWY7kb0ZwUlzrvaqXp8BlpwpWUP0wq\n" - "da8TZ5S2qrYC/itHHr8Xwo3Ec3rwj8ZO/96JjDKUgbkQVGoXR85+oWdABTSZcpbL\n" - "T4UwCkBeYbkOD2jejMlaOHy+128mYeqW8Nh+bhF9EFVWFWr9XBSpfpCguD4JvsAf\n" - "1zFWmgZOIosLWoLg5O4Po2i4rZCQLGxSKanvHR7npfpqbUgGKHHIGVQNHeLWz4f6\n" - "D/VwRyxiZ1+VhR9kRvcQ3SD86QAInoEPQf1F1QnFqq76mfSobjKhQC5utg6DdMvH\n" - "GU+smT24nRtx0Q7nILWzDPr/DdvpVPpFOP58thPLB3PJnc/dobwadsi6IslvdZ+/\n" - "K/e2Ec4G9sOTMN++0+WM60wPula7t5GTr6SAmxZbrYXZlQH0jy75DBxThO1fMDn5\n" - "pMa3AgMBAAGjdTBzMAwGA1UdEwEB/wQCMAAwEgYDVR0RBAswCYIHZGRkLmNvbTAP\n" - "BgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBQyjEcacSHAUrf91hhII8DfODB1ozAf\n" - "BgNVHSMEGDAWgBR0larTRnVL1RZtrqpleTpk+hEkqzANBgkqhkiG9w0BAQsFAAOC\n" - "AYEADwaR444xUTrdl/WYBrPF69SXw7Plw7d4fh/65417wiEr4mjX3pfH6owVKGgq\n" - "dzBjtkq8+MKV5W11L/S4tpVtUJt3AVrOCQKUiQiHuB4LSKX99YBBlZ9GYSeRgp2n\n" - "iPqaAlREizXBJyPAH6tpuEyUp0rwP5qFjDj+Ks32jJUmoiJ/rnBMFBIdlWHpan0a\n" - "7lIQi1uKIzQBELHmb13Yk/K99ilYaT5V/hPFRI02Q6/nLCTyuL7jLBijB8o8nwzp\n" - "crXGwROBXKdn8NE+SrLPALM1/Hms/KANzLI6CjjZrO88YyNvWjCs8K8/sags8XiJ\n" - "bxEIM/sEMV0I28E3T7kDywdf8OUvADYQIJidsrwv+n+UcI3MTZjax/295afjgBYF\n" - "Zn1wEB/N2t22XlXvkbefYRaYvv1rCb7WaSvvzUaNsq2CL0uG353roiuti++MM1Cf\n" - "wraL3SaauiI5gIjF03wElMyuAnKctk5cig7YVrhWAUx6fP5IOQdczRhP5SeUQBNX\n" - "sEnr\n" - "-----END CERTIFICATE-----\n", - /* Name Constraints (critical): + "-----BEGIN CERTIFICATE-----\n" + "MIIEHzCCAoegAwIBAgIMV5diNwZSNyHAsK8oMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTIwIBcNMTYwNzI2MTMxNDMxWhgPOTk5OTEyMzEyMzU5NTlaMBMx\n" + "ETAPBgNVBAMTCHNlcnZlci0zMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC\n" + "AYEAv27tPNVuhJu/74JaGtQH4s4ZWnIsvEiqVCUveI3YCZYNTeE0FC5fzyqcsx3Z\n" + "K9R8WVlF7SCadNY8E7aTjFiO7x3vcHvwW6eWY7kb0ZwUlzrvaqXp8BlpwpWUP0wq\n" + "da8TZ5S2qrYC/itHHr8Xwo3Ec3rwj8ZO/96JjDKUgbkQVGoXR85+oWdABTSZcpbL\n" + "T4UwCkBeYbkOD2jejMlaOHy+128mYeqW8Nh+bhF9EFVWFWr9XBSpfpCguD4JvsAf\n" + "1zFWmgZOIosLWoLg5O4Po2i4rZCQLGxSKanvHR7npfpqbUgGKHHIGVQNHeLWz4f6\n" + "D/VwRyxiZ1+VhR9kRvcQ3SD86QAInoEPQf1F1QnFqq76mfSobjKhQC5utg6DdMvH\n" + "GU+smT24nRtx0Q7nILWzDPr/DdvpVPpFOP58thPLB3PJnc/dobwadsi6IslvdZ+/\n" + "K/e2Ec4G9sOTMN++0+WM60wPula7t5GTr6SAmxZbrYXZlQH0jy75DBxThO1fMDn5\n" + "pMa3AgMBAAGjdTBzMAwGA1UdEwEB/wQCMAAwEgYDVR0RBAswCYIHZGRkLmNvbTAP\n" + "BgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBQyjEcacSHAUrf91hhII8DfODB1ozAf\n" + "BgNVHSMEGDAWgBR0larTRnVL1RZtrqpleTpk+hEkqzANBgkqhkiG9w0BAQsFAAOC\n" + "AYEADwaR444xUTrdl/WYBrPF69SXw7Plw7d4fh/65417wiEr4mjX3pfH6owVKGgq\n" + "dzBjtkq8+MKV5W11L/S4tpVtUJt3AVrOCQKUiQiHuB4LSKX99YBBlZ9GYSeRgp2n\n" + "iPqaAlREizXBJyPAH6tpuEyUp0rwP5qFjDj+Ks32jJUmoiJ/rnBMFBIdlWHpan0a\n" + "7lIQi1uKIzQBELHmb13Yk/K99ilYaT5V/hPFRI02Q6/nLCTyuL7jLBijB8o8nwzp\n" + "crXGwROBXKdn8NE+SrLPALM1/Hms/KANzLI6CjjZrO88YyNvWjCs8K8/sags8XiJ\n" + "bxEIM/sEMV0I28E3T7kDywdf8OUvADYQIJidsrwv+n+UcI3MTZjax/295afjgBYF\n" + "Zn1wEB/N2t22XlXvkbefYRaYvv1rCb7WaSvvzUaNsq2CL0uG353roiuti++MM1Cf\n" + "wraL3SaauiI5gIjF03wElMyuAnKctk5cig7YVrhWAUx6fP5IOQdczRhP5SeUQBNX\n" + "sEnr\n" + "-----END CERTIFICATE-----\n", + /* Name Constraints (critical): Permitted: DNSname: ccc.com */ - "-----BEGIN CERTIFICATE-----\n" - "MIIEGjCCAoKgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" - "MCAXDTE2MDcyNjEzMTQzMFoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0yMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAo48gh92ygu5fGfzP\n" - "nVwd8wLN8+1+k2WKOWupimwHdNG34KGKABlnjEjTZWuzZD05xf4V879YO8fiEWCT\n" - "Nty70MmFyGXp9iCQpjIyTHhPVIIXfHKH1FbMvTiCicTtgFlcxFS5XnlhfN9H3Js1\n" - "o0IA7Zyoq28s/Jkv6+b2YEr9OyNc4tMu6vLmEEnaDYwa0uLr7Tut6bTt+46bP1//\n" - "d75xRsidnAM2tbYrhJ7MgTVTPYt9ewr8JcL0LDb4wH26fitddGAKQUE3VCQ/anyi\n" - "PeOjoKryRaAsMtzDTfBRAx9eKIkKSYdA9c/dQmPO33Gxp2XctllVwPav5PDRSCdO\n" - "F0dUJ0fqSNm95rpwCHw1B/MfSug1ye2AG3F8L+NX8SAqOgFgeZmukscrty3mwqOH\n" - "sQRnSuu1+x6jUypwGoNifWuAZjdUiNflC6JfXwuZ8lS8xdvEkFSyK52xkcrWdvFu\n" - "FNh8WsnpWkbBwaY1Y0nD1RY1thgMcbcJWtOiUTDOJKtNbQP5AgMBAAGjfzB9MA8G\n" - "A1UdEwEB/wQFMAMBAf8wGQYDVR0eAQH/BA8wDaALMAmCB2NjYy5jb20wDwYDVR0P\n" - "AQH/BAUDAwcEADAdBgNVHQ4EFgQUdJWq00Z1S9UWba6qZXk6ZPoRJKswHwYDVR0j\n" - "BBgwFoAUjuF/dTI8YtA8wD+BlmP2MTUZNTwwDQYJKoZIhvcNAQELBQADggGBAIe7\n" - "7o7DdYEj1mj5HU38fJ+8Dbugya98LODWSXXDpyxmFdn/A/poARj4DovFwXJ/0K+I\n" - "BQ3jDvoJu6sV3/V2WKL613euX7vIK1sahbzlVHtBWxUAvCyg05ZOFp59ZxahHLO7\n" - "6BF1QQK/PKtABTijCtcsoEGU7Smntn1mu5pMXoUHb8Sm+kkR7Wwm/z93lnHASG5B\n" - "uGPQaXnZ4cMFa7+4tBe8Dz4huSQObye+iHVnkizQmEighHVK+4qKExMOTwJB5ba0\n" - "6K8mKY7YAGDGUgjJzXVmGJPp7mb74AEJiyGobYB+Om9kPkWyAZW09EYl9GnCDl7u\n" - "kiI8IqfoA6yvxHerQTsjS55TXTPmOl9dvYpnF07QxK8UwtZvf55zniKHjsP7TBoe\n" - "9IJt7xxMeYbv6eDbxIpUp8HiljTTxKPKFZaFEOCFBjk4G/yUQNNiNUYdvsRdhvq2\n" - "v7o3zwatl2i87lXGD7C78o2jqZDHoZI49XKN6ZW6dw3tpnjrEJeom8MwJfjHww==\n" - "-----END CERTIFICATE-----\n", - /* Name Constraints (critical): + "-----BEGIN CERTIFICATE-----\n" + "MIIEGjCCAoKgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" + "MCAXDTE2MDcyNjEzMTQzMFoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0yMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAo48gh92ygu5fGfzP\n" + "nVwd8wLN8+1+k2WKOWupimwHdNG34KGKABlnjEjTZWuzZD05xf4V879YO8fiEWCT\n" + "Nty70MmFyGXp9iCQpjIyTHhPVIIXfHKH1FbMvTiCicTtgFlcxFS5XnlhfN9H3Js1\n" + "o0IA7Zyoq28s/Jkv6+b2YEr9OyNc4tMu6vLmEEnaDYwa0uLr7Tut6bTt+46bP1//\n" + "d75xRsidnAM2tbYrhJ7MgTVTPYt9ewr8JcL0LDb4wH26fitddGAKQUE3VCQ/anyi\n" + "PeOjoKryRaAsMtzDTfBRAx9eKIkKSYdA9c/dQmPO33Gxp2XctllVwPav5PDRSCdO\n" + "F0dUJ0fqSNm95rpwCHw1B/MfSug1ye2AG3F8L+NX8SAqOgFgeZmukscrty3mwqOH\n" + "sQRnSuu1+x6jUypwGoNifWuAZjdUiNflC6JfXwuZ8lS8xdvEkFSyK52xkcrWdvFu\n" + "FNh8WsnpWkbBwaY1Y0nD1RY1thgMcbcJWtOiUTDOJKtNbQP5AgMBAAGjfzB9MA8G\n" + "A1UdEwEB/wQFMAMBAf8wGQYDVR0eAQH/BA8wDaALMAmCB2NjYy5jb20wDwYDVR0P\n" + "AQH/BAUDAwcEADAdBgNVHQ4EFgQUdJWq00Z1S9UWba6qZXk6ZPoRJKswHwYDVR0j\n" + "BBgwFoAUjuF/dTI8YtA8wD+BlmP2MTUZNTwwDQYJKoZIhvcNAQELBQADggGBAIe7\n" + "7o7DdYEj1mj5HU38fJ+8Dbugya98LODWSXXDpyxmFdn/A/poARj4DovFwXJ/0K+I\n" + "BQ3jDvoJu6sV3/V2WKL613euX7vIK1sahbzlVHtBWxUAvCyg05ZOFp59ZxahHLO7\n" + "6BF1QQK/PKtABTijCtcsoEGU7Smntn1mu5pMXoUHb8Sm+kkR7Wwm/z93lnHASG5B\n" + "uGPQaXnZ4cMFa7+4tBe8Dz4huSQObye+iHVnkizQmEighHVK+4qKExMOTwJB5ba0\n" + "6K8mKY7YAGDGUgjJzXVmGJPp7mb74AEJiyGobYB+Om9kPkWyAZW09EYl9GnCDl7u\n" + "kiI8IqfoA6yvxHerQTsjS55TXTPmOl9dvYpnF07QxK8UwtZvf55zniKHjsP7TBoe\n" + "9IJt7xxMeYbv6eDbxIpUp8HiljTTxKPKFZaFEOCFBjk4G/yUQNNiNUYdvsRdhvq2\n" + "v7o3zwatl2i87lXGD7C78o2jqZDHoZI49XKN6ZW6dw3tpnjrEJeom8MwJfjHww==\n" + "-----END CERTIFICATE-----\n", + /* Name Constraints (critical): Permitted: RFC822Name: eee.com */ - "-----BEGIN CERTIFICATE-----\n" - "MIIEGjCCAoKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCAXDTE2MDcyNjEzMTQyOVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0xMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAwoXjtDX6uN+SF7qF\n" - "dEWvxYb9Q3gu0PT0N7a17FaystBIGmw5lT9PnMUJKHPxNwrn+QdD1ReEmf6K4D8q\n" - "vQzIzbCSBIV8bBZLA1/iH/hRaYvCvQLIaSnDEiDkkswkOyu/k7RDdB5H8q8Ey5x+\n" - "udlqQGDsjHVQCKeWfAHXl+NRQ7ONj69cVbI1qz4r1KhnVt9BsxSmXw5n2BBul3Ns\n" - "BY6yD8WD7js2sGxSMuv8hjFozc1t2u6APmkEJwiGx0fe+0Wu2HHNOUu+oyeiuPLq\n" - "6G/Nz1B15E15iY+Fi6g7Qa9k97UuLPiIzjqD4JtnSerBxhkossWa7KrOw7no5Ws+\n" - "d1lpZ92zGt8kTpi7KxQIV/zxvaXVBKv3br/FmKYxswFrbkXoYaFXrdsPs49B9OyX\n" - "WY1zMWhbU4uddPG964yxDz2oTehRjvvxF+1oSAaoLn4chlPpx8p3unj5Y/h8xr/+\n" - "Ciwblu3LE/1boa1zS/wM89UwysakVsaAxO3XjZyJPAJsTndTAgMBAAGjfzB9MA8G\n" - "A1UdEwEB/wQFMAMBAf8wGQYDVR0eAQH/BA8wDaALMAmBB2VlZS5jb20wDwYDVR0P\n" - "AQH/BAUDAwcEADAdBgNVHQ4EFgQUjuF/dTI8YtA8wD+BlmP2MTUZNTwwHwYDVR0j\n" - "BBgwFoAU12oooOGTdVttQK9BdMpkS9Ch5Y0wDQYJKoZIhvcNAQELBQADggGBAEN8\n" - "7Uou6LgI5RKyRL8UB4pLs53+mkUPoXCkCbv9mdFAqoi9OP89ALrF11tlME9PQZFj\n" - "90sxnK4S7ZTDBeS12AUlEEQLCTIrqTMVTyiiklS4bSck4TOGFCaQhrsh7ZliEqkm\n" - "oVsxYs0DYW66lVam/+K+5i6mO7Z4HGo5GDbU8nhMNHlighURfmzJ10xh6Z5s6uSA\n" - "K16OzIOiSqUXp+nT7/NmWSzVgegCqScXLHZ6VDHDzfjURHrqnNTGg4ByMJo1R9DF\n" - "Ne6khju2qP5j71Fwxz3RyZwwdhrPN3QSmMGyuFK3GS5WOYTeg35/Fa54UGVCKSM9\n" - "Dsdg2lHS4+Bxkcj6fSj++5RE2CILOP2vV08VdV5IVFNWSNXhNM4JPOaSjKzIXNuq\n" - "VdXTXxYBn90WA4/WNvUiUaVSioLvf/8Fv57/5JVwTsqM/I5TKZm/sbVePdX/3G/O\n" - "7AmDbp8t5zInW1EUev7ThIRWlr2Jr4NivzeHcjRwdQW0HT0kwJfJSTzH/4RzAg==\n" - "-----END CERTIFICATE-----\n", - "-----BEGIN CERTIFICATE-----\n" - "MIID3jCCAkagAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCAXDTE2MDcyNjEzMTQyOVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0wMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAzipouUl1Uqxd0TpN\n" - "JO8syBj5zG5Rasydf5ucdnu5P1gjRvoHulrlYy5/NUA+7N3QLN6fo4cjRZ890p18\n" - "7xqp/EdPUaFhv8bgyiaB8pXuQWTldqcuPSwUzXBHAmqhQ5lE7oomyGA4nqEJreas\n" - "ishVn8v1M3FS6woAiJAxP5vbUOMkoxmoGZy6KkHNGZI+GUSDkoZBWTod8fFSMDYg\n" - "kQk8QAGctCAG6Ms9NWKQpNHbTmz9478AC4phZR5QzvstzD6WpEvnXTI7K3ByoSN2\n" - "0OeQzl5u3HbNJYDydOZbYuSnbADGL/QpBqirmcMUi28lXuSJ6c6jdvnOODqbahvr\n" - "zvJDw6FQtn3OMdZnnSvWhkg6SxvImi99ABpS7SLNHDxm6CWrvbuZVFR21Tl/uxZl\n" - "4je2QW6WaFQRO2J7iVWY2YJtDHLAGA7esfofnvRNSHEh1e5n8G67X5xGGFIIvBu9\n" - "YSFmwTYZcu+DOa5DOU4tAQtftuWcK3XdcRJBn0X0NbBG13YxAgMBAAGjQzBBMA8G\n" - "A1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQU12oooOGT\n" - "dVttQK9BdMpkS9Ch5Y0wDQYJKoZIhvcNAQELBQADggGBABVza/dPn0VSs8frs2nw\n" - "Pd3QoclMKNJ+myDtn5P4q4X0MNKVUQqz7HZ2RPa4UH5PDRp1PbYP45z56wIoYfJb\n" - "i/sdDax0Nd0w6rmpl+koP0m24p8asxt0KenGQiBYfeEy2pxFn5aEKoDnyNAdhZRQ\n" - "2Ug+pp9OMJoTqAPcDGbooHs5j5wHcIfO0bRhl7/QnDc5HK6ll4SmOrfJ8LpkO0BY\n" - "vQK9zWC5Y3zck5uz8tNSCiGgt6y8MZQisC3JYWkzXE9xOjNfUBN+KhdF8ETgaBMZ\n" - "QxguU5VbKtzqG8cpl+6tgW/Otrarirov4EVGhn2B9gwy8cIBe5Q6hXhnzYCpJjVq\n" - "NWGSJ8T0gD+KZt/zxIAWWaYdMUXR7nQ5S+gY3Kn/OoTBZMrKJ3LSEQW42USrQwAl\n" - "p6YA+vX9EI4B1r5uGDoxklkxAAOrO4sddw7MuncjeQzahqbI4IQmxj+GfjTXZ5Df\n" - "gmQvlqt9tOTE0uIbWQT+iaXo28yZ+D0ymU8QazjG7UX9dg==\n" - "-----END CERTIFICATE-----\n", - NULL + "-----BEGIN CERTIFICATE-----\n" + "MIIEGjCCAoKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCAXDTE2MDcyNjEzMTQyOVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0xMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAwoXjtDX6uN+SF7qF\n" + "dEWvxYb9Q3gu0PT0N7a17FaystBIGmw5lT9PnMUJKHPxNwrn+QdD1ReEmf6K4D8q\n" + "vQzIzbCSBIV8bBZLA1/iH/hRaYvCvQLIaSnDEiDkkswkOyu/k7RDdB5H8q8Ey5x+\n" + "udlqQGDsjHVQCKeWfAHXl+NRQ7ONj69cVbI1qz4r1KhnVt9BsxSmXw5n2BBul3Ns\n" + "BY6yD8WD7js2sGxSMuv8hjFozc1t2u6APmkEJwiGx0fe+0Wu2HHNOUu+oyeiuPLq\n" + "6G/Nz1B15E15iY+Fi6g7Qa9k97UuLPiIzjqD4JtnSerBxhkossWa7KrOw7no5Ws+\n" + "d1lpZ92zGt8kTpi7KxQIV/zxvaXVBKv3br/FmKYxswFrbkXoYaFXrdsPs49B9OyX\n" + "WY1zMWhbU4uddPG964yxDz2oTehRjvvxF+1oSAaoLn4chlPpx8p3unj5Y/h8xr/+\n" + "Ciwblu3LE/1boa1zS/wM89UwysakVsaAxO3XjZyJPAJsTndTAgMBAAGjfzB9MA8G\n" + "A1UdEwEB/wQFMAMBAf8wGQYDVR0eAQH/BA8wDaALMAmBB2VlZS5jb20wDwYDVR0P\n" + "AQH/BAUDAwcEADAdBgNVHQ4EFgQUjuF/dTI8YtA8wD+BlmP2MTUZNTwwHwYDVR0j\n" + "BBgwFoAU12oooOGTdVttQK9BdMpkS9Ch5Y0wDQYJKoZIhvcNAQELBQADggGBAEN8\n" + "7Uou6LgI5RKyRL8UB4pLs53+mkUPoXCkCbv9mdFAqoi9OP89ALrF11tlME9PQZFj\n" + "90sxnK4S7ZTDBeS12AUlEEQLCTIrqTMVTyiiklS4bSck4TOGFCaQhrsh7ZliEqkm\n" + "oVsxYs0DYW66lVam/+K+5i6mO7Z4HGo5GDbU8nhMNHlighURfmzJ10xh6Z5s6uSA\n" + "K16OzIOiSqUXp+nT7/NmWSzVgegCqScXLHZ6VDHDzfjURHrqnNTGg4ByMJo1R9DF\n" + "Ne6khju2qP5j71Fwxz3RyZwwdhrPN3QSmMGyuFK3GS5WOYTeg35/Fa54UGVCKSM9\n" + "Dsdg2lHS4+Bxkcj6fSj++5RE2CILOP2vV08VdV5IVFNWSNXhNM4JPOaSjKzIXNuq\n" + "VdXTXxYBn90WA4/WNvUiUaVSioLvf/8Fv57/5JVwTsqM/I5TKZm/sbVePdX/3G/O\n" + "7AmDbp8t5zInW1EUev7ThIRWlr2Jr4NivzeHcjRwdQW0HT0kwJfJSTzH/4RzAg==\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIID3jCCAkagAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCAXDTE2MDcyNjEzMTQyOVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0wMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAzipouUl1Uqxd0TpN\n" + "JO8syBj5zG5Rasydf5ucdnu5P1gjRvoHulrlYy5/NUA+7N3QLN6fo4cjRZ890p18\n" + "7xqp/EdPUaFhv8bgyiaB8pXuQWTldqcuPSwUzXBHAmqhQ5lE7oomyGA4nqEJreas\n" + "ishVn8v1M3FS6woAiJAxP5vbUOMkoxmoGZy6KkHNGZI+GUSDkoZBWTod8fFSMDYg\n" + "kQk8QAGctCAG6Ms9NWKQpNHbTmz9478AC4phZR5QzvstzD6WpEvnXTI7K3ByoSN2\n" + "0OeQzl5u3HbNJYDydOZbYuSnbADGL/QpBqirmcMUi28lXuSJ6c6jdvnOODqbahvr\n" + "zvJDw6FQtn3OMdZnnSvWhkg6SxvImi99ABpS7SLNHDxm6CWrvbuZVFR21Tl/uxZl\n" + "4je2QW6WaFQRO2J7iVWY2YJtDHLAGA7esfofnvRNSHEh1e5n8G67X5xGGFIIvBu9\n" + "YSFmwTYZcu+DOa5DOU4tAQtftuWcK3XdcRJBn0X0NbBG13YxAgMBAAGjQzBBMA8G\n" + "A1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQU12oooOGT\n" + "dVttQK9BdMpkS9Ch5Y0wDQYJKoZIhvcNAQELBQADggGBABVza/dPn0VSs8frs2nw\n" + "Pd3QoclMKNJ+myDtn5P4q4X0MNKVUQqz7HZ2RPa4UH5PDRp1PbYP45z56wIoYfJb\n" + "i/sdDax0Nd0w6rmpl+koP0m24p8asxt0KenGQiBYfeEy2pxFn5aEKoDnyNAdhZRQ\n" + "2Ug+pp9OMJoTqAPcDGbooHs5j5wHcIfO0bRhl7/QnDc5HK6ll4SmOrfJ8LpkO0BY\n" + "vQK9zWC5Y3zck5uz8tNSCiGgt6y8MZQisC3JYWkzXE9xOjNfUBN+KhdF8ETgaBMZ\n" + "QxguU5VbKtzqG8cpl+6tgW/Otrarirov4EVGhn2B9gwy8cIBe5Q6hXhnzYCpJjVq\n" + "NWGSJ8T0gD+KZt/zxIAWWaYdMUXR7nQ5S+gY3Kn/OoTBZMrKJ3LSEQW42USrQwAl\n" + "p6YA+vX9EI4B1r5uGDoxklkxAAOrO4sddw7MuncjeQzahqbI4IQmxj+GfjTXZ5Df\n" + "gmQvlqt9tOTE0uIbWQT+iaXo28yZ+D0ymU8QazjG7UX9dg==\n" + "-----END CERTIFICATE-----\n", + NULL }; /* This chain has name constraints on the CA but the end certificate * has no name on CN or subjectAltname. */ static const char *nc_good0[] = { - /* empty CN, empty SAN */ - "-----BEGIN CERTIFICATE-----\n" - "MIIDIjCCAgqgAwIBAgIMVRJquRMxIN9nRLG4MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTAwIhgPMjAxNTAzMjUwNzU4NDlaGA85OTk5MTIzMTIzNTk1OVow\n" - "EzERMA8GA1UEChMIc2VydmVyLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" - "AoIBAQDEiLbqiSgPhAlwQXdn6Z7EoYMRiNHX+6cnlI195lv5LPdupiZ7EPF6y8rs\n" - "H/PyRwLhOuhfyAbBibBTWKt1n100UqAcr0Z/l2+zBorc/APhKrysDlWyYUjs/Ly1\n" - "pNQ4V9POpuCqEcPsGWcSr3ULqdRH2PoguWoF0el59fOyioUV+PbKAHPxs342fqu0\n" - "Plk3Bru4kf4R0U3L1r0DogFUYmjhGyhxKAezEikQGgrwlo30LD/31uuzJWs5x1+l\n" - "sGOKHIfxiWlBS8781QKuIWHT8Z+qsnPXobQ4ss2jF4qHjwIesJr8vq0OP2mQ/Ilh\n" - "WwcNJJtWwHE6O6Vj1kWUQ9kDuWQ3AgMBAAGjdjB0MAwGA1UdEwEB/wQCMAAwEwYD\n" - "VR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNVHQ4EFgQU8U1K\n" - "y6Tq/tczkOCK7CZhUAiuUcwwHwYDVR0jBBgwFoAUvSbAZPs2w5eQBjoLYPh+uKyj\n" - "ZzswDQYJKoZIhvcNAQELBQADggEBAG2H5HeItTKZVgNd2hFPfi0QUvheX8mjMniV\n" - "uaS/1zDSvAJOJue2GEpiYeTLvjd4WA5J09ZRSAuVWR9hg44m17TF2pod3YFBfGwx\n" - "8RkEp5W8LBdwPzcgbLVxkWmwZTo1v4Xv679uyVTeB306vfkTrsa0C82S5zJd1Wyt\n" - "/bFaNnxxb6KzVhFEctaVPVZdwrj7Q6XASH1oCfe/l50UcUkK853cXhV3CNJ8OUOY\n" - "h8O7FN/s5oZ23R9eX2D9mHJ/ccucv46ofAmQ9TjLZIACp89IfoMf61MOUG51BIlt\n" - "t494m704KMI2Y4hci5fHZ4UbcykjNpwkAMnCuk0K8K4gAFT6SZ8=\n" - "-----END CERTIFICATE-----\n", - NULL, - /* Name constraints (critical): + /* empty CN, empty SAN */ + "-----BEGIN CERTIFICATE-----\n" + "MIIDIjCCAgqgAwIBAgIMVRJquRMxIN9nRLG4MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTAwIhgPMjAxNTAzMjUwNzU4NDlaGA85OTk5MTIzMTIzNTk1OVow\n" + "EzERMA8GA1UEChMIc2VydmVyLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQDEiLbqiSgPhAlwQXdn6Z7EoYMRiNHX+6cnlI195lv5LPdupiZ7EPF6y8rs\n" + "H/PyRwLhOuhfyAbBibBTWKt1n100UqAcr0Z/l2+zBorc/APhKrysDlWyYUjs/Ly1\n" + "pNQ4V9POpuCqEcPsGWcSr3ULqdRH2PoguWoF0el59fOyioUV+PbKAHPxs342fqu0\n" + "Plk3Bru4kf4R0U3L1r0DogFUYmjhGyhxKAezEikQGgrwlo30LD/31uuzJWs5x1+l\n" + "sGOKHIfxiWlBS8781QKuIWHT8Z+qsnPXobQ4ss2jF4qHjwIesJr8vq0OP2mQ/Ilh\n" + "WwcNJJtWwHE6O6Vj1kWUQ9kDuWQ3AgMBAAGjdjB0MAwGA1UdEwEB/wQCMAAwEwYD\n" + "VR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNVHQ4EFgQU8U1K\n" + "y6Tq/tczkOCK7CZhUAiuUcwwHwYDVR0jBBgwFoAUvSbAZPs2w5eQBjoLYPh+uKyj\n" + "ZzswDQYJKoZIhvcNAQELBQADggEBAG2H5HeItTKZVgNd2hFPfi0QUvheX8mjMniV\n" + "uaS/1zDSvAJOJue2GEpiYeTLvjd4WA5J09ZRSAuVWR9hg44m17TF2pod3YFBfGwx\n" + "8RkEp5W8LBdwPzcgbLVxkWmwZTo1v4Xv679uyVTeB306vfkTrsa0C82S5zJd1Wyt\n" + "/bFaNnxxb6KzVhFEctaVPVZdwrj7Q6XASH1oCfe/l50UcUkK853cXhV3CNJ8OUOY\n" + "h8O7FN/s5oZ23R9eX2D9mHJ/ccucv46ofAmQ9TjLZIACp89IfoMf61MOUG51BIlt\n" + "t494m704KMI2Y4hci5fHZ4UbcykjNpwkAMnCuk0K8K4gAFT6SZ8=\n" + "-----END CERTIFICATE-----\n", + NULL, + /* Name constraints (critical): Permitted: DNSname: example.com */ - "-----BEGIN CERTIFICATE-----\n" - "MIIC/zCCAeegAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTUwMzI1MDc1ODQ5WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUEBLGhjEj8pLO\n" - "cU3UVmC+FcN3OKXH5lqm4pdxP6rbk0C9WKgavGV9MfEali767BaLHaEzxdCpcbxr\n" - "YdBKFcij7ucF9YqpoDD5HnMLhOEHKnQD0nk5wWYw7Q9ULy0wqEy15nfDdunDbYK5\n" - "TG7K2nsKcyPkEs637bJPBSOVSpn7mT49OnpSNpZcD361SqRh+OY8Iorr1m9DsrfW\n" - "8J9JCf4VlaL821PzoA/EEReabPI9TM10QYpN4J0JQsQnmuU/0WdaEJtq4pFZIZfJ\n" - "WtGGS6GX5faOkyMj5SuunZIjLal/+GRSVk1m3vfmDUp4MVKAqfqQ068Ix/aLEipX\n" - "8mNnyp95AgMBAAGjYjBgMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0eAQH/BBMwEaAP\n" - "MA2CC2V4YW1wbGUuY29tMA8GA1UdDwEB/wQFAwMHBAAwHQYDVR0OBBYEFL0mwGT7\n" - "NsOXkAY6C2D4friso2c7MA0GCSqGSIb3DQEBCwUAA4IBAQBSfcTha0878cAy3Peg\n" - "V9z+5rNr7/3Awf5HRTRr2VAATloXJ7iyvuvWmPlIKek40W+Xh4aHjZLjdfuPWyeV\n" - "EXAcEEwhxY4t8NRATzgBy8WyP64LRQnFsmo4p5VbT0ddcqUqwDDYgbNPdLmfLUwV\n" - "JS5DNFSsDco5Ng1DoQCLoIkuLMwD7g7YfMyUq8HupEI9TuhcXC5FUZbt0KjkQk9c\n" - "fbBiEvZcxlmLQRiC0sWFmuBteMyrnw3Y68jpl12ORyB/oVpCvXlYm4ViCCh5uyx3\n" - "Ml+FbR8ws+dEvGKmer50Lfw6/WSyEb/zWlLUUqClbJChLVnGMjgvwUqrLSKUcUw6\n" - "DsYI\n" - "-----END CERTIFICATE-----\n", - NULL + "-----BEGIN CERTIFICATE-----\n" + "MIIC/zCCAeegAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTUwMzI1MDc1ODQ5WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUEBLGhjEj8pLO\n" + "cU3UVmC+FcN3OKXH5lqm4pdxP6rbk0C9WKgavGV9MfEali767BaLHaEzxdCpcbxr\n" + "YdBKFcij7ucF9YqpoDD5HnMLhOEHKnQD0nk5wWYw7Q9ULy0wqEy15nfDdunDbYK5\n" + "TG7K2nsKcyPkEs637bJPBSOVSpn7mT49OnpSNpZcD361SqRh+OY8Iorr1m9DsrfW\n" + "8J9JCf4VlaL821PzoA/EEReabPI9TM10QYpN4J0JQsQnmuU/0WdaEJtq4pFZIZfJ\n" + "WtGGS6GX5faOkyMj5SuunZIjLal/+GRSVk1m3vfmDUp4MVKAqfqQ068Ix/aLEipX\n" + "8mNnyp95AgMBAAGjYjBgMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0eAQH/BBMwEaAP\n" + "MA2CC2V4YW1wbGUuY29tMA8GA1UdDwEB/wQFAwMHBAAwHQYDVR0OBBYEFL0mwGT7\n" + "NsOXkAY6C2D4friso2c7MA0GCSqGSIb3DQEBCwUAA4IBAQBSfcTha0878cAy3Peg\n" + "V9z+5rNr7/3Awf5HRTRr2VAATloXJ7iyvuvWmPlIKek40W+Xh4aHjZLjdfuPWyeV\n" + "EXAcEEwhxY4t8NRATzgBy8WyP64LRQnFsmo4p5VbT0ddcqUqwDDYgbNPdLmfLUwV\n" + "JS5DNFSsDco5Ng1DoQCLoIkuLMwD7g7YfMyUq8HupEI9TuhcXC5FUZbt0KjkQk9c\n" + "fbBiEvZcxlmLQRiC0sWFmuBteMyrnw3Y68jpl12ORyB/oVpCvXlYm4ViCCh5uyx3\n" + "Ml+FbR8ws+dEvGKmer50Lfw6/WSyEb/zWlLUUqClbJChLVnGMjgvwUqrLSKUcUw6\n" + "DsYI\n" + "-----END CERTIFICATE-----\n", + NULL }; /* Name constraints: DNSname in permitted range, intermediate certs without constraints */ static const char *nc_good1[] = { -/* DNSname: www.example.com */ -"-----BEGIN CERTIFICATE-----\n" -"MIIDQDCCAiigAwIBAgIMU/xyoxPcYVSaqH7/MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" -"BgNVBAMTBENBLTMwIhgPMjAxNDA4MjYxMTQyMjdaGA85OTk5MTIzMTIzNTk1OVow\n" -"EzERMA8GA1UEChMIc2VydmVyLTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" -"AoIBAQDkemVOFdbhBX1qwjxQHr3LmPktNEVBmXjrIvyp++dN7gCYzubnpiLcBE+B\n" -"S2b+ppxBYm9ynKijhGrO+lZPCQRXWmqUg4YDfvnEqM4n04dCE98jN4IhwvWZyP3p\n" -"+U8Ra9mVIBAY2MReo1dcJQHNmo560xzxioHsGNQHAfYgVRHiE5hIXchYbWCkBrKt\n" -"XOoSSTmfgCF3L22p6S1q143VoKUr/C9zqinZo6feGAiTprj6YH0tHswjGBbxTFLb\n" -"q3ThbGDR5FNYL5q0FvQRNbjoF4oFitZ3P1Qkrzq7VIJd9k8J1C3g/16U2dDTKqRX\n" -"ejX7maFZ6oRZJASsRSowEs4wTfRpAgMBAAGjgZMwgZAwDAYDVR0TAQH/BAIwADAa\n" -"BgNVHREEEzARgg93d3cuZXhhbXBsZS5jb20wEwYDVR0lBAwwCgYIKwYBBQUHAwEw\n" -"DwYDVR0PAQH/BAUDAwegADAdBgNVHQ4EFgQUAEYPmcA7S/KChiet+Z6+RRmogiww\n" -"HwYDVR0jBBgwFoAUjxZogHO3y4VdOLuibQHsQYdsGgwwDQYJKoZIhvcNAQELBQAD\n" -"ggEBABlA3npOWwl3eBycaLVOsmdPS+fUwhLnF8hxoyKpHe/33k1nIxd7iiqNZ3iw\n" -"6pAjnuRUCjajU+mlx6ekrmga8mpmeD6JH0I3lq+mrPeCeFXm8gc1yJpcFJ/C2l4o\n" -"+3HNY7RJKcfoQxIbiKOtZ6x9E0aYuk3s1Um3Pf8GLwENoou7Stg5qHsLbkN/GBuP\n" -"n3p/4iqik2k7VblldDe3oCob5vMp0qrAEhlNl2Fn65rcB4+bp1EiC1Z+y6X8DpRb\n" -"NomKUsOiGcbFjQ4ptT6fePmPHX1mgDCx+5/22cyBUYElefYP7Xzr+C8tqqO3JFKe\n" -"hqEmQRsll9bkqpu2dh83c3i9u4g=\n" -"-----END CERTIFICATE-----\n", -/* - */ -"-----BEGIN CERTIFICATE-----\n" -"MIIDATCCAemgAwIBAgIBAzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0y\n" -"MCIYDzIwMTQwODI2MTE0MjI3WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" -"BENBLTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/4ofaL+ilmmM+\n" -"bGaFRy5GYQXtkD8sA3+/GWsunR928fQS68Zh6iWU+gPm52i7Gfbh7piKWA5Tb63w\n" -"unbS6dPsfPSvgRMZGKJpzxqVcBQAnTS4MuDPlXNg3K3HMyVtbxekII8jFeGEJuCL\n" -"mBMT4dI48IZRzj+2mir38w2cQPfomaKtjg2jMokG8Z9/4+SU9VJCcY1/yZk8fCbS\n" -"dBbwhnDq10yvhPCHgX6KMYmoJr28CYgH29Q9sDP1XN3VvAx5X+PtW/6pyF0U5E2e\n" -"gRzVv7Hr3FJKvytbNxRMCoy2YOyvsTP0fIhiXdtkulTKXyiq4cxA+aYByOu1FjU4\n" -"NicWbiZ/AgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" -"ADAdBgNVHQ4EFgQUjxZogHO3y4VdOLuibQHsQYdsGgwwHwYDVR0jBBgwFoAUwAx0\n" -"aL2SrsoSZcZUuFlq0O17BSgwDQYJKoZIhvcNAQELBQADggEBAGQvj8SquT31w8JK\n" -"tHDL4hWOU0EwVwWl4aYsvP17WspiFIIHKApPFfQOD0/Wg9zB48ble5ZSwKA3Vc3B\n" -"DJgd77HgVAd/Nu1TS5TFDKhpuvFPJVpJ3cqt3pTsVGMzf6GRz5kG3Ly/pBgkqiMG\n" -"gv6vTlEvzNe4FcnhNBEaRKpK5Hc5+GnxtfVoki3tjG5u+oa9/OwzAT+7IOyiIKHw\n" -"7F4Cm56QAWMJgVNm329AjZrJLeNuKoQWGueNew4dOe/zlYEaVMG4So74twXQwIAB\n" -"Zko7+wk6eI4CkI4Zair36s1jLkCF8xnL8FExTT3sg6B6KBHaNUuwc67WPILVuFuc\n" -"VfVBOd8=\n" -"-----END CERTIFICATE-----\n", -/* Name Constraints (critical): + /* DNSname: www.example.com */ + "-----BEGIN CERTIFICATE-----\n" + "MIIDQDCCAiigAwIBAgIMU/xyoxPcYVSaqH7/MA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTMwIhgPMjAxNDA4MjYxMTQyMjdaGA85OTk5MTIzMTIzNTk1OVow\n" + "EzERMA8GA1UEChMIc2VydmVyLTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQDkemVOFdbhBX1qwjxQHr3LmPktNEVBmXjrIvyp++dN7gCYzubnpiLcBE+B\n" + "S2b+ppxBYm9ynKijhGrO+lZPCQRXWmqUg4YDfvnEqM4n04dCE98jN4IhwvWZyP3p\n" + "+U8Ra9mVIBAY2MReo1dcJQHNmo560xzxioHsGNQHAfYgVRHiE5hIXchYbWCkBrKt\n" + "XOoSSTmfgCF3L22p6S1q143VoKUr/C9zqinZo6feGAiTprj6YH0tHswjGBbxTFLb\n" + "q3ThbGDR5FNYL5q0FvQRNbjoF4oFitZ3P1Qkrzq7VIJd9k8J1C3g/16U2dDTKqRX\n" + "ejX7maFZ6oRZJASsRSowEs4wTfRpAgMBAAGjgZMwgZAwDAYDVR0TAQH/BAIwADAa\n" + "BgNVHREEEzARgg93d3cuZXhhbXBsZS5jb20wEwYDVR0lBAwwCgYIKwYBBQUHAwEw\n" + "DwYDVR0PAQH/BAUDAwegADAdBgNVHQ4EFgQUAEYPmcA7S/KChiet+Z6+RRmogiww\n" + "HwYDVR0jBBgwFoAUjxZogHO3y4VdOLuibQHsQYdsGgwwDQYJKoZIhvcNAQELBQAD\n" + "ggEBABlA3npOWwl3eBycaLVOsmdPS+fUwhLnF8hxoyKpHe/33k1nIxd7iiqNZ3iw\n" + "6pAjnuRUCjajU+mlx6ekrmga8mpmeD6JH0I3lq+mrPeCeFXm8gc1yJpcFJ/C2l4o\n" + "+3HNY7RJKcfoQxIbiKOtZ6x9E0aYuk3s1Um3Pf8GLwENoou7Stg5qHsLbkN/GBuP\n" + "n3p/4iqik2k7VblldDe3oCob5vMp0qrAEhlNl2Fn65rcB4+bp1EiC1Z+y6X8DpRb\n" + "NomKUsOiGcbFjQ4ptT6fePmPHX1mgDCx+5/22cyBUYElefYP7Xzr+C8tqqO3JFKe\n" + "hqEmQRsll9bkqpu2dh83c3i9u4g=\n" + "-----END CERTIFICATE-----\n", + /* - */ + "-----BEGIN CERTIFICATE-----\n" + "MIIDATCCAemgAwIBAgIBAzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0y\n" + "MCIYDzIwMTQwODI2MTE0MjI3WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/4ofaL+ilmmM+\n" + "bGaFRy5GYQXtkD8sA3+/GWsunR928fQS68Zh6iWU+gPm52i7Gfbh7piKWA5Tb63w\n" + "unbS6dPsfPSvgRMZGKJpzxqVcBQAnTS4MuDPlXNg3K3HMyVtbxekII8jFeGEJuCL\n" + "mBMT4dI48IZRzj+2mir38w2cQPfomaKtjg2jMokG8Z9/4+SU9VJCcY1/yZk8fCbS\n" + "dBbwhnDq10yvhPCHgX6KMYmoJr28CYgH29Q9sDP1XN3VvAx5X+PtW/6pyF0U5E2e\n" + "gRzVv7Hr3FJKvytbNxRMCoy2YOyvsTP0fIhiXdtkulTKXyiq4cxA+aYByOu1FjU4\n" + "NicWbiZ/AgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQUjxZogHO3y4VdOLuibQHsQYdsGgwwHwYDVR0jBBgwFoAUwAx0\n" + "aL2SrsoSZcZUuFlq0O17BSgwDQYJKoZIhvcNAQELBQADggEBAGQvj8SquT31w8JK\n" + "tHDL4hWOU0EwVwWl4aYsvP17WspiFIIHKApPFfQOD0/Wg9zB48ble5ZSwKA3Vc3B\n" + "DJgd77HgVAd/Nu1TS5TFDKhpuvFPJVpJ3cqt3pTsVGMzf6GRz5kG3Ly/pBgkqiMG\n" + "gv6vTlEvzNe4FcnhNBEaRKpK5Hc5+GnxtfVoki3tjG5u+oa9/OwzAT+7IOyiIKHw\n" + "7F4Cm56QAWMJgVNm329AjZrJLeNuKoQWGueNew4dOe/zlYEaVMG4So74twXQwIAB\n" + "Zko7+wk6eI4CkI4Zair36s1jLkCF8xnL8FExTT3sg6B6KBHaNUuwc67WPILVuFuc\n" + "VfVBOd8=\n" + "-----END CERTIFICATE-----\n", + /* Name Constraints (critical): Permitted: DNSname: example.com Excluded: DNSname: example.org */ -"-----BEGIN CERTIFICATE-----\n" -"MIIDMzCCAhugAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" -"MCIYDzIwMTQwODI2MTE0MjI3WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" -"BENBLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIf3as4EONSgWu\n" -"Mbm9w3DbKd/su1UWlrYrcpVqmU3MKD5jXBxyoThSBWxmq1+wcNDmE1on6pHY1aad\n" -"k3188JKMC83wEcyQXaiH3DlTYFXXkkI+JJNUGlfAMSoXG248SpoCIOhCETUG03iP\n" -"Z3AZludaHYsv4akAh1Kl6qn66+bKM53l/YhoQDxhoGaYvO8ZSwKnx5DEiq447jpW\n" -"M+sUFe38RPaMjHpyc1GRctvQDzJGm+8ZRujYDH+fGNzVDDlRyRnsVanFGNdyfhmy\n" -"BN2D2+2VEvzAWlaGg2wQN8gF3+luavIVEgETXODZPa5FF7ulmQmhqGrZcw6WtDmY\n" -"hUbNmbL7AgMBAAGjgZUwgZIwDwYDVR0TAQH/BAUwAwEB/zAuBgNVHR4BAf8EJDAi\n" -"oA8wDYILZXhhbXBsZS5jb22hDzANggtleGFtcGxlLm9yZzAPBgNVHQ8BAf8EBQMD\n" -"BwQAMB0GA1UdDgQWBBTADHRovZKuyhJlxlS4WWrQ7XsFKDAfBgNVHSMEGDAWgBTg\n" -"+khaP8UOjcwSKVxgT+zhh0aWPDANBgkqhkiG9w0BAQsFAAOCAQEASq5yBiib8FPk\n" -"oRONZ4COgGqjXvigeOBRgbHf9AfagpoYDbOKDQS8Iwt9VHZfJxdcJ1OuM1aQqXlN\n" -"dUyf+JdR/24Nv1yrhL+dEfRGka6Db96YuPsbetVhNIiMm2teXDIPgGzAKuTm4xPA\n" -"6zyNVy5AwfDQ5hIZ+EUsfOoerIElNyAbh66law4MWuiv4oyX4u49m5lxLuL6mFpR\n" -"CIZYWjZMa0MJvWMKGm/AhpfEOkbT58Fg5YmxhnKMk6ps1eR6mh3NgH1IbUqvEYNC\n" -"eS42X3kAMxEDseBOMths0gxeLL+IHdQpXnAjZppW8zEIcN3yfknul35r8R6Qt9aK\n" -"q5+/m1ADBw==\n" -"-----END CERTIFICATE-----\n", -"-----BEGIN CERTIFICATE-----\n" -"MIIDATCCAemgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" -"MCIYDzIwMTQwODI2MTE0MjI2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" -"BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIe0eOnLaV750K\n" -"4+mVaAftRrJp8t68KJivcRFpkl0ucQs6gwNf9EsVkHineOR3RXypjJ7Hsv+4PIKp\n" -"BhEOTprYUKcBaxHK/NIezV6NrO1AwuD6MtJDQF9jGpSy0F3eRUoBCjVYhTl+JxcZ\n" -"hGHPJd8WMeanQWY4xG4gTwtpjF3tPU5+JGQwLk5SbcLicM2QMG3CapZinOGK3/XC\n" -"Fjsvf5ZhxnixayhfiX/n9BmeP1yxz7YORNYPlL8z1CcLZqJsyjZnNkVwNvl4ft9I\n" -"FOKBLoOTSGocHFIFXh5b50GG6QHgvN+TiAwdpfRTUskWVg8VVIh7ymgDoI2jQhk4\n" -"EeMaZHd/AgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" -"ADAdBgNVHQ4EFgQU4PpIWj/FDo3MEilcYE/s4YdGljwwHwYDVR0jBBgwFoAU6XJK\n" -"EOUYTuioWHG+1YBuz0yPFmowDQYJKoZIhvcNAQELBQADggEBAJOCrGvbeRqPj+uL\n" -"2FIfbkYZAx2nGl3RVv5ZK2YeDpU1udxLihc6Sr67OZbiA4QMKxwgI7pupuwXmyql\n" -"vs9dWnNpjzgfc0OqqzVdOFlfw8ew2DQb2sUXCcIkwqXb/pBQ9BvcgdDASu+rm74j\n" -"JWDZlhcqeVhZROKfpsjsl+lHgZ7kANwHtUJg/WvK8J971hgElqeBO1O97cGkw/in\n" -"e8ooK9Lxk3Td+WdI8C7juCYiwsGqFEKuj7b6937uzvpFmm1fYDdOHhTMcHTHIVTr\n" -"uxSSurQ4XSDF6Iuel3+IdpLL79UYJ7Cf4IhBWj0EloF6xWTA6nUYl3gzKpx1Tg1U\n" -"x2+26YY=\n" -"-----END CERTIFICATE-----\n", -"-----BEGIN CERTIFICATE-----\n" -"MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" -"MCIYDzIwMTQwODI2MTE0MjI2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" -"BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqLuVrTyiqz+Zs\n" -"9Qw5V2Z1y1YSWU6aRDMs+34rP2gwT41C69HBh2LLRS04iJUVQydwnEJukwKlTNRn\n" -"1lEpvWgtYmySWA2SyI4xkVzCXgwv0k7WyLwa39hfNY1rXAqhDTL8VO0nXxi8hCMW\n" -"ohaXcvsieglhN5uwu6voEdY3Gwtx4V8ysDJ2P9EBo49ZHdpBOv+3YLDxbWZuL/tI\n" -"nYkBUHHfWGhUHsRsu0EGob3SFnfiooCbE/vtmn9rUuBEQDqOjOg3el/aTPJzcMi/\n" -"RTz+8ho17ZrQRKHZGKWq9Skank+2X9FZoYKFCUlBm6RVud1R54QYZEIj7W9ujQLN\n" -"LJrcIwBDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" -"ADAdBgNVHQ4EFgQU6XJKEOUYTuioWHG+1YBuz0yPFmowDQYJKoZIhvcNAQELBQAD\n" -"ggEBAEeXYGhZ8fWDpCGfSGEDX8FTqLwfDXxw18ZJjQJwus7bsJ9K/hAXnasXrn0f\n" -"TJ+uJi8muqzP1V376mSUzlwXIzLZCtbwRdDhJJYRrLvf5zfHxHeDgvDALn+1AduF\n" -"G/GzCVIFsYNSMdKGwNRp6Ucgl43BPZs6Swn2DXrxxW7Gng+8dvUS2XGLLdH6q1O3\n" -"U1EgJilng+VXx9Rg3yCs5xDiehASySsM6MN/+v+Ouf9lkoQCEgrtlW5Lb/neOBlA\n" -"aS8PPQuKkIEggNd8hW88YWQOJXMiCAgFppVp5B1Vbghn9IDJQISx/AXAoDXQvQfE\n" -"bdOzcKFyDuklHl2IQPnYTFxm/G8=\n" -"-----END CERTIFICATE-----\n", -NULL + "-----BEGIN CERTIFICATE-----\n" + "MIIDMzCCAhugAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" + "MCIYDzIwMTQwODI2MTE0MjI3WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIf3as4EONSgWu\n" + "Mbm9w3DbKd/su1UWlrYrcpVqmU3MKD5jXBxyoThSBWxmq1+wcNDmE1on6pHY1aad\n" + "k3188JKMC83wEcyQXaiH3DlTYFXXkkI+JJNUGlfAMSoXG248SpoCIOhCETUG03iP\n" + "Z3AZludaHYsv4akAh1Kl6qn66+bKM53l/YhoQDxhoGaYvO8ZSwKnx5DEiq447jpW\n" + "M+sUFe38RPaMjHpyc1GRctvQDzJGm+8ZRujYDH+fGNzVDDlRyRnsVanFGNdyfhmy\n" + "BN2D2+2VEvzAWlaGg2wQN8gF3+luavIVEgETXODZPa5FF7ulmQmhqGrZcw6WtDmY\n" + "hUbNmbL7AgMBAAGjgZUwgZIwDwYDVR0TAQH/BAUwAwEB/zAuBgNVHR4BAf8EJDAi\n" + "oA8wDYILZXhhbXBsZS5jb22hDzANggtleGFtcGxlLm9yZzAPBgNVHQ8BAf8EBQMD\n" + "BwQAMB0GA1UdDgQWBBTADHRovZKuyhJlxlS4WWrQ7XsFKDAfBgNVHSMEGDAWgBTg\n" + "+khaP8UOjcwSKVxgT+zhh0aWPDANBgkqhkiG9w0BAQsFAAOCAQEASq5yBiib8FPk\n" + "oRONZ4COgGqjXvigeOBRgbHf9AfagpoYDbOKDQS8Iwt9VHZfJxdcJ1OuM1aQqXlN\n" + "dUyf+JdR/24Nv1yrhL+dEfRGka6Db96YuPsbetVhNIiMm2teXDIPgGzAKuTm4xPA\n" + "6zyNVy5AwfDQ5hIZ+EUsfOoerIElNyAbh66law4MWuiv4oyX4u49m5lxLuL6mFpR\n" + "CIZYWjZMa0MJvWMKGm/AhpfEOkbT58Fg5YmxhnKMk6ps1eR6mh3NgH1IbUqvEYNC\n" + "eS42X3kAMxEDseBOMths0gxeLL+IHdQpXnAjZppW8zEIcN3yfknul35r8R6Qt9aK\n" + "q5+/m1ADBw==\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIIDATCCAemgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwODI2MTE0MjI2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIe0eOnLaV750K\n" + "4+mVaAftRrJp8t68KJivcRFpkl0ucQs6gwNf9EsVkHineOR3RXypjJ7Hsv+4PIKp\n" + "BhEOTprYUKcBaxHK/NIezV6NrO1AwuD6MtJDQF9jGpSy0F3eRUoBCjVYhTl+JxcZ\n" + "hGHPJd8WMeanQWY4xG4gTwtpjF3tPU5+JGQwLk5SbcLicM2QMG3CapZinOGK3/XC\n" + "Fjsvf5ZhxnixayhfiX/n9BmeP1yxz7YORNYPlL8z1CcLZqJsyjZnNkVwNvl4ft9I\n" + "FOKBLoOTSGocHFIFXh5b50GG6QHgvN+TiAwdpfRTUskWVg8VVIh7ymgDoI2jQhk4\n" + "EeMaZHd/AgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQU4PpIWj/FDo3MEilcYE/s4YdGljwwHwYDVR0jBBgwFoAU6XJK\n" + "EOUYTuioWHG+1YBuz0yPFmowDQYJKoZIhvcNAQELBQADggEBAJOCrGvbeRqPj+uL\n" + "2FIfbkYZAx2nGl3RVv5ZK2YeDpU1udxLihc6Sr67OZbiA4QMKxwgI7pupuwXmyql\n" + "vs9dWnNpjzgfc0OqqzVdOFlfw8ew2DQb2sUXCcIkwqXb/pBQ9BvcgdDASu+rm74j\n" + "JWDZlhcqeVhZROKfpsjsl+lHgZ7kANwHtUJg/WvK8J971hgElqeBO1O97cGkw/in\n" + "e8ooK9Lxk3Td+WdI8C7juCYiwsGqFEKuj7b6937uzvpFmm1fYDdOHhTMcHTHIVTr\n" + "uxSSurQ4XSDF6Iuel3+IdpLL79UYJ7Cf4IhBWj0EloF6xWTA6nUYl3gzKpx1Tg1U\n" + "x2+26YY=\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwODI2MTE0MjI2WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqLuVrTyiqz+Zs\n" + "9Qw5V2Z1y1YSWU6aRDMs+34rP2gwT41C69HBh2LLRS04iJUVQydwnEJukwKlTNRn\n" + "1lEpvWgtYmySWA2SyI4xkVzCXgwv0k7WyLwa39hfNY1rXAqhDTL8VO0nXxi8hCMW\n" + "ohaXcvsieglhN5uwu6voEdY3Gwtx4V8ysDJ2P9EBo49ZHdpBOv+3YLDxbWZuL/tI\n" + "nYkBUHHfWGhUHsRsu0EGob3SFnfiooCbE/vtmn9rUuBEQDqOjOg3el/aTPJzcMi/\n" + "RTz+8ho17ZrQRKHZGKWq9Skank+2X9FZoYKFCUlBm6RVud1R54QYZEIj7W9ujQLN\n" + "LJrcIwBDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQU6XJKEOUYTuioWHG+1YBuz0yPFmowDQYJKoZIhvcNAQELBQAD\n" + "ggEBAEeXYGhZ8fWDpCGfSGEDX8FTqLwfDXxw18ZJjQJwus7bsJ9K/hAXnasXrn0f\n" + "TJ+uJi8muqzP1V376mSUzlwXIzLZCtbwRdDhJJYRrLvf5zfHxHeDgvDALn+1AduF\n" + "G/GzCVIFsYNSMdKGwNRp6Ucgl43BPZs6Swn2DXrxxW7Gng+8dvUS2XGLLdH6q1O3\n" + "U1EgJilng+VXx9Rg3yCs5xDiehASySsM6MN/+v+Ouf9lkoQCEgrtlW5Lb/neOBlA\n" + "aS8PPQuKkIEggNd8hW88YWQOJXMiCAgFppVp5B1Vbghn9IDJQISx/AXAoDXQvQfE\n" + "bdOzcKFyDuklHl2IQPnYTFxm/G8=\n" + "-----END CERTIFICATE-----\n", + NULL }; /* Name constraints: IPAddress_v6 in permitted range, intermediate certs without constraints */ static const char *nc_good2[] = { - /* IPAddress: 2001:db8:4000:: */ - "-----BEGIN CERTIFICATE-----\n" - "MIIEKDCCApCgAwIBAgIMV3OWtCJqV9nu6MtYMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTMwIBcNMTYwNjI5MDkzNjUyWhgPOTk5OTEyMzEyMzU5NTlaMBMx\n" - "ETAPBgNVBAMTCHNlcnZlci00MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC\n" - "AYEA34kB6fm9NLwz3CGzya+pVo6qWXVxkaXiKnKYk7nzcT5nozZYERR8gd3FWmAX\n" - "T1lzNC92Yxbz7zvonD8cxmRqMNGXqNrHrGmO9u0pr8eFnIRhSEscSWv3gwoMKH+C\n" - "+FajvWM9XK7+ndiXLL4ReFtrPcryrN3B0duMX+l2vgIBlBsIoj6m/n6ExQ8uyE3a\n" - "VyzM2gZgvjX3hw3ieLcOURRVRSsINlNcDZeUB/oGNkWKECUAEbmarutqeoYDZOyI\n" - "LBxcFhZ3/l2khMHuU5G/uQlBVuR45LqEk2LkRtG3MiidmFOnvHbFwFucT1JexwAs\n" - "5YAeBVfIkO/ZaHTnfL4d/z2GKniNyCmbwQ6kBqG8kK/EGWkpPwIHu8KRap8LmrrS\n" - "YY2pRT7L5UCmsFsWyTm3N4n6QYImCnn8h9IY4zKtQfzfbh10wWgd4tqtJZELQjgL\n" - "DvxNsv443bqJ1vWvwmV9X8O0G4nSjcMsgQQCPYWTfnNpcVVOa80n2p23xyG58hdl\n" - "hQ0HAgMBAAGjfjB8MAwGA1UdEwEB/wQCMAAwGwYDVR0RBBQwEocQIAENuEAAAAAA\n" - "AAAAAAAAADAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBSRsZYeRAUgOYrmLOR7\n" - "W7JTQVTJ5TAfBgNVHSMEGDAWgBQVna/6ANq7at0JSC476WWFVlOauzANBgkqhkiG\n" - "9w0BAQsFAAOCAYEAZ/NaFq9GGqsXyIB8Lgmf8GqmHCq5EC3qPijOf34McVtAfZU8\n" - "0q2ZNkBlV+P14n4DUdNKoLwjZ9jL33IiyRWPNdz2SgqOgu0rdN2xXc/Hq5Wu/bBw\n" - "ZtASxQBV1crYvtoRCTBmei8j+WJ1Qfh+1QNar1mgofCR99Sqx+x0HWC9nAF6aAMd\n" - "6t4GS+E3Cmpu/MzgCHHr7yT0XkltJ7m/oLjSwR4RFepNAc5zMOD2ujxwB+5t+mnE\n" - "fO5i3SF8OZEnq0c8LtiZvn0bbVtRMcRFpi5kLzV+5b4J4y2BocR8cSvbp/GOvyYi\n" - "AYKfwboXK9nJmaxsYdT9zKSp5sPETMMXD7ZDtaM0jKunb9sUF98FsK1j1I416cQI\n" - "ChBUCeANDhHTAmaxPKpyjnHsEtbA27z5l5bQmUXSTc5vVYEj4HhNAE89T/4AbMbH\n" - "6hvlsD0t9cq9nWly0CC7UIoI1Llv7TVgIKVieLQ5DIZHGL/VuPFHNqfFZDzPByjf\n" - "kU9hILqMbOM6P182\n" - "-----END CERTIFICATE-----\n", - /* (no name constraints set) */ - "-----BEGIN CERTIFICATE-----\n" - "MIID/zCCAmegAwIBAgIBAzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0y\n" - "MCAXDTE2MDYyOTA5MzY1MloYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0zMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAxCKO/30Vk2JmTvrV\n" - "j/yi2Bi2rx+SQbIwJRmpGXedQfO90q9EXXZ7INQzo+xhk3dsuzkgTxeVnf7ONJwh\n" - "r6KoEgoUXSH+R2MaX1+LjrD2MU3zDO11DE+nAv8hgOZJqYawmgve9RMsVREUcnCu\n" - "85pT7bIsNqtuaXG7/mkMib1YfHwiMCl3u0jwhTWf0FuSRqe9ozqHo8DR89vHyrjl\n" - "t7FsrUnECJLZtDlf0VUG0lekZIY+WL7w54j4C9z+e8ZnKPpGIJyTgS4W/yXslyNR\n" - "VECiQHKW/gwSJBDMLODesJsSpgwh2NZ7VmreWTGSoFgS84Hteogj8jY0C7Ky6DHo\n" - "kYLpHcWo3FBIZ6oSiWR49zcJ1r26+JnHQEE1Kxt9Rpn6m6E2k4yW6hBFIZcWnFSQ\n" - "LKPtHMQS+soqC/qj4fFNqm7/OJof33LAG6T3cC8wtgtom7n9Jd1RZvkGtlAbNzzm\n" - "Wwh4SUyMyq9/dQ3WkJ1RVzVLhqYi9+QiHuVrqVSFO8dmL1/zAgMBAAGjZDBiMA8G\n" - "A1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUFZ2v+gDa\n" - "u2rdCUguO+llhVZTmrswHwYDVR0jBBgwFoAU2X5m+TBOqGUVhmhVmzQagc4mEqEw\n" - "DQYJKoZIhvcNAQELBQADggGBAHbh1c2UYg23aHZN/cVkAD6fqOykWqF9ZeqI9r0c\n" - "BGpvnhcVMOdGitpIYk3cW5a2UYmo6SkfOHos6yB3fZKHz525YhS7Tg96t+c4es8D\n" - "GlbJdr/O2vwPVsBseyvk+AHPBrcJDooiqD1rXeJWUiIREVBC1hICYaEDTSdPKxRX\n" - "93sRnfEFpZMcWd2dsqOUwwwN6VIeZAxoeysM2O6qkqDIjIVOK613oMYUEKBSyZ+w\n" - "d9Ds5sStkaLXxNJ06q3Mst5rE+IgpznpYvJBtpp6HQQeqiTXI9lIoU2oZda8UChA\n" - "Tc6iNFl+oQVvaMMUo2YlbEKbQ4UPbxT6wx5LfF3imbReMtRQCbs7uvCkTNTkY2mf\n" - "LFTMPMBjbLaY5ogx3vRZQd3833vC9iUcgBewyJc81BcEzI6F9rcg9quzkAnXdUsV\n" - "zcMfadJlDrnPm/n3mNiHZs70MQ/dXQtbaD5H6T9BME5sRwAmW7VJ/ySeytkoUw8z\n" - "leNeFV8T+J9lz0g5hWY78QJaTQ==\n" - "-----END CERTIFICATE-----\n", - /* Name Constraints (critical): + /* IPAddress: 2001:db8:4000:: */ + "-----BEGIN CERTIFICATE-----\n" + "MIIEKDCCApCgAwIBAgIMV3OWtCJqV9nu6MtYMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTMwIBcNMTYwNjI5MDkzNjUyWhgPOTk5OTEyMzEyMzU5NTlaMBMx\n" + "ETAPBgNVBAMTCHNlcnZlci00MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC\n" + "AYEA34kB6fm9NLwz3CGzya+pVo6qWXVxkaXiKnKYk7nzcT5nozZYERR8gd3FWmAX\n" + "T1lzNC92Yxbz7zvonD8cxmRqMNGXqNrHrGmO9u0pr8eFnIRhSEscSWv3gwoMKH+C\n" + "+FajvWM9XK7+ndiXLL4ReFtrPcryrN3B0duMX+l2vgIBlBsIoj6m/n6ExQ8uyE3a\n" + "VyzM2gZgvjX3hw3ieLcOURRVRSsINlNcDZeUB/oGNkWKECUAEbmarutqeoYDZOyI\n" + "LBxcFhZ3/l2khMHuU5G/uQlBVuR45LqEk2LkRtG3MiidmFOnvHbFwFucT1JexwAs\n" + "5YAeBVfIkO/ZaHTnfL4d/z2GKniNyCmbwQ6kBqG8kK/EGWkpPwIHu8KRap8LmrrS\n" + "YY2pRT7L5UCmsFsWyTm3N4n6QYImCnn8h9IY4zKtQfzfbh10wWgd4tqtJZELQjgL\n" + "DvxNsv443bqJ1vWvwmV9X8O0G4nSjcMsgQQCPYWTfnNpcVVOa80n2p23xyG58hdl\n" + "hQ0HAgMBAAGjfjB8MAwGA1UdEwEB/wQCMAAwGwYDVR0RBBQwEocQIAENuEAAAAAA\n" + "AAAAAAAAADAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBSRsZYeRAUgOYrmLOR7\n" + "W7JTQVTJ5TAfBgNVHSMEGDAWgBQVna/6ANq7at0JSC476WWFVlOauzANBgkqhkiG\n" + "9w0BAQsFAAOCAYEAZ/NaFq9GGqsXyIB8Lgmf8GqmHCq5EC3qPijOf34McVtAfZU8\n" + "0q2ZNkBlV+P14n4DUdNKoLwjZ9jL33IiyRWPNdz2SgqOgu0rdN2xXc/Hq5Wu/bBw\n" + "ZtASxQBV1crYvtoRCTBmei8j+WJ1Qfh+1QNar1mgofCR99Sqx+x0HWC9nAF6aAMd\n" + "6t4GS+E3Cmpu/MzgCHHr7yT0XkltJ7m/oLjSwR4RFepNAc5zMOD2ujxwB+5t+mnE\n" + "fO5i3SF8OZEnq0c8LtiZvn0bbVtRMcRFpi5kLzV+5b4J4y2BocR8cSvbp/GOvyYi\n" + "AYKfwboXK9nJmaxsYdT9zKSp5sPETMMXD7ZDtaM0jKunb9sUF98FsK1j1I416cQI\n" + "ChBUCeANDhHTAmaxPKpyjnHsEtbA27z5l5bQmUXSTc5vVYEj4HhNAE89T/4AbMbH\n" + "6hvlsD0t9cq9nWly0CC7UIoI1Llv7TVgIKVieLQ5DIZHGL/VuPFHNqfFZDzPByjf\n" + "kU9hILqMbOM6P182\n" + "-----END CERTIFICATE-----\n", + /* (no name constraints set) */ + "-----BEGIN CERTIFICATE-----\n" + "MIID/zCCAmegAwIBAgIBAzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0y\n" + "MCAXDTE2MDYyOTA5MzY1MloYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0zMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAxCKO/30Vk2JmTvrV\n" + "j/yi2Bi2rx+SQbIwJRmpGXedQfO90q9EXXZ7INQzo+xhk3dsuzkgTxeVnf7ONJwh\n" + "r6KoEgoUXSH+R2MaX1+LjrD2MU3zDO11DE+nAv8hgOZJqYawmgve9RMsVREUcnCu\n" + "85pT7bIsNqtuaXG7/mkMib1YfHwiMCl3u0jwhTWf0FuSRqe9ozqHo8DR89vHyrjl\n" + "t7FsrUnECJLZtDlf0VUG0lekZIY+WL7w54j4C9z+e8ZnKPpGIJyTgS4W/yXslyNR\n" + "VECiQHKW/gwSJBDMLODesJsSpgwh2NZ7VmreWTGSoFgS84Hteogj8jY0C7Ky6DHo\n" + "kYLpHcWo3FBIZ6oSiWR49zcJ1r26+JnHQEE1Kxt9Rpn6m6E2k4yW6hBFIZcWnFSQ\n" + "LKPtHMQS+soqC/qj4fFNqm7/OJof33LAG6T3cC8wtgtom7n9Jd1RZvkGtlAbNzzm\n" + "Wwh4SUyMyq9/dQ3WkJ1RVzVLhqYi9+QiHuVrqVSFO8dmL1/zAgMBAAGjZDBiMA8G\n" + "A1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUFZ2v+gDa\n" + "u2rdCUguO+llhVZTmrswHwYDVR0jBBgwFoAU2X5m+TBOqGUVhmhVmzQagc4mEqEw\n" + "DQYJKoZIhvcNAQELBQADggGBAHbh1c2UYg23aHZN/cVkAD6fqOykWqF9ZeqI9r0c\n" + "BGpvnhcVMOdGitpIYk3cW5a2UYmo6SkfOHos6yB3fZKHz525YhS7Tg96t+c4es8D\n" + "GlbJdr/O2vwPVsBseyvk+AHPBrcJDooiqD1rXeJWUiIREVBC1hICYaEDTSdPKxRX\n" + "93sRnfEFpZMcWd2dsqOUwwwN6VIeZAxoeysM2O6qkqDIjIVOK613oMYUEKBSyZ+w\n" + "d9Ds5sStkaLXxNJ06q3Mst5rE+IgpznpYvJBtpp6HQQeqiTXI9lIoU2oZda8UChA\n" + "Tc6iNFl+oQVvaMMUo2YlbEKbQ4UPbxT6wx5LfF3imbReMtRQCbs7uvCkTNTkY2mf\n" + "LFTMPMBjbLaY5ogx3vRZQd3833vC9iUcgBewyJc81BcEzI6F9rcg9quzkAnXdUsV\n" + "zcMfadJlDrnPm/n3mNiHZs70MQ/dXQtbaD5H6T9BME5sRwAmW7VJ/ySeytkoUw8z\n" + "leNeFV8T+J9lz0g5hWY78QJaTQ==\n" + "-----END CERTIFICATE-----\n", + /* Name Constraints (critical): Permitted: IPAddress: 2001:db8::/32 Excluded: IPAddress: 2001:db8::/34 */ - "-----BEGIN CERTIFICATE-----\n" - "MIIEWzCCAsOgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" - "MCAXDTE2MDYyOTA5MzY1MVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0yMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAq03TF1WvguiqwoZG\n" - "XbM/lSligqO1tCd8dhAsa1lZmuHqcZRsQLs4Dq4Ffh00AVWDnn734hGzyvBA2LNj\n" - "tSH+slECZ55lVWKvJ0D8ip481YFP4CTWcJbM4cvkZdM82+ygYERy/WfR9cJqyrLX\n" - "tYvvs1b15fb7s0alE0gJK4j0RbzDjp1DsHFKzG2bNJxJ39xnfa6h4zwDJ+NgJAQN\n" - "z84OEw5ECZlKp2HbZZdTx0rXFYiyucao/Ugs1rZ3SPzcPg+EJJMSTdxypD8qWaGg\n" - "xP0UrmYxl0D9+m+pV8YftD3h9yFDB0DC0eaXyST224mJDUYR4E6tBSFetWgLkc6l\n" - "+1os8Ys6SvrlKvtxr0xQFxV1LhMX/gZgntyflljj/DWYpo+uaA74bkhOzIxEpa1Z\n" - "BXMLauKJ7dzm2aHYIgFlYxu1TIjib0D/UaEp3wmoZ6pDUpxjoiqjfDc6WxV5b2Gj\n" - "TIZ6qwLcADF90estBeLEtkcf8xk71JzFe0FGL4bDkPPKax0jAgMBAAGjgb8wgbww\n" - "DwYDVR0TAQH/BAUwAwEB/zBYBgNVHR4BAf8ETjBMoCQwIocgIAENuAAAAAAAAAAA\n" - "AAAAAP////8AAAAAAAAAAAAAAAChJDAihyAgAQ24AAAAAAAAAAAAAAAA/////8AA\n" - "AAAAAAAAAAAAADAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBTZfmb5ME6oZRWG\n" - "aFWbNBqBziYSoTAfBgNVHSMEGDAWgBQZXWHEGPF89Ep5BX76GGJZxvxVQDANBgkq\n" - "hkiG9w0BAQsFAAOCAYEAl5x0spmwJ0kKiVOLu8WRRtHb6DK6pSu+jGxGh4GNwCFw\n" - "bvX8u6QBlCu9xW4afd6/a1PduPtoRQltWeZaB2SDWnnjclKpaG8A9736YV9XKHdL\n" - "QX6GZcKSa2r81aAaHSZqxo60HfMPbCLWiWwWDX6O284kLumq7m2Z+pTKmb/Fmdqc\n" - "i292pyamXuj8eMsYNGvxzknwe3jr4HZhNfdjRvsLTI6ovEGsa6tdIgszSOrLT/kh\n" - "yu8zt9gljas6aBJ2rzT1OECaHQ74IkVZkhA6C4tSf2grH4yDZ4oZrcgJFHF/saC6\n" - "5uj5niAxmJrlaBeb+dwl+c5aNFo51zZRYktoQuvCGykWwqc8XwZBKu8MGNsEjEo7\n" - "wtfgu/bzXrLUJluXnzVBNCcXwDzsgIxlpJcFZ5aqaVhfYrl8cd5Wa3FrkHvkGyBP\n" - "aXS1nd/tvl96i6p60w/VkX6FlSknXh8IdkjcChckJv3AukUrV0U1ViTaVkWpVhQL\n" - "JKM8n9POeVPK4pUlaXAd\n" - "-----END CERTIFICATE-----\n", - /* (no name constraints set) */ - "-----BEGIN CERTIFICATE-----\n" - "MIID/zCCAmegAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCAXDTE2MDYyOTA5MzY1MVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0xMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAnf+axUDkYDVQNCvR\n" - "hvLcW2nWKZo3g2JciS/h+V2gKWjDDNWxg6luyxlCFsDCaNx+t3j2YJECRZvNMLDP\n" - "QiE7U8+GKtJgR3FhHnA5xu/IbBWbNYUO08Q1s+w82dfy6QxRRDOXXh0fjAbd153J\n" - "K/9FDpyCuJ/RC9RKphwOz5YsSlMbUpYCCm0pten44HzyT/F2hwVLEEnLn1uuM8x2\n" - "HggBYH6WHFiGJLZH6h9ajt04JjyvcTDIaGw4ttET1doBnnRU+6CDiFYeYFqzUDkG\n" - "4lKKPxyXsqC0B20vV/N03c5DnODkMnTGPQ696HuhNtf4+i6PRhTieX2iu8uDOPcF\n" - "aOfokwfuUx3Ws4dShfvSMN/jFpdpOVn41dceY1Dbqy3tMF0YVFY6SSvRtvUQAvmz\n" - "KYmaYwKKpe/yMDqICAdE3fjkHHkQeQri6FP7RrLfbsprLtQlS/1ZclT9CnIz3uES\n" - "7C4a9OVvxIz+RZoIps/q94PB5fqvzXsmDIukV9VFKpAjrXWVAgMBAAGjZDBiMA8G\n" - "A1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUGV1hxBjx\n" - "fPRKeQV++hhiWcb8VUAwHwYDVR0jBBgwFoAU5xR9/WMP7pTmHW6KSB7HSeK6exkw\n" - "DQYJKoZIhvcNAQELBQADggGBABBXBE8psujTJ83QlsnyQYUk2MPfvm5CuJGuC4rr\n" - "uc3FFNi1A9h1XR44J5iDf84SZcaNZgYag79SHaQ0OdHHYPdJ6Yc+59IIf8PncoGd\n" - "wgeU61u8uIZL53yfDSE7o0t0UrJpBNb7oGF2adRJs7ZqyUZyN6A9+74jcrxllpjI\n" - "oha9WgugzP9CUqWYgv/MDNuwAtv+1znNFgv8C8mkhbr8wmf737XsQzfrYFK1ibhw\n" - "8rBGJLnLT+Xh+CgaDYeZrnS/oSMXCJETTbnPWfJGacX6FtB829fYhO6VMDqTy74p\n" - "k04UcXRxH7ZnRXbCImqnGTfNZtXYLu1oCDC/Ubi08ev2r8Lxrg8B/F6ME0hihiHh\n" - "8X1ggr2fDll2mUwBnalRgRYfYc3MRfQv1oy/lQDp0A2rpbKQiX8ji8r1y9xDcu/B\n" - "ERwaNiUxyK+Tx3BiMIN4EP7+yGh/f71PDvlZYBkXNYrQBaCpW8fj2hr6N/B4kCPr\n" - "/AJhLcEQybcD4IKiqywx8kx3Ig==\n" - "-----END CERTIFICATE-----\n", - "-----BEGIN CERTIFICATE-----\n" - "MIID3jCCAkagAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCAXDTE2MDYyOTA5MzY1MFoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" - "QS0wMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEApAgApH8PdlQKWr+K\n" - "ja6KYXYYNxdhs4JoiOBxr3OQuS/ocqp1HU5vVRXKiu0XpqkB631wmC1tTk7N4LYZ\n" - "+4ffM82JhkK0y1FwV4soqeuwYraF//8ekgmCxi7tqie0WDmXc+aO2O8pruFHTjCV\n" - "TCMAer+wspFEQgHVsbFRAr+zyZpz8bn3Ywy801aM+807sEyNeeIMR0UnM5uELKvF\n" - "iHXJwdPdXM48sGe6DHJtSw4OLx3+xqRMlhVBAb0/yYLv1HDFwul0IRBfjj96rXgc\n" - "bWLiKIjZCl64+Y+UbbHp71pT09T/tzu15tvjHoIGLudWIaZHCnU10fQS1ySL/Xjm\n" - "n0xxze2AVSzoYoiw3ldkTvik9gqESC+uu+QXhzhxKe+GKEd6oGE+8KOxAkTJT6BO\n" - "vXKa6R7XDgI4AXeNlTgOZXDAqmhPFjARaLS8jdUIKJLHSaqlzX0+XLilgTGMNaXA\n" - "4Sm5pKnJcoCpL4OisgiJnuIRshO10IKgM5YqeytbkjeJzqX9AgMBAAGjQzBBMA8G\n" - "A1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQU5xR9/WMP\n" - "7pTmHW6KSB7HSeK6exkwDQYJKoZIhvcNAQELBQADggGBAARJRZIqmdoMRq3iYxh9\n" - "vApIvuQ8cImjusmIaYzZpAvjcOiX5RGuN/69e7Os6QxnN+H6TAj3IX+a0Msu+P/c\n" - "NrrQWttd+uR2xZic+dNXzhsEI5+o4G7W9srnDLU01FmlytvH1CSgLYm8uv3Q8G3/\n" - "RVEYmOphvHUUDYJeFIUDyaC88k52tyZ1SeSkveLRy+vf7GkHicVVMAOuyiQV3aQD\n" - "M8o3QFyrncw5i608d8JArJZ7LXhx+S+37rMsBGHnXAyKjv8zNt/YW3IjAA4ifr+m\n" - "rbTurPyCNxKFdhTBQaF1ofQaKVNEIdSjNCB+5RXUXmoAELsiRQS4LGN6NhMfBlbu\n" - "YAMUmDjwu/LkDGLbZHX0cGiDuLc/qefVc1QBAQZ2zoCAnYZU6itnzqlayOijNj8n\n" - "0aHMa8P8rb9gzOKcNOz147lLK5oHjYgeYOy3hpUDT/k7wyELWb20GKaaWLgGqWS0\n" - "W5U6UgHQoBLyOvHIOkbCRVyIPLh9ijufA0LpUdk2Lf1Sww==\n" - "-----END CERTIFICATE-----\n", - NULL + "-----BEGIN CERTIFICATE-----\n" + "MIIEWzCCAsOgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0x\n" + "MCAXDTE2MDYyOTA5MzY1MVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0yMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAq03TF1WvguiqwoZG\n" + "XbM/lSligqO1tCd8dhAsa1lZmuHqcZRsQLs4Dq4Ffh00AVWDnn734hGzyvBA2LNj\n" + "tSH+slECZ55lVWKvJ0D8ip481YFP4CTWcJbM4cvkZdM82+ygYERy/WfR9cJqyrLX\n" + "tYvvs1b15fb7s0alE0gJK4j0RbzDjp1DsHFKzG2bNJxJ39xnfa6h4zwDJ+NgJAQN\n" + "z84OEw5ECZlKp2HbZZdTx0rXFYiyucao/Ugs1rZ3SPzcPg+EJJMSTdxypD8qWaGg\n" + "xP0UrmYxl0D9+m+pV8YftD3h9yFDB0DC0eaXyST224mJDUYR4E6tBSFetWgLkc6l\n" + "+1os8Ys6SvrlKvtxr0xQFxV1LhMX/gZgntyflljj/DWYpo+uaA74bkhOzIxEpa1Z\n" + "BXMLauKJ7dzm2aHYIgFlYxu1TIjib0D/UaEp3wmoZ6pDUpxjoiqjfDc6WxV5b2Gj\n" + "TIZ6qwLcADF90estBeLEtkcf8xk71JzFe0FGL4bDkPPKax0jAgMBAAGjgb8wgbww\n" + "DwYDVR0TAQH/BAUwAwEB/zBYBgNVHR4BAf8ETjBMoCQwIocgIAENuAAAAAAAAAAA\n" + "AAAAAP////8AAAAAAAAAAAAAAAChJDAihyAgAQ24AAAAAAAAAAAAAAAA/////8AA\n" + "AAAAAAAAAAAAADAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBTZfmb5ME6oZRWG\n" + "aFWbNBqBziYSoTAfBgNVHSMEGDAWgBQZXWHEGPF89Ep5BX76GGJZxvxVQDANBgkq\n" + "hkiG9w0BAQsFAAOCAYEAl5x0spmwJ0kKiVOLu8WRRtHb6DK6pSu+jGxGh4GNwCFw\n" + "bvX8u6QBlCu9xW4afd6/a1PduPtoRQltWeZaB2SDWnnjclKpaG8A9736YV9XKHdL\n" + "QX6GZcKSa2r81aAaHSZqxo60HfMPbCLWiWwWDX6O284kLumq7m2Z+pTKmb/Fmdqc\n" + "i292pyamXuj8eMsYNGvxzknwe3jr4HZhNfdjRvsLTI6ovEGsa6tdIgszSOrLT/kh\n" + "yu8zt9gljas6aBJ2rzT1OECaHQ74IkVZkhA6C4tSf2grH4yDZ4oZrcgJFHF/saC6\n" + "5uj5niAxmJrlaBeb+dwl+c5aNFo51zZRYktoQuvCGykWwqc8XwZBKu8MGNsEjEo7\n" + "wtfgu/bzXrLUJluXnzVBNCcXwDzsgIxlpJcFZ5aqaVhfYrl8cd5Wa3FrkHvkGyBP\n" + "aXS1nd/tvl96i6p60w/VkX6FlSknXh8IdkjcChckJv3AukUrV0U1ViTaVkWpVhQL\n" + "JKM8n9POeVPK4pUlaXAd\n" + "-----END CERTIFICATE-----\n", + /* (no name constraints set) */ + "-----BEGIN CERTIFICATE-----\n" + "MIID/zCCAmegAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCAXDTE2MDYyOTA5MzY1MVoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0xMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAnf+axUDkYDVQNCvR\n" + "hvLcW2nWKZo3g2JciS/h+V2gKWjDDNWxg6luyxlCFsDCaNx+t3j2YJECRZvNMLDP\n" + "QiE7U8+GKtJgR3FhHnA5xu/IbBWbNYUO08Q1s+w82dfy6QxRRDOXXh0fjAbd153J\n" + "K/9FDpyCuJ/RC9RKphwOz5YsSlMbUpYCCm0pten44HzyT/F2hwVLEEnLn1uuM8x2\n" + "HggBYH6WHFiGJLZH6h9ajt04JjyvcTDIaGw4ttET1doBnnRU+6CDiFYeYFqzUDkG\n" + "4lKKPxyXsqC0B20vV/N03c5DnODkMnTGPQ696HuhNtf4+i6PRhTieX2iu8uDOPcF\n" + "aOfokwfuUx3Ws4dShfvSMN/jFpdpOVn41dceY1Dbqy3tMF0YVFY6SSvRtvUQAvmz\n" + "KYmaYwKKpe/yMDqICAdE3fjkHHkQeQri6FP7RrLfbsprLtQlS/1ZclT9CnIz3uES\n" + "7C4a9OVvxIz+RZoIps/q94PB5fqvzXsmDIukV9VFKpAjrXWVAgMBAAGjZDBiMA8G\n" + "A1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUGV1hxBjx\n" + "fPRKeQV++hhiWcb8VUAwHwYDVR0jBBgwFoAU5xR9/WMP7pTmHW6KSB7HSeK6exkw\n" + "DQYJKoZIhvcNAQELBQADggGBABBXBE8psujTJ83QlsnyQYUk2MPfvm5CuJGuC4rr\n" + "uc3FFNi1A9h1XR44J5iDf84SZcaNZgYag79SHaQ0OdHHYPdJ6Yc+59IIf8PncoGd\n" + "wgeU61u8uIZL53yfDSE7o0t0UrJpBNb7oGF2adRJs7ZqyUZyN6A9+74jcrxllpjI\n" + "oha9WgugzP9CUqWYgv/MDNuwAtv+1znNFgv8C8mkhbr8wmf737XsQzfrYFK1ibhw\n" + "8rBGJLnLT+Xh+CgaDYeZrnS/oSMXCJETTbnPWfJGacX6FtB829fYhO6VMDqTy74p\n" + "k04UcXRxH7ZnRXbCImqnGTfNZtXYLu1oCDC/Ubi08ev2r8Lxrg8B/F6ME0hihiHh\n" + "8X1ggr2fDll2mUwBnalRgRYfYc3MRfQv1oy/lQDp0A2rpbKQiX8ji8r1y9xDcu/B\n" + "ERwaNiUxyK+Tx3BiMIN4EP7+yGh/f71PDvlZYBkXNYrQBaCpW8fj2hr6N/B4kCPr\n" + "/AJhLcEQybcD4IKiqywx8kx3Ig==\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIID3jCCAkagAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCAXDTE2MDYyOTA5MzY1MFoYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRD\n" + "QS0wMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEApAgApH8PdlQKWr+K\n" + "ja6KYXYYNxdhs4JoiOBxr3OQuS/ocqp1HU5vVRXKiu0XpqkB631wmC1tTk7N4LYZ\n" + "+4ffM82JhkK0y1FwV4soqeuwYraF//8ekgmCxi7tqie0WDmXc+aO2O8pruFHTjCV\n" + "TCMAer+wspFEQgHVsbFRAr+zyZpz8bn3Ywy801aM+807sEyNeeIMR0UnM5uELKvF\n" + "iHXJwdPdXM48sGe6DHJtSw4OLx3+xqRMlhVBAb0/yYLv1HDFwul0IRBfjj96rXgc\n" + "bWLiKIjZCl64+Y+UbbHp71pT09T/tzu15tvjHoIGLudWIaZHCnU10fQS1ySL/Xjm\n" + "n0xxze2AVSzoYoiw3ldkTvik9gqESC+uu+QXhzhxKe+GKEd6oGE+8KOxAkTJT6BO\n" + "vXKa6R7XDgI4AXeNlTgOZXDAqmhPFjARaLS8jdUIKJLHSaqlzX0+XLilgTGMNaXA\n" + "4Sm5pKnJcoCpL4OisgiJnuIRshO10IKgM5YqeytbkjeJzqX9AgMBAAGjQzBBMA8G\n" + "A1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQU5xR9/WMP\n" + "7pTmHW6KSB7HSeK6exkwDQYJKoZIhvcNAQELBQADggGBAARJRZIqmdoMRq3iYxh9\n" + "vApIvuQ8cImjusmIaYzZpAvjcOiX5RGuN/69e7Os6QxnN+H6TAj3IX+a0Msu+P/c\n" + "NrrQWttd+uR2xZic+dNXzhsEI5+o4G7W9srnDLU01FmlytvH1CSgLYm8uv3Q8G3/\n" + "RVEYmOphvHUUDYJeFIUDyaC88k52tyZ1SeSkveLRy+vf7GkHicVVMAOuyiQV3aQD\n" + "M8o3QFyrncw5i608d8JArJZ7LXhx+S+37rMsBGHnXAyKjv8zNt/YW3IjAA4ifr+m\n" + "rbTurPyCNxKFdhTBQaF1ofQaKVNEIdSjNCB+5RXUXmoAELsiRQS4LGN6NhMfBlbu\n" + "YAMUmDjwu/LkDGLbZHX0cGiDuLc/qefVc1QBAQZ2zoCAnYZU6itnzqlayOijNj8n\n" + "0aHMa8P8rb9gzOKcNOz147lLK5oHjYgeYOy3hpUDT/k7wyELWb20GKaaWLgGqWS0\n" + "W5U6UgHQoBLyOvHIOkbCRVyIPLh9ijufA0LpUdk2Lf1Sww==\n" + "-----END CERTIFICATE-----\n", + NULL }; static const char *v1_intermed_check[] = { - "-----BEGIN CERTIFICATE-----\n" - "MIIDGzCCAgOgAwIBAgIIUvuL4ymDgpEwDQYJKoZIhvcNAQELBQAwDjEMMAoGA1UE\n" - "AxMDQ0ExMCIYDzIwMTQwMjEyMTQ1NzQwWhgPOTk5OTEyMzEyMzU5NTlaMBExDzAN\n" - "BgNVBAMTBnNlcnZlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALkh\n" - "OTKvbV/OQcP9fn02UGzWNLGwS06248rOo+fHqCngf3nl/IefzktuI4Al5Qq9pq42\n" - "X2oLn/zr8kaO3L0rDcc54nVRuipfsw5nxAmwmjpfwnDgyla4Y88n57dhia/tmFlL\n" - "rpspg4YJ8Jt4/tGaNVS0OZ57LEoW7/OrqoGM7U3Xxa2QbzaNYMGcSt2ePvccCg13\n" - "+CJcXxOQcr/cUxyuk9neATJoulFtO8ycpmkLFUdi0WoThBjNCCJ8s7ZuvnGpF4vD\n" - "3fuvyM2ftiS08B2c5cv6FH9+4I7Elrb++TdVf43F0Awc2pLhm8L1fAuTtMjtbd9w\n" - "pxs0yaWR8IvQYbWM/XUCAwEAAaN2MHQwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAK\n" - "BggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBTlqmq9/mceVMMP\n" - "Z0HtoWZvHDc/tTAfBgNVHSMEGDAWgBRq1Eg1exmWS45j+lFklVwTQe5NsjANBgkq\n" - "hkiG9w0BAQsFAAOCAQEAAWX2f1XE/bR+DYCMaNAFpTjOFZ54eCBdazUqfVamPRoP\n" - "/8qyEYpMaA+IpHkJ5tXsx/rdKLgg1kNv/6bXyCwVgVcNBxpt05WUxqFG9xxLLz1K\n" - "UkbOZUA0/P9GqjRt9HeodP0Hqog1c1d4jgU3Ng7FIn5JXmLNVfl5qXfXCJ2S9WKu\n" - "pHw0M9TLOKUD2DD2T5K/iZAU0AXGRVUH39e+xsFIoawPWflfN5eNz8uikMQc+kxt\n" - "DdEMfPZidecToAcMolle53F7zZvqQswfla/3esb/bnndFAqIsnXRpi6Oj06ajzwE\n" - "TKP745KouHnNPZ3Hz1mPeusn4EJkLfTb5aBT3nJ+Kw==\n" - "-----END CERTIFICATE-----\n", - "-----BEGIN CERTIFICATE-----\n" - "MIICmzCCAYMCCFL7i7wg78R3MA0GCSqGSIb3DQEBCwUAMA4xDDAKBgNVBAMTA0NB\n" - "MjAiGA8yMDE0MDIxMjE0NTcwMloYDzk5OTkxMjMxMjM1OTU5WjAOMQwwCgYDVQQD\n" - "EwNDQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDS0OoKnGy/0Ju\n" - "U/Q+T3b5RR53oe24OoISkKE4Sia50aHeQZbYitIsQUEvMq06kdjaSA2p8qT29p9n\n" - "feDYsrhgZkWm4stp2EMkbbkB6k0hBobo4YQiQRa4ttYIsOWLMk/xR0z5ST+UoUv6\n" - "L/5IOxxJzdpUEbMJpM0Zp8AUZRKnXTc88a/zpPbYiO+LicdhlIKiUvIlnVTlvHOz\n" - "yN9y5o0Dry9i3IlDSTK8Ls54Nm6v7Z+1F1UwIXkYJCX0WxJ6w/4jHmbiRSitbH9s\n" - "UqSUm9sHCUakBJA3Y9/9K2SVWNJrG/G4LmZ+Zwr8NdZN3RrxQnWnudL4bTtM0WgY\n" - "QynV12XDAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGJbRVVxERtx5Li15n1bdAzW\n" - "HaDNKt/TkUcZvnfdtggvZLkKhPiNWksQ+9jk1RS71dSZHT9Kb9bIVhaYzaHdI+hG\n" - "7coftkY66wjD9xLv2DyqnwvuR0S8Uhj9jas5xf/P9S79ZDk61Afg7yX8aLBJpJIH\n" - "citi1c65C8rYwB8zsF1Zbbh2/6Enty+eFhS1JOuEgUFP1oO2Nj2vh4IqR3yEGdGt\n" - "Tr57CD/C97fcaeRE4LlHJIMQ9toeZ5Fc9avnOzNIxJd7BPqWWvOnu3TWufj7uaq+\n" - "CcHTlq9h0NKf9dI1GsxbscJbO3+I+hzOwYfFcNrQ+8BFGbcwx9ZcS2xO3Rx9dbc=\n" - "-----END CERTIFICATE-----\n", - "-----BEGIN CERTIFICATE-----\n" - "MIIC3jCCAcagAwIBAgIBATANBgkqhkiG9w0BAQsFADAOMQwwCgYDVQQDEwNDQTIw\n" - "IhgPMjAxNDAyMTIxNDU0NTJaGA85OTk5MTIzMTIzNTk1OVowDjEMMAoGA1UEAxMD\n" - "Q0EyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZPztwmz136OBSTT\n" - "t4pXys9dTfaOBajrO2s4JcPa0C+7D2wfWD941q1q01TV5+QgLDTF7OO5VSXt2W3p\n" - "cKlXS/Ll2N8sxTaULcVCodFrHOdfHV1V65VlWhJOnPdpboBtM2V8Iory+d2mNXZT\n" - "wkcNJ/Z8YBUZCTeR1zaLjq0GAITyJoMiI4+x9Djc+iBDGJarRW7A/JyDN4EFjDzw\n" - "svdWpHg710I+qtKnlMO/whEmw9r3L486JTSlrrrruUSVGY9UWJpv62az1jbu63d8\n" - "6/PBp0xbBpiv1xA0qSSquN/THurTZ0Y0MS0vbpnAYkws8YxnFAV1TU4B7AZ0IQId\n" - "Zjo6HQIDAQABo0MwQTAPBgNVHRMBAf8EBTADAQH/MA8GA1UdDwEB/wQFAwMHBAAw\n" - "HQYDVR0OBBYEFNVrkTf8WoQKImozc6dBqx8J8tvhMA0GCSqGSIb3DQEBCwUAA4IB\n" - "AQBpX+j6Fd5aLnMs55qqbFBTWU9bH4/fGh6OVcJztZyvRTOQMLoha9Lsa2C1c1u0\n" - "kjj3coRWIq8YH8FbOhu0x3pij5dcnn1FQCKcwEmjdDf6ltxplkZXpR86yW2ZyR2W\n" - "WmIPUrMPJNFkBbgVKFyYoj+9QUyoWHAWNSLJhqBI5v5CRNYIIat1Nt5SuTDm3ggw\n" - "GUfMH/snytxVq23tj+02pBCdahTqN1w83W1yFX39URChPpl9RZ6HcIg3DFrXhXte\n" - "lA+/t8l+o7w7POJ4xMyRtbTuGpGHQac+VJBWKFkduY3sbXN2GdQPL6/VvKH115Tr\n" - "Bos85afmGYPR/gUP0hVSlFzj\n" - "-----END CERTIFICATE-----\n", - NULL + "-----BEGIN CERTIFICATE-----\n" + "MIIDGzCCAgOgAwIBAgIIUvuL4ymDgpEwDQYJKoZIhvcNAQELBQAwDjEMMAoGA1UE\n" + "AxMDQ0ExMCIYDzIwMTQwMjEyMTQ1NzQwWhgPOTk5OTEyMzEyMzU5NTlaMBExDzAN\n" + "BgNVBAMTBnNlcnZlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALkh\n" + "OTKvbV/OQcP9fn02UGzWNLGwS06248rOo+fHqCngf3nl/IefzktuI4Al5Qq9pq42\n" + "X2oLn/zr8kaO3L0rDcc54nVRuipfsw5nxAmwmjpfwnDgyla4Y88n57dhia/tmFlL\n" + "rpspg4YJ8Jt4/tGaNVS0OZ57LEoW7/OrqoGM7U3Xxa2QbzaNYMGcSt2ePvccCg13\n" + "+CJcXxOQcr/cUxyuk9neATJoulFtO8ycpmkLFUdi0WoThBjNCCJ8s7ZuvnGpF4vD\n" + "3fuvyM2ftiS08B2c5cv6FH9+4I7Elrb++TdVf43F0Awc2pLhm8L1fAuTtMjtbd9w\n" + "pxs0yaWR8IvQYbWM/XUCAwEAAaN2MHQwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAK\n" + "BggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBTlqmq9/mceVMMP\n" + "Z0HtoWZvHDc/tTAfBgNVHSMEGDAWgBRq1Eg1exmWS45j+lFklVwTQe5NsjANBgkq\n" + "hkiG9w0BAQsFAAOCAQEAAWX2f1XE/bR+DYCMaNAFpTjOFZ54eCBdazUqfVamPRoP\n" + "/8qyEYpMaA+IpHkJ5tXsx/rdKLgg1kNv/6bXyCwVgVcNBxpt05WUxqFG9xxLLz1K\n" + "UkbOZUA0/P9GqjRt9HeodP0Hqog1c1d4jgU3Ng7FIn5JXmLNVfl5qXfXCJ2S9WKu\n" + "pHw0M9TLOKUD2DD2T5K/iZAU0AXGRVUH39e+xsFIoawPWflfN5eNz8uikMQc+kxt\n" + "DdEMfPZidecToAcMolle53F7zZvqQswfla/3esb/bnndFAqIsnXRpi6Oj06ajzwE\n" + "TKP745KouHnNPZ3Hz1mPeusn4EJkLfTb5aBT3nJ+Kw==\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIICmzCCAYMCCFL7i7wg78R3MA0GCSqGSIb3DQEBCwUAMA4xDDAKBgNVBAMTA0NB\n" + "MjAiGA8yMDE0MDIxMjE0NTcwMloYDzk5OTkxMjMxMjM1OTU5WjAOMQwwCgYDVQQD\n" + "EwNDQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDS0OoKnGy/0Ju\n" + "U/Q+T3b5RR53oe24OoISkKE4Sia50aHeQZbYitIsQUEvMq06kdjaSA2p8qT29p9n\n" + "feDYsrhgZkWm4stp2EMkbbkB6k0hBobo4YQiQRa4ttYIsOWLMk/xR0z5ST+UoUv6\n" + "L/5IOxxJzdpUEbMJpM0Zp8AUZRKnXTc88a/zpPbYiO+LicdhlIKiUvIlnVTlvHOz\n" + "yN9y5o0Dry9i3IlDSTK8Ls54Nm6v7Z+1F1UwIXkYJCX0WxJ6w/4jHmbiRSitbH9s\n" + "UqSUm9sHCUakBJA3Y9/9K2SVWNJrG/G4LmZ+Zwr8NdZN3RrxQnWnudL4bTtM0WgY\n" + "QynV12XDAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGJbRVVxERtx5Li15n1bdAzW\n" + "HaDNKt/TkUcZvnfdtggvZLkKhPiNWksQ+9jk1RS71dSZHT9Kb9bIVhaYzaHdI+hG\n" + "7coftkY66wjD9xLv2DyqnwvuR0S8Uhj9jas5xf/P9S79ZDk61Afg7yX8aLBJpJIH\n" + "citi1c65C8rYwB8zsF1Zbbh2/6Enty+eFhS1JOuEgUFP1oO2Nj2vh4IqR3yEGdGt\n" + "Tr57CD/C97fcaeRE4LlHJIMQ9toeZ5Fc9avnOzNIxJd7BPqWWvOnu3TWufj7uaq+\n" + "CcHTlq9h0NKf9dI1GsxbscJbO3+I+hzOwYfFcNrQ+8BFGbcwx9ZcS2xO3Rx9dbc=\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIIC3jCCAcagAwIBAgIBATANBgkqhkiG9w0BAQsFADAOMQwwCgYDVQQDEwNDQTIw\n" + "IhgPMjAxNDAyMTIxNDU0NTJaGA85OTk5MTIzMTIzNTk1OVowDjEMMAoGA1UEAxMD\n" + "Q0EyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZPztwmz136OBSTT\n" + "t4pXys9dTfaOBajrO2s4JcPa0C+7D2wfWD941q1q01TV5+QgLDTF7OO5VSXt2W3p\n" + "cKlXS/Ll2N8sxTaULcVCodFrHOdfHV1V65VlWhJOnPdpboBtM2V8Iory+d2mNXZT\n" + "wkcNJ/Z8YBUZCTeR1zaLjq0GAITyJoMiI4+x9Djc+iBDGJarRW7A/JyDN4EFjDzw\n" + "svdWpHg710I+qtKnlMO/whEmw9r3L486JTSlrrrruUSVGY9UWJpv62az1jbu63d8\n" + "6/PBp0xbBpiv1xA0qSSquN/THurTZ0Y0MS0vbpnAYkws8YxnFAV1TU4B7AZ0IQId\n" + "Zjo6HQIDAQABo0MwQTAPBgNVHRMBAf8EBTADAQH/MA8GA1UdDwEB/wQFAwMHBAAw\n" + "HQYDVR0OBBYEFNVrkTf8WoQKImozc6dBqx8J8tvhMA0GCSqGSIb3DQEBCwUAA4IB\n" + "AQBpX+j6Fd5aLnMs55qqbFBTWU9bH4/fGh6OVcJztZyvRTOQMLoha9Lsa2C1c1u0\n" + "kjj3coRWIq8YH8FbOhu0x3pij5dcnn1FQCKcwEmjdDf6ltxplkZXpR86yW2ZyR2W\n" + "WmIPUrMPJNFkBbgVKFyYoj+9QUyoWHAWNSLJhqBI5v5CRNYIIat1Nt5SuTDm3ggw\n" + "GUfMH/snytxVq23tj+02pBCdahTqN1w83W1yFX39URChPpl9RZ6HcIg3DFrXhXte\n" + "lA+/t8l+o7w7POJ4xMyRtbTuGpGHQac+VJBWKFkduY3sbXN2GdQPL6/VvKH115Tr\n" + "Bos85afmGYPR/gUP0hVSlFzj\n" + "-----END CERTIFICATE-----\n", + NULL }; static const char *v1_root_check[] = { - "-----BEGIN CERTIFICATE-----\n" - "MIIDAjCCAeqgAwIBAgIMVDP8wwGyCHAlXREsMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTAwIhgPMjAxNDEwMDcxNDQ2MjdaGA85OTk5MTIzMTIzNTk1OVow\n" - "EzERMA8GA1UEAxMIc2VydmVyLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" - "AoIBAQCp7I46Ga7QxXCq6SegwcKCbnMeIG2P5IaJXknjBy4rq7P3dqEdEmm/UdwS\n" - "Wp2jH+k+OFvzFe2FR1fY7UBSFdpLTaMz8YIQ1ESPu2afAxWCE1drJnphVCZyMskp\n" - "d9P9p+TXE4Y7ppxPRTvp2D/chfIcByIKPKwsjU37hrgFehb7Jolq3Er0pOPitSPj\n" - "KFVKNAktu8Z411S1hQdO7+jjr8pbFoROm2VDbYRpowCHw9ZhlC51SFKeqPTslUdv\n" - "53pmq1p02d3WMvKWuFRAIMs1UPba5prN9UI7jZztR0o7xnHm3KtWk+o4+YSDCM5R\n" - "EoiGvyhKgDoM3B/KQG+1rin2/uMdAgMBAAGjVjBUMAwGA1UdEwEB/wQCMAAwFAYD\n" - "VR0RBA0wC4IJbG9jYWxob3N0MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFDoL\n" - "zL5Pd48Psh5oe9VGrkmXclumMA0GCSqGSIb3DQEBCwUAA4IBAQA21lKw/Vr7P4hl\n" - "VBY27GOGIh7Tw0dFN8HiYX0jFRlyn7zgoRYfJMuLxtC+jJl02s+iljl9gdTlcAgt\n" - "dWs74QdKUIMHfoT12WOcIwAIMZLBspbUjn6+eoVPE6zCOfrChRCv4dM4BCz/kg6w\n" - "MqxM/UE+OS+AgO8hHN1boMbBWMcMR/ylpJE2P3nHGgTg6xsZrEn9aH8y+uqUuScn\n" - "P13H74zV1f1tTi2QT7Y/lpNKuB8vvqJgcUdxGaVQhz3q+YooSwmkDaWTz9HIAqpr\n" - "77BBxvr5eok6o528h4qJ5nA3NgLw8nIgyBP2vN/N4CsmRAZ/vHVbGEOeWRkH0rGE\n" - "SemQfe/B\n" - "-----END CERTIFICATE-----\n", - "-----BEGIN CERTIFICATE-----\n" - "MIICljCCAX4CAQAwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAxMEQ0EtMDAiGA8y\n" - "MDE0MTAwNzE0NDYyNloYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRDQS0w\n" - "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTMg33+4Q3ULz+//A9Wn\n" - "m0DCq9X1ne0q8TfCriOo4Zc2VuFsR3Bm90btX9KqVEfByD8Ba4fb/oF0F6+sb4Ej\n" - "imPI6PSwHXEX0BPSHcmv6lb+iXHRwpqsx+r9GIuPS+0vuTu07sj1yjszlx7aNXOx\n" - "hsDAFaedzO8/9nCjbrQ79cLcGusPETjGFAD9vDfBTUNtebPiW9CCNsmRUVWOm6/s\n" - "5kfy1AfcH6FZCoqvmoELz55JWzYHrWSQhgIopJ0DLfYoF8fg3XeIMUNLk+Lrcoe6\n" - "ZDCxDxGwXReNfIWnf1l1OnZAdMAt/egr9jeQR+l9y4jBhcssW7Wb8M6+wvinsMOG\n" - "MQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBosiz3l31++ZErMs09bnGe+DEQfL+t\n" - "iWRmhzLC7kF64+O4Eu+IkWvEUv+LEhHm2GLrqaKu7FAlWUMWRX3GHHxAOtNeLR7U\n" - "qXBZtq56wHA+fMv8+lqLQuT6eKLNbbuxVWZ/E1qaMax7rlQrtEpAC9ruuafcPlC5\n" - "U4YbJ4VOhfBnJzQ6KlFtbqOkGr7v/l2d9NRxorAWawPVhIteZv1Ahiu++5g+dn/R\n" - "z8ehN9SEm+c6C5mWrqHiQka3yi060gO8kBcumM/cE6BxffiOUxy2gsPC2ZrI8xkB\n" - "ghrpQ87AmWXsvVk03U1l0vHpiE3kXb5FIAbWW7In1mfULqLKgeqllMhD\n" - "-----END CERTIFICATE-----\n", - NULL + "-----BEGIN CERTIFICATE-----\n" + "MIIDAjCCAeqgAwIBAgIMVDP8wwGyCHAlXREsMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTAwIhgPMjAxNDEwMDcxNDQ2MjdaGA85OTk5MTIzMTIzNTk1OVow\n" + "EzERMA8GA1UEAxMIc2VydmVyLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQCp7I46Ga7QxXCq6SegwcKCbnMeIG2P5IaJXknjBy4rq7P3dqEdEmm/UdwS\n" + "Wp2jH+k+OFvzFe2FR1fY7UBSFdpLTaMz8YIQ1ESPu2afAxWCE1drJnphVCZyMskp\n" + "d9P9p+TXE4Y7ppxPRTvp2D/chfIcByIKPKwsjU37hrgFehb7Jolq3Er0pOPitSPj\n" + "KFVKNAktu8Z411S1hQdO7+jjr8pbFoROm2VDbYRpowCHw9ZhlC51SFKeqPTslUdv\n" + "53pmq1p02d3WMvKWuFRAIMs1UPba5prN9UI7jZztR0o7xnHm3KtWk+o4+YSDCM5R\n" + "EoiGvyhKgDoM3B/KQG+1rin2/uMdAgMBAAGjVjBUMAwGA1UdEwEB/wQCMAAwFAYD\n" + "VR0RBA0wC4IJbG9jYWxob3N0MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFDoL\n" + "zL5Pd48Psh5oe9VGrkmXclumMA0GCSqGSIb3DQEBCwUAA4IBAQA21lKw/Vr7P4hl\n" + "VBY27GOGIh7Tw0dFN8HiYX0jFRlyn7zgoRYfJMuLxtC+jJl02s+iljl9gdTlcAgt\n" + "dWs74QdKUIMHfoT12WOcIwAIMZLBspbUjn6+eoVPE6zCOfrChRCv4dM4BCz/kg6w\n" + "MqxM/UE+OS+AgO8hHN1boMbBWMcMR/ylpJE2P3nHGgTg6xsZrEn9aH8y+uqUuScn\n" + "P13H74zV1f1tTi2QT7Y/lpNKuB8vvqJgcUdxGaVQhz3q+YooSwmkDaWTz9HIAqpr\n" + "77BBxvr5eok6o528h4qJ5nA3NgLw8nIgyBP2vN/N4CsmRAZ/vHVbGEOeWRkH0rGE\n" + "SemQfe/B\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIICljCCAX4CAQAwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAxMEQ0EtMDAiGA8y\n" + "MDE0MTAwNzE0NDYyNloYDzk5OTkxMjMxMjM1OTU5WjAPMQ0wCwYDVQQDEwRDQS0w\n" + "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTMg33+4Q3ULz+//A9Wn\n" + "m0DCq9X1ne0q8TfCriOo4Zc2VuFsR3Bm90btX9KqVEfByD8Ba4fb/oF0F6+sb4Ej\n" + "imPI6PSwHXEX0BPSHcmv6lb+iXHRwpqsx+r9GIuPS+0vuTu07sj1yjszlx7aNXOx\n" + "hsDAFaedzO8/9nCjbrQ79cLcGusPETjGFAD9vDfBTUNtebPiW9CCNsmRUVWOm6/s\n" + "5kfy1AfcH6FZCoqvmoELz55JWzYHrWSQhgIopJ0DLfYoF8fg3XeIMUNLk+Lrcoe6\n" + "ZDCxDxGwXReNfIWnf1l1OnZAdMAt/egr9jeQR+l9y4jBhcssW7Wb8M6+wvinsMOG\n" + "MQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBosiz3l31++ZErMs09bnGe+DEQfL+t\n" + "iWRmhzLC7kF64+O4Eu+IkWvEUv+LEhHm2GLrqaKu7FAlWUMWRX3GHHxAOtNeLR7U\n" + "qXBZtq56wHA+fMv8+lqLQuT6eKLNbbuxVWZ/E1qaMax7rlQrtEpAC9ruuafcPlC5\n" + "U4YbJ4VOhfBnJzQ6KlFtbqOkGr7v/l2d9NRxorAWawPVhIteZv1Ahiu++5g+dn/R\n" + "z8ehN9SEm+c6C5mWrqHiQka3yi060gO8kBcumM/cE6BxffiOUxy2gsPC2ZrI8xkB\n" + "ghrpQ87AmWXsvVk03U1l0vHpiE3kXb5FIAbWW7In1mfULqLKgeqllMhD\n" + "-----END CERTIFICATE-----\n", + NULL }; static const char *pathlen_check[] = { - "-----BEGIN CERTIFICATE-----\n" - "MIIDGzCCAgOgAwIBAgIIUvuL4ymDgpEwDQYJKoZIhvcNAQELBQAwDjEMMAoGA1UE\n" - "AxMDQ0ExMCIYDzIwMTQwMjEyMTQ1NzQwWhgPOTk5OTEyMzEyMzU5NTlaMBExDzAN\n" - "BgNVBAMTBnNlcnZlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALkh\n" - "OTKvbV/OQcP9fn02UGzWNLGwS06248rOo+fHqCngf3nl/IefzktuI4Al5Qq9pq42\n" - "X2oLn/zr8kaO3L0rDcc54nVRuipfsw5nxAmwmjpfwnDgyla4Y88n57dhia/tmFlL\n" - "rpspg4YJ8Jt4/tGaNVS0OZ57LEoW7/OrqoGM7U3Xxa2QbzaNYMGcSt2ePvccCg13\n" - "+CJcXxOQcr/cUxyuk9neATJoulFtO8ycpmkLFUdi0WoThBjNCCJ8s7ZuvnGpF4vD\n" - "3fuvyM2ftiS08B2c5cv6FH9+4I7Elrb++TdVf43F0Awc2pLhm8L1fAuTtMjtbd9w\n" - "pxs0yaWR8IvQYbWM/XUCAwEAAaN2MHQwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAK\n" - "BggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBTlqmq9/mceVMMP\n" - "Z0HtoWZvHDc/tTAfBgNVHSMEGDAWgBRq1Eg1exmWS45j+lFklVwTQe5NsjANBgkq\n" - "hkiG9w0BAQsFAAOCAQEAAWX2f1XE/bR+DYCMaNAFpTjOFZ54eCBdazUqfVamPRoP\n" - "/8qyEYpMaA+IpHkJ5tXsx/rdKLgg1kNv/6bXyCwVgVcNBxpt05WUxqFG9xxLLz1K\n" - "UkbOZUA0/P9GqjRt9HeodP0Hqog1c1d4jgU3Ng7FIn5JXmLNVfl5qXfXCJ2S9WKu\n" - "pHw0M9TLOKUD2DD2T5K/iZAU0AXGRVUH39e+xsFIoawPWflfN5eNz8uikMQc+kxt\n" - "DdEMfPZidecToAcMolle53F7zZvqQswfla/3esb/bnndFAqIsnXRpi6Oj06ajzwE\n" - "TKP745KouHnNPZ3Hz1mPeusn4EJkLfTb5aBT3nJ+Kw==\n" - "-----END CERTIFICATE-----\n", - "-----BEGIN CERTIFICATE-----\n" - "MIICmzCCAYMCCFL7i7wg78R3MA0GCSqGSIb3DQEBCwUAMA4xDDAKBgNVBAMTA0NB\n" - "MjAiGA8yMDE0MDIxMjE0NTcwMloYDzk5OTkxMjMxMjM1OTU5WjAOMQwwCgYDVQQD\n" - "EwNDQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDS0OoKnGy/0Ju\n" - "U/Q+T3b5RR53oe24OoISkKE4Sia50aHeQZbYitIsQUEvMq06kdjaSA2p8qT29p9n\n" - "feDYsrhgZkWm4stp2EMkbbkB6k0hBobo4YQiQRa4ttYIsOWLMk/xR0z5ST+UoUv6\n" - "L/5IOxxJzdpUEbMJpM0Zp8AUZRKnXTc88a/zpPbYiO+LicdhlIKiUvIlnVTlvHOz\n" - "yN9y5o0Dry9i3IlDSTK8Ls54Nm6v7Z+1F1UwIXkYJCX0WxJ6w/4jHmbiRSitbH9s\n" - "UqSUm9sHCUakBJA3Y9/9K2SVWNJrG/G4LmZ+Zwr8NdZN3RrxQnWnudL4bTtM0WgY\n" - "QynV12XDAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGJbRVVxERtx5Li15n1bdAzW\n" - "HaDNKt/TkUcZvnfdtggvZLkKhPiNWksQ+9jk1RS71dSZHT9Kb9bIVhaYzaHdI+hG\n" - "7coftkY66wjD9xLv2DyqnwvuR0S8Uhj9jas5xf/P9S79ZDk61Afg7yX8aLBJpJIH\n" - "citi1c65C8rYwB8zsF1Zbbh2/6Enty+eFhS1JOuEgUFP1oO2Nj2vh4IqR3yEGdGt\n" - "Tr57CD/C97fcaeRE4LlHJIMQ9toeZ5Fc9avnOzNIxJd7BPqWWvOnu3TWufj7uaq+\n" - "CcHTlq9h0NKf9dI1GsxbscJbO3+I+hzOwYfFcNrQ+8BFGbcwx9ZcS2xO3Rx9dbc=\n" - "-----END CERTIFICATE-----\n", - "-----BEGIN CERTIFICATE-----\n" - "MIIC6DCCAdCgAwIBAgIIUvuTdCOiZ3IwDQYJKoZIhvcNAQELBQAwDjEMMAoGA1UE\n" - "AxMDQ0EyMCIYDzIwMTQwMjEyMTUyOTU3WhgPOTk5OTEyMzEyMzU5NTlaMA4xDDAK\n" - "BgNVBAMTA0NBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMGT87cJ\n" - "s9d+jgUk07eKV8rPXU32jgWo6ztrOCXD2tAvuw9sH1g/eNatatNU1efkICw0xezj\n" - "uVUl7dlt6XCpV0vy5djfLMU2lC3FQqHRaxznXx1dVeuVZVoSTpz3aW6AbTNlfCKK\n" - "8vndpjV2U8JHDSf2fGAVGQk3kdc2i46tBgCE8iaDIiOPsfQ43PogQxiWq0VuwPyc\n" - "gzeBBYw88LL3VqR4O9dCPqrSp5TDv8IRJsPa9y+POiU0pa6667lElRmPVFiab+tm\n" - "s9Y27ut3fOvzwadMWwaYr9cQNKkkqrjf0x7q02dGNDEtL26ZwGJMLPGMZxQFdU1O\n" - "AewGdCECHWY6Oh0CAwEAAaNGMEQwEgYDVR0TAQH/BAgwBgEB/wIBADAPBgNVHQ8B\n" - "Af8EBQMDBwQAMB0GA1UdDgQWBBTVa5E3/FqECiJqM3OnQasfCfLb4TANBgkqhkiG\n" - "9w0BAQsFAAOCAQEAtQudk32tQ30ldwLy5QyNzwpxTq1izycXGMkh3LvNUQrxmwzl\n" - "8EPi1d4bxdAi3ghwppImJPZ1aWOrSl9cxl7kH4clq/QdG6bKhhr/40ImZctV35fA\n" - "Kd1/aDlUUNQIv7cD/T8fb8rMmZ7RPoLsgLcVfodKwafY+X/y4ZacA2uF2L2dX37T\n" - "etQprA+hjeKu6rej9eb+ERZqYChDvp7FNbJ5fOnIZ9iG1Z714fUeuRDzvosJl6n8\n" - "aVIRHXdZbhCgKdJTR4bvFPGVFL86xLMkV7jhCImNBN9rmd59wD6g79nTUUoPDM3r\n" - "rpNkoLGmlBhUorRWbx0YAz9UojNdd4GWMefwZw==\n" - "-----END CERTIFICATE-----\n", - NULL + "-----BEGIN CERTIFICATE-----\n" + "MIIDGzCCAgOgAwIBAgIIUvuL4ymDgpEwDQYJKoZIhvcNAQELBQAwDjEMMAoGA1UE\n" + "AxMDQ0ExMCIYDzIwMTQwMjEyMTQ1NzQwWhgPOTk5OTEyMzEyMzU5NTlaMBExDzAN\n" + "BgNVBAMTBnNlcnZlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALkh\n" + "OTKvbV/OQcP9fn02UGzWNLGwS06248rOo+fHqCngf3nl/IefzktuI4Al5Qq9pq42\n" + "X2oLn/zr8kaO3L0rDcc54nVRuipfsw5nxAmwmjpfwnDgyla4Y88n57dhia/tmFlL\n" + "rpspg4YJ8Jt4/tGaNVS0OZ57LEoW7/OrqoGM7U3Xxa2QbzaNYMGcSt2ePvccCg13\n" + "+CJcXxOQcr/cUxyuk9neATJoulFtO8ycpmkLFUdi0WoThBjNCCJ8s7ZuvnGpF4vD\n" + "3fuvyM2ftiS08B2c5cv6FH9+4I7Elrb++TdVf43F0Awc2pLhm8L1fAuTtMjtbd9w\n" + "pxs0yaWR8IvQYbWM/XUCAwEAAaN2MHQwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAK\n" + "BggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBTlqmq9/mceVMMP\n" + "Z0HtoWZvHDc/tTAfBgNVHSMEGDAWgBRq1Eg1exmWS45j+lFklVwTQe5NsjANBgkq\n" + "hkiG9w0BAQsFAAOCAQEAAWX2f1XE/bR+DYCMaNAFpTjOFZ54eCBdazUqfVamPRoP\n" + "/8qyEYpMaA+IpHkJ5tXsx/rdKLgg1kNv/6bXyCwVgVcNBxpt05WUxqFG9xxLLz1K\n" + "UkbOZUA0/P9GqjRt9HeodP0Hqog1c1d4jgU3Ng7FIn5JXmLNVfl5qXfXCJ2S9WKu\n" + "pHw0M9TLOKUD2DD2T5K/iZAU0AXGRVUH39e+xsFIoawPWflfN5eNz8uikMQc+kxt\n" + "DdEMfPZidecToAcMolle53F7zZvqQswfla/3esb/bnndFAqIsnXRpi6Oj06ajzwE\n" + "TKP745KouHnNPZ3Hz1mPeusn4EJkLfTb5aBT3nJ+Kw==\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIICmzCCAYMCCFL7i7wg78R3MA0GCSqGSIb3DQEBCwUAMA4xDDAKBgNVBAMTA0NB\n" + "MjAiGA8yMDE0MDIxMjE0NTcwMloYDzk5OTkxMjMxMjM1OTU5WjAOMQwwCgYDVQQD\n" + "EwNDQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDS0OoKnGy/0Ju\n" + "U/Q+T3b5RR53oe24OoISkKE4Sia50aHeQZbYitIsQUEvMq06kdjaSA2p8qT29p9n\n" + "feDYsrhgZkWm4stp2EMkbbkB6k0hBobo4YQiQRa4ttYIsOWLMk/xR0z5ST+UoUv6\n" + "L/5IOxxJzdpUEbMJpM0Zp8AUZRKnXTc88a/zpPbYiO+LicdhlIKiUvIlnVTlvHOz\n" + "yN9y5o0Dry9i3IlDSTK8Ls54Nm6v7Z+1F1UwIXkYJCX0WxJ6w/4jHmbiRSitbH9s\n" + "UqSUm9sHCUakBJA3Y9/9K2SVWNJrG/G4LmZ+Zwr8NdZN3RrxQnWnudL4bTtM0WgY\n" + "QynV12XDAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGJbRVVxERtx5Li15n1bdAzW\n" + "HaDNKt/TkUcZvnfdtggvZLkKhPiNWksQ+9jk1RS71dSZHT9Kb9bIVhaYzaHdI+hG\n" + "7coftkY66wjD9xLv2DyqnwvuR0S8Uhj9jas5xf/P9S79ZDk61Afg7yX8aLBJpJIH\n" + "citi1c65C8rYwB8zsF1Zbbh2/6Enty+eFhS1JOuEgUFP1oO2Nj2vh4IqR3yEGdGt\n" + "Tr57CD/C97fcaeRE4LlHJIMQ9toeZ5Fc9avnOzNIxJd7BPqWWvOnu3TWufj7uaq+\n" + "CcHTlq9h0NKf9dI1GsxbscJbO3+I+hzOwYfFcNrQ+8BFGbcwx9ZcS2xO3Rx9dbc=\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIIC6DCCAdCgAwIBAgIIUvuTdCOiZ3IwDQYJKoZIhvcNAQELBQAwDjEMMAoGA1UE\n" + "AxMDQ0EyMCIYDzIwMTQwMjEyMTUyOTU3WhgPOTk5OTEyMzEyMzU5NTlaMA4xDDAK\n" + "BgNVBAMTA0NBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMGT87cJ\n" + "s9d+jgUk07eKV8rPXU32jgWo6ztrOCXD2tAvuw9sH1g/eNatatNU1efkICw0xezj\n" + "uVUl7dlt6XCpV0vy5djfLMU2lC3FQqHRaxznXx1dVeuVZVoSTpz3aW6AbTNlfCKK\n" + "8vndpjV2U8JHDSf2fGAVGQk3kdc2i46tBgCE8iaDIiOPsfQ43PogQxiWq0VuwPyc\n" + "gzeBBYw88LL3VqR4O9dCPqrSp5TDv8IRJsPa9y+POiU0pa6667lElRmPVFiab+tm\n" + "s9Y27ut3fOvzwadMWwaYr9cQNKkkqrjf0x7q02dGNDEtL26ZwGJMLPGMZxQFdU1O\n" + "AewGdCECHWY6Oh0CAwEAAaNGMEQwEgYDVR0TAQH/BAgwBgEB/wIBADAPBgNVHQ8B\n" + "Af8EBQMDBwQAMB0GA1UdDgQWBBTVa5E3/FqECiJqM3OnQasfCfLb4TANBgkqhkiG\n" + "9w0BAQsFAAOCAQEAtQudk32tQ30ldwLy5QyNzwpxTq1izycXGMkh3LvNUQrxmwzl\n" + "8EPi1d4bxdAi3ghwppImJPZ1aWOrSl9cxl7kH4clq/QdG6bKhhr/40ImZctV35fA\n" + "Kd1/aDlUUNQIv7cD/T8fb8rMmZ7RPoLsgLcVfodKwafY+X/y4ZacA2uF2L2dX37T\n" + "etQprA+hjeKu6rej9eb+ERZqYChDvp7FNbJ5fOnIZ9iG1Z714fUeuRDzvosJl6n8\n" + "aVIRHXdZbhCgKdJTR4bvFPGVFL86xLMkV7jhCImNBN9rmd59wD6g79nTUUoPDM3r\n" + "rpNkoLGmlBhUorRWbx0YAz9UojNdd4GWMefwZw==\n" + "-----END CERTIFICATE-----\n", + NULL }; static const char *cve_2014_0092_check[] = { - "-----BEGIN CERTIFICATE-----\n" - "MIIDtDCCAmygAwIBAgIETeC0yjANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDEw5H\n" - "bnVUTFMgVGVzdCBDQTAeFw0xMTA1MjgwODM5MzlaFw0zODEwMTIwODM5NDBaMC8x\n" - "LTArBgNVBAMTJEdudUFBQSBUZXN0IFNlcnZlciAoUlNBIGNlcnRpZmljYXRlKTCC\n" - "AVIwDQYJKoZIhvcNAQEBBQADggE/ADCCAToCggExALRrJ5glr8H/HsqwfvTYvO1D\n" - "hmdUXdq0HsKQX4M8AhH8E3KFsoikZUELdl8jvoqf/nlLczsux0s8vxbJl1U1F/Oh\n" - "ckswwuAnlBLzVgDmzoJLEV2kHpv6+rkbKk0Ytbql5gzHqKihbaqIhNyWDrJsHDWq\n" - "58eUPfnVx8KiDUuzbnr3CF/FCc0Vkxr3mN8qTGaJJO0f0BZjgWWlWDuhzSVim5mB\n" - "VAgXGOx8LwiiOyhXMp0XRwqG+2KxQZnm+96o6iB+8xvuuuqaIWQpkvKtc+UZBZ03\n" - "U+IRnxhfIrriiw0AjJ4vp4c9QL5KoqWSCAwuYcBYfJqZ4dasgzklzz4b7eujbZ3L\n" - "xTjewcdumzQUvjA+gpAeuUqaduTvMwxGojFy9sNhC/iqZ4n0peV2N6Epn4B5qnUC\n" - "AwEAAaOBjTCBijAMBgNVHRMBAf8EAjAAMBQGA1UdEQQNMAuCCWxvY2FsaG9zdDAT\n" - "BgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBR2\n" - "B1hM6rUp9S2ABoyDSoINCeyT3jAfBgNVHSMEGDAWgBRNVrdqAFjxZ5L0pnVVG45T\n" - "AQPvzzANBgkqhkiG9w0BAQsFAAOCATEBdNWmTsh5uIfngyhOWwm7pK2+vgUMY8nH\n" - "gMoMFHt0yuxuImcUMXu3LRS1dZSoCJACBpTFGi/Dg2U0qvOHQcEmc3OwNqHB90R3\n" - "LG5jUSCtq/bYW7h/6Gd9KeWCgZczaHbQ9IPTjLH1dLswVPt+fXKB6Eh0ggSrGATE\n" - "/wRZT/XgDCW8t4C+2+TmJ8ZEzvU87KAPQ9rUBS1+p3EUAR/FfMApApsEig1IZ+ZD\n" - "5joaGBW7zh1H0B9mEKidRvD7yuRJyzAcvD25nT15NLW0QR3dEeXosLc720xxJl1h\n" - "h8NJ7YOvn323mOjR9er4i4D6iJlXmJ8tvN9vakCankWvBzb7plFn2sfMQqICFpRc\n" - "w075D8hdQxfpGffL2tEeKSgjyNHXS7x3dFhUpN3IQjUi2x4f2e/ZXg==\n" - "-----END CERTIFICATE-----\n", - "-----BEGIN CERTIFICATE-----\n" - "MIIDUDCCAgigAwIBAgIBADANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDEw5HbnVU\n" - "TFMgVGVzdCBDQTAeFw0xMTA1MjgwODM2MzBaFw0zODEwMTIwODM2MzNaMBkxFzAV\n" - "BgNVBAMTDkdudVRMUyBUZXN0IENBMIIBUjANBgkqhkiG9w0BAQEFAAOCAT8AMIIB\n" - "OgKCATEAnORCsX1unl//fy2d1054XduIg/3CqVBaT3Hca65SEoDwh0KiPtQoOgZL\n" - "dKY2cobGs/ojYtOjcs0KnlPYdmtjEh6WEhuJU95v4TQdC4OLMiE56eIGq252hZAb\n" - "HoTL84Q14DxQWGuzQK830iml7fbw2WcIcRQ8vFGs8SzfXw63+MI6Fq6iMAQIqP08\n" - "WzGmRRzL5wvCiPhCVkrPmwbXoABub6AAsYwWPJB91M9/lx5gFH5k9/iPfi3s2Kg3\n" - "F8MOcppqFYjxDSnsfiz6eMh1+bYVIAo367vGVYHigXMEZC2FezlwIHaZzpEoFlY3\n" - "a7LFJ00yrjQ910r8UE+CEMTYzE40D0olCMo7FA9RCjeO3bUIoYaIdVTUGWEGHWSe\n" - "oxGei9Gkm6u+ASj8f+i0jxdD2qXsewIDAQABo0MwQTAPBgNVHRMBAf8EBTADAQH/\n" - "MA8GA1UdDwEB/wQFAwMHBgAwHQYDVR0OBBYEFE1Wt2oAWPFnkvSmdVUbjlMBA+/P\n" - "MA0GCSqGSIb3DQEBCwUAA4IBMQAesOgjGFi1zOYpA/N3gkUVRcBHDxmN7g2yOcqH\n" - "VfhFc+e4zhOehR11WCt2RgzNlnYVmV5zBmQBdTAt8Po/MVhLCDW1BULHlLvL0DFc\n" - "4sB1RlcGeQcCKQa4b+Q9VWf4f6TfuEWZQC5j5stiXjVgOqrOMrzKZ2eKWA4JsL9s\n" - "V+7ANSZE+hOt1X1mA8moyqe95U2Ecih+nFJSWSBd1WFiEzVnXv4FVWPXbH9HERDK\n" - "VbasjofWWmQO1YlQPishLgm1IbwqOkOk4sDgoLuUZ4GgP0DDeN6EmRDOzByrv+9u\n" - "f45Bl9IQf4IJNPLU9lEqjyMOydqT6kBi7fjV5ICuQZ4EeVJsOGuX7PqNyoDzJHLv\n" - "ferRfNLr6eQSHSxBhS0cVyDjb5gCawK6u7xTU+b7xikEie9k\n" - "-----END CERTIFICATE-----\n", - NULL + "-----BEGIN CERTIFICATE-----\n" + "MIIDtDCCAmygAwIBAgIETeC0yjANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDEw5H\n" + "bnVUTFMgVGVzdCBDQTAeFw0xMTA1MjgwODM5MzlaFw0zODEwMTIwODM5NDBaMC8x\n" + "LTArBgNVBAMTJEdudUFBQSBUZXN0IFNlcnZlciAoUlNBIGNlcnRpZmljYXRlKTCC\n" + "AVIwDQYJKoZIhvcNAQEBBQADggE/ADCCAToCggExALRrJ5glr8H/HsqwfvTYvO1D\n" + "hmdUXdq0HsKQX4M8AhH8E3KFsoikZUELdl8jvoqf/nlLczsux0s8vxbJl1U1F/Oh\n" + "ckswwuAnlBLzVgDmzoJLEV2kHpv6+rkbKk0Ytbql5gzHqKihbaqIhNyWDrJsHDWq\n" + "58eUPfnVx8KiDUuzbnr3CF/FCc0Vkxr3mN8qTGaJJO0f0BZjgWWlWDuhzSVim5mB\n" + "VAgXGOx8LwiiOyhXMp0XRwqG+2KxQZnm+96o6iB+8xvuuuqaIWQpkvKtc+UZBZ03\n" + "U+IRnxhfIrriiw0AjJ4vp4c9QL5KoqWSCAwuYcBYfJqZ4dasgzklzz4b7eujbZ3L\n" + "xTjewcdumzQUvjA+gpAeuUqaduTvMwxGojFy9sNhC/iqZ4n0peV2N6Epn4B5qnUC\n" + "AwEAAaOBjTCBijAMBgNVHRMBAf8EAjAAMBQGA1UdEQQNMAuCCWxvY2FsaG9zdDAT\n" + "BgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBR2\n" + "B1hM6rUp9S2ABoyDSoINCeyT3jAfBgNVHSMEGDAWgBRNVrdqAFjxZ5L0pnVVG45T\n" + "AQPvzzANBgkqhkiG9w0BAQsFAAOCATEBdNWmTsh5uIfngyhOWwm7pK2+vgUMY8nH\n" + "gMoMFHt0yuxuImcUMXu3LRS1dZSoCJACBpTFGi/Dg2U0qvOHQcEmc3OwNqHB90R3\n" + "LG5jUSCtq/bYW7h/6Gd9KeWCgZczaHbQ9IPTjLH1dLswVPt+fXKB6Eh0ggSrGATE\n" + "/wRZT/XgDCW8t4C+2+TmJ8ZEzvU87KAPQ9rUBS1+p3EUAR/FfMApApsEig1IZ+ZD\n" + "5joaGBW7zh1H0B9mEKidRvD7yuRJyzAcvD25nT15NLW0QR3dEeXosLc720xxJl1h\n" + "h8NJ7YOvn323mOjR9er4i4D6iJlXmJ8tvN9vakCankWvBzb7plFn2sfMQqICFpRc\n" + "w075D8hdQxfpGffL2tEeKSgjyNHXS7x3dFhUpN3IQjUi2x4f2e/ZXg==\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIIDUDCCAgigAwIBAgIBADANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDEw5HbnVU\n" + "TFMgVGVzdCBDQTAeFw0xMTA1MjgwODM2MzBaFw0zODEwMTIwODM2MzNaMBkxFzAV\n" + "BgNVBAMTDkdudVRMUyBUZXN0IENBMIIBUjANBgkqhkiG9w0BAQEFAAOCAT8AMIIB\n" + "OgKCATEAnORCsX1unl//fy2d1054XduIg/3CqVBaT3Hca65SEoDwh0KiPtQoOgZL\n" + "dKY2cobGs/ojYtOjcs0KnlPYdmtjEh6WEhuJU95v4TQdC4OLMiE56eIGq252hZAb\n" + "HoTL84Q14DxQWGuzQK830iml7fbw2WcIcRQ8vFGs8SzfXw63+MI6Fq6iMAQIqP08\n" + "WzGmRRzL5wvCiPhCVkrPmwbXoABub6AAsYwWPJB91M9/lx5gFH5k9/iPfi3s2Kg3\n" + "F8MOcppqFYjxDSnsfiz6eMh1+bYVIAo367vGVYHigXMEZC2FezlwIHaZzpEoFlY3\n" + "a7LFJ00yrjQ910r8UE+CEMTYzE40D0olCMo7FA9RCjeO3bUIoYaIdVTUGWEGHWSe\n" + "oxGei9Gkm6u+ASj8f+i0jxdD2qXsewIDAQABo0MwQTAPBgNVHRMBAf8EBTADAQH/\n" + "MA8GA1UdDwEB/wQFAwMHBgAwHQYDVR0OBBYEFE1Wt2oAWPFnkvSmdVUbjlMBA+/P\n" + "MA0GCSqGSIb3DQEBCwUAA4IBMQAesOgjGFi1zOYpA/N3gkUVRcBHDxmN7g2yOcqH\n" + "VfhFc+e4zhOehR11WCt2RgzNlnYVmV5zBmQBdTAt8Po/MVhLCDW1BULHlLvL0DFc\n" + "4sB1RlcGeQcCKQa4b+Q9VWf4f6TfuEWZQC5j5stiXjVgOqrOMrzKZ2eKWA4JsL9s\n" + "V+7ANSZE+hOt1X1mA8moyqe95U2Ecih+nFJSWSBd1WFiEzVnXv4FVWPXbH9HERDK\n" + "VbasjofWWmQO1YlQPishLgm1IbwqOkOk4sDgoLuUZ4GgP0DDeN6EmRDOzByrv+9u\n" + "f45Bl9IQf4IJNPLU9lEqjyMOydqT6kBi7fjV5ICuQZ4EeVJsOGuX7PqNyoDzJHLv\n" + "ferRfNLr6eQSHSxBhS0cVyDjb5gCawK6u7xTU+b7xikEie9k\n" + "-----END CERTIFICATE-----\n", + NULL }; /* Triggers incorrect verification success on older versions */ static const char *cve_2008_4989_chain[] = { - /* chain[0] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIB6zCCAVQCCQCgwnB/k0WZrDANBgkqhkiG9w0BAQUFADA9MQswCQYDVQQGEwJE\n" - "RTEXMBUGA1UEChMOR05VIFRMUyBBdHRhY2sxFTATBgNVBAMTDGludGVybWVkaWF0\n" - "ZTAeFw0wODExMDMxMjA1MDRaFw0wODEyMDMxMjA1MDRaMDcxCzAJBgNVBAYTAkRF\n" - "MRcwFQYDVQQKEw5HTlUgVExTIEF0dGFjazEPMA0GA1UEAxMGc2VydmVyMIGfMA0G\n" - "CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDKdL9g5ErMLOLRCjiomZlNLhy0moWGaKIW\n" - "aX6vyUIfh8d6FcArHoKoqhmX7ckvod50sOYPojQesDpl7gVaQNA6Ntr1VCcuNPef\n" - "UKWtEwL0Qu9JbPnUoIYd7mAaqVQgFp6W6yzV/dp63LH4XSdzBMhpZ/EU6vZoE8Sv\n" - "VLdqj5r6jwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAH4QRR7sZEbjW00tXYk/3O/Z\n" - "96AxJNg0F78W5B68gaJrLJ7DTE2RTglscuEq1+2Jyb4AIziwXpYqxgwcP91QpH97\n" - "XfwdXIcyjYvVLHiKmkQj2zJTY7MeyiEQQ2it8VstZG2fYmi2EiMZIEnyJ2JJ7bA7\n" - "bF7pG7Cg3oEHUM0H5KUU\n" - "-----END CERTIFICATE-----\n", - /* chain[1] (not signed by next cert) */ - "-----BEGIN CERTIFICATE-----\n" - "MIICADCCAWmgAwIBAgIJAIZ4nkHQAqTFMA0GCSqGSIb3DQEBBQUAMDUxCzAJBgNV\n" - "BAYTAkRFMRcwFQYDVQQKEw5HTlUgVExTIEF0dGFjazENMAsGA1UEAxMEcm9vdDAe\n" - "Fw0wODExMDMxMjA0NDVaFw0wODEyMDMxMjA0NDVaMD0xCzAJBgNVBAYTAkRFMRcw\n" - "FQYDVQQKEw5HTlUgVExTIEF0dGFjazEVMBMGA1UEAxMMaW50ZXJtZWRpYXRlMIGf\n" - "MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDvBpW8sAhIuUmNvcBE6wv/q7MtM1Z9\n" - "2I1SDL8eJ8I2nPg6BlCX+OIqNruynj8J7uPEQ04ZLwLxNXoyZa8057YFyrKLOvoj\n" - "5IfBtidsLWYv6PO3qqHJXVvwGdS7PKMuUlsjucCRyXVgQ07ODF7piqoVFi9KD99w\n" - "AU5+9plGrZNP/wIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA\n" - "A4GBAGPg+M+8MsB6zHN2o+jAtyqovrTTwmzVWEgfEH/aHC9+imGZRQ5lFNc2vdny\n" - "AgaJ9/izO5S6Ibb5zUowN2WhoUJOVipuQa2m9AviOgheoU7tmANC9ylm/pRkKy/0\n" - "n5UVzlKxDhRp/xBb7MWOw3KEQjiAf2Z3wCLcCPUqcJUdJC4v\n" - "-----END CERTIFICATE-----\n", - /* chain[2] (trusted CA cert) */ - "-----BEGIN CERTIFICATE-----\n" - "MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUF\n" - "ADCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYG\n" - "A1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UE\n" - "CxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl\n" - "IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYx\n" - "MTE3MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTAT\n" - "BgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT\n" - "ZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJ\n" - "bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0\n" - "ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" - "AoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQ\n" - "LZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29\n" - "dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk6KHYcWUNo1F7\n" - "7rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/KaAcd\n" - "HJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR3\n" - "2HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA\n" - "MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7\n" - "W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7OR\n" - "tvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeE\n" - "uzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQ\n" - "aEfZYGDm/Ac9IiAXxPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqd\n" - "E8hhuvU5HIe6uL17In/2/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+\n" - "MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+\n" - "fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaA==\n" - "-----END CERTIFICATE-----\n", - NULL + /* chain[0] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIB6zCCAVQCCQCgwnB/k0WZrDANBgkqhkiG9w0BAQUFADA9MQswCQYDVQQGEwJE\n" + "RTEXMBUGA1UEChMOR05VIFRMUyBBdHRhY2sxFTATBgNVBAMTDGludGVybWVkaWF0\n" + "ZTAeFw0wODExMDMxMjA1MDRaFw0wODEyMDMxMjA1MDRaMDcxCzAJBgNVBAYTAkRF\n" + "MRcwFQYDVQQKEw5HTlUgVExTIEF0dGFjazEPMA0GA1UEAxMGc2VydmVyMIGfMA0G\n" + "CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDKdL9g5ErMLOLRCjiomZlNLhy0moWGaKIW\n" + "aX6vyUIfh8d6FcArHoKoqhmX7ckvod50sOYPojQesDpl7gVaQNA6Ntr1VCcuNPef\n" + "UKWtEwL0Qu9JbPnUoIYd7mAaqVQgFp6W6yzV/dp63LH4XSdzBMhpZ/EU6vZoE8Sv\n" + "VLdqj5r6jwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAH4QRR7sZEbjW00tXYk/3O/Z\n" + "96AxJNg0F78W5B68gaJrLJ7DTE2RTglscuEq1+2Jyb4AIziwXpYqxgwcP91QpH97\n" + "XfwdXIcyjYvVLHiKmkQj2zJTY7MeyiEQQ2it8VstZG2fYmi2EiMZIEnyJ2JJ7bA7\n" + "bF7pG7Cg3oEHUM0H5KUU\n" + "-----END CERTIFICATE-----\n", + /* chain[1] (not signed by next cert) */ + "-----BEGIN CERTIFICATE-----\n" + "MIICADCCAWmgAwIBAgIJAIZ4nkHQAqTFMA0GCSqGSIb3DQEBBQUAMDUxCzAJBgNV\n" + "BAYTAkRFMRcwFQYDVQQKEw5HTlUgVExTIEF0dGFjazENMAsGA1UEAxMEcm9vdDAe\n" + "Fw0wODExMDMxMjA0NDVaFw0wODEyMDMxMjA0NDVaMD0xCzAJBgNVBAYTAkRFMRcw\n" + "FQYDVQQKEw5HTlUgVExTIEF0dGFjazEVMBMGA1UEAxMMaW50ZXJtZWRpYXRlMIGf\n" + "MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDvBpW8sAhIuUmNvcBE6wv/q7MtM1Z9\n" + "2I1SDL8eJ8I2nPg6BlCX+OIqNruynj8J7uPEQ04ZLwLxNXoyZa8057YFyrKLOvoj\n" + "5IfBtidsLWYv6PO3qqHJXVvwGdS7PKMuUlsjucCRyXVgQ07ODF7piqoVFi9KD99w\n" + "AU5+9plGrZNP/wIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA\n" + "A4GBAGPg+M+8MsB6zHN2o+jAtyqovrTTwmzVWEgfEH/aHC9+imGZRQ5lFNc2vdny\n" + "AgaJ9/izO5S6Ibb5zUowN2WhoUJOVipuQa2m9AviOgheoU7tmANC9ylm/pRkKy/0\n" + "n5UVzlKxDhRp/xBb7MWOw3KEQjiAf2Z3wCLcCPUqcJUdJC4v\n" + "-----END CERTIFICATE-----\n", + /* chain[2] (trusted CA cert) */ + "-----BEGIN CERTIFICATE-----\n" + "MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUF\n" + "ADCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYG\n" + "A1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UE\n" + "CxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl\n" + "IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYx\n" + "MTE3MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTAT\n" + "BgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT\n" + "ZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJ\n" + "bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0\n" + "ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQ\n" + "LZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29\n" + "dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk6KHYcWUNo1F7\n" + "7rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/KaAcd\n" + "HJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR3\n" + "2HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA\n" + "MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7\n" + "W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7OR\n" + "tvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeE\n" + "uzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQ\n" + "aEfZYGDm/Ac9IiAXxPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqd\n" + "E8hhuvU5HIe6uL17In/2/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+\n" + "MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+\n" + "fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaA==\n" + "-----END CERTIFICATE-----\n", + NULL }; /* Chain length 3 ends with trusted v1 RSA-MD2 chain */ static const char *verisign_com_chain[] = { - /* chain[0] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIGCDCCBPCgAwIBAgIQakrDGzEQ5utI8PxRo5oXHzANBgkqhkiG9w0BAQUFADCB\n" - "vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" - "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" - "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMv\n" - "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0Ew\n" - "HhcNMDcwNTA5MDAwMDAwWhcNMDkwNTA4MjM1OTU5WjCCAUAxEDAOBgNVBAUTBzI0\n" - "OTc4ODYxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVs\n" - "YXdhcmUxCzAJBgNVBAYTAlVTMQ4wDAYDVQQRFAU5NDA0MzETMBEGA1UECBMKQ2Fs\n" - "aWZvcm5pYTEWMBQGA1UEBxQNTW91bnRhaW4gVmlldzEiMCAGA1UECRQZNDg3IEVh\n" - "c3QgTWlkZGxlZmllbGQgUm9hZDEXMBUGA1UEChQOVmVyaVNpZ24sIEluYy4xJTAj\n" - "BgNVBAsUHFByb2R1Y3Rpb24gU2VjdXJpdHkgU2VydmljZXMxMzAxBgNVBAsUKlRl\n" - "cm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjEZMBcGA1UE\n" - "AxQQd3d3LnZlcmlzaWduLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n" - "xxA35ev879drgQCpENGRQ3ARaCPz/WneT9dtMe3qGNvzXQJs6cjm1Bx8XegyW1gB\n" - "jJX5Zl4WWbr9wpAWZ1YyJ0bEyShIGmkU8fPfbcXYwSyWoWwvE5NRaUB2ztmfAVdv\n" - "OaGMUKxny2Dnj3tAdaQ+FOeRDJJYg6K1hzczq/otOfsCAwEAAaOCAf8wggH7MAkG\n" - "A1UdEwQCMAAwHQYDVR0OBBYEFPFaiZNVR0u6UfVO4MsWVfTXzDhnMAsGA1UdDwQE\n" - "AwIFoDA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vRVZJbnRsLWNybC52ZXJpc2ln\n" - "bi5jb20vRVZJbnRsMjAwNi5jcmwwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXBjAq\n" - "MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDQGA1Ud\n" - "JQQtMCsGCCsGAQUFBwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBBgorBgEEAYI3CgMD\n" - "MB8GA1UdIwQYMBaAFE5DyB127zdTek/yWG+U8zji1b3fMHYGCCsGAQUFBwEBBGow\n" - "aDArBggrBgEFBQcwAYYfaHR0cDovL0VWSW50bC1vY3NwLnZlcmlzaWduLmNvbTA5\n" - "BggrBgEFBQcwAoYtaHR0cDovL0VWSW50bC1haWEudmVyaXNpZ24uY29tL0VWSW50\n" - "bDIwMDYuY2VyMG0GCCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAh\n" - "MB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dv\n" - "LnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMA0GCSqGSIb3DQEBBQUAA4IBAQBEueAg\n" - "xZJrjGPKAZk1NT8VtTn0yi87i9XUnSOnkFkAuI3THDd+cWbNSUzc5uFJg42GhMK7\n" - "S1Rojm8FHxESovLvimH/w111BKF9wNU2XSOb9KohfYq3GRiQG8O7v9JwIjjLepkc\n" - "iyITx7sYiJ+kwZlrNBwN6TwVHrONg6NzyzSnxCg+XgKRbJu2PqEQb6uQVkYhb+Oq\n" - "Vi9d4by9YqpnuXImSffQ0OZ/6s3Rl6vY08zIPqa6OVfjGs/H45ETblzezcUKpX0L\n" - "cqnOwUB9dVuPhtlX3X/hgz/ROxz96NBwwzha58HUgfEfkVtm+piI6TTI7XxS/7Av\n" - "nKMfhbyFQYPQ6J9g\n" - "-----END CERTIFICATE-----\n", - /* chain[1] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIGCjCCBPKgAwIBAgIQESoAbTflEG/WynzD77rMGDANBgkqhkiG9w0BAQUFADCB\n" - "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" - "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n" - "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n" - "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n" - "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBvjEL\n" - "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n" - "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n" - "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMvVmVy\n" - "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0EwggEi\n" - "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Voi6iDRkZM/NyrDu5xlzxXLZ\n" - "u0W8taj/g74cA9vtibcuEBolvFXKQaGfC88ZXnC5XjlLnjEcX4euKqqoK6IbOxAj\n" - "XxOx3QiMThTag4HjtYzjaO0kZ85Wtqybc5ZE24qMs9bwcZOO23FUSutzWWqPcFEs\n" - "A5+X0cwRerxiDZUqyRx1V+n1x+q6hDXLx4VafuRN4RGXfQ4gNEXb8aIJ6+s9nriW\n" - "Q140SwglHkMaotm3igE0PcP45a9PjP/NZfAjTsWXs1zakByChQ0GDcEitnsopAPD\n" - "TFPRWLxyvAg5/KB2qKjpS26IPeOzMSWMcylIDjJ5Bu09Q/T25On8fb6OCNUfAgMB\n" - "AAGjggH0MIIB8DAdBgNVHQ4EFgQUTkPIHXbvN1N6T/JYb5TzOOLVvd8wEgYDVR0T\n" - "AQH/BAgwBgEB/wIBADA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" - "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczA9BgNVHR8ENjA0MDKgMKAuhixo\n" - "dHRwOi8vRVZTZWN1cmUtY3JsLnZlcmlzaWduLmNvbS9wY2EzLWc1LmNybDAgBgNV\n" - "HSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDgYDVR0PAQH/BAQDAgEGMBEG\n" - "CWCGSAGG+EIBAQQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFn\n" - "ZS9naWYwITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRw\n" - "Oi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjApBgNVHREEIjAgpB4wHDEa\n" - "MBgGA1UEAxMRQ2xhc3MzQ0EyMDQ4LTEtNDgwPQYIKwYBBQUHAQEEMTAvMC0GCCsG\n" - "AQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5jb20wHwYDVR0j\n" - "BBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJKoZIhvcNAQEFBQADggEBAFqi\n" - "sb/rjdQ4qIBywtw4Lqyncfkro7tHu21pbxA2mIzHVi67vKtKm3rW8oKT4BT+is6D\n" - "t4Pbk4errGV5Sf1XqbHOCR+6EBXECQ5i4/kKJdVkmPDyqA92Mn6R5hjuvOfa0E6N\n" - "eLvincBZK8DOlQ0kDHLKNF5wIokrSrDxaIfz7kSNKEB3OW5IckUxXWs5DoYC6maZ\n" - "kzEP32fepp+MnUzOcW86Ifa5ND/5btia9z7a84Ffelxtj3z2mXS3/+QXXe1hXqtI\n" - "u5aNZkU5tBIK9nDpnHYiS2DpKhs0Sfei1GfAsSatE7rZhAHBq+GObXAWO3eskZq7\n" - "Gh/aWKfkT8Fhrryi/ks=\n" - "-----END CERTIFICATE-----\n", - /* chain[2] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIE/zCCBGigAwIBAgIQY5Jrio9Agv2swDvTeCmmwDANBgkqhkiG9w0BAQUFADBf\n" - "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" - "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" - "HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx\n" - "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n" - "dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv\n" - "ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz\n" - "IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi\n" - "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8\n" - "RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb\n" - "ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR\n" - "TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/\n" - "Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH\n" - "iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB\n" - "AAGjggHKMIIBxjAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0\n" - "dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjBt\n" - "BggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFnZS9naWYwITAfMAcGBSsOAwIa\n" - "BBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRwOi8vbG9nby52ZXJpc2lnbi5j\n" - "b20vdnNsb2dvLmdpZjA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" - "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7Lvw\n" - "MAnzQzn6Aq8zMTMwgYAGA1UdIwR5MHehY6RhMF8xCzAJBgNVBAYTAlVTMRcwFQYD\n" - "VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp\n" - "bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIQcLrkHRDZKTS2OMp7A8y6vzAg\n" - "BgNVHSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDQYJKoZIhvcNAQEFBQAD\n" - "gYEAUNfnArcMK6xK11/59ADJdeNqKOck4skH3qw6WCAYQxfrcn4eobTInOn5G3Gu\n" - "39g6DapSHmBex2UtZSxvKnJVlWYQgE4P4wGoXdzV69YdCNssXNVVc59DYhDH05dZ\n" - "P4sJH99fucYDkJjUgRUYw35ww0OFwKgUp3CxiizbXxCqEQc=\n" - "-----END CERTIFICATE-----\n", - /* chain[3] (CA) */ - "-----BEGIN CERTIFICATE-----\n" - "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n" - "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" - "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n" - "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n" - "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n" - "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" - "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n" - "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n" - "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n" - "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n" - "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n" - "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n" - "-----END CERTIFICATE-----\n", - NULL + /* chain[0] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIGCDCCBPCgAwIBAgIQakrDGzEQ5utI8PxRo5oXHzANBgkqhkiG9w0BAQUFADCB\n" + "vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" + "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" + "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMv\n" + "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0Ew\n" + "HhcNMDcwNTA5MDAwMDAwWhcNMDkwNTA4MjM1OTU5WjCCAUAxEDAOBgNVBAUTBzI0\n" + "OTc4ODYxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVs\n" + "YXdhcmUxCzAJBgNVBAYTAlVTMQ4wDAYDVQQRFAU5NDA0MzETMBEGA1UECBMKQ2Fs\n" + "aWZvcm5pYTEWMBQGA1UEBxQNTW91bnRhaW4gVmlldzEiMCAGA1UECRQZNDg3IEVh\n" + "c3QgTWlkZGxlZmllbGQgUm9hZDEXMBUGA1UEChQOVmVyaVNpZ24sIEluYy4xJTAj\n" + "BgNVBAsUHFByb2R1Y3Rpb24gU2VjdXJpdHkgU2VydmljZXMxMzAxBgNVBAsUKlRl\n" + "cm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjEZMBcGA1UE\n" + "AxQQd3d3LnZlcmlzaWduLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n" + "xxA35ev879drgQCpENGRQ3ARaCPz/WneT9dtMe3qGNvzXQJs6cjm1Bx8XegyW1gB\n" + "jJX5Zl4WWbr9wpAWZ1YyJ0bEyShIGmkU8fPfbcXYwSyWoWwvE5NRaUB2ztmfAVdv\n" + "OaGMUKxny2Dnj3tAdaQ+FOeRDJJYg6K1hzczq/otOfsCAwEAAaOCAf8wggH7MAkG\n" + "A1UdEwQCMAAwHQYDVR0OBBYEFPFaiZNVR0u6UfVO4MsWVfTXzDhnMAsGA1UdDwQE\n" + "AwIFoDA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vRVZJbnRsLWNybC52ZXJpc2ln\n" + "bi5jb20vRVZJbnRsMjAwNi5jcmwwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXBjAq\n" + "MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDQGA1Ud\n" + "JQQtMCsGCCsGAQUFBwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBBgorBgEEAYI3CgMD\n" + "MB8GA1UdIwQYMBaAFE5DyB127zdTek/yWG+U8zji1b3fMHYGCCsGAQUFBwEBBGow\n" + "aDArBggrBgEFBQcwAYYfaHR0cDovL0VWSW50bC1vY3NwLnZlcmlzaWduLmNvbTA5\n" + "BggrBgEFBQcwAoYtaHR0cDovL0VWSW50bC1haWEudmVyaXNpZ24uY29tL0VWSW50\n" + "bDIwMDYuY2VyMG0GCCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAh\n" + "MB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dv\n" + "LnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMA0GCSqGSIb3DQEBBQUAA4IBAQBEueAg\n" + "xZJrjGPKAZk1NT8VtTn0yi87i9XUnSOnkFkAuI3THDd+cWbNSUzc5uFJg42GhMK7\n" + "S1Rojm8FHxESovLvimH/w111BKF9wNU2XSOb9KohfYq3GRiQG8O7v9JwIjjLepkc\n" + "iyITx7sYiJ+kwZlrNBwN6TwVHrONg6NzyzSnxCg+XgKRbJu2PqEQb6uQVkYhb+Oq\n" + "Vi9d4by9YqpnuXImSffQ0OZ/6s3Rl6vY08zIPqa6OVfjGs/H45ETblzezcUKpX0L\n" + "cqnOwUB9dVuPhtlX3X/hgz/ROxz96NBwwzha58HUgfEfkVtm+piI6TTI7XxS/7Av\n" + "nKMfhbyFQYPQ6J9g\n" + "-----END CERTIFICATE-----\n", + /* chain[1] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIGCjCCBPKgAwIBAgIQESoAbTflEG/WynzD77rMGDANBgkqhkiG9w0BAQUFADCB\n" + "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" + "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n" + "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n" + "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n" + "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBvjEL\n" + "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n" + "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n" + "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMvVmVy\n" + "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0EwggEi\n" + "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Voi6iDRkZM/NyrDu5xlzxXLZ\n" + "u0W8taj/g74cA9vtibcuEBolvFXKQaGfC88ZXnC5XjlLnjEcX4euKqqoK6IbOxAj\n" + "XxOx3QiMThTag4HjtYzjaO0kZ85Wtqybc5ZE24qMs9bwcZOO23FUSutzWWqPcFEs\n" + "A5+X0cwRerxiDZUqyRx1V+n1x+q6hDXLx4VafuRN4RGXfQ4gNEXb8aIJ6+s9nriW\n" + "Q140SwglHkMaotm3igE0PcP45a9PjP/NZfAjTsWXs1zakByChQ0GDcEitnsopAPD\n" + "TFPRWLxyvAg5/KB2qKjpS26IPeOzMSWMcylIDjJ5Bu09Q/T25On8fb6OCNUfAgMB\n" + "AAGjggH0MIIB8DAdBgNVHQ4EFgQUTkPIHXbvN1N6T/JYb5TzOOLVvd8wEgYDVR0T\n" + "AQH/BAgwBgEB/wIBADA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" + "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczA9BgNVHR8ENjA0MDKgMKAuhixo\n" + "dHRwOi8vRVZTZWN1cmUtY3JsLnZlcmlzaWduLmNvbS9wY2EzLWc1LmNybDAgBgNV\n" + "HSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDgYDVR0PAQH/BAQDAgEGMBEG\n" + "CWCGSAGG+EIBAQQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFn\n" + "ZS9naWYwITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRw\n" + "Oi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjApBgNVHREEIjAgpB4wHDEa\n" + "MBgGA1UEAxMRQ2xhc3MzQ0EyMDQ4LTEtNDgwPQYIKwYBBQUHAQEEMTAvMC0GCCsG\n" + "AQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5jb20wHwYDVR0j\n" + "BBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJKoZIhvcNAQEFBQADggEBAFqi\n" + "sb/rjdQ4qIBywtw4Lqyncfkro7tHu21pbxA2mIzHVi67vKtKm3rW8oKT4BT+is6D\n" + "t4Pbk4errGV5Sf1XqbHOCR+6EBXECQ5i4/kKJdVkmPDyqA92Mn6R5hjuvOfa0E6N\n" + "eLvincBZK8DOlQ0kDHLKNF5wIokrSrDxaIfz7kSNKEB3OW5IckUxXWs5DoYC6maZ\n" + "kzEP32fepp+MnUzOcW86Ifa5ND/5btia9z7a84Ffelxtj3z2mXS3/+QXXe1hXqtI\n" + "u5aNZkU5tBIK9nDpnHYiS2DpKhs0Sfei1GfAsSatE7rZhAHBq+GObXAWO3eskZq7\n" + "Gh/aWKfkT8Fhrryi/ks=\n" + "-----END CERTIFICATE-----\n", + /* chain[2] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIE/zCCBGigAwIBAgIQY5Jrio9Agv2swDvTeCmmwDANBgkqhkiG9w0BAQUFADBf\n" + "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" + "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" + "HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx\n" + "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n" + "dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv\n" + "ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz\n" + "IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi\n" + "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8\n" + "RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb\n" + "ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR\n" + "TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/\n" + "Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH\n" + "iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB\n" + "AAGjggHKMIIBxjAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0\n" + "dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjBt\n" + "BggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFnZS9naWYwITAfMAcGBSsOAwIa\n" + "BBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRwOi8vbG9nby52ZXJpc2lnbi5j\n" + "b20vdnNsb2dvLmdpZjA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n" + "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7Lvw\n" + "MAnzQzn6Aq8zMTMwgYAGA1UdIwR5MHehY6RhMF8xCzAJBgNVBAYTAlVTMRcwFQYD\n" + "VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp\n" + "bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIQcLrkHRDZKTS2OMp7A8y6vzAg\n" + "BgNVHSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDQYJKoZIhvcNAQEFBQAD\n" + "gYEAUNfnArcMK6xK11/59ADJdeNqKOck4skH3qw6WCAYQxfrcn4eobTInOn5G3Gu\n" + "39g6DapSHmBex2UtZSxvKnJVlWYQgE4P4wGoXdzV69YdCNssXNVVc59DYhDH05dZ\n" + "P4sJH99fucYDkJjUgRUYw35ww0OFwKgUp3CxiizbXxCqEQc=\n" + "-----END CERTIFICATE-----\n", + /* chain[3] (CA) */ + "-----BEGIN CERTIFICATE-----\n" + "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n" + "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" + "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n" + "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n" + "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n" + "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" + "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n" + "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n" + "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n" + "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n" + "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n" + "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n" + "-----END CERTIFICATE-----\n", + NULL }; /* Chain length 2 ends with trusted v1 RSA-MD2 cert */ static const char *citibank_com_chain[] = { - /* chain[0] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIENDCCA52gAwIBAgIQauOJMlH5Ob2tFZ6rJMBdjjANBgkqhkiG9w0BAQUFADCB\n" - "ujEfMB0GA1UEChMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVy\n" - "aVNpZ24sIEluYy4xMzAxBgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2Vy\n" - "dmVyIENBIC0gQ2xhc3MgMzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMg\n" - "SW5jb3JwLmJ5IFJlZi4gTElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjAeFw0w\n" - "ODA4MjkwMDAwMDBaFw0xMDA4MjkyMzU5NTlaMHgxCzAJBgNVBAYTAlVTMRMwEQYD\n" - "VQQIEwpOZXcgSmVyc2V5MRIwEAYDVQQHFAlXZWVoYXdrZW4xEjAQBgNVBAoUCUNp\n" - "dGlncm91cDERMA8GA1UECxQId2hnLW9hazYxGTAXBgNVBAMUEHd3dy5jaXRpYmFu\n" - "ay5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALQJbSYtbndsIlslFveP\n" - "IlVNE38HnUD56BHcwfvcb8rQItXeHzYmgOf/RgHPTKG3LEZOxKqM0QpcZtEJ6xwV\n" - "cTG7Wjw/FrMisN8aO4JWaxe8dFGajstlEMxz43G5zlprb9jzjnbIvvcnz0ILikOQ\n" - "qmcThopBTs1+d4j7w/yEJo1zAgMBAAGjggF6MIIBdjAJBgNVHRMEAjAAMAsGA1Ud\n" - "DwQEAwIFoDBGBgNVHR8EPzA9MDugOaA3hjVodHRwOi8vY3JsLnZlcmlzaWduLmNv\n" - "bS9DbGFzczNJbnRlcm5hdGlvbmFsU2VydmVyLmNybDBEBgNVHSAEPTA7MDkGC2CG\n" - "SAGG+EUBBxcDMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNv\n" - "bS9ycGEwKAYDVR0lBCEwHwYJYIZIAYb4QgQBBggrBgEFBQcDAQYIKwYBBQUHAwIw\n" - "NAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC52ZXJpc2ln\n" - "bi5jb20wbgYIKwYBBQUHAQwEYjBgoV6gXDBaMFgwVhYJaW1hZ2UvZ2lmMCEwHzAH\n" - "BgUrDgMCGgQUS2u5KJYGDLvQUjibKaxLB4shBRgwJhYkaHR0cDovL2xvZ28udmVy\n" - "aXNpZ24uY29tL3ZzbG9nbzEuZ2lmMA0GCSqGSIb3DQEBBQUAA4GBAFDXKsxtWkoo\n" - "HBkNjcCvcnjNAo3Pe+eOtLHb39e5qhkNQLPGA/1/7AofY9KmEtSV2LVGeuuJI4Pi\n" - "Lg7fPl9Q0OE/oHJpj5JkObBP9Wo1vbrDR2nGWUlCRWm20rH81dTn7OcDxarwGWsR\n" - "ewTCNmpKYaMx8Q1dyMYunHJApu+fbrHu\n" - "-----END CERTIFICATE-----\n", - /* chain[1] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIDgzCCAuygAwIBAgIQJUuKhThCzONY+MXdriJupDANBgkqhkiG9w0BAQUFADBf\n" - "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" - "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" - "HhcNOTcwNDE3MDAwMDAwWhcNMTExMDI0MjM1OTU5WjCBujEfMB0GA1UEChMWVmVy\n" - "aVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVyaVNpZ24sIEluYy4xMzAx\n" - "BgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gQ2xhc3Mg\n" - "MzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMgSW5jb3JwLmJ5IFJlZi4g\n" - "TElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjCBnzANBgkqhkiG9w0BAQEFAAOB\n" - "jQAwgYkCgYEA2IKA6NYZAn0fhRg5JaJlK+G/1AXTvOY2O6rwTGxbtueqPHNFVbLx\n" - "veqXQu2aNAoV1Klc9UAl3dkHwTKydWzEyruj/lYncUOqY/UwPpMo5frxCTvzt01O\n" - "OfdcSVq4wR3Tsor+cDCVQsv+K1GLWjw6+SJPkLICp1OcTzTnqwSye28CAwEAAaOB\n" - "4zCB4DAPBgNVHRMECDAGAQH/AgEAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHAQEw\n" - "KjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQUzA0BgNV\n" - "HSUELTArBggrBgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEAQYKYIZIAYb4RQEI\n" - "ATALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgEGMDEGA1UdHwQqMCgwJqAk\n" - "oCKGIGh0dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA0GCSqGSIb3DQEB\n" - "BQUAA4GBAAgB7ORolANC8XPxI6I63unx2sZUxCM+hurPajozq+qcBBQHNgYL+Yhv\n" - "1RPuKSvD5HKNRO3RrCAJLeH24RkFOLA9D59/+J4C3IYChmFOJl9en5IeDCSk9dBw\n" - "E88mw0M9SR2egi5SX7w+xmYpAY5Okiy8RnUDgqxz6dl+C2fvVFIa\n" - "-----END CERTIFICATE-----\n", - /* chain[2] (CA) */ - "-----BEGIN CERTIFICATE-----\n" - "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n" - "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" - "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n" - "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n" - "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n" - "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" - "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n" - "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n" - "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n" - "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n" - "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n" - "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n" - "-----END CERTIFICATE-----\n", - NULL + /* chain[0] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIENDCCA52gAwIBAgIQauOJMlH5Ob2tFZ6rJMBdjjANBgkqhkiG9w0BAQUFADCB\n" + "ujEfMB0GA1UEChMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVy\n" + "aVNpZ24sIEluYy4xMzAxBgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2Vy\n" + "dmVyIENBIC0gQ2xhc3MgMzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMg\n" + "SW5jb3JwLmJ5IFJlZi4gTElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjAeFw0w\n" + "ODA4MjkwMDAwMDBaFw0xMDA4MjkyMzU5NTlaMHgxCzAJBgNVBAYTAlVTMRMwEQYD\n" + "VQQIEwpOZXcgSmVyc2V5MRIwEAYDVQQHFAlXZWVoYXdrZW4xEjAQBgNVBAoUCUNp\n" + "dGlncm91cDERMA8GA1UECxQId2hnLW9hazYxGTAXBgNVBAMUEHd3dy5jaXRpYmFu\n" + "ay5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALQJbSYtbndsIlslFveP\n" + "IlVNE38HnUD56BHcwfvcb8rQItXeHzYmgOf/RgHPTKG3LEZOxKqM0QpcZtEJ6xwV\n" + "cTG7Wjw/FrMisN8aO4JWaxe8dFGajstlEMxz43G5zlprb9jzjnbIvvcnz0ILikOQ\n" + "qmcThopBTs1+d4j7w/yEJo1zAgMBAAGjggF6MIIBdjAJBgNVHRMEAjAAMAsGA1Ud\n" + "DwQEAwIFoDBGBgNVHR8EPzA9MDugOaA3hjVodHRwOi8vY3JsLnZlcmlzaWduLmNv\n" + "bS9DbGFzczNJbnRlcm5hdGlvbmFsU2VydmVyLmNybDBEBgNVHSAEPTA7MDkGC2CG\n" + "SAGG+EUBBxcDMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNv\n" + "bS9ycGEwKAYDVR0lBCEwHwYJYIZIAYb4QgQBBggrBgEFBQcDAQYIKwYBBQUHAwIw\n" + "NAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC52ZXJpc2ln\n" + "bi5jb20wbgYIKwYBBQUHAQwEYjBgoV6gXDBaMFgwVhYJaW1hZ2UvZ2lmMCEwHzAH\n" + "BgUrDgMCGgQUS2u5KJYGDLvQUjibKaxLB4shBRgwJhYkaHR0cDovL2xvZ28udmVy\n" + "aXNpZ24uY29tL3ZzbG9nbzEuZ2lmMA0GCSqGSIb3DQEBBQUAA4GBAFDXKsxtWkoo\n" + "HBkNjcCvcnjNAo3Pe+eOtLHb39e5qhkNQLPGA/1/7AofY9KmEtSV2LVGeuuJI4Pi\n" + "Lg7fPl9Q0OE/oHJpj5JkObBP9Wo1vbrDR2nGWUlCRWm20rH81dTn7OcDxarwGWsR\n" + "ewTCNmpKYaMx8Q1dyMYunHJApu+fbrHu\n" + "-----END CERTIFICATE-----\n", + /* chain[1] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIDgzCCAuygAwIBAgIQJUuKhThCzONY+MXdriJupDANBgkqhkiG9w0BAQUFADBf\n" + "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" + "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" + "HhcNOTcwNDE3MDAwMDAwWhcNMTExMDI0MjM1OTU5WjCBujEfMB0GA1UEChMWVmVy\n" + "aVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVyaVNpZ24sIEluYy4xMzAx\n" + "BgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gQ2xhc3Mg\n" + "MzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMgSW5jb3JwLmJ5IFJlZi4g\n" + "TElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjCBnzANBgkqhkiG9w0BAQEFAAOB\n" + "jQAwgYkCgYEA2IKA6NYZAn0fhRg5JaJlK+G/1AXTvOY2O6rwTGxbtueqPHNFVbLx\n" + "veqXQu2aNAoV1Klc9UAl3dkHwTKydWzEyruj/lYncUOqY/UwPpMo5frxCTvzt01O\n" + "OfdcSVq4wR3Tsor+cDCVQsv+K1GLWjw6+SJPkLICp1OcTzTnqwSye28CAwEAAaOB\n" + "4zCB4DAPBgNVHRMECDAGAQH/AgEAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHAQEw\n" + "KjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQUzA0BgNV\n" + "HSUELTArBggrBgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEAQYKYIZIAYb4RQEI\n" + "ATALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgEGMDEGA1UdHwQqMCgwJqAk\n" + "oCKGIGh0dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA0GCSqGSIb3DQEB\n" + "BQUAA4GBAAgB7ORolANC8XPxI6I63unx2sZUxCM+hurPajozq+qcBBQHNgYL+Yhv\n" + "1RPuKSvD5HKNRO3RrCAJLeH24RkFOLA9D59/+J4C3IYChmFOJl9en5IeDCSk9dBw\n" + "E88mw0M9SR2egi5SX7w+xmYpAY5Okiy8RnUDgqxz6dl+C2fvVFIa\n" + "-----END CERTIFICATE-----\n", + /* chain[2] (CA) */ + "-----BEGIN CERTIFICATE-----\n" + "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n" + "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" + "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n" + "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n" + "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n" + "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" + "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n" + "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n" + "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n" + "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n" + "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n" + "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n" + "-----END CERTIFICATE-----\n", + NULL }; /* Self-signed certificate */ static const char *pem_self_cert[] = { - "-----BEGIN CERTIFICATE-----\n" - "MIIDgjCCAmygAwIBAgIBADALBgkqhkiG9w0BAQUwSzELMAkGA1UEBhMCQlIxFDAS\n" - "BgNVBAoTC01pbmFzIExpdnJlMSYwJAYDVQQDEx1UaGFkZXUgTGltYSBkZSBTb3V6\n" - "YSBDYXNjYXJkbzAeFw0wODA1MzAxOTUzNDNaFw0wODExMjYxOTUzNDNaMEsxCzAJ\n" - "BgNVBAYTAkJSMRQwEgYDVQQKEwtNaW5hcyBMaXZyZTEmMCQGA1UEAxMdVGhhZGV1\n" - "IExpbWEgZGUgU291emEgQ2FzY2FyZG8wggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIB\n" - "CQKCAQC4D934O6wrXJbMyu1w8gu6nN0aNUDGqrX9UgaB/4xVuYhPlhjH0z9Dqic9\n" - "0pEZmyNCjQmzDSg/hnlY3fBG0i9Iel2oYn1UB4SdcJ2qGkLS87y2ZbMTS1oyMR7/\n" - "y9l3WGEWqwgjIvOjGstcZo0rCIF8Qr21QGX22KWg2HXlMaZyA9bGtJ+L+x6f2hoo\n" - "yIPCA30VMvIgHjOSPQJF3iJFE4Uxq1PQ65W91NyI6/bRKFOmFdCUJW8tqqvntYP8\n" - "hEE08wGlKimFNv7CqZuRI8QuOnhZ7pBXkyvQpW8yHrORlOHxSjkNQKjddt92TCJb\n" - "1q6eKv2CtCuDLgCuIy0Onr4U9n+hAgMBAAGjeDB2MA8GA1UdEwEB/wQFMAMBAf8w\n" - "HgYDVR0RBBcwFYITbWFpbC5taW5hc2xpdnJlLm9yZzATBgNVHSUEDDAKBggrBgEF\n" - "BQcDATAPBgNVHQ8BAf8EBQMDB6QAMB0GA1UdDgQWBBQ/5v42y0jBHUKEfqpPmr5a\n" - "WsjCGjALBgkqhkiG9w0BAQUDggEBAC/WfO2yK3vM9bG0qFEj8sd0cWiapMhf5PtH\n" - "jigcPb/OKqSFQVXpAdNiUclPRP79Ih3CuWiXfZ/CW0+k2Z8tyy6AnEQItWvoVh/b\n" - "8lS7Ph/f9JUYHp2DtgsQWcNQbrUZOPFBu8J4MD6cDWG5Uxwl3YASg30ZdmMDNT8B\n" - "HshYz0HUOAhYwVSI3J/f7LFhD5OpjSroHgE7wA9UJrerAp9f7e3e9D7kNQ8DlvLP\n" - "kz6Jh+5M/xD3JO1yl+evaCp3LA+z4M2xiNvtzkAEgj3t6RaJ81Sh5XGiooDYZ14R\n" - "DgEBYLTUfBYBPzoaahPEdG/f0kUjUBJ34fkBUSjJKURPTHJfDfA=\n" - "-----END CERTIFICATE-----\n", - NULL + "-----BEGIN CERTIFICATE-----\n" + "MIIDgjCCAmygAwIBAgIBADALBgkqhkiG9w0BAQUwSzELMAkGA1UEBhMCQlIxFDAS\n" + "BgNVBAoTC01pbmFzIExpdnJlMSYwJAYDVQQDEx1UaGFkZXUgTGltYSBkZSBTb3V6\n" + "YSBDYXNjYXJkbzAeFw0wODA1MzAxOTUzNDNaFw0wODExMjYxOTUzNDNaMEsxCzAJ\n" + "BgNVBAYTAkJSMRQwEgYDVQQKEwtNaW5hcyBMaXZyZTEmMCQGA1UEAxMdVGhhZGV1\n" + "IExpbWEgZGUgU291emEgQ2FzY2FyZG8wggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIB\n" + "CQKCAQC4D934O6wrXJbMyu1w8gu6nN0aNUDGqrX9UgaB/4xVuYhPlhjH0z9Dqic9\n" + "0pEZmyNCjQmzDSg/hnlY3fBG0i9Iel2oYn1UB4SdcJ2qGkLS87y2ZbMTS1oyMR7/\n" + "y9l3WGEWqwgjIvOjGstcZo0rCIF8Qr21QGX22KWg2HXlMaZyA9bGtJ+L+x6f2hoo\n" + "yIPCA30VMvIgHjOSPQJF3iJFE4Uxq1PQ65W91NyI6/bRKFOmFdCUJW8tqqvntYP8\n" + "hEE08wGlKimFNv7CqZuRI8QuOnhZ7pBXkyvQpW8yHrORlOHxSjkNQKjddt92TCJb\n" + "1q6eKv2CtCuDLgCuIy0Onr4U9n+hAgMBAAGjeDB2MA8GA1UdEwEB/wQFMAMBAf8w\n" + "HgYDVR0RBBcwFYITbWFpbC5taW5hc2xpdnJlLm9yZzATBgNVHSUEDDAKBggrBgEF\n" + "BQcDATAPBgNVHQ8BAf8EBQMDB6QAMB0GA1UdDgQWBBQ/5v42y0jBHUKEfqpPmr5a\n" + "WsjCGjALBgkqhkiG9w0BAQUDggEBAC/WfO2yK3vM9bG0qFEj8sd0cWiapMhf5PtH\n" + "jigcPb/OKqSFQVXpAdNiUclPRP79Ih3CuWiXfZ/CW0+k2Z8tyy6AnEQItWvoVh/b\n" + "8lS7Ph/f9JUYHp2DtgsQWcNQbrUZOPFBu8J4MD6cDWG5Uxwl3YASg30ZdmMDNT8B\n" + "HshYz0HUOAhYwVSI3J/f7LFhD5OpjSroHgE7wA9UJrerAp9f7e3e9D7kNQ8DlvLP\n" + "kz6Jh+5M/xD3JO1yl+evaCp3LA+z4M2xiNvtzkAEgj3t6RaJ81Sh5XGiooDYZ14R\n" + "DgEBYLTUfBYBPzoaahPEdG/f0kUjUBJ34fkBUSjJKURPTHJfDfA=\n" + "-----END CERTIFICATE-----\n", + NULL }; /* Chain length 2, CA constraint FALSE in v3 CA cert)*/ static const char *thea_chain[] = { - /* chain[0] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIC7DCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJERTEM\n" - "MAoGA1UECBMDUkxQMSAwHgYDVQQKExdUZWNobmlzY2hlIFVuaXZlcnNpdGFldDEb\n" - "MBkGA1UECxMSRmFjaGJlcmVpY2ggUGh5c2lrMQswCQYDVQQDEwJDQTAeFw0wODA5\n" - "MTExMDUyMDdaFw0xODA5MDkxMDUyMDdaMIGTMQswCQYDVQQGEwJERTEMMAoGA1UE\n" - "CBMDUkxQMRcwFQYDVQQHEw5LYWlzZXJzbGF1dGVybjEgMB4GA1UEChMXVGVjaG5p\n" - "c2NoZSBVbml2ZXJzaXRhZXQxGzAZBgNVBAsTEkZhY2hiZXJlaWNoIFBoeXNpazEe\n" - "MBwGA1UEAxMVdGhlYS5waHlzaWsudW5pLWtsLmRlMIGfMA0GCSqGSIb3DQEBAQUA\n" - "A4GNADCBiQKBgQC/gTUrXSeNvuRH+ibdR7zvlCGs+66C6tDaq14SpEDiY/FEw/S4\n" - "mkhsHohiQkmqpcPJ0FONok7bvJryKZwwhGFHeESvvWjFVNIdxFgf6Jx2McKsRzBD\n" - "nbgVNeK6bywh2L5WgOeckRm0vUxCwX+jWtETorNHSYnZI9smmBtJ1FIPkQIDAQAB\n" - "o3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRl\n" - "ZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUS0IiRshnnlH2bneYeCn6OkY9nZAwHwYD\n" - "VR0jBBgwFoAU+rCwSUUzK53X9W5otZG4okyY/rswDQYJKoZIhvcNAQEFBQADgYEA\n" - "g0f6XFxpUL2hncpQcnKorNYdOkZkZHiKqu2SINtla+IbLZFO4nVVO+LKt+RCo2o7\n" - "tZIMLEU3aCeH5dgSEKQeyL5MPMg3MbA6ezjOBTkT/YgngzM4CMLOKcvAMLncfH/z\n" - "GYBW1DXijIy1r/SxO0k9zy8OEtKeOOUO0GqQTWuTOOg=\n" - "-----END CERTIFICATE-----\n", - /* chain[1] (CA) */ - "-----BEGIN CERTIFICATE-----\n" - "MIICvzCCAiigAwIBAgIBADANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJERTEM\n" - "MAoGA1UECBMDUkxQMSAwHgYDVQQKExdUZWNobmlzY2hlIFVuaXZlcnNpdGFldDEb\n" - "MBkGA1UECxMSRmFjaGJlcmVpY2ggUGh5c2lrMQswCQYDVQQDEwJDQTAeFw0wODA5\n" - "MTExMDQ3NDRaFw0xODA5MDkxMDQ3NDRaMGcxCzAJBgNVBAYTAkRFMQwwCgYDVQQI\n" - "EwNSTFAxIDAeBgNVBAoTF1RlY2huaXNjaGUgVW5pdmVyc2l0YWV0MRswGQYDVQQL\n" - "ExJGYWNoYmVyZWljaCBQaHlzaWsxCzAJBgNVBAMTAkNBMIGfMA0GCSqGSIb3DQEB\n" - "AQUAA4GNADCBiQKBgQC76RbqsB5J+VvU1KbBCrkIL3lgY8BxgFvYF3HiHgxtCdqq\n" - "BmRpAaDBcVAuEb1ihhP68181sYQ1UPMY+zwBwXVNSVvjeBba1JjGmagwPnJXOCay\n" - "7Cw5orY8KB7U33neEOGrlz1EKQGVaPsr993wGD/7AmntuVuxrRVpzoDP5s0PIwID\n" - "AQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVy\n" - "YXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU+rCwSUUzK53X9W5otZG4okyY/rsw\n" - "HwYDVR0jBBgwFoAU+rCwSUUzK53X9W5otZG4okyY/rswDQYJKoZIhvcNAQEFBQAD\n" - "gYEAUT+LmosiDHGuLAZmY40obam0eexJzn/g++mDy3FMh3WmMBKSsfwFsFsQ4k7N\n" - "lv1SCfTYeh2hpw/DQzkiYZUkcQI4mBR4hG5Zv56AfYQLGeLtN4VOOCMxguftvzv0\n" - "kziQa2QW+VzVJqV1gpRCRT30Jaa9s4u6ipO9DT5N03F4CcI=\n" - "-----END CERTIFICATE-----\n", - NULL + /* chain[0] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIC7DCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJERTEM\n" + "MAoGA1UECBMDUkxQMSAwHgYDVQQKExdUZWNobmlzY2hlIFVuaXZlcnNpdGFldDEb\n" + "MBkGA1UECxMSRmFjaGJlcmVpY2ggUGh5c2lrMQswCQYDVQQDEwJDQTAeFw0wODA5\n" + "MTExMDUyMDdaFw0xODA5MDkxMDUyMDdaMIGTMQswCQYDVQQGEwJERTEMMAoGA1UE\n" + "CBMDUkxQMRcwFQYDVQQHEw5LYWlzZXJzbGF1dGVybjEgMB4GA1UEChMXVGVjaG5p\n" + "c2NoZSBVbml2ZXJzaXRhZXQxGzAZBgNVBAsTEkZhY2hiZXJlaWNoIFBoeXNpazEe\n" + "MBwGA1UEAxMVdGhlYS5waHlzaWsudW5pLWtsLmRlMIGfMA0GCSqGSIb3DQEBAQUA\n" + "A4GNADCBiQKBgQC/gTUrXSeNvuRH+ibdR7zvlCGs+66C6tDaq14SpEDiY/FEw/S4\n" + "mkhsHohiQkmqpcPJ0FONok7bvJryKZwwhGFHeESvvWjFVNIdxFgf6Jx2McKsRzBD\n" + "nbgVNeK6bywh2L5WgOeckRm0vUxCwX+jWtETorNHSYnZI9smmBtJ1FIPkQIDAQAB\n" + "o3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRl\n" + "ZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUS0IiRshnnlH2bneYeCn6OkY9nZAwHwYD\n" + "VR0jBBgwFoAU+rCwSUUzK53X9W5otZG4okyY/rswDQYJKoZIhvcNAQEFBQADgYEA\n" + "g0f6XFxpUL2hncpQcnKorNYdOkZkZHiKqu2SINtla+IbLZFO4nVVO+LKt+RCo2o7\n" + "tZIMLEU3aCeH5dgSEKQeyL5MPMg3MbA6ezjOBTkT/YgngzM4CMLOKcvAMLncfH/z\n" + "GYBW1DXijIy1r/SxO0k9zy8OEtKeOOUO0GqQTWuTOOg=\n" + "-----END CERTIFICATE-----\n", + /* chain[1] (CA) */ + "-----BEGIN CERTIFICATE-----\n" + "MIICvzCCAiigAwIBAgIBADANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJERTEM\n" + "MAoGA1UECBMDUkxQMSAwHgYDVQQKExdUZWNobmlzY2hlIFVuaXZlcnNpdGFldDEb\n" + "MBkGA1UECxMSRmFjaGJlcmVpY2ggUGh5c2lrMQswCQYDVQQDEwJDQTAeFw0wODA5\n" + "MTExMDQ3NDRaFw0xODA5MDkxMDQ3NDRaMGcxCzAJBgNVBAYTAkRFMQwwCgYDVQQI\n" + "EwNSTFAxIDAeBgNVBAoTF1RlY2huaXNjaGUgVW5pdmVyc2l0YWV0MRswGQYDVQQL\n" + "ExJGYWNoYmVyZWljaCBQaHlzaWsxCzAJBgNVBAMTAkNBMIGfMA0GCSqGSIb3DQEB\n" + "AQUAA4GNADCBiQKBgQC76RbqsB5J+VvU1KbBCrkIL3lgY8BxgFvYF3HiHgxtCdqq\n" + "BmRpAaDBcVAuEb1ihhP68181sYQ1UPMY+zwBwXVNSVvjeBba1JjGmagwPnJXOCay\n" + "7Cw5orY8KB7U33neEOGrlz1EKQGVaPsr993wGD/7AmntuVuxrRVpzoDP5s0PIwID\n" + "AQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVy\n" + "YXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU+rCwSUUzK53X9W5otZG4okyY/rsw\n" + "HwYDVR0jBBgwFoAU+rCwSUUzK53X9W5otZG4okyY/rswDQYJKoZIhvcNAQEFBQAD\n" + "gYEAUT+LmosiDHGuLAZmY40obam0eexJzn/g++mDy3FMh3WmMBKSsfwFsFsQ4k7N\n" + "lv1SCfTYeh2hpw/DQzkiYZUkcQI4mBR4hG5Zv56AfYQLGeLtN4VOOCMxguftvzv0\n" + "kziQa2QW+VzVJqV1gpRCRT30Jaa9s4u6ipO9DT5N03F4CcI=\n" + "-----END CERTIFICATE-----\n", + NULL }; /* Chain length 3 ends with trusted v1 RSA-MD2 cert, similar to verisign_com_chain above */ static const char *hbci_chain[] = { - /* chain[0] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIEczCCA9ygAwIBAgIQeODCPg2RbK2r7/1KoWjWZzANBgkqhkiG9w0BAQUFADCB\n" - "ujEfMB0GA1UEChMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVy\n" - "aVNpZ24sIEluYy4xMzAxBgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2Vy\n" - "dmVyIENBIC0gQ2xhc3MgMzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMg\n" - "SW5jb3JwLmJ5IFJlZi4gTElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjAeFw0w\n" - "ODA2MTAwMDAwMDBaFw0wOTA3MzAyMzU5NTlaMIG2MQswCQYDVQQGEwJERTEPMA0G\n" - "A1UECBMGSGVzc2VuMRowGAYDVQQHFBFGcmFua2Z1cnQgYW0gTWFpbjEsMCoGA1UE\n" - "ChQjU3Bhcmthc3NlbiBJbmZvcm1hdGlrIEdtYkggJiBDby4gS0cxKTAnBgNVBAsU\n" - "IFRlcm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tMSEwHwYDVQQDFBhoYmNp\n" - "LXBpbnRhbi1ycC5zLWhiY2kuZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB\n" - "AK1CdQ9lqmChZWaRAInimuK7I36VImTuAVU0N6BIS4a2BbblkiekbVf15GVHGb6e\n" - "QV06ANN6Nd8XIdfoxi3LoAs8sa+Ku7eoEsRFi/XIU96GgtFlxf3EsVA9RbGdtfer\n" - "9iJGIBae2mJTlk+5LVg2EQr50PJlBuTgiYFc41xs9O2RAgMBAAGjggF6MIIBdjAJ\n" - "BgNVHRMEAjAAMAsGA1UdDwQEAwIFoDBGBgNVHR8EPzA9MDugOaA3hjVodHRwOi8v\n" - "Y3JsLnZlcmlzaWduLmNvbS9DbGFzczNJbnRlcm5hdGlvbmFsU2VydmVyLmNybDBE\n" - "BgNVHSAEPTA7MDkGC2CGSAGG+EUBBxcDMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\n" - "d3d3LnZlcmlzaWduLmNvbS9ycGEwKAYDVR0lBCEwHwYJYIZIAYb4QgQBBggrBgEF\n" - "BQcDAQYIKwYBBQUHAwIwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRw\n" - "Oi8vb2NzcC52ZXJpc2lnbi5jb20wbgYIKwYBBQUHAQwEYjBgoV6gXDBaMFgwVhYJ\n" - "aW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUS2u5KJYGDLvQUjibKaxLB4shBRgwJhYk\n" - "aHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nbzEuZ2lmMA0GCSqGSIb3DQEB\n" - "BQUAA4GBAJ03R0YAjYzlWm54gMSn6MqJi0mHdLCO2lk3CARwjbg7TEYAZvDsKqTd\n" - "cRuhNk079BqrQ3QapffeN55SAVrc3mzHO54Nla4n5y6x3XIQXVvRjbJGwmWXsdvr\n" - "W899F/pBEN30Tgdbmn7JR/iZlGhIJpY9Us1i7rwQhKYir9ZQBdj3\n" - "-----END CERTIFICATE-----\n", - /* chain[1] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIDgzCCAuygAwIBAgIQJUuKhThCzONY+MXdriJupDANBgkqhkiG9w0BAQUFADBf\n" - "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" - "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" - "HhcNOTcwNDE3MDAwMDAwWhcNMTExMDI0MjM1OTU5WjCBujEfMB0GA1UEChMWVmVy\n" - "aVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVyaVNpZ24sIEluYy4xMzAx\n" - "BgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gQ2xhc3Mg\n" - "MzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMgSW5jb3JwLmJ5IFJlZi4g\n" - "TElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjCBnzANBgkqhkiG9w0BAQEFAAOB\n" - "jQAwgYkCgYEA2IKA6NYZAn0fhRg5JaJlK+G/1AXTvOY2O6rwTGxbtueqPHNFVbLx\n" - "veqXQu2aNAoV1Klc9UAl3dkHwTKydWzEyruj/lYncUOqY/UwPpMo5frxCTvzt01O\n" - "OfdcSVq4wR3Tsor+cDCVQsv+K1GLWjw6+SJPkLICp1OcTzTnqwSye28CAwEAAaOB\n" - "4zCB4DAPBgNVHRMECDAGAQH/AgEAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHAQEw\n" - "KjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQUzA0BgNV\n" - "HSUELTArBggrBgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEAQYKYIZIAYb4RQEI\n" - "ATALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgEGMDEGA1UdHwQqMCgwJqAk\n" - "oCKGIGh0dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA0GCSqGSIb3DQEB\n" - "BQUAA4GBAAgB7ORolANC8XPxI6I63unx2sZUxCM+hurPajozq+qcBBQHNgYL+Yhv\n" - "1RPuKSvD5HKNRO3RrCAJLeH24RkFOLA9D59/+J4C3IYChmFOJl9en5IeDCSk9dBw\n" - "E88mw0M9SR2egi5SX7w+xmYpAY5Okiy8RnUDgqxz6dl+C2fvVFIa\n" - "-----END CERTIFICATE-----\n", - /* chain[2] */ - "-----BEGIN CERTIFICATE-----\n" - "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n" - "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" - "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n" - "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n" - "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n" - "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" - "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n" - "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n" - "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n" - "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n" - "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n" - "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n" - "-----END CERTIFICATE-----\n", - NULL + /* chain[0] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIEczCCA9ygAwIBAgIQeODCPg2RbK2r7/1KoWjWZzANBgkqhkiG9w0BAQUFADCB\n" + "ujEfMB0GA1UEChMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVy\n" + "aVNpZ24sIEluYy4xMzAxBgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2Vy\n" + "dmVyIENBIC0gQ2xhc3MgMzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMg\n" + "SW5jb3JwLmJ5IFJlZi4gTElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjAeFw0w\n" + "ODA2MTAwMDAwMDBaFw0wOTA3MzAyMzU5NTlaMIG2MQswCQYDVQQGEwJERTEPMA0G\n" + "A1UECBMGSGVzc2VuMRowGAYDVQQHFBFGcmFua2Z1cnQgYW0gTWFpbjEsMCoGA1UE\n" + "ChQjU3Bhcmthc3NlbiBJbmZvcm1hdGlrIEdtYkggJiBDby4gS0cxKTAnBgNVBAsU\n" + "IFRlcm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tMSEwHwYDVQQDFBhoYmNp\n" + "LXBpbnRhbi1ycC5zLWhiY2kuZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB\n" + "AK1CdQ9lqmChZWaRAInimuK7I36VImTuAVU0N6BIS4a2BbblkiekbVf15GVHGb6e\n" + "QV06ANN6Nd8XIdfoxi3LoAs8sa+Ku7eoEsRFi/XIU96GgtFlxf3EsVA9RbGdtfer\n" + "9iJGIBae2mJTlk+5LVg2EQr50PJlBuTgiYFc41xs9O2RAgMBAAGjggF6MIIBdjAJ\n" + "BgNVHRMEAjAAMAsGA1UdDwQEAwIFoDBGBgNVHR8EPzA9MDugOaA3hjVodHRwOi8v\n" + "Y3JsLnZlcmlzaWduLmNvbS9DbGFzczNJbnRlcm5hdGlvbmFsU2VydmVyLmNybDBE\n" + "BgNVHSAEPTA7MDkGC2CGSAGG+EUBBxcDMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\n" + "d3d3LnZlcmlzaWduLmNvbS9ycGEwKAYDVR0lBCEwHwYJYIZIAYb4QgQBBggrBgEF\n" + "BQcDAQYIKwYBBQUHAwIwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRw\n" + "Oi8vb2NzcC52ZXJpc2lnbi5jb20wbgYIKwYBBQUHAQwEYjBgoV6gXDBaMFgwVhYJ\n" + "aW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUS2u5KJYGDLvQUjibKaxLB4shBRgwJhYk\n" + "aHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nbzEuZ2lmMA0GCSqGSIb3DQEB\n" + "BQUAA4GBAJ03R0YAjYzlWm54gMSn6MqJi0mHdLCO2lk3CARwjbg7TEYAZvDsKqTd\n" + "cRuhNk079BqrQ3QapffeN55SAVrc3mzHO54Nla4n5y6x3XIQXVvRjbJGwmWXsdvr\n" + "W899F/pBEN30Tgdbmn7JR/iZlGhIJpY9Us1i7rwQhKYir9ZQBdj3\n" + "-----END CERTIFICATE-----\n", + /* chain[1] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIDgzCCAuygAwIBAgIQJUuKhThCzONY+MXdriJupDANBgkqhkiG9w0BAQUFADBf\n" + "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" + "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" + "HhcNOTcwNDE3MDAwMDAwWhcNMTExMDI0MjM1OTU5WjCBujEfMB0GA1UEChMWVmVy\n" + "aVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVyaVNpZ24sIEluYy4xMzAx\n" + "BgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gQ2xhc3Mg\n" + "MzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMgSW5jb3JwLmJ5IFJlZi4g\n" + "TElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjCBnzANBgkqhkiG9w0BAQEFAAOB\n" + "jQAwgYkCgYEA2IKA6NYZAn0fhRg5JaJlK+G/1AXTvOY2O6rwTGxbtueqPHNFVbLx\n" + "veqXQu2aNAoV1Klc9UAl3dkHwTKydWzEyruj/lYncUOqY/UwPpMo5frxCTvzt01O\n" + "OfdcSVq4wR3Tsor+cDCVQsv+K1GLWjw6+SJPkLICp1OcTzTnqwSye28CAwEAAaOB\n" + "4zCB4DAPBgNVHRMECDAGAQH/AgEAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHAQEw\n" + "KjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQUzA0BgNV\n" + "HSUELTArBggrBgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEAQYKYIZIAYb4RQEI\n" + "ATALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgEGMDEGA1UdHwQqMCgwJqAk\n" + "oCKGIGh0dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA0GCSqGSIb3DQEB\n" + "BQUAA4GBAAgB7ORolANC8XPxI6I63unx2sZUxCM+hurPajozq+qcBBQHNgYL+Yhv\n" + "1RPuKSvD5HKNRO3RrCAJLeH24RkFOLA9D59/+J4C3IYChmFOJl9en5IeDCSk9dBw\n" + "E88mw0M9SR2egi5SX7w+xmYpAY5Okiy8RnUDgqxz6dl+C2fvVFIa\n" + "-----END CERTIFICATE-----\n", + /* chain[2] */ + "-----BEGIN CERTIFICATE-----\n" + "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n" + "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" + "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n" + "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n" + "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n" + "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" + "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n" + "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n" + "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n" + "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n" + "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n" + "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n" + "-----END CERTIFICATE-----\n", + NULL }; /* End-entity cert signed using RSA-MD5. */ static const char *mayfirst_chain[] = { - /* chain[0] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIDVTCCAr6gAwIBAgIDCHp1MA0GCSqGSIb3DQEBBAUAMFoxCzAJBgNVBAYTAlVT\n" - "MRwwGgYDVQQKExNFcXVpZmF4IFNlY3VyZSBJbmMuMS0wKwYDVQQDEyRFcXVpZmF4\n" - "IFNlY3VyZSBHbG9iYWwgZUJ1c2luZXNzIENBLTEwHhcNMDgwNTE5MDUyOTE5WhcN\n" - "MDkxMDE5MDUyOTE5WjCBxDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFHN1cHBvcnQu\n" - "bWF5Zmlyc3Qub3JnMRMwEQYDVQQLEwpHVDY5MDc5ODgwMTEwLwYDVQQLEyhTZWUg\n" - "d3d3LnJhcGlkc3NsLmNvbS9yZXNvdXJjZXMvY3BzIChjKTA3MS8wLQYDVQQLEyZE\n" - "b21haW4gQ29udHJvbCBWYWxpZGF0ZWQgLSBSYXBpZFNTTChSKTEdMBsGA1UEAxMU\n" - "c3VwcG9ydC5tYXlmaXJzdC5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB\n" - "AN0TWIZwJ/hIfMHc08/bBMlzZ5WucJqEvxU/ZnxPo/H6V/m4v1iLpM2hip2c5cg0\n" - "BcEMc/TBHQ1UEV8sb0Lh91kWfiMB1Sp+L2Fpz/wnhsivXC5j6jq9IcPqmOZOXBYX\n" - "k04W1B6FKTvk9KrZJ0at2J44hp4SsAfWQI0eCKuas+R1AgMBAAGjgb0wgbowDgYD\n" - "VR0PAQH/BAQDAgTwMB0GA1UdDgQWBBS0D4iuCxp35TLADTkINq2AhgTYVTA7BgNV\n" - "HR8ENDAyMDCgLqAshipodHRwOi8vY3JsLmdlb3RydXN0LmNvbS9jcmxzL2dsb2Jh\n" - "bGNhMS5jcmwwHwYDVR0jBBgwFoAUvqigdHJQa0S3ySPY+6j/s1draGwwHQYDVR0l\n" - "BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcN\n" - "AQEEBQADgYEAXNWYnrO1mZgBSCwPlWhVa2aOKGCFmehLIcAPEBN+8xhXuOeigYBm\n" - "ic5ShCO583ttgHNCV3Y5dW9sNhv1US4vSb6soKjgUlG11fJKUqU8mwFKvbs7TUSq\n" - "j6h+1uvlfFI34WzODjJloY4QSM7FmbnW+HCiFKYyvra3iUqjcl9AeR4=\n" - "-----END CERTIFICATE-----\n", - /* chain[1] (CA) */ - "-----BEGIN CERTIFICATE-----\n" - "MIICkDCCAfmgAwIBAgIBATANBgkqhkiG9w0BAQQFADBaMQswCQYDVQQGEwJV\n" - "UzEcMBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5jLjEtMCsGA1UEAxMkRXF1\n" - "aWZheCBTZWN1cmUgR2xvYmFsIGVCdXNpbmVzcyBDQS0xMB4XDTk5MDYyMTA0\n" - "MDAwMFoXDTIwMDYyMTA0MDAwMFowWjELMAkGA1UEBhMCVVMxHDAaBgNVBAoT\n" - "E0VxdWlmYXggU2VjdXJlIEluYy4xLTArBgNVBAMTJEVxdWlmYXggU2VjdXJl\n" - "IEdsb2JhbCBlQnVzaW5lc3MgQ0EtMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw\n" - "gYkCgYEAuucXkAJlsTRVPEnCUdXfp9E3j9HngXNBUmCbnaEXJnitx7HoJpQy\n" - "td4zjTov2/KaelpzmKNc6fuKcxtc58O/gGzNqfTWK8D3+ZmqY6KxRwIP1ORR\n" - "OhI8bIpaVIRw28HFkM9yRcuoWcDNM50/o5brhTMhHD4ePmBudpxnhcXIw2EC\n" - "AwEAAaNmMGQwEQYJYIZIAYb4QgEBBAQDAgAHMA8GA1UdEwEB/wQFMAMBAf8w\n" - "HwYDVR0jBBgwFoAUvqigdHJQa0S3ySPY+6j/s1draGwwHQYDVR0OBBYEFL6o\n" - "oHRyUGtEt8kj2Puo/7NXa2hsMA0GCSqGSIb3DQEBBAUAA4GBADDiAVGqx+pf\n" - "2rnQZQ8w1j7aDRRJbpGTJxQx78T3LUX47Me/okENI7SS+RkAZ70Br83gcfxa\n" - "z2TE4JaY0KNA4gGK7ycH8WUBikQtBmV1UsCGECAhX2xrD2yuCRyv8qIYNMR1\n" - "pHMc8Y3c7635s3a0kr/clRAevsvIO1qEYBlWlKlV\n" - "-----END CERTIFICATE-----\n", - NULL + /* chain[0] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIDVTCCAr6gAwIBAgIDCHp1MA0GCSqGSIb3DQEBBAUAMFoxCzAJBgNVBAYTAlVT\n" + "MRwwGgYDVQQKExNFcXVpZmF4IFNlY3VyZSBJbmMuMS0wKwYDVQQDEyRFcXVpZmF4\n" + "IFNlY3VyZSBHbG9iYWwgZUJ1c2luZXNzIENBLTEwHhcNMDgwNTE5MDUyOTE5WhcN\n" + "MDkxMDE5MDUyOTE5WjCBxDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFHN1cHBvcnQu\n" + "bWF5Zmlyc3Qub3JnMRMwEQYDVQQLEwpHVDY5MDc5ODgwMTEwLwYDVQQLEyhTZWUg\n" + "d3d3LnJhcGlkc3NsLmNvbS9yZXNvdXJjZXMvY3BzIChjKTA3MS8wLQYDVQQLEyZE\n" + "b21haW4gQ29udHJvbCBWYWxpZGF0ZWQgLSBSYXBpZFNTTChSKTEdMBsGA1UEAxMU\n" + "c3VwcG9ydC5tYXlmaXJzdC5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB\n" + "AN0TWIZwJ/hIfMHc08/bBMlzZ5WucJqEvxU/ZnxPo/H6V/m4v1iLpM2hip2c5cg0\n" + "BcEMc/TBHQ1UEV8sb0Lh91kWfiMB1Sp+L2Fpz/wnhsivXC5j6jq9IcPqmOZOXBYX\n" + "k04W1B6FKTvk9KrZJ0at2J44hp4SsAfWQI0eCKuas+R1AgMBAAGjgb0wgbowDgYD\n" + "VR0PAQH/BAQDAgTwMB0GA1UdDgQWBBS0D4iuCxp35TLADTkINq2AhgTYVTA7BgNV\n" + "HR8ENDAyMDCgLqAshipodHRwOi8vY3JsLmdlb3RydXN0LmNvbS9jcmxzL2dsb2Jh\n" + "bGNhMS5jcmwwHwYDVR0jBBgwFoAUvqigdHJQa0S3ySPY+6j/s1draGwwHQYDVR0l\n" + "BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcN\n" + "AQEEBQADgYEAXNWYnrO1mZgBSCwPlWhVa2aOKGCFmehLIcAPEBN+8xhXuOeigYBm\n" + "ic5ShCO583ttgHNCV3Y5dW9sNhv1US4vSb6soKjgUlG11fJKUqU8mwFKvbs7TUSq\n" + "j6h+1uvlfFI34WzODjJloY4QSM7FmbnW+HCiFKYyvra3iUqjcl9AeR4=\n" + "-----END CERTIFICATE-----\n", + /* chain[1] (CA) */ + "-----BEGIN CERTIFICATE-----\n" + "MIICkDCCAfmgAwIBAgIBATANBgkqhkiG9w0BAQQFADBaMQswCQYDVQQGEwJV\n" + "UzEcMBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5jLjEtMCsGA1UEAxMkRXF1\n" + "aWZheCBTZWN1cmUgR2xvYmFsIGVCdXNpbmVzcyBDQS0xMB4XDTk5MDYyMTA0\n" + "MDAwMFoXDTIwMDYyMTA0MDAwMFowWjELMAkGA1UEBhMCVVMxHDAaBgNVBAoT\n" + "E0VxdWlmYXggU2VjdXJlIEluYy4xLTArBgNVBAMTJEVxdWlmYXggU2VjdXJl\n" + "IEdsb2JhbCBlQnVzaW5lc3MgQ0EtMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw\n" + "gYkCgYEAuucXkAJlsTRVPEnCUdXfp9E3j9HngXNBUmCbnaEXJnitx7HoJpQy\n" + "td4zjTov2/KaelpzmKNc6fuKcxtc58O/gGzNqfTWK8D3+ZmqY6KxRwIP1ORR\n" + "OhI8bIpaVIRw28HFkM9yRcuoWcDNM50/o5brhTMhHD4ePmBudpxnhcXIw2EC\n" + "AwEAAaNmMGQwEQYJYIZIAYb4QgEBBAQDAgAHMA8GA1UdEwEB/wQFMAMBAf8w\n" + "HwYDVR0jBBgwFoAUvqigdHJQa0S3ySPY+6j/s1draGwwHQYDVR0OBBYEFL6o\n" + "oHRyUGtEt8kj2Puo/7NXa2hsMA0GCSqGSIb3DQEBBAUAA4GBADDiAVGqx+pf\n" + "2rnQZQ8w1j7aDRRJbpGTJxQx78T3LUX47Me/okENI7SS+RkAZ70Br83gcfxa\n" + "z2TE4JaY0KNA4gGK7ycH8WUBikQtBmV1UsCGECAhX2xrD2yuCRyv8qIYNMR1\n" + "pHMc8Y3c7635s3a0kr/clRAevsvIO1qEYBlWlKlV\n" + "-----END CERTIFICATE-----\n", + NULL }; /* Test V1 CA without basicConstraint. */ static const char *v1ca[] = { - /* chain[0] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIE/zCCA+egAwIBAgIQBSsgZODO6vk6ayagofBQJDANBgkqhkiG9w0BAQUFADCB\n" - "sDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" - "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" - "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNTEqMCgGA1UEAxMh\n" - "VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBMB4XDTA4MDUwNTAwMDAw\n" - "MFoXDTA5MDUyMjIzNTk1OVowczELMAkGA1UEBhMCVVMxETAPBgNVBAgTCElsbGlu\n" - "b2lzMRAwDgYDVQQHFAdEdSBQYWdlMSQwIgYDVQQKFBtBcmdvbm5lIE5hdGlvbmFs\n" - "IExhYm9yYXRvcnkxGTAXBgNVBAMUEGF1dGgyLml0LmFubC5nb3YwgZ8wDQYJKoZI\n" - "hvcNAQEBBQADgY0AMIGJAoGBAMg6YPOXsPQedkLUug3RoMjv/OB+SfuDgGXxtef5\n" - "iE0SjCcsKT5v+bfxt2+ccs7IN7kWn1luJ5NTb0ZrdE6LQoYp9oLsaX/ukOnxKUMY\n" - "YhJJyHgutPtwyPvfZTZPpATWycJnZGIehY1S6thwxeofUyE3ykec2lalULzwXgel\n" - "iC97AgMBAAGjggHTMIIBzzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIFoDBEBgNVHR8E\n" - "PTA7MDmgN6A1hjNodHRwOi8vU1ZSU2VjdXJlLWNybC52ZXJpc2lnbi5jb20vU1ZS\n" - "U2VjdXJlMjAwNS5jcmwwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXAzAqMCgGCCsG\n" - "AQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMB0GA1UdJQQWMBQG\n" - "CCsGAQUFBwMBBggrBgEFBQcDAjAfBgNVHSMEGDAWgBRv7K+g3Yqk7/UqEGctP1WC\n" - "vNfvJTB5BggrBgEFBQcBAQRtMGswJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLnZl\n" - "cmlzaWduLmNvbTBDBggrBgEFBQcwAoY3aHR0cDovL1NWUlNlY3VyZS1haWEudmVy\n" - "aXNpZ24uY29tL1NWUlNlY3VyZTIwMDUtYWlhLmNlcjBuBggrBgEFBQcBDARiMGCh\n" - "XqBcMFowWDBWFglpbWFnZS9naWYwITAfMAcGBSsOAwIaBBRLa7kolgYMu9BSOJsp\n" - "rEsHiyEFGDAmFiRodHRwOi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvMS5naWYw\n" - "DQYJKoZIhvcNAQEFBQADggEBAEAKzE4gXeyjRDBSgAgWIaCozbWK+b1ct4aZhWZt\n" - "ihAyASxsNgDjDJzkInINjXoO5FWuJHDuoyyWHBQBb7t96+KgFu/4ye90VUDNTuin\n" - "mmqdOKeLSHVnlhfvGLCdrhWSWg/jZmAjYrXYRwkvxehl9IcHmOgNrHV3INdrSTdZ\n" - "ZCVLL74tuMqhMMm/NJ0tdEmWgpJe+/0dky2F2gAB+mFXlyzFvCLoyS2Vl0PW/BxM\n" - "Ly5t+scmAbgni9gzmFTNhbKHd0s2UE395z4ra6fUdZ0BClFgMDvUnb6kJ/uyKRSa\n" - "h7uQbWFJbA8aNgGLvfTf6o9n+GwbZkcgtBgIVENt8wzqg2I=\n" - "-----END CERTIFICATE-----\n", - /* chain[1] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIEnDCCBAWgAwIBAgIQdTN9mrDhIzuuLX3kRpFi1DANBgkqhkiG9w0BAQUFADBf\n" - "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" - "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" - "HhcNMDUwMTE5MDAwMDAwWhcNMTUwMTE4MjM1OTU5WjCBsDELMAkGA1UEBhMCVVMx\n" - "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n" - "dCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93d3cu\n" - "dmVyaXNpZ24uY29tL3JwYSAoYykwNTEqMCgGA1UEAxMhVmVyaVNpZ24gQ2xhc3Mg\n" - "MyBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC\n" - "AQEAlcMhEo5AxQ0BX3ZeZpTZcyxYGSK4yfx6OZAqd3J8HT732FXjr0LLhzAC3Fus\n" - "cOa4RLQrNeuT0hcFfstG1lxToDJRnXRkWPkMmgDqXkRJZHL0zRDihQr5NO6ziGap\n" - "paRa0A6Yf1gNK1K7hql+LvqySHyN2y1fAXWijQY7i7RhB8m+Ipn4G9G1V2YETTX0\n" - "kXGWtZkIJZuXyDrzILHdnpgMSmO3ps6wAc74k2rzDG6fsemEe4GYQeaB3D0s57Rr\n" - "4578CBbXs9W5ZhKZfG1xyE2+xw/j+zet1XWHIWuG0EQUWlR5OZZpVsm5Mc2JYVjh\n" - "2XYFBa33uQKvp/1HkaIiNFox0QIDAQABo4IBgTCCAX0wEgYDVR0TAQH/BAgwBgEB\n" - "/wIBADBEBgNVHSAEPTA7MDkGC2CGSAGG+EUBBxcDMCowKAYIKwYBBQUHAgEWHGh0\n" - "dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwMQYDVR0fBCowKDAmoCSgIoYgaHR0\n" - "cDovL2NybC52ZXJpc2lnbi5jb20vcGNhMy5jcmwwDgYDVR0PAQH/BAQDAgEGMBEG\n" - "CWCGSAGG+EIBAQQEAwIBBjApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRQ2xhc3Mz\n" - "Q0EyMDQ4LTEtNDUwHQYDVR0OBBYEFG/sr6DdiqTv9SoQZy0/VYK81+8lMIGABgNV\n" - "HSMEeTB3oWOkYTBfMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIElu\n" - "Yy4xNzA1BgNVBAsTLkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlv\n" - "biBBdXRob3JpdHmCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQEFBQADgYEA\n" - "w34IRl2RNs9n3Nenr6+4IsOLBHTTsWC85v63RBKBWzFzFGNWxnIu0RoDQ1w4ClBK\n" - "Tc3athmo9JkNr+P32PF1KGX2av6b9L1S2T/L2hbLpZ4ujmZSeD0m+v6UNohKlV4q\n" - "TBnvbvqCPy0D79YoszcYz0KyNCFkR9MgazpM3OYDkAw=\n" - "-----END CERTIFICATE-----\n", - /* chain[2] (CA) */ - "-----BEGIN CERTIFICATE-----\n" - "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzEL\n" - "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQL\n" - "Ey5DbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y\n" - "aXR5MB4XDTk2MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UE\n" - "BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" - "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGf\n" - "MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69q\n" - "RUCPhAwL0TPZ2RHP7gJYHyX3KqhEBarsAx94f56TuZoAqiN91qyFomNFx3In\n" - "zPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/isI19wKTakyYbnsZogy1Olhec9vn2a\n" - "/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0GCSqGSIb3DQEBAgUAA4GBALtM\n" - "EivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Dolbwdj2wsqFHMc9ikwFPw\n" - "TtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNycAA9WjQKZ7aKQRUzk\n" - "uxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n" - "-----END CERTIFICATE-----\n", - NULL + /* chain[0] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIE/zCCA+egAwIBAgIQBSsgZODO6vk6ayagofBQJDANBgkqhkiG9w0BAQUFADCB\n" + "sDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" + "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" + "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNTEqMCgGA1UEAxMh\n" + "VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBMB4XDTA4MDUwNTAwMDAw\n" + "MFoXDTA5MDUyMjIzNTk1OVowczELMAkGA1UEBhMCVVMxETAPBgNVBAgTCElsbGlu\n" + "b2lzMRAwDgYDVQQHFAdEdSBQYWdlMSQwIgYDVQQKFBtBcmdvbm5lIE5hdGlvbmFs\n" + "IExhYm9yYXRvcnkxGTAXBgNVBAMUEGF1dGgyLml0LmFubC5nb3YwgZ8wDQYJKoZI\n" + "hvcNAQEBBQADgY0AMIGJAoGBAMg6YPOXsPQedkLUug3RoMjv/OB+SfuDgGXxtef5\n" + "iE0SjCcsKT5v+bfxt2+ccs7IN7kWn1luJ5NTb0ZrdE6LQoYp9oLsaX/ukOnxKUMY\n" + "YhJJyHgutPtwyPvfZTZPpATWycJnZGIehY1S6thwxeofUyE3ykec2lalULzwXgel\n" + "iC97AgMBAAGjggHTMIIBzzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIFoDBEBgNVHR8E\n" + "PTA7MDmgN6A1hjNodHRwOi8vU1ZSU2VjdXJlLWNybC52ZXJpc2lnbi5jb20vU1ZS\n" + "U2VjdXJlMjAwNS5jcmwwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXAzAqMCgGCCsG\n" + "AQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMB0GA1UdJQQWMBQG\n" + "CCsGAQUFBwMBBggrBgEFBQcDAjAfBgNVHSMEGDAWgBRv7K+g3Yqk7/UqEGctP1WC\n" + "vNfvJTB5BggrBgEFBQcBAQRtMGswJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLnZl\n" + "cmlzaWduLmNvbTBDBggrBgEFBQcwAoY3aHR0cDovL1NWUlNlY3VyZS1haWEudmVy\n" + "aXNpZ24uY29tL1NWUlNlY3VyZTIwMDUtYWlhLmNlcjBuBggrBgEFBQcBDARiMGCh\n" + "XqBcMFowWDBWFglpbWFnZS9naWYwITAfMAcGBSsOAwIaBBRLa7kolgYMu9BSOJsp\n" + "rEsHiyEFGDAmFiRodHRwOi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvMS5naWYw\n" + "DQYJKoZIhvcNAQEFBQADggEBAEAKzE4gXeyjRDBSgAgWIaCozbWK+b1ct4aZhWZt\n" + "ihAyASxsNgDjDJzkInINjXoO5FWuJHDuoyyWHBQBb7t96+KgFu/4ye90VUDNTuin\n" + "mmqdOKeLSHVnlhfvGLCdrhWSWg/jZmAjYrXYRwkvxehl9IcHmOgNrHV3INdrSTdZ\n" + "ZCVLL74tuMqhMMm/NJ0tdEmWgpJe+/0dky2F2gAB+mFXlyzFvCLoyS2Vl0PW/BxM\n" + "Ly5t+scmAbgni9gzmFTNhbKHd0s2UE395z4ra6fUdZ0BClFgMDvUnb6kJ/uyKRSa\n" + "h7uQbWFJbA8aNgGLvfTf6o9n+GwbZkcgtBgIVENt8wzqg2I=\n" + "-----END CERTIFICATE-----\n", + /* chain[1] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIEnDCCBAWgAwIBAgIQdTN9mrDhIzuuLX3kRpFi1DANBgkqhkiG9w0BAQUFADBf\n" + "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" + "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" + "HhcNMDUwMTE5MDAwMDAwWhcNMTUwMTE4MjM1OTU5WjCBsDELMAkGA1UEBhMCVVMx\n" + "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n" + "dCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93d3cu\n" + "dmVyaXNpZ24uY29tL3JwYSAoYykwNTEqMCgGA1UEAxMhVmVyaVNpZ24gQ2xhc3Mg\n" + "MyBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC\n" + "AQEAlcMhEo5AxQ0BX3ZeZpTZcyxYGSK4yfx6OZAqd3J8HT732FXjr0LLhzAC3Fus\n" + "cOa4RLQrNeuT0hcFfstG1lxToDJRnXRkWPkMmgDqXkRJZHL0zRDihQr5NO6ziGap\n" + "paRa0A6Yf1gNK1K7hql+LvqySHyN2y1fAXWijQY7i7RhB8m+Ipn4G9G1V2YETTX0\n" + "kXGWtZkIJZuXyDrzILHdnpgMSmO3ps6wAc74k2rzDG6fsemEe4GYQeaB3D0s57Rr\n" + "4578CBbXs9W5ZhKZfG1xyE2+xw/j+zet1XWHIWuG0EQUWlR5OZZpVsm5Mc2JYVjh\n" + "2XYFBa33uQKvp/1HkaIiNFox0QIDAQABo4IBgTCCAX0wEgYDVR0TAQH/BAgwBgEB\n" + "/wIBADBEBgNVHSAEPTA7MDkGC2CGSAGG+EUBBxcDMCowKAYIKwYBBQUHAgEWHGh0\n" + "dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwMQYDVR0fBCowKDAmoCSgIoYgaHR0\n" + "cDovL2NybC52ZXJpc2lnbi5jb20vcGNhMy5jcmwwDgYDVR0PAQH/BAQDAgEGMBEG\n" + "CWCGSAGG+EIBAQQEAwIBBjApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRQ2xhc3Mz\n" + "Q0EyMDQ4LTEtNDUwHQYDVR0OBBYEFG/sr6DdiqTv9SoQZy0/VYK81+8lMIGABgNV\n" + "HSMEeTB3oWOkYTBfMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIElu\n" + "Yy4xNzA1BgNVBAsTLkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlv\n" + "biBBdXRob3JpdHmCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQEFBQADgYEA\n" + "w34IRl2RNs9n3Nenr6+4IsOLBHTTsWC85v63RBKBWzFzFGNWxnIu0RoDQ1w4ClBK\n" + "Tc3athmo9JkNr+P32PF1KGX2av6b9L1S2T/L2hbLpZ4ujmZSeD0m+v6UNohKlV4q\n" + "TBnvbvqCPy0D79YoszcYz0KyNCFkR9MgazpM3OYDkAw=\n" + "-----END CERTIFICATE-----\n", + /* chain[2] (CA) */ + "-----BEGIN CERTIFICATE-----\n" + "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzEL\n" + "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQL\n" + "Ey5DbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y\n" + "aXR5MB4XDTk2MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UE\n" + "BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" + "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGf\n" + "MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69q\n" + "RUCPhAwL0TPZ2RHP7gJYHyX3KqhEBarsAx94f56TuZoAqiN91qyFomNFx3In\n" + "zPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/isI19wKTakyYbnsZogy1Olhec9vn2a\n" + "/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0GCSqGSIb3DQEBAgUAA4GBALtM\n" + "EivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Dolbwdj2wsqFHMc9ikwFPw\n" + "TtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNycAA9WjQKZ7aKQRUzk\n" + "uxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n" + "-----END CERTIFICATE-----\n", + NULL }; /* Test CACert chain with RSA-MD5 signature. */ static const char *cacertrsamd5[] = { - /* chain[0] (EE cert) */ - "-----BEGIN CERTIFICATE-----\n" - "MIIE3zCCAsegAwIBAgICbmgwDQYJKoZIhvcNAQEFBQAwVDEUMBIGA1UEChMLQ0Fj\n" - "ZXJ0IEluYy4xHjAcBgNVBAsTFWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZzEcMBoGA1UE\n" - "AxMTQ0FjZXJ0IENsYXNzIDMgUm9vdDAeFw0wOTAxMTYyMjI5NDdaFw0xMTAxMTYy\n" - "MjI5NDdaMBsxGTAXBgNVBAMTEGZyeS5zZXJ2ZXJhbWEuZGUwgZ8wDQYJKoZIhvcN\n" - "AQEBBQADgY0AMIGJAoGBAMh3WSR8Dxw/zDAZpHMjA1To0HJIaoyR9TqzQfLgn7Yr\n" - "sQFrRMefVMWYHiEFAVJTRcO5GuUtkw3IxALLlyNMl7xJbZESzRKw3Tz3NtM3DopB\n" - "8L7rI8ANy7Hh6P5QRMWJ9OJyiLhSpAi0TuJeGr+kKovHRj64V2/NtoPgDsytHMt9\n" - "AgMBAAGjggF2MIIBcjAMBgNVHRMBAf8EAjAAMDQGA1UdJQQtMCsGCCsGAQUFBwMC\n" - "BggrBgEFBQcDAQYJYIZIAYb4QgQBBgorBgEEAYI3CgMDMAsGA1UdDwQEAwIFoDAz\n" - "BggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmNhY2VydC5v\n" - "cmcvMIHpBgNVHREEgeEwgd6CEGZyeS5zZXJ2ZXJhbWEuZGWgHgYIKwYBBQUHCAWg\n" - "EgwQZnJ5LnNlcnZlcmFtYS5kZYIQZnJ5LnNlcnZlcmFtYS5kZaAeBggrBgEFBQcI\n" - "BaASDBBmcnkuc2VydmVyYW1hLmRlghIqLmZyeS5zZXJ2ZXJhbWEuZGWgIAYIKwYB\n" - "BQUHCAWgFAwSKi5mcnkuc2VydmVyYW1hLmRlggd6cHViLmRloBUGCCsGAQUFBwgF\n" - "oAkMB3pwdWIuZGWCCSouenB1Yi5kZaAXBggrBgEFBQcIBaALDAkqLnpwdWIuZGUw\n" - "DQYJKoZIhvcNAQEFBQADggIBAEWSsOlLbjdRjijMmOnDc2RcLQ5PQC9pjUW+bzGR\n" - "KTJbf8Hf/wSdmHAam+UsIM6HzdQVi058dGyb8/NJQJD+9Dgv1m57x1prLerkt6xq\n" - "UQCYmOpMxCJOykLqzEUnou9WtL5FaD+wBlOuqWFy0Cy2O3LHXkSkaMR+gdxC4pkI\n" - "wSkI2SDdC0juvnoVI7iBaaIhYI/1FwV56hc6lxsAslf0NbtiiwhneVbHm5XRK1d4\n" - "tabVKwOHnEuDyAnZd1yM1EqXKz+NwBlhoKWhC0fVUByID5A2WGEejBJcW/lVrYft\n" - "4+sJpnwS+/VDS5yrDXMqMdYGE8TVMy7RsaoUdaeFQYv4Go48BBGDJB5uEkBJiSq8\n" - "ViZA4iEKujBa5zKJ+CZXy3D/eHLBKUL+ayc9dLeeFTPZU0jYb83kE1wtlnWwF4J1\n" - "8lUQI10nLFg+ALoZoAmFZej19XgbyG6im+ZRFuwrpV6F3HJRP+AMNInsLoQTuD9I\n" - "l2gftVaIU1MqUmVMBcUeeNXG1BZ9vRonKzAC4Otfk1B6aW4Lz0E+sZ+HfCMicD3j\n" - "N01KAeNZ64j8emgnLffurb7qUWbanTpMEzxrelBRufxJkXcn6BcFcxPBVgFnsMgF\n" - "tP7e7N/cm55pI8Et+Gjp+ORJetSio118yu9bf7etSAJWOS6tQ2Ac7JeKP+a8jsvq\n" - "Uyx7\n" - "-----END CERTIFICATE-----\n", - /* chain[1] (Class 3 CA) */ - "-----BEGIN CERTIFICATE-----\n" - "MIIGCDCCA/CgAwIBAgIBATANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290\n" - "IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB\n" - "IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA\n" - "Y2FjZXJ0Lm9yZzAeFw0wNTEwMTQwNzM2NTVaFw0zMzAzMjgwNzM2NTVaMFQxFDAS\n" - "BgNVBAoTC0NBY2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5v\n" - "cmcxHDAaBgNVBAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwggIiMA0GCSqGSIb3DQEB\n" - "AQUAA4ICDwAwggIKAoICAQCrSTURSHzSJn5TlM9Dqd0o10Iqi/OHeBlYfA+e2ol9\n" - "4fvrcpANdKGWZKufoCSZc9riVXbHF3v1BKxGuMO+f2SNEGwk82GcwPKQ+lHm9WkB\n" - "Y8MPVuJKQs/iRIwlKKjFeQl9RrmK8+nzNCkIReQcn8uUBByBqBSzmGXEQ+xOgo0J\n" - "0b2qW42S0OzekMV/CsLj6+YxWl50PpczWejDAz1gM7/30W9HxM3uYoNSbi4ImqTZ\n" - "FRiRpoWSR7CuSOtttyHshRpocjWr//AQXcD0lKdq1TuSfkyQBX6TwSyLpI5idBVx\n" - "bgtxA+qvFTia1NIFcm+M+SvrWnIl+TlG43IbPgTDZCciECqKT1inA62+tC4T7V2q\n" - "SNfVfdQqe1z6RgRQ5MwOQluM7dvyz/yWk+DbETZUYjQ4jwxgmzuXVjit89Jbi6Bb\n" - "6k6WuHzX1aCGcEDTkSm3ojyt9Yy7zxqSiuQ0e8DYbF/pCsLDpyCaWt8sXVJcukfV\n" - "m+8kKHA4IC/VfynAskEDaJLM4JzMl0tF7zoQCqtwOpiVcK01seqFK6QcgCExqa5g\n" - "eoAmSAC4AcCTY1UikTxW56/bOiXzjzFU6iaLgVn5odFTEcV7nQP2dBHgbbEsPyyG\n" - "kZlxmqZ3izRg0RS0LKydr4wQ05/EavhvE/xzWfdmQnQeiuP43NJvmJzLR5iVQAX7\n" - "6QIDAQABo4G/MIG8MA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUHAQEEUTBPMCMG\n" - "CCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggrBgEFBQcwAoYc\n" - "aHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBBMD8GCCsGAQQB\n" - "gZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZy9pbmRleC5w\n" - "aHA/aWQ9MTAwDQYJKoZIhvcNAQEEBQADggIBAH8IiKHaGlBJ2on7oQhy84r3HsQ6\n" - "tHlbIDCxRd7CXdNlafHCXVRUPIVfuXtCkcKZ/RtRm6tGpaEQU55tiKxzbiwzpvD0\n" - "nuB1wT6IRanhZkP+VlrRekF490DaSjrxC1uluxYG5sLnk7mFTZdPsR44Q4Dvmw2M\n" - "77inYACHV30eRBzLI++bPJmdr7UpHEV5FpZNJ23xHGzDwlVks7wU4vOkHx4y/CcV\n" - "Bc/dLq4+gmF78CEQGPZE6lM5+dzQmiDgxrvgu1pPxJnIB721vaLbLmINQjRBvP+L\n" - "ivVRIqqIMADisNS8vmW61QNXeZvo3MhN+FDtkaVSKKKs+zZYPumUK5FQhxvWXtaM\n" - "zPcPEAxSTtAWYeXlCmy/F8dyRlecmPVsYGN6b165Ti/Iubm7aoW8mA3t+T6XhDSU\n" - "rgCvoeXnkm5OvfPi2RSLXNLrAWygF6UtEOucekq9ve7O/e0iQKtwOIj1CodqwqsF\n" - "YMlIBdpTwd5Ed2qz8zw87YC8pjhKKSRf/lk7myV6VmMAZLldpGJ9VzZPrYPvH5JT\n" - "oI53V93lYRE9IwCQTDz6o2CTBKOvNfYOao9PSmCnhQVsRqGP9Md246FZV/dxssRu\n" - "FFxtbUFm3xuTsdQAw+7Lzzw9IYCpX2Nl/N3gX6T0K/CFcUHUZyX7GrGXrtaZghNB\n" - "0m6lG5kngOcLqagA\n" - "-----END CERTIFICATE-----\n", - /* chain[2] (Root CA) */ - "-----BEGIN CERTIFICATE-----\n" - "MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290\n" - "IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB\n" - "IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA\n" - "Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO\n" - "BgNVBAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEi\n" - "MCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJ\n" - "ARYSc3VwcG9ydEBjYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC\n" - "CgKCAgEAziLA4kZ97DYoB1CW8qAzQIxL8TtmPzHlawI229Z89vGIj053NgVBlfkJ\n" - "8BLPRoZzYLdufujAWGSuzbCtRRcMY/pnCujW0r8+55jE8Ez64AO7NV1sId6eINm6\n" - "zWYyN3L69wj1x81YyY7nDl7qPv4coRQKFWyGhFtkZip6qUtTefWIonvuLwphK42y\n" - "fk1WpRPs6tqSnqxEQR5YYGUFZvjARL3LlPdCfgv3ZWiYUQXw8wWRBB0bF4LsyFe7\n" - "w2t6iPGwcswlWyCR7BYCEo8y6RcYSNDHBS4CMEK4JZwFaz+qOqfrU0j36NK2B5jc\n" - "G8Y0f3/JHIJ6BVgrCFvzOKKrF11myZjXnhCLotLddJr3cQxyYN/Nb5gznZY0dj4k\n" - "epKwDpUeb+agRThHqtdB7Uq3EvbXG4OKDy7YCbZZ16oE/9KTfWgu3YtLq1i6L43q\n" - "laegw1SJpfvbi1EinbLDvhG+LJGGi5Z4rSDTii8aP8bQUWWHIbEZAWV/RRyH9XzQ\n" - "QUxPKZgh/TMfdQwEUfoZd9vUFBzugcMd9Zi3aQaRIt0AUMyBMawSB3s42mhb5ivU\n" - "fslfrejrckzzAeVLIL+aplfKkQABi6F1ITe1Yw1nPkZPcCBnzsXWWdsC4PDSy826\n" - "YreQQejdIOQpvGQpQsgi3Hia/0PsmBsJUUtaWsJx8cTLc6nloQsCAwEAAaOCAc4w\n" - "ggHKMB0GA1UdDgQWBBQWtTIb1Mfz4OaO873SsDrusjkY0TCBowYDVR0jBIGbMIGY\n" - "gBQWtTIb1Mfz4OaO873SsDrusjkY0aF9pHsweTEQMA4GA1UEChMHUm9vdCBDQTEe\n" - "MBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0\n" - "IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2Vy\n" - "dC5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zAyBgNVHR8EKzApMCegJaAjhiFodHRw\n" - "czovL3d3dy5jYWNlcnQub3JnL3Jldm9rZS5jcmwwMAYJYIZIAYb4QgEEBCMWIWh0\n" - "dHBzOi8vd3d3LmNhY2VydC5vcmcvcmV2b2tlLmNybDA0BglghkgBhvhCAQgEJxYl\n" - "aHR0cDovL3d3dy5jYWNlcnQub3JnL2luZGV4LnBocD9pZD0xMDBWBglghkgBhvhC\n" - "AQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRlIGZvciBGUkVFIGhlYWQg\n" - "b3ZlciB0byBodHRwOi8vd3d3LmNhY2VydC5vcmcwDQYJKoZIhvcNAQEEBQADggIB\n" - "ACjH7pyCArpcgBLKNQodgW+JapnM8mgPf6fhjViVPr3yBsOQWqy1YPaZQwGjiHCc\n" - "nWKdpIevZ1gNMDY75q1I08t0AoZxPuIrA2jxNGJARjtT6ij0rPtmlVOKTV39O9lg\n" - "18p5aTuxZZKmxoGCXJzN600BiqXfEVWqFcofN8CCmHBh22p8lqOOLlQ+TyGpkO/c\n" - "gr/c6EWtTZBzCDyUZbAEmXZ/4rzCahWqlwQ3JNgelE5tDlG+1sSPypZt90Pf6DBl\n" - "Jzt7u0NDY8RD97LsaMzhGY4i+5jhe1o+ATc7iwiwovOVThrLm82asduycPAtStvY\n" - "sONvRUgzEv/+PDIqVPfE94rwiCPCR/5kenHA0R6mY7AHfqQv0wGP3J8rtsYIqQ+T\n" - "SCX8Ev2fQtzzxD72V7DX3WnRBnc0CkvSyqD/HMaMyRa+xMwyN2hzXwj7UfdJUzYF\n" - "CpUCTPJ5GhD22Dp1nPMd8aINcGeGG7MW9S/lpOt5hvk9C8JzC6WZrG/8Z7jlLwum\n" - "GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk\n" - "zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW\n" - "omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD\n" - "-----END CERTIFICATE-----\n", - NULL + /* chain[0] (EE cert) */ + "-----BEGIN CERTIFICATE-----\n" + "MIIE3zCCAsegAwIBAgICbmgwDQYJKoZIhvcNAQEFBQAwVDEUMBIGA1UEChMLQ0Fj\n" + "ZXJ0IEluYy4xHjAcBgNVBAsTFWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZzEcMBoGA1UE\n" + "AxMTQ0FjZXJ0IENsYXNzIDMgUm9vdDAeFw0wOTAxMTYyMjI5NDdaFw0xMTAxMTYy\n" + "MjI5NDdaMBsxGTAXBgNVBAMTEGZyeS5zZXJ2ZXJhbWEuZGUwgZ8wDQYJKoZIhvcN\n" + "AQEBBQADgY0AMIGJAoGBAMh3WSR8Dxw/zDAZpHMjA1To0HJIaoyR9TqzQfLgn7Yr\n" + "sQFrRMefVMWYHiEFAVJTRcO5GuUtkw3IxALLlyNMl7xJbZESzRKw3Tz3NtM3DopB\n" + "8L7rI8ANy7Hh6P5QRMWJ9OJyiLhSpAi0TuJeGr+kKovHRj64V2/NtoPgDsytHMt9\n" + "AgMBAAGjggF2MIIBcjAMBgNVHRMBAf8EAjAAMDQGA1UdJQQtMCsGCCsGAQUFBwMC\n" + "BggrBgEFBQcDAQYJYIZIAYb4QgQBBgorBgEEAYI3CgMDMAsGA1UdDwQEAwIFoDAz\n" + "BggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmNhY2VydC5v\n" + "cmcvMIHpBgNVHREEgeEwgd6CEGZyeS5zZXJ2ZXJhbWEuZGWgHgYIKwYBBQUHCAWg\n" + "EgwQZnJ5LnNlcnZlcmFtYS5kZYIQZnJ5LnNlcnZlcmFtYS5kZaAeBggrBgEFBQcI\n" + "BaASDBBmcnkuc2VydmVyYW1hLmRlghIqLmZyeS5zZXJ2ZXJhbWEuZGWgIAYIKwYB\n" + "BQUHCAWgFAwSKi5mcnkuc2VydmVyYW1hLmRlggd6cHViLmRloBUGCCsGAQUFBwgF\n" + "oAkMB3pwdWIuZGWCCSouenB1Yi5kZaAXBggrBgEFBQcIBaALDAkqLnpwdWIuZGUw\n" + "DQYJKoZIhvcNAQEFBQADggIBAEWSsOlLbjdRjijMmOnDc2RcLQ5PQC9pjUW+bzGR\n" + "KTJbf8Hf/wSdmHAam+UsIM6HzdQVi058dGyb8/NJQJD+9Dgv1m57x1prLerkt6xq\n" + "UQCYmOpMxCJOykLqzEUnou9WtL5FaD+wBlOuqWFy0Cy2O3LHXkSkaMR+gdxC4pkI\n" + "wSkI2SDdC0juvnoVI7iBaaIhYI/1FwV56hc6lxsAslf0NbtiiwhneVbHm5XRK1d4\n" + "tabVKwOHnEuDyAnZd1yM1EqXKz+NwBlhoKWhC0fVUByID5A2WGEejBJcW/lVrYft\n" + "4+sJpnwS+/VDS5yrDXMqMdYGE8TVMy7RsaoUdaeFQYv4Go48BBGDJB5uEkBJiSq8\n" + "ViZA4iEKujBa5zKJ+CZXy3D/eHLBKUL+ayc9dLeeFTPZU0jYb83kE1wtlnWwF4J1\n" + "8lUQI10nLFg+ALoZoAmFZej19XgbyG6im+ZRFuwrpV6F3HJRP+AMNInsLoQTuD9I\n" + "l2gftVaIU1MqUmVMBcUeeNXG1BZ9vRonKzAC4Otfk1B6aW4Lz0E+sZ+HfCMicD3j\n" + "N01KAeNZ64j8emgnLffurb7qUWbanTpMEzxrelBRufxJkXcn6BcFcxPBVgFnsMgF\n" + "tP7e7N/cm55pI8Et+Gjp+ORJetSio118yu9bf7etSAJWOS6tQ2Ac7JeKP+a8jsvq\n" + "Uyx7\n" + "-----END CERTIFICATE-----\n", + /* chain[1] (Class 3 CA) */ + "-----BEGIN CERTIFICATE-----\n" + "MIIGCDCCA/CgAwIBAgIBATANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290\n" + "IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB\n" + "IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA\n" + "Y2FjZXJ0Lm9yZzAeFw0wNTEwMTQwNzM2NTVaFw0zMzAzMjgwNzM2NTVaMFQxFDAS\n" + "BgNVBAoTC0NBY2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5v\n" + "cmcxHDAaBgNVBAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwggIiMA0GCSqGSIb3DQEB\n" + "AQUAA4ICDwAwggIKAoICAQCrSTURSHzSJn5TlM9Dqd0o10Iqi/OHeBlYfA+e2ol9\n" + "4fvrcpANdKGWZKufoCSZc9riVXbHF3v1BKxGuMO+f2SNEGwk82GcwPKQ+lHm9WkB\n" + "Y8MPVuJKQs/iRIwlKKjFeQl9RrmK8+nzNCkIReQcn8uUBByBqBSzmGXEQ+xOgo0J\n" + "0b2qW42S0OzekMV/CsLj6+YxWl50PpczWejDAz1gM7/30W9HxM3uYoNSbi4ImqTZ\n" + "FRiRpoWSR7CuSOtttyHshRpocjWr//AQXcD0lKdq1TuSfkyQBX6TwSyLpI5idBVx\n" + "bgtxA+qvFTia1NIFcm+M+SvrWnIl+TlG43IbPgTDZCciECqKT1inA62+tC4T7V2q\n" + "SNfVfdQqe1z6RgRQ5MwOQluM7dvyz/yWk+DbETZUYjQ4jwxgmzuXVjit89Jbi6Bb\n" + "6k6WuHzX1aCGcEDTkSm3ojyt9Yy7zxqSiuQ0e8DYbF/pCsLDpyCaWt8sXVJcukfV\n" + "m+8kKHA4IC/VfynAskEDaJLM4JzMl0tF7zoQCqtwOpiVcK01seqFK6QcgCExqa5g\n" + "eoAmSAC4AcCTY1UikTxW56/bOiXzjzFU6iaLgVn5odFTEcV7nQP2dBHgbbEsPyyG\n" + "kZlxmqZ3izRg0RS0LKydr4wQ05/EavhvE/xzWfdmQnQeiuP43NJvmJzLR5iVQAX7\n" + "6QIDAQABo4G/MIG8MA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUHAQEEUTBPMCMG\n" + "CCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggrBgEFBQcwAoYc\n" + "aHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBBMD8GCCsGAQQB\n" + "gZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZy9pbmRleC5w\n" + "aHA/aWQ9MTAwDQYJKoZIhvcNAQEEBQADggIBAH8IiKHaGlBJ2on7oQhy84r3HsQ6\n" + "tHlbIDCxRd7CXdNlafHCXVRUPIVfuXtCkcKZ/RtRm6tGpaEQU55tiKxzbiwzpvD0\n" + "nuB1wT6IRanhZkP+VlrRekF490DaSjrxC1uluxYG5sLnk7mFTZdPsR44Q4Dvmw2M\n" + "77inYACHV30eRBzLI++bPJmdr7UpHEV5FpZNJ23xHGzDwlVks7wU4vOkHx4y/CcV\n" + "Bc/dLq4+gmF78CEQGPZE6lM5+dzQmiDgxrvgu1pPxJnIB721vaLbLmINQjRBvP+L\n" + "ivVRIqqIMADisNS8vmW61QNXeZvo3MhN+FDtkaVSKKKs+zZYPumUK5FQhxvWXtaM\n" + "zPcPEAxSTtAWYeXlCmy/F8dyRlecmPVsYGN6b165Ti/Iubm7aoW8mA3t+T6XhDSU\n" + "rgCvoeXnkm5OvfPi2RSLXNLrAWygF6UtEOucekq9ve7O/e0iQKtwOIj1CodqwqsF\n" + "YMlIBdpTwd5Ed2qz8zw87YC8pjhKKSRf/lk7myV6VmMAZLldpGJ9VzZPrYPvH5JT\n" + "oI53V93lYRE9IwCQTDz6o2CTBKOvNfYOao9PSmCnhQVsRqGP9Md246FZV/dxssRu\n" + "FFxtbUFm3xuTsdQAw+7Lzzw9IYCpX2Nl/N3gX6T0K/CFcUHUZyX7GrGXrtaZghNB\n" + "0m6lG5kngOcLqagA\n" + "-----END CERTIFICATE-----\n", + /* chain[2] (Root CA) */ + "-----BEGIN CERTIFICATE-----\n" + "MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290\n" + "IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB\n" + "IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA\n" + "Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO\n" + "BgNVBAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEi\n" + "MCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJ\n" + "ARYSc3VwcG9ydEBjYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC\n" + "CgKCAgEAziLA4kZ97DYoB1CW8qAzQIxL8TtmPzHlawI229Z89vGIj053NgVBlfkJ\n" + "8BLPRoZzYLdufujAWGSuzbCtRRcMY/pnCujW0r8+55jE8Ez64AO7NV1sId6eINm6\n" + "zWYyN3L69wj1x81YyY7nDl7qPv4coRQKFWyGhFtkZip6qUtTefWIonvuLwphK42y\n" + "fk1WpRPs6tqSnqxEQR5YYGUFZvjARL3LlPdCfgv3ZWiYUQXw8wWRBB0bF4LsyFe7\n" + "w2t6iPGwcswlWyCR7BYCEo8y6RcYSNDHBS4CMEK4JZwFaz+qOqfrU0j36NK2B5jc\n" + "G8Y0f3/JHIJ6BVgrCFvzOKKrF11myZjXnhCLotLddJr3cQxyYN/Nb5gznZY0dj4k\n" + "epKwDpUeb+agRThHqtdB7Uq3EvbXG4OKDy7YCbZZ16oE/9KTfWgu3YtLq1i6L43q\n" + "laegw1SJpfvbi1EinbLDvhG+LJGGi5Z4rSDTii8aP8bQUWWHIbEZAWV/RRyH9XzQ\n" + "QUxPKZgh/TMfdQwEUfoZd9vUFBzugcMd9Zi3aQaRIt0AUMyBMawSB3s42mhb5ivU\n" + "fslfrejrckzzAeVLIL+aplfKkQABi6F1ITe1Yw1nPkZPcCBnzsXWWdsC4PDSy826\n" + "YreQQejdIOQpvGQpQsgi3Hia/0PsmBsJUUtaWsJx8cTLc6nloQsCAwEAAaOCAc4w\n" + "ggHKMB0GA1UdDgQWBBQWtTIb1Mfz4OaO873SsDrusjkY0TCBowYDVR0jBIGbMIGY\n" + "gBQWtTIb1Mfz4OaO873SsDrusjkY0aF9pHsweTEQMA4GA1UEChMHUm9vdCBDQTEe\n" + "MBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0\n" + "IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2Vy\n" + "dC5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zAyBgNVHR8EKzApMCegJaAjhiFodHRw\n" + "czovL3d3dy5jYWNlcnQub3JnL3Jldm9rZS5jcmwwMAYJYIZIAYb4QgEEBCMWIWh0\n" + "dHBzOi8vd3d3LmNhY2VydC5vcmcvcmV2b2tlLmNybDA0BglghkgBhvhCAQgEJxYl\n" + "aHR0cDovL3d3dy5jYWNlcnQub3JnL2luZGV4LnBocD9pZD0xMDBWBglghkgBhvhC\n" + "AQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRlIGZvciBGUkVFIGhlYWQg\n" + "b3ZlciB0byBodHRwOi8vd3d3LmNhY2VydC5vcmcwDQYJKoZIhvcNAQEEBQADggIB\n" + "ACjH7pyCArpcgBLKNQodgW+JapnM8mgPf6fhjViVPr3yBsOQWqy1YPaZQwGjiHCc\n" + "nWKdpIevZ1gNMDY75q1I08t0AoZxPuIrA2jxNGJARjtT6ij0rPtmlVOKTV39O9lg\n" + "18p5aTuxZZKmxoGCXJzN600BiqXfEVWqFcofN8CCmHBh22p8lqOOLlQ+TyGpkO/c\n" + "gr/c6EWtTZBzCDyUZbAEmXZ/4rzCahWqlwQ3JNgelE5tDlG+1sSPypZt90Pf6DBl\n" + "Jzt7u0NDY8RD97LsaMzhGY4i+5jhe1o+ATc7iwiwovOVThrLm82asduycPAtStvY\n" + "sONvRUgzEv/+PDIqVPfE94rwiCPCR/5kenHA0R6mY7AHfqQv0wGP3J8rtsYIqQ+T\n" + "SCX8Ev2fQtzzxD72V7DX3WnRBnc0CkvSyqD/HMaMyRa+xMwyN2hzXwj7UfdJUzYF\n" + "CpUCTPJ5GhD22Dp1nPMd8aINcGeGG7MW9S/lpOt5hvk9C8JzC6WZrG/8Z7jlLwum\n" + "GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk\n" + "zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW\n" + "omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD\n" + "-----END CERTIFICATE-----\n", + NULL }; /* Test Certicom cert with ECC-SHA256 signature. */ static const char *ecc_cert[] = { - /* chain[0] (ECC cert) */ -"-----BEGIN CERTIFICATE-----\n" -"MIICbzCCAhSgAwIBAgIIZLkW6EZO5PQwCgYIKoZIzj0EAwIwgZsxFDASBgNVBAsT\n" -"C1NBTVBMRSBPTkxZMRcwFQYDVQQKEw5DZXJ0aWNvbSBDb3JwLjEQMA4GA1UEBxMH\n" -"VG9yb250bzEQMA4GA1UEBBMHT250YXJpbzE5MDcGA1UEAxMwdGxzLnNlY2cub3Jn\n" -"IEVDQyBzZWNwMjU2cjEgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MQswCQYDVQQGEwJD\n" -"QTAeFw0wOTA1MDcwMDAwMDBaFw0xNTA1MDEwMDAwMDBaMIGYMRQwEgYDVQQLEwtT\n" -"QU1QTEUgT05MWTEXMBUGA1UEChMOQ2VydGljb20gQ29ycC4xEDAOBgNVBAcTB1Rv\n" -"cm9udG8xEDAOBgNVBAgTB09udGFyaW8xNjA0BgNVBAMTLXRscy5zZWNnLm9yZyBF\n" -"Q0Mgc2VjcDI1NnIxIFNlcnZlciBDZXJ0aWZpY2F0ZTELMAkGA1UEBhMCQ0EwWTAT\n" -"BgcqhkjOPQIBBggqhkjOPQMBBwNCAATf63kPhr3D6a2scrHWVr0oOXQMnBDT6Jv/\n" -"ifqzt4/xTbXsZNEyD96nyh82sk0tM+FVfBlsIwGc7vqBfyq0mC/Io0MwQTAOBgNV\n" -"HQ8BAf8EBAMCA4gwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwFwYDVR0RBBAwDoIM\n" -"dGxzLnNlY2cub3JnMAoGCCqGSM49BAMCA0kAMEYCIQDfacZHsdsj6SXQ2hyJS4Do\n" -"SMclqGLo2Sop7hfAeEJA+wIhAOMo7eLya44SIcuzrLBpg29g5ZzYOeuEzRcg9mch\n" -"AB1w\n" -"-----END CERTIFICATE-----\n", -"-----BEGIN CERTIFICATE-----\n" -"MIICTjCCAfagAwIBAgIICvq6Bj3Av6EwCQYHKoZIzj0EATCBmzEUMBIGA1UECxML\n" -"U0FNUExFIE9OTFkxFzAVBgNVBAoTDkNlcnRpY29tIENvcnAuMRAwDgYDVQQHEwdU\n" -"b3JvbnRvMRAwDgYDVQQEEwdPbnRhcmlvMTkwNwYDVQQDEzB0bHMuc2VjZy5vcmcg\n" -"RUNDIHNlY3AyNTZyMSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxCzAJBgNVBAYTAkNB\n" -"MB4XDTA2MDUwMTAwMDAwMFoXDTE1MDUwMTAwMDAwMFowgZsxFDASBgNVBAsTC1NB\n" -"TVBMRSBPTkxZMRcwFQYDVQQKEw5DZXJ0aWNvbSBDb3JwLjEQMA4GA1UEBxMHVG9y\n" -"b250bzEQMA4GA1UEBBMHT250YXJpbzE5MDcGA1UEAxMwdGxzLnNlY2cub3JnIEVD\n" -"QyBzZWNwMjU2cjEgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MQswCQYDVQQGEwJDQTBZ\n" -"MBMGByqGSM49AgEGCCqGSM49AwEHA0IABB2oofFVa6akTK6hpaJLs+6skdhn0sQp\n" -"uJwVwG99T0VZY8v7q6NMIWrpYQFmOxQyVVNlxWWyr2cLYJTyqx/zuDejIzAhMA4G\n" -"A1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MAkGByqGSM49BAEDRwAwRAIg\n" -"W2KAhfAKWFoh47A7muk8K10cGqOKRtb9lCgdOltj19oCIG+ZJQv5m+RnL4X2Ti0y\n" -"ZJzOOuzBQVGiUFwZdn1dLv4X\n" -"-----END CERTIFICATE-----\n", - NULL + /* chain[0] (ECC cert) */ + "-----BEGIN CERTIFICATE-----\n" + "MIICbzCCAhSgAwIBAgIIZLkW6EZO5PQwCgYIKoZIzj0EAwIwgZsxFDASBgNVBAsT\n" + "C1NBTVBMRSBPTkxZMRcwFQYDVQQKEw5DZXJ0aWNvbSBDb3JwLjEQMA4GA1UEBxMH\n" + "VG9yb250bzEQMA4GA1UEBBMHT250YXJpbzE5MDcGA1UEAxMwdGxzLnNlY2cub3Jn\n" + "IEVDQyBzZWNwMjU2cjEgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MQswCQYDVQQGEwJD\n" + "QTAeFw0wOTA1MDcwMDAwMDBaFw0xNTA1MDEwMDAwMDBaMIGYMRQwEgYDVQQLEwtT\n" + "QU1QTEUgT05MWTEXMBUGA1UEChMOQ2VydGljb20gQ29ycC4xEDAOBgNVBAcTB1Rv\n" + "cm9udG8xEDAOBgNVBAgTB09udGFyaW8xNjA0BgNVBAMTLXRscy5zZWNnLm9yZyBF\n" + "Q0Mgc2VjcDI1NnIxIFNlcnZlciBDZXJ0aWZpY2F0ZTELMAkGA1UEBhMCQ0EwWTAT\n" + "BgcqhkjOPQIBBggqhkjOPQMBBwNCAATf63kPhr3D6a2scrHWVr0oOXQMnBDT6Jv/\n" + "ifqzt4/xTbXsZNEyD96nyh82sk0tM+FVfBlsIwGc7vqBfyq0mC/Io0MwQTAOBgNV\n" + "HQ8BAf8EBAMCA4gwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwFwYDVR0RBBAwDoIM\n" + "dGxzLnNlY2cub3JnMAoGCCqGSM49BAMCA0kAMEYCIQDfacZHsdsj6SXQ2hyJS4Do\n" + "SMclqGLo2Sop7hfAeEJA+wIhAOMo7eLya44SIcuzrLBpg29g5ZzYOeuEzRcg9mch\n" + "AB1w\n" + "-----END CERTIFICATE-----\n", + "-----BEGIN CERTIFICATE-----\n" + "MIICTjCCAfagAwIBAgIICvq6Bj3Av6EwCQYHKoZIzj0EATCBmzEUMBIGA1UECxML\n" + "U0FNUExFIE9OTFkxFzAVBgNVBAoTDkNlcnRpY29tIENvcnAuMRAwDgYDVQQHEwdU\n" + "b3JvbnRvMRAwDgYDVQQEEwdPbnRhcmlvMTkwNwYDVQQDEzB0bHMuc2VjZy5vcmcg\n" + "RUNDIHNlY3AyNTZyMSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxCzAJBgNVBAYTAkNB\n" + "MB4XDTA2MDUwMTAwMDAwMFoXDTE1MDUwMTAwMDAwMFowgZsxFDASBgNVBAsTC1NB\n" + "TVBMRSBPTkxZMRcwFQYDVQQKEw5DZXJ0aWNvbSBDb3JwLjEQMA4GA1UEBxMHVG9y\n" + "b250bzEQMA4GA1UEBBMHT250YXJpbzE5MDcGA1UEAxMwdGxzLnNlY2cub3JnIEVD\n" + "QyBzZWNwMjU2cjEgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MQswCQYDVQQGEwJDQTBZ\n" + "MBMGByqGSM49AgEGCCqGSM49AwEHA0IABB2oofFVa6akTK6hpaJLs+6skdhn0sQp\n" + "uJwVwG99T0VZY8v7q6NMIWrpYQFmOxQyVVNlxWWyr2cLYJTyqx/zuDejIzAhMA4G\n" + "A1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MAkGByqGSM49BAEDRwAwRAIg\n" + "W2KAhfAKWFoh47A7muk8K10cGqOKRtb9lCgdOltj19oCIG+ZJQv5m+RnL4X2Ti0y\n" + "ZJzOOuzBQVGiUFwZdn1dLv4X\n" + "-----END CERTIFICATE-----\n", + NULL }; static const char *verisign_com_chain_g5[] = { - /* chain[0] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIFXjCCBEagAwIBAgIQHYWDpKNVUzEFx4Pq8yjxbTANBgkqhkiG9w0BAQUFADCB\n" - "tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" - "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" - "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm\n" - "VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTQwMjI3\n" - "MDAwMDAwWhcNMTUwMjI4MjM1OTU5WjBnMQswCQYDVQQGEwJVUzETMBEGA1UECBMK\n" - "V2FzaGluZ3RvbjEQMA4GA1UEBxQHU2VhdHRsZTEYMBYGA1UEChQPQW1hem9uLmNv\n" - "bSBJbmMuMRcwFQYDVQQDFA53d3cuYW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEB\n" - "BQADggEPADCCAQoCggEBAJdfieOPrf4Arf1Iled/ii97407ZnjpaB5xxm49Q4Pz3\n" - "+5xmD0LYre7Cjn1A7W3ZlHki5zFVZpW9Jb/3PfSEDY5slyjkLD2jdl2gVefSthSZ\n" - "tYxb5eYv79tIEN0U9AZ8/VaGwUokl8n1MitcECxNLMe4LqoVmS29nXITTTzX5t3I\n" - "4dUeMBDNI+xgVpJSpxwzA+/L+wxoj5Sb4YJ/Y+iUknCkjX6PpaZMRWBEE0dqvG02\n" - "qlxXesAV0nmKYvjbtqAyoW6vgjP85h6gJEESIqTTZy1HOgFpO8XT05CpGDcjhP1s\n" - "TvXF7Vx1aj+xDidGLLW188G35oFKIhEyHQV2V7vzRAUCAwEAAaOCAbUwggGxMFAG\n" - "A1UdEQRJMEeCEXVlZGF0YS5hbWF6b24uY29tggphbWF6b24uY29tgghhbXpuLmNv\n" - "bYIMd3d3LmFtem4uY29tgg53d3cuYW1hem9uLmNvbTAJBgNVHRMEAjAAMA4GA1Ud\n" - "DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwQwYDVR0g\n" - "BDwwOjA4BgpghkgBhvhFAQc2MCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZl\n" - "cmlzaWduLmNvbS9jcHMwHwYDVR0jBBgwFoAUDURcFlNEwYJ+HSCrJfQBY9i+eaUw\n" - "RQYDVR0fBD4wPDA6oDigNoY0aHR0cDovL1NWUlNlY3VyZS1HMy1jcmwudmVyaXNp\n" - "Z24uY29tL1NWUlNlY3VyZUczLmNybDB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUH\n" - "MAGGGGh0dHA6Ly9vY3NwLnZlcmlzaWduLmNvbTBABggrBgEFBQcwAoY0aHR0cDov\n" - "L1NWUlNlY3VyZS1HMy1haWEudmVyaXNpZ24uY29tL1NWUlNlY3VyZUczLmNlcjAN\n" - "BgkqhkiG9w0BAQUFAAOCAQEAOeZfjkI0yR/nutCMHp5/uB/evkB8qIYxh1KKbhPB\n" - "TmpykmJxiLKrBBcBBu9kW5lMbNPSNclE4sCyN0dxCJHwPm7ubNUxsmDSTPTJOx0M\n" - "zl0WZVaZ7eX3nw1kj8jSoK0f5n87RzKK85MwBFsEn73Z2pDvxTcd72BE0T1UJLcU\n" - "2A5uHAJyvm2QpOWBIRKlJHIHCcu5xjj5yLnGO9id0cjOjEgj9f1Mo4hzawL5vQfk\n" - "o/xFxAsA70bk2trv54kgLvhmAW+B6OpN3Z/xB4mWNOw3G8bg/u+pCLvd8KRO5V8K\n" - "TlgO1NTaOgYC6OAF3USNMhuNZh6h5tWA3mA8rFr8ZsayhA==\n" - "-----END CERTIFICATE-----\n", - /* chain[1] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIF7DCCBNSgAwIBAgIQbsx6pacDIAm4zrz06VLUkTANBgkqhkiG9w0BAQUFADCB\n" - "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" - "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n" - "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n" - "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n" - "aG9yaXR5IC0gRzUwHhcNMTAwMjA4MDAwMDAwWhcNMjAwMjA3MjM1OTU5WjCBtTEL\n" - "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n" - "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n" - "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMmVmVy\n" - "aVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwggEiMA0GCSqGSIb3\n" - "DQEBAQUAA4IBDwAwggEKAoIBAQCxh4QfwgxF9byrJZenraI+nLr2wTm4i8rCrFbG\n" - "5btljkRPTc5v7QlK1K9OEJxoiy6Ve4mbE8riNDTB81vzSXtig0iBdNGIeGwCU/m8\n" - "f0MmV1gzgzszChew0E6RJK2GfWQS3HRKNKEdCuqWHQsV/KNLO85jiND4LQyUhhDK\n" - "tpo9yus3nABINYYpUHjoRWPNGUFP9ZXse5jUxHGzUL4os4+guVOc9cosI6n9FAbo\n" - "GLSa6Dxugf3kzTU2s1HTaewSulZub5tXxYsU5w7HnO1KVGrJTcW/EbGuHGeBy0RV\n" - "M5l/JJs/U0V/hhrzPPptf4H1uErT9YU3HLWm0AnkGHs4TvoPAgMBAAGjggHfMIIB\n" - "2zA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLnZlcmlz\n" - "aWduLmNvbTASBgNVHRMBAf8ECDAGAQH/AgEAMHAGA1UdIARpMGcwZQYLYIZIAYb4\n" - "RQEHFwMwVjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2Nw\n" - "czAqBggrBgEFBQcCAjAeGhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDQG\n" - "A1UdHwQtMCswKaAnoCWGI2h0dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUu\n" - "Y3JsMA4GA1UdDwEB/wQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglp\n" - "bWFnZS9naWYwITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNo\n" - "dHRwOi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjAoBgNVHREEITAfpB0w\n" - "GzEZMBcGA1UEAxMQVmVyaVNpZ25NUEtJLTItNjAdBgNVHQ4EFgQUDURcFlNEwYJ+\n" - "HSCrJfQBY9i+eaUwHwYDVR0jBBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJ\n" - "KoZIhvcNAQEFBQADggEBAAyDJO/dwwzZWJz+NrbrioBL0aP3nfPMU++CnqOh5pfB\n" - "WJ11bOAdG0z60cEtBcDqbrIicFXZIDNAMwfCZYP6j0M3m+oOmmxw7vacgDvZN/R6\n" - "bezQGH1JSsqZxxkoor7YdyT3hSaGbYcFQEFn0Sc67dxIHSLNCwuLvPSxe/20majp\n" - "dirhGi2HbnTTiN0eIsbfFrYrghQKlFzyUOyvzv9iNw2tZdMGQVPtAhTItVgooazg\n" - "W+yzf5VK+wPIrSbb5mZ4EkrZn0L74ZjmQoObj49nJOhhGbXdzbULJgWOw27EyHW4\n" - "Rs/iGAZeqa6ogZpHFt4MKGwlJ7net4RYxh84HqTEy2Y=\n" - "-----END CERTIFICATE-----\n", - /* chain[2] */ - "-----BEGIN CERTIFICATE-----\n" - "MIIExjCCBC+gAwIBAgIQNZcxh/OHOgcyfs5YDJt+2jANBgkqhkiG9w0BAQUFADBf\n" - "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" - "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" - "HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx\n" - "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n" - "dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv\n" - "ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz\n" - "IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi\n" - "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8\n" - "RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb\n" - "ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR\n" - "TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/\n" - "Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH\n" - "iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB\n" - "AAGjggGRMIIBjTAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0\n" - "dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjA9\n" - "BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVy\n" - "aXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwNAYD\n" - "VR0lBC0wKwYJYIZIAYb4QgQBBgpghkgBhvhFAQgBBggrBgEFBQcDAQYIKwYBBQUH\n" - "AwIwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUr\n" - "DgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNp\n" - "Z24uY29tL3ZzbG9nby5naWYwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhho\n" - "dHRwOi8vb2NzcC52ZXJpc2lnbi5jb20wDQYJKoZIhvcNAQEFBQADgYEADyWuSO0b\n" - "M4VMDLXC1/5N1oMoTEFlYAALd0hxgv5/21oOIMzS6ke8ZEJhRDR0MIGBJopK90Rd\n" - "fjSAqLiD4gnXbSPdie0oCL1jWhFXCMSe2uJoKK/dUDzsgiHYAMJVRFBwQa2DF3m6\n" - "CPMr3u00HUSe0gST9MsFFy0JLS1j7/YmC3s=\n" - "-----END CERTIFICATE-----\n", - NULL, - /* chain[4] - alt CA */ - "-----BEGIN CERTIFICATE-----\n" - "MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB\n" - "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" - "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n" - "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n" - "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n" - "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL\n" - "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n" - "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln\n" - "biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp\n" - "U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y\n" - "aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1\n" - "nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex\n" - "t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz\n" - "SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG\n" - "BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+\n" - "rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/\n" - "NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E\n" - "BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH\n" - "BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy\n" - "aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv\n" - "MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE\n" - "p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y\n" - "5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK\n" - "WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ\n" - "4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N\n" - "hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq\n" - "-----END CERTIFICATE-----\n", - NULL + /* chain[0] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIFXjCCBEagAwIBAgIQHYWDpKNVUzEFx4Pq8yjxbTANBgkqhkiG9w0BAQUFADCB\n" + "tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" + "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n" + "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm\n" + "VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTQwMjI3\n" + "MDAwMDAwWhcNMTUwMjI4MjM1OTU5WjBnMQswCQYDVQQGEwJVUzETMBEGA1UECBMK\n" + "V2FzaGluZ3RvbjEQMA4GA1UEBxQHU2VhdHRsZTEYMBYGA1UEChQPQW1hem9uLmNv\n" + "bSBJbmMuMRcwFQYDVQQDFA53d3cuYW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEB\n" + "BQADggEPADCCAQoCggEBAJdfieOPrf4Arf1Iled/ii97407ZnjpaB5xxm49Q4Pz3\n" + "+5xmD0LYre7Cjn1A7W3ZlHki5zFVZpW9Jb/3PfSEDY5slyjkLD2jdl2gVefSthSZ\n" + "tYxb5eYv79tIEN0U9AZ8/VaGwUokl8n1MitcECxNLMe4LqoVmS29nXITTTzX5t3I\n" + "4dUeMBDNI+xgVpJSpxwzA+/L+wxoj5Sb4YJ/Y+iUknCkjX6PpaZMRWBEE0dqvG02\n" + "qlxXesAV0nmKYvjbtqAyoW6vgjP85h6gJEESIqTTZy1HOgFpO8XT05CpGDcjhP1s\n" + "TvXF7Vx1aj+xDidGLLW188G35oFKIhEyHQV2V7vzRAUCAwEAAaOCAbUwggGxMFAG\n" + "A1UdEQRJMEeCEXVlZGF0YS5hbWF6b24uY29tggphbWF6b24uY29tgghhbXpuLmNv\n" + "bYIMd3d3LmFtem4uY29tgg53d3cuYW1hem9uLmNvbTAJBgNVHRMEAjAAMA4GA1Ud\n" + "DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwQwYDVR0g\n" + "BDwwOjA4BgpghkgBhvhFAQc2MCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZl\n" + "cmlzaWduLmNvbS9jcHMwHwYDVR0jBBgwFoAUDURcFlNEwYJ+HSCrJfQBY9i+eaUw\n" + "RQYDVR0fBD4wPDA6oDigNoY0aHR0cDovL1NWUlNlY3VyZS1HMy1jcmwudmVyaXNp\n" + "Z24uY29tL1NWUlNlY3VyZUczLmNybDB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUH\n" + "MAGGGGh0dHA6Ly9vY3NwLnZlcmlzaWduLmNvbTBABggrBgEFBQcwAoY0aHR0cDov\n" + "L1NWUlNlY3VyZS1HMy1haWEudmVyaXNpZ24uY29tL1NWUlNlY3VyZUczLmNlcjAN\n" + "BgkqhkiG9w0BAQUFAAOCAQEAOeZfjkI0yR/nutCMHp5/uB/evkB8qIYxh1KKbhPB\n" + "TmpykmJxiLKrBBcBBu9kW5lMbNPSNclE4sCyN0dxCJHwPm7ubNUxsmDSTPTJOx0M\n" + "zl0WZVaZ7eX3nw1kj8jSoK0f5n87RzKK85MwBFsEn73Z2pDvxTcd72BE0T1UJLcU\n" + "2A5uHAJyvm2QpOWBIRKlJHIHCcu5xjj5yLnGO9id0cjOjEgj9f1Mo4hzawL5vQfk\n" + "o/xFxAsA70bk2trv54kgLvhmAW+B6OpN3Z/xB4mWNOw3G8bg/u+pCLvd8KRO5V8K\n" + "TlgO1NTaOgYC6OAF3USNMhuNZh6h5tWA3mA8rFr8ZsayhA==\n" + "-----END CERTIFICATE-----\n", + /* chain[1] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIF7DCCBNSgAwIBAgIQbsx6pacDIAm4zrz06VLUkTANBgkqhkiG9w0BAQUFADCB\n" + "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" + "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n" + "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n" + "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n" + "aG9yaXR5IC0gRzUwHhcNMTAwMjA4MDAwMDAwWhcNMjAwMjA3MjM1OTU5WjCBtTEL\n" + "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n" + "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n" + "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMmVmVy\n" + "aVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwggEiMA0GCSqGSIb3\n" + "DQEBAQUAA4IBDwAwggEKAoIBAQCxh4QfwgxF9byrJZenraI+nLr2wTm4i8rCrFbG\n" + "5btljkRPTc5v7QlK1K9OEJxoiy6Ve4mbE8riNDTB81vzSXtig0iBdNGIeGwCU/m8\n" + "f0MmV1gzgzszChew0E6RJK2GfWQS3HRKNKEdCuqWHQsV/KNLO85jiND4LQyUhhDK\n" + "tpo9yus3nABINYYpUHjoRWPNGUFP9ZXse5jUxHGzUL4os4+guVOc9cosI6n9FAbo\n" + "GLSa6Dxugf3kzTU2s1HTaewSulZub5tXxYsU5w7HnO1KVGrJTcW/EbGuHGeBy0RV\n" + "M5l/JJs/U0V/hhrzPPptf4H1uErT9YU3HLWm0AnkGHs4TvoPAgMBAAGjggHfMIIB\n" + "2zA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLnZlcmlz\n" + "aWduLmNvbTASBgNVHRMBAf8ECDAGAQH/AgEAMHAGA1UdIARpMGcwZQYLYIZIAYb4\n" + "RQEHFwMwVjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2Nw\n" + "czAqBggrBgEFBQcCAjAeGhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDQG\n" + "A1UdHwQtMCswKaAnoCWGI2h0dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUu\n" + "Y3JsMA4GA1UdDwEB/wQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglp\n" + "bWFnZS9naWYwITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNo\n" + "dHRwOi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjAoBgNVHREEITAfpB0w\n" + "GzEZMBcGA1UEAxMQVmVyaVNpZ25NUEtJLTItNjAdBgNVHQ4EFgQUDURcFlNEwYJ+\n" + "HSCrJfQBY9i+eaUwHwYDVR0jBBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJ\n" + "KoZIhvcNAQEFBQADggEBAAyDJO/dwwzZWJz+NrbrioBL0aP3nfPMU++CnqOh5pfB\n" + "WJ11bOAdG0z60cEtBcDqbrIicFXZIDNAMwfCZYP6j0M3m+oOmmxw7vacgDvZN/R6\n" + "bezQGH1JSsqZxxkoor7YdyT3hSaGbYcFQEFn0Sc67dxIHSLNCwuLvPSxe/20majp\n" + "dirhGi2HbnTTiN0eIsbfFrYrghQKlFzyUOyvzv9iNw2tZdMGQVPtAhTItVgooazg\n" + "W+yzf5VK+wPIrSbb5mZ4EkrZn0L74ZjmQoObj49nJOhhGbXdzbULJgWOw27EyHW4\n" + "Rs/iGAZeqa6ogZpHFt4MKGwlJ7net4RYxh84HqTEy2Y=\n" + "-----END CERTIFICATE-----\n", + /* chain[2] */ + "-----BEGIN CERTIFICATE-----\n" + "MIIExjCCBC+gAwIBAgIQNZcxh/OHOgcyfs5YDJt+2jANBgkqhkiG9w0BAQUFADBf\n" + "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n" + "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n" + "HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx\n" + "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n" + "dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv\n" + "ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz\n" + "IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi\n" + "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8\n" + "RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb\n" + "ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR\n" + "TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/\n" + "Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH\n" + "iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB\n" + "AAGjggGRMIIBjTAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0\n" + "dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjA9\n" + "BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVy\n" + "aXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwNAYD\n" + "VR0lBC0wKwYJYIZIAYb4QgQBBgpghkgBhvhFAQgBBggrBgEFBQcDAQYIKwYBBQUH\n" + "AwIwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUr\n" + "DgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNp\n" + "Z24uY29tL3ZzbG9nby5naWYwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhho\n" + "dHRwOi8vb2NzcC52ZXJpc2lnbi5jb20wDQYJKoZIhvcNAQEFBQADgYEADyWuSO0b\n" + "M4VMDLXC1/5N1oMoTEFlYAALd0hxgv5/21oOIMzS6ke8ZEJhRDR0MIGBJopK90Rd\n" + "fjSAqLiD4gnXbSPdie0oCL1jWhFXCMSe2uJoKK/dUDzsgiHYAMJVRFBwQa2DF3m6\n" + "CPMr3u00HUSe0gST9MsFFy0JLS1j7/YmC3s=\n" + "-----END CERTIFICATE-----\n", + NULL, + /* chain[4] - alt CA */ + "-----BEGIN CERTIFICATE-----\n" + "MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB\n" + "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n" + "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n" + "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n" + "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n" + "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL\n" + "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n" + "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln\n" + "biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp\n" + "U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y\n" + "aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1\n" + "nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex\n" + "t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz\n" + "SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG\n" + "BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+\n" + "rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/\n" + "NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E\n" + "BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH\n" + "BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy\n" + "aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv\n" + "MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE\n" + "p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y\n" + "5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK\n" + "WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ\n" + "4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N\n" + "hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq\n" + "-----END CERTIFICATE-----\n", + NULL }; /* TLS feature extension chains */ @@ -3592,7 +3593,6 @@ static const char *tls_feat_no_ext[] = { NULL }; - /* Intermediate has a subset of the CA's list */ static const char *tls_feat_inter_subset_fail[] = { "-----BEGIN CERTIFICATE-----\n" @@ -3672,7 +3672,6 @@ static const char *tls_feat_inter_subset_fail[] = { NULL }; - /* Intermediate has unrelated values to the CA's */ static const char *tls_feat_inter_unrelated_fail[] = { "-----BEGIN CERTIFICATE-----\n" @@ -3752,7 +3751,7 @@ static const char *tls_feat_inter_unrelated_fail[] = { NULL }; - /* All feat extensions ok */ +/* All feat extensions ok */ static const char *tls_feat_ok[] = { "-----BEGIN CERTIFICATE-----\n" "MIIEPzCCAqegAwIBAgIMV2q1gxhOXfKDif2GMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" @@ -4262,189 +4261,321 @@ static const char *rsa_sha1_not_in_trusted_ca[] = { }; #if defined __clang__ || __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 5) -# pragma GCC diagnostic push -# pragma GCC diagnostic ignored "-Wunused-variable" +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wunused-variable" #endif -static struct -{ - const char *name; - const char **chain; - const char **ca; - unsigned int verify_flags; - unsigned int expected_verify_result; - const char *purpose; - time_t expected_time; - unsigned notfips; -} chains[] = -{ - { "CVE-2014-0092", cve_2014_0092_check, &cve_2014_0092_check[1], - 0, - GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID, NULL, 1412850586}, - { "CVE-2008-4989", cve_2008_4989_chain, &cve_2008_4989_chain[2], - GNUTLS_VERIFY_ALLOW_BROKEN, - GNUTLS_CERT_SIGNER_NOT_FOUND | GNUTLS_CERT_EXPIRED | GNUTLS_CERT_INVALID, NULL}, - { "amazon.com ok", verisign_com_chain_g5, &verisign_com_chain_g5[4], - GNUTLS_VERIFY_ALLOW_BROKEN | GNUTLS_VERIFY_DISABLE_TIME_CHECKS | GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_LOW), - 0, NULL}, - { "verisign.com v1 fail", verisign_com_chain, &verisign_com_chain[3], - GNUTLS_VERIFY_ALLOW_BROKEN, - GNUTLS_CERT_EXPIRED | GNUTLS_CERT_INVALID, NULL}, - { "verisign.com v1 ok", verisign_com_chain, &verisign_com_chain[3], - GNUTLS_VERIFY_ALLOW_BROKEN | GNUTLS_VERIFY_DISABLE_TIME_CHECKS | GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_LOW), - 0, NULL}, - { "verisign.com v1 not ok due to profile", verisign_com_chain, &verisign_com_chain[3], - GNUTLS_VERIFY_DISABLE_TIME_CHECKS | GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_LEGACY), - GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL}, - { "verisign.com v1 not ok due to profile", verisign_com_chain, &verisign_com_chain[3], - GNUTLS_VERIFY_DISABLE_TIME_CHECKS | GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_HIGH), - GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL}, - { "citibank.com v1 fail", citibank_com_chain, &citibank_com_chain[2], - GNUTLS_VERIFY_ALLOW_BROKEN | GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT, GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID, NULL}, - { "expired self signed", pem_self_cert, &pem_self_cert[0], - 0, GNUTLS_CERT_EXPIRED | GNUTLS_CERT_INVALID, NULL}, - { "self signed", pem_self_cert, &pem_self_cert[0], - GNUTLS_VERIFY_DISABLE_TIME_CHECKS, 0, NULL}, - { "ca=false", thea_chain, &thea_chain[1], - GNUTLS_VERIFY_ALLOW_BROKEN, - GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID, NULL}, - { "ca=false2", thea_chain, &thea_chain[1], - GNUTLS_VERIFY_ALLOW_BROKEN, GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID, NULL}, - { "hbci v1 fail", hbci_chain, &hbci_chain[2], - GNUTLS_VERIFY_ALLOW_BROKEN | GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT, GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID, NULL}, - { "hbci v1 ok expired", hbci_chain, &hbci_chain[2], - GNUTLS_VERIFY_ALLOW_BROKEN, - GNUTLS_CERT_EXPIRED | GNUTLS_CERT_INVALID, NULL}, - { "hbci v1 ok", hbci_chain, &hbci_chain[2], - GNUTLS_VERIFY_ALLOW_BROKEN|GNUTLS_VERIFY_DISABLE_TIME_CHECKS, - 0, NULL}, - { "rsa-md5 fail", mayfirst_chain, &mayfirst_chain[1], - GNUTLS_VERIFY_DISABLE_TIME_CHECKS, - GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL}, - { "rsa-md5 not ok", mayfirst_chain, &mayfirst_chain[1], - GNUTLS_VERIFY_DISABLE_TIME_CHECKS | GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2, - GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL}, - { "rsa-md5 not ok2", mayfirst_chain, &mayfirst_chain[1], - GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5, - GNUTLS_CERT_EXPIRED | GNUTLS_CERT_INVALID, NULL}, - { "rsa-md5 ok", mayfirst_chain, &mayfirst_chain[1], - GNUTLS_VERIFY_DISABLE_TIME_CHECKS | GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5, 0, NULL}, - { "rsa-md5 ok - allow broken", mayfirst_chain, &mayfirst_chain[1], - GNUTLS_VERIFY_DISABLE_TIME_CHECKS | GNUTLS_VERIFY_ALLOW_BROKEN, 0, NULL}, - { "v1ca fail", v1ca, &v1ca[2], - GNUTLS_VERIFY_ALLOW_BROKEN|GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT, GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID, NULL}, +static struct { + const char *name; + const char **chain; + const char **ca; + unsigned int verify_flags; + unsigned int expected_verify_result; + const char *purpose; + time_t expected_time; + unsigned notfips; +} chains[] = { + { "CVE-2014-0092", cve_2014_0092_check, &cve_2014_0092_check[1], 0, + GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID, NULL, 1412850586 }, + { "CVE-2008-4989", cve_2008_4989_chain, &cve_2008_4989_chain[2], + GNUTLS_VERIFY_ALLOW_BROKEN, + GNUTLS_CERT_SIGNER_NOT_FOUND | GNUTLS_CERT_EXPIRED | + GNUTLS_CERT_INVALID, + NULL }, + { "amazon.com ok", verisign_com_chain_g5, &verisign_com_chain_g5[4], + GNUTLS_VERIFY_ALLOW_BROKEN | GNUTLS_VERIFY_DISABLE_TIME_CHECKS | + GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_LOW), + 0, NULL }, + { "verisign.com v1 fail", verisign_com_chain, &verisign_com_chain[3], + GNUTLS_VERIFY_ALLOW_BROKEN, GNUTLS_CERT_EXPIRED | GNUTLS_CERT_INVALID, + NULL }, + { "verisign.com v1 ok", verisign_com_chain, &verisign_com_chain[3], + GNUTLS_VERIFY_ALLOW_BROKEN | GNUTLS_VERIFY_DISABLE_TIME_CHECKS | + GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_LOW), + 0, NULL }, + { "verisign.com v1 not ok due to profile", verisign_com_chain, + &verisign_com_chain[3], + GNUTLS_VERIFY_DISABLE_TIME_CHECKS | + GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_LEGACY), + GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL }, + { "verisign.com v1 not ok due to profile", verisign_com_chain, + &verisign_com_chain[3], + GNUTLS_VERIFY_DISABLE_TIME_CHECKS | + GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_HIGH), + GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL }, + { "citibank.com v1 fail", citibank_com_chain, &citibank_com_chain[2], + GNUTLS_VERIFY_ALLOW_BROKEN | + GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT, + GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID, NULL }, + { "expired self signed", pem_self_cert, &pem_self_cert[0], 0, + GNUTLS_CERT_EXPIRED | GNUTLS_CERT_INVALID, NULL }, + { "self signed", pem_self_cert, &pem_self_cert[0], + GNUTLS_VERIFY_DISABLE_TIME_CHECKS, 0, NULL }, + { "ca=false", thea_chain, &thea_chain[1], GNUTLS_VERIFY_ALLOW_BROKEN, + GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID, NULL }, + { "ca=false2", thea_chain, &thea_chain[1], GNUTLS_VERIFY_ALLOW_BROKEN, + GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID, NULL }, + { "hbci v1 fail", hbci_chain, &hbci_chain[2], + GNUTLS_VERIFY_ALLOW_BROKEN | + GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT, + GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID, NULL }, + { "hbci v1 ok expired", hbci_chain, &hbci_chain[2], + GNUTLS_VERIFY_ALLOW_BROKEN, GNUTLS_CERT_EXPIRED | GNUTLS_CERT_INVALID, + NULL }, + { "hbci v1 ok", hbci_chain, &hbci_chain[2], + GNUTLS_VERIFY_ALLOW_BROKEN | GNUTLS_VERIFY_DISABLE_TIME_CHECKS, 0, + NULL }, + { "rsa-md5 fail", mayfirst_chain, &mayfirst_chain[1], + GNUTLS_VERIFY_DISABLE_TIME_CHECKS, + GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL }, + { "rsa-md5 not ok", mayfirst_chain, &mayfirst_chain[1], + GNUTLS_VERIFY_DISABLE_TIME_CHECKS | GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2, + GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL }, + { "rsa-md5 not ok2", mayfirst_chain, &mayfirst_chain[1], + GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5, + GNUTLS_CERT_EXPIRED | GNUTLS_CERT_INVALID, NULL }, + { "rsa-md5 ok", mayfirst_chain, &mayfirst_chain[1], + GNUTLS_VERIFY_DISABLE_TIME_CHECKS | GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5, + 0, NULL }, + { "rsa-md5 ok - allow broken", mayfirst_chain, &mayfirst_chain[1], + GNUTLS_VERIFY_DISABLE_TIME_CHECKS | GNUTLS_VERIFY_ALLOW_BROKEN, 0, + NULL }, + { "v1ca fail", v1ca, &v1ca[2], + GNUTLS_VERIFY_ALLOW_BROKEN | + GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT, + GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID, NULL }, - { "pathlen fail", pathlen_check, &pathlen_check[2], - GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT | GNUTLS_VERIFY_DISABLE_TIME_CHECKS, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL}, + { "pathlen fail", pathlen_check, &pathlen_check[2], + GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT | + GNUTLS_VERIFY_DISABLE_TIME_CHECKS, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL }, - /* Test whether a V1 root certificate is correctly accepted */ - { "v1root fail", v1_root_check, &v1_root_check[1], - GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT | GNUTLS_VERIFY_DISABLE_TIME_CHECKS, GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID, NULL}, - { "v1root ok", v1_root_check, &v1_root_check[1], - GNUTLS_VERIFY_DISABLE_TIME_CHECKS, 0, NULL}, + /* Test whether a V1 root certificate is correctly accepted */ + { "v1root fail", v1_root_check, &v1_root_check[1], + GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT | + GNUTLS_VERIFY_DISABLE_TIME_CHECKS, + GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID, NULL }, + { "v1root ok", v1_root_check, &v1_root_check[1], + GNUTLS_VERIFY_DISABLE_TIME_CHECKS, 0, NULL }, - /* test whether a v1 intermediate certificate is rejected */ - { "v1invalid fail", v1_intermed_check, &v1_intermed_check[2], - GNUTLS_VERIFY_DISABLE_TIME_CHECKS, GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID, NULL}, - { "v1 leaf ok", &v1_intermed_check[1], &v1_intermed_check[2], - GNUTLS_VERIFY_DISABLE_TIME_CHECKS, 0, NULL}, + /* test whether a v1 intermediate certificate is rejected */ + { "v1invalid fail", v1_intermed_check, &v1_intermed_check[2], + GNUTLS_VERIFY_DISABLE_TIME_CHECKS, + GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID, NULL }, + { "v1 leaf ok", &v1_intermed_check[1], &v1_intermed_check[2], + GNUTLS_VERIFY_DISABLE_TIME_CHECKS, 0, NULL }, - { "v1ca expired", v1ca, &v1ca[2], - GNUTLS_VERIFY_ALLOW_BROKEN, - GNUTLS_CERT_EXPIRED | GNUTLS_CERT_INVALID , NULL}, - { "v1ca (sha1) ok - allow broken", v1ca, &v1ca[2], /* check GNUTLS_VERIFY_ALLOW_BROKEN */ - GNUTLS_VERIFY_ALLOW_BROKEN|GNUTLS_VERIFY_DISABLE_TIME_CHECKS, - 0, NULL}, - { "v1ca (sha1) ok - allow sha1", v1ca, &v1ca[2], /* check GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1 */ - GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1|GNUTLS_VERIFY_DISABLE_TIME_CHECKS, - 0, NULL}, - { "v1ca2 expired", v1ca, &v1ca[2], - GNUTLS_VERIFY_ALLOW_BROKEN|GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT, - GNUTLS_CERT_EXPIRED | GNUTLS_CERT_INVALID, NULL}, - { "v1ca2 ok", v1ca, &v1ca[2], - GNUTLS_VERIFY_ALLOW_BROKEN|GNUTLS_VERIFY_DISABLE_TIME_CHECKS | GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT, - 0, NULL}, - { "cacertrsamd5 fail", cacertrsamd5, &cacertrsamd5[2], - 0, GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL}, - { "cacertrsamd5 ok", cacertrsamd5, &cacertrsamd5[2], - GNUTLS_VERIFY_ALLOW_BROKEN, 0, NULL}, - { "cacertrsamd5 short-cut not ok", cacertrsamd5, &cacertrsamd5[0], - GNUTLS_VERIFY_DO_NOT_ALLOW_SAME, - GNUTLS_CERT_SIGNER_NOT_FOUND | GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL}, - { "cacertrsamd5 short-cut ok", cacertrsamd5, &cacertrsamd5[1], - GNUTLS_VERIFY_ALLOW_BROKEN, 0, NULL}, - { "ecc cert ok", ecc_cert, &ecc_cert[1], GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_HIGH), 0, NULL}, - { "ecc cert ok", ecc_cert, &ecc_cert[1], GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_SUITEB128), 0, NULL}, - { "ecc cert not ok (due to profile)", ecc_cert, &ecc_cert[1], GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_ULTRA), - GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL}, - { "ecc cert not ok (due to profile)", ecc_cert, &ecc_cert[1], GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_SUITEB192), - GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL}, - { "name constraints: empty CN, empty SAN, permitted dns range", nc_good0, &nc_good0[2], 0, 0, 0, 1427270515}, - { "name constraints: dns in permitted range", nc_good1, &nc_good1[4], 0, 0, NULL, 1412850586}, - { "name constraints: ipv6 in permitted range", nc_good2, &nc_good2[4], 0, 0, NULL, 1467193927}, - { "name constraints: 2 constraints (dns, dns), non-intuitive order", nc_bad0, &nc_bad0[3], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL, 1468920734}, - { "name constraints: empty CN, empty excluded dns", nc_bad1, &nc_bad1[2], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL, 1412850586}, - { "name constraints: multiple dns constraints, empty intersection", nc_bad2, &nc_bad2[4], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL, 1412850586}, - { "name constraints: dns excluded range", nc_bad3, &nc_bad3[2], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL, 1412850586}, - { "name constraints: basic dns intersection", nc_bad4, &nc_bad4[3], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL, 1412850586}, - { "name constraints: IP in excluded range", nc_bad5, &nc_bad5[2], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL, 1469540953}, - { "name constraints: 2 constraints (dns, email), non-intuitive order", nc_bad6, &nc_bad6[3], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL, 1469540953}, - { "not-modified", modified2, &modified2[3], GNUTLS_VERIFY_ALLOW_BROKEN, 0, NULL, 1412850586}, - { "kp-interm", kp_fail1, &kp_fail1[3], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_PURPOSE_MISMATCH, GNUTLS_KP_TLS_WWW_SERVER, 1412850586}, - { "kp-fin", kp_fail2, &kp_fail2[3], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_PURPOSE_MISMATCH, GNUTLS_KP_TLS_WWW_SERVER, 1412850586}, - { "kp-ok", kp_ok, &kp_ok[3], 0, 0, GNUTLS_KP_OCSP_SIGNING, 1412850586}, - { "tls features - intermediate no ext", tls_feat_inter_no_ext, &tls_feat_inter_no_ext[3], 0, GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE|GNUTLS_CERT_INVALID, 0, 1466612070}, - { "tls features - end no ext", tls_feat_no_ext, &tls_feat_no_ext[3], 0, GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE|GNUTLS_CERT_INVALID, 0, 1466612070}, - { "tls features - intermediate is subset", tls_feat_inter_subset_fail, &tls_feat_inter_subset_fail[3], 0, GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE|GNUTLS_CERT_INVALID, 0, 1466612070}, - { "tls features - intermediate has unrelated vals", tls_feat_inter_unrelated_fail, &tls_feat_inter_unrelated_fail[3], 0, GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE|GNUTLS_CERT_INVALID, 0, 1466612070}, - { "tls features - end is superset", tls_feat_superset, &tls_feat_superset[3], 0, 0, 0, 1466612070}, - { "tls features - ok", tls_feat_ok, &tls_feat_ok[3], 0, 0, 0, 1466612070}, - { "unknown crit extension on root - fail", unknown_critical_extension_on_root, &unknown_critical_extension_on_root[3], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS, GNUTLS_KP_TLS_WWW_SERVER, 1488365541}, - { "unknown crit extension on root - success", unknown_critical_extension_on_root, &unknown_critical_extension_on_root[3], GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS, 0, GNUTLS_KP_TLS_WWW_SERVER, 1488365541}, - { "unknown crit extension on intermediate - fail", unknown_critical_extension_on_intermediate, &unknown_critical_extension_on_intermediate[3], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS, GNUTLS_KP_TLS_WWW_SERVER, 1488365541}, - { "unknown crit extension on intermediate - success", unknown_critical_extension_on_intermediate, &unknown_critical_extension_on_intermediate[3], GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS, 0, GNUTLS_KP_TLS_WWW_SERVER, 1488365541}, - { "unknown crit extension on endcert - fail", unknown_critical_extension_on_endcert, &unknown_critical_extension_on_endcert[3], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS, GNUTLS_KP_TLS_WWW_SERVER, 1488365541}, - { "unknown crit extension on endcert - success", unknown_critical_extension_on_endcert, &unknown_critical_extension_on_endcert[3], GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS, 0, GNUTLS_KP_TLS_WWW_SERVER, 1488365541}, - { "rsa pss: invalid self sig - fail", rsa_pss_invalid_self_sig, &rsa_pss_invalid_self_sig[0], GNUTLS_VERIFY_DO_NOT_ALLOW_SAME, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, 0, 1501138253}, - { "rsa pss: invalid chain with pkcs#1 1.5 sig - fail", rsa_pss_invalid_chain_with_pkcs1_sig, &rsa_pss_invalid_chain_with_pkcs1_sig[2], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, 0, 1501138253}, - { "rsa pss: invalid chain with wrong hash (sha384-sha256) - fail", rsa_pss_invalid_chain_with_wrong_hash, &rsa_pss_invalid_chain_with_wrong_hash[3], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, 0, 1501138253}, - { "rsa pss: smaller salt in sig than spki - fail", rsa_pss_chain_smaller_salt_in_sig_fail, &rsa_pss_chain_smaller_salt_in_sig_fail[3], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, 0, 1550005473}, - { "rsa pss: chain with sha1 hash - fail", rsa_pss_chain_with_sha1_fail, &rsa_pss_chain_with_sha1_fail[3], 0, GNUTLS_CERT_INVALID, 0, 1501159136}, - { "rsa pss: chain with different mgf hash - fail", rsa_pss_chain_with_diff_mgf_oid_fail, &rsa_pss_chain_with_diff_mgf_oid_fail[3], 0, GNUTLS_CERT_INVALID, 0, 1501159136}, - { "rsa pss: chain with sha256 - ok", rsa_pss_chain_sha256_ok, &rsa_pss_chain_sha256_ok[3], 0, 0, 0, 1501138253}, - { "rsa pss: chain with sha384 - ok", rsa_pss_chain_sha384_ok, &rsa_pss_chain_sha384_ok[3], 0, 0, 0, 1501138253}, - { "rsa pss: chain with sha512 - ok", rsa_pss_chain_sha512_ok, &rsa_pss_chain_sha512_ok[3], 0, 0, 0, 1501138253}, - { "rsa pss: chain with increasing salt size - ok", rsa_pss_chain_increasing_salt_size_ok, &rsa_pss_chain_increasing_salt_size_ok[3], 0, 0, 0, 1501159136}, - { "rsa pss: chain with alternating signatures - ok", rsa_pss_chain_pkcs11_pss_pkcs1_ok, &rsa_pss_chain_pkcs11_pss_pkcs1_ok[3], 0, 0, 0, 1501159136}, - { "rsa pss: chain with changing hashes - ok", rsa_pss_chain_sha512_sha384_sha256_ok, &rsa_pss_chain_sha512_sha384_sha256_ok[3], 0, 0, 0, 1501159136}, - { "no subject id: chain with missing subject id, but valid auth id - ok", chain_with_no_subject_id_in_ca_ok, &chain_with_no_subject_id_in_ca_ok[4], 0, 0, 0, 1537518468}, + { "v1ca expired", v1ca, &v1ca[2], GNUTLS_VERIFY_ALLOW_BROKEN, + GNUTLS_CERT_EXPIRED | GNUTLS_CERT_INVALID, NULL }, + { "v1ca (sha1) ok - allow broken", v1ca, + &v1ca[2], /* check GNUTLS_VERIFY_ALLOW_BROKEN */ + GNUTLS_VERIFY_ALLOW_BROKEN | GNUTLS_VERIFY_DISABLE_TIME_CHECKS, 0, + NULL }, + { "v1ca (sha1) ok - allow sha1", v1ca, + &v1ca[2], /* check GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1 */ + GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1 | + GNUTLS_VERIFY_DISABLE_TIME_CHECKS, + 0, NULL }, + { "v1ca2 expired", v1ca, &v1ca[2], + GNUTLS_VERIFY_ALLOW_BROKEN | GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT, + GNUTLS_CERT_EXPIRED | GNUTLS_CERT_INVALID, NULL }, + { "v1ca2 ok", v1ca, &v1ca[2], + GNUTLS_VERIFY_ALLOW_BROKEN | GNUTLS_VERIFY_DISABLE_TIME_CHECKS | + GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT, + 0, NULL }, + { "cacertrsamd5 fail", cacertrsamd5, &cacertrsamd5[2], 0, + GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL }, + { "cacertrsamd5 ok", cacertrsamd5, &cacertrsamd5[2], + GNUTLS_VERIFY_ALLOW_BROKEN, 0, NULL }, + { "cacertrsamd5 short-cut not ok", cacertrsamd5, &cacertrsamd5[0], + GNUTLS_VERIFY_DO_NOT_ALLOW_SAME, + GNUTLS_CERT_SIGNER_NOT_FOUND | GNUTLS_CERT_INSECURE_ALGORITHM | + GNUTLS_CERT_INVALID, + NULL }, + { "cacertrsamd5 short-cut ok", cacertrsamd5, &cacertrsamd5[1], + GNUTLS_VERIFY_ALLOW_BROKEN, 0, NULL }, + { "ecc cert ok", ecc_cert, &ecc_cert[1], + GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_HIGH), 0, NULL }, + { "ecc cert ok", ecc_cert, &ecc_cert[1], + GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_SUITEB128), 0, NULL }, + { "ecc cert not ok (due to profile)", ecc_cert, &ecc_cert[1], + GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_ULTRA), + GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL }, + { "ecc cert not ok (due to profile)", ecc_cert, &ecc_cert[1], + GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_SUITEB192), + GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL }, + { "name constraints: empty CN, empty SAN, permitted dns range", + nc_good0, &nc_good0[2], 0, 0, 0, 1427270515 }, + { "name constraints: dns in permitted range", nc_good1, &nc_good1[4], 0, + 0, NULL, 1412850586 }, + { "name constraints: ipv6 in permitted range", nc_good2, &nc_good2[4], + 0, 0, NULL, 1467193927 }, + { "name constraints: 2 constraints (dns, dns), non-intuitive order", + nc_bad0, &nc_bad0[3], 0, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL, + 1468920734 }, + { "name constraints: empty CN, empty excluded dns", nc_bad1, + &nc_bad1[2], 0, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL, + 1412850586 }, + { "name constraints: multiple dns constraints, empty intersection", + nc_bad2, &nc_bad2[4], 0, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL, + 1412850586 }, + { "name constraints: dns excluded range", nc_bad3, &nc_bad3[2], 0, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL, + 1412850586 }, + { "name constraints: basic dns intersection", nc_bad4, &nc_bad4[3], 0, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL, + 1412850586 }, + { "name constraints: IP in excluded range", nc_bad5, &nc_bad5[2], 0, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL, + 1469540953 }, + { "name constraints: 2 constraints (dns, email), non-intuitive order", + nc_bad6, &nc_bad6[3], 0, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL, + 1469540953 }, + { "not-modified", modified2, &modified2[3], GNUTLS_VERIFY_ALLOW_BROKEN, + 0, NULL, 1412850586 }, + { "kp-interm", kp_fail1, &kp_fail1[3], 0, + GNUTLS_CERT_INVALID | GNUTLS_CERT_PURPOSE_MISMATCH, + GNUTLS_KP_TLS_WWW_SERVER, 1412850586 }, + { "kp-fin", kp_fail2, &kp_fail2[3], 0, + GNUTLS_CERT_INVALID | GNUTLS_CERT_PURPOSE_MISMATCH, + GNUTLS_KP_TLS_WWW_SERVER, 1412850586 }, + { "kp-ok", kp_ok, &kp_ok[3], 0, 0, GNUTLS_KP_OCSP_SIGNING, 1412850586 }, + { "tls features - intermediate no ext", tls_feat_inter_no_ext, + &tls_feat_inter_no_ext[3], 0, + GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE | GNUTLS_CERT_INVALID, 0, + 1466612070 }, + { "tls features - end no ext", tls_feat_no_ext, &tls_feat_no_ext[3], 0, + GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE | GNUTLS_CERT_INVALID, 0, + 1466612070 }, + { "tls features - intermediate is subset", tls_feat_inter_subset_fail, + &tls_feat_inter_subset_fail[3], 0, + GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE | GNUTLS_CERT_INVALID, 0, + 1466612070 }, + { "tls features - intermediate has unrelated vals", + tls_feat_inter_unrelated_fail, &tls_feat_inter_unrelated_fail[3], 0, + GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE | GNUTLS_CERT_INVALID, 0, + 1466612070 }, + { "tls features - end is superset", tls_feat_superset, + &tls_feat_superset[3], 0, 0, 0, 1466612070 }, + { "tls features - ok", tls_feat_ok, &tls_feat_ok[3], 0, 0, 0, + 1466612070 }, + { "unknown crit extension on root - fail", + unknown_critical_extension_on_root, + &unknown_critical_extension_on_root[3], 0, + GNUTLS_CERT_INVALID | GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS, + GNUTLS_KP_TLS_WWW_SERVER, 1488365541 }, + { "unknown crit extension on root - success", + unknown_critical_extension_on_root, + &unknown_critical_extension_on_root[3], + GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS, 0, + GNUTLS_KP_TLS_WWW_SERVER, 1488365541 }, + { "unknown crit extension on intermediate - fail", + unknown_critical_extension_on_intermediate, + &unknown_critical_extension_on_intermediate[3], 0, + GNUTLS_CERT_INVALID | GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS, + GNUTLS_KP_TLS_WWW_SERVER, 1488365541 }, + { "unknown crit extension on intermediate - success", + unknown_critical_extension_on_intermediate, + &unknown_critical_extension_on_intermediate[3], + GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS, 0, + GNUTLS_KP_TLS_WWW_SERVER, 1488365541 }, + { "unknown crit extension on endcert - fail", + unknown_critical_extension_on_endcert, + &unknown_critical_extension_on_endcert[3], 0, + GNUTLS_CERT_INVALID | GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS, + GNUTLS_KP_TLS_WWW_SERVER, 1488365541 }, + { "unknown crit extension on endcert - success", + unknown_critical_extension_on_endcert, + &unknown_critical_extension_on_endcert[3], + GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS, 0, + GNUTLS_KP_TLS_WWW_SERVER, 1488365541 }, + { "rsa pss: invalid self sig - fail", rsa_pss_invalid_self_sig, + &rsa_pss_invalid_self_sig[0], GNUTLS_VERIFY_DO_NOT_ALLOW_SAME, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, 0, + 1501138253 }, + { "rsa pss: invalid chain with pkcs#1 1.5 sig - fail", + rsa_pss_invalid_chain_with_pkcs1_sig, + &rsa_pss_invalid_chain_with_pkcs1_sig[2], 0, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, 0, + 1501138253 }, + { "rsa pss: invalid chain with wrong hash (sha384-sha256) - fail", + rsa_pss_invalid_chain_with_wrong_hash, + &rsa_pss_invalid_chain_with_wrong_hash[3], 0, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, 0, + 1501138253 }, + { "rsa pss: smaller salt in sig than spki - fail", + rsa_pss_chain_smaller_salt_in_sig_fail, + &rsa_pss_chain_smaller_salt_in_sig_fail[3], 0, + GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, 0, + 1550005473 }, + { "rsa pss: chain with sha1 hash - fail", rsa_pss_chain_with_sha1_fail, + &rsa_pss_chain_with_sha1_fail[3], 0, GNUTLS_CERT_INVALID, 0, + 1501159136 }, + { "rsa pss: chain with different mgf hash - fail", + rsa_pss_chain_with_diff_mgf_oid_fail, + &rsa_pss_chain_with_diff_mgf_oid_fail[3], 0, GNUTLS_CERT_INVALID, 0, + 1501159136 }, + { "rsa pss: chain with sha256 - ok", rsa_pss_chain_sha256_ok, + &rsa_pss_chain_sha256_ok[3], 0, 0, 0, 1501138253 }, + { "rsa pss: chain with sha384 - ok", rsa_pss_chain_sha384_ok, + &rsa_pss_chain_sha384_ok[3], 0, 0, 0, 1501138253 }, + { "rsa pss: chain with sha512 - ok", rsa_pss_chain_sha512_ok, + &rsa_pss_chain_sha512_ok[3], 0, 0, 0, 1501138253 }, + { "rsa pss: chain with increasing salt size - ok", + rsa_pss_chain_increasing_salt_size_ok, + &rsa_pss_chain_increasing_salt_size_ok[3], 0, 0, 0, 1501159136 }, + { "rsa pss: chain with alternating signatures - ok", + rsa_pss_chain_pkcs11_pss_pkcs1_ok, + &rsa_pss_chain_pkcs11_pss_pkcs1_ok[3], 0, 0, 0, 1501159136 }, + { "rsa pss: chain with changing hashes - ok", + rsa_pss_chain_sha512_sha384_sha256_ok, + &rsa_pss_chain_sha512_sha384_sha256_ok[3], 0, 0, 0, 1501159136 }, + { "no subject id: chain with missing subject id, but valid auth id - ok", + chain_with_no_subject_id_in_ca_ok, + &chain_with_no_subject_id_in_ca_ok[4], 0, 0, 0, 1537518468 }, #ifdef ENABLE_GOST - { "gost 34.10-01 - ok", gost01, &gost01[2], GNUTLS_VERIFY_ALLOW_BROKEN, 0, 0, 1466612070, 1}, - { "gost 34.10-01 - not ok (due to gostr94)", gost01, &gost01[2], 0, - GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL, 1466612070, 1}, - { "gost 34.10-01 - not ok (due to profile)", gost01, &gost01[2], GNUTLS_VERIFY_ALLOW_BROKEN|GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_ULTRA), - GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL, 1466612070, 1}, - { "gost 34.10-12-256 - ok", gost12_256, &gost12_256[0], 0, 0, 0, 1466612070, 1}, - { "gost 34.10-12-512 - ok", gost12_512, &gost12_512[0], 0, 0, 0, 1466612070, 1}, + { "gost 34.10-01 - ok", gost01, &gost01[2], GNUTLS_VERIFY_ALLOW_BROKEN, + 0, 0, 1466612070, 1 }, + { "gost 34.10-01 - not ok (due to gostr94)", gost01, &gost01[2], 0, + GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL, + 1466612070, 1 }, + { "gost 34.10-01 - not ok (due to profile)", gost01, &gost01[2], + GNUTLS_VERIFY_ALLOW_BROKEN | + GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_ULTRA), + GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL, + 1466612070, 1 }, + { "gost 34.10-12-256 - ok", gost12_256, &gost12_256[0], 0, 0, 0, + 1466612070, 1 }, + { "gost 34.10-12-512 - ok", gost12_512, &gost12_512[0], 0, 0, 0, + 1466612070, 1 }, #endif - { "rsa-512 - not ok (due to profile)", rsa_512, &rsa_512[0], GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_MEDIUM), - GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL, 1576759855, 1}, - { "ed448 - ok", ed448, &ed448[0], GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_ULTRA), - 0, NULL, 1584352960, 1}, - { "superseding - ok", superseding, superseding_ca, 0, 0, 0, 1590928011 }, - { "rsa-sha1 in trusted - ok", - rsa_sha1_in_trusted, rsa_sha1_in_trusted_ca, - GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_MEDIUM), - 0, NULL, 1620052390, 1}, - { "rsa-sha1 not in trusted - not ok", - rsa_sha1_not_in_trusted, rsa_sha1_not_in_trusted_ca, - GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_MEDIUM), - GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL, 1620118136, 1}, - { NULL, NULL, NULL, 0, 0} + { "rsa-512 - not ok (due to profile)", rsa_512, &rsa_512[0], + GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_MEDIUM), + GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL, + 1576759855, 1 }, + { "ed448 - ok", ed448, &ed448[0], + GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_ULTRA), 0, NULL, 1584352960, + 1 }, + { "superseding - ok", superseding, superseding_ca, 0, 0, 0, + 1590928011 }, + { "rsa-sha1 in trusted - ok", rsa_sha1_in_trusted, + rsa_sha1_in_trusted_ca, + GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_MEDIUM), 0, NULL, 1620052390, + 1 }, + { "rsa-sha1 not in trusted - not ok", rsa_sha1_not_in_trusted, + rsa_sha1_not_in_trusted_ca, + GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_MEDIUM), + GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL, + 1620118136, 1 }, + { NULL, NULL, NULL, 0, 0 } }; #if defined __clang__ || __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 5) -# pragma GCC diagnostic pop +#pragma GCC diagnostic pop #endif -#endif /* GNUTLS_TESTS_TEST_CHAINS_H */ +#endif /* GNUTLS_TESTS_TEST_CHAINS_H */ diff --git a/tests/time.c b/tests/time.c index b97befed61..5415bfd6fe 100644 --- a/tests/time.c +++ b/tests/time.c @@ -24,7 +24,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -44,24 +44,14 @@ struct time_tests_st { }; struct time_tests_st general_time_tests[] = { - { - .time_str = "20190520133237Z", - .utime = 1558359157}, - { - .time_str = "20170101000000Z", - .utime = 1483228800}, - { - .time_str = "19700101000000Z", - .utime = 0}, + { .time_str = "20190520133237Z", .utime = 1558359157 }, + { .time_str = "20170101000000Z", .utime = 1483228800 }, + { .time_str = "19700101000000Z", .utime = 0 }, }; struct time_tests_st utc_time_tests[] = { - { - .time_str = "190520133237", - .utime = 1558359157}, - { - .time_str = "170101000000Z", - .utime = 1483228800}, + { .time_str = "190520133237", .utime = 1558359157 }, + { .time_str = "170101000000Z", .utime = 1483228800 }, }; void doit(void) @@ -72,8 +62,8 @@ void doit(void) for (i = 0; i < sizeof(general_time_tests) / sizeof(general_time_tests[0]); i++) { - t = _gnutls_x509_generalTime2gtime(general_time_tests - [i].time_str); + t = _gnutls_x509_generalTime2gtime( + general_time_tests[i].time_str); if (t != general_time_tests[i].utime) { fprintf(stderr, "%s: Error in GeneralTime conversion\n", general_time_tests[i].time_str); @@ -82,7 +72,8 @@ void doit(void) } } - for (i = 0; i < sizeof(utc_time_tests) / sizeof(utc_time_tests[0]); i++) { + for (i = 0; i < sizeof(utc_time_tests) / sizeof(utc_time_tests[0]); + i++) { t = _gnutls_utcTime2gtime(utc_time_tests[i].time_str); if (t != utc_time_tests[i].utime) { fprintf(stderr, "%s: Error in utcTime conversion\n", diff --git a/tests/tls-channel-binding.c b/tests/tls-channel-binding.c index 311e39f8cf..2b81f8c42b 100644 --- a/tests/tls-channel-binding.c +++ b/tests/tls-channel-binding.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -46,15 +46,14 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static int -check_binding_data(gnutls_session_t client, gnutls_session_t server, - int cbtype, const char *cbname, int negative) +static int check_binding_data(gnutls_session_t client, gnutls_session_t server, + int cbtype, const char *cbname, int negative) { gnutls_datum_t client_cb = { 0 }; gnutls_datum_t server_cb = { 0 }; - if (gnutls_session_channel_binding(client, cbtype, &client_cb) - != GNUTLS_E_SUCCESS) { + if (gnutls_session_channel_binding(client, cbtype, &client_cb) != + GNUTLS_E_SUCCESS) { if (negative == 0) { fail("Cannot get client binding %s\n", cbname); return 1; @@ -63,8 +62,8 @@ check_binding_data(gnutls_session_t client, gnutls_session_t server, fail("Client retrieval of %s was supposed to fail\n", cbname); return 1; } - if (gnutls_session_channel_binding(server, cbtype, &server_cb) - != GNUTLS_E_SUCCESS) { + if (gnutls_session_channel_binding(server, cbtype, &server_cb) != + GNUTLS_E_SUCCESS) { if (negative == 0) { fail("Cannot get server binding %s\n", cbname); return -1; @@ -78,11 +77,12 @@ check_binding_data(gnutls_session_t client, gnutls_session_t server, return 0; if (server_cb.size != client_cb.size && client_cb.size > 0) { - fail("%s wrong binding data length: %d:%d\n", - cbname, client_cb.size, server_cb.size); + fail("%s wrong binding data length: %d:%d\n", cbname, + client_cb.size, server_cb.size); return 2; } - if (gnutls_memcmp(client_cb.data, server_cb.data, client_cb.size) != 0) { + if (gnutls_memcmp(client_cb.data, server_cb.data, client_cb.size) != + 0) { fail("%s wrong binding data content\n", cbname); return -2; } @@ -91,8 +91,8 @@ check_binding_data(gnutls_session_t client, gnutls_session_t server, return 0; } -static int -serv_psk_func(gnutls_session_t session, const char *user, gnutls_datum_t * pass) +static int serv_psk_func(gnutls_session_t session, const char *user, + gnutls_datum_t *pass) { pass->size = 4; pass->data = gnutls_malloc(pass->size); @@ -103,9 +103,8 @@ serv_psk_func(gnutls_session_t session, const char *user, gnutls_datum_t * pass) return 0; } -static void -tls_setup_peers(gnutls_session_t * client, gnutls_session_t * server, - const char *cprio, const char *sprio, int raw) +static void tls_setup_peers(gnutls_session_t *client, gnutls_session_t *server, + const char *cprio, const char *sprio, int raw) { gnutls_certificate_credentials_t clientx509cred; gnutls_certificate_credentials_t serverx509cred; @@ -126,11 +125,9 @@ tls_setup_peers(gnutls_session_t * client, gnutls_session_t * server, /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); if (raw) - gnutls_certificate_set_rawpk_key_mem(serverx509cred, - &rawpk_public_key1, - &rawpk_private_key1, - GNUTLS_X509_FMT_PEM, NULL, - 0, NULL, 0, 0); + gnutls_certificate_set_rawpk_key_mem( + serverx509cred, &rawpk_public_key1, &rawpk_private_key1, + GNUTLS_X509_FMT_PEM, NULL, 0, NULL, 0, 0); else gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, &server_key, @@ -206,8 +203,7 @@ static void tlsv13_binding(void) success("testing TLSv1.3 x509 channel binding\n"); - tls_setup_peers(&client, &server, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", + tls_setup_peers(&client, &server, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", "NORMAL:+VERS-TLS1.3", 0); if (gnutls_protocol_get_version(client) != GNUTLS_TLS1_3) @@ -246,10 +242,11 @@ static void rawv13_binding(void) success("testing TLSv1.3 RAWPK channel binding\n"); - tls_setup_peers(&client, &server, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:+CTYPE-ALL", - "NORMAL:+VERS-TLS1.3:+ANON-ECDH:+ANON-DH:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519:+CTYPE-ALL", - 1); + tls_setup_peers( + &client, &server, + "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:+CTYPE-ALL", + "NORMAL:+VERS-TLS1.3:+ANON-ECDH:+ANON-DH:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519:+CTYPE-ALL", + 1); if (gnutls_protocol_get_version(client) != GNUTLS_TLS1_3) fail("TLS1.3 was not negotiated\n"); @@ -268,8 +265,7 @@ static void rawv13_binding(void) /* tls-server-end-point testing, undefined for anon and psk */ if (check_binding_data(client, server, GNUTLS_CB_TLS_SERVER_END_POINT, "tls-server-end-point", 1) == 0) - success - ("binding fail: tls-server-end-point invalid for rawpk\n"); + success("binding fail: tls-server-end-point invalid for rawpk\n"); /* tls-exporter testing, take both sides and compare */ if (check_binding_data(client, server, GNUTLS_CB_TLS_EXPORTER, @@ -309,8 +305,7 @@ static void pskv13_binding(void) /* tls-server-end-point testing, undefined for anon and psk */ if (check_binding_data(client, server, GNUTLS_CB_TLS_SERVER_END_POINT, "tls-server-end-point", 1) == 0) - success - ("binding fail: tls-server-end-point invalid for anon\n"); + success("binding fail: tls-server-end-point invalid for anon\n"); /* tls-exporter testing, take both sides and compare */ if (check_binding_data(client, server, GNUTLS_CB_TLS_EXPORTER, @@ -390,8 +385,7 @@ static void anon12_binding(void) /* tls-server-end-point testing, undefined for anon and psk */ if (check_binding_data(client, server, GNUTLS_CB_TLS_SERVER_END_POINT, "tls-server-end-point", 1) == 0) - success - ("binding fail: tls-server-end-point invalid for anon\n"); + success("binding fail: tls-server-end-point invalid for anon\n"); /* tls-exporter testing, take both sides and compare */ if (check_binding_data(client, server, GNUTLS_CB_TLS_EXPORTER, @@ -431,8 +425,7 @@ static void pskv12_binding(void) /* tls-server-end-point testing, undefined for anon and psk */ if (check_binding_data(client, server, GNUTLS_CB_TLS_SERVER_END_POINT, "tls-server-end-point", 1) == 0) - success - ("binding fail: tls-server-end-point invalid for anon\n"); + success("binding fail: tls-server-end-point invalid for anon\n"); /* tls-exporter testing, take both sides and compare */ if (check_binding_data(client, server, GNUTLS_CB_TLS_EXPORTER, diff --git a/tests/tls-client-with-seccomp.c b/tests/tls-client-with-seccomp.c index a51df74c2f..0d04d71ba1 100644 --- a/tests/tls-client-with-seccomp.c +++ b/tests/tls-client-with-seccomp.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,19 +35,19 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "cert-common.h" +#include "utils.h" static void terminate(void); @@ -61,7 +61,7 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, const char *prio) { @@ -101,8 +101,7 @@ static void client(int fd, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -115,8 +114,8 @@ static void client(int fd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { ret = gnutls_record_recv(session, buffer, sizeof(buffer) - 1); @@ -137,7 +136,7 @@ static void client(int fd, const char *prio) gnutls_strerror(ret)); } - end: +end: close(fd); @@ -178,9 +177,8 @@ static void server(int fd, const char *prio) gnutls_certificate_allocate_credentials(&xcred); - ret = gnutls_certificate_set_x509_key_mem(xcred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + xcred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -198,8 +196,7 @@ static void server(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -212,8 +209,8 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* see the Getting peer's information example */ /* print_info(session); */ @@ -248,8 +245,7 @@ static void server(int fd, const char *prio) success("server: finished\n"); } -static -void run(const char *name, const char *prio) +static void run(const char *name, const char *prio) { int fd[2]; int ret; @@ -291,4 +287,4 @@ void doit(void) run("tls1.3", "NORMAL:-VERS-ALL:+VERS-TLS1.3"); run("default", "NORMAL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls-crt_type-neg.c b/tests/tls-crt_type-neg.c index 74be3fcba2..a67905bac3 100644 --- a/tests/tls-crt_type-neg.c +++ b/tests/tls-crt_type-neg.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the certificate type negotiation mechanism for @@ -40,8 +40,7 @@ test_case_st tests[] = { /* Tests with only a single credential set for client/server. * Tests for X.509 cases. */ - { - /* Default case A + { /* Default case A * * Priority cli: NORMAL * Priority srv: NORMAL @@ -50,15 +49,14 @@ test_case_st tests[] = { * Handshake: should complete without errors * Negotiation: cert types should default to X.509 */ - .name = "Default case A. Creds set (CLI/SRV): None/X509.", - .client_prio = "NORMAL", - .server_prio = "NORMAL", - .set_cli_creds = CRED_EMPTY, - .set_srv_creds = CRED_X509, - .expected_cli_ctype = GNUTLS_CRT_X509, - .expected_srv_ctype = GNUTLS_CRT_X509}, - { - /* Default case B + .name = "Default case A. Creds set (CLI/SRV): None/X509.", + .client_prio = "NORMAL", + .server_prio = "NORMAL", + .set_cli_creds = CRED_EMPTY, + .set_srv_creds = CRED_X509, + .expected_cli_ctype = GNUTLS_CRT_X509, + .expected_srv_ctype = GNUTLS_CRT_X509 }, + { /* Default case B * * Priority: NORMAL * Cli creds: X.509 @@ -66,16 +64,14 @@ test_case_st tests[] = { * Handshake: should complete without errors * Negotiation: cert types should default to X.509 */ - .name = - "Default case B. Creds set (CLI/SRV): X509/X509. No cli cert asked.", - .client_prio = "NORMAL", - .server_prio = "NORMAL", - .set_cli_creds = CRED_X509, - .set_srv_creds = CRED_X509, - .expected_cli_ctype = GNUTLS_CRT_X509, - .expected_srv_ctype = GNUTLS_CRT_X509}, - { - /* Default case C + .name = "Default case B. Creds set (CLI/SRV): X509/X509. No cli cert asked.", + .client_prio = "NORMAL", + .server_prio = "NORMAL", + .set_cli_creds = CRED_X509, + .set_srv_creds = CRED_X509, + .expected_cli_ctype = GNUTLS_CRT_X509, + .expected_srv_ctype = GNUTLS_CRT_X509 }, + { /* Default case C * * Priority: NORMAL * Cli creds: X.509 @@ -83,17 +79,15 @@ test_case_st tests[] = { * Handshake: should complete without errors * Negotiation: cert types should default to X.509 */ - .name = - "Default case C. Creds set (CLI/SRV): X509/X509. Cli cert asked.", - .client_prio = "NORMAL", - .server_prio = "NORMAL", - .set_cli_creds = CRED_X509, - .set_srv_creds = CRED_X509, - .expected_cli_ctype = GNUTLS_CRT_X509, - .expected_srv_ctype = GNUTLS_CRT_X509, - .request_cli_crt = true}, - { - /* No server credentials + .name = "Default case C. Creds set (CLI/SRV): X509/X509. Cli cert asked.", + .client_prio = "NORMAL", + .server_prio = "NORMAL", + .set_cli_creds = CRED_X509, + .set_srv_creds = CRED_X509, + .expected_cli_ctype = GNUTLS_CRT_X509, + .expected_srv_ctype = GNUTLS_CRT_X509, + .request_cli_crt = true }, + { /* No server credentials * * Priority: NORMAL * Cli creds: None @@ -101,15 +95,14 @@ test_case_st tests[] = { * Handshake: results in errors * Negotiation: cert types are not evaluated */ - .name = "No server creds. Creds set (CLI/SRV): None/None.", - .client_prio = "NORMAL", - .server_prio = "NORMAL", - .set_cli_creds = CRED_EMPTY, - .set_srv_creds = CRED_EMPTY, - .client_err = GNUTLS_E_AGAIN, - .server_err = GNUTLS_E_NO_CIPHER_SUITES}, - { - /* Explicit cli/srv ctype negotiation, cli creds x509, srv creds x509 + .name = "No server creds. Creds set (CLI/SRV): None/None.", + .client_prio = "NORMAL", + .server_prio = "NORMAL", + .set_cli_creds = CRED_EMPTY, + .set_srv_creds = CRED_EMPTY, + .client_err = GNUTLS_E_AGAIN, + .server_err = GNUTLS_E_NO_CIPHER_SUITES }, + { /* Explicit cli/srv ctype negotiation, cli creds x509, srv creds x509 * * Priority: NORMAL + request x509 for cli and srv * Cli creds: X.509 @@ -119,16 +112,14 @@ test_case_st tests[] = { * we advertise with only the cert type defaults. Extensions * will therefore not be activated. */ - .name = - "Negotiate CLI X.509 + SRV X.509. Creds set (CLI/SRV): X.509/X.509.", - .client_prio = "NORMAL:+CTYPE-CLI-X509:+CTYPE-SRV-X509", - .server_prio = "NORMAL:+CTYPE-CLI-X509:+CTYPE-SRV-X509", - .set_cli_creds = CRED_X509, - .set_srv_creds = CRED_X509, - .expected_cli_ctype = GNUTLS_CRT_X509, - .expected_srv_ctype = GNUTLS_CRT_X509}, - { - /* Explicit cli/srv ctype negotiation, cli creds x509, srv creds x509, no cli cert asked + .name = "Negotiate CLI X.509 + SRV X.509. Creds set (CLI/SRV): X.509/X.509.", + .client_prio = "NORMAL:+CTYPE-CLI-X509:+CTYPE-SRV-X509", + .server_prio = "NORMAL:+CTYPE-CLI-X509:+CTYPE-SRV-X509", + .set_cli_creds = CRED_X509, + .set_srv_creds = CRED_X509, + .expected_cli_ctype = GNUTLS_CRT_X509, + .expected_srv_ctype = GNUTLS_CRT_X509 }, + { /* Explicit cli/srv ctype negotiation, cli creds x509, srv creds x509, no cli cert asked * * Priority: NORMAL + request x509 for cli * Cli creds: X.509 @@ -138,15 +129,14 @@ test_case_st tests[] = { * we advertise with only the cert type defaults. Extensions * will therefore not be activated. */ - .name = "Negotiate CLI X.509. Creds set (CLI/SRV): X.509/X.509.", - .client_prio = "NORMAL:+CTYPE-CLI-X509", - .server_prio = "NORMAL:+CTYPE-CLI-X509", - .set_cli_creds = CRED_X509, - .set_srv_creds = CRED_X509, - .expected_cli_ctype = GNUTLS_CRT_X509, - .expected_srv_ctype = GNUTLS_CRT_X509}, - { - /* Explicit cli/srv ctype negotiation, cli creds x509, srv creds x509, cli cert asked + .name = "Negotiate CLI X.509. Creds set (CLI/SRV): X.509/X.509.", + .client_prio = "NORMAL:+CTYPE-CLI-X509", + .server_prio = "NORMAL:+CTYPE-CLI-X509", + .set_cli_creds = CRED_X509, + .set_srv_creds = CRED_X509, + .expected_cli_ctype = GNUTLS_CRT_X509, + .expected_srv_ctype = GNUTLS_CRT_X509 }, + { /* Explicit cli/srv ctype negotiation, cli creds x509, srv creds x509, cli cert asked * * Priority: NORMAL + request x509 for cli * Cli creds: X.509 @@ -156,16 +146,15 @@ test_case_st tests[] = { * we advertise with only the cert type defaults. Extensions * will therefore not be activated. */ - .name = "Negotiate CLI X.509. Creds set (CLI/SRV): X.509/X.509.", - .client_prio = "NORMAL:+CTYPE-CLI-X509", - .server_prio = "NORMAL:+CTYPE-CLI-X509", - .set_cli_creds = CRED_X509, - .set_srv_creds = CRED_X509, - .expected_cli_ctype = GNUTLS_CRT_X509, - .expected_srv_ctype = GNUTLS_CRT_X509, - .request_cli_crt = true}, - { - /* Explicit cli/srv ctype negotiation, cli creds x509, srv creds x509 + .name = "Negotiate CLI X.509. Creds set (CLI/SRV): X.509/X.509.", + .client_prio = "NORMAL:+CTYPE-CLI-X509", + .server_prio = "NORMAL:+CTYPE-CLI-X509", + .set_cli_creds = CRED_X509, + .set_srv_creds = CRED_X509, + .expected_cli_ctype = GNUTLS_CRT_X509, + .expected_srv_ctype = GNUTLS_CRT_X509, + .request_cli_crt = true }, + { /* Explicit cli/srv ctype negotiation, cli creds x509, srv creds x509 * * Priority: NORMAL + request x509 for srv * Cli creds: X.509 @@ -175,15 +164,14 @@ test_case_st tests[] = { * we advertise with only the cert type defaults. Extensions * will therefore not be activated. */ - .name = "Negotiate SRV X.509. Creds set (CLI/SRV): X.509/X.509.", - .client_prio = "NORMAL:+CTYPE-SRV-X509", - .server_prio = "NORMAL:+CTYPE-SRV-X509", - .set_cli_creds = CRED_X509, - .set_srv_creds = CRED_X509, - .expected_cli_ctype = GNUTLS_CRT_X509, - .expected_srv_ctype = GNUTLS_CRT_X509}, - { - /* Explicit cli/srv ctype negotiation, all types allowed for CLI, cli creds x509, srv creds x509 + .name = "Negotiate SRV X.509. Creds set (CLI/SRV): X.509/X.509.", + .client_prio = "NORMAL:+CTYPE-SRV-X509", + .server_prio = "NORMAL:+CTYPE-SRV-X509", + .set_cli_creds = CRED_X509, + .set_srv_creds = CRED_X509, + .expected_cli_ctype = GNUTLS_CRT_X509, + .expected_srv_ctype = GNUTLS_CRT_X509 }, + { /* Explicit cli/srv ctype negotiation, all types allowed for CLI, cli creds x509, srv creds x509 * * Priority: NORMAL + allow all client cert types * Cli creds: X.509 @@ -192,15 +180,14 @@ test_case_st tests[] = { * Negotiation: cli X.509 and srv X.509 because * we only have X.509 credentials set. */ - .name = "Negotiate CLI all. Creds set (CLI/SRV): X.509/X.509.", - .client_prio = "NORMAL:+CTYPE-CLI-ALL", - .server_prio = "NORMAL:+CTYPE-CLI-ALL", - .set_cli_creds = CRED_X509, - .set_srv_creds = CRED_X509, - .expected_cli_ctype = GNUTLS_CRT_X509, - .expected_srv_ctype = GNUTLS_CRT_X509}, - { - /* Explicit cli/srv ctype negotiation, all types allowed for SRV, cli creds x509, srv creds x509 + .name = "Negotiate CLI all. Creds set (CLI/SRV): X.509/X.509.", + .client_prio = "NORMAL:+CTYPE-CLI-ALL", + .server_prio = "NORMAL:+CTYPE-CLI-ALL", + .set_cli_creds = CRED_X509, + .set_srv_creds = CRED_X509, + .expected_cli_ctype = GNUTLS_CRT_X509, + .expected_srv_ctype = GNUTLS_CRT_X509 }, + { /* Explicit cli/srv ctype negotiation, all types allowed for SRV, cli creds x509, srv creds x509 * * Priority: NORMAL + allow all server cert types * Cli creds: X.509 @@ -209,15 +196,14 @@ test_case_st tests[] = { * Negotiation: cli X.509 and srv X.509 because * we only have X.509 credentials set. */ - .name = "Negotiate SRV all. Creds set (CLI/SRV): X.509/X.509.", - .client_prio = "NORMAL:+CTYPE-SRV-ALL", - .server_prio = "NORMAL:+CTYPE-SRV-ALL", - .set_cli_creds = CRED_X509, - .set_srv_creds = CRED_X509, - .expected_cli_ctype = GNUTLS_CRT_X509, - .expected_srv_ctype = GNUTLS_CRT_X509}, - { - /* Explicit cli/srv ctype negotiation, all types allowed for CLI/SRV, cli creds x509, srv creds x509 + .name = "Negotiate SRV all. Creds set (CLI/SRV): X.509/X.509.", + .client_prio = "NORMAL:+CTYPE-SRV-ALL", + .server_prio = "NORMAL:+CTYPE-SRV-ALL", + .set_cli_creds = CRED_X509, + .set_srv_creds = CRED_X509, + .expected_cli_ctype = GNUTLS_CRT_X509, + .expected_srv_ctype = GNUTLS_CRT_X509 }, + { /* Explicit cli/srv ctype negotiation, all types allowed for CLI/SRV, cli creds x509, srv creds x509 * * Priority: NORMAL + allow all client and server cert types * Cli creds: X.509 @@ -226,19 +212,18 @@ test_case_st tests[] = { * Negotiation: cli X.509 and srv X.509 because * we only have X.509 credentials set. */ - .name = "Negotiate CLI/SRV all. Creds set (CLI/SRV): X.509/X.509.", - .client_prio = "NORMAL:+CTYPE-CLI-ALL:+CTYPE-SRV-ALL", - .server_prio = "NORMAL:+CTYPE-CLI-ALL:+CTYPE-SRV-ALL", - .set_cli_creds = CRED_X509, - .set_srv_creds = CRED_X509, - .expected_cli_ctype = GNUTLS_CRT_X509, - .expected_srv_ctype = GNUTLS_CRT_X509}, + .name = "Negotiate CLI/SRV all. Creds set (CLI/SRV): X.509/X.509.", + .client_prio = "NORMAL:+CTYPE-CLI-ALL:+CTYPE-SRV-ALL", + .server_prio = "NORMAL:+CTYPE-CLI-ALL:+CTYPE-SRV-ALL", + .set_cli_creds = CRED_X509, + .set_srv_creds = CRED_X509, + .expected_cli_ctype = GNUTLS_CRT_X509, + .expected_srv_ctype = GNUTLS_CRT_X509 }, /* Tests with only a single credential set for client/server. * Tests for Raw public-key cases. */ - { - /* Explicit cli/srv ctype negotiation, cli creds Raw PK, srv creds Raw PK, Req. cli cert. + { /* Explicit cli/srv ctype negotiation, cli creds Raw PK, srv creds Raw PK, Req. cli cert. * * Priority: NORMAL + request rawpk for cli and srv * Cli creds: Raw PK @@ -247,19 +232,17 @@ test_case_st tests[] = { * Handshake: should complete without errors * Negotiation: both parties should have a Raw PK cert negotiated */ - .name = - "Negotiate CLI Raw PK + SRV Raw PK. Creds set (CLI/SRV): RawPK/RawPK. Cert req.", - .client_prio = "NORMAL:+CTYPE-CLI-RAWPK:+CTYPE-SRV-RAWPK", - .server_prio = "NORMAL:+CTYPE-CLI-RAWPK:+CTYPE-SRV-RAWPK", - .set_cli_creds = CRED_RAWPK, - .set_srv_creds = CRED_RAWPK, - .expected_cli_ctype = GNUTLS_CRT_RAWPK, - .expected_srv_ctype = GNUTLS_CRT_RAWPK, - .init_flags_cli = GNUTLS_ENABLE_RAWPK, - .init_flags_srv = GNUTLS_ENABLE_RAWPK, - .request_cli_crt = true}, - { - /* Explicit cli/srv ctype negotiation (TLS 1.2), cli creds Raw PK, srv creds Raw PK + .name = "Negotiate CLI Raw PK + SRV Raw PK. Creds set (CLI/SRV): RawPK/RawPK. Cert req.", + .client_prio = "NORMAL:+CTYPE-CLI-RAWPK:+CTYPE-SRV-RAWPK", + .server_prio = "NORMAL:+CTYPE-CLI-RAWPK:+CTYPE-SRV-RAWPK", + .set_cli_creds = CRED_RAWPK, + .set_srv_creds = CRED_RAWPK, + .expected_cli_ctype = GNUTLS_CRT_RAWPK, + .expected_srv_ctype = GNUTLS_CRT_RAWPK, + .init_flags_cli = GNUTLS_ENABLE_RAWPK, + .init_flags_srv = GNUTLS_ENABLE_RAWPK, + .request_cli_crt = true }, + { /* Explicit cli/srv ctype negotiation (TLS 1.2), cli creds Raw PK, srv creds Raw PK * * Priority: NORMAL + request rawpk for cli and srv * Cli creds: Raw PK @@ -270,24 +253,22 @@ test_case_st tests[] = { * cert type. The server picks Raw PK but does not send a response * to the client (under TLS 1.2). The client therefore falls back to default (X.509). */ - .name = - "Negotiate CLI Raw PK + SRV Raw PK. Creds set (CLI/SRV): RawPK/RawPK.", - .client_prio = - "NORMAL:-VERS-ALL:+VERS-TLS1.2:+CTYPE-CLI-RAWPK:+CTYPE-SRV-RAWPK", - .server_prio = - "NORMAL:-VERS-ALL:+VERS-TLS1.2:+CTYPE-CLI-RAWPK:+CTYPE-SRV-RAWPK", - .set_cli_creds = CRED_RAWPK, - .set_srv_creds = CRED_RAWPK, - .expected_cli_cli_ctype = GNUTLS_CRT_X509, - .expected_srv_cli_ctype = GNUTLS_CRT_RAWPK, - .expected_cli_srv_ctype = GNUTLS_CRT_RAWPK, - .expected_srv_srv_ctype = GNUTLS_CRT_RAWPK, - .init_flags_cli = GNUTLS_ENABLE_RAWPK, - .init_flags_srv = GNUTLS_ENABLE_RAWPK, - .request_cli_crt = false, - .cli_srv_may_diverge = true}, - { - /* Explicit cli/srv ctype negotiation (TLS 1.3), cli creds Raw PK, srv creds Raw PK + .name = "Negotiate CLI Raw PK + SRV Raw PK. Creds set (CLI/SRV): RawPK/RawPK.", + .client_prio = + "NORMAL:-VERS-ALL:+VERS-TLS1.2:+CTYPE-CLI-RAWPK:+CTYPE-SRV-RAWPK", + .server_prio = + "NORMAL:-VERS-ALL:+VERS-TLS1.2:+CTYPE-CLI-RAWPK:+CTYPE-SRV-RAWPK", + .set_cli_creds = CRED_RAWPK, + .set_srv_creds = CRED_RAWPK, + .expected_cli_cli_ctype = GNUTLS_CRT_X509, + .expected_srv_cli_ctype = GNUTLS_CRT_RAWPK, + .expected_cli_srv_ctype = GNUTLS_CRT_RAWPK, + .expected_srv_srv_ctype = GNUTLS_CRT_RAWPK, + .init_flags_cli = GNUTLS_ENABLE_RAWPK, + .init_flags_srv = GNUTLS_ENABLE_RAWPK, + .request_cli_crt = false, + .cli_srv_may_diverge = true }, + { /* Explicit cli/srv ctype negotiation (TLS 1.3), cli creds Raw PK, srv creds Raw PK * * Priority: NORMAL + request rawpk for cli and srv * Cli creds: Raw PK @@ -299,24 +280,22 @@ test_case_st tests[] = { * cert is requested. This is necessary for post-handshake authentication * to work. */ - .name = - "Negotiate CLI Raw PK + SRV Raw PK. Creds set (CLI/SRV): RawPK/RawPK.", - .client_prio = - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+CTYPE-CLI-RAWPK:+CTYPE-SRV-RAWPK", - .server_prio = - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+CTYPE-CLI-RAWPK:+CTYPE-SRV-RAWPK", - .set_cli_creds = CRED_RAWPK, - .set_srv_creds = CRED_RAWPK, - .expected_cli_cli_ctype = GNUTLS_CRT_RAWPK, - .expected_srv_cli_ctype = GNUTLS_CRT_RAWPK, - .expected_cli_srv_ctype = GNUTLS_CRT_RAWPK, - .expected_srv_srv_ctype = GNUTLS_CRT_RAWPK, - .init_flags_cli = GNUTLS_ENABLE_RAWPK, - .init_flags_srv = GNUTLS_ENABLE_RAWPK, - .request_cli_crt = false, - .cli_srv_may_diverge = true}, - { - /* Explicit cli/srv ctype negotiation, cli creds Raw PK, srv creds Raw PK + .name = "Negotiate CLI Raw PK + SRV Raw PK. Creds set (CLI/SRV): RawPK/RawPK.", + .client_prio = + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+CTYPE-CLI-RAWPK:+CTYPE-SRV-RAWPK", + .server_prio = + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+CTYPE-CLI-RAWPK:+CTYPE-SRV-RAWPK", + .set_cli_creds = CRED_RAWPK, + .set_srv_creds = CRED_RAWPK, + .expected_cli_cli_ctype = GNUTLS_CRT_RAWPK, + .expected_srv_cli_ctype = GNUTLS_CRT_RAWPK, + .expected_cli_srv_ctype = GNUTLS_CRT_RAWPK, + .expected_srv_srv_ctype = GNUTLS_CRT_RAWPK, + .init_flags_cli = GNUTLS_ENABLE_RAWPK, + .init_flags_srv = GNUTLS_ENABLE_RAWPK, + .request_cli_crt = false, + .cli_srv_may_diverge = true }, + { /* Explicit cli/srv ctype negotiation, cli creds Raw PK, srv creds Raw PK * * Priority: NORMAL + request rawpk for cli * Cli creds: Raw PK @@ -325,17 +304,16 @@ test_case_st tests[] = { * Handshake: fails because no valid cred (X.509) can be found for the server. * Negotiation: - */ - .name = "Negotiate CLI Raw PK. Creds set (CLI/SRV): RawPK/RawPK.", - .client_prio = "NORMAL:+CTYPE-CLI-RAWPK", - .server_prio = "NORMAL:+CTYPE-CLI-RAWPK", - .set_cli_creds = CRED_RAWPK, - .set_srv_creds = CRED_RAWPK, - .init_flags_cli = GNUTLS_ENABLE_RAWPK, - .init_flags_srv = GNUTLS_ENABLE_RAWPK, - .client_err = GNUTLS_E_AGAIN, - .server_err = GNUTLS_E_NO_CIPHER_SUITES}, - { - /* Explicit cli/srv ctype negotiation, cli creds Raw PK, srv creds Raw PK, request cli cert. + .name = "Negotiate CLI Raw PK. Creds set (CLI/SRV): RawPK/RawPK.", + .client_prio = "NORMAL:+CTYPE-CLI-RAWPK", + .server_prio = "NORMAL:+CTYPE-CLI-RAWPK", + .set_cli_creds = CRED_RAWPK, + .set_srv_creds = CRED_RAWPK, + .init_flags_cli = GNUTLS_ENABLE_RAWPK, + .init_flags_srv = GNUTLS_ENABLE_RAWPK, + .client_err = GNUTLS_E_AGAIN, + .server_err = GNUTLS_E_NO_CIPHER_SUITES }, + { /* Explicit cli/srv ctype negotiation, cli creds Raw PK, srv creds Raw PK, request cli cert. * * Priority: NORMAL + request rawpk for srv * Cli creds: Raw PK @@ -345,18 +323,17 @@ test_case_st tests[] = { * Negotiation: Raw PK will be negotiated for server. Client will * default to X.509. */ - .name = "Negotiate SRV Raw PK. Creds set (CLI/SRV): RawPK/RawPK.", - .client_prio = "NORMAL:+CTYPE-SRV-RAWPK", - .server_prio = "NORMAL:+CTYPE-SRV-RAWPK", - .set_cli_creds = CRED_RAWPK, - .set_srv_creds = CRED_RAWPK, - .expected_cli_ctype = GNUTLS_CRT_X509, - .expected_srv_ctype = GNUTLS_CRT_RAWPK, - .init_flags_cli = GNUTLS_ENABLE_RAWPK, - .init_flags_srv = GNUTLS_ENABLE_RAWPK, - .request_cli_crt = true}, - { - /* Explicit cli/srv ctype negotiation, cli creds Raw PK, srv creds X.509, Request cli cert. + .name = "Negotiate SRV Raw PK. Creds set (CLI/SRV): RawPK/RawPK.", + .client_prio = "NORMAL:+CTYPE-SRV-RAWPK", + .server_prio = "NORMAL:+CTYPE-SRV-RAWPK", + .set_cli_creds = CRED_RAWPK, + .set_srv_creds = CRED_RAWPK, + .expected_cli_ctype = GNUTLS_CRT_X509, + .expected_srv_ctype = GNUTLS_CRT_RAWPK, + .init_flags_cli = GNUTLS_ENABLE_RAWPK, + .init_flags_srv = GNUTLS_ENABLE_RAWPK, + .request_cli_crt = true }, + { /* Explicit cli/srv ctype negotiation, cli creds Raw PK, srv creds X.509, Request cli cert. * * Priority: NORMAL + request rawpk for cli and srv * Cli creds: Raw PK @@ -366,19 +343,17 @@ test_case_st tests[] = { * Negotiation: Raw PK will be negotiated for client. Server will * default to X.509. */ - .name = - "Negotiate CLI and SRV Raw PK. Creds set (CLI/SRV): RawPK/X.509.", - .client_prio = "NORMAL:+CTYPE-CLI-RAWPK:+CTYPE-SRV-RAWPK", - .server_prio = "NORMAL:+CTYPE-CLI-RAWPK:+CTYPE-SRV-RAWPK", - .set_cli_creds = CRED_RAWPK, - .set_srv_creds = CRED_X509, - .expected_cli_ctype = GNUTLS_CRT_RAWPK, - .expected_srv_ctype = GNUTLS_CRT_X509, - .init_flags_cli = GNUTLS_ENABLE_RAWPK, - .init_flags_srv = GNUTLS_ENABLE_RAWPK, - .request_cli_crt = true}, - { - /* All types allowed for CLI, cli creds Raw PK, srv creds X.509 + .name = "Negotiate CLI and SRV Raw PK. Creds set (CLI/SRV): RawPK/X.509.", + .client_prio = "NORMAL:+CTYPE-CLI-RAWPK:+CTYPE-SRV-RAWPK", + .server_prio = "NORMAL:+CTYPE-CLI-RAWPK:+CTYPE-SRV-RAWPK", + .set_cli_creds = CRED_RAWPK, + .set_srv_creds = CRED_X509, + .expected_cli_ctype = GNUTLS_CRT_RAWPK, + .expected_srv_ctype = GNUTLS_CRT_X509, + .init_flags_cli = GNUTLS_ENABLE_RAWPK, + .init_flags_srv = GNUTLS_ENABLE_RAWPK, + .request_cli_crt = true }, + { /* All types allowed for CLI, cli creds Raw PK, srv creds X.509 * * Priority: NORMAL + allow all client cert types * Cli creds: Raw PK @@ -387,18 +362,17 @@ test_case_st tests[] = { * Negotiation: cli Raw PK and srv X.509 because * that are the only credentials set. */ - .name = "Negotiate CLI all. Creds set (CLI/SRV): Raw PK/X.509.", - .client_prio = "NORMAL:+CTYPE-CLI-ALL", - .server_prio = "NORMAL:+CTYPE-CLI-ALL", - .set_cli_creds = CRED_RAWPK, - .set_srv_creds = CRED_X509, - .expected_cli_ctype = GNUTLS_CRT_RAWPK, - .expected_srv_ctype = GNUTLS_CRT_X509, - .init_flags_cli = GNUTLS_ENABLE_RAWPK, - .init_flags_srv = GNUTLS_ENABLE_RAWPK, - .request_cli_crt = true}, - { - /* All types allowed for SRV, cli creds x509, srv creds Raw PK + .name = "Negotiate CLI all. Creds set (CLI/SRV): Raw PK/X.509.", + .client_prio = "NORMAL:+CTYPE-CLI-ALL", + .server_prio = "NORMAL:+CTYPE-CLI-ALL", + .set_cli_creds = CRED_RAWPK, + .set_srv_creds = CRED_X509, + .expected_cli_ctype = GNUTLS_CRT_RAWPK, + .expected_srv_ctype = GNUTLS_CRT_X509, + .init_flags_cli = GNUTLS_ENABLE_RAWPK, + .init_flags_srv = GNUTLS_ENABLE_RAWPK, + .request_cli_crt = true }, + { /* All types allowed for SRV, cli creds x509, srv creds Raw PK * * Priority: NORMAL + allow all server cert types * Cli creds: X.509 @@ -407,18 +381,17 @@ test_case_st tests[] = { * Negotiation: cli X.509 and srv Raw PK because * that are the only credentials set. */ - .name = "Negotiate SRV all. Creds set (CLI/SRV): X.509/Raw PK.", - .client_prio = "NORMAL:+CTYPE-SRV-ALL", - .server_prio = "NORMAL:+CTYPE-SRV-ALL", - .set_cli_creds = CRED_X509, - .set_srv_creds = CRED_RAWPK, - .expected_cli_ctype = GNUTLS_CRT_X509, - .expected_srv_ctype = GNUTLS_CRT_RAWPK, - .init_flags_cli = GNUTLS_ENABLE_RAWPK, - .init_flags_srv = GNUTLS_ENABLE_RAWPK, - .request_cli_crt = true}, - { - /* All types allowed for CLI/SRV, cli creds Raw PK, srv creds Raw PK + .name = "Negotiate SRV all. Creds set (CLI/SRV): X.509/Raw PK.", + .client_prio = "NORMAL:+CTYPE-SRV-ALL", + .server_prio = "NORMAL:+CTYPE-SRV-ALL", + .set_cli_creds = CRED_X509, + .set_srv_creds = CRED_RAWPK, + .expected_cli_ctype = GNUTLS_CRT_X509, + .expected_srv_ctype = GNUTLS_CRT_RAWPK, + .init_flags_cli = GNUTLS_ENABLE_RAWPK, + .init_flags_srv = GNUTLS_ENABLE_RAWPK, + .request_cli_crt = true }, + { /* All types allowed for CLI/SRV, cli creds Raw PK, srv creds Raw PK * * Priority: NORMAL + allow all client and server cert types * Cli creds: Raw PK @@ -427,16 +400,16 @@ test_case_st tests[] = { * Negotiation: cli Raw PK and srv Raw PK because * that are the only credentials set. */ - .name = "Negotiate CLI/SRV all. Creds set (CLI/SRV): Raw PK/Raw PK.", - .client_prio = "NORMAL:+CTYPE-CLI-ALL:+CTYPE-SRV-ALL", - .server_prio = "NORMAL:+CTYPE-CLI-ALL:+CTYPE-SRV-ALL", - .set_cli_creds = CRED_RAWPK, - .set_srv_creds = CRED_RAWPK, - .expected_cli_ctype = GNUTLS_CRT_RAWPK, - .expected_srv_ctype = GNUTLS_CRT_RAWPK, - .init_flags_cli = GNUTLS_ENABLE_RAWPK, - .init_flags_srv = GNUTLS_ENABLE_RAWPK, - .request_cli_crt = true}, + .name = "Negotiate CLI/SRV all. Creds set (CLI/SRV): Raw PK/Raw PK.", + .client_prio = "NORMAL:+CTYPE-CLI-ALL:+CTYPE-SRV-ALL", + .server_prio = "NORMAL:+CTYPE-CLI-ALL:+CTYPE-SRV-ALL", + .set_cli_creds = CRED_RAWPK, + .set_srv_creds = CRED_RAWPK, + .expected_cli_ctype = GNUTLS_CRT_RAWPK, + .expected_srv_ctype = GNUTLS_CRT_RAWPK, + .init_flags_cli = GNUTLS_ENABLE_RAWPK, + .init_flags_srv = GNUTLS_ENABLE_RAWPK, + .request_cli_crt = true }, }; diff --git a/tests/tls-etm.c b/tests/tls-etm.c index 1e3c054a4e..0b6719345c 100644 --- a/tests/tls-etm.c +++ b/tests/tls-etm.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,20 +35,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "utils.h" -# include "cert-common.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "utils.h" +#include "cert-common.h" static void terminate(void); @@ -68,7 +68,7 @@ static void client_log_func(int level, const char *str) /* A very basic TLS client, with anonymous authentication. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, const char *prio, unsigned etm) { @@ -107,8 +107,7 @@ static void client(int fd, const char *prio, unsigned etm) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -121,8 +120,8 @@ static void client(int fd, const char *prio, unsigned etm) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (etm != 0 && gnutls_session_etm_status(session) == 0) { fail("client: EtM was not negotiated with %s!\n", prio); @@ -132,13 +131,12 @@ static void client(int fd, const char *prio, unsigned etm) exit(1); } - if (etm != 0 - && ((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_ETM) == 0)) { + if (etm != 0 && + ((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_ETM) == 0)) { fail("client: EtM was not negotiated with %s!\n", prio); exit(1); - } else if (etm == 0 - && ((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_ETM) - != 0)) { + } else if (etm == 0 && ((gnutls_session_get_flags(session) & + GNUTLS_SFLAGS_ETM) != 0)) { fail("client: EtM was negotiated with %s!\n", prio); exit(1); } @@ -162,7 +160,7 @@ static void client(int fd, const char *prio, unsigned etm) gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -240,13 +238,12 @@ static void server(int fd, const char *prio, unsigned etm) exit(1); } - if (etm != 0 - && ((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_ETM) == 0)) { + if (etm != 0 && + ((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_ETM) == 0)) { fail("server: EtM was not negotiated with %s!\n", prio); exit(1); - } else if (etm == 0 - && ((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_ETM) - != 0)) { + } else if (etm == 0 && ((gnutls_session_get_flags(session) & + GNUTLS_SFLAGS_ETM) != 0)) { fail("server: EtM was negotiated with %s!\n", prio); exit(1); } @@ -256,13 +253,13 @@ static void server(int fd, const char *prio, unsigned etm) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { do { - ret = - gnutls_record_send(session, buffer, sizeof(buffer)); + ret = gnutls_record_send(session, buffer, + sizeof(buffer)); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { @@ -271,8 +268,7 @@ static void server(int fd, const char *prio, unsigned etm) terminate(); } to_send++; - } - while (to_send < 64); + } while (to_send < 64); to_send = -1; /* do not wait for the peer to close the connection. @@ -321,9 +317,12 @@ static void start(const char *prio, unsigned etm) } } -# define AES_CBC "NONE:+VERS-TLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" -# define AES_CBC_SHA256 "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" -# define AES_GCM "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" +#define AES_CBC \ + "NONE:+VERS-TLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" +#define AES_CBC_SHA256 \ + "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" +#define AES_GCM \ + "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" static void ch_handler(int sig) { @@ -342,4 +341,4 @@ void doit(void) start(AES_GCM, 0); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls-ext-not-in-dtls.c b/tests/tls-ext-not-in-dtls.c index 54cfb5ff00..2e94a925de 100644 --- a/tests/tls-ext-not-in-dtls.c +++ b/tests/tls-ext-not-in-dtls.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,21 +35,21 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "utils.h" -# include "cert-common.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "utils.h" +#include "cert-common.h" enum { TEST_DEF_HANDHAKE, @@ -84,8 +84,8 @@ static int ext_recv(gnutls_session_t session, const unsigned char *buf, return 0; } -# define TLS_EXT_IMPL_DTLS 0xfeee -# define TLS_EXT_EXPL_TLS 0xfeea +#define TLS_EXT_IMPL_DTLS 0xfeee +#define TLS_EXT_EXPL_TLS 0xfeea static void client(int fd, int type) { @@ -102,27 +102,30 @@ static void client(int fd, int type) assert(gnutls_init(&session, GNUTLS_CLIENT | GNUTLS_DATAGRAM) >= 0); if (type == TEST_CUSTOM_EXT) { - assert(gnutls_session_ext_register - (session, "implicit-dtls", TLS_EXT_IMPL_DTLS, - GNUTLS_EXT_TLS, ext_recv, ext_send, NULL, NULL, NULL, - GNUTLS_EXT_FLAG_CLIENT_HELLO | - GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO | - GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO) >= 0); - assert(gnutls_session_ext_register - (session, "explicit-tls", TLS_EXT_EXPL_TLS, - GNUTLS_EXT_TLS, ext_recv, ext_send, NULL, NULL, NULL, - GNUTLS_EXT_FLAG_CLIENT_HELLO | - GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO | - GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO | - GNUTLS_EXT_FLAG_TLS) >= 0); + assert(gnutls_session_ext_register( + session, "implicit-dtls", TLS_EXT_IMPL_DTLS, + GNUTLS_EXT_TLS, ext_recv, ext_send, NULL, NULL, + NULL, + GNUTLS_EXT_FLAG_CLIENT_HELLO | + GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO | + GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO) >= + 0); + assert(gnutls_session_ext_register( + session, "explicit-tls", TLS_EXT_EXPL_TLS, + GNUTLS_EXT_TLS, ext_recv, ext_send, NULL, NULL, + NULL, + GNUTLS_EXT_FLAG_CLIENT_HELLO | + GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO | + GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO | + GNUTLS_EXT_FLAG_TLS) >= 0); } gnutls_handshake_set_timeout(session, get_timeout()); - assert(gnutls_priority_set_direct - (session, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", - NULL) >= 0); + assert(gnutls_priority_set_direct( + session, + "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", + NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -130,8 +133,7 @@ static void client(int fd, int type) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) fail("handshake: %s\n", gnutls_strerror(ret)); @@ -145,8 +147,8 @@ static void client(int fd, int type) gnutls_global_deinit(); } -# define TLS_EXT_KEY_SHARE 51 -# define TLS_EXT_POST_HANDSHAKE 49 +#define TLS_EXT_KEY_SHARE 51 +#define TLS_EXT_POST_HANDSHAKE 49 struct ext_ctx_st { int extno; @@ -164,7 +166,7 @@ static int parse_ext(void *ctx, unsigned tls_id, const unsigned char *data, return 0; } -static unsigned find_client_extension(const gnutls_datum_t * msg, int extno) +static unsigned find_client_extension(const gnutls_datum_t *msg, int extno) { int ret; struct ext_ctx_st s; @@ -172,9 +174,8 @@ static unsigned find_client_extension(const gnutls_datum_t * msg, int extno) memset(&s, 0, sizeof(s)); s.extno = extno; - ret = - gnutls_ext_raw_parse(&s, parse_ext, msg, - GNUTLS_EXT_RAW_FLAG_DTLS_CLIENT_HELLO); + ret = gnutls_ext_raw_parse(&s, parse_ext, msg, + GNUTLS_EXT_RAW_FLAG_DTLS_CLIENT_HELLO); assert(ret >= 0); if (s.found) @@ -185,7 +186,7 @@ static unsigned find_client_extension(const gnutls_datum_t * msg, int extno) static int hellos_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { int *type; @@ -226,19 +227,19 @@ static void server(int fd, int type) &server_key, GNUTLS_X509_FMT_PEM) >= 0); - assert(gnutls_init - (&session, - GNUTLS_SERVER | GNUTLS_POST_HANDSHAKE_AUTH | GNUTLS_DATAGRAM) >= - 0); + assert(gnutls_init(&session, GNUTLS_SERVER | + GNUTLS_POST_HANDSHAKE_AUTH | + GNUTLS_DATAGRAM) >= 0); gnutls_handshake_set_timeout(session, get_timeout()); gnutls_handshake_set_hook_function(session, GNUTLS_HANDSHAKE_ANY, GNUTLS_HOOK_BOTH, hellos_callback); gnutls_session_set_ptr(session, &type); - assert(gnutls_priority_set_direct - (session, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3:+VERS-TLS1.2", - NULL) >= 0); + assert(gnutls_priority_set_direct( + session, + "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3:+VERS-TLS1.2", + NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -267,8 +268,7 @@ static void ch_handler(int sig) return; } -static -void start(const char *name, int type) +static void start(const char *name, int type) { int fd[2]; int ret; @@ -300,7 +300,6 @@ void start(const char *name, int type) client(fd[1], type); exit(0); } - } void doit(void) @@ -309,4 +308,4 @@ void doit(void) start("check registered extensions", TEST_CUSTOM_EXT); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls-ext-register.c b/tests/tls-ext-register.c index 5fdfde23fb..950de1aa80 100644 --- a/tests/tls-ext-register.c +++ b/tests/tls-ext-register.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -38,18 +38,18 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# include -# endif -# include -# include -# include +#include +#include +#include +#if !defined(_WIN32) +#include +#include +#endif +#include +#include +#include -# include "utils.h" +#include "utils.h" /* A very basic TLS client, with extension */ @@ -61,17 +61,14 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -# define TLSEXT_TYPE_SAMPLE 0xF1 +#define TLSEXT_TYPE_SAMPLE 0xF1 static int TLSEXT_TYPE_client_sent = 0; static int TLSEXT_TYPE_client_received = 0; static int TLSEXT_TYPE_server_sent = 0; static int TLSEXT_TYPE_server_received = 0; -static const unsigned char ext_data[] = { - 0xFE, - 0xED -}; +static const unsigned char ext_data[] = { 0xFE, 0xED }; static int ext_recv_client_params(gnutls_session_t session, const unsigned char *buf, size_t buflen) @@ -86,7 +83,7 @@ static int ext_recv_client_params(gnutls_session_t session, gnutls_ext_set_data(session, TLSEXT_TYPE_SAMPLE, session); - return 0; //Success + return 0; //Success } static int ext_send_client_params(gnutls_session_t session, @@ -108,7 +105,7 @@ static int ext_recv_server_params(gnutls_session_t session, TLSEXT_TYPE_server_received = 1; - return 0; //Success + return 0; //Success } static int ext_send_server_params(gnutls_session_t session, @@ -133,10 +130,9 @@ static void client(int sd, const char *prio) side = "client"; /* extensions are registered globally */ - ret = - gnutls_ext_register("ext_client", TLSEXT_TYPE_SAMPLE, - GNUTLS_EXT_TLS, ext_recv_client_params, - ext_send_client_params, NULL, NULL, NULL); + ret = gnutls_ext_register("ext_client", TLSEXT_TYPE_SAMPLE, + GNUTLS_EXT_TLS, ext_recv_client_params, + ext_send_client_params, NULL, NULL, NULL); assert(ret >= 0); gnutls_certificate_allocate_credentials(&clientx509cred); @@ -181,7 +177,7 @@ static void client(int sd, const char *prio) gnutls_bye(session, GNUTLS_SHUT_RDWR); - end: +end: close(sd); gnutls_deinit(session); @@ -193,45 +189,42 @@ static void client(int sd, const char *prio) */ static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; static void server(int sd, const char *prio) { @@ -248,9 +241,8 @@ static void server(int sd, const char *prio) side = "server"; gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&session, GNUTLS_SERVER); @@ -258,10 +250,10 @@ static void server(int sd, const char *prio) gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, serverx509cred); - assert(gnutls_ext_register - ("ext_server", TLSEXT_TYPE_SAMPLE, GNUTLS_EXT_TLS, - ext_recv_server_params, ext_send_server_params, NULL, NULL, - NULL) >= 0); + assert(gnutls_ext_register("ext_server", TLSEXT_TYPE_SAMPLE, + GNUTLS_EXT_TLS, ext_recv_server_params, + ext_send_server_params, NULL, NULL, + NULL) >= 0); gnutls_transport_set_int(session, sd); gnutls_handshake_set_timeout(session, get_timeout()); @@ -293,8 +285,7 @@ static void server(int sd, const char *prio) success("server: finished\n"); } -static -void start(const char *prio) +static void start(const char *prio) { pid_t child1, child2; int sockets[2]; @@ -360,19 +351,16 @@ void doit(void) /* check whether we can crash the library by adding many extensions */ for (i = 0; i < 64; i++) { - ret = - gnutls_ext_register("ext_serverxx", - TLSEXT_TYPE_SAMPLE + i + 1, - GNUTLS_EXT_TLS, ext_recv_server_params, - ext_send_server_params, NULL, NULL, - NULL); + ret = gnutls_ext_register( + "ext_serverxx", TLSEXT_TYPE_SAMPLE + i + 1, + GNUTLS_EXT_TLS, ext_recv_server_params, + ext_send_server_params, NULL, NULL, NULL); if (ret < 0) { - success - ("failed registering extension no %d (expected)\n", - i + 1); + success("failed registering extension no %d (expected)\n", + i + 1); break; } } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls-force-ems.c b/tests/tls-force-ems.c index 89b5acf62e..06bebe25e5 100644 --- a/tests/tls-force-ems.c +++ b/tests/tls-force-ems.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -41,8 +41,8 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static void -try(const char *name, const char *sprio, const char *cprio, int serr, int cerr) +static void try(const char *name, const char *sprio, const char *cprio, + int serr, int cerr) { int sret, cret; gnutls_certificate_credentials_t scred, ccred; @@ -52,14 +52,14 @@ try(const char *name, const char *sprio, const char *cprio, int serr, int cerr) assert(gnutls_certificate_allocate_credentials(&scred) >= 0); - assert(gnutls_certificate_set_x509_key_mem - (scred, &server_ca3_localhost_cert, - &server_ca3_key, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + scred, &server_ca3_localhost_cert, &server_ca3_key, + GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_certificate_allocate_credentials(&ccred) >= 0); - assert(gnutls_certificate_set_x509_trust_mem - (ccred, &ca3_cert, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(ccred, &ca3_cert, + GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&server, GNUTLS_SERVER) >= 0); assert(gnutls_init(&client, GNUTLS_CLIENT) >= 0); diff --git a/tests/tls-force-etm.c b/tests/tls-force-etm.c index d7509b6edc..67be1934fb 100644 --- a/tests/tls-force-etm.c +++ b/tests/tls-force-etm.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,20 +35,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "utils.h" -# include "cert-common.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "utils.h" +#include "cert-common.h" /* This program tests whether forced EtM is negotiated as expected. */ @@ -63,7 +63,7 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, const char *prio, unsigned etm, int eret) { @@ -101,12 +101,12 @@ static void client(int fd, const char *prio, unsigned etm, int eret) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (eret < 0) { if (eret != ret) { - fail("client: Handshake failed with unexpected error: %s\n", gnutls_strerror(ret)); + fail("client: Handshake failed with unexpected error: %s\n", + gnutls_strerror(ret)); } goto end; } @@ -120,8 +120,8 @@ static void client(int fd, const char *prio, unsigned etm, int eret) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (etm != 0 && gnutls_session_etm_status(session) == 0) { fail("client: EtM was not negotiated with %s!\n", prio); @@ -131,13 +131,12 @@ static void client(int fd, const char *prio, unsigned etm, int eret) exit(1); } - if (etm != 0 - && ((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_ETM) == 0)) { + if (etm != 0 && + ((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_ETM) == 0)) { fail("client: EtM was not negotiated with %s!\n", prio); exit(1); - } else if (etm == 0 - && ((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_ETM) - != 0)) { + } else if (etm == 0 && ((gnutls_session_get_flags(session) & + GNUTLS_SFLAGS_ETM) != 0)) { fail("client: EtM was negotiated with %s!\n", prio); exit(1); } @@ -161,7 +160,7 @@ static void client(int fd, const char *prio, unsigned etm, int eret) gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); @@ -217,7 +216,8 @@ static void server(int fd, const char *prio, unsigned etm, int eret) if (eret < 0) { if (eret != -1 && eret != ret) { - fail("server: Handshake failed with unexpected error: %s\n", gnutls_strerror(ret)); + fail("server: Handshake failed with unexpected error: %s\n", + gnutls_strerror(ret)); } goto end; } @@ -237,13 +237,12 @@ static void server(int fd, const char *prio, unsigned etm, int eret) exit(1); } - if (etm != 0 - && ((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_ETM) == 0)) { + if (etm != 0 && + ((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_ETM) == 0)) { fail("server: EtM was not negotiated with %s!\n", prio); exit(1); - } else if (etm == 0 - && ((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_ETM) - != 0)) { + } else if (etm == 0 && ((gnutls_session_get_flags(session) & + GNUTLS_SFLAGS_ETM) != 0)) { fail("server: EtM was negotiated with %s!\n", prio); exit(1); } @@ -253,13 +252,13 @@ static void server(int fd, const char *prio, unsigned etm, int eret) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { do { - ret = - gnutls_record_send(session, buffer, sizeof(buffer)); + ret = gnutls_record_send(session, buffer, + sizeof(buffer)); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { @@ -267,14 +266,13 @@ static void server(int fd, const char *prio, unsigned etm, int eret) gnutls_strerror(ret)); } to_send++; - } - while (to_send < 64); + } while (to_send < 64); to_send = -1; /* do not wait for the peer to close the connection. */ gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(fd); gnutls_deinit(session); @@ -329,11 +327,15 @@ static void start(struct test_st *test) } } -# define AES_CBC "NONE:+VERS-TLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" -# define AES_CBC_SHA256 "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" -# define AES_GCM "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" +#define AES_CBC \ + "NONE:+VERS-TLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" +#define AES_CBC_SHA256 \ + "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" +#define AES_GCM \ + "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" -# define AES_CBC_TLS12 "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" +#define AES_CBC_TLS12 \ + "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" static void ch_handler(int sig) { @@ -341,40 +343,34 @@ static void ch_handler(int sig) } static struct test_st tests[] = { - { - .name = "aes-cbc-hmac-sha1 with force etm", - .server_prio = AES_CBC ":%FORCE_ETM", - .client_prio = AES_CBC ":%FORCE_ETM", - .etm = 1}, - { - .name = "aes-cbc-hmac-sha256 with force etm", - .server_prio = AES_CBC_SHA256 ":%FORCE_ETM", - .client_prio = AES_CBC_SHA256 ":%FORCE_ETM", - .etm = 1}, - { - .name = "server aes-cbc-hmac-sha1 with force etm, gcm fallback", - .server_prio = AES_CBC_TLS12 ":+AES-128-GCM:%FORCE_ETM", - .client_prio = AES_CBC_TLS12 ":+AES-128-GCM:%NO_ETM", - .etm = 0}, - { - .name = "aes-gcm with force etm", - .server_prio = AES_GCM ":%FORCE_ETM", - .client_prio = AES_GCM ":%FORCE_ETM", - .etm = 0}, - { - .name = "server aes-cbc-hmac-sha1 with force etm failure", - .server_prio = AES_CBC ":%FORCE_ETM", - .client_prio = AES_CBC ":%NO_ETM", - .etm = 0, - .client_err = GNUTLS_E_PREMATURE_TERMINATION, - .server_err = GNUTLS_E_NO_CIPHER_SUITES}, - { - .name = "client aes-cbc-hmac-sha1 with force etm failure", - .server_prio = AES_CBC ":%NO_ETM", - .client_prio = AES_CBC ":%FORCE_ETM", - .etm = 0, - .client_err = GNUTLS_E_UNWANTED_ALGORITHM, - .server_err = -1} + { .name = "aes-cbc-hmac-sha1 with force etm", + .server_prio = AES_CBC ":%FORCE_ETM", + .client_prio = AES_CBC ":%FORCE_ETM", + .etm = 1 }, + { .name = "aes-cbc-hmac-sha256 with force etm", + .server_prio = AES_CBC_SHA256 ":%FORCE_ETM", + .client_prio = AES_CBC_SHA256 ":%FORCE_ETM", + .etm = 1 }, + { .name = "server aes-cbc-hmac-sha1 with force etm, gcm fallback", + .server_prio = AES_CBC_TLS12 ":+AES-128-GCM:%FORCE_ETM", + .client_prio = AES_CBC_TLS12 ":+AES-128-GCM:%NO_ETM", + .etm = 0 }, + { .name = "aes-gcm with force etm", + .server_prio = AES_GCM ":%FORCE_ETM", + .client_prio = AES_GCM ":%FORCE_ETM", + .etm = 0 }, + { .name = "server aes-cbc-hmac-sha1 with force etm failure", + .server_prio = AES_CBC ":%FORCE_ETM", + .client_prio = AES_CBC ":%NO_ETM", + .etm = 0, + .client_err = GNUTLS_E_PREMATURE_TERMINATION, + .server_err = GNUTLS_E_NO_CIPHER_SUITES }, + { .name = "client aes-cbc-hmac-sha1 with force etm failure", + .server_prio = AES_CBC ":%NO_ETM", + .client_prio = AES_CBC ":%FORCE_ETM", + .etm = 0, + .client_err = GNUTLS_E_UNWANTED_ALGORITHM, + .server_err = -1 } }; void doit(void) @@ -386,4 +382,4 @@ void doit(void) start(&tests[i]); } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls-neg-ext-key.c b/tests/tls-neg-ext-key.c index 2bc5607df2..2b1ee93585 100644 --- a/tests/tls-neg-ext-key.c +++ b/tests/tls-neg-ext-key.c @@ -22,7 +22,7 @@ /* This tests TLS negotiation using the gnutls_privkey_import_ext2() APIs */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,9 +30,9 @@ #include #include #ifndef _WIN32 -# include -# include -# include +#include +#include +#include #endif #include #include @@ -50,37 +50,31 @@ static void tls_log_func(int level, const char *str) /* sha1 hash of "hello" string */ const gnutls_datum_t sha1_hash_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", 20 }; const gnutls_datum_t sha256_hash_data = { - (void *) - "\x2c\xf2\x4d\xba\x5f\xb0\xa3\x0e\x26\xe8\x3b\x2a\xc5\xb9\xe2\x9e" - "\x1b\x16\x1e\x5c\x1f\xa7\x42\x5e\x73\x04\x33\x62\x93\x8b\x98\x24", + (void *)"\x2c\xf2\x4d\xba\x5f\xb0\xa3\x0e\x26\xe8\x3b\x2a\xc5\xb9\xe2\x9e" + "\x1b\x16\x1e\x5c\x1f\xa7\x42\x5e\x73\x04\x33\x62\x93\x8b\x98\x24", 32 }; -const gnutls_datum_t raw_data = { - (void *)"hello", - 5 -}; +const gnutls_datum_t raw_data = { (void *)"hello", 5 }; struct key_cb_data { - gnutls_privkey_t rkey; /* the real thing */ + gnutls_privkey_t rkey; /* the real thing */ }; -static -int key_cb_sign_func(gnutls_privkey_t key, void *userdata, - const gnutls_datum_t * data, gnutls_datum_t * signature) +static int key_cb_sign_func(gnutls_privkey_t key, void *userdata, + const gnutls_datum_t *data, + gnutls_datum_t *signature) { struct key_cb_data *p = userdata; - return gnutls_privkey_sign_hash(p->rkey, 0, - GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, data, - signature); + return gnutls_privkey_sign_hash( + p->rkey, 0, GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, data, signature); } static void key_cb_deinit_func(gnutls_privkey_t key, void *userdata) @@ -90,11 +84,10 @@ static void key_cb_deinit_func(gnutls_privkey_t key, void *userdata) free(userdata); } -#define testfail(fmt, ...) \ - fail("%s: "fmt, name, ##__VA_ARGS__) +#define testfail(fmt, ...) fail("%s: " fmt, name, ##__VA_ARGS__) static gnutls_privkey_t load_virt_privkey(const char *name, - const gnutls_datum_t * txtkey, + const gnutls_datum_t *txtkey, gnutls_pk_algorithm_t pk, int exp_ret) { gnutls_privkey_t privkey; @@ -114,16 +107,15 @@ static gnutls_privkey_t load_virt_privkey(const char *name, if (ret < 0) testfail("gnutls_privkey_init\n"); - ret = - gnutls_privkey_import_x509_raw(userdata->rkey, txtkey, - GNUTLS_X509_FMT_PEM, NULL, 0); + ret = gnutls_privkey_import_x509_raw(userdata->rkey, txtkey, + GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) testfail("gnutls_privkey_import\n"); - ret = - gnutls_privkey_import_ext2(privkey, pk, userdata, key_cb_sign_func, - NULL, key_cb_deinit_func, - GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE); + ret = gnutls_privkey_import_ext2(privkey, pk, userdata, + key_cb_sign_func, NULL, + key_cb_deinit_func, + GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE); if (ret < 0) { if (ret == exp_ret) { gnutls_privkey_deinit(userdata->rkey); @@ -138,13 +130,12 @@ static gnutls_privkey_t load_virt_privkey(const char *name, return privkey; } -static -void try_with_key(const char *name, const char *client_prio, - gnutls_kx_algorithm_t client_kx, - gnutls_sign_algorithm_t server_sign_algo, - gnutls_sign_algorithm_t client_sign_algo, - const gnutls_datum_t * serv_cert, - gnutls_privkey_t key, int exp_serv_err) +static void try_with_key(const char *name, const char *client_prio, + gnutls_kx_algorithm_t client_kx, + gnutls_sign_algorithm_t server_sign_algo, + gnutls_sign_algorithm_t client_sign_algo, + const gnutls_datum_t *serv_cert, gnutls_privkey_t key, + int exp_serv_err) { int ret; gnutls_pcert_st pcert_list[4]; @@ -186,9 +177,10 @@ void try_with_key(const char *name, const char *client_prio, assert(gnutls_init(&server, GNUTLS_SERVER) >= 0); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, s_xcred); - assert(gnutls_priority_set_direct(server, - "NORMAL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+ANON-ECDH:+ANON-DH:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519", - NULL) >= 0); + assert(gnutls_priority_set_direct( + server, + "NORMAL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+ANON-ECDH:+ANON-DH:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519", + NULL) >= 0); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -232,10 +224,10 @@ void try_with_key(const char *name, const char *client_prio, } if (gnutls_kx_get(client) != client_kx) { - testfail - ("%s: got unexpected key exchange algorithm: %s (expected %s)\n", - name, gnutls_kx_get_name(gnutls_kx_get(client)), - gnutls_kx_get_name(client_kx)); + testfail( + "%s: got unexpected key exchange algorithm: %s (expected %s)\n", + name, gnutls_kx_get_name(gnutls_kx_get(client)), + gnutls_kx_get_name(client_kx)); exit(1); } @@ -244,33 +236,33 @@ void try_with_key(const char *name, const char *client_prio, if (version >= GNUTLS_TLS1_2) { ret = gnutls_sign_algorithm_get(server); if (ret != (int)server_sign_algo && server_sign_algo != 0) { - testfail - ("%s: got unexpected server signature algorithm: %d/%s\n", - name, ret, gnutls_sign_get_name(ret)); + testfail( + "%s: got unexpected server signature algorithm: %d/%s\n", + name, ret, gnutls_sign_get_name(ret)); exit(1); } ret = gnutls_sign_algorithm_get_client(server); if (ret != (int)client_sign_algo && client_sign_algo != 0) { - testfail - ("%s: got unexpected client signature algorithm: %d/%s\n", - name, ret, gnutls_sign_get_name(ret)); + testfail( + "%s: got unexpected client signature algorithm: %d/%s\n", + name, ret, gnutls_sign_get_name(ret)); exit(1); } ret = gnutls_sign_algorithm_get(client); if (ret != (int)server_sign_algo && server_sign_algo != 0) { - testfail - ("%s: cl: got unexpected server signature algorithm: %d/%s\n", - name, ret, gnutls_sign_get_name(ret)); + testfail( + "%s: cl: got unexpected server signature algorithm: %d/%s\n", + name, ret, gnutls_sign_get_name(ret)); exit(1); } ret = gnutls_sign_algorithm_get_client(client); if (ret != (int)client_sign_algo && client_sign_algo != 0) { - testfail - ("%s: cl: got unexpected client signature algorithm: %d/%s\n", - name, ret, gnutls_sign_get_name(ret)); + testfail( + "%s: cl: got unexpected client signature algorithm: %d/%s\n", + name, ret, gnutls_sign_get_name(ret)); exit(1); } } @@ -278,7 +270,7 @@ void try_with_key(const char *name, const char *client_prio, gnutls_bye(client, GNUTLS_SHUT_RDWR); gnutls_bye(server, GNUTLS_SHUT_RDWR); - cleanup: +cleanup: gnutls_deinit(client); gnutls_deinit(server); @@ -298,64 +290,58 @@ typedef struct test_st { } test_st; static const test_st tests[] = { - {.name = "TLS1.2 ecc key", - .pk = GNUTLS_PK_ECDSA, - .prio = - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:+ECDHE-ECDSA", - .cert = &server_ca3_localhost_ecc_cert, - .key = &server_ca3_ecc_key, - .exp_kx = GNUTLS_KX_ECDHE_ECDSA}, - {.name = "TLS1.3 ecc key", - .pk = GNUTLS_PK_ECDSA, - .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .cert = &server_ca3_localhost_ecc_cert, - .key = &server_ca3_ecc_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA}, - {.name = "rsa-sign key", - .pk = GNUTLS_PK_RSA, - .prio = - "NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.1:+ECDHE-RSA:+ECDHE-ECDSA", - .cert = &server_ca3_localhost_cert, - .key = &server_ca3_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA}, - {.name = "rsa-sign key with rsa-pss sigs prioritized", - .pk = GNUTLS_PK_RSA, - .prio = - "NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.1:+ECDHE-RSA:+ECDHE-ECDSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256:+SIGN-RSA-PSS-RSAE-SHA384:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:+SIGN-RSA-SHA512", - .cert = &server_ca3_localhost_cert, - .key = &server_ca3_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA}, - {.name = "TLS 1.2 rsa-pss-sign key", - .pk = GNUTLS_PK_RSA_PSS, - .prio = - "NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.1:+ECDHE-RSA:+ECDHE-ECDSA", - .cert = &server_ca3_rsa_pss2_cert, - .key = &server_ca3_rsa_pss2_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA, - .exp_key_err = GNUTLS_E_INVALID_REQUEST}, - {.name = "TLS 1.3 rsa-pss-sign key", - .pk = GNUTLS_PK_RSA_PSS, - .prio = - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+ECDHE-RSA:+ECDHE-ECDSA", - .cert = &server_ca3_rsa_pss2_cert, - .key = &server_ca3_rsa_pss2_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA, - .exp_key_err = GNUTLS_E_INVALID_REQUEST}, - {.name = "rsa-pss cert, rsa-sign key, no rsa-pss-rsae sigs", /* we expect the server to refuse negotiating */ - .pk = GNUTLS_PK_RSA, - .prio = - "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:+SIGN-RSA-SHA512", - .cert = &server_ca3_rsa_pss_cert, - .key = &server_ca3_rsa_pss_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA, - .exp_serv_err = GNUTLS_E_NO_CIPHER_SUITES}, - {.name = "ed25519 cert, ed25519 key", /* we expect the server to refuse negotiating */ - .pk = GNUTLS_PK_EDDSA_ED25519, - .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA", - .cert = &server_ca3_eddsa_cert, - .key = &server_ca3_eddsa_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA, - .exp_key_err = GNUTLS_E_INVALID_REQUEST} + { .name = "TLS1.2 ecc key", + .pk = GNUTLS_PK_ECDSA, + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:+ECDHE-ECDSA", + .cert = &server_ca3_localhost_ecc_cert, + .key = &server_ca3_ecc_key, + .exp_kx = GNUTLS_KX_ECDHE_ECDSA }, + { .name = "TLS1.3 ecc key", + .pk = GNUTLS_PK_ECDSA, + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", + .cert = &server_ca3_localhost_ecc_cert, + .key = &server_ca3_ecc_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA }, + { .name = "rsa-sign key", + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.1:+ECDHE-RSA:+ECDHE-ECDSA", + .cert = &server_ca3_localhost_cert, + .key = &server_ca3_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA }, + { .name = "rsa-sign key with rsa-pss sigs prioritized", + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.1:+ECDHE-RSA:+ECDHE-ECDSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256:+SIGN-RSA-PSS-RSAE-SHA384:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:+SIGN-RSA-SHA512", + .cert = &server_ca3_localhost_cert, + .key = &server_ca3_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA }, + { .name = "TLS 1.2 rsa-pss-sign key", + .pk = GNUTLS_PK_RSA_PSS, + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.1:+ECDHE-RSA:+ECDHE-ECDSA", + .cert = &server_ca3_rsa_pss2_cert, + .key = &server_ca3_rsa_pss2_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA, + .exp_key_err = GNUTLS_E_INVALID_REQUEST }, + { .name = "TLS 1.3 rsa-pss-sign key", + .pk = GNUTLS_PK_RSA_PSS, + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+ECDHE-RSA:+ECDHE-ECDSA", + .cert = &server_ca3_rsa_pss2_cert, + .key = &server_ca3_rsa_pss2_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA, + .exp_key_err = GNUTLS_E_INVALID_REQUEST }, + { .name = "rsa-pss cert, rsa-sign key, no rsa-pss-rsae sigs", /* we expect the server to refuse negotiating */ + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:+SIGN-RSA-SHA512", + .cert = &server_ca3_rsa_pss_cert, + .key = &server_ca3_rsa_pss_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA, + .exp_serv_err = GNUTLS_E_NO_CIPHER_SUITES }, + { .name = "ed25519 cert, ed25519 key", /* we expect the server to refuse negotiating */ + .pk = GNUTLS_PK_EDDSA_ED25519, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA", + .cert = &server_ca3_eddsa_cert, + .key = &server_ca3_eddsa_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA, + .exp_key_err = GNUTLS_E_INVALID_REQUEST } }; void doit(void) @@ -372,16 +358,14 @@ void doit(void) for (i = 0; i < sizeof(tests) / sizeof(tests[0]); i++) { success("checking: %s\n", tests[i].name); - privkey = - load_virt_privkey(tests[i].name, tests[i].key, tests[i].pk, - tests[i].exp_key_err); + privkey = load_virt_privkey(tests[i].name, tests[i].key, + tests[i].pk, tests[i].exp_key_err); if (privkey == NULL && tests[i].exp_key_err < 0) continue; assert(privkey != 0); - try_with_key(tests[i].name, tests[i].prio, - tests[i].exp_kx, 0, 0, - tests[i].cert, privkey, tests[i].exp_serv_err); + try_with_key(tests[i].name, tests[i].prio, tests[i].exp_kx, 0, + 0, tests[i].cert, privkey, tests[i].exp_serv_err); } gnutls_global_deinit(); diff --git a/tests/tls-neg-ext4-key.c b/tests/tls-neg-ext4-key.c index 04218777ea..004d3e39f2 100644 --- a/tests/tls-neg-ext4-key.c +++ b/tests/tls-neg-ext4-key.c @@ -22,7 +22,7 @@ /* This tests TLS negotiation using the gnutls_privkey_import_ext2() APIs */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,9 +30,9 @@ #include #include #ifndef _WIN32 -# include -# include -# include +#include +#include +#include #endif #include #include @@ -48,13 +48,10 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "<%d> %s", level, str); } -const gnutls_datum_t raw_data = { - (void *)"hello", - 5 -}; +const gnutls_datum_t raw_data = { (void *)"hello", 5 }; struct key_cb_data { - gnutls_privkey_t rkey; /* the real thing */ + gnutls_privkey_t rkey; /* the real thing */ unsigned pk; unsigned sig; unsigned bits; @@ -81,11 +78,10 @@ static int key_cb_info_func(gnutls_privkey_t key, unsigned int flags, return -1; } -static -int key_cb_sign_data_func(gnutls_privkey_t key, gnutls_sign_algorithm_t sig, - void *userdata, unsigned int flags, - const gnutls_datum_t * data, - gnutls_datum_t * signature) +static int key_cb_sign_data_func(gnutls_privkey_t key, + gnutls_sign_algorithm_t sig, void *userdata, + unsigned int flags, const gnutls_datum_t *data, + gnutls_datum_t *signature) { struct key_cb_data *p = userdata; @@ -95,20 +91,19 @@ int key_cb_sign_data_func(gnutls_privkey_t key, gnutls_sign_algorithm_t sig, return gnutls_privkey_sign_data2(p->rkey, sig, 0, data, signature); } -static -int key_cb_sign_hash_func(gnutls_privkey_t key, gnutls_sign_algorithm_t sig, - void *userdata, unsigned int flags, - const gnutls_datum_t * data, - gnutls_datum_t * signature) +static int key_cb_sign_hash_func(gnutls_privkey_t key, + gnutls_sign_algorithm_t sig, void *userdata, + unsigned int flags, const gnutls_datum_t *data, + gnutls_datum_t *signature) { struct key_cb_data *p = userdata; if (sig == GNUTLS_SIGN_RSA_RAW) { if (debug) fprintf(stderr, "signing digestinfo with: raw RSA\n"); - return gnutls_privkey_sign_hash(p->rkey, 0, - GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, - data, signature); + return gnutls_privkey_sign_hash( + p->rkey, 0, GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, data, + signature); } else { if (debug) fprintf(stderr, "signing hash with: %s\n", @@ -118,10 +113,9 @@ int key_cb_sign_hash_func(gnutls_privkey_t key, gnutls_sign_algorithm_t sig, } } -static -int key_cb_decrypt_func(gnutls_privkey_t key, void *userdata, - const gnutls_datum_t * ciphertext, - gnutls_datum_t * plaintext) +static int key_cb_decrypt_func(gnutls_privkey_t key, void *userdata, + const gnutls_datum_t *ciphertext, + gnutls_datum_t *plaintext) { struct key_cb_data *p = userdata; @@ -135,11 +129,10 @@ static void key_cb_deinit_func(gnutls_privkey_t key, void *userdata) free(userdata); } -#define testfail(fmt, ...) \ - fail("%s: "fmt, name, ##__VA_ARGS__) +#define testfail(fmt, ...) fail("%s: " fmt, name, ##__VA_ARGS__) static gnutls_privkey_t load_virt_privkey(const char *name, - const gnutls_datum_t * txtkey, + const gnutls_datum_t *txtkey, gnutls_pk_algorithm_t pk, gnutls_sign_algorithm_t sig, int exp_ret) @@ -161,9 +154,8 @@ static gnutls_privkey_t load_virt_privkey(const char *name, if (ret < 0) testfail("gnutls_privkey_init\n"); - ret = - gnutls_privkey_import_x509_raw(userdata->rkey, txtkey, - GNUTLS_X509_FMT_PEM, NULL, 0); + ret = gnutls_privkey_import_x509_raw(userdata->rkey, txtkey, + GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) testfail("gnutls_privkey_import\n"); @@ -172,12 +164,10 @@ static gnutls_privkey_t load_virt_privkey(const char *name, userdata->pk = pk; userdata->sig = sig; - ret = - gnutls_privkey_import_ext4(privkey, userdata, key_cb_sign_data_func, - key_cb_sign_hash_func, - key_cb_decrypt_func, key_cb_deinit_func, - key_cb_info_func, - GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE); + ret = gnutls_privkey_import_ext4( + privkey, userdata, key_cb_sign_data_func, key_cb_sign_hash_func, + key_cb_decrypt_func, key_cb_deinit_func, key_cb_info_func, + GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE); if (ret < 0) { if (ret == exp_ret) { gnutls_privkey_deinit(userdata->rkey); @@ -192,13 +182,12 @@ static gnutls_privkey_t load_virt_privkey(const char *name, return privkey; } -static -void try_with_key(const char *name, const char *client_prio, - gnutls_kx_algorithm_t client_kx, - gnutls_sign_algorithm_t server_sign_algo, - gnutls_sign_algorithm_t client_sign_algo, - const gnutls_datum_t * serv_cert, - gnutls_privkey_t key, int exp_serv_err) +static void try_with_key(const char *name, const char *client_prio, + gnutls_kx_algorithm_t client_kx, + gnutls_sign_algorithm_t server_sign_algo, + gnutls_sign_algorithm_t client_sign_algo, + const gnutls_datum_t *serv_cert, gnutls_privkey_t key, + int exp_serv_err) { int ret; gnutls_pcert_st pcert_list[4]; @@ -284,10 +273,10 @@ void try_with_key(const char *name, const char *client_prio, } if (gnutls_kx_get(client) != client_kx) { - testfail - ("got unexpected key exchange algorithm: %s (expected %s)\n", - gnutls_kx_get_name(gnutls_kx_get(client)), - gnutls_kx_get_name(client_kx)); + testfail( + "got unexpected key exchange algorithm: %s (expected %s)\n", + gnutls_kx_get_name(gnutls_kx_get(client)), + gnutls_kx_get_name(client_kx)); exit(1); } @@ -296,33 +285,33 @@ void try_with_key(const char *name, const char *client_prio, if (version >= GNUTLS_TLS1_2) { ret = gnutls_sign_algorithm_get(server); if (ret != (int)server_sign_algo && server_sign_algo != 0) { - testfail - ("got unexpected server signature algorithm: %d/%s\n", - ret, gnutls_sign_get_name(ret)); + testfail( + "got unexpected server signature algorithm: %d/%s\n", + ret, gnutls_sign_get_name(ret)); exit(1); } ret = gnutls_sign_algorithm_get_client(server); if (ret != (int)client_sign_algo && client_sign_algo != 0) { - testfail - ("got unexpected client signature algorithm: %d/%s\n", - ret, gnutls_sign_get_name(ret)); + testfail( + "got unexpected client signature algorithm: %d/%s\n", + ret, gnutls_sign_get_name(ret)); exit(1); } ret = gnutls_sign_algorithm_get(client); if (ret != (int)server_sign_algo && server_sign_algo != 0) { - testfail - ("cl: got unexpected server signature algorithm: %d/%s\n", - ret, gnutls_sign_get_name(ret)); + testfail( + "cl: got unexpected server signature algorithm: %d/%s\n", + ret, gnutls_sign_get_name(ret)); exit(1); } ret = gnutls_sign_algorithm_get_client(client); if (ret != (int)client_sign_algo && client_sign_algo != 0) { - testfail - ("cl: got unexpected client signature algorithm: %d/%s\n", - ret, gnutls_sign_get_name(ret)); + testfail( + "cl: got unexpected client signature algorithm: %d/%s\n", + ret, gnutls_sign_get_name(ret)); exit(1); } } @@ -330,7 +319,7 @@ void try_with_key(const char *name, const char *client_prio, gnutls_bye(client, GNUTLS_SHUT_RDWR); gnutls_bye(server, GNUTLS_SHUT_RDWR); - cleanup: +cleanup: gnutls_deinit(client); gnutls_deinit(server); @@ -351,140 +340,140 @@ typedef struct test_st { } test_st; static const test_st tests[] = { - {.name = "tls1.2 ecc key", - .pk = GNUTLS_PK_ECDSA, - .prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", - .cert = &server_ca3_localhost_ecc_cert, - .key = &server_ca3_ecc_key, - .sig = GNUTLS_SIGN_ECDSA_SHA256, - .exp_kx = GNUTLS_KX_ECDHE_ECDSA}, - {.name = "tls1.0 ecc key", - .pk = GNUTLS_PK_ECDSA, - .prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0", - .cert = &server_ca3_localhost_ecc_cert, - .key = &server_ca3_ecc_key, - .sig = GNUTLS_SIGN_ECDSA_SHA256, - .exp_kx = GNUTLS_KX_ECDHE_ECDSA}, - {.name = "tls1.1 ecc key", - .pk = GNUTLS_PK_ECDSA, - .prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1", - .cert = &server_ca3_localhost_ecc_cert, - .key = &server_ca3_ecc_key, - .sig = GNUTLS_SIGN_ECDSA_SHA256, - .exp_kx = GNUTLS_KX_ECDHE_ECDSA}, - {.name = "tls1.2 rsa-sign key", - .pk = GNUTLS_PK_RSA, - .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", - .cert = &server_ca3_localhost_cert, - .key = &server_ca3_key, - .sig = GNUTLS_SIGN_RSA_SHA256, - .exp_kx = GNUTLS_KX_ECDHE_RSA}, - {.name = "tls1.0 rsa-sign key", - .pk = GNUTLS_PK_RSA, - .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0", - .cert = &server_ca3_localhost_cert, - .key = &server_ca3_key, - .sig = GNUTLS_SIGN_RSA_SHA256, - .exp_kx = GNUTLS_KX_ECDHE_RSA}, - {.name = "tls1.0 rsa-decrypt key", - .pk = GNUTLS_PK_RSA, - .prio = "NORMAL:-KX-ALL:+RSA:-VERS-ALL:+VERS-TLS1.0", - .cert = &server_ca3_localhost_cert, - .key = &server_ca3_key, - .exp_kx = GNUTLS_KX_RSA}, - {.name = "tls1.1 rsa-sign key", - .pk = GNUTLS_PK_RSA, - .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1", - .cert = &server_ca3_localhost_cert, - .key = &server_ca3_key, - .sig = GNUTLS_SIGN_RSA_SHA256, - .exp_kx = GNUTLS_KX_ECDHE_RSA}, - {.name = "tls1.2 rsa-sign key with rsa-pss sigs prioritized", - .pk = GNUTLS_PK_RSA, - .prio = - "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:+SIGN-RSA-SHA512:-VERS-ALL:+VERS-TLS1.2", - .cert = &server_ca3_localhost_cert, - .key = &server_ca3_key, - .sig = GNUTLS_SIGN_RSA_SHA256, - .exp_kx = GNUTLS_KX_ECDHE_RSA}, - {.name = "tls1.2 rsa-pss-sign key", - .pk = GNUTLS_PK_RSA_PSS, - .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", - .cert = &server_ca3_rsa_pss2_cert, - .key = &server_ca3_rsa_pss2_key, - .sig = GNUTLS_SIGN_RSA_PSS_SHA256, - .exp_kx = GNUTLS_KX_ECDHE_RSA, - }, - {.name = "tls1.2 rsa-pss cert, rsa-sign key", /* we expect the server to refuse negotiating */ - .pk = GNUTLS_PK_RSA, - .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", - .cert = &server_ca3_rsa_pss_cert, - .key = &server_ca3_rsa_pss_key, - .exp_kx = GNUTLS_KX_ECDHE_RSA, - .exp_serv_err = GNUTLS_E_NO_CIPHER_SUITES}, - {.name = "tls1.2 ed25519 cert, ed25519 key", - .pk = GNUTLS_PK_EDDSA_ED25519, - .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", - .cert = &server_ca3_eddsa_cert, - .key = &server_ca3_eddsa_key, - .sig = GNUTLS_SIGN_EDDSA_ED25519, - .exp_kx = GNUTLS_KX_ECDHE_ECDSA, - }, - {.name = "tls1.2 rsa-decrypt key", - .pk = GNUTLS_PK_RSA, - .prio = "NORMAL:-KX-ALL:+RSA:-VERS-ALL:+VERS-TLS1.2", - .cert = &server_ca3_localhost_cert, - .key = &server_ca3_key, - .exp_kx = GNUTLS_KX_RSA}, - {.name = "tls1.3 ecc key", - .pk = GNUTLS_PK_ECDSA, - .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .cert = &server_ca3_localhost_ecc_cert, - .key = &server_ca3_ecc_key, - .sig = GNUTLS_SIGN_ECDSA_SECP256R1_SHA256, - .exp_kx = GNUTLS_KX_ECDHE_RSA}, - {.name = "tls1.3 rsa-sign key", - .pk = GNUTLS_PK_RSA, - .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .cert = &server_ca3_localhost_cert, - .key = &server_ca3_key, - .sig = GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, - .exp_kx = GNUTLS_KX_ECDHE_RSA}, - {.name = "tls1.3 rsa-pss-sign key", - .pk = GNUTLS_PK_RSA_PSS, - .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .cert = &server_ca3_rsa_pss2_cert, - .key = &server_ca3_rsa_pss2_key, - .sig = GNUTLS_SIGN_RSA_PSS_SHA256, - .exp_kx = GNUTLS_KX_ECDHE_RSA, - }, - {.name = "tls1.3 rsa-pss cert, rsa-sign key", /* we expect the server to attempt to downgrade to TLS 1.2, but it is not possible because it is not enabled */ - .pk = GNUTLS_PK_RSA, - .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .cert = &server_ca3_rsa_pss_cert, - .key = &server_ca3_rsa_pss_key, - .sig = GNUTLS_SIGN_RSA_SHA256, - .exp_kx = GNUTLS_KX_ECDHE_RSA, - .exp_serv_err = GNUTLS_E_NO_CIPHER_SUITES}, - {.name = "tls1.3 rsa-pss cert, rsa-sign key, downgrade to tls1.2", /* we expect the server to downgrade to TLS 1.2 and refuse negotiating */ - .pk = GNUTLS_PK_RSA, - .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2", - .cert = &server_ca3_rsa_pss_cert, - .key = &server_ca3_rsa_pss_key, - .sig = GNUTLS_SIGN_RSA_SHA256, - .exp_kx = GNUTLS_KX_ECDHE_RSA, - .exp_serv_err = GNUTLS_E_NO_CIPHER_SUITES}, - {.name = "tls1.3 ed25519 cert, ed25519 key", - .pk = GNUTLS_PK_EDDSA_ED25519, - .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .cert = &server_ca3_eddsa_cert, - .key = &server_ca3_eddsa_key, - .sig = GNUTLS_SIGN_EDDSA_ED25519, - .exp_kx = GNUTLS_KX_ECDHE_RSA, - } + { .name = "tls1.2 ecc key", + .pk = GNUTLS_PK_ECDSA, + .prio = "NORMAL:-KX-ALL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", + .cert = &server_ca3_localhost_ecc_cert, + .key = &server_ca3_ecc_key, + .sig = GNUTLS_SIGN_ECDSA_SHA256, + .exp_kx = GNUTLS_KX_ECDHE_ECDSA }, + { .name = "tls1.0 ecc key", + .pk = GNUTLS_PK_ECDSA, + .prio = "NORMAL:-KX-ALL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0", + .cert = &server_ca3_localhost_ecc_cert, + .key = &server_ca3_ecc_key, + .sig = GNUTLS_SIGN_ECDSA_SHA256, + .exp_kx = GNUTLS_KX_ECDHE_ECDSA }, + { .name = "tls1.1 ecc key", + .pk = GNUTLS_PK_ECDSA, + .prio = "NORMAL:-KX-ALL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1", + .cert = &server_ca3_localhost_ecc_cert, + .key = &server_ca3_ecc_key, + .sig = GNUTLS_SIGN_ECDSA_SHA256, + .exp_kx = GNUTLS_KX_ECDHE_ECDSA }, + { .name = "tls1.2 rsa-sign key", + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", + .cert = &server_ca3_localhost_cert, + .key = &server_ca3_key, + .sig = GNUTLS_SIGN_RSA_SHA256, + .exp_kx = GNUTLS_KX_ECDHE_RSA }, + { .name = "tls1.0 rsa-sign key", + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0", + .cert = &server_ca3_localhost_cert, + .key = &server_ca3_key, + .sig = GNUTLS_SIGN_RSA_SHA256, + .exp_kx = GNUTLS_KX_ECDHE_RSA }, + { .name = "tls1.0 rsa-decrypt key", + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:-KX-ALL:+RSA:-VERS-ALL:+VERS-TLS1.0", + .cert = &server_ca3_localhost_cert, + .key = &server_ca3_key, + .exp_kx = GNUTLS_KX_RSA }, + { .name = "tls1.1 rsa-sign key", + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1", + .cert = &server_ca3_localhost_cert, + .key = &server_ca3_key, + .sig = GNUTLS_SIGN_RSA_SHA256, + .exp_kx = GNUTLS_KX_ECDHE_RSA }, + { .name = "tls1.2 rsa-sign key with rsa-pss sigs prioritized", + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:+SIGN-RSA-SHA512:-VERS-ALL:+VERS-TLS1.2", + .cert = &server_ca3_localhost_cert, + .key = &server_ca3_key, + .sig = GNUTLS_SIGN_RSA_SHA256, + .exp_kx = GNUTLS_KX_ECDHE_RSA }, + { + .name = "tls1.2 rsa-pss-sign key", + .pk = GNUTLS_PK_RSA_PSS, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", + .cert = &server_ca3_rsa_pss2_cert, + .key = &server_ca3_rsa_pss2_key, + .sig = GNUTLS_SIGN_RSA_PSS_SHA256, + .exp_kx = GNUTLS_KX_ECDHE_RSA, + }, + { .name = "tls1.2 rsa-pss cert, rsa-sign key", /* we expect the server to refuse negotiating */ + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", + .cert = &server_ca3_rsa_pss_cert, + .key = &server_ca3_rsa_pss_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA, + .exp_serv_err = GNUTLS_E_NO_CIPHER_SUITES }, + { + .name = "tls1.2 ed25519 cert, ed25519 key", + .pk = GNUTLS_PK_EDDSA_ED25519, + .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", + .cert = &server_ca3_eddsa_cert, + .key = &server_ca3_eddsa_key, + .sig = GNUTLS_SIGN_EDDSA_ED25519, + .exp_kx = GNUTLS_KX_ECDHE_ECDSA, + }, + { .name = "tls1.2 rsa-decrypt key", + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:-KX-ALL:+RSA:-VERS-ALL:+VERS-TLS1.2", + .cert = &server_ca3_localhost_cert, + .key = &server_ca3_key, + .exp_kx = GNUTLS_KX_RSA }, + { .name = "tls1.3 ecc key", + .pk = GNUTLS_PK_ECDSA, + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", + .cert = &server_ca3_localhost_ecc_cert, + .key = &server_ca3_ecc_key, + .sig = GNUTLS_SIGN_ECDSA_SECP256R1_SHA256, + .exp_kx = GNUTLS_KX_ECDHE_RSA }, + { .name = "tls1.3 rsa-sign key", + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", + .cert = &server_ca3_localhost_cert, + .key = &server_ca3_key, + .sig = GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, + .exp_kx = GNUTLS_KX_ECDHE_RSA }, + { + .name = "tls1.3 rsa-pss-sign key", + .pk = GNUTLS_PK_RSA_PSS, + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", + .cert = &server_ca3_rsa_pss2_cert, + .key = &server_ca3_rsa_pss2_key, + .sig = GNUTLS_SIGN_RSA_PSS_SHA256, + .exp_kx = GNUTLS_KX_ECDHE_RSA, + }, + { .name = "tls1.3 rsa-pss cert, rsa-sign key", /* we expect the server to attempt to downgrade to TLS 1.2, but it is not possible because it is not enabled */ + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", + .cert = &server_ca3_rsa_pss_cert, + .key = &server_ca3_rsa_pss_key, + .sig = GNUTLS_SIGN_RSA_SHA256, + .exp_kx = GNUTLS_KX_ECDHE_RSA, + .exp_serv_err = GNUTLS_E_NO_CIPHER_SUITES }, + { .name = "tls1.3 rsa-pss cert, rsa-sign key, downgrade to tls1.2", /* we expect the server to downgrade to TLS 1.2 and refuse negotiating */ + .pk = GNUTLS_PK_RSA, + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2", + .cert = &server_ca3_rsa_pss_cert, + .key = &server_ca3_rsa_pss_key, + .sig = GNUTLS_SIGN_RSA_SHA256, + .exp_kx = GNUTLS_KX_ECDHE_RSA, + .exp_serv_err = GNUTLS_E_NO_CIPHER_SUITES }, + { + .name = "tls1.3 ed25519 cert, ed25519 key", + .pk = GNUTLS_PK_EDDSA_ED25519, + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", + .cert = &server_ca3_eddsa_cert, + .key = &server_ca3_eddsa_key, + .sig = GNUTLS_SIGN_EDDSA_ED25519, + .exp_kx = GNUTLS_KX_ECDHE_RSA, + } }; void doit(void) @@ -501,16 +490,15 @@ void doit(void) for (i = 0; i < sizeof(tests) / sizeof(tests[0]); i++) { success("checking: %s\n", tests[i].name); - privkey = - load_virt_privkey(tests[i].name, tests[i].key, tests[i].pk, - tests[i].sig, tests[i].exp_key_err); + privkey = load_virt_privkey(tests[i].name, tests[i].key, + tests[i].pk, tests[i].sig, + tests[i].exp_key_err); if (privkey == NULL && tests[i].exp_key_err < 0) continue; assert(privkey != 0); - try_with_key(tests[i].name, tests[i].prio, - tests[i].exp_kx, 0, 0, - tests[i].cert, privkey, tests[i].exp_serv_err); + try_with_key(tests[i].name, tests[i].prio, tests[i].exp_kx, 0, + 0, tests[i].cert, privkey, tests[i].exp_serv_err); } gnutls_global_deinit(); diff --git a/tests/tls-pthread.c b/tests/tls-pthread.c index 5c7ac08490..52e20b1405 100644 --- a/tests/tls-pthread.c +++ b/tests/tls-pthread.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,11 +33,11 @@ #include #include #ifndef _WIN32 -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include #endif #include #include "utils.h" @@ -68,10 +68,10 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -# define MSG "hello1111" -# define MSG2 "xxxxxxxxxxxx" +#define MSG "hello1111" +#define MSG2 "xxxxxxxxxxxx" -# define NO_MSGS 128 +#define NO_MSGS 128 static void *recv_thread(void *arg) { @@ -82,8 +82,8 @@ static void *recv_thread(void *arg) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); for (i = 0; i < NO_MSGS; i++) { /* the peer should reflect our messages */ @@ -92,9 +92,10 @@ static void *recv_thread(void *arg) } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) fail("client: recv failed: %s\n", gnutls_strerror(ret)); - if (ret != sizeof(MSG) - 1 - || memcmp(buf, MSG, sizeof(MSG) - 1) != 0) { - fail("client: recv failed; not the expected values (got: %d, exp: %d)\n", ret, (int)sizeof(MSG) - 1); + if (ret != sizeof(MSG) - 1 || + memcmp(buf, MSG, sizeof(MSG) - 1) != 0) { + fail("client: recv failed; not the expected values (got: %d, exp: %d)\n", + ret, (int)sizeof(MSG) - 1); } if (debug) @@ -108,7 +109,8 @@ static void *recv_thread(void *arg) if (ret < 0) fail("client: recv2 failed: %s\n", gnutls_strerror(ret)); - if (ret != sizeof(MSG2) - 1 || memcmp(buf, MSG2, sizeof(MSG2) - 1) != 0) { + if (ret != sizeof(MSG2) - 1 || + memcmp(buf, MSG2, sizeof(MSG2) - 1) != 0) { fail("client: recv2 failed; not the expected values\n"); } @@ -126,8 +128,7 @@ static void *recv_thread(void *arg) pthread_exit(0); } -static -void do_thread_stuff(gnutls_session_t session) +static void do_thread_stuff(gnutls_session_t session) { int ret; unsigned i; @@ -168,7 +169,6 @@ void do_thread_stuff(gnutls_session_t session) assert(pthread_join(id, &rval) == 0); assert(rval == 0); - } static void do_reflect_stuff(gnutls_session_t session) @@ -234,8 +234,8 @@ static void client(int fd, const char *prio, unsigned flags) assert(gnutls_priority_set_direct(session, prio, NULL) >= 0); - assert(gnutls_credentials_set - (session, GNUTLS_CRD_CERTIFICATE, x509_cred) >= 0); + assert(gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, + x509_cred) >= 0); gnutls_transport_set_int(session, fd); @@ -243,8 +243,7 @@ static void client(int fd, const char *prio, unsigned flags) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed: %s\n", gnutls_strerror(ret)); @@ -278,13 +277,13 @@ static void server(int fd, const char *prio, unsigned flags) */ global_init(); -# if 0 +#if 0 if (debug) { side = "server"; gnutls_global_set_log_function(tls_log_func); gnutls_global_set_log_level(4711); } -# endif +#endif assert(gnutls_certificate_allocate_credentials(&x509_cred) >= 0); assert(gnutls_certificate_set_x509_key_mem(x509_cred, &server_cert, @@ -317,8 +316,8 @@ static void server(int fd, const char *prio, unsigned flags) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (flags & FLAG_CLI_DO_THREADS) do_reflect_stuff(session); @@ -336,8 +335,7 @@ static void server(int fd, const char *prio, unsigned flags) success("server: finished\n"); } -static -void run(const char *str, const char *prio, unsigned flags) +static void run(const char *str, const char *prio, unsigned flags) { int fd[2]; int ret; @@ -392,4 +390,4 @@ void doit(void) run("tls1.3 early start, threaded server", "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", FLAG_EARLY_START); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls-record-size-limit-asym.c b/tests/tls-record-size-limit-asym.c index b51e30150f..67a9d009ec 100644 --- a/tests/tls-record-size-limit-asym.c +++ b/tests/tls-record-size-limit-asym.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -112,8 +112,8 @@ static void start(const struct test_st *test) /* Init client */ assert(gnutls_certificate_allocate_credentials(&clientx509cred) >= 0); - assert(gnutls_certificate_set_x509_trust_mem - (clientx509cred, &ca2_cert, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca2_cert, + GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&client, GNUTLS_CLIENT) >= 0); @@ -141,8 +141,8 @@ static void start(const struct test_st *test) exit(1); } if (ret != (int)test->server_exp.size) - fail("server: unexpected record size sent: %d (%d)\n", - ret, (int)test->server_exp.size); + fail("server: unexpected record size sent: %d (%d)\n", ret, + (int)test->server_exp.size); success("server: did not send a %d-byte packet\n", (int)test->server_exp.size); @@ -160,8 +160,8 @@ static void start(const struct test_st *test) exit(1); } if (ret != (int)test->client_exp.size) - fail("client: unexpected record size sent: %d (%d)\n", - ret, (int)test->client_exp.size); + fail("client: unexpected record size sent: %d (%d)\n", ret, + (int)test->client_exp.size); success("client: did not send a %d-byte packet\n", (int)test->server_max_size + 1); diff --git a/tests/tls-record-size-limit.c b/tests/tls-record-size-limit.c index 557a94569a..d4d73fa1c3 100644 --- a/tests/tls-record-size-limit.c +++ b/tests/tls-record-size-limit.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,20 +33,26 @@ #include #include "utils.h" -#define SKIP16(pos, total) { \ - uint16_t _s; \ - if (pos+2 > total) fail("error\n"); \ - _s = (msg->data[pos] << 8) | msg->data[pos+1]; \ - if ((size_t)(pos+2+_s) > total) fail("error\n"); \ - pos += 2+_s; \ +#define SKIP16(pos, total) \ + { \ + uint16_t _s; \ + if (pos + 2 > total) \ + fail("error\n"); \ + _s = (msg->data[pos] << 8) | msg->data[pos + 1]; \ + if ((size_t)(pos + 2 + _s) > total) \ + fail("error\n"); \ + pos += 2 + _s; \ } -#define SKIP8(pos, total) { \ - uint8_t _s; \ - if (pos+1 > total) fail("error\n"); \ - _s = msg->data[pos]; \ - if ((size_t)(pos+1+_s) > total) fail("error\n"); \ - pos += 1+_s; \ +#define SKIP8(pos, total) \ + { \ + uint8_t _s; \ + if (pos + 1 > total) \ + fail("error\n"); \ + _s = msg->data[pos]; \ + if ((size_t)(pos + 1 + _s) > total) \ + fail("error\n"); \ + pos += 1 + _s; \ } #define HANDSHAKE_SESSION_ID_POS 34 @@ -54,7 +60,10 @@ static size_t server_max_send_size; static size_t client_max_send_size; -#define SERVER_PUSH_ADD if (len > server_max_send_size + 5+32) fail("max record set to %d, len: %d\n", (int)server_max_send_size, (int)len); +#define SERVER_PUSH_ADD \ + if (len > server_max_send_size + 5 + 32) \ + fail("max record set to %d, len: %d\n", \ + (int)server_max_send_size, (int)len); #include "eagain-common.h" #include "cert-common.h" @@ -82,9 +91,9 @@ static int ext_callback(void *ctx, unsigned tls_id, const unsigned char *data, unsigned size) { struct handshake_cb_data_st *cb_data = ctx; - if (tls_id == 1) { /* max record size */ + if (tls_id == 1) { /* max record size */ cb_data->found_max_record_size = 1; - } else if (tls_id == 28) { /* record size limit */ + } else if (tls_id == 28) { /* record size limit */ cb_data->found_record_size_limit = 1; } return 0; @@ -92,7 +101,7 @@ static int ext_callback(void *ctx, unsigned tls_id, const unsigned char *data, static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { int ret; unsigned pos; @@ -111,15 +120,13 @@ static int handshake_callback(gnutls_session_t session, unsigned int htype, mmsg.data = &msg->data[pos]; mmsg.size = msg->size - pos; - ret = - gnutls_ext_raw_parse(&server_handshake_cb_data, - ext_callback, &mmsg, 0); + ret = gnutls_ext_raw_parse(&server_handshake_cb_data, + ext_callback, &mmsg, 0); assert(ret >= 0); break; case GNUTLS_HANDSHAKE_ENCRYPTED_EXTENSIONS: - ret = - gnutls_ext_raw_parse(&client_handshake_cb_data, - ext_callback, msg, 0); + ret = gnutls_ext_raw_parse(&client_handshake_cb_data, + ext_callback, msg, 0); assert(ret >= 0); break; case GNUTLS_HANDSHAKE_SERVER_HELLO: @@ -130,9 +137,8 @@ static int handshake_callback(gnutls_session_t session, unsigned int htype, mmsg.data = &msg->data[pos]; mmsg.size = msg->size - pos; - ret = - gnutls_ext_raw_parse(&client_handshake_cb_data, - ext_callback, &mmsg, 0); + ret = gnutls_ext_raw_parse(&client_handshake_cb_data, + ext_callback, &mmsg, 0); assert(ret >= 0); break; default: @@ -198,9 +204,8 @@ static void start(const struct test_st *test) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server2_cert, &server2_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server2_cert, + &server2_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); @@ -232,9 +237,8 @@ static void start(const struct test_st *test) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca2_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca2_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -266,8 +270,7 @@ static void start(const struct test_st *test) gnutls_transport_set_ptr(client, client); client_handshake_cb_data.session = client; - gnutls_handshake_set_hook_function(client, - GNUTLS_HANDSHAKE_ANY, + gnutls_handshake_set_hook_function(client, GNUTLS_HANDSHAKE_ANY, GNUTLS_HOOK_POST, handshake_callback); @@ -280,8 +283,8 @@ static void start(const struct test_st *test) exit(1); } if (ret != (int)test->server_exp.size) - fail("server: unexpected record size sent: %d (%d)\n", - ret, (int)test->server_exp.size); + fail("server: unexpected record size sent: %d (%d)\n", ret, + (int)test->server_exp.size); success("server: did not send a %d-byte packet\n", (int)server_max_send_size + 1); @@ -299,8 +302,8 @@ static void start(const struct test_st *test) exit(1); } if (ret != (int)test->client_exp.size) - fail("client: unexpected record size sent: %d (%d)\n", - ret, (int)test->client_exp.size); + fail("client: unexpected record size sent: %d (%d)\n", ret, + (int)test->client_exp.size); success("client: did not send a %d-byte packet\n", (int)client_max_send_size + 1); @@ -330,172 +333,128 @@ static void start(const struct test_st *test) } static const struct test_st tests[] = { - { - .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", - .server_max_size = 511, - .client_max_size = 511, - .server_exp = { - .error = GNUTLS_E_INVALID_REQUEST, - .size = 16384, - .max_record_size = 0, - .record_size_limit = 1}, - .client_exp = { - .error = GNUTLS_E_INVALID_REQUEST, - .size = 16384, - .max_record_size = 0, - .record_size_limit = 1} - }, - { - .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", - .server_max_size = 512, - .client_max_size = 512, - .server_exp = { - .error = 0, - .size = 512, - .max_record_size = 1, - .record_size_limit = 1}, - .client_exp = { - .error = 0, - .size = 512, - .max_record_size = 0, - .record_size_limit = 1} - }, - { - .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", - .server_max_size = 8192, - .client_max_size = 8192, - .server_exp = { - .error = 0, - .size = 8192, - .max_record_size = 0, - .record_size_limit = 1}, - .client_exp = { - .error = 0, - .size = 8192, - .max_record_size = 0, - .record_size_limit = 1} - }, - { - .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", - .server_max_size = 16384, - .client_max_size = 16384, - .server_exp = { - .error = 0, - .size = 16384, - .max_record_size = 0, - .record_size_limit = 1}, - .client_exp = { - .error = 0, - .size = 16384, - .max_record_size = 0, - .record_size_limit = 1} - }, - { - .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", - .server_max_size = 16385, - .client_max_size = 16385, - .server_exp = { - .error = GNUTLS_E_INVALID_REQUEST, - .size = 16384, - .max_record_size = 0, - .record_size_limit = 1}, - .client_exp = { - .error = GNUTLS_E_INVALID_REQUEST, - .size = 16384, - .max_record_size = 0, - .record_size_limit = 1} - }, - - { - .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .server_max_size = 511, - .client_max_size = 511, - .server_exp = { - .error = GNUTLS_E_INVALID_REQUEST, - .size = 16384, - .max_record_size = 0, - .record_size_limit = 1}, - .client_exp = { - .error = GNUTLS_E_INVALID_REQUEST, - .size = 16384, - .max_record_size = 0, - .record_size_limit = 1} - }, - { - .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .server_max_size = 512, - .client_max_size = 512, - .server_exp = { - .error = 0, - .size = 512, - .max_record_size = 1, - .record_size_limit = 1}, - .client_exp = { - .error = 0, - .size = 512, - .max_record_size = 0, - .record_size_limit = 1} - }, - { - .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .server_max_size = 8192, - .client_max_size = 8192, - .server_exp = { - .error = 0, - .size = 8192, - .max_record_size = 0, - .record_size_limit = 1}, - .client_exp = { - .error = 0, - .size = 8192, - .max_record_size = 0, - .record_size_limit = 1} - }, - { - .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .server_max_size = 16384, - .client_max_size = 16384, - .server_exp = { - .error = 0, - .size = 16384, - .max_record_size = 0, - .record_size_limit = 1}, - .client_exp = { - .error = 0, - .size = 16384, - .max_record_size = 0, - .record_size_limit = 1} - }, - { - .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .server_max_size = 16383, - .client_max_size = 16384, - .server_exp = { - .error = 0, - .size = 16383, - .max_record_size = 0, - .record_size_limit = 1}, - .client_exp = { - .error = 0, - .size = 16383, - .max_record_size = 0, - .record_size_limit = 1} - }, - { - .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .server_max_size = 16385, - .client_max_size = 16385, - .server_exp = { - .error = GNUTLS_E_INVALID_REQUEST, - .size = 16384, - .max_record_size = 0, - .record_size_limit = 1}, - .client_exp = { - .error = GNUTLS_E_INVALID_REQUEST, - .size = 16384, - .max_record_size = 0, - .record_size_limit = 1} - } + { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", + .server_max_size = 511, + .client_max_size = 511, + .server_exp = { .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, + .max_record_size = 0, + .record_size_limit = 1 }, + .client_exp = { .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, + .max_record_size = 0, + .record_size_limit = 1 } }, + { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", + .server_max_size = 512, + .client_max_size = 512, + .server_exp = { .error = 0, + .size = 512, + .max_record_size = 1, + .record_size_limit = 1 }, + .client_exp = { .error = 0, + .size = 512, + .max_record_size = 0, + .record_size_limit = 1 } }, + { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", + .server_max_size = 8192, + .client_max_size = 8192, + .server_exp = { .error = 0, + .size = 8192, + .max_record_size = 0, + .record_size_limit = 1 }, + .client_exp = { .error = 0, + .size = 8192, + .max_record_size = 0, + .record_size_limit = 1 } }, + { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", + .server_max_size = 16384, + .client_max_size = 16384, + .server_exp = { .error = 0, + .size = 16384, + .max_record_size = 0, + .record_size_limit = 1 }, + .client_exp = { .error = 0, + .size = 16384, + .max_record_size = 0, + .record_size_limit = 1 } }, + { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", + .server_max_size = 16385, + .client_max_size = 16385, + .server_exp = { .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, + .max_record_size = 0, + .record_size_limit = 1 }, + .client_exp = { .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, + .max_record_size = 0, + .record_size_limit = 1 } }, + + { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", + .server_max_size = 511, + .client_max_size = 511, + .server_exp = { .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, + .max_record_size = 0, + .record_size_limit = 1 }, + .client_exp = { .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, + .max_record_size = 0, + .record_size_limit = 1 } }, + { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", + .server_max_size = 512, + .client_max_size = 512, + .server_exp = { .error = 0, + .size = 512, + .max_record_size = 1, + .record_size_limit = 1 }, + .client_exp = { .error = 0, + .size = 512, + .max_record_size = 0, + .record_size_limit = 1 } }, + { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", + .server_max_size = 8192, + .client_max_size = 8192, + .server_exp = { .error = 0, + .size = 8192, + .max_record_size = 0, + .record_size_limit = 1 }, + .client_exp = { .error = 0, + .size = 8192, + .max_record_size = 0, + .record_size_limit = 1 } }, + { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", + .server_max_size = 16384, + .client_max_size = 16384, + .server_exp = { .error = 0, + .size = 16384, + .max_record_size = 0, + .record_size_limit = 1 }, + .client_exp = { .error = 0, + .size = 16384, + .max_record_size = 0, + .record_size_limit = 1 } }, + { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", + .server_max_size = 16383, + .client_max_size = 16384, + .server_exp = { .error = 0, + .size = 16383, + .max_record_size = 0, + .record_size_limit = 1 }, + .client_exp = { .error = 0, + .size = 16383, + .max_record_size = 0, + .record_size_limit = 1 } }, + { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", + .server_max_size = 16385, + .client_max_size = 16385, + .server_exp = { .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, + .max_record_size = 0, + .record_size_limit = 1 }, + .client_exp = { .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, + .max_record_size = 0, + .record_size_limit = 1 } } }; void doit(void) diff --git a/tests/tls-session-ext-override.c b/tests/tls-session-ext-override.c index 81edbe0ce1..cd931e47d3 100644 --- a/tests/tls-session-ext-override.c +++ b/tests/tls-session-ext-override.c @@ -24,7 +24,7 @@ * at the session level */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,18 +40,18 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# include -# endif -# include -# include +#include +#include +#include +#if !defined(_WIN32) +#include +#include +#endif +#include +#include -# include "utils.h" -# include "cert-common.h" +#include "utils.h" +#include "cert-common.h" const char *side = ""; @@ -66,10 +66,7 @@ static int TLSEXT_TYPE_server_sent = 0; static int TLSEXT_TYPE_server_received = 0; static int overridden_extension = -1; -static const unsigned char ext_data[] = { - 0xFE, - 0xED -}; +static const unsigned char ext_data[] = { 0xFE, 0xED }; static int ext_recv_client_params(gnutls_session_t session, const unsigned char *buf, size_t buflen) @@ -84,7 +81,7 @@ static int ext_recv_client_params(gnutls_session_t session, gnutls_ext_set_data(session, overridden_extension, session); - return 0; //Success + return 0; //Success } static int ext_send_client_params(gnutls_session_t session, @@ -106,7 +103,7 @@ static int ext_recv_server_params(gnutls_session_t session, TLSEXT_TYPE_server_received = 1; - return 0; //Success + return 0; //Success } static int ext_send_server_params(gnutls_session_t session, @@ -148,32 +145,26 @@ static void client(int sd) gnutls_transport_set_int(session, sd); gnutls_handshake_set_timeout(session, get_timeout()); - ret = - gnutls_session_ext_register(session, "ext_client", - overridden_extension, GNUTLS_EXT_TLS, - ext_recv_client_params, - ext_send_client_params, NULL, NULL, - NULL, 0); + ret = gnutls_session_ext_register(session, "ext_client", + overridden_extension, GNUTLS_EXT_TLS, + ext_recv_client_params, + ext_send_client_params, NULL, NULL, + NULL, 0); if (ret != GNUTLS_E_ALREADY_REGISTERED) fail("client: register existing extension (%d)\n", overridden_extension); - ret = - gnutls_session_ext_register(session, "ext_client", 0, - GNUTLS_EXT_TLS, ext_recv_client_params, - ext_send_client_params, NULL, NULL, - NULL, - GNUTLS_EXT_FLAG_OVERRIDE_INTERNAL); + ret = gnutls_session_ext_register( + session, "ext_client", 0, GNUTLS_EXT_TLS, + ext_recv_client_params, ext_send_client_params, NULL, NULL, + NULL, GNUTLS_EXT_FLAG_OVERRIDE_INTERNAL); if (ret != GNUTLS_E_ALREADY_REGISTERED) fail("client: register extension %d\n", 0); - ret = - gnutls_session_ext_register(session, "ext_client", - overridden_extension, GNUTLS_EXT_TLS, - ext_recv_client_params, - ext_send_client_params, NULL, NULL, - NULL, - GNUTLS_EXT_FLAG_OVERRIDE_INTERNAL); + ret = gnutls_session_ext_register( + session, "ext_client", overridden_extension, GNUTLS_EXT_TLS, + ext_recv_client_params, ext_send_client_params, NULL, NULL, + NULL, GNUTLS_EXT_FLAG_OVERRIDE_INTERNAL); if (ret < 0) fail("client: register extension (%d)\n", overridden_extension); @@ -204,7 +195,7 @@ static void client(int sd) gnutls_bye(session, GNUTLS_SHUT_RDWR); - end: +end: close(sd); gnutls_deinit(session); @@ -230,9 +221,8 @@ static void server(int sd) side = "server"; gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&session, GNUTLS_SERVER); @@ -244,22 +234,18 @@ static void server(int sd) gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, serverx509cred); - ret = - gnutls_session_ext_register(session, "ext_server", - overridden_extension, GNUTLS_EXT_TLS, - ext_recv_server_params, - ext_send_server_params, NULL, NULL, - NULL, 0); + ret = gnutls_session_ext_register(session, "ext_server", + overridden_extension, GNUTLS_EXT_TLS, + ext_recv_server_params, + ext_send_server_params, NULL, NULL, + NULL, 0); if (ret != GNUTLS_E_ALREADY_REGISTERED) fail("client: register existing extension\n"); - ret = - gnutls_session_ext_register(session, "ext_server", - overridden_extension, GNUTLS_EXT_TLS, - ext_recv_server_params, - ext_send_server_params, NULL, NULL, - NULL, - GNUTLS_EXT_FLAG_OVERRIDE_INTERNAL); + ret = gnutls_session_ext_register( + session, "ext_server", overridden_extension, GNUTLS_EXT_TLS, + ext_recv_server_params, ext_send_server_params, NULL, NULL, + NULL, GNUTLS_EXT_FLAG_OVERRIDE_INTERNAL); if (ret < 0) fail("client: register extension\n"); @@ -343,4 +329,4 @@ void doit(void) override_ext(21); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls-session-ext-register.c b/tests/tls-session-ext-register.c index 3aefbafe1d..e739bdda5d 100644 --- a/tests/tls-session-ext-register.c +++ b/tests/tls-session-ext-register.c @@ -23,7 +23,7 @@ * at the session level */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -39,19 +39,19 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# include -# endif -# include -# include -# include +#include +#include +#include +#if !defined(_WIN32) +#include +#include +#endif +#include +#include +#include -# include "utils.h" -# include "cert-common.h" +#include "utils.h" +#include "cert-common.h" const char *side = ""; @@ -60,8 +60,8 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -# define TLSEXT_TYPE_SAMPLE 0xF1 -# define TLSEXT_TYPE_IGN 0xF2 +#define TLSEXT_TYPE_SAMPLE 0xF1 +#define TLSEXT_TYPE_IGN 0xF2 static int TLSEXT_TYPE_client_sent = 0; static int TLSEXT_TYPE_client_received = 0; @@ -78,13 +78,9 @@ static void reset_vars(void) ign_extension_called = 0; } -static const unsigned char ext_data[] = { - 0xFE, - 0xED -}; +static const unsigned char ext_data[] = { 0xFE, 0xED }; -# define myfail(fmt, ...) \ - fail("%s: "fmt, name, ##__VA_ARGS__) +#define myfail(fmt, ...) fail("%s: " fmt, name, ##__VA_ARGS__) static int ext_recv_client_params(gnutls_session_t session, const unsigned char *buf, size_t buflen) @@ -102,7 +98,7 @@ static int ext_recv_client_params(gnutls_session_t session, gnutls_ext_set_data(session, TLSEXT_TYPE_SAMPLE, session); - return 0; //Success + return 0; //Success } static int ext_send_client_params(gnutls_session_t session, @@ -141,7 +137,7 @@ static int ext_recv_server_params(gnutls_session_t session, TLSEXT_TYPE_server_received = 1; - return 0; //Success + return 0; //Success } static int ext_send_server_params(gnutls_session_t session, @@ -180,35 +176,31 @@ static void client(int sd, const char *name, const char *prio, unsigned flags, gnutls_transport_set_int(session, sd); gnutls_handshake_set_timeout(session, get_timeout()); - ret = - gnutls_session_ext_register(session, "ext_ign", TLSEXT_TYPE_IGN, - GNUTLS_EXT_TLS, - ext_recv_client_ign_params, - ext_send_client_ign_params, NULL, NULL, - NULL, flags); + ret = gnutls_session_ext_register(session, "ext_ign", TLSEXT_TYPE_IGN, + GNUTLS_EXT_TLS, + ext_recv_client_ign_params, + ext_send_client_ign_params, NULL, + NULL, NULL, flags); if (ret < 0) myfail("client: register extension\n"); ext_name = - gnutls_ext_get_name2(session, TLSEXT_TYPE_IGN, GNUTLS_EXT_ANY); + gnutls_ext_get_name2(session, TLSEXT_TYPE_IGN, GNUTLS_EXT_ANY); if (ext_name == NULL || strcmp(ext_name, "ext_ign")) myfail("client: retrieve name of extension %u\n", TLSEXT_TYPE_IGN); - ext_name = - gnutls_ext_get_name2(session, TLSEXT_TYPE_IGN, - GNUTLS_EXT_APPLICATION); + ext_name = gnutls_ext_get_name2(session, TLSEXT_TYPE_IGN, + GNUTLS_EXT_APPLICATION); if (ext_name) - myfail - ("client: retrieve name of extension %u (expected none)\n", - TLSEXT_TYPE_IGN); - - ret = - gnutls_session_ext_register(session, "ext_client", - TLSEXT_TYPE_SAMPLE, GNUTLS_EXT_TLS, - ext_recv_client_params, - ext_send_client_params, NULL, NULL, - NULL, flags); + myfail("client: retrieve name of extension %u (expected none)\n", + TLSEXT_TYPE_IGN); + + ret = gnutls_session_ext_register(session, "ext_client", + TLSEXT_TYPE_SAMPLE, GNUTLS_EXT_TLS, + ext_recv_client_params, + ext_send_client_params, NULL, NULL, + NULL, flags); if (ret < 0) myfail("client: register extension\n"); @@ -219,9 +211,8 @@ static void client(int sd, const char *name, const char *prio, unsigned flags, if (ret < 0) { if (!expected_ok) { if (debug) - success - ("client: handshake failed as expected: %s\n", - gnutls_strerror(ret)); + success("client: handshake failed as expected: %s\n", + gnutls_strerror(ret)); } else { myfail("client: Handshake failed: %s\n", gnutls_strerror(ret)); @@ -234,8 +225,7 @@ static void client(int sd, const char *name, const char *prio, unsigned flags, if (TLSEXT_TYPE_client_sent != 1 || TLSEXT_TYPE_client_received != 1) { if (expected_ok) { - myfail - ("client: extension not properly sent/received\n"); + myfail("client: extension not properly sent/received\n"); } else { goto end; } @@ -259,7 +249,7 @@ static void client(int sd, const char *name, const char *prio, unsigned flags, if (!expected_ok) myfail("client: expected failure but succeeded!\n"); - end: +end: close(sd); gnutls_deinit(session); @@ -277,8 +267,8 @@ static void server(int sd, const char *name, const char *prio, unsigned flags, side = "server"; assert(gnutls_certificate_allocate_credentials(&serverx509cred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, + assert(gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&session, GNUTLS_SERVER) >= 0); @@ -291,10 +281,10 @@ static void server(int sd, const char *name, const char *prio, unsigned flags, gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, serverx509cred); - assert(gnutls_session_ext_register - (session, "ext_server", TLSEXT_TYPE_SAMPLE, GNUTLS_EXT_TLS, - ext_recv_server_params, ext_send_server_params, NULL, NULL, - NULL, flags) >= 0); + assert(gnutls_session_ext_register( + session, "ext_server", TLSEXT_TYPE_SAMPLE, + GNUTLS_EXT_TLS, ext_recv_server_params, + ext_send_server_params, NULL, NULL, NULL, flags) >= 0); gnutls_transport_set_int(session, sd); gnutls_handshake_set_timeout(session, get_timeout()); @@ -303,9 +293,8 @@ static void server(int sd, const char *name, const char *prio, unsigned flags, if (ret < 0) { if (!expected_ok) { if (debug) - success - ("server: handshake failed as expected: %s\n", - gnutls_strerror(ret)); + success("server: handshake failed as expected: %s\n", + gnutls_strerror(ret)); goto cleanup; } else { close(sd); @@ -320,8 +309,7 @@ static void server(int sd, const char *name, const char *prio, unsigned flags, if (TLSEXT_TYPE_server_sent != 1 || TLSEXT_TYPE_server_received != 1) { if (expected_ok) - myfail - ("server: extension not properly sent/received\n"); + myfail("server: extension not properly sent/received\n"); else goto cleanup; } @@ -333,7 +321,7 @@ static void server(int sd, const char *name, const char *prio, unsigned flags, if (!expected_ok) myfail("server: expected failure but succeeded!\n"); - cleanup: +cleanup: close(sd); gnutls_deinit(session); @@ -343,7 +331,7 @@ static void server(int sd, const char *name, const char *prio, unsigned flags, success("server: finished\n"); } -# define try_common(name, prio, flags, sok, cok) \ +#define try_common(name, prio, flags, sok, cok) \ try(name, prio, flags, flags, sok, cok) static void try(const char *name, const char *prio, unsigned server_flags, @@ -404,7 +392,8 @@ void doit(void) try_common("TLS1.2 both ways", "NORMAL:+ANON-ECDH:-VERS-TLS-ALL:+VERS-TLS1.2", GNUTLS_EXT_FLAG_CLIENT_HELLO | - GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO, 1, 1); + GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO, + 1, 1); try_common("TLS1.2 client only", "NORMAL:+ANON-ECDH:-VERS-TLS-ALL:+VERS-TLS1.2", @@ -412,7 +401,8 @@ void doit(void) try_common("TLS1.2 client and TLS 1.3 server", "NORMAL:+ANON-ECDH:-VERS-TLS-ALL:+VERS-TLS1.2", GNUTLS_EXT_FLAG_CLIENT_HELLO | - GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO, 0, 0); + GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO, + 0, 0); try_common("TLS1.2 server only", "NORMAL:+ANON-ECDH:-VERS-TLS-ALL:+VERS-TLS1.2", GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO, 0, 0); @@ -429,16 +419,13 @@ void doit(void) /* check whether we can crash the library by adding many extensions */ success("Testing: register many global extensions\n"); for (i = 0; i < 64; i++) { - ret = - gnutls_ext_register("ext_serverxx", - TLSEXT_TYPE_SAMPLE + i + 1, - GNUTLS_EXT_TLS, ext_recv_server_params, - ext_send_server_params, NULL, NULL, - NULL); + ret = gnutls_ext_register( + "ext_serverxx", TLSEXT_TYPE_SAMPLE + i + 1, + GNUTLS_EXT_TLS, ext_recv_server_params, + ext_send_server_params, NULL, NULL, NULL); if (ret < 0) { - success - ("failed registering extension no %d (expected)\n", - i + 1); + success("failed registering extension no %d (expected)\n", + i + 1); break; } } @@ -446,4 +433,4 @@ void doit(void) gnutls_global_deinit(); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls-session-supplemental.c b/tests/tls-session-supplemental.c index e71780c457..f300505481 100644 --- a/tests/tls-session-supplemental.c +++ b/tests/tls-session-supplemental.c @@ -22,7 +22,7 @@ /* This tests the supplemental data extension under TLS1.2 */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -38,18 +38,18 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include -# if !defined(_WIN32) -# include -# endif -# include -# include +#include +#include +#include +#include +#if !defined(_WIN32) +#include +#endif +#include +#include -# include "cert-common.h" -# include "utils.h" +#include "cert-common.h" +#include "utils.h" const char *side = ""; @@ -58,21 +58,17 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -# define TLS_SUPPLEMENTALDATATYPE_SAMPLE 0xBABE +#define TLS_SUPPLEMENTALDATATYPE_SAMPLE 0xBABE static int TLS_SUPPLEMENTALDATA_client_sent = 0; static int TLS_SUPPLEMENTALDATA_client_received = 0; static int TLS_SUPPLEMENTALDATA_server_sent = 0; static int TLS_SUPPLEMENTALDATA_server_received = 0; -static const unsigned char supp_data[] = { - 0xFE, - 0xED -}; +static const unsigned char supp_data[] = { 0xFE, 0xED }; -static -int supp_client_recv_func(gnutls_session_t session, const unsigned char *buf, - size_t buflen) +static int supp_client_recv_func(gnutls_session_t session, + const unsigned char *buf, size_t buflen) { TLS_SUPPLEMENTALDATA_client_received = 1; @@ -85,17 +81,15 @@ int supp_client_recv_func(gnutls_session_t session, const unsigned char *buf, return GNUTLS_E_SUCCESS; } -static -int supp_client_send_func(gnutls_session_t session, gnutls_buffer_t buf) +static int supp_client_send_func(gnutls_session_t session, gnutls_buffer_t buf) { TLS_SUPPLEMENTALDATA_client_sent = 1; gnutls_buffer_append_data(buf, supp_data, sizeof(supp_data)); return GNUTLS_E_SUCCESS; } -static -int supp_server_recv_func(gnutls_session_t session, const unsigned char *buf, - size_t buflen) +static int supp_server_recv_func(gnutls_session_t session, + const unsigned char *buf, size_t buflen) { TLS_SUPPLEMENTALDATA_server_received = 1; @@ -108,8 +102,7 @@ int supp_server_recv_func(gnutls_session_t session, const unsigned char *buf, return GNUTLS_E_SUCCESS; } -static -int supp_server_send_func(gnutls_session_t session, gnutls_buffer_t buf) +static int supp_server_send_func(gnutls_session_t session, gnutls_buffer_t buf) { TLS_SUPPLEMENTALDATA_server_sent = 1; gnutls_buffer_append_data(buf, supp_data, sizeof(supp_data)); @@ -148,11 +141,10 @@ static void client(int sd, const char *prio, unsigned server_only) gnutls_supplemental_recv(session, 1); gnutls_supplemental_send(session, 1); - gnutls_session_supplemental_register(session, - "supplemental_client", - TLS_SUPPLEMENTALDATATYPE_SAMPLE, - supp_client_recv_func, - supp_client_send_func, 0); + gnutls_session_supplemental_register( + session, "supplemental_client", + TLS_SUPPLEMENTALDATATYPE_SAMPLE, supp_client_recv_func, + supp_client_send_func, 0); } /* Perform the TLS handshake @@ -169,8 +161,8 @@ static void client(int sd, const char *prio, unsigned server_only) } if (!server_only) { - if (TLS_SUPPLEMENTALDATA_client_sent != 1 - || TLS_SUPPLEMENTALDATA_client_received != 1) + if (TLS_SUPPLEMENTALDATA_client_sent != 1 || + TLS_SUPPLEMENTALDATA_client_received != 1) fail("client: extension not properly sent/received\n"); } else { /* we expect TLS1.2 handshake as TLS1.3 is not (yet) defined @@ -180,7 +172,7 @@ static void client(int sd, const char *prio, unsigned server_only) gnutls_bye(session, GNUTLS_SHUT_RDWR); - end: +end: close(sd); gnutls_deinit(session); @@ -206,9 +198,8 @@ static void server(int sd, const char *prio, unsigned server_only) side = "server"; gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&session, GNUTLS_SERVER); gnutls_handshake_set_timeout(session, get_timeout()); @@ -240,8 +231,8 @@ static void server(int sd, const char *prio, unsigned server_only) success("server: Handshake was completed\n"); if (!server_only) { - if (TLS_SUPPLEMENTALDATA_server_sent != 1 - || TLS_SUPPLEMENTALDATA_server_received != 1) + if (TLS_SUPPLEMENTALDATA_server_sent != 1 || + TLS_SUPPLEMENTALDATA_server_received != 1) fail("server: extension not properly sent/received\n"); } @@ -260,8 +251,7 @@ static void server(int sd, const char *prio, unsigned server_only) success("server: finished\n"); } -static -void start(const char *prio, unsigned server_only) +static void start(const char *prio, unsigned server_only) { pid_t child; int sockets[2], err; @@ -312,4 +302,4 @@ void doit(void) start("NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2", 1); start("NORMAL", 1); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls-supplemental.c b/tests/tls-supplemental.c index 8dfd2c91b5..d6c428ce20 100644 --- a/tests/tls-supplemental.c +++ b/tests/tls-supplemental.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -39,17 +39,17 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# endif -# include -# include +#include +#include +#include +#if !defined(_WIN32) +#include +#endif +#include +#include -# include "utils.h" -# include "cert-common.h" +#include "utils.h" +#include "cert-common.h" /* A very basic TLS client, with supplemental data */ @@ -63,21 +63,17 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -# define TLS_SUPPLEMENTALDATATYPE_SAMPLE 0xBABE +#define TLS_SUPPLEMENTALDATATYPE_SAMPLE 0xBABE static int TLS_SUPPLEMENTALDATA_client_sent = 0; static int TLS_SUPPLEMENTALDATA_client_received = 0; static int TLS_SUPPLEMENTALDATA_server_sent = 0; static int TLS_SUPPLEMENTALDATA_server_received = 0; -static const unsigned char supp_data[] = { - 0xFE, - 0xED -}; +static const unsigned char supp_data[] = { 0xFE, 0xED }; -static -int supp_client_recv_func(gnutls_session_t session, const unsigned char *buf, - size_t buflen) +static int supp_client_recv_func(gnutls_session_t session, + const unsigned char *buf, size_t buflen) { TLS_SUPPLEMENTALDATA_client_received = 1; @@ -90,17 +86,15 @@ int supp_client_recv_func(gnutls_session_t session, const unsigned char *buf, return GNUTLS_E_SUCCESS; } -static -int supp_client_send_func(gnutls_session_t session, gnutls_buffer_t buf) +static int supp_client_send_func(gnutls_session_t session, gnutls_buffer_t buf) { TLS_SUPPLEMENTALDATA_client_sent = 1; gnutls_buffer_append_data(buf, supp_data, sizeof(supp_data)); return GNUTLS_E_SUCCESS; } -static -int supp_server_recv_func(gnutls_session_t session, const unsigned char *buf, - size_t buflen) +static int supp_server_recv_func(gnutls_session_t session, + const unsigned char *buf, size_t buflen) { TLS_SUPPLEMENTALDATA_server_received = 1; @@ -113,8 +107,7 @@ int supp_server_recv_func(gnutls_session_t session, const unsigned char *buf, return GNUTLS_E_SUCCESS; } -static -int supp_server_send_func(gnutls_session_t session, gnutls_buffer_t buf) +static int supp_server_send_func(gnutls_session_t session, gnutls_buffer_t buf) { TLS_SUPPLEMENTALDATA_server_sent = 1; gnutls_buffer_append_data(buf, supp_data, sizeof(supp_data)); @@ -128,9 +121,11 @@ static void client(int sd, const char *prio, unsigned server_only) gnutls_certificate_credentials_t clientx509cred; if (!server_only) { - assert(gnutls_supplemental_register - ("supplemental_client", TLS_SUPPLEMENTALDATATYPE_SAMPLE, - supp_client_recv_func, supp_client_send_func) >= 0); + assert(gnutls_supplemental_register( + "supplemental_client", + TLS_SUPPLEMENTALDATATYPE_SAMPLE, + supp_client_recv_func, + supp_client_send_func) >= 0); } side = "client"; @@ -165,9 +160,11 @@ static void client(int sd, const char *prio, unsigned server_only) } if (!server_only) { - if (TLS_SUPPLEMENTALDATA_client_sent != 1 - || TLS_SUPPLEMENTALDATA_client_received != 1) - fail("client: extension not properly sent/received (%d.%d)\n", TLS_SUPPLEMENTALDATA_client_sent, TLS_SUPPLEMENTALDATA_client_received); + if (TLS_SUPPLEMENTALDATA_client_sent != 1 || + TLS_SUPPLEMENTALDATA_client_received != 1) + fail("client: extension not properly sent/received (%d.%d)\n", + TLS_SUPPLEMENTALDATA_client_sent, + TLS_SUPPLEMENTALDATA_client_received); } else { /* we expect TLS1.2 handshake as TLS1.3 is not (yet) defined * with supplemental data */ @@ -176,7 +173,7 @@ static void client(int sd, const char *prio, unsigned server_only) gnutls_bye(session, GNUTLS_SHUT_RDWR); - end: +end: close(sd); gnutls_deinit(session); @@ -194,16 +191,17 @@ static void server(int sd, const char *prio, unsigned server_only) side = "server"; if (!registered) { - assert(gnutls_supplemental_register - ("supplemental_server", TLS_SUPPLEMENTALDATATYPE_SAMPLE, - supp_server_recv_func, supp_server_send_func) >= 0); + assert(gnutls_supplemental_register( + "supplemental_server", + TLS_SUPPLEMENTALDATATYPE_SAMPLE, + supp_server_recv_func, + supp_server_send_func) >= 0); registered = 0; } gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&session, GNUTLS_SERVER); @@ -229,8 +227,8 @@ static void server(int sd, const char *prio, unsigned server_only) success("server: Handshake was completed\n"); if (!server_only) { - if (TLS_SUPPLEMENTALDATA_server_sent != 1 - || TLS_SUPPLEMENTALDATA_server_received != 1) + if (TLS_SUPPLEMENTALDATA_server_sent != 1 || + TLS_SUPPLEMENTALDATA_server_received != 1) fail("server: extension not properly sent/received\n"); } @@ -249,8 +247,7 @@ static void server(int sd, const char *prio, unsigned server_only) _gnutls_supplemental_deinit(); } -static -void start(const char *prio, unsigned server_only) +static void start(const char *prio, unsigned server_only) { pid_t child; int sockets[2], err; @@ -305,4 +302,4 @@ void doit(void) start("NORMAL", 1); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls-with-seccomp.c b/tests/tls-with-seccomp.c index a7f6ef27c8..f24ce0fb48 100644 --- a/tests/tls-with-seccomp.c +++ b/tests/tls-with-seccomp.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,20 +35,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" static void terminate(void); @@ -62,7 +62,7 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, const char *prio) { @@ -95,8 +95,7 @@ static void client(int fd, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -109,8 +108,8 @@ static void client(int fd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { ret = gnutls_record_recv(session, buffer, sizeof(buffer) - 1); @@ -131,7 +130,7 @@ static void client(int fd, const char *prio) gnutls_strerror(ret)); } - end: +end: close(fd); @@ -172,9 +171,8 @@ static void server(int fd, const char *prio) gnutls_certificate_allocate_credentials(&xcred); - ret = gnutls_certificate_set_x509_key_mem(xcred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + xcred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -195,8 +193,7 @@ static void server(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -209,8 +206,8 @@ static void server(int fd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* see the Getting peer's information example */ /* print_info(session); */ @@ -245,8 +242,7 @@ static void server(int fd, const char *prio) success("server: finished\n"); } -static -void run(const char *name, const char *prio) +static void run(const char *name, const char *prio) { int fd[2]; int ret; @@ -290,4 +286,4 @@ void doit(void) run("default", "NORMAL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls10-cert-key-exchange.c b/tests/tls10-cert-key-exchange.c index 75a23e15da..96ecb772d4 100644 --- a/tests/tls10-cert-key-exchange.c +++ b/tests/tls10-cert-key-exchange.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the various certificate key exchange methods supported @@ -48,9 +48,10 @@ void doit(void) try_x509("TLS 1.0 with dhe-rsa no cert", "NORMAL:-VERS-ALL:+VERS-TLS1.0:-KX-ALL:+DHE-RSA", GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_UNKNOWN, GNUTLS_SIGN_UNKNOWN); - try_x509("TLS 1.0 with ecdhe x25519 rsa no cert", - "NORMAL:-VERS-ALL:+VERS-TLS1.0:-KX-ALL:+ECDHE-RSA:-CURVE-ALL:+CURVE-X25519", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_UNKNOWN, GNUTLS_SIGN_UNKNOWN); + try_x509( + "TLS 1.0 with ecdhe x25519 rsa no cert", + "NORMAL:-VERS-ALL:+VERS-TLS1.0:-KX-ALL:+ECDHE-RSA:-CURVE-ALL:+CURVE-X25519", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_UNKNOWN, GNUTLS_SIGN_UNKNOWN); try_x509("TLS 1.0 with ecdhe rsa no cert", "NORMAL:-VERS-ALL:+VERS-TLS1.0:-KX-ALL:+ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_UNKNOWN, GNUTLS_SIGN_UNKNOWN); diff --git a/tests/tls10-cipher-neg.c b/tests/tls10-cipher-neg.c index fb53b7e0fa..34cd2bcc9c 100644 --- a/tests/tls10-cipher-neg.c +++ b/tests/tls10-cipher-neg.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the ciphersuite negotiation for various key exchange @@ -38,86 +38,74 @@ #include "cipher-neg-common.c" test_case_st tests[] = { - { - .name = "server TLS 1.0: AES-128-CBC (server)", - .cipher = GNUTLS_CIPHER_AES_128_CBC, - .server_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+AES-128-CBC"}, - { - .name = "both TLS 1.0: AES-128-CBC (server)", - .cipher = GNUTLS_CIPHER_AES_128_CBC, - .server_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+AES-128-CBC:+VERS-TLS1.0"}, - { - .name = "client TLS 1.0: AES-128-CBC (client)", - .cipher = GNUTLS_CIPHER_AES_128_CBC, - .server_prio = "NORMAL:+AES-128-CBC", - .client_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "both TLS 1.0: AES-128-CBC (client)", - .cipher = GNUTLS_CIPHER_AES_128_CBC, - .server_prio = "NORMAL:+AES-128-CBC:+VERS-TLS1.0", - .client_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "server TLS 1.0: 3DES-CBC (server)", - .cipher = GNUTLS_CIPHER_3DES_CBC, - .not_on_fips = 1, - .server_prio = - "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+3DES-CBC"}, - { - .name = "both TLS 1.0: 3DES-CBC (server)", - .cipher = GNUTLS_CIPHER_3DES_CBC, - .not_on_fips = 1, - .server_prio = - "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+3DES-CBC:+VERS-TLS1.0"}, - { - .name = "client TLS 1.0: 3DES-CBC (client)", - .cipher = GNUTLS_CIPHER_3DES_CBC, - .not_on_fips = 1, - .server_prio = "NORMAL:+3DES-CBC", - .client_prio = - "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "both TLS 1.0: 3DES-CBC (client)", - .cipher = GNUTLS_CIPHER_3DES_CBC, - .not_on_fips = 1, - .server_prio = "NORMAL:+3DES-CBC:+VERS-TLS1.0", - .client_prio = - "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "server TLS 1.0: ARCFOUR-128 (server)", - .cipher = GNUTLS_CIPHER_ARCFOUR_128, - .not_on_fips = 1, - .server_prio = - "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+ARCFOUR-128"}, - { - .name = "both TLS 1.0: ARCFOUR-128 (server)", - .cipher = GNUTLS_CIPHER_ARCFOUR_128, - .not_on_fips = 1, - .server_prio = - "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+ARCFOUR-128:+VERS-TLS1.0"}, - { - .name = "client TLS 1.0: ARCFOUR-128 (client)", - .cipher = GNUTLS_CIPHER_ARCFOUR_128, - .not_on_fips = 1, - .server_prio = "NORMAL:+ARCFOUR-128", - .client_prio = - "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "both TLS 1.0: ARCFOUR-128 (client)", - .cipher = GNUTLS_CIPHER_ARCFOUR_128, - .not_on_fips = 1, - .server_prio = "NORMAL:+ARCFOUR-128:+VERS-TLS1.0", - .client_prio = - "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0"} + { .name = "server TLS 1.0: AES-128-CBC (server)", + .cipher = GNUTLS_CIPHER_AES_128_CBC, + .server_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+AES-128-CBC" }, + { .name = "both TLS 1.0: AES-128-CBC (server)", + .cipher = GNUTLS_CIPHER_AES_128_CBC, + .server_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+AES-128-CBC:+VERS-TLS1.0" }, + { .name = "client TLS 1.0: AES-128-CBC (client)", + .cipher = GNUTLS_CIPHER_AES_128_CBC, + .server_prio = "NORMAL:+AES-128-CBC", + .client_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "both TLS 1.0: AES-128-CBC (client)", + .cipher = GNUTLS_CIPHER_AES_128_CBC, + .server_prio = "NORMAL:+AES-128-CBC:+VERS-TLS1.0", + .client_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "server TLS 1.0: 3DES-CBC (server)", + .cipher = GNUTLS_CIPHER_3DES_CBC, + .not_on_fips = 1, + .server_prio = + "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+3DES-CBC" }, + { .name = "both TLS 1.0: 3DES-CBC (server)", + .cipher = GNUTLS_CIPHER_3DES_CBC, + .not_on_fips = 1, + .server_prio = + "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+3DES-CBC:+VERS-TLS1.0" }, + { .name = "client TLS 1.0: 3DES-CBC (client)", + .cipher = GNUTLS_CIPHER_3DES_CBC, + .not_on_fips = 1, + .server_prio = "NORMAL:+3DES-CBC", + .client_prio = + "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "both TLS 1.0: 3DES-CBC (client)", + .cipher = GNUTLS_CIPHER_3DES_CBC, + .not_on_fips = 1, + .server_prio = "NORMAL:+3DES-CBC:+VERS-TLS1.0", + .client_prio = + "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "server TLS 1.0: ARCFOUR-128 (server)", + .cipher = GNUTLS_CIPHER_ARCFOUR_128, + .not_on_fips = 1, + .server_prio = + "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+ARCFOUR-128" }, + { .name = "both TLS 1.0: ARCFOUR-128 (server)", + .cipher = GNUTLS_CIPHER_ARCFOUR_128, + .not_on_fips = 1, + .server_prio = + "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+ARCFOUR-128:+VERS-TLS1.0" }, + { .name = "client TLS 1.0: ARCFOUR-128 (client)", + .cipher = GNUTLS_CIPHER_ARCFOUR_128, + .not_on_fips = 1, + .server_prio = "NORMAL:+ARCFOUR-128", + .client_prio = + "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "both TLS 1.0: ARCFOUR-128 (client)", + .cipher = GNUTLS_CIPHER_ARCFOUR_128, + .not_on_fips = 1, + .server_prio = "NORMAL:+ARCFOUR-128:+VERS-TLS1.0", + .client_prio = + "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0" } }; void doit(void) diff --git a/tests/tls10-prf.c b/tests/tls10-prf.c index c09cbbc9a8..4a2a03d669 100644 --- a/tests/tls10-prf.c +++ b/tests/tls10-prf.c @@ -31,51 +31,50 @@ #include #include "hex.h" -int -_gnutls_prf_raw(gnutls_mac_algorithm_t mac, - size_t master_size, const void *master, - size_t label_size, const char *label, - size_t seed_size, const uint8_t * seed, size_t outsize, - char *out); +int _gnutls_prf_raw(gnutls_mac_algorithm_t mac, size_t master_size, + const void *master, size_t label_size, const char *label, + size_t seed_size, const uint8_t *seed, size_t outsize, + char *out); -#define MATCH_FUNC(fname, dsecret, dseed, dlabel, doutput) \ -static void fname(void **glob_state) \ -{ \ - char tmp[512]; \ - gnutls_datum_t secret = dsecret; \ - gnutls_datum_t seed = dseed; \ - gnutls_datum_t label = dlabel; \ - gnutls_datum_t output = doutput; \ - int _rval; \ - _rval = _gnutls_prf_raw(GNUTLS_MAC_MD5_SHA1, secret.size, secret.data, \ - label.size, (char*)label.data, seed.size, seed.data, output.size, tmp); \ - assert_int_equal(_rval, 0); \ - assert_int_equal(memcmp(tmp, output.data, output.size), 0); \ - gnutls_free(secret.data); \ - gnutls_free(label.data); \ - gnutls_free(seed.data); \ - gnutls_free(output.data); \ -} +#define MATCH_FUNC(fname, dsecret, dseed, dlabel, doutput) \ + static void fname(void **glob_state) \ + { \ + char tmp[512]; \ + gnutls_datum_t secret = dsecret; \ + gnutls_datum_t seed = dseed; \ + gnutls_datum_t label = dlabel; \ + gnutls_datum_t output = doutput; \ + int _rval; \ + _rval = _gnutls_prf_raw(GNUTLS_MAC_MD5_SHA1, secret.size, \ + secret.data, label.size, \ + (char *)label.data, seed.size, \ + seed.data, output.size, tmp); \ + assert_int_equal(_rval, 0); \ + assert_int_equal(memcmp(tmp, output.data, output.size), 0); \ + gnutls_free(secret.data); \ + gnutls_free(label.data); \ + gnutls_free(seed.data); \ + gnutls_free(output.data); \ + } -MATCH_FUNC(test1, SHEX("263bdbbb6f6d4c664e058d0aa9d321be"), - SHEX("b920573b199601024f04d6dc61966e65"), SDATA("test label"), - SHEX - ("6617993765fa6ca703d19ec70dd5dd160ffcc07725fafb714a9f815a2a30bfb7e3bbfb7eee574b3b613eb7fe80eec9691d8c1b0e2d9b3c8b4b02b6b6d6db88e2094623ef6240607eda7abe3c846e82a3")); +MATCH_FUNC( + test1, SHEX("263bdbbb6f6d4c664e058d0aa9d321be"), + SHEX("b920573b199601024f04d6dc61966e65"), SDATA("test label"), + SHEX("6617993765fa6ca703d19ec70dd5dd160ffcc07725fafb714a9f815a2a30bfb7e3bbfb7eee574b3b613eb7fe80eec9691d8c1b0e2d9b3c8b4b02b6b6d6db88e2094623ef6240607eda7abe3c846e82a3")); MATCH_FUNC(test2, SHEX("bf31fe6c78ebf0ff9ce8bb5dd9d1f83d"), SHEX("7fc4583d19871d962760f358a18696c8"), SDATA("test label"), SHEX("8318f382c49fd5af7d6fdb4cbb31dfef")); -MATCH_FUNC(test3, - SHEX - ("0addfc84435b9ac1ef523ef44791a784bf55757dea17837c1a72beec1bdb1850"), - SHEX("74e849d11ad8a98d9bc2291dbceec26ff9"), SDATA("test label"), - SHEX("3c221520c48bcb3a0eb3734a")); -MATCH_FUNC(test4, - SHEX - ("4074939b440a08a285bc7208485c531f0bbd4c101d71bdba33ec066791e4678c"), - SHEX("8aff0c770c1d60455ee48f220c9adb471e5fee27c88c1f33"), - SDATA("test label"), - SHEX - ("3a9aee040bbf3cf7009210e64bbdad1775ccf1b46b3a965d5f15168e9ddaa7cc6a7c0c117848")); +MATCH_FUNC( + test3, + SHEX("0addfc84435b9ac1ef523ef44791a784bf55757dea17837c1a72beec1bdb1850"), + SHEX("74e849d11ad8a98d9bc2291dbceec26ff9"), SDATA("test label"), + SHEX("3c221520c48bcb3a0eb3734a")); +MATCH_FUNC( + test4, + SHEX("4074939b440a08a285bc7208485c531f0bbd4c101d71bdba33ec066791e4678c"), + SHEX("8aff0c770c1d60455ee48f220c9adb471e5fee27c88c1f33"), + SDATA("test label"), + SHEX("3a9aee040bbf3cf7009210e64bbdad1775ccf1b46b3a965d5f15168e9ddaa7cc6a7c0c117848")); int main(void) { diff --git a/tests/tls10-server-kx-neg.c b/tests/tls10-server-kx-neg.c index e9e8c47730..0ef2439fea 100644 --- a/tests/tls10-server-kx-neg.c +++ b/tests/tls10-server-kx-neg.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the ciphersuite negotiation for various key exchange @@ -38,359 +38,312 @@ #include "server-kx-neg-common.c" test_case_st tests[] = { - { - .name = "TLS 1.0 ANON-DH without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 ANON-DH with cred but no DH params", - .client_ret = 0, - .server_ret = 0, - .have_anon_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 ANON-DH with cred and DH params", - .server_ret = 0, - .client_ret = 0, - .have_anon_cred = 1, - .have_anon_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 DHE-RSA without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 DHE-RSA with cred but no DH params or cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 DHE-RSA with cred and cert but no DH params", - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 DHE-RSA with cred and DH params but no cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_cert_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = - "TLS 1.0 DHE-RSA with cred and incompatible cert and DH params", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_rsa_decrypt_cert = 1, - .have_ecc_sign_cert = 1, - .have_cert_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 DHE-RSA with cred and cert and DH params", - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_cert_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 DHE-RSA with cred and multiple certs and DH params", - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_ecc_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .have_cert_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 DHE-PSK without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 DHE-PSK with cred but no DH params", - .client_ret = 0, - .server_ret = 0, - .have_psk_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 DHE-PSK with cred DH params", - .client_ret = 0, - .server_ret = 0, - .have_psk_cred = 1, - .have_psk_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 ECDHE-RSA without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 ECDHE-RSA with cred but no common curve or cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP256R1", - .client_prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP384R1"}, - { - .name = "TLS 1.0 ECDHE-RSA with cred and cert but no common curve", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP256R1", - .client_prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP384R1"}, - { - .name = "TLS 1.0 ECDHE-RSA with cred and common curve but no cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = - "TLS 1.0 ECDHE-RSA with cred and incompatible cert and common curve", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 ECDHE-RSA with cred and cert and common curve", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = - "TLS 1.0 ECDHE-RSA with cred and multiple certs and common curve", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_rsa_decrypt_cert = 1, - .have_rsa_sign_cert = 1, - .have_ecc_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0"}, + { .name = "TLS 1.0 ANON-DH without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 ANON-DH with cred but no DH params", + .client_ret = 0, + .server_ret = 0, + .have_anon_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 ANON-DH with cred and DH params", + .server_ret = 0, + .client_ret = 0, + .have_anon_cred = 1, + .have_anon_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 DHE-RSA without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 DHE-RSA with cred but no DH params or cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 DHE-RSA with cred and cert but no DH params", + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 DHE-RSA with cred and DH params but no cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_cert_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 DHE-RSA with cred and incompatible cert and DH params", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_rsa_decrypt_cert = 1, + .have_ecc_sign_cert = 1, + .have_cert_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 DHE-RSA with cred and cert and DH params", + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_cert_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 DHE-RSA with cred and multiple certs and DH params", + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_ecc_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .have_cert_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 DHE-PSK without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 DHE-PSK with cred but no DH params", + .client_ret = 0, + .server_ret = 0, + .have_psk_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 DHE-PSK with cred DH params", + .client_ret = 0, + .server_ret = 0, + .have_psk_cred = 1, + .have_psk_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 ECDHE-RSA without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 ECDHE-RSA with cred but no common curve or cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP256R1", + .client_prio = + "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP384R1" }, + { .name = "TLS 1.0 ECDHE-RSA with cred and cert but no common curve", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = + "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP256R1", + .client_prio = + "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP384R1" }, + { .name = "TLS 1.0 ECDHE-RSA with cred and common curve but no cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 ECDHE-RSA with cred and incompatible cert and common curve", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 ECDHE-RSA with cred and cert and common curve", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 ECDHE-RSA with cred and multiple certs and common curve", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_rsa_decrypt_cert = 1, + .have_rsa_sign_cert = 1, + .have_ecc_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.0" }, - { - .name = "TLS 1.0 ECDHE-ECDSA without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 ECDHE-ECDSA with cred but no common curve or cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP256R1", - .client_prio = - "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP384R1"}, - { - .name = "TLS 1.0 ECDHE-ECDSA with cred and cert but no common curve", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_ecc_sign_cert = 1, - .server_prio = - "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP256R1", - .client_prio = - "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP384R1"}, - { - .name = - "TLS 1.0 ECDHE-ECDSA with cred and common curve but no ECDSA cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 ECDHE-ECDSA with cred and common curve but no cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 ECDHE-ECDSA with cred and cert and common curve", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_ecc_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = - "TLS 1.0 ECDHE-ECDSA with cred and multiple certs and common curve", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_ecc_sign_cert = 1, - .have_rsa_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0"}, + { .name = "TLS 1.0 ECDHE-ECDSA without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 ECDHE-ECDSA with cred but no common curve or cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP256R1", + .client_prio = + "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP384R1" }, + { .name = "TLS 1.0 ECDHE-ECDSA with cred and cert but no common curve", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_ecc_sign_cert = 1, + .server_prio = + "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP256R1", + .client_prio = + "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP384R1" }, + { .name = "TLS 1.0 ECDHE-ECDSA with cred and common curve but no ECDSA cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 ECDHE-ECDSA with cred and common curve but no cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 ECDHE-ECDSA with cred and cert and common curve", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_ecc_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 ECDHE-ECDSA with cred and multiple certs and common curve", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_ecc_sign_cert = 1, + .have_rsa_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.0" }, - { - .name = "TLS 1.0 ECDHE-PSK without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 ECDHE-PSK with cred but no common curve", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_psk_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP256R1", - .client_prio = - "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP384R1"}, - { - .name = "TLS 1.0 ECDHE-PSK with cred and common curve", - .client_ret = 0, - .server_ret = 0, - .have_psk_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 RSA-PSK without cert cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .have_psk_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 RSA-PSK without psk cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_psk_cred = 0, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 RSA-PSK with cred but invalid cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_psk_cred = 1, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_ecc_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 RSA-PSK with cred", - .server_ret = 0, - .client_ret = 0, - .have_psk_cred = 1, - .have_cert_cred = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 RSA-PSK with cred and multiple certs", - .server_ret = 0, - .client_ret = 0, - .have_psk_cred = 1, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_ecc_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0"}, + { .name = "TLS 1.0 ECDHE-PSK without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 ECDHE-PSK with cred but no common curve", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_psk_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP256R1", + .client_prio = + "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.0:-CURVE-ALL:+CURVE-SECP384R1" }, + { .name = "TLS 1.0 ECDHE-PSK with cred and common curve", + .client_ret = 0, + .server_ret = 0, + .have_psk_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 RSA-PSK without cert cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .have_psk_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 RSA-PSK without psk cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_psk_cred = 0, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 RSA-PSK with cred but invalid cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_psk_cred = 1, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_ecc_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 RSA-PSK with cred", + .server_ret = 0, + .client_ret = 0, + .have_psk_cred = 1, + .have_cert_cred = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 RSA-PSK with cred and multiple certs", + .server_ret = 0, + .client_ret = 0, + .have_psk_cred = 1, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_ecc_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0" }, #ifdef ENABLE_SRP - { - .name = "TLS 1.0 SRP-RSA without cert cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .have_srp_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 SRP-RSA without srp cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_srp_cred = 0, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 SRP-RSA with cred but invalid cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_srp_cred = 1, - .have_cert_cred = 1, - .have_rsa_decrypt_cert = 1, - .have_ecc_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 SRP-RSA with cred", - .server_ret = 0, - .client_ret = 0, - .have_srp_cred = 1, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 SRP-RSA with cred and multiple certs", - .server_ret = 0, - .client_ret = 0, - .have_srp_cred = 1, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_ecc_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 SRP without srp cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .have_srp_cred = 0, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.0"}, - { - .name = "TLS 1.0 SRP with cred", - .server_ret = 0, - .client_ret = 0, - .have_srp_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.0", - .client_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.0"} + { .name = "TLS 1.0 SRP-RSA without cert cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .have_srp_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 SRP-RSA without srp cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_srp_cred = 0, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 SRP-RSA with cred but invalid cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_srp_cred = 1, + .have_cert_cred = 1, + .have_rsa_decrypt_cert = 1, + .have_ecc_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 SRP-RSA with cred", + .server_ret = 0, + .client_ret = 0, + .have_srp_cred = 1, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 SRP-RSA with cred and multiple certs", + .server_ret = 0, + .client_ret = 0, + .have_srp_cred = 1, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_ecc_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 SRP without srp cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .have_srp_cred = 0, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.0" }, + { .name = "TLS 1.0 SRP with cred", + .server_ret = 0, + .client_ret = 0, + .have_srp_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.0", + .client_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.0" } #endif }; diff --git a/tests/tls11-cert-key-exchange.c b/tests/tls11-cert-key-exchange.c index 69115cd873..8f0daec628 100644 --- a/tests/tls11-cert-key-exchange.c +++ b/tests/tls11-cert-key-exchange.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the various certificate key exchange methods supported @@ -48,9 +48,10 @@ void doit(void) try_x509("TLS 1.1 with dhe-rsa no cert", "NORMAL:-VERS-ALL:+VERS-TLS1.1:-KX-ALL:+DHE-RSA", GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_UNKNOWN, GNUTLS_SIGN_UNKNOWN); - try_x509("TLS 1.1 with ecdhe x25519 rsa no cert", - "NORMAL:-VERS-ALL:+VERS-TLS1.1:-KX-ALL:+ECDHE-RSA:-CURVE-ALL:+CURVE-X25519", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_UNKNOWN, GNUTLS_SIGN_UNKNOWN); + try_x509( + "TLS 1.1 with ecdhe x25519 rsa no cert", + "NORMAL:-VERS-ALL:+VERS-TLS1.1:-KX-ALL:+ECDHE-RSA:-CURVE-ALL:+CURVE-X25519", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_UNKNOWN, GNUTLS_SIGN_UNKNOWN); try_x509("TLS 1.1 with ecdhe rsa no cert", "NORMAL:-VERS-ALL:+VERS-TLS1.1:-KX-ALL:+ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_UNKNOWN, GNUTLS_SIGN_UNKNOWN); @@ -105,11 +106,11 @@ void doit(void) /* illegal setups */ server_priority = NULL; - try_with_key_fail("TLS 1.1 with rsa-pss cert and no cli cert", - "NORMAL:-VERS-ALL:+VERS-TLS1.1:-KX-ALL:+DHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512", - GNUTLS_E_UNWANTED_ALGORITHM, GNUTLS_E_AGAIN, - &server_ca3_rsa_pss_cert, &server_ca3_rsa_pss_key, - NULL, NULL); + try_with_key_fail( + "TLS 1.1 with rsa-pss cert and no cli cert", + "NORMAL:-VERS-ALL:+VERS-TLS1.1:-KX-ALL:+DHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512", + GNUTLS_E_UNWANTED_ALGORITHM, GNUTLS_E_AGAIN, + &server_ca3_rsa_pss_cert, &server_ca3_rsa_pss_key, NULL, NULL); gnutls_global_deinit(); } diff --git a/tests/tls11-cipher-neg.c b/tests/tls11-cipher-neg.c index fb4371a6e3..b1b4ee9e6c 100644 --- a/tests/tls11-cipher-neg.c +++ b/tests/tls11-cipher-neg.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the ciphersuite negotiation for various key exchange @@ -38,86 +38,74 @@ #include "cipher-neg-common.c" test_case_st tests[] = { - { - .name = "server TLS 1.1: AES-128-CBC (server)", - .cipher = GNUTLS_CIPHER_AES_128_CBC, - .server_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+AES-128-CBC"}, - { - .name = "both TLS 1.1: AES-128-CBC (server)", - .cipher = GNUTLS_CIPHER_AES_128_CBC, - .server_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+AES-128-CBC:+VERS-TLS1.1"}, - { - .name = "client TLS 1.1: AES-128-CBC (client)", - .cipher = GNUTLS_CIPHER_AES_128_CBC, - .server_prio = "NORMAL:+AES-128-CBC", - .client_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "both TLS 1.1: AES-128-CBC (client)", - .cipher = GNUTLS_CIPHER_AES_128_CBC, - .server_prio = "NORMAL:+AES-128-CBC:+VERS-TLS1.1", - .client_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "server TLS 1.1: 3DES-CBC (server)", - .cipher = GNUTLS_CIPHER_3DES_CBC, - .not_on_fips = 1, - .server_prio = - "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+3DES-CBC"}, - { - .name = "both TLS 1.1: 3DES-CBC (server)", - .cipher = GNUTLS_CIPHER_3DES_CBC, - .not_on_fips = 1, - .server_prio = - "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+3DES-CBC:+VERS-TLS1.1"}, - { - .name = "client TLS 1.1: 3DES-CBC (client)", - .cipher = GNUTLS_CIPHER_3DES_CBC, - .not_on_fips = 1, - .server_prio = "NORMAL:+3DES-CBC", - .client_prio = - "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "both TLS 1.1: 3DES-CBC (client)", - .cipher = GNUTLS_CIPHER_3DES_CBC, - .not_on_fips = 1, - .server_prio = "NORMAL:+3DES-CBC:+VERS-TLS1.1", - .client_prio = - "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "server TLS 1.1: ARCFOUR-128 (server)", - .cipher = GNUTLS_CIPHER_ARCFOUR_128, - .not_on_fips = 1, - .server_prio = - "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+ARCFOUR-128"}, - { - .name = "both TLS 1.1: ARCFOUR-128 (server)", - .cipher = GNUTLS_CIPHER_ARCFOUR_128, - .not_on_fips = 1, - .server_prio = - "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+ARCFOUR-128:+VERS-TLS1.1"}, - { - .name = "client TLS 1.1: ARCFOUR-128 (client)", - .cipher = GNUTLS_CIPHER_ARCFOUR_128, - .not_on_fips = 1, - .server_prio = "NORMAL:+ARCFOUR-128", - .client_prio = - "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "both TLS 1.1: ARCFOUR-128 (client)", - .cipher = GNUTLS_CIPHER_ARCFOUR_128, - .not_on_fips = 1, - .server_prio = "NORMAL:+ARCFOUR-128:+VERS-TLS1.1", - .client_prio = - "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1"} + { .name = "server TLS 1.1: AES-128-CBC (server)", + .cipher = GNUTLS_CIPHER_AES_128_CBC, + .server_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+AES-128-CBC" }, + { .name = "both TLS 1.1: AES-128-CBC (server)", + .cipher = GNUTLS_CIPHER_AES_128_CBC, + .server_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+AES-128-CBC:+VERS-TLS1.1" }, + { .name = "client TLS 1.1: AES-128-CBC (client)", + .cipher = GNUTLS_CIPHER_AES_128_CBC, + .server_prio = "NORMAL:+AES-128-CBC", + .client_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "both TLS 1.1: AES-128-CBC (client)", + .cipher = GNUTLS_CIPHER_AES_128_CBC, + .server_prio = "NORMAL:+AES-128-CBC:+VERS-TLS1.1", + .client_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "server TLS 1.1: 3DES-CBC (server)", + .cipher = GNUTLS_CIPHER_3DES_CBC, + .not_on_fips = 1, + .server_prio = + "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+3DES-CBC" }, + { .name = "both TLS 1.1: 3DES-CBC (server)", + .cipher = GNUTLS_CIPHER_3DES_CBC, + .not_on_fips = 1, + .server_prio = + "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+3DES-CBC:+VERS-TLS1.1" }, + { .name = "client TLS 1.1: 3DES-CBC (client)", + .cipher = GNUTLS_CIPHER_3DES_CBC, + .not_on_fips = 1, + .server_prio = "NORMAL:+3DES-CBC", + .client_prio = + "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "both TLS 1.1: 3DES-CBC (client)", + .cipher = GNUTLS_CIPHER_3DES_CBC, + .not_on_fips = 1, + .server_prio = "NORMAL:+3DES-CBC:+VERS-TLS1.1", + .client_prio = + "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "server TLS 1.1: ARCFOUR-128 (server)", + .cipher = GNUTLS_CIPHER_ARCFOUR_128, + .not_on_fips = 1, + .server_prio = + "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+ARCFOUR-128" }, + { .name = "both TLS 1.1: ARCFOUR-128 (server)", + .cipher = GNUTLS_CIPHER_ARCFOUR_128, + .not_on_fips = 1, + .server_prio = + "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+ARCFOUR-128:+VERS-TLS1.1" }, + { .name = "client TLS 1.1: ARCFOUR-128 (client)", + .cipher = GNUTLS_CIPHER_ARCFOUR_128, + .not_on_fips = 1, + .server_prio = "NORMAL:+ARCFOUR-128", + .client_prio = + "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "both TLS 1.1: ARCFOUR-128 (client)", + .cipher = GNUTLS_CIPHER_ARCFOUR_128, + .not_on_fips = 1, + .server_prio = "NORMAL:+ARCFOUR-128:+VERS-TLS1.1", + .client_prio = + "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1" } }; void doit(void) diff --git a/tests/tls11-server-kx-neg.c b/tests/tls11-server-kx-neg.c index 6c300ab5f3..dc10ae7f97 100644 --- a/tests/tls11-server-kx-neg.c +++ b/tests/tls11-server-kx-neg.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the ciphersuite negotiation for various key exchange @@ -38,359 +38,312 @@ #include "server-kx-neg-common.c" test_case_st tests[] = { - { - .name = "TLS 1.1 ANON-DH without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 ANON-DH with cred but no DH params", - .server_ret = 0, - .client_ret = 0, - .have_anon_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 ANON-DH with cred and DH params", - .server_ret = 0, - .client_ret = 0, - .have_anon_cred = 1, - .have_anon_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 DHE-RSA without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 DHE-RSA with cred but no DH params or cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 DHE-RSA with cred and cert but no DH params", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 DHE-RSA with cred and DH params but no cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_cert_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = - "TLS 1.1 DHE-RSA with cred and incompatible cert and DH params", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_rsa_decrypt_cert = 1, - .have_ecc_sign_cert = 1, - .have_cert_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 DHE-RSA with cred and cert and DH params", - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_cert_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 DHE-RSA with cred and multiple certs and DH params", - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_ecc_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .have_cert_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 DHE-PSK without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 DHE-PSK with cred but no DH params", - .server_ret = 0, - .client_ret = 0, - .have_psk_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 DHE-PSK with cred DH params", - .client_ret = 0, - .server_ret = 0, - .have_psk_cred = 1, - .have_psk_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 ECDHE-RSA without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 ECDHE-RSA with cred but no common curve or cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP256R1", - .client_prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP384R1"}, - { - .name = "TLS 1.1 ECDHE-RSA with cred and cert but no common curve", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP256R1", - .client_prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP384R1"}, - { - .name = "TLS 1.1 ECDHE-RSA with cred and common curve but no cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = - "TLS 1.1 ECDHE-RSA with cred and incompatible cert and common curve", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 ECDHE-RSA with cred and cert and common curve", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = - "TLS 1.1 ECDHE-RSA with cred and multiple certs and common curve", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_rsa_decrypt_cert = 1, - .have_rsa_sign_cert = 1, - .have_ecc_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1"}, + { .name = "TLS 1.1 ANON-DH without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 ANON-DH with cred but no DH params", + .server_ret = 0, + .client_ret = 0, + .have_anon_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 ANON-DH with cred and DH params", + .server_ret = 0, + .client_ret = 0, + .have_anon_cred = 1, + .have_anon_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 DHE-RSA without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 DHE-RSA with cred but no DH params or cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 DHE-RSA with cred and cert but no DH params", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 DHE-RSA with cred and DH params but no cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_cert_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 DHE-RSA with cred and incompatible cert and DH params", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_rsa_decrypt_cert = 1, + .have_ecc_sign_cert = 1, + .have_cert_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 DHE-RSA with cred and cert and DH params", + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_cert_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 DHE-RSA with cred and multiple certs and DH params", + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_ecc_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .have_cert_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 DHE-PSK without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 DHE-PSK with cred but no DH params", + .server_ret = 0, + .client_ret = 0, + .have_psk_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 DHE-PSK with cred DH params", + .client_ret = 0, + .server_ret = 0, + .have_psk_cred = 1, + .have_psk_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 ECDHE-RSA without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 ECDHE-RSA with cred but no common curve or cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP256R1", + .client_prio = + "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP384R1" }, + { .name = "TLS 1.1 ECDHE-RSA with cred and cert but no common curve", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = + "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP256R1", + .client_prio = + "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP384R1" }, + { .name = "TLS 1.1 ECDHE-RSA with cred and common curve but no cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 ECDHE-RSA with cred and incompatible cert and common curve", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 ECDHE-RSA with cred and cert and common curve", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 ECDHE-RSA with cred and multiple certs and common curve", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_rsa_decrypt_cert = 1, + .have_rsa_sign_cert = 1, + .have_ecc_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.1" }, - { - .name = "TLS 1.1 ECDHE-ECDSA without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 ECDHE-ECDSA with cred but no common curve or cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP256R1", - .client_prio = - "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP384R1"}, - { - .name = "TLS 1.1 ECDHE-ECDSA with cred and cert but no common curve", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_ecc_sign_cert = 1, - .server_prio = - "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP256R1", - .client_prio = - "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP384R1"}, - { - .name = - "TLS 1.1 ECDHE-ECDSA with cred and common curve but no ECDSA cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 ECDHE-ECDSA with cred and common curve but no cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 ECDHE-ECDSA with cred and cert and common curve", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_ecc_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = - "TLS 1.1 ECDHE-ECDSA with cred and multiple certs and common curve", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_ecc_sign_cert = 1, - .have_rsa_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1"}, + { .name = "TLS 1.1 ECDHE-ECDSA without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 ECDHE-ECDSA with cred but no common curve or cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP256R1", + .client_prio = + "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP384R1" }, + { .name = "TLS 1.1 ECDHE-ECDSA with cred and cert but no common curve", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_ecc_sign_cert = 1, + .server_prio = + "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP256R1", + .client_prio = + "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP384R1" }, + { .name = "TLS 1.1 ECDHE-ECDSA with cred and common curve but no ECDSA cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 ECDHE-ECDSA with cred and common curve but no cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 ECDHE-ECDSA with cred and cert and common curve", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_ecc_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 ECDHE-ECDSA with cred and multiple certs and common curve", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_ecc_sign_cert = 1, + .have_rsa_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.1" }, - { - .name = "TLS 1.1 ECDHE-PSK without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 ECDHE-PSK with cred but no common curve", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_psk_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP256R1", - .client_prio = - "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP384R1"}, - { - .name = "TLS 1.1 ECDHE-PSK with cred and common curve", - .client_ret = 0, - .server_ret = 0, - .have_psk_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 RSA-PSK without cert cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .have_psk_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 RSA-PSK without psk cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_psk_cred = 0, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 RSA-PSK with cred but invalid cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_psk_cred = 1, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_ecc_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 RSA-PSK with cred", - .server_ret = 0, - .client_ret = 0, - .have_psk_cred = 1, - .have_cert_cred = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 RSA-PSK with cred and multiple certs", - .server_ret = 0, - .client_ret = 0, - .have_psk_cred = 1, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_ecc_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1"}, + { .name = "TLS 1.1 ECDHE-PSK without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 ECDHE-PSK with cred but no common curve", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_psk_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP256R1", + .client_prio = + "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.1:-CURVE-ALL:+CURVE-SECP384R1" }, + { .name = "TLS 1.1 ECDHE-PSK with cred and common curve", + .client_ret = 0, + .server_ret = 0, + .have_psk_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 RSA-PSK without cert cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .have_psk_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 RSA-PSK without psk cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_psk_cred = 0, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 RSA-PSK with cred but invalid cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_psk_cred = 1, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_ecc_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 RSA-PSK with cred", + .server_ret = 0, + .client_ret = 0, + .have_psk_cred = 1, + .have_cert_cred = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 RSA-PSK with cred and multiple certs", + .server_ret = 0, + .client_ret = 0, + .have_psk_cred = 1, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_ecc_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1" }, #ifdef ENABLE_SRP - { - .name = "TLS 1.1 SRP-RSA without cert cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .have_srp_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 SRP-RSA without srp cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_srp_cred = 0, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 SRP-RSA with cred but invalid cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_srp_cred = 1, - .have_cert_cred = 1, - .have_rsa_decrypt_cert = 1, - .have_ecc_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 SRP-RSA with cred", - .server_ret = 0, - .client_ret = 0, - .have_srp_cred = 1, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 SRP-RSA with cred and multiple certs", - .server_ret = 0, - .client_ret = 0, - .have_srp_cred = 1, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_ecc_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 SRP without srp cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .have_srp_cred = 0, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.1"}, - { - .name = "TLS 1.1 SRP with cred", - .server_ret = 0, - .client_ret = 0, - .have_srp_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.1", - .client_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.1"} + { .name = "TLS 1.1 SRP-RSA without cert cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .have_srp_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 SRP-RSA without srp cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_srp_cred = 0, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 SRP-RSA with cred but invalid cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_srp_cred = 1, + .have_cert_cred = 1, + .have_rsa_decrypt_cert = 1, + .have_ecc_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 SRP-RSA with cred", + .server_ret = 0, + .client_ret = 0, + .have_srp_cred = 1, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 SRP-RSA with cred and multiple certs", + .server_ret = 0, + .client_ret = 0, + .have_srp_cred = 1, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_ecc_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 SRP without srp cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .have_srp_cred = 0, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.1" }, + { .name = "TLS 1.1 SRP with cred", + .server_ret = 0, + .client_ret = 0, + .have_srp_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.1", + .client_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.1" } #endif }; diff --git a/tests/tls12-anon-upgrade.c b/tests/tls12-anon-upgrade.c index 932951d4e9..e3ffec15eb 100644 --- a/tests/tls12-anon-upgrade.c +++ b/tests/tls12-anon-upgrade.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -42,103 +42,99 @@ static void tls_log_func(int level, const char *str) } static unsigned char ca_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwNDA0MTk1OTA1WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD46JAPKrTsNTHl\n" - "zD06eIYBF/8Z+TR0wukp9Cdh8Sw77dODLjy/QrVKiDgDZZdyUc8Agsdr86i95O0p\n" - "w19Np3a0wja0VC9uwppZrpuHsrWukwxIBXoViyBc20Y6Ce8j0scCbR10SP565qXC\n" - "i8vr86S4xmQMRZMtwohP/GWQzt45jqkHPYHjdKzwo2b2XI7joDq0dvbr3MSONkGs\n" - "z7A/1Bl3iH5keDTWjqpJRWqXE79IhGOhELy+gG4VLJDGHWCr2mq24b9Kirp+TTxl\n" - "lUwJRbchqUqerlFdt1NgDoGaJyd73Sh0qcZzmEiOI2hGvBtG86tdQ6veC9dl05et\n" - "pM+6RMABAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" - "ADAdBgNVHQ4EFgQUGD0RYr2H7kfjQUcBMxSTCDQnhu0wDQYJKoZIhvcNAQELBQAD\n" - "ggEBALnHMubZ6WJ/XOFyDuo0imwg2onrPas3MuKT4+y0aHY943BgAOEc3jKitRjc\n" - "qhb0IUD+NS7itRwNtCgI3v5Ym5nnQoVk+aOD/D724TjJ9XaPQJzOnuGaZX99VN2F\n" - "sgwAtDXedlDQ+I6KLzLd6VW+UyWTG4qiRjOGDnG2kM1wAEOM27TzHV/YWleGjhtA\n" - "bRHxkioOni5goNlTzazxF4v9VD2uinWrIFyZmF6vQuMm6rKFgq6higAU8uesFo7+\n" - "3qpeRjNrPC4fNJUBvv+PC0WnP0PLnD/rY/ZcTYjLb/vJp1fiMJ5fU7jJklBhX2TE\n" - "tstcP7FUV5HA/s9BxgAh0Z2wyyY=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t ca_cert = { ca_cert_pem, - sizeof(ca_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIIC4DCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwNDA0MTk1OTA1WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD46JAPKrTsNTHl\n" + "zD06eIYBF/8Z+TR0wukp9Cdh8Sw77dODLjy/QrVKiDgDZZdyUc8Agsdr86i95O0p\n" + "w19Np3a0wja0VC9uwppZrpuHsrWukwxIBXoViyBc20Y6Ce8j0scCbR10SP565qXC\n" + "i8vr86S4xmQMRZMtwohP/GWQzt45jqkHPYHjdKzwo2b2XI7joDq0dvbr3MSONkGs\n" + "z7A/1Bl3iH5keDTWjqpJRWqXE79IhGOhELy+gG4VLJDGHWCr2mq24b9Kirp+TTxl\n" + "lUwJRbchqUqerlFdt1NgDoGaJyd73Sh0qcZzmEiOI2hGvBtG86tdQ6veC9dl05et\n" + "pM+6RMABAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQUGD0RYr2H7kfjQUcBMxSTCDQnhu0wDQYJKoZIhvcNAQELBQAD\n" + "ggEBALnHMubZ6WJ/XOFyDuo0imwg2onrPas3MuKT4+y0aHY943BgAOEc3jKitRjc\n" + "qhb0IUD+NS7itRwNtCgI3v5Ym5nnQoVk+aOD/D724TjJ9XaPQJzOnuGaZX99VN2F\n" + "sgwAtDXedlDQ+I6KLzLd6VW+UyWTG4qiRjOGDnG2kM1wAEOM27TzHV/YWleGjhtA\n" + "bRHxkioOni5goNlTzazxF4v9VD2uinWrIFyZmF6vQuMm6rKFgq6higAU8uesFo7+\n" + "3qpeRjNrPC4fNJUBvv+PC0WnP0PLnD/rY/ZcTYjLb/vJp1fiMJ5fU7jJklBhX2TE\n" + "tstcP7FUV5HA/s9BxgAh0Z2wyyY=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t ca_cert = { ca_cert_pem, sizeof(ca_cert_pem) }; static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDIzCCAgugAwIBAgIMUz8PCR2sdRK56V6OMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" - "BgNVBAMTBENBLTEwIhgPMjAxNDA0MDQxOTU5MDVaGA85OTk5MTIzMTIzNTk1OVow\n" - "EzERMA8GA1UEAxMIc2VydmVyLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" - "AoIBAQDZ3dCzh9gOTOiOb2dtrPu91fYYgC/ey0ACYjQxaru7FZwnuXPhQK9KHsIV\n" - "YRIyo49wjKZddkHet2sbpFAAeETZh8UUWLRb/mupyaSJMycaYCNjLZCUJTztvXxJ\n" - "CCNfbtgvKC+Vu1mu94KBPatslgvnsamH7AiL5wmwRRqdH/Z93XaEvuRG6Zk0Sh9q\n" - "ZMdCboGfjtmGEJ1V+z5CR+IyH4sckzd8WJW6wBSEwgliGaXnc75xKtFWBZV2njNr\n" - "8V1TOYOdLEbiF4wduVExL5TKq2ywNkRpUfK2I1BcWS5D9Te/QT7aSdE08rL6ztmZ\n" - "IhILSrMOfoLnJ4lzXspz3XLlEuhnAgMBAAGjdzB1MAwGA1UdEwEB/wQCMAAwFAYD\n" - "VR0RBA0wC4IJbG9jYWxob3N0MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFJXR\n" - "raRS5MVhEqaRE42A3S2BIj7UMB8GA1UdIwQYMBaAFP6S7AyMRO2RfkANgo8YsCl8\n" - "JfJkMA0GCSqGSIb3DQEBCwUAA4IBAQCQ62+skMVZYrGbpab8RI9IG6xH8kEndvFj\n" - "J7wBBZCOlcjOj+HQ7a2buF5zGKRwAOSznKcmvZ7l5DPdsd0t5/VT9LKSbQ6+CfGr\n" - "Xs5qPaDJnRhZkOILCvXJ9qyO+79WNMsg9pWnxkTK7aWR5OYE+1Qw1jG681HMkWTm\n" - "nt7et9bdiNNpvA+L55569XKbdtJLs3hn5gEQFgS7EaEj59aC4vzSTFcidowCoa43\n" - "7JmfSfC9YaAIFH2vriyU0QNf2y7cG5Hpkge+U7uMzQrsT77Q3SDB9WkyPAFNSB4Q\n" - "B/r+OtZXOnQhLlMV7h4XGlWruFEaOBVjFHSdMGUh+DtaLvd1bVXI\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIDATCCAemgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" - "MCIYDzIwMTQwNDA0MTk1OTA1WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" - "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvhyQfsUm3T0xK\n" - "jiBXO3H6Y27b7lmCRYZQCmXCl2sUsGDL7V9biavTt3+sorWtH542/cTGDh5n8591\n" - "7rVxAB/VASmN55O3fjZyFGrjusjhXBla0Yxe5rZ/7/Pjrq84T7gc/IXiX9Sums/c\n" - "o9AeoykfhsjV2ubhh4h+8uPsHDTcAFTxq3mQaoldwnW2nmjDFzaKLtQdnyFf41o6\n" - "nsJCK/J9PtpdCID5Zb+eQfu5Yhk1iUHe8a9TOstCHtgBq61YzufDHUQk3zsT+VZM\n" - "20lDvSBnHdWLjxoea587JbkvtH8xRR8ThwABSb98qPnhJ8+A7mpO89QO1wxZM85A\n" - "xEweQlMHAgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" - "ADAdBgNVHQ4EFgQU/pLsDIxE7ZF+QA2CjxiwKXwl8mQwHwYDVR0jBBgwFoAUGD0R\n" - "Yr2H7kfjQUcBMxSTCDQnhu0wDQYJKoZIhvcNAQELBQADggEBANEXLUV+Z1PGTn7M\n" - "3rPT/m/EamcrZJ3vFWrnfN91ws5llyRUKNhx6222HECh3xRSxH9YJONsbv2zY6sd\n" - "ztY7lvckL4xOgWAjoCVTx3hqbZjDxpLRsvraw1PlqBHlRQVWLKlEQ55+tId2zgMX\n" - "Z+wxM7FlU/6yWVPODIxrqYQd2KqaEp4aLIklw6Hi4HD6DnQJikjsJ6Noe0qyX1Tx\n" - "uZ8mgP/G47Fe2d2H29kJ1iJ6hp1XOqyWrVIh/jONcnTvWS8aMqS3MU0EJH2Pb1Qa\n" - "KGIvbd/3H9LykFTP/b7Imdv2fZxXIK8jC+jbF1w6rdBCVNA0p30X/jonoC3vynEK\n" - "5cK0cgs=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIIDIzCCAgugAwIBAgIMUz8PCR2sdRK56V6OMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n" + "BgNVBAMTBENBLTEwIhgPMjAxNDA0MDQxOTU5MDVaGA85OTk5MTIzMTIzNTk1OVow\n" + "EzERMA8GA1UEAxMIc2VydmVyLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQDZ3dCzh9gOTOiOb2dtrPu91fYYgC/ey0ACYjQxaru7FZwnuXPhQK9KHsIV\n" + "YRIyo49wjKZddkHet2sbpFAAeETZh8UUWLRb/mupyaSJMycaYCNjLZCUJTztvXxJ\n" + "CCNfbtgvKC+Vu1mu94KBPatslgvnsamH7AiL5wmwRRqdH/Z93XaEvuRG6Zk0Sh9q\n" + "ZMdCboGfjtmGEJ1V+z5CR+IyH4sckzd8WJW6wBSEwgliGaXnc75xKtFWBZV2njNr\n" + "8V1TOYOdLEbiF4wduVExL5TKq2ywNkRpUfK2I1BcWS5D9Te/QT7aSdE08rL6ztmZ\n" + "IhILSrMOfoLnJ4lzXspz3XLlEuhnAgMBAAGjdzB1MAwGA1UdEwEB/wQCMAAwFAYD\n" + "VR0RBA0wC4IJbG9jYWxob3N0MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFJXR\n" + "raRS5MVhEqaRE42A3S2BIj7UMB8GA1UdIwQYMBaAFP6S7AyMRO2RfkANgo8YsCl8\n" + "JfJkMA0GCSqGSIb3DQEBCwUAA4IBAQCQ62+skMVZYrGbpab8RI9IG6xH8kEndvFj\n" + "J7wBBZCOlcjOj+HQ7a2buF5zGKRwAOSznKcmvZ7l5DPdsd0t5/VT9LKSbQ6+CfGr\n" + "Xs5qPaDJnRhZkOILCvXJ9qyO+79WNMsg9pWnxkTK7aWR5OYE+1Qw1jG681HMkWTm\n" + "nt7et9bdiNNpvA+L55569XKbdtJLs3hn5gEQFgS7EaEj59aC4vzSTFcidowCoa43\n" + "7JmfSfC9YaAIFH2vriyU0QNf2y7cG5Hpkge+U7uMzQrsT77Q3SDB9WkyPAFNSB4Q\n" + "B/r+OtZXOnQhLlMV7h4XGlWruFEaOBVjFHSdMGUh+DtaLvd1bVXI\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIDATCCAemgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n" + "MCIYDzIwMTQwNDA0MTk1OTA1WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n" + "BENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvhyQfsUm3T0xK\n" + "jiBXO3H6Y27b7lmCRYZQCmXCl2sUsGDL7V9biavTt3+sorWtH542/cTGDh5n8591\n" + "7rVxAB/VASmN55O3fjZyFGrjusjhXBla0Yxe5rZ/7/Pjrq84T7gc/IXiX9Sums/c\n" + "o9AeoykfhsjV2ubhh4h+8uPsHDTcAFTxq3mQaoldwnW2nmjDFzaKLtQdnyFf41o6\n" + "nsJCK/J9PtpdCID5Zb+eQfu5Yhk1iUHe8a9TOstCHtgBq61YzufDHUQk3zsT+VZM\n" + "20lDvSBnHdWLjxoea587JbkvtH8xRR8ThwABSb98qPnhJ8+A7mpO89QO1wxZM85A\n" + "xEweQlMHAgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n" + "ADAdBgNVHQ4EFgQU/pLsDIxE7ZF+QA2CjxiwKXwl8mQwHwYDVR0jBBgwFoAUGD0R\n" + "Yr2H7kfjQUcBMxSTCDQnhu0wDQYJKoZIhvcNAQELBQADggEBANEXLUV+Z1PGTn7M\n" + "3rPT/m/EamcrZJ3vFWrnfN91ws5llyRUKNhx6222HECh3xRSxH9YJONsbv2zY6sd\n" + "ztY7lvckL4xOgWAjoCVTx3hqbZjDxpLRsvraw1PlqBHlRQVWLKlEQ55+tId2zgMX\n" + "Z+wxM7FlU/6yWVPODIxrqYQd2KqaEp4aLIklw6Hi4HD6DnQJikjsJ6Noe0qyX1Tx\n" + "uZ8mgP/G47Fe2d2H29kJ1iJ6hp1XOqyWrVIh/jONcnTvWS8aMqS3MU0EJH2Pb1Qa\n" + "KGIvbd/3H9LykFTP/b7Imdv2fZxXIK8jC+jbF1w6rdBCVNA0p30X/jonoC3vynEK\n" + "5cK0cgs=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIEpQIBAAKCAQEA2d3Qs4fYDkzojm9nbaz7vdX2GIAv3stAAmI0MWq7uxWcJ7lz\n" - "4UCvSh7CFWESMqOPcIymXXZB3rdrG6RQAHhE2YfFFFi0W/5rqcmkiTMnGmAjYy2Q\n" - "lCU87b18SQgjX27YLygvlbtZrveCgT2rbJYL57Gph+wIi+cJsEUanR/2fd12hL7k\n" - "RumZNEofamTHQm6Bn47ZhhCdVfs+QkfiMh+LHJM3fFiVusAUhMIJYhml53O+cSrR\n" - "VgWVdp4za/FdUzmDnSxG4heMHblRMS+UyqtssDZEaVHytiNQXFkuQ/U3v0E+2knR\n" - "NPKy+s7ZmSISC0qzDn6C5yeJc17Kc91y5RLoZwIDAQABAoIBAQCRXAu5HPOsZufq\n" - "0K2DYZz9BdqSckR+M8HbVUZZiksDAeIUJwoHyi6qF2eK+B86JiK4Bz+gsBw2ys3t\n" - "vW2bQqM9N/boIl8D2fZfbCgZWkXGtUonC+mgzk+el4Rq/cEMFVqr6/YDwuKNeJpc\n" - "PJc5dcsvpTvlcjgpj9bJAvJEz2SYiIUpvtG4WNMGGapVZZPDvWn4/isY+75T5oDf\n" - "1X5jG0lN9uoUjcuGuThN7gxjwlRkcvEOPHjXc6rxfrWIDdiz/91V46PwpqVDpRrg\n" - "ig6U7+ckS0Oy2v32x0DaDhwAfDJ2RNc9az6Z+11lmY3LPkjG/p8Klcmgvt4/lwkD\n" - "OYRC5QGRAoGBAPFdud6nmVt9h1DL0o4R6snm6P3K81Ds765VWVmpzJkK3+bwe4PQ\n" - "GQQ0I0zN4hXkDMwHETS+EVWllqkK/d4dsE3volYtyTti8zthIATlgSEJ81x/ChAQ\n" - "vvXxgx+zPUnb1mUwy+X+6urTHe4bxN2ypg6ROIUmT+Hx1ITG40LRRiPTAoGBAOcT\n" - "WR8DTrj42xbxAUpz9vxJ15ZMwuIpk3ShE6+CWqvaXHF22Ju4WFwRNlW2zVLH6UMt\n" - "nNfOzyDoryoiu0+0mg0wSmgdJbtCSHoI2GeiAnjGn5i8flQlPQ8bdwwmU6g6I/EU\n" - "QRbGK/2XLmlrGN52gVy9UX0NsAA5fEOsAJiFj1CdAoGBAN9i3nbq6O2bNVSa/8mL\n" - "XaD1vGe/oQgh8gaIaYSpuXlfbjCAG+C4BZ81XgJkfj3CbfGbDNqimsqI0fKsAJ/F\n" - "HHpVMgrOn3L+Np2bW5YMj0Fzwy+1SCvsQ8C+gJwjOLMV6syGp/+6udMSB55rRv3k\n" - "rPnIf+YDumUke4tTw9wAcgkPAoGASHMkiji7QfuklbjSsslRMyDj21gN8mMevH6U\n" - "cX7pduBsA5dDqu9NpPAwnQdHsSDE3i868d8BykuqQAfLut3hPylY6vPYlLHfj4Oe\n" - "dj+xjrSX7YeMBE34qvfth32s1R4FjtzO25keyc/Q2XSew4FcZftlxVO5Txi3AXC4\n" - "bxnRKXECgYEAva+og7/rK+ZjboJVNxhFrwHp9bXhz4tzrUaWNvJD2vKJ5ZcThHcX\n" - "zCig8W7eXHLPLDhi9aWZ3kUZ1RLhrFc/6dujtVtU9z2w1tmn1I+4Zi6D6L4DzKdg\n" - "nMRLFoXufs/qoaJTqa8sQvKa+ceJAF04+gGtw617cuaZdZ3SYRLR2dk=\n" - "-----END RSA PRIVATE KEY-----\n"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIEpQIBAAKCAQEA2d3Qs4fYDkzojm9nbaz7vdX2GIAv3stAAmI0MWq7uxWcJ7lz\n" + "4UCvSh7CFWESMqOPcIymXXZB3rdrG6RQAHhE2YfFFFi0W/5rqcmkiTMnGmAjYy2Q\n" + "lCU87b18SQgjX27YLygvlbtZrveCgT2rbJYL57Gph+wIi+cJsEUanR/2fd12hL7k\n" + "RumZNEofamTHQm6Bn47ZhhCdVfs+QkfiMh+LHJM3fFiVusAUhMIJYhml53O+cSrR\n" + "VgWVdp4za/FdUzmDnSxG4heMHblRMS+UyqtssDZEaVHytiNQXFkuQ/U3v0E+2knR\n" + "NPKy+s7ZmSISC0qzDn6C5yeJc17Kc91y5RLoZwIDAQABAoIBAQCRXAu5HPOsZufq\n" + "0K2DYZz9BdqSckR+M8HbVUZZiksDAeIUJwoHyi6qF2eK+B86JiK4Bz+gsBw2ys3t\n" + "vW2bQqM9N/boIl8D2fZfbCgZWkXGtUonC+mgzk+el4Rq/cEMFVqr6/YDwuKNeJpc\n" + "PJc5dcsvpTvlcjgpj9bJAvJEz2SYiIUpvtG4WNMGGapVZZPDvWn4/isY+75T5oDf\n" + "1X5jG0lN9uoUjcuGuThN7gxjwlRkcvEOPHjXc6rxfrWIDdiz/91V46PwpqVDpRrg\n" + "ig6U7+ckS0Oy2v32x0DaDhwAfDJ2RNc9az6Z+11lmY3LPkjG/p8Klcmgvt4/lwkD\n" + "OYRC5QGRAoGBAPFdud6nmVt9h1DL0o4R6snm6P3K81Ds765VWVmpzJkK3+bwe4PQ\n" + "GQQ0I0zN4hXkDMwHETS+EVWllqkK/d4dsE3volYtyTti8zthIATlgSEJ81x/ChAQ\n" + "vvXxgx+zPUnb1mUwy+X+6urTHe4bxN2ypg6ROIUmT+Hx1ITG40LRRiPTAoGBAOcT\n" + "WR8DTrj42xbxAUpz9vxJ15ZMwuIpk3ShE6+CWqvaXHF22Ju4WFwRNlW2zVLH6UMt\n" + "nNfOzyDoryoiu0+0mg0wSmgdJbtCSHoI2GeiAnjGn5i8flQlPQ8bdwwmU6g6I/EU\n" + "QRbGK/2XLmlrGN52gVy9UX0NsAA5fEOsAJiFj1CdAoGBAN9i3nbq6O2bNVSa/8mL\n" + "XaD1vGe/oQgh8gaIaYSpuXlfbjCAG+C4BZ81XgJkfj3CbfGbDNqimsqI0fKsAJ/F\n" + "HHpVMgrOn3L+Np2bW5YMj0Fzwy+1SCvsQ8C+gJwjOLMV6syGp/+6udMSB55rRv3k\n" + "rPnIf+YDumUke4tTw9wAcgkPAoGASHMkiji7QfuklbjSsslRMyDj21gN8mMevH6U\n" + "cX7pduBsA5dDqu9NpPAwnQdHsSDE3i868d8BykuqQAfLut3hPylY6vPYlLHfj4Oe\n" + "dj+xjrSX7YeMBE34qvfth32s1R4FjtzO25keyc/Q2XSew4FcZftlxVO5Txi3AXC4\n" + "bxnRKXECgYEAva+og7/rK+ZjboJVNxhFrwHp9bXhz4tzrUaWNvJD2vKJ5ZcThHcX\n" + "zCig8W7eXHLPLDhi9aWZ3kUZ1RLhrFc/6dujtVtU9z2w1tmn1I+4Zi6D6L4DzKdg\n" + "nMRLFoXufs/qoaJTqa8sQvKa+ceJAF04+gGtw617cuaZdZ3SYRLR2dk=\n" + "-----END RSA PRIVATE KEY-----\n"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; #define MSG "hello there ppl" @@ -167,9 +163,8 @@ static void try(const char *client_prio, gnutls_kx_algorithm_t client_kx) /* Init server */ gnutls_anon_allocate_server_credentials(&s_anoncred); gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_dh_params_init(&dh_params); gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM); @@ -179,9 +174,10 @@ static void try(const char *client_prio, gnutls_kx_algorithm_t client_kx) gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); gnutls_credentials_set(server, GNUTLS_CRD_ANON, s_anoncred); - gnutls_priority_set_direct(server, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:+ANON-ECDH:+ECDHE-RSA:+DHE-RSA", - NULL); + gnutls_priority_set_direct( + server, + "NORMAL:-VERS-ALL:+VERS-TLS1.2:+ANON-ECDH:+ECDHE-RSA:+DHE-RSA", + NULL); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -192,9 +188,8 @@ static void try(const char *client_prio, gnutls_kx_algorithm_t client_kx) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -209,10 +204,10 @@ static void try(const char *client_prio, gnutls_kx_algorithm_t client_kx) if (ret < 0) exit(1); - ret = - gnutls_priority_set_direct(client, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ARCFOUR-128:+ANON-ECDH", - NULL); + ret = gnutls_priority_set_direct( + client, + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ARCFOUR-128:+ANON-ECDH", + NULL); if (ret < 0) exit(1); @@ -223,7 +218,8 @@ static void try(const char *client_prio, gnutls_kx_algorithm_t client_kx) HANDSHAKE(client, server); if (gnutls_kx_get(client) != GNUTLS_KX_ANON_ECDH) { - fail("got unexpected key exchange algorithm: %s (expected ANON-ECDH)\n", gnutls_kx_get_name(gnutls_kx_get(client))); + fail("got unexpected key exchange algorithm: %s (expected ANON-ECDH)\n", + gnutls_kx_get_name(gnutls_kx_get(client))); exit(1); } @@ -235,7 +231,9 @@ static void try(const char *client_prio, gnutls_kx_algorithm_t client_kx) HANDSHAKE(client, server); if (gnutls_kx_get(client) != client_kx) { - fail("got unexpected key exchange algorithm: %s (expected %s)\n", gnutls_kx_get_name(gnutls_kx_get(client)), gnutls_kx_get_name(client_kx)); + fail("got unexpected key exchange algorithm: %s (expected %s)\n", + gnutls_kx_get_name(gnutls_kx_get(client)), + gnutls_kx_get_name(client_kx)); exit(1); } diff --git a/tests/tls12-cert-key-exchange.c b/tests/tls12-cert-key-exchange.c index 51aeed1e9f..5ef87bcf1d 100644 --- a/tests/tls12-cert-key-exchange.c +++ b/tests/tls12-cert-key-exchange.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the various certificate key exchange methods supported @@ -50,10 +50,11 @@ void doit(void) "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+DHE-RSA", GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_SHA256, GNUTLS_SIGN_UNKNOWN); - try_x509("TLS 1.2 with ecdhe x25519 rsa no-cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-CURVE-ALL:+CURVE-X25519", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, - GNUTLS_SIGN_UNKNOWN); + try_x509( + "TLS 1.2 with ecdhe x25519 rsa no-cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-CURVE-ALL:+CURVE-X25519", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, + GNUTLS_SIGN_UNKNOWN); try_x509("TLS 1.2 with ecdhe rsa no-cli-cert (ctype X.509)", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, @@ -64,61 +65,64 @@ void doit(void) GNUTLS_SIGN_UNKNOWN, &server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, NULL, NULL, 0, GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); - try_x509("TLS 1.2 with ecdhe rsa-pss sig no-cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, - GNUTLS_SIGN_UNKNOWN); + try_x509( + "TLS 1.2 with ecdhe rsa-pss sig no-cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, + GNUTLS_SIGN_UNKNOWN); /* Test RSA-PSS cert/key combo issues */ - try_with_key - ("TLS 1.2 with ecdhe with rsa-pss-sha256 key no-cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, - GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss2_cert, - &server_ca3_rsa_pss2_key, NULL, NULL, 0, GNUTLS_CRT_X509, - GNUTLS_CRT_UNKNOWN); - try_with_key - ("TLS 1.2 with ecdhe with rsa-pss-sha256 key and 1 sig no-cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, - GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss2_cert, - &server_ca3_rsa_pss2_key, NULL, NULL, 0, GNUTLS_CRT_X509, - GNUTLS_CRT_UNKNOWN); - try_with_key - ("TLS 1.2 with ecdhe with rsa-pss-sha256 key and rsa-pss-sha384 first sig no-cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA256", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, - GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss2_cert, - &server_ca3_rsa_pss2_key, NULL, NULL, 0, GNUTLS_CRT_X509, - GNUTLS_CRT_UNKNOWN); - try_with_key - ("TLS 1.2 with ecdhe with rsa-pss-sha256 key and rsa-pss-sha512 first sig no-cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA512:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA256", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, - GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss2_cert, - &server_ca3_rsa_pss2_key, NULL, NULL, 0, GNUTLS_CRT_X509, - GNUTLS_CRT_UNKNOWN); + try_with_key( + "TLS 1.2 with ecdhe with rsa-pss-sha256 key no-cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, + GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss2_cert, + &server_ca3_rsa_pss2_key, NULL, NULL, 0, GNUTLS_CRT_X509, + GNUTLS_CRT_UNKNOWN); + try_with_key( + "TLS 1.2 with ecdhe with rsa-pss-sha256 key and 1 sig no-cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, + GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss2_cert, + &server_ca3_rsa_pss2_key, NULL, NULL, 0, GNUTLS_CRT_X509, + GNUTLS_CRT_UNKNOWN); + try_with_key( + "TLS 1.2 with ecdhe with rsa-pss-sha256 key and rsa-pss-sha384 first sig no-cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA256", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, + GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss2_cert, + &server_ca3_rsa_pss2_key, NULL, NULL, 0, GNUTLS_CRT_X509, + GNUTLS_CRT_UNKNOWN); + try_with_key( + "TLS 1.2 with ecdhe with rsa-pss-sha256 key and rsa-pss-sha512 first sig no-cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA512:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA256", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, + GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss2_cert, + &server_ca3_rsa_pss2_key, NULL, NULL, 0, GNUTLS_CRT_X509, + GNUTLS_CRT_UNKNOWN); - try_x509("TLS 1.2 with ecdhe rsa-pss no-cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, - GNUTLS_SIGN_UNKNOWN); - try_with_key - ("TLS 1.2 with ecdhe rsa-pss/rsa-pss no-cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, - GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss_cert, - &server_ca3_rsa_pss_key, NULL, NULL, 0, GNUTLS_CRT_X509, - GNUTLS_CRT_UNKNOWN); + try_x509( + "TLS 1.2 with ecdhe rsa-pss no-cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, + GNUTLS_SIGN_UNKNOWN); + try_with_key( + "TLS 1.2 with ecdhe rsa-pss/rsa-pss no-cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, + GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss_cert, + &server_ca3_rsa_pss_key, NULL, NULL, 0, GNUTLS_CRT_X509, + GNUTLS_CRT_UNKNOWN); try_x509("TLS 1.2 with rsa no-cli-cert (ctype X.509)", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA", GNUTLS_KX_RSA, GNUTLS_SIGN_UNKNOWN, GNUTLS_SIGN_UNKNOWN); - try_with_key - ("TLS 1.2 with ecdhe x25519 ed25519 no-cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-ECDSA:-CURVE-ALL:+CURVE-X25519:-SIGN-ALL:+SIGN-EDDSA-ED25519", - GNUTLS_KX_ECDHE_ECDSA, GNUTLS_SIGN_EDDSA_ED25519, - GNUTLS_SIGN_UNKNOWN, &server_ca3_eddsa_cert, &server_ca3_eddsa_key, - NULL, NULL, 0, GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); + try_with_key( + "TLS 1.2 with ecdhe x25519 ed25519 no-cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-ECDSA:-CURVE-ALL:+CURVE-X25519:-SIGN-ALL:+SIGN-EDDSA-ED25519", + GNUTLS_KX_ECDHE_ECDSA, GNUTLS_SIGN_EDDSA_ED25519, + GNUTLS_SIGN_UNKNOWN, &server_ca3_eddsa_cert, + &server_ca3_eddsa_key, NULL, NULL, 0, GNUTLS_CRT_X509, + GNUTLS_CRT_UNKNOWN); try_x509_cli("TLS 1.2 with dhe-rsa cli-cert (ctype X.509)", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+DHE-RSA", @@ -138,25 +142,28 @@ void doit(void) GNUTLS_SIGN_RSA_SHA256, &server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, &cli_ca3_cert, &cli_ca3_key, USE_CERT, GNUTLS_CRT_X509, GNUTLS_CRT_X509); - try_x509_cli("TLS 1.2 with ecdhe-rsa-pss cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, - GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, USE_CERT); - try_with_key - ("TLS 1.2 with ecdhe-rsa-pss/rsa-pss cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, - GNUTLS_SIGN_RSA_PSS_SHA256, &server_ca3_rsa_pss_cert, - &server_ca3_rsa_pss_key, &cli_ca3_rsa_pss_cert, - &cli_ca3_rsa_pss_key, USE_CERT, GNUTLS_CRT_X509, GNUTLS_CRT_X509); + try_x509_cli( + "TLS 1.2 with ecdhe-rsa-pss cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, + GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, USE_CERT); + try_with_key( + "TLS 1.2 with ecdhe-rsa-pss/rsa-pss cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, + GNUTLS_SIGN_RSA_PSS_SHA256, &server_ca3_rsa_pss_cert, + &server_ca3_rsa_pss_key, &cli_ca3_rsa_pss_cert, + &cli_ca3_rsa_pss_key, USE_CERT, GNUTLS_CRT_X509, + GNUTLS_CRT_X509); - try_with_key("TLS 1.2 with ecdhe x25519 ed25519 cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-ECDSA:-CURVE-ALL:+CURVE-X25519:-SIGN-ALL:+SIGN-EDDSA-ED25519", - GNUTLS_KX_ECDHE_ECDSA, GNUTLS_SIGN_EDDSA_ED25519, - GNUTLS_SIGN_EDDSA_ED25519, &server_ca3_eddsa_cert, - &server_ca3_eddsa_key, &server_ca3_eddsa_cert, - &server_ca3_eddsa_key, USE_CERT, GNUTLS_CRT_X509, - GNUTLS_CRT_X509); + try_with_key( + "TLS 1.2 with ecdhe x25519 ed25519 cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-ECDSA:-CURVE-ALL:+CURVE-X25519:-SIGN-ALL:+SIGN-EDDSA-ED25519", + GNUTLS_KX_ECDHE_ECDSA, GNUTLS_SIGN_EDDSA_ED25519, + GNUTLS_SIGN_EDDSA_ED25519, &server_ca3_eddsa_cert, + &server_ca3_eddsa_key, &server_ca3_eddsa_cert, + &server_ca3_eddsa_key, USE_CERT, GNUTLS_CRT_X509, + GNUTLS_CRT_X509); try_x509_cli("TLS 1.2 with dhe-rsa ask cli-cert (ctype X.509)", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+DHE-RSA", @@ -182,50 +189,58 @@ void doit(void) "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+DHE-RSA:+CTYPE-ALL", GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_SHA256, GNUTLS_SIGN_UNKNOWN); - try_rawpk("TLS 1.2 with ecdhe x25519 rsa no-cli-cert (ctype Raw PK)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-CURVE-ALL:+CURVE-X25519:+CTYPE-ALL", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, - GNUTLS_SIGN_UNKNOWN); + try_rawpk( + "TLS 1.2 with ecdhe x25519 rsa no-cli-cert (ctype Raw PK)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-CURVE-ALL:+CURVE-X25519:+CTYPE-ALL", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, + GNUTLS_SIGN_UNKNOWN); try_rawpk("TLS 1.2 with ecdhe rsa no-cli-cert (ctype Raw PK)", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:+CTYPE-ALL", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, GNUTLS_SIGN_UNKNOWN); - try_rawpk("TLS 1.2 with ecdhe rsa-pss sig no-cli-cert (ctype Raw PK)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256:+CTYPE-ALL", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, - GNUTLS_SIGN_UNKNOWN); - try_rawpk("TLS 1.2 with ecdhe rsa-pss no-cli-cert (ctype Raw PK)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256:+CTYPE-ALL", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, - GNUTLS_SIGN_UNKNOWN); + try_rawpk( + "TLS 1.2 with ecdhe rsa-pss sig no-cli-cert (ctype Raw PK)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256:+CTYPE-ALL", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, + GNUTLS_SIGN_UNKNOWN); + try_rawpk( + "TLS 1.2 with ecdhe rsa-pss no-cli-cert (ctype Raw PK)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256:+CTYPE-ALL", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, + GNUTLS_SIGN_UNKNOWN); try_rawpk("TLS 1.2 with rsa no-cli-cert (ctype Raw PK)", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA:+CTYPE-ALL", GNUTLS_KX_RSA, GNUTLS_SIGN_UNKNOWN, GNUTLS_SIGN_UNKNOWN); - try_rawpk_cli("TLS 1.2 with dhe-rsa cli-cert (ctype Raw PK)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+DHE-RSA:+CTYPE-ALL", - GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_SHA256, - GNUTLS_SIGN_RSA_SHA256, USE_CERT); - try_rawpk_cli("TLS 1.2 with ecdhe-rsa cli-cert (ctype Raw PK)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:+CTYPE-ALL", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, - GNUTLS_SIGN_RSA_SHA256, USE_CERT); + try_rawpk_cli( + "TLS 1.2 with dhe-rsa cli-cert (ctype Raw PK)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+DHE-RSA:+CTYPE-ALL", + GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_SHA256, + GNUTLS_SIGN_RSA_SHA256, USE_CERT); + try_rawpk_cli( + "TLS 1.2 with ecdhe-rsa cli-cert (ctype Raw PK)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:+CTYPE-ALL", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, + GNUTLS_SIGN_RSA_SHA256, USE_CERT); try_rawpk_cli("TLS 1.2 with rsa cli-cert (ctype Raw PK)", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA:+CTYPE-ALL", GNUTLS_KX_RSA, GNUTLS_SIGN_UNKNOWN, GNUTLS_SIGN_RSA_SHA256, USE_CERT); - try_rawpk_cli("TLS 1.2 with ecdhe-rsa-pss cli-cert (ctype Raw PK)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256:+CTYPE-ALL", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, - GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, USE_CERT); - try_rawpk_cli("TLS 1.2 with dhe-rsa ask cli-cert (ctype Raw PK)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+DHE-RSA:+CTYPE-ALL", - GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_SHA256, - GNUTLS_SIGN_UNKNOWN, ASK_CERT); - try_rawpk_cli("TLS 1.2 with ecdhe-rsa ask cli-cert (ctype Raw PK)", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:+CTYPE-ALL", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, - GNUTLS_SIGN_UNKNOWN, ASK_CERT); + try_rawpk_cli( + "TLS 1.2 with ecdhe-rsa-pss cli-cert (ctype Raw PK)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256:+CTYPE-ALL", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, + GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, USE_CERT); + try_rawpk_cli( + "TLS 1.2 with dhe-rsa ask cli-cert (ctype Raw PK)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+DHE-RSA:+CTYPE-ALL", + GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_SHA256, GNUTLS_SIGN_UNKNOWN, + ASK_CERT); + try_rawpk_cli( + "TLS 1.2 with ecdhe-rsa ask cli-cert (ctype Raw PK)", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:+CTYPE-ALL", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, + GNUTLS_SIGN_UNKNOWN, ASK_CERT); try_rawpk_cli("TLS 1.2 with rsa ask cli-cert (ctype Raw PK)", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA:+CTYPE-ALL", GNUTLS_KX_RSA, GNUTLS_SIGN_UNKNOWN, GNUTLS_SIGN_UNKNOWN, @@ -233,25 +248,25 @@ void doit(void) /** Illegal setups **/ server_priority = "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA"; - try_with_key_fail - ("TLS 1.2 with rsa cert and only RSA-PSS sig algos in client", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512", - GNUTLS_E_NO_CIPHER_SUITES, GNUTLS_E_AGAIN, - &server_ca3_localhost_cert, &server_ca3_key, NULL, NULL); + try_with_key_fail( + "TLS 1.2 with rsa cert and only RSA-PSS sig algos in client", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512", + GNUTLS_E_NO_CIPHER_SUITES, GNUTLS_E_AGAIN, + &server_ca3_localhost_cert, &server_ca3_key, NULL, NULL); server_priority = NULL; - try_with_key_fail("TLS 1.2 with rsa cert and only RSA-PSS sig algos", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512", - GNUTLS_E_NO_CIPHER_SUITES, GNUTLS_E_AGAIN, - &server_ca3_localhost_cert, &server_ca3_key, NULL, - NULL); + try_with_key_fail( + "TLS 1.2 with rsa cert and only RSA-PSS sig algos", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512", + GNUTLS_E_NO_CIPHER_SUITES, GNUTLS_E_AGAIN, + &server_ca3_localhost_cert, &server_ca3_key, NULL, NULL); - try_with_key_fail - ("TLS 1.2 with rsa-pss cert and rsa cli cert with only RSA-PSS sig algos", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512", - GNUTLS_E_AGAIN, GNUTLS_E_UNWANTED_ALGORITHM, - &server_ca3_rsa_pss_cert, &server_ca3_rsa_pss_key, &cli_ca3_cert, - &cli_ca3_key); + try_with_key_fail( + "TLS 1.2 with rsa-pss cert and rsa cli cert with only RSA-PSS sig algos", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512", + GNUTLS_E_AGAIN, GNUTLS_E_UNWANTED_ALGORITHM, + &server_ca3_rsa_pss_cert, &server_ca3_rsa_pss_key, + &cli_ca3_cert, &cli_ca3_key); try_with_key_fail("TLS 1.2 with rsa encryption cert without RSA", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-RSA", @@ -259,93 +274,96 @@ void doit(void) &server_ca3_localhost_rsa_decrypt_cert, &server_ca3_key, NULL, NULL); - try_with_key_fail - ("TLS 1.2 with (forced) rsa encryption cert and no RSA - client should detect", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-RSA:%DEBUG_ALLOW_KEY_USAGE_VIOLATIONS", - GNUTLS_E_AGAIN, GNUTLS_E_KEY_USAGE_VIOLATION, - &server_ca3_localhost_rsa_decrypt_cert, &server_ca3_key, NULL, - NULL); + try_with_key_fail( + "TLS 1.2 with (forced) rsa encryption cert and no RSA - client should detect", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-RSA:%DEBUG_ALLOW_KEY_USAGE_VIOLATIONS", + GNUTLS_E_AGAIN, GNUTLS_E_KEY_USAGE_VIOLATION, + &server_ca3_localhost_rsa_decrypt_cert, &server_ca3_key, NULL, + NULL); try_with_key_fail("TLS 1.2 with client rsa encryption cert", - "NORMAL:-VERS-ALL:+VERS-TLS1.2", - GNUTLS_E_AGAIN, GNUTLS_E_KEY_USAGE_VIOLATION, + "NORMAL:-VERS-ALL:+VERS-TLS1.2", GNUTLS_E_AGAIN, + GNUTLS_E_KEY_USAGE_VIOLATION, &server_ca3_rsa_pss_cert, &server_ca3_rsa_pss_key, &server_ca3_localhost_rsa_decrypt_cert, &server_ca3_key); - try_with_key_fail - ("TLS 1.2 with (forced) client rsa encryption cert - server should detect", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:%DEBUG_ALLOW_KEY_USAGE_VIOLATIONS", - GNUTLS_E_KEY_USAGE_VIOLATION, GNUTLS_E_AGAIN, - &server_ca3_rsa_pss_cert, &server_ca3_rsa_pss_key, - &server_ca3_localhost_rsa_decrypt_cert, &server_ca3_key); + try_with_key_fail( + "TLS 1.2 with (forced) client rsa encryption cert - server should detect", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:%DEBUG_ALLOW_KEY_USAGE_VIOLATIONS", + GNUTLS_E_KEY_USAGE_VIOLATION, GNUTLS_E_AGAIN, + &server_ca3_rsa_pss_cert, &server_ca3_rsa_pss_key, + &server_ca3_localhost_rsa_decrypt_cert, &server_ca3_key); - try_with_rawpk_key_fail - ("rawpk TLS 1.2 with rsa encryption cert without KX-RSA", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:+CTYPE-RAWPK:-RSA", - GNUTLS_E_NO_CIPHER_SUITES, GNUTLS_E_AGAIN, &rawpk_public_key1, - &rawpk_private_key1, GNUTLS_KEY_KEY_ENCIPHERMENT, NULL, NULL, 0); + try_with_rawpk_key_fail( + "rawpk TLS 1.2 with rsa encryption cert without KX-RSA", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:+CTYPE-RAWPK:-RSA", + GNUTLS_E_NO_CIPHER_SUITES, GNUTLS_E_AGAIN, &rawpk_public_key1, + &rawpk_private_key1, GNUTLS_KEY_KEY_ENCIPHERMENT, NULL, NULL, + 0); - try_with_rawpk_key_fail - ("rawpk TLS 1.2 with client rsa encryption cert without KX-RSA", - "NORMAL:-VERS-ALL:+VERS-TLS1.2:+CTYPE-RAWPK:-RSA", GNUTLS_E_AGAIN, - GNUTLS_E_KEY_USAGE_VIOLATION, &rawpk_public_key2, - &rawpk_private_key2, 0, &rawpk_public_key1, &rawpk_private_key1, - GNUTLS_KEY_KEY_ENCIPHERMENT); + try_with_rawpk_key_fail( + "rawpk TLS 1.2 with client rsa encryption cert without KX-RSA", + "NORMAL:-VERS-ALL:+VERS-TLS1.2:+CTYPE-RAWPK:-RSA", + GNUTLS_E_AGAIN, GNUTLS_E_KEY_USAGE_VIOLATION, + &rawpk_public_key2, &rawpk_private_key2, 0, &rawpk_public_key1, + &rawpk_private_key1, GNUTLS_KEY_KEY_ENCIPHERMENT); #ifdef ENABLE_GOST if (!gnutls_fips140_mode_enabled()) { server_priority = "NORMAL:+CTYPE-ALL" - ":+VKO-GOST-12" - ":+GROUP-GOST-ALL" - ":+CIPHER-GOST-ALL" ":+MAC-GOST-ALL" ":+SIGN-GOST-ALL"; + ":+VKO-GOST-12" + ":+GROUP-GOST-ALL" + ":+CIPHER-GOST-ALL" + ":+MAC-GOST-ALL" + ":+SIGN-GOST-ALL"; const char *gost_client_prio = - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL"; - try_with_key - ("TLS 1.2 with gost12 256 no-cli-cert (ctype X.509)", - gost_client_prio, GNUTLS_KX_VKO_GOST_12, - GNUTLS_SIGN_GOST_256, GNUTLS_SIGN_UNKNOWN, - &server_ca3_gost12_256_cert, &server_ca3_gost12_256_key, - NULL, NULL, 0, GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); - try_with_key - ("TLS 1.2 with gost12 256 ask cli-cert (ctype X.509)", - gost_client_prio, GNUTLS_KX_VKO_GOST_12, - GNUTLS_SIGN_GOST_256, GNUTLS_SIGN_UNKNOWN, - &server_ca3_gost12_256_cert, &server_ca3_gost12_256_key, - NULL, NULL, ASK_CERT, GNUTLS_CRT_X509, GNUTLS_CRT_X509); - try_with_key - ("TLS 1.2 with gost12 256 use cli-cert (ctype X.509)", - gost_client_prio, GNUTLS_KX_VKO_GOST_12, - GNUTLS_SIGN_GOST_256, GNUTLS_SIGN_GOST_256, - &server_ca3_gost12_256_cert, &server_ca3_gost12_256_key, - &cligost12_256_ca3_cert, &cligost12_256_ca3_key, USE_CERT, - GNUTLS_CRT_X509, GNUTLS_CRT_X509); - try_with_key - ("TLS 1.2 with gost12 512 no-cli-cert (ctype X.509)", - gost_client_prio, GNUTLS_KX_VKO_GOST_12, - GNUTLS_SIGN_GOST_512, GNUTLS_SIGN_UNKNOWN, - &server_ca3_gost12_512_cert, &server_ca3_gost12_512_key, - NULL, NULL, 0, GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); - try_with_key - ("TLS 1.2 with gost12 512 ask cli-cert (ctype X.509)", - gost_client_prio, GNUTLS_KX_VKO_GOST_12, - GNUTLS_SIGN_GOST_512, GNUTLS_SIGN_UNKNOWN, - &server_ca3_gost12_512_cert, &server_ca3_gost12_512_key, - NULL, NULL, ASK_CERT, GNUTLS_CRT_X509, GNUTLS_CRT_X509); - try_with_key - ("TLS 1.2 with gost12 512 use cli-cert (ctype X.509)", - gost_client_prio, GNUTLS_KX_VKO_GOST_12, - GNUTLS_SIGN_GOST_512, GNUTLS_SIGN_GOST_512, - &server_ca3_gost12_512_cert, &server_ca3_gost12_512_key, - &cligost12_512_ca3_cert, &cligost12_512_ca3_key, USE_CERT, - GNUTLS_CRT_X509, GNUTLS_CRT_X509); - try_with_key - ("TLS 1.2 with gost12 512 use cli-cert gost12 256 (ctype X.509)", - gost_client_prio, GNUTLS_KX_VKO_GOST_12, - GNUTLS_SIGN_GOST_512, GNUTLS_SIGN_GOST_256, - &server_ca3_gost12_512_cert, &server_ca3_gost12_512_key, - &cligost12_256_ca3_cert, &cligost12_256_ca3_key, USE_CERT, - GNUTLS_CRT_X509, GNUTLS_CRT_X509); + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL"; + try_with_key( + "TLS 1.2 with gost12 256 no-cli-cert (ctype X.509)", + gost_client_prio, GNUTLS_KX_VKO_GOST_12, + GNUTLS_SIGN_GOST_256, GNUTLS_SIGN_UNKNOWN, + &server_ca3_gost12_256_cert, &server_ca3_gost12_256_key, + NULL, NULL, 0, GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); + try_with_key( + "TLS 1.2 with gost12 256 ask cli-cert (ctype X.509)", + gost_client_prio, GNUTLS_KX_VKO_GOST_12, + GNUTLS_SIGN_GOST_256, GNUTLS_SIGN_UNKNOWN, + &server_ca3_gost12_256_cert, &server_ca3_gost12_256_key, + NULL, NULL, ASK_CERT, GNUTLS_CRT_X509, GNUTLS_CRT_X509); + try_with_key( + "TLS 1.2 with gost12 256 use cli-cert (ctype X.509)", + gost_client_prio, GNUTLS_KX_VKO_GOST_12, + GNUTLS_SIGN_GOST_256, GNUTLS_SIGN_GOST_256, + &server_ca3_gost12_256_cert, &server_ca3_gost12_256_key, + &cligost12_256_ca3_cert, &cligost12_256_ca3_key, + USE_CERT, GNUTLS_CRT_X509, GNUTLS_CRT_X509); + try_with_key( + "TLS 1.2 with gost12 512 no-cli-cert (ctype X.509)", + gost_client_prio, GNUTLS_KX_VKO_GOST_12, + GNUTLS_SIGN_GOST_512, GNUTLS_SIGN_UNKNOWN, + &server_ca3_gost12_512_cert, &server_ca3_gost12_512_key, + NULL, NULL, 0, GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); + try_with_key( + "TLS 1.2 with gost12 512 ask cli-cert (ctype X.509)", + gost_client_prio, GNUTLS_KX_VKO_GOST_12, + GNUTLS_SIGN_GOST_512, GNUTLS_SIGN_UNKNOWN, + &server_ca3_gost12_512_cert, &server_ca3_gost12_512_key, + NULL, NULL, ASK_CERT, GNUTLS_CRT_X509, GNUTLS_CRT_X509); + try_with_key( + "TLS 1.2 with gost12 512 use cli-cert (ctype X.509)", + gost_client_prio, GNUTLS_KX_VKO_GOST_12, + GNUTLS_SIGN_GOST_512, GNUTLS_SIGN_GOST_512, + &server_ca3_gost12_512_cert, &server_ca3_gost12_512_key, + &cligost12_512_ca3_cert, &cligost12_512_ca3_key, + USE_CERT, GNUTLS_CRT_X509, GNUTLS_CRT_X509); + try_with_key( + "TLS 1.2 with gost12 512 use cli-cert gost12 256 (ctype X.509)", + gost_client_prio, GNUTLS_KX_VKO_GOST_12, + GNUTLS_SIGN_GOST_512, GNUTLS_SIGN_GOST_256, + &server_ca3_gost12_512_cert, &server_ca3_gost12_512_key, + &cligost12_256_ca3_cert, &cligost12_256_ca3_key, + USE_CERT, GNUTLS_CRT_X509, GNUTLS_CRT_X509); server_priority = NULL; } #endif diff --git a/tests/tls12-cipher-neg.c b/tests/tls12-cipher-neg.c index 501c2b9b76..23e6bc902c 100644 --- a/tests/tls12-cipher-neg.c +++ b/tests/tls12-cipher-neg.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the ciphersuite negotiation for various key exchange @@ -39,215 +39,179 @@ test_case_st tests[] = { { - .name = "server TLS 1.2: NULL (server)", - .not_on_fips = 1, - .cipher = GNUTLS_CIPHER_NULL, - .server_prio = - "NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+NULL", - .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(NULL)-(SHA1)", - }, - { - .name = "client TLS 1.2: NULL (client)", - .not_on_fips = 1, - .cipher = GNUTLS_CIPHER_NULL, - .server_prio = "NORMAL:+NULL", - .client_prio = - "NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", - .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(NULL)-(SHA1)", - }, - { - .name = "server TLS 1.2: AES-128-GCM (server)", - .cipher = GNUTLS_CIPHER_AES_128_GCM, - .server_prio = - "NORMAL:-CIPHER-ALL:+AES-128-GCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+AES-128-GCM", - .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-GCM)"}, - { - .name = "both TLS 1.2: AES-128-GCM (server)", - .cipher = GNUTLS_CIPHER_AES_128_GCM, - .server_prio = - "NORMAL:-CIPHER-ALL:+AES-128-GCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+AES-128-GCM:+VERS-TLS1.2", - .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-GCM)"}, - { - .name = "client TLS 1.2: AES-128-GCM (client)", - .cipher = GNUTLS_CIPHER_AES_128_GCM, - .server_prio = "NORMAL:+AES-128-GCM", - .client_prio = - "NORMAL:-CIPHER-ALL:+AES-128-GCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", - .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-GCM)"}, - { - .name = "both TLS 1.2: AES-128-GCM (client)", - .cipher = GNUTLS_CIPHER_AES_128_GCM, - .server_prio = "NORMAL:+AES-128-GCM:+VERS-TLS1.2", - .client_prio = - "NORMAL:-CIPHER-ALL:+AES-128-GCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", - .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-GCM)"}, - { - .name = "server TLS 1.2: AES-128-CCM (server)", - .cipher = GNUTLS_CIPHER_AES_128_CCM, - .server_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+AES-128-CCM", - .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-CCM)"}, - { - .name = "both TLS 1.2: AES-128-CCM (server)", - .cipher = GNUTLS_CIPHER_AES_128_CCM, - .server_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+AES-128-CCM:+VERS-TLS1.2", - .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-CCM)"}, - { - .name = "client TLS 1.2: AES-128-CCM (client)", - .cipher = GNUTLS_CIPHER_AES_128_CCM, - .server_prio = "NORMAL:+AES-128-CCM", - .client_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", - .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-CCM)"}, - { - .name = "both TLS 1.2: AES-128-CCM (client)", - .cipher = GNUTLS_CIPHER_AES_128_CCM, - .server_prio = "NORMAL:+AES-128-CCM:+VERS-TLS1.2", - .client_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", - .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-CCM)"}, - { - .name = "server TLS 1.2: CHACHA20-POLY (server)", - .cipher = GNUTLS_CIPHER_CHACHA20_POLY1305, - .not_on_fips = 1, - .server_prio = - "NORMAL:-CIPHER-ALL:+CHACHA20-POLY1305:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+CHACHA20-POLY1305", - .desc = - "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(CHACHA20-POLY1305)"}, - { - .name = "both TLS 1.2: CHACHA20-POLY (server)", - .cipher = GNUTLS_CIPHER_CHACHA20_POLY1305, - .not_on_fips = 1, - .server_prio = - "NORMAL:-CIPHER-ALL:+CHACHA20-POLY1305:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+CHACHA20-POLY1305:+VERS-TLS1.2", - .desc = - "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(CHACHA20-POLY1305)"}, - { - .name = "client TLS 1.2: CHACHA20-POLY (client)", - .cipher = GNUTLS_CIPHER_CHACHA20_POLY1305, - .not_on_fips = 1, - .server_prio = "NORMAL:+CHACHA20-POLY1305", - .client_prio = - "NORMAL:-CIPHER-ALL:+CHACHA20-POLY1305:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", - .desc = - "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(CHACHA20-POLY1305)"}, - { - .name = "both TLS 1.2: CHACHA20-POLY (client)", - .cipher = GNUTLS_CIPHER_CHACHA20_POLY1305, - .not_on_fips = 1, - .server_prio = "NORMAL:+CHACHA20-POLY1305:+VERS-TLS1.2", - .client_prio = - "NORMAL:-CIPHER-ALL:+CHACHA20-POLY1305:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", - .desc = - "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(CHACHA20-POLY1305)"}, - { - .name = "server TLS 1.2: AES-128-CBC (server)", - .cipher = GNUTLS_CIPHER_AES_128_CBC, - .server_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+AES-128-CBC", - .desc = - "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-CBC)-(SHA1)"}, - { - .name = "both TLS 1.2: AES-128-CBC (server)", - .cipher = GNUTLS_CIPHER_AES_128_CBC, - .server_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+AES-128-CBC:+VERS-TLS1.2", - .desc = - "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-CBC)-(SHA1)"}, - { - .name = "client TLS 1.2: AES-128-CBC (client)", - .cipher = GNUTLS_CIPHER_AES_128_CBC, - .server_prio = "NORMAL:+AES-128-CBC", - .client_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", - .desc = - "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-CBC)-(SHA1)"}, - { - .name = "both TLS 1.2: AES-128-CBC (client)", - .cipher = GNUTLS_CIPHER_AES_128_CBC, - .server_prio = "NORMAL:+AES-128-CBC:+VERS-TLS1.2", - .client_prio = - "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", - .desc = - "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-CBC)-(SHA1)"}, - { - .name = "server TLS 1.2: 3DES-CBC (server)", - .cipher = GNUTLS_CIPHER_3DES_CBC, - .not_on_fips = 1, - .server_prio = - "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+3DES-CBC", - .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(3DES-CBC)-(SHA1)"}, - { - .name = "both TLS 1.2: 3DES-CBC (server)", - .cipher = GNUTLS_CIPHER_3DES_CBC, - .not_on_fips = 1, - .server_prio = - "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+3DES-CBC:+VERS-TLS1.2", - .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(3DES-CBC)-(SHA1)"}, - { - .name = "client TLS 1.2: 3DES-CBC (client)", - .cipher = GNUTLS_CIPHER_3DES_CBC, - .not_on_fips = 1, - .server_prio = "NORMAL:+3DES-CBC", - .client_prio = - "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", - .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(3DES-CBC)-(SHA1)"}, - { - .name = "both TLS 1.2: 3DES-CBC (client)", - .cipher = GNUTLS_CIPHER_3DES_CBC, - .not_on_fips = 1, - .server_prio = "NORMAL:+3DES-CBC:+VERS-TLS1.2", - .client_prio = - "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", - .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(3DES-CBC)-(SHA1)"}, - { - .name = "server TLS 1.2: ARCFOUR-128 (server)", - .cipher = GNUTLS_CIPHER_ARCFOUR_128, - .not_on_fips = 1, - .server_prio = - "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+ARCFOUR-128", - .desc = - "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(ARCFOUR-128)-(SHA1)"}, - { - .name = "both TLS 1.2: ARCFOUR-128 (server)", - .cipher = GNUTLS_CIPHER_ARCFOUR_128, - .not_on_fips = 1, - .server_prio = - "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", - .client_prio = "NORMAL:+ARCFOUR-128:+VERS-TLS1.2", - .desc = - "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(ARCFOUR-128)-(SHA1)"}, - { - .name = "client TLS 1.2: ARCFOUR-128 (client)", - .cipher = GNUTLS_CIPHER_ARCFOUR_128, - .not_on_fips = 1, - .server_prio = "NORMAL:+ARCFOUR-128", - .client_prio = - "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", - .desc = - "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(ARCFOUR-128)-(SHA1)"}, - { - .name = "both TLS 1.2: ARCFOUR-128 (client)", - .cipher = GNUTLS_CIPHER_ARCFOUR_128, - .not_on_fips = 1, - .server_prio = "NORMAL:+ARCFOUR-128:+VERS-TLS1.2", - .client_prio = - "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", - .desc = - "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(ARCFOUR-128)-(SHA1)"} + .name = "server TLS 1.2: NULL (server)", + .not_on_fips = 1, + .cipher = GNUTLS_CIPHER_NULL, + .server_prio = + "NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+NULL", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(NULL)-(SHA1)", + }, + { + .name = "client TLS 1.2: NULL (client)", + .not_on_fips = 1, + .cipher = GNUTLS_CIPHER_NULL, + .server_prio = "NORMAL:+NULL", + .client_prio = + "NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(NULL)-(SHA1)", + }, + { .name = "server TLS 1.2: AES-128-GCM (server)", + .cipher = GNUTLS_CIPHER_AES_128_GCM, + .server_prio = + "NORMAL:-CIPHER-ALL:+AES-128-GCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+AES-128-GCM", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-GCM)" }, + { .name = "both TLS 1.2: AES-128-GCM (server)", + .cipher = GNUTLS_CIPHER_AES_128_GCM, + .server_prio = + "NORMAL:-CIPHER-ALL:+AES-128-GCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+AES-128-GCM:+VERS-TLS1.2", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-GCM)" }, + { .name = "client TLS 1.2: AES-128-GCM (client)", + .cipher = GNUTLS_CIPHER_AES_128_GCM, + .server_prio = "NORMAL:+AES-128-GCM", + .client_prio = + "NORMAL:-CIPHER-ALL:+AES-128-GCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-GCM)" }, + { .name = "both TLS 1.2: AES-128-GCM (client)", + .cipher = GNUTLS_CIPHER_AES_128_GCM, + .server_prio = "NORMAL:+AES-128-GCM:+VERS-TLS1.2", + .client_prio = + "NORMAL:-CIPHER-ALL:+AES-128-GCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-GCM)" }, + { .name = "server TLS 1.2: AES-128-CCM (server)", + .cipher = GNUTLS_CIPHER_AES_128_CCM, + .server_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+AES-128-CCM", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-CCM)" }, + { .name = "both TLS 1.2: AES-128-CCM (server)", + .cipher = GNUTLS_CIPHER_AES_128_CCM, + .server_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+AES-128-CCM:+VERS-TLS1.2", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-CCM)" }, + { .name = "client TLS 1.2: AES-128-CCM (client)", + .cipher = GNUTLS_CIPHER_AES_128_CCM, + .server_prio = "NORMAL:+AES-128-CCM", + .client_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-CCM)" }, + { .name = "both TLS 1.2: AES-128-CCM (client)", + .cipher = GNUTLS_CIPHER_AES_128_CCM, + .server_prio = "NORMAL:+AES-128-CCM:+VERS-TLS1.2", + .client_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-CCM)" }, + { .name = "server TLS 1.2: CHACHA20-POLY (server)", + .cipher = GNUTLS_CIPHER_CHACHA20_POLY1305, + .not_on_fips = 1, + .server_prio = + "NORMAL:-CIPHER-ALL:+CHACHA20-POLY1305:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+CHACHA20-POLY1305", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(CHACHA20-POLY1305)" }, + { .name = "both TLS 1.2: CHACHA20-POLY (server)", + .cipher = GNUTLS_CIPHER_CHACHA20_POLY1305, + .not_on_fips = 1, + .server_prio = + "NORMAL:-CIPHER-ALL:+CHACHA20-POLY1305:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+CHACHA20-POLY1305:+VERS-TLS1.2", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(CHACHA20-POLY1305)" }, + { .name = "client TLS 1.2: CHACHA20-POLY (client)", + .cipher = GNUTLS_CIPHER_CHACHA20_POLY1305, + .not_on_fips = 1, + .server_prio = "NORMAL:+CHACHA20-POLY1305", + .client_prio = + "NORMAL:-CIPHER-ALL:+CHACHA20-POLY1305:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(CHACHA20-POLY1305)" }, + { .name = "both TLS 1.2: CHACHA20-POLY (client)", + .cipher = GNUTLS_CIPHER_CHACHA20_POLY1305, + .not_on_fips = 1, + .server_prio = "NORMAL:+CHACHA20-POLY1305:+VERS-TLS1.2", + .client_prio = + "NORMAL:-CIPHER-ALL:+CHACHA20-POLY1305:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(CHACHA20-POLY1305)" }, + { .name = "server TLS 1.2: AES-128-CBC (server)", + .cipher = GNUTLS_CIPHER_AES_128_CBC, + .server_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+AES-128-CBC", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-CBC)-(SHA1)" }, + { .name = "both TLS 1.2: AES-128-CBC (server)", + .cipher = GNUTLS_CIPHER_AES_128_CBC, + .server_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+AES-128-CBC:+VERS-TLS1.2", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-CBC)-(SHA1)" }, + { .name = "client TLS 1.2: AES-128-CBC (client)", + .cipher = GNUTLS_CIPHER_AES_128_CBC, + .server_prio = "NORMAL:+AES-128-CBC", + .client_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-CBC)-(SHA1)" }, + { .name = "both TLS 1.2: AES-128-CBC (client)", + .cipher = GNUTLS_CIPHER_AES_128_CBC, + .server_prio = "NORMAL:+AES-128-CBC:+VERS-TLS1.2", + .client_prio = + "NORMAL:-CIPHER-ALL:+AES-128-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(AES-128-CBC)-(SHA1)" }, + { .name = "server TLS 1.2: 3DES-CBC (server)", + .cipher = GNUTLS_CIPHER_3DES_CBC, + .not_on_fips = 1, + .server_prio = + "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+3DES-CBC", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(3DES-CBC)-(SHA1)" }, + { .name = "both TLS 1.2: 3DES-CBC (server)", + .cipher = GNUTLS_CIPHER_3DES_CBC, + .not_on_fips = 1, + .server_prio = + "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+3DES-CBC:+VERS-TLS1.2", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(3DES-CBC)-(SHA1)" }, + { .name = "client TLS 1.2: 3DES-CBC (client)", + .cipher = GNUTLS_CIPHER_3DES_CBC, + .not_on_fips = 1, + .server_prio = "NORMAL:+3DES-CBC", + .client_prio = + "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(3DES-CBC)-(SHA1)" }, + { .name = "both TLS 1.2: 3DES-CBC (client)", + .cipher = GNUTLS_CIPHER_3DES_CBC, + .not_on_fips = 1, + .server_prio = "NORMAL:+3DES-CBC:+VERS-TLS1.2", + .client_prio = + "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(3DES-CBC)-(SHA1)" }, + { .name = "server TLS 1.2: ARCFOUR-128 (server)", + .cipher = GNUTLS_CIPHER_ARCFOUR_128, + .not_on_fips = 1, + .server_prio = + "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+ARCFOUR-128", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(ARCFOUR-128)-(SHA1)" }, + { .name = "both TLS 1.2: ARCFOUR-128 (server)", + .cipher = GNUTLS_CIPHER_ARCFOUR_128, + .not_on_fips = 1, + .server_prio = + "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE", + .client_prio = "NORMAL:+ARCFOUR-128:+VERS-TLS1.2", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(ARCFOUR-128)-(SHA1)" }, + { .name = "client TLS 1.2: ARCFOUR-128 (client)", + .cipher = GNUTLS_CIPHER_ARCFOUR_128, + .not_on_fips = 1, + .server_prio = "NORMAL:+ARCFOUR-128", + .client_prio = + "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(ARCFOUR-128)-(SHA1)" }, + { .name = "both TLS 1.2: ARCFOUR-128 (client)", + .cipher = GNUTLS_CIPHER_ARCFOUR_128, + .not_on_fips = 1, + .server_prio = "NORMAL:+ARCFOUR-128:+VERS-TLS1.2", + .client_prio = + "NORMAL:-CIPHER-ALL:+ARCFOUR-128:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(ARCFOUR-128)-(SHA1)" } }; void doit(void) diff --git a/tests/tls12-ffdhe.c b/tests/tls12-ffdhe.c index 08747620af..9a182c017f 100644 --- a/tests/tls12-ffdhe.c +++ b/tests/tls12-ffdhe.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the various certificate key exchange methods supported @@ -48,14 +48,13 @@ typedef struct test_case_st { unsigned have_ecc_sign_cert; unsigned have_rsa_decrypt_cert; unsigned not_on_fips; - unsigned group; /* expected */ + unsigned group; /* expected */ const char *client_prio; const char *server_prio; } test_case_st; -static int -serv_psk_func(gnutls_session_t session, const char *username, - gnutls_datum_t * key) +static int serv_psk_func(gnutls_session_t session, const char *username, + gnutls_datum_t *key) { key->data = gnutls_malloc(4); assert(key->data != NULL); @@ -67,7 +66,7 @@ serv_psk_func(gnutls_session_t session, const char *username, return 0; } -static void try(test_case_st * test) +static void try(test_case_st *test) { int sret, cret; gnutls_anon_client_credentials_t c_anon_cred; @@ -114,21 +113,22 @@ static void try(test_case_st * test) } if (test->have_rsa_decrypt_cert) { - assert(gnutls_certificate_set_x509_key_mem - (s_cert_cred, &server_ca3_localhost_rsa_decrypt_cert, - &server_ca3_key, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + s_cert_cred, + &server_ca3_localhost_rsa_decrypt_cert, + &server_ca3_key, GNUTLS_X509_FMT_PEM) >= 0); } if (test->have_ecc_sign_cert) { - assert(gnutls_certificate_set_x509_key_mem - (s_cert_cred, &server_ca3_localhost_ecc_cert, - &server_ca3_ecc_key, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + s_cert_cred, &server_ca3_localhost_ecc_cert, + &server_ca3_ecc_key, GNUTLS_X509_FMT_PEM) >= 0); } if (test->have_rsa_sign_cert) { - assert(gnutls_certificate_set_x509_key_mem - (s_cert_cred, &server_ca3_localhost_rsa_sign_cert, - &server_ca3_key, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + s_cert_cred, &server_ca3_localhost_rsa_sign_cert, + &server_ca3_key, GNUTLS_X509_FMT_PEM) >= 0); } /* client does everything */ @@ -136,8 +136,8 @@ static void try(test_case_st * test) gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, c_cert_cred); gnutls_credentials_set(client, GNUTLS_CRD_PSK, c_psk_cred); - assert(gnutls_psk_set_client_credentials - (c_psk_cred, "psk", &pskkey, GNUTLS_PSK_KEY_HEX) >= 0); + assert(gnutls_psk_set_client_credentials(c_psk_cred, "psk", &pskkey, + GNUTLS_PSK_KEY_HEX) >= 0); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); @@ -160,21 +160,21 @@ static void try(test_case_st * test) } if (test->group) { - if (test->group == GNUTLS_GROUP_FFDHE2048 - || test->group == GNUTLS_GROUP_FFDHE3072 - || test->group == GNUTLS_GROUP_FFDHE4096 - || test->group == GNUTLS_GROUP_FFDHE6144 - || test->group == GNUTLS_GROUP_FFDHE8192) { - if (! - (gnutls_session_get_flags(client) & - GNUTLS_SFLAGS_RFC7919)) { - fail("%s: gnutls_session_get_flags(client) reports that no RFC7919 negotiation was performed!\n", test->name); + if (test->group == GNUTLS_GROUP_FFDHE2048 || + test->group == GNUTLS_GROUP_FFDHE3072 || + test->group == GNUTLS_GROUP_FFDHE4096 || + test->group == GNUTLS_GROUP_FFDHE6144 || + test->group == GNUTLS_GROUP_FFDHE8192) { + if (!(gnutls_session_get_flags(client) & + GNUTLS_SFLAGS_RFC7919)) { + fail("%s: gnutls_session_get_flags(client) reports that no RFC7919 negotiation was performed!\n", + test->name); } - if (! - (gnutls_session_get_flags(server) & - GNUTLS_SFLAGS_RFC7919)) { - fail("%s: gnutls_session_get_flags(server) reports that no RFC7919 negotiation was performed!\n", test->name); + if (!(gnutls_session_get_flags(server) & + GNUTLS_SFLAGS_RFC7919)) { + fail("%s: gnutls_session_get_flags(server) reports that no RFC7919 negotiation was performed!\n", + test->name); } } } @@ -191,226 +191,204 @@ static void try(test_case_st * test) } test_case_st tests[] = { - { - .name = "TLS 1.2 ANON-DH (defaults)", - .client_ret = 0, - .server_ret = 0, - .have_anon_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 ANON-DH (FFDHE2048)", - .group = GNUTLS_GROUP_FFDHE2048, - .client_ret = 0, - .server_ret = 0, - .have_anon_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE2048", - .client_prio = - "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE2048"}, - { - .name = "TLS 1.2 ANON-DH (FFDHE3072)", - .group = GNUTLS_GROUP_FFDHE3072, - .client_ret = 0, - .server_ret = 0, - .have_anon_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE3072", - .client_prio = - "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE3072"}, - { - .name = "TLS 1.2 ANON-DH (FFDHE4096)", - .group = GNUTLS_GROUP_FFDHE4096, - .client_ret = 0, - .server_ret = 0, - .have_anon_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE4096", - .client_prio = - "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE4096"}, - { - .name = "TLS 1.2 ANON-DH (FFDHE6144)", - .group = GNUTLS_GROUP_FFDHE6144, - .client_ret = 0, - .server_ret = 0, - .have_anon_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE6144", - .client_prio = - "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE6144"}, - { - .name = "TLS 1.2 ANON-DH (FFDHE8192)", - .group = GNUTLS_GROUP_FFDHE8192, - .client_ret = 0, - .server_ret = 0, - .have_anon_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE8192", - .client_prio = - "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE8192"}, - { - .name = "TLS 1.2 DHE-PSK (defaults)", - .client_ret = 0, - .server_ret = 0, - .have_psk_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 DHE-PSK (FFDHE2048)", - .client_ret = 0, - .server_ret = 0, - .group = GNUTLS_GROUP_FFDHE2048, - .have_psk_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE2048", - .client_prio = - "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE2048"}, - { - .name = "TLS 1.2 DHE-PSK (FFDHE3072)", - .group = GNUTLS_GROUP_FFDHE3072, - .client_ret = 0, - .server_ret = 0, - .have_psk_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE3072", - .client_prio = - "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE3072"}, - { - .name = "TLS 1.2 DHE-PSK (FFDHE4096)", - .group = GNUTLS_GROUP_FFDHE4096, - .client_ret = 0, - .server_ret = 0, - .have_psk_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE4096", - .client_prio = - "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE4096"}, - { - .name = "TLS 1.2 DHE-PSK (FFDHE6144)", - .client_ret = 0, - .server_ret = 0, - .group = GNUTLS_GROUP_FFDHE6144, - .have_psk_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE6144", - .client_prio = - "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE6144"}, - { - .name = "TLS 1.2 DHE-PSK (FFDHE8192)", - .group = GNUTLS_GROUP_FFDHE8192, - .client_ret = 0, - .server_ret = 0, - .have_psk_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE8192", - .client_prio = - "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE8192"}, - { - .name = "TLS 1.2 DHE-RSA (defaults)", - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 DHE-RSA (FFDHE2048)", - .group = GNUTLS_GROUP_FFDHE2048, - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = - "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE2048", - .client_prio = - "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE2048"}, - { - .name = "TLS 1.2 DHE-RSA (FFDHE3072)", - .group = GNUTLS_GROUP_FFDHE3072, - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = - "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE3072", - .client_prio = - "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE3072"}, - { - .name = "TLS 1.2 DHE-RSA (FFDHE4096)", - .group = GNUTLS_GROUP_FFDHE4096, - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = - "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE4096", - .client_prio = - "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE4096"}, - { - .name = "TLS 1.2 DHE-RSA (FFDHE6144)", - .group = GNUTLS_GROUP_FFDHE6144, - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = - "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE6144", - .client_prio = - "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE6144"}, - { - .name = "TLS 1.2 DHE-RSA (FFDHE8192)", - .group = GNUTLS_GROUP_FFDHE8192, - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = - "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE8192", - .client_prio = - "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE8192"}, - { - .name = "TLS 1.2 DHE-RSA (incompatible options)", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = - "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE8192", - .client_prio = - "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE3072"}, - { - .name = "TLS 1.2 DHE-RSA (complex neg)", - .group = GNUTLS_GROUP_FFDHE3072, - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = - "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE8192:+GROUP-FFDHE2048:+GROUP-FFDHE3072", - .client_prio = - "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE3072"}, - { - .name = "TLS 1.2 DHE-RSA (negotiation over ECDHE)", - .group = GNUTLS_GROUP_FFDHE3072, - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = - "NORMAL:-KX-ALL:+DHE-RSA:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-FFDHE8192:+GROUP-FFDHE2048:+GROUP-FFDHE3072", - .client_prio = - "NORMAL:-KX-ALL:+DHE-RSA:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-FFDHE3072"}, - { - .name = "TLS 1.2 DHE-RSA (negotiation over ECDHE - prio on ECDHE)", - .group = GNUTLS_GROUP_SECP256R1, - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE8192:+GROUP-FFDHE2048:+GROUP-FFDHE3072:+GROUP-SECP256R1", - .client_prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE3072:+GROUP-SECP256R1"} + { .name = "TLS 1.2 ANON-DH (defaults)", + .client_ret = 0, + .server_ret = 0, + .have_anon_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 ANON-DH (FFDHE2048)", + .group = GNUTLS_GROUP_FFDHE2048, + .client_ret = 0, + .server_ret = 0, + .have_anon_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE2048", + .client_prio = + "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE2048" }, + { .name = "TLS 1.2 ANON-DH (FFDHE3072)", + .group = GNUTLS_GROUP_FFDHE3072, + .client_ret = 0, + .server_ret = 0, + .have_anon_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE3072", + .client_prio = + "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE3072" }, + { .name = "TLS 1.2 ANON-DH (FFDHE4096)", + .group = GNUTLS_GROUP_FFDHE4096, + .client_ret = 0, + .server_ret = 0, + .have_anon_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE4096", + .client_prio = + "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE4096" }, + { .name = "TLS 1.2 ANON-DH (FFDHE6144)", + .group = GNUTLS_GROUP_FFDHE6144, + .client_ret = 0, + .server_ret = 0, + .have_anon_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE6144", + .client_prio = + "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE6144" }, + { .name = "TLS 1.2 ANON-DH (FFDHE8192)", + .group = GNUTLS_GROUP_FFDHE8192, + .client_ret = 0, + .server_ret = 0, + .have_anon_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE8192", + .client_prio = + "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE8192" }, + { .name = "TLS 1.2 DHE-PSK (defaults)", + .client_ret = 0, + .server_ret = 0, + .have_psk_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 DHE-PSK (FFDHE2048)", + .client_ret = 0, + .server_ret = 0, + .group = GNUTLS_GROUP_FFDHE2048, + .have_psk_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE2048", + .client_prio = + "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE2048" }, + { .name = "TLS 1.2 DHE-PSK (FFDHE3072)", + .group = GNUTLS_GROUP_FFDHE3072, + .client_ret = 0, + .server_ret = 0, + .have_psk_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE3072", + .client_prio = + "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE3072" }, + { .name = "TLS 1.2 DHE-PSK (FFDHE4096)", + .group = GNUTLS_GROUP_FFDHE4096, + .client_ret = 0, + .server_ret = 0, + .have_psk_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE4096", + .client_prio = + "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE4096" }, + { .name = "TLS 1.2 DHE-PSK (FFDHE6144)", + .client_ret = 0, + .server_ret = 0, + .group = GNUTLS_GROUP_FFDHE6144, + .have_psk_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE6144", + .client_prio = + "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE6144" }, + { .name = "TLS 1.2 DHE-PSK (FFDHE8192)", + .group = GNUTLS_GROUP_FFDHE8192, + .client_ret = 0, + .server_ret = 0, + .have_psk_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE8192", + .client_prio = + "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE8192" }, + { .name = "TLS 1.2 DHE-RSA (defaults)", + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 DHE-RSA (FFDHE2048)", + .group = GNUTLS_GROUP_FFDHE2048, + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = + "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE2048", + .client_prio = + "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE2048" }, + { .name = "TLS 1.2 DHE-RSA (FFDHE3072)", + .group = GNUTLS_GROUP_FFDHE3072, + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = + "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE3072", + .client_prio = + "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE3072" }, + { .name = "TLS 1.2 DHE-RSA (FFDHE4096)", + .group = GNUTLS_GROUP_FFDHE4096, + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = + "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE4096", + .client_prio = + "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE4096" }, + { .name = "TLS 1.2 DHE-RSA (FFDHE6144)", + .group = GNUTLS_GROUP_FFDHE6144, + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = + "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE6144", + .client_prio = + "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE6144" }, + { .name = "TLS 1.2 DHE-RSA (FFDHE8192)", + .group = GNUTLS_GROUP_FFDHE8192, + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = + "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE8192", + .client_prio = + "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE8192" }, + { .name = "TLS 1.2 DHE-RSA (incompatible options)", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = + "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE8192", + .client_prio = + "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE3072" }, + { .name = "TLS 1.2 DHE-RSA (complex neg)", + .group = GNUTLS_GROUP_FFDHE3072, + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = + "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE8192:+GROUP-FFDHE2048:+GROUP-FFDHE3072", + .client_prio = + "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE3072" }, + { .name = "TLS 1.2 DHE-RSA (negotiation over ECDHE)", + .group = GNUTLS_GROUP_FFDHE3072, + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = + "NORMAL:-KX-ALL:+DHE-RSA:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-FFDHE8192:+GROUP-FFDHE2048:+GROUP-FFDHE3072", + .client_prio = + "NORMAL:-KX-ALL:+DHE-RSA:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-FFDHE3072" }, + { .name = "TLS 1.2 DHE-RSA (negotiation over ECDHE - prio on ECDHE)", + .group = GNUTLS_GROUP_SECP256R1, + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = + "NORMAL:-KX-ALL:+ECDHE-RSA:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE8192:+GROUP-FFDHE2048:+GROUP-FFDHE3072:+GROUP-SECP256R1", + .client_prio = + "NORMAL:-KX-ALL:+ECDHE-RSA:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE3072:+GROUP-SECP256R1" } }; void doit(void) diff --git a/tests/tls12-invalid-key-exchanges.c b/tests/tls12-invalid-key-exchanges.c index a21ed76280..f49604a54d 100644 --- a/tests/tls12-invalid-key-exchanges.c +++ b/tests/tls12-invalid-key-exchanges.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the various certificate key exchange methods supported @@ -43,16 +43,13 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static -void try_with_key(const char *name, - const char *server_prio, - const char *client_prio, - const gnutls_datum_t * serv_cert, - const gnutls_datum_t * serv_key, - const gnutls_datum_t * client_cert, - const gnutls_datum_t * client_key, - unsigned cert_flags, - int exp_error_server, int exp_error_client) +static void try_with_key(const char *name, const char *server_prio, + const char *client_prio, + const gnutls_datum_t *serv_cert, + const gnutls_datum_t *serv_key, + const gnutls_datum_t *client_cert, + const gnutls_datum_t *client_key, unsigned cert_flags, + int exp_error_server, int exp_error_client) { int ret; /* Server stuff. */ @@ -74,9 +71,8 @@ void try_with_key(const char *name, gnutls_anon_allocate_server_credentials(&s_anoncred); gnutls_certificate_allocate_credentials(&serverx509cred); - ret = gnutls_certificate_set_x509_key_mem(serverx509cred, - serv_cert, serv_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + serverx509cred, serv_cert, serv_key, GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("Could not set key/cert: %s\n", gnutls_strerror(ret)); } @@ -108,8 +104,8 @@ void try_with_key(const char *name, exit(1); if (cert_flags == USE_CERT) { - gnutls_certificate_set_x509_key_mem(clientx509cred, - client_cert, client_key, + gnutls_certificate_set_x509_key_mem(clientx509cred, client_cert, + client_key, GNUTLS_X509_FMT_PEM); gnutls_certificate_server_set_request(server, GNUTLS_CERT_REQUIRE); @@ -168,17 +164,17 @@ void doit(void) /* check compatibility and handling of SIGN-ECDSA-SECP256R1-SHA256 which * is available under TLS1.3 but not TLS1.2 */ - try_with_key("TLS 1.2 with ecdhe ecdsa with ECDSA-SECP256R1-SHA256", - NULL, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-ECDSA:-SIGN-ALL:+SIGN-ECDSA-SECP256R1-SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+SIGN-ECDSA-SECP521R1-SHA512:+SIGN-RSA-SHA256", - &server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, NULL, - NULL, 0, GNUTLS_E_NO_CIPHER_SUITES, GNUTLS_E_AGAIN); - - try_with_key("TLS 1.2 with ecdhe ecdsa with ECDSA-SHA256", - NULL, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-ECDSA:-SIGN-ALL:+SIGN-ECDSA-SHA256:+SIGN-RSA-SHA256", - &server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, NULL, - NULL, 0, 0, 0); + try_with_key( + "TLS 1.2 with ecdhe ecdsa with ECDSA-SECP256R1-SHA256", NULL, + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-ECDSA:-SIGN-ALL:+SIGN-ECDSA-SECP256R1-SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+SIGN-ECDSA-SECP521R1-SHA512:+SIGN-RSA-SHA256", + &server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, NULL, NULL, + 0, GNUTLS_E_NO_CIPHER_SUITES, GNUTLS_E_AGAIN); + + try_with_key( + "TLS 1.2 with ecdhe ecdsa with ECDSA-SHA256", NULL, + "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-ECDSA:-SIGN-ALL:+SIGN-ECDSA-SHA256:+SIGN-RSA-SHA256", + &server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, NULL, NULL, + 0, 0, 0); gnutls_global_deinit(); } diff --git a/tests/tls12-max-record.c b/tests/tls12-max-record.c index 1d2a0e2ca9..cdf700c387 100644 --- a/tests/tls12-max-record.c +++ b/tests/tls12-max-record.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,7 +30,9 @@ #include #include "utils.h" -#define SERVER_PUSH_ADD if (len > 512 + 5+32) fail("max record set to 512, len: %d\n", (int)len); +#define SERVER_PUSH_ADD \ + if (len > 512 + 5 + 32) \ + fail("max record set to 512, len: %d\n", (int)len); #include "eagain-common.h" #include "cert-common.h" @@ -67,15 +69,14 @@ void doit(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server2_cert, &server2_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server2_cert, + &server2_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); - gnutls_priority_set_direct(server, - "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL); + gnutls_priority_set_direct(server, "NORMAL:-VERS-ALL:+VERS-TLS1.2", + NULL); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_pull_timeout_function(server, @@ -88,9 +89,8 @@ void doit(void) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca2_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca2_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -103,9 +103,8 @@ void doit(void) if (ret < 0) exit(1); - ret = - gnutls_priority_set_direct(client, "NORMAL:-VERS-ALL:+VERS-TLS1.2", - NULL); + ret = gnutls_priority_set_direct(client, + "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL); if (ret < 0) exit(1); diff --git a/tests/tls12-prf.c b/tests/tls12-prf.c index fd80cf64d3..7ebf19491c 100644 --- a/tests/tls12-prf.c +++ b/tests/tls12-prf.c @@ -31,43 +31,42 @@ #include #include "hex.h" -int -_gnutls_prf_raw(gnutls_mac_algorithm_t mac, - size_t master_size, const void *master, - size_t label_size, const char *label, - size_t seed_size, const uint8_t * seed, size_t outsize, - char *out); +int _gnutls_prf_raw(gnutls_mac_algorithm_t mac, size_t master_size, + const void *master, size_t label_size, const char *label, + size_t seed_size, const uint8_t *seed, size_t outsize, + char *out); -#define MATCH_FUNC(fname, mac, dsecret, dseed, dlabel, doutput) \ -static void fname(void **glob_state) \ -{ \ - char tmp[512]; \ - gnutls_datum_t secret = dsecret; \ - gnutls_datum_t seed = dseed; \ - gnutls_datum_t label = dlabel; \ - gnutls_datum_t output = doutput; \ - int _rval; \ - _rval = _gnutls_prf_raw(mac, secret.size, secret.data, \ - label.size, (char*)label.data, seed.size, seed.data, output.size, tmp); \ - assert_int_equal(_rval, 0); \ - assert_int_equal(memcmp(tmp, output.data, output.size), 0); \ - gnutls_free(secret.data); \ - gnutls_free(label.data); \ - gnutls_free(seed.data); \ - gnutls_free(output.data); \ -} +#define MATCH_FUNC(fname, mac, dsecret, dseed, dlabel, doutput) \ + static void fname(void **glob_state) \ + { \ + char tmp[512]; \ + gnutls_datum_t secret = dsecret; \ + gnutls_datum_t seed = dseed; \ + gnutls_datum_t label = dlabel; \ + gnutls_datum_t output = doutput; \ + int _rval; \ + _rval = _gnutls_prf_raw(mac, secret.size, secret.data, \ + label.size, (char *)label.data, \ + seed.size, seed.data, output.size, \ + tmp); \ + assert_int_equal(_rval, 0); \ + assert_int_equal(memcmp(tmp, output.data, output.size), 0); \ + gnutls_free(secret.data); \ + gnutls_free(label.data); \ + gnutls_free(seed.data); \ + gnutls_free(output.data); \ + } MATCH_FUNC(sha256_test1, GNUTLS_MAC_SHA256, SHEX("0450b0ea9ecd3602ee0d76c5c3c86f4a"), - SHEX("207acc0254b867f5b925b45a33601d8b"), - SDATA("test label"), SHEX("ae679e0e714f5975763768b166979e1d")); + SHEX("207acc0254b867f5b925b45a33601d8b"), SDATA("test label"), + SHEX("ae679e0e714f5975763768b166979e1d")); -MATCH_FUNC(sha256_test2, GNUTLS_MAC_SHA256, - SHEX("34204a9df0be6eb4e925a8027cf6c602"), - SHEX("98b2c40bcd664c83bb920c18201a6395"), - SDATA("test label"), - SHEX - ("afa9312453c22fa83d2b511b372d73a402a2a62873239a51fade45082faf3fd2bb7ffb3e9bf36e28b3141aaba484005332a9f9e388a4d329f1587a4b317da07708ea1ba95a53f8786724bd83ce4b03af")); +MATCH_FUNC( + sha256_test2, GNUTLS_MAC_SHA256, + SHEX("34204a9df0be6eb4e925a8027cf6c602"), + SHEX("98b2c40bcd664c83bb920c18201a6395"), SDATA("test label"), + SHEX("afa9312453c22fa83d2b511b372d73a402a2a62873239a51fade45082faf3fd2bb7ffb3e9bf36e28b3141aaba484005332a9f9e388a4d329f1587a4b317da07708ea1ba95a53f8786724bd83ce4b03af")); MATCH_FUNC(sha256_test3, GNUTLS_MAC_SHA256, SHEX("a3691aa1f6814b80592bf1cf2acf1697"), @@ -75,41 +74,35 @@ MATCH_FUNC(sha256_test3, GNUTLS_MAC_SHA256, SDATA("test label"), SHEX("6ad0984fa06f78fe161bd46d7c261de43340d728dddc3d0ff0dd7e0d")); -MATCH_FUNC(sha256_test4, GNUTLS_MAC_SHA256, - SHEX - ("210ec937069707e5465bc46bf779e104108b18fdb793be7b218dbf145c8641f3"), - SHEX("1e351a0baf35c79945924394b881cfe31dae8f1c1ed54d3b"), - SDATA("test label"), - SHEX - ("7653fa809cde3b553c4a17e2cdbcc918f36527f22219a7d7f95d97243ff2d5dee8265ef0af03")); +MATCH_FUNC( + sha256_test4, GNUTLS_MAC_SHA256, + SHEX("210ec937069707e5465bc46bf779e104108b18fdb793be7b218dbf145c8641f3"), + SHEX("1e351a0baf35c79945924394b881cfe31dae8f1c1ed54d3b"), + SDATA("test label"), + SHEX("7653fa809cde3b553c4a17e2cdbcc918f36527f22219a7d7f95d97243ff2d5dee8265ef0af03")); /* https://www.ietf.org/mail-archive/web/tls/current/msg03416.html */ -MATCH_FUNC(sha384_test1, GNUTLS_MAC_SHA384, - SHEX("b80b733d6ceefcdc71566ea48e5567df"), - SHEX("cd665cf6a8447dd6ff8b27555edb7465"), - SDATA("test label"), - SHEX - ("7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f")); +MATCH_FUNC( + sha384_test1, GNUTLS_MAC_SHA384, + SHEX("b80b733d6ceefcdc71566ea48e5567df"), + SHEX("cd665cf6a8447dd6ff8b27555edb7465"), SDATA("test label"), + SHEX("7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f")); #if ENABLE_GOST /*https://tools.ietf.org/html/rfc7836 */ -MATCH_FUNC(streebog256_test1, GNUTLS_MAC_STREEBOG_256, - SHEX - ("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"), - SHEX - ("18471d622dc655c4d2d2269691ca4a560b50aba663553af241f1ada882c9f29a"), - SHEX("1122334455"), - SHEX - ("ff09664a44745865944f839ebb48965f1544ff1cc8e8f16f247ee5f8a9ebe97fc4e3c7900e46cad3db6a01643063040ec67fc0fd5cd9f90465235237bdff2c02")); +MATCH_FUNC( + streebog256_test1, GNUTLS_MAC_STREEBOG_256, + SHEX("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"), + SHEX("18471d622dc655c4d2d2269691ca4a560b50aba663553af241f1ada882c9f29a"), + SHEX("1122334455"), + SHEX("ff09664a44745865944f839ebb48965f1544ff1cc8e8f16f247ee5f8a9ebe97fc4e3c7900e46cad3db6a01643063040ec67fc0fd5cd9f90465235237bdff2c02")); -MATCH_FUNC(streebog512_test1, GNUTLS_MAC_STREEBOG_512, - SHEX - ("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"), - SHEX - ("18471d622dc655c4d2d2269691ca4a560b50aba663553af241f1ada882c9f29a"), - SHEX("1122334455"), - SHEX - ("f35187a3dc9655113a0e84d06fd7526c5fc1fbdec1a0e4673dd6d79d0b920e65ad1bc47bb083b3851cb7cd8e7e6a911a626cf02b29e9e4a58ed766a449a7296de61a7a26c4d1caeecfd80cca65c71f0f88c1f822c0e8c0ad949d03fee139579f72ba0c3d32c5f954f1cccd54081fc7440278cba1fe7b7a17a986fdff5bd15d1f")); +MATCH_FUNC( + streebog512_test1, GNUTLS_MAC_STREEBOG_512, + SHEX("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"), + SHEX("18471d622dc655c4d2d2269691ca4a560b50aba663553af241f1ada882c9f29a"), + SHEX("1122334455"), + SHEX("f35187a3dc9655113a0e84d06fd7526c5fc1fbdec1a0e4673dd6d79d0b920e65ad1bc47bb083b3851cb7cd8e7e6a911a626cf02b29e9e4a58ed766a449a7296de61a7a26c4d1caeecfd80cca65c71f0f88c1f822c0e8c0ad949d03fee139579f72ba0c3d32c5f954f1cccd54081fc7440278cba1fe7b7a17a986fdff5bd15d1f")); #endif int main(void) diff --git a/tests/tls12-rehandshake-cert-2.c b/tests/tls12-rehandshake-cert-2.c index 9dcb270485..58aedd547f 100644 --- a/tests/tls12-rehandshake-cert-2.c +++ b/tests/tls12-rehandshake-cert-2.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,19 +35,19 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" -# include "cert-common.h" +#include "utils.h" +#include "cert-common.h" static void terminate(void); @@ -65,7 +65,7 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, unsigned test) { @@ -93,9 +93,9 @@ static void client(int fd, unsigned test) gnutls_handshake_set_timeout(session, get_timeout()); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", - NULL); + gnutls_priority_set_direct( + session, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", + NULL); /* put the anonymous credentials to the current session */ @@ -108,8 +108,7 @@ static void client(int fd, unsigned test) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -122,8 +121,8 @@ static void client(int fd, unsigned test) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (debug) success("client: test %d\n", test); @@ -138,21 +137,19 @@ static void client(int fd, unsigned test) do { do { - ret = - gnutls_record_recv(session, buffer, - MAX_BUF); - } while (ret == GNUTLS_E_AGAIN - || ret == GNUTLS_E_INTERRUPTED); + ret = gnutls_record_recv(session, buffer, + MAX_BUF); + } while (ret == GNUTLS_E_AGAIN || + ret == GNUTLS_E_INTERRUPTED); } while (ret > 0); } else { do { do { - ret = - gnutls_record_recv(session, buffer, - MAX_BUF); - } while (ret == GNUTLS_E_AGAIN - || ret == GNUTLS_E_INTERRUPTED); + ret = gnutls_record_recv(session, buffer, + MAX_BUF); + } while (ret == GNUTLS_E_AGAIN || + ret == GNUTLS_E_INTERRUPTED); } while (ret > 0); if (ret != GNUTLS_E_REHANDSHAKE) { @@ -162,8 +159,8 @@ static void client(int fd, unsigned test) } do { - ret = - gnutls_record_send(session, buffer, sizeof(buffer)); + ret = gnutls_record_send(session, buffer, + sizeof(buffer)); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { @@ -173,8 +170,8 @@ static void client(int fd, unsigned test) } do { - ret = - gnutls_record_send(session, buffer, sizeof(buffer)); + ret = gnutls_record_send(session, buffer, + sizeof(buffer)); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { @@ -182,7 +179,6 @@ static void client(int fd, unsigned test) (int)sizeof(buffer), gnutls_strerror(ret)); exit(1); } - } gnutls_bye(session, GNUTLS_SHUT_WR); @@ -237,9 +233,9 @@ static void server(int fd, unsigned test) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", - NULL); + gnutls_priority_set_direct( + session, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", + NULL); gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -248,8 +244,7 @@ static void server(int fd, unsigned test) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -262,31 +257,30 @@ static void server(int fd, unsigned test) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (debug) success("server: test %d\n", test); if (test != 0) { - do { do { - ret = - gnutls_record_recv(session, buffer, - MAX_BUF); - } while (ret == GNUTLS_E_AGAIN - || ret == GNUTLS_E_INTERRUPTED); + ret = gnutls_record_recv(session, buffer, + MAX_BUF); + } while (ret == GNUTLS_E_AGAIN || + ret == GNUTLS_E_INTERRUPTED); } while (ret > 0); if (ret != GNUTLS_E_REHANDSHAKE) { - fail("server: Error receiving client handshake request: %s\n", gnutls_strerror(ret)); + fail("server: Error receiving client handshake request: %s\n", + gnutls_strerror(ret)); terminate(); } do { - ret = - gnutls_record_send(session, buffer, sizeof(buffer)); + ret = gnutls_record_send(session, buffer, + sizeof(buffer)); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { @@ -312,7 +306,8 @@ static void server(int fd, unsigned test) ret = gnutls_handshake(session); if (ret != GNUTLS_E_GOT_APPLICATION_DATA) { - fail("server: didn't receive GNUTLS_E_GOT_APPLICATION_DATA: %s\n", gnutls_strerror(ret)); + fail("server: didn't receive GNUTLS_E_GOT_APPLICATION_DATA: %s\n", + gnutls_strerror(ret)); terminate(); } @@ -322,11 +317,10 @@ static void server(int fd, unsigned test) do { do { - ret = - gnutls_record_recv(session, buffer, - MAX_BUF); - } while (ret == GNUTLS_E_AGAIN - || ret == GNUTLS_E_INTERRUPTED); + ret = gnutls_record_recv(session, buffer, + MAX_BUF); + } while (ret == GNUTLS_E_AGAIN || + ret == GNUTLS_E_INTERRUPTED); } while (ret > 0); if (debug) @@ -338,7 +332,6 @@ static void server(int fd, unsigned test) gnutls_strerror(ret)); terminate(); } - } /* do not wait for the peer to close the connection. @@ -403,4 +396,4 @@ void doit(void) start(1); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls12-rehandshake-cert-3.c b/tests/tls12-rehandshake-cert-3.c index 1a217107ff..e90e4d0cdc 100644 --- a/tests/tls12-rehandshake-cert-3.c +++ b/tests/tls12-rehandshake-cert-3.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -36,19 +36,19 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" -# include "cert-common.h" +#include "utils.h" +#include "cert-common.h" static void terminate(void); @@ -67,8 +67,8 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 -# define MAX_REHANDSHAKES 16 +#define MAX_BUF 1024 +#define MAX_REHANDSHAKES 16 static void client(int fd) { @@ -87,8 +87,8 @@ static void client(int fd) } gnutls_certificate_allocate_credentials(&x509_cred); - gnutls_certificate_set_x509_key_mem(x509_cred, &cli_cert, - &cli_key, GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(x509_cred, &cli_cert, &cli_key, + GNUTLS_X509_FMT_PEM); /* Initialize TLS session */ @@ -96,9 +96,9 @@ static void client(int fd) gnutls_handshake_set_timeout(session, get_timeout()); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+VERS-TLS1.1", - NULL); + gnutls_priority_set_direct( + session, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+VERS-TLS1.1", + NULL); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -108,8 +108,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -122,8 +121,8 @@ static void client(int fd) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); for (i = 0; i < MAX_REHANDSHAKES; i++) { do { @@ -134,7 +133,6 @@ static void client(int fd) gnutls_strerror(ret)); exit(1); } - } do { @@ -197,9 +195,9 @@ static void server(int fd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+VERS-TLS1.1", - NULL); + gnutls_priority_set_direct( + session, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+VERS-TLS1.1", + NULL); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); gnutls_certificate_server_set_request(session, GNUTLS_CERT_REQUIRE); @@ -208,8 +206,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -222,8 +219,8 @@ static void server(int fd) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); gnutls_certificate_server_set_request(session, GNUTLS_CERT_IGNORE); @@ -232,18 +229,18 @@ static void server(int fd) do { do { - ret = - gnutls_record_recv(session, buffer, - MAX_BUF); - } while (ret == GNUTLS_E_AGAIN - || ret == GNUTLS_E_INTERRUPTED); + ret = gnutls_record_recv(session, buffer, + MAX_BUF); + } while (ret == GNUTLS_E_AGAIN || + ret == GNUTLS_E_INTERRUPTED); } while (ret > 0); if (ret == 0) break; if (ret != GNUTLS_E_REHANDSHAKE) { - fail("server: Error receiving client handshake request: %s\n", gnutls_strerror(ret)); + fail("server: Error receiving client handshake request: %s\n", + gnutls_strerror(ret)); terminate(); } @@ -330,4 +327,4 @@ void doit(void) start(); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls12-rehandshake-cert-auto.c b/tests/tls12-rehandshake-cert-auto.c index 1d02fa4b18..e706746b67 100644 --- a/tests/tls12-rehandshake-cert-auto.c +++ b/tests/tls12-rehandshake-cert-auto.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,20 +35,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "utils.h" -# include "cert-common.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "utils.h" +#include "cert-common.h" /* This program tests server initiated rehandshake when * handled transparently by the client. @@ -64,7 +64,7 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd) { @@ -92,9 +92,9 @@ static void client(int fd) gnutls_handshake_set_timeout(session, get_timeout()); /* Use default priorities */ - gnutls_priority_set_direct(session, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", - NULL); + gnutls_priority_set_direct( + session, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", + NULL); /* put the anonymous credentials to the current session */ @@ -107,8 +107,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -121,8 +120,8 @@ static void client(int fd) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); do { ret = gnutls_record_recv(session, buffer, MAX_BUF); @@ -174,9 +173,9 @@ static void server(int fd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", - NULL); + gnutls_priority_set_direct( + session, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", + NULL); gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -185,8 +184,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -198,8 +196,8 @@ static void server(int fd) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (debug) success("server: sending rehandshake request\n"); @@ -208,8 +206,8 @@ static void server(int fd) ret = gnutls_rehandshake(session); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) { - fail("Error sending %d byte packet: %s\n", - (int)sizeof(buffer), gnutls_strerror(ret)); + fail("Error sending %d byte packet: %s\n", (int)sizeof(buffer), + gnutls_strerror(ret)); } if (debug) @@ -275,4 +273,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls12-rehandshake-cert.c b/tests/tls12-rehandshake-cert.c index 46610bcbdb..e266a01e77 100644 --- a/tests/tls12-rehandshake-cert.c +++ b/tests/tls12-rehandshake-cert.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -67,9 +67,8 @@ static void test_rehandshake(void **glob_state, unsigned appdata) ret = gnutls_certificate_allocate_credentials(&serverx509cred); assert_return_code(ret, 0); - ret = gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + serverx509cred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); assert_return_code(ret, 0); ret = gnutls_init(&server, GNUTLS_SERVER); @@ -79,10 +78,8 @@ static void test_rehandshake(void **glob_state, unsigned appdata) serverx509cred); assert_return_code(ret, 0); - ret = - gnutls_priority_set_direct(server, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", - NULL); + ret = gnutls_priority_set_direct( + server, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", NULL); assert_return_code(ret, 0); gnutls_transport_set_push_function(server, server_push); @@ -100,10 +97,8 @@ static void test_rehandshake(void **glob_state, unsigned appdata) clientx509cred); assert_return_code(ret, 0); - ret = - gnutls_priority_set_direct(client, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", - NULL); + ret = gnutls_priority_set_direct( + client, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", NULL); assert_return_code(ret, 0); gnutls_transport_set_push_function(client, client_push); diff --git a/tests/tls12-rehandshake-set-prio.c b/tests/tls12-rehandshake-set-prio.c index 26494e72a5..602f86567b 100644 --- a/tests/tls12-rehandshake-set-prio.c +++ b/tests/tls12-rehandshake-set-prio.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -69,8 +69,8 @@ static void test_rehandshake(void) /* Init server */ assert(gnutls_certificate_allocate_credentials(&serverx509cred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, + assert(gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&server, GNUTLS_SERVER) >= 0); @@ -78,9 +78,9 @@ static void test_rehandshake(void) assert(gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred) >= 0); - assert(gnutls_priority_set_direct - (server, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", - NULL) >= 0); + assert(gnutls_priority_set_direct( + server, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", + NULL) >= 0); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); @@ -94,9 +94,9 @@ static void test_rehandshake(void) assert(gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, clientx509cred) >= 0); - assert(gnutls_priority_set_direct - (client, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", - NULL) >= 0); + assert(gnutls_priority_set_direct( + client, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", + NULL) >= 0); gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); @@ -115,8 +115,8 @@ static void test_rehandshake(void) assert(n == GNUTLS_E_REHANDSHAKE); /* includes TLS1.3 */ - assert(gnutls_priority_set_direct - (client, "NORMAL", NULL) >= 0); + assert(gnutls_priority_set_direct(client, "NORMAL", + NULL) >= 0); HANDSHAKE(client, server); } diff --git a/tests/tls12-rehandshake-ticket.c b/tests/tls12-rehandshake-ticket.c index 4df3d9a31e..202272cf37 100644 --- a/tests/tls12-rehandshake-ticket.c +++ b/tests/tls12-rehandshake-ticket.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -62,19 +62,17 @@ static void run(void) /* Init server */ assert(gnutls_certificate_allocate_credentials(&scred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(scred, - &server_ca3_localhost_cert, - &server_ca3_key, - GNUTLS_X509_FMT_PEM) >= 0); - assert(gnutls_certificate_set_x509_trust_mem(scred, - &ca3_cert, + assert(gnutls_certificate_set_x509_key_mem( + scred, &server_ca3_localhost_cert, &server_ca3_key, + GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(scred, &ca3_cert, GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&server, GNUTLS_SERVER) >= 0); gnutls_certificate_server_set_request(server, GNUTLS_CERT_REQUEST); - assert(gnutls_priority_set_direct(server, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", - NULL) >= 0); + assert(gnutls_priority_set_direct( + server, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", + NULL) >= 0); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, scred); gnutls_transport_set_push_function(server, server_push); @@ -86,16 +84,16 @@ static void run(void) /* Init client */ assert(gnutls_certificate_allocate_credentials(&ccred) >= 0); - assert(gnutls_certificate_set_x509_key_mem - (ccred, &cli_ca3_cert_chain, &cli_ca3_key, - GNUTLS_X509_FMT_PEM) >= 0); - assert(gnutls_certificate_set_x509_trust_mem - (ccred, &ca3_cert, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem(ccred, &cli_ca3_cert_chain, + &cli_ca3_key, + GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(ccred, &ca3_cert, + GNUTLS_X509_FMT_PEM) >= 0); gnutls_init(&client, GNUTLS_CLIENT); - assert(gnutls_priority_set_direct(client, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", - NULL) >= 0); + assert(gnutls_priority_set_direct( + client, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", + NULL) >= 0); assert(gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, ccred) >= 0); @@ -110,8 +108,8 @@ static void run(void) switch_side("server"); sret = gnutls_rehandshake(server); if (sret < 0) { - fail("Error sending %d byte packet: %s\n", - (int)sizeof(buffer), gnutls_strerror(sret)); + fail("Error sending %d byte packet: %s\n", (int)sizeof(buffer), + gnutls_strerror(sret)); } else if (debug) success("server: starting rehandshake\n"); @@ -123,8 +121,8 @@ static void run(void) do { do { cret = gnutls_record_recv(client, buffer, MAX_BUF); - } while (cret == GNUTLS_E_AGAIN - || cret == GNUTLS_E_INTERRUPTED); + } while (cret == GNUTLS_E_AGAIN || + cret == GNUTLS_E_INTERRUPTED); } while (cret > 0); if (cret != GNUTLS_E_REHANDSHAKE) { diff --git a/tests/tls12-server-kx-neg.c b/tests/tls12-server-kx-neg.c index f74c56a704..a2853d33d7 100644 --- a/tests/tls12-server-kx-neg.c +++ b/tests/tls12-server-kx-neg.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the ciphersuite negotiation for various key exchange @@ -38,496 +38,433 @@ #include "server-kx-neg-common.c" test_case_st tests[] = { - { - .name = "TLS 1.2 ANON-DH without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 ANON-DH with cred but no DH params", - .client_ret = 0, - .server_ret = 0, - .have_anon_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 ANON-DH with cred and DH params (level)", - .server_ret = 0, - .client_ret = 0, - .have_anon_cred = 1, - .have_anon_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 ANON-DH with cred and DH params (explicit)", - .server_ret = 0, - .client_ret = 0, - .have_anon_cred = 1, - .have_anon_exp_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 DHE-RSA without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 DHE-RSA with cred but no DH params or cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 DHE-RSA with cred and cert but no DH params", - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 DHE-RSA with cred and DH params but no cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_cert_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = - "TLS 1.2 DHE-RSA with cred and incompatible cert and DH params", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_rsa_decrypt_cert = 1, - .have_ecc_sign_cert = 1, - .have_cert_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 DHE-RSA with cred and cert and DH params (level)", - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_cert_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 DHE-RSA with cred and cert and DH params (explicit)", - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_cert_exp_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 DHE-RSA with cred and multiple certs and DH params", - .client_ret = 0, - .server_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_ecc_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .have_cert_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 DHE-PSK without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 DHE-PSK with cred but no DH params", - .client_ret = 0, - .server_ret = 0, - .have_psk_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 DHE-PSK with cred and DH params (level)", - .client_ret = 0, - .server_ret = 0, - .have_psk_cred = 1, - .have_psk_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 DHE-PSK with cred and DH params (explicit)", - .client_ret = 0, - .server_ret = 0, - .have_psk_cred = 1, - .have_psk_exp_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 ECDHE-RSA without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 ECDHE-RSA with cred but no common curve or cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP256R1", - .client_prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP384R1"}, - { - .name = "TLS 1.2 ECDHE-RSA with cred and cert but no common curve", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP256R1", - .client_prio = - "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP384R1"}, - { - .name = "TLS 1.2 ECDHE-RSA with cred and common curve but no cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = - "TLS 1.2 ECDHE-RSA with cred and incompatible cert and common curve", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 ECDHE-RSA with cred and cert and common curve", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = - "TLS 1.2 ECDHE-RSA with cred and multiple certs and common curve", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_rsa_decrypt_cert = 1, - .have_rsa_sign_cert = 1, - .have_ecc_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2"}, + { .name = "TLS 1.2 ANON-DH without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 ANON-DH with cred but no DH params", + .client_ret = 0, + .server_ret = 0, + .have_anon_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 ANON-DH with cred and DH params (level)", + .server_ret = 0, + .client_ret = 0, + .have_anon_cred = 1, + .have_anon_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 ANON-DH with cred and DH params (explicit)", + .server_ret = 0, + .client_ret = 0, + .have_anon_cred = 1, + .have_anon_exp_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 DHE-RSA without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 DHE-RSA with cred but no DH params or cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 DHE-RSA with cred and cert but no DH params", + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 DHE-RSA with cred and DH params but no cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_cert_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 DHE-RSA with cred and incompatible cert and DH params", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_rsa_decrypt_cert = 1, + .have_ecc_sign_cert = 1, + .have_cert_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 DHE-RSA with cred and cert and DH params (level)", + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_cert_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 DHE-RSA with cred and cert and DH params (explicit)", + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_cert_exp_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 DHE-RSA with cred and multiple certs and DH params", + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_ecc_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .have_cert_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 DHE-PSK without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 DHE-PSK with cred but no DH params", + .client_ret = 0, + .server_ret = 0, + .have_psk_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 DHE-PSK with cred and DH params (level)", + .client_ret = 0, + .server_ret = 0, + .have_psk_cred = 1, + .have_psk_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 DHE-PSK with cred and DH params (explicit)", + .client_ret = 0, + .server_ret = 0, + .have_psk_cred = 1, + .have_psk_exp_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 ECDHE-RSA without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 ECDHE-RSA with cred but no common curve or cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP256R1", + .client_prio = + "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP384R1" }, + { .name = "TLS 1.2 ECDHE-RSA with cred and cert but no common curve", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = + "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP256R1", + .client_prio = + "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP384R1" }, + { .name = "TLS 1.2 ECDHE-RSA with cred and common curve but no cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 ECDHE-RSA with cred and incompatible cert and common curve", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 ECDHE-RSA with cred and cert and common curve", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 ECDHE-RSA with cred and multiple certs and common curve", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_rsa_decrypt_cert = 1, + .have_rsa_sign_cert = 1, + .have_ecc_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.2" }, - { - .name = "TLS 1.2 ECDHE-ECDSA without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 ECDHE-ECDSA with cred but no common curve or cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP256R1", - .client_prio = - "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP384R1"}, - { - .name = "TLS 1.2 ECDHE-ECDSA with cred and cert but no common curve", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_ecc_sign_cert = 1, - .server_prio = - "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP256R1", - .client_prio = - "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP384R1"}, - { - .name = - "TLS 1.2 ECDHE-ECDSA with cred and common curve but no ECDSA cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 ECDHE-ECDSA with cred and common curve but no cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 ECDHE-ECDSA with cred and cert and common curve", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_ecc_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = - "TLS 1.2 ECDHE-ECDSA with cred and multiple certs and common curve", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_ecc_sign_cert = 1, - .have_rsa_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 ECDHE-ECDSA with cred and ed25519 cert", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_ed25519_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = - "TLS 1.2 ECDHE-ECDSA with cred and cert but incompatible (ed25519) curves", - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .client_ret = GNUTLS_E_AGAIN, - .have_cert_cred = 1, - .have_ed25519_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = - "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2:-CURVE-ED25519:-SIGN-EDDSA-ED25519"}, - { - .name = "TLS 1.2 ECDHE-PSK without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 ECDHE-PSK with cred but no common curve", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_psk_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP256R1", - .client_prio = - "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP384R1"}, - { - .name = "TLS 1.2 ECDHE-PSK with cred and common curve", - .client_ret = 0, - .server_ret = 0, - .have_psk_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 RSA-PSK without cert cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .have_psk_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 RSA-PSK without psk cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_psk_cred = 0, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 RSA-PSK with cred but invalid cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_psk_cred = 1, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_ecc_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 RSA-PSK with cred", - .server_ret = 0, - .client_ret = 0, - .have_psk_cred = 1, - .have_cert_cred = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 RSA-PSK with cred and multiple certs", - .server_ret = 0, - .client_ret = 0, - .have_psk_cred = 1, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_ecc_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2"}, + { .name = "TLS 1.2 ECDHE-ECDSA without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 ECDHE-ECDSA with cred but no common curve or cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP256R1", + .client_prio = + "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP384R1" }, + { .name = "TLS 1.2 ECDHE-ECDSA with cred and cert but no common curve", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_ecc_sign_cert = 1, + .server_prio = + "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP256R1", + .client_prio = + "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP384R1" }, + { .name = "TLS 1.2 ECDHE-ECDSA with cred and common curve but no ECDSA cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 ECDHE-ECDSA with cred and common curve but no cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 ECDHE-ECDSA with cred and cert and common curve", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_ecc_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 ECDHE-ECDSA with cred and multiple certs and common curve", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_ecc_sign_cert = 1, + .have_rsa_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 ECDHE-ECDSA with cred and ed25519 cert", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_ed25519_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 ECDHE-ECDSA with cred and cert but incompatible (ed25519) curves", + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .client_ret = GNUTLS_E_AGAIN, + .have_cert_cred = 1, + .have_ed25519_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = + "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2:-CURVE-ED25519:-SIGN-EDDSA-ED25519" }, + { .name = "TLS 1.2 ECDHE-PSK without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 ECDHE-PSK with cred but no common curve", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_psk_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP256R1", + .client_prio = + "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.2:-CURVE-ALL:+CURVE-SECP384R1" }, + { .name = "TLS 1.2 ECDHE-PSK with cred and common curve", + .client_ret = 0, + .server_ret = 0, + .have_psk_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 RSA-PSK without cert cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .have_psk_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 RSA-PSK without psk cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_psk_cred = 0, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 RSA-PSK with cred but invalid cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_psk_cred = 1, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_ecc_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 RSA-PSK with cred", + .server_ret = 0, + .client_ret = 0, + .have_psk_cred = 1, + .have_cert_cred = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 RSA-PSK with cred and multiple certs", + .server_ret = 0, + .client_ret = 0, + .have_psk_cred = 1, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_ecc_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2" }, #ifdef ENABLE_SRP - { - .name = "TLS 1.2 SRP-RSA without cert cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .have_srp_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 SRP-RSA without srp cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_srp_cred = 0, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 SRP-RSA with cred but invalid cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_srp_cred = 1, - .have_cert_cred = 1, - .have_rsa_decrypt_cert = 1, - .have_ecc_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 SRP-RSA with cred", - .server_ret = 0, - .client_ret = 0, - .have_srp_cred = 1, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 SRP-RSA with cred and multiple certs", - .server_ret = 0, - .client_ret = 0, - .have_srp_cred = 1, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_ecc_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 SRP without srp cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .have_srp_cred = 0, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 SRP with cred", - .server_ret = 0, - .client_ret = 0, - .have_srp_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.2", - .client_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.2"}, + { .name = "TLS 1.2 SRP-RSA without cert cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .have_srp_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 SRP-RSA without srp cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_srp_cred = 0, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 SRP-RSA with cred but invalid cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_srp_cred = 1, + .have_cert_cred = 1, + .have_rsa_decrypt_cert = 1, + .have_ecc_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 SRP-RSA with cred", + .server_ret = 0, + .client_ret = 0, + .have_srp_cred = 1, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 SRP-RSA with cred and multiple certs", + .server_ret = 0, + .client_ret = 0, + .have_srp_cred = 1, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_ecc_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 SRP without srp cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .have_srp_cred = 0, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 SRP with cred", + .server_ret = 0, + .client_ret = 0, + .have_srp_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.2" }, #endif #ifdef ENABLE_GOST - { - .name = "TLS 1.2 VKO-GOST-12 without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .not_on_fips = 1, - .server_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2", - .client_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 VKO-GOST-12 with cred but no cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .not_on_fips = 1, - .server_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2", - .client_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 VKO-GOST-12 with cred but no GOST cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .not_on_fips = 1, - .server_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2", - .client_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 VKO-GOST-12 with cred and GOST12-256 cert", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_gost12_256_cert = 1, - .not_on_fips = 1, - .server_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2", - .client_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 VKO-GOST-12 with cred and GOST12-512 cert", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_gost12_512_cert = 1, - .not_on_fips = 1, - .server_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2", - .client_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = "TLS 1.2 VKO-GOST-12 with cred and multiple certs", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_ecc_sign_cert = 1, - .have_rsa_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .have_gost12_256_cert = 1, - .have_gost12_512_cert = 1, - .not_on_fips = 1, - .server_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2", - .client_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2"}, - { - .name = - "TLS 1.2 VKO-GOST-12 with cred and GOST12-256 cert client lacking signature algs (like SChannel)", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_gost12_256_cert = 1, - .not_on_fips = 1, - .server_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2", - .client_prio = - "NONE:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+VERS-TLS1.2:+SIGN-RSA-SHA256"}, - { - .name = - "TLS 1.2 VKO-GOST-12 with cred and GOST12-512 cert client lacking signature algs (like SChannel)", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_gost12_512_cert = 1, - .not_on_fips = 1, - .server_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2", - .client_prio = - "NONE:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+VERS-TLS1.2:+SIGN-RSA-SHA256"}, + { .name = "TLS 1.2 VKO-GOST-12 without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .not_on_fips = 1, + .server_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2", + .client_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 VKO-GOST-12 with cred but no cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .not_on_fips = 1, + .server_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2", + .client_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 VKO-GOST-12 with cred but no GOST cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .not_on_fips = 1, + .server_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2", + .client_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 VKO-GOST-12 with cred and GOST12-256 cert", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_gost12_256_cert = 1, + .not_on_fips = 1, + .server_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2", + .client_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 VKO-GOST-12 with cred and GOST12-512 cert", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_gost12_512_cert = 1, + .not_on_fips = 1, + .server_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2", + .client_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 VKO-GOST-12 with cred and multiple certs", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_ecc_sign_cert = 1, + .have_rsa_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .have_gost12_256_cert = 1, + .have_gost12_512_cert = 1, + .not_on_fips = 1, + .server_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2", + .client_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2" }, + { .name = "TLS 1.2 VKO-GOST-12 with cred and GOST12-256 cert client lacking signature algs (like SChannel)", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_gost12_256_cert = 1, + .not_on_fips = 1, + .server_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2", + .client_prio = + "NONE:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+VERS-TLS1.2:+SIGN-RSA-SHA256" }, + { .name = "TLS 1.2 VKO-GOST-12 with cred and GOST12-512 cert client lacking signature algs (like SChannel)", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_gost12_512_cert = 1, + .not_on_fips = 1, + .server_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:-VERS-ALL:+VERS-TLS1.2", + .client_prio = + "NONE:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+VERS-TLS1.2:+SIGN-RSA-SHA256" }, #endif }; diff --git a/tests/tls13-cert-key-exchange.c b/tests/tls13-cert-key-exchange.c index 5b93dc6a07..874fab8e58 100644 --- a/tests/tls13-cert-key-exchange.c +++ b/tests/tls13-cert-key-exchange.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the various certificate key exchange methods supported @@ -40,7 +40,7 @@ void doit(void) global_init(); server_priority = - "NORMAL:+ANON-DH:+ANON-ECDH:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519"; + "NORMAL:+ANON-DH:+ANON-ECDH:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519"; try_x509("TLS 1.3 with ffdhe2048 rsa no-cli-cert / anon on server", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048", GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, @@ -48,7 +48,7 @@ void doit(void) /** X.509 tests **/ server_priority = - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519"; + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519"; /* TLS 1.3 no client cert */ try_x509("TLS 1.3 with ffdhe2048 rsa no-cli-cert (ctype X.509)", @@ -80,58 +80,58 @@ void doit(void) GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, GNUTLS_SIGN_UNKNOWN); - try_with_key_ks - ("TLS 1.3 with secp256r1 ecdsa no-cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_ECDSA_SECP256R1_SHA256, - GNUTLS_SIGN_UNKNOWN, &server_ca3_localhost_ecc_cert, - &server_ca3_ecc_key, NULL, NULL, 0, GNUTLS_GROUP_SECP256R1, - GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); + try_with_key_ks( + "TLS 1.3 with secp256r1 ecdsa no-cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_ECDSA_SECP256R1_SHA256, + GNUTLS_SIGN_UNKNOWN, &server_ca3_localhost_ecc_cert, + &server_ca3_ecc_key, NULL, NULL, 0, GNUTLS_GROUP_SECP256R1, + GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); /* Test RSA-PSS cert/key combo issues */ - try_with_key_ks - ("TLS 1.3 with x25519 with rsa-pss-sha256 key no-cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, - GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss2_cert, - &server_ca3_rsa_pss2_key, NULL, NULL, 0, GNUTLS_GROUP_X25519, - GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); - try_with_key_ks - ("TLS 1.3 with x25519 with rsa-pss-sha256 key and 1 sig no-cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, - GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss2_cert, - &server_ca3_rsa_pss2_key, NULL, NULL, 0, GNUTLS_GROUP_X25519, - GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); - try_with_key_ks - ("TLS 1.3 with x25519 with rsa-pss-sha256 key and rsa-pss-sha384 first sig no-cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:-SIGN-ALL:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA256", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, - GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss2_cert, - &server_ca3_rsa_pss2_key, NULL, NULL, 0, GNUTLS_GROUP_X25519, - GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); - try_with_key_ks - ("TLS 1.3 with x25519 with rsa-pss-sha256 key and rsa-pss-sha512 first sig no-cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:-SIGN-ALL:+SIGN-RSA-PSS-SHA512:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA256", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, - GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss2_cert, - &server_ca3_rsa_pss2_key, NULL, NULL, 0, GNUTLS_GROUP_X25519, - GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); + try_with_key_ks( + "TLS 1.3 with x25519 with rsa-pss-sha256 key no-cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, + GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss2_cert, + &server_ca3_rsa_pss2_key, NULL, NULL, 0, GNUTLS_GROUP_X25519, + GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); + try_with_key_ks( + "TLS 1.3 with x25519 with rsa-pss-sha256 key and 1 sig no-cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, + GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss2_cert, + &server_ca3_rsa_pss2_key, NULL, NULL, 0, GNUTLS_GROUP_X25519, + GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); + try_with_key_ks( + "TLS 1.3 with x25519 with rsa-pss-sha256 key and rsa-pss-sha384 first sig no-cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:-SIGN-ALL:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA256", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, + GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss2_cert, + &server_ca3_rsa_pss2_key, NULL, NULL, 0, GNUTLS_GROUP_X25519, + GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); + try_with_key_ks( + "TLS 1.3 with x25519 with rsa-pss-sha256 key and rsa-pss-sha512 first sig no-cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:-SIGN-ALL:+SIGN-RSA-PSS-SHA512:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA256", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, + GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss2_cert, + &server_ca3_rsa_pss2_key, NULL, NULL, 0, GNUTLS_GROUP_X25519, + GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); - try_with_key_ks - ("TLS 1.3 with x25519 rsa-pss/rsa-pss no-cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, - GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss_cert, - &server_ca3_rsa_pss_key, NULL, NULL, 0, GNUTLS_GROUP_X25519, - GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); - try_with_key_ks("TLS 1.3 with x25519 ed25519 no-cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-ECDSA:-CURVE-ALL:+CURVE-X25519:-SIGN-ALL:+SIGN-EDDSA-ED25519", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_EDDSA_ED25519, - GNUTLS_SIGN_UNKNOWN, &server_ca3_eddsa_cert, - &server_ca3_eddsa_key, NULL, NULL, 0, - GNUTLS_GROUP_X25519, GNUTLS_CRT_X509, - GNUTLS_CRT_UNKNOWN); + try_with_key_ks( + "TLS 1.3 with x25519 rsa-pss/rsa-pss no-cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, + GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss_cert, + &server_ca3_rsa_pss_key, NULL, NULL, 0, GNUTLS_GROUP_X25519, + GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); + try_with_key_ks( + "TLS 1.3 with x25519 ed25519 no-cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-ECDSA:-CURVE-ALL:+CURVE-X25519:-SIGN-ALL:+SIGN-EDDSA-ED25519", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_EDDSA_ED25519, + GNUTLS_SIGN_UNKNOWN, &server_ca3_eddsa_cert, + &server_ca3_eddsa_key, NULL, NULL, 0, GNUTLS_GROUP_X25519, + GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); /* client authentication */ try_with_key("TLS 1.3 with rsa-pss cli-cert (ctype X.509)", @@ -155,119 +155,136 @@ void doit(void) &server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, &server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, USE_CERT, GNUTLS_CRT_X509, GNUTLS_CRT_X509); - try_with_key("TLS 1.3 with x25519 ed25519 cli-cert (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-RSA:-CURVE-ALL:+CURVE-X25519:-SIGN-ALL:+SIGN-EDDSA-ED25519", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_EDDSA_ED25519, - GNUTLS_SIGN_EDDSA_ED25519, &server_ca3_eddsa_cert, - &server_ca3_eddsa_key, &server_ca3_eddsa_cert, - &server_ca3_eddsa_key, USE_CERT, GNUTLS_CRT_X509, - GNUTLS_CRT_X509); + try_with_key( + "TLS 1.3 with x25519 ed25519 cli-cert (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-RSA:-CURVE-ALL:+CURVE-X25519:-SIGN-ALL:+SIGN-EDDSA-ED25519", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_EDDSA_ED25519, + GNUTLS_SIGN_EDDSA_ED25519, &server_ca3_eddsa_cert, + &server_ca3_eddsa_key, &server_ca3_eddsa_cert, + &server_ca3_eddsa_key, USE_CERT, GNUTLS_CRT_X509, + GNUTLS_CRT_X509); /* TLS 1.3 mis-matching groups */ /* Our policy is to send a key share for the first of each type of groups, so make sure * the server doesn't support them */ server_priority = - "NORMAL:-GROUP-ALL:-VERS-TLS-ALL:+VERS-TLS1.3:+GROUP-FFDHE3072:+GROUP-SECP521R1", - try_x509_ks("TLS 1.3 with default key share (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-FFDHE3072", - GNUTLS_KX_DHE_RSA, GNUTLS_GROUP_FFDHE3072); - try_x509_ks("TLS 1.3 with ffdhe2048 key share (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-FFDHE3072", - GNUTLS_KX_DHE_RSA, GNUTLS_GROUP_FFDHE3072); - try_x509_ks("TLS 1.3 with ffdhe4096 key share (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE4096:+GROUP-FFDHE3072", - GNUTLS_KX_DHE_RSA, GNUTLS_GROUP_FFDHE3072); - try_x509_ks("TLS 1.3 with secp256r1 key share (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-SECP521R1", - GNUTLS_KX_ECDHE_RSA, GNUTLS_GROUP_SECP521R1); - try_x509_ks("TLS 1.3 with secp384r1 key share (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1:+GROUP-SECP521R1", - GNUTLS_KX_ECDHE_RSA, GNUTLS_GROUP_SECP521R1); + "NORMAL:-GROUP-ALL:-VERS-TLS-ALL:+VERS-TLS1.3:+GROUP-FFDHE3072:+GROUP-SECP521R1", + try_x509_ks( + "TLS 1.3 with default key share (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-FFDHE3072", + GNUTLS_KX_DHE_RSA, GNUTLS_GROUP_FFDHE3072); + try_x509_ks( + "TLS 1.3 with ffdhe2048 key share (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-FFDHE3072", + GNUTLS_KX_DHE_RSA, GNUTLS_GROUP_FFDHE3072); + try_x509_ks( + "TLS 1.3 with ffdhe4096 key share (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE4096:+GROUP-FFDHE3072", + GNUTLS_KX_DHE_RSA, GNUTLS_GROUP_FFDHE3072); + try_x509_ks( + "TLS 1.3 with secp256r1 key share (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-SECP521R1", + GNUTLS_KX_ECDHE_RSA, GNUTLS_GROUP_SECP521R1); + try_x509_ks( + "TLS 1.3 with secp384r1 key share (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1:+GROUP-SECP521R1", + GNUTLS_KX_ECDHE_RSA, GNUTLS_GROUP_SECP521R1); try_x509_ks("TLS 1.3 with secp521r1 key share (ctype X.509)", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1", GNUTLS_KX_ECDHE_RSA, GNUTLS_GROUP_SECP521R1); - try_x509_ks("TLS 1.3 with x25519 -> ffdhe3072 key share (ctype X.509)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:+GROUP-SECP384R1:+GROUP-FFDHE3072", - GNUTLS_KX_DHE_RSA, GNUTLS_GROUP_FFDHE3072); + try_x509_ks( + "TLS 1.3 with x25519 -> ffdhe3072 key share (ctype X.509)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:+GROUP-SECP384R1:+GROUP-FFDHE3072", + GNUTLS_KX_DHE_RSA, GNUTLS_GROUP_FFDHE3072); /* TLS 1.2 fallback */ server_priority = - "NORMAL:-VERS-ALL:+VERS-TLS1.2:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519", - try_with_key_ks("TLS 1.2 fallback with x25519 ed25519 no-cli-cert", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:-KX-ALL:+ECDHE-ECDSA:-CURVE-ALL:+CURVE-X25519:-SIGN-ALL:+SIGN-EDDSA-ED25519", - GNUTLS_KX_ECDHE_ECDSA, GNUTLS_SIGN_EDDSA_ED25519, - GNUTLS_SIGN_UNKNOWN, &server_ca3_eddsa_cert, - &server_ca3_eddsa_key, NULL, NULL, 0, 0, - GNUTLS_CRT_X509, GNUTLS_CRT_UNKNOWN); - try_x509("TLS 1.2 fallback with secp521r1 rsa no-cli-cert", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:-GROUP-ALL:+GROUP-SECP521R1", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, - GNUTLS_SIGN_UNKNOWN); - try_x509("TLS 1.2 fallback with ffdhe2048 rsa no-cli-cert", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:-KX-ALL:+DHE-RSA:-GROUP-ALL:+GROUP-FFDHE2048", - GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_SHA256, - GNUTLS_SIGN_UNKNOWN); + "NORMAL:-VERS-ALL:+VERS-TLS1.2:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519", + try_with_key_ks( + "TLS 1.2 fallback with x25519 ed25519 no-cli-cert", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:-KX-ALL:+ECDHE-ECDSA:-CURVE-ALL:+CURVE-X25519:-SIGN-ALL:+SIGN-EDDSA-ED25519", + GNUTLS_KX_ECDHE_ECDSA, GNUTLS_SIGN_EDDSA_ED25519, + GNUTLS_SIGN_UNKNOWN, &server_ca3_eddsa_cert, + &server_ca3_eddsa_key, NULL, NULL, 0, 0, GNUTLS_CRT_X509, + GNUTLS_CRT_UNKNOWN); + try_x509( + "TLS 1.2 fallback with secp521r1 rsa no-cli-cert", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:-GROUP-ALL:+GROUP-SECP521R1", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, + GNUTLS_SIGN_UNKNOWN); + try_x509( + "TLS 1.2 fallback with ffdhe2048 rsa no-cli-cert", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:-KX-ALL:+DHE-RSA:-GROUP-ALL:+GROUP-FFDHE2048", + GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_SHA256, GNUTLS_SIGN_UNKNOWN); /** Raw public-key tests **/ server_priority = - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519:+CTYPE-ALL"; + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519:+CTYPE-ALL"; - try_rawpk("TLS 1.3 with ffdhe2048 rsa no-cli-cert (ctype Raw PK)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048:+CTYPE-ALL", - GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, - GNUTLS_SIGN_UNKNOWN); - try_rawpk("TLS 1.3 with ffdhe3072 rsa no-cli-cert (ctype Raw PK)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE3072:+CTYPE-ALL", - GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, - GNUTLS_SIGN_UNKNOWN); - try_rawpk("TLS 1.3 with ffdhe4096 rsa no-cli-cert (ctype Raw PK)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE4096:+CTYPE-ALL", - GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, - GNUTLS_SIGN_UNKNOWN); - try_rawpk("TLS 1.3 with secp256r1 rsa no-cli-cert (ctype Raw PK)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+CTYPE-ALL", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, - GNUTLS_SIGN_UNKNOWN); - try_rawpk("TLS 1.3 with secp384r1 rsa no-cli-cert (ctype Raw PK)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1:+CTYPE-ALL", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, - GNUTLS_SIGN_UNKNOWN); - try_rawpk("TLS 1.3 with secp521r1 rsa no-cli-cert (ctype Raw PK)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1:+CTYPE-ALL", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, - GNUTLS_SIGN_UNKNOWN); - try_rawpk("TLS 1.3 with x25519 rsa no-cli-cert (ctype Raw PK)", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:+CTYPE-ALL", - GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, - GNUTLS_SIGN_UNKNOWN); + try_rawpk( + "TLS 1.3 with ffdhe2048 rsa no-cli-cert (ctype Raw PK)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048:+CTYPE-ALL", + GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, + GNUTLS_SIGN_UNKNOWN); + try_rawpk( + "TLS 1.3 with ffdhe3072 rsa no-cli-cert (ctype Raw PK)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE3072:+CTYPE-ALL", + GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, + GNUTLS_SIGN_UNKNOWN); + try_rawpk( + "TLS 1.3 with ffdhe4096 rsa no-cli-cert (ctype Raw PK)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE4096:+CTYPE-ALL", + GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, + GNUTLS_SIGN_UNKNOWN); + try_rawpk( + "TLS 1.3 with secp256r1 rsa no-cli-cert (ctype Raw PK)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+CTYPE-ALL", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, + GNUTLS_SIGN_UNKNOWN); + try_rawpk( + "TLS 1.3 with secp384r1 rsa no-cli-cert (ctype Raw PK)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1:+CTYPE-ALL", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, + GNUTLS_SIGN_UNKNOWN); + try_rawpk( + "TLS 1.3 with secp521r1 rsa no-cli-cert (ctype Raw PK)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1:+CTYPE-ALL", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, + GNUTLS_SIGN_UNKNOWN); + try_rawpk( + "TLS 1.3 with x25519 rsa no-cli-cert (ctype Raw PK)", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:+CTYPE-ALL", + GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, + GNUTLS_SIGN_UNKNOWN); /** Illegal setups **/ server_priority = "NORMAL:-VERS-ALL:+VERS-TLS1.3"; - try_with_key_fail - ("TLS 1.3 with rsa cert and only RSA-PSS sig algos in client", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512", - GNUTLS_E_NO_CIPHER_SUITES, GNUTLS_E_AGAIN, - &server_ca3_localhost_cert, &server_ca3_key, NULL, NULL); + try_with_key_fail( + "TLS 1.3 with rsa cert and only RSA-PSS sig algos in client", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512", + GNUTLS_E_NO_CIPHER_SUITES, GNUTLS_E_AGAIN, + &server_ca3_localhost_cert, &server_ca3_key, NULL, NULL); - try_with_key_fail - ("TLS 1.3 with x25519 with rsa-pss cert and RSAE signatures", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256:+SIGN-RSA-PSS-RSAE-SHA384", - GNUTLS_E_NO_CIPHER_SUITES, GNUTLS_E_AGAIN, - &server_ca3_rsa_pss2_cert, &server_ca3_rsa_pss2_key, NULL, NULL); + try_with_key_fail( + "TLS 1.3 with x25519 with rsa-pss cert and RSAE signatures", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256:+SIGN-RSA-PSS-RSAE-SHA384", + GNUTLS_E_NO_CIPHER_SUITES, GNUTLS_E_AGAIN, + &server_ca3_rsa_pss2_cert, &server_ca3_rsa_pss2_key, NULL, + NULL); server_priority = NULL; - try_with_key_fail("TLS 1.3 with rsa cert and only RSA-PSS sig algos", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512", - GNUTLS_E_NO_CIPHER_SUITES, GNUTLS_E_AGAIN, - &server_ca3_localhost_cert, &server_ca3_key, NULL, - NULL); + try_with_key_fail( + "TLS 1.3 with rsa cert and only RSA-PSS sig algos", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512", + GNUTLS_E_NO_CIPHER_SUITES, GNUTLS_E_AGAIN, + &server_ca3_localhost_cert, &server_ca3_key, NULL, NULL); - try_with_key_fail - ("TLS 1.3 with rsa-pss cert and rsa cli cert with only RSA-PSS sig algos", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512", - GNUTLS_E_CERTIFICATE_REQUIRED, GNUTLS_E_SUCCESS, - &server_ca3_rsa_pss_cert, &server_ca3_rsa_pss_key, &cli_ca3_cert, - &cli_ca3_key); + try_with_key_fail( + "TLS 1.3 with rsa-pss cert and rsa cli cert with only RSA-PSS sig algos", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512", + GNUTLS_E_CERTIFICATE_REQUIRED, GNUTLS_E_SUCCESS, + &server_ca3_rsa_pss_cert, &server_ca3_rsa_pss_key, + &cli_ca3_cert, &cli_ca3_key); try_with_key_fail("TLS 1.3 with rsa encryption cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3", @@ -281,26 +298,26 @@ void doit(void) &server_ca3_localhost_rsa_decrypt_cert, &server_ca3_key, NULL, NULL); - try_with_key_fail - ("TLS 1.3 with (forced) rsa encryption cert - client should detect", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:%DEBUG_ALLOW_KEY_USAGE_VIOLATIONS", - GNUTLS_E_AGAIN, GNUTLS_E_KEY_USAGE_VIOLATION, - &server_ca3_localhost_rsa_decrypt_cert, &server_ca3_key, NULL, - NULL); + try_with_key_fail( + "TLS 1.3 with (forced) rsa encryption cert - client should detect", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:%DEBUG_ALLOW_KEY_USAGE_VIOLATIONS", + GNUTLS_E_AGAIN, GNUTLS_E_KEY_USAGE_VIOLATION, + &server_ca3_localhost_rsa_decrypt_cert, &server_ca3_key, NULL, + NULL); try_with_key_fail("TLS 1.3 with client rsa encryption cert", - "NORMAL:-VERS-ALL:+VERS-TLS1.3", - GNUTLS_E_AGAIN, GNUTLS_E_INSUFFICIENT_CREDENTIALS, + "NORMAL:-VERS-ALL:+VERS-TLS1.3", GNUTLS_E_AGAIN, + GNUTLS_E_INSUFFICIENT_CREDENTIALS, &server_ca3_rsa_pss_cert, &server_ca3_rsa_pss_key, &server_ca3_localhost_rsa_decrypt_cert, &server_ca3_key); - try_with_key_fail - ("TLS 1.3 with (forced) client rsa encryption cert - server should detect", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:%DEBUG_ALLOW_KEY_USAGE_VIOLATIONS", - GNUTLS_E_KEY_USAGE_VIOLATION, GNUTLS_E_SUCCESS, - &server_ca3_rsa_pss_cert, &server_ca3_rsa_pss_key, - &server_ca3_localhost_rsa_decrypt_cert, &server_ca3_key); + try_with_key_fail( + "TLS 1.3 with (forced) client rsa encryption cert - server should detect", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:%DEBUG_ALLOW_KEY_USAGE_VIOLATIONS", + GNUTLS_E_KEY_USAGE_VIOLATION, GNUTLS_E_SUCCESS, + &server_ca3_rsa_pss_cert, &server_ca3_rsa_pss_key, + &server_ca3_localhost_rsa_decrypt_cert, &server_ca3_key); try_with_rawpk_key_fail("rawpk TLS 1.3 with rsa encryption cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:+CTYPE-RAWPK", @@ -308,11 +325,12 @@ void doit(void) &rawpk_public_key1, &rawpk_private_key1, GNUTLS_KEY_KEY_ENCIPHERMENT, NULL, NULL, 0); - try_with_rawpk_key_fail - ("rawpk TLS 1.3 and TLS 1.2 with rsa encryption cert", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+CTYPE-RAWPK", - GNUTLS_E_SUCCESS, GNUTLS_E_SUCCESS, &rawpk_public_key1, - &rawpk_private_key1, GNUTLS_KEY_KEY_ENCIPHERMENT, NULL, NULL, 0); + try_with_rawpk_key_fail( + "rawpk TLS 1.3 and TLS 1.2 with rsa encryption cert", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+CTYPE-RAWPK", + GNUTLS_E_SUCCESS, GNUTLS_E_SUCCESS, &rawpk_public_key1, + &rawpk_private_key1, GNUTLS_KEY_KEY_ENCIPHERMENT, NULL, NULL, + 0); try_with_rawpk_key_fail("rawpk TLS 1.3 with client rsa encryption cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:+CTYPE-RAWPK", diff --git a/tests/tls13-cipher-neg.c b/tests/tls13-cipher-neg.c index f9be6f530c..d537538a34 100644 --- a/tests/tls13-cipher-neg.c +++ b/tests/tls13-cipher-neg.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the ciphersuite negotiation for various key exchange @@ -45,157 +45,137 @@ test_case_st tests[] = { { - .name = "server TLS 1.3: NULL (server - exp fallback)", - .not_on_fips = 1, - .cipher = GNUTLS_CIPHER_NULL, - .server_prio = - SPRIO - ":+VERS-TLS1.2:-CIPHER-ALL:+NULL:+CIPHER-ALL:%SERVER_PRECEDENCE:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-ALL", - .client_prio = - CPRIO - ":+VERS-TLS1.2:+NULL:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-SECP384R1:+GROUP-SECP521R1:+GROUP-SECP256R1", - .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(NULL)-(SHA1)", - }, + .name = "server TLS 1.3: NULL (server - exp fallback)", + .not_on_fips = 1, + .cipher = GNUTLS_CIPHER_NULL, + .server_prio = SPRIO + ":+VERS-TLS1.2:-CIPHER-ALL:+NULL:+CIPHER-ALL:%SERVER_PRECEDENCE:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-ALL", + .client_prio = CPRIO + ":+VERS-TLS1.2:+NULL:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-SECP384R1:+GROUP-SECP521R1:+GROUP-SECP256R1", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(NULL)-(SHA1)", + }, { - .name = "client TLS 1.3: NULL (client)", - .not_on_fips = 1, - .cipher = GNUTLS_CIPHER_NULL, - .server_prio = - SPRIO - ":+VERS-TLS1.2:+NULL:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-SECP384R1:+GROUP-SECP521R1:+GROUP-SECP256R1", - .client_prio = - CPRIO - ":-CIPHER-ALL:+NULL:+CIPHER-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-ALL", - .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(NULL)-(SHA1)", - }, + .name = "client TLS 1.3: NULL (client)", + .not_on_fips = 1, + .cipher = GNUTLS_CIPHER_NULL, + .server_prio = SPRIO + ":+VERS-TLS1.2:+NULL:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-SECP384R1:+GROUP-SECP521R1:+GROUP-SECP256R1", + .client_prio = CPRIO + ":-CIPHER-ALL:+NULL:+CIPHER-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-ALL", + .desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(NULL)-(SHA1)", + }, { - .name = "server TLS 1.3: AES-128-GCM with SECP256R1 (server)", - .cipher = GNUTLS_CIPHER_AES_128_GCM, - .group = GNUTLS_GROUP_SECP256R1, - .server_prio = - SPRIO - ":-CIPHER-ALL:+AES-128-GCM:+CIPHER-ALL:%SERVER_PRECEDENCE:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-ALL", - .client_prio = - CPRIO - ":+AES-128-GCM:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-SECP384R1:+GROUP-SECP521R1:+GROUP-SECP256R1", - .desc = - "(TLS1.3)-(ECDHE-SECP256R1)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)", - }, + .name = "server TLS 1.3: AES-128-GCM with SECP256R1 (server)", + .cipher = GNUTLS_CIPHER_AES_128_GCM, + .group = GNUTLS_GROUP_SECP256R1, + .server_prio = SPRIO + ":-CIPHER-ALL:+AES-128-GCM:+CIPHER-ALL:%SERVER_PRECEDENCE:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-ALL", + .client_prio = CPRIO + ":+AES-128-GCM:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-SECP384R1:+GROUP-SECP521R1:+GROUP-SECP256R1", + .desc = "(TLS1.3)-(ECDHE-SECP256R1)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)", + }, { - .name = "both TLS 1.3: AES-128-GCM with X25519 (server)", - .cipher = GNUTLS_CIPHER_AES_128_GCM, - .group = GNUTLS_GROUP_X25519, - .server_prio = - SPRIO - ":-CIPHER-ALL:+AES-128-GCM:+CIPHER-ALL:%SERVER_PRECEDENCE:-GROUP-ALL:+GROUP-X25519:+GROUP-ALL", - .client_prio = - CPRIO - ":+AES-128-GCM:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-SECP384R1:+GROUP-SECP521R1:+GROUP-SECP256R1:+GROUP-ALL", - .desc = "(TLS1.3)-(ECDHE-X25519)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)", - }, + .name = "both TLS 1.3: AES-128-GCM with X25519 (server)", + .cipher = GNUTLS_CIPHER_AES_128_GCM, + .group = GNUTLS_GROUP_X25519, + .server_prio = SPRIO + ":-CIPHER-ALL:+AES-128-GCM:+CIPHER-ALL:%SERVER_PRECEDENCE:-GROUP-ALL:+GROUP-X25519:+GROUP-ALL", + .client_prio = CPRIO + ":+AES-128-GCM:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-SECP384R1:+GROUP-SECP521R1:+GROUP-SECP256R1:+GROUP-ALL", + .desc = "(TLS1.3)-(ECDHE-X25519)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)", + }, { - .name = "client TLS 1.3: AES-128-GCM with SECP256R1 (client)", - .cipher = GNUTLS_CIPHER_AES_128_GCM, - .group = GNUTLS_GROUP_SECP256R1, - .server_prio = - SPRIO - ":+AES-128-GCM:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-SECP384R1:+GROUP-SECP521R1:+GROUP-SECP256R1", - .client_prio = - CPRIO - ":-CIPHER-ALL:+AES-128-GCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-ALL", - .desc = - "(TLS1.3)-(ECDHE-SECP256R1)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)", - }, + .name = "client TLS 1.3: AES-128-GCM with SECP256R1 (client)", + .cipher = GNUTLS_CIPHER_AES_128_GCM, + .group = GNUTLS_GROUP_SECP256R1, + .server_prio = SPRIO + ":+AES-128-GCM:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-SECP384R1:+GROUP-SECP521R1:+GROUP-SECP256R1", + .client_prio = CPRIO + ":-CIPHER-ALL:+AES-128-GCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-ALL", + .desc = "(TLS1.3)-(ECDHE-SECP256R1)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)", + }, { - .name = "both TLS 1.3: AES-128-GCM with X25519 (client)", - .cipher = GNUTLS_CIPHER_AES_128_GCM, - .group = GNUTLS_GROUP_X25519, - .server_prio = - SPRIO - ":+AES-128-GCM:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-SECP384R1:+GROUP-SECP521R1:+GROUP-SECP256R1:+GROUP-ALL", - .client_prio = - CPRIO - ":-CIPHER-ALL:+AES-128-GCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:+GROUP-ALL", - .desc = "(TLS1.3)-(ECDHE-X25519)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)", - }, + .name = "both TLS 1.3: AES-128-GCM with X25519 (client)", + .cipher = GNUTLS_CIPHER_AES_128_GCM, + .group = GNUTLS_GROUP_X25519, + .server_prio = SPRIO + ":+AES-128-GCM:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-SECP384R1:+GROUP-SECP521R1:+GROUP-SECP256R1:+GROUP-ALL", + .client_prio = CPRIO + ":-CIPHER-ALL:+AES-128-GCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:+GROUP-ALL", + .desc = "(TLS1.3)-(ECDHE-X25519)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)", + }, { - .name = "server TLS 1.3: AES-128-CCM and FFDHE2048 (server)", - .cipher = GNUTLS_CIPHER_AES_128_CCM, - .group = GNUTLS_GROUP_FFDHE2048, - .server_prio = - SPRIO - ":-CIPHER-ALL:+AES-128-CCM:+CIPHER-ALL:%SERVER_PRECEDENCE:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-ALL", - .client_prio = CPRIO ":+AES-128-CCM", - .desc = "(TLS1.3)-(DHE-FFDHE2048)-(RSA-PSS-RSAE-SHA256)-(AES-128-CCM)", - }, + .name = "server TLS 1.3: AES-128-CCM and FFDHE2048 (server)", + .cipher = GNUTLS_CIPHER_AES_128_CCM, + .group = GNUTLS_GROUP_FFDHE2048, + .server_prio = SPRIO + ":-CIPHER-ALL:+AES-128-CCM:+CIPHER-ALL:%SERVER_PRECEDENCE:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-ALL", + .client_prio = CPRIO ":+AES-128-CCM", + .desc = "(TLS1.3)-(DHE-FFDHE2048)-(RSA-PSS-RSAE-SHA256)-(AES-128-CCM)", + }, { - .name = "both TLS 1.3: AES-128-CCM and FFDHE 2048 (server)", - .cipher = GNUTLS_CIPHER_AES_128_CCM, - .group = GNUTLS_GROUP_FFDHE2048, - .server_prio = - SPRIO - ":-CIPHER-ALL:+AES-128-CCM:+CIPHER-ALL:%SERVER_PRECEDENCE:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-ALL", - .client_prio = CPRIO ":+AES-128-CCM:+VERS-TLS1.3", - .desc = "(TLS1.3)-(DHE-FFDHE2048)-(RSA-PSS-RSAE-SHA256)-(AES-128-CCM)", - }, + .name = "both TLS 1.3: AES-128-CCM and FFDHE 2048 (server)", + .cipher = GNUTLS_CIPHER_AES_128_CCM, + .group = GNUTLS_GROUP_FFDHE2048, + .server_prio = SPRIO + ":-CIPHER-ALL:+AES-128-CCM:+CIPHER-ALL:%SERVER_PRECEDENCE:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-ALL", + .client_prio = CPRIO ":+AES-128-CCM:+VERS-TLS1.3", + .desc = "(TLS1.3)-(DHE-FFDHE2048)-(RSA-PSS-RSAE-SHA256)-(AES-128-CCM)", + }, { - .name = "client TLS 1.3: AES-128-CCM and FFDHE 2048 (client)", - .cipher = GNUTLS_CIPHER_AES_128_CCM, - .group = GNUTLS_GROUP_FFDHE2048, - .server_prio = SPRIO ":+AES-128-CCM", - .client_prio = - CPRIO - ":-CIPHER-ALL:+AES-128-CCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-ALL", - .desc = "(TLS1.3)-(DHE-FFDHE2048)-(RSA-PSS-RSAE-SHA256)-(AES-128-CCM)", - }, + .name = "client TLS 1.3: AES-128-CCM and FFDHE 2048 (client)", + .cipher = GNUTLS_CIPHER_AES_128_CCM, + .group = GNUTLS_GROUP_FFDHE2048, + .server_prio = SPRIO ":+AES-128-CCM", + .client_prio = CPRIO + ":-CIPHER-ALL:+AES-128-CCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-ALL", + .desc = "(TLS1.3)-(DHE-FFDHE2048)-(RSA-PSS-RSAE-SHA256)-(AES-128-CCM)", + }, { - .name = "both TLS 1.3: AES-128-CCM and FFDHE 2048 (client)", - .cipher = GNUTLS_CIPHER_AES_128_CCM, - .group = GNUTLS_GROUP_FFDHE2048, - .server_prio = SPRIO ":+AES-128-CCM:+VERS-TLS1.3", - .client_prio = - CPRIO - ":-CIPHER-ALL:+AES-128-CCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-ALL", - .desc = "(TLS1.3)-(DHE-FFDHE2048)-(RSA-PSS-RSAE-SHA256)-(AES-128-CCM)", - }, + .name = "both TLS 1.3: AES-128-CCM and FFDHE 2048 (client)", + .cipher = GNUTLS_CIPHER_AES_128_CCM, + .group = GNUTLS_GROUP_FFDHE2048, + .server_prio = SPRIO ":+AES-128-CCM:+VERS-TLS1.3", + .client_prio = CPRIO + ":-CIPHER-ALL:+AES-128-CCM:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-ALL", + .desc = "(TLS1.3)-(DHE-FFDHE2048)-(RSA-PSS-RSAE-SHA256)-(AES-128-CCM)", + }, { - .name = "server TLS 1.3: CHACHA20-POLY (server)", - .cipher = GNUTLS_CIPHER_CHACHA20_POLY1305, - .not_on_fips = 1, - .server_prio = - SPRIO ":-CIPHER-ALL:+CHACHA20-POLY1305:+CIPHER-ALL:%SERVER_PRECEDENCE", - .client_prio = CPRIO ":+CHACHA20-POLY1305", - .desc = - "(TLS1.3)-(ECDHE-SECP256R1)-(RSA-PSS-RSAE-SHA256)-(CHACHA20-POLY1305)", - }, + .name = "server TLS 1.3: CHACHA20-POLY (server)", + .cipher = GNUTLS_CIPHER_CHACHA20_POLY1305, + .not_on_fips = 1, + .server_prio = SPRIO + ":-CIPHER-ALL:+CHACHA20-POLY1305:+CIPHER-ALL:%SERVER_PRECEDENCE", + .client_prio = CPRIO ":+CHACHA20-POLY1305", + .desc = "(TLS1.3)-(ECDHE-SECP256R1)-(RSA-PSS-RSAE-SHA256)-(CHACHA20-POLY1305)", + }, { - .name = "both TLS 1.3: CHACHA20-POLY (server)", - .cipher = GNUTLS_CIPHER_CHACHA20_POLY1305, - .not_on_fips = 1, - .server_prio = - SPRIO ":-CIPHER-ALL:+CHACHA20-POLY1305:+CIPHER-ALL:%SERVER_PRECEDENCE", - .client_prio = CPRIO ":+CHACHA20-POLY1305:+VERS-TLS1.3", - .desc = - "(TLS1.3)-(ECDHE-SECP256R1)-(RSA-PSS-RSAE-SHA256)-(CHACHA20-POLY1305)", - }, + .name = "both TLS 1.3: CHACHA20-POLY (server)", + .cipher = GNUTLS_CIPHER_CHACHA20_POLY1305, + .not_on_fips = 1, + .server_prio = SPRIO + ":-CIPHER-ALL:+CHACHA20-POLY1305:+CIPHER-ALL:%SERVER_PRECEDENCE", + .client_prio = CPRIO ":+CHACHA20-POLY1305:+VERS-TLS1.3", + .desc = "(TLS1.3)-(ECDHE-SECP256R1)-(RSA-PSS-RSAE-SHA256)-(CHACHA20-POLY1305)", + }, { - .name = "client TLS 1.3: CHACHA20-POLY (client)", - .cipher = GNUTLS_CIPHER_CHACHA20_POLY1305, - .not_on_fips = 1, - .server_prio = SPRIO ":+CHACHA20-POLY1305", - .client_prio = CPRIO ":-CIPHER-ALL:+CHACHA20-POLY1305:+CIPHER-ALL", - .desc = - "(TLS1.3)-(ECDHE-SECP256R1)-(RSA-PSS-RSAE-SHA256)-(CHACHA20-POLY1305)", - }, + .name = "client TLS 1.3: CHACHA20-POLY (client)", + .cipher = GNUTLS_CIPHER_CHACHA20_POLY1305, + .not_on_fips = 1, + .server_prio = SPRIO ":+CHACHA20-POLY1305", + .client_prio = CPRIO + ":-CIPHER-ALL:+CHACHA20-POLY1305:+CIPHER-ALL", + .desc = "(TLS1.3)-(ECDHE-SECP256R1)-(RSA-PSS-RSAE-SHA256)-(CHACHA20-POLY1305)", + }, { - .name = "both TLS 1.3: CHACHA20-POLY (client)", - .cipher = GNUTLS_CIPHER_CHACHA20_POLY1305, - .not_on_fips = 1, - .server_prio = SPRIO ":+CHACHA20-POLY1305", - .client_prio = CPRIO ":-CIPHER-ALL:+CHACHA20-POLY1305:+CIPHER-ALL", - .desc = - "(TLS1.3)-(ECDHE-SECP256R1)-(RSA-PSS-RSAE-SHA256)-(CHACHA20-POLY1305)", - } + .name = "both TLS 1.3: CHACHA20-POLY (client)", + .cipher = GNUTLS_CIPHER_CHACHA20_POLY1305, + .not_on_fips = 1, + .server_prio = SPRIO ":+CHACHA20-POLY1305", + .client_prio = CPRIO + ":-CIPHER-ALL:+CHACHA20-POLY1305:+CIPHER-ALL", + .desc = "(TLS1.3)-(ECDHE-SECP256R1)-(RSA-PSS-RSAE-SHA256)-(CHACHA20-POLY1305)", + } }; void doit(void) diff --git a/tests/tls13-compat-mode.c b/tests/tls13-compat-mode.c index ec391e17dc..f5b18b30b7 100644 --- a/tests/tls13-compat-mode.c +++ b/tests/tls13-compat-mode.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -44,10 +44,9 @@ struct data { bool compat; }; -static int -handshake_callback(gnutls_session_t session, unsigned int htype, - unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) +static int handshake_callback(gnutls_session_t session, unsigned int htype, + unsigned post, unsigned int incoming, + const gnutls_datum_t *msg) { unsigned pos; struct data *data; @@ -88,16 +87,15 @@ static void test(const char *name, bool client_compat, bool server_compat) /* Init server */ assert(gnutls_certificate_allocate_credentials(&serverx509cred) >= 0); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); assert(gnutls_init(&server, GNUTLS_SERVER) >= 0); - assert(gnutls_credentials_set - (server, GNUTLS_CRD_CERTIFICATE, serverx509cred) >= 0); - assert(gnutls_priority_set_direct - (server, server_compat ? COMPAT_PRIO : NO_COMPAT_PRIO, - NULL) >= 0); + assert(gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, + serverx509cred) >= 0); + assert(gnutls_priority_set_direct( + server, server_compat ? COMPAT_PRIO : NO_COMPAT_PRIO, + NULL) >= 0); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -108,10 +106,9 @@ static void test(const char *name, bool client_compat, bool server_compat) assert(gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, clientx509cred) >= 0); - assert(gnutls_priority_set_direct(client, - client_compat ? - COMPAT_PRIO : NO_COMPAT_PRIO, - NULL) >= 0); + assert(gnutls_priority_set_direct( + client, client_compat ? COMPAT_PRIO : NO_COMPAT_PRIO, + NULL) >= 0); gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); gnutls_transport_set_ptr(client, client); diff --git a/tests/tls13-early-data-neg.c b/tests/tls13-early-data-neg.c index 0312bbab8b..7492bfe112 100644 --- a/tests/tls13-early-data-neg.c +++ b/tests/tls13-early-data-neg.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,23 +35,23 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" -# include "virt-time.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" +#include "virt-time.h" /* This program tests the robustness of record sending with padding. */ @@ -66,22 +66,21 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define SESSIONS 3 -# define MAX_BUF 1024 -# define MSG "Hello TLS" -# define EARLY_MSG "Hello TLS, it's early" -# define PRIORITY "NORMAL:-VERS-ALL:+VERS-TLS1.3" +#define SESSIONS 3 +#define MAX_BUF 1024 +#define MSG "Hello TLS" +#define EARLY_MSG "Hello TLS, it's early" +#define PRIORITY "NORMAL:-VERS-ALL:+VERS-TLS1.3" -static const -gnutls_datum_t hrnd = { (void *) - "\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", +static const gnutls_datum_t hrnd = { + (void *)"\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32 }; static int gnutls_rnd_works; int __attribute__((visibility("protected"))) - gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len) +gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len) { gnutls_rnd_works = 1; @@ -98,7 +97,7 @@ gnutls_datum_t client_hello_msg = { NULL, 0 }; static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { assert(client_hello_msg.data == NULL); @@ -155,18 +154,18 @@ static void client(int sds[]) gnutls_transport_set_int(session, sd); if (t > 0) { - assert(gnutls_session_set_data - (session, session_data.data, - session_data.size) >= 0); - assert(gnutls_record_send_early_data - (session, EARLY_MSG, sizeof(EARLY_MSG)) >= 0); + assert(gnutls_session_set_data(session, + session_data.data, + session_data.size) >= 0); + assert(gnutls_record_send_early_data( + session, EARLY_MSG, sizeof(EARLY_MSG)) >= + 0); assert(gnutls_handshake_set_random(session, &hrnd) >= 0); - gnutls_handshake_set_hook_function(session, - GNUTLS_HANDSHAKE_CLIENT_HELLO, - GNUTLS_HOOK_POST, - handshake_callback); + gnutls_handshake_set_hook_function( + session, GNUTLS_HANDSHAKE_CLIENT_HELLO, + GNUTLS_HOOK_POST, handshake_callback); } /* Perform the TLS handshake @@ -174,8 +173,7 @@ static void client(int sds[]) gnutls_handshake_set_timeout(session, get_timeout()); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed\n"); @@ -203,13 +201,12 @@ static void client(int sds[]) gnutls_record_send(session, MSG, strlen(MSG)); do { - ret = - gnutls_record_recv(session, buffer, sizeof(buffer)); + ret = gnutls_record_recv(session, buffer, + sizeof(buffer)); } while (ret == GNUTLS_E_AGAIN); if (ret == 0) { if (debug) - success - ("client: Peer has closed the TLS connection\n"); + success("client: Peer has closed the TLS connection\n"); goto end; } else if (ret < 0) { fail("client: Error: %s\n", gnutls_strerror(ret)); @@ -225,12 +222,11 @@ static void client(int sds[]) assert(client_hello_msg.data != NULL); - ret = - send(sds[SESSIONS - 1], client_hello_msg.data, - client_hello_msg.size, 0); + ret = send(sds[SESSIONS - 1], client_hello_msg.data, + client_hello_msg.size, 0); assert(ret == (int)client_hello_msg.size); - end: +end: gnutls_free(client_hello_msg.data); gnutls_free(session_data.data); gnutls_certificate_free_credentials(x509_cred); @@ -238,16 +234,15 @@ static void client(int sds[]) static pid_t child; -# define MAX_CLIENT_HELLO_RECORDED 10 +#define MAX_CLIENT_HELLO_RECORDED 10 struct storage_st { gnutls_datum_t entries[MAX_CLIENT_HELLO_RECORDED]; size_t num_entries; }; -static int -storage_add(void *ptr, time_t expires, const gnutls_datum_t * key, - const gnutls_datum_t * value) +static int storage_add(void *ptr, time_t expires, const gnutls_datum_t *key, + const gnutls_datum_t *value) { struct storage_st *storage = ptr; gnutls_datum_t *datum; @@ -255,8 +250,8 @@ storage_add(void *ptr, time_t expires, const gnutls_datum_t * key, for (i = 0; i < storage->num_entries; i++) { if (key->size == storage->entries[i].size && - memcmp(storage->entries[i].data, key->data, - key->size) == 0) { + memcmp(storage->entries[i].data, key->data, key->size) == + 0) { return GNUTLS_E_DB_ENTRY_EXISTS; } } @@ -327,9 +322,9 @@ static void server(int sds[]) success("=== session %d ===\n", t); - assert(gnutls_init - (&session, - GNUTLS_SERVER | GNUTLS_ENABLE_EARLY_DATA) >= 0); + assert(gnutls_init(&session, + GNUTLS_SERVER | GNUTLS_ENABLE_EARLY_DATA) >= + 0); assert(gnutls_priority_set_direct(session, PRIORITY, NULL) >= 0); @@ -350,23 +345,23 @@ static void server(int sds[]) if (t == SESSIONS - 1) { /* duplicate data expected */ - if (ret < 0 - && !(gnutls_session_get_flags(session) & - GNUTLS_SFLAGS_EARLY_DATA)) { + if (ret < 0 && !(gnutls_session_get_flags(session) & + GNUTLS_SFLAGS_EARLY_DATA)) { success("we detected the duplicate data!\n"); close(sd); gnutls_deinit(session); goto cleanup; } else { - fail("server: duplicate early data was not detected (%d)\n", t); + fail("server: duplicate early data was not detected (%d)\n", + t); } } if (ret < 0) { close(sd); gnutls_deinit(session); - fail("server[%d]: Handshake has failed (%s)\n\n", - t, gnutls_strerror(ret)); + fail("server[%d]: Handshake has failed (%s)\n\n", t, + gnutls_strerror(ret)); return; } if (debug) @@ -382,39 +377,36 @@ static void server(int sds[]) * early data only on the first resumption */ if (t == 1) { if (gnutls_rnd_works) { - if (! - (gnutls_session_get_flags(session) & - GNUTLS_SFLAGS_EARLY_DATA)) { - fail("server: early data is not received (%d)\n", t); + if (!(gnutls_session_get_flags(session) & + GNUTLS_SFLAGS_EARLY_DATA)) { + fail("server: early data is not received (%d)\n", + t); } } else { - success - ("server: gnutls_rnd() could not be overridden, skip checking replay (%d)\n", - t); + success("server: gnutls_rnd() could not be overridden, skip checking replay (%d)\n", + t); } - ret = - gnutls_record_recv_early_data(session, - buffer, - sizeof - (buffer)); + ret = gnutls_record_recv_early_data( + session, buffer, sizeof(buffer)); if (ret < 0) { - fail("server: failed to retrieve early data: %s\n", gnutls_strerror(ret)); + fail("server: failed to retrieve early data: %s\n", + gnutls_strerror(ret)); } - if (ret != sizeof(EARLY_MSG) - || memcmp(buffer, EARLY_MSG, ret)) + if (ret != sizeof(EARLY_MSG) || + memcmp(buffer, EARLY_MSG, ret)) fail("server: early data mismatch\n"); } else { if (gnutls_rnd_works) { if (gnutls_session_get_flags(session) & GNUTLS_SFLAGS_EARLY_DATA) { - fail("server: early data is not rejected (%d)\n", t); + fail("server: early data is not rejected (%d)\n", + t); } } else { - success - ("server: gnutls_rnd() could not be overridden, skip checking replay (%d)\n", - t); + success("server: gnutls_rnd() could not be overridden, skip checking replay (%d)\n", + t); } } } @@ -425,12 +417,12 @@ static void server(int sds[]) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { kill(child, SIGTERM); - fail("server: Received corrupted data(%d). Closing...\n", ret); + fail("server: Received corrupted data(%d). Closing...\n", + ret); break; } else if (ret > 0) { /* echo data back to the client @@ -448,7 +440,7 @@ static void server(int sds[]) gnutls_deinit(session); } - cleanup: +cleanup: gnutls_anti_replay_deinit(anti_replay); storage_clear(&storage); @@ -505,4 +497,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13-early-data-neg2.c b/tests/tls13-early-data-neg2.c index ea71a3d36c..0c5232faf6 100644 --- a/tests/tls13-early-data-neg2.c +++ b/tests/tls13-early-data-neg2.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,23 +35,23 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" -# include "virt-time.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" +#include "virt-time.h" /* This program checks that early data is refused upon resumption failure. */ @@ -66,11 +66,11 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define SESSIONS 2 -# define MAX_BUF 1024 -# define MSG "Hello TLS" -# define EARLY_MSG "Hello TLS, it's early" -# define PRIORITY "NORMAL:-VERS-ALL:+VERS-TLS1.3" +#define SESSIONS 2 +#define MAX_BUF 1024 +#define MSG "Hello TLS" +#define EARLY_MSG "Hello TLS, it's early" +#define PRIORITY "NORMAL:-VERS-ALL:+VERS-TLS1.3" static void client(int sds[]) { @@ -106,11 +106,12 @@ static void client(int sds[]) gnutls_transport_set_int(session, sd); if (t > 0) { - assert(gnutls_session_set_data - (session, session_data.data, - session_data.size) >= 0); - assert(gnutls_record_send_early_data - (session, EARLY_MSG, sizeof(EARLY_MSG)) >= 0); + assert(gnutls_session_set_data(session, + session_data.data, + session_data.size) >= 0); + assert(gnutls_record_send_early_data( + session, EARLY_MSG, sizeof(EARLY_MSG)) >= + 0); } /* Perform the TLS handshake @@ -118,8 +119,7 @@ static void client(int sds[]) gnutls_handshake_set_timeout(session, get_timeout()); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed: %s\n", @@ -143,13 +143,12 @@ static void client(int sds[]) gnutls_record_send(session, MSG, strlen(MSG)); do { - ret = - gnutls_record_recv(session, buffer, sizeof(buffer)); + ret = gnutls_record_recv(session, buffer, + sizeof(buffer)); } while (ret == GNUTLS_E_AGAIN); if (ret == 0) { if (debug) - success - ("client: Peer has closed the TLS connection\n"); + success("client: Peer has closed the TLS connection\n"); goto end; } else if (ret < 0) { fail("client: Error: %s\n", gnutls_strerror(ret)); @@ -162,23 +161,22 @@ static void client(int sds[]) gnutls_deinit(session); } - end: +end: gnutls_free(session_data.data); gnutls_certificate_free_credentials(x509_cred); } static pid_t child; -# define MAX_CLIENT_HELLO_RECORDED 10 +#define MAX_CLIENT_HELLO_RECORDED 10 struct storage_st { gnutls_datum_t entries[MAX_CLIENT_HELLO_RECORDED]; size_t num_entries; }; -static int -storage_add(void *ptr, time_t expires, const gnutls_datum_t * key, - const gnutls_datum_t * value) +static int storage_add(void *ptr, time_t expires, const gnutls_datum_t *key, + const gnutls_datum_t *value) { struct storage_st *storage = ptr; gnutls_datum_t *datum; @@ -186,8 +184,8 @@ storage_add(void *ptr, time_t expires, const gnutls_datum_t * key, for (i = 0; i < storage->num_entries; i++) { if (key->size == storage->entries[i].size && - memcmp(storage->entries[i].data, key->data, - key->size) == 0) { + memcmp(storage->entries[i].data, key->data, key->size) == + 0) { return GNUTLS_E_DB_ENTRY_EXISTS; } } @@ -256,9 +254,9 @@ static void server(int sds[]) success("=== session %d ===\n", t); - assert(gnutls_init - (&session, - GNUTLS_SERVER | GNUTLS_ENABLE_EARLY_DATA) >= 0); + assert(gnutls_init(&session, + GNUTLS_SERVER | GNUTLS_ENABLE_EARLY_DATA) >= + 0); assert(gnutls_priority_set_direct(session, PRIORITY, NULL) >= 0); @@ -283,8 +281,8 @@ static void server(int sds[]) if (ret < 0) { gnutls_deinit(session); - fail("server[%d]: Handshake has failed (%s)\n\n", - t, gnutls_strerror(ret)); + fail("server[%d]: Handshake has failed (%s)\n\n", t, + gnutls_strerror(ret)); } if (debug) success("server: Handshake was completed\n"); @@ -305,12 +303,12 @@ static void server(int sds[]) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { kill(child, SIGTERM); - fail("server: Received corrupted data(%d). Closing...\n", ret); + fail("server: Received corrupted data(%d). Closing...\n", + ret); } else if (ret > 0) { /* echo data back to the client */ @@ -383,4 +381,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13-early-data.c b/tests/tls13-early-data.c index 0676dc2002..8768d33ee2 100644 --- a/tests/tls13-early-data.c +++ b/tests/tls13-early-data.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -36,31 +36,31 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" -# include "virt-time.h" -# define MIN(x,y) (((x)<(y))?(x):(y)) - -# define TRACE_CLIENT 1 -# define TRACE_SERVER 2 +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" +#include "virt-time.h" +#define MIN(x, y) (((x) < (y)) ? (x) : (y)) + +#define TRACE_CLIENT 1 +#define TRACE_SERVER 2 /* To reproduce the entries in {client,server}-secrets.h, set this to * either TRACE_CLIENT or TRACE_SERVER. */ -# define TRACE 0 +#define TRACE 0 /* This program tests the robustness of record sending with padding. */ @@ -78,9 +78,9 @@ static void client_log_func(int level, const char *str) /* A very basic TLS client. */ -# define MAX_BUF 1024 -# define MSG "Hello TLS" -# define EARLY_MSG "Hello TLS, it's early" +#define MAX_BUF 1024 +#define MSG "Hello TLS" +#define EARLY_MSG "Hello TLS, it's early" extern unsigned int _gnutls_global_version; @@ -90,26 +90,26 @@ extern unsigned int _gnutls_global_version; * is to check that the early data is encrypted with the ciphersuite * selected during the initial handshake, not the resuming handshakes. */ -# define SESSIONS 3 -# define TLS13_AES_128_GCM "NONE:+VERS-TLS1.3:+AES-128-GCM:+AEAD:+SIGN-RSA-PSS-RSAE-SHA384:+GROUP-SECP256R1:%NO_SHUFFLE_EXTENSIONS" -# define TLS13_CHACHA20_POLY1305 "NONE:+VERS-TLS1.3:+CHACHA20-POLY1305:+AEAD:+SIGN-RSA-PSS-RSAE-SHA384:+GROUP-SECP256R1:%NO_SHUFFLE_EXTENSIONS" - -static const -gnutls_datum_t hrnd = { (void *) - "\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", +#define SESSIONS 3 +#define TLS13_AES_128_GCM \ + "NONE:+VERS-TLS1.3:+AES-128-GCM:+AEAD:+SIGN-RSA-PSS-RSAE-SHA384:+GROUP-SECP256R1:%NO_SHUFFLE_EXTENSIONS" +#define TLS13_CHACHA20_POLY1305 \ + "NONE:+VERS-TLS1.3:+CHACHA20-POLY1305:+AEAD:+SIGN-RSA-PSS-RSAE-SHA384:+GROUP-SECP256R1:%NO_SHUFFLE_EXTENSIONS" + +static const gnutls_datum_t hrnd = { + (void *)"\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32 }; -static const -gnutls_datum_t hsrnd = { (void *) - "\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", +static const gnutls_datum_t hsrnd = { + (void *)"\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32 }; static int gnutls_rnd_works; int __attribute__((visibility("protected"))) - gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len) +gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len) { gnutls_rnd_works = 1; @@ -122,8 +122,8 @@ int __attribute__((visibility("protected"))) return 0; } -# define MAX_SECRET_SIZE 64 -# define MAX_SECRET_COUNT 10 +#define MAX_SECRET_SIZE 64 +#define MAX_SECRET_COUNT 10 struct secret { gnutls_record_encryption_level_t level; @@ -134,62 +134,62 @@ struct secret { uint8_t secret_write_buf[MAX_SECRET_SIZE]; }; -# include "client-secrets.h" -# include "server-secrets.h" +#include "client-secrets.h" +#include "server-secrets.h" struct secrets_expected { const struct secret *secrets; size_t count; }; -# define SIZEOF(array) (sizeof(array) / sizeof(array[0])) +#define SIZEOF(array) (sizeof(array) / sizeof(array[0])) static const struct secrets_expected client_normal[SESSIONS] = { - {client_normal_0, SIZEOF(client_normal_0)}, - {client_normal_1, SIZEOF(client_normal_1)}, - {client_normal_2, SIZEOF(client_normal_2)}, + { client_normal_0, SIZEOF(client_normal_0) }, + { client_normal_1, SIZEOF(client_normal_1) }, + { client_normal_2, SIZEOF(client_normal_2) }, }; static const struct secrets_expected client_small[SESSIONS] = { - {client_small_0, SIZEOF(client_small_0)}, - {client_small_1, SIZEOF(client_small_1)}, - {client_small_2, SIZEOF(client_small_2)}, + { client_small_0, SIZEOF(client_small_0) }, + { client_small_1, SIZEOF(client_small_1) }, + { client_small_2, SIZEOF(client_small_2) }, }; static const struct secrets_expected client_empty[SESSIONS] = { - {client_empty_0, SIZEOF(client_empty_0)}, - {client_empty_1, SIZEOF(client_empty_1)}, - {client_empty_2, SIZEOF(client_empty_2)}, + { client_empty_0, SIZEOF(client_empty_0) }, + { client_empty_1, SIZEOF(client_empty_1) }, + { client_empty_2, SIZEOF(client_empty_2) }, }; static const struct secrets_expected client_explicit[SESSIONS] = { - {client_explicit_0, SIZEOF(client_explicit_0)}, - {client_explicit_1, SIZEOF(client_explicit_1)}, - {client_explicit_2, SIZEOF(client_explicit_2)}, + { client_explicit_0, SIZEOF(client_explicit_0) }, + { client_explicit_1, SIZEOF(client_explicit_1) }, + { client_explicit_2, SIZEOF(client_explicit_2) }, }; static const struct secrets_expected server_normal[SESSIONS] = { - {server_normal_0, SIZEOF(server_normal_0)}, - {server_normal_1, SIZEOF(server_normal_1)}, - {server_normal_2, SIZEOF(server_normal_2)}, + { server_normal_0, SIZEOF(server_normal_0) }, + { server_normal_1, SIZEOF(server_normal_1) }, + { server_normal_2, SIZEOF(server_normal_2) }, }; static const struct secrets_expected server_small[SESSIONS] = { - {server_small_0, SIZEOF(server_small_0)}, - {server_small_1, SIZEOF(server_small_1)}, - {server_small_2, SIZEOF(server_small_2)}, + { server_small_0, SIZEOF(server_small_0) }, + { server_small_1, SIZEOF(server_small_1) }, + { server_small_2, SIZEOF(server_small_2) }, }; static const struct secrets_expected server_empty[SESSIONS] = { - {server_empty_0, SIZEOF(server_empty_0)}, - {server_empty_1, SIZEOF(server_empty_1)}, - {server_empty_2, SIZEOF(server_empty_2)}, + { server_empty_0, SIZEOF(server_empty_0) }, + { server_empty_1, SIZEOF(server_empty_1) }, + { server_empty_2, SIZEOF(server_empty_2) }, }; static const struct secrets_expected server_explicit[SESSIONS] = { - {server_explicit_0, SIZEOF(server_explicit_0)}, - {server_explicit_1, SIZEOF(server_explicit_1)}, - {server_explicit_2, SIZEOF(server_explicit_2)}, + { server_explicit_0, SIZEOF(server_explicit_0) }, + { server_explicit_1, SIZEOF(server_explicit_1) }, + { server_explicit_2, SIZEOF(server_explicit_2) }, }; struct fixture { @@ -205,49 +205,49 @@ struct fixture { static const struct fixture fixtures[] = { { - .name = "normal", - .cflags = 0, - .sflags = 0, - .early_data = {(uint8_t *) EARLY_MSG, sizeof(EARLY_MSG)}, - .max_early_data_size = MAX_BUF, - .expect_early_data = true, - .client_secrets = client_normal, - .server_secrets = server_normal, - }, + .name = "normal", + .cflags = 0, + .sflags = 0, + .early_data = { (uint8_t *)EARLY_MSG, sizeof(EARLY_MSG) }, + .max_early_data_size = MAX_BUF, + .expect_early_data = true, + .client_secrets = client_normal, + .server_secrets = server_normal, + }, { - .name = "small", - .cflags = 0, - .sflags = 0, - .early_data = {(uint8_t *) EARLY_MSG, sizeof(EARLY_MSG)}, - .max_early_data_size = 10, - .expect_early_data = true, - .client_secrets = client_small, - .server_secrets = server_small, - }, + .name = "small", + .cflags = 0, + .sflags = 0, + .early_data = { (uint8_t *)EARLY_MSG, sizeof(EARLY_MSG) }, + .max_early_data_size = 10, + .expect_early_data = true, + .client_secrets = client_small, + .server_secrets = server_small, + }, { - .name = "empty", - .cflags = 0, - .sflags = 0, - .early_data = {NULL, 0}, - .max_early_data_size = MAX_BUF, - .expect_early_data = false, - .client_secrets = client_empty, - .server_secrets = server_empty, - }, + .name = "empty", + .cflags = 0, + .sflags = 0, + .early_data = { NULL, 0 }, + .max_early_data_size = MAX_BUF, + .expect_early_data = false, + .client_secrets = client_empty, + .server_secrets = server_empty, + }, { - .name = "explicit", - .cflags = GNUTLS_ENABLE_EARLY_DATA, - .sflags = 0, - .early_data = {NULL, 0}, - .max_early_data_size = MAX_BUF, - .expect_early_data = false, - .client_secrets = client_explicit, - .server_secrets = server_explicit, - }, + .name = "explicit", + .cflags = GNUTLS_ENABLE_EARLY_DATA, + .sflags = 0, + .early_data = { NULL, 0 }, + .max_early_data_size = MAX_BUF, + .expect_early_data = false, + .client_secrets = client_explicit, + .server_secrets = server_explicit, + }, }; -# if TRACE -static void print_secret(FILE * out, struct secret *secret) +#if TRACE +static void print_secret(FILE *out, struct secret *secret) { const char *level; @@ -291,14 +291,13 @@ static void print_secret(FILE * out, struct secret *secret) } } -static void -print_secrets(FILE * out, const char *side, const char *name, int t, - struct secret *secrets, size_t count) +static void print_secrets(FILE *out, const char *side, const char *name, int t, + struct secret *secrets, size_t count) { size_t i; - fprintf(out, "static const struct secret %s_%s_%d[] = {\n", - side, name, t); + fprintf(out, "static const struct secret %s_%s_%d[] = {\n", side, name, + t); for (i = 0; i < count; i++) { fputs("\t{\n", out); print_secret(out, &secrets[i]); @@ -306,17 +305,16 @@ print_secrets(FILE * out, const char *side, const char *name, int t, } fputs("};\n\n", out); } -# endif +#endif -static void -check_secrets(const struct secret *secrets, size_t count, - const struct secrets_expected *expected) +static void check_secrets(const struct secret *secrets, size_t count, + const struct secrets_expected *expected) { size_t i; if (count != expected->count) { - fail("unexpected number of secrets: %zu != %zu\n", - count, expected->count); + fail("unexpected number of secrets: %zu != %zu\n", count, + expected->count); } for (i = 0; i < count; i++) { @@ -324,7 +322,8 @@ check_secrets(const struct secret *secrets, size_t count, fail("unexpected secret level: %d != %d\n", secrets[i].level, expected->secrets[i].level); } - if (secrets[i].secret_size != expected->secrets[i].secret_size) { + if (secrets[i].secret_size != + expected->secrets[i].secret_size) { fail("unexpected secret size: %zu != %zu\n", secrets[i].secret_size, expected->secrets[i].secret_size); @@ -362,11 +361,10 @@ struct callback_data { struct secret secrets[MAX_SECRET_COUNT]; }; -static int -secret_callback(gnutls_session_t session, - gnutls_record_encryption_level_t level, - const void *secret_read, - const void *secret_write, size_t secret_size) +static int secret_callback(gnutls_session_t session, + gnutls_record_encryption_level_t level, + const void *secret_read, const void *secret_write, + size_t secret_size) { struct callback_data *data = gnutls_session_get_ptr(session); struct secret *secret = &data->secrets[data->secret_callback_called]; @@ -382,12 +380,17 @@ secret_callback(gnutls_session_t session, cipher_algo = gnutls_early_cipher_get(session); if (cipher_algo != GNUTLS_CIPHER_AES_128_GCM) { - fail("unexpected cipher used for early data: %s != %s\n", gnutls_cipher_get_name(cipher_algo), gnutls_cipher_get_name(GNUTLS_CIPHER_AES_128_GCM)); + fail("unexpected cipher used for early data: %s != %s\n", + gnutls_cipher_get_name(cipher_algo), + gnutls_cipher_get_name( + GNUTLS_CIPHER_AES_128_GCM)); } digest_algo = gnutls_early_prf_hash_get(session); if (digest_algo != GNUTLS_DIG_SHA256) { - fail("unexpected PRF hash used for early data: %s != %s\n", gnutls_digest_get_name(digest_algo), gnutls_digest_get_name(GNUTLS_DIG_SHA256)); + fail("unexpected PRF hash used for early data: %s != %s\n", + gnutls_digest_get_name(digest_algo), + gnutls_digest_get_name(GNUTLS_DIG_SHA256)); } } } @@ -442,10 +445,11 @@ static void client(int sds[], const struct fixture *fixture) assert(gnutls_init(&session, GNUTLS_CLIENT | fixture->cflags) >= 0); - assert(gnutls_priority_set_direct - (session, - t == 0 ? TLS13_AES_128_GCM : TLS13_CHACHA20_POLY1305, - NULL) >= 0); + assert(gnutls_priority_set_direct( + session, + t == 0 ? TLS13_AES_128_GCM : + TLS13_CHACHA20_POLY1305, + NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -459,20 +463,20 @@ static void client(int sds[], const struct fixture *fixture) gnutls_handshake_set_secret_function(session, secret_callback); if (t > 0) { - assert(gnutls_session_set_data - (session, session_data.data, - session_data.size) >= 0); + assert(gnutls_session_set_data(session, + session_data.data, + session_data.size) >= 0); /* The server should have advertised the same maximum. */ if (gnutls_record_get_max_early_data_size(session) != fixture->max_early_data_size) - fail("client: max_early_data_size mismatch %d != %d\n", (int)gnutls_record_get_max_early_data_size(session), (int)fixture->max_early_data_size); - assert(gnutls_record_send_early_data(session, - fixture->early_data. - data, - MIN - (fixture->early_data.size, - fixture->max_early_data_size)) - >= 0); + fail("client: max_early_data_size mismatch %d != %d\n", + (int)gnutls_record_get_max_early_data_size( + session), + (int)fixture->max_early_data_size); + assert(gnutls_record_send_early_data( + session, fixture->early_data.data, + MIN(fixture->early_data.size, + fixture->max_early_data_size)) >= 0); } /* Perform the TLS handshake @@ -480,8 +484,7 @@ static void client(int sds[], const struct fixture *fixture) gnutls_handshake_set_timeout(session, get_timeout()); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed: %s\n", @@ -492,14 +495,13 @@ static void client(int sds[], const struct fixture *fixture) } if (!gnutls_rnd_works) { - success - ("client: gnutls_rnd() could not be overridden\n"); + success("client: gnutls_rnd() could not be overridden\n"); } else { -# if TRACE == TRACE_CLIENT +#if TRACE == TRACE_CLIENT print_secrets(stderr, "client", fixture->name, t, callback_data.secrets, callback_data.secret_callback_called); -# endif +#endif check_secrets(callback_data.secrets, callback_data.secret_callback_called, &fixture->client_secrets[t]); @@ -529,13 +531,12 @@ static void client(int sds[], const struct fixture *fixture) gnutls_record_send(session, MSG, strlen(MSG)); do { - ret = - gnutls_record_recv(session, buffer, sizeof(buffer)); + ret = gnutls_record_recv(session, buffer, + sizeof(buffer)); } while (ret == GNUTLS_E_AGAIN); if (ret == 0) { if (debug) - success - ("client: Peer has closed the TLS connection\n"); + success("client: Peer has closed the TLS connection\n"); goto end; } else if (ret < 0) { fail("client: Error: %s\n", gnutls_strerror(ret)); @@ -548,7 +549,7 @@ static void client(int sds[], const struct fixture *fixture) gnutls_deinit(session); } - end: +end: gnutls_free(session_data.data); gnutls_certificate_free_credentials(x509_cred); @@ -557,16 +558,15 @@ static void client(int sds[], const struct fixture *fixture) static pid_t child; -# define MAX_CLIENT_HELLO_RECORDED 10 +#define MAX_CLIENT_HELLO_RECORDED 10 struct storage_st { gnutls_datum_t entries[MAX_CLIENT_HELLO_RECORDED]; size_t num_entries; }; -static int -storage_add(void *ptr, time_t expires, const gnutls_datum_t * key, - const gnutls_datum_t * value) +static int storage_add(void *ptr, time_t expires, const gnutls_datum_t *key, + const gnutls_datum_t *value) { struct storage_st *storage = ptr; gnutls_datum_t *datum; @@ -574,8 +574,8 @@ storage_add(void *ptr, time_t expires, const gnutls_datum_t * key, for (i = 0; i < storage->num_entries; i++) { if (key->size == storage->entries[i].size && - memcmp(storage->entries[i].data, key->data, - key->size) == 0) { + memcmp(storage->entries[i].data, key->data, key->size) == + 0) { return GNUTLS_E_DB_ENTRY_EXISTS; } } @@ -650,14 +650,15 @@ static void server(int sds[], const struct fixture *fixture) int sd = sds[t]; struct callback_data callback_data; - assert(gnutls_init - (&session, - GNUTLS_SERVER | GNUTLS_ENABLE_EARLY_DATA) >= 0); + assert(gnutls_init(&session, + GNUTLS_SERVER | GNUTLS_ENABLE_EARLY_DATA) >= + 0); - assert(gnutls_priority_set_direct - (session, - t == 0 ? TLS13_AES_128_GCM : TLS13_CHACHA20_POLY1305, - NULL) >= 0); + assert(gnutls_priority_set_direct( + session, + t == 0 ? TLS13_AES_128_GCM : + TLS13_CHACHA20_POLY1305, + NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -671,8 +672,8 @@ static void server(int sds[], const struct fixture *fixture) * until max_early_data_size without decryption */ if (t < 2) - (void)gnutls_record_set_max_early_data_size(session, - fixture->max_early_data_size); + (void)gnutls_record_set_max_early_data_size( + session, fixture->max_early_data_size); assert(gnutls_handshake_set_random(session, &hsrnd) >= 0); gnutls_transport_set_int(session, sd); @@ -684,8 +685,7 @@ static void server(int sds[], const struct fixture *fixture) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(sd); gnutls_deinit(session); @@ -703,8 +703,7 @@ static void server(int sds[], const struct fixture *fixture) } if (!gnutls_rnd_works) { - success - ("server: gnutls_rnd() could not be overridden\n"); + success("server: gnutls_rnd() could not be overridden\n"); goto skip_early_data; } @@ -714,11 +713,11 @@ static void server(int sds[], const struct fixture *fixture) fail("negotiated unexpected cipher: %s\n", gnutls_cipher_get_name(ret)); } -# if TRACE == TRACE_SERVER +#if TRACE == TRACE_SERVER print_secrets(stderr, "server", fixture->name, t, callback_data.secrets, callback_data.secret_callback_called); -# endif +#endif check_secrets(callback_data.secrets, callback_data.secret_callback_called, &fixture->server_secrets[t]); @@ -729,45 +728,48 @@ static void server(int sds[], const struct fixture *fixture) if (fixture->expect_early_data && !(gnutls_session_get_flags(session) & GNUTLS_SFLAGS_EARLY_DATA)) { - fail("server: early data is not received (%d)\n", t); + fail("server: early data is not received (%d)\n", + t); } - ret = - gnutls_record_recv_early_data(session, buffer, - sizeof(buffer)); + ret = gnutls_record_recv_early_data(session, buffer, + sizeof(buffer)); if (ret < 0) { if (fixture->early_data.size == 0 || fixture->max_early_data_size == 0) { if (ret != - GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) - { - fail("server: unexpected error code when retrieving empty early data: %s\n", gnutls_strerror(ret)); + GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { + fail("server: unexpected error code when retrieving empty early data: %s\n", + gnutls_strerror(ret)); } } else { - fail("server: failed to retrieve early data: %s\n", gnutls_strerror(ret)); + fail("server: failed to retrieve early data: %s\n", + gnutls_strerror(ret)); } } else { if (fixture->early_data.size == 0 || fixture->max_early_data_size == 0) { - fail("server: unexpected early data received: %d\n", ret); + fail("server: unexpected early data received: %d\n", + ret); } else if ((size_t)ret != - MIN(fixture->early_data.size, - fixture->max_early_data_size) - || memcmp(buffer, - fixture->early_data.data, - ret)) { + MIN(fixture->early_data.size, + fixture->max_early_data_size) || + memcmp(buffer, + fixture->early_data.data, + ret)) { fail("server: early data mismatch\n"); } } } else if (t == 2) { if (fixture->expect_early_data && gnutls_session_get_flags(session) & - GNUTLS_SFLAGS_EARLY_DATA) { - fail("server: early data is not rejected (%d)\n", t); + GNUTLS_SFLAGS_EARLY_DATA) { + fail("server: early data is not rejected (%d)\n", + t); } } - skip_early_data: + skip_early_data: /* see the Getting peer's information example */ /* print_info(session); */ @@ -777,8 +779,7 @@ static void server(int sds[], const struct fixture *fixture) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { kill(child, SIGTERM); @@ -875,4 +876,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13-early-start.c b/tests/tls13-early-start.c index 41002668a2..9f4a3e3214 100644 --- a/tests/tls13-early-start.c +++ b/tests/tls13-early-start.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests support for early start in TLS1.3 handshake */ @@ -44,18 +44,18 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -#define try_ok(name, client_prio) \ - try_with_key(name, client_prio, \ - &server_ca3_localhost_cert, &server_ca3_key, NULL, NULL, 0) +#define try_ok(name, client_prio) \ + try_with_key(name, client_prio, &server_ca3_localhost_cert, \ + &server_ca3_key, NULL, NULL, 0) #define MSG "hello there ppl" -static -void try_with_key_fail(const char *name, const char *client_prio, - const gnutls_datum_t * serv_cert, - const gnutls_datum_t * serv_key, - const gnutls_datum_t * cli_cert, - const gnutls_datum_t * cli_key, unsigned init_flags) +static void try_with_key_fail(const char *name, const char *client_prio, + const gnutls_datum_t *serv_cert, + const gnutls_datum_t *serv_key, + const gnutls_datum_t *cli_cert, + const gnutls_datum_t *cli_key, + unsigned init_flags) { int ret; char buffer[256]; @@ -76,9 +76,8 @@ void try_with_key_fail(const char *name, const char *client_prio, /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - ret = gnutls_certificate_set_x509_key_mem(serverx509cred, - serv_cert, serv_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + serverx509cred, serv_cert, serv_key, GNUTLS_X509_FMT_PEM); if (ret < 0) fail("Could not set key/cert: %s\n", gnutls_strerror(ret)); @@ -97,9 +96,8 @@ void try_with_key_fail(const char *name, const char *client_prio, exit(1); if (cli_cert) { - gnutls_certificate_set_x509_key_mem(clientx509cred, - cli_cert, cli_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem( + clientx509cred, cli_cert, cli_key, GNUTLS_X509_FMT_PEM); gnutls_certificate_server_set_request(server, GNUTLS_CERT_REQUIRE); } @@ -174,13 +172,12 @@ void try_with_key_fail(const char *name, const char *client_prio, gnutls_certificate_free_credentials(clientx509cred); } -static -void try_with_key_ks(const char *name, const char *client_prio, - const gnutls_datum_t * serv_cert, - const gnutls_datum_t * serv_key, - const gnutls_datum_t * client_cert, - const gnutls_datum_t * client_key, - unsigned cert_flags, unsigned init_flags) +static void try_with_key_ks(const char *name, const char *client_prio, + const gnutls_datum_t *serv_cert, + const gnutls_datum_t *serv_key, + const gnutls_datum_t *client_cert, + const gnutls_datum_t *client_key, + unsigned cert_flags, unsigned init_flags) { int ret; char buffer[256]; @@ -203,9 +200,8 @@ void try_with_key_ks(const char *name, const char *client_prio, /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - ret = gnutls_certificate_set_x509_key_mem(serverx509cred, - serv_cert, serv_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + serverx509cred, serv_cert, serv_key, GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("Could not set key/cert: %s\n", gnutls_strerror(ret)); } @@ -213,9 +209,8 @@ void try_with_key_ks(const char *name, const char *client_prio, assert(gnutls_init(&server, GNUTLS_SERVER | init_flags) >= 0); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); - assert(gnutls_priority_set_direct(server, - "NORMAL:-VERS-ALL:+VERS-TLS1.3", - NULL) >= 0); + assert(gnutls_priority_set_direct( + server, "NORMAL:-VERS-ALL:+VERS-TLS1.3", NULL) >= 0); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -227,8 +222,8 @@ void try_with_key_ks(const char *name, const char *client_prio, exit(1); if (cert_flags == USE_CERT) { - gnutls_certificate_set_x509_key_mem(clientx509cred, - client_cert, client_key, + gnutls_certificate_set_x509_key_mem(clientx509cred, client_cert, + client_key, GNUTLS_X509_FMT_PEM); gnutls_certificate_server_set_request(server, GNUTLS_CERT_REQUIRE); @@ -309,16 +304,14 @@ void try_with_key_ks(const char *name, const char *client_prio, gnutls_certificate_free_credentials(clientx509cred); } -static -void try_with_key(const char *name, const char *client_prio, - const gnutls_datum_t * serv_cert, - const gnutls_datum_t * serv_key, - const gnutls_datum_t * cli_cert, - const gnutls_datum_t * cli_key, unsigned cert_flags) +static void try_with_key(const char *name, const char *client_prio, + const gnutls_datum_t *serv_cert, + const gnutls_datum_t *serv_key, + const gnutls_datum_t *cli_cert, + const gnutls_datum_t *cli_key, unsigned cert_flags) { - return try_with_key_ks(name, client_prio, - serv_cert, serv_key, cli_cert, cli_key, - cert_flags, GNUTLS_ENABLE_EARLY_START); + return try_with_key_ks(name, client_prio, serv_cert, serv_key, cli_cert, + cli_key, cert_flags, GNUTLS_ENABLE_EARLY_START); } #include "cert-common.h" @@ -333,10 +326,11 @@ void doit(void) try_ok("TLS 1.3 with x25519 rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519"); - try_with_key_ks("TLS 1.3 with secp256r1 ecdsa no-cli-cert", - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1", - &server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, - NULL, NULL, 0, GNUTLS_ENABLE_EARLY_START); + try_with_key_ks( + "TLS 1.3 with secp256r1 ecdsa no-cli-cert", + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1", + &server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, NULL, NULL, + 0, GNUTLS_ENABLE_EARLY_START); /* client authentication: no early start possible */ try_with_key_fail("TLS 1.3 with rsa-pss cli-cert", diff --git a/tests/tls13-rehandshake-cert.c b/tests/tls13-rehandshake-cert.c index 06f169c31e..180e2a894c 100644 --- a/tests/tls13-rehandshake-cert.c +++ b/tests/tls13-rehandshake-cert.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -44,8 +44,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static -void server_initiated_handshake(void) +static void server_initiated_handshake(void) { /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -68,9 +67,8 @@ void server_initiated_handshake(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); gnutls_priority_set_direct(server, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", @@ -126,8 +124,7 @@ void server_initiated_handshake(void) reset_buffers(); } -static -void client_initiated_handshake(void) +static void client_initiated_handshake(void) { /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -150,9 +147,8 @@ void client_initiated_handshake(void) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); gnutls_priority_set_direct(server, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", diff --git a/tests/tls13-server-kx-neg.c b/tests/tls13-server-kx-neg.c index c2e987a1fa..2fecbd25a1 100644 --- a/tests/tls13-server-kx-neg.c +++ b/tests/tls13-server-kx-neg.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif /* This program tests the negotiation for various key exchange @@ -41,292 +41,279 @@ test_case_st tests[] = { { - .name = "TLS 1.3 DHE-PSK without cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:" PVERSION, - .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:" PVERSION, - .exp_version = GNUTLS_TLS1_3, - }, + .name = "TLS 1.3 DHE-PSK without cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:" PVERSION, + .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:" PVERSION, + .exp_version = GNUTLS_TLS1_3, + }, { - .name = "TLS 1.3 DHE-PSK with cred but no DH params", - .client_ret = 0, - .server_ret = 0, - .have_psk_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:" PVERSION, - .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:" PVERSION, - .exp_version = GNUTLS_TLS1_3, - }, + .name = "TLS 1.3 DHE-PSK with cred but no DH params", + .client_ret = 0, + .server_ret = 0, + .have_psk_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:" PVERSION, + .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:" PVERSION, + .exp_version = GNUTLS_TLS1_3, + }, { - .name = "TLS 1.3 DHE-PSK with cred and DH params (level)", - .client_ret = 0, - .server_ret = 0, - .have_psk_cred = 1, - .have_psk_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:" PVERSION, - .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:" PVERSION, - .exp_version = GNUTLS_TLS1_3, - }, + .name = "TLS 1.3 DHE-PSK with cred and DH params (level)", + .client_ret = 0, + .server_ret = 0, + .have_psk_cred = 1, + .have_psk_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:" PVERSION, + .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:" PVERSION, + .exp_version = GNUTLS_TLS1_3, + }, { - .name = "TLS 1.3 DHE-PSK with cred and DH params (explicit)", - .client_ret = 0, - .server_ret = 0, - .have_psk_cred = 1, - .have_psk_exp_dh_params = 1, - .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:" PVERSION, - .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:" PVERSION, - .exp_version = GNUTLS_TLS1_3, - }, + .name = "TLS 1.3 DHE-PSK with cred and DH params (explicit)", + .client_ret = 0, + .server_ret = 0, + .have_psk_cred = 1, + .have_psk_exp_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:" PVERSION, + .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:" PVERSION, + .exp_version = GNUTLS_TLS1_3, + }, { - .name = "TLS 1.3 ECDHE-PSK with cred but no common curve", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_COMMON_KEY_SHARE, - .have_psk_cred = 1, - .server_prio = - "NORMAL:-KX-ALL:+ECDHE-PSK:-CURVE-ALL:+CURVE-SECP256R1:" PVERSION, - .client_prio = - "NORMAL:-KX-ALL:+ECDHE-PSK:-CURVE-ALL:+CURVE-SECP384R1:" PVERSION, - .exp_version = GNUTLS_TLS1_3, - }, + .name = "TLS 1.3 ECDHE-PSK with cred but no common curve", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_COMMON_KEY_SHARE, + .have_psk_cred = 1, + .server_prio = + "NORMAL:-KX-ALL:+ECDHE-PSK:-CURVE-ALL:+CURVE-SECP256R1:" PVERSION, + .client_prio = + "NORMAL:-KX-ALL:+ECDHE-PSK:-CURVE-ALL:+CURVE-SECP384R1:" PVERSION, + .exp_version = GNUTLS_TLS1_3, + }, { - .name = "TLS 1.3 ECDHE-PSK with cred and common curve", - .client_ret = 0, - .server_ret = 0, - .have_psk_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:" PVERSION, - .client_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:" PVERSION, - .exp_version = GNUTLS_TLS1_3, - }, + .name = "TLS 1.3 ECDHE-PSK with cred and common curve", + .client_ret = 0, + .server_ret = 0, + .have_psk_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:" PVERSION, + .client_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:" PVERSION, + .exp_version = GNUTLS_TLS1_3, + }, { - .name = "TLS 1.3 RSA-PSK without cert cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .have_psk_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, - .exp_version = GNUTLS_TLS1_2, - }, + .name = "TLS 1.3 RSA-PSK without cert cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .have_psk_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, + .exp_version = GNUTLS_TLS1_2, + }, { - .name = "TLS 1.3 RSA-PSK without psk cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_psk_cred = 0, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, - .exp_version = GNUTLS_TLS1_2, - }, + .name = "TLS 1.3 RSA-PSK without psk cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_psk_cred = 0, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, + .exp_version = GNUTLS_TLS1_2, + }, { - .name = "TLS 1.3 RSA-PSK with cred but invalid cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_psk_cred = 1, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_ecc_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, - .exp_version = GNUTLS_TLS1_2, - }, + .name = "TLS 1.3 RSA-PSK with cred but invalid cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_psk_cred = 1, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_ecc_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, + .exp_version = GNUTLS_TLS1_2, + }, { - .name = "TLS 1.3 RSA-PSK with cred", - .server_ret = 0, - .client_ret = 0, - .have_psk_cred = 1, - .have_cert_cred = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, - .exp_version = GNUTLS_TLS1_2, - }, + .name = "TLS 1.3 RSA-PSK with cred", + .server_ret = 0, + .client_ret = 0, + .have_psk_cred = 1, + .have_cert_cred = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, + .exp_version = GNUTLS_TLS1_2, + }, { - .name = "TLS 1.3 RSA-PSK with cred and multiple certs", - .server_ret = 0, - .client_ret = 0, - .have_psk_cred = 1, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_ecc_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, - .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, - .exp_version = GNUTLS_TLS1_2, - }, + .name = "TLS 1.3 RSA-PSK with cred and multiple certs", + .server_ret = 0, + .client_ret = 0, + .have_psk_cred = 1, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_ecc_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, + .client_prio = "NORMAL:-KX-ALL:+RSA-PSK:" PVERSION, + .exp_version = GNUTLS_TLS1_2, + }, #ifdef ENABLE_SRP { - .name = "TLS 1.3 SRP-RSA without cert cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .have_srp_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, - .exp_version = GNUTLS_TLS1_2, - }, + .name = "TLS 1.3 SRP-RSA without cert cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .have_srp_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, + .exp_version = GNUTLS_TLS1_2, + }, { - .name = "TLS 1.3 SRP-RSA without srp cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_srp_cred = 0, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, - .exp_version = GNUTLS_TLS1_2, - }, + .name = "TLS 1.3 SRP-RSA without srp cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_srp_cred = 0, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, + .exp_version = GNUTLS_TLS1_2, + }, { - .name = "TLS 1.3 SRP-RSA with cred but invalid cert", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .have_srp_cred = 1, - .have_cert_cred = 1, - .have_rsa_decrypt_cert = 1, - .have_ecc_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, - .exp_version = GNUTLS_TLS1_2, - }, + .name = "TLS 1.3 SRP-RSA with cred but invalid cert", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .have_srp_cred = 1, + .have_cert_cred = 1, + .have_rsa_decrypt_cert = 1, + .have_ecc_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, + .exp_version = GNUTLS_TLS1_2, + }, { - .name = "TLS 1.3 SRP-RSA with cred", - .server_ret = 0, - .client_ret = 0, - .have_srp_cred = 1, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, - .exp_version = GNUTLS_TLS1_2, - }, + .name = "TLS 1.3 SRP-RSA with cred", + .server_ret = 0, + .client_ret = 0, + .have_srp_cred = 1, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, + .exp_version = GNUTLS_TLS1_2, + }, { - .name = "TLS 1.3 SRP-RSA with cred and multiple certs", - .server_ret = 0, - .client_ret = 0, - .have_srp_cred = 1, - .have_cert_cred = 1, - .have_rsa_sign_cert = 1, - .have_ecc_sign_cert = 1, - .have_rsa_decrypt_cert = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, - .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, - .exp_version = GNUTLS_TLS1_2, - }, + .name = "TLS 1.3 SRP-RSA with cred and multiple certs", + .server_ret = 0, + .client_ret = 0, + .have_srp_cred = 1, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_ecc_sign_cert = 1, + .have_rsa_decrypt_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, + .client_prio = "NORMAL:-KX-ALL:+SRP-RSA:" PVERSION, + .exp_version = GNUTLS_TLS1_2, + }, { - .name = "TLS 1.3 SRP without srp cred", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, - .have_srp_cred = 0, - .have_cert_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP:" PVERSION, - .client_prio = "NORMAL:-KX-ALL:+SRP:" PVERSION, - .exp_version = GNUTLS_TLS1_2, - }, + .name = "TLS 1.3 SRP without srp cred", + .client_ret = GNUTLS_E_AGAIN, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, + .have_srp_cred = 0, + .have_cert_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP:" PVERSION, + .client_prio = "NORMAL:-KX-ALL:+SRP:" PVERSION, + .exp_version = GNUTLS_TLS1_2, + }, { - .name = "TLS 1.3 SRP with cred", - .server_ret = 0, - .client_ret = 0, - .have_srp_cred = 1, - .server_prio = "NORMAL:-KX-ALL:+SRP:" PVERSION, - .client_prio = "NORMAL:-KX-ALL:+SRP:" PVERSION, - .exp_version = GNUTLS_TLS1_2, - }, + .name = "TLS 1.3 SRP with cred", + .server_ret = 0, + .client_ret = 0, + .have_srp_cred = 1, + .server_prio = "NORMAL:-KX-ALL:+SRP:" PVERSION, + .client_prio = "NORMAL:-KX-ALL:+SRP:" PVERSION, + .exp_version = GNUTLS_TLS1_2, + }, #endif #ifdef ENABLE_GOST { - .name = - "TLS 1.3 server, TLS 1.2 client VKO-GOST-12 with cred and GOST-256 cert", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_gost12_256_cert = 1, - .not_on_fips = 1, - .server_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" - PVERSION, - .client_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" - "-VERS-ALL:+VERS-TLS1.2", - .exp_version = GNUTLS_TLS1_2, - }, + .name = "TLS 1.3 server, TLS 1.2 client VKO-GOST-12 with cred and GOST-256 cert", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_gost12_256_cert = 1, + .not_on_fips = 1, + .server_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" PVERSION, + .client_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" + "-VERS-ALL:+VERS-TLS1.2", + .exp_version = GNUTLS_TLS1_2, + }, { - .name = - "TLS 1.3 server, TLS 1.2 client VKO-GOST-12 with cred and GOST-512 cert", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_gost12_512_cert = 1, - .not_on_fips = 1, - .server_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" - PVERSION, - .client_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" - "-VERS-ALL:+VERS-TLS1.2", - .exp_version = GNUTLS_TLS1_2, - }, + .name = "TLS 1.3 server, TLS 1.2 client VKO-GOST-12 with cred and GOST-512 cert", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_gost12_512_cert = 1, + .not_on_fips = 1, + .server_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" PVERSION, + .client_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" + "-VERS-ALL:+VERS-TLS1.2", + .exp_version = GNUTLS_TLS1_2, + }, { - .name = - "TLS 1.2 server TLS 1.3 client VKO-GOST-12 with cred and GOST-256 cert", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_gost12_256_cert = 1, - .not_on_fips = 1, - .server_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" - "-VERS-ALL:+VERS-TLS1.2", - .client_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" - PVERSION, - .exp_version = GNUTLS_TLS1_2, - }, + .name = "TLS 1.2 server TLS 1.3 client VKO-GOST-12 with cred and GOST-256 cert", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_gost12_256_cert = 1, + .not_on_fips = 1, + .server_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" + "-VERS-ALL:+VERS-TLS1.2", + .client_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" PVERSION, + .exp_version = GNUTLS_TLS1_2, + }, { - .name = "TLS 1.2 server TLS 1.3 client with cred and GOST-512 cert", - .server_ret = 0, - .client_ret = 0, - .have_cert_cred = 1, - .have_gost12_512_cert = 1, - .not_on_fips = 1, - .server_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" - "-VERS-ALL:+VERS-TLS1.2", - .client_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" - PVERSION, - .exp_version = GNUTLS_TLS1_2, - }, + .name = "TLS 1.2 server TLS 1.3 client with cred and GOST-512 cert", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_gost12_512_cert = 1, + .not_on_fips = 1, + .server_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" + "-VERS-ALL:+VERS-TLS1.2", + .client_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" PVERSION, + .exp_version = GNUTLS_TLS1_2, + }, /* Ideally for the next two test cases we should fallback to TLS 1.2 + GOST * but this is unsuppored for now */ { - .name = - "TLS 1.3 server and client VKO-GOST-12 with cred and GOST-256 cert", - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .client_ret = GNUTLS_E_AGAIN, - .have_cert_cred = 1, - .have_gost12_256_cert = 1, - .not_on_fips = 1, - .server_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" - PVERSION, - .client_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" - PVERSION, - .exp_version = GNUTLS_TLS1_2, - }, + .name = "TLS 1.3 server and client VKO-GOST-12 with cred and GOST-256 cert", + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .client_ret = GNUTLS_E_AGAIN, + .have_cert_cred = 1, + .have_gost12_256_cert = 1, + .not_on_fips = 1, + .server_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" PVERSION, + .client_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" PVERSION, + .exp_version = GNUTLS_TLS1_2, + }, { - .name = - "TLS 1.3 server and client VKO-GOST-12 with cred and GOST-512 cert", - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, - .client_ret = GNUTLS_E_AGAIN, - .have_cert_cred = 1, - .have_gost12_512_cert = 1, - .not_on_fips = 1, - .server_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" - PVERSION, - .client_prio = - "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" - PVERSION, - .exp_version = GNUTLS_TLS1_2, - }, + .name = "TLS 1.3 server and client VKO-GOST-12 with cred and GOST-512 cert", + .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .client_ret = GNUTLS_E_AGAIN, + .have_cert_cred = 1, + .have_gost12_512_cert = 1, + .not_on_fips = 1, + .server_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" PVERSION, + .client_prio = + "NORMAL:-KX-ALL:+VKO-GOST-12:+GROUP-GOST-ALL:+CIPHER-GOST-ALL:+MAC-GOST-ALL:+SIGN-GOST-ALL:" PVERSION, + .exp_version = GNUTLS_TLS1_2, + }, #endif }; diff --git a/tests/tls13-without-timeout-func.c b/tests/tls13-without-timeout-func.c index e3d17e2e09..c8cc2e165b 100644 --- a/tests/tls13-without-timeout-func.c +++ b/tests/tls13-without-timeout-func.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -45,7 +45,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1461671166; @@ -55,8 +55,8 @@ static time_t mytime(time_t * t) return then; } -static ssize_t -server_pull_fail(gnutls_transport_ptr_t tr, void *data, size_t len) +static ssize_t server_pull_fail(gnutls_transport_ptr_t tr, void *data, + size_t len) { fail("unexpected call to pull callback detected\n"); return -1; @@ -85,8 +85,8 @@ void doit(void) gnutls_global_set_time_function(mytime); assert(gnutls_certificate_allocate_credentials(&serverx509cred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, + assert(gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&server, GNUTLS_SERVER) >= 0); @@ -98,16 +98,16 @@ void doit(void) assert(gnutls_certificate_allocate_credentials(&clientx509cred) >= 0); - assert(gnutls_certificate_set_x509_trust_mem - (clientx509cred, &ca_cert, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&client, GNUTLS_CLIENT) >= 0); assert(gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, clientx509cred) >= 0); - assert(gnutls_priority_set_direct - (client, "NORMAL:-VERS-ALL:+VERS-TLS1.3", NULL) >= 0); + assert(gnutls_priority_set_direct( + client, "NORMAL:-VERS-ALL:+VERS-TLS1.3", NULL) >= 0); gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); gnutls_transport_set_ptr(client, client); diff --git a/tests/tls13/anti_replay.c b/tests/tls13/anti_replay.c index 0db6bab60f..81544f0d6c 100644 --- a/tests/tls13/anti_replay.c +++ b/tests/tls13/anti_replay.c @@ -18,7 +18,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -39,9 +39,8 @@ struct storage_st { size_t num_entries; }; -static int -storage_add(void *ptr, time_t expires, const gnutls_datum_t * key, - const gnutls_datum_t * value) +static int storage_add(void *ptr, time_t expires, const gnutls_datum_t *key, + const gnutls_datum_t *value) { struct storage_st *storage = ptr; gnutls_datum_t *datum; @@ -49,8 +48,8 @@ storage_add(void *ptr, time_t expires, const gnutls_datum_t * key, for (i = 0; i < storage->num_entries; i++) { if (key->size == storage->entries[i].size && - memcmp(storage->entries[i].data, key->data, - key->size) == 0) { + memcmp(storage->entries[i].data, key->data, key->size) == + 0) { return GNUTLS_E_DB_ENTRY_EXISTS; } } @@ -100,8 +99,8 @@ void doit(void) gnutls_anti_replay_set_add_function(anti_replay, storage_add); gnutls_anti_replay_set_ptr(anti_replay, &storage); mygettime(&creation_time); - ret = - _gnutls_anti_replay_check(anti_replay, 10000, &creation_time, &key); + ret = _gnutls_anti_replay_check(anti_replay, 10000, &creation_time, + &key); if (ret != GNUTLS_E_ILLEGAL_PARAMETER) fail("error is not returned, while server_ticket_age < client_ticket_age\n"); gnutls_anti_replay_deinit(anti_replay); @@ -115,8 +114,8 @@ void doit(void) gnutls_anti_replay_set_window(anti_replay, 10000); mygettime(&creation_time); virt_sec_sleep(30); - ret = - _gnutls_anti_replay_check(anti_replay, 10000, &creation_time, &key); + ret = _gnutls_anti_replay_check(anti_replay, 10000, &creation_time, + &key); if (ret != GNUTLS_E_EARLY_DATA_REJECTED) fail("early data is NOT rejected, while freshness check fails\n"); gnutls_anti_replay_deinit(anti_replay); @@ -130,12 +129,12 @@ void doit(void) gnutls_anti_replay_set_window(anti_replay, 10000); mygettime(&creation_time); virt_sec_sleep(15); - ret = - _gnutls_anti_replay_check(anti_replay, 10000, &creation_time, &key); + ret = _gnutls_anti_replay_check(anti_replay, 10000, &creation_time, + &key); if (ret != 0) fail("early data is rejected, while freshness check succeeds\n"); - ret = - _gnutls_anti_replay_check(anti_replay, 10000, &creation_time, &key); + ret = _gnutls_anti_replay_check(anti_replay, 10000, &creation_time, + &key); if (ret != GNUTLS_E_EARLY_DATA_REJECTED) fail("early data is NOT rejected for a duplicate key\n"); gnutls_anti_replay_deinit(anti_replay); diff --git a/tests/tls13/change_cipher_spec.c b/tests/tls13/change_cipher_spec.c index 276b40ed7d..5e8e5646af 100644 --- a/tests/tls13/change_cipher_spec.c +++ b/tests/tls13/change_cipher_spec.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,21 +35,21 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" /* This program tests whether the ChangeCipherSpec message * is ignored during handshake. @@ -70,7 +70,7 @@ static unsigned server_sent_ccs = 0; static int cli_hsk_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg); + const gnutls_datum_t *msg); static void client(int fd, unsigned ccs_check) { @@ -103,10 +103,10 @@ static void client(int fd, unsigned ccs_check) cli_hsk_callback); } - ret = - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", - NULL); + ret = gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", + NULL); if (ret < 0) fail("cannot set TLS 1.3 priorities\n"); @@ -123,8 +123,7 @@ static void client(int fd, unsigned ccs_check) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret != 0) fail("handshake failed: %s\n", gnutls_strerror(ret)); @@ -160,7 +159,7 @@ static void client(int fd, unsigned ccs_check) static int cli_hsk_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { unsigned *p; unsigned ccs_check; @@ -175,14 +174,13 @@ static int cli_hsk_callback(gnutls_session_t session, unsigned int htype, if (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO && !incoming) { hello_received = 1; - gnutls_handshake_set_hook_function(session, - GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC, - GNUTLS_HOOK_PRE, - cli_hsk_callback); + gnutls_handshake_set_hook_function( + session, GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC, + GNUTLS_HOOK_PRE, cli_hsk_callback); } - if (htype == GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC && !incoming - && hello_received) { + if (htype == GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC && !incoming && + hello_received) { client_sent_ccs++; assert(msg->size == 1 && msg->data[0] == 0x01); } @@ -192,7 +190,7 @@ static int cli_hsk_callback(gnutls_session_t session, unsigned int htype, static int hsk_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { int ret; int fd; @@ -215,7 +213,7 @@ static int hsk_callback(gnutls_session_t session, unsigned int htype, do { ret = send(fd, "\x14\x03\x03\x00\x01\x01", 6, 0); } while (ret == -1 && (errno == EINTR || errno == EAGAIN)); - } else { /* checking whether server received it */ + } else { /* checking whether server received it */ if (htype == GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC && !incoming) { server_sent_ccs++; assert(msg->size == 1 && msg->data[0] == 0x01); @@ -252,10 +250,9 @@ static void server(int fd, unsigned ccs_check) gnutls_handshake_set_timeout(session, get_timeout()); if (ccs_check) - gnutls_handshake_set_hook_function(session, - GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC, - GNUTLS_HOOK_PRE, - hsk_callback); + gnutls_handshake_set_hook_function( + session, GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC, + GNUTLS_HOOK_PRE, hsk_callback); else gnutls_handshake_set_hook_function(session, GNUTLS_HANDSHAKE_ANY, @@ -265,8 +262,8 @@ static void server(int fd, unsigned ccs_check) /* avoid calling all the priority functions, since the defaults * are adequate. */ - assert(gnutls_priority_set_direct(session, "NORMAL:+VERS-TLS1.3", NULL) - >= 0); + assert(gnutls_priority_set_direct(session, "NORMAL:+VERS-TLS1.3", + NULL) >= 0); gnutls_session_set_ptr(session, &ccs_check); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -289,7 +286,8 @@ static void server(int fd, unsigned ccs_check) } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) - fail("server: gnutls_record_send did not succeed as expected: %s\n", gnutls_strerror(ret)); + fail("server: gnutls_record_send did not succeed as expected: %s\n", + gnutls_strerror(ret)); /* receive CCS and fail */ do { @@ -297,8 +295,8 @@ static void server(int fd, unsigned ccs_check) } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret != GNUTLS_E_UNEXPECTED_PACKET) - fail("server: incorrect alert sent: %d != %d\n", - ret, GNUTLS_E_UNEXPECTED_PACKET); + fail("server: incorrect alert sent: %d != %d\n", ret, + GNUTLS_E_UNEXPECTED_PACKET); close(fd); gnutls_deinit(session); @@ -325,8 +323,7 @@ static void ch_handler(int sig) return; } -static -void start(unsigned ccs_check) +static void start(unsigned ccs_check) { int fd[2]; int ret; @@ -366,4 +363,4 @@ void doit(void) start(1); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/compress-cert-cli.c b/tests/tls13/compress-cert-cli.c index 0dd11924e4..c7d3ed3026 100644 --- a/tests/tls13/compress-cert-cli.c +++ b/tests/tls13/compress-cert-cli.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -55,24 +55,26 @@ static int ext_callback(void *ctx, unsigned tls_id, const unsigned char *data, unsigned size) { struct handshake_cb_data_st *cb_data = ctx; - if (tls_id == 27) { /* compress_certificate */ + if (tls_id == 27) { /* compress_certificate */ cb_data->found_compress_certificate = 1; } return 0; } -#define SKIP8(pos, total) { \ - uint8_t _s; \ - if (pos+1 > total) fail("error\n"); \ - _s = msg->data[pos]; \ - if ((size_t)(pos+1+_s) > total) fail("error\n"); \ - pos += 1+_s; \ +#define SKIP8(pos, total) \ + { \ + uint8_t _s; \ + if (pos + 1 > total) \ + fail("error\n"); \ + _s = msg->data[pos]; \ + if ((size_t)(pos + 1 + _s) > total) \ + fail("error\n"); \ + pos += 1 + _s; \ } -static int -handshake_callback(gnutls_session_t session, unsigned int htype, - unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) +static int handshake_callback(gnutls_session_t session, unsigned int htype, + unsigned post, unsigned int incoming, + const gnutls_datum_t *msg) { struct handshake_cb_data_st *data = gnutls_session_get_ptr(session); unsigned pos = 0; @@ -110,17 +112,16 @@ static void run(void) /* Server stuff. */ gnutls_certificate_credentials_t scred; gnutls_session_t server; - gnutls_compression_method_t smethods[] = { - GNUTLS_COMP_ZSTD, GNUTLS_COMP_BROTLI, GNUTLS_COMP_ZLIB - }; + gnutls_compression_method_t smethods[] = { GNUTLS_COMP_ZSTD, + GNUTLS_COMP_BROTLI, + GNUTLS_COMP_ZLIB }; struct handshake_cb_data_st sdata = { 0, false, false, false }; int sret; /* Client stuff. */ gnutls_certificate_credentials_t ccred; gnutls_session_t client; - gnutls_compression_method_t cmethods[] = { - GNUTLS_COMP_ZLIB, GNUTLS_COMP_BROTLI - }; + gnutls_compression_method_t cmethods[] = { GNUTLS_COMP_ZLIB, + GNUTLS_COMP_BROTLI }; struct handshake_cb_data_st cdata = { 0, false, false, false }; int cret; /* Need to enable anonymous KX specifically. */ @@ -134,27 +135,21 @@ static void run(void) /* Init server */ assert(gnutls_certificate_allocate_credentials(&scred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(scred, - &server_ca3_localhost_cert, - &server_ca3_key, - GNUTLS_X509_FMT_PEM) >= 0); - assert(gnutls_certificate_set_x509_trust_mem(scred, - &ca3_cert, + assert(gnutls_certificate_set_x509_key_mem( + scred, &server_ca3_localhost_cert, &server_ca3_key, + GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(scred, &ca3_cert, GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&server, GNUTLS_SERVER) >= 0); gnutls_certificate_server_set_request(server, GNUTLS_CERT_REQUEST); - ret = - gnutls_priority_set_direct(server, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", - NULL); + ret = gnutls_priority_set_direct( + server, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", NULL); if (ret < 0) exit(1); - ret = - gnutls_compress_certificate_set_methods(server, smethods, - sizeof(smethods) / - sizeof(*smethods)); + ret = gnutls_compress_certificate_set_methods( + server, smethods, sizeof(smethods) / sizeof(*smethods)); if (ret < 0) { fail("server: setting compression method failed (%s)\n", gnutls_strerror(ret)); @@ -172,27 +167,23 @@ static void run(void) /* Init client */ assert(gnutls_certificate_allocate_credentials(&ccred) >= 0); - assert(gnutls_certificate_set_x509_key_mem - (ccred, &cli_ca3_cert_chain, &cli_ca3_key, - GNUTLS_X509_FMT_PEM) >= 0); - assert(gnutls_certificate_set_x509_trust_mem - (ccred, &ca3_cert, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem(ccred, &cli_ca3_cert_chain, + &cli_ca3_key, + GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(ccred, &ca3_cert, + GNUTLS_X509_FMT_PEM) >= 0); gnutls_init(&client, GNUTLS_CLIENT); - ret = - gnutls_priority_set_direct(client, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", - NULL); + ret = gnutls_priority_set_direct( + client, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", NULL); assert(ret >= 0); ret = gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, ccred); if (ret < 0) exit(1); - ret = - gnutls_compress_certificate_set_methods(client, cmethods, - sizeof(cmethods) / - sizeof(*cmethods)); + ret = gnutls_compress_certificate_set_methods( + client, cmethods, sizeof(cmethods) / sizeof(*cmethods)); if (ret < 0) { fail("client: setting compression method failed (%s)\n", gnutls_strerror(ret)); diff --git a/tests/tls13/compress-cert-neg.c b/tests/tls13/compress-cert-neg.c index 9f3a28070f..bac991542b 100644 --- a/tests/tls13/compress-cert-neg.c +++ b/tests/tls13/compress-cert-neg.c @@ -20,14 +20,14 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include #include -#if defined(_WIN32) || !defined(HAVE_LIBZ) || \ - !defined(HAVE_LIBBROTLI) || !defined(HAVE_LIBZSTD) +#if defined(_WIN32) || !defined(HAVE_LIBZ) || !defined(HAVE_LIBBROTLI) || \ + !defined(HAVE_LIBZSTD) int main(int argc, char **argv) { @@ -36,19 +36,19 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include +#include +#include +#include +#include -# include "cert-common.h" -# include "utils.h" +#include "cert-common.h" +#include "utils.h" /* This program tests whether the compress_certificate extensions is disabled * when client and server have incompatible compression methods set */ -# define PRIO "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3" -# define CHECK(X) assert((X)>=0) +#define PRIO "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3" +#define CHECK(X) assert((X) >= 0) static pid_t child; int client_bad; @@ -77,7 +77,7 @@ static void server_log_func(int level, const char *str) static int client_callback(gnutls_session_t session, unsigned htype, unsigned post, unsigned incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { client_bad = 1; return 0; @@ -85,7 +85,7 @@ static int client_callback(gnutls_session_t session, unsigned htype, static int server_callback(gnutls_session_t session, unsigned htype, unsigned post, unsigned incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { server_bad = 1; return 0; @@ -98,10 +98,10 @@ static void client(int fd) gnutls_session_t session; gnutls_certificate_credentials_t x509_cred; gnutls_compression_method_t method; - gnutls_compression_method_t methods[] = - { GNUTLS_COMP_BROTLI, GNUTLS_COMP_ZSTD }; + gnutls_compression_method_t methods[] = { GNUTLS_COMP_BROTLI, + GNUTLS_COMP_ZSTD }; size_t methods_len = - sizeof(methods) / sizeof(gnutls_compression_method_t); + sizeof(methods) / sizeof(gnutls_compression_method_t); global_init(); @@ -111,34 +111,32 @@ static void client(int fd) } CHECK(gnutls_certificate_allocate_credentials(&x509_cred)); - CHECK(gnutls_certificate_set_x509_trust_mem - (x509_cred, &ca3_cert, GNUTLS_X509_FMT_PEM)); - CHECK(gnutls_certificate_set_x509_key_mem - (x509_cred, &cli_ca3_cert_chain, &cli_ca3_key, - GNUTLS_X509_FMT_PEM)); + CHECK(gnutls_certificate_set_x509_trust_mem(x509_cred, &ca3_cert, + GNUTLS_X509_FMT_PEM)); + CHECK(gnutls_certificate_set_x509_key_mem( + x509_cred, &cli_ca3_cert_chain, &cli_ca3_key, + GNUTLS_X509_FMT_PEM)); CHECK(gnutls_init(&session, GNUTLS_CLIENT)); - CHECK(gnutls_credentials_set - (session, GNUTLS_CRD_CERTIFICATE, x509_cred)); + CHECK(gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, + x509_cred)); CHECK(gnutls_priority_set_direct(session, PRIO, NULL)); - ret = - gnutls_compress_certificate_set_methods(session, methods, - methods_len); + ret = gnutls_compress_certificate_set_methods(session, methods, + methods_len); if (ret < 0) { fail("client: setting compression method failed (%s)\n\n", gnutls_strerror(ret)); terminate(); } - gnutls_handshake_set_hook_function(session, - GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT, - GNUTLS_HOOK_PRE, client_callback); + gnutls_handshake_set_hook_function( + session, GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT, + GNUTLS_HOOK_PRE, client_callback); gnutls_transport_set_int(session, fd); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed: %s\n", strerror(ret)); goto cleanup; @@ -147,8 +145,8 @@ static void client(int fd) success("client: Handshake was completed\n"); if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); method = gnutls_compress_certificate_get_selected_method(session); if (method != GNUTLS_COMP_UNKNOWN) @@ -169,7 +167,7 @@ static void client(int fd) if (debug) success("client: finished\n"); - cleanup: +cleanup: close(fd); gnutls_deinit(session); gnutls_certificate_free_credentials(x509_cred); @@ -185,7 +183,7 @@ static void server(int fd) gnutls_compression_method_t method; gnutls_compression_method_t methods[] = { GNUTLS_COMP_ZLIB }; size_t methods_len = - sizeof(methods) / sizeof(gnutls_compression_method_t); + sizeof(methods) / sizeof(gnutls_compression_method_t); global_init(); @@ -195,35 +193,33 @@ static void server(int fd) } CHECK(gnutls_certificate_allocate_credentials(&x509_cred)); - CHECK(gnutls_certificate_set_x509_trust_mem - (x509_cred, &ca3_cert, GNUTLS_X509_FMT_PEM)); - CHECK(gnutls_certificate_set_x509_key_mem - (x509_cred, &server_ca3_localhost_cert_chain, &server_ca3_key, - GNUTLS_X509_FMT_PEM)); + CHECK(gnutls_certificate_set_x509_trust_mem(x509_cred, &ca3_cert, + GNUTLS_X509_FMT_PEM)); + CHECK(gnutls_certificate_set_x509_key_mem( + x509_cred, &server_ca3_localhost_cert_chain, &server_ca3_key, + GNUTLS_X509_FMT_PEM)); CHECK(gnutls_init(&session, GNUTLS_SERVER)); - CHECK(gnutls_credentials_set - (session, GNUTLS_CRD_CERTIFICATE, x509_cred)); + CHECK(gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, + x509_cred)); CHECK(gnutls_priority_set_direct(session, PRIO, NULL)); - ret = - gnutls_compress_certificate_set_methods(session, methods, - methods_len); + ret = gnutls_compress_certificate_set_methods(session, methods, + methods_len); if (ret < 0) { fail("server: setting compression method failed (%s)\n\n", gnutls_strerror(ret)); terminate(); } - gnutls_handshake_set_hook_function(session, - GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT, - GNUTLS_HOOK_PRE, server_callback); + gnutls_handshake_set_hook_function( + session, GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT, + GNUTLS_HOOK_PRE, server_callback); gnutls_certificate_server_set_request(session, GNUTLS_CERT_REQUEST); gnutls_transport_set_int(session, fd); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("server: Handshake has failed (%s)\n\n", gnutls_strerror(ret)); @@ -233,8 +229,8 @@ static void server(int fd) success("server: Handshake was completed\n"); if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name(gnutls_protocol_get_version - (session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); method = gnutls_compress_certificate_get_selected_method(session); if (method != GNUTLS_COMP_UNKNOWN) @@ -255,7 +251,7 @@ static void server(int fd) if (debug) success("server: finished\n"); - cleanup: +cleanup: close(fd); gnutls_deinit(session); gnutls_certificate_free_credentials(x509_cred); @@ -295,4 +291,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/compress-cert-neg2.c b/tests/tls13/compress-cert-neg2.c index 0d92b202b5..4fe7770679 100644 --- a/tests/tls13/compress-cert-neg2.c +++ b/tests/tls13/compress-cert-neg2.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,19 +35,19 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include +#include +#include +#include +#include -# include "cert-common.h" -# include "utils.h" +#include "cert-common.h" +#include "utils.h" /* This program tests whether the compress_certificate extension correctly fails * in the case of compression/decompression failure */ -# define PRIO "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3" -# define CHECK(X) assert((X)>=0) +#define PRIO "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3" +#define CHECK(X) assert((X) >= 0) static pid_t child; @@ -74,7 +74,7 @@ static void server_log_func(int level, const char *str) static int client_callback(gnutls_session_t session, unsigned htype, unsigned post, unsigned incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { /* change compression method to BROTLI */ msg->data[1] = 0x02; @@ -88,7 +88,7 @@ static void client(int fd) gnutls_certificate_credentials_t x509_cred; gnutls_compression_method_t methods[] = { GNUTLS_COMP_ZLIB }; size_t methods_len = - sizeof(methods) / sizeof(gnutls_compression_method_t); + sizeof(methods) / sizeof(gnutls_compression_method_t); global_init(); @@ -98,34 +98,32 @@ static void client(int fd) } CHECK(gnutls_certificate_allocate_credentials(&x509_cred)); - CHECK(gnutls_certificate_set_x509_trust_mem - (x509_cred, &ca3_cert, GNUTLS_X509_FMT_PEM)); - CHECK(gnutls_certificate_set_x509_key_mem - (x509_cred, &cli_ca3_cert_chain, &cli_ca3_key, - GNUTLS_X509_FMT_PEM)); + CHECK(gnutls_certificate_set_x509_trust_mem(x509_cred, &ca3_cert, + GNUTLS_X509_FMT_PEM)); + CHECK(gnutls_certificate_set_x509_key_mem( + x509_cred, &cli_ca3_cert_chain, &cli_ca3_key, + GNUTLS_X509_FMT_PEM)); CHECK(gnutls_init(&session, GNUTLS_CLIENT)); - CHECK(gnutls_credentials_set - (session, GNUTLS_CRD_CERTIFICATE, x509_cred)); + CHECK(gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, + x509_cred)); CHECK(gnutls_priority_set_direct(session, PRIO, NULL)); - ret = - gnutls_compress_certificate_set_methods(session, methods, - methods_len); + ret = gnutls_compress_certificate_set_methods(session, methods, + methods_len); if (ret < 0) { fail("client: setting compression method failed (%s)\n\n", gnutls_strerror(ret)); terminate(); } - gnutls_handshake_set_hook_function(session, - GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT, - GNUTLS_HOOK_PRE, client_callback); + gnutls_handshake_set_hook_function( + session, GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT, + GNUTLS_HOOK_PRE, client_callback); gnutls_transport_set_int(session, fd); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret >= 0) fail("client: handshake should have failed\n"); @@ -144,7 +142,7 @@ static void server(int fd) gnutls_compression_method_t method; gnutls_compression_method_t methods[] = { GNUTLS_COMP_ZLIB }; size_t methods_len = - sizeof(methods) / sizeof(gnutls_compression_method_t); + sizeof(methods) / sizeof(gnutls_compression_method_t); global_init(); @@ -154,19 +152,18 @@ static void server(int fd) } CHECK(gnutls_certificate_allocate_credentials(&x509_cred)); - CHECK(gnutls_certificate_set_x509_trust_mem - (x509_cred, &ca3_cert, GNUTLS_X509_FMT_PEM)); - CHECK(gnutls_certificate_set_x509_key_mem - (x509_cred, &server_ca3_localhost_cert_chain, &server_ca3_key, - GNUTLS_X509_FMT_PEM)); + CHECK(gnutls_certificate_set_x509_trust_mem(x509_cred, &ca3_cert, + GNUTLS_X509_FMT_PEM)); + CHECK(gnutls_certificate_set_x509_key_mem( + x509_cred, &server_ca3_localhost_cert_chain, &server_ca3_key, + GNUTLS_X509_FMT_PEM)); CHECK(gnutls_init(&session, GNUTLS_SERVER)); - CHECK(gnutls_credentials_set - (session, GNUTLS_CRD_CERTIFICATE, x509_cred)); + CHECK(gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, + x509_cred)); CHECK(gnutls_priority_set_direct(session, PRIO, NULL)); - ret = - gnutls_compress_certificate_set_methods(session, methods, - methods_len); + ret = gnutls_compress_certificate_set_methods(session, methods, + methods_len); if (ret < 0) { fail("server: setting compression method failed (%s)\n\n", gnutls_strerror(ret)); @@ -177,8 +174,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret >= 0) fail("server: handshake should have failed\n"); @@ -229,4 +225,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/compress-cert.c b/tests/tls13/compress-cert.c index 6f7b4a9152..1b7d1370b4 100644 --- a/tests/tls13/compress-cert.c +++ b/tests/tls13/compress-cert.c @@ -20,14 +20,14 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include #include -#if defined(_WIN32) || !defined(HAVE_LIBZ) || \ - !defined(HAVE_LIBBROTLI) || !defined(HAVE_LIBZSTD) +#if defined(_WIN32) || !defined(HAVE_LIBZ) || !defined(HAVE_LIBBROTLI) || \ + !defined(HAVE_LIBZSTD) int main(int argc, char **argv) { @@ -36,18 +36,18 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include +#include +#include +#include +#include -# include "cert-common.h" -# include "utils.h" +#include "cert-common.h" +#include "utils.h" /* This program tests whether the compress_certificate extensions works as expected */ -# define PRIO "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3" -# define CHECK(X) assert((X)>=0) +#define PRIO "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3" +#define CHECK(X) assert((X) >= 0) static pid_t child; int client_ok; @@ -76,7 +76,7 @@ static void server_log_func(int level, const char *str) static int client_callback(gnutls_session_t session, unsigned htype, unsigned post, unsigned incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { if (incoming == 0) return 0; @@ -90,7 +90,7 @@ static int client_callback(gnutls_session_t session, unsigned htype, static int server_callback(gnutls_session_t session, unsigned htype, unsigned post, unsigned incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { if (incoming == 0) return 0; @@ -109,10 +109,10 @@ static void client(int fd) gnutls_session_t session; gnutls_certificate_credentials_t x509_cred; gnutls_compression_method_t method; - gnutls_compression_method_t methods[] = - { GNUTLS_COMP_ZLIB, GNUTLS_COMP_BROTLI }; + gnutls_compression_method_t methods[] = { GNUTLS_COMP_ZLIB, + GNUTLS_COMP_BROTLI }; size_t methods_len = - sizeof(methods) / sizeof(gnutls_compression_method_t); + sizeof(methods) / sizeof(gnutls_compression_method_t); global_init(); @@ -122,34 +122,32 @@ static void client(int fd) } CHECK(gnutls_certificate_allocate_credentials(&x509_cred)); - CHECK(gnutls_certificate_set_x509_trust_mem - (x509_cred, &ca3_cert, GNUTLS_X509_FMT_PEM)); - CHECK(gnutls_certificate_set_x509_key_mem - (x509_cred, &cli_ca3_cert_chain, &cli_ca3_key, - GNUTLS_X509_FMT_PEM)); + CHECK(gnutls_certificate_set_x509_trust_mem(x509_cred, &ca3_cert, + GNUTLS_X509_FMT_PEM)); + CHECK(gnutls_certificate_set_x509_key_mem( + x509_cred, &cli_ca3_cert_chain, &cli_ca3_key, + GNUTLS_X509_FMT_PEM)); CHECK(gnutls_init(&session, GNUTLS_CLIENT)); - CHECK(gnutls_credentials_set - (session, GNUTLS_CRD_CERTIFICATE, x509_cred)); + CHECK(gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, + x509_cred)); CHECK(gnutls_priority_set_direct(session, PRIO, NULL)); - ret = - gnutls_compress_certificate_set_methods(session, methods, - methods_len); + ret = gnutls_compress_certificate_set_methods(session, methods, + methods_len); if (ret < 0) { fail("client: setting compression method failed (%s)\n\n", gnutls_strerror(ret)); terminate(); } - gnutls_handshake_set_hook_function(session, - GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT, - GNUTLS_HOOK_PRE, client_callback); + gnutls_handshake_set_hook_function( + session, GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT, + GNUTLS_HOOK_PRE, client_callback); gnutls_transport_set_int(session, fd); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed: %s\n", strerror(ret)); goto cleanup; @@ -158,8 +156,8 @@ static void client(int fd) success("client: Handshake was completed\n"); if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); method = gnutls_compress_certificate_get_selected_method(session); if (method != GNUTLS_COMP_BROTLI) @@ -180,7 +178,7 @@ static void client(int fd) if (debug) success("client: finished\n"); - cleanup: +cleanup: close(fd); gnutls_deinit(session); gnutls_certificate_free_credentials(x509_cred); @@ -194,10 +192,11 @@ static void server(int fd) gnutls_session_t session; gnutls_certificate_credentials_t x509_cred; gnutls_compression_method_t method; - gnutls_compression_method_t methods[] = - { GNUTLS_COMP_ZSTD, GNUTLS_COMP_BROTLI, GNUTLS_COMP_ZLIB }; + gnutls_compression_method_t methods[] = { GNUTLS_COMP_ZSTD, + GNUTLS_COMP_BROTLI, + GNUTLS_COMP_ZLIB }; size_t methods_len = - sizeof(methods) / sizeof(gnutls_compression_method_t); + sizeof(methods) / sizeof(gnutls_compression_method_t); global_init(); @@ -207,35 +206,33 @@ static void server(int fd) } CHECK(gnutls_certificate_allocate_credentials(&x509_cred)); - CHECK(gnutls_certificate_set_x509_trust_mem - (x509_cred, &ca3_cert, GNUTLS_X509_FMT_PEM)); - CHECK(gnutls_certificate_set_x509_key_mem - (x509_cred, &server_ca3_localhost_cert_chain, &server_ca3_key, - GNUTLS_X509_FMT_PEM)); + CHECK(gnutls_certificate_set_x509_trust_mem(x509_cred, &ca3_cert, + GNUTLS_X509_FMT_PEM)); + CHECK(gnutls_certificate_set_x509_key_mem( + x509_cred, &server_ca3_localhost_cert_chain, &server_ca3_key, + GNUTLS_X509_FMT_PEM)); CHECK(gnutls_init(&session, GNUTLS_SERVER)); - CHECK(gnutls_credentials_set - (session, GNUTLS_CRD_CERTIFICATE, x509_cred)); + CHECK(gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, + x509_cred)); CHECK(gnutls_priority_set_direct(session, PRIO, NULL)); - ret = - gnutls_compress_certificate_set_methods(session, methods, - methods_len); + ret = gnutls_compress_certificate_set_methods(session, methods, + methods_len); if (ret < 0) { fail("server: setting compression method failed (%s)\n\n", gnutls_strerror(ret)); terminate(); } - gnutls_handshake_set_hook_function(session, - GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT, - GNUTLS_HOOK_PRE, server_callback); + gnutls_handshake_set_hook_function( + session, GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT, + GNUTLS_HOOK_PRE, server_callback); gnutls_certificate_server_set_request(session, GNUTLS_CERT_REQUEST); gnutls_transport_set_int(session, fd); do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("server: Handshake has failed (%s)\n\n", gnutls_strerror(ret)); @@ -245,8 +242,8 @@ static void server(int fd) success("server: Handshake was completed\n"); if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name(gnutls_protocol_get_version - (session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); method = gnutls_compress_certificate_get_selected_method(session); if (method != GNUTLS_COMP_ZLIB) @@ -267,7 +264,7 @@ static void server(int fd) if (debug) success("server: finished\n"); - cleanup: +cleanup: close(fd); gnutls_deinit(session); gnutls_certificate_free_credentials(x509_cred); @@ -307,4 +304,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/cookie.c b/tests/tls13/cookie.c index 54a6f8ee4c..e331bcd67a 100644 --- a/tests/tls13/cookie.c +++ b/tests/tls13/cookie.c @@ -23,7 +23,7 @@ * by the gnutls client. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -39,19 +39,19 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# include -# endif -# include -# include -# include +#include +#include +#include +#if !defined(_WIN32) +#include +#include +#endif +#include +#include +#include -# include "utils.h" -# include "cert-common.h" +#include "utils.h" +#include "cert-common.h" const char *side = ""; @@ -63,13 +63,7 @@ static void tls_log_func(int level, const char *str) static int TLSEXT_TYPE_server_sent = 0; static int TLSEXT_TYPE_server_received = 0; -static const unsigned char ext_data[] = { - 0x00, - 0x03, - 0xFE, - 0xED, - 0xFF -}; +static const unsigned char ext_data[] = { 0x00, 0x03, 0xFE, 0xED, 0xFF }; static int ext_recv_server_cookie(gnutls_session_t session, const unsigned char *buf, size_t buflen) @@ -82,7 +76,7 @@ static int ext_recv_server_cookie(gnutls_session_t session, TLSEXT_TYPE_server_received = 1; - return 0; //Success + return 0; //Success } static int ext_send_server_cookie(gnutls_session_t session, @@ -117,8 +111,8 @@ static void client(int sd) gnutls_init(&session, GNUTLS_CLIENT); /* Use default priorities */ - assert(gnutls_priority_set_direct - (session, "NORMAL:-VERS-ALL:+VERS-TLS1.3", NULL) >= 0); + assert(gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-TLS1.3", NULL) >= 0); /* put the anonymous credentials to the current session */ @@ -141,7 +135,7 @@ static void client(int sd) gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(sd); gnutls_deinit(session); @@ -167,30 +161,28 @@ static void server(int sd) side = "server"; gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_init(&session, GNUTLS_SERVER); /* force a hello retry request by disabling all the groups that are * enabled by default. */ - assert(gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:" - "-GROUP-SECP256R1:-GROUP-X25519:-GROUP-FFDHE2048", - NULL) >= 0); + assert(gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:" + "-GROUP-SECP256R1:-GROUP-X25519:-GROUP-FFDHE2048", + NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, serverx509cred); - ret = - gnutls_session_ext_register(session, "cookie_server", 44, - GNUTLS_EXT_TLS, ext_recv_server_cookie, - ext_send_server_cookie, NULL, NULL, - NULL, - GNUTLS_EXT_FLAG_CLIENT_HELLO | - GNUTLS_EXT_FLAG_HRR | - GNUTLS_EXT_FLAG_OVERRIDE_INTERNAL | - GNUTLS_EXT_FLAG_IGNORE_CLIENT_REQUEST); + ret = gnutls_session_ext_register( + session, "cookie_server", 44, GNUTLS_EXT_TLS, + ext_recv_server_cookie, ext_send_server_cookie, NULL, NULL, + NULL, + GNUTLS_EXT_FLAG_CLIENT_HELLO | GNUTLS_EXT_FLAG_HRR | + GNUTLS_EXT_FLAG_OVERRIDE_INTERNAL | + GNUTLS_EXT_FLAG_IGNORE_CLIENT_REQUEST); if (ret != 0) fail("server: cannot register: %s", gnutls_strerror(ret)); @@ -216,7 +208,7 @@ static void server(int sd) */ gnutls_bye(session, GNUTLS_SHUT_WR); - end: +end: close(sd); gnutls_deinit(session); @@ -266,4 +258,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/ext-parse.h b/tests/tls13/ext-parse.h index c3dd7c41b0..4f8ce1c7cb 100644 --- a/tests/tls13/ext-parse.h +++ b/tests/tls13/ext-parse.h @@ -24,36 +24,42 @@ #define TLS_EXT_SUPPORTED_VERSIONS 43 #define TLS_EXT_POST_HANDSHAKE 49 -#define SKIP16(pos, _total) { \ - uint16_t _s; \ - if ((size_t)pos+2 > (size_t)_total) fail("error0: at %d total: %d\n", pos+2, _total); \ - _s = (msg->data[pos] << 8) | msg->data[pos+1]; \ - if ((size_t)(pos+2+_s) > (size_t)_total) fail("error1: at %d field: %d, total: %d\n", pos+2, (int)_s, _total); \ - pos += 2+_s; \ +#define SKIP16(pos, _total) \ + { \ + uint16_t _s; \ + if ((size_t)pos + 2 > (size_t)_total) \ + fail("error0: at %d total: %d\n", pos + 2, _total); \ + _s = (msg->data[pos] << 8) | msg->data[pos + 1]; \ + if ((size_t)(pos + 2 + _s) > (size_t)_total) \ + fail("error1: at %d field: %d, total: %d\n", pos + 2, \ + (int)_s, _total); \ + pos += 2 + _s; \ } -#define SKIP8(pos, _total) { \ - uint8_t _s; \ - if ((size_t)pos+1 > (size_t)_total) fail("error\n"); \ - _s = msg->data[pos]; \ - if ((size_t)(pos+1+_s) > (size_t)_total) fail("error\n"); \ - pos += 1+_s; \ +#define SKIP8(pos, _total) \ + { \ + uint8_t _s; \ + if ((size_t)pos + 1 > (size_t)_total) \ + fail("error\n"); \ + _s = msg->data[pos]; \ + if ((size_t)(pos + 1 + _s) > (size_t)_total) \ + fail("error\n"); \ + pos += 1 + _s; \ } -typedef void (*ext_parse_func)(void *priv, gnutls_datum_t * extdata); +typedef void (*ext_parse_func)(void *priv, gnutls_datum_t *extdata); #define HANDSHAKE_SESSION_ID_POS 34 #if defined __clang__ || __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 5) -# pragma GCC diagnostic push -# pragma GCC diagnostic ignored "-Wunused-function" +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wunused-function" #endif /* Returns 0 if the extension was not found, 1 otherwise. */ -static unsigned find_client_extension(const gnutls_datum_t * msg, - unsigned extnr, void *priv, - ext_parse_func cb) +static unsigned find_client_extension(const gnutls_datum_t *msg, unsigned extnr, + void *priv, ext_parse_func cb) { unsigned pos; @@ -93,14 +99,15 @@ static unsigned find_client_extension(const gnutls_datum_t * msg, if (type != extnr) { SKIP16(pos, msg->size); - } else { /* found */ - ssize_t size = - (msg->data[pos] << 8) | msg->data[pos + 1]; + } else { /* found */ + ssize_t size = (msg->data[pos] << 8) | + msg->data[pos + 1]; gnutls_datum_t data; pos += 2; if (pos + size > msg->size) { - fail("error in extension length (pos: %d, ext: %d, total: %d)\n", pos, (int)size, msg->size); + fail("error in extension length (pos: %d, ext: %d, total: %d)\n", + pos, (int)size, msg->size); } data.data = &msg->data[pos]; data.size = size; @@ -112,7 +119,7 @@ static unsigned find_client_extension(const gnutls_datum_t * msg, return 0; } -static unsigned is_client_extension_last(const gnutls_datum_t * msg, +static unsigned is_client_extension_last(const gnutls_datum_t *msg, unsigned extnr) { unsigned pos, found = 0; @@ -158,7 +165,7 @@ static unsigned is_client_extension_last(const gnutls_datum_t * msg, return 0; } SKIP16(pos, msg->size); - } else { /* found */ + } else { /* found */ found = 1; SKIP16(pos, msg->size); } @@ -171,9 +178,8 @@ static unsigned is_client_extension_last(const gnutls_datum_t * msg, #define TLS_RANDOM_SIZE 32 -static unsigned find_server_extension(const gnutls_datum_t * msg, - unsigned extnr, void *priv, - ext_parse_func cb) +static unsigned find_server_extension(const gnutls_datum_t *msg, unsigned extnr, + void *priv, ext_parse_func cb) { unsigned pos = 0; @@ -186,9 +192,8 @@ static unsigned find_server_extension(const gnutls_datum_t * msg, } if (msg->data[1] >= 0x04) { - success - ("assuming TLS 1.3 or better hello format (seen %d.%d)\n", - (int)msg->data[0], (int)msg->data[1]); + success("assuming TLS 1.3 or better hello format (seen %d.%d)\n", + (int)msg->data[0], (int)msg->data[1]); } pos += 2 + TLS_RANDOM_SIZE; @@ -217,14 +222,15 @@ static unsigned find_server_extension(const gnutls_datum_t * msg, if (type != extnr) { SKIP16(pos, msg->size); - } else { /* found */ - ssize_t size = - (msg->data[pos] << 8) | msg->data[pos + 1]; + } else { /* found */ + ssize_t size = (msg->data[pos] << 8) | + msg->data[pos + 1]; gnutls_datum_t data; pos += 2; if (pos + size < msg->size) { - fail("error in server extension length (pos: %d, total: %d)\n", pos, msg->size); + fail("error in server extension length (pos: %d, total: %d)\n", + pos, msg->size); } data.data = &msg->data[pos]; data.size = size; @@ -238,5 +244,5 @@ static unsigned find_server_extension(const gnutls_datum_t * msg, } #if defined __clang__ || __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 5) -# pragma GCC diagnostic pop +#pragma GCC diagnostic pop #endif diff --git a/tests/tls13/hello_retry_request.c b/tests/tls13/hello_retry_request.c index 72451c2b67..f9ef3e9986 100644 --- a/tests/tls13/hello_retry_request.c +++ b/tests/tls13/hello_retry_request.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,29 +35,28 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" -# include "tls13/ext-parse.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" +#include "tls13/ext-parse.h" /* This program tests whether the version in Hello Retry Request message * is the expected */ const char *testname = ""; -# define myfail(fmt, ...) \ - fail("%s: "fmt, testname, ##__VA_ARGS__) +#define myfail(fmt, ...) fail("%s: " fmt, testname, ##__VA_ARGS__) static void server_log_func(int level, const char *str) { @@ -69,7 +68,7 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define HANDSHAKE_SESSION_ID_POS 34 +#define HANDSHAKE_SESSION_ID_POS 34 struct ctx_st { unsigned hrr_seen; @@ -80,7 +79,7 @@ struct ctx_st { static int hello_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { struct ctx_st *ctx = gnutls_session_get_ptr(session); assert(ctx != NULL); @@ -88,7 +87,8 @@ static int hello_callback(gnutls_session_t session, unsigned int htype, if (htype == GNUTLS_HANDSHAKE_HELLO_RETRY_REQUEST) ctx->hrr_seen = 1; - if (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO && post == GNUTLS_HOOK_POST) { + if (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO && + post == GNUTLS_HOOK_POST) { size_t session_id_len; uint8_t *session_id; @@ -141,10 +141,10 @@ static void client(int fd) gnutls_handshake_set_timeout(session, get_timeout()); gnutls_session_set_ptr(session, &ctx); - ret = - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-X25519", - NULL); + ret = gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-X25519", + NULL); if (ret < 0) myfail("cannot set TLS 1.3 priorities\n"); @@ -157,8 +157,7 @@ static void client(int fd) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); assert(ctx.hrr_seen != 0); @@ -190,10 +189,10 @@ static void server(int fd) gnutls_handshake_set_timeout(session, get_timeout()); /* server only supports x25519, client advertises secp256r1 */ - assert(gnutls_priority_set_direct - (session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519", - NULL) >= 0); + assert(gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519", + NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -201,7 +200,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - if (ret == GNUTLS_E_INTERRUPTED) { /* expected */ + if (ret == GNUTLS_E_INTERRUPTED) { /* expected */ break; } } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); @@ -261,4 +260,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/hello_retry_request_resume.c b/tests/tls13/hello_retry_request_resume.c index aad2388ae5..d6059fe2ff 100644 --- a/tests/tls13/hello_retry_request_resume.c +++ b/tests/tls13/hello_retry_request_resume.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,20 +35,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "../lib/handshake-defs.h" -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "../lib/handshake-defs.h" +#include "cert-common.h" +#include "utils.h" /* This program tests whether the certificate seen in Post Handshake Auth * is found in a resumed session under TLS 1.3. @@ -66,7 +66,7 @@ static void client_log_func(int level, const char *str) static int ticket_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { gnutls_datum *d; int ret; @@ -105,29 +105,28 @@ static void client(int fd) assert(gnutls_certificate_allocate_credentials(&x509_cred) >= 0); - retry: +retry: /* Initialize TLS session */ assert(gnutls_init(&session, GNUTLS_CLIENT) >= 0); gnutls_handshake_set_timeout(session, get_timeout()); - ret = - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-X25519", - NULL); + ret = gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-X25519", + NULL); if (ret < 0) fail("cannot set TLS 1.3 priorities\n"); if (try == 0) { gnutls_session_set_ptr(session, &session_data); - gnutls_handshake_set_hook_function(session, - GNUTLS_HANDSHAKE_NEW_SESSION_TICKET, - GNUTLS_HOOK_BOTH, - ticket_callback); + gnutls_handshake_set_hook_function( + session, GNUTLS_HANDSHAKE_NEW_SESSION_TICKET, + GNUTLS_HOOK_BOTH, ticket_callback); } else { - assert(gnutls_session_set_data - (session, session_data.data, session_data.size) >= 0); + assert(gnutls_session_set_data(session, session_data.data, + session_data.size) >= 0); } gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -138,8 +137,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret != 0) fail("handshake failed: %s\n", gnutls_strerror(ret)); @@ -166,11 +164,11 @@ static void client(int fd) gnutls_global_deinit(); } -# define HANDSHAKE_SESSION_ID_POS 34 +#define HANDSHAKE_SESSION_ID_POS 34 static int client_hello_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { gnutls_datum *d; @@ -210,17 +208,17 @@ static void server(int fd) gnutls_certificate_set_x509_key_mem(x509_cred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); - retry: +retry: assert(gnutls_init(&session, GNUTLS_SERVER) >= 0); assert(gnutls_session_ticket_enable_server(session, &skey) >= 0); gnutls_handshake_set_timeout(session, get_timeout()); /* server only supports x25519, client advertises secp256r1 */ - assert(gnutls_priority_set_direct - (session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519", - NULL) >= 0); + assert(gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519", + NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -255,7 +253,8 @@ static void server(int fd) session_id.size != retry_session_id.size || memcmp(session_id.data, retry_session_id.data, session_id.size)) { - fail("session ids are different after resumption: %u, %u\n", session_id.size, retry_session_id.size); + fail("session ids are different after resumption: %u, %u\n", + session_id.size, retry_session_id.size); } } @@ -321,6 +320,5 @@ void doit(void) client(fd[1]); exit(0); } - } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/key_limits.c b/tests/tls13/key_limits.c index 3c5eda8fef..c7ea50b225 100644 --- a/tests/tls13/key_limits.c +++ b/tests/tls13/key_limits.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -71,8 +71,7 @@ static void start(const char *name, const char *prio, unsigned exp_update) /* Init Server */ assert(gnutls_certificate_allocate_credentials(&scred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(scred, - &server_cert, + assert(gnutls_certificate_set_x509_key_mem(scred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM) >= 0); @@ -94,8 +93,8 @@ static void start(const char *name, const char *prio, unsigned exp_update) /* Init client */ gnutls_certificate_allocate_credentials(&ccred); - assert(gnutls_certificate_set_x509_trust_mem - (ccred, &ca3_cert, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(ccred, &ca3_cert, + GNUTLS_X509_FMT_PEM) >= 0); gnutls_init(&client, GNUTLS_CLIENT); @@ -115,22 +114,24 @@ static void start(const char *name, const char *prio, unsigned exp_update) success("Handshake established\n"); assert(gnutls_record_get_state(server, 0, NULL, NULL, NULL, seq) >= 0); - assert(gnutls_record_set_state - (server, 0, (void *)"\x00\x00\x00\x00\x00\xff\xff\xfa") >= 0); + assert(gnutls_record_set_state( + server, 0, (void *)"\x00\x00\x00\x00\x00\xff\xff\xfa") >= + 0); assert(gnutls_record_get_state(client, 1, NULL, NULL, NULL, seq) >= 0); - assert(gnutls_record_set_state - (client, 1, (void *)"\x00\x00\x00\x00\x00\xff\xff\xfa") >= 0); + assert(gnutls_record_set_state( + client, 1, (void *)"\x00\x00\x00\x00\x00\xff\xff\xfa") >= + 0); memset(buffer, 1, sizeof(buffer)); for (i = 0; i < 32; i++) { - usleep(10000); /* some systems like FreeBSD have their buffers full during this send */ + usleep(10000); /* some systems like FreeBSD have their buffers full during this send */ do { - sret = - gnutls_record_send(server, buffer, sizeof(buffer)); - } while (sret == GNUTLS_E_AGAIN - || sret == GNUTLS_E_INTERRUPTED); + sret = gnutls_record_send(server, buffer, + sizeof(buffer)); + } while (sret == GNUTLS_E_AGAIN || + sret == GNUTLS_E_INTERRUPTED); if (sret < 0) { fail("Error sending %d byte packet: %s\n", @@ -142,11 +143,10 @@ static void start(const char *name, const char *prio, unsigned exp_update) (int)sizeof(buffer), sret); } do { - cret = - gnutls_record_recv_seq(client, buffer, MAX_BUF, - seq); - } while (cret == GNUTLS_E_AGAIN - || cret == GNUTLS_E_INTERRUPTED); + cret = gnutls_record_recv_seq(client, buffer, MAX_BUF, + seq); + } while (cret == GNUTLS_E_AGAIN || + cret == GNUTLS_E_INTERRUPTED); if (memcmp(seq, "\x00\x00\x00\x00\x00\x00\x00\x01", 8) == 0) { update_happened = 1; @@ -176,11 +176,11 @@ static void start(const char *name, const char *prio, unsigned exp_update) } #define AES_GCM "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM" -#define CHACHA_POLY1305 "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+CHACHA20-POLY1305" +#define CHACHA_POLY1305 \ + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+CHACHA20-POLY1305" void doit(void) { - start("aes-gcm", AES_GCM, 1); if (!gnutls_fips140_mode_enabled()) { start("chacha20", CHACHA_POLY1305, 0); diff --git a/tests/tls13/key_share.c b/tests/tls13/key_share.c index f8afa73ef1..87e0425c82 100644 --- a/tests/tls13/key_share.c +++ b/tests/tls13/key_share.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,8 +40,7 @@ const char *testname = ""; -#define myfail(fmt, ...) \ - fail("%s: "fmt, testname, ##__VA_ARGS__) +#define myfail(fmt, ...) fail("%s: " fmt, testname, ##__VA_ARGS__) const char *side = ""; @@ -51,12 +50,9 @@ static void tls_log_func(int level, const char *str) } unsigned int tls_id_to_group[] = { - [23] = GNUTLS_GROUP_SECP256R1, - [24] = GNUTLS_GROUP_SECP384R1, - [29] = GNUTLS_GROUP_X25519, - [30] = GNUTLS_GROUP_X448, - [0x100] = GNUTLS_GROUP_FFDHE2048, - [0x101] = GNUTLS_GROUP_FFDHE3072 + [23] = GNUTLS_GROUP_SECP256R1, [24] = GNUTLS_GROUP_SECP384R1, + [29] = GNUTLS_GROUP_X25519, [30] = GNUTLS_GROUP_X448, + [0x100] = GNUTLS_GROUP_FFDHE2048, [0x101] = GNUTLS_GROUP_FFDHE3072 }; #define TLS_EXT_KEY_SHARE 51 @@ -66,8 +62,7 @@ typedef struct ctx_st { unsigned ngroups; } ctx_st; -static -void check_ks_contents(void *priv, gnutls_datum_t * msg) +static void check_ks_contents(void *priv, gnutls_datum_t *msg) { ctx_st *ctx; int len; @@ -112,11 +107,12 @@ void check_ks_contents(void *priv, gnutls_datum_t * msg) static int client_hello_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { - if (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO && post == GNUTLS_HOOK_POST) { - if (find_client_extension - (msg, TLS_EXT_KEY_SHARE, session, check_ks_contents) == 0) + if (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO && + post == GNUTLS_HOOK_POST) { + if (find_client_extension(msg, TLS_EXT_KEY_SHARE, session, + check_ks_contents) == 0) fail("Could not find key share extension!\n"); } @@ -141,8 +137,7 @@ static void start(const char *name, const char *prio, unsigned flag, /* Init server */ assert(gnutls_certificate_allocate_credentials(&scred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(scred, - &server_cert, + assert(gnutls_certificate_set_x509_key_mem(scred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM) >= 0); @@ -167,8 +162,8 @@ static void start(const char *name, const char *prio, unsigned flag, /* Init client */ gnutls_certificate_allocate_credentials(&ccred); - assert(gnutls_certificate_set_x509_trust_mem - (ccred, &ca3_cert, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(ccred, &ca3_cert, + GNUTLS_X509_FMT_PEM) >= 0); gnutls_init(&client, GNUTLS_CLIENT | flag); diff --git a/tests/tls13/key_update.c b/tests/tls13/key_update.c index 93b9ee9bbc..c6a95c1770 100644 --- a/tests/tls13/key_update.c +++ b/tests/tls13/key_update.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -44,14 +44,15 @@ static void tls_log_func(int level, const char *str) } #define MAX_BUF 1024 -#define MSG "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..." +#define MSG \ + "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..." static unsigned key_update_msg_inc = 0; static unsigned key_update_msg_out = 0; static int hsk_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { assert(post == GNUTLS_HOOK_PRE); @@ -88,16 +89,13 @@ static void run(const char *name, unsigned test) /* Init server */ assert(gnutls_certificate_allocate_credentials(&scred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(scred, - &server_ca3_localhost_cert, - &server_ca3_key, - GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + scred, &server_ca3_localhost_cert, &server_ca3_key, + GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&server, GNUTLS_SERVER) >= 0); - ret = - gnutls_priority_set_direct(server, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", - NULL); + ret = gnutls_priority_set_direct( + server, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", NULL); if (ret < 0) exit(1); @@ -108,14 +106,12 @@ static void run(const char *name, unsigned test) /* Init client */ assert(gnutls_certificate_allocate_credentials(&ccred) >= 0); - assert(gnutls_certificate_set_x509_trust_mem - (ccred, &ca3_cert, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(ccred, &ca3_cert, + GNUTLS_X509_FMT_PEM) >= 0); gnutls_init(&client, GNUTLS_CLIENT); - ret = - gnutls_priority_set_direct(client, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", - NULL); + ret = gnutls_priority_set_direct( + client, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", NULL); assert(ret >= 0); ret = gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, ccred); @@ -273,5 +269,5 @@ void doit(void) run("single", 4); run("single", 5); run("single", 6); - run("all", 0); /* all one after each other */ + run("all", 0); /* all one after each other */ } diff --git a/tests/tls13/key_update_multiple.c b/tests/tls13/key_update_multiple.c index 06c63d5d44..19eafea4bd 100644 --- a/tests/tls13/key_update_multiple.c +++ b/tests/tls13/key_update_multiple.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -49,7 +49,8 @@ static void tls_log_func(int level, const char *str) } #define MAX_BUF 1024 -#define MSG "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..." +#define MSG \ + "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..." /* These must match the definitions in lib/tls13/key_update.c. */ #define KEY_UPDATES_WINDOW 1000 @@ -60,7 +61,7 @@ static unsigned key_update_msg_out = 0; static int hsk_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { assert(post == GNUTLS_HOOK_PRE); @@ -100,16 +101,13 @@ static void run(const char *name, bool exceed_limit) /* Init server */ assert(gnutls_certificate_allocate_credentials(&scred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(scred, - &server_ca3_localhost_cert, - &server_ca3_key, - GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + scred, &server_ca3_localhost_cert, &server_ca3_key, + GNUTLS_X509_FMT_PEM) >= 0); assert(gnutls_init(&server, GNUTLS_SERVER) >= 0); - ret = - gnutls_priority_set_direct(server, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", - NULL); + ret = gnutls_priority_set_direct( + server, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", NULL); if (ret < 0) exit(1); @@ -120,14 +118,12 @@ static void run(const char *name, bool exceed_limit) /* Init client */ assert(gnutls_certificate_allocate_credentials(&ccred) >= 0); - assert(gnutls_certificate_set_x509_trust_mem - (ccred, &ca3_cert, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(ccred, &ca3_cert, + GNUTLS_X509_FMT_PEM) >= 0); gnutls_init(&client, GNUTLS_CLIENT); - ret = - gnutls_priority_set_direct(client, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", - NULL); + ret = gnutls_priority_set_direct( + client, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", NULL); assert(ret >= 0); ret = gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, ccred); @@ -193,8 +189,7 @@ static void run(const char *name, bool exceed_limit) fail("server didn't reject excessive number of key updates\n"); else { if (debug) - success - ("server rejected excessive number of key updates\n"); + success("server rejected excessive number of key updates\n"); } } else { virt_sec_sleep(KEY_UPDATES_WINDOW / 1000 + 1); diff --git a/tests/tls13/multi-ocsp.c b/tests/tls13/multi-ocsp.c index 4d9ae660be..4ce885c701 100644 --- a/tests/tls13/multi-ocsp.c +++ b/tests/tls13/multi-ocsp.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -32,15 +32,15 @@ #ifdef ENABLE_OCSP -# include "ocsp-common.h" -# include "cert-common.h" -# include "utils.h" +#include "ocsp-common.h" +#include "cert-common.h" +#include "utils.h" /* Tests whether we can send and receive multiple OCSP responses * one for each certificate in a chain under TLS 1.3. */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1469186559; if (t) @@ -50,15 +50,15 @@ static time_t mytime(time_t * t) } static const gnutls_datum_t ocsp_resp_localhost[] = { - {(void *)_ocsp_ca3_localhost_unknown, - sizeof(_ocsp_ca3_localhost_unknown)}, - {NULL, 0} + { (void *)_ocsp_ca3_localhost_unknown, + sizeof(_ocsp_ca3_localhost_unknown) }, + { NULL, 0 } }; static const gnutls_datum_t ocsp_resp_localhost6[] = { - {(void *)_ocsp_ca3_localhost6_unknown, - sizeof(_ocsp_ca3_localhost6_unknown)}, - {(void *)_ocsp_subca3_unknown, sizeof(_ocsp_subca3_unknown)} + { (void *)_ocsp_ca3_localhost6_unknown, + sizeof(_ocsp_ca3_localhost6_unknown) }, + { (void *)_ocsp_subca3_unknown, sizeof(_ocsp_subca3_unknown) } }; typedef struct ctx_st { @@ -70,8 +70,7 @@ typedef struct ctx_st { static ctx_st test_localhost = { "single response", ocsp_resp_localhost, 1 }; static ctx_st test_localhost6 = { "two responses", ocsp_resp_localhost6, 2 }; -# define myfail(fmt, ...) \ - fail("%s: "fmt, test->name, ##__VA_ARGS__) +#define myfail(fmt, ...) fail("%s: " fmt, test->name, ##__VA_ARGS__) static void check_response(gnutls_session_t session, void *priv) { @@ -97,9 +96,8 @@ static void check_response(gnutls_session_t session, void *priv) } if (resp.size != test->ocsp[i].size) { - myfail - ("did not receive the expected response size for %d\n", - i); + myfail("did not receive the expected response size for %d\n", + i); } if (memcmp(resp.data, test->ocsp[i].data, resp.size) != 0) { @@ -109,11 +107,9 @@ static void check_response(gnutls_session_t session, void *priv) } if (i != test->nocsp) { - myfail - ("The number of OCSP responses received (%d) does not match the expected (%d)\n", - i, test->nocsp); + myfail("The number of OCSP responses received (%d) does not match the expected (%d)\n", + i, test->nocsp); } - } static void tls_log_func(int level, const char *str) @@ -131,7 +127,7 @@ void doit(void) char certname1[TMPNAME_SIZE]; char certname2[TMPNAME_SIZE]; FILE *fp; - unsigned index1, index2; /* indexes of certs */ + unsigned index1, index2; /* indexes of certs */ global_init(); gnutls_global_set_time_function(mytime); @@ -151,17 +147,14 @@ void doit(void) fp = fopen(certfile1, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (server_localhost_ca3_cert_chain_pem, 1, - strlen(server_localhost_ca3_cert_chain_pem), fp) > 0); - assert(fwrite - (server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), - fp) > 0); + assert(fwrite(server_localhost_ca3_cert_chain_pem, 1, + strlen(server_localhost_ca3_cert_chain_pem), fp) > 0); + assert(fwrite(server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), + fp) > 0); fclose(fp); - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile1, certfile1, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile1, certfile1, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); index1 = ret; @@ -172,44 +165,32 @@ void doit(void) fp = fopen(certfile2, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (server_localhost6_ca3_cert_chain_pem, 1, - strlen(server_localhost6_ca3_cert_chain_pem), fp) > 0); - assert(fwrite - (server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), - fp) > 0); + assert(fwrite(server_localhost6_ca3_cert_chain_pem, 1, + strlen(server_localhost6_ca3_cert_chain_pem), fp) > 0); + assert(fwrite(server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), + fp) > 0); fclose(fp); - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile2, certfile2, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile2, certfile2, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); index2 = ret; /* set OCSP response1 */ - ret = - gnutls_certificate_set_ocsp_status_request_mem(xcred, - &test_localhost.ocsp - [0], index1, - GNUTLS_X509_FMT_DER); + ret = gnutls_certificate_set_ocsp_status_request_mem( + xcred, &test_localhost.ocsp[0], index1, GNUTLS_X509_FMT_DER); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); /* set OCSP response2 */ - ret = - gnutls_certificate_set_ocsp_status_request_mem(xcred, - &test_localhost6.ocsp - [0], index2, - GNUTLS_X509_FMT_DER); + ret = gnutls_certificate_set_ocsp_status_request_mem( + xcred, &test_localhost6.ocsp[0], index2, GNUTLS_X509_FMT_DER); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); - ret = - gnutls_certificate_set_ocsp_status_request_mem(xcred, - &test_localhost6.ocsp - [1], index2, - GNUTLS_X509_FMT_DER); + ret = gnutls_certificate_set_ocsp_status_request_mem( + xcred, &test_localhost6.ocsp[1], index2, GNUTLS_X509_FMT_DER); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); @@ -221,9 +202,8 @@ void doit(void) GNUTLS_VERIFY_DISABLE_CRL_CHECKS) fail("error in gnutls_certificate_set_verify_flags\n"); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in setting trust cert: %s\n", gnutls_strerror(ret)); } diff --git a/tests/tls13/no-auto-send-ticket.c b/tests/tls13/no-auto-send-ticket.c index 5e9cfa44b6..cd82b8d6af 100644 --- a/tests/tls13/no-auto-send-ticket.c +++ b/tests/tls13/no-auto-send-ticket.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,20 +35,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "../lib/handshake-defs.h" -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "../lib/handshake-defs.h" +#include "cert-common.h" +#include "utils.h" /* This program tests whether the certificate seen in Post Handshake Auth * is found in a resumed session under TLS 1.3. @@ -67,7 +67,7 @@ static void client_log_func(int level, const char *str) static unsigned tickets_seen = 0; static int ticket_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { gnutls_datum *d; int ret; @@ -108,29 +108,28 @@ static void client(int fd, unsigned flags, unsigned tickets) assert(gnutls_certificate_allocate_credentials(&x509_cred) >= 0); - retry: +retry: /* Initialize TLS session */ assert(gnutls_init(&session, GNUTLS_CLIENT | flags) >= 0); gnutls_handshake_set_timeout(session, get_timeout()); - ret = - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", - NULL); + ret = gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", + NULL); if (ret < 0) fail("cannot set TLS 1.3 priorities\n"); if (try == 0) { gnutls_session_set_ptr(session, &session_data); - gnutls_handshake_set_hook_function(session, - GNUTLS_HANDSHAKE_NEW_SESSION_TICKET, - GNUTLS_HOOK_BOTH, - ticket_callback); + gnutls_handshake_set_hook_function( + session, GNUTLS_HANDSHAKE_NEW_SESSION_TICKET, + GNUTLS_HOOK_BOTH, ticket_callback); } else { - assert(gnutls_session_set_data - (session, session_data.data, session_data.size) >= 0); + assert(gnutls_session_set_data(session, session_data.data, + session_data.size) >= 0); } gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -141,8 +140,7 @@ static void client(int fd, unsigned flags, unsigned tickets) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret != 0) fail("handshake failed: %s\n", gnutls_strerror(ret)); @@ -173,8 +171,8 @@ static void client(int fd, unsigned flags, unsigned tickets) gnutls_global_deinit(); } -static void server(int fd, unsigned flags, - unsigned tickets_sent, unsigned tickets_expected) +static void server(int fd, unsigned flags, unsigned tickets_sent, + unsigned tickets_expected) { int ret; gnutls_session_t session; @@ -201,8 +199,8 @@ static void server(int fd, unsigned flags, assert(gnutls_session_ticket_enable_server(session, &skey) >= 0); gnutls_handshake_set_timeout(session, get_timeout()); - assert(gnutls_priority_set_direct(session, "NORMAL:+VERS-TLS1.3", NULL) - >= 0); + assert(gnutls_priority_set_direct(session, "NORMAL:+VERS-TLS1.3", + NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -217,9 +215,8 @@ static void server(int fd, unsigned flags, if (tickets_sent > 0) { do { - ret = - gnutls_session_ticket_send(session, tickets_sent, - 0); + ret = gnutls_session_ticket_send(session, tickets_sent, + 0); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); } @@ -236,8 +233,8 @@ static void server(int fd, unsigned flags, assert(gnutls_session_ticket_enable_server(session, &skey) >= 0); gnutls_handshake_set_timeout(session, get_timeout()); - assert(gnutls_priority_set_direct - (session, "NORMAL:+VERS-TLS1.3", NULL) >= 0); + assert(gnutls_priority_set_direct( + session, "NORMAL:+VERS-TLS1.3", NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -275,9 +272,8 @@ static void ch_handler(int sig) return; } -static void start(const char *name, - unsigned flags, - unsigned tickets_sent, unsigned tickets_expected) +static void start(const char *name, unsigned flags, unsigned tickets_sent, + unsigned tickets_expected) { int fd[2]; int ret; @@ -308,7 +304,6 @@ static void start(const char *name, client(fd[1], flags, tickets_expected); exit(0); } - } void doit(void) @@ -321,4 +316,4 @@ void doit(void) start("no auto send ticket 0", GNUTLS_NO_AUTO_SEND_TICKET, 0, 0); start("no auto send ticket 1", GNUTLS_NO_AUTO_SEND_TICKET, 1, 1); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/no-psk-exts.c b/tests/tls13/no-psk-exts.c index 55b9ccccd0..c91be81477 100644 --- a/tests/tls13/no-psk-exts.c +++ b/tests/tls13/no-psk-exts.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,20 +35,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "tls13/ext-parse.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "tls13/ext-parse.h" +#include "utils.h" /* This program tests whether a connection without the PSK priority * options, will contain PSK extensions */ @@ -63,7 +63,7 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd) { @@ -88,10 +88,10 @@ static void client(int fd) gnutls_handshake_set_timeout(session, get_timeout()); - ret = - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", - NULL); + ret = gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", + NULL); if (ret < 0) fail("cannot set TLS 1.3 priorities\n"); @@ -106,8 +106,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); /* try if gnutls_reauth() would fail as expected */ ret = gnutls_reauth(session, 0); @@ -127,14 +126,15 @@ static void client(int fd) static unsigned server_hello_ok = 0; -# define TLS_EXT_PSK 41 -# define TLS_EXT_PSK_KE 45 +#define TLS_EXT_PSK 41 +#define TLS_EXT_PSK_KE 45 static int hellos_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { - if (htype == GNUTLS_HANDSHAKE_SERVER_HELLO && post == GNUTLS_HOOK_POST) { + if (htype == GNUTLS_HANDSHAKE_SERVER_HELLO && + post == GNUTLS_HOOK_POST) { if (find_server_extension(msg, TLS_EXT_PSK_KE, NULL, NULL)) { fail("PSK KE extension seen on server (illegal)!\n"); } @@ -196,7 +196,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - if (ret == GNUTLS_E_INTERRUPTED) { /* expected */ + if (ret == GNUTLS_E_INTERRUPTED) { /* expected */ break; } } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); @@ -258,4 +258,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/ocsp-client.c b/tests/tls13/ocsp-client.c index d91febe43e..023393c4c9 100644 --- a/tests/tls13/ocsp-client.c +++ b/tests/tls13/ocsp-client.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -32,8 +32,8 @@ #ifdef ENABLE_OCSP -# include "cert-common.h" -# include "utils.h" +#include "cert-common.h" +#include "utils.h" /* Tests whether we can send and receive multiple OCSP responses * one for each certificate in a chain under TLS 1.3, but unrelated @@ -41,7 +41,7 @@ * flag). */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1469186559; if (t) @@ -50,14 +50,16 @@ static time_t mytime(time_t * t) return then; } -# define RESP1 "\x30\x82\x06\x8C\x0A\x01\x00\xA0\x82\x06\x85\x30\x82\x06\x81\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\x72\x30\x82\x06\x6E\x30\x82\x01\x07\xA1\x69\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\x30\x64\x30\x62\x30\x3A\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\x13\x9D\xA0\x9E\xF4\x32\xAB\x8F\xE2\x89\x56\x67\xFA\xD0\xD4\xE3\x35\x86\x71\xB9\x04\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\x02\x01\x1D\x80\x00\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\xA0\x11\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x39\x32\x38\x5A\xA1\x23\x30\x21\x30\x1F\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x16\x89\x7D\x91\x3A\xB5\x25\xA4\x45\xFE\xC9\xFD\xC2\xE5\x08\xA4\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x4E\xAD\x6B\x2B\xF7\xF2\xBF\xA9\x23\x1E\x3A\x0B\x06\xDB\x55\x53\x2B\x64\x54\x11\x32\xBF\x60\xF7\x4F\xE0\x8E\x9B\xA0\xA2\x4C\x79\xC3\x2A\xE0\x43\xF7\x40\x1A\xDC\xB9\xB4\x25\xEF\x48\x01\x97\x8C\xF5\x1E\xDB\xD1\x30\x37\x73\x69\xD6\xA7\x7A\x2D\x8E\xDE\x5C\xAA\xEA\x39\xB9\x52\xAA\x25\x1E\x74\x7D\xF9\x78\x95\x8A\x92\x1F\x98\x21\xF4\x60\x7F\xD3\x28\xEE\x47\x9C\xBF\xE2\x5D\xF6\x3F\x68\x0A\xD6\xFF\x08\xC1\xDC\x95\x1E\x29\xD7\x3E\x85\xD5\x65\xA4\x4B\xC0\xAF\xC3\x78\xAB\x06\x98\x88\x19\x8A\x64\xA6\x83\x91\x87\x13\xDB\x17\xCC\x46\xBD\xAB\x4E\xC7\x16\xD1\xF8\x35\xFD\x27\xC8\xF6\x6B\xEB\x37\xB8\x08\x6F\xE2\x6F\xB4\x7E\xD5\x68\xDB\x7F\x5D\x5E\x36\x38\xF2\x77\x59\x13\xE7\x3E\x4D\x67\x5F\xDB\xA2\xF5\x5D\x7C\xBF\xBD\xB5\x37\x33\x51\x36\x63\xF8\x21\x1E\xFC\x73\x8F\x32\x69\xBB\x97\xA7\xBD\xF1\xB6\xE0\x40\x09\x68\xEA\xD5\x93\xB8\xBB\x39\x8D\xA8\x16\x1B\xBF\x04\x7A\xBC\x18\x43\x01\xE9\x3C\x19\x5C\x4D\x4B\x98\xD8\x23\x37\x39\xA4\xC4\xDD\xED\x9C\xEC\x37\xAB\x66\x44\x9B\xE7\x5B\x5D\x32\xA2\xDB\xA6\x0B\x3B\x8C\xE1\xF5\xDB\xCB\x7D\x58\xA0\x82\x04\x4B\x30\x82\x04\x47\x30\x82\x04\x43\x30\x82\x03\x2B\xA0\x03\x02\x01\x02\x02\x01\x1E\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x1E\x17\x0D\x30\x39\x31\x31\x32\x34\x31\x32\x35\x31\x35\x33\x5A\x17\x0D\x31\x34\x31\x31\x32\x33\x31\x32\x35\x31\x35\x33\x5A\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\xBC\x05\x3E\x4B\xBE\xC6\xB1\x33\x48\x0E\xC3\xD4\x0C\xEF\x83\x0B\xBD\xBC\x57\x5F\x14\xEF\xF5\x6D\x0B\xFF\xFA\x01\x9C\xFA\x21\x6D\x5C\xAE\x79\x29\x74\xFE\xBD\xAB\x70\x87\x98\x6B\x48\x35\x79\xE3\xE0\xC1\x14\x41\x1F\x0A\xF7\xE7\xA3\xA6\xDA\x6B\xFF\xCD\x74\xE9\x95\x00\x38\xAA\xD6\x3A\x60\xC6\x64\xA1\xE6\x02\x39\x58\x4E\xFD\xF2\x78\x08\x63\xB6\xD7\x7A\x96\x79\x62\x18\x39\xEE\x27\x8D\x3B\xA2\x3D\x48\x88\xDB\x43\xD6\x6A\x77\x20\x6A\x27\x39\x50\xE0\x02\x50\x19\xF2\x7A\xCF\x78\x23\x99\x01\xD4\xE5\xB1\xD1\x31\xE6\x6B\x84\xAF\xD0\x77\x41\x46\x85\xB0\x3B\xE6\x6A\x00\x0F\x3B\x7E\x95\x7F\x59\xA8\x22\xE8\x49\x49\x05\xC8\xCB\x6C\xEE\x47\xA7\x2D\xC9\x74\x5B\xEB\x8C\xD5\x99\xC2\xE2\x70\xDB\xEA\x87\x43\x84\x0E\x4F\x83\x1C\xA6\xEB\x1F\x22\x38\x17\x69\x9B\x72\x12\x95\x48\x71\xB2\x7B\x92\x73\x52\xAB\xE3\x1A\xA5\xD3\xF4\x44\x14\xBA\xC3\x35\xDA\x91\x6C\x7D\xB4\xC2\x00\x07\xD8\x0A\x51\xF1\x0D\x4C\xD9\x7A\xD1\x99\xE6\xA8\x8D\x0A\x80\xA8\x91\xDD\x8A\xA2\x6B\xF6\xDB\xB0\x3E\xC9\x71\xA9\xE0\x39\xC3\xA3\x58\x0D\x87\xD0\xB2\xA7\x9C\xB7\x69\x02\x03\x01\x00\x01\xA3\x82\x01\x1A\x30\x82\x01\x16\x30\x09\x06\x03\x55\x1D\x13\x04\x02\x30\x00\x30\x0B\x06\x03\x55\x1D\x0F\x04\x04\x03\x02\x03\xA8\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x34\x91\x6E\x91\x32\xBF\x35\x25\x43\xCC\x28\x74\xEF\x82\xC2\x57\x92\x79\x13\x73\x30\x6D\x06\x03\x55\x1D\x23\x04\x66\x30\x64\x80\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\xA1\x49\xA4\x47\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x82\x01\x00\x30\x1E\x06\x03\x55\x1D\x11\x04\x17\x30\x15\x82\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x13\x06\x03\x55\x1D\x25\x04\x0C\x30\x0A\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x39\x06\x03\x55\x1D\x1F\x04\x32\x30\x30\x30\x2E\xA0\x2C\xA0\x2A\x86\x28\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x2F\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x63\x72\x6C\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x03\x82\x01\x01\x00\x6D\x78\xD7\x66\x90\xA6\xEB\xDD\xB5\x09\x48\xA4\xDA\x27\xFA\xAC\xB1\xBC\x8F\x8C\xBE\xCC\x8C\x09\xA2\x40\x0D\x6C\x4A\xAE\x72\x22\x1E\xC8\xAF\x6D\xF1\x12\xAF\xD7\x40\x51\x79\xD4\xDD\xB2\x0C\xDB\x97\x84\xB6\x24\xD5\xF5\xA8\xBB\xC0\x4B\xF9\x7F\x71\xF7\xB0\x65\x42\x4A\x7D\xFE\x76\x7E\x05\xD2\x46\xB8\x7D\xB3\x39\x4C\x5C\xB1\xFA\xB9\xEE\x3B\x70\x33\x39\x57\x1A\xB9\x95\x51\x33\x00\x25\x1B\x4C\xAA\xB4\xA7\x55\xAF\x63\x6D\x6F\x88\x17\x6A\x7F\xB0\x97\xDE\x49\x14\x6A\x27\x6A\xB0\x42\x80\xD6\xA6\x9B\xEF\x04\x5E\x11\x7D\xD5\x8E\x54\x20\xA2\x76\xD4\x66\x58\xAC\x9C\x12\xD3\xF5\xCA\x54\x98\xCA\x21\xEC\xC1\x55\xA1\x2F\x68\x0B\x5D\x04\x50\xD2\x5E\x70\x25\xD8\x13\xD9\x44\x51\x0E\x8A\x42\x08\x18\x84\xE6\x61\xCE\x5A\x7D\x7B\x81\x35\x90\xC3\xD4\x9D\x19\xB6\x37\xEE\x8F\x63\x5C\xDA\xD8\xF0\x64\x60\x39\xEB\x9B\x1C\x54\x66\x75\x76\xB5\x0A\x58\xB9\x3F\x91\xE1\x21\x9C\xA0\x50\x15\x97\xB6\x7E\x41\xBC\xD0\xC4\x21\x4C\xF5\xD7\xF0\x13\xF8\x77\xE9\x74\xC4\x8A\x0E\x20\x17\x32\xAE\x38\xC2\xA5\xA8\x62\x85\x17\xB1\xA2\xD3\x22\x9F\x95\xB7\xA3\x4C" +#define RESP1 \ + "\x30\x82\x06\x8C\x0A\x01\x00\xA0\x82\x06\x85\x30\x82\x06\x81\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\x72\x30\x82\x06\x6E\x30\x82\x01\x07\xA1\x69\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\x30\x64\x30\x62\x30\x3A\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\x13\x9D\xA0\x9E\xF4\x32\xAB\x8F\xE2\x89\x56\x67\xFA\xD0\xD4\xE3\x35\x86\x71\xB9\x04\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\x02\x01\x1D\x80\x00\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x34\x32\x38\x5A\xA0\x11\x18\x0F\x32\x30\x31\x31\x30\x39\x32\x37\x30\x39\x35\x39\x32\x38\x5A\xA1\x23\x30\x21\x30\x1F\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x16\x89\x7D\x91\x3A\xB5\x25\xA4\x45\xFE\xC9\xFD\xC2\xE5\x08\xA4\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x4E\xAD\x6B\x2B\xF7\xF2\xBF\xA9\x23\x1E\x3A\x0B\x06\xDB\x55\x53\x2B\x64\x54\x11\x32\xBF\x60\xF7\x4F\xE0\x8E\x9B\xA0\xA2\x4C\x79\xC3\x2A\xE0\x43\xF7\x40\x1A\xDC\xB9\xB4\x25\xEF\x48\x01\x97\x8C\xF5\x1E\xDB\xD1\x30\x37\x73\x69\xD6\xA7\x7A\x2D\x8E\xDE\x5C\xAA\xEA\x39\xB9\x52\xAA\x25\x1E\x74\x7D\xF9\x78\x95\x8A\x92\x1F\x98\x21\xF4\x60\x7F\xD3\x28\xEE\x47\x9C\xBF\xE2\x5D\xF6\x3F\x68\x0A\xD6\xFF\x08\xC1\xDC\x95\x1E\x29\xD7\x3E\x85\xD5\x65\xA4\x4B\xC0\xAF\xC3\x78\xAB\x06\x98\x88\x19\x8A\x64\xA6\x83\x91\x87\x13\xDB\x17\xCC\x46\xBD\xAB\x4E\xC7\x16\xD1\xF8\x35\xFD\x27\xC8\xF6\x6B\xEB\x37\xB8\x08\x6F\xE2\x6F\xB4\x7E\xD5\x68\xDB\x7F\x5D\x5E\x36\x38\xF2\x77\x59\x13\xE7\x3E\x4D\x67\x5F\xDB\xA2\xF5\x5D\x7C\xBF\xBD\xB5\x37\x33\x51\x36\x63\xF8\x21\x1E\xFC\x73\x8F\x32\x69\xBB\x97\xA7\xBD\xF1\xB6\xE0\x40\x09\x68\xEA\xD5\x93\xB8\xBB\x39\x8D\xA8\x16\x1B\xBF\x04\x7A\xBC\x18\x43\x01\xE9\x3C\x19\x5C\x4D\x4B\x98\xD8\x23\x37\x39\xA4\xC4\xDD\xED\x9C\xEC\x37\xAB\x66\x44\x9B\xE7\x5B\x5D\x32\xA2\xDB\xA6\x0B\x3B\x8C\xE1\xF5\xDB\xCB\x7D\x58\xA0\x82\x04\x4B\x30\x82\x04\x47\x30\x82\x04\x43\x30\x82\x03\x2B\xA0\x03\x02\x01\x02\x02\x01\x1E\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x1E\x17\x0D\x30\x39\x31\x31\x32\x34\x31\x32\x35\x31\x35\x33\x5A\x17\x0D\x31\x34\x31\x31\x32\x33\x31\x32\x35\x31\x35\x33\x5A\x30\x67\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1F\x30\x1D\x06\x03\x55\x04\x0B\x13\x16\x4F\x43\x53\x50\x20\x53\x69\x67\x6E\x69\x6E\x67\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\xBC\x05\x3E\x4B\xBE\xC6\xB1\x33\x48\x0E\xC3\xD4\x0C\xEF\x83\x0B\xBD\xBC\x57\x5F\x14\xEF\xF5\x6D\x0B\xFF\xFA\x01\x9C\xFA\x21\x6D\x5C\xAE\x79\x29\x74\xFE\xBD\xAB\x70\x87\x98\x6B\x48\x35\x79\xE3\xE0\xC1\x14\x41\x1F\x0A\xF7\xE7\xA3\xA6\xDA\x6B\xFF\xCD\x74\xE9\x95\x00\x38\xAA\xD6\x3A\x60\xC6\x64\xA1\xE6\x02\x39\x58\x4E\xFD\xF2\x78\x08\x63\xB6\xD7\x7A\x96\x79\x62\x18\x39\xEE\x27\x8D\x3B\xA2\x3D\x48\x88\xDB\x43\xD6\x6A\x77\x20\x6A\x27\x39\x50\xE0\x02\x50\x19\xF2\x7A\xCF\x78\x23\x99\x01\xD4\xE5\xB1\xD1\x31\xE6\x6B\x84\xAF\xD0\x77\x41\x46\x85\xB0\x3B\xE6\x6A\x00\x0F\x3B\x7E\x95\x7F\x59\xA8\x22\xE8\x49\x49\x05\xC8\xCB\x6C\xEE\x47\xA7\x2D\xC9\x74\x5B\xEB\x8C\xD5\x99\xC2\xE2\x70\xDB\xEA\x87\x43\x84\x0E\x4F\x83\x1C\xA6\xEB\x1F\x22\x38\x17\x69\x9B\x72\x12\x95\x48\x71\xB2\x7B\x92\x73\x52\xAB\xE3\x1A\xA5\xD3\xF4\x44\x14\xBA\xC3\x35\xDA\x91\x6C\x7D\xB4\xC2\x00\x07\xD8\x0A\x51\xF1\x0D\x4C\xD9\x7A\xD1\x99\xE6\xA8\x8D\x0A\x80\xA8\x91\xDD\x8A\xA2\x6B\xF6\xDB\xB0\x3E\xC9\x71\xA9\xE0\x39\xC3\xA3\x58\x0D\x87\xD0\xB2\xA7\x9C\xB7\x69\x02\x03\x01\x00\x01\xA3\x82\x01\x1A\x30\x82\x01\x16\x30\x09\x06\x03\x55\x1D\x13\x04\x02\x30\x00\x30\x0B\x06\x03\x55\x1D\x0F\x04\x04\x03\x02\x03\xA8\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x34\x91\x6E\x91\x32\xBF\x35\x25\x43\xCC\x28\x74\xEF\x82\xC2\x57\x92\x79\x13\x73\x30\x6D\x06\x03\x55\x1D\x23\x04\x66\x30\x64\x80\x14\x5D\xA7\xDD\x70\x06\x51\x32\x7E\xE7\xB6\x6D\xB3\xB5\xE5\xE0\x60\xEA\x2E\x4D\xEF\xA1\x49\xA4\x47\x30\x45\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x48\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x4C\x69\x6E\x75\x78\x20\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x73\x74\x72\x6F\x6E\x67\x53\x77\x61\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x82\x01\x00\x30\x1E\x06\x03\x55\x1D\x11\x04\x17\x30\x15\x82\x13\x6F\x63\x73\x70\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x30\x13\x06\x03\x55\x1D\x25\x04\x0C\x30\x0A\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x39\x06\x03\x55\x1D\x1F\x04\x32\x30\x30\x30\x2E\xA0\x2C\xA0\x2A\x86\x28\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x6F\x72\x67\x2F\x73\x74\x72\x6F\x6E\x67\x73\x77\x61\x6E\x2E\x63\x72\x6C\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B\x05\x00\x03\x82\x01\x01\x00\x6D\x78\xD7\x66\x90\xA6\xEB\xDD\xB5\x09\x48\xA4\xDA\x27\xFA\xAC\xB1\xBC\x8F\x8C\xBE\xCC\x8C\x09\xA2\x40\x0D\x6C\x4A\xAE\x72\x22\x1E\xC8\xAF\x6D\xF1\x12\xAF\xD7\x40\x51\x79\xD4\xDD\xB2\x0C\xDB\x97\x84\xB6\x24\xD5\xF5\xA8\xBB\xC0\x4B\xF9\x7F\x71\xF7\xB0\x65\x42\x4A\x7D\xFE\x76\x7E\x05\xD2\x46\xB8\x7D\xB3\x39\x4C\x5C\xB1\xFA\xB9\xEE\x3B\x70\x33\x39\x57\x1A\xB9\x95\x51\x33\x00\x25\x1B\x4C\xAA\xB4\xA7\x55\xAF\x63\x6D\x6F\x88\x17\x6A\x7F\xB0\x97\xDE\x49\x14\x6A\x27\x6A\xB0\x42\x80\xD6\xA6\x9B\xEF\x04\x5E\x11\x7D\xD5\x8E\x54\x20\xA2\x76\xD4\x66\x58\xAC\x9C\x12\xD3\xF5\xCA\x54\x98\xCA\x21\xEC\xC1\x55\xA1\x2F\x68\x0B\x5D\x04\x50\xD2\x5E\x70\x25\xD8\x13\xD9\x44\x51\x0E\x8A\x42\x08\x18\x84\xE6\x61\xCE\x5A\x7D\x7B\x81\x35\x90\xC3\xD4\x9D\x19\xB6\x37\xEE\x8F\x63\x5C\xDA\xD8\xF0\x64\x60\x39\xEB\x9B\x1C\x54\x66\x75\x76\xB5\x0A\x58\xB9\x3F\x91\xE1\x21\x9C\xA0\x50\x15\x97\xB6\x7E\x41\xBC\xD0\xC4\x21\x4C\xF5\xD7\xF0\x13\xF8\x77\xE9\x74\xC4\x8A\x0E\x20\x17\x32\xAE\x38\xC2\xA5\xA8\x62\x85\x17\xB1\xA2\xD3\x22\x9F\x95\xB7\xA3\x4C" -static gnutls_datum_t ocsp_resp1 = - { (unsigned char *)RESP1, sizeof(RESP1) - 1 }; +static gnutls_datum_t ocsp_resp1 = { (unsigned char *)RESP1, + sizeof(RESP1) - 1 }; -# define RESP3 "\x30\x82\x01\xd3\x0a\x01\x00\xa0\x82\x01\xcc\x30\x82\x01\xc8\x06\x09\x2b\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x01\xb9\x30\x82\x01\xb5\x30\x81\x9e\xa2\x16\x04\x14\x50\xea\x73\x89\xdb\x29\xfb\x10\x8f\x9e\xe5\x01\x20\xd4\xde\x79\x99\x48\x83\xf7\x18\x0f\x32\x30\x31\x34\x30\x39\x30\x34\x30\x35\x34\x39\x30\x30\x5a\x30\x73\x30\x71\x30\x49\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\xed\x48\xad\xdd\xcb\x7b\x00\xe2\x0e\x84\x2a\xa9\xb4\x09\xf1\xac\x30\x34\xcf\x96\x04\x14\x50\xea\x73\x89\xdb\x29\xfb\x10\x8f\x9e\xe5\x01\x20\xd4\xde\x79\x99\x48\x83\xf7\x02\x10\x02\x01\x48\x91\x5d\xfd\x5e\xb6\xe0\x02\x90\xa9\x67\xb0\xe4\x64\x80\x00\x18\x0f\x32\x30\x31\x34\x30\x39\x30\x34\x30\x35\x34\x39\x30\x30\x5a\xa0\x11\x18\x0f\x32\x30\x31\x34\x30\x39\x31\x31\x30\x36\x30\x34\x30\x30\x5a\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x6e\x5e\x5e\x81\xff\x3f\x4d\xc7\x53\xc7\x1b\xf3\xd3\x1d\xdc\x9a\xc7\xce\x77\x2c\x67\x56\x13\x98\x91\x02\x01\x76\xdc\x48\xb2\x1f\x9b\x17\xea\xbf\x2c\x0a\xf5\x1d\x98\x90\x3c\x5f\x55\xc2\xff\x4b\x9a\xbc\xa6\x83\x9e\xab\x2b\xeb\x9d\x01\xea\x3b\x5f\xbe\x03\x29\x70\x63\x2a\xa4\x1d\xa8\xab\x69\xb2\x64\xba\x5d\x73\x91\x5c\x92\xf3\x69\xd4\xc9\x39\x9c\x7c\x7d\xa2\x47\x92\xc2\x56\xfe\xa1\x0d\x4a\x69\xff\xda\x48\xc5\x5e\xd8\xab\x39\x88\x6a\x06\xfa\x07\x57\xd6\x48\xb5\xce\xc9\x5f\xa5\x96\xfe\x37\x18\x5e\x7f\x35\x51\xc1\x9e\x79\x5a\x26\xba\x67\x67\x38\x2a\x80\x75\x42\x99\x68\x3e\xec\x2f\x7e\x2d\xa1\xa6\xbe\x9f\x01\x51\x22\x88\x3a\xc9\x9c\xed\x51\xef\x21\x66\x7e\xa9\xd0\x3f\x13\x9c\xbb\xd2\x94\x14\x6f\x4b\xd9\xc4\xf5\x2c\xf5\x7d\x07\x68\xf3\x51\xac\xda\xc2\x09\x66\xa9\x3d\xed\xad\x02\x4d\x9c\x11\x29\x1a\x54\xfb\x1e\x7e\x36\xf4\xbb\x0d\x08\x8c\x6a\x42\x08\x10\x29\x08\x7c\x56\x0b\x18\x47\xff\x87\x11\xfd\xb2\xfb\xc9\x22\x7f\xe3\x1f\x7b\xf9\x98\xaa\x3a\x32\xb6\x2f\x02\xba\xb6\xc1\xdc\xc3\x5d\xb5\x4b\xae\x5d\x29\x6a\x31\xde\xcd" -static gnutls_datum_t ocsp_resp2 = - { (unsigned char *)RESP3, sizeof(RESP3) - 1 }; +#define RESP3 \ + "\x30\x82\x01\xd3\x0a\x01\x00\xa0\x82\x01\xcc\x30\x82\x01\xc8\x06\x09\x2b\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x01\xb9\x30\x82\x01\xb5\x30\x81\x9e\xa2\x16\x04\x14\x50\xea\x73\x89\xdb\x29\xfb\x10\x8f\x9e\xe5\x01\x20\xd4\xde\x79\x99\x48\x83\xf7\x18\x0f\x32\x30\x31\x34\x30\x39\x30\x34\x30\x35\x34\x39\x30\x30\x5a\x30\x73\x30\x71\x30\x49\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\xed\x48\xad\xdd\xcb\x7b\x00\xe2\x0e\x84\x2a\xa9\xb4\x09\xf1\xac\x30\x34\xcf\x96\x04\x14\x50\xea\x73\x89\xdb\x29\xfb\x10\x8f\x9e\xe5\x01\x20\xd4\xde\x79\x99\x48\x83\xf7\x02\x10\x02\x01\x48\x91\x5d\xfd\x5e\xb6\xe0\x02\x90\xa9\x67\xb0\xe4\x64\x80\x00\x18\x0f\x32\x30\x31\x34\x30\x39\x30\x34\x30\x35\x34\x39\x30\x30\x5a\xa0\x11\x18\x0f\x32\x30\x31\x34\x30\x39\x31\x31\x30\x36\x30\x34\x30\x30\x5a\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x6e\x5e\x5e\x81\xff\x3f\x4d\xc7\x53\xc7\x1b\xf3\xd3\x1d\xdc\x9a\xc7\xce\x77\x2c\x67\x56\x13\x98\x91\x02\x01\x76\xdc\x48\xb2\x1f\x9b\x17\xea\xbf\x2c\x0a\xf5\x1d\x98\x90\x3c\x5f\x55\xc2\xff\x4b\x9a\xbc\xa6\x83\x9e\xab\x2b\xeb\x9d\x01\xea\x3b\x5f\xbe\x03\x29\x70\x63\x2a\xa4\x1d\xa8\xab\x69\xb2\x64\xba\x5d\x73\x91\x5c\x92\xf3\x69\xd4\xc9\x39\x9c\x7c\x7d\xa2\x47\x92\xc2\x56\xfe\xa1\x0d\x4a\x69\xff\xda\x48\xc5\x5e\xd8\xab\x39\x88\x6a\x06\xfa\x07\x57\xd6\x48\xb5\xce\xc9\x5f\xa5\x96\xfe\x37\x18\x5e\x7f\x35\x51\xc1\x9e\x79\x5a\x26\xba\x67\x67\x38\x2a\x80\x75\x42\x99\x68\x3e\xec\x2f\x7e\x2d\xa1\xa6\xbe\x9f\x01\x51\x22\x88\x3a\xc9\x9c\xed\x51\xef\x21\x66\x7e\xa9\xd0\x3f\x13\x9c\xbb\xd2\x94\x14\x6f\x4b\xd9\xc4\xf5\x2c\xf5\x7d\x07\x68\xf3\x51\xac\xda\xc2\x09\x66\xa9\x3d\xed\xad\x02\x4d\x9c\x11\x29\x1a\x54\xfb\x1e\x7e\x36\xf4\xbb\x0d\x08\x8c\x6a\x42\x08\x10\x29\x08\x7c\x56\x0b\x18\x47\xff\x87\x11\xfd\xb2\xfb\xc9\x22\x7f\xe3\x1f\x7b\xf9\x98\xaa\x3a\x32\xb6\x2f\x02\xba\xb6\xc1\xdc\xc3\x5d\xb5\x4b\xae\x5d\x29\x6a\x31\xde\xcd" +static gnutls_datum_t ocsp_resp2 = { (unsigned char *)RESP3, + sizeof(RESP3) - 1 }; static void check_response(gnutls_session_t session, void *priv) { @@ -84,7 +86,8 @@ static void check_response(gnutls_session_t session, void *priv) } if (resp.size != ocsp->size) { - fail("did not receive the expected response size for %d\n", i); + fail("did not receive the expected response size for %d\n", + i); } if (memcmp(resp.data, ocsp->data, resp.size) != 0) { @@ -94,7 +97,8 @@ static void check_response(gnutls_session_t session, void *priv) } if (i != 1) { - fail("The number of OCSP responses received (%d) does not match the expected (%d)\n", i, 1); + fail("The number of OCSP responses received (%d) does not match the expected (%d)\n", + i, 1); } } @@ -115,7 +119,7 @@ void doit(void) char certname2[TMPNAME_SIZE]; char certname3[TMPNAME_SIZE]; FILE *fp; - unsigned index1, index2; /* indexes of certs */ + unsigned index1, index2; /* indexes of certs */ global_init(); gnutls_global_set_time_function(mytime); @@ -135,17 +139,14 @@ void doit(void) fp = fopen(certfile1, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite - (server_localhost_ca3_cert_chain_pem, 1, - strlen(server_localhost_ca3_cert_chain_pem), fp) > 0); - assert(fwrite - (server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), - fp) > 0); + assert(fwrite(server_localhost_ca3_cert_chain_pem, 1, + strlen(server_localhost_ca3_cert_chain_pem), fp) > 0); + assert(fwrite(server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), + fp) > 0); fclose(fp); - ret = gnutls_certificate_set_x509_key_file2(xcred, certfile1, certfile1, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_certificate_set_x509_key_file2( + xcred, certfile1, certfile1, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); @@ -158,9 +159,8 @@ void doit(void) assert(fwrite(cli_ca3_cert_pem, 1, strlen(cli_ca3_cert_pem), fp) > 0); assert(fwrite(cli_ca3_key_pem, 1, strlen(cli_ca3_key_pem), fp) > 0); fclose(fp); - ret = - gnutls_certificate_set_x509_key_file2(clicred, certfile2, certfile2, - GNUTLS_X509_FMT_PEM, NULL, 0); + ret = gnutls_certificate_set_x509_key_file2( + clicred, certfile2, certfile2, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); index1 = ret; @@ -173,28 +173,23 @@ void doit(void) assert(fwrite(key_pem, 1, strlen((char *)key_pem), fp) > 0); fclose(fp); - ret = - gnutls_certificate_set_x509_key_file2(clicred, certfile3, certfile3, - GNUTLS_X509_FMT_PEM, NULL, 0); + ret = gnutls_certificate_set_x509_key_file2( + clicred, certfile3, certfile3, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); index2 = ret; - gnutls_certificate_set_flags(clicred, - GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK); + gnutls_certificate_set_flags( + clicred, GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK); /* set OCSP response1 */ - ret = - gnutls_certificate_set_ocsp_status_request_mem(clicred, &ocsp_resp2, - index2, - GNUTLS_X509_FMT_DER); + ret = gnutls_certificate_set_ocsp_status_request_mem( + clicred, &ocsp_resp2, index2, GNUTLS_X509_FMT_DER); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); /* set OCSP response2 */ - ret = - gnutls_certificate_set_ocsp_status_request_mem(clicred, &ocsp_resp1, - index1, - GNUTLS_X509_FMT_DER); + ret = gnutls_certificate_set_ocsp_status_request_mem( + clicred, &ocsp_resp1, index1, GNUTLS_X509_FMT_DER); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); @@ -206,23 +201,20 @@ void doit(void) GNUTLS_VERIFY_DISABLE_CRL_CHECKS) fail("error in gnutls_certificate_set_verify_flags\n"); - ret = - gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in setting trust cert: %s\n", gnutls_strerror(ret)); } - ret = - gnutls_certificate_set_x509_trust_mem(xcred, &subca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(xcred, &subca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in setting trust cert: %s\n", gnutls_strerror(ret)); } _test_cli_serv(xcred, clicred, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", - "localhost", + "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", "localhost", &ocsp_resp1, NULL, check_response, 0, 1, 0, 0); gnutls_certificate_free_credentials(xcred); diff --git a/tests/tls13/post-handshake-with-cert-auto.c b/tests/tls13/post-handshake-with-cert-auto.c index 6d98af34e5..77539d9f39 100644 --- a/tests/tls13/post-handshake-with-cert-auto.c +++ b/tests/tls13/post-handshake-with-cert-auto.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,23 +35,23 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "cert-common.h" -# include "tls13/ext-parse.h" -# include "utils.h" +#include "cert-common.h" +#include "tls13/ext-parse.h" +#include "utils.h" -# define MAX_AUTHS 4 +#define MAX_AUTHS 4 /* This program tests whether the Post Handshake Auth extension is * present in the client hello, and whether it is missing from server @@ -69,8 +69,8 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 -# define MAX_APP_DATA 3 +#define MAX_BUF 1024 +#define MAX_APP_DATA 3 static void client(int fd, unsigned send_cert, unsigned max_auths) { @@ -91,24 +91,23 @@ static void client(int fd, unsigned send_cert, unsigned max_auths) /* Initialize TLS session */ - assert(gnutls_init - (&session, - GNUTLS_CLIENT | GNUTLS_POST_HANDSHAKE_AUTH | GNUTLS_AUTO_REAUTH) - >= 0); + assert(gnutls_init(&session, GNUTLS_CLIENT | + GNUTLS_POST_HANDSHAKE_AUTH | + GNUTLS_AUTO_REAUTH) >= 0); gnutls_handshake_set_timeout(session, get_timeout()); - ret = - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", - NULL); + ret = gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", + NULL); if (ret < 0) fail("cannot set TLS 1.3 priorities\n"); if (send_cert) { - assert(gnutls_certificate_set_x509_key_mem - (x509_cred, &cli_ca3_cert, &cli_ca3_key, - GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + x509_cred, &cli_ca3_cert, &cli_ca3_key, + GNUTLS_X509_FMT_PEM) >= 0); } gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -119,8 +118,7 @@ static void client(int fd, unsigned send_cert, unsigned max_auths) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret != 0) fail("handshake failed: %s\n", gnutls_strerror(ret)); @@ -139,7 +137,8 @@ static void client(int fd, unsigned send_cert, unsigned max_auths) } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret < 0) - fail("client: gnutls_record_recv did not succeed as expected: %s\n", gnutls_strerror(ret)); + fail("client: gnutls_record_recv did not succeed as expected: %s\n", + gnutls_strerror(ret)); } assert(ret == 0); @@ -160,9 +159,9 @@ static void client(int fd, unsigned send_cert, unsigned max_auths) static unsigned client_hello_ok = 0; static unsigned server_hello_ok = 0; -# define TLS_EXT_POST_HANDSHAKE 49 +#define TLS_EXT_POST_HANDSHAKE 49 -static void parse_ext(void *priv, gnutls_datum_t * msg) +static void parse_ext(void *priv, gnutls_datum_t *msg) { if (msg->size != 0) { fail("error in extension length: %d\n", (int)msg->size); @@ -171,11 +170,12 @@ static void parse_ext(void *priv, gnutls_datum_t * msg) static int hellos_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { - if (htype == GNUTLS_HANDSHAKE_SERVER_HELLO && post == GNUTLS_HOOK_POST) { - if (find_server_extension - (msg, TLS_EXT_POST_HANDSHAKE, NULL, NULL)) { + if (htype == GNUTLS_HANDSHAKE_SERVER_HELLO && + post == GNUTLS_HOOK_POST) { + if (find_server_extension(msg, TLS_EXT_POST_HANDSHAKE, NULL, + NULL)) { fail("Post handshake extension seen in server hello!\n"); } server_hello_ok = 1; @@ -238,9 +238,8 @@ static void server(int fd, int err, int type, unsigned max_auths) if (ret != 0) fail("handshake failed: %s\n", gnutls_strerror(ret)); - if (! - (gnutls_session_get_flags(session) & - GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH)) { + if (!(gnutls_session_get_flags(session) & + GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH)) { fail("server: session flags did not contain GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH\n"); } @@ -268,18 +267,17 @@ static void server(int fd, int err, int type, unsigned max_auths) if (ret == GNUTLS_E_GOT_APPLICATION_DATA) { int ret2; do { - ret2 = - gnutls_record_recv(session, buffer, - sizeof(buffer)); - } while (ret2 == GNUTLS_E_AGAIN - || ret2 == GNUTLS_E_INTERRUPTED); + ret2 = gnutls_record_recv(session, buffer, + sizeof(buffer)); + } while (ret2 == GNUTLS_E_AGAIN || + ret2 == GNUTLS_E_INTERRUPTED); if (ret2 < 0) fail("error receiving app data: %s\n", gnutls_strerror(ret2)); /* sender memsets the message with the retry attempt */ - assert((uint8_t) buffer[0] == retries); + assert((uint8_t)buffer[0] == retries); assert(retries < MAX_APP_DATA); } @@ -306,7 +304,8 @@ static void server(int fd, int err, int type, unsigned max_auths) gnutls_strerror(err), gnutls_strerror(ret)); } else if (ret != 0) - fail("server: gnutls_reauth did not succeed as expected: %s\n", gnutls_strerror(ret)); + fail("server: gnutls_reauth did not succeed as expected: %s\n", + gnutls_strerror(ret)); } do { @@ -324,9 +323,8 @@ static void server(int fd, int err, int type, unsigned max_auths) success("server: client/server hello were verified\n"); } -static -void start(const char *name, int err, int type, unsigned max_auths, - unsigned send_cert) +static void start(const char *name, int err, int type, unsigned max_auths, + unsigned send_cert) { int fd[2]; int ret; @@ -366,7 +364,6 @@ void start(const char *name, int err, int type, unsigned max_auths, client(fd[1], send_cert, max_auths); exit(0); } - } void doit(void) @@ -376,4 +373,4 @@ void doit(void) GNUTLS_CERT_REQUIRE, 1, 0); start("reauth-request with no-cert", 0, GNUTLS_CERT_REQUEST, 1, 0); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/post-handshake-with-cert-pkcs11.c b/tests/tls13/post-handshake-with-cert-pkcs11.c index 8361008fc8..5edaff8c45 100644 --- a/tests/tls13/post-handshake-with-cert-pkcs11.c +++ b/tests/tls13/post-handshake-with-cert-pkcs11.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,22 +35,22 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "tls13/ext-parse.h" -# include "pkcs11/softhsm.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "tls13/ext-parse.h" +#include "pkcs11/softhsm.h" +#include "utils.h" /* This program tests whether the Post Handshake Auth extension is * present in the client hello, and whether it is missing from server @@ -68,18 +68,18 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 +#define MAX_BUF 1024 -# define P11LIB "libpkcs11mock2.so" +#define P11LIB "libpkcs11mock2.so" -# define PIN "1234" +#define PIN "1234" -# define CONFIG_NAME "softhsm-post-handshake-with-cert-pkcs11" -# define CONFIG CONFIG_NAME".config" +#define CONFIG_NAME "softhsm-post-handshake-with-cert-pkcs11" +#define CONFIG CONFIG_NAME ".config" -static -int pin_func(void *userdata, int attempt, const char *url, const char *label, - unsigned flags, char *pin, size_t pin_max) +static int pin_func(void *userdata, int attempt, const char *url, + const char *label, unsigned flags, char *pin, + size_t pin_max) { if (attempt == 0) { strcpy(pin, PIN); @@ -129,15 +129,15 @@ static void client(int fd, int err) ret = gnutls_x509_crt_init(&crt); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_init: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crt_init: %s\n", + gnutls_strerror(ret)); exit(1); } ret = gnutls_x509_crt_import(crt, &cli_ca3_cert, GNUTLS_X509_FMT_PEM); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_crt_import: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_crt_import: %s\n", + gnutls_strerror(ret)); exit(1); } @@ -150,16 +150,15 @@ static void client(int fd, int err) ret = gnutls_x509_privkey_init(&key); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_privkey_init: %s\n", gnutls_strerror(ret)); + fprintf(stderr, "gnutls_x509_privkey_init: %s\n", + gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_privkey_import(key, &cli_ca3_key, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import(key, &cli_ca3_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { - fprintf(stderr, - "gnutls_x509_privkey_import: %s\n", + fprintf(stderr, "gnutls_x509_privkey_import: %s\n", gnutls_strerror(ret)); exit(1); } @@ -171,9 +170,8 @@ static void client(int fd, int err) exit(1); } - ret = - gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, - GNUTLS_PIN_USER); + ret = gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN, + GNUTLS_PIN_USER); if (ret < 0) { fail("gnutls_pkcs11_token_set_pin: %s\n", gnutls_strerror(ret)); exit(1); @@ -181,20 +179,18 @@ static void client(int fd, int err) ret = gnutls_pkcs11_copy_x509_crt(SOFTHSM_URL, crt, "cert", GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE | - GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_crt: %s\n", gnutls_strerror(ret)); exit(1); } - ret = - gnutls_pkcs11_copy_x509_privkey(SOFTHSM_URL, key, "cert", - GNUTLS_KEY_DIGITAL_SIGNATURE | - GNUTLS_KEY_KEY_ENCIPHERMENT, - GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE - | - GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE - | GNUTLS_PKCS11_OBJ_FLAG_LOGIN); + ret = gnutls_pkcs11_copy_x509_privkey( + SOFTHSM_URL, key, "cert", + GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT, + GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE | + GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE | + GNUTLS_PKCS11_OBJ_FLAG_LOGIN); if (ret < 0) { fail("gnutls_pkcs11_copy_x509_privkey: %s\n", gnutls_strerror(ret)); @@ -208,27 +204,23 @@ static void client(int fd, int err) /* Initialize TLS session */ - assert(gnutls_init - (&session, - GNUTLS_CLIENT | GNUTLS_POST_HANDSHAKE_AUTH | GNUTLS_AUTO_REAUTH) - >= 0); + assert(gnutls_init(&session, GNUTLS_CLIENT | + GNUTLS_POST_HANDSHAKE_AUTH | + GNUTLS_AUTO_REAUTH) >= 0); gnutls_handshake_set_timeout(session, get_timeout()); - ret = - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-SIGN-RSA-SHA256", - NULL); + ret = gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-TLS1.3:-SIGN-RSA-SHA256", + NULL); if (ret < 0) fail("cannot set TLS 1.3 priorities\n"); - assert(gnutls_certificate_set_x509_key_file(x509_cred, - SOFTHSM_URL - ";object=cert;object-type=cert", - SOFTHSM_URL - ";object=cert;object-type=private;pin-value=" - PIN, - GNUTLS_X509_FMT_DER) >= 0); + assert(gnutls_certificate_set_x509_key_file( + x509_cred, SOFTHSM_URL ";object=cert;object-type=cert", + SOFTHSM_URL + ";object=cert;object-type=private;pin-value=" PIN, + GNUTLS_X509_FMT_DER) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -238,8 +230,7 @@ static void client(int fd, int err) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret != 0) fail("handshake failed: %s\n", gnutls_strerror(ret)); @@ -261,7 +252,8 @@ static void client(int fd, int err) fail("client: expected error %s, got: %s\n", gnutls_strerror(err), gnutls_strerror(ret)); } else if (ret < 0) - fail("client: gnutls_record_recv did not succeed as expected: %s\n", gnutls_strerror(ret)); + fail("client: gnutls_record_recv did not succeed as expected: %s\n", + gnutls_strerror(ret)); do { ret = gnutls_bye(session, GNUTLS_SHUT_WR); @@ -279,9 +271,9 @@ static void client(int fd, int err) static unsigned client_hello_ok = 0; static unsigned server_hello_ok = 0; -# define TLS_EXT_POST_HANDSHAKE 49 +#define TLS_EXT_POST_HANDSHAKE 49 -static void parse_ext(void *priv, gnutls_datum_t * msg) +static void parse_ext(void *priv, gnutls_datum_t *msg) { if (msg->size != 0) { fail("error in extension length: %d\n", (int)msg->size); @@ -290,11 +282,12 @@ static void parse_ext(void *priv, gnutls_datum_t * msg) static int hellos_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { - if (htype == GNUTLS_HANDSHAKE_SERVER_HELLO && post == GNUTLS_HOOK_POST) { - if (find_server_extension - (msg, TLS_EXT_POST_HANDSHAKE, NULL, NULL)) { + if (htype == GNUTLS_HANDSHAKE_SERVER_HELLO && + post == GNUTLS_HOOK_POST) { + if (find_server_extension(msg, TLS_EXT_POST_HANDSHAKE, NULL, + NULL)) { fail("Post handshake extension seen in server hello!\n"); } server_hello_ok = 1; @@ -357,9 +350,8 @@ static void server(int fd, int err, int type) if (ret != 0) fail("handshake failed: %s\n", gnutls_strerror(ret)); - if (! - (gnutls_session_get_flags(session) & - GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH)) { + if (!(gnutls_session_get_flags(session) & + GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH)) { fail("server: session flags did not contain GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH\n"); } @@ -404,8 +396,7 @@ static void server(int fd, int err, int type) success("server: client/server hello were verified\n"); } -static -void start(const char *name, int err, int cli_err, int type) +static void start(const char *name, int err, int cli_err, int type) { int fd[2]; int ret; @@ -445,7 +436,6 @@ void start(const char *name, int err, int cli_err, int type) client(fd[1], cli_err); exit(0); } - } void doit(void) @@ -464,12 +454,13 @@ void doit(void) set_softhsm_conf(CONFIG); snprintf(buf, sizeof(buf), - "%s --init-token --slot 0 --label test --so-pin " PIN " --pin " - PIN, bin); + "%s --init-token --slot 0 --label test --so-pin " PIN + " --pin " PIN, + bin); system(buf); start("reauth-require", GNUTLS_E_CERTIFICATE_REQUIRED, GNUTLS_E_SUCCESS, GNUTLS_CERT_REQUIRE); start("reauth-request", 0, GNUTLS_E_SUCCESS, GNUTLS_CERT_REQUEST); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/post-handshake-with-cert-ticket.c b/tests/tls13/post-handshake-with-cert-ticket.c index 2d4f4c3a52..127ca8a17b 100644 --- a/tests/tls13/post-handshake-with-cert-ticket.c +++ b/tests/tls13/post-handshake-with-cert-ticket.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,21 +35,21 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "../lib/handshake-defs.h" -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "../lib/handshake-defs.h" +#include "cert-common.h" +#include "utils.h" /* This program tests whether the certificate seen in Post Handshake Auth * is found in a resumed session under TLS 1.3. @@ -68,7 +68,7 @@ static void client_log_func(int level, const char *str) static unsigned tickets_seen = 0; static int ticket_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { gnutls_datum *d; static int counter = 0; @@ -77,7 +77,8 @@ static int ticket_callback(gnutls_session_t session, unsigned int htype, assert(htype == GNUTLS_HANDSHAKE_NEW_SESSION_TICKET); counter++; - if (counter <= TLS13_TICKETS_TO_SEND) /* ignore the default tickets sent */ + if (counter <= + TLS13_TICKETS_TO_SEND) /* ignore the default tickets sent */ return 0; d = gnutls_session_get_ptr(session); @@ -115,30 +116,29 @@ static void client(int fd, unsigned tickets) assert(gnutls_certificate_allocate_credentials(&x509_cred) >= 0); - retry: +retry: /* Initialize TLS session */ - assert(gnutls_init(&session, GNUTLS_CLIENT | GNUTLS_POST_HANDSHAKE_AUTH) - >= 0); + assert(gnutls_init(&session, + GNUTLS_CLIENT | GNUTLS_POST_HANDSHAKE_AUTH) >= 0); gnutls_handshake_set_timeout(session, get_timeout()); - ret = - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", - NULL); + ret = gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", + NULL); if (ret < 0) fail("cannot set TLS 1.3 priorities\n"); if (try == 0) { gnutls_session_set_ptr(session, &session_data); - gnutls_handshake_set_hook_function(session, - GNUTLS_HANDSHAKE_NEW_SESSION_TICKET, - GNUTLS_HOOK_BOTH, - ticket_callback); + gnutls_handshake_set_hook_function( + session, GNUTLS_HANDSHAKE_NEW_SESSION_TICKET, + GNUTLS_HOOK_BOTH, ticket_callback); } else { - assert(gnutls_session_set_data - (session, session_data.data, session_data.size) >= 0); + assert(gnutls_session_set_data(session, session_data.data, + session_data.size) >= 0); } gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -149,16 +149,15 @@ static void client(int fd, unsigned tickets) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret != 0) fail("handshake failed: %s\n", gnutls_strerror(ret)); if (try == 0) { - assert(gnutls_certificate_set_x509_key_mem - (x509_cred, &cli_ca3_cert, &cli_ca3_key, - GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + x509_cred, &cli_ca3_cert, &cli_ca3_key, + GNUTLS_X509_FMT_PEM) >= 0); do { ret = gnutls_record_recv(session, buf, sizeof(buf)); @@ -176,7 +175,8 @@ static void client(int fd, unsigned tickets) } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret != 0) - fail("client: gnutls_reauth did not succeed as expected: %s\n", gnutls_strerror(ret)); + fail("client: gnutls_reauth did not succeed as expected: %s\n", + gnutls_strerror(ret)); } else { assert(gnutls_session_is_resumed(session) != 0); } @@ -206,7 +206,7 @@ static void client(int fd, unsigned tickets) gnutls_global_deinit(); } -static void compare(const gnutls_datum_t * der, const void *ipem) +static void compare(const gnutls_datum_t *der, const void *ipem) { gnutls_datum_t pem = { (void *)ipem, strlen((char *)ipem) }; gnutls_datum_t new_der; @@ -217,8 +217,8 @@ static void compare(const gnutls_datum_t * der, const void *ipem) fail("error: %s\n", gnutls_strerror(ret)); } - if (der->size != new_der.size - || memcmp(der->data, new_der.data, der->size) != 0) { + if (der->size != new_der.size || + memcmp(der->data, new_der.data, der->size) != 0) { fail("error in %d: %s\n", __LINE__, "cert don't match"); exit(1); } @@ -250,14 +250,14 @@ static void server(int fd, unsigned tickets) gnutls_certificate_set_x509_key_mem(x509_cred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); - assert(gnutls_init(&session, GNUTLS_SERVER | GNUTLS_POST_HANDSHAKE_AUTH) - >= 0); + assert(gnutls_init(&session, + GNUTLS_SERVER | GNUTLS_POST_HANDSHAKE_AUTH) >= 0); assert(gnutls_session_ticket_enable_server(session, &skey) >= 0); gnutls_handshake_set_timeout(session, get_timeout()); - assert(gnutls_priority_set_direct(session, "NORMAL:+VERS-TLS1.3", NULL) - >= 0); + assert(gnutls_priority_set_direct(session, "NORMAL:+VERS-TLS1.3", + NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -299,13 +299,13 @@ static void server(int fd, unsigned tickets) /* resume session */ - assert(gnutls_init(&session, GNUTLS_SERVER | GNUTLS_POST_HANDSHAKE_AUTH) - >= 0); + assert(gnutls_init(&session, + GNUTLS_SERVER | GNUTLS_POST_HANDSHAKE_AUTH) >= 0); assert(gnutls_session_ticket_enable_server(session, &skey) >= 0); gnutls_handshake_set_timeout(session, get_timeout()); - assert(gnutls_priority_set_direct(session, "NORMAL:+VERS-TLS1.3", NULL) - >= 0); + assert(gnutls_priority_set_direct(session, "NORMAL:+VERS-TLS1.3", + NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -381,7 +381,6 @@ static void start(const char *name, unsigned tickets) client(fd[1], tickets); exit(0); } - } void doit(void) @@ -394,4 +393,4 @@ void doit(void) start("8 tickets", 8); start("16 tickets", 16); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/post-handshake-with-cert.c b/tests/tls13/post-handshake-with-cert.c index 4256594eb1..e6f1c1ad39 100644 --- a/tests/tls13/post-handshake-with-cert.c +++ b/tests/tls13/post-handshake-with-cert.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,23 +35,23 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "cert-common.h" -# include "tls13/ext-parse.h" -# include "utils.h" +#include "cert-common.h" +#include "tls13/ext-parse.h" +#include "utils.h" -# define MAX_AUTHS 4 +#define MAX_AUTHS 4 /* This program tests whether the Post Handshake Auth extension is * present in the client hello, and whether it is missing from server @@ -69,8 +69,8 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 -# define MAX_APP_DATA 3 +#define MAX_BUF 1024 +#define MAX_APP_DATA 3 static void client(int fd, unsigned send_cert, unsigned max_auths) { @@ -91,22 +91,22 @@ static void client(int fd, unsigned send_cert, unsigned max_auths) /* Initialize TLS session */ - assert(gnutls_init(&session, GNUTLS_CLIENT | GNUTLS_POST_HANDSHAKE_AUTH) - >= 0); + assert(gnutls_init(&session, + GNUTLS_CLIENT | GNUTLS_POST_HANDSHAKE_AUTH) >= 0); gnutls_handshake_set_timeout(session, get_timeout()); - ret = - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", - NULL); + ret = gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", + NULL); if (ret < 0) fail("cannot set TLS 1.3 priorities\n"); if (send_cert) { - assert(gnutls_certificate_set_x509_key_mem - (x509_cred, &cli_ca3_cert, &cli_ca3_key, - GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + x509_cred, &cli_ca3_cert, &cli_ca3_key, + GNUTLS_X509_FMT_PEM) >= 0); } gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -117,8 +117,7 @@ static void client(int fd, unsigned send_cert, unsigned max_auths) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret != 0) fail("handshake failed: %s\n", gnutls_strerror(ret)); @@ -146,11 +145,10 @@ static void client(int fd, unsigned send_cert, unsigned max_auths) for (j = 0; j < MAX_APP_DATA; j++) { memset(buf, j, sizeof(buf)); do { - ret = - gnutls_record_send(session, buf, - sizeof(buf)); - } while (ret == GNUTLS_E_AGAIN - || ret == GNUTLS_E_INTERRUPTED); + ret = gnutls_record_send(session, buf, + sizeof(buf)); + } while (ret == GNUTLS_E_AGAIN || + ret == GNUTLS_E_INTERRUPTED); assert(ret >= 0); } } @@ -162,7 +160,8 @@ static void client(int fd, unsigned send_cert, unsigned max_auths) } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret != 0) - fail("client: gnutls_reauth %d did not succeed as expected: %s\n", i, gnutls_strerror(ret)); + fail("client: gnutls_reauth %d did not succeed as expected: %s\n", + i, gnutls_strerror(ret)); } close(fd); @@ -177,9 +176,9 @@ static void client(int fd, unsigned send_cert, unsigned max_auths) static unsigned client_hello_ok = 0; static unsigned server_hello_ok = 0; -# define TLS_EXT_POST_HANDSHAKE 49 +#define TLS_EXT_POST_HANDSHAKE 49 -static void parse_ext(void *priv, gnutls_datum_t * msg) +static void parse_ext(void *priv, gnutls_datum_t *msg) { if (msg->size != 0) { fail("error in extension length: %d\n", (int)msg->size); @@ -188,11 +187,12 @@ static void parse_ext(void *priv, gnutls_datum_t * msg) static int hellos_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { - if (htype == GNUTLS_HANDSHAKE_SERVER_HELLO && post == GNUTLS_HOOK_POST) { - if (find_server_extension - (msg, TLS_EXT_POST_HANDSHAKE, NULL, NULL)) { + if (htype == GNUTLS_HANDSHAKE_SERVER_HELLO && + post == GNUTLS_HOOK_POST) { + if (find_server_extension(msg, TLS_EXT_POST_HANDSHAKE, NULL, + NULL)) { fail("Post handshake extension seen in server hello!\n"); } server_hello_ok = 1; @@ -255,9 +255,8 @@ static void server(int fd, int err, int type, unsigned max_auths, int child) if (ret != 0) fail("handshake failed: %s\n", gnutls_strerror(ret)); - if (! - (gnutls_session_get_flags(session) & - GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH)) { + if (!(gnutls_session_get_flags(session) & + GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH)) { fail("server: session flags did not contain GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH\n"); } @@ -285,18 +284,17 @@ static void server(int fd, int err, int type, unsigned max_auths, int child) if (ret == GNUTLS_E_GOT_APPLICATION_DATA) { int ret2; do { - ret2 = - gnutls_record_recv(session, buffer, - sizeof(buffer)); - } while (ret2 == GNUTLS_E_AGAIN - || ret2 == GNUTLS_E_INTERRUPTED); + ret2 = gnutls_record_recv(session, buffer, + sizeof(buffer)); + } while (ret2 == GNUTLS_E_AGAIN || + ret2 == GNUTLS_E_INTERRUPTED); if (ret2 < 0) fail("error receiving app data: %s\n", gnutls_strerror(ret2)); /* sender memsets the message with the retry attempt */ - assert((uint8_t) buffer[0] == retries); + assert((uint8_t)buffer[0] == retries); assert(retries < MAX_APP_DATA); } @@ -323,7 +321,8 @@ static void server(int fd, int err, int type, unsigned max_auths, int child) gnutls_strerror(err), gnutls_strerror(ret)); } else if (ret != 0) - fail("server: gnutls_reauth did not succeed as expected: %s\n", gnutls_strerror(ret)); + fail("server: gnutls_reauth did not succeed as expected: %s\n", + gnutls_strerror(ret)); } waitpid(child, NULL, 0); @@ -347,9 +346,8 @@ static void ch_handler(int sig) return; } -static -void start(const char *name, int err, int type, unsigned max_auths, - unsigned send_cert) +static void start(const char *name, int err, int type, unsigned max_auths, + unsigned send_cert) { int fd[2]; int ret; @@ -385,7 +383,6 @@ void start(const char *name, int err, int type, unsigned max_auths, client(fd[1], send_cert, max_auths); exit(0); } - } void doit(void) @@ -395,4 +392,4 @@ void doit(void) GNUTLS_CERT_REQUIRE, 1, 0); start("reauth-request with no-cert", 0, GNUTLS_CERT_REQUEST, 1, 0); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/post-handshake-with-psk.c b/tests/tls13/post-handshake-with-psk.c index 6981bee7af..2333bd3ff6 100644 --- a/tests/tls13/post-handshake-with-psk.c +++ b/tests/tls13/post-handshake-with-psk.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,23 +35,23 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "cert-common.h" -# include "tls13/ext-parse.h" -# include "utils.h" +#include "cert-common.h" +#include "tls13/ext-parse.h" +#include "utils.h" -# define MAX_AUTHS 4 +#define MAX_AUTHS 4 /* This program tests whether the Post Handshake Auth would work * under PSK authentication. */ @@ -66,7 +66,7 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd, unsigned send_cert, unsigned max_auths) { @@ -93,22 +93,22 @@ static void client(int fd, unsigned send_cert, unsigned max_auths) /* Initialize TLS session */ - assert(gnutls_init(&session, GNUTLS_CLIENT | GNUTLS_POST_HANDSHAKE_AUTH) - >= 0); + assert(gnutls_init(&session, + GNUTLS_CLIENT | GNUTLS_POST_HANDSHAKE_AUTH) >= 0); gnutls_handshake_set_timeout(session, get_timeout()); - ret = - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0:+ECDHE-PSK:+PSK", - NULL); + ret = gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0:+ECDHE-PSK:+PSK", + NULL); if (ret < 0) fail("cannot set TLS 1.3 priorities\n"); if (send_cert) { - assert(gnutls_certificate_set_x509_key_mem - (x509_cred, &cli_ca3_cert, &cli_ca3_key, - GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_key_mem( + x509_cred, &cli_ca3_cert, &cli_ca3_key, + GNUTLS_X509_FMT_PEM) >= 0); } gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -120,8 +120,7 @@ static void client(int fd, unsigned send_cert, unsigned max_auths) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret != 0) fail("handshake failed: %s\n", gnutls_strerror(ret)); @@ -152,7 +151,8 @@ static void client(int fd, unsigned send_cert, unsigned max_auths) } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret != 0) - fail("client: gnutls_reauth did not succeed as expected: %s\n", gnutls_strerror(ret)); + fail("client: gnutls_reauth did not succeed as expected: %s\n", + gnutls_strerror(ret)); } close(fd); @@ -168,9 +168,9 @@ static void client(int fd, unsigned send_cert, unsigned max_auths) static unsigned client_hello_ok = 0; static unsigned server_hello_ok = 0; -# define TLS_EXT_POST_HANDSHAKE 49 +#define TLS_EXT_POST_HANDSHAKE 49 -static void parse_ext(void *priv, gnutls_datum_t * msg) +static void parse_ext(void *priv, gnutls_datum_t *msg) { if (msg->size != 0) { fail("error in extension length: %d\n", (int)msg->size); @@ -179,11 +179,12 @@ static void parse_ext(void *priv, gnutls_datum_t * msg) static int hellos_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { - if (htype == GNUTLS_HANDSHAKE_SERVER_HELLO && post == GNUTLS_HOOK_POST) { - if (find_server_extension - (msg, TLS_EXT_POST_HANDSHAKE, NULL, NULL)) { + if (htype == GNUTLS_HANDSHAKE_SERVER_HELLO && + post == GNUTLS_HOOK_POST) { + if (find_server_extension(msg, TLS_EXT_POST_HANDSHAKE, NULL, + NULL)) { fail("Post handshake extension seen in server hello!\n"); } server_hello_ok = 1; @@ -202,8 +203,8 @@ static int hellos_callback(gnutls_session_t session, unsigned int htype, return 0; } -static int -pskfunc(gnutls_session_t session, const char *username, gnutls_datum_t * key) +static int pskfunc(gnutls_session_t session, const char *username, + gnutls_datum_t *key) { if (debug) printf("psk: username %s\n", username); @@ -243,16 +244,16 @@ static void server(int fd, int err, int type, unsigned max_auths) &server_key, GNUTLS_X509_FMT_PEM) >= 0); - assert(gnutls_init(&session, GNUTLS_SERVER | GNUTLS_POST_HANDSHAKE_AUTH) - >= 0); + assert(gnutls_init(&session, + GNUTLS_SERVER | GNUTLS_POST_HANDSHAKE_AUTH) >= 0); gnutls_handshake_set_timeout(session, get_timeout()); gnutls_handshake_set_hook_function(session, GNUTLS_HANDSHAKE_ANY, GNUTLS_HOOK_BOTH, hellos_callback); - assert(gnutls_priority_set_direct - (session, "NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK:+ECDHE-PSK", - NULL) >= 0); + assert(gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK:+ECDHE-PSK", + NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_PSK, server_pskcred); @@ -265,9 +266,8 @@ static void server(int fd, int err, int type, unsigned max_auths) if (ret != 0) fail("handshake failed: %s\n", gnutls_strerror(ret)); - if (! - (gnutls_session_get_flags(session) & - GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH)) { + if (!(gnutls_session_get_flags(session) & + GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH)) { fail("server: session flags did not contain GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH\n"); } @@ -297,7 +297,8 @@ static void server(int fd, int err, int type, unsigned max_auths) gnutls_strerror(err), gnutls_strerror(ret)); } else if (ret != 0) { - fail("server: gnutls_reauth did not succeed as expected: %s\n", gnutls_strerror(ret)); + fail("server: gnutls_reauth did not succeed as expected: %s\n", + gnutls_strerror(ret)); } if (debug) @@ -324,9 +325,8 @@ static void ch_handler(int sig) return; } -static -void start(const char *name, int err, int type, unsigned max_auths, - unsigned send_cert) +static void start(const char *name, int err, int type, unsigned max_auths, + unsigned send_cert) { int fd[2]; int ret; @@ -363,7 +363,6 @@ void start(const char *name, int err, int type, unsigned max_auths, client(fd[1], send_cert, max_auths); exit(0); } - } void doit(void) @@ -373,4 +372,4 @@ void doit(void) GNUTLS_CERT_REQUIRE, 1, 0); start("reauth-request with no-cert", 0, GNUTLS_CERT_REQUEST, 1, 0); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/post-handshake-without-cert.c b/tests/tls13/post-handshake-without-cert.c index 67507d261f..a5a858d194 100644 --- a/tests/tls13/post-handshake-without-cert.c +++ b/tests/tls13/post-handshake-without-cert.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,21 +35,21 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "tls13/ext-parse.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "tls13/ext-parse.h" +#include "utils.h" /* This program tests whether the Post Handshake Auth extension is missing * from both hellos, when not enabled by client. @@ -65,7 +65,7 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd) { @@ -92,10 +92,10 @@ static void client(int fd) gnutls_handshake_set_timeout(session, get_timeout()); - ret = - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", - NULL); + ret = gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", + NULL); if (ret < 0) fail("cannot set TLS 1.3 priorities\n"); @@ -109,8 +109,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); /* try if gnutls_reauth() would fail as expected */ ret = gnutls_reauth(session, 0); @@ -129,15 +128,16 @@ static void client(int fd) static unsigned server_hello_ok = 0; -# define TLS_EXT_POST_HANDSHAKE 49 +#define TLS_EXT_POST_HANDSHAKE 49 static int hellos_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { - if (htype == GNUTLS_HANDSHAKE_SERVER_HELLO && post == GNUTLS_HOOK_POST) { - if (find_server_extension - (msg, TLS_EXT_POST_HANDSHAKE, NULL, NULL)) { + if (htype == GNUTLS_HANDSHAKE_SERVER_HELLO && + post == GNUTLS_HOOK_POST) { + if (find_server_extension(msg, TLS_EXT_POST_HANDSHAKE, NULL, + NULL)) { fail("Post handshake extension seen in server hello!\n"); } server_hello_ok = 1; @@ -192,7 +192,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - if (ret == GNUTLS_E_INTERRUPTED) { /* expected */ + if (ret == GNUTLS_E_INTERRUPTED) { /* expected */ break; } } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); @@ -265,4 +265,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/prf-early.c b/tests/tls13/prf-early.c index a55970cf3c..205b8f44fe 100644 --- a/tests/tls13/prf-early.c +++ b/tests/tls13/prf-early.c @@ -18,7 +18,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -34,25 +34,25 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "cert-common.h" -# include "utils.h" -# include "virt-time.h" +#include "cert-common.h" +#include "utils.h" +#include "virt-time.h" static void terminate(void); -# define SESSIONS 2 -# define MAX_BUF 5*1024 -# define MSG "Hello TLS" +#define SESSIONS 2 +#define MAX_BUF 5 * 1024 +#define MSG "Hello TLS" extern unsigned int _gnutls_global_version; @@ -73,22 +73,20 @@ static void client_log_func(int level, const char *str) /* These are global */ static pid_t child; -static const -gnutls_datum_t hrnd = { (void *) - "\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", +static const gnutls_datum_t hrnd = { + (void *)"\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32 }; -static const -gnutls_datum_t hsrnd = { (void *) - "\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", +static const gnutls_datum_t hsrnd = { + (void *)"\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32 }; static int gnutls_rnd_works; int __attribute__((visibility("protected"))) - gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len) +gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len) { gnutls_rnd_works = 1; @@ -103,7 +101,7 @@ int __attribute__((visibility("protected"))) static gnutls_datum_t session_ticket_key = { NULL, 0 }; -static void dump(const char *name, const uint8_t * data, unsigned data_size) +static void dump(const char *name, const uint8_t *data, unsigned data_size) { unsigned i; @@ -113,33 +111,40 @@ static void dump(const char *name, const uint8_t * data, unsigned data_size) fprintf(stderr, "\n"); } -# define TRY(label_size, label, extra_size, extra, size, exp) \ - { \ - ret = gnutls_prf_early(session, label_size, label, extra_size, extra, size, \ - (void*)key_material); \ - if (ret < 0) { \ - fprintf(stderr, "gnutls_prf_early: error in %d\n", __LINE__); \ - gnutls_perror(ret); \ - exit(1); \ - } \ - if (memcmp(key_material, exp, size) != 0) { \ - fprintf(stderr, "gnutls_prf_early: output doesn't match for '%s'\n", label); \ - dump("got ", key_material, size); \ - dump("expected ", exp, size); \ - exit(1); \ - } \ +#define TRY(label_size, label, extra_size, extra, size, exp) \ + { \ + ret = gnutls_prf_early(session, label_size, label, extra_size, \ + extra, size, (void *)key_material); \ + if (ret < 0) { \ + fprintf(stderr, "gnutls_prf_early: error in %d\n", \ + __LINE__); \ + gnutls_perror(ret); \ + exit(1); \ + } \ + if (memcmp(key_material, exp, size) != 0) { \ + fprintf(stderr, \ + "gnutls_prf_early: output doesn't match for '%s'\n", \ + label); \ + dump("got ", key_material, size); \ + dump("expected ", exp, size); \ + exit(1); \ + } \ } -# define KEY_EXP_VALUE "\xec\xc2\x4a\x6b\x07\x89\xd9\x19\xd9\x73\x6d\xd0\x00\x73\xc9\x7a\xd7\x92\xef\x56\x91\x61\xb4\xff\x5f\xef\x81\xc1\x98\x68\x4e\xdf\xd7\x7e" -# define HELLO_VALUE "\x4f\x85\x33\x64\x48\xff\x0d\x8b\xd5\x50\x0f\x97\x91\x5b\x7d\x8d\xc9\x05\x91\x45\x4f\xb9\x4b\x4b\xbc\xbf\x58\x84\x1a\x46\xe3" -# define CONTEXT_VALUE "\x11\x8d\x85\xa8\x91\xe5\x50\x75\x44\x88\x69\xaf\x95\x9a\xb0\x29\xd4\xae\xcd\x11\xcb\x1d\x29\x7c\xe6\x24\xd4\x7c\x95\xdb\x5c" -# define NULL_CONTEXT_VALUE "\x56\x99\x41\x73\x5e\x73\x34\x7f\x3d\x69\x9f\xc0\x3b\x8b\x86\x33\xc6\xc3\x97\x46\x61\x62\x3f\x55\xab\x39\x60\xa5\xeb\xfe\x37" +#define KEY_EXP_VALUE \ + "\xec\xc2\x4a\x6b\x07\x89\xd9\x19\xd9\x73\x6d\xd0\x00\x73\xc9\x7a\xd7\x92\xef\x56\x91\x61\xb4\xff\x5f\xef\x81\xc1\x98\x68\x4e\xdf\xd7\x7e" +#define HELLO_VALUE \ + "\x4f\x85\x33\x64\x48\xff\x0d\x8b\xd5\x50\x0f\x97\x91\x5b\x7d\x8d\xc9\x05\x91\x45\x4f\xb9\x4b\x4b\xbc\xbf\x58\x84\x1a\x46\xe3" +#define CONTEXT_VALUE \ + "\x11\x8d\x85\xa8\x91\xe5\x50\x75\x44\x88\x69\xaf\x95\x9a\xb0\x29\xd4\xae\xcd\x11\xcb\x1d\x29\x7c\xe6\x24\xd4\x7c\x95\xdb\x5c" +#define NULL_CONTEXT_VALUE \ + "\x56\x99\x41\x73\x5e\x73\x34\x7f\x3d\x69\x9f\xc0\x3b\x8b\x86\x33\xc6\xc3\x97\x46\x61\x62\x3f\x55\xab\x39\x60\xa5\xeb\xfe\x37" static int handshake_callback_called; static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { unsigned char key_material[512]; int ret; @@ -148,10 +153,10 @@ static int handshake_callback(gnutls_session_t session, unsigned int htype, handshake_callback_called++; - TRY(13, "key expansion", 0, NULL, 34, (uint8_t *) KEY_EXP_VALUE); - TRY(6, "hello", 0, NULL, 31, (uint8_t *) HELLO_VALUE); - TRY(7, "context", 5, "abcd\xfa", 31, (uint8_t *) CONTEXT_VALUE); - TRY(12, "null-context", 0, "", 31, (uint8_t *) NULL_CONTEXT_VALUE); + TRY(13, "key expansion", 0, NULL, 34, (uint8_t *)KEY_EXP_VALUE); + TRY(6, "hello", 0, NULL, 31, (uint8_t *)HELLO_VALUE); + TRY(7, "context", 5, "abcd\xfa", 31, (uint8_t *)CONTEXT_VALUE); + TRY(12, "null-context", 0, "", 31, (uint8_t *)NULL_CONTEXT_VALUE); return 0; } @@ -184,9 +189,10 @@ static void client(int sds[]) gnutls_init(&session, GNUTLS_CLIENT); /* Use default priorities, sets %NO_SHUFFLE_EXTENSIONS */ - ret = gnutls_priority_set_direct(session, - "NONE:+VERS-TLS1.3:+AES-256-GCM:+AEAD:+SIGN-RSA-PSS-RSAE-SHA384:+GROUP-SECP256R1:%NO_SHUFFLE_EXTENSIONS", - &err); + ret = gnutls_priority_set_direct( + session, + "NONE:+VERS-TLS1.3:+AES-256-GCM:+AEAD:+SIGN-RSA-PSS-RSAE-SHA384:+GROUP-SECP256R1:%NO_SHUFFLE_EXTENSIONS", + &err); if (ret < 0) { fail("client: priority set failed (%s): %s\n", gnutls_strerror(ret), err); @@ -204,18 +210,16 @@ static void client(int sds[]) if (t > 0) { gnutls_session_set_data(session, session_data.data, session_data.size); - gnutls_handshake_set_hook_function(session, - GNUTLS_HANDSHAKE_CLIENT_HELLO, - GNUTLS_HOOK_POST, - handshake_callback); + gnutls_handshake_set_hook_function( + session, GNUTLS_HANDSHAKE_CLIENT_HELLO, + GNUTLS_HOOK_POST, handshake_callback); } /* Perform the TLS handshake */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed: %s\n", strerror(ret)); @@ -227,8 +231,8 @@ static void client(int sds[]) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); ret = gnutls_cipher_get(session); if (ret != GNUTLS_CIPHER_AES_256_GCM) { @@ -264,8 +268,7 @@ static void client(int sds[]) } while (ret == GNUTLS_E_AGAIN); if (ret == 0) { if (debug) - success - ("client: Peer has closed the TLS connection\n"); + success("client: Peer has closed the TLS connection\n"); } else if (ret < 0) { fail("client: Error: %s\n", gnutls_strerror(ret)); } @@ -335,9 +338,10 @@ static void server(int sds[]) /* avoid calling all the priority functions, since the defaults * are adequate. */ - ret = gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA384:-GROUP-ALL:+GROUP-SECP256R1", - NULL); + ret = gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA384:-GROUP-ALL:+GROUP-SECP256R1", + NULL); if (ret < 0) { fail("server: priority set failed (%s)\n\n", gnutls_strerror(ret)); @@ -359,17 +363,15 @@ static void server(int sds[]) "gnutls_rnd() could not be overridden, skipping prf checks see #584\n"); exit(77); } else { - gnutls_handshake_set_hook_function(session, - GNUTLS_HANDSHAKE_CLIENT_HELLO, - GNUTLS_HOOK_POST, - handshake_callback); + gnutls_handshake_set_hook_function( + session, GNUTLS_HANDSHAKE_CLIENT_HELLO, + GNUTLS_HOOK_POST, handshake_callback); } } do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(sds[t]); gnutls_deinit(session); @@ -382,8 +384,8 @@ static void server(int sds[]) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (t == 0) { if (handshake_callback_called != 0) @@ -399,12 +401,12 @@ static void server(int sds[]) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { kill(child, SIGTERM); - fail("server: Received corrupted data(%d). Closing...\n", ret); + fail("server: Received corrupted data(%d). Closing...\n", + ret); break; } else if (ret > 0) { /* echo data back to the client @@ -480,4 +482,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/prf.c b/tests/tls13/prf.c index 877f45867e..d8c6e4e807 100644 --- a/tests/tls13/prf.c +++ b/tests/tls13/prf.c @@ -18,7 +18,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,18 +33,18 @@ int main(int argc, char **argv) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "cert-common.h" -# include "utils.h" +#include "cert-common.h" +#include "utils.h" static void terminate(void); @@ -65,22 +65,20 @@ static void client_log_func(int level, const char *str) /* These are global */ static pid_t child; -static const -gnutls_datum_t hrnd = { (void *) - "\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", +static const gnutls_datum_t hrnd = { + (void *)"\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32 }; -static const -gnutls_datum_t hsrnd = { (void *) - "\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", +static const gnutls_datum_t hsrnd = { + (void *)"\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32 }; static int gnutls_rnd_works; int __attribute__((visibility("protected"))) - gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len) +gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len) { gnutls_rnd_works = 1; @@ -93,7 +91,7 @@ int __attribute__((visibility("protected"))) return 0; } -static void dump(const char *name, const uint8_t * data, unsigned data_size) +static void dump(const char *name, const uint8_t *data, unsigned data_size) { unsigned i; @@ -103,44 +101,55 @@ static void dump(const char *name, const uint8_t * data, unsigned data_size) fprintf(stderr, "\n"); } -# define TRY(label_size, label, extra_size, extra, size, exp) \ - { \ - ret = gnutls_prf_rfc5705(session, label_size, label, extra_size, extra, size, \ - (void*)key_material); \ - if (ret < 0) { \ - fprintf(stderr, "gnutls_prf_rfc5705: error in %d\n", __LINE__); \ - gnutls_perror(ret); \ - exit(1); \ - } \ - if (memcmp(key_material, exp, size) != 0) { \ - fprintf(stderr, "gnutls_prf_rfc5705: output doesn't match for '%s'\n", label); \ - dump("got ", key_material, size); \ - dump("expected ", exp, size); \ - exit(1); \ - } \ +#define TRY(label_size, label, extra_size, extra, size, exp) \ + { \ + ret = gnutls_prf_rfc5705(session, label_size, label, \ + extra_size, extra, size, \ + (void *)key_material); \ + if (ret < 0) { \ + fprintf(stderr, "gnutls_prf_rfc5705: error in %d\n", \ + __LINE__); \ + gnutls_perror(ret); \ + exit(1); \ + } \ + if (memcmp(key_material, exp, size) != 0) { \ + fprintf(stderr, \ + "gnutls_prf_rfc5705: output doesn't match for '%s'\n", \ + label); \ + dump("got ", key_material, size); \ + dump("expected ", exp, size); \ + exit(1); \ + } \ } -# define TRY_OLD(label_size, label, size, exp) \ - { \ - ret = gnutls_prf(session, label_size, label, 0, 0, NULL, size, \ - (void*)key_material); \ - if (ret < 0) { \ - fprintf(stderr, "gnutls_prf: error in %d\n", __LINE__); \ - gnutls_perror(ret); \ - exit(1); \ - } \ - if (memcmp(key_material, exp, size) != 0) { \ - fprintf(stderr, "gnutls_prf: output doesn't match for '%s'\n", label); \ - dump("got ", key_material, size); \ - dump("expected ", exp, size); \ - exit(1); \ - } \ +#define TRY_OLD(label_size, label, size, exp) \ + { \ + ret = gnutls_prf(session, label_size, label, 0, 0, NULL, size, \ + (void *)key_material); \ + if (ret < 0) { \ + fprintf(stderr, "gnutls_prf: error in %d\n", \ + __LINE__); \ + gnutls_perror(ret); \ + exit(1); \ + } \ + if (memcmp(key_material, exp, size) != 0) { \ + fprintf(stderr, \ + "gnutls_prf: output doesn't match for '%s'\n", \ + label); \ + dump("got ", key_material, size); \ + dump("expected ", exp, size); \ + exit(1); \ + } \ } -# define KEY_EXP_VALUE "\x28\x70\xa8\x34\xd4\x43\x85\xfd\x55\xe0\x13\x78\x75\xa3\x25\xa7\xfd\x0b\x6b\x68\x5d\x62\x72\x02\xdf\x3d\x79\xca\x55\xab\xea\x24\xf3\x4d" -# define HELLO_VALUE "\xd8\xcb\x72\x1e\x24\x2d\x79\x11\x41\x38\x05\x2b\x1b\x5d\x60\x12\x30\x0a\xf7\x1e\x23\x90\x4d\x64\xf8\xf5\x23\xea\xbf\xa3\x24" -# define CONTEXT_VALUE "\xe6\xc0\x57\xbe\xda\x28\x9c\xc7\xf6\x4f\xb6\x18\x92\xce\x10\xf6\xe1\x5e\xab\x10\xc8\xd1\x94\xf8\xac\xc7\x3e\x93\xde\x57\x12" -# define NULL_CONTEXT_VALUE "\xaf\xea\xd2\x64\xc9\x42\xbd\xe7\xdb\xf0\xd3\x16\x84\x39\xf3\xdb\x5d\x4f\x0e\x5e\x71\x1e\xc0\xd7\x23\xde\x8b\x1e\x80\xa1\xca" +#define KEY_EXP_VALUE \ + "\x28\x70\xa8\x34\xd4\x43\x85\xfd\x55\xe0\x13\x78\x75\xa3\x25\xa7\xfd\x0b\x6b\x68\x5d\x62\x72\x02\xdf\x3d\x79\xca\x55\xab\xea\x24\xf3\x4d" +#define HELLO_VALUE \ + "\xd8\xcb\x72\x1e\x24\x2d\x79\x11\x41\x38\x05\x2b\x1b\x5d\x60\x12\x30\x0a\xf7\x1e\x23\x90\x4d\x64\xf8\xf5\x23\xea\xbf\xa3\x24" +#define CONTEXT_VALUE \ + "\xe6\xc0\x57\xbe\xda\x28\x9c\xc7\xf6\x4f\xb6\x18\x92\xce\x10\xf6\xe1\x5e\xab\x10\xc8\xd1\x94\xf8\xac\xc7\x3e\x93\xde\x57\x12" +#define NULL_CONTEXT_VALUE \ + "\xaf\xea\xd2\x64\xc9\x42\xbd\xe7\xdb\xf0\xd3\x16\x84\x39\xf3\xdb\x5d\x4f\x0e\x5e\x71\x1e\xc0\xd7\x23\xde\x8b\x1e\x80\xa1\xca" static void check_prfs(gnutls_session_t session) { unsigned char key_material[512]; @@ -152,25 +161,23 @@ static void check_prfs(gnutls_session_t session) exit(77); } - TRY_OLD(13, "key expansion", 34, (uint8_t *) KEY_EXP_VALUE); - TRY_OLD(6, "hello", 31, (uint8_t *) HELLO_VALUE); + TRY_OLD(13, "key expansion", 34, (uint8_t *)KEY_EXP_VALUE); + TRY_OLD(6, "hello", 31, (uint8_t *)HELLO_VALUE); - TRY(13, "key expansion", 0, NULL, 34, (uint8_t *) KEY_EXP_VALUE); - TRY(6, "hello", 0, NULL, 31, (uint8_t *) HELLO_VALUE); - TRY(7, "context", 5, "abcd\xfa", 31, (uint8_t *) CONTEXT_VALUE); - TRY(12, "null-context", 0, "", 31, (uint8_t *) NULL_CONTEXT_VALUE); + TRY(13, "key expansion", 0, NULL, 34, (uint8_t *)KEY_EXP_VALUE); + TRY(6, "hello", 0, NULL, 31, (uint8_t *)HELLO_VALUE); + TRY(7, "context", 5, "abcd\xfa", 31, (uint8_t *)CONTEXT_VALUE); + TRY(12, "null-context", 0, "", 31, (uint8_t *)NULL_CONTEXT_VALUE); /* Try whether calling gnutls_prf() with non-null context or server-first * param, will fail */ - ret = - gnutls_prf(session, 3, (void *)"xxx", 0, 3, (void *)"yyy", 16, - (void *)key_material); + ret = gnutls_prf(session, 3, (void *)"xxx", 0, 3, (void *)"yyy", 16, + (void *)key_material); if (ret != GNUTLS_E_INVALID_REQUEST) fail("gnutls_prf: succeeded under TLS1.3!\n"); - ret = - gnutls_prf(session, 3, (void *)"xxx", 1, 0, NULL, 16, - (void *)key_material); + ret = gnutls_prf(session, 3, (void *)"xxx", 1, 0, NULL, 16, + (void *)key_material); if (ret != GNUTLS_E_INVALID_REQUEST) fail("gnutls_prf: succeeded under TLS1.3!\n"); } @@ -197,9 +204,10 @@ static void client(int fd) gnutls_init(&session, GNUTLS_CLIENT); /* Use default priorities, sets %NO_SHUFFLE_EXTENSIONS */ - ret = gnutls_priority_set_direct(session, - "NONE:+VERS-TLS1.3:+AES-256-GCM:+AEAD:+SIGN-RSA-PSS-RSAE-SHA384:+GROUP-SECP256R1:%NO_SHUFFLE_EXTENSIONS", - &err); + ret = gnutls_priority_set_direct( + session, + "NONE:+VERS-TLS1.3:+AES-256-GCM:+AEAD:+SIGN-RSA-PSS-RSAE-SHA384:+GROUP-SECP256R1:%NO_SHUFFLE_EXTENSIONS", + &err); if (ret < 0) { fail("client: priority set failed (%s): %s\n", @@ -219,8 +227,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed: %s\n", strerror(ret)); @@ -232,8 +239,8 @@ static void client(int fd) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); ret = gnutls_cipher_get(session); if (ret != GNUTLS_CIPHER_AES_256_GCM) { @@ -302,18 +309,18 @@ static void server(int fd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - ret = gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA384:-GROUP-ALL:+GROUP-SECP256R1", - NULL); + ret = gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA384:-GROUP-ALL:+GROUP-SECP256R1", + NULL); if (ret < 0) { fail("server: priority set failed (%s)\n\n", gnutls_strerror(ret)); terminate(); } - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, serverx509cred); gnutls_handshake_set_random(session, &hsrnd); @@ -321,8 +328,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(fd); gnutls_deinit(session); @@ -335,8 +341,8 @@ static void server(int fd) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); check_prfs(session); @@ -389,4 +395,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/psk-dumbfw.c b/tests/tls13/psk-dumbfw.c index ec8c23afce..e884ec4665 100644 --- a/tests/tls13/psk-dumbfw.c +++ b/tests/tls13/psk-dumbfw.c @@ -22,7 +22,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -39,20 +39,20 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# endif -# include -# include -# include -# include +#include +#include +#include +#if !defined(_WIN32) +#include +#endif +#include +#include +#include +#include -# include "tls13/ext-parse.h" +#include "tls13/ext-parse.h" -# include "utils.h" +#include "utils.h" /* Tests whether the pre-shared key extension will always be last * even if the dumbfw extension is present. @@ -65,8 +65,8 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -# define MAX_BUF 1024 -# define MSG "Hello TLS" +#define MAX_BUF 1024 +#define MSG "Hello TLS" static void client(int sd, const char *prio) { @@ -131,7 +131,7 @@ static void client(int sd, const char *prio) gnutls_bye(session, GNUTLS_SHUT_RDWR); - end: +end: close(sd); @@ -142,8 +142,8 @@ static void client(int sd, const char *prio) gnutls_global_deinit(); } -static int -pskfunc(gnutls_session_t session, const char *username, gnutls_datum_t * key) +static int pskfunc(gnutls_session_t session, const char *username, + gnutls_datum_t *key) { if (debug) printf("psk: username %s\n", username); @@ -156,16 +156,15 @@ pskfunc(gnutls_session_t session, const char *username, gnutls_datum_t * key) return 0; } -# define EXT_CLIENTHELLO_PADDING 21 -# define EXT_PRE_SHARED_KEY 41 +#define EXT_CLIENTHELLO_PADDING 21 +#define EXT_PRE_SHARED_KEY 41 struct ctx_st { unsigned long pos; void *base; }; -static -void check_ext_pos(void *priv, gnutls_datum_t * msg) +static void check_ext_pos(void *priv, gnutls_datum_t *msg) { struct ctx_st *ctx = priv; @@ -174,23 +173,24 @@ void check_ext_pos(void *priv, gnutls_datum_t * msg) static int client_hello_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { unsigned long pos_psk; unsigned long pos_pad; - if (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO && post == GNUTLS_HOOK_POST) { + if (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO && + post == GNUTLS_HOOK_POST) { struct ctx_st ctx; ctx.base = msg->data; - if (find_client_extension - (msg, EXT_CLIENTHELLO_PADDING, &ctx, check_ext_pos) == 0) + if (find_client_extension(msg, EXT_CLIENTHELLO_PADDING, &ctx, + check_ext_pos) == 0) fail("Could not find dumbfw/client hello padding extension!\n"); pos_pad = ctx.pos; ctx.base = msg->data; - if (find_client_extension - (msg, EXT_PRE_SHARED_KEY, &ctx, check_ext_pos) == 0) + if (find_client_extension(msg, EXT_PRE_SHARED_KEY, &ctx, + check_ext_pos) == 0) fail("Could not find psk extension!\n"); pos_psk = ctx.pos; @@ -252,11 +252,11 @@ static void server(int sd, const char *prio) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { - fail("server: Received corrupted data(%d). Closing...\n", ret); + fail("server: Received corrupted data(%d). Closing...\n", + ret); break; } else if (ret > 0) { /* echo data back to the client @@ -286,8 +286,7 @@ static void ch_handler(int sig) return; } -static -void run_test(const char *prio) +static void run_test(const char *prio) { pid_t child; int err; @@ -328,8 +327,8 @@ void run_test(const char *prio) void doit(void) { - run_test - ("NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+PSK:%DUMBFW:-GROUP-ALL:+GROUP-FFDHE2048"); + run_test( + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+PSK:%DUMBFW:-GROUP-ALL:+GROUP-FFDHE2048"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/psk-ext.c b/tests/tls13/psk-ext.c index 25d0a2c0d2..de9da1904a 100644 --- a/tests/tls13/psk-ext.c +++ b/tests/tls13/psk-ext.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,8 +35,8 @@ /* Tests the PSK-extension decoding part */ -static void decode(const char *test_name, const gnutls_datum_t * raw, - const gnutls_datum_t * id, const gnutls_datum_t * b, +static void decode(const char *test_name, const gnutls_datum_t *raw, + const gnutls_datum_t *id, const gnutls_datum_t *b, unsigned idx, int res) { int ret; @@ -49,7 +49,7 @@ static void decode(const char *test_name, const gnutls_datum_t * raw, ret = _gnutls13_psk_ext_parser_init(&p, raw->data, raw->size); if (ret < 0) { - if (res == ret) /* expected */ + if (res == ret) /* expected */ return; fail("%s: _gnutls13_psk_ext_parser_init: %d/%s\n", test_name, ret, gnutls_strerror(ret)); @@ -62,13 +62,13 @@ static void decode(const char *test_name, const gnutls_datum_t * raw, if (ret < 0) { if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) break; - if (res == ret) /* expected */ + if (res == ret) /* expected */ return; } if (i == idx) { - if (psk.identity.size == id->size - && memcmp(psk.identity.data, id->data, - id->size) == 0) { + if (psk.identity.size == id->size && + memcmp(psk.identity.data, id->data, id->size) == + 0) { if (debug) success("%s: found id\n", test_name); found = 1; @@ -87,18 +87,18 @@ static void decode(const char *test_name, const gnutls_datum_t * raw, for (j = 0; j <= i; j++) { ret = _gnutls13_psk_ext_iter_next_binder(&iter, &binder); if (ret < 0) { - if (res == ret) /* expected */ + if (res == ret) /* expected */ return; - fail("%s: could not extract binder: %s\n", - test_name, gnutls_strerror(ret)); + fail("%s: could not extract binder: %s\n", test_name, + gnutls_strerror(ret)); } } if (debug) success("%s: found binder\n", test_name); - if (binder.size != b->size - || memcmp(binder.data, b->data, b->size) != 0) { + if (binder.size != b->size || + memcmp(binder.data, b->data, b->size) != 0) { hexprint(binder.data, binder.size); fail("%s: did not match binder on index %d\n", test_name, idx); } @@ -109,103 +109,102 @@ static void decode(const char *test_name, const gnutls_datum_t * raw, struct decode_tests_st { const char *name; gnutls_datum_t psk; - unsigned idx; /* the ID index */ + unsigned idx; /* the ID index */ gnutls_datum_t id; gnutls_datum_t binder; int res; }; struct decode_tests_st decode_tests[] = { - { - .name = "single PSK", - .psk = {(unsigned char *) - "\x00\x0a\x00\x04\x6e\x6d\x61\x76\x00\x00\x00\x00\x00\x21\x20\xc4\xda\xe5\x7e\x05\x59\xf7\xae\x9b\xba\x90\xd2\x6e\x12\x68\xf6\xc1\xc7\xb9\x7e\xdc\xed\x9e\x67\x4e\xa5\x91\x2d\x7c\xb4\xf0\xab", - 47}, - .id = {(unsigned char *)"nmav", 4}, - .binder = {(unsigned char *) - "\xc4\xda\xe5\x7e\x05\x59\xf7\xae\x9b\xba\x90\xd2\x6e\x12\x68\xf6\xc1\xc7\xb9\x7e\xdc\xed\x9e\x67\x4e\xa5\x91\x2d\x7c\xb4\xf0\xab", - 32}, - .idx = 0, - .res = 0}, - { - .name = "multiple psks id0", - .psk = - {(unsigned char *)"\x00\x20\x00\x04\x70\x73\x6b\x31\x00\x00\x00\x00" - "\x00\x06\x70\x73\x6b\x69\x64\x00\x00\x00\x00\x00" - "\x00\x04\x74\x65\x73\x74\x00\x00\x00\x00\x00\x63" - "\x20\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x20\x01\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x20\x71\x83\x89\x3d\xcc" - "\x46\xad\x83\x18\x98\x59\x46\x0b\xb2\x51\x24\x53" - "\x41\xb4\x35\x04\x22\x90\x02\xac\x5e\xc1\xe7\xbc" "\xca\x52\x16", - 135}, - .id = {(unsigned char *)"psk1", 4}, - .binder = {(unsigned char *) - "\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - 32}, - .idx = 0, - .res = 0}, - { - .name = "multiple psks id1", - .psk = - {(unsigned char *)"\x00\x20\x00\x04\x70\x73\x6b\x31\x00\x00\x00\x00" - "\x00\x06\x70\x73\x6b\x69\x64\x00\x00\x00\x00\x00" - "\x00\x04\x74\x65\x73\x74\x00\x00\x00\x00\x00\x63" - "\x20\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x20\x01\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x20\x71\x83\x89\x3d\xcc" - "\x46\xad\x83\x18\x98\x59\x46\x0b\xb2\x51\x24\x53" - "\x41\xb4\x35\x04\x22\x90\x02\xac\x5e\xc1\xe7\xbc" "\xca\x52\x16", - 135}, - .id = {(unsigned char *)"pskid", 6}, - .binder = {(unsigned char *) - "\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - 32}, - .idx = 1, - .res = 0}, - { - .name = "multiple psks id2", - .psk = - {(unsigned char *)"\x00\x20\x00\x04\x70\x73\x6b\x31\x00\x00\x00\x00" - "\x00\x06\x70\x73\x6b\x69\x64\x00\x00\x00\x00\x00" - "\x00\x04\x74\x65\x73\x74\x00\x00\x00\x00\x00\x63" - "\x20\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x20\x01\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x20\x71\x83\x89\x3d\xcc" - "\x46\xad\x83\x18\x98\x59\x46\x0b\xb2\x51\x24\x53" - "\x41\xb4\x35\x04\x22\x90\x02\xac\x5e\xc1\xe7\xbc" "\xca\x52\x16", - 135}, - .id = {(unsigned char *)"test", 4}, - .binder = {(unsigned char *) - "\x71\x83\x89\x3d\xcc\x46\xad\x83\x18\x98\x59\x46\x0b\xb2\x51\x24\x53\x41\xb4\x35\x04\x22\x90\x02\xac\x5e\xc1\xe7\xbc\xca\x52\x16", - 32}, - .idx = 2, - .res = 0}, - { - .name = "multiple psks id3", - .psk = - {(unsigned char *)"\x00\x20\x00\x04\x70\x73\x6b\x31\x00\x00\x00\x00" - "\x00\x06\x70\x73\x6b\x69\x64\x00\x00\x00\x00\x00" - "\x00\x04\x74\x65\x73\x74\x00\x00\x00\x00\x00\x42" - "\x20\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x20\x01\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00", 102}, - .id = {(unsigned char *)"test", 4}, - .binder = {NULL, 0}, - .idx = 2, - .res = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE} + { .name = "single PSK", + .psk = { (unsigned char + *)"\x00\x0a\x00\x04\x6e\x6d\x61\x76\x00\x00\x00\x00\x00\x21\x20\xc4\xda\xe5\x7e\x05\x59\xf7\xae\x9b\xba\x90\xd2\x6e\x12\x68\xf6\xc1\xc7\xb9\x7e\xdc\xed\x9e\x67\x4e\xa5\x91\x2d\x7c\xb4\xf0\xab", + 47 }, + .id = { (unsigned char *)"nmav", 4 }, + .binder = { (unsigned char + *)"\xc4\xda\xe5\x7e\x05\x59\xf7\xae\x9b\xba\x90\xd2\x6e\x12\x68\xf6\xc1\xc7\xb9\x7e\xdc\xed\x9e\x67\x4e\xa5\x91\x2d\x7c\xb4\xf0\xab", + 32 }, + .idx = 0, + .res = 0 }, + { .name = "multiple psks id0", + .psk = { (unsigned char + *)"\x00\x20\x00\x04\x70\x73\x6b\x31\x00\x00\x00\x00" + "\x00\x06\x70\x73\x6b\x69\x64\x00\x00\x00\x00\x00" + "\x00\x04\x74\x65\x73\x74\x00\x00\x00\x00\x00\x63" + "\x20\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x20\x01\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x20\x71\x83\x89\x3d\xcc" + "\x46\xad\x83\x18\x98\x59\x46\x0b\xb2\x51\x24\x53" + "\x41\xb4\x35\x04\x22\x90\x02\xac\x5e\xc1\xe7\xbc" + "\xca\x52\x16", + 135 }, + .id = { (unsigned char *)"psk1", 4 }, + .binder = { (unsigned char + *)"\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 32 }, + .idx = 0, + .res = 0 }, + { .name = "multiple psks id1", + .psk = { (unsigned char + *)"\x00\x20\x00\x04\x70\x73\x6b\x31\x00\x00\x00\x00" + "\x00\x06\x70\x73\x6b\x69\x64\x00\x00\x00\x00\x00" + "\x00\x04\x74\x65\x73\x74\x00\x00\x00\x00\x00\x63" + "\x20\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x20\x01\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x20\x71\x83\x89\x3d\xcc" + "\x46\xad\x83\x18\x98\x59\x46\x0b\xb2\x51\x24\x53" + "\x41\xb4\x35\x04\x22\x90\x02\xac\x5e\xc1\xe7\xbc" + "\xca\x52\x16", + 135 }, + .id = { (unsigned char *)"pskid", 6 }, + .binder = { (unsigned char + *)"\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 32 }, + .idx = 1, + .res = 0 }, + { .name = "multiple psks id2", + .psk = { (unsigned char + *)"\x00\x20\x00\x04\x70\x73\x6b\x31\x00\x00\x00\x00" + "\x00\x06\x70\x73\x6b\x69\x64\x00\x00\x00\x00\x00" + "\x00\x04\x74\x65\x73\x74\x00\x00\x00\x00\x00\x63" + "\x20\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x20\x01\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x20\x71\x83\x89\x3d\xcc" + "\x46\xad\x83\x18\x98\x59\x46\x0b\xb2\x51\x24\x53" + "\x41\xb4\x35\x04\x22\x90\x02\xac\x5e\xc1\xe7\xbc" + "\xca\x52\x16", + 135 }, + .id = { (unsigned char *)"test", 4 }, + .binder = { (unsigned char + *)"\x71\x83\x89\x3d\xcc\x46\xad\x83\x18\x98\x59\x46\x0b\xb2\x51\x24\x53\x41\xb4\x35\x04\x22\x90\x02\xac\x5e\xc1\xe7\xbc\xca\x52\x16", + 32 }, + .idx = 2, + .res = 0 }, + { .name = "multiple psks id3", + .psk = { (unsigned char + *)"\x00\x20\x00\x04\x70\x73\x6b\x31\x00\x00\x00\x00" + "\x00\x06\x70\x73\x6b\x69\x64\x00\x00\x00\x00\x00" + "\x00\x04\x74\x65\x73\x74\x00\x00\x00\x00\x00\x42" + "\x20\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x20\x01\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00", + 102 }, + .id = { (unsigned char *)"test", 4 }, + .binder = { NULL, 0 }, + .idx = 2, + .res = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE } }; void doit(void) diff --git a/tests/tls13/psk-ke-modes.c b/tests/tls13/psk-ke-modes.c index c02c6672d5..75231295bc 100644 --- a/tests/tls13/psk-ke-modes.c +++ b/tests/tls13/psk-ke-modes.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -49,8 +49,7 @@ const char *testname = ""; -#define myfail(fmt, ...) \ - fail("%s: "fmt, testname, ##__VA_ARGS__) +#define myfail(fmt, ...) fail("%s: " fmt, testname, ##__VA_ARGS__) const char *side = ""; @@ -59,10 +58,10 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static int -new_session_ticket_callback(gnutls_session_t session, unsigned int htype, - unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) +static int new_session_ticket_callback(gnutls_session_t session, + unsigned int htype, unsigned post, + unsigned int incoming, + const gnutls_datum_t *msg) { bool *new_session_ticket_sent = gnutls_session_get_ptr(session); *new_session_ticket_sent = true; @@ -70,7 +69,8 @@ new_session_ticket_callback(gnutls_session_t session, unsigned int htype, } #define MAX_BUF 1024 -#define MSG "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..." +#define MSG \ + "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..." static void start(const char *name, const char *prio, const char *sprio) { @@ -92,8 +92,7 @@ static void start(const char *name, const char *prio, const char *sprio) /* Init server */ assert(gnutls_certificate_allocate_credentials(&scred) >= 0); - assert(gnutls_certificate_set_x509_key_mem(scred, - &server_cert, + assert(gnutls_certificate_set_x509_key_mem(scred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM) >= 0); @@ -117,8 +116,8 @@ static void start(const char *name, const char *prio, const char *sprio) /* Init client */ gnutls_certificate_allocate_credentials(&ccred); - assert(gnutls_certificate_set_x509_trust_mem - (ccred, &ca3_cert, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem(ccred, &ca3_cert, + GNUTLS_X509_FMT_PEM) >= 0); gnutls_init(&client, GNUTLS_CLIENT); diff --git a/tests/tls13/rnd-check-rollback-val.c b/tests/tls13/rnd-check-rollback-val.c index 8958959c48..493bc405cc 100644 --- a/tests/tls13/rnd-check-rollback-val.c +++ b/tests/tls13/rnd-check-rollback-val.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,20 +35,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" /* This program checks whether a TLS 1.3 client will detect * a TLS 1.2 rollback attempt via the server random value. @@ -64,25 +64,21 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# ifdef TLS12 -# define name "TLS1.2" -# define RND tls12_rnd -# define PRIO "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2" -# elif TLS11 -# define name "TLS1.1" -# define RND tls11_rnd -# define PRIO "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.0" -# else -# error unknown version to test -# endif - -gnutls_datum_t tls12_rnd = { (void *)"\x44\x4F\x57\x4E\x47\x52\x44\x01", - 8 -}; - -gnutls_datum_t tls11_rnd = { (void *)"\x44\x4F\x57\x4E\x47\x52\x44\x00", - 8 -}; +#ifdef TLS12 +#define name "TLS1.2" +#define RND tls12_rnd +#define PRIO "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2" +#elif TLS11 +#define name "TLS1.1" +#define RND tls11_rnd +#define PRIO "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.0" +#else +#error unknown version to test +#endif + +gnutls_datum_t tls12_rnd = { (void *)"\x44\x4F\x57\x4E\x47\x52\x44\x01", 8 }; + +gnutls_datum_t tls11_rnd = { (void *)"\x44\x4F\x57\x4E\x47\x52\x44\x00", 8 }; static void client(int fd) { @@ -104,7 +100,7 @@ static void client(int fd) gnutls_certificate_set_x509_key_mem(x509_cred, &cli_ca3_cert, &cli_ca3_key, GNUTLS_X509_FMT_PEM); - retry: +retry: /* Initialize TLS session */ gnutls_init(&session, GNUTLS_CLIENT); @@ -129,8 +125,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("error in handshake: %s\n", gnutls_strerror(ret)); @@ -208,15 +203,15 @@ static void server(int fd) assert(gnutls_session_ticket_key_generate(&skey) >= 0); - retry: +retry: gnutls_init(&session, GNUTLS_SERVER); gnutls_handshake_set_timeout(session, get_timeout()); - assert(gnutls_priority_set_direct - (session, - "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0", - NULL) >= 0); + assert(gnutls_priority_set_direct( + session, + "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0", + NULL) >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -226,7 +221,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - if (ret == GNUTLS_E_INTERRUPTED) { /* expected */ + if (ret == GNUTLS_E_INTERRUPTED) { /* expected */ break; } } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); @@ -305,4 +300,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/rnd-rollback-detection.c b/tests/tls13/rnd-rollback-detection.c index 06f65a9edc..eaa9d62a4b 100644 --- a/tests/tls13/rnd-rollback-detection.c +++ b/tests/tls13/rnd-rollback-detection.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,20 +35,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "utils.h" /* This program checks whether a TLS 1.3 client will detect * a TLS 1.2 rollback attempt via the server random value. @@ -87,10 +87,10 @@ static void client(int fd) gnutls_handshake_set_timeout(session, get_timeout()); - ret = - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0", - NULL); + ret = gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0", + NULL); if (ret < 0) fail("cannot set TLS 1.2 priorities\n"); @@ -104,8 +104,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret != GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER) { fail("unexpected error during rollback: %s\n", @@ -121,29 +120,27 @@ static void client(int fd) gnutls_global_deinit(); } -# ifdef TLS12 -# define RND tls12_rnd -# define PRIO "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2" -# elif TLS11 -# define RND tls11_rnd -# define PRIO "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.0" -# else -# error unknown version to test -# endif +#ifdef TLS12 +#define RND tls12_rnd +#define PRIO "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2" +#elif TLS11 +#define RND tls11_rnd +#define PRIO "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.0" +#else +#error unknown version to test +#endif gnutls_datum_t tls12_rnd = { (void *)"\x00\x00\x00\x04\x00\x00\x00\x04" - "\x00\x00\x00\x04\x00\x00\x00\x04" - "\x00\x00\x00\x04\x00\x00\x00\x04" - "\x44\x4F\x57\x4E\x47\x52\x44\x01", - 32 -}; + "\x00\x00\x00\x04\x00\x00\x00\x04" + "\x00\x00\x00\x04\x00\x00\x00\x04" + "\x44\x4F\x57\x4E\x47\x52\x44\x01", + 32 }; gnutls_datum_t tls11_rnd = { (void *)"\x00\x00\x00\x04\x00\x00\x00\x04" - "\x00\x00\x00\x04\x00\x00\x00\x04" - "\x00\x00\x00\x04\x00\x00\x00\x04" - "\x44\x4F\x57\x4E\x47\x52\x44\x00", - 32 -}; + "\x00\x00\x00\x04\x00\x00\x00\x04" + "\x00\x00\x00\x04\x00\x00\x00\x04" + "\x44\x4F\x57\x4E\x47\x52\x44\x00", + 32 }; static void server(int fd) { @@ -177,7 +174,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - if (ret == GNUTLS_E_INTERRUPTED) { /* expected */ + if (ret == GNUTLS_E_INTERRUPTED) { /* expected */ break; } } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); @@ -235,4 +232,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/supported_versions.c b/tests/tls13/supported_versions.c index fbc270202e..f0f485f695 100644 --- a/tests/tls13/supported_versions.c +++ b/tests/tls13/supported_versions.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,19 +35,19 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "cert-common.h" -# include "utils.h" +#include "cert-common.h" +#include "utils.h" /* This program tests the ProtocolVersion of Client Hello * and whether the supported_versions extension is present and @@ -64,7 +64,7 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void client(int fd) { @@ -87,10 +87,10 @@ static void client(int fd) gnutls_handshake_set_timeout(session, get_timeout()); - ret = - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", - NULL); + ret = gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", + NULL); if (ret < 0) fail("cannot set TLS 1.3 priorities\n"); @@ -104,8 +104,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); close(fd); @@ -119,43 +118,51 @@ static void client(int fd) static unsigned client_hello_ok = 0; static unsigned server_hello_ok = 0; -# define HANDSHAKE_SESSION_ID_POS 34 -# define TLS_EXT_SUPPORTED_VERSIONS 43 - -# define SKIP16(pos, total) { \ - uint16_t _s; \ - if (pos+2 > total) fail("error\n"); \ - _s = (msg->data[pos] << 8) | msg->data[pos+1]; \ - if ((size_t)(pos+2+_s) > total) fail("error\n"); \ - pos += 2+_s; \ +#define HANDSHAKE_SESSION_ID_POS 34 +#define TLS_EXT_SUPPORTED_VERSIONS 43 + +#define SKIP16(pos, total) \ + { \ + uint16_t _s; \ + if (pos + 2 > total) \ + fail("error\n"); \ + _s = (msg->data[pos] << 8) | msg->data[pos + 1]; \ + if ((size_t)(pos + 2 + _s) > total) \ + fail("error\n"); \ + pos += 2 + _s; \ } -# define SKIP8(pos, total) { \ - uint8_t _s; \ - if (pos+1 > total) fail("error\n"); \ - _s = msg->data[pos]; \ - if ((size_t)(pos+1+_s) > total) fail("error\n"); \ - pos += 1+_s; \ +#define SKIP8(pos, total) \ + { \ + uint8_t _s; \ + if (pos + 1 > total) \ + fail("error\n"); \ + _s = msg->data[pos]; \ + if ((size_t)(pos + 1 + _s) > total) \ + fail("error\n"); \ + pos += 1 + _s; \ } static int client_hello_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { ssize_t pos; - if (htype == GNUTLS_HANDSHAKE_SERVER_HELLO && post == GNUTLS_HOOK_POST) { + if (htype == GNUTLS_HANDSHAKE_SERVER_HELLO && + post == GNUTLS_HOOK_POST) { /* check whether TLS 1.3 is negotiated */ pos = 0; if (msg->size < 2) { fail("error in server hello size\n"); } - success("server hello:\n\t%d.%d\n", - (int)msg->data[pos], (int)msg->data[pos + 1]); + success("server hello:\n\t%d.%d\n", (int)msg->data[pos], + (int)msg->data[pos + 1]); if (msg->data[pos] != 0x03 || msg->data[pos + 1] != 0x03) { - fail("fail expected TLS 1.2 in server hello, got %d.%d\n", (int)msg->data[pos], (int)msg->data[pos + 1]); + fail("fail expected TLS 1.2 in server hello, got %d.%d\n", + (int)msg->data[pos], (int)msg->data[pos + 1]); } server_hello_ok = 1; @@ -200,9 +207,9 @@ static int client_hello_callback(gnutls_session_t session, unsigned int htype, if (type != TLS_EXT_SUPPORTED_VERSIONS) { SKIP16(pos, msg->size); - } else { /* found */ - ssize_t size = - (msg->data[pos] << 8) | msg->data[pos + 1]; + } else { /* found */ + ssize_t size = (msg->data[pos] << 8) | + msg->data[pos + 1]; pos += 2; size = msg->data[pos]; @@ -228,24 +235,24 @@ static int client_hello_callback(gnutls_session_t session, unsigned int htype, (int)msg->data[pos + 4], (int)msg->data[pos + 5]); - if (msg->data[pos] != 0x03 - || msg->data[pos + 1] != 0x04) { + if (msg->data[pos] != 0x03 || + msg->data[pos + 1] != 0x04) { fail("fail expected TLS 1.3, got %d.%d\n", (int)msg->data[pos], (int)msg->data[pos + 1]); } pos += 2; - if (msg->data[pos] != 0x03 - || msg->data[pos + 1] != 0x03) { + if (msg->data[pos] != 0x03 || + msg->data[pos + 1] != 0x03) { fail("fail expected TLS 1.2, got %d.%d\n", (int)msg->data[pos], (int)msg->data[pos + 1]); } pos += 2; - if (msg->data[pos] != 0x03 - || msg->data[pos + 1] != 0x01) { + if (msg->data[pos] != 0x03 || + msg->data[pos + 1] != 0x01) { fail("fail expected TLS 1.0, got %d.%d\n", (int)msg->data[pos], (int)msg->data[pos + 1]); @@ -298,7 +305,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - if (ret == GNUTLS_E_INTERRUPTED) { /* expected */ + if (ret == GNUTLS_E_INTERRUPTED) { /* expected */ break; } } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); @@ -364,4 +371,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tls13/tls12-no-tls13-exts.c b/tests/tls13/tls12-no-tls13-exts.c index 3f0b6be72b..79179e33e3 100644 --- a/tests/tls13/tls12-no-tls13-exts.c +++ b/tests/tls13/tls12-no-tls13-exts.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,20 +35,20 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# include "cert-common.h" -# include "tls13/ext-parse.h" -# include "utils.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cert-common.h" +#include "tls13/ext-parse.h" +#include "utils.h" /* This program checks whether any TLS 1.3 extensions are * present when TLS 1.2 is the only protocol supported by @@ -88,10 +88,8 @@ static void client(int fd) gnutls_handshake_set_timeout(session, get_timeout()); - ret = - gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.0", - NULL); + ret = gnutls_priority_set_direct( + session, "NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.0", NULL); if (ret < 0) fail("cannot set TLS 1.2 priorities\n"); @@ -105,8 +103,7 @@ static void client(int fd) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); close(fd); @@ -121,12 +118,13 @@ static unsigned client_hello_ok = 0; static int client_hello_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { if (htype != GNUTLS_HANDSHAKE_CLIENT_HELLO || post != GNUTLS_HOOK_PRE) return 0; - if (find_client_extension(msg, TLS_EXT_SUPPORTED_VERSIONS, NULL, NULL)) { + if (find_client_extension(msg, TLS_EXT_SUPPORTED_VERSIONS, NULL, + NULL)) { fail("Found TLS 1.3 supported versions extension in TLS 1.2!\n"); } @@ -176,7 +174,7 @@ static void server(int fd) do { ret = gnutls_handshake(session); - if (ret == GNUTLS_E_INTERRUPTED) { /* expected */ + if (ret == GNUTLS_E_INTERRUPTED) { /* expected */ break; } } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); @@ -238,4 +236,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tlsext-decoding.c b/tests/tlsext-decoding.c index d5267e031e..bd0de486fb 100644 --- a/tests/tlsext-decoding.c +++ b/tests/tlsext-decoding.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -39,18 +39,18 @@ int main(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" static void terminate(void); static unsigned reduce = 0; @@ -68,8 +68,8 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } -# define RECORD_PAYLOAD_POS 5 -# define HANDSHAKE_ID_POS (38) +#define RECORD_PAYLOAD_POS 5 +#define HANDSHAKE_ID_POS (38) static ssize_t odd_push(gnutls_transport_ptr_t tr, const void *data, size_t len) { uint8_t *d = (void *)data; @@ -85,19 +85,16 @@ static ssize_t odd_push(gnutls_transport_ptr_t tr, const void *data, size_t len) isize += 1; /* skip ciphersuites */ - csize = - d[RECORD_PAYLOAD_POS + HANDSHAKE_ID_POS + isize + 1] + - (d[RECORD_PAYLOAD_POS + HANDSHAKE_ID_POS + isize] << 8); + csize = d[RECORD_PAYLOAD_POS + HANDSHAKE_ID_POS + isize + 1] + + (d[RECORD_PAYLOAD_POS + HANDSHAKE_ID_POS + isize] << 8); csize += 2; /* skip compression methods */ - osize = - d[RECORD_PAYLOAD_POS + HANDSHAKE_ID_POS + isize + csize]; + osize = d[RECORD_PAYLOAD_POS + HANDSHAKE_ID_POS + isize + csize]; osize += 1; - pos = - RECORD_PAYLOAD_POS + HANDSHAKE_ID_POS + isize + csize + - osize; + pos = RECORD_PAYLOAD_POS + HANDSHAKE_ID_POS + isize + csize + + osize; if (reduce) { if (d[pos + 1] != 0x00) { @@ -113,7 +110,6 @@ static ssize_t odd_push(gnutls_transport_ptr_t tr, const void *data, size_t len) d[pos] = d[pos] + 1; d[pos + 1] = 0x00; } - } } @@ -154,8 +150,7 @@ static void client(int fd, const char *prio) */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret >= 0) { fail("client: Handshake succeeded!\n"); @@ -200,9 +195,8 @@ static void server(int fd, const char *prio) gnutls_certificate_allocate_credentials(&xcred); - ret = gnutls_certificate_set_x509_key_mem(xcred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_key_mem( + xcred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -220,13 +214,13 @@ static void server(int fd, const char *prio) do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret != GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH) { close(fd); gnutls_deinit(session); - fail("server: Handshake did not fail with GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH (%s)\n\n", gnutls_strerror(ret)); + fail("server: Handshake did not fail with GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH (%s)\n\n", + gnutls_strerror(ret)); terminate(); } @@ -292,4 +286,4 @@ void doit(void) start("NORMAL:-VERS-ALL:+VERS-TLS1.3"); start("NORMAL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/tlsfeature-crt.c b/tests/tlsfeature-crt.c index fbc1f0069a..35b229cbdd 100644 --- a/tests/tlsfeature-crt.c +++ b/tests/tlsfeature-crt.c @@ -18,7 +18,7 @@ */ #ifdef HAVE_CONFIG_H -# include "config.h" +#include "config.h" #endif #include @@ -30,23 +30,21 @@ #include "utils.h" static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICBzCCAXCgAwIBAgIMVpjt8TL5Io/frpvkMA0GCSqGSIb3DQEBCwUAMCIxIDAe\n" - "BgNVBAMTF0dudVRMUyB0ZXN0IGNlcnRpZmljYXRlMB4XDTE2MDExNTEzMDI0MVoX\n" - "DTMyMDYxOTEzMDI0MVowIjEgMB4GA1UEAxMXR251VExTIHRlc3QgY2VydGlmaWNh\n" - "dGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANe6XK+jDPAuqSdWqlOOqOt/\n" - "gXVMa5i+Suq3HvhLw2rE2g0AuOpMEx82FpPecu/GpF6ybrbKCohVdZCW7aZXvAw7\n" - "dg2XHr3p7H/Tqez7hWSga6BIznd+c5wxE/89yK6lYG7Ztoxamm+2vp9qvafwoDMn\n" - "9bcdkuWWnHNS1p/WyI6xAgMBAAGjQjBAMBEGCCsGAQUFBwEYBAUwAwIBBTAMBgNV\n" - "HRMBAf8EAjAAMB0GA1UdDgQWBBRTSzvcXshETAIgvzlIb0z+zSVSEDANBgkqhkiG\n" - "9w0BAQsFAAOBgQB+VcJuLPL2PMog0HZ8RRbqVvLU5d209ROg3s1oXUBFW8+AV+71\n" - "CsHg9Xx7vqKVwyKGI9ghds1B44lNPxGH2Sk1v2czjKbzwujo9+kLnDS6i0jyrDdn\n" - "um4ivpkwmlUFSQVXvENLwe9gTlIgN4+0I9WLcMTCDtHWkcxMRwCm2BMsXw==\n" - "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICBzCCAXCgAwIBAgIMVpjt8TL5Io/frpvkMA0GCSqGSIb3DQEBCwUAMCIxIDAe\n" + "BgNVBAMTF0dudVRMUyB0ZXN0IGNlcnRpZmljYXRlMB4XDTE2MDExNTEzMDI0MVoX\n" + "DTMyMDYxOTEzMDI0MVowIjEgMB4GA1UEAxMXR251VExTIHRlc3QgY2VydGlmaWNh\n" + "dGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANe6XK+jDPAuqSdWqlOOqOt/\n" + "gXVMa5i+Suq3HvhLw2rE2g0AuOpMEx82FpPecu/GpF6ybrbKCohVdZCW7aZXvAw7\n" + "dg2XHr3p7H/Tqez7hWSga6BIznd+c5wxE/89yK6lYG7Ztoxamm+2vp9qvafwoDMn\n" + "9bcdkuWWnHNS1p/WyI6xAgMBAAGjQjBAMBEGCCsGAQUFBwEYBAUwAwIBBTAMBgNV\n" + "HRMBAf8EAjAAMB0GA1UdDgQWBBRTSzvcXshETAIgvzlIb0z+zSVSEDANBgkqhkiG\n" + "9w0BAQsFAAOBgQB+VcJuLPL2PMog0HZ8RRbqVvLU5d209ROg3s1oXUBFW8+AV+71\n" + "CsHg9Xx7vqKVwyKGI9ghds1B44lNPxGH2Sk1v2czjKbzwujo9+kLnDS6i0jyrDdn\n" + "um4ivpkwmlUFSQVXvENLwe9gTlIgN4+0I9WLcMTCDtHWkcxMRwCm2BMsXw==\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; void doit(void) { diff --git a/tests/tlsfeature-ext.c b/tests/tlsfeature-ext.c index 71c0fd022d..31a402dff1 100644 --- a/tests/tlsfeature-ext.c +++ b/tests/tlsfeature-ext.c @@ -18,7 +18,7 @@ */ #ifdef HAVE_CONFIG_H -# include "config.h" +#include "config.h" #endif #include @@ -30,31 +30,31 @@ #include "utils.h" unsigned char der_feat_long[] = - "\x30\x82\x01\x80\x02\x01\x00\x02\x01\x01\x02\x01\x02\x02\x01\x03" - "\x02\x01\x04\x02\x01\x05\x02\x01\x06\x02\x01\x07\x02\x01\x08\x02" - "\x01\x09\x02\x01\x0A\x02\x01\x0B\x02\x01\x0C\x02\x01\x0D\x02\x01" - "\x0E\x02\x01\x0F\x02\x01\x10\x02\x01\x11\x02\x01\x12\x02\x01\x13" - "\x02\x01\x14\x02\x01\x15\x02\x01\x16\x02\x01\x17\x02\x01\x18\x02" - "\x01\x19\x02\x01\x1A\x02\x01\x1B\x02\x01\x1C\x02\x01\x1D\x02\x01" - "\x1E\x02\x01\x1F\x02\x01\x20\x02\x01\x21\x02\x01\x22\x02\x01\x23" - "\x02\x01\x24\x02\x01\x25\x02\x01\x26\x02\x01\x27\x02\x01\x28\x02" - "\x01\x29\x02\x01\x2A\x02\x01\x2B\x02\x01\x2C\x02\x01\x2D\x02\x01" - "\x2E\x02\x01\x2F\x02\x01\x30\x02\x01\x31\x02\x01\x32\x02\x01\x33" - "\x02\x01\x34\x02\x01\x35\x02\x01\x36\x02\x01\x37\x02\x01\x38\x02" - "\x01\x39\x02\x01\x3A\x02\x01\x3B\x02\x01\x3C\x02\x01\x3D\x02\x01" - "\x3E\x02\x01\x3F\x02\x01\x40\x02\x01\x41\x02\x01\x42\x02\x01\x43" - "\x02\x01\x44\x02\x01\x45\x02\x01\x46\x02\x01\x47\x02\x01\x48\x02" - "\x01\x49\x02\x01\x4A\x02\x01\x4B\x02\x01\x4C\x02\x01\x4D\x02\x01" - "\x4E\x02\x01\x4F\x02\x01\x50\x02\x01\x51\x02\x01\x52\x02\x01\x53" - "\x02\x01\x54\x02\x01\x55\x02\x01\x56\x02\x01\x57\x02\x01\x58\x02" - "\x01\x59\x02\x01\x5A\x02\x01\x5B\x02\x01\x5C\x02\x01\x5D\x02\x01" - "\x5E\x02\x01\x5F\x02\x01\x60\x02\x01\x61\x02\x01\x62\x02\x01\x63" - "\x02\x01\x64\x02\x01\x65\x02\x01\x66\x02\x01\x67\x02\x01\x68\x02" - "\x01\x69\x02\x01\x6A\x02\x01\x6B\x02\x01\x6C\x02\x01\x6D\x02\x01" - "\x6E\x02\x01\x6F\x02\x01\x70\x02\x01\x71\x02\x01\x72\x02\x01\x73" - "\x02\x01\x74\x02\x01\x75\x02\x01\x76\x02\x01\x77\x02\x01\x78\x02" - "\x01\x79\x02\x01\x7A\x02\x01\x7B\x02\x01\x7C\x02\x01\x7D\x02\x01" - "\x7E\x02\x01\x7F"; + "\x30\x82\x01\x80\x02\x01\x00\x02\x01\x01\x02\x01\x02\x02\x01\x03" + "\x02\x01\x04\x02\x01\x05\x02\x01\x06\x02\x01\x07\x02\x01\x08\x02" + "\x01\x09\x02\x01\x0A\x02\x01\x0B\x02\x01\x0C\x02\x01\x0D\x02\x01" + "\x0E\x02\x01\x0F\x02\x01\x10\x02\x01\x11\x02\x01\x12\x02\x01\x13" + "\x02\x01\x14\x02\x01\x15\x02\x01\x16\x02\x01\x17\x02\x01\x18\x02" + "\x01\x19\x02\x01\x1A\x02\x01\x1B\x02\x01\x1C\x02\x01\x1D\x02\x01" + "\x1E\x02\x01\x1F\x02\x01\x20\x02\x01\x21\x02\x01\x22\x02\x01\x23" + "\x02\x01\x24\x02\x01\x25\x02\x01\x26\x02\x01\x27\x02\x01\x28\x02" + "\x01\x29\x02\x01\x2A\x02\x01\x2B\x02\x01\x2C\x02\x01\x2D\x02\x01" + "\x2E\x02\x01\x2F\x02\x01\x30\x02\x01\x31\x02\x01\x32\x02\x01\x33" + "\x02\x01\x34\x02\x01\x35\x02\x01\x36\x02\x01\x37\x02\x01\x38\x02" + "\x01\x39\x02\x01\x3A\x02\x01\x3B\x02\x01\x3C\x02\x01\x3D\x02\x01" + "\x3E\x02\x01\x3F\x02\x01\x40\x02\x01\x41\x02\x01\x42\x02\x01\x43" + "\x02\x01\x44\x02\x01\x45\x02\x01\x46\x02\x01\x47\x02\x01\x48\x02" + "\x01\x49\x02\x01\x4A\x02\x01\x4B\x02\x01\x4C\x02\x01\x4D\x02\x01" + "\x4E\x02\x01\x4F\x02\x01\x50\x02\x01\x51\x02\x01\x52\x02\x01\x53" + "\x02\x01\x54\x02\x01\x55\x02\x01\x56\x02\x01\x57\x02\x01\x58\x02" + "\x01\x59\x02\x01\x5A\x02\x01\x5B\x02\x01\x5C\x02\x01\x5D\x02\x01" + "\x5E\x02\x01\x5F\x02\x01\x60\x02\x01\x61\x02\x01\x62\x02\x01\x63" + "\x02\x01\x64\x02\x01\x65\x02\x01\x66\x02\x01\x67\x02\x01\x68\x02" + "\x01\x69\x02\x01\x6A\x02\x01\x6B\x02\x01\x6C\x02\x01\x6D\x02\x01" + "\x6E\x02\x01\x6F\x02\x01\x70\x02\x01\x71\x02\x01\x72\x02\x01\x73" + "\x02\x01\x74\x02\x01\x75\x02\x01\x76\x02\x01\x77\x02\x01\x78\x02" + "\x01\x79\x02\x01\x7A\x02\x01\x7B\x02\x01\x7C\x02\x01\x7D\x02\x01" + "\x7E\x02\x01\x7F"; static gnutls_datum_t der_long = { der_feat_long, sizeof(der_feat_long) - 1 }; diff --git a/tests/trust-store.c b/tests/trust-store.c index 6490bed273..4f81abcd80 100644 --- a/tests/trust-store.c +++ b/tests/trust-store.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include diff --git a/tests/trustdb-tofu.c b/tests/trustdb-tofu.c index f26d388805..b88b849063 100644 --- a/tests/trustdb-tofu.c +++ b/tests/trustdb-tofu.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -41,46 +41,48 @@ static void tls_log_func(int level, const char *str) } static unsigned char tofu_server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t tofu_server_cert = { tofu_server_cert_pem, - sizeof(tofu_server_cert_pem) -}; + sizeof(tofu_server_cert_pem) }; static char client_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" - "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" - "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" - "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" - "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" - "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" - "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" - "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" - "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" - "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" - "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" + "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" + "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" + "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" + "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" + "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" + "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" + "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" + "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" + "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" + "dc8Siq5JojruiMizAf0pA7in\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t client_cert = { (void *)client_pem, sizeof(client_pem) }; #define TMP_FILE "mini-tdb.tmp" #define HOSTS_DIR ".gnutls/" -#define HOSTS_FILE HOSTS_DIR"known_hosts" +#define HOSTS_FILE HOSTS_DIR "known_hosts" -#define SHA1_HASH "\x53\x4b\x3b\xdc\x5e\xc8\x44\x4c\x02\x20\xbf\x39\x48\x6f\x4c\xfe\xcd\x25\x52\x10" +#define SHA1_HASH \ + "\x53\x4b\x3b\xdc\x5e\xc8\x44\x4c\x02\x20\xbf\x39\x48\x6f\x4c\xfe\xcd\x25\x52\x10" void doit(void) { @@ -101,33 +103,29 @@ void doit(void) gnutls_global_set_log_level(2); // X.509 certificates - ret = - gnutls_pem_base64_decode_alloc("CERTIFICATE", &tofu_server_cert, - &der_cert); + ret = gnutls_pem_base64_decode_alloc("CERTIFICATE", &tofu_server_cert, + &der_cert); if (ret < 0) { fail("base64 decoding\n"); goto fail; } - ret = - gnutls_pem_base64_decode_alloc("CERTIFICATE", &client_cert, - &der_cert2); + ret = gnutls_pem_base64_decode_alloc("CERTIFICATE", &client_cert, + &der_cert2); if (ret < 0) { fail("base64 decoding\n"); goto fail; } // Raw public keys - ret = - gnutls_pem_base64_decode_alloc("PUBLIC KEY", &rawpk_public_key1, - &der_rawpk); + ret = gnutls_pem_base64_decode_alloc("PUBLIC KEY", &rawpk_public_key1, + &der_rawpk); if (ret < 0) { fail("base64 decoding\n"); goto fail; } - ret = - gnutls_pem_base64_decode_alloc("PUBLIC KEY", &rawpk_public_key2, - &der_rawpk2); + ret = gnutls_pem_base64_decode_alloc("PUBLIC KEY", &rawpk_public_key2, + &der_rawpk2); if (ret < 0) { fail("base64 decoding\n"); goto fail; @@ -148,9 +146,8 @@ void doit(void) if (debug) success("Commitment storage: passed\n"); - ret = - gnutls_verify_stored_pubkey(TMP_FILE, NULL, "localhost", - "https", GNUTLS_CRT_X509, &der_cert, 0); + ret = gnutls_verify_stored_pubkey(TMP_FILE, NULL, "localhost", "https", + GNUTLS_CRT_X509, &der_cert, 0); remove(TMP_FILE); if (ret != 0) { @@ -161,7 +158,7 @@ void doit(void) if (debug) success("Commitment verification: passed\n"); - /* Verify access to home dir */ + /* Verify access to home dir */ #ifndef _WIN32 setenv("HOME", getcwd(path, sizeof(path)), 1); @@ -177,9 +174,8 @@ void doit(void) if (debug) success("Commitment storage: passed\n"); - ret = - gnutls_verify_stored_pubkey(NULL, NULL, "localhost", - "https", GNUTLS_CRT_X509, &der_cert, 0); + ret = gnutls_verify_stored_pubkey(NULL, NULL, "localhost", "https", + GNUTLS_CRT_X509, &der_cert, 0); if (ret != 0) { fail("commitment verification: %s\n", gnutls_strerror(ret)); @@ -202,19 +198,16 @@ void doit(void) if (debug) success("Public key storage (from cert): passed\n"); - ret = - gnutls_verify_stored_pubkey(TMP_FILE, NULL, "localhost", - "https", GNUTLS_CRT_X509, &der_cert, 0); + ret = gnutls_verify_stored_pubkey(TMP_FILE, NULL, "localhost", "https", + GNUTLS_CRT_X509, &der_cert, 0); if (ret != 0) { fail("pubkey verification (from cert): %s\n", gnutls_strerror(ret)); goto fail; } - ret = - gnutls_verify_stored_pubkey(TMP_FILE, NULL, "localhost", - "https", GNUTLS_CRT_X509, - &der_cert2, 0); + ret = gnutls_verify_stored_pubkey(TMP_FILE, NULL, "localhost", "https", + GNUTLS_CRT_X509, &der_cert2, 0); if (ret == 0) { fail("verification succeeded when shouldn't!\n"); goto fail; @@ -238,20 +231,16 @@ void doit(void) if (debug) success("Public key storage (from raw pk): passed\n"); - ret = - gnutls_verify_stored_pubkey(TMP_FILE, NULL, "localhost", - "https", GNUTLS_CRT_RAWPK, - &der_rawpk, 0); + ret = gnutls_verify_stored_pubkey(TMP_FILE, NULL, "localhost", "https", + GNUTLS_CRT_RAWPK, &der_rawpk, 0); if (ret != 0) { fail("pubkey verification (from raw pk): %s\n", gnutls_strerror(ret)); goto fail; } - ret = - gnutls_verify_stored_pubkey(TMP_FILE, NULL, "localhost", - "https", GNUTLS_CRT_RAWPK, - &der_rawpk2, 0); + ret = gnutls_verify_stored_pubkey(TMP_FILE, NULL, "localhost", "https", + GNUTLS_CRT_RAWPK, &der_rawpk2, 0); if (ret == 0) { fail("verification succeeded when shouldn't!\n"); goto fail; @@ -275,7 +264,7 @@ void doit(void) gnutls_free(der_rawpk2.data); return; - fail: +fail: remove(HOSTS_FILE); remove(TMP_FILE); rmdir(HOSTS_DIR); diff --git a/tests/urls.c b/tests/urls.c index 821f08f868..a2a5cfd450 100644 --- a/tests/urls.c +++ b/tests/urls.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include diff --git a/tests/utils-adv.c b/tests/utils-adv.c index 4f915a919a..d439cbb2e4 100644 --- a/tests/utils-adv.c +++ b/tests/utils-adv.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -41,14 +41,13 @@ int _gnutls_server_name_set_raw(gnutls_session_t session, const char *side = NULL; /* if @host is NULL certificate check is skipped */ -int -_test_cli_serv(gnutls_certificate_credentials_t server_cred, - gnutls_certificate_credentials_t client_cred, - const char *serv_prio, const char *cli_prio, - const char *host, - void *priv, callback_func * client_cb, callback_func * server_cb, - unsigned expect_verification_failure, - unsigned require_cert, int serv_err, int cli_err) +int _test_cli_serv(gnutls_certificate_credentials_t server_cred, + gnutls_certificate_credentials_t client_cred, + const char *serv_prio, const char *cli_prio, + const char *host, void *priv, callback_func *client_cb, + callback_func *server_cb, + unsigned expect_verification_failure, unsigned require_cert, + int serv_err, int cli_err) { int ret; /* Server stuff. */ @@ -82,14 +81,13 @@ _test_cli_serv(gnutls_certificate_credentials_t server_cred, if (host) { if (strncmp(host, "raw:", 4) == 0) { - assert(_gnutls_server_name_set_raw - (client, GNUTLS_NAME_DNS, host + 4, - strlen(host + 4)) >= 0); + assert(_gnutls_server_name_set_raw( + client, GNUTLS_NAME_DNS, host + 4, + strlen(host + 4)) >= 0); host += 4; } else { - assert(gnutls_server_name_set - (client, GNUTLS_NAME_DNS, host, - strlen(host)) >= 0); + assert(gnutls_server_name_set(client, GNUTLS_NAME_DNS, + host, strlen(host)) >= 0); } } @@ -142,9 +140,10 @@ _test_cli_serv(gnutls_certificate_credentials_t server_cred, if (status != 0) { gnutls_datum_t t; - assert(gnutls_certificate_verification_status_print - (status, GNUTLS_CRT_X509, &t, 0) >= 0); - fail("could not verify certificate for '%s': %.4x: %s\n", host, status, t.data); + assert(gnutls_certificate_verification_status_print( + status, GNUTLS_CRT_X509, &t, 0) >= 0); + fail("could not verify certificate for '%s': %.4x: %s\n", + host, status, t.data); gnutls_free(t.data); exit(1); } @@ -159,8 +158,8 @@ _test_cli_serv(gnutls_certificate_credentials_t server_cred, if (status != 0) { gnutls_datum_t t; - assert(gnutls_certificate_verification_status_print - (status, GNUTLS_CRT_X509, &t, 0) >= 0); + assert(gnutls_certificate_verification_status_print( + status, GNUTLS_CRT_X509, &t, 0) >= 0); fail("could not verify certificate3: %.4x: %s\n", status, t.data); gnutls_free(t.data); @@ -174,7 +173,7 @@ _test_cli_serv(gnutls_certificate_credentials_t server_cred, gnutls_bye(server, GNUTLS_SHUT_RDWR); ret = 0; - cleanup: +cleanup: if (client_cb) client_cb(client, priv); if (server_cb) @@ -187,20 +186,18 @@ _test_cli_serv(gnutls_certificate_credentials_t server_cred, } /* An expected to succeed run */ -void -test_cli_serv(gnutls_certificate_credentials_t server_cred, - gnutls_certificate_credentials_t client_cred, - const char *prio, const char *host, - void *priv, callback_func * client_cb, callback_func * server_cb) +void test_cli_serv(gnutls_certificate_credentials_t server_cred, + gnutls_certificate_credentials_t client_cred, + const char *prio, const char *host, void *priv, + callback_func *client_cb, callback_func *server_cb) { _test_cli_serv(server_cred, client_cred, prio, prio, host, priv, client_cb, server_cb, 0, 0, 0, 0); } -int -test_cli_serv_anon(gnutls_anon_server_credentials_t server_cred, - gnutls_anon_client_credentials_t client_cred, - const char *prio) +int test_cli_serv_anon(gnutls_anon_server_credentials_t server_cred, + gnutls_anon_client_credentials_t client_cred, + const char *prio) { int ret; /* Server stuff. */ @@ -247,9 +244,9 @@ test_cli_serv_anon(gnutls_anon_server_credentials_t server_cred, return ret; } -int -test_cli_serv_psk(gnutls_psk_server_credentials_t server_cred, - gnutls_psk_client_credentials_t client_cred, const char *prio) +int test_cli_serv_psk(gnutls_psk_server_credentials_t server_cred, + gnutls_psk_client_credentials_t client_cred, + const char *prio) { int ret; /* Server stuff. */ @@ -296,31 +293,28 @@ test_cli_serv_psk(gnutls_psk_server_credentials_t server_cred, return ret; } -void -test_cli_serv_cert(gnutls_certificate_credentials_t server_cred, - gnutls_certificate_credentials_t client_cred, - const char *serv_prio, const char *cli_prio, - const char *host) +void test_cli_serv_cert(gnutls_certificate_credentials_t server_cred, + gnutls_certificate_credentials_t client_cred, + const char *serv_prio, const char *cli_prio, + const char *host) { _test_cli_serv(server_cred, client_cred, serv_prio, cli_prio, host, NULL, NULL, NULL, 0, 1, 0, 0); } -void -test_cli_serv_expect(gnutls_certificate_credentials_t server_cred, - gnutls_certificate_credentials_t client_cred, - const char *serv_prio, const char *cli_prio, - const char *host, int serv_err, int cli_err) +void test_cli_serv_expect(gnutls_certificate_credentials_t server_cred, + gnutls_certificate_credentials_t client_cred, + const char *serv_prio, const char *cli_prio, + const char *host, int serv_err, int cli_err) { _test_cli_serv(server_cred, client_cred, serv_prio, cli_prio, host, NULL, NULL, NULL, 0, 0, serv_err, cli_err); } /* An expected to fail verification run. Returns verification status */ -unsigned -test_cli_serv_vf(gnutls_certificate_credentials_t server_cred, - gnutls_certificate_credentials_t client_cred, - const char *prio, const char *host) +unsigned test_cli_serv_vf(gnutls_certificate_credentials_t server_cred, + gnutls_certificate_credentials_t client_cred, + const char *prio, const char *host) { return _test_cli_serv(server_cred, client_cred, prio, prio, host, NULL, NULL, NULL, 1, 0, 0, 0); diff --git a/tests/utils.c b/tests/utils.c index 66fc7f7897..00bada578e 100644 --- a/tests/utils.c +++ b/tests/utils.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -31,12 +31,12 @@ #include #include #ifndef _WIN32 -# include -# include -# include +#include +#include +#include #else -# include /* for Sleep */ -# include +#include /* for Sleep */ +#include #endif #include @@ -52,38 +52,39 @@ int break_on_error = 0; /* doc/credentials/dhparams/rfc3526-group-14-2048.pem */ const char *pkcs3 = - "-----BEGIN DH PARAMETERS-----\n" - "MIIBCAKCAQEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb\n" - "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft\n" - "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT\n" - "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh\n" - "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq\n" - "5RXSJhiY+gUQFXKOWoqsqmj//////////wIBAg==\n" - "-----END DH PARAMETERS-----\n"; + "-----BEGIN DH PARAMETERS-----\n" + "MIIBCAKCAQEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb\n" + "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft\n" + "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT\n" + "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh\n" + "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq\n" + "5RXSJhiY+gUQFXKOWoqsqmj//////////wIBAg==\n" + "-----END DH PARAMETERS-----\n"; /* doc/credentials/dhparams/rfc7919-ffdhe2048.pem */ const char *pkcs3_2048 = - "-----BEGIN DH PARAMETERS-----\n" - "MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz\n" - "+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a\n" - "87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7\n" - "YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi\n" - "7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD\n" - "ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg==\n" - "-----END DH PARAMETERS-----\n"; + "-----BEGIN DH PARAMETERS-----\n" + "MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz\n" + "+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a\n" + "87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7\n" + "YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi\n" + "7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD\n" + "ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg==\n" + "-----END DH PARAMETERS-----\n"; /* doc/credentials/dhparams/rfc7919-ffdhe3072.pem */ const char *pkcs3_3072 = - "-----BEGIN DH PARAMETERS-----\n" - "MIIBiAKCAYEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz\n" - "+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a\n" - "87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7\n" - "YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi\n" - "7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD\n" - "ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3\n" - "7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32\n" - "nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZsYu\n" - "N///////////AgEC\n" "-----END DH PARAMETERS-----\n"; + "-----BEGIN DH PARAMETERS-----\n" + "MIIBiAKCAYEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz\n" + "+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a\n" + "87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7\n" + "YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi\n" + "7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD\n" + "ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3\n" + "7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32\n" + "nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZsYu\n" + "N///////////AgEC\n" + "-----END DH PARAMETERS-----\n"; void _fail(const char *format, ...) { @@ -161,8 +162,8 @@ void escapeprint(const char *str, size_t len) for (i = 0; i < len; i++) { if (((str[i] & 0xFF) >= 'A' && (str[i] & 0xFF) <= 'Z') || ((str[i] & 0xFF) >= 'a' && (str[i] & 0xFF) <= 'z') || - ((str[i] & 0xFF) >= '0' && (str[i] & 0xFF) <= '9') - || (str[i] & 0xFF) == ' ' || (str[i] & 0xFF) == '.') + ((str[i] & 0xFF) >= '0' && (str[i] & 0xFF) <= '9') || + (str[i] & 0xFF) == ' ' || (str[i] & 0xFF) == '.') printf("%c", (str[i] & 0xFF)); else printf("\\x%02X", (str[i] & 0xFF)); @@ -208,8 +209,7 @@ void binprint(const void *_str, size_t len) printf("\t;; "); for (i = 0; i < len; i++) { - printf("%d%d%d%d%d%d%d%d ", - (str[i] & 0xFF) & 0x80 ? 1 : 0, + printf("%d%d%d%d%d%d%d%d ", (str[i] & 0xFF) & 0x80 ? 1 : 0, (str[i] & 0xFF) & 0x40 ? 1 : 0, (str[i] & 0xFF) & 0x20 ? 1 : 0, (str[i] & 0xFF) & 0x10 ? 1 : 0, @@ -237,12 +237,11 @@ int main(int argc, char *argv[]) else if (strcmp(argv[argc - 1], "-h") == 0 || strcmp(argv[argc - 1], "-?") == 0 || strcmp(argv[argc - 1], "--help") == 0) { - printf - ("Usage: %s [-vbh?] [--verbose] [--break-on-error] [--help]\n", - argv[0]); + printf("Usage: %s [-vbh?] [--verbose] [--break-on-error] [--help]\n", + argv[0]); return 1; } - while (argc-- > 1) ; + while (argc-- > 1); doit(); diff --git a/tests/utils.h b/tests/utils.h index 0c228060e9..92c473fa7f 100644 --- a/tests/utils.h +++ b/tests/utils.h @@ -21,45 +21,45 @@ */ #ifndef GNUTLS_TESTS_UTILS_H -# define GNUTLS_TESTS_UTILS_H - -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include - -# ifndef __attribute__ -# if __GNUC__ < 2 || (__GNUC__ == 2 && __GNUC_MINOR__ < 5) -# define __attribute__(Spec) /* empty */ -# endif -# endif - -# ifdef NDEBUG -# error tests cannot be compiled with NDEBUG defined -# endif - -# ifndef FALLTHROUGH -# if _GNUTLS_GCC_VERSION >= 70100 -# define FALLTHROUGH __attribute__ ((fallthrough)) -# else -# define FALLTHROUGH -# endif -# endif +#define GNUTLS_TESTS_UTILS_H + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#ifndef __attribute__ +#if __GNUC__ < 2 || (__GNUC__ == 2 && __GNUC_MINOR__ < 5) +#define __attribute__(Spec) /* empty */ +#endif +#endif + +#ifdef NDEBUG +#error tests cannot be compiled with NDEBUG defined +#endif + +#ifndef FALLTHROUGH +#if _GNUTLS_GCC_VERSION >= 70100 +#define FALLTHROUGH __attribute__((fallthrough)) +#else +#define FALLTHROUGH +#endif +#endif /* number of elements within an array */ -# define countof(a) (sizeof(a)/sizeof(*(a))) +#define countof(a) (sizeof(a) / sizeof(*(a))) inline static int global_init(void) { -# ifdef ENABLE_PKCS11 +#ifdef ENABLE_PKCS11 gnutls_pkcs11_init(GNUTLS_PKCS11_FLAG_MANUAL, NULL); -# endif +#endif return gnutls_global_init(); } @@ -71,22 +71,20 @@ extern const char *pkcs3; extern const char *pkcs3_2048; extern const char *pkcs3_3072; -# define fail(format, ...) \ - _fail("%s:%d: "format, __func__, __LINE__, ##__VA_ARGS__) +#define fail(format, ...) \ + _fail("%s:%d: " format, __func__, __LINE__, ##__VA_ARGS__) -extern void _fail(const char *format, ...) - __attribute__((format(printf, 1, 2))) __attribute__((__noreturn__)); +extern void _fail(const char *format, ...) __attribute__((format(printf, 1, 2))) +__attribute__((__noreturn__)); extern void fail_ignore(const char *format, ...) - __attribute__((format(printf, 1, 2))) __attribute__((__noreturn__)); + __attribute__((format(printf, 1, 2))) __attribute__((__noreturn__)); extern void success(const char *format, ...) - __attribute__((format(printf, 1, 2))); + __attribute__((format(printf, 1, 2))); /* assumes test_name is defined */ -# define test_fail(fmt, ...) \ - fail("%s: "fmt, test_name, ##__VA_ARGS__) +#define test_fail(fmt, ...) fail("%s: " fmt, test_name, ##__VA_ARGS__) -# define test_success(fmt, ...) \ - success("%s: "fmt, test_name, ##__VA_ARGS__) +#define test_success(fmt, ...) success("%s: " fmt, test_name, ##__VA_ARGS__) extern void c_print(const unsigned char *str, size_t len); extern void escapeprint(const char *str, size_t len); @@ -95,53 +93,46 @@ extern void binprint(const void *str, size_t len); int disable_system_calls(void); void sec_sleep(int sec); -int -test_cli_serv_anon(gnutls_anon_server_credentials_t server_cred, - gnutls_anon_client_credentials_t client_cred, - const char *prio); +int test_cli_serv_anon(gnutls_anon_server_credentials_t server_cred, + gnutls_anon_client_credentials_t client_cred, + const char *prio); -int -test_cli_serv_psk(gnutls_psk_server_credentials_t server_cred, - gnutls_psk_client_credentials_t client_cred, - const char *prio); +int test_cli_serv_psk(gnutls_psk_server_credentials_t server_cred, + gnutls_psk_client_credentials_t client_cred, + const char *prio); typedef void callback_func(gnutls_session_t, void *priv); void test_cli_serv(gnutls_certificate_credentials_t server_cred, gnutls_certificate_credentials_t client_cred, - const char *prio, const char *host, - void *priv, - callback_func * client_cb, callback_func * server_cb); - -int -_test_cli_serv(gnutls_certificate_credentials_t server_cred, - gnutls_certificate_credentials_t client_cred, - const char *serv_prio, const char *cli_prio, - const char *host, - void *priv, callback_func * client_cb, callback_func * server_cb, - unsigned expect_verification_failure, - unsigned require_cert, int serv_err, int cli_err); + const char *prio, const char *host, void *priv, + callback_func *client_cb, callback_func *server_cb); -void print_dh_params_info(gnutls_session_t); - -void -test_cli_serv_cert(gnutls_certificate_credentials_t server_cred, +int _test_cli_serv(gnutls_certificate_credentials_t server_cred, gnutls_certificate_credentials_t client_cred, const char *serv_prio, const char *cli_prio, - const char *host); + const char *host, void *priv, callback_func *client_cb, + callback_func *server_cb, + unsigned expect_verification_failure, unsigned require_cert, + int serv_err, int cli_err); + +void print_dh_params_info(gnutls_session_t); + +void test_cli_serv_cert(gnutls_certificate_credentials_t server_cred, + gnutls_certificate_credentials_t client_cred, + const char *serv_prio, const char *cli_prio, + const char *host); -void -test_cli_serv_expect(gnutls_certificate_credentials_t server_cred, - gnutls_certificate_credentials_t client_cred, - const char *serv_prio, const char *cli_prio, - const char *host, int serv_err, int cli_err); +void test_cli_serv_expect(gnutls_certificate_credentials_t server_cred, + gnutls_certificate_credentials_t client_cred, + const char *serv_prio, const char *cli_prio, + const char *host, int serv_err, int cli_err); /* verification failed */ -unsigned -test_cli_serv_vf(gnutls_certificate_credentials_t server_cred, - gnutls_certificate_credentials_t client_cred, - const char *prio, const char *host); +unsigned test_cli_serv_vf(gnutls_certificate_credentials_t server_cred, + gnutls_certificate_credentials_t client_cred, + const char *prio, const char *host); -# define TMPNAME_SIZE 128 +#define TMPNAME_SIZE 128 char *get_tmpname(char s[TMPNAME_SIZE]); void track_temp_files(void); void delete_temp_files(void); @@ -154,7 +145,7 @@ extern void doit(void); /* calls fail() if status indicates an error */ inline static void _check_wait_status(int status, unsigned sigonly) { -# if defined WEXITSTATUS && defined WIFSIGNALED +#if defined WEXITSTATUS && defined WIFSIGNALED if (WEXITSTATUS(status) != 0 || (WIFSIGNALED(status) && WTERMSIG(status) != SIGTERM)) { if (WIFSIGNALED(status)) { @@ -168,7 +159,7 @@ inline static void _check_wait_status(int status, unsigned sigonly) } } } -# endif +#endif } inline static void check_wait_status(int status) @@ -211,8 +202,8 @@ inline static unsigned int get_dtls_retransmit_timeout(void) return (unsigned int)ul; } -static inline const char -*fips_operation_state_to_string(gnutls_fips140_operation_state_t state) +static inline const char * +fips_operation_state_to_string(gnutls_fips140_operation_state_t state) { switch (state) { case GNUTLS_FIPS140_OP_INITIAL: @@ -224,7 +215,7 @@ static inline const char case GNUTLS_FIPS140_OP_ERROR: return "ERROR"; default: - /*NOTREACHED*/ assert(0); + /*NOTREACHED*/ assert(0); return NULL; } } @@ -264,7 +255,8 @@ fips_pop_context(gnutls_fips140_context_t context, } /* To use those convenient macros, define fips_context variable. */ -# define FIPS_PUSH_CONTEXT() fips_push_context(fips_context) -# define FIPS_POP_CONTEXT(state) fips_pop_context(fips_context, GNUTLS_FIPS140_OP_ ## state) +#define FIPS_PUSH_CONTEXT() fips_push_context(fips_context) +#define FIPS_POP_CONTEXT(state) \ + fips_pop_context(fips_context, GNUTLS_FIPS140_OP_##state) -#endif /* GNUTLS_TESTS_UTILS_H */ +#endif /* GNUTLS_TESTS_UTILS_H */ diff --git a/tests/version-checks.c b/tests/version-checks.c index 1ef1abaa9c..383b64e7b0 100644 --- a/tests/version-checks.c +++ b/tests/version-checks.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -60,8 +60,8 @@ static void try(const char *client_prio, int expected) unsigned dtls = 0; const char *server_prio = "NORMAL:+VERS-TLS-ALL"; - if (expected >= GNUTLS_DTLS_VERSION_MIN - && expected <= GNUTLS_DTLS_VERSION_MAX) { + if (expected >= GNUTLS_DTLS_VERSION_MIN && + expected <= GNUTLS_DTLS_VERSION_MAX) { dtls = 1; /* we do not really do negotiation in that version */ if (expected == GNUTLS_DTLS0_9) @@ -75,9 +75,8 @@ static void try(const char *client_prio, int expected) /* Init server */ gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, + &server_key, GNUTLS_X509_FMT_PEM); if (dtls) flags |= (GNUTLS_DATAGRAM | GNUTLS_NONBLOCK); @@ -98,9 +97,8 @@ static void try(const char *client_prio, int expected) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -135,7 +133,9 @@ static void try(const char *client_prio, int expected) ret = gnutls_protocol_get_version(client); if (ret != expected) { - fail("unexpected negotiated protocol %s (expected %s)\n", gnutls_protocol_get_name(ret), gnutls_protocol_get_name(expected)); + fail("unexpected negotiated protocol %s (expected %s)\n", + gnutls_protocol_get_name(ret), + gnutls_protocol_get_name(expected)); exit(1); } } else { diff --git a/tests/virt-time.h b/tests/virt-time.h index c7d4aada96..928737b825 100644 --- a/tests/virt-time.h +++ b/tests/virt-time.h @@ -20,20 +20,20 @@ */ #ifndef GNUTLS_TESTS_VIRT_TIME_H -# define GNUTLS_TESTS_VIRT_TIME_H +#define GNUTLS_TESTS_VIRT_TIME_H -# ifdef HAVE_CONFIG_H -# include -# endif +#ifdef HAVE_CONFIG_H +#include +#endif -# include -# include +#include +#include /* copied from ../lib/system.h so not to include that header from * every test program */ typedef void (*gnutls_gettime_func)(struct timespec *); -extern void _gnutls_global_set_gettime_function(gnutls_gettime_func - gettime_func); +extern void +_gnutls_global_set_gettime_function(gnutls_gettime_func gettime_func); /* virtualize time in a test. This freezes the time in the test, except for * the advances due to calls to virt_sleep_sec(). This makes the test @@ -41,22 +41,24 @@ extern void _gnutls_global_set_gettime_function(gnutls_gettime_func static time_t _now; static struct timespec _now_ts; -# define virt_sec_sleep(s) { \ - _now += s; \ +#define virt_sec_sleep(s) \ + { \ + _now += s; \ _now_ts.tv_sec += s; \ } -# define virt_time_init_at(d) { \ - _now = (d); \ - gnutls_global_set_time_function(mytime); \ - _now_ts.tv_sec = _now; \ - _now_ts.tv_nsec = 0; \ +#define virt_time_init_at(d) \ + { \ + _now = (d); \ + gnutls_global_set_time_function(mytime); \ + _now_ts.tv_sec = _now; \ + _now_ts.tv_nsec = 0; \ _gnutls_global_set_gettime_function(mygettime); \ } -# define virt_time_init() virt_time_init_at(time(0)) +#define virt_time_init() virt_time_init_at(time(0)) -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { if (t) *t = _now; @@ -70,4 +72,4 @@ static void mygettime(struct timespec *t) *t = _now_ts; } -#endif /* GNUTLS_TESTS_VIRT_TIME_H */ +#endif /* GNUTLS_TESTS_VIRT_TIME_H */ diff --git a/tests/win-certopenstore.c b/tests/win-certopenstore.c index 1dba3e63db..118982c6f4 100644 --- a/tests/win-certopenstore.c +++ b/tests/win-certopenstore.c @@ -25,11 +25,11 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #ifndef _WIN32 -# error "This test shouldn't have been included" +#error "This test shouldn't have been included" #endif #include diff --git a/tests/windows/cng-windows.c b/tests/windows/cng-windows.c index 588f641d9e..9db5699195 100644 --- a/tests/windows/cng-windows.c +++ b/tests/windows/cng-windows.c @@ -25,12 +25,12 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #ifndef _WIN32 -# include +#include void doit(void) { @@ -39,21 +39,21 @@ void doit(void) #else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include "../cert-common.h" -# include "ncrypt-int.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "../cert-common.h" +#include "ncrypt-int.h" static void tls_log_func(int level, const char *str) { @@ -62,34 +62,28 @@ static void tls_log_func(int level, const char *str) /* sha1 hash of "hello" string */ const gnutls_datum_t sha256_hash_data = { - (void *) - "\x2c\xf2\x4d\xba\x5f\xb0\xa3\x0e\x26\xe8" - "\x3b\x2a\xc5\xb9\xe2\x9e\x1b\x16\x1e\x5c" - "\x1f\xa7\x42\x5e\x73\x04\x33\x62\x93\x8b" "\x98\x24", + (void *)"\x2c\xf2\x4d\xba\x5f\xb0\xa3\x0e\x26\xe8" + "\x3b\x2a\xc5\xb9\xe2\x9e\x1b\x16\x1e\x5c" + "\x1f\xa7\x42\x5e\x73\x04\x33\x62\x93\x8b" + "\x98\x24", 32 }; const gnutls_datum_t md5sha1_hash_data = { - (void *) - "\x5d\x41\x40\x2a\xbc\x4b\x2a\x76\xb9\x71\x9d\x91\x10\x17\xc5\x92" - "\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", + (void *)"\x5d\x41\x40\x2a\xbc\x4b\x2a\x76\xb9\x71\x9d\x91\x10\x17\xc5\x92" + "\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", 36 }; const gnutls_datum_t invalid_hash_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xca\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x2c\xb9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xca\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x2c\xb9\xae\xa9\x43\x4d", 20 }; -const gnutls_datum_t raw_data = { - (void *)"hello", - 5 -}; +const gnutls_datum_t raw_data = { (void *)"hello", 5 }; -static -void test_sig(void) +static void test_sig(void) { gnutls_pubkey_t pubkey; gnutls_privkey_t privkey; @@ -101,45 +95,40 @@ void test_sig(void) assert_int_nequal(gnutls_privkey_init(&privkey), 0); - assert_int_nequal(gnutls_privkey_import_url - (privkey, "system:win:id=123456", 0), 0); + assert_int_nequal(gnutls_privkey_import_url(privkey, + "system:win:id=123456", 0), + 0); - assert_int_nequal(gnutls_pubkey_import_x509_raw - (pubkey, &cert_dat, GNUTLS_X509_FMT_PEM, 0), 0); + assert_int_nequal(gnutls_pubkey_import_x509_raw(pubkey, &cert_dat, + GNUTLS_X509_FMT_PEM, 0), + 0); assert_int_nequal(gnutls_privkey_sign_hash(privkey, GNUTLS_DIG_SHA256, 0, &sha256_hash_data, - &signature), 0); + &signature), + 0); - ret = - gnutls_pubkey_verify_hash2(pubkey, - sign_algo, 0, - &sha256_hash_data, &signature); + ret = gnutls_pubkey_verify_hash2(pubkey, sign_algo, 0, + &sha256_hash_data, &signature); assert(ret >= 0); /* should fail */ - ret = - gnutls_pubkey_verify_hash2(pubkey, - sign_algo, 0, - &invalid_hash_data, &signature); + ret = gnutls_pubkey_verify_hash2(pubkey, sign_algo, 0, + &invalid_hash_data, &signature); assert(ret == GNUTLS_E_PK_SIG_VERIFY_FAILED); gnutls_free(signature.data); signature.data = NULL; /* test the raw interface (MD5+SHA1) */ - ret = - gnutls_privkey_sign_hash(privkey, - 0, - GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, - &md5sha1_hash_data, &signature); + ret = gnutls_privkey_sign_hash(privkey, 0, + GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, + &md5sha1_hash_data, &signature); assert(ret >= 0); - ret = - gnutls_pubkey_verify_hash2(pubkey, - 0, - GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, - &md5sha1_hash_data, &signature); + ret = gnutls_pubkey_verify_hash2(pubkey, 0, + GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, + &md5sha1_hash_data, &signature); assert(ret >= 0); gnutls_free(signature.data); @@ -147,23 +136,18 @@ void test_sig(void) /* test the raw interface DigestInfo */ - ret = - gnutls_encode_ber_digest_info(GNUTLS_DIG_SHA256, &sha256_hash_data, - &digest_info); + ret = gnutls_encode_ber_digest_info(GNUTLS_DIG_SHA256, + &sha256_hash_data, &digest_info); assert(ret >= 0); - ret = - gnutls_privkey_sign_hash(privkey, - 0, - GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, - &digest_info, &signature); + ret = gnutls_privkey_sign_hash(privkey, 0, + GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, + &digest_info, &signature); assert(ret >= 0); - ret = - gnutls_pubkey_verify_hash2(pubkey, - 0, - GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, - &digest_info, &signature); + ret = gnutls_pubkey_verify_hash2(pubkey, 0, + GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, + &digest_info, &signature); assert(ret >= 0); gnutls_free(signature.data); diff --git a/tests/windows/crypt32.c b/tests/windows/crypt32.c index c2296e2f0d..bd98fba23d 100644 --- a/tests/windows/crypt32.c +++ b/tests/windows/crypt32.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #undef DECLSPEC_IMPORT @@ -41,43 +41,39 @@ #include "ncrypt-int.h" #include -#define VALID_PTR (void*)0x0001 +#define VALID_PTR (void *)0x0001 /* This is dummy crypt32 replacement with stub functions. It pretends * to load the key store and find a single certificate in the store * of which it will return some arbitrary but valid values in CertGetCertificateContextProperty. */ -__declspec(dllexport) -HCERTSTORE WINAPI CertOpenSystemStore(HCRYPTPROV_LEGACY hprov, - LPCSTR szSubsystemProtocol) +__declspec(dllexport) HCERTSTORE WINAPI + CertOpenSystemStore(HCRYPTPROV_LEGACY hprov, LPCSTR szSubsystemProtocol) { return VALID_PTR; } -__declspec(dllexport) -HCERTSTORE WINAPI CertOpenStore(LPCSTR lpszStoreProvider, DWORD dwEncodingType, - HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, - const void *pvPara) +__declspec(dllexport) HCERTSTORE WINAPI + CertOpenStore(LPCSTR lpszStoreProvider, DWORD dwEncodingType, + HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, + const void *pvPara) { return VALID_PTR; } -__declspec(dllexport) -BOOL WINAPI CertCloseStore(HCERTSTORE hCertStore, DWORD dwFlags) +__declspec(dllexport) BOOL WINAPI + CertCloseStore(HCERTSTORE hCertStore, DWORD dwFlags) { assert_int_nequal(hCertStore, VALID_PTR); return 1; } -__declspec(dllexport) -PCCERT_CONTEXT WINAPI CertFindCertificateInStore(HCERTSTORE hCertStore, - DWORD dwCertEncodingType, - DWORD dwFindFlags, - DWORD dwFindType, - const void *pvFindPara, - PCCERT_CONTEXT - pPrevCertContext) +__declspec(dllexport) PCCERT_CONTEXT WINAPI + CertFindCertificateInStore(HCERTSTORE hCertStore, + DWORD dwCertEncodingType, DWORD dwFindFlags, + DWORD dwFindType, const void *pvFindPara, + PCCERT_CONTEXT pPrevCertContext) { //CRYPT_HASH_BLOB *blob = (void*)pvFindPara; @@ -89,10 +85,10 @@ PCCERT_CONTEXT WINAPI CertFindCertificateInStore(HCERTSTORE hCertStore, return VALID_PTR; } -__declspec(dllexport) -BOOL WINAPI CertGetCertificateContextProperty(PCCERT_CONTEXT pCertContext, - DWORD dwPropId, void *pvData, - DWORD * pcbData) +__declspec(dllexport) BOOL WINAPI + CertGetCertificateContextProperty(PCCERT_CONTEXT pCertContext, + DWORD dwPropId, void *pvData, + DWORD *pcbData) { if (dwPropId == CERT_FRIENDLY_NAME_PROP_ID) { *pcbData = snprintf(pvData, *pcbData, "friendly"); @@ -125,95 +121,91 @@ BOOL WINAPI CertGetCertificateContextProperty(PCCERT_CONTEXT pCertContext, return 0; } -__declspec(dllexport) -PCCRL_CONTEXT WINAPI CertEnumCRLsInStore(HCERTSTORE hCertStore, - PCCRL_CONTEXT pPrevCrlContext) +__declspec(dllexport) PCCRL_CONTEXT WINAPI + CertEnumCRLsInStore(HCERTSTORE hCertStore, + PCCRL_CONTEXT pPrevCrlContext) { return NULL; } -__declspec(dllexport) -BOOL WINAPI CertDeleteCertificateFromStore(PCCERT_CONTEXT pCertContext) +__declspec(dllexport) BOOL WINAPI + CertDeleteCertificateFromStore(PCCERT_CONTEXT pCertContext) { return 1; } -__declspec(dllexport) -HCERTSTORE WINAPI PFXImportCertStore(CRYPT_DATA_BLOB * pPFX, LPCWSTR szPassword, - DWORD dwFlags) +__declspec(dllexport) HCERTSTORE WINAPI + PFXImportCertStore(CRYPT_DATA_BLOB *pPFX, LPCWSTR szPassword, + DWORD dwFlags) { return NULL; } -__declspec(dllexport) -PCCERT_CONTEXT WINAPI CertEnumCertificatesInStore(HCERTSTORE hCertStore, - PCCERT_CONTEXT - pPrevCertContext) +__declspec(dllexport) PCCERT_CONTEXT WINAPI + CertEnumCertificatesInStore(HCERTSTORE hCertStore, + PCCERT_CONTEXT pPrevCertContext) { return NULL; } -__declspec(dllexport) -BOOL WINAPI CertFreeCertificateContext(PCCERT_CONTEXT pCertContext) +__declspec(dllexport) BOOL WINAPI + CertFreeCertificateContext(PCCERT_CONTEXT pCertContext) { return 1; } /* These are for CAPI, and are placeholders */ -__declspec(dllexport) -BOOL WINAPI CryptGetProvParam(HCRYPTPROV hProv, DWORD dwParam, - BYTE * pbData, DWORD * pdwDataLen, DWORD dwFlags) +__declspec(dllexport) BOOL WINAPI + CryptGetProvParam(HCRYPTPROV hProv, DWORD dwParam, BYTE *pbData, + DWORD *pdwDataLen, DWORD dwFlags) { return 0; } -__declspec(dllexport) -BOOL WINAPI CryptAcquireContextW(HCRYPTPROV * phProv, LPCWSTR szContainer, - LPCWSTR szProvider, DWORD dwProvType, - DWORD dwFlags) +__declspec(dllexport) BOOL WINAPI + CryptAcquireContextW(HCRYPTPROV *phProv, LPCWSTR szContainer, + LPCWSTR szProvider, DWORD dwProvType, + DWORD dwFlags) { return 0; } -__declspec(dllexport) -BOOL WINAPI CryptDecrypt(HCRYPTKEY hKey, HCRYPTHASH hHash, BOOL Final, - DWORD dwFlags, BYTE * pbData, DWORD * pdwDataLen) +__declspec(dllexport) BOOL WINAPI + CryptDecrypt(HCRYPTKEY hKey, HCRYPTHASH hHash, BOOL Final, + DWORD dwFlags, BYTE *pbData, DWORD *pdwDataLen) { return 0; } -__declspec(dllexport) -BOOL WINAPI CryptDestroyHash(HCRYPTHASH hHash) +__declspec(dllexport) BOOL WINAPI CryptDestroyHash(HCRYPTHASH hHash) { return 1; } -__declspec(dllexport) -BOOL WINAPI CryptSignHash(HCRYPTHASH hHash, - DWORD dwKeySpec, - LPCTSTR sDescription, - DWORD dwFlags, BYTE * pbSignature, DWORD * pdwSigLen) +__declspec(dllexport) BOOL WINAPI + CryptSignHash(HCRYPTHASH hHash, DWORD dwKeySpec, LPCTSTR sDescription, + DWORD dwFlags, BYTE *pbSignature, DWORD *pdwSigLen) { return 0; } -__declspec(dllexport) -BOOL WINAPI CryptGetHashParam(HCRYPTHASH hHash, DWORD dwParam, - BYTE * pbData, DWORD * pdwDataLen, DWORD dwFlags) +__declspec(dllexport) BOOL WINAPI + CryptGetHashParam(HCRYPTHASH hHash, DWORD dwParam, BYTE *pbData, + DWORD *pdwDataLen, DWORD dwFlags) { return 0; } -__declspec(dllexport) -BOOL WINAPI CryptSetHashParam(HCRYPTHASH hHash, DWORD dwParam, - const BYTE * pbData, DWORD dwFlags) +__declspec(dllexport) BOOL WINAPI + CryptSetHashParam(HCRYPTHASH hHash, DWORD dwParam, const BYTE *pbData, + DWORD dwFlags) { return 0; } -__declspec(dllexport) -BOOL WINAPI CryptCreateHash(HCRYPTPROV hProv, ALG_ID Algid, HCRYPTKEY hKey, - DWORD dwFlags, HCRYPTHASH * phHash) +__declspec(dllexport) BOOL WINAPI + CryptCreateHash(HCRYPTPROV hProv, ALG_ID Algid, HCRYPTKEY hKey, + DWORD dwFlags, HCRYPTHASH *phHash) { return 0; } diff --git a/tests/windows/ncrypt-int.h b/tests/windows/ncrypt-int.h index a4762bd8cf..abe18d1e47 100644 --- a/tests/windows/ncrypt-int.h +++ b/tests/windows/ncrypt-int.h @@ -1 +1 @@ -#define assert_int_nequal(x,y) assert((x)==(y)) +#define assert_int_nequal(x, y) assert((x) == (y)) diff --git a/tests/windows/ncrypt.c b/tests/windows/ncrypt.c index bc3e630305..b7d1690652 100644 --- a/tests/windows/ncrypt.c +++ b/tests/windows/ncrypt.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -46,47 +46,43 @@ #define debug_func() fprintf(stderr, "%s: %d\n", __func__, __LINE__); -__declspec(dllexport) -SECURITY_STATUS WINAPI NCryptDeleteKey(NCRYPT_KEY_HANDLE hKey, DWORD dwFlags) +__declspec(dllexport) SECURITY_STATUS WINAPI + NCryptDeleteKey(NCRYPT_KEY_HANDLE hKey, DWORD dwFlags) { debug_func(); return 0; } -__declspec(dllexport) -SECURITY_STATUS WINAPI NCryptOpenStorageProvider(NCRYPT_PROV_HANDLE * - phProvider, - LPCWSTR pszProviderName, - DWORD dwFlags) +__declspec(dllexport) SECURITY_STATUS WINAPI + NCryptOpenStorageProvider(NCRYPT_PROV_HANDLE *phProvider, + LPCWSTR pszProviderName, DWORD dwFlags) { debug_func(); *phProvider = 0; return 0x0000ffff; } -__declspec(dllexport) -SECURITY_STATUS WINAPI NCryptOpenKey(NCRYPT_PROV_HANDLE hProvider, - NCRYPT_KEY_HANDLE * phKey, - LPCWSTR pszKeyName, DWORD dwLegacyKeySpec, - DWORD dwFlags) +__declspec(dllexport) SECURITY_STATUS WINAPI + NCryptOpenKey(NCRYPT_PROV_HANDLE hProvider, NCRYPT_KEY_HANDLE *phKey, + LPCWSTR pszKeyName, DWORD dwLegacyKeySpec, DWORD dwFlags) { gnutls_privkey_t p; debug_func(); assert_int_nequal(gnutls_privkey_init(&p), 0); - assert_int_nequal(gnutls_privkey_import_x509_raw - (p, &key_dat, GNUTLS_X509_FMT_PEM, NULL, 0), 0); + assert_int_nequal(gnutls_privkey_import_x509_raw( + p, &key_dat, GNUTLS_X509_FMT_PEM, NULL, 0), + 0); - *phKey = (NCRYPT_KEY_HANDLE) p; + *phKey = (NCRYPT_KEY_HANDLE)p; return 1; } -__declspec(dllexport) -SECURITY_STATUS WINAPI NCryptGetProperty(NCRYPT_HANDLE hObject, - LPCWSTR pszProperty, PBYTE pbOutput, - DWORD cbOutput, DWORD * pcbResult, - DWORD dwFlags) +__declspec(dllexport) SECURITY_STATUS WINAPI + NCryptGetProperty(NCRYPT_HANDLE hObject, LPCWSTR pszProperty, + PBYTE pbOutput, DWORD cbOutput, DWORD *pcbResult, + DWORD dwFlags) { debug_func(); //assert_int_nequal(pszProperty, NCRYPT_ALGORITHM_PROPERTY); @@ -95,20 +91,19 @@ SECURITY_STATUS WINAPI NCryptGetProperty(NCRYPT_HANDLE hObject, return 1; } -__declspec(dllexport) -SECURITY_STATUS WINAPI NCryptFreeObject(NCRYPT_HANDLE hObject) +__declspec(dllexport) SECURITY_STATUS WINAPI + NCryptFreeObject(NCRYPT_HANDLE hObject) { debug_func(); if (hObject != 0) - gnutls_privkey_deinit((gnutls_privkey_t) hObject); + gnutls_privkey_deinit((gnutls_privkey_t)hObject); return 1; } -__declspec(dllexport) -SECURITY_STATUS WINAPI NCryptDecrypt(NCRYPT_KEY_HANDLE hKey, PBYTE pbInput, - DWORD cbInput, VOID * pPaddingInfo, - PBYTE pbOutput, DWORD cbOutput, - DWORD * pcbResult, DWORD dwFlags) +__declspec(dllexport) SECURITY_STATUS WINAPI + NCryptDecrypt(NCRYPT_KEY_HANDLE hKey, PBYTE pbInput, DWORD cbInput, + VOID *pPaddingInfo, PBYTE pbOutput, DWORD cbOutput, + DWORD *pcbResult, DWORD dwFlags) { gnutls_datum_t c, p; assert_int_nequal(dwFlags, NCRYPT_PAD_PKCS1_FLAG); @@ -121,8 +116,9 @@ SECURITY_STATUS WINAPI NCryptDecrypt(NCRYPT_KEY_HANDLE hKey, PBYTE pbInput, return 1; } - assert_int_nequal(gnutls_privkey_decrypt_data - ((gnutls_privkey_t) hKey, 0, &c, &p), 0); + assert_int_nequal(gnutls_privkey_decrypt_data((gnutls_privkey_t)hKey, 0, + &c, &p), + 0); *pcbResult = p.size; memcpy(pbOutput, p.data, p.size); @@ -131,7 +127,7 @@ SECURITY_STATUS WINAPI NCryptDecrypt(NCRYPT_KEY_HANDLE hKey, PBYTE pbInput, return 1; } -static int StrCmpW(const WCHAR * str1, const WCHAR * str2) +static int StrCmpW(const WCHAR *str1, const WCHAR *str2) { while (*str1 && (*str1 == *str2)) { str1++; @@ -140,28 +136,25 @@ static int StrCmpW(const WCHAR * str1, const WCHAR * str2) return *str1 - *str2; } -__declspec(dllexport) -SECURITY_STATUS WINAPI NCryptSignHash(NCRYPT_KEY_HANDLE hKey, - VOID * pPaddingInfo, PBYTE pbHashValue, - DWORD cbHashValue, PBYTE pbSignature, - DWORD cbSignature, DWORD * pcbResult, - DWORD dwFlags) +__declspec(dllexport) SECURITY_STATUS WINAPI + NCryptSignHash(NCRYPT_KEY_HANDLE hKey, VOID *pPaddingInfo, + PBYTE pbHashValue, DWORD cbHashValue, PBYTE pbSignature, + DWORD cbSignature, DWORD *pcbResult, DWORD dwFlags) { BCRYPT_PKCS1_PADDING_INFO *info; int hash = 0; - gnutls_privkey_t p = (gnutls_privkey_t) hKey; + gnutls_privkey_t p = (gnutls_privkey_t)hKey; gnutls_datum_t v = { pbHashValue, cbHashValue }, s; debug_func(); info = pPaddingInfo; if (info != NULL) { - if (info->pszAlgId - && StrCmpW(info->pszAlgId, NCRYPT_SHA1_ALGORITHM) == 0) + if (info->pszAlgId && + StrCmpW(info->pszAlgId, NCRYPT_SHA1_ALGORITHM) == 0) hash = GNUTLS_DIG_SHA1; - else if (info->pszAlgId - && StrCmpW(info->pszAlgId, - NCRYPT_SHA256_ALGORITHM) == 0) + else if (info->pszAlgId && + StrCmpW(info->pszAlgId, NCRYPT_SHA256_ALGORITHM) == 0) hash = GNUTLS_DIG_SHA256; else if (info->pszAlgId != NULL) { assert(0); @@ -176,9 +169,11 @@ SECURITY_STATUS WINAPI NCryptSignHash(NCRYPT_KEY_HANDLE hKey, assert(p != NULL); if (info == NULL || info->pszAlgId == NULL) { - assert_int_nequal(gnutls_privkey_sign_hash - (p, 0, GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, &v, - &s), 0); + assert_int_nequal(gnutls_privkey_sign_hash( + p, 0, + GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, &v, + &s), + 0); } else if (info != NULL) { assert_int_nequal(gnutls_privkey_sign_hash(p, hash, 0, &v, &s), 0); diff --git a/tests/x509-cert-callback-legacy.c b/tests/x509-cert-callback-legacy.c index 0f761ce99b..c227840c6d 100644 --- a/tests/x509-cert-callback-legacy.c +++ b/tests/x509-cert-callback-legacy.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -44,11 +44,10 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "%s|<%d>| %s", side, level, str); } -static int -cert_callback(gnutls_session_t session, - const gnutls_datum_t * req_ca_rdn, int nreqs, - const gnutls_pk_algorithm_t * pk_algos, - int pk_algos_length, gnutls_retr2_st * st) +static int cert_callback(gnutls_session_t session, + const gnutls_datum_t *req_ca_rdn, int nreqs, + const gnutls_pk_algorithm_t *pk_algos, + int pk_algos_length, gnutls_retr2_st *st) { int ret; gnutls_x509_crt_t *crts; @@ -62,10 +61,9 @@ cert_callback(gnutls_session_t session, st->cert_type = GNUTLS_CRT_X509; - ret = - gnutls_x509_crt_list_import2(&crts, &crts_size, &cli_ca3_cert_chain, - GNUTLS_X509_FMT_PEM, - GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); + ret = gnutls_x509_crt_list_import2( + &crts, &crts_size, &cli_ca3_cert_chain, GNUTLS_X509_FMT_PEM, + GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); if (ret < 0) { fail("error: %s\n", gnutls_strerror(ret)); exit(1); @@ -77,8 +75,8 @@ cert_callback(gnutls_session_t session, exit(1); } - ret = - gnutls_x509_privkey_import(pkey, &cli_ca3_key, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import(pkey, &cli_ca3_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error: %s\n", gnutls_strerror(ret)); exit(1); @@ -93,11 +91,10 @@ cert_callback(gnutls_session_t session, return 0; } -static int -server_cert_callback(gnutls_session_t session, - const gnutls_datum_t * req_ca_rdn, int nreqs, - const gnutls_pk_algorithm_t * pk_algos, - int pk_algos_length, gnutls_retr2_st * st) +static int server_cert_callback(gnutls_session_t session, + const gnutls_datum_t *req_ca_rdn, int nreqs, + const gnutls_pk_algorithm_t *pk_algos, + int pk_algos_length, gnutls_retr2_st *st) { int ret; gnutls_x509_crt_t *crts; @@ -106,11 +103,9 @@ server_cert_callback(gnutls_session_t session, st->cert_type = GNUTLS_CRT_X509; - ret = - gnutls_x509_crt_list_import2(&crts, &crts_size, - &server_ca3_cert_chain, - GNUTLS_X509_FMT_PEM, - GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); + ret = gnutls_x509_crt_list_import2( + &crts, &crts_size, &server_ca3_cert_chain, GNUTLS_X509_FMT_PEM, + GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); if (ret < 0) { fail("error: %s\n", gnutls_strerror(ret)); exit(1); @@ -122,9 +117,8 @@ server_cert_callback(gnutls_session_t session, exit(1); } - ret = - gnutls_x509_privkey_import(pkey, &server_ca3_key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import(pkey, &server_ca3_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error: %s\n", gnutls_strerror(ret)); exit(1); @@ -179,9 +173,8 @@ static void start(const char *prio) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -221,10 +214,9 @@ static void start(const char *prio) } gnutls_x509_crt_init(&crt); - ret = - gnutls_x509_crt_import(crt, - &server_ca3_localhost_cert_chain, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt, + &server_ca3_localhost_cert_chain, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("gnutls_x509_crt_import: %s\n", gnutls_strerror(ret)); @@ -239,8 +231,8 @@ static void start(const char *prio) } gnutls_x509_crt_deinit(crt); - if (scert.size != mcert->size - || memcmp(scert.data, mcert->data, mcert->size) != 0) { + if (scert.size != mcert->size || + memcmp(scert.data, mcert->data, mcert->size) != 0) { fail("gnutls_certificate_get_ours output doesn't match cert\n"); exit(1); } @@ -260,9 +252,8 @@ static void start(const char *prio) } gnutls_x509_crt_init(&crt); - ret = - gnutls_x509_crt_import(crt, &cli_ca3_cert_chain, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt, &cli_ca3_cert_chain, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("gnutls_x509_crt_import: %s\n", gnutls_strerror(ret)); @@ -277,8 +268,8 @@ static void start(const char *prio) } gnutls_x509_crt_deinit(crt); - if (ccert.size != mcert->size - || memcmp(ccert.data, mcert->data, mcert->size) != 0) { + if (ccert.size != mcert->size || + memcmp(ccert.data, mcert->data, mcert->size) != 0) { fail("gnutls_certificate_get_ours output doesn't match cert\n"); exit(1); } diff --git a/tests/x509-cert-callback-ocsp.c b/tests/x509-cert-callback-ocsp.c index 4e862d3d5f..370a94f113 100644 --- a/tests/x509-cert-callback-ocsp.c +++ b/tests/x509-cert-callback-ocsp.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -49,16 +49,16 @@ static gnutls_pcert_st *server_pcert = NULL; static gnutls_ocsp_data_st ocspdata[2]; #define OCSP_SIZE 16 -#define OCSP_DATA "\xff\xff\xf0\xf0\xff\xff\xf0\xf0\xff\xff\xf0\xf0\xff\xff\xf0\xf0" - -static int -server_cert_callback(gnutls_session_t session, - const struct gnutls_cert_retr_st *info, - gnutls_pcert_st ** pcert, - unsigned int *pcert_length, - gnutls_ocsp_data_st ** ocsp, - unsigned int *ocsp_length, - gnutls_privkey_t * pkey, unsigned int *flags) +#define OCSP_DATA \ + "\xff\xff\xf0\xf0\xff\xff\xf0\xf0\xff\xff\xf0\xf0\xff\xff\xf0\xf0" + +static int server_cert_callback(gnutls_session_t session, + const struct gnutls_cert_retr_st *info, + gnutls_pcert_st **pcert, + unsigned int *pcert_length, + gnutls_ocsp_data_st **ocsp, + unsigned int *ocsp_length, + gnutls_privkey_t *pkey, unsigned int *flags) { int ret; gnutls_pcert_st *p; @@ -79,9 +79,9 @@ server_cert_callback(gnutls_session_t session, ocspdata[1].response.size = OCSP_SIZE; ocspdata[1].exptime = 0; - ret = gnutls_x509_crt_list_import2(&certs, &certs_size, - &server_ca3_localhost_cert_chain, - GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_x509_crt_list_import2( + &certs, &certs_size, &server_ca3_localhost_cert_chain, + GNUTLS_X509_FMT_PEM, 0); if (ret < 0) return -1; ret = gnutls_pcert_import_x509_list(p, certs, &certs_size, 0); @@ -95,10 +95,8 @@ server_cert_callback(gnutls_session_t session, if (ret < 0) return -1; - ret = - gnutls_privkey_import_x509_raw(lkey, &server_ca3_key, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_privkey_import_x509_raw( + lkey, &server_ca3_key, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) return -1; @@ -163,9 +161,8 @@ static void start(const char *prio) gnutls_certificate_set_verify_flags(ccred, GNUTLS_VERIFY_DISABLE_CRL_CHECKS); - ret = - gnutls_certificate_set_x509_trust_mem(ccred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(ccred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); diff --git a/tests/x509-cert-callback.c b/tests/x509-cert-callback.c index 8baa22ba95..92ac6ab88a 100644 --- a/tests/x509-cert-callback.c +++ b/tests/x509-cert-callback.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -47,12 +47,11 @@ static void tls_log_func(int level, const char *str) static gnutls_privkey_t g_pkey = NULL; static gnutls_pcert_st *g_pcert = NULL; -static int -cert_callback(gnutls_session_t session, - const gnutls_datum_t * req_ca_rdn, int nreqs, - const gnutls_pk_algorithm_t * sign_algos, - int sign_algos_length, gnutls_pcert_st ** pcert, - unsigned int *pcert_length, gnutls_privkey_t * pkey) +static int cert_callback(gnutls_session_t session, + const gnutls_datum_t *req_ca_rdn, int nreqs, + const gnutls_pk_algorithm_t *sign_algos, + int sign_algos_length, gnutls_pcert_st **pcert, + unsigned int *pcert_length, gnutls_privkey_t *pkey) { int ret; gnutls_pcert_st *p; @@ -86,10 +85,8 @@ cert_callback(gnutls_session_t session, if (ret < 0) return -1; - ret = - gnutls_privkey_import_x509_raw(lkey, &cli_ca3_key, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_privkey_import_x509_raw( + lkey, &cli_ca3_key, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) return -1; @@ -102,7 +99,8 @@ cert_callback(gnutls_session_t session, } else { *pcert = g_pcert; *pcert_length = 2; - if (gnutls_certificate_client_get_request_status(session) == 0) { + if (gnutls_certificate_client_get_request_status(session) == + 0) { fail("gnutls_certificate_client_get_request_status failed\n"); return -1; } @@ -115,12 +113,12 @@ cert_callback(gnutls_session_t session, static gnutls_privkey_t server_pkey = NULL; static gnutls_pcert_st *server_pcert = NULL; -static int -server_cert_callback(gnutls_session_t session, - const gnutls_datum_t * req_ca_rdn, int nreqs, - const gnutls_pk_algorithm_t * sign_algos, - int sign_algos_length, gnutls_pcert_st ** pcert, - unsigned int *pcert_length, gnutls_privkey_t * pkey) +static int server_cert_callback(gnutls_session_t session, + const gnutls_datum_t *req_ca_rdn, int nreqs, + const gnutls_pk_algorithm_t *sign_algos, + int sign_algos_length, gnutls_pcert_st **pcert, + unsigned int *pcert_length, + gnutls_privkey_t *pkey) { int ret; gnutls_pcert_st *p; @@ -133,9 +131,9 @@ server_cert_callback(gnutls_session_t session, if (p == NULL) return -1; - ret = gnutls_x509_crt_list_import2(&certs, &certs_size, - &server_ca3_localhost_cert_chain, - GNUTLS_X509_FMT_PEM, 0); + ret = gnutls_x509_crt_list_import2( + &certs, &certs_size, &server_ca3_localhost_cert_chain, + GNUTLS_X509_FMT_PEM, 0); if (ret < 0) return -1; ret = gnutls_pcert_import_x509_list(p, certs, &certs_size, 0); @@ -149,10 +147,8 @@ server_cert_callback(gnutls_session_t session, if (ret < 0) return -1; - ret = - gnutls_privkey_import_x509_raw(lkey, &server_ca3_key, - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_privkey_import_x509_raw( + lkey, &server_ca3_key, GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) return -1; @@ -211,9 +207,8 @@ static void start(const char *prio) if (ret < 0) exit(1); - ret = - gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) exit(1); @@ -254,9 +249,8 @@ static void start(const char *prio) } gnutls_x509_crt_init(&crt); - ret = - gnutls_x509_crt_import(crt, &server_ca3_localhost_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt, &server_ca3_localhost_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("gnutls_x509_crt_import: %s\n", gnutls_strerror(ret)); @@ -271,8 +265,8 @@ static void start(const char *prio) } gnutls_x509_crt_deinit(crt); - if (scert.size != mcert->size - || memcmp(scert.data, mcert->data, mcert->size) != 0) { + if (scert.size != mcert->size || + memcmp(scert.data, mcert->data, mcert->size) != 0) { fail("gnutls_certificate_get_ours output doesn't match cert\n"); exit(1); } @@ -292,9 +286,8 @@ static void start(const char *prio) } gnutls_x509_crt_init(&crt); - ret = - gnutls_x509_crt_import(crt, &cli_ca3_cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt, &cli_ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("gnutls_x509_crt_import: %s\n", gnutls_strerror(ret)); @@ -309,8 +302,8 @@ static void start(const char *prio) } gnutls_x509_crt_deinit(crt); - if (ccert.size != mcert->size - || memcmp(ccert.data, mcert->data, mcert->size) != 0) { + if (ccert.size != mcert->size || + memcmp(ccert.data, mcert->data, mcert->size) != 0) { fail("gnutls_certificate_get_ours output doesn't match cert\n"); exit(1); } diff --git a/tests/x509-dn-decode-compat.c b/tests/x509-dn-decode-compat.c index 9d4d45bace..d6c554ee82 100644 --- a/tests/x509-dn-decode-compat.c +++ b/tests/x509-dn-decode-compat.c @@ -22,7 +22,7 @@ /* This checks the old low level DN encoding and decoding routines */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -35,7 +35,7 @@ static char buf[32 * 1024]; -static void decode(const char *test_name, const gnutls_datum_t * raw, +static void decode(const char *test_name, const gnutls_datum_t *raw, const char *expected, const char *expected_compat) { int ret; @@ -48,15 +48,15 @@ static void decode(const char *test_name, const gnutls_datum_t * raw, } if (out.size != strlen(expected)) { - test_fail - ("The length of the output (%d) doesn't match the expected (%d)\n", - (int)out.size, (int)strlen(expected)); + test_fail( + "The length of the output (%d) doesn't match the expected (%d)\n", + (int)out.size, (int)strlen(expected)); } if (memcmp(out.data, expected, out.size) != 0) { - test_fail - ("The string output (%s) doesn't match the expected (%s)\n", - (char *)out.data, expected); + test_fail( + "The string output (%s) doesn't match the expected (%s)\n", + (char *)out.data, expected); } if (out.data[out.size] != 0) { @@ -72,15 +72,15 @@ static void decode(const char *test_name, const gnutls_datum_t * raw, } if (out.size != strlen(expected_compat)) { - test_fail - ("The length of the output (%d) doesn't match the expected (%d)\n", - (int)out.size, (int)strlen(expected_compat)); + test_fail( + "The length of the output (%d) doesn't match the expected (%d)\n", + (int)out.size, (int)strlen(expected_compat)); } if (memcmp(out.data, expected_compat, out.size) != 0) { - test_fail - ("The string output (%s) doesn't match the expected (%s)\n", - (char *)out.data, expected_compat); + test_fail( + "The string output (%s) doesn't match the expected (%s)\n", + (char *)out.data, expected_compat); } if (out.data[out.size] != 0) { @@ -99,15 +99,15 @@ static void decode(const char *test_name, const gnutls_datum_t * raw, out.size = bsize; if (out.size != strlen(expected_compat)) { - test_fail - ("The length of the output (%d) doesn't match the expected (%d)\n", - (int)out.size, (int)strlen(expected_compat)); + test_fail( + "The length of the output (%d) doesn't match the expected (%d)\n", + (int)out.size, (int)strlen(expected_compat)); } if (memcmp(out.data, expected_compat, out.size) != 0) { - test_fail - ("The string output (%s) doesn't match the expected (%s)\n", - (char *)out.data, expected_compat); + test_fail( + "The string output (%s) doesn't match the expected (%s)\n", + (char *)out.data, expected_compat); } if (out.data[out.size] != 0) { @@ -121,48 +121,41 @@ struct tests_st { const char *name; gnutls_datum_t raw; const char *str; - const char *compat_str; /* GNUTLS_X509_DN_FLAG_COMPAT */ + const char *compat_str; /* GNUTLS_X509_DN_FLAG_COMPAT */ unsigned can_encode; }; struct tests_st tests[] = { { - .name = "simple DN", - .str = - "C=GR,ST=Attiki,O=Koko inc.,OU=sleeping dept.,UID=clauper,CN=Cindy Lauper", - .compat_str = - "CN=Cindy Lauper,UID=clauper,OU=sleeping dept.,O=Koko inc.,ST=Attiki,C=GR", - .raw = {(void *) - "\x30\x7b\x31\x15\x30\x13\x06\x03\x55\x04\x03\x13\x0c\x43\x69\x6e\x64\x79\x20\x4c\x61\x75\x70\x65\x72\x31\x17\x30\x15\x06\x0a\x09\x92\x26\x89\x93\xf2\x2c\x64\x01\x01\x13\x07\x63\x6c\x61\x75\x70\x65\x72\x31\x17\x30\x15\x06\x03\x55\x04\x0b\x13\x0e\x73\x6c\x65\x65\x70\x69\x6e\x67\x20\x64\x65\x70\x74\x2e\x31\x12\x30\x10\x06\x03\x55\x04\x0a\x13\x09\x4b\x6f\x6b\x6f\x20\x69\x6e\x63\x2e\x31\x0f\x30\x0d\x06\x03\x55\x04\x08\x13\x06\x41\x74\x74\x69\x6b\x69\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x47\x52", - 125}, - }, + .name = "simple DN", + .str = "C=GR,ST=Attiki,O=Koko inc.,OU=sleeping dept.,UID=clauper,CN=Cindy Lauper", + .compat_str = + "CN=Cindy Lauper,UID=clauper,OU=sleeping dept.,O=Koko inc.,ST=Attiki,C=GR", + .raw = { (void *)"\x30\x7b\x31\x15\x30\x13\x06\x03\x55\x04\x03\x13\x0c\x43\x69\x6e\x64\x79\x20\x4c\x61\x75\x70\x65\x72\x31\x17\x30\x15\x06\x0a\x09\x92\x26\x89\x93\xf2\x2c\x64\x01\x01\x13\x07\x63\x6c\x61\x75\x70\x65\x72\x31\x17\x30\x15\x06\x03\x55\x04\x0b\x13\x0e\x73\x6c\x65\x65\x70\x69\x6e\x67\x20\x64\x65\x70\x74\x2e\x31\x12\x30\x10\x06\x03\x55\x04\x0a\x13\x09\x4b\x6f\x6b\x6f\x20\x69\x6e\x63\x2e\x31\x0f\x30\x0d\x06\x03\x55\x04\x08\x13\x06\x41\x74\x74\x69\x6b\x69\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x47\x52", + 125 }, + }, { - .name = "UTF8 DN", - .str = "C=GR,ST=Αττική,O=Μεγάλη εταιρία,CN=🐨", - .compat_str = - "CN=🐨,O=Μεγάλη εταιρία,ST=Αττική,C=GR", - .raw = {(void *) - "\x30\x59\x31\x0d\x30\x0b\x06\x03\x55\x04\x03\x0c\x04\xf0\x9f\x90\xa8\x31\x24\x30\x22\x06\x03\x55\x04\x0a\x0c\x1b\xce\x9c\xce\xb5\xce\xb3\xce\xac\xce\xbb\xce\xb7\x20\xce\xb5\xcf\x84\xce\xb1\xce\xb9\xcf\x81\xce\xaf\xce\xb1\x31\x15\x30\x13\x06\x03\x55\x04\x08\x0c\x0c\xce\x91\xcf\x84\xcf\x84\xce\xb9\xce\xba\xce\xae\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x47\x52", - 91}, - }, + .name = "UTF8 DN", + .str = "C=GR,ST=Αττική,O=Μεγάλη εταιρία,CN=🐨", + .compat_str = "CN=🐨,O=Μεγάλη εταιρία,ST=Αττική,C=GR", + .raw = { (void *)"\x30\x59\x31\x0d\x30\x0b\x06\x03\x55\x04\x03\x0c\x04\xf0\x9f\x90\xa8\x31\x24\x30\x22\x06\x03\x55\x04\x0a\x0c\x1b\xce\x9c\xce\xb5\xce\xb3\xce\xac\xce\xbb\xce\xb7\x20\xce\xb5\xcf\x84\xce\xb1\xce\xb9\xcf\x81\xce\xaf\xce\xb1\x31\x15\x30\x13\x06\x03\x55\x04\x08\x0c\x0c\xce\x91\xcf\x84\xcf\x84\xce\xb9\xce\xba\xce\xae\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x47\x52", + 91 }, + }, { - .name = "combo DN", - .compat_str = "C=\\,\\ ,OU=\\ X\\ ,CN=\\#XXX", - .str = "CN=\\#XXX,OU=\\ X\\ ,C=\\,\\ ", - .raw = {(void *) - "\x30\x2b\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x2c\x20\x31\x0d\x30\x0b\x06\x03\x55\x04\x0b\x13\x04\x20\x20\x58\x20\x31\x0d\x30\x0b\x06\x03\x55\x04\x03\x0c\x04\x23\x58\x58\x58", - 45}, - }, + .name = "combo DN", + .compat_str = "C=\\,\\ ,OU=\\ X\\ ,CN=\\#XXX", + .str = "CN=\\#XXX,OU=\\ X\\ ,C=\\,\\ ", + .raw = { (void *)"\x30\x2b\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x2c\x20\x31\x0d\x30\x0b\x06\x03\x55\x04\x0b\x13\x04\x20\x20\x58\x20\x31\x0d\x30\x0b\x06\x03\x55\x04\x03\x0c\x04\x23\x58\x58\x58", + 45 }, + }, { - .name = "very long DN", - .compat_str = - "C=ES,ST=CACERES,L=CACERES,O=DIPUTACION PROVINCIAL DE CACERES,OU=DIPUTACION PROVINCIAL DE CACERES,CN=www.dip-caceres.es,EMAIL=webmaster@dip-caceres.es,2.5.29.17=#1382304b444e532e313d6162616469612e65732c444e532e323d61626572747572612e65732c444e532e333d616365626f2e65732c444e532e343d61636568756368652e65732c444e532e353d6163656974756e612e65732c444e532e363d61686967616c2e65732c444e532e373d616c61676f6e64656c72696f2e65732c444e532e383d616c636f6c6c6172696e2e65732c444e532e393d6179746f616c62616c612e65732c444e532e31303d6179746f616c63616e746172612e65732c444e532e31313d616c637565736361722e65732c444e532e31323d616c64656163656e74656e6572612e65732c444e532e31333d616c64656164656c63616e6f2e65732c444e532e31343d6c61616c64656164656c6f626973706f2e65732c444e532e31353d616c6465616e7565766164656c61766572612e65732c444e532e31363d616c6465616e7565766164656c63616d696e6f2e65732c444e532e31373d616c64656875656c6164656c6a657274652e65732c444e532e31383d6179746f616c69612e65732c444e532e31393d616c69736564612e65732c444e532e32303d616c6d6172617a2e65732c444e532e32313d616c6d6f686172696e2e65732c444e532e32323d6179746f6172726f796f64656c616c757a2e65732c444e532e32333d6172726f796f6d6f6c696e6f732e65732c444e532e32343d6172726f796f6d6f6c696e6f7364656c61766572612e65732c444e532e32353d62616e6f7364656d6f6e74656d61796f722e65732c444e532e32363d6261727261646f2e65732c444e532e32373d62656c76697364656d6f6e726f792e65732c444e532e32383d62656e71756572656e6369612e65732c444e532e32393d626572726f63616c656a6f2e65732c444e532e33303d6265727a6f63616e612e65732c444e532e33313d626f686f6e616c646569626f722e65732c444e532e33323d626f74696a612e65732c444e532e33333d62726f7a61732e65732c444e532e33343d636162616e617364656c63617374696c6c6f2e65732c444e532e33353d636162657a6162656c6c6f73612e65732c444e532e33363d636162657a75656c6164656c76616c6c652e65732c444e532e33373d6361627265726f2e65732c444e532e33383d636163686f7272696c6c612e65732c444e532e33393d636164616c736f2e65732c444e532e34303d63616c7a6164696c6c612e65732c444e532e34313d63616d696e6f6d6f726973636f2e65732c444e532e34323d63616d70696c6c6f646564656c6569746f73612e65732c444e532e34333d63616d706f6c756761722e65732c444e532e34343d63616e616d65726f2e65732c444e532e34353d63616e61766572616c2e65732c444e532e34363d63617262616a6f2e65732c444e532e34373d6361726361626f736f2e65732c444e532e34383d63617272617363616c656a6f2e65732c444e532e34393d63617361726465636163657265732e65732c444e532e35303d6361736172646570616c6f6d65726f2e65732c444e532e35313d6361736172657364656c61736875726465732e65732c444e532e35323d63617361736465646f6e616e746f6e696f2e65732c444e532e35333d63617361736465646f6e676f6d657a2e65732c444e532e35343d636173617364656c63617374616e61722e65732c444e532e35353d636173617364656c6d6f6e74652e65732c444e532e35363d636173617364656d696c6c616e2e65732c444e532e35373d636173617364656d697261766574652e65732c444e532e35383d6361736174656a6164612e65732c444e532e35393d636173696c6c61736465636f7269612e65732c444e532e36303d63617374616e6172646569626f722e65732c444e532e36313d6365636c6176696e2e65732c444e532e36323d636564696c6c6f2e65732c444e532e36333d636572657a6f2e65732c444e532e36343d63696c6c65726f732e65732c444e532e36353d636f6c6c61646f2e65732c444e532e36363d636f6e71756973746164656c617369657272612e65732c444e532e36373d636f7269612e65732c444e532e36383d637561636f73646579757374652e65732c444e532e36393d6c6163756d6272652e65732c444e532e37303d64656c6569746f73612e65732c444e532e37313d64657363617267616d617269612e65732c444e532e37323d656c6a61732e65732c444e532e37333d657363757269616c2e65732c444e532e37343d667265736e65646f736f646569626f722e65732c444e532e37353d67616c697374656f2e65732c444e532e37363d6761726369617a2e65732c444e532e37373d6c6167617267616e74612e65732c444e532e37383d67617267616e74616c616f6c6c612e65732c444e532e37393d67617267616e74696c6c612e65732c444e532e38303d67617267756572612e65732c444e532e38313d676172726f76696c6c61736465616c636f6e657461722e65732c444e532e38323d67617276696e2e65732c444e532e38333d676174612e65732c444e532e38343d6179746f656c676f72646f2e65732c444e532e38353d6c616772616e6a612e65732c444e532e38363d6c616772616e6a6164656772616e6164696c6c612e65732c444e532e38373d6179756e74616d69656e746f646567756164616c7570652e65732c444e532e38383d6775696a6f6465636f7269612e65732c444e532e38393d6775696a6f646567616c697374656f2e65732c444e532e39303d6775696a6f64656772616e6164696c6c612e65732c444e532e39313d6775696a6f646573616e7461626172626172612e65732c444e532e39323d6865726775696a75656c612e65732c444e532e39333d6865726e616e706572657a2e65732c444e532e39343d686572726572616465616c63616e746172612e65732c444e532e39353d68657272657275656c612e65732c444e532e39363d6865727661732e65732c444e532e39373d686967756572612e65732c444e532e39383d68696e6f6a616c2e65732c444e532e39393d686f6c67756572612e65732c444e532e3130303d686f796f732e65732c444e532e3130313d6875656c6167612e65732c444e532e3130323d6962616865726e616e646f2e65732c444e532e3130333d6a6172616963656a6f2e65732c444e532e3130343d6a617261697a64656c61766572612e65732c444e532e3130353d6a6172616e64696c6c6164656c61766572612e65732c444e532e3130363d6a6172696c6c612e65732c444e532e3130373d6a657274652e65732c444e532e3130383d6c616472696c6c61722e65732c444e532e3130393d6c6f67726f73616e2e65732c444e532e3131303d6c6f73617264656c61766572612e65732c444e532e3131313d6d6164726967616c656a6f2e65732c444e532e3131323d6d6164726967616c64656c61766572612e65732c444e532e3131333d6d6164726f6e6572612e65732c444e532e3131343d6d616a616461732e65732c444e532e3131353d6d616c706172746964616465636163657265732e65732c444e532e3131363d6d616c706172746964616465706c6173656e6369612e65732c444e532e3131373d6d617263686167617a2e65732c444e532e3131383d6d6174616465616c63616e746172612e65732c444e532e3131393d6d656d6272696f2e65732c444e532e3132303d6d65736173646569626f722e65732c444e532e3132313d6d69616a616461732e65732c444e532e3132323d6d696c6c616e65732e65732c444e532e3132333d6d69726162656c2e65732c444e532e3132343d6d6f686564617364656772616e6164696c6c612e65732c444e532e3132353d6d6f6e726f792e65732c444e532e3132363d6d6f6e74616e6368657a2e65732c444e532e3132373d6d6f6e74656865726d6f736f2e65732c444e532e3132383d6d6f72616c656a612e65732c444e532e3132393d6d6f7263696c6c6f2e65732c444e532e3133303d6e617661636f6e63656a6f2e65732c444e532e3133313d6e6176616c76696c6c6172646569626f722e65732c444e532e3133323d6e6176616c6d6f72616c64656c616d6174612e65732c444e532e3133333d6e6176617364656c6d6164726f6e6f2e65732c444e532e3133343d6e6176617472617369657272612e65732c444e532e3133353d6e6176657a75656c61732e65732c444e532e3133363d6e756e6f6d6f72616c2e65732c444e532e3133373d6f6c6976616465706c6173656e6369612e65732c444e532e3133383d70616c6f6d65726f2e65732c444e532e3133393d70617361726f6e64656c61766572612e65732c444e532e3134303d706564726f736f64656163696d2e65732c444e532e3134313d706572616c65646164656c616d6174612e65732c444e532e3134323d706572616c656461646573616e726f6d616e2e65732c444e532e3134333d706572616c657364656c70756572746f2e65732c444e532e3134343d7065736375657a612e65732c444e532e3134353d6c6170657367612e65732c444e532e3134363d70696564726173616c6261732e65732c444e532e3134373d70696e6f6672616e71756561646f2e65732c444e532e3134383d70696f726e616c2e65732c444e532e3134393d706c6173656e7a75656c612e65732c444e532e3135303d706f7274616a652e65732c444e532e3135313d706f7274657a75656c6f2e65732c444e532e3135323d706f7a75656c6f64657a61727a6f6e2e65732c444e532e3135333d707565626c6f6e7565766f64656d6972616d6f6e7465732e65732c444e532e3135343d70756572746f646573616e74616372757a2e65732c444e532e3135353d7265626f6c6c61722e65732c444e532e3135363d72696f6c6f626f732e65732c444e532e3135373d726f626c6564696c6c6f6465676174612e65732c444e532e3135383d726f626c6564696c6c6f64656c61766572612e65732c444e532e3135393d726f626c6564696c6c6f64657472756a696c6c6f2c444e532e3136303d726f626c65646f6c6c616e6f2e65732c444e532e3136313d726f6d616e676f72646f2e65732c444e532e3136323d7275616e65732e65732c444e532e3136333d73616c6f72696e6f2e65732c444e532e3136343d73616c7661746965727261646573616e746961676f2e65732c444e532e3136353d73616e6d617274696e646574726576656a6f2e65732c444e532e3136363d6179746f73616e7461616e612e65732c444e532e3136373d73616e74616372757a64656c617369657272612e65732c444e532e3136383d73616e74616372757a646570616e69616775612e65732c444e532e3136393d73616e74616d6172746164656d6167617363612e65732c444e532e3137303d73616e746961676f64656c63616d706f2e65732c444e532e3137313d73616e746962616e657a656c616c746f2e65732c444e532e3137323d73616e746962616e657a656c62616a6f2e65732c444e532e3137333d736175636564696c6c612e65732c444e532e3137343d7365677572616465746f726f2e65732c444e532e3137353d736572726164696c6c612e65732c444e532e3137363d73657272656a6f6e2e65732c444e532e3137373d73696572726164656675656e7465732e65732c444e532e3137383d74616c6176616e2e65732c444e532e3137393d74616c6176657275656c6164656c61766572612e65732c444e532e3138303d74616c617975656c612e65732c444e532e3138313d74656a65646164657469657461722e65732c444e532e3138323d746f72696c2e65732c444e532e3138333d746f726e6176616361732e65732c444e532e3138343d6179746f656c746f726e6f2e65732c444e532e3138353d746f72726563696c6c6164656c6f73616e67656c65732e65732c444e532e3138363d746f72726563696c6c617364656c6174696573612e65732c444e532e3138373d746f7272656465646f6e6d696775656c2e65732c444e532e3138383d746f727265646573616e74616d617269612e65732c444e532e3138393d746f7272656a6f6e656c727562696f2e65732c444e532e3139303d746f7272656a6f6e63696c6c6f2e65732c444e532e3139313d746f7272656d656e67612e65732c444e532e3139323d746f7272656d6f6368612e65732c444e532e3139333d746f7272656f7267617a2e65732c444e532e3139343d746f7272657175656d6164612e65732c444e532e3139353d76616c64617374696c6c61732e65732c444e532e3139363d76616c646563616e6173646574616a6f2e65732c444e532e3139373d76616c64656675656e7465732e65732c444e532e3139383d76616c646568756e6361722e65732c444e532e3139393d76616c6465696e69676f732e65732c444e532e3230303d76616c64656c6163617361646574616a6f2e65732c444e532e3230313d76616c64656d6f72616c65732e65732c444e532e3230323d76616c64656f626973706f2e65732c444e532e3230333d76616c646573616c6f722e65732c444e532e3230343d76616c72696f2e65732c444e532e3230353d76616c656e6369616465616c63616e746172612e65732c444e532e3230363d76616c766572646564656c61766572612e65732c444e532e3230373d76616c766572646564656c667265736e6f2e65732c444e532e3230383d766567617669616e612e65732c444e532e3230393d7669616e64617264656c61766572612e65732c444e532e3231303d76696c6c6164656c63616d706f2e65732c444e532e3231313d76696c6c6164656c7265792e65732c444e532e3231323d76696c6c616d65736961732e65732c444e532e3231333d76696c6c616d69656c2e65732c444e532e3231343d76696c6c616e7565766164656c617369657272612e65732c444e532e3231353d76696c6c617264656c706564726f736f2e65732c444e532e3231363d76696c6c61726465706c6173656e6369612e65732c444e532e3231373d76696c6c61736275656e61736465676174612e65732c444e532e3231383d7a61727a6164656772616e6164696c6c612e65732c444e532e3231393d7a61727a6164656d6f6e74616e6368657a2e65732c444e532e3232303d7a61727a616c616d61796f722e65732c444e532e3232313d7a6f726974612e65732c444e532e3232323d726f73616c656a6f2e65732c444e532e3232333d766567617669616e612e65732c444e532e3232343d616c61676f6e64656c72696f2e65732c444e532e3232353d7469657461722e65732c444e532e3232363d76616c646573616c6f722e65732c444e532e3232373d6e6176617472617369657272612e65732c444e532e3232383d7269766572616465667265736e65646f73612e65732c444e532e3232393d656c6d73616e67696c2e65732c444e532e3233303d74616a6f73616c6f722e65732c444e532e3233313d76616c6c65616d62726f7a2e65732c444e532e3233323d6d616e636f6d756e6964616476616c6c6564656c616c61676f6e2e65732c444e532e3233333d6d616e636f6d756e6964616476616c6c6564656c6a657274652e65732c444e532e3233343d6d616e636f6d756e696461647665676173616c7461732e65732c444e532e3233353d6d616e636f6d756e6964616464656c61766572612e65732c444e532e3233363d6d616e636f6d756e696461647a6f6e6163656e74726f2e65732c444e532e3233373d76696c6c7565726361732d69626f7265732d6a6172612e65732c444e532e3233383d7777772e6162616469612e65732c444e532e3233393d7777772e61626572747572612e65732c444e532e3234303d7777772e616365626f2e65732c444e532e3234313d7777772e61636568756368652e65732c444e532e3234323d7777772e6163656974756e612e65732c444e532e3234333d7777772e61686967616c2e65732c444e532e3234343d7777772e616c61676f6e64656c72696f2e65732c444e532e3234353d7777772e616c636f6c6c6172696e2e65732c444e532e3234363d7777772e6179746f616c62616c612e65732c444e532e3234373d7777772e6179746f616c63616e746172612e65732c444e532e3234383d7777772e616c637565736361722e65732c444e532e3234393d7777772e616c64656163656e74656e6572612e65732c444e532e3235303d7777772e616c64656164656c63616e6f2e65732c444e532e3235313d7777772e6c61616c64656164656c6f626973706f2e65732c444e532e3235323d7777772e616c6465616e7565766164656c61766572612e65732c444e532e3235333d7777772e616c6465616e7565766164656c63616d696e6f2e65732c444e532e3235343d7777772e616c64656875656c6164656c6a657274652e65732c444e532e3235353d7777772e6179746f616c69612e65732c444e532e3235363d7777772e616c69736564612e65732c444e532e3235373d7777772e616c6d6172617a2e65732c444e532e3235383d7777772e616c6d6f686172696e2e65732c444e532e3235393d7777772e6179746f6172726f796f64656c616c757a2e65732c444e532e3236303d7777772e6172726f796f6d6f6c696e6f732e65732c444e532e3236313d7777772e6172726f796f6d6f6c696e6f7364656c61766572612e65732c444e532e3236323d7777772e62616e6f7364656d6f6e74656d61796f722e65732c444e532e3236333d7777772e6261727261646f2e65732c444e532e3236343d7777772e62656c76697364656d6f6e726f792e65732c444e532e3236353d7777772e62656e71756572656e6369612e65732c444e532e3236363d7777772e626572726f63616c656a6f2e65732c444e532e3236373d7777772e6265727a6f63616e612e65732c444e532e3236383d7777772e626f686f6e616c646569626f722e65732c444e532e3236393d7777772e626f74696a612e65732c444e532e3237303d7777772e62726f7a61732e65732c444e532e3237313d7777772e636162616e617364656c63617374696c6c6f2e65732c444e532e3237323d7777772e636162657a6162656c6c6f73612e65732c444e532e3237333d7777772e636162657a75656c6164656c76616c6c652e65732c444e532e3237343d7777772e6361627265726f2e65732c444e532e3237353d7777772e636163686f7272696c6c612e65732c444e532e3237363d7777772e636164616c736f2e65732c444e532e3237373d7777772e63616c7a6164696c6c612e65732c444e532e3237383d7777772e63616d696e6f6d6f726973636f2e65732c444e532e3237393d7777772e63616d70696c6c6f646564656c6569746f73612e65732c444e532e3238303d7777772e63616d706f6c756761722e65732c444e532e3238313d7777772e63616e616d65726f2e65732c444e532e3238323d7777772e63616e61766572616c2e65732c444e532e3238333d7777772e63617262616a6f2e65732c444e532e3238343d7777772e6361726361626f736f2e65732c444e532e3238353d7777772e63617272617363616c656a6f2e65732c444e532e3238363d7777772e63617361726465636163657265732e65732c444e532e3238373d7777772e6361736172646570616c6f6d65726f2e65732c444e532e3238383d7777772e6361736172657364656c61736875726465732e65732c444e532e3238393d7777772e63617361736465646f6e616e746f6e696f2e65732c444e532e3239303d7777772e63617361736465646f6e676f6d657a2e65732c444e532e3239313d7777772e636173617364656c63617374616e61722e65732c444e532e3239323d7777772e636173617364656c6d6f6e74652e65732c444e532e3239333d7777772e636173617364656d696c6c616e2e65732c444e532e3239343d7777772e636173617364656d697261766574652e65732c444e532e3239353d7777772e6361736174656a6164612e65732c444e532e3239363d7777772e636173696c6c61736465636f7269612e65732c444e532e3239373d7777772e63617374616e6172646569626f722e65732c444e532e3239383d7777772e6365636c6176696e2e65732c444e532e3239393d7777772e636564696c6c6f2e65732c444e532e3330303d7777772e636572657a6f2e65732c444e532e3330313d7777772e63696c6c65726f732e65732c444e532e3330323d7777772e636f6c6c61646f2e65732c444e532e3330333d7777772e636f6e71756973746164656c617369657272612e65732c444e532e3330343d7777772e636f7269612e65732c444e532e3330353d7777772e637561636f73646579757374652e65732c444e532e3330363d7777772e6c6163756d6272652e65732c444e532e3330373d7777772e64656c6569746f73612e65732c444e532e3330383d7777772e64657363617267616d617269612e65732c444e532e3330393d7777772e656c6a61732e65732c444e532e3331303d7777772e657363757269616c2e65732c444e532e3331313d7777772e667265736e65646f736f646569626f722e65732c444e532e3331323d7777772e67616c697374656f2e65732c444e532e3331333d7777772e6761726369617a2e65732c444e532e3331343d7777772e6c6167617267616e74612e65732c444e532e3331353d7777772e67617267616e74616c616f6c6c612e65732c444e532e3331363d7777772e67617267616e74696c6c612e65732c444e532e3331373d7777772e67617267756572612e65732c444e532e3331383d7777772e676172726f76696c6c61736465616c636f6e657461722e65732c444e532e3331393d7777772e67617276696e2e65732c444e532e3332303d7777772e676174612e65732c444e532e3332313d7777772e6179746f656c676f72646f2e65732c444e532e3332323d7777772e6c616772616e6a612e65732c444e532e3332333d7777772e6c616772616e6a6164656772616e6164696c6c612e65732c444e532e3332343d7777772e6179756e74616d69656e746f646567756164616c7570652e65732c444e532e3332353d7777772e6775696a6f6465636f7269612e65732c444e532e3332363d7777772e6775696a6f646567616c697374656f2e65732c444e532e3332373d7777772e6775696a6f64656772616e6164696c6c612e65732c444e532e3332383d7777772e6775696a6f646573616e7461626172626172612e65732c444e532e3332393d7777772e6865726775696a75656c612e65732c444e532e3333303d7777772e6865726e616e706572657a2e65732c444e532e3333313d7777772e686572726572616465616c63616e746172612e65732c444e532e3333323d7777772e68657272657275656c612e65732c444e532e3333333d7777772e6865727661732e65732c444e532e3333343d7777772e686967756572612e65732c444e532e3333353d7777772e68696e6f6a616c2e65732c444e532e3333363d7777772e686f6c67756572612e65732c444e532e3333373d7777772e686f796f732e65732c444e532e3333383d7777772e6875656c6167612e65732c444e532e3333393d7777772e6962616865726e616e646f2e65732c444e532e3334303d7777772e6a6172616963656a6f2e65732c444e532e3334313d7777772e6a617261697a64656c61766572612e65732c444e532e3334323d7777772e6a6172616e64696c6c6164656c61766572612e65732c444e532e3334333d7777772e6a6172696c6c612e65732c444e532e3334343d7777772e6a657274652e65732c444e532e3334353d7777772e6c616472696c6c61722e65732c444e532e3334363d7777772e6c6f67726f73616e2e65732c444e532e3334373d7777772e6c6f73617264656c61766572612e65732c444e532e3334383d7777772e6d6164726967616c656a6f2e65732c444e532e3334393d7777772e6d6164726967616c64656c61766572612e65732c444e532e3335303d7777772e6d6164726f6e6572612e65732c444e532e3335313d7777772e6d616a616461732e65732c444e532e3335323d7777772e6d616c706172746964616465636163657265732e65732c444e532e3335333d7777772e6d616c706172746964616465706c6173656e6369612e65732c444e532e3335343d7777772e6d617263686167617a2e65732c444e532e3335353d7777772e6d6174616465616c63616e746172612e65732c444e532e3335363d7777772e6d656d6272696f2e65732c444e532e3335373d7777772e6d65736173646569626f722e65732c444e532e3335383d7777772e6d69616a616461732e65732c444e532e3335393d7777772e6d696c6c616e65732e65732c444e532e3336303d7777772e6d69726162656c2e65732c444e532e3336313d7777772e6d6f686564617364656772616e6164696c6c612e65732c444e532e3336323d7777772e6d6f6e726f792e65732c444e532e3336333d7777772e6d6f6e74616e6368657a2e65732c444e532e3336343d7777772e6d6f6e74656865726d6f736f2e65732c444e532e3336353d7777772e6d6f72616c656a612e65732c444e532e3336363d7777772e6d6f7263696c6c6f2e65732c444e532e3336373d7777772e6e617661636f6e63656a6f2e65732c444e532e3336383d7777772e6e6176616c76696c6c6172646569626f722e65732c444e532e3336393d7777772e6e6176616c6d6f72616c64656c616d6174612e65732c444e532e3337303d7777772e6e6176617364656c6d6164726f6e6f2e65732c444e532e3337313d7777772e6e6176617472617369657272612e65732c444e532e3337323d7777772e6e6176657a75656c61732e65732c444e532e3337333d7777772e6e756e6f6d6f72616c2e65732c444e532e3337343d7777772e6f6c6976616465706c6173656e6369612e65732c444e532e3337353d7777772e70616c6f6d65726f2e65732c444e532e3337363d7777772e70617361726f6e64656c61766572612e65732c444e532e3337373d7777772e706564726f736f64656163696d2e65732c444e532e3337383d7777772e706572616c65646164656c616d6174612e65732c444e532e3337393d7777772e706572616c656461646573616e726f6d616e2e65732c444e532e3338303d7777772e706572616c657364656c70756572746f2e65732c444e532e3338313d7777772e7065736375657a612e65732c444e532e3338323d7777772e6c6170657367612e65732c444e532e3338333d7777772e70696564726173616c6261732e65732c444e532e3338343d7777772e70696e6f6672616e71756561646f2e65732c444e532e3338353d7777772e70696f726e616c2e65732c444e532e3338363d7777772e706c6173656e7a75656c612e65732c444e532e3338373d7777772e706f7274616a652e65732c444e532e3338383d7777772e706f7274657a75656c6f2e65732c444e532e3338393d7777772e706f7a75656c6f64657a61727a6f6e2e65732c444e532e3339303d7777772e707565626c6f6e7565766f64656d6972616d6f6e7465732e65732c444e532e3339313d7777772e70756572746f646573616e74616372757a2e65732c444e532e3339323d7777772e7265626f6c6c61722e65732c444e532e3339333d7777772e72696f6c6f626f732e65732c444e532e3339343d7777772e726f626c6564696c6c6f6465676174612e65732c444e532e3339353d7777772e726f626c6564696c6c6f64656c61766572612e65732c444e532e3339363d7777772e726f626c6564696c6c6f64657472756a696c6c6f2c444e532e3339373d7777772e726f626c65646f6c6c616e6f2e65732c444e532e3339383d7777772e726f6d616e676f72646f2e65732c444e532e3339393d7777772e7275616e65732e65732c444e532e3430303d7777772e73616c6f72696e6f2e65732c444e532e3430313d7777772e73616c7661746965727261646573616e746961676f2e65732c444e532e3430323d7777772e73616e6d617274696e646574726576656a6f2e65732c444e532e3430333d7777772e6179746f73616e7461616e612e65732c444e532e3430343d7777772e73616e74616372757a64656c617369657272612e65732c444e532e3430353d7777772e73616e74616372757a646570616e69616775612e65732c444e532e3430363d7777772e73616e74616d6172746164656d6167617363612e65732c444e532e3430373d7777772e73616e746961676f64656c63616d706f2e65732c444e532e3430383d7777772e73616e746962616e657a656c616c746f2e65732c444e532e3430393d7777772e73616e746962616e657a656c62616a6f2e65732c444e532e3431303d7777772e736175636564696c6c612e65732c444e532e3431313d7777772e7365677572616465746f726f2e65732c444e532e3431323d7777772e736572726164696c6c612e65732c444e532e3431333d7777772e73657272656a6f6e2e65732c444e532e3431343d7777772e73696572726164656675656e7465732e65732c444e532e3431353d7777772e74616c6176616e2e65732c444e532e3431363d7777772e74616c6176657275656c6164656c61766572612e65732c444e532e3431373d7777772e74616c617975656c612e65732c444e532e3431383d7777772e74656a65646164657469657461722e65732c444e532e3431393d7777772e746f72696c2e65732c444e532e3432303d7777772e746f726e6176616361732e65732c444e532e3432313d7777772e6179746f656c746f726e6f2e65732c444e532e3432323d7777772e746f72726563696c6c6164656c6f73616e67656c65732e65732c444e532e3432333d7777772e746f72726563696c6c617364656c6174696573612e65732c444e532e3432343d7777772e746f7272656465646f6e6d696775656c2e65732c444e532e3432353d7777772e746f727265646573616e74616d617269612e65732c444e532e3432363d7777772e746f7272656a6f6e656c727562696f2e65732c444e532e3432373d7777772e746f7272656a6f6e63696c6c6f2e65732c444e532e3432383d7777772e746f7272656d656e67612e65732c444e532e3432393d7777772e746f7272656d6f6368612e65732c444e532e3433303d7777772e746f7272656f7267617a2e65732c444e532e3433313d7777772e746f7272657175656d6164612e65732c444e532e3433323d7777772e76616c64617374696c6c61732e65732c444e532e3433333d7777772e76616c646563616e6173646574616a6f2e65732c444e532e3433343d7777772e76616c64656675656e7465732e65732c444e532e3433353d7777772e76616c646568756e6361722e65732c444e532e3433363d7777772e76616c6465696e69676f732e65732c444e532e3433373d7777772e76616c64656c6163617361646574616a6f2e65732c444e532e3433383d7777772e76616c64656d6f72616c65732e65732c444e532e3433393d7777772e76616c64656f626973706f2e65732c444e532e3434303d7777772e76616c646573616c6f722e65732c444e532e3434313d7777772e76616c72696f2e65732c444e532e3434323d7777772e76616c656e6369616465616c63616e746172612e65732c444e532e3434333d7777772e76616c766572646564656c61766572612e65732c444e532e3434343d7777772e76616c766572646564656c667265736e6f2e65732c444e532e3434353d7777772e766567617669616e612e65732c444e532e3434363d7777772e7669616e64617264656c61766572612e65732c444e532e3434373d7777772e76696c6c6164656c63616d706f2e65732c444e532e3434383d7777772e76696c6c6164656c7265792e65732c444e532e3434393d7777772e76696c6c616d65736961732e65732c444e532e3435303d7777772e76696c6c616d69656c2e65732c444e532e3435313d7777772e76696c6c616e7565766164656c617369657272612e65732c444e532e3435323d7777772e76696c6c617264656c706564726f736f2e65732c444e532e3435333d7777772e76696c6c61726465706c6173656e6369612e65732c444e532e3435343d7777772e76696c6c61736275656e61736465676174612e65732c444e532e3435353d7777772e7a61727a6164656772616e6164696c6c612e65732c444e532e3435363d7777772e7a61727a6164656d6f6e74616e6368657a2e65732c444e532e3435373d7777772e7a61727a616c616d61796f722e65732c444e532e3435383d7777772e7a6f726974612e65732c444e532e3435393d7777772e726f73616c656a6f2e65732c444e532e3436303d7777772e766567617669616e612e65732c444e532e3436313d7777772e616c61676f6e64656c72696f2e65732c444e532e3436323d7777772e7469657461722e65732c444e532e3436333d7777772e76616c646573616c6f722e65732c444e532e3436343d7777772e6e6176617472617369657272612e65732c444e532e3436353d7777772e7269766572616465667265736e65646f73612e65732c444e532e3436363d7777772e656c6d73616e67696c2e65732c444e532e3436373d7777772e74616a6f73616c6f722e65732c444e532e3436383d7777772e76616c6c65616d62726f7a2e65732c444e532e3436393d7777772e6d616e636f6d756e6964616476616c6c6564656c616c61676f6e2e65732c444e532e3437303d7777772e6d616e636f6d756e6964616476616c6c6564656c6a657274652e65732c444e532e3437313d7777772e6d616e636f6d756e696461647665676173616c7461732e65732c444e532e3437323d7777772e6d616e636f6d756e6964616464656c61766572612e65732c444e532e3437333d7777772e6d616e636f6d756e696461647a6f6e6163656e74726f2e65732c444e532e3437343d7777772e76696c6c7565726361732d69626f7265732d6a6172612e6573", - .str = - "2.5.29.17=#1382304b444e532e313d6162616469612e65732c444e532e323d61626572747572612e65732c444e532e333d616365626f2e65732c444e532e343d61636568756368652e65732c444e532e353d6163656974756e612e65732c444e532e363d61686967616c2e65732c444e532e373d616c61676f6e64656c72696f2e65732c444e532e383d616c636f6c6c6172696e2e65732c444e532e393d6179746f616c62616c612e65732c444e532e31303d6179746f616c63616e746172612e65732c444e532e31313d616c637565736361722e65732c444e532e31323d616c64656163656e74656e6572612e65732c444e532e31333d616c64656164656c63616e6f2e65732c444e532e31343d6c61616c64656164656c6f626973706f2e65732c444e532e31353d616c6465616e7565766164656c61766572612e65732c444e532e31363d616c6465616e7565766164656c63616d696e6f2e65732c444e532e31373d616c64656875656c6164656c6a657274652e65732c444e532e31383d6179746f616c69612e65732c444e532e31393d616c69736564612e65732c444e532e32303d616c6d6172617a2e65732c444e532e32313d616c6d6f686172696e2e65732c444e532e32323d6179746f6172726f796f64656c616c757a2e65732c444e532e32333d6172726f796f6d6f6c696e6f732e65732c444e532e32343d6172726f796f6d6f6c696e6f7364656c61766572612e65732c444e532e32353d62616e6f7364656d6f6e74656d61796f722e65732c444e532e32363d6261727261646f2e65732c444e532e32373d62656c76697364656d6f6e726f792e65732c444e532e32383d62656e71756572656e6369612e65732c444e532e32393d626572726f63616c656a6f2e65732c444e532e33303d6265727a6f63616e612e65732c444e532e33313d626f686f6e616c646569626f722e65732c444e532e33323d626f74696a612e65732c444e532e33333d62726f7a61732e65732c444e532e33343d636162616e617364656c63617374696c6c6f2e65732c444e532e33353d636162657a6162656c6c6f73612e65732c444e532e33363d636162657a75656c6164656c76616c6c652e65732c444e532e33373d6361627265726f2e65732c444e532e33383d636163686f7272696c6c612e65732c444e532e33393d636164616c736f2e65732c444e532e34303d63616c7a6164696c6c612e65732c444e532e34313d63616d696e6f6d6f726973636f2e65732c444e532e34323d63616d70696c6c6f646564656c6569746f73612e65732c444e532e34333d63616d706f6c756761722e65732c444e532e34343d63616e616d65726f2e65732c444e532e34353d63616e61766572616c2e65732c444e532e34363d63617262616a6f2e65732c444e532e34373d6361726361626f736f2e65732c444e532e34383d63617272617363616c656a6f2e65732c444e532e34393d63617361726465636163657265732e65732c444e532e35303d6361736172646570616c6f6d65726f2e65732c444e532e35313d6361736172657364656c61736875726465732e65732c444e532e35323d63617361736465646f6e616e746f6e696f2e65732c444e532e35333d63617361736465646f6e676f6d657a2e65732c444e532e35343d636173617364656c63617374616e61722e65732c444e532e35353d636173617364656c6d6f6e74652e65732c444e532e35363d636173617364656d696c6c616e2e65732c444e532e35373d636173617364656d697261766574652e65732c444e532e35383d6361736174656a6164612e65732c444e532e35393d636173696c6c61736465636f7269612e65732c444e532e36303d63617374616e6172646569626f722e65732c444e532e36313d6365636c6176696e2e65732c444e532e36323d636564696c6c6f2e65732c444e532e36333d636572657a6f2e65732c444e532e36343d63696c6c65726f732e65732c444e532e36353d636f6c6c61646f2e65732c444e532e36363d636f6e71756973746164656c617369657272612e65732c444e532e36373d636f7269612e65732c444e532e36383d637561636f73646579757374652e65732c444e532e36393d6c6163756d6272652e65732c444e532e37303d64656c6569746f73612e65732c444e532e37313d64657363617267616d617269612e65732c444e532e37323d656c6a61732e65732c444e532e37333d657363757269616c2e65732c444e532e37343d667265736e65646f736f646569626f722e65732c444e532e37353d67616c697374656f2e65732c444e532e37363d6761726369617a2e65732c444e532e37373d6c6167617267616e74612e65732c444e532e37383d67617267616e74616c616f6c6c612e65732c444e532e37393d67617267616e74696c6c612e65732c444e532e38303d67617267756572612e65732c444e532e38313d676172726f76696c6c61736465616c636f6e657461722e65732c444e532e38323d67617276696e2e65732c444e532e38333d676174612e65732c444e532e38343d6179746f656c676f72646f2e65732c444e532e38353d6c616772616e6a612e65732c444e532e38363d6c616772616e6a6164656772616e6164696c6c612e65732c444e532e38373d6179756e74616d69656e746f646567756164616c7570652e65732c444e532e38383d6775696a6f6465636f7269612e65732c444e532e38393d6775696a6f646567616c697374656f2e65732c444e532e39303d6775696a6f64656772616e6164696c6c612e65732c444e532e39313d6775696a6f646573616e7461626172626172612e65732c444e532e39323d6865726775696a75656c612e65732c444e532e39333d6865726e616e706572657a2e65732c444e532e39343d686572726572616465616c63616e746172612e65732c444e532e39353d68657272657275656c612e65732c444e532e39363d6865727661732e65732c444e532e39373d686967756572612e65732c444e532e39383d68696e6f6a616c2e65732c444e532e39393d686f6c67756572612e65732c444e532e3130303d686f796f732e65732c444e532e3130313d6875656c6167612e65732c444e532e3130323d6962616865726e616e646f2e65732c444e532e3130333d6a6172616963656a6f2e65732c444e532e3130343d6a617261697a64656c61766572612e65732c444e532e3130353d6a6172616e64696c6c6164656c61766572612e65732c444e532e3130363d6a6172696c6c612e65732c444e532e3130373d6a657274652e65732c444e532e3130383d6c616472696c6c61722e65732c444e532e3130393d6c6f67726f73616e2e65732c444e532e3131303d6c6f73617264656c61766572612e65732c444e532e3131313d6d6164726967616c656a6f2e65732c444e532e3131323d6d6164726967616c64656c61766572612e65732c444e532e3131333d6d6164726f6e6572612e65732c444e532e3131343d6d616a616461732e65732c444e532e3131353d6d616c706172746964616465636163657265732e65732c444e532e3131363d6d616c706172746964616465706c6173656e6369612e65732c444e532e3131373d6d617263686167617a2e65732c444e532e3131383d6d6174616465616c63616e746172612e65732c444e532e3131393d6d656d6272696f2e65732c444e532e3132303d6d65736173646569626f722e65732c444e532e3132313d6d69616a616461732e65732c444e532e3132323d6d696c6c616e65732e65732c444e532e3132333d6d69726162656c2e65732c444e532e3132343d6d6f686564617364656772616e6164696c6c612e65732c444e532e3132353d6d6f6e726f792e65732c444e532e3132363d6d6f6e74616e6368657a2e65732c444e532e3132373d6d6f6e74656865726d6f736f2e65732c444e532e3132383d6d6f72616c656a612e65732c444e532e3132393d6d6f7263696c6c6f2e65732c444e532e3133303d6e617661636f6e63656a6f2e65732c444e532e3133313d6e6176616c76696c6c6172646569626f722e65732c444e532e3133323d6e6176616c6d6f72616c64656c616d6174612e65732c444e532e3133333d6e6176617364656c6d6164726f6e6f2e65732c444e532e3133343d6e6176617472617369657272612e65732c444e532e3133353d6e6176657a75656c61732e65732c444e532e3133363d6e756e6f6d6f72616c2e65732c444e532e3133373d6f6c6976616465706c6173656e6369612e65732c444e532e3133383d70616c6f6d65726f2e65732c444e532e3133393d70617361726f6e64656c61766572612e65732c444e532e3134303d706564726f736f64656163696d2e65732c444e532e3134313d706572616c65646164656c616d6174612e65732c444e532e3134323d706572616c656461646573616e726f6d616e2e65732c444e532e3134333d706572616c657364656c70756572746f2e65732c444e532e3134343d7065736375657a612e65732c444e532e3134353d6c6170657367612e65732c444e532e3134363d70696564726173616c6261732e65732c444e532e3134373d70696e6f6672616e71756561646f2e65732c444e532e3134383d70696f726e616c2e65732c444e532e3134393d706c6173656e7a75656c612e65732c444e532e3135303d706f7274616a652e65732c444e532e3135313d706f7274657a75656c6f2e65732c444e532e3135323d706f7a75656c6f64657a61727a6f6e2e65732c444e532e3135333d707565626c6f6e7565766f64656d6972616d6f6e7465732e65732c444e532e3135343d70756572746f646573616e74616372757a2e65732c444e532e3135353d7265626f6c6c61722e65732c444e532e3135363d72696f6c6f626f732e65732c444e532e3135373d726f626c6564696c6c6f6465676174612e65732c444e532e3135383d726f626c6564696c6c6f64656c61766572612e65732c444e532e3135393d726f626c6564696c6c6f64657472756a696c6c6f2c444e532e3136303d726f626c65646f6c6c616e6f2e65732c444e532e3136313d726f6d616e676f72646f2e65732c444e532e3136323d7275616e65732e65732c444e532e3136333d73616c6f72696e6f2e65732c444e532e3136343d73616c7661746965727261646573616e746961676f2e65732c444e532e3136353d73616e6d617274696e646574726576656a6f2e65732c444e532e3136363d6179746f73616e7461616e612e65732c444e532e3136373d73616e74616372757a64656c617369657272612e65732c444e532e3136383d73616e74616372757a646570616e69616775612e65732c444e532e3136393d73616e74616d6172746164656d6167617363612e65732c444e532e3137303d73616e746961676f64656c63616d706f2e65732c444e532e3137313d73616e746962616e657a656c616c746f2e65732c444e532e3137323d73616e746962616e657a656c62616a6f2e65732c444e532e3137333d736175636564696c6c612e65732c444e532e3137343d7365677572616465746f726f2e65732c444e532e3137353d736572726164696c6c612e65732c444e532e3137363d73657272656a6f6e2e65732c444e532e3137373d73696572726164656675656e7465732e65732c444e532e3137383d74616c6176616e2e65732c444e532e3137393d74616c6176657275656c6164656c61766572612e65732c444e532e3138303d74616c617975656c612e65732c444e532e3138313d74656a65646164657469657461722e65732c444e532e3138323d746f72696c2e65732c444e532e3138333d746f726e6176616361732e65732c444e532e3138343d6179746f656c746f726e6f2e65732c444e532e3138353d746f72726563696c6c6164656c6f73616e67656c65732e65732c444e532e3138363d746f72726563696c6c617364656c6174696573612e65732c444e532e3138373d746f7272656465646f6e6d696775656c2e65732c444e532e3138383d746f727265646573616e74616d617269612e65732c444e532e3138393d746f7272656a6f6e656c727562696f2e65732c444e532e3139303d746f7272656a6f6e63696c6c6f2e65732c444e532e3139313d746f7272656d656e67612e65732c444e532e3139323d746f7272656d6f6368612e65732c444e532e3139333d746f7272656f7267617a2e65732c444e532e3139343d746f7272657175656d6164612e65732c444e532e3139353d76616c64617374696c6c61732e65732c444e532e3139363d76616c646563616e6173646574616a6f2e65732c444e532e3139373d76616c64656675656e7465732e65732c444e532e3139383d76616c646568756e6361722e65732c444e532e3139393d76616c6465696e69676f732e65732c444e532e3230303d76616c64656c6163617361646574616a6f2e65732c444e532e3230313d76616c64656d6f72616c65732e65732c444e532e3230323d76616c64656f626973706f2e65732c444e532e3230333d76616c646573616c6f722e65732c444e532e3230343d76616c72696f2e65732c444e532e3230353d76616c656e6369616465616c63616e746172612e65732c444e532e3230363d76616c766572646564656c61766572612e65732c444e532e3230373d76616c766572646564656c667265736e6f2e65732c444e532e3230383d766567617669616e612e65732c444e532e3230393d7669616e64617264656c61766572612e65732c444e532e3231303d76696c6c6164656c63616d706f2e65732c444e532e3231313d76696c6c6164656c7265792e65732c444e532e3231323d76696c6c616d65736961732e65732c444e532e3231333d76696c6c616d69656c2e65732c444e532e3231343d76696c6c616e7565766164656c617369657272612e65732c444e532e3231353d76696c6c617264656c706564726f736f2e65732c444e532e3231363d76696c6c61726465706c6173656e6369612e65732c444e532e3231373d76696c6c61736275656e61736465676174612e65732c444e532e3231383d7a61727a6164656772616e6164696c6c612e65732c444e532e3231393d7a61727a6164656d6f6e74616e6368657a2e65732c444e532e3232303d7a61727a616c616d61796f722e65732c444e532e3232313d7a6f726974612e65732c444e532e3232323d726f73616c656a6f2e65732c444e532e3232333d766567617669616e612e65732c444e532e3232343d616c61676f6e64656c72696f2e65732c444e532e3232353d7469657461722e65732c444e532e3232363d76616c646573616c6f722e65732c444e532e3232373d6e6176617472617369657272612e65732c444e532e3232383d7269766572616465667265736e65646f73612e65732c444e532e3232393d656c6d73616e67696c2e65732c444e532e3233303d74616a6f73616c6f722e65732c444e532e3233313d76616c6c65616d62726f7a2e65732c444e532e3233323d6d616e636f6d756e6964616476616c6c6564656c616c61676f6e2e65732c444e532e3233333d6d616e636f6d756e6964616476616c6c6564656c6a657274652e65732c444e532e3233343d6d616e636f6d756e696461647665676173616c7461732e65732c444e532e3233353d6d616e636f6d756e6964616464656c61766572612e65732c444e532e3233363d6d616e636f6d756e696461647a6f6e6163656e74726f2e65732c444e532e3233373d76696c6c7565726361732d69626f7265732d6a6172612e65732c444e532e3233383d7777772e6162616469612e65732c444e532e3233393d7777772e61626572747572612e65732c444e532e3234303d7777772e616365626f2e65732c444e532e3234313d7777772e61636568756368652e65732c444e532e3234323d7777772e6163656974756e612e65732c444e532e3234333d7777772e61686967616c2e65732c444e532e3234343d7777772e616c61676f6e64656c72696f2e65732c444e532e3234353d7777772e616c636f6c6c6172696e2e65732c444e532e3234363d7777772e6179746f616c62616c612e65732c444e532e3234373d7777772e6179746f616c63616e746172612e65732c444e532e3234383d7777772e616c637565736361722e65732c444e532e3234393d7777772e616c64656163656e74656e6572612e65732c444e532e3235303d7777772e616c64656164656c63616e6f2e65732c444e532e3235313d7777772e6c61616c64656164656c6f626973706f2e65732c444e532e3235323d7777772e616c6465616e7565766164656c61766572612e65732c444e532e3235333d7777772e616c6465616e7565766164656c63616d696e6f2e65732c444e532e3235343d7777772e616c64656875656c6164656c6a657274652e65732c444e532e3235353d7777772e6179746f616c69612e65732c444e532e3235363d7777772e616c69736564612e65732c444e532e3235373d7777772e616c6d6172617a2e65732c444e532e3235383d7777772e616c6d6f686172696e2e65732c444e532e3235393d7777772e6179746f6172726f796f64656c616c757a2e65732c444e532e3236303d7777772e6172726f796f6d6f6c696e6f732e65732c444e532e3236313d7777772e6172726f796f6d6f6c696e6f7364656c61766572612e65732c444e532e3236323d7777772e62616e6f7364656d6f6e74656d61796f722e65732c444e532e3236333d7777772e6261727261646f2e65732c444e532e3236343d7777772e62656c76697364656d6f6e726f792e65732c444e532e3236353d7777772e62656e71756572656e6369612e65732c444e532e3236363d7777772e626572726f63616c656a6f2e65732c444e532e3236373d7777772e6265727a6f63616e612e65732c444e532e3236383d7777772e626f686f6e616c646569626f722e65732c444e532e3236393d7777772e626f74696a612e65732c444e532e3237303d7777772e62726f7a61732e65732c444e532e3237313d7777772e636162616e617364656c63617374696c6c6f2e65732c444e532e3237323d7777772e636162657a6162656c6c6f73612e65732c444e532e3237333d7777772e636162657a75656c6164656c76616c6c652e65732c444e532e3237343d7777772e6361627265726f2e65732c444e532e3237353d7777772e636163686f7272696c6c612e65732c444e532e3237363d7777772e636164616c736f2e65732c444e532e3237373d7777772e63616c7a6164696c6c612e65732c444e532e3237383d7777772e63616d696e6f6d6f726973636f2e65732c444e532e3237393d7777772e63616d70696c6c6f646564656c6569746f73612e65732c444e532e3238303d7777772e63616d706f6c756761722e65732c444e532e3238313d7777772e63616e616d65726f2e65732c444e532e3238323d7777772e63616e61766572616c2e65732c444e532e3238333d7777772e63617262616a6f2e65732c444e532e3238343d7777772e6361726361626f736f2e65732c444e532e3238353d7777772e63617272617363616c656a6f2e65732c444e532e3238363d7777772e63617361726465636163657265732e65732c444e532e3238373d7777772e6361736172646570616c6f6d65726f2e65732c444e532e3238383d7777772e6361736172657364656c61736875726465732e65732c444e532e3238393d7777772e63617361736465646f6e616e746f6e696f2e65732c444e532e3239303d7777772e63617361736465646f6e676f6d657a2e65732c444e532e3239313d7777772e636173617364656c63617374616e61722e65732c444e532e3239323d7777772e636173617364656c6d6f6e74652e65732c444e532e3239333d7777772e636173617364656d696c6c616e2e65732c444e532e3239343d7777772e636173617364656d697261766574652e65732c444e532e3239353d7777772e6361736174656a6164612e65732c444e532e3239363d7777772e636173696c6c61736465636f7269612e65732c444e532e3239373d7777772e63617374616e6172646569626f722e65732c444e532e3239383d7777772e6365636c6176696e2e65732c444e532e3239393d7777772e636564696c6c6f2e65732c444e532e3330303d7777772e636572657a6f2e65732c444e532e3330313d7777772e63696c6c65726f732e65732c444e532e3330323d7777772e636f6c6c61646f2e65732c444e532e3330333d7777772e636f6e71756973746164656c617369657272612e65732c444e532e3330343d7777772e636f7269612e65732c444e532e3330353d7777772e637561636f73646579757374652e65732c444e532e3330363d7777772e6c6163756d6272652e65732c444e532e3330373d7777772e64656c6569746f73612e65732c444e532e3330383d7777772e64657363617267616d617269612e65732c444e532e3330393d7777772e656c6a61732e65732c444e532e3331303d7777772e657363757269616c2e65732c444e532e3331313d7777772e667265736e65646f736f646569626f722e65732c444e532e3331323d7777772e67616c697374656f2e65732c444e532e3331333d7777772e6761726369617a2e65732c444e532e3331343d7777772e6c6167617267616e74612e65732c444e532e3331353d7777772e67617267616e74616c616f6c6c612e65732c444e532e3331363d7777772e67617267616e74696c6c612e65732c444e532e3331373d7777772e67617267756572612e65732c444e532e3331383d7777772e676172726f76696c6c61736465616c636f6e657461722e65732c444e532e3331393d7777772e67617276696e2e65732c444e532e3332303d7777772e676174612e65732c444e532e3332313d7777772e6179746f656c676f72646f2e65732c444e532e3332323d7777772e6c616772616e6a612e65732c444e532e3332333d7777772e6c616772616e6a6164656772616e6164696c6c612e65732c444e532e3332343d7777772e6179756e74616d69656e746f646567756164616c7570652e65732c444e532e3332353d7777772e6775696a6f6465636f7269612e65732c444e532e3332363d7777772e6775696a6f646567616c697374656f2e65732c444e532e3332373d7777772e6775696a6f64656772616e6164696c6c612e65732c444e532e3332383d7777772e6775696a6f646573616e7461626172626172612e65732c444e532e3332393d7777772e6865726775696a75656c612e65732c444e532e3333303d7777772e6865726e616e706572657a2e65732c444e532e3333313d7777772e686572726572616465616c63616e746172612e65732c444e532e3333323d7777772e68657272657275656c612e65732c444e532e3333333d7777772e6865727661732e65732c444e532e3333343d7777772e686967756572612e65732c444e532e3333353d7777772e68696e6f6a616c2e65732c444e532e3333363d7777772e686f6c67756572612e65732c444e532e3333373d7777772e686f796f732e65732c444e532e3333383d7777772e6875656c6167612e65732c444e532e3333393d7777772e6962616865726e616e646f2e65732c444e532e3334303d7777772e6a6172616963656a6f2e65732c444e532e3334313d7777772e6a617261697a64656c61766572612e65732c444e532e3334323d7777772e6a6172616e64696c6c6164656c61766572612e65732c444e532e3334333d7777772e6a6172696c6c612e65732c444e532e3334343d7777772e6a657274652e65732c444e532e3334353d7777772e6c616472696c6c61722e65732c444e532e3334363d7777772e6c6f67726f73616e2e65732c444e532e3334373d7777772e6c6f73617264656c61766572612e65732c444e532e3334383d7777772e6d6164726967616c656a6f2e65732c444e532e3334393d7777772e6d6164726967616c64656c61766572612e65732c444e532e3335303d7777772e6d6164726f6e6572612e65732c444e532e3335313d7777772e6d616a616461732e65732c444e532e3335323d7777772e6d616c706172746964616465636163657265732e65732c444e532e3335333d7777772e6d616c706172746964616465706c6173656e6369612e65732c444e532e3335343d7777772e6d617263686167617a2e65732c444e532e3335353d7777772e6d6174616465616c63616e746172612e65732c444e532e3335363d7777772e6d656d6272696f2e65732c444e532e3335373d7777772e6d65736173646569626f722e65732c444e532e3335383d7777772e6d69616a616461732e65732c444e532e3335393d7777772e6d696c6c616e65732e65732c444e532e3336303d7777772e6d69726162656c2e65732c444e532e3336313d7777772e6d6f686564617364656772616e6164696c6c612e65732c444e532e3336323d7777772e6d6f6e726f792e65732c444e532e3336333d7777772e6d6f6e74616e6368657a2e65732c444e532e3336343d7777772e6d6f6e74656865726d6f736f2e65732c444e532e3336353d7777772e6d6f72616c656a612e65732c444e532e3336363d7777772e6d6f7263696c6c6f2e65732c444e532e3336373d7777772e6e617661636f6e63656a6f2e65732c444e532e3336383d7777772e6e6176616c76696c6c6172646569626f722e65732c444e532e3336393d7777772e6e6176616c6d6f72616c64656c616d6174612e65732c444e532e3337303d7777772e6e6176617364656c6d6164726f6e6f2e65732c444e532e3337313d7777772e6e6176617472617369657272612e65732c444e532e3337323d7777772e6e6176657a75656c61732e65732c444e532e3337333d7777772e6e756e6f6d6f72616c2e65732c444e532e3337343d7777772e6f6c6976616465706c6173656e6369612e65732c444e532e3337353d7777772e70616c6f6d65726f2e65732c444e532e3337363d7777772e70617361726f6e64656c61766572612e65732c444e532e3337373d7777772e706564726f736f64656163696d2e65732c444e532e3337383d7777772e706572616c65646164656c616d6174612e65732c444e532e3337393d7777772e706572616c656461646573616e726f6d616e2e65732c444e532e3338303d7777772e706572616c657364656c70756572746f2e65732c444e532e3338313d7777772e7065736375657a612e65732c444e532e3338323d7777772e6c6170657367612e65732c444e532e3338333d7777772e70696564726173616c6261732e65732c444e532e3338343d7777772e70696e6f6672616e71756561646f2e65732c444e532e3338353d7777772e70696f726e616c2e65732c444e532e3338363d7777772e706c6173656e7a75656c612e65732c444e532e3338373d7777772e706f7274616a652e65732c444e532e3338383d7777772e706f7274657a75656c6f2e65732c444e532e3338393d7777772e706f7a75656c6f64657a61727a6f6e2e65732c444e532e3339303d7777772e707565626c6f6e7565766f64656d6972616d6f6e7465732e65732c444e532e3339313d7777772e70756572746f646573616e74616372757a2e65732c444e532e3339323d7777772e7265626f6c6c61722e65732c444e532e3339333d7777772e72696f6c6f626f732e65732c444e532e3339343d7777772e726f626c6564696c6c6f6465676174612e65732c444e532e3339353d7777772e726f626c6564696c6c6f64656c61766572612e65732c444e532e3339363d7777772e726f626c6564696c6c6f64657472756a696c6c6f2c444e532e3339373d7777772e726f626c65646f6c6c616e6f2e65732c444e532e3339383d7777772e726f6d616e676f72646f2e65732c444e532e3339393d7777772e7275616e65732e65732c444e532e3430303d7777772e73616c6f72696e6f2e65732c444e532e3430313d7777772e73616c7661746965727261646573616e746961676f2e65732c444e532e3430323d7777772e73616e6d617274696e646574726576656a6f2e65732c444e532e3430333d7777772e6179746f73616e7461616e612e65732c444e532e3430343d7777772e73616e74616372757a64656c617369657272612e65732c444e532e3430353d7777772e73616e74616372757a646570616e69616775612e65732c444e532e3430363d7777772e73616e74616d6172746164656d6167617363612e65732c444e532e3430373d7777772e73616e746961676f64656c63616d706f2e65732c444e532e3430383d7777772e73616e746962616e657a656c616c746f2e65732c444e532e3430393d7777772e73616e746962616e657a656c62616a6f2e65732c444e532e3431303d7777772e736175636564696c6c612e65732c444e532e3431313d7777772e7365677572616465746f726f2e65732c444e532e3431323d7777772e736572726164696c6c612e65732c444e532e3431333d7777772e73657272656a6f6e2e65732c444e532e3431343d7777772e73696572726164656675656e7465732e65732c444e532e3431353d7777772e74616c6176616e2e65732c444e532e3431363d7777772e74616c6176657275656c6164656c61766572612e65732c444e532e3431373d7777772e74616c617975656c612e65732c444e532e3431383d7777772e74656a65646164657469657461722e65732c444e532e3431393d7777772e746f72696c2e65732c444e532e3432303d7777772e746f726e6176616361732e65732c444e532e3432313d7777772e6179746f656c746f726e6f2e65732c444e532e3432323d7777772e746f72726563696c6c6164656c6f73616e67656c65732e65732c444e532e3432333d7777772e746f72726563696c6c617364656c6174696573612e65732c444e532e3432343d7777772e746f7272656465646f6e6d696775656c2e65732c444e532e3432353d7777772e746f727265646573616e74616d617269612e65732c444e532e3432363d7777772e746f7272656a6f6e656c727562696f2e65732c444e532e3432373d7777772e746f7272656a6f6e63696c6c6f2e65732c444e532e3432383d7777772e746f7272656d656e67612e65732c444e532e3432393d7777772e746f7272656d6f6368612e65732c444e532e3433303d7777772e746f7272656f7267617a2e65732c444e532e3433313d7777772e746f7272657175656d6164612e65732c444e532e3433323d7777772e76616c64617374696c6c61732e65732c444e532e3433333d7777772e76616c646563616e6173646574616a6f2e65732c444e532e3433343d7777772e76616c64656675656e7465732e65732c444e532e3433353d7777772e76616c646568756e6361722e65732c444e532e3433363d7777772e76616c6465696e69676f732e65732c444e532e3433373d7777772e76616c64656c6163617361646574616a6f2e65732c444e532e3433383d7777772e76616c64656d6f72616c65732e65732c444e532e3433393d7777772e76616c64656f626973706f2e65732c444e532e3434303d7777772e76616c646573616c6f722e65732c444e532e3434313d7777772e76616c72696f2e65732c444e532e3434323d7777772e76616c656e6369616465616c63616e746172612e65732c444e532e3434333d7777772e76616c766572646564656c61766572612e65732c444e532e3434343d7777772e76616c766572646564656c667265736e6f2e65732c444e532e3434353d7777772e766567617669616e612e65732c444e532e3434363d7777772e7669616e64617264656c61766572612e65732c444e532e3434373d7777772e76696c6c6164656c63616d706f2e65732c444e532e3434383d7777772e76696c6c6164656c7265792e65732c444e532e3434393d7777772e76696c6c616d65736961732e65732c444e532e3435303d7777772e76696c6c616d69656c2e65732c444e532e3435313d7777772e76696c6c616e7565766164656c617369657272612e65732c444e532e3435323d7777772e76696c6c617264656c706564726f736f2e65732c444e532e3435333d7777772e76696c6c61726465706c6173656e6369612e65732c444e532e3435343d7777772e76696c6c61736275656e61736465676174612e65732c444e532e3435353d7777772e7a61727a6164656772616e6164696c6c612e65732c444e532e3435363d7777772e7a61727a6164656d6f6e74616e6368657a2e65732c444e532e3435373d7777772e7a61727a616c616d61796f722e65732c444e532e3435383d7777772e7a6f726974612e65732c444e532e3435393d7777772e726f73616c656a6f2e65732c444e532e3436303d7777772e766567617669616e612e65732c444e532e3436313d7777772e616c61676f6e64656c72696f2e65732c444e532e3436323d7777772e7469657461722e65732c444e532e3436333d7777772e76616c646573616c6f722e65732c444e532e3436343d7777772e6e6176617472617369657272612e65732c444e532e3436353d7777772e7269766572616465667265736e65646f73612e65732c444e532e3436363d7777772e656c6d73616e67696c2e65732c444e532e3436373d7777772e74616a6f73616c6f722e65732c444e532e3436383d7777772e76616c6c65616d62726f7a2e65732c444e532e3436393d7777772e6d616e636f6d756e6964616476616c6c6564656c616c61676f6e2e65732c444e532e3437303d7777772e6d616e636f6d756e6964616476616c6c6564656c6a657274652e65732c444e532e3437313d7777772e6d616e636f6d756e696461647665676173616c7461732e65732c444e532e3437323d7777772e6d616e636f6d756e6964616464656c61766572612e65732c444e532e3437333d7777772e6d616e636f6d756e696461647a6f6e6163656e74726f2e65732c444e532e3437343d7777772e76696c6c7565726361732d69626f7265732d6a6172612e6573,EMAIL=webmaster@dip-caceres.es,CN=www.dip-caceres.es,OU=DIPUTACION PROVINCIAL DE CACERES,O=DIPUTACION PROVINCIAL DE CACERES,L=CACERES,ST=CACERES,C=ES", - .raw = {(void *) - "\x30\x82\x31\x29\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x45\x53\x31\x10\x30\x0e\x06\x03\x55\x04\x08\x13\x07\x43\x41\x43\x45\x52\x45\x53\x31\x10\x30\x0e\x06\x03\x55\x04\x07\x13\x07\x43\x41\x43\x45\x52\x45\x53\x31\x29\x30\x27\x06\x03\x55\x04\x0a\x13\x20\x44\x49\x50\x55\x54\x41\x43\x49\x4f\x4e\x20\x50\x52\x4f\x56\x49\x4e\x43\x49\x41\x4c\x20\x44\x45\x20\x43\x41\x43\x45\x52\x45\x53\x31\x29\x30\x27\x06\x03\x55\x04\x0b\x13\x20\x44\x49\x50\x55\x54\x41\x43\x49\x4f\x4e\x20\x50\x52\x4f\x56\x49\x4e\x43\x49\x41\x4c\x20\x44\x45\x20\x43\x41\x43\x45\x52\x45\x53\x31\x1b\x30\x19\x06\x03\x55\x04\x03\x13\x12\x77\x77\x77\x2e\x64\x69\x70\x2d\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x31\x27\x30\x25\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x09\x01\x16\x18\x77\x65\x62\x6d\x61\x73\x74\x65\x72\x40\x64\x69\x70\x2d\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x31\x82\x30\x58\x30\x82\x30\x54\x06\x03\x55\x1d\x11\x13\x82\x30\x4b\x44\x4e\x53\x2e\x31\x3d\x61\x62\x61\x64\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x3d\x61\x62\x65\x72\x74\x75\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x3d\x61\x63\x65\x62\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x3d\x61\x63\x65\x68\x75\x63\x68\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x3d\x61\x63\x65\x69\x74\x75\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x3d\x61\x68\x69\x67\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x3d\x61\x6c\x61\x67\x6f\x6e\x64\x65\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x3d\x61\x6c\x63\x6f\x6c\x6c\x61\x72\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x3d\x61\x79\x74\x6f\x61\x6c\x62\x61\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x3d\x61\x79\x74\x6f\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x3d\x61\x6c\x63\x75\x65\x73\x63\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x3d\x61\x6c\x64\x65\x61\x63\x65\x6e\x74\x65\x6e\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x3d\x61\x6c\x64\x65\x61\x64\x65\x6c\x63\x61\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x3d\x6c\x61\x61\x6c\x64\x65\x61\x64\x65\x6c\x6f\x62\x69\x73\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x3d\x61\x6c\x64\x65\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x3d\x61\x6c\x64\x65\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x63\x61\x6d\x69\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x3d\x61\x6c\x64\x65\x68\x75\x65\x6c\x61\x64\x65\x6c\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x3d\x61\x79\x74\x6f\x61\x6c\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x3d\x61\x6c\x69\x73\x65\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x3d\x61\x6c\x6d\x61\x72\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x3d\x61\x6c\x6d\x6f\x68\x61\x72\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x3d\x61\x79\x74\x6f\x61\x72\x72\x6f\x79\x6f\x64\x65\x6c\x61\x6c\x75\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x3d\x61\x72\x72\x6f\x79\x6f\x6d\x6f\x6c\x69\x6e\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x3d\x61\x72\x72\x6f\x79\x6f\x6d\x6f\x6c\x69\x6e\x6f\x73\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x3d\x62\x61\x6e\x6f\x73\x64\x65\x6d\x6f\x6e\x74\x65\x6d\x61\x79\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x3d\x62\x61\x72\x72\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x3d\x62\x65\x6c\x76\x69\x73\x64\x65\x6d\x6f\x6e\x72\x6f\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x3d\x62\x65\x6e\x71\x75\x65\x72\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x3d\x62\x65\x72\x72\x6f\x63\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x3d\x62\x65\x72\x7a\x6f\x63\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x3d\x62\x6f\x68\x6f\x6e\x61\x6c\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x3d\x62\x6f\x74\x69\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x3d\x62\x72\x6f\x7a\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x3d\x63\x61\x62\x61\x6e\x61\x73\x64\x65\x6c\x63\x61\x73\x74\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x3d\x63\x61\x62\x65\x7a\x61\x62\x65\x6c\x6c\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x3d\x63\x61\x62\x65\x7a\x75\x65\x6c\x61\x64\x65\x6c\x76\x61\x6c\x6c\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x3d\x63\x61\x62\x72\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x3d\x63\x61\x63\x68\x6f\x72\x72\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x3d\x63\x61\x64\x61\x6c\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x3d\x63\x61\x6c\x7a\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x3d\x63\x61\x6d\x69\x6e\x6f\x6d\x6f\x72\x69\x73\x63\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x3d\x63\x61\x6d\x70\x69\x6c\x6c\x6f\x64\x65\x64\x65\x6c\x65\x69\x74\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x3d\x63\x61\x6d\x70\x6f\x6c\x75\x67\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x3d\x63\x61\x6e\x61\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x3d\x63\x61\x6e\x61\x76\x65\x72\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x3d\x63\x61\x72\x62\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x3d\x63\x61\x72\x63\x61\x62\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x38\x3d\x63\x61\x72\x72\x61\x73\x63\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x39\x3d\x63\x61\x73\x61\x72\x64\x65\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x30\x3d\x63\x61\x73\x61\x72\x64\x65\x70\x61\x6c\x6f\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x31\x3d\x63\x61\x73\x61\x72\x65\x73\x64\x65\x6c\x61\x73\x68\x75\x72\x64\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x32\x3d\x63\x61\x73\x61\x73\x64\x65\x64\x6f\x6e\x61\x6e\x74\x6f\x6e\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x33\x3d\x63\x61\x73\x61\x73\x64\x65\x64\x6f\x6e\x67\x6f\x6d\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x34\x3d\x63\x61\x73\x61\x73\x64\x65\x6c\x63\x61\x73\x74\x61\x6e\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x35\x3d\x63\x61\x73\x61\x73\x64\x65\x6c\x6d\x6f\x6e\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x36\x3d\x63\x61\x73\x61\x73\x64\x65\x6d\x69\x6c\x6c\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x37\x3d\x63\x61\x73\x61\x73\x64\x65\x6d\x69\x72\x61\x76\x65\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x38\x3d\x63\x61\x73\x61\x74\x65\x6a\x61\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x39\x3d\x63\x61\x73\x69\x6c\x6c\x61\x73\x64\x65\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x30\x3d\x63\x61\x73\x74\x61\x6e\x61\x72\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x31\x3d\x63\x65\x63\x6c\x61\x76\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x32\x3d\x63\x65\x64\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x33\x3d\x63\x65\x72\x65\x7a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x34\x3d\x63\x69\x6c\x6c\x65\x72\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x35\x3d\x63\x6f\x6c\x6c\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x36\x3d\x63\x6f\x6e\x71\x75\x69\x73\x74\x61\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x37\x3d\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x38\x3d\x63\x75\x61\x63\x6f\x73\x64\x65\x79\x75\x73\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x39\x3d\x6c\x61\x63\x75\x6d\x62\x72\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x30\x3d\x64\x65\x6c\x65\x69\x74\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x31\x3d\x64\x65\x73\x63\x61\x72\x67\x61\x6d\x61\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x32\x3d\x65\x6c\x6a\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x33\x3d\x65\x73\x63\x75\x72\x69\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x34\x3d\x66\x72\x65\x73\x6e\x65\x64\x6f\x73\x6f\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x35\x3d\x67\x61\x6c\x69\x73\x74\x65\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x36\x3d\x67\x61\x72\x63\x69\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x37\x3d\x6c\x61\x67\x61\x72\x67\x61\x6e\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x38\x3d\x67\x61\x72\x67\x61\x6e\x74\x61\x6c\x61\x6f\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x39\x3d\x67\x61\x72\x67\x61\x6e\x74\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x30\x3d\x67\x61\x72\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x31\x3d\x67\x61\x72\x72\x6f\x76\x69\x6c\x6c\x61\x73\x64\x65\x61\x6c\x63\x6f\x6e\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x32\x3d\x67\x61\x72\x76\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x33\x3d\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x34\x3d\x61\x79\x74\x6f\x65\x6c\x67\x6f\x72\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x35\x3d\x6c\x61\x67\x72\x61\x6e\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x36\x3d\x6c\x61\x67\x72\x61\x6e\x6a\x61\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x37\x3d\x61\x79\x75\x6e\x74\x61\x6d\x69\x65\x6e\x74\x6f\x64\x65\x67\x75\x61\x64\x61\x6c\x75\x70\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x38\x3d\x67\x75\x69\x6a\x6f\x64\x65\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x39\x3d\x67\x75\x69\x6a\x6f\x64\x65\x67\x61\x6c\x69\x73\x74\x65\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x30\x3d\x67\x75\x69\x6a\x6f\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x31\x3d\x67\x75\x69\x6a\x6f\x64\x65\x73\x61\x6e\x74\x61\x62\x61\x72\x62\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x32\x3d\x68\x65\x72\x67\x75\x69\x6a\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x33\x3d\x68\x65\x72\x6e\x61\x6e\x70\x65\x72\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x34\x3d\x68\x65\x72\x72\x65\x72\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x35\x3d\x68\x65\x72\x72\x65\x72\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x36\x3d\x68\x65\x72\x76\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x37\x3d\x68\x69\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x38\x3d\x68\x69\x6e\x6f\x6a\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x39\x3d\x68\x6f\x6c\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x30\x3d\x68\x6f\x79\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x31\x3d\x68\x75\x65\x6c\x61\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x32\x3d\x69\x62\x61\x68\x65\x72\x6e\x61\x6e\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x33\x3d\x6a\x61\x72\x61\x69\x63\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x34\x3d\x6a\x61\x72\x61\x69\x7a\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x35\x3d\x6a\x61\x72\x61\x6e\x64\x69\x6c\x6c\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x36\x3d\x6a\x61\x72\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x37\x3d\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x38\x3d\x6c\x61\x64\x72\x69\x6c\x6c\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x39\x3d\x6c\x6f\x67\x72\x6f\x73\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x30\x3d\x6c\x6f\x73\x61\x72\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x31\x3d\x6d\x61\x64\x72\x69\x67\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x32\x3d\x6d\x61\x64\x72\x69\x67\x61\x6c\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x33\x3d\x6d\x61\x64\x72\x6f\x6e\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x34\x3d\x6d\x61\x6a\x61\x64\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x35\x3d\x6d\x61\x6c\x70\x61\x72\x74\x69\x64\x61\x64\x65\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x36\x3d\x6d\x61\x6c\x70\x61\x72\x74\x69\x64\x61\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x37\x3d\x6d\x61\x72\x63\x68\x61\x67\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x38\x3d\x6d\x61\x74\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x39\x3d\x6d\x65\x6d\x62\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x30\x3d\x6d\x65\x73\x61\x73\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x31\x3d\x6d\x69\x61\x6a\x61\x64\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x32\x3d\x6d\x69\x6c\x6c\x61\x6e\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x33\x3d\x6d\x69\x72\x61\x62\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x34\x3d\x6d\x6f\x68\x65\x64\x61\x73\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x35\x3d\x6d\x6f\x6e\x72\x6f\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x36\x3d\x6d\x6f\x6e\x74\x61\x6e\x63\x68\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x37\x3d\x6d\x6f\x6e\x74\x65\x68\x65\x72\x6d\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x38\x3d\x6d\x6f\x72\x61\x6c\x65\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x39\x3d\x6d\x6f\x72\x63\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x30\x3d\x6e\x61\x76\x61\x63\x6f\x6e\x63\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x31\x3d\x6e\x61\x76\x61\x6c\x76\x69\x6c\x6c\x61\x72\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x32\x3d\x6e\x61\x76\x61\x6c\x6d\x6f\x72\x61\x6c\x64\x65\x6c\x61\x6d\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x33\x3d\x6e\x61\x76\x61\x73\x64\x65\x6c\x6d\x61\x64\x72\x6f\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x34\x3d\x6e\x61\x76\x61\x74\x72\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x35\x3d\x6e\x61\x76\x65\x7a\x75\x65\x6c\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x36\x3d\x6e\x75\x6e\x6f\x6d\x6f\x72\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x37\x3d\x6f\x6c\x69\x76\x61\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x38\x3d\x70\x61\x6c\x6f\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x39\x3d\x70\x61\x73\x61\x72\x6f\x6e\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x30\x3d\x70\x65\x64\x72\x6f\x73\x6f\x64\x65\x61\x63\x69\x6d\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x31\x3d\x70\x65\x72\x61\x6c\x65\x64\x61\x64\x65\x6c\x61\x6d\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x32\x3d\x70\x65\x72\x61\x6c\x65\x64\x61\x64\x65\x73\x61\x6e\x72\x6f\x6d\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x33\x3d\x70\x65\x72\x61\x6c\x65\x73\x64\x65\x6c\x70\x75\x65\x72\x74\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x34\x3d\x70\x65\x73\x63\x75\x65\x7a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x35\x3d\x6c\x61\x70\x65\x73\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x36\x3d\x70\x69\x65\x64\x72\x61\x73\x61\x6c\x62\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x37\x3d\x70\x69\x6e\x6f\x66\x72\x61\x6e\x71\x75\x65\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x38\x3d\x70\x69\x6f\x72\x6e\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x39\x3d\x70\x6c\x61\x73\x65\x6e\x7a\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x30\x3d\x70\x6f\x72\x74\x61\x6a\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x31\x3d\x70\x6f\x72\x74\x65\x7a\x75\x65\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x32\x3d\x70\x6f\x7a\x75\x65\x6c\x6f\x64\x65\x7a\x61\x72\x7a\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x33\x3d\x70\x75\x65\x62\x6c\x6f\x6e\x75\x65\x76\x6f\x64\x65\x6d\x69\x72\x61\x6d\x6f\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x34\x3d\x70\x75\x65\x72\x74\x6f\x64\x65\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x35\x3d\x72\x65\x62\x6f\x6c\x6c\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x36\x3d\x72\x69\x6f\x6c\x6f\x62\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x37\x3d\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x38\x3d\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x39\x3d\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x74\x72\x75\x6a\x69\x6c\x6c\x6f\x2c\x44\x4e\x53\x2e\x31\x36\x30\x3d\x72\x6f\x62\x6c\x65\x64\x6f\x6c\x6c\x61\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x31\x3d\x72\x6f\x6d\x61\x6e\x67\x6f\x72\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x32\x3d\x72\x75\x61\x6e\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x33\x3d\x73\x61\x6c\x6f\x72\x69\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x34\x3d\x73\x61\x6c\x76\x61\x74\x69\x65\x72\x72\x61\x64\x65\x73\x61\x6e\x74\x69\x61\x67\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x35\x3d\x73\x61\x6e\x6d\x61\x72\x74\x69\x6e\x64\x65\x74\x72\x65\x76\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x36\x3d\x61\x79\x74\x6f\x73\x61\x6e\x74\x61\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x37\x3d\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x38\x3d\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x64\x65\x70\x61\x6e\x69\x61\x67\x75\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x39\x3d\x73\x61\x6e\x74\x61\x6d\x61\x72\x74\x61\x64\x65\x6d\x61\x67\x61\x73\x63\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x30\x3d\x73\x61\x6e\x74\x69\x61\x67\x6f\x64\x65\x6c\x63\x61\x6d\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x31\x3d\x73\x61\x6e\x74\x69\x62\x61\x6e\x65\x7a\x65\x6c\x61\x6c\x74\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x32\x3d\x73\x61\x6e\x74\x69\x62\x61\x6e\x65\x7a\x65\x6c\x62\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x33\x3d\x73\x61\x75\x63\x65\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x34\x3d\x73\x65\x67\x75\x72\x61\x64\x65\x74\x6f\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x35\x3d\x73\x65\x72\x72\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x36\x3d\x73\x65\x72\x72\x65\x6a\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x37\x3d\x73\x69\x65\x72\x72\x61\x64\x65\x66\x75\x65\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x38\x3d\x74\x61\x6c\x61\x76\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x39\x3d\x74\x61\x6c\x61\x76\x65\x72\x75\x65\x6c\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x30\x3d\x74\x61\x6c\x61\x79\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x31\x3d\x74\x65\x6a\x65\x64\x61\x64\x65\x74\x69\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x32\x3d\x74\x6f\x72\x69\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x33\x3d\x74\x6f\x72\x6e\x61\x76\x61\x63\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x34\x3d\x61\x79\x74\x6f\x65\x6c\x74\x6f\x72\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x35\x3d\x74\x6f\x72\x72\x65\x63\x69\x6c\x6c\x61\x64\x65\x6c\x6f\x73\x61\x6e\x67\x65\x6c\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x36\x3d\x74\x6f\x72\x72\x65\x63\x69\x6c\x6c\x61\x73\x64\x65\x6c\x61\x74\x69\x65\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x37\x3d\x74\x6f\x72\x72\x65\x64\x65\x64\x6f\x6e\x6d\x69\x67\x75\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x38\x3d\x74\x6f\x72\x72\x65\x64\x65\x73\x61\x6e\x74\x61\x6d\x61\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x39\x3d\x74\x6f\x72\x72\x65\x6a\x6f\x6e\x65\x6c\x72\x75\x62\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x30\x3d\x74\x6f\x72\x72\x65\x6a\x6f\x6e\x63\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x31\x3d\x74\x6f\x72\x72\x65\x6d\x65\x6e\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x32\x3d\x74\x6f\x72\x72\x65\x6d\x6f\x63\x68\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x33\x3d\x74\x6f\x72\x72\x65\x6f\x72\x67\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x34\x3d\x74\x6f\x72\x72\x65\x71\x75\x65\x6d\x61\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x35\x3d\x76\x61\x6c\x64\x61\x73\x74\x69\x6c\x6c\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x36\x3d\x76\x61\x6c\x64\x65\x63\x61\x6e\x61\x73\x64\x65\x74\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x37\x3d\x76\x61\x6c\x64\x65\x66\x75\x65\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x38\x3d\x76\x61\x6c\x64\x65\x68\x75\x6e\x63\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x39\x3d\x76\x61\x6c\x64\x65\x69\x6e\x69\x67\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x30\x3d\x76\x61\x6c\x64\x65\x6c\x61\x63\x61\x73\x61\x64\x65\x74\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x31\x3d\x76\x61\x6c\x64\x65\x6d\x6f\x72\x61\x6c\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x32\x3d\x76\x61\x6c\x64\x65\x6f\x62\x69\x73\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x33\x3d\x76\x61\x6c\x64\x65\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x34\x3d\x76\x61\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x35\x3d\x76\x61\x6c\x65\x6e\x63\x69\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x36\x3d\x76\x61\x6c\x76\x65\x72\x64\x65\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x37\x3d\x76\x61\x6c\x76\x65\x72\x64\x65\x64\x65\x6c\x66\x72\x65\x73\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x38\x3d\x76\x65\x67\x61\x76\x69\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x39\x3d\x76\x69\x61\x6e\x64\x61\x72\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x30\x3d\x76\x69\x6c\x6c\x61\x64\x65\x6c\x63\x61\x6d\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x31\x3d\x76\x69\x6c\x6c\x61\x64\x65\x6c\x72\x65\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x32\x3d\x76\x69\x6c\x6c\x61\x6d\x65\x73\x69\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x33\x3d\x76\x69\x6c\x6c\x61\x6d\x69\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x34\x3d\x76\x69\x6c\x6c\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x35\x3d\x76\x69\x6c\x6c\x61\x72\x64\x65\x6c\x70\x65\x64\x72\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x36\x3d\x76\x69\x6c\x6c\x61\x72\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x37\x3d\x76\x69\x6c\x6c\x61\x73\x62\x75\x65\x6e\x61\x73\x64\x65\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x38\x3d\x7a\x61\x72\x7a\x61\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x39\x3d\x7a\x61\x72\x7a\x61\x64\x65\x6d\x6f\x6e\x74\x61\x6e\x63\x68\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x30\x3d\x7a\x61\x72\x7a\x61\x6c\x61\x6d\x61\x79\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x31\x3d\x7a\x6f\x72\x69\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x32\x3d\x72\x6f\x73\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x33\x3d\x76\x65\x67\x61\x76\x69\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x34\x3d\x61\x6c\x61\x67\x6f\x6e\x64\x65\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x35\x3d\x74\x69\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x36\x3d\x76\x61\x6c\x64\x65\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x37\x3d\x6e\x61\x76\x61\x74\x72\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x38\x3d\x72\x69\x76\x65\x72\x61\x64\x65\x66\x72\x65\x73\x6e\x65\x64\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x39\x3d\x65\x6c\x6d\x73\x61\x6e\x67\x69\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x30\x3d\x74\x61\x6a\x6f\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x31\x3d\x76\x61\x6c\x6c\x65\x61\x6d\x62\x72\x6f\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x32\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x61\x6c\x6c\x65\x64\x65\x6c\x61\x6c\x61\x67\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x33\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x61\x6c\x6c\x65\x64\x65\x6c\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x34\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x65\x67\x61\x73\x61\x6c\x74\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x35\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x36\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x7a\x6f\x6e\x61\x63\x65\x6e\x74\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x37\x3d\x76\x69\x6c\x6c\x75\x65\x72\x63\x61\x73\x2d\x69\x62\x6f\x72\x65\x73\x2d\x6a\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x38\x3d\x77\x77\x77\x2e\x61\x62\x61\x64\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x39\x3d\x77\x77\x77\x2e\x61\x62\x65\x72\x74\x75\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x30\x3d\x77\x77\x77\x2e\x61\x63\x65\x62\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x31\x3d\x77\x77\x77\x2e\x61\x63\x65\x68\x75\x63\x68\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x32\x3d\x77\x77\x77\x2e\x61\x63\x65\x69\x74\x75\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x33\x3d\x77\x77\x77\x2e\x61\x68\x69\x67\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x34\x3d\x77\x77\x77\x2e\x61\x6c\x61\x67\x6f\x6e\x64\x65\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x35\x3d\x77\x77\x77\x2e\x61\x6c\x63\x6f\x6c\x6c\x61\x72\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x36\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x61\x6c\x62\x61\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x37\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x38\x3d\x77\x77\x77\x2e\x61\x6c\x63\x75\x65\x73\x63\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x39\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x61\x63\x65\x6e\x74\x65\x6e\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x30\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x61\x64\x65\x6c\x63\x61\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x31\x3d\x77\x77\x77\x2e\x6c\x61\x61\x6c\x64\x65\x61\x64\x65\x6c\x6f\x62\x69\x73\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x32\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x33\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x63\x61\x6d\x69\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x34\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x68\x75\x65\x6c\x61\x64\x65\x6c\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x35\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x61\x6c\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x36\x3d\x77\x77\x77\x2e\x61\x6c\x69\x73\x65\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x37\x3d\x77\x77\x77\x2e\x61\x6c\x6d\x61\x72\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x38\x3d\x77\x77\x77\x2e\x61\x6c\x6d\x6f\x68\x61\x72\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x39\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x61\x72\x72\x6f\x79\x6f\x64\x65\x6c\x61\x6c\x75\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x30\x3d\x77\x77\x77\x2e\x61\x72\x72\x6f\x79\x6f\x6d\x6f\x6c\x69\x6e\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x31\x3d\x77\x77\x77\x2e\x61\x72\x72\x6f\x79\x6f\x6d\x6f\x6c\x69\x6e\x6f\x73\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x32\x3d\x77\x77\x77\x2e\x62\x61\x6e\x6f\x73\x64\x65\x6d\x6f\x6e\x74\x65\x6d\x61\x79\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x33\x3d\x77\x77\x77\x2e\x62\x61\x72\x72\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x34\x3d\x77\x77\x77\x2e\x62\x65\x6c\x76\x69\x73\x64\x65\x6d\x6f\x6e\x72\x6f\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x35\x3d\x77\x77\x77\x2e\x62\x65\x6e\x71\x75\x65\x72\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x36\x3d\x77\x77\x77\x2e\x62\x65\x72\x72\x6f\x63\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x37\x3d\x77\x77\x77\x2e\x62\x65\x72\x7a\x6f\x63\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x38\x3d\x77\x77\x77\x2e\x62\x6f\x68\x6f\x6e\x61\x6c\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x39\x3d\x77\x77\x77\x2e\x62\x6f\x74\x69\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x30\x3d\x77\x77\x77\x2e\x62\x72\x6f\x7a\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x31\x3d\x77\x77\x77\x2e\x63\x61\x62\x61\x6e\x61\x73\x64\x65\x6c\x63\x61\x73\x74\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x32\x3d\x77\x77\x77\x2e\x63\x61\x62\x65\x7a\x61\x62\x65\x6c\x6c\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x33\x3d\x77\x77\x77\x2e\x63\x61\x62\x65\x7a\x75\x65\x6c\x61\x64\x65\x6c\x76\x61\x6c\x6c\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x34\x3d\x77\x77\x77\x2e\x63\x61\x62\x72\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x35\x3d\x77\x77\x77\x2e\x63\x61\x63\x68\x6f\x72\x72\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x36\x3d\x77\x77\x77\x2e\x63\x61\x64\x61\x6c\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x37\x3d\x77\x77\x77\x2e\x63\x61\x6c\x7a\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x38\x3d\x77\x77\x77\x2e\x63\x61\x6d\x69\x6e\x6f\x6d\x6f\x72\x69\x73\x63\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x39\x3d\x77\x77\x77\x2e\x63\x61\x6d\x70\x69\x6c\x6c\x6f\x64\x65\x64\x65\x6c\x65\x69\x74\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x30\x3d\x77\x77\x77\x2e\x63\x61\x6d\x70\x6f\x6c\x75\x67\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x31\x3d\x77\x77\x77\x2e\x63\x61\x6e\x61\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x32\x3d\x77\x77\x77\x2e\x63\x61\x6e\x61\x76\x65\x72\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x33\x3d\x77\x77\x77\x2e\x63\x61\x72\x62\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x34\x3d\x77\x77\x77\x2e\x63\x61\x72\x63\x61\x62\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x35\x3d\x77\x77\x77\x2e\x63\x61\x72\x72\x61\x73\x63\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x36\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x72\x64\x65\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x37\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x72\x64\x65\x70\x61\x6c\x6f\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x38\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x72\x65\x73\x64\x65\x6c\x61\x73\x68\x75\x72\x64\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x39\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x64\x6f\x6e\x61\x6e\x74\x6f\x6e\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x30\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x64\x6f\x6e\x67\x6f\x6d\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x31\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x6c\x63\x61\x73\x74\x61\x6e\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x32\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x6c\x6d\x6f\x6e\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x33\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x6d\x69\x6c\x6c\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x34\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x6d\x69\x72\x61\x76\x65\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x35\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x74\x65\x6a\x61\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x36\x3d\x77\x77\x77\x2e\x63\x61\x73\x69\x6c\x6c\x61\x73\x64\x65\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x37\x3d\x77\x77\x77\x2e\x63\x61\x73\x74\x61\x6e\x61\x72\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x38\x3d\x77\x77\x77\x2e\x63\x65\x63\x6c\x61\x76\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x39\x3d\x77\x77\x77\x2e\x63\x65\x64\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x30\x3d\x77\x77\x77\x2e\x63\x65\x72\x65\x7a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x31\x3d\x77\x77\x77\x2e\x63\x69\x6c\x6c\x65\x72\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x32\x3d\x77\x77\x77\x2e\x63\x6f\x6c\x6c\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x33\x3d\x77\x77\x77\x2e\x63\x6f\x6e\x71\x75\x69\x73\x74\x61\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x34\x3d\x77\x77\x77\x2e\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x35\x3d\x77\x77\x77\x2e\x63\x75\x61\x63\x6f\x73\x64\x65\x79\x75\x73\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x36\x3d\x77\x77\x77\x2e\x6c\x61\x63\x75\x6d\x62\x72\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x37\x3d\x77\x77\x77\x2e\x64\x65\x6c\x65\x69\x74\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x38\x3d\x77\x77\x77\x2e\x64\x65\x73\x63\x61\x72\x67\x61\x6d\x61\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x39\x3d\x77\x77\x77\x2e\x65\x6c\x6a\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x30\x3d\x77\x77\x77\x2e\x65\x73\x63\x75\x72\x69\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x31\x3d\x77\x77\x77\x2e\x66\x72\x65\x73\x6e\x65\x64\x6f\x73\x6f\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x32\x3d\x77\x77\x77\x2e\x67\x61\x6c\x69\x73\x74\x65\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x33\x3d\x77\x77\x77\x2e\x67\x61\x72\x63\x69\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x34\x3d\x77\x77\x77\x2e\x6c\x61\x67\x61\x72\x67\x61\x6e\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x35\x3d\x77\x77\x77\x2e\x67\x61\x72\x67\x61\x6e\x74\x61\x6c\x61\x6f\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x36\x3d\x77\x77\x77\x2e\x67\x61\x72\x67\x61\x6e\x74\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x37\x3d\x77\x77\x77\x2e\x67\x61\x72\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x38\x3d\x77\x77\x77\x2e\x67\x61\x72\x72\x6f\x76\x69\x6c\x6c\x61\x73\x64\x65\x61\x6c\x63\x6f\x6e\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x39\x3d\x77\x77\x77\x2e\x67\x61\x72\x76\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x30\x3d\x77\x77\x77\x2e\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x31\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x65\x6c\x67\x6f\x72\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x32\x3d\x77\x77\x77\x2e\x6c\x61\x67\x72\x61\x6e\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x33\x3d\x77\x77\x77\x2e\x6c\x61\x67\x72\x61\x6e\x6a\x61\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x34\x3d\x77\x77\x77\x2e\x61\x79\x75\x6e\x74\x61\x6d\x69\x65\x6e\x74\x6f\x64\x65\x67\x75\x61\x64\x61\x6c\x75\x70\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x35\x3d\x77\x77\x77\x2e\x67\x75\x69\x6a\x6f\x64\x65\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x36\x3d\x77\x77\x77\x2e\x67\x75\x69\x6a\x6f\x64\x65\x67\x61\x6c\x69\x73\x74\x65\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x37\x3d\x77\x77\x77\x2e\x67\x75\x69\x6a\x6f\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x38\x3d\x77\x77\x77\x2e\x67\x75\x69\x6a\x6f\x64\x65\x73\x61\x6e\x74\x61\x62\x61\x72\x62\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x39\x3d\x77\x77\x77\x2e\x68\x65\x72\x67\x75\x69\x6a\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x30\x3d\x77\x77\x77\x2e\x68\x65\x72\x6e\x61\x6e\x70\x65\x72\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x31\x3d\x77\x77\x77\x2e\x68\x65\x72\x72\x65\x72\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x32\x3d\x77\x77\x77\x2e\x68\x65\x72\x72\x65\x72\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x33\x3d\x77\x77\x77\x2e\x68\x65\x72\x76\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x34\x3d\x77\x77\x77\x2e\x68\x69\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x35\x3d\x77\x77\x77\x2e\x68\x69\x6e\x6f\x6a\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x36\x3d\x77\x77\x77\x2e\x68\x6f\x6c\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x37\x3d\x77\x77\x77\x2e\x68\x6f\x79\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x38\x3d\x77\x77\x77\x2e\x68\x75\x65\x6c\x61\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x39\x3d\x77\x77\x77\x2e\x69\x62\x61\x68\x65\x72\x6e\x61\x6e\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x30\x3d\x77\x77\x77\x2e\x6a\x61\x72\x61\x69\x63\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x31\x3d\x77\x77\x77\x2e\x6a\x61\x72\x61\x69\x7a\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x32\x3d\x77\x77\x77\x2e\x6a\x61\x72\x61\x6e\x64\x69\x6c\x6c\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x33\x3d\x77\x77\x77\x2e\x6a\x61\x72\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x34\x3d\x77\x77\x77\x2e\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x35\x3d\x77\x77\x77\x2e\x6c\x61\x64\x72\x69\x6c\x6c\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x36\x3d\x77\x77\x77\x2e\x6c\x6f\x67\x72\x6f\x73\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x37\x3d\x77\x77\x77\x2e\x6c\x6f\x73\x61\x72\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x38\x3d\x77\x77\x77\x2e\x6d\x61\x64\x72\x69\x67\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x39\x3d\x77\x77\x77\x2e\x6d\x61\x64\x72\x69\x67\x61\x6c\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x30\x3d\x77\x77\x77\x2e\x6d\x61\x64\x72\x6f\x6e\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x31\x3d\x77\x77\x77\x2e\x6d\x61\x6a\x61\x64\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x32\x3d\x77\x77\x77\x2e\x6d\x61\x6c\x70\x61\x72\x74\x69\x64\x61\x64\x65\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x33\x3d\x77\x77\x77\x2e\x6d\x61\x6c\x70\x61\x72\x74\x69\x64\x61\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x34\x3d\x77\x77\x77\x2e\x6d\x61\x72\x63\x68\x61\x67\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x35\x3d\x77\x77\x77\x2e\x6d\x61\x74\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x36\x3d\x77\x77\x77\x2e\x6d\x65\x6d\x62\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x37\x3d\x77\x77\x77\x2e\x6d\x65\x73\x61\x73\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x38\x3d\x77\x77\x77\x2e\x6d\x69\x61\x6a\x61\x64\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x39\x3d\x77\x77\x77\x2e\x6d\x69\x6c\x6c\x61\x6e\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x30\x3d\x77\x77\x77\x2e\x6d\x69\x72\x61\x62\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x31\x3d\x77\x77\x77\x2e\x6d\x6f\x68\x65\x64\x61\x73\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x32\x3d\x77\x77\x77\x2e\x6d\x6f\x6e\x72\x6f\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x33\x3d\x77\x77\x77\x2e\x6d\x6f\x6e\x74\x61\x6e\x63\x68\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x34\x3d\x77\x77\x77\x2e\x6d\x6f\x6e\x74\x65\x68\x65\x72\x6d\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x35\x3d\x77\x77\x77\x2e\x6d\x6f\x72\x61\x6c\x65\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x36\x3d\x77\x77\x77\x2e\x6d\x6f\x72\x63\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x37\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x63\x6f\x6e\x63\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x38\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x6c\x76\x69\x6c\x6c\x61\x72\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x39\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x6c\x6d\x6f\x72\x61\x6c\x64\x65\x6c\x61\x6d\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x30\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x73\x64\x65\x6c\x6d\x61\x64\x72\x6f\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x31\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x74\x72\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x32\x3d\x77\x77\x77\x2e\x6e\x61\x76\x65\x7a\x75\x65\x6c\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x33\x3d\x77\x77\x77\x2e\x6e\x75\x6e\x6f\x6d\x6f\x72\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x34\x3d\x77\x77\x77\x2e\x6f\x6c\x69\x76\x61\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x35\x3d\x77\x77\x77\x2e\x70\x61\x6c\x6f\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x36\x3d\x77\x77\x77\x2e\x70\x61\x73\x61\x72\x6f\x6e\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x37\x3d\x77\x77\x77\x2e\x70\x65\x64\x72\x6f\x73\x6f\x64\x65\x61\x63\x69\x6d\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x38\x3d\x77\x77\x77\x2e\x70\x65\x72\x61\x6c\x65\x64\x61\x64\x65\x6c\x61\x6d\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x39\x3d\x77\x77\x77\x2e\x70\x65\x72\x61\x6c\x65\x64\x61\x64\x65\x73\x61\x6e\x72\x6f\x6d\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x30\x3d\x77\x77\x77\x2e\x70\x65\x72\x61\x6c\x65\x73\x64\x65\x6c\x70\x75\x65\x72\x74\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x31\x3d\x77\x77\x77\x2e\x70\x65\x73\x63\x75\x65\x7a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x32\x3d\x77\x77\x77\x2e\x6c\x61\x70\x65\x73\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x33\x3d\x77\x77\x77\x2e\x70\x69\x65\x64\x72\x61\x73\x61\x6c\x62\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x34\x3d\x77\x77\x77\x2e\x70\x69\x6e\x6f\x66\x72\x61\x6e\x71\x75\x65\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x35\x3d\x77\x77\x77\x2e\x70\x69\x6f\x72\x6e\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x36\x3d\x77\x77\x77\x2e\x70\x6c\x61\x73\x65\x6e\x7a\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x37\x3d\x77\x77\x77\x2e\x70\x6f\x72\x74\x61\x6a\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x38\x3d\x77\x77\x77\x2e\x70\x6f\x72\x74\x65\x7a\x75\x65\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x39\x3d\x77\x77\x77\x2e\x70\x6f\x7a\x75\x65\x6c\x6f\x64\x65\x7a\x61\x72\x7a\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x30\x3d\x77\x77\x77\x2e\x70\x75\x65\x62\x6c\x6f\x6e\x75\x65\x76\x6f\x64\x65\x6d\x69\x72\x61\x6d\x6f\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x31\x3d\x77\x77\x77\x2e\x70\x75\x65\x72\x74\x6f\x64\x65\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x32\x3d\x77\x77\x77\x2e\x72\x65\x62\x6f\x6c\x6c\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x33\x3d\x77\x77\x77\x2e\x72\x69\x6f\x6c\x6f\x62\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x34\x3d\x77\x77\x77\x2e\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x35\x3d\x77\x77\x77\x2e\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x36\x3d\x77\x77\x77\x2e\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x74\x72\x75\x6a\x69\x6c\x6c\x6f\x2c\x44\x4e\x53\x2e\x33\x39\x37\x3d\x77\x77\x77\x2e\x72\x6f\x62\x6c\x65\x64\x6f\x6c\x6c\x61\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x38\x3d\x77\x77\x77\x2e\x72\x6f\x6d\x61\x6e\x67\x6f\x72\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x39\x3d\x77\x77\x77\x2e\x72\x75\x61\x6e\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x30\x3d\x77\x77\x77\x2e\x73\x61\x6c\x6f\x72\x69\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x31\x3d\x77\x77\x77\x2e\x73\x61\x6c\x76\x61\x74\x69\x65\x72\x72\x61\x64\x65\x73\x61\x6e\x74\x69\x61\x67\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x32\x3d\x77\x77\x77\x2e\x73\x61\x6e\x6d\x61\x72\x74\x69\x6e\x64\x65\x74\x72\x65\x76\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x33\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x73\x61\x6e\x74\x61\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x34\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x35\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x64\x65\x70\x61\x6e\x69\x61\x67\x75\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x36\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x61\x6d\x61\x72\x74\x61\x64\x65\x6d\x61\x67\x61\x73\x63\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x37\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x69\x61\x67\x6f\x64\x65\x6c\x63\x61\x6d\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x38\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x69\x62\x61\x6e\x65\x7a\x65\x6c\x61\x6c\x74\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x39\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x69\x62\x61\x6e\x65\x7a\x65\x6c\x62\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x30\x3d\x77\x77\x77\x2e\x73\x61\x75\x63\x65\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x31\x3d\x77\x77\x77\x2e\x73\x65\x67\x75\x72\x61\x64\x65\x74\x6f\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x32\x3d\x77\x77\x77\x2e\x73\x65\x72\x72\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x33\x3d\x77\x77\x77\x2e\x73\x65\x72\x72\x65\x6a\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x34\x3d\x77\x77\x77\x2e\x73\x69\x65\x72\x72\x61\x64\x65\x66\x75\x65\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x35\x3d\x77\x77\x77\x2e\x74\x61\x6c\x61\x76\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x36\x3d\x77\x77\x77\x2e\x74\x61\x6c\x61\x76\x65\x72\x75\x65\x6c\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x37\x3d\x77\x77\x77\x2e\x74\x61\x6c\x61\x79\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x38\x3d\x77\x77\x77\x2e\x74\x65\x6a\x65\x64\x61\x64\x65\x74\x69\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x39\x3d\x77\x77\x77\x2e\x74\x6f\x72\x69\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x30\x3d\x77\x77\x77\x2e\x74\x6f\x72\x6e\x61\x76\x61\x63\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x31\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x65\x6c\x74\x6f\x72\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x32\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x63\x69\x6c\x6c\x61\x64\x65\x6c\x6f\x73\x61\x6e\x67\x65\x6c\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x33\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x63\x69\x6c\x6c\x61\x73\x64\x65\x6c\x61\x74\x69\x65\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x34\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x64\x65\x64\x6f\x6e\x6d\x69\x67\x75\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x35\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x64\x65\x73\x61\x6e\x74\x61\x6d\x61\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x36\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6a\x6f\x6e\x65\x6c\x72\x75\x62\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x37\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6a\x6f\x6e\x63\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x38\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6d\x65\x6e\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x39\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6d\x6f\x63\x68\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x30\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6f\x72\x67\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x31\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x71\x75\x65\x6d\x61\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x32\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x61\x73\x74\x69\x6c\x6c\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x33\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x63\x61\x6e\x61\x73\x64\x65\x74\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x34\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x66\x75\x65\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x35\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x68\x75\x6e\x63\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x36\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x69\x6e\x69\x67\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x37\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x6c\x61\x63\x61\x73\x61\x64\x65\x74\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x38\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x6d\x6f\x72\x61\x6c\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x39\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x6f\x62\x69\x73\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x30\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x31\x3d\x77\x77\x77\x2e\x76\x61\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x32\x3d\x77\x77\x77\x2e\x76\x61\x6c\x65\x6e\x63\x69\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x33\x3d\x77\x77\x77\x2e\x76\x61\x6c\x76\x65\x72\x64\x65\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x34\x3d\x77\x77\x77\x2e\x76\x61\x6c\x76\x65\x72\x64\x65\x64\x65\x6c\x66\x72\x65\x73\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x35\x3d\x77\x77\x77\x2e\x76\x65\x67\x61\x76\x69\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x36\x3d\x77\x77\x77\x2e\x76\x69\x61\x6e\x64\x61\x72\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x37\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x64\x65\x6c\x63\x61\x6d\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x38\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x64\x65\x6c\x72\x65\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x39\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x6d\x65\x73\x69\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x30\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x6d\x69\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x31\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x32\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x72\x64\x65\x6c\x70\x65\x64\x72\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x33\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x72\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x34\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x73\x62\x75\x65\x6e\x61\x73\x64\x65\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x35\x3d\x77\x77\x77\x2e\x7a\x61\x72\x7a\x61\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x36\x3d\x77\x77\x77\x2e\x7a\x61\x72\x7a\x61\x64\x65\x6d\x6f\x6e\x74\x61\x6e\x63\x68\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x37\x3d\x77\x77\x77\x2e\x7a\x61\x72\x7a\x61\x6c\x61\x6d\x61\x79\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x38\x3d\x77\x77\x77\x2e\x7a\x6f\x72\x69\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x39\x3d\x77\x77\x77\x2e\x72\x6f\x73\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x30\x3d\x77\x77\x77\x2e\x76\x65\x67\x61\x76\x69\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x31\x3d\x77\x77\x77\x2e\x61\x6c\x61\x67\x6f\x6e\x64\x65\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x32\x3d\x77\x77\x77\x2e\x74\x69\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x33\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x34\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x74\x72\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x35\x3d\x77\x77\x77\x2e\x72\x69\x76\x65\x72\x61\x64\x65\x66\x72\x65\x73\x6e\x65\x64\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x36\x3d\x77\x77\x77\x2e\x65\x6c\x6d\x73\x61\x6e\x67\x69\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x37\x3d\x77\x77\x77\x2e\x74\x61\x6a\x6f\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x38\x3d\x77\x77\x77\x2e\x76\x61\x6c\x6c\x65\x61\x6d\x62\x72\x6f\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x39\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x61\x6c\x6c\x65\x64\x65\x6c\x61\x6c\x61\x67\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x30\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x61\x6c\x6c\x65\x64\x65\x6c\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x31\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x65\x67\x61\x73\x61\x6c\x74\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x32\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x33\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x7a\x6f\x6e\x61\x63\x65\x6e\x74\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x34\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x75\x65\x72\x63\x61\x73\x2d\x69\x62\x6f\x72\x65\x73\x2d\x6a\x61\x72\x61\x2e\x65\x73", - 12589}, - } + .name = "very long DN", + .compat_str = + "C=ES,ST=CACERES,L=CACERES,O=DIPUTACION PROVINCIAL DE CACERES,OU=DIPUTACION PROVINCIAL DE CACERES,CN=www.dip-caceres.es,EMAIL=webmaster@dip-caceres.es,2.5.29.17=#1382304b444e532e313d6162616469612e65732c444e532e323d61626572747572612e65732c444e532e333d616365626f2e65732c444e532e343d61636568756368652e65732c444e532e353d6163656974756e612e65732c444e532e363d61686967616c2e65732c444e532e373d616c61676f6e64656c72696f2e65732c444e532e383d616c636f6c6c6172696e2e65732c444e532e393d6179746f616c62616c612e65732c444e532e31303d6179746f616c63616e746172612e65732c444e532e31313d616c637565736361722e65732c444e532e31323d616c64656163656e74656e6572612e65732c444e532e31333d616c64656164656c63616e6f2e65732c444e532e31343d6c61616c64656164656c6f626973706f2e65732c444e532e31353d616c6465616e7565766164656c61766572612e65732c444e532e31363d616c6465616e7565766164656c63616d696e6f2e65732c444e532e31373d616c64656875656c6164656c6a657274652e65732c444e532e31383d6179746f616c69612e65732c444e532e31393d616c69736564612e65732c444e532e32303d616c6d6172617a2e65732c444e532e32313d616c6d6f686172696e2e65732c444e532e32323d6179746f6172726f796f64656c616c757a2e65732c444e532e32333d6172726f796f6d6f6c696e6f732e65732c444e532e32343d6172726f796f6d6f6c696e6f7364656c61766572612e65732c444e532e32353d62616e6f7364656d6f6e74656d61796f722e65732c444e532e32363d6261727261646f2e65732c444e532e32373d62656c76697364656d6f6e726f792e65732c444e532e32383d62656e71756572656e6369612e65732c444e532e32393d626572726f63616c656a6f2e65732c444e532e33303d6265727a6f63616e612e65732c444e532e33313d626f686f6e616c646569626f722e65732c444e532e33323d626f74696a612e65732c444e532e33333d62726f7a61732e65732c444e532e33343d636162616e617364656c63617374696c6c6f2e65732c444e532e33353d636162657a6162656c6c6f73612e65732c444e532e33363d636162657a75656c6164656c76616c6c652e65732c444e532e33373d6361627265726f2e65732c444e532e33383d636163686f7272696c6c612e65732c444e532e33393d636164616c736f2e65732c444e532e34303d63616c7a6164696c6c612e65732c444e532e34313d63616d696e6f6d6f726973636f2e65732c444e532e34323d63616d70696c6c6f646564656c6569746f73612e65732c444e532e34333d63616d706f6c756761722e65732c444e532e34343d63616e616d65726f2e65732c444e532e34353d63616e61766572616c2e65732c444e532e34363d63617262616a6f2e65732c444e532e34373d6361726361626f736f2e65732c444e532e34383d63617272617363616c656a6f2e65732c444e532e34393d63617361726465636163657265732e65732c444e532e35303d6361736172646570616c6f6d65726f2e65732c444e532e35313d6361736172657364656c61736875726465732e65732c444e532e35323d63617361736465646f6e616e746f6e696f2e65732c444e532e35333d63617361736465646f6e676f6d657a2e65732c444e532e35343d636173617364656c63617374616e61722e65732c444e532e35353d636173617364656c6d6f6e74652e65732c444e532e35363d636173617364656d696c6c616e2e65732c444e532e35373d636173617364656d697261766574652e65732c444e532e35383d6361736174656a6164612e65732c444e532e35393d636173696c6c61736465636f7269612e65732c444e532e36303d63617374616e6172646569626f722e65732c444e532e36313d6365636c6176696e2e65732c444e532e36323d636564696c6c6f2e65732c444e532e36333d636572657a6f2e65732c444e532e36343d63696c6c65726f732e65732c444e532e36353d636f6c6c61646f2e65732c444e532e36363d636f6e71756973746164656c617369657272612e65732c444e532e36373d636f7269612e65732c444e532e36383d637561636f73646579757374652e65732c444e532e36393d6c6163756d6272652e65732c444e532e37303d64656c6569746f73612e65732c444e532e37313d64657363617267616d617269612e65732c444e532e37323d656c6a61732e65732c444e532e37333d657363757269616c2e65732c444e532e37343d667265736e65646f736f646569626f722e65732c444e532e37353d67616c697374656f2e65732c444e532e37363d6761726369617a2e65732c444e532e37373d6c6167617267616e74612e65732c444e532e37383d67617267616e74616c616f6c6c612e65732c444e532e37393d67617267616e74696c6c612e65732c444e532e38303d67617267756572612e65732c444e532e38313d676172726f76696c6c61736465616c636f6e657461722e65732c444e532e38323d67617276696e2e65732c444e532e38333d676174612e65732c444e532e38343d6179746f656c676f72646f2e65732c444e532e38353d6c616772616e6a612e65732c444e532e38363d6c616772616e6a6164656772616e6164696c6c612e65732c444e532e38373d6179756e74616d69656e746f646567756164616c7570652e65732c444e532e38383d6775696a6f6465636f7269612e65732c444e532e38393d6775696a6f646567616c697374656f2e65732c444e532e39303d6775696a6f64656772616e6164696c6c612e65732c444e532e39313d6775696a6f646573616e7461626172626172612e65732c444e532e39323d6865726775696a75656c612e65732c444e532e39333d6865726e616e706572657a2e65732c444e532e39343d686572726572616465616c63616e746172612e65732c444e532e39353d68657272657275656c612e65732c444e532e39363d6865727661732e65732c444e532e39373d686967756572612e65732c444e532e39383d68696e6f6a616c2e65732c444e532e39393d686f6c67756572612e65732c444e532e3130303d686f796f732e65732c444e532e3130313d6875656c6167612e65732c444e532e3130323d6962616865726e616e646f2e65732c444e532e3130333d6a6172616963656a6f2e65732c444e532e3130343d6a617261697a64656c61766572612e65732c444e532e3130353d6a6172616e64696c6c6164656c61766572612e65732c444e532e3130363d6a6172696c6c612e65732c444e532e3130373d6a657274652e65732c444e532e3130383d6c616472696c6c61722e65732c444e532e3130393d6c6f67726f73616e2e65732c444e532e3131303d6c6f73617264656c61766572612e65732c444e532e3131313d6d6164726967616c656a6f2e65732c444e532e3131323d6d6164726967616c64656c61766572612e65732c444e532e3131333d6d6164726f6e6572612e65732c444e532e3131343d6d616a616461732e65732c444e532e3131353d6d616c706172746964616465636163657265732e65732c444e532e3131363d6d616c706172746964616465706c6173656e6369612e65732c444e532e3131373d6d617263686167617a2e65732c444e532e3131383d6d6174616465616c63616e746172612e65732c444e532e3131393d6d656d6272696f2e65732c444e532e3132303d6d65736173646569626f722e65732c444e532e3132313d6d69616a616461732e65732c444e532e3132323d6d696c6c616e65732e65732c444e532e3132333d6d69726162656c2e65732c444e532e3132343d6d6f686564617364656772616e6164696c6c612e65732c444e532e3132353d6d6f6e726f792e65732c444e532e3132363d6d6f6e74616e6368657a2e65732c444e532e3132373d6d6f6e74656865726d6f736f2e65732c444e532e3132383d6d6f72616c656a612e65732c444e532e3132393d6d6f7263696c6c6f2e65732c444e532e3133303d6e617661636f6e63656a6f2e65732c444e532e3133313d6e6176616c76696c6c6172646569626f722e65732c444e532e3133323d6e6176616c6d6f72616c64656c616d6174612e65732c444e532e3133333d6e6176617364656c6d6164726f6e6f2e65732c444e532e3133343d6e6176617472617369657272612e65732c444e532e3133353d6e6176657a75656c61732e65732c444e532e3133363d6e756e6f6d6f72616c2e65732c444e532e3133373d6f6c6976616465706c6173656e6369612e65732c444e532e3133383d70616c6f6d65726f2e65732c444e532e3133393d70617361726f6e64656c61766572612e65732c444e532e3134303d706564726f736f64656163696d2e65732c444e532e3134313d706572616c65646164656c616d6174612e65732c444e532e3134323d706572616c656461646573616e726f6d616e2e65732c444e532e3134333d706572616c657364656c70756572746f2e65732c444e532e3134343d7065736375657a612e65732c444e532e3134353d6c6170657367612e65732c444e532e3134363d70696564726173616c6261732e65732c444e532e3134373d70696e6f6672616e71756561646f2e65732c444e532e3134383d70696f726e616c2e65732c444e532e3134393d706c6173656e7a75656c612e65732c444e532e3135303d706f7274616a652e65732c444e532e3135313d706f7274657a75656c6f2e65732c444e532e3135323d706f7a75656c6f64657a61727a6f6e2e65732c444e532e3135333d707565626c6f6e7565766f64656d6972616d6f6e7465732e65732c444e532e3135343d70756572746f646573616e74616372757a2e65732c444e532e3135353d7265626f6c6c61722e65732c444e532e3135363d72696f6c6f626f732e65732c444e532e3135373d726f626c6564696c6c6f6465676174612e65732c444e532e3135383d726f626c6564696c6c6f64656c61766572612e65732c444e532e3135393d726f626c6564696c6c6f64657472756a696c6c6f2c444e532e3136303d726f626c65646f6c6c616e6f2e65732c444e532e3136313d726f6d616e676f72646f2e65732c444e532e3136323d7275616e65732e65732c444e532e3136333d73616c6f72696e6f2e65732c444e532e3136343d73616c7661746965727261646573616e746961676f2e65732c444e532e3136353d73616e6d617274696e646574726576656a6f2e65732c444e532e3136363d6179746f73616e7461616e612e65732c444e532e3136373d73616e74616372757a64656c617369657272612e65732c444e532e3136383d73616e74616372757a646570616e69616775612e65732c444e532e3136393d73616e74616d6172746164656d6167617363612e65732c444e532e3137303d73616e746961676f64656c63616d706f2e65732c444e532e3137313d73616e746962616e657a656c616c746f2e65732c444e532e3137323d73616e746962616e657a656c62616a6f2e65732c444e532e3137333d736175636564696c6c612e65732c444e532e3137343d7365677572616465746f726f2e65732c444e532e3137353d736572726164696c6c612e65732c444e532e3137363d73657272656a6f6e2e65732c444e532e3137373d73696572726164656675656e7465732e65732c444e532e3137383d74616c6176616e2e65732c444e532e3137393d74616c6176657275656c6164656c61766572612e65732c444e532e3138303d74616c617975656c612e65732c444e532e3138313d74656a65646164657469657461722e65732c444e532e3138323d746f72696c2e65732c444e532e3138333d746f726e6176616361732e65732c444e532e3138343d6179746f656c746f726e6f2e65732c444e532e3138353d746f72726563696c6c6164656c6f73616e67656c65732e65732c444e532e3138363d746f72726563696c6c617364656c6174696573612e65732c444e532e3138373d746f7272656465646f6e6d696775656c2e65732c444e532e3138383d746f727265646573616e74616d617269612e65732c444e532e3138393d746f7272656a6f6e656c727562696f2e65732c444e532e3139303d746f7272656a6f6e63696c6c6f2e65732c444e532e3139313d746f7272656d656e67612e65732c444e532e3139323d746f7272656d6f6368612e65732c444e532e3139333d746f7272656f7267617a2e65732c444e532e3139343d746f7272657175656d6164612e65732c444e532e3139353d76616c64617374696c6c61732e65732c444e532e3139363d76616c646563616e6173646574616a6f2e65732c444e532e3139373d76616c64656675656e7465732e65732c444e532e3139383d76616c646568756e6361722e65732c444e532e3139393d76616c6465696e69676f732e65732c444e532e3230303d76616c64656c6163617361646574616a6f2e65732c444e532e3230313d76616c64656d6f72616c65732e65732c444e532e3230323d76616c64656f626973706f2e65732c444e532e3230333d76616c646573616c6f722e65732c444e532e3230343d76616c72696f2e65732c444e532e3230353d76616c656e6369616465616c63616e746172612e65732c444e532e3230363d76616c766572646564656c61766572612e65732c444e532e3230373d76616c766572646564656c667265736e6f2e65732c444e532e3230383d766567617669616e612e65732c444e532e3230393d7669616e64617264656c61766572612e65732c444e532e3231303d76696c6c6164656c63616d706f2e65732c444e532e3231313d76696c6c6164656c7265792e65732c444e532e3231323d76696c6c616d65736961732e65732c444e532e3231333d76696c6c616d69656c2e65732c444e532e3231343d76696c6c616e7565766164656c617369657272612e65732c444e532e3231353d76696c6c617264656c706564726f736f2e65732c444e532e3231363d76696c6c61726465706c6173656e6369612e65732c444e532e3231373d76696c6c61736275656e61736465676174612e65732c444e532e3231383d7a61727a6164656772616e6164696c6c612e65732c444e532e3231393d7a61727a6164656d6f6e74616e6368657a2e65732c444e532e3232303d7a61727a616c616d61796f722e65732c444e532e3232313d7a6f726974612e65732c444e532e3232323d726f73616c656a6f2e65732c444e532e3232333d766567617669616e612e65732c444e532e3232343d616c61676f6e64656c72696f2e65732c444e532e3232353d7469657461722e65732c444e532e3232363d76616c646573616c6f722e65732c444e532e3232373d6e6176617472617369657272612e65732c444e532e3232383d7269766572616465667265736e65646f73612e65732c444e532e3232393d656c6d73616e67696c2e65732c444e532e3233303d74616a6f73616c6f722e65732c444e532e3233313d76616c6c65616d62726f7a2e65732c444e532e3233323d6d616e636f6d756e6964616476616c6c6564656c616c61676f6e2e65732c444e532e3233333d6d616e636f6d756e6964616476616c6c6564656c6a657274652e65732c444e532e3233343d6d616e636f6d756e696461647665676173616c7461732e65732c444e532e3233353d6d616e636f6d756e6964616464656c61766572612e65732c444e532e3233363d6d616e636f6d756e696461647a6f6e6163656e74726f2e65732c444e532e3233373d76696c6c7565726361732d69626f7265732d6a6172612e65732c444e532e3233383d7777772e6162616469612e65732c444e532e3233393d7777772e61626572747572612e65732c444e532e3234303d7777772e616365626f2e65732c444e532e3234313d7777772e61636568756368652e65732c444e532e3234323d7777772e6163656974756e612e65732c444e532e3234333d7777772e61686967616c2e65732c444e532e3234343d7777772e616c61676f6e64656c72696f2e65732c444e532e3234353d7777772e616c636f6c6c6172696e2e65732c444e532e3234363d7777772e6179746f616c62616c612e65732c444e532e3234373d7777772e6179746f616c63616e746172612e65732c444e532e3234383d7777772e616c637565736361722e65732c444e532e3234393d7777772e616c64656163656e74656e6572612e65732c444e532e3235303d7777772e616c64656164656c63616e6f2e65732c444e532e3235313d7777772e6c61616c64656164656c6f626973706f2e65732c444e532e3235323d7777772e616c6465616e7565766164656c61766572612e65732c444e532e3235333d7777772e616c6465616e7565766164656c63616d696e6f2e65732c444e532e3235343d7777772e616c64656875656c6164656c6a657274652e65732c444e532e3235353d7777772e6179746f616c69612e65732c444e532e3235363d7777772e616c69736564612e65732c444e532e3235373d7777772e616c6d6172617a2e65732c444e532e3235383d7777772e616c6d6f686172696e2e65732c444e532e3235393d7777772e6179746f6172726f796f64656c616c757a2e65732c444e532e3236303d7777772e6172726f796f6d6f6c696e6f732e65732c444e532e3236313d7777772e6172726f796f6d6f6c696e6f7364656c61766572612e65732c444e532e3236323d7777772e62616e6f7364656d6f6e74656d61796f722e65732c444e532e3236333d7777772e6261727261646f2e65732c444e532e3236343d7777772e62656c76697364656d6f6e726f792e65732c444e532e3236353d7777772e62656e71756572656e6369612e65732c444e532e3236363d7777772e626572726f63616c656a6f2e65732c444e532e3236373d7777772e6265727a6f63616e612e65732c444e532e3236383d7777772e626f686f6e616c646569626f722e65732c444e532e3236393d7777772e626f74696a612e65732c444e532e3237303d7777772e62726f7a61732e65732c444e532e3237313d7777772e636162616e617364656c63617374696c6c6f2e65732c444e532e3237323d7777772e636162657a6162656c6c6f73612e65732c444e532e3237333d7777772e636162657a75656c6164656c76616c6c652e65732c444e532e3237343d7777772e6361627265726f2e65732c444e532e3237353d7777772e636163686f7272696c6c612e65732c444e532e3237363d7777772e636164616c736f2e65732c444e532e3237373d7777772e63616c7a6164696c6c612e65732c444e532e3237383d7777772e63616d696e6f6d6f726973636f2e65732c444e532e3237393d7777772e63616d70696c6c6f646564656c6569746f73612e65732c444e532e3238303d7777772e63616d706f6c756761722e65732c444e532e3238313d7777772e63616e616d65726f2e65732c444e532e3238323d7777772e63616e61766572616c2e65732c444e532e3238333d7777772e63617262616a6f2e65732c444e532e3238343d7777772e6361726361626f736f2e65732c444e532e3238353d7777772e63617272617363616c656a6f2e65732c444e532e3238363d7777772e63617361726465636163657265732e65732c444e532e3238373d7777772e6361736172646570616c6f6d65726f2e65732c444e532e3238383d7777772e6361736172657364656c61736875726465732e65732c444e532e3238393d7777772e63617361736465646f6e616e746f6e696f2e65732c444e532e3239303d7777772e63617361736465646f6e676f6d657a2e65732c444e532e3239313d7777772e636173617364656c63617374616e61722e65732c444e532e3239323d7777772e636173617364656c6d6f6e74652e65732c444e532e3239333d7777772e636173617364656d696c6c616e2e65732c444e532e3239343d7777772e636173617364656d697261766574652e65732c444e532e3239353d7777772e6361736174656a6164612e65732c444e532e3239363d7777772e636173696c6c61736465636f7269612e65732c444e532e3239373d7777772e63617374616e6172646569626f722e65732c444e532e3239383d7777772e6365636c6176696e2e65732c444e532e3239393d7777772e636564696c6c6f2e65732c444e532e3330303d7777772e636572657a6f2e65732c444e532e3330313d7777772e63696c6c65726f732e65732c444e532e3330323d7777772e636f6c6c61646f2e65732c444e532e3330333d7777772e636f6e71756973746164656c617369657272612e65732c444e532e3330343d7777772e636f7269612e65732c444e532e3330353d7777772e637561636f73646579757374652e65732c444e532e3330363d7777772e6c6163756d6272652e65732c444e532e3330373d7777772e64656c6569746f73612e65732c444e532e3330383d7777772e64657363617267616d617269612e65732c444e532e3330393d7777772e656c6a61732e65732c444e532e3331303d7777772e657363757269616c2e65732c444e532e3331313d7777772e667265736e65646f736f646569626f722e65732c444e532e3331323d7777772e67616c697374656f2e65732c444e532e3331333d7777772e6761726369617a2e65732c444e532e3331343d7777772e6c6167617267616e74612e65732c444e532e3331353d7777772e67617267616e74616c616f6c6c612e65732c444e532e3331363d7777772e67617267616e74696c6c612e65732c444e532e3331373d7777772e67617267756572612e65732c444e532e3331383d7777772e676172726f76696c6c61736465616c636f6e657461722e65732c444e532e3331393d7777772e67617276696e2e65732c444e532e3332303d7777772e676174612e65732c444e532e3332313d7777772e6179746f656c676f72646f2e65732c444e532e3332323d7777772e6c616772616e6a612e65732c444e532e3332333d7777772e6c616772616e6a6164656772616e6164696c6c612e65732c444e532e3332343d7777772e6179756e74616d69656e746f646567756164616c7570652e65732c444e532e3332353d7777772e6775696a6f6465636f7269612e65732c444e532e3332363d7777772e6775696a6f646567616c697374656f2e65732c444e532e3332373d7777772e6775696a6f64656772616e6164696c6c612e65732c444e532e3332383d7777772e6775696a6f646573616e7461626172626172612e65732c444e532e3332393d7777772e6865726775696a75656c612e65732c444e532e3333303d7777772e6865726e616e706572657a2e65732c444e532e3333313d7777772e686572726572616465616c63616e746172612e65732c444e532e3333323d7777772e68657272657275656c612e65732c444e532e3333333d7777772e6865727661732e65732c444e532e3333343d7777772e686967756572612e65732c444e532e3333353d7777772e68696e6f6a616c2e65732c444e532e3333363d7777772e686f6c67756572612e65732c444e532e3333373d7777772e686f796f732e65732c444e532e3333383d7777772e6875656c6167612e65732c444e532e3333393d7777772e6962616865726e616e646f2e65732c444e532e3334303d7777772e6a6172616963656a6f2e65732c444e532e3334313d7777772e6a617261697a64656c61766572612e65732c444e532e3334323d7777772e6a6172616e64696c6c6164656c61766572612e65732c444e532e3334333d7777772e6a6172696c6c612e65732c444e532e3334343d7777772e6a657274652e65732c444e532e3334353d7777772e6c616472696c6c61722e65732c444e532e3334363d7777772e6c6f67726f73616e2e65732c444e532e3334373d7777772e6c6f73617264656c61766572612e65732c444e532e3334383d7777772e6d6164726967616c656a6f2e65732c444e532e3334393d7777772e6d6164726967616c64656c61766572612e65732c444e532e3335303d7777772e6d6164726f6e6572612e65732c444e532e3335313d7777772e6d616a616461732e65732c444e532e3335323d7777772e6d616c706172746964616465636163657265732e65732c444e532e3335333d7777772e6d616c706172746964616465706c6173656e6369612e65732c444e532e3335343d7777772e6d617263686167617a2e65732c444e532e3335353d7777772e6d6174616465616c63616e746172612e65732c444e532e3335363d7777772e6d656d6272696f2e65732c444e532e3335373d7777772e6d65736173646569626f722e65732c444e532e3335383d7777772e6d69616a616461732e65732c444e532e3335393d7777772e6d696c6c616e65732e65732c444e532e3336303d7777772e6d69726162656c2e65732c444e532e3336313d7777772e6d6f686564617364656772616e6164696c6c612e65732c444e532e3336323d7777772e6d6f6e726f792e65732c444e532e3336333d7777772e6d6f6e74616e6368657a2e65732c444e532e3336343d7777772e6d6f6e74656865726d6f736f2e65732c444e532e3336353d7777772e6d6f72616c656a612e65732c444e532e3336363d7777772e6d6f7263696c6c6f2e65732c444e532e3336373d7777772e6e617661636f6e63656a6f2e65732c444e532e3336383d7777772e6e6176616c76696c6c6172646569626f722e65732c444e532e3336393d7777772e6e6176616c6d6f72616c64656c616d6174612e65732c444e532e3337303d7777772e6e6176617364656c6d6164726f6e6f2e65732c444e532e3337313d7777772e6e6176617472617369657272612e65732c444e532e3337323d7777772e6e6176657a75656c61732e65732c444e532e3337333d7777772e6e756e6f6d6f72616c2e65732c444e532e3337343d7777772e6f6c6976616465706c6173656e6369612e65732c444e532e3337353d7777772e70616c6f6d65726f2e65732c444e532e3337363d7777772e70617361726f6e64656c61766572612e65732c444e532e3337373d7777772e706564726f736f64656163696d2e65732c444e532e3337383d7777772e706572616c65646164656c616d6174612e65732c444e532e3337393d7777772e706572616c656461646573616e726f6d616e2e65732c444e532e3338303d7777772e706572616c657364656c70756572746f2e65732c444e532e3338313d7777772e7065736375657a612e65732c444e532e3338323d7777772e6c6170657367612e65732c444e532e3338333d7777772e70696564726173616c6261732e65732c444e532e3338343d7777772e70696e6f6672616e71756561646f2e65732c444e532e3338353d7777772e70696f726e616c2e65732c444e532e3338363d7777772e706c6173656e7a75656c612e65732c444e532e3338373d7777772e706f7274616a652e65732c444e532e3338383d7777772e706f7274657a75656c6f2e65732c444e532e3338393d7777772e706f7a75656c6f64657a61727a6f6e2e65732c444e532e3339303d7777772e707565626c6f6e7565766f64656d6972616d6f6e7465732e65732c444e532e3339313d7777772e70756572746f646573616e74616372757a2e65732c444e532e3339323d7777772e7265626f6c6c61722e65732c444e532e3339333d7777772e72696f6c6f626f732e65732c444e532e3339343d7777772e726f626c6564696c6c6f6465676174612e65732c444e532e3339353d7777772e726f626c6564696c6c6f64656c61766572612e65732c444e532e3339363d7777772e726f626c6564696c6c6f64657472756a696c6c6f2c444e532e3339373d7777772e726f626c65646f6c6c616e6f2e65732c444e532e3339383d7777772e726f6d616e676f72646f2e65732c444e532e3339393d7777772e7275616e65732e65732c444e532e3430303d7777772e73616c6f72696e6f2e65732c444e532e3430313d7777772e73616c7661746965727261646573616e746961676f2e65732c444e532e3430323d7777772e73616e6d617274696e646574726576656a6f2e65732c444e532e3430333d7777772e6179746f73616e7461616e612e65732c444e532e3430343d7777772e73616e74616372757a64656c617369657272612e65732c444e532e3430353d7777772e73616e74616372757a646570616e69616775612e65732c444e532e3430363d7777772e73616e74616d6172746164656d6167617363612e65732c444e532e3430373d7777772e73616e746961676f64656c63616d706f2e65732c444e532e3430383d7777772e73616e746962616e657a656c616c746f2e65732c444e532e3430393d7777772e73616e746962616e657a656c62616a6f2e65732c444e532e3431303d7777772e736175636564696c6c612e65732c444e532e3431313d7777772e7365677572616465746f726f2e65732c444e532e3431323d7777772e736572726164696c6c612e65732c444e532e3431333d7777772e73657272656a6f6e2e65732c444e532e3431343d7777772e73696572726164656675656e7465732e65732c444e532e3431353d7777772e74616c6176616e2e65732c444e532e3431363d7777772e74616c6176657275656c6164656c61766572612e65732c444e532e3431373d7777772e74616c617975656c612e65732c444e532e3431383d7777772e74656a65646164657469657461722e65732c444e532e3431393d7777772e746f72696c2e65732c444e532e3432303d7777772e746f726e6176616361732e65732c444e532e3432313d7777772e6179746f656c746f726e6f2e65732c444e532e3432323d7777772e746f72726563696c6c6164656c6f73616e67656c65732e65732c444e532e3432333d7777772e746f72726563696c6c617364656c6174696573612e65732c444e532e3432343d7777772e746f7272656465646f6e6d696775656c2e65732c444e532e3432353d7777772e746f727265646573616e74616d617269612e65732c444e532e3432363d7777772e746f7272656a6f6e656c727562696f2e65732c444e532e3432373d7777772e746f7272656a6f6e63696c6c6f2e65732c444e532e3432383d7777772e746f7272656d656e67612e65732c444e532e3432393d7777772e746f7272656d6f6368612e65732c444e532e3433303d7777772e746f7272656f7267617a2e65732c444e532e3433313d7777772e746f7272657175656d6164612e65732c444e532e3433323d7777772e76616c64617374696c6c61732e65732c444e532e3433333d7777772e76616c646563616e6173646574616a6f2e65732c444e532e3433343d7777772e76616c64656675656e7465732e65732c444e532e3433353d7777772e76616c646568756e6361722e65732c444e532e3433363d7777772e76616c6465696e69676f732e65732c444e532e3433373d7777772e76616c64656c6163617361646574616a6f2e65732c444e532e3433383d7777772e76616c64656d6f72616c65732e65732c444e532e3433393d7777772e76616c64656f626973706f2e65732c444e532e3434303d7777772e76616c646573616c6f722e65732c444e532e3434313d7777772e76616c72696f2e65732c444e532e3434323d7777772e76616c656e6369616465616c63616e746172612e65732c444e532e3434333d7777772e76616c766572646564656c61766572612e65732c444e532e3434343d7777772e76616c766572646564656c667265736e6f2e65732c444e532e3434353d7777772e766567617669616e612e65732c444e532e3434363d7777772e7669616e64617264656c61766572612e65732c444e532e3434373d7777772e76696c6c6164656c63616d706f2e65732c444e532e3434383d7777772e76696c6c6164656c7265792e65732c444e532e3434393d7777772e76696c6c616d65736961732e65732c444e532e3435303d7777772e76696c6c616d69656c2e65732c444e532e3435313d7777772e76696c6c616e7565766164656c617369657272612e65732c444e532e3435323d7777772e76696c6c617264656c706564726f736f2e65732c444e532e3435333d7777772e76696c6c61726465706c6173656e6369612e65732c444e532e3435343d7777772e76696c6c61736275656e61736465676174612e65732c444e532e3435353d7777772e7a61727a6164656772616e6164696c6c612e65732c444e532e3435363d7777772e7a61727a6164656d6f6e74616e6368657a2e65732c444e532e3435373d7777772e7a61727a616c616d61796f722e65732c444e532e3435383d7777772e7a6f726974612e65732c444e532e3435393d7777772e726f73616c656a6f2e65732c444e532e3436303d7777772e766567617669616e612e65732c444e532e3436313d7777772e616c61676f6e64656c72696f2e65732c444e532e3436323d7777772e7469657461722e65732c444e532e3436333d7777772e76616c646573616c6f722e65732c444e532e3436343d7777772e6e6176617472617369657272612e65732c444e532e3436353d7777772e7269766572616465667265736e65646f73612e65732c444e532e3436363d7777772e656c6d73616e67696c2e65732c444e532e3436373d7777772e74616a6f73616c6f722e65732c444e532e3436383d7777772e76616c6c65616d62726f7a2e65732c444e532e3436393d7777772e6d616e636f6d756e6964616476616c6c6564656c616c61676f6e2e65732c444e532e3437303d7777772e6d616e636f6d756e6964616476616c6c6564656c6a657274652e65732c444e532e3437313d7777772e6d616e636f6d756e696461647665676173616c7461732e65732c444e532e3437323d7777772e6d616e636f6d756e6964616464656c61766572612e65732c444e532e3437333d7777772e6d616e636f6d756e696461647a6f6e6163656e74726f2e65732c444e532e3437343d7777772e76696c6c7565726361732d69626f7265732d6a6172612e6573", + .str = "2.5.29.17=#1382304b444e532e313d6162616469612e65732c444e532e323d61626572747572612e65732c444e532e333d616365626f2e65732c444e532e343d61636568756368652e65732c444e532e353d6163656974756e612e65732c444e532e363d61686967616c2e65732c444e532e373d616c61676f6e64656c72696f2e65732c444e532e383d616c636f6c6c6172696e2e65732c444e532e393d6179746f616c62616c612e65732c444e532e31303d6179746f616c63616e746172612e65732c444e532e31313d616c637565736361722e65732c444e532e31323d616c64656163656e74656e6572612e65732c444e532e31333d616c64656164656c63616e6f2e65732c444e532e31343d6c61616c64656164656c6f626973706f2e65732c444e532e31353d616c6465616e7565766164656c61766572612e65732c444e532e31363d616c6465616e7565766164656c63616d696e6f2e65732c444e532e31373d616c64656875656c6164656c6a657274652e65732c444e532e31383d6179746f616c69612e65732c444e532e31393d616c69736564612e65732c444e532e32303d616c6d6172617a2e65732c444e532e32313d616c6d6f686172696e2e65732c444e532e32323d6179746f6172726f796f64656c616c757a2e65732c444e532e32333d6172726f796f6d6f6c696e6f732e65732c444e532e32343d6172726f796f6d6f6c696e6f7364656c61766572612e65732c444e532e32353d62616e6f7364656d6f6e74656d61796f722e65732c444e532e32363d6261727261646f2e65732c444e532e32373d62656c76697364656d6f6e726f792e65732c444e532e32383d62656e71756572656e6369612e65732c444e532e32393d626572726f63616c656a6f2e65732c444e532e33303d6265727a6f63616e612e65732c444e532e33313d626f686f6e616c646569626f722e65732c444e532e33323d626f74696a612e65732c444e532e33333d62726f7a61732e65732c444e532e33343d636162616e617364656c63617374696c6c6f2e65732c444e532e33353d636162657a6162656c6c6f73612e65732c444e532e33363d636162657a75656c6164656c76616c6c652e65732c444e532e33373d6361627265726f2e65732c444e532e33383d636163686f7272696c6c612e65732c444e532e33393d636164616c736f2e65732c444e532e34303d63616c7a6164696c6c612e65732c444e532e34313d63616d696e6f6d6f726973636f2e65732c444e532e34323d63616d70696c6c6f646564656c6569746f73612e65732c444e532e34333d63616d706f6c756761722e65732c444e532e34343d63616e616d65726f2e65732c444e532e34353d63616e61766572616c2e65732c444e532e34363d63617262616a6f2e65732c444e532e34373d6361726361626f736f2e65732c444e532e34383d63617272617363616c656a6f2e65732c444e532e34393d63617361726465636163657265732e65732c444e532e35303d6361736172646570616c6f6d65726f2e65732c444e532e35313d6361736172657364656c61736875726465732e65732c444e532e35323d63617361736465646f6e616e746f6e696f2e65732c444e532e35333d63617361736465646f6e676f6d657a2e65732c444e532e35343d636173617364656c63617374616e61722e65732c444e532e35353d636173617364656c6d6f6e74652e65732c444e532e35363d636173617364656d696c6c616e2e65732c444e532e35373d636173617364656d697261766574652e65732c444e532e35383d6361736174656a6164612e65732c444e532e35393d636173696c6c61736465636f7269612e65732c444e532e36303d63617374616e6172646569626f722e65732c444e532e36313d6365636c6176696e2e65732c444e532e36323d636564696c6c6f2e65732c444e532e36333d636572657a6f2e65732c444e532e36343d63696c6c65726f732e65732c444e532e36353d636f6c6c61646f2e65732c444e532e36363d636f6e71756973746164656c617369657272612e65732c444e532e36373d636f7269612e65732c444e532e36383d637561636f73646579757374652e65732c444e532e36393d6c6163756d6272652e65732c444e532e37303d64656c6569746f73612e65732c444e532e37313d64657363617267616d617269612e65732c444e532e37323d656c6a61732e65732c444e532e37333d657363757269616c2e65732c444e532e37343d667265736e65646f736f646569626f722e65732c444e532e37353d67616c697374656f2e65732c444e532e37363d6761726369617a2e65732c444e532e37373d6c6167617267616e74612e65732c444e532e37383d67617267616e74616c616f6c6c612e65732c444e532e37393d67617267616e74696c6c612e65732c444e532e38303d67617267756572612e65732c444e532e38313d676172726f76696c6c61736465616c636f6e657461722e65732c444e532e38323d67617276696e2e65732c444e532e38333d676174612e65732c444e532e38343d6179746f656c676f72646f2e65732c444e532e38353d6c616772616e6a612e65732c444e532e38363d6c616772616e6a6164656772616e6164696c6c612e65732c444e532e38373d6179756e74616d69656e746f646567756164616c7570652e65732c444e532e38383d6775696a6f6465636f7269612e65732c444e532e38393d6775696a6f646567616c697374656f2e65732c444e532e39303d6775696a6f64656772616e6164696c6c612e65732c444e532e39313d6775696a6f646573616e7461626172626172612e65732c444e532e39323d6865726775696a75656c612e65732c444e532e39333d6865726e616e706572657a2e65732c444e532e39343d686572726572616465616c63616e746172612e65732c444e532e39353d68657272657275656c612e65732c444e532e39363d6865727661732e65732c444e532e39373d686967756572612e65732c444e532e39383d68696e6f6a616c2e65732c444e532e39393d686f6c67756572612e65732c444e532e3130303d686f796f732e65732c444e532e3130313d6875656c6167612e65732c444e532e3130323d6962616865726e616e646f2e65732c444e532e3130333d6a6172616963656a6f2e65732c444e532e3130343d6a617261697a64656c61766572612e65732c444e532e3130353d6a6172616e64696c6c6164656c61766572612e65732c444e532e3130363d6a6172696c6c612e65732c444e532e3130373d6a657274652e65732c444e532e3130383d6c616472696c6c61722e65732c444e532e3130393d6c6f67726f73616e2e65732c444e532e3131303d6c6f73617264656c61766572612e65732c444e532e3131313d6d6164726967616c656a6f2e65732c444e532e3131323d6d6164726967616c64656c61766572612e65732c444e532e3131333d6d6164726f6e6572612e65732c444e532e3131343d6d616a616461732e65732c444e532e3131353d6d616c706172746964616465636163657265732e65732c444e532e3131363d6d616c706172746964616465706c6173656e6369612e65732c444e532e3131373d6d617263686167617a2e65732c444e532e3131383d6d6174616465616c63616e746172612e65732c444e532e3131393d6d656d6272696f2e65732c444e532e3132303d6d65736173646569626f722e65732c444e532e3132313d6d69616a616461732e65732c444e532e3132323d6d696c6c616e65732e65732c444e532e3132333d6d69726162656c2e65732c444e532e3132343d6d6f686564617364656772616e6164696c6c612e65732c444e532e3132353d6d6f6e726f792e65732c444e532e3132363d6d6f6e74616e6368657a2e65732c444e532e3132373d6d6f6e74656865726d6f736f2e65732c444e532e3132383d6d6f72616c656a612e65732c444e532e3132393d6d6f7263696c6c6f2e65732c444e532e3133303d6e617661636f6e63656a6f2e65732c444e532e3133313d6e6176616c76696c6c6172646569626f722e65732c444e532e3133323d6e6176616c6d6f72616c64656c616d6174612e65732c444e532e3133333d6e6176617364656c6d6164726f6e6f2e65732c444e532e3133343d6e6176617472617369657272612e65732c444e532e3133353d6e6176657a75656c61732e65732c444e532e3133363d6e756e6f6d6f72616c2e65732c444e532e3133373d6f6c6976616465706c6173656e6369612e65732c444e532e3133383d70616c6f6d65726f2e65732c444e532e3133393d70617361726f6e64656c61766572612e65732c444e532e3134303d706564726f736f64656163696d2e65732c444e532e3134313d706572616c65646164656c616d6174612e65732c444e532e3134323d706572616c656461646573616e726f6d616e2e65732c444e532e3134333d706572616c657364656c70756572746f2e65732c444e532e3134343d7065736375657a612e65732c444e532e3134353d6c6170657367612e65732c444e532e3134363d70696564726173616c6261732e65732c444e532e3134373d70696e6f6672616e71756561646f2e65732c444e532e3134383d70696f726e616c2e65732c444e532e3134393d706c6173656e7a75656c612e65732c444e532e3135303d706f7274616a652e65732c444e532e3135313d706f7274657a75656c6f2e65732c444e532e3135323d706f7a75656c6f64657a61727a6f6e2e65732c444e532e3135333d707565626c6f6e7565766f64656d6972616d6f6e7465732e65732c444e532e3135343d70756572746f646573616e74616372757a2e65732c444e532e3135353d7265626f6c6c61722e65732c444e532e3135363d72696f6c6f626f732e65732c444e532e3135373d726f626c6564696c6c6f6465676174612e65732c444e532e3135383d726f626c6564696c6c6f64656c61766572612e65732c444e532e3135393d726f626c6564696c6c6f64657472756a696c6c6f2c444e532e3136303d726f626c65646f6c6c616e6f2e65732c444e532e3136313d726f6d616e676f72646f2e65732c444e532e3136323d7275616e65732e65732c444e532e3136333d73616c6f72696e6f2e65732c444e532e3136343d73616c7661746965727261646573616e746961676f2e65732c444e532e3136353d73616e6d617274696e646574726576656a6f2e65732c444e532e3136363d6179746f73616e7461616e612e65732c444e532e3136373d73616e74616372757a64656c617369657272612e65732c444e532e3136383d73616e74616372757a646570616e69616775612e65732c444e532e3136393d73616e74616d6172746164656d6167617363612e65732c444e532e3137303d73616e746961676f64656c63616d706f2e65732c444e532e3137313d73616e746962616e657a656c616c746f2e65732c444e532e3137323d73616e746962616e657a656c62616a6f2e65732c444e532e3137333d736175636564696c6c612e65732c444e532e3137343d7365677572616465746f726f2e65732c444e532e3137353d736572726164696c6c612e65732c444e532e3137363d73657272656a6f6e2e65732c444e532e3137373d73696572726164656675656e7465732e65732c444e532e3137383d74616c6176616e2e65732c444e532e3137393d74616c6176657275656c6164656c61766572612e65732c444e532e3138303d74616c617975656c612e65732c444e532e3138313d74656a65646164657469657461722e65732c444e532e3138323d746f72696c2e65732c444e532e3138333d746f726e6176616361732e65732c444e532e3138343d6179746f656c746f726e6f2e65732c444e532e3138353d746f72726563696c6c6164656c6f73616e67656c65732e65732c444e532e3138363d746f72726563696c6c617364656c6174696573612e65732c444e532e3138373d746f7272656465646f6e6d696775656c2e65732c444e532e3138383d746f727265646573616e74616d617269612e65732c444e532e3138393d746f7272656a6f6e656c727562696f2e65732c444e532e3139303d746f7272656a6f6e63696c6c6f2e65732c444e532e3139313d746f7272656d656e67612e65732c444e532e3139323d746f7272656d6f6368612e65732c444e532e3139333d746f7272656f7267617a2e65732c444e532e3139343d746f7272657175656d6164612e65732c444e532e3139353d76616c64617374696c6c61732e65732c444e532e3139363d76616c646563616e6173646574616a6f2e65732c444e532e3139373d76616c64656675656e7465732e65732c444e532e3139383d76616c646568756e6361722e65732c444e532e3139393d76616c6465696e69676f732e65732c444e532e3230303d76616c64656c6163617361646574616a6f2e65732c444e532e3230313d76616c64656d6f72616c65732e65732c444e532e3230323d76616c64656f626973706f2e65732c444e532e3230333d76616c646573616c6f722e65732c444e532e3230343d76616c72696f2e65732c444e532e3230353d76616c656e6369616465616c63616e746172612e65732c444e532e3230363d76616c766572646564656c61766572612e65732c444e532e3230373d76616c766572646564656c667265736e6f2e65732c444e532e3230383d766567617669616e612e65732c444e532e3230393d7669616e64617264656c61766572612e65732c444e532e3231303d76696c6c6164656c63616d706f2e65732c444e532e3231313d76696c6c6164656c7265792e65732c444e532e3231323d76696c6c616d65736961732e65732c444e532e3231333d76696c6c616d69656c2e65732c444e532e3231343d76696c6c616e7565766164656c617369657272612e65732c444e532e3231353d76696c6c617264656c706564726f736f2e65732c444e532e3231363d76696c6c61726465706c6173656e6369612e65732c444e532e3231373d76696c6c61736275656e61736465676174612e65732c444e532e3231383d7a61727a6164656772616e6164696c6c612e65732c444e532e3231393d7a61727a6164656d6f6e74616e6368657a2e65732c444e532e3232303d7a61727a616c616d61796f722e65732c444e532e3232313d7a6f726974612e65732c444e532e3232323d726f73616c656a6f2e65732c444e532e3232333d766567617669616e612e65732c444e532e3232343d616c61676f6e64656c72696f2e65732c444e532e3232353d7469657461722e65732c444e532e3232363d76616c646573616c6f722e65732c444e532e3232373d6e6176617472617369657272612e65732c444e532e3232383d7269766572616465667265736e65646f73612e65732c444e532e3232393d656c6d73616e67696c2e65732c444e532e3233303d74616a6f73616c6f722e65732c444e532e3233313d76616c6c65616d62726f7a2e65732c444e532e3233323d6d616e636f6d756e6964616476616c6c6564656c616c61676f6e2e65732c444e532e3233333d6d616e636f6d756e6964616476616c6c6564656c6a657274652e65732c444e532e3233343d6d616e636f6d756e696461647665676173616c7461732e65732c444e532e3233353d6d616e636f6d756e6964616464656c61766572612e65732c444e532e3233363d6d616e636f6d756e696461647a6f6e6163656e74726f2e65732c444e532e3233373d76696c6c7565726361732d69626f7265732d6a6172612e65732c444e532e3233383d7777772e6162616469612e65732c444e532e3233393d7777772e61626572747572612e65732c444e532e3234303d7777772e616365626f2e65732c444e532e3234313d7777772e61636568756368652e65732c444e532e3234323d7777772e6163656974756e612e65732c444e532e3234333d7777772e61686967616c2e65732c444e532e3234343d7777772e616c61676f6e64656c72696f2e65732c444e532e3234353d7777772e616c636f6c6c6172696e2e65732c444e532e3234363d7777772e6179746f616c62616c612e65732c444e532e3234373d7777772e6179746f616c63616e746172612e65732c444e532e3234383d7777772e616c637565736361722e65732c444e532e3234393d7777772e616c64656163656e74656e6572612e65732c444e532e3235303d7777772e616c64656164656c63616e6f2e65732c444e532e3235313d7777772e6c61616c64656164656c6f626973706f2e65732c444e532e3235323d7777772e616c6465616e7565766164656c61766572612e65732c444e532e3235333d7777772e616c6465616e7565766164656c63616d696e6f2e65732c444e532e3235343d7777772e616c64656875656c6164656c6a657274652e65732c444e532e3235353d7777772e6179746f616c69612e65732c444e532e3235363d7777772e616c69736564612e65732c444e532e3235373d7777772e616c6d6172617a2e65732c444e532e3235383d7777772e616c6d6f686172696e2e65732c444e532e3235393d7777772e6179746f6172726f796f64656c616c757a2e65732c444e532e3236303d7777772e6172726f796f6d6f6c696e6f732e65732c444e532e3236313d7777772e6172726f796f6d6f6c696e6f7364656c61766572612e65732c444e532e3236323d7777772e62616e6f7364656d6f6e74656d61796f722e65732c444e532e3236333d7777772e6261727261646f2e65732c444e532e3236343d7777772e62656c76697364656d6f6e726f792e65732c444e532e3236353d7777772e62656e71756572656e6369612e65732c444e532e3236363d7777772e626572726f63616c656a6f2e65732c444e532e3236373d7777772e6265727a6f63616e612e65732c444e532e3236383d7777772e626f686f6e616c646569626f722e65732c444e532e3236393d7777772e626f74696a612e65732c444e532e3237303d7777772e62726f7a61732e65732c444e532e3237313d7777772e636162616e617364656c63617374696c6c6f2e65732c444e532e3237323d7777772e636162657a6162656c6c6f73612e65732c444e532e3237333d7777772e636162657a75656c6164656c76616c6c652e65732c444e532e3237343d7777772e6361627265726f2e65732c444e532e3237353d7777772e636163686f7272696c6c612e65732c444e532e3237363d7777772e636164616c736f2e65732c444e532e3237373d7777772e63616c7a6164696c6c612e65732c444e532e3237383d7777772e63616d696e6f6d6f726973636f2e65732c444e532e3237393d7777772e63616d70696c6c6f646564656c6569746f73612e65732c444e532e3238303d7777772e63616d706f6c756761722e65732c444e532e3238313d7777772e63616e616d65726f2e65732c444e532e3238323d7777772e63616e61766572616c2e65732c444e532e3238333d7777772e63617262616a6f2e65732c444e532e3238343d7777772e6361726361626f736f2e65732c444e532e3238353d7777772e63617272617363616c656a6f2e65732c444e532e3238363d7777772e63617361726465636163657265732e65732c444e532e3238373d7777772e6361736172646570616c6f6d65726f2e65732c444e532e3238383d7777772e6361736172657364656c61736875726465732e65732c444e532e3238393d7777772e63617361736465646f6e616e746f6e696f2e65732c444e532e3239303d7777772e63617361736465646f6e676f6d657a2e65732c444e532e3239313d7777772e636173617364656c63617374616e61722e65732c444e532e3239323d7777772e636173617364656c6d6f6e74652e65732c444e532e3239333d7777772e636173617364656d696c6c616e2e65732c444e532e3239343d7777772e636173617364656d697261766574652e65732c444e532e3239353d7777772e6361736174656a6164612e65732c444e532e3239363d7777772e636173696c6c61736465636f7269612e65732c444e532e3239373d7777772e63617374616e6172646569626f722e65732c444e532e3239383d7777772e6365636c6176696e2e65732c444e532e3239393d7777772e636564696c6c6f2e65732c444e532e3330303d7777772e636572657a6f2e65732c444e532e3330313d7777772e63696c6c65726f732e65732c444e532e3330323d7777772e636f6c6c61646f2e65732c444e532e3330333d7777772e636f6e71756973746164656c617369657272612e65732c444e532e3330343d7777772e636f7269612e65732c444e532e3330353d7777772e637561636f73646579757374652e65732c444e532e3330363d7777772e6c6163756d6272652e65732c444e532e3330373d7777772e64656c6569746f73612e65732c444e532e3330383d7777772e64657363617267616d617269612e65732c444e532e3330393d7777772e656c6a61732e65732c444e532e3331303d7777772e657363757269616c2e65732c444e532e3331313d7777772e667265736e65646f736f646569626f722e65732c444e532e3331323d7777772e67616c697374656f2e65732c444e532e3331333d7777772e6761726369617a2e65732c444e532e3331343d7777772e6c6167617267616e74612e65732c444e532e3331353d7777772e67617267616e74616c616f6c6c612e65732c444e532e3331363d7777772e67617267616e74696c6c612e65732c444e532e3331373d7777772e67617267756572612e65732c444e532e3331383d7777772e676172726f76696c6c61736465616c636f6e657461722e65732c444e532e3331393d7777772e67617276696e2e65732c444e532e3332303d7777772e676174612e65732c444e532e3332313d7777772e6179746f656c676f72646f2e65732c444e532e3332323d7777772e6c616772616e6a612e65732c444e532e3332333d7777772e6c616772616e6a6164656772616e6164696c6c612e65732c444e532e3332343d7777772e6179756e74616d69656e746f646567756164616c7570652e65732c444e532e3332353d7777772e6775696a6f6465636f7269612e65732c444e532e3332363d7777772e6775696a6f646567616c697374656f2e65732c444e532e3332373d7777772e6775696a6f64656772616e6164696c6c612e65732c444e532e3332383d7777772e6775696a6f646573616e7461626172626172612e65732c444e532e3332393d7777772e6865726775696a75656c612e65732c444e532e3333303d7777772e6865726e616e706572657a2e65732c444e532e3333313d7777772e686572726572616465616c63616e746172612e65732c444e532e3333323d7777772e68657272657275656c612e65732c444e532e3333333d7777772e6865727661732e65732c444e532e3333343d7777772e686967756572612e65732c444e532e3333353d7777772e68696e6f6a616c2e65732c444e532e3333363d7777772e686f6c67756572612e65732c444e532e3333373d7777772e686f796f732e65732c444e532e3333383d7777772e6875656c6167612e65732c444e532e3333393d7777772e6962616865726e616e646f2e65732c444e532e3334303d7777772e6a6172616963656a6f2e65732c444e532e3334313d7777772e6a617261697a64656c61766572612e65732c444e532e3334323d7777772e6a6172616e64696c6c6164656c61766572612e65732c444e532e3334333d7777772e6a6172696c6c612e65732c444e532e3334343d7777772e6a657274652e65732c444e532e3334353d7777772e6c616472696c6c61722e65732c444e532e3334363d7777772e6c6f67726f73616e2e65732c444e532e3334373d7777772e6c6f73617264656c61766572612e65732c444e532e3334383d7777772e6d6164726967616c656a6f2e65732c444e532e3334393d7777772e6d6164726967616c64656c61766572612e65732c444e532e3335303d7777772e6d6164726f6e6572612e65732c444e532e3335313d7777772e6d616a616461732e65732c444e532e3335323d7777772e6d616c706172746964616465636163657265732e65732c444e532e3335333d7777772e6d616c706172746964616465706c6173656e6369612e65732c444e532e3335343d7777772e6d617263686167617a2e65732c444e532e3335353d7777772e6d6174616465616c63616e746172612e65732c444e532e3335363d7777772e6d656d6272696f2e65732c444e532e3335373d7777772e6d65736173646569626f722e65732c444e532e3335383d7777772e6d69616a616461732e65732c444e532e3335393d7777772e6d696c6c616e65732e65732c444e532e3336303d7777772e6d69726162656c2e65732c444e532e3336313d7777772e6d6f686564617364656772616e6164696c6c612e65732c444e532e3336323d7777772e6d6f6e726f792e65732c444e532e3336333d7777772e6d6f6e74616e6368657a2e65732c444e532e3336343d7777772e6d6f6e74656865726d6f736f2e65732c444e532e3336353d7777772e6d6f72616c656a612e65732c444e532e3336363d7777772e6d6f7263696c6c6f2e65732c444e532e3336373d7777772e6e617661636f6e63656a6f2e65732c444e532e3336383d7777772e6e6176616c76696c6c6172646569626f722e65732c444e532e3336393d7777772e6e6176616c6d6f72616c64656c616d6174612e65732c444e532e3337303d7777772e6e6176617364656c6d6164726f6e6f2e65732c444e532e3337313d7777772e6e6176617472617369657272612e65732c444e532e3337323d7777772e6e6176657a75656c61732e65732c444e532e3337333d7777772e6e756e6f6d6f72616c2e65732c444e532e3337343d7777772e6f6c6976616465706c6173656e6369612e65732c444e532e3337353d7777772e70616c6f6d65726f2e65732c444e532e3337363d7777772e70617361726f6e64656c61766572612e65732c444e532e3337373d7777772e706564726f736f64656163696d2e65732c444e532e3337383d7777772e706572616c65646164656c616d6174612e65732c444e532e3337393d7777772e706572616c656461646573616e726f6d616e2e65732c444e532e3338303d7777772e706572616c657364656c70756572746f2e65732c444e532e3338313d7777772e7065736375657a612e65732c444e532e3338323d7777772e6c6170657367612e65732c444e532e3338333d7777772e70696564726173616c6261732e65732c444e532e3338343d7777772e70696e6f6672616e71756561646f2e65732c444e532e3338353d7777772e70696f726e616c2e65732c444e532e3338363d7777772e706c6173656e7a75656c612e65732c444e532e3338373d7777772e706f7274616a652e65732c444e532e3338383d7777772e706f7274657a75656c6f2e65732c444e532e3338393d7777772e706f7a75656c6f64657a61727a6f6e2e65732c444e532e3339303d7777772e707565626c6f6e7565766f64656d6972616d6f6e7465732e65732c444e532e3339313d7777772e70756572746f646573616e74616372757a2e65732c444e532e3339323d7777772e7265626f6c6c61722e65732c444e532e3339333d7777772e72696f6c6f626f732e65732c444e532e3339343d7777772e726f626c6564696c6c6f6465676174612e65732c444e532e3339353d7777772e726f626c6564696c6c6f64656c61766572612e65732c444e532e3339363d7777772e726f626c6564696c6c6f64657472756a696c6c6f2c444e532e3339373d7777772e726f626c65646f6c6c616e6f2e65732c444e532e3339383d7777772e726f6d616e676f72646f2e65732c444e532e3339393d7777772e7275616e65732e65732c444e532e3430303d7777772e73616c6f72696e6f2e65732c444e532e3430313d7777772e73616c7661746965727261646573616e746961676f2e65732c444e532e3430323d7777772e73616e6d617274696e646574726576656a6f2e65732c444e532e3430333d7777772e6179746f73616e7461616e612e65732c444e532e3430343d7777772e73616e74616372757a64656c617369657272612e65732c444e532e3430353d7777772e73616e74616372757a646570616e69616775612e65732c444e532e3430363d7777772e73616e74616d6172746164656d6167617363612e65732c444e532e3430373d7777772e73616e746961676f64656c63616d706f2e65732c444e532e3430383d7777772e73616e746962616e657a656c616c746f2e65732c444e532e3430393d7777772e73616e746962616e657a656c62616a6f2e65732c444e532e3431303d7777772e736175636564696c6c612e65732c444e532e3431313d7777772e7365677572616465746f726f2e65732c444e532e3431323d7777772e736572726164696c6c612e65732c444e532e3431333d7777772e73657272656a6f6e2e65732c444e532e3431343d7777772e73696572726164656675656e7465732e65732c444e532e3431353d7777772e74616c6176616e2e65732c444e532e3431363d7777772e74616c6176657275656c6164656c61766572612e65732c444e532e3431373d7777772e74616c617975656c612e65732c444e532e3431383d7777772e74656a65646164657469657461722e65732c444e532e3431393d7777772e746f72696c2e65732c444e532e3432303d7777772e746f726e6176616361732e65732c444e532e3432313d7777772e6179746f656c746f726e6f2e65732c444e532e3432323d7777772e746f72726563696c6c6164656c6f73616e67656c65732e65732c444e532e3432333d7777772e746f72726563696c6c617364656c6174696573612e65732c444e532e3432343d7777772e746f7272656465646f6e6d696775656c2e65732c444e532e3432353d7777772e746f727265646573616e74616d617269612e65732c444e532e3432363d7777772e746f7272656a6f6e656c727562696f2e65732c444e532e3432373d7777772e746f7272656a6f6e63696c6c6f2e65732c444e532e3432383d7777772e746f7272656d656e67612e65732c444e532e3432393d7777772e746f7272656d6f6368612e65732c444e532e3433303d7777772e746f7272656f7267617a2e65732c444e532e3433313d7777772e746f7272657175656d6164612e65732c444e532e3433323d7777772e76616c64617374696c6c61732e65732c444e532e3433333d7777772e76616c646563616e6173646574616a6f2e65732c444e532e3433343d7777772e76616c64656675656e7465732e65732c444e532e3433353d7777772e76616c646568756e6361722e65732c444e532e3433363d7777772e76616c6465696e69676f732e65732c444e532e3433373d7777772e76616c64656c6163617361646574616a6f2e65732c444e532e3433383d7777772e76616c64656d6f72616c65732e65732c444e532e3433393d7777772e76616c64656f626973706f2e65732c444e532e3434303d7777772e76616c646573616c6f722e65732c444e532e3434313d7777772e76616c72696f2e65732c444e532e3434323d7777772e76616c656e6369616465616c63616e746172612e65732c444e532e3434333d7777772e76616c766572646564656c61766572612e65732c444e532e3434343d7777772e76616c766572646564656c667265736e6f2e65732c444e532e3434353d7777772e766567617669616e612e65732c444e532e3434363d7777772e7669616e64617264656c61766572612e65732c444e532e3434373d7777772e76696c6c6164656c63616d706f2e65732c444e532e3434383d7777772e76696c6c6164656c7265792e65732c444e532e3434393d7777772e76696c6c616d65736961732e65732c444e532e3435303d7777772e76696c6c616d69656c2e65732c444e532e3435313d7777772e76696c6c616e7565766164656c617369657272612e65732c444e532e3435323d7777772e76696c6c617264656c706564726f736f2e65732c444e532e3435333d7777772e76696c6c61726465706c6173656e6369612e65732c444e532e3435343d7777772e76696c6c61736275656e61736465676174612e65732c444e532e3435353d7777772e7a61727a6164656772616e6164696c6c612e65732c444e532e3435363d7777772e7a61727a6164656d6f6e74616e6368657a2e65732c444e532e3435373d7777772e7a61727a616c616d61796f722e65732c444e532e3435383d7777772e7a6f726974612e65732c444e532e3435393d7777772e726f73616c656a6f2e65732c444e532e3436303d7777772e766567617669616e612e65732c444e532e3436313d7777772e616c61676f6e64656c72696f2e65732c444e532e3436323d7777772e7469657461722e65732c444e532e3436333d7777772e76616c646573616c6f722e65732c444e532e3436343d7777772e6e6176617472617369657272612e65732c444e532e3436353d7777772e7269766572616465667265736e65646f73612e65732c444e532e3436363d7777772e656c6d73616e67696c2e65732c444e532e3436373d7777772e74616a6f73616c6f722e65732c444e532e3436383d7777772e76616c6c65616d62726f7a2e65732c444e532e3436393d7777772e6d616e636f6d756e6964616476616c6c6564656c616c61676f6e2e65732c444e532e3437303d7777772e6d616e636f6d756e6964616476616c6c6564656c6a657274652e65732c444e532e3437313d7777772e6d616e636f6d756e696461647665676173616c7461732e65732c444e532e3437323d7777772e6d616e636f6d756e6964616464656c61766572612e65732c444e532e3437333d7777772e6d616e636f6d756e696461647a6f6e6163656e74726f2e65732c444e532e3437343d7777772e76696c6c7565726361732d69626f7265732d6a6172612e6573,EMAIL=webmaster@dip-caceres.es,CN=www.dip-caceres.es,OU=DIPUTACION PROVINCIAL DE CACERES,O=DIPUTACION PROVINCIAL DE CACERES,L=CACERES,ST=CACERES,C=ES", + .raw = { (void *)"\x30\x82\x31\x29\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x45\x53\x31\x10\x30\x0e\x06\x03\x55\x04\x08\x13\x07\x43\x41\x43\x45\x52\x45\x53\x31\x10\x30\x0e\x06\x03\x55\x04\x07\x13\x07\x43\x41\x43\x45\x52\x45\x53\x31\x29\x30\x27\x06\x03\x55\x04\x0a\x13\x20\x44\x49\x50\x55\x54\x41\x43\x49\x4f\x4e\x20\x50\x52\x4f\x56\x49\x4e\x43\x49\x41\x4c\x20\x44\x45\x20\x43\x41\x43\x45\x52\x45\x53\x31\x29\x30\x27\x06\x03\x55\x04\x0b\x13\x20\x44\x49\x50\x55\x54\x41\x43\x49\x4f\x4e\x20\x50\x52\x4f\x56\x49\x4e\x43\x49\x41\x4c\x20\x44\x45\x20\x43\x41\x43\x45\x52\x45\x53\x31\x1b\x30\x19\x06\x03\x55\x04\x03\x13\x12\x77\x77\x77\x2e\x64\x69\x70\x2d\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x31\x27\x30\x25\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x09\x01\x16\x18\x77\x65\x62\x6d\x61\x73\x74\x65\x72\x40\x64\x69\x70\x2d\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x31\x82\x30\x58\x30\x82\x30\x54\x06\x03\x55\x1d\x11\x13\x82\x30\x4b\x44\x4e\x53\x2e\x31\x3d\x61\x62\x61\x64\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x3d\x61\x62\x65\x72\x74\x75\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x3d\x61\x63\x65\x62\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x3d\x61\x63\x65\x68\x75\x63\x68\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x3d\x61\x63\x65\x69\x74\x75\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x3d\x61\x68\x69\x67\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x3d\x61\x6c\x61\x67\x6f\x6e\x64\x65\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x3d\x61\x6c\x63\x6f\x6c\x6c\x61\x72\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x3d\x61\x79\x74\x6f\x61\x6c\x62\x61\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x3d\x61\x79\x74\x6f\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x3d\x61\x6c\x63\x75\x65\x73\x63\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x3d\x61\x6c\x64\x65\x61\x63\x65\x6e\x74\x65\x6e\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x3d\x61\x6c\x64\x65\x61\x64\x65\x6c\x63\x61\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x3d\x6c\x61\x61\x6c\x64\x65\x61\x64\x65\x6c\x6f\x62\x69\x73\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x3d\x61\x6c\x64\x65\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x3d\x61\x6c\x64\x65\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x63\x61\x6d\x69\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x3d\x61\x6c\x64\x65\x68\x75\x65\x6c\x61\x64\x65\x6c\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x3d\x61\x79\x74\x6f\x61\x6c\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x3d\x61\x6c\x69\x73\x65\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x3d\x61\x6c\x6d\x61\x72\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x3d\x61\x6c\x6d\x6f\x68\x61\x72\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x3d\x61\x79\x74\x6f\x61\x72\x72\x6f\x79\x6f\x64\x65\x6c\x61\x6c\x75\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x3d\x61\x72\x72\x6f\x79\x6f\x6d\x6f\x6c\x69\x6e\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x3d\x61\x72\x72\x6f\x79\x6f\x6d\x6f\x6c\x69\x6e\x6f\x73\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x3d\x62\x61\x6e\x6f\x73\x64\x65\x6d\x6f\x6e\x74\x65\x6d\x61\x79\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x3d\x62\x61\x72\x72\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x3d\x62\x65\x6c\x76\x69\x73\x64\x65\x6d\x6f\x6e\x72\x6f\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x3d\x62\x65\x6e\x71\x75\x65\x72\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x3d\x62\x65\x72\x72\x6f\x63\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x3d\x62\x65\x72\x7a\x6f\x63\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x3d\x62\x6f\x68\x6f\x6e\x61\x6c\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x3d\x62\x6f\x74\x69\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x3d\x62\x72\x6f\x7a\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x3d\x63\x61\x62\x61\x6e\x61\x73\x64\x65\x6c\x63\x61\x73\x74\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x3d\x63\x61\x62\x65\x7a\x61\x62\x65\x6c\x6c\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x3d\x63\x61\x62\x65\x7a\x75\x65\x6c\x61\x64\x65\x6c\x76\x61\x6c\x6c\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x3d\x63\x61\x62\x72\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x3d\x63\x61\x63\x68\x6f\x72\x72\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x3d\x63\x61\x64\x61\x6c\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x3d\x63\x61\x6c\x7a\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x3d\x63\x61\x6d\x69\x6e\x6f\x6d\x6f\x72\x69\x73\x63\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x3d\x63\x61\x6d\x70\x69\x6c\x6c\x6f\x64\x65\x64\x65\x6c\x65\x69\x74\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x3d\x63\x61\x6d\x70\x6f\x6c\x75\x67\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x3d\x63\x61\x6e\x61\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x3d\x63\x61\x6e\x61\x76\x65\x72\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x3d\x63\x61\x72\x62\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x3d\x63\x61\x72\x63\x61\x62\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x38\x3d\x63\x61\x72\x72\x61\x73\x63\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x39\x3d\x63\x61\x73\x61\x72\x64\x65\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x30\x3d\x63\x61\x73\x61\x72\x64\x65\x70\x61\x6c\x6f\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x31\x3d\x63\x61\x73\x61\x72\x65\x73\x64\x65\x6c\x61\x73\x68\x75\x72\x64\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x32\x3d\x63\x61\x73\x61\x73\x64\x65\x64\x6f\x6e\x61\x6e\x74\x6f\x6e\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x33\x3d\x63\x61\x73\x61\x73\x64\x65\x64\x6f\x6e\x67\x6f\x6d\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x34\x3d\x63\x61\x73\x61\x73\x64\x65\x6c\x63\x61\x73\x74\x61\x6e\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x35\x3d\x63\x61\x73\x61\x73\x64\x65\x6c\x6d\x6f\x6e\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x36\x3d\x63\x61\x73\x61\x73\x64\x65\x6d\x69\x6c\x6c\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x37\x3d\x63\x61\x73\x61\x73\x64\x65\x6d\x69\x72\x61\x76\x65\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x38\x3d\x63\x61\x73\x61\x74\x65\x6a\x61\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x39\x3d\x63\x61\x73\x69\x6c\x6c\x61\x73\x64\x65\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x30\x3d\x63\x61\x73\x74\x61\x6e\x61\x72\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x31\x3d\x63\x65\x63\x6c\x61\x76\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x32\x3d\x63\x65\x64\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x33\x3d\x63\x65\x72\x65\x7a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x34\x3d\x63\x69\x6c\x6c\x65\x72\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x35\x3d\x63\x6f\x6c\x6c\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x36\x3d\x63\x6f\x6e\x71\x75\x69\x73\x74\x61\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x37\x3d\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x38\x3d\x63\x75\x61\x63\x6f\x73\x64\x65\x79\x75\x73\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x39\x3d\x6c\x61\x63\x75\x6d\x62\x72\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x30\x3d\x64\x65\x6c\x65\x69\x74\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x31\x3d\x64\x65\x73\x63\x61\x72\x67\x61\x6d\x61\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x32\x3d\x65\x6c\x6a\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x33\x3d\x65\x73\x63\x75\x72\x69\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x34\x3d\x66\x72\x65\x73\x6e\x65\x64\x6f\x73\x6f\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x35\x3d\x67\x61\x6c\x69\x73\x74\x65\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x36\x3d\x67\x61\x72\x63\x69\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x37\x3d\x6c\x61\x67\x61\x72\x67\x61\x6e\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x38\x3d\x67\x61\x72\x67\x61\x6e\x74\x61\x6c\x61\x6f\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x39\x3d\x67\x61\x72\x67\x61\x6e\x74\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x30\x3d\x67\x61\x72\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x31\x3d\x67\x61\x72\x72\x6f\x76\x69\x6c\x6c\x61\x73\x64\x65\x61\x6c\x63\x6f\x6e\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x32\x3d\x67\x61\x72\x76\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x33\x3d\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x34\x3d\x61\x79\x74\x6f\x65\x6c\x67\x6f\x72\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x35\x3d\x6c\x61\x67\x72\x61\x6e\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x36\x3d\x6c\x61\x67\x72\x61\x6e\x6a\x61\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x37\x3d\x61\x79\x75\x6e\x74\x61\x6d\x69\x65\x6e\x74\x6f\x64\x65\x67\x75\x61\x64\x61\x6c\x75\x70\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x38\x3d\x67\x75\x69\x6a\x6f\x64\x65\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x39\x3d\x67\x75\x69\x6a\x6f\x64\x65\x67\x61\x6c\x69\x73\x74\x65\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x30\x3d\x67\x75\x69\x6a\x6f\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x31\x3d\x67\x75\x69\x6a\x6f\x64\x65\x73\x61\x6e\x74\x61\x62\x61\x72\x62\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x32\x3d\x68\x65\x72\x67\x75\x69\x6a\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x33\x3d\x68\x65\x72\x6e\x61\x6e\x70\x65\x72\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x34\x3d\x68\x65\x72\x72\x65\x72\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x35\x3d\x68\x65\x72\x72\x65\x72\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x36\x3d\x68\x65\x72\x76\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x37\x3d\x68\x69\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x38\x3d\x68\x69\x6e\x6f\x6a\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x39\x3d\x68\x6f\x6c\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x30\x3d\x68\x6f\x79\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x31\x3d\x68\x75\x65\x6c\x61\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x32\x3d\x69\x62\x61\x68\x65\x72\x6e\x61\x6e\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x33\x3d\x6a\x61\x72\x61\x69\x63\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x34\x3d\x6a\x61\x72\x61\x69\x7a\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x35\x3d\x6a\x61\x72\x61\x6e\x64\x69\x6c\x6c\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x36\x3d\x6a\x61\x72\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x37\x3d\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x38\x3d\x6c\x61\x64\x72\x69\x6c\x6c\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x39\x3d\x6c\x6f\x67\x72\x6f\x73\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x30\x3d\x6c\x6f\x73\x61\x72\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x31\x3d\x6d\x61\x64\x72\x69\x67\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x32\x3d\x6d\x61\x64\x72\x69\x67\x61\x6c\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x33\x3d\x6d\x61\x64\x72\x6f\x6e\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x34\x3d\x6d\x61\x6a\x61\x64\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x35\x3d\x6d\x61\x6c\x70\x61\x72\x74\x69\x64\x61\x64\x65\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x36\x3d\x6d\x61\x6c\x70\x61\x72\x74\x69\x64\x61\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x37\x3d\x6d\x61\x72\x63\x68\x61\x67\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x38\x3d\x6d\x61\x74\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x39\x3d\x6d\x65\x6d\x62\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x30\x3d\x6d\x65\x73\x61\x73\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x31\x3d\x6d\x69\x61\x6a\x61\x64\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x32\x3d\x6d\x69\x6c\x6c\x61\x6e\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x33\x3d\x6d\x69\x72\x61\x62\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x34\x3d\x6d\x6f\x68\x65\x64\x61\x73\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x35\x3d\x6d\x6f\x6e\x72\x6f\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x36\x3d\x6d\x6f\x6e\x74\x61\x6e\x63\x68\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x37\x3d\x6d\x6f\x6e\x74\x65\x68\x65\x72\x6d\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x38\x3d\x6d\x6f\x72\x61\x6c\x65\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x39\x3d\x6d\x6f\x72\x63\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x30\x3d\x6e\x61\x76\x61\x63\x6f\x6e\x63\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x31\x3d\x6e\x61\x76\x61\x6c\x76\x69\x6c\x6c\x61\x72\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x32\x3d\x6e\x61\x76\x61\x6c\x6d\x6f\x72\x61\x6c\x64\x65\x6c\x61\x6d\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x33\x3d\x6e\x61\x76\x61\x73\x64\x65\x6c\x6d\x61\x64\x72\x6f\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x34\x3d\x6e\x61\x76\x61\x74\x72\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x35\x3d\x6e\x61\x76\x65\x7a\x75\x65\x6c\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x36\x3d\x6e\x75\x6e\x6f\x6d\x6f\x72\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x37\x3d\x6f\x6c\x69\x76\x61\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x38\x3d\x70\x61\x6c\x6f\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x39\x3d\x70\x61\x73\x61\x72\x6f\x6e\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x30\x3d\x70\x65\x64\x72\x6f\x73\x6f\x64\x65\x61\x63\x69\x6d\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x31\x3d\x70\x65\x72\x61\x6c\x65\x64\x61\x64\x65\x6c\x61\x6d\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x32\x3d\x70\x65\x72\x61\x6c\x65\x64\x61\x64\x65\x73\x61\x6e\x72\x6f\x6d\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x33\x3d\x70\x65\x72\x61\x6c\x65\x73\x64\x65\x6c\x70\x75\x65\x72\x74\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x34\x3d\x70\x65\x73\x63\x75\x65\x7a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x35\x3d\x6c\x61\x70\x65\x73\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x36\x3d\x70\x69\x65\x64\x72\x61\x73\x61\x6c\x62\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x37\x3d\x70\x69\x6e\x6f\x66\x72\x61\x6e\x71\x75\x65\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x38\x3d\x70\x69\x6f\x72\x6e\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x39\x3d\x70\x6c\x61\x73\x65\x6e\x7a\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x30\x3d\x70\x6f\x72\x74\x61\x6a\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x31\x3d\x70\x6f\x72\x74\x65\x7a\x75\x65\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x32\x3d\x70\x6f\x7a\x75\x65\x6c\x6f\x64\x65\x7a\x61\x72\x7a\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x33\x3d\x70\x75\x65\x62\x6c\x6f\x6e\x75\x65\x76\x6f\x64\x65\x6d\x69\x72\x61\x6d\x6f\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x34\x3d\x70\x75\x65\x72\x74\x6f\x64\x65\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x35\x3d\x72\x65\x62\x6f\x6c\x6c\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x36\x3d\x72\x69\x6f\x6c\x6f\x62\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x37\x3d\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x38\x3d\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x39\x3d\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x74\x72\x75\x6a\x69\x6c\x6c\x6f\x2c\x44\x4e\x53\x2e\x31\x36\x30\x3d\x72\x6f\x62\x6c\x65\x64\x6f\x6c\x6c\x61\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x31\x3d\x72\x6f\x6d\x61\x6e\x67\x6f\x72\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x32\x3d\x72\x75\x61\x6e\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x33\x3d\x73\x61\x6c\x6f\x72\x69\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x34\x3d\x73\x61\x6c\x76\x61\x74\x69\x65\x72\x72\x61\x64\x65\x73\x61\x6e\x74\x69\x61\x67\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x35\x3d\x73\x61\x6e\x6d\x61\x72\x74\x69\x6e\x64\x65\x74\x72\x65\x76\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x36\x3d\x61\x79\x74\x6f\x73\x61\x6e\x74\x61\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x37\x3d\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x38\x3d\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x64\x65\x70\x61\x6e\x69\x61\x67\x75\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x39\x3d\x73\x61\x6e\x74\x61\x6d\x61\x72\x74\x61\x64\x65\x6d\x61\x67\x61\x73\x63\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x30\x3d\x73\x61\x6e\x74\x69\x61\x67\x6f\x64\x65\x6c\x63\x61\x6d\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x31\x3d\x73\x61\x6e\x74\x69\x62\x61\x6e\x65\x7a\x65\x6c\x61\x6c\x74\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x32\x3d\x73\x61\x6e\x74\x69\x62\x61\x6e\x65\x7a\x65\x6c\x62\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x33\x3d\x73\x61\x75\x63\x65\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x34\x3d\x73\x65\x67\x75\x72\x61\x64\x65\x74\x6f\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x35\x3d\x73\x65\x72\x72\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x36\x3d\x73\x65\x72\x72\x65\x6a\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x37\x3d\x73\x69\x65\x72\x72\x61\x64\x65\x66\x75\x65\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x38\x3d\x74\x61\x6c\x61\x76\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x39\x3d\x74\x61\x6c\x61\x76\x65\x72\x75\x65\x6c\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x30\x3d\x74\x61\x6c\x61\x79\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x31\x3d\x74\x65\x6a\x65\x64\x61\x64\x65\x74\x69\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x32\x3d\x74\x6f\x72\x69\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x33\x3d\x74\x6f\x72\x6e\x61\x76\x61\x63\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x34\x3d\x61\x79\x74\x6f\x65\x6c\x74\x6f\x72\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x35\x3d\x74\x6f\x72\x72\x65\x63\x69\x6c\x6c\x61\x64\x65\x6c\x6f\x73\x61\x6e\x67\x65\x6c\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x36\x3d\x74\x6f\x72\x72\x65\x63\x69\x6c\x6c\x61\x73\x64\x65\x6c\x61\x74\x69\x65\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x37\x3d\x74\x6f\x72\x72\x65\x64\x65\x64\x6f\x6e\x6d\x69\x67\x75\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x38\x3d\x74\x6f\x72\x72\x65\x64\x65\x73\x61\x6e\x74\x61\x6d\x61\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x39\x3d\x74\x6f\x72\x72\x65\x6a\x6f\x6e\x65\x6c\x72\x75\x62\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x30\x3d\x74\x6f\x72\x72\x65\x6a\x6f\x6e\x63\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x31\x3d\x74\x6f\x72\x72\x65\x6d\x65\x6e\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x32\x3d\x74\x6f\x72\x72\x65\x6d\x6f\x63\x68\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x33\x3d\x74\x6f\x72\x72\x65\x6f\x72\x67\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x34\x3d\x74\x6f\x72\x72\x65\x71\x75\x65\x6d\x61\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x35\x3d\x76\x61\x6c\x64\x61\x73\x74\x69\x6c\x6c\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x36\x3d\x76\x61\x6c\x64\x65\x63\x61\x6e\x61\x73\x64\x65\x74\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x37\x3d\x76\x61\x6c\x64\x65\x66\x75\x65\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x38\x3d\x76\x61\x6c\x64\x65\x68\x75\x6e\x63\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x39\x3d\x76\x61\x6c\x64\x65\x69\x6e\x69\x67\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x30\x3d\x76\x61\x6c\x64\x65\x6c\x61\x63\x61\x73\x61\x64\x65\x74\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x31\x3d\x76\x61\x6c\x64\x65\x6d\x6f\x72\x61\x6c\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x32\x3d\x76\x61\x6c\x64\x65\x6f\x62\x69\x73\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x33\x3d\x76\x61\x6c\x64\x65\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x34\x3d\x76\x61\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x35\x3d\x76\x61\x6c\x65\x6e\x63\x69\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x36\x3d\x76\x61\x6c\x76\x65\x72\x64\x65\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x37\x3d\x76\x61\x6c\x76\x65\x72\x64\x65\x64\x65\x6c\x66\x72\x65\x73\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x38\x3d\x76\x65\x67\x61\x76\x69\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x39\x3d\x76\x69\x61\x6e\x64\x61\x72\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x30\x3d\x76\x69\x6c\x6c\x61\x64\x65\x6c\x63\x61\x6d\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x31\x3d\x76\x69\x6c\x6c\x61\x64\x65\x6c\x72\x65\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x32\x3d\x76\x69\x6c\x6c\x61\x6d\x65\x73\x69\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x33\x3d\x76\x69\x6c\x6c\x61\x6d\x69\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x34\x3d\x76\x69\x6c\x6c\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x35\x3d\x76\x69\x6c\x6c\x61\x72\x64\x65\x6c\x70\x65\x64\x72\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x36\x3d\x76\x69\x6c\x6c\x61\x72\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x37\x3d\x76\x69\x6c\x6c\x61\x73\x62\x75\x65\x6e\x61\x73\x64\x65\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x38\x3d\x7a\x61\x72\x7a\x61\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x39\x3d\x7a\x61\x72\x7a\x61\x64\x65\x6d\x6f\x6e\x74\x61\x6e\x63\x68\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x30\x3d\x7a\x61\x72\x7a\x61\x6c\x61\x6d\x61\x79\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x31\x3d\x7a\x6f\x72\x69\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x32\x3d\x72\x6f\x73\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x33\x3d\x76\x65\x67\x61\x76\x69\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x34\x3d\x61\x6c\x61\x67\x6f\x6e\x64\x65\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x35\x3d\x74\x69\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x36\x3d\x76\x61\x6c\x64\x65\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x37\x3d\x6e\x61\x76\x61\x74\x72\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x38\x3d\x72\x69\x76\x65\x72\x61\x64\x65\x66\x72\x65\x73\x6e\x65\x64\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x39\x3d\x65\x6c\x6d\x73\x61\x6e\x67\x69\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x30\x3d\x74\x61\x6a\x6f\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x31\x3d\x76\x61\x6c\x6c\x65\x61\x6d\x62\x72\x6f\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x32\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x61\x6c\x6c\x65\x64\x65\x6c\x61\x6c\x61\x67\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x33\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x61\x6c\x6c\x65\x64\x65\x6c\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x34\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x65\x67\x61\x73\x61\x6c\x74\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x35\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x36\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x7a\x6f\x6e\x61\x63\x65\x6e\x74\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x37\x3d\x76\x69\x6c\x6c\x75\x65\x72\x63\x61\x73\x2d\x69\x62\x6f\x72\x65\x73\x2d\x6a\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x38\x3d\x77\x77\x77\x2e\x61\x62\x61\x64\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x39\x3d\x77\x77\x77\x2e\x61\x62\x65\x72\x74\x75\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x30\x3d\x77\x77\x77\x2e\x61\x63\x65\x62\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x31\x3d\x77\x77\x77\x2e\x61\x63\x65\x68\x75\x63\x68\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x32\x3d\x77\x77\x77\x2e\x61\x63\x65\x69\x74\x75\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x33\x3d\x77\x77\x77\x2e\x61\x68\x69\x67\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x34\x3d\x77\x77\x77\x2e\x61\x6c\x61\x67\x6f\x6e\x64\x65\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x35\x3d\x77\x77\x77\x2e\x61\x6c\x63\x6f\x6c\x6c\x61\x72\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x36\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x61\x6c\x62\x61\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x37\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x38\x3d\x77\x77\x77\x2e\x61\x6c\x63\x75\x65\x73\x63\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x39\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x61\x63\x65\x6e\x74\x65\x6e\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x30\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x61\x64\x65\x6c\x63\x61\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x31\x3d\x77\x77\x77\x2e\x6c\x61\x61\x6c\x64\x65\x61\x64\x65\x6c\x6f\x62\x69\x73\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x32\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x33\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x63\x61\x6d\x69\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x34\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x68\x75\x65\x6c\x61\x64\x65\x6c\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x35\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x61\x6c\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x36\x3d\x77\x77\x77\x2e\x61\x6c\x69\x73\x65\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x37\x3d\x77\x77\x77\x2e\x61\x6c\x6d\x61\x72\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x38\x3d\x77\x77\x77\x2e\x61\x6c\x6d\x6f\x68\x61\x72\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x39\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x61\x72\x72\x6f\x79\x6f\x64\x65\x6c\x61\x6c\x75\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x30\x3d\x77\x77\x77\x2e\x61\x72\x72\x6f\x79\x6f\x6d\x6f\x6c\x69\x6e\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x31\x3d\x77\x77\x77\x2e\x61\x72\x72\x6f\x79\x6f\x6d\x6f\x6c\x69\x6e\x6f\x73\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x32\x3d\x77\x77\x77\x2e\x62\x61\x6e\x6f\x73\x64\x65\x6d\x6f\x6e\x74\x65\x6d\x61\x79\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x33\x3d\x77\x77\x77\x2e\x62\x61\x72\x72\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x34\x3d\x77\x77\x77\x2e\x62\x65\x6c\x76\x69\x73\x64\x65\x6d\x6f\x6e\x72\x6f\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x35\x3d\x77\x77\x77\x2e\x62\x65\x6e\x71\x75\x65\x72\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x36\x3d\x77\x77\x77\x2e\x62\x65\x72\x72\x6f\x63\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x37\x3d\x77\x77\x77\x2e\x62\x65\x72\x7a\x6f\x63\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x38\x3d\x77\x77\x77\x2e\x62\x6f\x68\x6f\x6e\x61\x6c\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x39\x3d\x77\x77\x77\x2e\x62\x6f\x74\x69\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x30\x3d\x77\x77\x77\x2e\x62\x72\x6f\x7a\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x31\x3d\x77\x77\x77\x2e\x63\x61\x62\x61\x6e\x61\x73\x64\x65\x6c\x63\x61\x73\x74\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x32\x3d\x77\x77\x77\x2e\x63\x61\x62\x65\x7a\x61\x62\x65\x6c\x6c\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x33\x3d\x77\x77\x77\x2e\x63\x61\x62\x65\x7a\x75\x65\x6c\x61\x64\x65\x6c\x76\x61\x6c\x6c\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x34\x3d\x77\x77\x77\x2e\x63\x61\x62\x72\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x35\x3d\x77\x77\x77\x2e\x63\x61\x63\x68\x6f\x72\x72\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x36\x3d\x77\x77\x77\x2e\x63\x61\x64\x61\x6c\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x37\x3d\x77\x77\x77\x2e\x63\x61\x6c\x7a\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x38\x3d\x77\x77\x77\x2e\x63\x61\x6d\x69\x6e\x6f\x6d\x6f\x72\x69\x73\x63\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x39\x3d\x77\x77\x77\x2e\x63\x61\x6d\x70\x69\x6c\x6c\x6f\x64\x65\x64\x65\x6c\x65\x69\x74\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x30\x3d\x77\x77\x77\x2e\x63\x61\x6d\x70\x6f\x6c\x75\x67\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x31\x3d\x77\x77\x77\x2e\x63\x61\x6e\x61\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x32\x3d\x77\x77\x77\x2e\x63\x61\x6e\x61\x76\x65\x72\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x33\x3d\x77\x77\x77\x2e\x63\x61\x72\x62\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x34\x3d\x77\x77\x77\x2e\x63\x61\x72\x63\x61\x62\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x35\x3d\x77\x77\x77\x2e\x63\x61\x72\x72\x61\x73\x63\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x36\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x72\x64\x65\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x37\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x72\x64\x65\x70\x61\x6c\x6f\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x38\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x72\x65\x73\x64\x65\x6c\x61\x73\x68\x75\x72\x64\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x39\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x64\x6f\x6e\x61\x6e\x74\x6f\x6e\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x30\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x64\x6f\x6e\x67\x6f\x6d\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x31\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x6c\x63\x61\x73\x74\x61\x6e\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x32\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x6c\x6d\x6f\x6e\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x33\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x6d\x69\x6c\x6c\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x34\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x6d\x69\x72\x61\x76\x65\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x35\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x74\x65\x6a\x61\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x36\x3d\x77\x77\x77\x2e\x63\x61\x73\x69\x6c\x6c\x61\x73\x64\x65\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x37\x3d\x77\x77\x77\x2e\x63\x61\x73\x74\x61\x6e\x61\x72\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x38\x3d\x77\x77\x77\x2e\x63\x65\x63\x6c\x61\x76\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x39\x3d\x77\x77\x77\x2e\x63\x65\x64\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x30\x3d\x77\x77\x77\x2e\x63\x65\x72\x65\x7a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x31\x3d\x77\x77\x77\x2e\x63\x69\x6c\x6c\x65\x72\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x32\x3d\x77\x77\x77\x2e\x63\x6f\x6c\x6c\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x33\x3d\x77\x77\x77\x2e\x63\x6f\x6e\x71\x75\x69\x73\x74\x61\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x34\x3d\x77\x77\x77\x2e\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x35\x3d\x77\x77\x77\x2e\x63\x75\x61\x63\x6f\x73\x64\x65\x79\x75\x73\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x36\x3d\x77\x77\x77\x2e\x6c\x61\x63\x75\x6d\x62\x72\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x37\x3d\x77\x77\x77\x2e\x64\x65\x6c\x65\x69\x74\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x38\x3d\x77\x77\x77\x2e\x64\x65\x73\x63\x61\x72\x67\x61\x6d\x61\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x39\x3d\x77\x77\x77\x2e\x65\x6c\x6a\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x30\x3d\x77\x77\x77\x2e\x65\x73\x63\x75\x72\x69\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x31\x3d\x77\x77\x77\x2e\x66\x72\x65\x73\x6e\x65\x64\x6f\x73\x6f\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x32\x3d\x77\x77\x77\x2e\x67\x61\x6c\x69\x73\x74\x65\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x33\x3d\x77\x77\x77\x2e\x67\x61\x72\x63\x69\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x34\x3d\x77\x77\x77\x2e\x6c\x61\x67\x61\x72\x67\x61\x6e\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x35\x3d\x77\x77\x77\x2e\x67\x61\x72\x67\x61\x6e\x74\x61\x6c\x61\x6f\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x36\x3d\x77\x77\x77\x2e\x67\x61\x72\x67\x61\x6e\x74\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x37\x3d\x77\x77\x77\x2e\x67\x61\x72\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x38\x3d\x77\x77\x77\x2e\x67\x61\x72\x72\x6f\x76\x69\x6c\x6c\x61\x73\x64\x65\x61\x6c\x63\x6f\x6e\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x39\x3d\x77\x77\x77\x2e\x67\x61\x72\x76\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x30\x3d\x77\x77\x77\x2e\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x31\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x65\x6c\x67\x6f\x72\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x32\x3d\x77\x77\x77\x2e\x6c\x61\x67\x72\x61\x6e\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x33\x3d\x77\x77\x77\x2e\x6c\x61\x67\x72\x61\x6e\x6a\x61\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x34\x3d\x77\x77\x77\x2e\x61\x79\x75\x6e\x74\x61\x6d\x69\x65\x6e\x74\x6f\x64\x65\x67\x75\x61\x64\x61\x6c\x75\x70\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x35\x3d\x77\x77\x77\x2e\x67\x75\x69\x6a\x6f\x64\x65\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x36\x3d\x77\x77\x77\x2e\x67\x75\x69\x6a\x6f\x64\x65\x67\x61\x6c\x69\x73\x74\x65\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x37\x3d\x77\x77\x77\x2e\x67\x75\x69\x6a\x6f\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x38\x3d\x77\x77\x77\x2e\x67\x75\x69\x6a\x6f\x64\x65\x73\x61\x6e\x74\x61\x62\x61\x72\x62\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x39\x3d\x77\x77\x77\x2e\x68\x65\x72\x67\x75\x69\x6a\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x30\x3d\x77\x77\x77\x2e\x68\x65\x72\x6e\x61\x6e\x70\x65\x72\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x31\x3d\x77\x77\x77\x2e\x68\x65\x72\x72\x65\x72\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x32\x3d\x77\x77\x77\x2e\x68\x65\x72\x72\x65\x72\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x33\x3d\x77\x77\x77\x2e\x68\x65\x72\x76\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x34\x3d\x77\x77\x77\x2e\x68\x69\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x35\x3d\x77\x77\x77\x2e\x68\x69\x6e\x6f\x6a\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x36\x3d\x77\x77\x77\x2e\x68\x6f\x6c\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x37\x3d\x77\x77\x77\x2e\x68\x6f\x79\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x38\x3d\x77\x77\x77\x2e\x68\x75\x65\x6c\x61\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x39\x3d\x77\x77\x77\x2e\x69\x62\x61\x68\x65\x72\x6e\x61\x6e\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x30\x3d\x77\x77\x77\x2e\x6a\x61\x72\x61\x69\x63\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x31\x3d\x77\x77\x77\x2e\x6a\x61\x72\x61\x69\x7a\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x32\x3d\x77\x77\x77\x2e\x6a\x61\x72\x61\x6e\x64\x69\x6c\x6c\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x33\x3d\x77\x77\x77\x2e\x6a\x61\x72\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x34\x3d\x77\x77\x77\x2e\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x35\x3d\x77\x77\x77\x2e\x6c\x61\x64\x72\x69\x6c\x6c\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x36\x3d\x77\x77\x77\x2e\x6c\x6f\x67\x72\x6f\x73\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x37\x3d\x77\x77\x77\x2e\x6c\x6f\x73\x61\x72\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x38\x3d\x77\x77\x77\x2e\x6d\x61\x64\x72\x69\x67\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x39\x3d\x77\x77\x77\x2e\x6d\x61\x64\x72\x69\x67\x61\x6c\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x30\x3d\x77\x77\x77\x2e\x6d\x61\x64\x72\x6f\x6e\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x31\x3d\x77\x77\x77\x2e\x6d\x61\x6a\x61\x64\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x32\x3d\x77\x77\x77\x2e\x6d\x61\x6c\x70\x61\x72\x74\x69\x64\x61\x64\x65\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x33\x3d\x77\x77\x77\x2e\x6d\x61\x6c\x70\x61\x72\x74\x69\x64\x61\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x34\x3d\x77\x77\x77\x2e\x6d\x61\x72\x63\x68\x61\x67\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x35\x3d\x77\x77\x77\x2e\x6d\x61\x74\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x36\x3d\x77\x77\x77\x2e\x6d\x65\x6d\x62\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x37\x3d\x77\x77\x77\x2e\x6d\x65\x73\x61\x73\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x38\x3d\x77\x77\x77\x2e\x6d\x69\x61\x6a\x61\x64\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x39\x3d\x77\x77\x77\x2e\x6d\x69\x6c\x6c\x61\x6e\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x30\x3d\x77\x77\x77\x2e\x6d\x69\x72\x61\x62\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x31\x3d\x77\x77\x77\x2e\x6d\x6f\x68\x65\x64\x61\x73\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x32\x3d\x77\x77\x77\x2e\x6d\x6f\x6e\x72\x6f\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x33\x3d\x77\x77\x77\x2e\x6d\x6f\x6e\x74\x61\x6e\x63\x68\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x34\x3d\x77\x77\x77\x2e\x6d\x6f\x6e\x74\x65\x68\x65\x72\x6d\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x35\x3d\x77\x77\x77\x2e\x6d\x6f\x72\x61\x6c\x65\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x36\x3d\x77\x77\x77\x2e\x6d\x6f\x72\x63\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x37\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x63\x6f\x6e\x63\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x38\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x6c\x76\x69\x6c\x6c\x61\x72\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x39\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x6c\x6d\x6f\x72\x61\x6c\x64\x65\x6c\x61\x6d\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x30\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x73\x64\x65\x6c\x6d\x61\x64\x72\x6f\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x31\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x74\x72\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x32\x3d\x77\x77\x77\x2e\x6e\x61\x76\x65\x7a\x75\x65\x6c\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x33\x3d\x77\x77\x77\x2e\x6e\x75\x6e\x6f\x6d\x6f\x72\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x34\x3d\x77\x77\x77\x2e\x6f\x6c\x69\x76\x61\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x35\x3d\x77\x77\x77\x2e\x70\x61\x6c\x6f\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x36\x3d\x77\x77\x77\x2e\x70\x61\x73\x61\x72\x6f\x6e\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x37\x3d\x77\x77\x77\x2e\x70\x65\x64\x72\x6f\x73\x6f\x64\x65\x61\x63\x69\x6d\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x38\x3d\x77\x77\x77\x2e\x70\x65\x72\x61\x6c\x65\x64\x61\x64\x65\x6c\x61\x6d\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x39\x3d\x77\x77\x77\x2e\x70\x65\x72\x61\x6c\x65\x64\x61\x64\x65\x73\x61\x6e\x72\x6f\x6d\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x30\x3d\x77\x77\x77\x2e\x70\x65\x72\x61\x6c\x65\x73\x64\x65\x6c\x70\x75\x65\x72\x74\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x31\x3d\x77\x77\x77\x2e\x70\x65\x73\x63\x75\x65\x7a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x32\x3d\x77\x77\x77\x2e\x6c\x61\x70\x65\x73\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x33\x3d\x77\x77\x77\x2e\x70\x69\x65\x64\x72\x61\x73\x61\x6c\x62\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x34\x3d\x77\x77\x77\x2e\x70\x69\x6e\x6f\x66\x72\x61\x6e\x71\x75\x65\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x35\x3d\x77\x77\x77\x2e\x70\x69\x6f\x72\x6e\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x36\x3d\x77\x77\x77\x2e\x70\x6c\x61\x73\x65\x6e\x7a\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x37\x3d\x77\x77\x77\x2e\x70\x6f\x72\x74\x61\x6a\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x38\x3d\x77\x77\x77\x2e\x70\x6f\x72\x74\x65\x7a\x75\x65\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x39\x3d\x77\x77\x77\x2e\x70\x6f\x7a\x75\x65\x6c\x6f\x64\x65\x7a\x61\x72\x7a\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x30\x3d\x77\x77\x77\x2e\x70\x75\x65\x62\x6c\x6f\x6e\x75\x65\x76\x6f\x64\x65\x6d\x69\x72\x61\x6d\x6f\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x31\x3d\x77\x77\x77\x2e\x70\x75\x65\x72\x74\x6f\x64\x65\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x32\x3d\x77\x77\x77\x2e\x72\x65\x62\x6f\x6c\x6c\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x33\x3d\x77\x77\x77\x2e\x72\x69\x6f\x6c\x6f\x62\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x34\x3d\x77\x77\x77\x2e\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x35\x3d\x77\x77\x77\x2e\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x36\x3d\x77\x77\x77\x2e\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x74\x72\x75\x6a\x69\x6c\x6c\x6f\x2c\x44\x4e\x53\x2e\x33\x39\x37\x3d\x77\x77\x77\x2e\x72\x6f\x62\x6c\x65\x64\x6f\x6c\x6c\x61\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x38\x3d\x77\x77\x77\x2e\x72\x6f\x6d\x61\x6e\x67\x6f\x72\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x39\x3d\x77\x77\x77\x2e\x72\x75\x61\x6e\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x30\x3d\x77\x77\x77\x2e\x73\x61\x6c\x6f\x72\x69\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x31\x3d\x77\x77\x77\x2e\x73\x61\x6c\x76\x61\x74\x69\x65\x72\x72\x61\x64\x65\x73\x61\x6e\x74\x69\x61\x67\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x32\x3d\x77\x77\x77\x2e\x73\x61\x6e\x6d\x61\x72\x74\x69\x6e\x64\x65\x74\x72\x65\x76\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x33\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x73\x61\x6e\x74\x61\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x34\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x35\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x64\x65\x70\x61\x6e\x69\x61\x67\x75\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x36\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x61\x6d\x61\x72\x74\x61\x64\x65\x6d\x61\x67\x61\x73\x63\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x37\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x69\x61\x67\x6f\x64\x65\x6c\x63\x61\x6d\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x38\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x69\x62\x61\x6e\x65\x7a\x65\x6c\x61\x6c\x74\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x39\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x69\x62\x61\x6e\x65\x7a\x65\x6c\x62\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x30\x3d\x77\x77\x77\x2e\x73\x61\x75\x63\x65\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x31\x3d\x77\x77\x77\x2e\x73\x65\x67\x75\x72\x61\x64\x65\x74\x6f\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x32\x3d\x77\x77\x77\x2e\x73\x65\x72\x72\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x33\x3d\x77\x77\x77\x2e\x73\x65\x72\x72\x65\x6a\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x34\x3d\x77\x77\x77\x2e\x73\x69\x65\x72\x72\x61\x64\x65\x66\x75\x65\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x35\x3d\x77\x77\x77\x2e\x74\x61\x6c\x61\x76\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x36\x3d\x77\x77\x77\x2e\x74\x61\x6c\x61\x76\x65\x72\x75\x65\x6c\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x37\x3d\x77\x77\x77\x2e\x74\x61\x6c\x61\x79\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x38\x3d\x77\x77\x77\x2e\x74\x65\x6a\x65\x64\x61\x64\x65\x74\x69\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x39\x3d\x77\x77\x77\x2e\x74\x6f\x72\x69\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x30\x3d\x77\x77\x77\x2e\x74\x6f\x72\x6e\x61\x76\x61\x63\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x31\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x65\x6c\x74\x6f\x72\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x32\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x63\x69\x6c\x6c\x61\x64\x65\x6c\x6f\x73\x61\x6e\x67\x65\x6c\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x33\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x63\x69\x6c\x6c\x61\x73\x64\x65\x6c\x61\x74\x69\x65\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x34\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x64\x65\x64\x6f\x6e\x6d\x69\x67\x75\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x35\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x64\x65\x73\x61\x6e\x74\x61\x6d\x61\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x36\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6a\x6f\x6e\x65\x6c\x72\x75\x62\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x37\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6a\x6f\x6e\x63\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x38\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6d\x65\x6e\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x39\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6d\x6f\x63\x68\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x30\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6f\x72\x67\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x31\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x71\x75\x65\x6d\x61\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x32\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x61\x73\x74\x69\x6c\x6c\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x33\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x63\x61\x6e\x61\x73\x64\x65\x74\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x34\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x66\x75\x65\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x35\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x68\x75\x6e\x63\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x36\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x69\x6e\x69\x67\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x37\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x6c\x61\x63\x61\x73\x61\x64\x65\x74\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x38\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x6d\x6f\x72\x61\x6c\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x39\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x6f\x62\x69\x73\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x30\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x31\x3d\x77\x77\x77\x2e\x76\x61\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x32\x3d\x77\x77\x77\x2e\x76\x61\x6c\x65\x6e\x63\x69\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x33\x3d\x77\x77\x77\x2e\x76\x61\x6c\x76\x65\x72\x64\x65\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x34\x3d\x77\x77\x77\x2e\x76\x61\x6c\x76\x65\x72\x64\x65\x64\x65\x6c\x66\x72\x65\x73\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x35\x3d\x77\x77\x77\x2e\x76\x65\x67\x61\x76\x69\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x36\x3d\x77\x77\x77\x2e\x76\x69\x61\x6e\x64\x61\x72\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x37\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x64\x65\x6c\x63\x61\x6d\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x38\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x64\x65\x6c\x72\x65\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x39\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x6d\x65\x73\x69\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x30\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x6d\x69\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x31\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x32\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x72\x64\x65\x6c\x70\x65\x64\x72\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x33\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x72\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x34\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x73\x62\x75\x65\x6e\x61\x73\x64\x65\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x35\x3d\x77\x77\x77\x2e\x7a\x61\x72\x7a\x61\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x36\x3d\x77\x77\x77\x2e\x7a\x61\x72\x7a\x61\x64\x65\x6d\x6f\x6e\x74\x61\x6e\x63\x68\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x37\x3d\x77\x77\x77\x2e\x7a\x61\x72\x7a\x61\x6c\x61\x6d\x61\x79\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x38\x3d\x77\x77\x77\x2e\x7a\x6f\x72\x69\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x39\x3d\x77\x77\x77\x2e\x72\x6f\x73\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x30\x3d\x77\x77\x77\x2e\x76\x65\x67\x61\x76\x69\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x31\x3d\x77\x77\x77\x2e\x61\x6c\x61\x67\x6f\x6e\x64\x65\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x32\x3d\x77\x77\x77\x2e\x74\x69\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x33\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x34\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x74\x72\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x35\x3d\x77\x77\x77\x2e\x72\x69\x76\x65\x72\x61\x64\x65\x66\x72\x65\x73\x6e\x65\x64\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x36\x3d\x77\x77\x77\x2e\x65\x6c\x6d\x73\x61\x6e\x67\x69\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x37\x3d\x77\x77\x77\x2e\x74\x61\x6a\x6f\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x38\x3d\x77\x77\x77\x2e\x76\x61\x6c\x6c\x65\x61\x6d\x62\x72\x6f\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x39\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x61\x6c\x6c\x65\x64\x65\x6c\x61\x6c\x61\x67\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x30\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x61\x6c\x6c\x65\x64\x65\x6c\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x31\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x65\x67\x61\x73\x61\x6c\x74\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x32\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x33\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x7a\x6f\x6e\x61\x63\x65\x6e\x74\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x34\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x75\x65\x72\x63\x61\x73\x2d\x69\x62\x6f\x72\x65\x73\x2d\x6a\x61\x72\x61\x2e\x65\x73", + 12589 }, + } }; void doit(void) diff --git a/tests/x509-dn-decode.c b/tests/x509-dn-decode.c index 18ac58f593..31ebcc4ee0 100644 --- a/tests/x509-dn-decode.c +++ b/tests/x509-dn-decode.c @@ -22,7 +22,7 @@ /* This checks the low level DN encoding and decoding routines */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -33,7 +33,7 @@ #include "utils.h" -static void decode(const char *test_name, const gnutls_datum_t * raw, +static void decode(const char *test_name, const gnutls_datum_t *raw, const char *expected, const char *expected_compat) { int ret; @@ -56,15 +56,15 @@ static void decode(const char *test_name, const gnutls_datum_t * raw, } if (out.size != strlen(expected)) { - test_fail - ("The length of the output (%d) doesn't match the expected (%d)\n", - (int)out.size, (int)strlen(expected)); + test_fail( + "The length of the output (%d) doesn't match the expected (%d)\n", + (int)out.size, (int)strlen(expected)); } if (memcmp(out.data, expected, out.size) != 0) { - test_fail - ("The string output (%s) doesn't match the expected (%s)\n", - (char *)out.data, expected); + test_fail( + "The string output (%s) doesn't match the expected (%s)\n", + (char *)out.data, expected); } if (out.data[out.size] != 0) { @@ -80,15 +80,15 @@ static void decode(const char *test_name, const gnutls_datum_t * raw, } if (out.size != strlen(expected_compat)) { - test_fail - ("The length of the output (%d) doesn't match the expected (%d)\n", - (int)out.size, (int)strlen(expected_compat)); + test_fail( + "The length of the output (%d) doesn't match the expected (%d)\n", + (int)out.size, (int)strlen(expected_compat)); } if (memcmp(out.data, expected_compat, out.size) != 0) { - test_fail - ("The string output (%s) doesn't match the expected (%s)\n", - (char *)out.data, expected_compat); + test_fail( + "The string output (%s) doesn't match the expected (%s)\n", + (char *)out.data, expected_compat); } if (out.data[out.size] != 0) { @@ -101,7 +101,7 @@ static void decode(const char *test_name, const gnutls_datum_t * raw, return; } -static void encode(const char *test_name, const gnutls_datum_t * raw, +static void encode(const char *test_name, const gnutls_datum_t *raw, const char *str, int exp_error) { int ret; @@ -145,9 +145,9 @@ static void encode(const char *test_name, const gnutls_datum_t * raw, (unsigned)out.data[i]); fprintf(stderr, "\n"); } - test_fail - ("The length of the output (%d) doesn't match the expected (%d)\n", - (int)out.size, (int)raw->size); + test_fail( + "The length of the output (%d) doesn't match the expected (%d)\n", + (int)out.size, (int)raw->size); } if (memcmp(out.data, raw->data, out.size) != 0) { @@ -163,7 +163,7 @@ static void encode(const char *test_name, const gnutls_datum_t * raw, } gnutls_free(out.data); - cleanup: +cleanup: gnutls_x509_dn_deinit(dn); return; @@ -173,48 +173,37 @@ struct tests_st { const char *name; gnutls_datum_t raw; const char *str; - const char *compat_str; /* GNUTLS_X509_DN_FLAG_COMPAT */ + const char *compat_str; /* GNUTLS_X509_DN_FLAG_COMPAT */ unsigned can_encode; }; struct tests_st tests[] = { - { - .name = "simple DN", - .str = - "C=GR,ST=Attiki,O=Koko inc.,OU=sleeping dept.,UID=clauper,CN=Cindy Lauper", - .compat_str = - "CN=Cindy Lauper,UID=clauper,OU=sleeping dept.,O=Koko inc.,ST=Attiki,C=GR", - .raw = {(void *) - "\x30\x7b\x31\x15\x30\x13\x06\x03\x55\x04\x03\x13\x0c\x43\x69\x6e\x64\x79\x20\x4c\x61\x75\x70\x65\x72\x31\x17\x30\x15\x06\x0a\x09\x92\x26\x89\x93\xf2\x2c\x64\x01\x01\x13\x07\x63\x6c\x61\x75\x70\x65\x72\x31\x17\x30\x15\x06\x03\x55\x04\x0b\x13\x0e\x73\x6c\x65\x65\x70\x69\x6e\x67\x20\x64\x65\x70\x74\x2e\x31\x12\x30\x10\x06\x03\x55\x04\x0a\x13\x09\x4b\x6f\x6b\x6f\x20\x69\x6e\x63\x2e\x31\x0f\x30\x0d\x06\x03\x55\x04\x08\x13\x06\x41\x74\x74\x69\x6b\x69\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x47\x52", - 125}, - .can_encode = 1}, - { - .name = "UTF8 DN", - .str = "C=GR,ST=Αττική,O=Μεγάλη εταιρία,CN=🐨", - .compat_str = - "CN=🐨,O=Μεγάλη εταιρία,ST=Αττική,C=GR", - .raw = {(void *) - "\x30\x59\x31\x0d\x30\x0b\x06\x03\x55\x04\x03\x0c\x04\xf0\x9f\x90\xa8\x31\x24\x30\x22\x06\x03\x55\x04\x0a\x0c\x1b\xce\x9c\xce\xb5\xce\xb3\xce\xac\xce\xbb\xce\xb7\x20\xce\xb5\xcf\x84\xce\xb1\xce\xb9\xcf\x81\xce\xaf\xce\xb1\x31\x15\x30\x13\x06\x03\x55\x04\x08\x0c\x0c\xce\x91\xcf\x84\xcf\x84\xce\xb9\xce\xba\xce\xae\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x47\x52", - 91}, - .can_encode = 1}, - { - .name = "combo DN", - .compat_str = "C=\\,\\ ,OU=\\ X\\ ,CN=\\#XXX", - .str = "CN=\\#XXX,OU=\\ X\\ ,C=\\,\\ ", - .raw = {(void *) - "\x30\x2b\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x2c\x20\x31\x0d\x30\x0b\x06\x03\x55\x04\x0b\x13\x04\x20\x20\x58\x20\x31\x0d\x30\x0b\x06\x03\x55\x04\x03\x0c\x04\x23\x58\x58\x58", - 45}, - .can_encode = 1}, - { - .name = "very long DN", - .compat_str = - "C=ES,ST=CACERES,L=CACERES,O=DIPUTACION PROVINCIAL DE CACERES,OU=DIPUTACION PROVINCIAL DE CACERES,CN=www.dip-caceres.es,EMAIL=webmaster@dip-caceres.es,2.5.29.17=#1382304b444e532e313d6162616469612e65732c444e532e323d61626572747572612e65732c444e532e333d616365626f2e65732c444e532e343d61636568756368652e65732c444e532e353d6163656974756e612e65732c444e532e363d61686967616c2e65732c444e532e373d616c61676f6e64656c72696f2e65732c444e532e383d616c636f6c6c6172696e2e65732c444e532e393d6179746f616c62616c612e65732c444e532e31303d6179746f616c63616e746172612e65732c444e532e31313d616c637565736361722e65732c444e532e31323d616c64656163656e74656e6572612e65732c444e532e31333d616c64656164656c63616e6f2e65732c444e532e31343d6c61616c64656164656c6f626973706f2e65732c444e532e31353d616c6465616e7565766164656c61766572612e65732c444e532e31363d616c6465616e7565766164656c63616d696e6f2e65732c444e532e31373d616c64656875656c6164656c6a657274652e65732c444e532e31383d6179746f616c69612e65732c444e532e31393d616c69736564612e65732c444e532e32303d616c6d6172617a2e65732c444e532e32313d616c6d6f686172696e2e65732c444e532e32323d6179746f6172726f796f64656c616c757a2e65732c444e532e32333d6172726f796f6d6f6c696e6f732e65732c444e532e32343d6172726f796f6d6f6c696e6f7364656c61766572612e65732c444e532e32353d62616e6f7364656d6f6e74656d61796f722e65732c444e532e32363d6261727261646f2e65732c444e532e32373d62656c76697364656d6f6e726f792e65732c444e532e32383d62656e71756572656e6369612e65732c444e532e32393d626572726f63616c656a6f2e65732c444e532e33303d6265727a6f63616e612e65732c444e532e33313d626f686f6e616c646569626f722e65732c444e532e33323d626f74696a612e65732c444e532e33333d62726f7a61732e65732c444e532e33343d636162616e617364656c63617374696c6c6f2e65732c444e532e33353d636162657a6162656c6c6f73612e65732c444e532e33363d636162657a75656c6164656c76616c6c652e65732c444e532e33373d6361627265726f2e65732c444e532e33383d636163686f7272696c6c612e65732c444e532e33393d636164616c736f2e65732c444e532e34303d63616c7a6164696c6c612e65732c444e532e34313d63616d696e6f6d6f726973636f2e65732c444e532e34323d63616d70696c6c6f646564656c6569746f73612e65732c444e532e34333d63616d706f6c756761722e65732c444e532e34343d63616e616d65726f2e65732c444e532e34353d63616e61766572616c2e65732c444e532e34363d63617262616a6f2e65732c444e532e34373d6361726361626f736f2e65732c444e532e34383d63617272617363616c656a6f2e65732c444e532e34393d63617361726465636163657265732e65732c444e532e35303d6361736172646570616c6f6d65726f2e65732c444e532e35313d6361736172657364656c61736875726465732e65732c444e532e35323d63617361736465646f6e616e746f6e696f2e65732c444e532e35333d63617361736465646f6e676f6d657a2e65732c444e532e35343d636173617364656c63617374616e61722e65732c444e532e35353d636173617364656c6d6f6e74652e65732c444e532e35363d636173617364656d696c6c616e2e65732c444e532e35373d636173617364656d697261766574652e65732c444e532e35383d6361736174656a6164612e65732c444e532e35393d636173696c6c61736465636f7269612e65732c444e532e36303d63617374616e6172646569626f722e65732c444e532e36313d6365636c6176696e2e65732c444e532e36323d636564696c6c6f2e65732c444e532e36333d636572657a6f2e65732c444e532e36343d63696c6c65726f732e65732c444e532e36353d636f6c6c61646f2e65732c444e532e36363d636f6e71756973746164656c617369657272612e65732c444e532e36373d636f7269612e65732c444e532e36383d637561636f73646579757374652e65732c444e532e36393d6c6163756d6272652e65732c444e532e37303d64656c6569746f73612e65732c444e532e37313d64657363617267616d617269612e65732c444e532e37323d656c6a61732e65732c444e532e37333d657363757269616c2e65732c444e532e37343d667265736e65646f736f646569626f722e65732c444e532e37353d67616c697374656f2e65732c444e532e37363d6761726369617a2e65732c444e532e37373d6c6167617267616e74612e65732c444e532e37383d67617267616e74616c616f6c6c612e65732c444e532e37393d67617267616e74696c6c612e65732c444e532e38303d67617267756572612e65732c444e532e38313d676172726f76696c6c61736465616c636f6e657461722e65732c444e532e38323d67617276696e2e65732c444e532e38333d676174612e65732c444e532e38343d6179746f656c676f72646f2e65732c444e532e38353d6c616772616e6a612e65732c444e532e38363d6c616772616e6a6164656772616e6164696c6c612e65732c444e532e38373d6179756e74616d69656e746f646567756164616c7570652e65732c444e532e38383d6775696a6f6465636f7269612e65732c444e532e38393d6775696a6f646567616c697374656f2e65732c444e532e39303d6775696a6f64656772616e6164696c6c612e65732c444e532e39313d6775696a6f646573616e7461626172626172612e65732c444e532e39323d6865726775696a75656c612e65732c444e532e39333d6865726e616e706572657a2e65732c444e532e39343d686572726572616465616c63616e746172612e65732c444e532e39353d68657272657275656c612e65732c444e532e39363d6865727661732e65732c444e532e39373d686967756572612e65732c444e532e39383d68696e6f6a616c2e65732c444e532e39393d686f6c67756572612e65732c444e532e3130303d686f796f732e65732c444e532e3130313d6875656c6167612e65732c444e532e3130323d6962616865726e616e646f2e65732c444e532e3130333d6a6172616963656a6f2e65732c444e532e3130343d6a617261697a64656c61766572612e65732c444e532e3130353d6a6172616e64696c6c6164656c61766572612e65732c444e532e3130363d6a6172696c6c612e65732c444e532e3130373d6a657274652e65732c444e532e3130383d6c616472696c6c61722e65732c444e532e3130393d6c6f67726f73616e2e65732c444e532e3131303d6c6f73617264656c61766572612e65732c444e532e3131313d6d6164726967616c656a6f2e65732c444e532e3131323d6d6164726967616c64656c61766572612e65732c444e532e3131333d6d6164726f6e6572612e65732c444e532e3131343d6d616a616461732e65732c444e532e3131353d6d616c706172746964616465636163657265732e65732c444e532e3131363d6d616c706172746964616465706c6173656e6369612e65732c444e532e3131373d6d617263686167617a2e65732c444e532e3131383d6d6174616465616c63616e746172612e65732c444e532e3131393d6d656d6272696f2e65732c444e532e3132303d6d65736173646569626f722e65732c444e532e3132313d6d69616a616461732e65732c444e532e3132323d6d696c6c616e65732e65732c444e532e3132333d6d69726162656c2e65732c444e532e3132343d6d6f686564617364656772616e6164696c6c612e65732c444e532e3132353d6d6f6e726f792e65732c444e532e3132363d6d6f6e74616e6368657a2e65732c444e532e3132373d6d6f6e74656865726d6f736f2e65732c444e532e3132383d6d6f72616c656a612e65732c444e532e3132393d6d6f7263696c6c6f2e65732c444e532e3133303d6e617661636f6e63656a6f2e65732c444e532e3133313d6e6176616c76696c6c6172646569626f722e65732c444e532e3133323d6e6176616c6d6f72616c64656c616d6174612e65732c444e532e3133333d6e6176617364656c6d6164726f6e6f2e65732c444e532e3133343d6e6176617472617369657272612e65732c444e532e3133353d6e6176657a75656c61732e65732c444e532e3133363d6e756e6f6d6f72616c2e65732c444e532e3133373d6f6c6976616465706c6173656e6369612e65732c444e532e3133383d70616c6f6d65726f2e65732c444e532e3133393d70617361726f6e64656c61766572612e65732c444e532e3134303d706564726f736f64656163696d2e65732c444e532e3134313d706572616c65646164656c616d6174612e65732c444e532e3134323d706572616c656461646573616e726f6d616e2e65732c444e532e3134333d706572616c657364656c70756572746f2e65732c444e532e3134343d7065736375657a612e65732c444e532e3134353d6c6170657367612e65732c444e532e3134363d70696564726173616c6261732e65732c444e532e3134373d70696e6f6672616e71756561646f2e65732c444e532e3134383d70696f726e616c2e65732c444e532e3134393d706c6173656e7a75656c612e65732c444e532e3135303d706f7274616a652e65732c444e532e3135313d706f7274657a75656c6f2e65732c444e532e3135323d706f7a75656c6f64657a61727a6f6e2e65732c444e532e3135333d707565626c6f6e7565766f64656d6972616d6f6e7465732e65732c444e532e3135343d70756572746f646573616e74616372757a2e65732c444e532e3135353d7265626f6c6c61722e65732c444e532e3135363d72696f6c6f626f732e65732c444e532e3135373d726f626c6564696c6c6f6465676174612e65732c444e532e3135383d726f626c6564696c6c6f64656c61766572612e65732c444e532e3135393d726f626c6564696c6c6f64657472756a696c6c6f2c444e532e3136303d726f626c65646f6c6c616e6f2e65732c444e532e3136313d726f6d616e676f72646f2e65732c444e532e3136323d7275616e65732e65732c444e532e3136333d73616c6f72696e6f2e65732c444e532e3136343d73616c7661746965727261646573616e746961676f2e65732c444e532e3136353d73616e6d617274696e646574726576656a6f2e65732c444e532e3136363d6179746f73616e7461616e612e65732c444e532e3136373d73616e74616372757a64656c617369657272612e65732c444e532e3136383d73616e74616372757a646570616e69616775612e65732c444e532e3136393d73616e74616d6172746164656d6167617363612e65732c444e532e3137303d73616e746961676f64656c63616d706f2e65732c444e532e3137313d73616e746962616e657a656c616c746f2e65732c444e532e3137323d73616e746962616e657a656c62616a6f2e65732c444e532e3137333d736175636564696c6c612e65732c444e532e3137343d7365677572616465746f726f2e65732c444e532e3137353d736572726164696c6c612e65732c444e532e3137363d73657272656a6f6e2e65732c444e532e3137373d73696572726164656675656e7465732e65732c444e532e3137383d74616c6176616e2e65732c444e532e3137393d74616c6176657275656c6164656c61766572612e65732c444e532e3138303d74616c617975656c612e65732c444e532e3138313d74656a65646164657469657461722e65732c444e532e3138323d746f72696c2e65732c444e532e3138333d746f726e6176616361732e65732c444e532e3138343d6179746f656c746f726e6f2e65732c444e532e3138353d746f72726563696c6c6164656c6f73616e67656c65732e65732c444e532e3138363d746f72726563696c6c617364656c6174696573612e65732c444e532e3138373d746f7272656465646f6e6d696775656c2e65732c444e532e3138383d746f727265646573616e74616d617269612e65732c444e532e3138393d746f7272656a6f6e656c727562696f2e65732c444e532e3139303d746f7272656a6f6e63696c6c6f2e65732c444e532e3139313d746f7272656d656e67612e65732c444e532e3139323d746f7272656d6f6368612e65732c444e532e3139333d746f7272656f7267617a2e65732c444e532e3139343d746f7272657175656d6164612e65732c444e532e3139353d76616c64617374696c6c61732e65732c444e532e3139363d76616c646563616e6173646574616a6f2e65732c444e532e3139373d76616c64656675656e7465732e65732c444e532e3139383d76616c646568756e6361722e65732c444e532e3139393d76616c6465696e69676f732e65732c444e532e3230303d76616c64656c6163617361646574616a6f2e65732c444e532e3230313d76616c64656d6f72616c65732e65732c444e532e3230323d76616c64656f626973706f2e65732c444e532e3230333d76616c646573616c6f722e65732c444e532e3230343d76616c72696f2e65732c444e532e3230353d76616c656e6369616465616c63616e746172612e65732c444e532e3230363d76616c766572646564656c61766572612e65732c444e532e3230373d76616c766572646564656c667265736e6f2e65732c444e532e3230383d766567617669616e612e65732c444e532e3230393d7669616e64617264656c61766572612e65732c444e532e3231303d76696c6c6164656c63616d706f2e65732c444e532e3231313d76696c6c6164656c7265792e65732c444e532e3231323d76696c6c616d65736961732e65732c444e532e3231333d76696c6c616d69656c2e65732c444e532e3231343d76696c6c616e7565766164656c617369657272612e65732c444e532e3231353d76696c6c617264656c706564726f736f2e65732c444e532e3231363d76696c6c61726465706c6173656e6369612e65732c444e532e3231373d76696c6c61736275656e61736465676174612e65732c444e532e3231383d7a61727a6164656772616e6164696c6c612e65732c444e532e3231393d7a61727a6164656d6f6e74616e6368657a2e65732c444e532e3232303d7a61727a616c616d61796f722e65732c444e532e3232313d7a6f726974612e65732c444e532e3232323d726f73616c656a6f2e65732c444e532e3232333d766567617669616e612e65732c444e532e3232343d616c61676f6e64656c72696f2e65732c444e532e3232353d7469657461722e65732c444e532e3232363d76616c646573616c6f722e65732c444e532e3232373d6e6176617472617369657272612e65732c444e532e3232383d7269766572616465667265736e65646f73612e65732c444e532e3232393d656c6d73616e67696c2e65732c444e532e3233303d74616a6f73616c6f722e65732c444e532e3233313d76616c6c65616d62726f7a2e65732c444e532e3233323d6d616e636f6d756e6964616476616c6c6564656c616c61676f6e2e65732c444e532e3233333d6d616e636f6d756e6964616476616c6c6564656c6a657274652e65732c444e532e3233343d6d616e636f6d756e696461647665676173616c7461732e65732c444e532e3233353d6d616e636f6d756e6964616464656c61766572612e65732c444e532e3233363d6d616e636f6d756e696461647a6f6e6163656e74726f2e65732c444e532e3233373d76696c6c7565726361732d69626f7265732d6a6172612e65732c444e532e3233383d7777772e6162616469612e65732c444e532e3233393d7777772e61626572747572612e65732c444e532e3234303d7777772e616365626f2e65732c444e532e3234313d7777772e61636568756368652e65732c444e532e3234323d7777772e6163656974756e612e65732c444e532e3234333d7777772e61686967616c2e65732c444e532e3234343d7777772e616c61676f6e64656c72696f2e65732c444e532e3234353d7777772e616c636f6c6c6172696e2e65732c444e532e3234363d7777772e6179746f616c62616c612e65732c444e532e3234373d7777772e6179746f616c63616e746172612e65732c444e532e3234383d7777772e616c637565736361722e65732c444e532e3234393d7777772e616c64656163656e74656e6572612e65732c444e532e3235303d7777772e616c64656164656c63616e6f2e65732c444e532e3235313d7777772e6c61616c64656164656c6f626973706f2e65732c444e532e3235323d7777772e616c6465616e7565766164656c61766572612e65732c444e532e3235333d7777772e616c6465616e7565766164656c63616d696e6f2e65732c444e532e3235343d7777772e616c64656875656c6164656c6a657274652e65732c444e532e3235353d7777772e6179746f616c69612e65732c444e532e3235363d7777772e616c69736564612e65732c444e532e3235373d7777772e616c6d6172617a2e65732c444e532e3235383d7777772e616c6d6f686172696e2e65732c444e532e3235393d7777772e6179746f6172726f796f64656c616c757a2e65732c444e532e3236303d7777772e6172726f796f6d6f6c696e6f732e65732c444e532e3236313d7777772e6172726f796f6d6f6c696e6f7364656c61766572612e65732c444e532e3236323d7777772e62616e6f7364656d6f6e74656d61796f722e65732c444e532e3236333d7777772e6261727261646f2e65732c444e532e3236343d7777772e62656c76697364656d6f6e726f792e65732c444e532e3236353d7777772e62656e71756572656e6369612e65732c444e532e3236363d7777772e626572726f63616c656a6f2e65732c444e532e3236373d7777772e6265727a6f63616e612e65732c444e532e3236383d7777772e626f686f6e616c646569626f722e65732c444e532e3236393d7777772e626f74696a612e65732c444e532e3237303d7777772e62726f7a61732e65732c444e532e3237313d7777772e636162616e617364656c63617374696c6c6f2e65732c444e532e3237323d7777772e636162657a6162656c6c6f73612e65732c444e532e3237333d7777772e636162657a75656c6164656c76616c6c652e65732c444e532e3237343d7777772e6361627265726f2e65732c444e532e3237353d7777772e636163686f7272696c6c612e65732c444e532e3237363d7777772e636164616c736f2e65732c444e532e3237373d7777772e63616c7a6164696c6c612e65732c444e532e3237383d7777772e63616d696e6f6d6f726973636f2e65732c444e532e3237393d7777772e63616d70696c6c6f646564656c6569746f73612e65732c444e532e3238303d7777772e63616d706f6c756761722e65732c444e532e3238313d7777772e63616e616d65726f2e65732c444e532e3238323d7777772e63616e61766572616c2e65732c444e532e3238333d7777772e63617262616a6f2e65732c444e532e3238343d7777772e6361726361626f736f2e65732c444e532e3238353d7777772e63617272617363616c656a6f2e65732c444e532e3238363d7777772e63617361726465636163657265732e65732c444e532e3238373d7777772e6361736172646570616c6f6d65726f2e65732c444e532e3238383d7777772e6361736172657364656c61736875726465732e65732c444e532e3238393d7777772e63617361736465646f6e616e746f6e696f2e65732c444e532e3239303d7777772e63617361736465646f6e676f6d657a2e65732c444e532e3239313d7777772e636173617364656c63617374616e61722e65732c444e532e3239323d7777772e636173617364656c6d6f6e74652e65732c444e532e3239333d7777772e636173617364656d696c6c616e2e65732c444e532e3239343d7777772e636173617364656d697261766574652e65732c444e532e3239353d7777772e6361736174656a6164612e65732c444e532e3239363d7777772e636173696c6c61736465636f7269612e65732c444e532e3239373d7777772e63617374616e6172646569626f722e65732c444e532e3239383d7777772e6365636c6176696e2e65732c444e532e3239393d7777772e636564696c6c6f2e65732c444e532e3330303d7777772e636572657a6f2e65732c444e532e3330313d7777772e63696c6c65726f732e65732c444e532e3330323d7777772e636f6c6c61646f2e65732c444e532e3330333d7777772e636f6e71756973746164656c617369657272612e65732c444e532e3330343d7777772e636f7269612e65732c444e532e3330353d7777772e637561636f73646579757374652e65732c444e532e3330363d7777772e6c6163756d6272652e65732c444e532e3330373d7777772e64656c6569746f73612e65732c444e532e3330383d7777772e64657363617267616d617269612e65732c444e532e3330393d7777772e656c6a61732e65732c444e532e3331303d7777772e657363757269616c2e65732c444e532e3331313d7777772e667265736e65646f736f646569626f722e65732c444e532e3331323d7777772e67616c697374656f2e65732c444e532e3331333d7777772e6761726369617a2e65732c444e532e3331343d7777772e6c6167617267616e74612e65732c444e532e3331353d7777772e67617267616e74616c616f6c6c612e65732c444e532e3331363d7777772e67617267616e74696c6c612e65732c444e532e3331373d7777772e67617267756572612e65732c444e532e3331383d7777772e676172726f76696c6c61736465616c636f6e657461722e65732c444e532e3331393d7777772e67617276696e2e65732c444e532e3332303d7777772e676174612e65732c444e532e3332313d7777772e6179746f656c676f72646f2e65732c444e532e3332323d7777772e6c616772616e6a612e65732c444e532e3332333d7777772e6c616772616e6a6164656772616e6164696c6c612e65732c444e532e3332343d7777772e6179756e74616d69656e746f646567756164616c7570652e65732c444e532e3332353d7777772e6775696a6f6465636f7269612e65732c444e532e3332363d7777772e6775696a6f646567616c697374656f2e65732c444e532e3332373d7777772e6775696a6f64656772616e6164696c6c612e65732c444e532e3332383d7777772e6775696a6f646573616e7461626172626172612e65732c444e532e3332393d7777772e6865726775696a75656c612e65732c444e532e3333303d7777772e6865726e616e706572657a2e65732c444e532e3333313d7777772e686572726572616465616c63616e746172612e65732c444e532e3333323d7777772e68657272657275656c612e65732c444e532e3333333d7777772e6865727661732e65732c444e532e3333343d7777772e686967756572612e65732c444e532e3333353d7777772e68696e6f6a616c2e65732c444e532e3333363d7777772e686f6c67756572612e65732c444e532e3333373d7777772e686f796f732e65732c444e532e3333383d7777772e6875656c6167612e65732c444e532e3333393d7777772e6962616865726e616e646f2e65732c444e532e3334303d7777772e6a6172616963656a6f2e65732c444e532e3334313d7777772e6a617261697a64656c61766572612e65732c444e532e3334323d7777772e6a6172616e64696c6c6164656c61766572612e65732c444e532e3334333d7777772e6a6172696c6c612e65732c444e532e3334343d7777772e6a657274652e65732c444e532e3334353d7777772e6c616472696c6c61722e65732c444e532e3334363d7777772e6c6f67726f73616e2e65732c444e532e3334373d7777772e6c6f73617264656c61766572612e65732c444e532e3334383d7777772e6d6164726967616c656a6f2e65732c444e532e3334393d7777772e6d6164726967616c64656c61766572612e65732c444e532e3335303d7777772e6d6164726f6e6572612e65732c444e532e3335313d7777772e6d616a616461732e65732c444e532e3335323d7777772e6d616c706172746964616465636163657265732e65732c444e532e3335333d7777772e6d616c706172746964616465706c6173656e6369612e65732c444e532e3335343d7777772e6d617263686167617a2e65732c444e532e3335353d7777772e6d6174616465616c63616e746172612e65732c444e532e3335363d7777772e6d656d6272696f2e65732c444e532e3335373d7777772e6d65736173646569626f722e65732c444e532e3335383d7777772e6d69616a616461732e65732c444e532e3335393d7777772e6d696c6c616e65732e65732c444e532e3336303d7777772e6d69726162656c2e65732c444e532e3336313d7777772e6d6f686564617364656772616e6164696c6c612e65732c444e532e3336323d7777772e6d6f6e726f792e65732c444e532e3336333d7777772e6d6f6e74616e6368657a2e65732c444e532e3336343d7777772e6d6f6e74656865726d6f736f2e65732c444e532e3336353d7777772e6d6f72616c656a612e65732c444e532e3336363d7777772e6d6f7263696c6c6f2e65732c444e532e3336373d7777772e6e617661636f6e63656a6f2e65732c444e532e3336383d7777772e6e6176616c76696c6c6172646569626f722e65732c444e532e3336393d7777772e6e6176616c6d6f72616c64656c616d6174612e65732c444e532e3337303d7777772e6e6176617364656c6d6164726f6e6f2e65732c444e532e3337313d7777772e6e6176617472617369657272612e65732c444e532e3337323d7777772e6e6176657a75656c61732e65732c444e532e3337333d7777772e6e756e6f6d6f72616c2e65732c444e532e3337343d7777772e6f6c6976616465706c6173656e6369612e65732c444e532e3337353d7777772e70616c6f6d65726f2e65732c444e532e3337363d7777772e70617361726f6e64656c61766572612e65732c444e532e3337373d7777772e706564726f736f64656163696d2e65732c444e532e3337383d7777772e706572616c65646164656c616d6174612e65732c444e532e3337393d7777772e706572616c656461646573616e726f6d616e2e65732c444e532e3338303d7777772e706572616c657364656c70756572746f2e65732c444e532e3338313d7777772e7065736375657a612e65732c444e532e3338323d7777772e6c6170657367612e65732c444e532e3338333d7777772e70696564726173616c6261732e65732c444e532e3338343d7777772e70696e6f6672616e71756561646f2e65732c444e532e3338353d7777772e70696f726e616c2e65732c444e532e3338363d7777772e706c6173656e7a75656c612e65732c444e532e3338373d7777772e706f7274616a652e65732c444e532e3338383d7777772e706f7274657a75656c6f2e65732c444e532e3338393d7777772e706f7a75656c6f64657a61727a6f6e2e65732c444e532e3339303d7777772e707565626c6f6e7565766f64656d6972616d6f6e7465732e65732c444e532e3339313d7777772e70756572746f646573616e74616372757a2e65732c444e532e3339323d7777772e7265626f6c6c61722e65732c444e532e3339333d7777772e72696f6c6f626f732e65732c444e532e3339343d7777772e726f626c6564696c6c6f6465676174612e65732c444e532e3339353d7777772e726f626c6564696c6c6f64656c61766572612e65732c444e532e3339363d7777772e726f626c6564696c6c6f64657472756a696c6c6f2c444e532e3339373d7777772e726f626c65646f6c6c616e6f2e65732c444e532e3339383d7777772e726f6d616e676f72646f2e65732c444e532e3339393d7777772e7275616e65732e65732c444e532e3430303d7777772e73616c6f72696e6f2e65732c444e532e3430313d7777772e73616c7661746965727261646573616e746961676f2e65732c444e532e3430323d7777772e73616e6d617274696e646574726576656a6f2e65732c444e532e3430333d7777772e6179746f73616e7461616e612e65732c444e532e3430343d7777772e73616e74616372757a64656c617369657272612e65732c444e532e3430353d7777772e73616e74616372757a646570616e69616775612e65732c444e532e3430363d7777772e73616e74616d6172746164656d6167617363612e65732c444e532e3430373d7777772e73616e746961676f64656c63616d706f2e65732c444e532e3430383d7777772e73616e746962616e657a656c616c746f2e65732c444e532e3430393d7777772e73616e746962616e657a656c62616a6f2e65732c444e532e3431303d7777772e736175636564696c6c612e65732c444e532e3431313d7777772e7365677572616465746f726f2e65732c444e532e3431323d7777772e736572726164696c6c612e65732c444e532e3431333d7777772e73657272656a6f6e2e65732c444e532e3431343d7777772e73696572726164656675656e7465732e65732c444e532e3431353d7777772e74616c6176616e2e65732c444e532e3431363d7777772e74616c6176657275656c6164656c61766572612e65732c444e532e3431373d7777772e74616c617975656c612e65732c444e532e3431383d7777772e74656a65646164657469657461722e65732c444e532e3431393d7777772e746f72696c2e65732c444e532e3432303d7777772e746f726e6176616361732e65732c444e532e3432313d7777772e6179746f656c746f726e6f2e65732c444e532e3432323d7777772e746f72726563696c6c6164656c6f73616e67656c65732e65732c444e532e3432333d7777772e746f72726563696c6c617364656c6174696573612e65732c444e532e3432343d7777772e746f7272656465646f6e6d696775656c2e65732c444e532e3432353d7777772e746f727265646573616e74616d617269612e65732c444e532e3432363d7777772e746f7272656a6f6e656c727562696f2e65732c444e532e3432373d7777772e746f7272656a6f6e63696c6c6f2e65732c444e532e3432383d7777772e746f7272656d656e67612e65732c444e532e3432393d7777772e746f7272656d6f6368612e65732c444e532e3433303d7777772e746f7272656f7267617a2e65732c444e532e3433313d7777772e746f7272657175656d6164612e65732c444e532e3433323d7777772e76616c64617374696c6c61732e65732c444e532e3433333d7777772e76616c646563616e6173646574616a6f2e65732c444e532e3433343d7777772e76616c64656675656e7465732e65732c444e532e3433353d7777772e76616c646568756e6361722e65732c444e532e3433363d7777772e76616c6465696e69676f732e65732c444e532e3433373d7777772e76616c64656c6163617361646574616a6f2e65732c444e532e3433383d7777772e76616c64656d6f72616c65732e65732c444e532e3433393d7777772e76616c64656f626973706f2e65732c444e532e3434303d7777772e76616c646573616c6f722e65732c444e532e3434313d7777772e76616c72696f2e65732c444e532e3434323d7777772e76616c656e6369616465616c63616e746172612e65732c444e532e3434333d7777772e76616c766572646564656c61766572612e65732c444e532e3434343d7777772e76616c766572646564656c667265736e6f2e65732c444e532e3434353d7777772e766567617669616e612e65732c444e532e3434363d7777772e7669616e64617264656c61766572612e65732c444e532e3434373d7777772e76696c6c6164656c63616d706f2e65732c444e532e3434383d7777772e76696c6c6164656c7265792e65732c444e532e3434393d7777772e76696c6c616d65736961732e65732c444e532e3435303d7777772e76696c6c616d69656c2e65732c444e532e3435313d7777772e76696c6c616e7565766164656c617369657272612e65732c444e532e3435323d7777772e76696c6c617264656c706564726f736f2e65732c444e532e3435333d7777772e76696c6c61726465706c6173656e6369612e65732c444e532e3435343d7777772e76696c6c61736275656e61736465676174612e65732c444e532e3435353d7777772e7a61727a6164656772616e6164696c6c612e65732c444e532e3435363d7777772e7a61727a6164656d6f6e74616e6368657a2e65732c444e532e3435373d7777772e7a61727a616c616d61796f722e65732c444e532e3435383d7777772e7a6f726974612e65732c444e532e3435393d7777772e726f73616c656a6f2e65732c444e532e3436303d7777772e766567617669616e612e65732c444e532e3436313d7777772e616c61676f6e64656c72696f2e65732c444e532e3436323d7777772e7469657461722e65732c444e532e3436333d7777772e76616c646573616c6f722e65732c444e532e3436343d7777772e6e6176617472617369657272612e65732c444e532e3436353d7777772e7269766572616465667265736e65646f73612e65732c444e532e3436363d7777772e656c6d73616e67696c2e65732c444e532e3436373d7777772e74616a6f73616c6f722e65732c444e532e3436383d7777772e76616c6c65616d62726f7a2e65732c444e532e3436393d7777772e6d616e636f6d756e6964616476616c6c6564656c616c61676f6e2e65732c444e532e3437303d7777772e6d616e636f6d756e6964616476616c6c6564656c6a657274652e65732c444e532e3437313d7777772e6d616e636f6d756e696461647665676173616c7461732e65732c444e532e3437323d7777772e6d616e636f6d756e6964616464656c61766572612e65732c444e532e3437333d7777772e6d616e636f6d756e696461647a6f6e6163656e74726f2e65732c444e532e3437343d7777772e76696c6c7565726361732d69626f7265732d6a6172612e6573", - .str = - "2.5.29.17=#1382304b444e532e313d6162616469612e65732c444e532e323d61626572747572612e65732c444e532e333d616365626f2e65732c444e532e343d61636568756368652e65732c444e532e353d6163656974756e612e65732c444e532e363d61686967616c2e65732c444e532e373d616c61676f6e64656c72696f2e65732c444e532e383d616c636f6c6c6172696e2e65732c444e532e393d6179746f616c62616c612e65732c444e532e31303d6179746f616c63616e746172612e65732c444e532e31313d616c637565736361722e65732c444e532e31323d616c64656163656e74656e6572612e65732c444e532e31333d616c64656164656c63616e6f2e65732c444e532e31343d6c61616c64656164656c6f626973706f2e65732c444e532e31353d616c6465616e7565766164656c61766572612e65732c444e532e31363d616c6465616e7565766164656c63616d696e6f2e65732c444e532e31373d616c64656875656c6164656c6a657274652e65732c444e532e31383d6179746f616c69612e65732c444e532e31393d616c69736564612e65732c444e532e32303d616c6d6172617a2e65732c444e532e32313d616c6d6f686172696e2e65732c444e532e32323d6179746f6172726f796f64656c616c757a2e65732c444e532e32333d6172726f796f6d6f6c696e6f732e65732c444e532e32343d6172726f796f6d6f6c696e6f7364656c61766572612e65732c444e532e32353d62616e6f7364656d6f6e74656d61796f722e65732c444e532e32363d6261727261646f2e65732c444e532e32373d62656c76697364656d6f6e726f792e65732c444e532e32383d62656e71756572656e6369612e65732c444e532e32393d626572726f63616c656a6f2e65732c444e532e33303d6265727a6f63616e612e65732c444e532e33313d626f686f6e616c646569626f722e65732c444e532e33323d626f74696a612e65732c444e532e33333d62726f7a61732e65732c444e532e33343d636162616e617364656c63617374696c6c6f2e65732c444e532e33353d636162657a6162656c6c6f73612e65732c444e532e33363d636162657a75656c6164656c76616c6c652e65732c444e532e33373d6361627265726f2e65732c444e532e33383d636163686f7272696c6c612e65732c444e532e33393d636164616c736f2e65732c444e532e34303d63616c7a6164696c6c612e65732c444e532e34313d63616d696e6f6d6f726973636f2e65732c444e532e34323d63616d70696c6c6f646564656c6569746f73612e65732c444e532e34333d63616d706f6c756761722e65732c444e532e34343d63616e616d65726f2e65732c444e532e34353d63616e61766572616c2e65732c444e532e34363d63617262616a6f2e65732c444e532e34373d6361726361626f736f2e65732c444e532e34383d63617272617363616c656a6f2e65732c444e532e34393d63617361726465636163657265732e65732c444e532e35303d6361736172646570616c6f6d65726f2e65732c444e532e35313d6361736172657364656c61736875726465732e65732c444e532e35323d63617361736465646f6e616e746f6e696f2e65732c444e532e35333d63617361736465646f6e676f6d657a2e65732c444e532e35343d636173617364656c63617374616e61722e65732c444e532e35353d636173617364656c6d6f6e74652e65732c444e532e35363d636173617364656d696c6c616e2e65732c444e532e35373d636173617364656d697261766574652e65732c444e532e35383d6361736174656a6164612e65732c444e532e35393d636173696c6c61736465636f7269612e65732c444e532e36303d63617374616e6172646569626f722e65732c444e532e36313d6365636c6176696e2e65732c444e532e36323d636564696c6c6f2e65732c444e532e36333d636572657a6f2e65732c444e532e36343d63696c6c65726f732e65732c444e532e36353d636f6c6c61646f2e65732c444e532e36363d636f6e71756973746164656c617369657272612e65732c444e532e36373d636f7269612e65732c444e532e36383d637561636f73646579757374652e65732c444e532e36393d6c6163756d6272652e65732c444e532e37303d64656c6569746f73612e65732c444e532e37313d64657363617267616d617269612e65732c444e532e37323d656c6a61732e65732c444e532e37333d657363757269616c2e65732c444e532e37343d667265736e65646f736f646569626f722e65732c444e532e37353d67616c697374656f2e65732c444e532e37363d6761726369617a2e65732c444e532e37373d6c6167617267616e74612e65732c444e532e37383d67617267616e74616c616f6c6c612e65732c444e532e37393d67617267616e74696c6c612e65732c444e532e38303d67617267756572612e65732c444e532e38313d676172726f76696c6c61736465616c636f6e657461722e65732c444e532e38323d67617276696e2e65732c444e532e38333d676174612e65732c444e532e38343d6179746f656c676f72646f2e65732c444e532e38353d6c616772616e6a612e65732c444e532e38363d6c616772616e6a6164656772616e6164696c6c612e65732c444e532e38373d6179756e74616d69656e746f646567756164616c7570652e65732c444e532e38383d6775696a6f6465636f7269612e65732c444e532e38393d6775696a6f646567616c697374656f2e65732c444e532e39303d6775696a6f64656772616e6164696c6c612e65732c444e532e39313d6775696a6f646573616e7461626172626172612e65732c444e532e39323d6865726775696a75656c612e65732c444e532e39333d6865726e616e706572657a2e65732c444e532e39343d686572726572616465616c63616e746172612e65732c444e532e39353d68657272657275656c612e65732c444e532e39363d6865727661732e65732c444e532e39373d686967756572612e65732c444e532e39383d68696e6f6a616c2e65732c444e532e39393d686f6c67756572612e65732c444e532e3130303d686f796f732e65732c444e532e3130313d6875656c6167612e65732c444e532e3130323d6962616865726e616e646f2e65732c444e532e3130333d6a6172616963656a6f2e65732c444e532e3130343d6a617261697a64656c61766572612e65732c444e532e3130353d6a6172616e64696c6c6164656c61766572612e65732c444e532e3130363d6a6172696c6c612e65732c444e532e3130373d6a657274652e65732c444e532e3130383d6c616472696c6c61722e65732c444e532e3130393d6c6f67726f73616e2e65732c444e532e3131303d6c6f73617264656c61766572612e65732c444e532e3131313d6d6164726967616c656a6f2e65732c444e532e3131323d6d6164726967616c64656c61766572612e65732c444e532e3131333d6d6164726f6e6572612e65732c444e532e3131343d6d616a616461732e65732c444e532e3131353d6d616c706172746964616465636163657265732e65732c444e532e3131363d6d616c706172746964616465706c6173656e6369612e65732c444e532e3131373d6d617263686167617a2e65732c444e532e3131383d6d6174616465616c63616e746172612e65732c444e532e3131393d6d656d6272696f2e65732c444e532e3132303d6d65736173646569626f722e65732c444e532e3132313d6d69616a616461732e65732c444e532e3132323d6d696c6c616e65732e65732c444e532e3132333d6d69726162656c2e65732c444e532e3132343d6d6f686564617364656772616e6164696c6c612e65732c444e532e3132353d6d6f6e726f792e65732c444e532e3132363d6d6f6e74616e6368657a2e65732c444e532e3132373d6d6f6e74656865726d6f736f2e65732c444e532e3132383d6d6f72616c656a612e65732c444e532e3132393d6d6f7263696c6c6f2e65732c444e532e3133303d6e617661636f6e63656a6f2e65732c444e532e3133313d6e6176616c76696c6c6172646569626f722e65732c444e532e3133323d6e6176616c6d6f72616c64656c616d6174612e65732c444e532e3133333d6e6176617364656c6d6164726f6e6f2e65732c444e532e3133343d6e6176617472617369657272612e65732c444e532e3133353d6e6176657a75656c61732e65732c444e532e3133363d6e756e6f6d6f72616c2e65732c444e532e3133373d6f6c6976616465706c6173656e6369612e65732c444e532e3133383d70616c6f6d65726f2e65732c444e532e3133393d70617361726f6e64656c61766572612e65732c444e532e3134303d706564726f736f64656163696d2e65732c444e532e3134313d706572616c65646164656c616d6174612e65732c444e532e3134323d706572616c656461646573616e726f6d616e2e65732c444e532e3134333d706572616c657364656c70756572746f2e65732c444e532e3134343d7065736375657a612e65732c444e532e3134353d6c6170657367612e65732c444e532e3134363d70696564726173616c6261732e65732c444e532e3134373d70696e6f6672616e71756561646f2e65732c444e532e3134383d70696f726e616c2e65732c444e532e3134393d706c6173656e7a75656c612e65732c444e532e3135303d706f7274616a652e65732c444e532e3135313d706f7274657a75656c6f2e65732c444e532e3135323d706f7a75656c6f64657a61727a6f6e2e65732c444e532e3135333d707565626c6f6e7565766f64656d6972616d6f6e7465732e65732c444e532e3135343d70756572746f646573616e74616372757a2e65732c444e532e3135353d7265626f6c6c61722e65732c444e532e3135363d72696f6c6f626f732e65732c444e532e3135373d726f626c6564696c6c6f6465676174612e65732c444e532e3135383d726f626c6564696c6c6f64656c61766572612e65732c444e532e3135393d726f626c6564696c6c6f64657472756a696c6c6f2c444e532e3136303d726f626c65646f6c6c616e6f2e65732c444e532e3136313d726f6d616e676f72646f2e65732c444e532e3136323d7275616e65732e65732c444e532e3136333d73616c6f72696e6f2e65732c444e532e3136343d73616c7661746965727261646573616e746961676f2e65732c444e532e3136353d73616e6d617274696e646574726576656a6f2e65732c444e532e3136363d6179746f73616e7461616e612e65732c444e532e3136373d73616e74616372757a64656c617369657272612e65732c444e532e3136383d73616e74616372757a646570616e69616775612e65732c444e532e3136393d73616e74616d6172746164656d6167617363612e65732c444e532e3137303d73616e746961676f64656c63616d706f2e65732c444e532e3137313d73616e746962616e657a656c616c746f2e65732c444e532e3137323d73616e746962616e657a656c62616a6f2e65732c444e532e3137333d736175636564696c6c612e65732c444e532e3137343d7365677572616465746f726f2e65732c444e532e3137353d736572726164696c6c612e65732c444e532e3137363d73657272656a6f6e2e65732c444e532e3137373d73696572726164656675656e7465732e65732c444e532e3137383d74616c6176616e2e65732c444e532e3137393d74616c6176657275656c6164656c61766572612e65732c444e532e3138303d74616c617975656c612e65732c444e532e3138313d74656a65646164657469657461722e65732c444e532e3138323d746f72696c2e65732c444e532e3138333d746f726e6176616361732e65732c444e532e3138343d6179746f656c746f726e6f2e65732c444e532e3138353d746f72726563696c6c6164656c6f73616e67656c65732e65732c444e532e3138363d746f72726563696c6c617364656c6174696573612e65732c444e532e3138373d746f7272656465646f6e6d696775656c2e65732c444e532e3138383d746f727265646573616e74616d617269612e65732c444e532e3138393d746f7272656a6f6e656c727562696f2e65732c444e532e3139303d746f7272656a6f6e63696c6c6f2e65732c444e532e3139313d746f7272656d656e67612e65732c444e532e3139323d746f7272656d6f6368612e65732c444e532e3139333d746f7272656f7267617a2e65732c444e532e3139343d746f7272657175656d6164612e65732c444e532e3139353d76616c64617374696c6c61732e65732c444e532e3139363d76616c646563616e6173646574616a6f2e65732c444e532e3139373d76616c64656675656e7465732e65732c444e532e3139383d76616c646568756e6361722e65732c444e532e3139393d76616c6465696e69676f732e65732c444e532e3230303d76616c64656c6163617361646574616a6f2e65732c444e532e3230313d76616c64656d6f72616c65732e65732c444e532e3230323d76616c64656f626973706f2e65732c444e532e3230333d76616c646573616c6f722e65732c444e532e3230343d76616c72696f2e65732c444e532e3230353d76616c656e6369616465616c63616e746172612e65732c444e532e3230363d76616c766572646564656c61766572612e65732c444e532e3230373d76616c766572646564656c667265736e6f2e65732c444e532e3230383d766567617669616e612e65732c444e532e3230393d7669616e64617264656c61766572612e65732c444e532e3231303d76696c6c6164656c63616d706f2e65732c444e532e3231313d76696c6c6164656c7265792e65732c444e532e3231323d76696c6c616d65736961732e65732c444e532e3231333d76696c6c616d69656c2e65732c444e532e3231343d76696c6c616e7565766164656c617369657272612e65732c444e532e3231353d76696c6c617264656c706564726f736f2e65732c444e532e3231363d76696c6c61726465706c6173656e6369612e65732c444e532e3231373d76696c6c61736275656e61736465676174612e65732c444e532e3231383d7a61727a6164656772616e6164696c6c612e65732c444e532e3231393d7a61727a6164656d6f6e74616e6368657a2e65732c444e532e3232303d7a61727a616c616d61796f722e65732c444e532e3232313d7a6f726974612e65732c444e532e3232323d726f73616c656a6f2e65732c444e532e3232333d766567617669616e612e65732c444e532e3232343d616c61676f6e64656c72696f2e65732c444e532e3232353d7469657461722e65732c444e532e3232363d76616c646573616c6f722e65732c444e532e3232373d6e6176617472617369657272612e65732c444e532e3232383d7269766572616465667265736e65646f73612e65732c444e532e3232393d656c6d73616e67696c2e65732c444e532e3233303d74616a6f73616c6f722e65732c444e532e3233313d76616c6c65616d62726f7a2e65732c444e532e3233323d6d616e636f6d756e6964616476616c6c6564656c616c61676f6e2e65732c444e532e3233333d6d616e636f6d756e6964616476616c6c6564656c6a657274652e65732c444e532e3233343d6d616e636f6d756e696461647665676173616c7461732e65732c444e532e3233353d6d616e636f6d756e6964616464656c61766572612e65732c444e532e3233363d6d616e636f6d756e696461647a6f6e6163656e74726f2e65732c444e532e3233373d76696c6c7565726361732d69626f7265732d6a6172612e65732c444e532e3233383d7777772e6162616469612e65732c444e532e3233393d7777772e61626572747572612e65732c444e532e3234303d7777772e616365626f2e65732c444e532e3234313d7777772e61636568756368652e65732c444e532e3234323d7777772e6163656974756e612e65732c444e532e3234333d7777772e61686967616c2e65732c444e532e3234343d7777772e616c61676f6e64656c72696f2e65732c444e532e3234353d7777772e616c636f6c6c6172696e2e65732c444e532e3234363d7777772e6179746f616c62616c612e65732c444e532e3234373d7777772e6179746f616c63616e746172612e65732c444e532e3234383d7777772e616c637565736361722e65732c444e532e3234393d7777772e616c64656163656e74656e6572612e65732c444e532e3235303d7777772e616c64656164656c63616e6f2e65732c444e532e3235313d7777772e6c61616c64656164656c6f626973706f2e65732c444e532e3235323d7777772e616c6465616e7565766164656c61766572612e65732c444e532e3235333d7777772e616c6465616e7565766164656c63616d696e6f2e65732c444e532e3235343d7777772e616c64656875656c6164656c6a657274652e65732c444e532e3235353d7777772e6179746f616c69612e65732c444e532e3235363d7777772e616c69736564612e65732c444e532e3235373d7777772e616c6d6172617a2e65732c444e532e3235383d7777772e616c6d6f686172696e2e65732c444e532e3235393d7777772e6179746f6172726f796f64656c616c757a2e65732c444e532e3236303d7777772e6172726f796f6d6f6c696e6f732e65732c444e532e3236313d7777772e6172726f796f6d6f6c696e6f7364656c61766572612e65732c444e532e3236323d7777772e62616e6f7364656d6f6e74656d61796f722e65732c444e532e3236333d7777772e6261727261646f2e65732c444e532e3236343d7777772e62656c76697364656d6f6e726f792e65732c444e532e3236353d7777772e62656e71756572656e6369612e65732c444e532e3236363d7777772e626572726f63616c656a6f2e65732c444e532e3236373d7777772e6265727a6f63616e612e65732c444e532e3236383d7777772e626f686f6e616c646569626f722e65732c444e532e3236393d7777772e626f74696a612e65732c444e532e3237303d7777772e62726f7a61732e65732c444e532e3237313d7777772e636162616e617364656c63617374696c6c6f2e65732c444e532e3237323d7777772e636162657a6162656c6c6f73612e65732c444e532e3237333d7777772e636162657a75656c6164656c76616c6c652e65732c444e532e3237343d7777772e6361627265726f2e65732c444e532e3237353d7777772e636163686f7272696c6c612e65732c444e532e3237363d7777772e636164616c736f2e65732c444e532e3237373d7777772e63616c7a6164696c6c612e65732c444e532e3237383d7777772e63616d696e6f6d6f726973636f2e65732c444e532e3237393d7777772e63616d70696c6c6f646564656c6569746f73612e65732c444e532e3238303d7777772e63616d706f6c756761722e65732c444e532e3238313d7777772e63616e616d65726f2e65732c444e532e3238323d7777772e63616e61766572616c2e65732c444e532e3238333d7777772e63617262616a6f2e65732c444e532e3238343d7777772e6361726361626f736f2e65732c444e532e3238353d7777772e63617272617363616c656a6f2e65732c444e532e3238363d7777772e63617361726465636163657265732e65732c444e532e3238373d7777772e6361736172646570616c6f6d65726f2e65732c444e532e3238383d7777772e6361736172657364656c61736875726465732e65732c444e532e3238393d7777772e63617361736465646f6e616e746f6e696f2e65732c444e532e3239303d7777772e63617361736465646f6e676f6d657a2e65732c444e532e3239313d7777772e636173617364656c63617374616e61722e65732c444e532e3239323d7777772e636173617364656c6d6f6e74652e65732c444e532e3239333d7777772e636173617364656d696c6c616e2e65732c444e532e3239343d7777772e636173617364656d697261766574652e65732c444e532e3239353d7777772e6361736174656a6164612e65732c444e532e3239363d7777772e636173696c6c61736465636f7269612e65732c444e532e3239373d7777772e63617374616e6172646569626f722e65732c444e532e3239383d7777772e6365636c6176696e2e65732c444e532e3239393d7777772e636564696c6c6f2e65732c444e532e3330303d7777772e636572657a6f2e65732c444e532e3330313d7777772e63696c6c65726f732e65732c444e532e3330323d7777772e636f6c6c61646f2e65732c444e532e3330333d7777772e636f6e71756973746164656c617369657272612e65732c444e532e3330343d7777772e636f7269612e65732c444e532e3330353d7777772e637561636f73646579757374652e65732c444e532e3330363d7777772e6c6163756d6272652e65732c444e532e3330373d7777772e64656c6569746f73612e65732c444e532e3330383d7777772e64657363617267616d617269612e65732c444e532e3330393d7777772e656c6a61732e65732c444e532e3331303d7777772e657363757269616c2e65732c444e532e3331313d7777772e667265736e65646f736f646569626f722e65732c444e532e3331323d7777772e67616c697374656f2e65732c444e532e3331333d7777772e6761726369617a2e65732c444e532e3331343d7777772e6c6167617267616e74612e65732c444e532e3331353d7777772e67617267616e74616c616f6c6c612e65732c444e532e3331363d7777772e67617267616e74696c6c612e65732c444e532e3331373d7777772e67617267756572612e65732c444e532e3331383d7777772e676172726f76696c6c61736465616c636f6e657461722e65732c444e532e3331393d7777772e67617276696e2e65732c444e532e3332303d7777772e676174612e65732c444e532e3332313d7777772e6179746f656c676f72646f2e65732c444e532e3332323d7777772e6c616772616e6a612e65732c444e532e3332333d7777772e6c616772616e6a6164656772616e6164696c6c612e65732c444e532e3332343d7777772e6179756e74616d69656e746f646567756164616c7570652e65732c444e532e3332353d7777772e6775696a6f6465636f7269612e65732c444e532e3332363d7777772e6775696a6f646567616c697374656f2e65732c444e532e3332373d7777772e6775696a6f64656772616e6164696c6c612e65732c444e532e3332383d7777772e6775696a6f646573616e7461626172626172612e65732c444e532e3332393d7777772e6865726775696a75656c612e65732c444e532e3333303d7777772e6865726e616e706572657a2e65732c444e532e3333313d7777772e686572726572616465616c63616e746172612e65732c444e532e3333323d7777772e68657272657275656c612e65732c444e532e3333333d7777772e6865727661732e65732c444e532e3333343d7777772e686967756572612e65732c444e532e3333353d7777772e68696e6f6a616c2e65732c444e532e3333363d7777772e686f6c67756572612e65732c444e532e3333373d7777772e686f796f732e65732c444e532e3333383d7777772e6875656c6167612e65732c444e532e3333393d7777772e6962616865726e616e646f2e65732c444e532e3334303d7777772e6a6172616963656a6f2e65732c444e532e3334313d7777772e6a617261697a64656c61766572612e65732c444e532e3334323d7777772e6a6172616e64696c6c6164656c61766572612e65732c444e532e3334333d7777772e6a6172696c6c612e65732c444e532e3334343d7777772e6a657274652e65732c444e532e3334353d7777772e6c616472696c6c61722e65732c444e532e3334363d7777772e6c6f67726f73616e2e65732c444e532e3334373d7777772e6c6f73617264656c61766572612e65732c444e532e3334383d7777772e6d6164726967616c656a6f2e65732c444e532e3334393d7777772e6d6164726967616c64656c61766572612e65732c444e532e3335303d7777772e6d6164726f6e6572612e65732c444e532e3335313d7777772e6d616a616461732e65732c444e532e3335323d7777772e6d616c706172746964616465636163657265732e65732c444e532e3335333d7777772e6d616c706172746964616465706c6173656e6369612e65732c444e532e3335343d7777772e6d617263686167617a2e65732c444e532e3335353d7777772e6d6174616465616c63616e746172612e65732c444e532e3335363d7777772e6d656d6272696f2e65732c444e532e3335373d7777772e6d65736173646569626f722e65732c444e532e3335383d7777772e6d69616a616461732e65732c444e532e3335393d7777772e6d696c6c616e65732e65732c444e532e3336303d7777772e6d69726162656c2e65732c444e532e3336313d7777772e6d6f686564617364656772616e6164696c6c612e65732c444e532e3336323d7777772e6d6f6e726f792e65732c444e532e3336333d7777772e6d6f6e74616e6368657a2e65732c444e532e3336343d7777772e6d6f6e74656865726d6f736f2e65732c444e532e3336353d7777772e6d6f72616c656a612e65732c444e532e3336363d7777772e6d6f7263696c6c6f2e65732c444e532e3336373d7777772e6e617661636f6e63656a6f2e65732c444e532e3336383d7777772e6e6176616c76696c6c6172646569626f722e65732c444e532e3336393d7777772e6e6176616c6d6f72616c64656c616d6174612e65732c444e532e3337303d7777772e6e6176617364656c6d6164726f6e6f2e65732c444e532e3337313d7777772e6e6176617472617369657272612e65732c444e532e3337323d7777772e6e6176657a75656c61732e65732c444e532e3337333d7777772e6e756e6f6d6f72616c2e65732c444e532e3337343d7777772e6f6c6976616465706c6173656e6369612e65732c444e532e3337353d7777772e70616c6f6d65726f2e65732c444e532e3337363d7777772e70617361726f6e64656c61766572612e65732c444e532e3337373d7777772e706564726f736f64656163696d2e65732c444e532e3337383d7777772e706572616c65646164656c616d6174612e65732c444e532e3337393d7777772e706572616c656461646573616e726f6d616e2e65732c444e532e3338303d7777772e706572616c657364656c70756572746f2e65732c444e532e3338313d7777772e7065736375657a612e65732c444e532e3338323d7777772e6c6170657367612e65732c444e532e3338333d7777772e70696564726173616c6261732e65732c444e532e3338343d7777772e70696e6f6672616e71756561646f2e65732c444e532e3338353d7777772e70696f726e616c2e65732c444e532e3338363d7777772e706c6173656e7a75656c612e65732c444e532e3338373d7777772e706f7274616a652e65732c444e532e3338383d7777772e706f7274657a75656c6f2e65732c444e532e3338393d7777772e706f7a75656c6f64657a61727a6f6e2e65732c444e532e3339303d7777772e707565626c6f6e7565766f64656d6972616d6f6e7465732e65732c444e532e3339313d7777772e70756572746f646573616e74616372757a2e65732c444e532e3339323d7777772e7265626f6c6c61722e65732c444e532e3339333d7777772e72696f6c6f626f732e65732c444e532e3339343d7777772e726f626c6564696c6c6f6465676174612e65732c444e532e3339353d7777772e726f626c6564696c6c6f64656c61766572612e65732c444e532e3339363d7777772e726f626c6564696c6c6f64657472756a696c6c6f2c444e532e3339373d7777772e726f626c65646f6c6c616e6f2e65732c444e532e3339383d7777772e726f6d616e676f72646f2e65732c444e532e3339393d7777772e7275616e65732e65732c444e532e3430303d7777772e73616c6f72696e6f2e65732c444e532e3430313d7777772e73616c7661746965727261646573616e746961676f2e65732c444e532e3430323d7777772e73616e6d617274696e646574726576656a6f2e65732c444e532e3430333d7777772e6179746f73616e7461616e612e65732c444e532e3430343d7777772e73616e74616372757a64656c617369657272612e65732c444e532e3430353d7777772e73616e74616372757a646570616e69616775612e65732c444e532e3430363d7777772e73616e74616d6172746164656d6167617363612e65732c444e532e3430373d7777772e73616e746961676f64656c63616d706f2e65732c444e532e3430383d7777772e73616e746962616e657a656c616c746f2e65732c444e532e3430393d7777772e73616e746962616e657a656c62616a6f2e65732c444e532e3431303d7777772e736175636564696c6c612e65732c444e532e3431313d7777772e7365677572616465746f726f2e65732c444e532e3431323d7777772e736572726164696c6c612e65732c444e532e3431333d7777772e73657272656a6f6e2e65732c444e532e3431343d7777772e73696572726164656675656e7465732e65732c444e532e3431353d7777772e74616c6176616e2e65732c444e532e3431363d7777772e74616c6176657275656c6164656c61766572612e65732c444e532e3431373d7777772e74616c617975656c612e65732c444e532e3431383d7777772e74656a65646164657469657461722e65732c444e532e3431393d7777772e746f72696c2e65732c444e532e3432303d7777772e746f726e6176616361732e65732c444e532e3432313d7777772e6179746f656c746f726e6f2e65732c444e532e3432323d7777772e746f72726563696c6c6164656c6f73616e67656c65732e65732c444e532e3432333d7777772e746f72726563696c6c617364656c6174696573612e65732c444e532e3432343d7777772e746f7272656465646f6e6d696775656c2e65732c444e532e3432353d7777772e746f727265646573616e74616d617269612e65732c444e532e3432363d7777772e746f7272656a6f6e656c727562696f2e65732c444e532e3432373d7777772e746f7272656a6f6e63696c6c6f2e65732c444e532e3432383d7777772e746f7272656d656e67612e65732c444e532e3432393d7777772e746f7272656d6f6368612e65732c444e532e3433303d7777772e746f7272656f7267617a2e65732c444e532e3433313d7777772e746f7272657175656d6164612e65732c444e532e3433323d7777772e76616c64617374696c6c61732e65732c444e532e3433333d7777772e76616c646563616e6173646574616a6f2e65732c444e532e3433343d7777772e76616c64656675656e7465732e65732c444e532e3433353d7777772e76616c646568756e6361722e65732c444e532e3433363d7777772e76616c6465696e69676f732e65732c444e532e3433373d7777772e76616c64656c6163617361646574616a6f2e65732c444e532e3433383d7777772e76616c64656d6f72616c65732e65732c444e532e3433393d7777772e76616c64656f626973706f2e65732c444e532e3434303d7777772e76616c646573616c6f722e65732c444e532e3434313d7777772e76616c72696f2e65732c444e532e3434323d7777772e76616c656e6369616465616c63616e746172612e65732c444e532e3434333d7777772e76616c766572646564656c61766572612e65732c444e532e3434343d7777772e76616c766572646564656c667265736e6f2e65732c444e532e3434353d7777772e766567617669616e612e65732c444e532e3434363d7777772e7669616e64617264656c61766572612e65732c444e532e3434373d7777772e76696c6c6164656c63616d706f2e65732c444e532e3434383d7777772e76696c6c6164656c7265792e65732c444e532e3434393d7777772e76696c6c616d65736961732e65732c444e532e3435303d7777772e76696c6c616d69656c2e65732c444e532e3435313d7777772e76696c6c616e7565766164656c617369657272612e65732c444e532e3435323d7777772e76696c6c617264656c706564726f736f2e65732c444e532e3435333d7777772e76696c6c61726465706c6173656e6369612e65732c444e532e3435343d7777772e76696c6c61736275656e61736465676174612e65732c444e532e3435353d7777772e7a61727a6164656772616e6164696c6c612e65732c444e532e3435363d7777772e7a61727a6164656d6f6e74616e6368657a2e65732c444e532e3435373d7777772e7a61727a616c616d61796f722e65732c444e532e3435383d7777772e7a6f726974612e65732c444e532e3435393d7777772e726f73616c656a6f2e65732c444e532e3436303d7777772e766567617669616e612e65732c444e532e3436313d7777772e616c61676f6e64656c72696f2e65732c444e532e3436323d7777772e7469657461722e65732c444e532e3436333d7777772e76616c646573616c6f722e65732c444e532e3436343d7777772e6e6176617472617369657272612e65732c444e532e3436353d7777772e7269766572616465667265736e65646f73612e65732c444e532e3436363d7777772e656c6d73616e67696c2e65732c444e532e3436373d7777772e74616a6f73616c6f722e65732c444e532e3436383d7777772e76616c6c65616d62726f7a2e65732c444e532e3436393d7777772e6d616e636f6d756e6964616476616c6c6564656c616c61676f6e2e65732c444e532e3437303d7777772e6d616e636f6d756e6964616476616c6c6564656c6a657274652e65732c444e532e3437313d7777772e6d616e636f6d756e696461647665676173616c7461732e65732c444e532e3437323d7777772e6d616e636f6d756e6964616464656c61766572612e65732c444e532e3437333d7777772e6d616e636f6d756e696461647a6f6e6163656e74726f2e65732c444e532e3437343d7777772e76696c6c7565726361732d69626f7265732d6a6172612e6573,EMAIL=webmaster@dip-caceres.es,CN=www.dip-caceres.es,OU=DIPUTACION PROVINCIAL DE CACERES,O=DIPUTACION PROVINCIAL DE CACERES,L=CACERES,ST=CACERES,C=ES", - .raw = {(void *) - "\x30\x82\x31\x29\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x45\x53\x31\x10\x30\x0e\x06\x03\x55\x04\x08\x13\x07\x43\x41\x43\x45\x52\x45\x53\x31\x10\x30\x0e\x06\x03\x55\x04\x07\x13\x07\x43\x41\x43\x45\x52\x45\x53\x31\x29\x30\x27\x06\x03\x55\x04\x0a\x13\x20\x44\x49\x50\x55\x54\x41\x43\x49\x4f\x4e\x20\x50\x52\x4f\x56\x49\x4e\x43\x49\x41\x4c\x20\x44\x45\x20\x43\x41\x43\x45\x52\x45\x53\x31\x29\x30\x27\x06\x03\x55\x04\x0b\x13\x20\x44\x49\x50\x55\x54\x41\x43\x49\x4f\x4e\x20\x50\x52\x4f\x56\x49\x4e\x43\x49\x41\x4c\x20\x44\x45\x20\x43\x41\x43\x45\x52\x45\x53\x31\x1b\x30\x19\x06\x03\x55\x04\x03\x13\x12\x77\x77\x77\x2e\x64\x69\x70\x2d\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x31\x27\x30\x25\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x09\x01\x16\x18\x77\x65\x62\x6d\x61\x73\x74\x65\x72\x40\x64\x69\x70\x2d\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x31\x82\x30\x58\x30\x82\x30\x54\x06\x03\x55\x1d\x11\x13\x82\x30\x4b\x44\x4e\x53\x2e\x31\x3d\x61\x62\x61\x64\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x3d\x61\x62\x65\x72\x74\x75\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x3d\x61\x63\x65\x62\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x3d\x61\x63\x65\x68\x75\x63\x68\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x3d\x61\x63\x65\x69\x74\x75\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x3d\x61\x68\x69\x67\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x3d\x61\x6c\x61\x67\x6f\x6e\x64\x65\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x3d\x61\x6c\x63\x6f\x6c\x6c\x61\x72\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x3d\x61\x79\x74\x6f\x61\x6c\x62\x61\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x3d\x61\x79\x74\x6f\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x3d\x61\x6c\x63\x75\x65\x73\x63\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x3d\x61\x6c\x64\x65\x61\x63\x65\x6e\x74\x65\x6e\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x3d\x61\x6c\x64\x65\x61\x64\x65\x6c\x63\x61\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x3d\x6c\x61\x61\x6c\x64\x65\x61\x64\x65\x6c\x6f\x62\x69\x73\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x3d\x61\x6c\x64\x65\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x3d\x61\x6c\x64\x65\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x63\x61\x6d\x69\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x3d\x61\x6c\x64\x65\x68\x75\x65\x6c\x61\x64\x65\x6c\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x3d\x61\x79\x74\x6f\x61\x6c\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x3d\x61\x6c\x69\x73\x65\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x3d\x61\x6c\x6d\x61\x72\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x3d\x61\x6c\x6d\x6f\x68\x61\x72\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x3d\x61\x79\x74\x6f\x61\x72\x72\x6f\x79\x6f\x64\x65\x6c\x61\x6c\x75\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x3d\x61\x72\x72\x6f\x79\x6f\x6d\x6f\x6c\x69\x6e\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x3d\x61\x72\x72\x6f\x79\x6f\x6d\x6f\x6c\x69\x6e\x6f\x73\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x3d\x62\x61\x6e\x6f\x73\x64\x65\x6d\x6f\x6e\x74\x65\x6d\x61\x79\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x3d\x62\x61\x72\x72\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x3d\x62\x65\x6c\x76\x69\x73\x64\x65\x6d\x6f\x6e\x72\x6f\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x3d\x62\x65\x6e\x71\x75\x65\x72\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x3d\x62\x65\x72\x72\x6f\x63\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x3d\x62\x65\x72\x7a\x6f\x63\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x3d\x62\x6f\x68\x6f\x6e\x61\x6c\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x3d\x62\x6f\x74\x69\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x3d\x62\x72\x6f\x7a\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x3d\x63\x61\x62\x61\x6e\x61\x73\x64\x65\x6c\x63\x61\x73\x74\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x3d\x63\x61\x62\x65\x7a\x61\x62\x65\x6c\x6c\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x3d\x63\x61\x62\x65\x7a\x75\x65\x6c\x61\x64\x65\x6c\x76\x61\x6c\x6c\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x3d\x63\x61\x62\x72\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x3d\x63\x61\x63\x68\x6f\x72\x72\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x3d\x63\x61\x64\x61\x6c\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x3d\x63\x61\x6c\x7a\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x3d\x63\x61\x6d\x69\x6e\x6f\x6d\x6f\x72\x69\x73\x63\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x3d\x63\x61\x6d\x70\x69\x6c\x6c\x6f\x64\x65\x64\x65\x6c\x65\x69\x74\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x3d\x63\x61\x6d\x70\x6f\x6c\x75\x67\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x3d\x63\x61\x6e\x61\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x3d\x63\x61\x6e\x61\x76\x65\x72\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x3d\x63\x61\x72\x62\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x3d\x63\x61\x72\x63\x61\x62\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x38\x3d\x63\x61\x72\x72\x61\x73\x63\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x39\x3d\x63\x61\x73\x61\x72\x64\x65\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x30\x3d\x63\x61\x73\x61\x72\x64\x65\x70\x61\x6c\x6f\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x31\x3d\x63\x61\x73\x61\x72\x65\x73\x64\x65\x6c\x61\x73\x68\x75\x72\x64\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x32\x3d\x63\x61\x73\x61\x73\x64\x65\x64\x6f\x6e\x61\x6e\x74\x6f\x6e\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x33\x3d\x63\x61\x73\x61\x73\x64\x65\x64\x6f\x6e\x67\x6f\x6d\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x34\x3d\x63\x61\x73\x61\x73\x64\x65\x6c\x63\x61\x73\x74\x61\x6e\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x35\x3d\x63\x61\x73\x61\x73\x64\x65\x6c\x6d\x6f\x6e\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x36\x3d\x63\x61\x73\x61\x73\x64\x65\x6d\x69\x6c\x6c\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x37\x3d\x63\x61\x73\x61\x73\x64\x65\x6d\x69\x72\x61\x76\x65\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x38\x3d\x63\x61\x73\x61\x74\x65\x6a\x61\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x39\x3d\x63\x61\x73\x69\x6c\x6c\x61\x73\x64\x65\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x30\x3d\x63\x61\x73\x74\x61\x6e\x61\x72\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x31\x3d\x63\x65\x63\x6c\x61\x76\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x32\x3d\x63\x65\x64\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x33\x3d\x63\x65\x72\x65\x7a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x34\x3d\x63\x69\x6c\x6c\x65\x72\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x35\x3d\x63\x6f\x6c\x6c\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x36\x3d\x63\x6f\x6e\x71\x75\x69\x73\x74\x61\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x37\x3d\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x38\x3d\x63\x75\x61\x63\x6f\x73\x64\x65\x79\x75\x73\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x39\x3d\x6c\x61\x63\x75\x6d\x62\x72\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x30\x3d\x64\x65\x6c\x65\x69\x74\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x31\x3d\x64\x65\x73\x63\x61\x72\x67\x61\x6d\x61\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x32\x3d\x65\x6c\x6a\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x33\x3d\x65\x73\x63\x75\x72\x69\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x34\x3d\x66\x72\x65\x73\x6e\x65\x64\x6f\x73\x6f\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x35\x3d\x67\x61\x6c\x69\x73\x74\x65\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x36\x3d\x67\x61\x72\x63\x69\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x37\x3d\x6c\x61\x67\x61\x72\x67\x61\x6e\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x38\x3d\x67\x61\x72\x67\x61\x6e\x74\x61\x6c\x61\x6f\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x39\x3d\x67\x61\x72\x67\x61\x6e\x74\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x30\x3d\x67\x61\x72\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x31\x3d\x67\x61\x72\x72\x6f\x76\x69\x6c\x6c\x61\x73\x64\x65\x61\x6c\x63\x6f\x6e\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x32\x3d\x67\x61\x72\x76\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x33\x3d\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x34\x3d\x61\x79\x74\x6f\x65\x6c\x67\x6f\x72\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x35\x3d\x6c\x61\x67\x72\x61\x6e\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x36\x3d\x6c\x61\x67\x72\x61\x6e\x6a\x61\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x37\x3d\x61\x79\x75\x6e\x74\x61\x6d\x69\x65\x6e\x74\x6f\x64\x65\x67\x75\x61\x64\x61\x6c\x75\x70\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x38\x3d\x67\x75\x69\x6a\x6f\x64\x65\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x39\x3d\x67\x75\x69\x6a\x6f\x64\x65\x67\x61\x6c\x69\x73\x74\x65\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x30\x3d\x67\x75\x69\x6a\x6f\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x31\x3d\x67\x75\x69\x6a\x6f\x64\x65\x73\x61\x6e\x74\x61\x62\x61\x72\x62\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x32\x3d\x68\x65\x72\x67\x75\x69\x6a\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x33\x3d\x68\x65\x72\x6e\x61\x6e\x70\x65\x72\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x34\x3d\x68\x65\x72\x72\x65\x72\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x35\x3d\x68\x65\x72\x72\x65\x72\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x36\x3d\x68\x65\x72\x76\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x37\x3d\x68\x69\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x38\x3d\x68\x69\x6e\x6f\x6a\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x39\x3d\x68\x6f\x6c\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x30\x3d\x68\x6f\x79\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x31\x3d\x68\x75\x65\x6c\x61\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x32\x3d\x69\x62\x61\x68\x65\x72\x6e\x61\x6e\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x33\x3d\x6a\x61\x72\x61\x69\x63\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x34\x3d\x6a\x61\x72\x61\x69\x7a\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x35\x3d\x6a\x61\x72\x61\x6e\x64\x69\x6c\x6c\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x36\x3d\x6a\x61\x72\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x37\x3d\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x38\x3d\x6c\x61\x64\x72\x69\x6c\x6c\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x39\x3d\x6c\x6f\x67\x72\x6f\x73\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x30\x3d\x6c\x6f\x73\x61\x72\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x31\x3d\x6d\x61\x64\x72\x69\x67\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x32\x3d\x6d\x61\x64\x72\x69\x67\x61\x6c\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x33\x3d\x6d\x61\x64\x72\x6f\x6e\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x34\x3d\x6d\x61\x6a\x61\x64\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x35\x3d\x6d\x61\x6c\x70\x61\x72\x74\x69\x64\x61\x64\x65\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x36\x3d\x6d\x61\x6c\x70\x61\x72\x74\x69\x64\x61\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x37\x3d\x6d\x61\x72\x63\x68\x61\x67\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x38\x3d\x6d\x61\x74\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x39\x3d\x6d\x65\x6d\x62\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x30\x3d\x6d\x65\x73\x61\x73\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x31\x3d\x6d\x69\x61\x6a\x61\x64\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x32\x3d\x6d\x69\x6c\x6c\x61\x6e\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x33\x3d\x6d\x69\x72\x61\x62\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x34\x3d\x6d\x6f\x68\x65\x64\x61\x73\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x35\x3d\x6d\x6f\x6e\x72\x6f\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x36\x3d\x6d\x6f\x6e\x74\x61\x6e\x63\x68\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x37\x3d\x6d\x6f\x6e\x74\x65\x68\x65\x72\x6d\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x38\x3d\x6d\x6f\x72\x61\x6c\x65\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x39\x3d\x6d\x6f\x72\x63\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x30\x3d\x6e\x61\x76\x61\x63\x6f\x6e\x63\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x31\x3d\x6e\x61\x76\x61\x6c\x76\x69\x6c\x6c\x61\x72\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x32\x3d\x6e\x61\x76\x61\x6c\x6d\x6f\x72\x61\x6c\x64\x65\x6c\x61\x6d\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x33\x3d\x6e\x61\x76\x61\x73\x64\x65\x6c\x6d\x61\x64\x72\x6f\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x34\x3d\x6e\x61\x76\x61\x74\x72\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x35\x3d\x6e\x61\x76\x65\x7a\x75\x65\x6c\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x36\x3d\x6e\x75\x6e\x6f\x6d\x6f\x72\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x37\x3d\x6f\x6c\x69\x76\x61\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x38\x3d\x70\x61\x6c\x6f\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x39\x3d\x70\x61\x73\x61\x72\x6f\x6e\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x30\x3d\x70\x65\x64\x72\x6f\x73\x6f\x64\x65\x61\x63\x69\x6d\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x31\x3d\x70\x65\x72\x61\x6c\x65\x64\x61\x64\x65\x6c\x61\x6d\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x32\x3d\x70\x65\x72\x61\x6c\x65\x64\x61\x64\x65\x73\x61\x6e\x72\x6f\x6d\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x33\x3d\x70\x65\x72\x61\x6c\x65\x73\x64\x65\x6c\x70\x75\x65\x72\x74\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x34\x3d\x70\x65\x73\x63\x75\x65\x7a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x35\x3d\x6c\x61\x70\x65\x73\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x36\x3d\x70\x69\x65\x64\x72\x61\x73\x61\x6c\x62\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x37\x3d\x70\x69\x6e\x6f\x66\x72\x61\x6e\x71\x75\x65\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x38\x3d\x70\x69\x6f\x72\x6e\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x39\x3d\x70\x6c\x61\x73\x65\x6e\x7a\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x30\x3d\x70\x6f\x72\x74\x61\x6a\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x31\x3d\x70\x6f\x72\x74\x65\x7a\x75\x65\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x32\x3d\x70\x6f\x7a\x75\x65\x6c\x6f\x64\x65\x7a\x61\x72\x7a\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x33\x3d\x70\x75\x65\x62\x6c\x6f\x6e\x75\x65\x76\x6f\x64\x65\x6d\x69\x72\x61\x6d\x6f\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x34\x3d\x70\x75\x65\x72\x74\x6f\x64\x65\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x35\x3d\x72\x65\x62\x6f\x6c\x6c\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x36\x3d\x72\x69\x6f\x6c\x6f\x62\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x37\x3d\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x38\x3d\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x39\x3d\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x74\x72\x75\x6a\x69\x6c\x6c\x6f\x2c\x44\x4e\x53\x2e\x31\x36\x30\x3d\x72\x6f\x62\x6c\x65\x64\x6f\x6c\x6c\x61\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x31\x3d\x72\x6f\x6d\x61\x6e\x67\x6f\x72\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x32\x3d\x72\x75\x61\x6e\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x33\x3d\x73\x61\x6c\x6f\x72\x69\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x34\x3d\x73\x61\x6c\x76\x61\x74\x69\x65\x72\x72\x61\x64\x65\x73\x61\x6e\x74\x69\x61\x67\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x35\x3d\x73\x61\x6e\x6d\x61\x72\x74\x69\x6e\x64\x65\x74\x72\x65\x76\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x36\x3d\x61\x79\x74\x6f\x73\x61\x6e\x74\x61\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x37\x3d\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x38\x3d\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x64\x65\x70\x61\x6e\x69\x61\x67\x75\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x39\x3d\x73\x61\x6e\x74\x61\x6d\x61\x72\x74\x61\x64\x65\x6d\x61\x67\x61\x73\x63\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x30\x3d\x73\x61\x6e\x74\x69\x61\x67\x6f\x64\x65\x6c\x63\x61\x6d\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x31\x3d\x73\x61\x6e\x74\x69\x62\x61\x6e\x65\x7a\x65\x6c\x61\x6c\x74\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x32\x3d\x73\x61\x6e\x74\x69\x62\x61\x6e\x65\x7a\x65\x6c\x62\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x33\x3d\x73\x61\x75\x63\x65\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x34\x3d\x73\x65\x67\x75\x72\x61\x64\x65\x74\x6f\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x35\x3d\x73\x65\x72\x72\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x36\x3d\x73\x65\x72\x72\x65\x6a\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x37\x3d\x73\x69\x65\x72\x72\x61\x64\x65\x66\x75\x65\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x38\x3d\x74\x61\x6c\x61\x76\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x39\x3d\x74\x61\x6c\x61\x76\x65\x72\x75\x65\x6c\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x30\x3d\x74\x61\x6c\x61\x79\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x31\x3d\x74\x65\x6a\x65\x64\x61\x64\x65\x74\x69\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x32\x3d\x74\x6f\x72\x69\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x33\x3d\x74\x6f\x72\x6e\x61\x76\x61\x63\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x34\x3d\x61\x79\x74\x6f\x65\x6c\x74\x6f\x72\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x35\x3d\x74\x6f\x72\x72\x65\x63\x69\x6c\x6c\x61\x64\x65\x6c\x6f\x73\x61\x6e\x67\x65\x6c\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x36\x3d\x74\x6f\x72\x72\x65\x63\x69\x6c\x6c\x61\x73\x64\x65\x6c\x61\x74\x69\x65\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x37\x3d\x74\x6f\x72\x72\x65\x64\x65\x64\x6f\x6e\x6d\x69\x67\x75\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x38\x3d\x74\x6f\x72\x72\x65\x64\x65\x73\x61\x6e\x74\x61\x6d\x61\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x39\x3d\x74\x6f\x72\x72\x65\x6a\x6f\x6e\x65\x6c\x72\x75\x62\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x30\x3d\x74\x6f\x72\x72\x65\x6a\x6f\x6e\x63\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x31\x3d\x74\x6f\x72\x72\x65\x6d\x65\x6e\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x32\x3d\x74\x6f\x72\x72\x65\x6d\x6f\x63\x68\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x33\x3d\x74\x6f\x72\x72\x65\x6f\x72\x67\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x34\x3d\x74\x6f\x72\x72\x65\x71\x75\x65\x6d\x61\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x35\x3d\x76\x61\x6c\x64\x61\x73\x74\x69\x6c\x6c\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x36\x3d\x76\x61\x6c\x64\x65\x63\x61\x6e\x61\x73\x64\x65\x74\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x37\x3d\x76\x61\x6c\x64\x65\x66\x75\x65\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x38\x3d\x76\x61\x6c\x64\x65\x68\x75\x6e\x63\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x39\x3d\x76\x61\x6c\x64\x65\x69\x6e\x69\x67\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x30\x3d\x76\x61\x6c\x64\x65\x6c\x61\x63\x61\x73\x61\x64\x65\x74\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x31\x3d\x76\x61\x6c\x64\x65\x6d\x6f\x72\x61\x6c\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x32\x3d\x76\x61\x6c\x64\x65\x6f\x62\x69\x73\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x33\x3d\x76\x61\x6c\x64\x65\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x34\x3d\x76\x61\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x35\x3d\x76\x61\x6c\x65\x6e\x63\x69\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x36\x3d\x76\x61\x6c\x76\x65\x72\x64\x65\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x37\x3d\x76\x61\x6c\x76\x65\x72\x64\x65\x64\x65\x6c\x66\x72\x65\x73\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x38\x3d\x76\x65\x67\x61\x76\x69\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x39\x3d\x76\x69\x61\x6e\x64\x61\x72\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x30\x3d\x76\x69\x6c\x6c\x61\x64\x65\x6c\x63\x61\x6d\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x31\x3d\x76\x69\x6c\x6c\x61\x64\x65\x6c\x72\x65\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x32\x3d\x76\x69\x6c\x6c\x61\x6d\x65\x73\x69\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x33\x3d\x76\x69\x6c\x6c\x61\x6d\x69\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x34\x3d\x76\x69\x6c\x6c\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x35\x3d\x76\x69\x6c\x6c\x61\x72\x64\x65\x6c\x70\x65\x64\x72\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x36\x3d\x76\x69\x6c\x6c\x61\x72\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x37\x3d\x76\x69\x6c\x6c\x61\x73\x62\x75\x65\x6e\x61\x73\x64\x65\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x38\x3d\x7a\x61\x72\x7a\x61\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x39\x3d\x7a\x61\x72\x7a\x61\x64\x65\x6d\x6f\x6e\x74\x61\x6e\x63\x68\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x30\x3d\x7a\x61\x72\x7a\x61\x6c\x61\x6d\x61\x79\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x31\x3d\x7a\x6f\x72\x69\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x32\x3d\x72\x6f\x73\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x33\x3d\x76\x65\x67\x61\x76\x69\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x34\x3d\x61\x6c\x61\x67\x6f\x6e\x64\x65\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x35\x3d\x74\x69\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x36\x3d\x76\x61\x6c\x64\x65\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x37\x3d\x6e\x61\x76\x61\x74\x72\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x38\x3d\x72\x69\x76\x65\x72\x61\x64\x65\x66\x72\x65\x73\x6e\x65\x64\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x39\x3d\x65\x6c\x6d\x73\x61\x6e\x67\x69\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x30\x3d\x74\x61\x6a\x6f\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x31\x3d\x76\x61\x6c\x6c\x65\x61\x6d\x62\x72\x6f\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x32\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x61\x6c\x6c\x65\x64\x65\x6c\x61\x6c\x61\x67\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x33\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x61\x6c\x6c\x65\x64\x65\x6c\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x34\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x65\x67\x61\x73\x61\x6c\x74\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x35\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x36\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x7a\x6f\x6e\x61\x63\x65\x6e\x74\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x37\x3d\x76\x69\x6c\x6c\x75\x65\x72\x63\x61\x73\x2d\x69\x62\x6f\x72\x65\x73\x2d\x6a\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x38\x3d\x77\x77\x77\x2e\x61\x62\x61\x64\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x39\x3d\x77\x77\x77\x2e\x61\x62\x65\x72\x74\x75\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x30\x3d\x77\x77\x77\x2e\x61\x63\x65\x62\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x31\x3d\x77\x77\x77\x2e\x61\x63\x65\x68\x75\x63\x68\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x32\x3d\x77\x77\x77\x2e\x61\x63\x65\x69\x74\x75\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x33\x3d\x77\x77\x77\x2e\x61\x68\x69\x67\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x34\x3d\x77\x77\x77\x2e\x61\x6c\x61\x67\x6f\x6e\x64\x65\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x35\x3d\x77\x77\x77\x2e\x61\x6c\x63\x6f\x6c\x6c\x61\x72\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x36\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x61\x6c\x62\x61\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x37\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x38\x3d\x77\x77\x77\x2e\x61\x6c\x63\x75\x65\x73\x63\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x39\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x61\x63\x65\x6e\x74\x65\x6e\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x30\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x61\x64\x65\x6c\x63\x61\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x31\x3d\x77\x77\x77\x2e\x6c\x61\x61\x6c\x64\x65\x61\x64\x65\x6c\x6f\x62\x69\x73\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x32\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x33\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x63\x61\x6d\x69\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x34\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x68\x75\x65\x6c\x61\x64\x65\x6c\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x35\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x61\x6c\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x36\x3d\x77\x77\x77\x2e\x61\x6c\x69\x73\x65\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x37\x3d\x77\x77\x77\x2e\x61\x6c\x6d\x61\x72\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x38\x3d\x77\x77\x77\x2e\x61\x6c\x6d\x6f\x68\x61\x72\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x39\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x61\x72\x72\x6f\x79\x6f\x64\x65\x6c\x61\x6c\x75\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x30\x3d\x77\x77\x77\x2e\x61\x72\x72\x6f\x79\x6f\x6d\x6f\x6c\x69\x6e\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x31\x3d\x77\x77\x77\x2e\x61\x72\x72\x6f\x79\x6f\x6d\x6f\x6c\x69\x6e\x6f\x73\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x32\x3d\x77\x77\x77\x2e\x62\x61\x6e\x6f\x73\x64\x65\x6d\x6f\x6e\x74\x65\x6d\x61\x79\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x33\x3d\x77\x77\x77\x2e\x62\x61\x72\x72\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x34\x3d\x77\x77\x77\x2e\x62\x65\x6c\x76\x69\x73\x64\x65\x6d\x6f\x6e\x72\x6f\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x35\x3d\x77\x77\x77\x2e\x62\x65\x6e\x71\x75\x65\x72\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x36\x3d\x77\x77\x77\x2e\x62\x65\x72\x72\x6f\x63\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x37\x3d\x77\x77\x77\x2e\x62\x65\x72\x7a\x6f\x63\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x38\x3d\x77\x77\x77\x2e\x62\x6f\x68\x6f\x6e\x61\x6c\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x39\x3d\x77\x77\x77\x2e\x62\x6f\x74\x69\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x30\x3d\x77\x77\x77\x2e\x62\x72\x6f\x7a\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x31\x3d\x77\x77\x77\x2e\x63\x61\x62\x61\x6e\x61\x73\x64\x65\x6c\x63\x61\x73\x74\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x32\x3d\x77\x77\x77\x2e\x63\x61\x62\x65\x7a\x61\x62\x65\x6c\x6c\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x33\x3d\x77\x77\x77\x2e\x63\x61\x62\x65\x7a\x75\x65\x6c\x61\x64\x65\x6c\x76\x61\x6c\x6c\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x34\x3d\x77\x77\x77\x2e\x63\x61\x62\x72\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x35\x3d\x77\x77\x77\x2e\x63\x61\x63\x68\x6f\x72\x72\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x36\x3d\x77\x77\x77\x2e\x63\x61\x64\x61\x6c\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x37\x3d\x77\x77\x77\x2e\x63\x61\x6c\x7a\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x38\x3d\x77\x77\x77\x2e\x63\x61\x6d\x69\x6e\x6f\x6d\x6f\x72\x69\x73\x63\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x39\x3d\x77\x77\x77\x2e\x63\x61\x6d\x70\x69\x6c\x6c\x6f\x64\x65\x64\x65\x6c\x65\x69\x74\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x30\x3d\x77\x77\x77\x2e\x63\x61\x6d\x70\x6f\x6c\x75\x67\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x31\x3d\x77\x77\x77\x2e\x63\x61\x6e\x61\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x32\x3d\x77\x77\x77\x2e\x63\x61\x6e\x61\x76\x65\x72\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x33\x3d\x77\x77\x77\x2e\x63\x61\x72\x62\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x34\x3d\x77\x77\x77\x2e\x63\x61\x72\x63\x61\x62\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x35\x3d\x77\x77\x77\x2e\x63\x61\x72\x72\x61\x73\x63\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x36\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x72\x64\x65\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x37\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x72\x64\x65\x70\x61\x6c\x6f\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x38\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x72\x65\x73\x64\x65\x6c\x61\x73\x68\x75\x72\x64\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x39\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x64\x6f\x6e\x61\x6e\x74\x6f\x6e\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x30\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x64\x6f\x6e\x67\x6f\x6d\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x31\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x6c\x63\x61\x73\x74\x61\x6e\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x32\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x6c\x6d\x6f\x6e\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x33\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x6d\x69\x6c\x6c\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x34\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x6d\x69\x72\x61\x76\x65\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x35\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x74\x65\x6a\x61\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x36\x3d\x77\x77\x77\x2e\x63\x61\x73\x69\x6c\x6c\x61\x73\x64\x65\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x37\x3d\x77\x77\x77\x2e\x63\x61\x73\x74\x61\x6e\x61\x72\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x38\x3d\x77\x77\x77\x2e\x63\x65\x63\x6c\x61\x76\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x39\x3d\x77\x77\x77\x2e\x63\x65\x64\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x30\x3d\x77\x77\x77\x2e\x63\x65\x72\x65\x7a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x31\x3d\x77\x77\x77\x2e\x63\x69\x6c\x6c\x65\x72\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x32\x3d\x77\x77\x77\x2e\x63\x6f\x6c\x6c\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x33\x3d\x77\x77\x77\x2e\x63\x6f\x6e\x71\x75\x69\x73\x74\x61\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x34\x3d\x77\x77\x77\x2e\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x35\x3d\x77\x77\x77\x2e\x63\x75\x61\x63\x6f\x73\x64\x65\x79\x75\x73\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x36\x3d\x77\x77\x77\x2e\x6c\x61\x63\x75\x6d\x62\x72\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x37\x3d\x77\x77\x77\x2e\x64\x65\x6c\x65\x69\x74\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x38\x3d\x77\x77\x77\x2e\x64\x65\x73\x63\x61\x72\x67\x61\x6d\x61\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x39\x3d\x77\x77\x77\x2e\x65\x6c\x6a\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x30\x3d\x77\x77\x77\x2e\x65\x73\x63\x75\x72\x69\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x31\x3d\x77\x77\x77\x2e\x66\x72\x65\x73\x6e\x65\x64\x6f\x73\x6f\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x32\x3d\x77\x77\x77\x2e\x67\x61\x6c\x69\x73\x74\x65\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x33\x3d\x77\x77\x77\x2e\x67\x61\x72\x63\x69\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x34\x3d\x77\x77\x77\x2e\x6c\x61\x67\x61\x72\x67\x61\x6e\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x35\x3d\x77\x77\x77\x2e\x67\x61\x72\x67\x61\x6e\x74\x61\x6c\x61\x6f\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x36\x3d\x77\x77\x77\x2e\x67\x61\x72\x67\x61\x6e\x74\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x37\x3d\x77\x77\x77\x2e\x67\x61\x72\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x38\x3d\x77\x77\x77\x2e\x67\x61\x72\x72\x6f\x76\x69\x6c\x6c\x61\x73\x64\x65\x61\x6c\x63\x6f\x6e\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x39\x3d\x77\x77\x77\x2e\x67\x61\x72\x76\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x30\x3d\x77\x77\x77\x2e\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x31\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x65\x6c\x67\x6f\x72\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x32\x3d\x77\x77\x77\x2e\x6c\x61\x67\x72\x61\x6e\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x33\x3d\x77\x77\x77\x2e\x6c\x61\x67\x72\x61\x6e\x6a\x61\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x34\x3d\x77\x77\x77\x2e\x61\x79\x75\x6e\x74\x61\x6d\x69\x65\x6e\x74\x6f\x64\x65\x67\x75\x61\x64\x61\x6c\x75\x70\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x35\x3d\x77\x77\x77\x2e\x67\x75\x69\x6a\x6f\x64\x65\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x36\x3d\x77\x77\x77\x2e\x67\x75\x69\x6a\x6f\x64\x65\x67\x61\x6c\x69\x73\x74\x65\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x37\x3d\x77\x77\x77\x2e\x67\x75\x69\x6a\x6f\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x38\x3d\x77\x77\x77\x2e\x67\x75\x69\x6a\x6f\x64\x65\x73\x61\x6e\x74\x61\x62\x61\x72\x62\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x39\x3d\x77\x77\x77\x2e\x68\x65\x72\x67\x75\x69\x6a\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x30\x3d\x77\x77\x77\x2e\x68\x65\x72\x6e\x61\x6e\x70\x65\x72\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x31\x3d\x77\x77\x77\x2e\x68\x65\x72\x72\x65\x72\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x32\x3d\x77\x77\x77\x2e\x68\x65\x72\x72\x65\x72\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x33\x3d\x77\x77\x77\x2e\x68\x65\x72\x76\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x34\x3d\x77\x77\x77\x2e\x68\x69\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x35\x3d\x77\x77\x77\x2e\x68\x69\x6e\x6f\x6a\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x36\x3d\x77\x77\x77\x2e\x68\x6f\x6c\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x37\x3d\x77\x77\x77\x2e\x68\x6f\x79\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x38\x3d\x77\x77\x77\x2e\x68\x75\x65\x6c\x61\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x39\x3d\x77\x77\x77\x2e\x69\x62\x61\x68\x65\x72\x6e\x61\x6e\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x30\x3d\x77\x77\x77\x2e\x6a\x61\x72\x61\x69\x63\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x31\x3d\x77\x77\x77\x2e\x6a\x61\x72\x61\x69\x7a\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x32\x3d\x77\x77\x77\x2e\x6a\x61\x72\x61\x6e\x64\x69\x6c\x6c\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x33\x3d\x77\x77\x77\x2e\x6a\x61\x72\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x34\x3d\x77\x77\x77\x2e\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x35\x3d\x77\x77\x77\x2e\x6c\x61\x64\x72\x69\x6c\x6c\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x36\x3d\x77\x77\x77\x2e\x6c\x6f\x67\x72\x6f\x73\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x37\x3d\x77\x77\x77\x2e\x6c\x6f\x73\x61\x72\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x38\x3d\x77\x77\x77\x2e\x6d\x61\x64\x72\x69\x67\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x39\x3d\x77\x77\x77\x2e\x6d\x61\x64\x72\x69\x67\x61\x6c\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x30\x3d\x77\x77\x77\x2e\x6d\x61\x64\x72\x6f\x6e\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x31\x3d\x77\x77\x77\x2e\x6d\x61\x6a\x61\x64\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x32\x3d\x77\x77\x77\x2e\x6d\x61\x6c\x70\x61\x72\x74\x69\x64\x61\x64\x65\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x33\x3d\x77\x77\x77\x2e\x6d\x61\x6c\x70\x61\x72\x74\x69\x64\x61\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x34\x3d\x77\x77\x77\x2e\x6d\x61\x72\x63\x68\x61\x67\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x35\x3d\x77\x77\x77\x2e\x6d\x61\x74\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x36\x3d\x77\x77\x77\x2e\x6d\x65\x6d\x62\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x37\x3d\x77\x77\x77\x2e\x6d\x65\x73\x61\x73\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x38\x3d\x77\x77\x77\x2e\x6d\x69\x61\x6a\x61\x64\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x39\x3d\x77\x77\x77\x2e\x6d\x69\x6c\x6c\x61\x6e\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x30\x3d\x77\x77\x77\x2e\x6d\x69\x72\x61\x62\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x31\x3d\x77\x77\x77\x2e\x6d\x6f\x68\x65\x64\x61\x73\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x32\x3d\x77\x77\x77\x2e\x6d\x6f\x6e\x72\x6f\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x33\x3d\x77\x77\x77\x2e\x6d\x6f\x6e\x74\x61\x6e\x63\x68\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x34\x3d\x77\x77\x77\x2e\x6d\x6f\x6e\x74\x65\x68\x65\x72\x6d\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x35\x3d\x77\x77\x77\x2e\x6d\x6f\x72\x61\x6c\x65\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x36\x3d\x77\x77\x77\x2e\x6d\x6f\x72\x63\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x37\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x63\x6f\x6e\x63\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x38\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x6c\x76\x69\x6c\x6c\x61\x72\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x39\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x6c\x6d\x6f\x72\x61\x6c\x64\x65\x6c\x61\x6d\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x30\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x73\x64\x65\x6c\x6d\x61\x64\x72\x6f\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x31\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x74\x72\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x32\x3d\x77\x77\x77\x2e\x6e\x61\x76\x65\x7a\x75\x65\x6c\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x33\x3d\x77\x77\x77\x2e\x6e\x75\x6e\x6f\x6d\x6f\x72\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x34\x3d\x77\x77\x77\x2e\x6f\x6c\x69\x76\x61\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x35\x3d\x77\x77\x77\x2e\x70\x61\x6c\x6f\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x36\x3d\x77\x77\x77\x2e\x70\x61\x73\x61\x72\x6f\x6e\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x37\x3d\x77\x77\x77\x2e\x70\x65\x64\x72\x6f\x73\x6f\x64\x65\x61\x63\x69\x6d\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x38\x3d\x77\x77\x77\x2e\x70\x65\x72\x61\x6c\x65\x64\x61\x64\x65\x6c\x61\x6d\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x39\x3d\x77\x77\x77\x2e\x70\x65\x72\x61\x6c\x65\x64\x61\x64\x65\x73\x61\x6e\x72\x6f\x6d\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x30\x3d\x77\x77\x77\x2e\x70\x65\x72\x61\x6c\x65\x73\x64\x65\x6c\x70\x75\x65\x72\x74\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x31\x3d\x77\x77\x77\x2e\x70\x65\x73\x63\x75\x65\x7a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x32\x3d\x77\x77\x77\x2e\x6c\x61\x70\x65\x73\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x33\x3d\x77\x77\x77\x2e\x70\x69\x65\x64\x72\x61\x73\x61\x6c\x62\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x34\x3d\x77\x77\x77\x2e\x70\x69\x6e\x6f\x66\x72\x61\x6e\x71\x75\x65\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x35\x3d\x77\x77\x77\x2e\x70\x69\x6f\x72\x6e\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x36\x3d\x77\x77\x77\x2e\x70\x6c\x61\x73\x65\x6e\x7a\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x37\x3d\x77\x77\x77\x2e\x70\x6f\x72\x74\x61\x6a\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x38\x3d\x77\x77\x77\x2e\x70\x6f\x72\x74\x65\x7a\x75\x65\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x39\x3d\x77\x77\x77\x2e\x70\x6f\x7a\x75\x65\x6c\x6f\x64\x65\x7a\x61\x72\x7a\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x30\x3d\x77\x77\x77\x2e\x70\x75\x65\x62\x6c\x6f\x6e\x75\x65\x76\x6f\x64\x65\x6d\x69\x72\x61\x6d\x6f\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x31\x3d\x77\x77\x77\x2e\x70\x75\x65\x72\x74\x6f\x64\x65\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x32\x3d\x77\x77\x77\x2e\x72\x65\x62\x6f\x6c\x6c\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x33\x3d\x77\x77\x77\x2e\x72\x69\x6f\x6c\x6f\x62\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x34\x3d\x77\x77\x77\x2e\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x35\x3d\x77\x77\x77\x2e\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x36\x3d\x77\x77\x77\x2e\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x74\x72\x75\x6a\x69\x6c\x6c\x6f\x2c\x44\x4e\x53\x2e\x33\x39\x37\x3d\x77\x77\x77\x2e\x72\x6f\x62\x6c\x65\x64\x6f\x6c\x6c\x61\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x38\x3d\x77\x77\x77\x2e\x72\x6f\x6d\x61\x6e\x67\x6f\x72\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x39\x3d\x77\x77\x77\x2e\x72\x75\x61\x6e\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x30\x3d\x77\x77\x77\x2e\x73\x61\x6c\x6f\x72\x69\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x31\x3d\x77\x77\x77\x2e\x73\x61\x6c\x76\x61\x74\x69\x65\x72\x72\x61\x64\x65\x73\x61\x6e\x74\x69\x61\x67\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x32\x3d\x77\x77\x77\x2e\x73\x61\x6e\x6d\x61\x72\x74\x69\x6e\x64\x65\x74\x72\x65\x76\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x33\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x73\x61\x6e\x74\x61\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x34\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x35\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x64\x65\x70\x61\x6e\x69\x61\x67\x75\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x36\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x61\x6d\x61\x72\x74\x61\x64\x65\x6d\x61\x67\x61\x73\x63\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x37\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x69\x61\x67\x6f\x64\x65\x6c\x63\x61\x6d\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x38\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x69\x62\x61\x6e\x65\x7a\x65\x6c\x61\x6c\x74\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x39\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x69\x62\x61\x6e\x65\x7a\x65\x6c\x62\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x30\x3d\x77\x77\x77\x2e\x73\x61\x75\x63\x65\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x31\x3d\x77\x77\x77\x2e\x73\x65\x67\x75\x72\x61\x64\x65\x74\x6f\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x32\x3d\x77\x77\x77\x2e\x73\x65\x72\x72\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x33\x3d\x77\x77\x77\x2e\x73\x65\x72\x72\x65\x6a\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x34\x3d\x77\x77\x77\x2e\x73\x69\x65\x72\x72\x61\x64\x65\x66\x75\x65\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x35\x3d\x77\x77\x77\x2e\x74\x61\x6c\x61\x76\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x36\x3d\x77\x77\x77\x2e\x74\x61\x6c\x61\x76\x65\x72\x75\x65\x6c\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x37\x3d\x77\x77\x77\x2e\x74\x61\x6c\x61\x79\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x38\x3d\x77\x77\x77\x2e\x74\x65\x6a\x65\x64\x61\x64\x65\x74\x69\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x39\x3d\x77\x77\x77\x2e\x74\x6f\x72\x69\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x30\x3d\x77\x77\x77\x2e\x74\x6f\x72\x6e\x61\x76\x61\x63\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x31\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x65\x6c\x74\x6f\x72\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x32\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x63\x69\x6c\x6c\x61\x64\x65\x6c\x6f\x73\x61\x6e\x67\x65\x6c\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x33\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x63\x69\x6c\x6c\x61\x73\x64\x65\x6c\x61\x74\x69\x65\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x34\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x64\x65\x64\x6f\x6e\x6d\x69\x67\x75\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x35\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x64\x65\x73\x61\x6e\x74\x61\x6d\x61\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x36\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6a\x6f\x6e\x65\x6c\x72\x75\x62\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x37\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6a\x6f\x6e\x63\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x38\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6d\x65\x6e\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x39\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6d\x6f\x63\x68\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x30\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6f\x72\x67\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x31\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x71\x75\x65\x6d\x61\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x32\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x61\x73\x74\x69\x6c\x6c\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x33\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x63\x61\x6e\x61\x73\x64\x65\x74\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x34\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x66\x75\x65\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x35\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x68\x75\x6e\x63\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x36\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x69\x6e\x69\x67\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x37\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x6c\x61\x63\x61\x73\x61\x64\x65\x74\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x38\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x6d\x6f\x72\x61\x6c\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x39\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x6f\x62\x69\x73\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x30\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x31\x3d\x77\x77\x77\x2e\x76\x61\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x32\x3d\x77\x77\x77\x2e\x76\x61\x6c\x65\x6e\x63\x69\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x33\x3d\x77\x77\x77\x2e\x76\x61\x6c\x76\x65\x72\x64\x65\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x34\x3d\x77\x77\x77\x2e\x76\x61\x6c\x76\x65\x72\x64\x65\x64\x65\x6c\x66\x72\x65\x73\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x35\x3d\x77\x77\x77\x2e\x76\x65\x67\x61\x76\x69\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x36\x3d\x77\x77\x77\x2e\x76\x69\x61\x6e\x64\x61\x72\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x37\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x64\x65\x6c\x63\x61\x6d\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x38\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x64\x65\x6c\x72\x65\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x39\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x6d\x65\x73\x69\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x30\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x6d\x69\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x31\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x32\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x72\x64\x65\x6c\x70\x65\x64\x72\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x33\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x72\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x34\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x73\x62\x75\x65\x6e\x61\x73\x64\x65\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x35\x3d\x77\x77\x77\x2e\x7a\x61\x72\x7a\x61\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x36\x3d\x77\x77\x77\x2e\x7a\x61\x72\x7a\x61\x64\x65\x6d\x6f\x6e\x74\x61\x6e\x63\x68\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x37\x3d\x77\x77\x77\x2e\x7a\x61\x72\x7a\x61\x6c\x61\x6d\x61\x79\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x38\x3d\x77\x77\x77\x2e\x7a\x6f\x72\x69\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x39\x3d\x77\x77\x77\x2e\x72\x6f\x73\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x30\x3d\x77\x77\x77\x2e\x76\x65\x67\x61\x76\x69\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x31\x3d\x77\x77\x77\x2e\x61\x6c\x61\x67\x6f\x6e\x64\x65\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x32\x3d\x77\x77\x77\x2e\x74\x69\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x33\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x34\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x74\x72\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x35\x3d\x77\x77\x77\x2e\x72\x69\x76\x65\x72\x61\x64\x65\x66\x72\x65\x73\x6e\x65\x64\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x36\x3d\x77\x77\x77\x2e\x65\x6c\x6d\x73\x61\x6e\x67\x69\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x37\x3d\x77\x77\x77\x2e\x74\x61\x6a\x6f\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x38\x3d\x77\x77\x77\x2e\x76\x61\x6c\x6c\x65\x61\x6d\x62\x72\x6f\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x39\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x61\x6c\x6c\x65\x64\x65\x6c\x61\x6c\x61\x67\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x30\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x61\x6c\x6c\x65\x64\x65\x6c\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x31\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x65\x67\x61\x73\x61\x6c\x74\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x32\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x33\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x7a\x6f\x6e\x61\x63\x65\x6e\x74\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x34\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x75\x65\x72\x63\x61\x73\x2d\x69\x62\x6f\x72\x65\x73\x2d\x6a\x61\x72\x61\x2e\x65\x73", - 12589}, - .can_encode = 1} + { .name = "simple DN", + .str = "C=GR,ST=Attiki,O=Koko inc.,OU=sleeping dept.,UID=clauper,CN=Cindy Lauper", + .compat_str = + "CN=Cindy Lauper,UID=clauper,OU=sleeping dept.,O=Koko inc.,ST=Attiki,C=GR", + .raw = { (void *)"\x30\x7b\x31\x15\x30\x13\x06\x03\x55\x04\x03\x13\x0c\x43\x69\x6e\x64\x79\x20\x4c\x61\x75\x70\x65\x72\x31\x17\x30\x15\x06\x0a\x09\x92\x26\x89\x93\xf2\x2c\x64\x01\x01\x13\x07\x63\x6c\x61\x75\x70\x65\x72\x31\x17\x30\x15\x06\x03\x55\x04\x0b\x13\x0e\x73\x6c\x65\x65\x70\x69\x6e\x67\x20\x64\x65\x70\x74\x2e\x31\x12\x30\x10\x06\x03\x55\x04\x0a\x13\x09\x4b\x6f\x6b\x6f\x20\x69\x6e\x63\x2e\x31\x0f\x30\x0d\x06\x03\x55\x04\x08\x13\x06\x41\x74\x74\x69\x6b\x69\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x47\x52", + 125 }, + .can_encode = 1 }, + { .name = "UTF8 DN", + .str = "C=GR,ST=Αττική,O=Μεγάλη εταιρία,CN=🐨", + .compat_str = "CN=🐨,O=Μεγάλη εταιρία,ST=Αττική,C=GR", + .raw = { (void *)"\x30\x59\x31\x0d\x30\x0b\x06\x03\x55\x04\x03\x0c\x04\xf0\x9f\x90\xa8\x31\x24\x30\x22\x06\x03\x55\x04\x0a\x0c\x1b\xce\x9c\xce\xb5\xce\xb3\xce\xac\xce\xbb\xce\xb7\x20\xce\xb5\xcf\x84\xce\xb1\xce\xb9\xcf\x81\xce\xaf\xce\xb1\x31\x15\x30\x13\x06\x03\x55\x04\x08\x0c\x0c\xce\x91\xcf\x84\xcf\x84\xce\xb9\xce\xba\xce\xae\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x47\x52", + 91 }, + .can_encode = 1 }, + { .name = "combo DN", + .compat_str = "C=\\,\\ ,OU=\\ X\\ ,CN=\\#XXX", + .str = "CN=\\#XXX,OU=\\ X\\ ,C=\\,\\ ", + .raw = { (void *)"\x30\x2b\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x2c\x20\x31\x0d\x30\x0b\x06\x03\x55\x04\x0b\x13\x04\x20\x20\x58\x20\x31\x0d\x30\x0b\x06\x03\x55\x04\x03\x0c\x04\x23\x58\x58\x58", + 45 }, + .can_encode = 1 }, + { .name = "very long DN", + .compat_str = + "C=ES,ST=CACERES,L=CACERES,O=DIPUTACION PROVINCIAL DE CACERES,OU=DIPUTACION PROVINCIAL DE CACERES,CN=www.dip-caceres.es,EMAIL=webmaster@dip-caceres.es,2.5.29.17=#1382304b444e532e313d6162616469612e65732c444e532e323d61626572747572612e65732c444e532e333d616365626f2e65732c444e532e343d61636568756368652e65732c444e532e353d6163656974756e612e65732c444e532e363d61686967616c2e65732c444e532e373d616c61676f6e64656c72696f2e65732c444e532e383d616c636f6c6c6172696e2e65732c444e532e393d6179746f616c62616c612e65732c444e532e31303d6179746f616c63616e746172612e65732c444e532e31313d616c637565736361722e65732c444e532e31323d616c64656163656e74656e6572612e65732c444e532e31333d616c64656164656c63616e6f2e65732c444e532e31343d6c61616c64656164656c6f626973706f2e65732c444e532e31353d616c6465616e7565766164656c61766572612e65732c444e532e31363d616c6465616e7565766164656c63616d696e6f2e65732c444e532e31373d616c64656875656c6164656c6a657274652e65732c444e532e31383d6179746f616c69612e65732c444e532e31393d616c69736564612e65732c444e532e32303d616c6d6172617a2e65732c444e532e32313d616c6d6f686172696e2e65732c444e532e32323d6179746f6172726f796f64656c616c757a2e65732c444e532e32333d6172726f796f6d6f6c696e6f732e65732c444e532e32343d6172726f796f6d6f6c696e6f7364656c61766572612e65732c444e532e32353d62616e6f7364656d6f6e74656d61796f722e65732c444e532e32363d6261727261646f2e65732c444e532e32373d62656c76697364656d6f6e726f792e65732c444e532e32383d62656e71756572656e6369612e65732c444e532e32393d626572726f63616c656a6f2e65732c444e532e33303d6265727a6f63616e612e65732c444e532e33313d626f686f6e616c646569626f722e65732c444e532e33323d626f74696a612e65732c444e532e33333d62726f7a61732e65732c444e532e33343d636162616e617364656c63617374696c6c6f2e65732c444e532e33353d636162657a6162656c6c6f73612e65732c444e532e33363d636162657a75656c6164656c76616c6c652e65732c444e532e33373d6361627265726f2e65732c444e532e33383d636163686f7272696c6c612e65732c444e532e33393d636164616c736f2e65732c444e532e34303d63616c7a6164696c6c612e65732c444e532e34313d63616d696e6f6d6f726973636f2e65732c444e532e34323d63616d70696c6c6f646564656c6569746f73612e65732c444e532e34333d63616d706f6c756761722e65732c444e532e34343d63616e616d65726f2e65732c444e532e34353d63616e61766572616c2e65732c444e532e34363d63617262616a6f2e65732c444e532e34373d6361726361626f736f2e65732c444e532e34383d63617272617363616c656a6f2e65732c444e532e34393d63617361726465636163657265732e65732c444e532e35303d6361736172646570616c6f6d65726f2e65732c444e532e35313d6361736172657364656c61736875726465732e65732c444e532e35323d63617361736465646f6e616e746f6e696f2e65732c444e532e35333d63617361736465646f6e676f6d657a2e65732c444e532e35343d636173617364656c63617374616e61722e65732c444e532e35353d636173617364656c6d6f6e74652e65732c444e532e35363d636173617364656d696c6c616e2e65732c444e532e35373d636173617364656d697261766574652e65732c444e532e35383d6361736174656a6164612e65732c444e532e35393d636173696c6c61736465636f7269612e65732c444e532e36303d63617374616e6172646569626f722e65732c444e532e36313d6365636c6176696e2e65732c444e532e36323d636564696c6c6f2e65732c444e532e36333d636572657a6f2e65732c444e532e36343d63696c6c65726f732e65732c444e532e36353d636f6c6c61646f2e65732c444e532e36363d636f6e71756973746164656c617369657272612e65732c444e532e36373d636f7269612e65732c444e532e36383d637561636f73646579757374652e65732c444e532e36393d6c6163756d6272652e65732c444e532e37303d64656c6569746f73612e65732c444e532e37313d64657363617267616d617269612e65732c444e532e37323d656c6a61732e65732c444e532e37333d657363757269616c2e65732c444e532e37343d667265736e65646f736f646569626f722e65732c444e532e37353d67616c697374656f2e65732c444e532e37363d6761726369617a2e65732c444e532e37373d6c6167617267616e74612e65732c444e532e37383d67617267616e74616c616f6c6c612e65732c444e532e37393d67617267616e74696c6c612e65732c444e532e38303d67617267756572612e65732c444e532e38313d676172726f76696c6c61736465616c636f6e657461722e65732c444e532e38323d67617276696e2e65732c444e532e38333d676174612e65732c444e532e38343d6179746f656c676f72646f2e65732c444e532e38353d6c616772616e6a612e65732c444e532e38363d6c616772616e6a6164656772616e6164696c6c612e65732c444e532e38373d6179756e74616d69656e746f646567756164616c7570652e65732c444e532e38383d6775696a6f6465636f7269612e65732c444e532e38393d6775696a6f646567616c697374656f2e65732c444e532e39303d6775696a6f64656772616e6164696c6c612e65732c444e532e39313d6775696a6f646573616e7461626172626172612e65732c444e532e39323d6865726775696a75656c612e65732c444e532e39333d6865726e616e706572657a2e65732c444e532e39343d686572726572616465616c63616e746172612e65732c444e532e39353d68657272657275656c612e65732c444e532e39363d6865727661732e65732c444e532e39373d686967756572612e65732c444e532e39383d68696e6f6a616c2e65732c444e532e39393d686f6c67756572612e65732c444e532e3130303d686f796f732e65732c444e532e3130313d6875656c6167612e65732c444e532e3130323d6962616865726e616e646f2e65732c444e532e3130333d6a6172616963656a6f2e65732c444e532e3130343d6a617261697a64656c61766572612e65732c444e532e3130353d6a6172616e64696c6c6164656c61766572612e65732c444e532e3130363d6a6172696c6c612e65732c444e532e3130373d6a657274652e65732c444e532e3130383d6c616472696c6c61722e65732c444e532e3130393d6c6f67726f73616e2e65732c444e532e3131303d6c6f73617264656c61766572612e65732c444e532e3131313d6d6164726967616c656a6f2e65732c444e532e3131323d6d6164726967616c64656c61766572612e65732c444e532e3131333d6d6164726f6e6572612e65732c444e532e3131343d6d616a616461732e65732c444e532e3131353d6d616c706172746964616465636163657265732e65732c444e532e3131363d6d616c706172746964616465706c6173656e6369612e65732c444e532e3131373d6d617263686167617a2e65732c444e532e3131383d6d6174616465616c63616e746172612e65732c444e532e3131393d6d656d6272696f2e65732c444e532e3132303d6d65736173646569626f722e65732c444e532e3132313d6d69616a616461732e65732c444e532e3132323d6d696c6c616e65732e65732c444e532e3132333d6d69726162656c2e65732c444e532e3132343d6d6f686564617364656772616e6164696c6c612e65732c444e532e3132353d6d6f6e726f792e65732c444e532e3132363d6d6f6e74616e6368657a2e65732c444e532e3132373d6d6f6e74656865726d6f736f2e65732c444e532e3132383d6d6f72616c656a612e65732c444e532e3132393d6d6f7263696c6c6f2e65732c444e532e3133303d6e617661636f6e63656a6f2e65732c444e532e3133313d6e6176616c76696c6c6172646569626f722e65732c444e532e3133323d6e6176616c6d6f72616c64656c616d6174612e65732c444e532e3133333d6e6176617364656c6d6164726f6e6f2e65732c444e532e3133343d6e6176617472617369657272612e65732c444e532e3133353d6e6176657a75656c61732e65732c444e532e3133363d6e756e6f6d6f72616c2e65732c444e532e3133373d6f6c6976616465706c6173656e6369612e65732c444e532e3133383d70616c6f6d65726f2e65732c444e532e3133393d70617361726f6e64656c61766572612e65732c444e532e3134303d706564726f736f64656163696d2e65732c444e532e3134313d706572616c65646164656c616d6174612e65732c444e532e3134323d706572616c656461646573616e726f6d616e2e65732c444e532e3134333d706572616c657364656c70756572746f2e65732c444e532e3134343d7065736375657a612e65732c444e532e3134353d6c6170657367612e65732c444e532e3134363d70696564726173616c6261732e65732c444e532e3134373d70696e6f6672616e71756561646f2e65732c444e532e3134383d70696f726e616c2e65732c444e532e3134393d706c6173656e7a75656c612e65732c444e532e3135303d706f7274616a652e65732c444e532e3135313d706f7274657a75656c6f2e65732c444e532e3135323d706f7a75656c6f64657a61727a6f6e2e65732c444e532e3135333d707565626c6f6e7565766f64656d6972616d6f6e7465732e65732c444e532e3135343d70756572746f646573616e74616372757a2e65732c444e532e3135353d7265626f6c6c61722e65732c444e532e3135363d72696f6c6f626f732e65732c444e532e3135373d726f626c6564696c6c6f6465676174612e65732c444e532e3135383d726f626c6564696c6c6f64656c61766572612e65732c444e532e3135393d726f626c6564696c6c6f64657472756a696c6c6f2c444e532e3136303d726f626c65646f6c6c616e6f2e65732c444e532e3136313d726f6d616e676f72646f2e65732c444e532e3136323d7275616e65732e65732c444e532e3136333d73616c6f72696e6f2e65732c444e532e3136343d73616c7661746965727261646573616e746961676f2e65732c444e532e3136353d73616e6d617274696e646574726576656a6f2e65732c444e532e3136363d6179746f73616e7461616e612e65732c444e532e3136373d73616e74616372757a64656c617369657272612e65732c444e532e3136383d73616e74616372757a646570616e69616775612e65732c444e532e3136393d73616e74616d6172746164656d6167617363612e65732c444e532e3137303d73616e746961676f64656c63616d706f2e65732c444e532e3137313d73616e746962616e657a656c616c746f2e65732c444e532e3137323d73616e746962616e657a656c62616a6f2e65732c444e532e3137333d736175636564696c6c612e65732c444e532e3137343d7365677572616465746f726f2e65732c444e532e3137353d736572726164696c6c612e65732c444e532e3137363d73657272656a6f6e2e65732c444e532e3137373d73696572726164656675656e7465732e65732c444e532e3137383d74616c6176616e2e65732c444e532e3137393d74616c6176657275656c6164656c61766572612e65732c444e532e3138303d74616c617975656c612e65732c444e532e3138313d74656a65646164657469657461722e65732c444e532e3138323d746f72696c2e65732c444e532e3138333d746f726e6176616361732e65732c444e532e3138343d6179746f656c746f726e6f2e65732c444e532e3138353d746f72726563696c6c6164656c6f73616e67656c65732e65732c444e532e3138363d746f72726563696c6c617364656c6174696573612e65732c444e532e3138373d746f7272656465646f6e6d696775656c2e65732c444e532e3138383d746f727265646573616e74616d617269612e65732c444e532e3138393d746f7272656a6f6e656c727562696f2e65732c444e532e3139303d746f7272656a6f6e63696c6c6f2e65732c444e532e3139313d746f7272656d656e67612e65732c444e532e3139323d746f7272656d6f6368612e65732c444e532e3139333d746f7272656f7267617a2e65732c444e532e3139343d746f7272657175656d6164612e65732c444e532e3139353d76616c64617374696c6c61732e65732c444e532e3139363d76616c646563616e6173646574616a6f2e65732c444e532e3139373d76616c64656675656e7465732e65732c444e532e3139383d76616c646568756e6361722e65732c444e532e3139393d76616c6465696e69676f732e65732c444e532e3230303d76616c64656c6163617361646574616a6f2e65732c444e532e3230313d76616c64656d6f72616c65732e65732c444e532e3230323d76616c64656f626973706f2e65732c444e532e3230333d76616c646573616c6f722e65732c444e532e3230343d76616c72696f2e65732c444e532e3230353d76616c656e6369616465616c63616e746172612e65732c444e532e3230363d76616c766572646564656c61766572612e65732c444e532e3230373d76616c766572646564656c667265736e6f2e65732c444e532e3230383d766567617669616e612e65732c444e532e3230393d7669616e64617264656c61766572612e65732c444e532e3231303d76696c6c6164656c63616d706f2e65732c444e532e3231313d76696c6c6164656c7265792e65732c444e532e3231323d76696c6c616d65736961732e65732c444e532e3231333d76696c6c616d69656c2e65732c444e532e3231343d76696c6c616e7565766164656c617369657272612e65732c444e532e3231353d76696c6c617264656c706564726f736f2e65732c444e532e3231363d76696c6c61726465706c6173656e6369612e65732c444e532e3231373d76696c6c61736275656e61736465676174612e65732c444e532e3231383d7a61727a6164656772616e6164696c6c612e65732c444e532e3231393d7a61727a6164656d6f6e74616e6368657a2e65732c444e532e3232303d7a61727a616c616d61796f722e65732c444e532e3232313d7a6f726974612e65732c444e532e3232323d726f73616c656a6f2e65732c444e532e3232333d766567617669616e612e65732c444e532e3232343d616c61676f6e64656c72696f2e65732c444e532e3232353d7469657461722e65732c444e532e3232363d76616c646573616c6f722e65732c444e532e3232373d6e6176617472617369657272612e65732c444e532e3232383d7269766572616465667265736e65646f73612e65732c444e532e3232393d656c6d73616e67696c2e65732c444e532e3233303d74616a6f73616c6f722e65732c444e532e3233313d76616c6c65616d62726f7a2e65732c444e532e3233323d6d616e636f6d756e6964616476616c6c6564656c616c61676f6e2e65732c444e532e3233333d6d616e636f6d756e6964616476616c6c6564656c6a657274652e65732c444e532e3233343d6d616e636f6d756e696461647665676173616c7461732e65732c444e532e3233353d6d616e636f6d756e6964616464656c61766572612e65732c444e532e3233363d6d616e636f6d756e696461647a6f6e6163656e74726f2e65732c444e532e3233373d76696c6c7565726361732d69626f7265732d6a6172612e65732c444e532e3233383d7777772e6162616469612e65732c444e532e3233393d7777772e61626572747572612e65732c444e532e3234303d7777772e616365626f2e65732c444e532e3234313d7777772e61636568756368652e65732c444e532e3234323d7777772e6163656974756e612e65732c444e532e3234333d7777772e61686967616c2e65732c444e532e3234343d7777772e616c61676f6e64656c72696f2e65732c444e532e3234353d7777772e616c636f6c6c6172696e2e65732c444e532e3234363d7777772e6179746f616c62616c612e65732c444e532e3234373d7777772e6179746f616c63616e746172612e65732c444e532e3234383d7777772e616c637565736361722e65732c444e532e3234393d7777772e616c64656163656e74656e6572612e65732c444e532e3235303d7777772e616c64656164656c63616e6f2e65732c444e532e3235313d7777772e6c61616c64656164656c6f626973706f2e65732c444e532e3235323d7777772e616c6465616e7565766164656c61766572612e65732c444e532e3235333d7777772e616c6465616e7565766164656c63616d696e6f2e65732c444e532e3235343d7777772e616c64656875656c6164656c6a657274652e65732c444e532e3235353d7777772e6179746f616c69612e65732c444e532e3235363d7777772e616c69736564612e65732c444e532e3235373d7777772e616c6d6172617a2e65732c444e532e3235383d7777772e616c6d6f686172696e2e65732c444e532e3235393d7777772e6179746f6172726f796f64656c616c757a2e65732c444e532e3236303d7777772e6172726f796f6d6f6c696e6f732e65732c444e532e3236313d7777772e6172726f796f6d6f6c696e6f7364656c61766572612e65732c444e532e3236323d7777772e62616e6f7364656d6f6e74656d61796f722e65732c444e532e3236333d7777772e6261727261646f2e65732c444e532e3236343d7777772e62656c76697364656d6f6e726f792e65732c444e532e3236353d7777772e62656e71756572656e6369612e65732c444e532e3236363d7777772e626572726f63616c656a6f2e65732c444e532e3236373d7777772e6265727a6f63616e612e65732c444e532e3236383d7777772e626f686f6e616c646569626f722e65732c444e532e3236393d7777772e626f74696a612e65732c444e532e3237303d7777772e62726f7a61732e65732c444e532e3237313d7777772e636162616e617364656c63617374696c6c6f2e65732c444e532e3237323d7777772e636162657a6162656c6c6f73612e65732c444e532e3237333d7777772e636162657a75656c6164656c76616c6c652e65732c444e532e3237343d7777772e6361627265726f2e65732c444e532e3237353d7777772e636163686f7272696c6c612e65732c444e532e3237363d7777772e636164616c736f2e65732c444e532e3237373d7777772e63616c7a6164696c6c612e65732c444e532e3237383d7777772e63616d696e6f6d6f726973636f2e65732c444e532e3237393d7777772e63616d70696c6c6f646564656c6569746f73612e65732c444e532e3238303d7777772e63616d706f6c756761722e65732c444e532e3238313d7777772e63616e616d65726f2e65732c444e532e3238323d7777772e63616e61766572616c2e65732c444e532e3238333d7777772e63617262616a6f2e65732c444e532e3238343d7777772e6361726361626f736f2e65732c444e532e3238353d7777772e63617272617363616c656a6f2e65732c444e532e3238363d7777772e63617361726465636163657265732e65732c444e532e3238373d7777772e6361736172646570616c6f6d65726f2e65732c444e532e3238383d7777772e6361736172657364656c61736875726465732e65732c444e532e3238393d7777772e63617361736465646f6e616e746f6e696f2e65732c444e532e3239303d7777772e63617361736465646f6e676f6d657a2e65732c444e532e3239313d7777772e636173617364656c63617374616e61722e65732c444e532e3239323d7777772e636173617364656c6d6f6e74652e65732c444e532e3239333d7777772e636173617364656d696c6c616e2e65732c444e532e3239343d7777772e636173617364656d697261766574652e65732c444e532e3239353d7777772e6361736174656a6164612e65732c444e532e3239363d7777772e636173696c6c61736465636f7269612e65732c444e532e3239373d7777772e63617374616e6172646569626f722e65732c444e532e3239383d7777772e6365636c6176696e2e65732c444e532e3239393d7777772e636564696c6c6f2e65732c444e532e3330303d7777772e636572657a6f2e65732c444e532e3330313d7777772e63696c6c65726f732e65732c444e532e3330323d7777772e636f6c6c61646f2e65732c444e532e3330333d7777772e636f6e71756973746164656c617369657272612e65732c444e532e3330343d7777772e636f7269612e65732c444e532e3330353d7777772e637561636f73646579757374652e65732c444e532e3330363d7777772e6c6163756d6272652e65732c444e532e3330373d7777772e64656c6569746f73612e65732c444e532e3330383d7777772e64657363617267616d617269612e65732c444e532e3330393d7777772e656c6a61732e65732c444e532e3331303d7777772e657363757269616c2e65732c444e532e3331313d7777772e667265736e65646f736f646569626f722e65732c444e532e3331323d7777772e67616c697374656f2e65732c444e532e3331333d7777772e6761726369617a2e65732c444e532e3331343d7777772e6c6167617267616e74612e65732c444e532e3331353d7777772e67617267616e74616c616f6c6c612e65732c444e532e3331363d7777772e67617267616e74696c6c612e65732c444e532e3331373d7777772e67617267756572612e65732c444e532e3331383d7777772e676172726f76696c6c61736465616c636f6e657461722e65732c444e532e3331393d7777772e67617276696e2e65732c444e532e3332303d7777772e676174612e65732c444e532e3332313d7777772e6179746f656c676f72646f2e65732c444e532e3332323d7777772e6c616772616e6a612e65732c444e532e3332333d7777772e6c616772616e6a6164656772616e6164696c6c612e65732c444e532e3332343d7777772e6179756e74616d69656e746f646567756164616c7570652e65732c444e532e3332353d7777772e6775696a6f6465636f7269612e65732c444e532e3332363d7777772e6775696a6f646567616c697374656f2e65732c444e532e3332373d7777772e6775696a6f64656772616e6164696c6c612e65732c444e532e3332383d7777772e6775696a6f646573616e7461626172626172612e65732c444e532e3332393d7777772e6865726775696a75656c612e65732c444e532e3333303d7777772e6865726e616e706572657a2e65732c444e532e3333313d7777772e686572726572616465616c63616e746172612e65732c444e532e3333323d7777772e68657272657275656c612e65732c444e532e3333333d7777772e6865727661732e65732c444e532e3333343d7777772e686967756572612e65732c444e532e3333353d7777772e68696e6f6a616c2e65732c444e532e3333363d7777772e686f6c67756572612e65732c444e532e3333373d7777772e686f796f732e65732c444e532e3333383d7777772e6875656c6167612e65732c444e532e3333393d7777772e6962616865726e616e646f2e65732c444e532e3334303d7777772e6a6172616963656a6f2e65732c444e532e3334313d7777772e6a617261697a64656c61766572612e65732c444e532e3334323d7777772e6a6172616e64696c6c6164656c61766572612e65732c444e532e3334333d7777772e6a6172696c6c612e65732c444e532e3334343d7777772e6a657274652e65732c444e532e3334353d7777772e6c616472696c6c61722e65732c444e532e3334363d7777772e6c6f67726f73616e2e65732c444e532e3334373d7777772e6c6f73617264656c61766572612e65732c444e532e3334383d7777772e6d6164726967616c656a6f2e65732c444e532e3334393d7777772e6d6164726967616c64656c61766572612e65732c444e532e3335303d7777772e6d6164726f6e6572612e65732c444e532e3335313d7777772e6d616a616461732e65732c444e532e3335323d7777772e6d616c706172746964616465636163657265732e65732c444e532e3335333d7777772e6d616c706172746964616465706c6173656e6369612e65732c444e532e3335343d7777772e6d617263686167617a2e65732c444e532e3335353d7777772e6d6174616465616c63616e746172612e65732c444e532e3335363d7777772e6d656d6272696f2e65732c444e532e3335373d7777772e6d65736173646569626f722e65732c444e532e3335383d7777772e6d69616a616461732e65732c444e532e3335393d7777772e6d696c6c616e65732e65732c444e532e3336303d7777772e6d69726162656c2e65732c444e532e3336313d7777772e6d6f686564617364656772616e6164696c6c612e65732c444e532e3336323d7777772e6d6f6e726f792e65732c444e532e3336333d7777772e6d6f6e74616e6368657a2e65732c444e532e3336343d7777772e6d6f6e74656865726d6f736f2e65732c444e532e3336353d7777772e6d6f72616c656a612e65732c444e532e3336363d7777772e6d6f7263696c6c6f2e65732c444e532e3336373d7777772e6e617661636f6e63656a6f2e65732c444e532e3336383d7777772e6e6176616c76696c6c6172646569626f722e65732c444e532e3336393d7777772e6e6176616c6d6f72616c64656c616d6174612e65732c444e532e3337303d7777772e6e6176617364656c6d6164726f6e6f2e65732c444e532e3337313d7777772e6e6176617472617369657272612e65732c444e532e3337323d7777772e6e6176657a75656c61732e65732c444e532e3337333d7777772e6e756e6f6d6f72616c2e65732c444e532e3337343d7777772e6f6c6976616465706c6173656e6369612e65732c444e532e3337353d7777772e70616c6f6d65726f2e65732c444e532e3337363d7777772e70617361726f6e64656c61766572612e65732c444e532e3337373d7777772e706564726f736f64656163696d2e65732c444e532e3337383d7777772e706572616c65646164656c616d6174612e65732c444e532e3337393d7777772e706572616c656461646573616e726f6d616e2e65732c444e532e3338303d7777772e706572616c657364656c70756572746f2e65732c444e532e3338313d7777772e7065736375657a612e65732c444e532e3338323d7777772e6c6170657367612e65732c444e532e3338333d7777772e70696564726173616c6261732e65732c444e532e3338343d7777772e70696e6f6672616e71756561646f2e65732c444e532e3338353d7777772e70696f726e616c2e65732c444e532e3338363d7777772e706c6173656e7a75656c612e65732c444e532e3338373d7777772e706f7274616a652e65732c444e532e3338383d7777772e706f7274657a75656c6f2e65732c444e532e3338393d7777772e706f7a75656c6f64657a61727a6f6e2e65732c444e532e3339303d7777772e707565626c6f6e7565766f64656d6972616d6f6e7465732e65732c444e532e3339313d7777772e70756572746f646573616e74616372757a2e65732c444e532e3339323d7777772e7265626f6c6c61722e65732c444e532e3339333d7777772e72696f6c6f626f732e65732c444e532e3339343d7777772e726f626c6564696c6c6f6465676174612e65732c444e532e3339353d7777772e726f626c6564696c6c6f64656c61766572612e65732c444e532e3339363d7777772e726f626c6564696c6c6f64657472756a696c6c6f2c444e532e3339373d7777772e726f626c65646f6c6c616e6f2e65732c444e532e3339383d7777772e726f6d616e676f72646f2e65732c444e532e3339393d7777772e7275616e65732e65732c444e532e3430303d7777772e73616c6f72696e6f2e65732c444e532e3430313d7777772e73616c7661746965727261646573616e746961676f2e65732c444e532e3430323d7777772e73616e6d617274696e646574726576656a6f2e65732c444e532e3430333d7777772e6179746f73616e7461616e612e65732c444e532e3430343d7777772e73616e74616372757a64656c617369657272612e65732c444e532e3430353d7777772e73616e74616372757a646570616e69616775612e65732c444e532e3430363d7777772e73616e74616d6172746164656d6167617363612e65732c444e532e3430373d7777772e73616e746961676f64656c63616d706f2e65732c444e532e3430383d7777772e73616e746962616e657a656c616c746f2e65732c444e532e3430393d7777772e73616e746962616e657a656c62616a6f2e65732c444e532e3431303d7777772e736175636564696c6c612e65732c444e532e3431313d7777772e7365677572616465746f726f2e65732c444e532e3431323d7777772e736572726164696c6c612e65732c444e532e3431333d7777772e73657272656a6f6e2e65732c444e532e3431343d7777772e73696572726164656675656e7465732e65732c444e532e3431353d7777772e74616c6176616e2e65732c444e532e3431363d7777772e74616c6176657275656c6164656c61766572612e65732c444e532e3431373d7777772e74616c617975656c612e65732c444e532e3431383d7777772e74656a65646164657469657461722e65732c444e532e3431393d7777772e746f72696c2e65732c444e532e3432303d7777772e746f726e6176616361732e65732c444e532e3432313d7777772e6179746f656c746f726e6f2e65732c444e532e3432323d7777772e746f72726563696c6c6164656c6f73616e67656c65732e65732c444e532e3432333d7777772e746f72726563696c6c617364656c6174696573612e65732c444e532e3432343d7777772e746f7272656465646f6e6d696775656c2e65732c444e532e3432353d7777772e746f727265646573616e74616d617269612e65732c444e532e3432363d7777772e746f7272656a6f6e656c727562696f2e65732c444e532e3432373d7777772e746f7272656a6f6e63696c6c6f2e65732c444e532e3432383d7777772e746f7272656d656e67612e65732c444e532e3432393d7777772e746f7272656d6f6368612e65732c444e532e3433303d7777772e746f7272656f7267617a2e65732c444e532e3433313d7777772e746f7272657175656d6164612e65732c444e532e3433323d7777772e76616c64617374696c6c61732e65732c444e532e3433333d7777772e76616c646563616e6173646574616a6f2e65732c444e532e3433343d7777772e76616c64656675656e7465732e65732c444e532e3433353d7777772e76616c646568756e6361722e65732c444e532e3433363d7777772e76616c6465696e69676f732e65732c444e532e3433373d7777772e76616c64656c6163617361646574616a6f2e65732c444e532e3433383d7777772e76616c64656d6f72616c65732e65732c444e532e3433393d7777772e76616c64656f626973706f2e65732c444e532e3434303d7777772e76616c646573616c6f722e65732c444e532e3434313d7777772e76616c72696f2e65732c444e532e3434323d7777772e76616c656e6369616465616c63616e746172612e65732c444e532e3434333d7777772e76616c766572646564656c61766572612e65732c444e532e3434343d7777772e76616c766572646564656c667265736e6f2e65732c444e532e3434353d7777772e766567617669616e612e65732c444e532e3434363d7777772e7669616e64617264656c61766572612e65732c444e532e3434373d7777772e76696c6c6164656c63616d706f2e65732c444e532e3434383d7777772e76696c6c6164656c7265792e65732c444e532e3434393d7777772e76696c6c616d65736961732e65732c444e532e3435303d7777772e76696c6c616d69656c2e65732c444e532e3435313d7777772e76696c6c616e7565766164656c617369657272612e65732c444e532e3435323d7777772e76696c6c617264656c706564726f736f2e65732c444e532e3435333d7777772e76696c6c61726465706c6173656e6369612e65732c444e532e3435343d7777772e76696c6c61736275656e61736465676174612e65732c444e532e3435353d7777772e7a61727a6164656772616e6164696c6c612e65732c444e532e3435363d7777772e7a61727a6164656d6f6e74616e6368657a2e65732c444e532e3435373d7777772e7a61727a616c616d61796f722e65732c444e532e3435383d7777772e7a6f726974612e65732c444e532e3435393d7777772e726f73616c656a6f2e65732c444e532e3436303d7777772e766567617669616e612e65732c444e532e3436313d7777772e616c61676f6e64656c72696f2e65732c444e532e3436323d7777772e7469657461722e65732c444e532e3436333d7777772e76616c646573616c6f722e65732c444e532e3436343d7777772e6e6176617472617369657272612e65732c444e532e3436353d7777772e7269766572616465667265736e65646f73612e65732c444e532e3436363d7777772e656c6d73616e67696c2e65732c444e532e3436373d7777772e74616a6f73616c6f722e65732c444e532e3436383d7777772e76616c6c65616d62726f7a2e65732c444e532e3436393d7777772e6d616e636f6d756e6964616476616c6c6564656c616c61676f6e2e65732c444e532e3437303d7777772e6d616e636f6d756e6964616476616c6c6564656c6a657274652e65732c444e532e3437313d7777772e6d616e636f6d756e696461647665676173616c7461732e65732c444e532e3437323d7777772e6d616e636f6d756e6964616464656c61766572612e65732c444e532e3437333d7777772e6d616e636f6d756e696461647a6f6e6163656e74726f2e65732c444e532e3437343d7777772e76696c6c7565726361732d69626f7265732d6a6172612e6573", + .str = "2.5.29.17=#1382304b444e532e313d6162616469612e65732c444e532e323d61626572747572612e65732c444e532e333d616365626f2e65732c444e532e343d61636568756368652e65732c444e532e353d6163656974756e612e65732c444e532e363d61686967616c2e65732c444e532e373d616c61676f6e64656c72696f2e65732c444e532e383d616c636f6c6c6172696e2e65732c444e532e393d6179746f616c62616c612e65732c444e532e31303d6179746f616c63616e746172612e65732c444e532e31313d616c637565736361722e65732c444e532e31323d616c64656163656e74656e6572612e65732c444e532e31333d616c64656164656c63616e6f2e65732c444e532e31343d6c61616c64656164656c6f626973706f2e65732c444e532e31353d616c6465616e7565766164656c61766572612e65732c444e532e31363d616c6465616e7565766164656c63616d696e6f2e65732c444e532e31373d616c64656875656c6164656c6a657274652e65732c444e532e31383d6179746f616c69612e65732c444e532e31393d616c69736564612e65732c444e532e32303d616c6d6172617a2e65732c444e532e32313d616c6d6f686172696e2e65732c444e532e32323d6179746f6172726f796f64656c616c757a2e65732c444e532e32333d6172726f796f6d6f6c696e6f732e65732c444e532e32343d6172726f796f6d6f6c696e6f7364656c61766572612e65732c444e532e32353d62616e6f7364656d6f6e74656d61796f722e65732c444e532e32363d6261727261646f2e65732c444e532e32373d62656c76697364656d6f6e726f792e65732c444e532e32383d62656e71756572656e6369612e65732c444e532e32393d626572726f63616c656a6f2e65732c444e532e33303d6265727a6f63616e612e65732c444e532e33313d626f686f6e616c646569626f722e65732c444e532e33323d626f74696a612e65732c444e532e33333d62726f7a61732e65732c444e532e33343d636162616e617364656c63617374696c6c6f2e65732c444e532e33353d636162657a6162656c6c6f73612e65732c444e532e33363d636162657a75656c6164656c76616c6c652e65732c444e532e33373d6361627265726f2e65732c444e532e33383d636163686f7272696c6c612e65732c444e532e33393d636164616c736f2e65732c444e532e34303d63616c7a6164696c6c612e65732c444e532e34313d63616d696e6f6d6f726973636f2e65732c444e532e34323d63616d70696c6c6f646564656c6569746f73612e65732c444e532e34333d63616d706f6c756761722e65732c444e532e34343d63616e616d65726f2e65732c444e532e34353d63616e61766572616c2e65732c444e532e34363d63617262616a6f2e65732c444e532e34373d6361726361626f736f2e65732c444e532e34383d63617272617363616c656a6f2e65732c444e532e34393d63617361726465636163657265732e65732c444e532e35303d6361736172646570616c6f6d65726f2e65732c444e532e35313d6361736172657364656c61736875726465732e65732c444e532e35323d63617361736465646f6e616e746f6e696f2e65732c444e532e35333d63617361736465646f6e676f6d657a2e65732c444e532e35343d636173617364656c63617374616e61722e65732c444e532e35353d636173617364656c6d6f6e74652e65732c444e532e35363d636173617364656d696c6c616e2e65732c444e532e35373d636173617364656d697261766574652e65732c444e532e35383d6361736174656a6164612e65732c444e532e35393d636173696c6c61736465636f7269612e65732c444e532e36303d63617374616e6172646569626f722e65732c444e532e36313d6365636c6176696e2e65732c444e532e36323d636564696c6c6f2e65732c444e532e36333d636572657a6f2e65732c444e532e36343d63696c6c65726f732e65732c444e532e36353d636f6c6c61646f2e65732c444e532e36363d636f6e71756973746164656c617369657272612e65732c444e532e36373d636f7269612e65732c444e532e36383d637561636f73646579757374652e65732c444e532e36393d6c6163756d6272652e65732c444e532e37303d64656c6569746f73612e65732c444e532e37313d64657363617267616d617269612e65732c444e532e37323d656c6a61732e65732c444e532e37333d657363757269616c2e65732c444e532e37343d667265736e65646f736f646569626f722e65732c444e532e37353d67616c697374656f2e65732c444e532e37363d6761726369617a2e65732c444e532e37373d6c6167617267616e74612e65732c444e532e37383d67617267616e74616c616f6c6c612e65732c444e532e37393d67617267616e74696c6c612e65732c444e532e38303d67617267756572612e65732c444e532e38313d676172726f76696c6c61736465616c636f6e657461722e65732c444e532e38323d67617276696e2e65732c444e532e38333d676174612e65732c444e532e38343d6179746f656c676f72646f2e65732c444e532e38353d6c616772616e6a612e65732c444e532e38363d6c616772616e6a6164656772616e6164696c6c612e65732c444e532e38373d6179756e74616d69656e746f646567756164616c7570652e65732c444e532e38383d6775696a6f6465636f7269612e65732c444e532e38393d6775696a6f646567616c697374656f2e65732c444e532e39303d6775696a6f64656772616e6164696c6c612e65732c444e532e39313d6775696a6f646573616e7461626172626172612e65732c444e532e39323d6865726775696a75656c612e65732c444e532e39333d6865726e616e706572657a2e65732c444e532e39343d686572726572616465616c63616e746172612e65732c444e532e39353d68657272657275656c612e65732c444e532e39363d6865727661732e65732c444e532e39373d686967756572612e65732c444e532e39383d68696e6f6a616c2e65732c444e532e39393d686f6c67756572612e65732c444e532e3130303d686f796f732e65732c444e532e3130313d6875656c6167612e65732c444e532e3130323d6962616865726e616e646f2e65732c444e532e3130333d6a6172616963656a6f2e65732c444e532e3130343d6a617261697a64656c61766572612e65732c444e532e3130353d6a6172616e64696c6c6164656c61766572612e65732c444e532e3130363d6a6172696c6c612e65732c444e532e3130373d6a657274652e65732c444e532e3130383d6c616472696c6c61722e65732c444e532e3130393d6c6f67726f73616e2e65732c444e532e3131303d6c6f73617264656c61766572612e65732c444e532e3131313d6d6164726967616c656a6f2e65732c444e532e3131323d6d6164726967616c64656c61766572612e65732c444e532e3131333d6d6164726f6e6572612e65732c444e532e3131343d6d616a616461732e65732c444e532e3131353d6d616c706172746964616465636163657265732e65732c444e532e3131363d6d616c706172746964616465706c6173656e6369612e65732c444e532e3131373d6d617263686167617a2e65732c444e532e3131383d6d6174616465616c63616e746172612e65732c444e532e3131393d6d656d6272696f2e65732c444e532e3132303d6d65736173646569626f722e65732c444e532e3132313d6d69616a616461732e65732c444e532e3132323d6d696c6c616e65732e65732c444e532e3132333d6d69726162656c2e65732c444e532e3132343d6d6f686564617364656772616e6164696c6c612e65732c444e532e3132353d6d6f6e726f792e65732c444e532e3132363d6d6f6e74616e6368657a2e65732c444e532e3132373d6d6f6e74656865726d6f736f2e65732c444e532e3132383d6d6f72616c656a612e65732c444e532e3132393d6d6f7263696c6c6f2e65732c444e532e3133303d6e617661636f6e63656a6f2e65732c444e532e3133313d6e6176616c76696c6c6172646569626f722e65732c444e532e3133323d6e6176616c6d6f72616c64656c616d6174612e65732c444e532e3133333d6e6176617364656c6d6164726f6e6f2e65732c444e532e3133343d6e6176617472617369657272612e65732c444e532e3133353d6e6176657a75656c61732e65732c444e532e3133363d6e756e6f6d6f72616c2e65732c444e532e3133373d6f6c6976616465706c6173656e6369612e65732c444e532e3133383d70616c6f6d65726f2e65732c444e532e3133393d70617361726f6e64656c61766572612e65732c444e532e3134303d706564726f736f64656163696d2e65732c444e532e3134313d706572616c65646164656c616d6174612e65732c444e532e3134323d706572616c656461646573616e726f6d616e2e65732c444e532e3134333d706572616c657364656c70756572746f2e65732c444e532e3134343d7065736375657a612e65732c444e532e3134353d6c6170657367612e65732c444e532e3134363d70696564726173616c6261732e65732c444e532e3134373d70696e6f6672616e71756561646f2e65732c444e532e3134383d70696f726e616c2e65732c444e532e3134393d706c6173656e7a75656c612e65732c444e532e3135303d706f7274616a652e65732c444e532e3135313d706f7274657a75656c6f2e65732c444e532e3135323d706f7a75656c6f64657a61727a6f6e2e65732c444e532e3135333d707565626c6f6e7565766f64656d6972616d6f6e7465732e65732c444e532e3135343d70756572746f646573616e74616372757a2e65732c444e532e3135353d7265626f6c6c61722e65732c444e532e3135363d72696f6c6f626f732e65732c444e532e3135373d726f626c6564696c6c6f6465676174612e65732c444e532e3135383d726f626c6564696c6c6f64656c61766572612e65732c444e532e3135393d726f626c6564696c6c6f64657472756a696c6c6f2c444e532e3136303d726f626c65646f6c6c616e6f2e65732c444e532e3136313d726f6d616e676f72646f2e65732c444e532e3136323d7275616e65732e65732c444e532e3136333d73616c6f72696e6f2e65732c444e532e3136343d73616c7661746965727261646573616e746961676f2e65732c444e532e3136353d73616e6d617274696e646574726576656a6f2e65732c444e532e3136363d6179746f73616e7461616e612e65732c444e532e3136373d73616e74616372757a64656c617369657272612e65732c444e532e3136383d73616e74616372757a646570616e69616775612e65732c444e532e3136393d73616e74616d6172746164656d6167617363612e65732c444e532e3137303d73616e746961676f64656c63616d706f2e65732c444e532e3137313d73616e746962616e657a656c616c746f2e65732c444e532e3137323d73616e746962616e657a656c62616a6f2e65732c444e532e3137333d736175636564696c6c612e65732c444e532e3137343d7365677572616465746f726f2e65732c444e532e3137353d736572726164696c6c612e65732c444e532e3137363d73657272656a6f6e2e65732c444e532e3137373d73696572726164656675656e7465732e65732c444e532e3137383d74616c6176616e2e65732c444e532e3137393d74616c6176657275656c6164656c61766572612e65732c444e532e3138303d74616c617975656c612e65732c444e532e3138313d74656a65646164657469657461722e65732c444e532e3138323d746f72696c2e65732c444e532e3138333d746f726e6176616361732e65732c444e532e3138343d6179746f656c746f726e6f2e65732c444e532e3138353d746f72726563696c6c6164656c6f73616e67656c65732e65732c444e532e3138363d746f72726563696c6c617364656c6174696573612e65732c444e532e3138373d746f7272656465646f6e6d696775656c2e65732c444e532e3138383d746f727265646573616e74616d617269612e65732c444e532e3138393d746f7272656a6f6e656c727562696f2e65732c444e532e3139303d746f7272656a6f6e63696c6c6f2e65732c444e532e3139313d746f7272656d656e67612e65732c444e532e3139323d746f7272656d6f6368612e65732c444e532e3139333d746f7272656f7267617a2e65732c444e532e3139343d746f7272657175656d6164612e65732c444e532e3139353d76616c64617374696c6c61732e65732c444e532e3139363d76616c646563616e6173646574616a6f2e65732c444e532e3139373d76616c64656675656e7465732e65732c444e532e3139383d76616c646568756e6361722e65732c444e532e3139393d76616c6465696e69676f732e65732c444e532e3230303d76616c64656c6163617361646574616a6f2e65732c444e532e3230313d76616c64656d6f72616c65732e65732c444e532e3230323d76616c64656f626973706f2e65732c444e532e3230333d76616c646573616c6f722e65732c444e532e3230343d76616c72696f2e65732c444e532e3230353d76616c656e6369616465616c63616e746172612e65732c444e532e3230363d76616c766572646564656c61766572612e65732c444e532e3230373d76616c766572646564656c667265736e6f2e65732c444e532e3230383d766567617669616e612e65732c444e532e3230393d7669616e64617264656c61766572612e65732c444e532e3231303d76696c6c6164656c63616d706f2e65732c444e532e3231313d76696c6c6164656c7265792e65732c444e532e3231323d76696c6c616d65736961732e65732c444e532e3231333d76696c6c616d69656c2e65732c444e532e3231343d76696c6c616e7565766164656c617369657272612e65732c444e532e3231353d76696c6c617264656c706564726f736f2e65732c444e532e3231363d76696c6c61726465706c6173656e6369612e65732c444e532e3231373d76696c6c61736275656e61736465676174612e65732c444e532e3231383d7a61727a6164656772616e6164696c6c612e65732c444e532e3231393d7a61727a6164656d6f6e74616e6368657a2e65732c444e532e3232303d7a61727a616c616d61796f722e65732c444e532e3232313d7a6f726974612e65732c444e532e3232323d726f73616c656a6f2e65732c444e532e3232333d766567617669616e612e65732c444e532e3232343d616c61676f6e64656c72696f2e65732c444e532e3232353d7469657461722e65732c444e532e3232363d76616c646573616c6f722e65732c444e532e3232373d6e6176617472617369657272612e65732c444e532e3232383d7269766572616465667265736e65646f73612e65732c444e532e3232393d656c6d73616e67696c2e65732c444e532e3233303d74616a6f73616c6f722e65732c444e532e3233313d76616c6c65616d62726f7a2e65732c444e532e3233323d6d616e636f6d756e6964616476616c6c6564656c616c61676f6e2e65732c444e532e3233333d6d616e636f6d756e6964616476616c6c6564656c6a657274652e65732c444e532e3233343d6d616e636f6d756e696461647665676173616c7461732e65732c444e532e3233353d6d616e636f6d756e6964616464656c61766572612e65732c444e532e3233363d6d616e636f6d756e696461647a6f6e6163656e74726f2e65732c444e532e3233373d76696c6c7565726361732d69626f7265732d6a6172612e65732c444e532e3233383d7777772e6162616469612e65732c444e532e3233393d7777772e61626572747572612e65732c444e532e3234303d7777772e616365626f2e65732c444e532e3234313d7777772e61636568756368652e65732c444e532e3234323d7777772e6163656974756e612e65732c444e532e3234333d7777772e61686967616c2e65732c444e532e3234343d7777772e616c61676f6e64656c72696f2e65732c444e532e3234353d7777772e616c636f6c6c6172696e2e65732c444e532e3234363d7777772e6179746f616c62616c612e65732c444e532e3234373d7777772e6179746f616c63616e746172612e65732c444e532e3234383d7777772e616c637565736361722e65732c444e532e3234393d7777772e616c64656163656e74656e6572612e65732c444e532e3235303d7777772e616c64656164656c63616e6f2e65732c444e532e3235313d7777772e6c61616c64656164656c6f626973706f2e65732c444e532e3235323d7777772e616c6465616e7565766164656c61766572612e65732c444e532e3235333d7777772e616c6465616e7565766164656c63616d696e6f2e65732c444e532e3235343d7777772e616c64656875656c6164656c6a657274652e65732c444e532e3235353d7777772e6179746f616c69612e65732c444e532e3235363d7777772e616c69736564612e65732c444e532e3235373d7777772e616c6d6172617a2e65732c444e532e3235383d7777772e616c6d6f686172696e2e65732c444e532e3235393d7777772e6179746f6172726f796f64656c616c757a2e65732c444e532e3236303d7777772e6172726f796f6d6f6c696e6f732e65732c444e532e3236313d7777772e6172726f796f6d6f6c696e6f7364656c61766572612e65732c444e532e3236323d7777772e62616e6f7364656d6f6e74656d61796f722e65732c444e532e3236333d7777772e6261727261646f2e65732c444e532e3236343d7777772e62656c76697364656d6f6e726f792e65732c444e532e3236353d7777772e62656e71756572656e6369612e65732c444e532e3236363d7777772e626572726f63616c656a6f2e65732c444e532e3236373d7777772e6265727a6f63616e612e65732c444e532e3236383d7777772e626f686f6e616c646569626f722e65732c444e532e3236393d7777772e626f74696a612e65732c444e532e3237303d7777772e62726f7a61732e65732c444e532e3237313d7777772e636162616e617364656c63617374696c6c6f2e65732c444e532e3237323d7777772e636162657a6162656c6c6f73612e65732c444e532e3237333d7777772e636162657a75656c6164656c76616c6c652e65732c444e532e3237343d7777772e6361627265726f2e65732c444e532e3237353d7777772e636163686f7272696c6c612e65732c444e532e3237363d7777772e636164616c736f2e65732c444e532e3237373d7777772e63616c7a6164696c6c612e65732c444e532e3237383d7777772e63616d696e6f6d6f726973636f2e65732c444e532e3237393d7777772e63616d70696c6c6f646564656c6569746f73612e65732c444e532e3238303d7777772e63616d706f6c756761722e65732c444e532e3238313d7777772e63616e616d65726f2e65732c444e532e3238323d7777772e63616e61766572616c2e65732c444e532e3238333d7777772e63617262616a6f2e65732c444e532e3238343d7777772e6361726361626f736f2e65732c444e532e3238353d7777772e63617272617363616c656a6f2e65732c444e532e3238363d7777772e63617361726465636163657265732e65732c444e532e3238373d7777772e6361736172646570616c6f6d65726f2e65732c444e532e3238383d7777772e6361736172657364656c61736875726465732e65732c444e532e3238393d7777772e63617361736465646f6e616e746f6e696f2e65732c444e532e3239303d7777772e63617361736465646f6e676f6d657a2e65732c444e532e3239313d7777772e636173617364656c63617374616e61722e65732c444e532e3239323d7777772e636173617364656c6d6f6e74652e65732c444e532e3239333d7777772e636173617364656d696c6c616e2e65732c444e532e3239343d7777772e636173617364656d697261766574652e65732c444e532e3239353d7777772e6361736174656a6164612e65732c444e532e3239363d7777772e636173696c6c61736465636f7269612e65732c444e532e3239373d7777772e63617374616e6172646569626f722e65732c444e532e3239383d7777772e6365636c6176696e2e65732c444e532e3239393d7777772e636564696c6c6f2e65732c444e532e3330303d7777772e636572657a6f2e65732c444e532e3330313d7777772e63696c6c65726f732e65732c444e532e3330323d7777772e636f6c6c61646f2e65732c444e532e3330333d7777772e636f6e71756973746164656c617369657272612e65732c444e532e3330343d7777772e636f7269612e65732c444e532e3330353d7777772e637561636f73646579757374652e65732c444e532e3330363d7777772e6c6163756d6272652e65732c444e532e3330373d7777772e64656c6569746f73612e65732c444e532e3330383d7777772e64657363617267616d617269612e65732c444e532e3330393d7777772e656c6a61732e65732c444e532e3331303d7777772e657363757269616c2e65732c444e532e3331313d7777772e667265736e65646f736f646569626f722e65732c444e532e3331323d7777772e67616c697374656f2e65732c444e532e3331333d7777772e6761726369617a2e65732c444e532e3331343d7777772e6c6167617267616e74612e65732c444e532e3331353d7777772e67617267616e74616c616f6c6c612e65732c444e532e3331363d7777772e67617267616e74696c6c612e65732c444e532e3331373d7777772e67617267756572612e65732c444e532e3331383d7777772e676172726f76696c6c61736465616c636f6e657461722e65732c444e532e3331393d7777772e67617276696e2e65732c444e532e3332303d7777772e676174612e65732c444e532e3332313d7777772e6179746f656c676f72646f2e65732c444e532e3332323d7777772e6c616772616e6a612e65732c444e532e3332333d7777772e6c616772616e6a6164656772616e6164696c6c612e65732c444e532e3332343d7777772e6179756e74616d69656e746f646567756164616c7570652e65732c444e532e3332353d7777772e6775696a6f6465636f7269612e65732c444e532e3332363d7777772e6775696a6f646567616c697374656f2e65732c444e532e3332373d7777772e6775696a6f64656772616e6164696c6c612e65732c444e532e3332383d7777772e6775696a6f646573616e7461626172626172612e65732c444e532e3332393d7777772e6865726775696a75656c612e65732c444e532e3333303d7777772e6865726e616e706572657a2e65732c444e532e3333313d7777772e686572726572616465616c63616e746172612e65732c444e532e3333323d7777772e68657272657275656c612e65732c444e532e3333333d7777772e6865727661732e65732c444e532e3333343d7777772e686967756572612e65732c444e532e3333353d7777772e68696e6f6a616c2e65732c444e532e3333363d7777772e686f6c67756572612e65732c444e532e3333373d7777772e686f796f732e65732c444e532e3333383d7777772e6875656c6167612e65732c444e532e3333393d7777772e6962616865726e616e646f2e65732c444e532e3334303d7777772e6a6172616963656a6f2e65732c444e532e3334313d7777772e6a617261697a64656c61766572612e65732c444e532e3334323d7777772e6a6172616e64696c6c6164656c61766572612e65732c444e532e3334333d7777772e6a6172696c6c612e65732c444e532e3334343d7777772e6a657274652e65732c444e532e3334353d7777772e6c616472696c6c61722e65732c444e532e3334363d7777772e6c6f67726f73616e2e65732c444e532e3334373d7777772e6c6f73617264656c61766572612e65732c444e532e3334383d7777772e6d6164726967616c656a6f2e65732c444e532e3334393d7777772e6d6164726967616c64656c61766572612e65732c444e532e3335303d7777772e6d6164726f6e6572612e65732c444e532e3335313d7777772e6d616a616461732e65732c444e532e3335323d7777772e6d616c706172746964616465636163657265732e65732c444e532e3335333d7777772e6d616c706172746964616465706c6173656e6369612e65732c444e532e3335343d7777772e6d617263686167617a2e65732c444e532e3335353d7777772e6d6174616465616c63616e746172612e65732c444e532e3335363d7777772e6d656d6272696f2e65732c444e532e3335373d7777772e6d65736173646569626f722e65732c444e532e3335383d7777772e6d69616a616461732e65732c444e532e3335393d7777772e6d696c6c616e65732e65732c444e532e3336303d7777772e6d69726162656c2e65732c444e532e3336313d7777772e6d6f686564617364656772616e6164696c6c612e65732c444e532e3336323d7777772e6d6f6e726f792e65732c444e532e3336333d7777772e6d6f6e74616e6368657a2e65732c444e532e3336343d7777772e6d6f6e74656865726d6f736f2e65732c444e532e3336353d7777772e6d6f72616c656a612e65732c444e532e3336363d7777772e6d6f7263696c6c6f2e65732c444e532e3336373d7777772e6e617661636f6e63656a6f2e65732c444e532e3336383d7777772e6e6176616c76696c6c6172646569626f722e65732c444e532e3336393d7777772e6e6176616c6d6f72616c64656c616d6174612e65732c444e532e3337303d7777772e6e6176617364656c6d6164726f6e6f2e65732c444e532e3337313d7777772e6e6176617472617369657272612e65732c444e532e3337323d7777772e6e6176657a75656c61732e65732c444e532e3337333d7777772e6e756e6f6d6f72616c2e65732c444e532e3337343d7777772e6f6c6976616465706c6173656e6369612e65732c444e532e3337353d7777772e70616c6f6d65726f2e65732c444e532e3337363d7777772e70617361726f6e64656c61766572612e65732c444e532e3337373d7777772e706564726f736f64656163696d2e65732c444e532e3337383d7777772e706572616c65646164656c616d6174612e65732c444e532e3337393d7777772e706572616c656461646573616e726f6d616e2e65732c444e532e3338303d7777772e706572616c657364656c70756572746f2e65732c444e532e3338313d7777772e7065736375657a612e65732c444e532e3338323d7777772e6c6170657367612e65732c444e532e3338333d7777772e70696564726173616c6261732e65732c444e532e3338343d7777772e70696e6f6672616e71756561646f2e65732c444e532e3338353d7777772e70696f726e616c2e65732c444e532e3338363d7777772e706c6173656e7a75656c612e65732c444e532e3338373d7777772e706f7274616a652e65732c444e532e3338383d7777772e706f7274657a75656c6f2e65732c444e532e3338393d7777772e706f7a75656c6f64657a61727a6f6e2e65732c444e532e3339303d7777772e707565626c6f6e7565766f64656d6972616d6f6e7465732e65732c444e532e3339313d7777772e70756572746f646573616e74616372757a2e65732c444e532e3339323d7777772e7265626f6c6c61722e65732c444e532e3339333d7777772e72696f6c6f626f732e65732c444e532e3339343d7777772e726f626c6564696c6c6f6465676174612e65732c444e532e3339353d7777772e726f626c6564696c6c6f64656c61766572612e65732c444e532e3339363d7777772e726f626c6564696c6c6f64657472756a696c6c6f2c444e532e3339373d7777772e726f626c65646f6c6c616e6f2e65732c444e532e3339383d7777772e726f6d616e676f72646f2e65732c444e532e3339393d7777772e7275616e65732e65732c444e532e3430303d7777772e73616c6f72696e6f2e65732c444e532e3430313d7777772e73616c7661746965727261646573616e746961676f2e65732c444e532e3430323d7777772e73616e6d617274696e646574726576656a6f2e65732c444e532e3430333d7777772e6179746f73616e7461616e612e65732c444e532e3430343d7777772e73616e74616372757a64656c617369657272612e65732c444e532e3430353d7777772e73616e74616372757a646570616e69616775612e65732c444e532e3430363d7777772e73616e74616d6172746164656d6167617363612e65732c444e532e3430373d7777772e73616e746961676f64656c63616d706f2e65732c444e532e3430383d7777772e73616e746962616e657a656c616c746f2e65732c444e532e3430393d7777772e73616e746962616e657a656c62616a6f2e65732c444e532e3431303d7777772e736175636564696c6c612e65732c444e532e3431313d7777772e7365677572616465746f726f2e65732c444e532e3431323d7777772e736572726164696c6c612e65732c444e532e3431333d7777772e73657272656a6f6e2e65732c444e532e3431343d7777772e73696572726164656675656e7465732e65732c444e532e3431353d7777772e74616c6176616e2e65732c444e532e3431363d7777772e74616c6176657275656c6164656c61766572612e65732c444e532e3431373d7777772e74616c617975656c612e65732c444e532e3431383d7777772e74656a65646164657469657461722e65732c444e532e3431393d7777772e746f72696c2e65732c444e532e3432303d7777772e746f726e6176616361732e65732c444e532e3432313d7777772e6179746f656c746f726e6f2e65732c444e532e3432323d7777772e746f72726563696c6c6164656c6f73616e67656c65732e65732c444e532e3432333d7777772e746f72726563696c6c617364656c6174696573612e65732c444e532e3432343d7777772e746f7272656465646f6e6d696775656c2e65732c444e532e3432353d7777772e746f727265646573616e74616d617269612e65732c444e532e3432363d7777772e746f7272656a6f6e656c727562696f2e65732c444e532e3432373d7777772e746f7272656a6f6e63696c6c6f2e65732c444e532e3432383d7777772e746f7272656d656e67612e65732c444e532e3432393d7777772e746f7272656d6f6368612e65732c444e532e3433303d7777772e746f7272656f7267617a2e65732c444e532e3433313d7777772e746f7272657175656d6164612e65732c444e532e3433323d7777772e76616c64617374696c6c61732e65732c444e532e3433333d7777772e76616c646563616e6173646574616a6f2e65732c444e532e3433343d7777772e76616c64656675656e7465732e65732c444e532e3433353d7777772e76616c646568756e6361722e65732c444e532e3433363d7777772e76616c6465696e69676f732e65732c444e532e3433373d7777772e76616c64656c6163617361646574616a6f2e65732c444e532e3433383d7777772e76616c64656d6f72616c65732e65732c444e532e3433393d7777772e76616c64656f626973706f2e65732c444e532e3434303d7777772e76616c646573616c6f722e65732c444e532e3434313d7777772e76616c72696f2e65732c444e532e3434323d7777772e76616c656e6369616465616c63616e746172612e65732c444e532e3434333d7777772e76616c766572646564656c61766572612e65732c444e532e3434343d7777772e76616c766572646564656c667265736e6f2e65732c444e532e3434353d7777772e766567617669616e612e65732c444e532e3434363d7777772e7669616e64617264656c61766572612e65732c444e532e3434373d7777772e76696c6c6164656c63616d706f2e65732c444e532e3434383d7777772e76696c6c6164656c7265792e65732c444e532e3434393d7777772e76696c6c616d65736961732e65732c444e532e3435303d7777772e76696c6c616d69656c2e65732c444e532e3435313d7777772e76696c6c616e7565766164656c617369657272612e65732c444e532e3435323d7777772e76696c6c617264656c706564726f736f2e65732c444e532e3435333d7777772e76696c6c61726465706c6173656e6369612e65732c444e532e3435343d7777772e76696c6c61736275656e61736465676174612e65732c444e532e3435353d7777772e7a61727a6164656772616e6164696c6c612e65732c444e532e3435363d7777772e7a61727a6164656d6f6e74616e6368657a2e65732c444e532e3435373d7777772e7a61727a616c616d61796f722e65732c444e532e3435383d7777772e7a6f726974612e65732c444e532e3435393d7777772e726f73616c656a6f2e65732c444e532e3436303d7777772e766567617669616e612e65732c444e532e3436313d7777772e616c61676f6e64656c72696f2e65732c444e532e3436323d7777772e7469657461722e65732c444e532e3436333d7777772e76616c646573616c6f722e65732c444e532e3436343d7777772e6e6176617472617369657272612e65732c444e532e3436353d7777772e7269766572616465667265736e65646f73612e65732c444e532e3436363d7777772e656c6d73616e67696c2e65732c444e532e3436373d7777772e74616a6f73616c6f722e65732c444e532e3436383d7777772e76616c6c65616d62726f7a2e65732c444e532e3436393d7777772e6d616e636f6d756e6964616476616c6c6564656c616c61676f6e2e65732c444e532e3437303d7777772e6d616e636f6d756e6964616476616c6c6564656c6a657274652e65732c444e532e3437313d7777772e6d616e636f6d756e696461647665676173616c7461732e65732c444e532e3437323d7777772e6d616e636f6d756e6964616464656c61766572612e65732c444e532e3437333d7777772e6d616e636f6d756e696461647a6f6e6163656e74726f2e65732c444e532e3437343d7777772e76696c6c7565726361732d69626f7265732d6a6172612e6573,EMAIL=webmaster@dip-caceres.es,CN=www.dip-caceres.es,OU=DIPUTACION PROVINCIAL DE CACERES,O=DIPUTACION PROVINCIAL DE CACERES,L=CACERES,ST=CACERES,C=ES", + .raw = { (void *)"\x30\x82\x31\x29\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x45\x53\x31\x10\x30\x0e\x06\x03\x55\x04\x08\x13\x07\x43\x41\x43\x45\x52\x45\x53\x31\x10\x30\x0e\x06\x03\x55\x04\x07\x13\x07\x43\x41\x43\x45\x52\x45\x53\x31\x29\x30\x27\x06\x03\x55\x04\x0a\x13\x20\x44\x49\x50\x55\x54\x41\x43\x49\x4f\x4e\x20\x50\x52\x4f\x56\x49\x4e\x43\x49\x41\x4c\x20\x44\x45\x20\x43\x41\x43\x45\x52\x45\x53\x31\x29\x30\x27\x06\x03\x55\x04\x0b\x13\x20\x44\x49\x50\x55\x54\x41\x43\x49\x4f\x4e\x20\x50\x52\x4f\x56\x49\x4e\x43\x49\x41\x4c\x20\x44\x45\x20\x43\x41\x43\x45\x52\x45\x53\x31\x1b\x30\x19\x06\x03\x55\x04\x03\x13\x12\x77\x77\x77\x2e\x64\x69\x70\x2d\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x31\x27\x30\x25\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x09\x01\x16\x18\x77\x65\x62\x6d\x61\x73\x74\x65\x72\x40\x64\x69\x70\x2d\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x31\x82\x30\x58\x30\x82\x30\x54\x06\x03\x55\x1d\x11\x13\x82\x30\x4b\x44\x4e\x53\x2e\x31\x3d\x61\x62\x61\x64\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x3d\x61\x62\x65\x72\x74\x75\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x3d\x61\x63\x65\x62\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x3d\x61\x63\x65\x68\x75\x63\x68\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x3d\x61\x63\x65\x69\x74\x75\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x3d\x61\x68\x69\x67\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x3d\x61\x6c\x61\x67\x6f\x6e\x64\x65\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x3d\x61\x6c\x63\x6f\x6c\x6c\x61\x72\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x3d\x61\x79\x74\x6f\x61\x6c\x62\x61\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x3d\x61\x79\x74\x6f\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x3d\x61\x6c\x63\x75\x65\x73\x63\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x3d\x61\x6c\x64\x65\x61\x63\x65\x6e\x74\x65\x6e\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x3d\x61\x6c\x64\x65\x61\x64\x65\x6c\x63\x61\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x3d\x6c\x61\x61\x6c\x64\x65\x61\x64\x65\x6c\x6f\x62\x69\x73\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x3d\x61\x6c\x64\x65\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x3d\x61\x6c\x64\x65\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x63\x61\x6d\x69\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x3d\x61\x6c\x64\x65\x68\x75\x65\x6c\x61\x64\x65\x6c\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x3d\x61\x79\x74\x6f\x61\x6c\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x3d\x61\x6c\x69\x73\x65\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x3d\x61\x6c\x6d\x61\x72\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x3d\x61\x6c\x6d\x6f\x68\x61\x72\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x3d\x61\x79\x74\x6f\x61\x72\x72\x6f\x79\x6f\x64\x65\x6c\x61\x6c\x75\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x3d\x61\x72\x72\x6f\x79\x6f\x6d\x6f\x6c\x69\x6e\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x3d\x61\x72\x72\x6f\x79\x6f\x6d\x6f\x6c\x69\x6e\x6f\x73\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x3d\x62\x61\x6e\x6f\x73\x64\x65\x6d\x6f\x6e\x74\x65\x6d\x61\x79\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x3d\x62\x61\x72\x72\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x3d\x62\x65\x6c\x76\x69\x73\x64\x65\x6d\x6f\x6e\x72\x6f\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x3d\x62\x65\x6e\x71\x75\x65\x72\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x3d\x62\x65\x72\x72\x6f\x63\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x3d\x62\x65\x72\x7a\x6f\x63\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x3d\x62\x6f\x68\x6f\x6e\x61\x6c\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x3d\x62\x6f\x74\x69\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x3d\x62\x72\x6f\x7a\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x3d\x63\x61\x62\x61\x6e\x61\x73\x64\x65\x6c\x63\x61\x73\x74\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x3d\x63\x61\x62\x65\x7a\x61\x62\x65\x6c\x6c\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x3d\x63\x61\x62\x65\x7a\x75\x65\x6c\x61\x64\x65\x6c\x76\x61\x6c\x6c\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x3d\x63\x61\x62\x72\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x3d\x63\x61\x63\x68\x6f\x72\x72\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x3d\x63\x61\x64\x61\x6c\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x3d\x63\x61\x6c\x7a\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x3d\x63\x61\x6d\x69\x6e\x6f\x6d\x6f\x72\x69\x73\x63\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x3d\x63\x61\x6d\x70\x69\x6c\x6c\x6f\x64\x65\x64\x65\x6c\x65\x69\x74\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x3d\x63\x61\x6d\x70\x6f\x6c\x75\x67\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x3d\x63\x61\x6e\x61\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x3d\x63\x61\x6e\x61\x76\x65\x72\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x3d\x63\x61\x72\x62\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x3d\x63\x61\x72\x63\x61\x62\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x38\x3d\x63\x61\x72\x72\x61\x73\x63\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x39\x3d\x63\x61\x73\x61\x72\x64\x65\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x30\x3d\x63\x61\x73\x61\x72\x64\x65\x70\x61\x6c\x6f\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x31\x3d\x63\x61\x73\x61\x72\x65\x73\x64\x65\x6c\x61\x73\x68\x75\x72\x64\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x32\x3d\x63\x61\x73\x61\x73\x64\x65\x64\x6f\x6e\x61\x6e\x74\x6f\x6e\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x33\x3d\x63\x61\x73\x61\x73\x64\x65\x64\x6f\x6e\x67\x6f\x6d\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x34\x3d\x63\x61\x73\x61\x73\x64\x65\x6c\x63\x61\x73\x74\x61\x6e\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x35\x3d\x63\x61\x73\x61\x73\x64\x65\x6c\x6d\x6f\x6e\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x36\x3d\x63\x61\x73\x61\x73\x64\x65\x6d\x69\x6c\x6c\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x37\x3d\x63\x61\x73\x61\x73\x64\x65\x6d\x69\x72\x61\x76\x65\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x38\x3d\x63\x61\x73\x61\x74\x65\x6a\x61\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x35\x39\x3d\x63\x61\x73\x69\x6c\x6c\x61\x73\x64\x65\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x30\x3d\x63\x61\x73\x74\x61\x6e\x61\x72\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x31\x3d\x63\x65\x63\x6c\x61\x76\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x32\x3d\x63\x65\x64\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x33\x3d\x63\x65\x72\x65\x7a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x34\x3d\x63\x69\x6c\x6c\x65\x72\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x35\x3d\x63\x6f\x6c\x6c\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x36\x3d\x63\x6f\x6e\x71\x75\x69\x73\x74\x61\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x37\x3d\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x38\x3d\x63\x75\x61\x63\x6f\x73\x64\x65\x79\x75\x73\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x36\x39\x3d\x6c\x61\x63\x75\x6d\x62\x72\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x30\x3d\x64\x65\x6c\x65\x69\x74\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x31\x3d\x64\x65\x73\x63\x61\x72\x67\x61\x6d\x61\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x32\x3d\x65\x6c\x6a\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x33\x3d\x65\x73\x63\x75\x72\x69\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x34\x3d\x66\x72\x65\x73\x6e\x65\x64\x6f\x73\x6f\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x35\x3d\x67\x61\x6c\x69\x73\x74\x65\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x36\x3d\x67\x61\x72\x63\x69\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x37\x3d\x6c\x61\x67\x61\x72\x67\x61\x6e\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x38\x3d\x67\x61\x72\x67\x61\x6e\x74\x61\x6c\x61\x6f\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x37\x39\x3d\x67\x61\x72\x67\x61\x6e\x74\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x30\x3d\x67\x61\x72\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x31\x3d\x67\x61\x72\x72\x6f\x76\x69\x6c\x6c\x61\x73\x64\x65\x61\x6c\x63\x6f\x6e\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x32\x3d\x67\x61\x72\x76\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x33\x3d\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x34\x3d\x61\x79\x74\x6f\x65\x6c\x67\x6f\x72\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x35\x3d\x6c\x61\x67\x72\x61\x6e\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x36\x3d\x6c\x61\x67\x72\x61\x6e\x6a\x61\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x37\x3d\x61\x79\x75\x6e\x74\x61\x6d\x69\x65\x6e\x74\x6f\x64\x65\x67\x75\x61\x64\x61\x6c\x75\x70\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x38\x3d\x67\x75\x69\x6a\x6f\x64\x65\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x38\x39\x3d\x67\x75\x69\x6a\x6f\x64\x65\x67\x61\x6c\x69\x73\x74\x65\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x30\x3d\x67\x75\x69\x6a\x6f\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x31\x3d\x67\x75\x69\x6a\x6f\x64\x65\x73\x61\x6e\x74\x61\x62\x61\x72\x62\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x32\x3d\x68\x65\x72\x67\x75\x69\x6a\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x33\x3d\x68\x65\x72\x6e\x61\x6e\x70\x65\x72\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x34\x3d\x68\x65\x72\x72\x65\x72\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x35\x3d\x68\x65\x72\x72\x65\x72\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x36\x3d\x68\x65\x72\x76\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x37\x3d\x68\x69\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x38\x3d\x68\x69\x6e\x6f\x6a\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x39\x39\x3d\x68\x6f\x6c\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x30\x3d\x68\x6f\x79\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x31\x3d\x68\x75\x65\x6c\x61\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x32\x3d\x69\x62\x61\x68\x65\x72\x6e\x61\x6e\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x33\x3d\x6a\x61\x72\x61\x69\x63\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x34\x3d\x6a\x61\x72\x61\x69\x7a\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x35\x3d\x6a\x61\x72\x61\x6e\x64\x69\x6c\x6c\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x36\x3d\x6a\x61\x72\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x37\x3d\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x38\x3d\x6c\x61\x64\x72\x69\x6c\x6c\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x30\x39\x3d\x6c\x6f\x67\x72\x6f\x73\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x30\x3d\x6c\x6f\x73\x61\x72\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x31\x3d\x6d\x61\x64\x72\x69\x67\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x32\x3d\x6d\x61\x64\x72\x69\x67\x61\x6c\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x33\x3d\x6d\x61\x64\x72\x6f\x6e\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x34\x3d\x6d\x61\x6a\x61\x64\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x35\x3d\x6d\x61\x6c\x70\x61\x72\x74\x69\x64\x61\x64\x65\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x36\x3d\x6d\x61\x6c\x70\x61\x72\x74\x69\x64\x61\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x37\x3d\x6d\x61\x72\x63\x68\x61\x67\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x38\x3d\x6d\x61\x74\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x31\x39\x3d\x6d\x65\x6d\x62\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x30\x3d\x6d\x65\x73\x61\x73\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x31\x3d\x6d\x69\x61\x6a\x61\x64\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x32\x3d\x6d\x69\x6c\x6c\x61\x6e\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x33\x3d\x6d\x69\x72\x61\x62\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x34\x3d\x6d\x6f\x68\x65\x64\x61\x73\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x35\x3d\x6d\x6f\x6e\x72\x6f\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x36\x3d\x6d\x6f\x6e\x74\x61\x6e\x63\x68\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x37\x3d\x6d\x6f\x6e\x74\x65\x68\x65\x72\x6d\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x38\x3d\x6d\x6f\x72\x61\x6c\x65\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x32\x39\x3d\x6d\x6f\x72\x63\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x30\x3d\x6e\x61\x76\x61\x63\x6f\x6e\x63\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x31\x3d\x6e\x61\x76\x61\x6c\x76\x69\x6c\x6c\x61\x72\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x32\x3d\x6e\x61\x76\x61\x6c\x6d\x6f\x72\x61\x6c\x64\x65\x6c\x61\x6d\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x33\x3d\x6e\x61\x76\x61\x73\x64\x65\x6c\x6d\x61\x64\x72\x6f\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x34\x3d\x6e\x61\x76\x61\x74\x72\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x35\x3d\x6e\x61\x76\x65\x7a\x75\x65\x6c\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x36\x3d\x6e\x75\x6e\x6f\x6d\x6f\x72\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x37\x3d\x6f\x6c\x69\x76\x61\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x38\x3d\x70\x61\x6c\x6f\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x33\x39\x3d\x70\x61\x73\x61\x72\x6f\x6e\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x30\x3d\x70\x65\x64\x72\x6f\x73\x6f\x64\x65\x61\x63\x69\x6d\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x31\x3d\x70\x65\x72\x61\x6c\x65\x64\x61\x64\x65\x6c\x61\x6d\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x32\x3d\x70\x65\x72\x61\x6c\x65\x64\x61\x64\x65\x73\x61\x6e\x72\x6f\x6d\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x33\x3d\x70\x65\x72\x61\x6c\x65\x73\x64\x65\x6c\x70\x75\x65\x72\x74\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x34\x3d\x70\x65\x73\x63\x75\x65\x7a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x35\x3d\x6c\x61\x70\x65\x73\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x36\x3d\x70\x69\x65\x64\x72\x61\x73\x61\x6c\x62\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x37\x3d\x70\x69\x6e\x6f\x66\x72\x61\x6e\x71\x75\x65\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x38\x3d\x70\x69\x6f\x72\x6e\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x34\x39\x3d\x70\x6c\x61\x73\x65\x6e\x7a\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x30\x3d\x70\x6f\x72\x74\x61\x6a\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x31\x3d\x70\x6f\x72\x74\x65\x7a\x75\x65\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x32\x3d\x70\x6f\x7a\x75\x65\x6c\x6f\x64\x65\x7a\x61\x72\x7a\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x33\x3d\x70\x75\x65\x62\x6c\x6f\x6e\x75\x65\x76\x6f\x64\x65\x6d\x69\x72\x61\x6d\x6f\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x34\x3d\x70\x75\x65\x72\x74\x6f\x64\x65\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x35\x3d\x72\x65\x62\x6f\x6c\x6c\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x36\x3d\x72\x69\x6f\x6c\x6f\x62\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x37\x3d\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x38\x3d\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x35\x39\x3d\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x74\x72\x75\x6a\x69\x6c\x6c\x6f\x2c\x44\x4e\x53\x2e\x31\x36\x30\x3d\x72\x6f\x62\x6c\x65\x64\x6f\x6c\x6c\x61\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x31\x3d\x72\x6f\x6d\x61\x6e\x67\x6f\x72\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x32\x3d\x72\x75\x61\x6e\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x33\x3d\x73\x61\x6c\x6f\x72\x69\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x34\x3d\x73\x61\x6c\x76\x61\x74\x69\x65\x72\x72\x61\x64\x65\x73\x61\x6e\x74\x69\x61\x67\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x35\x3d\x73\x61\x6e\x6d\x61\x72\x74\x69\x6e\x64\x65\x74\x72\x65\x76\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x36\x3d\x61\x79\x74\x6f\x73\x61\x6e\x74\x61\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x37\x3d\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x38\x3d\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x64\x65\x70\x61\x6e\x69\x61\x67\x75\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x36\x39\x3d\x73\x61\x6e\x74\x61\x6d\x61\x72\x74\x61\x64\x65\x6d\x61\x67\x61\x73\x63\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x30\x3d\x73\x61\x6e\x74\x69\x61\x67\x6f\x64\x65\x6c\x63\x61\x6d\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x31\x3d\x73\x61\x6e\x74\x69\x62\x61\x6e\x65\x7a\x65\x6c\x61\x6c\x74\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x32\x3d\x73\x61\x6e\x74\x69\x62\x61\x6e\x65\x7a\x65\x6c\x62\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x33\x3d\x73\x61\x75\x63\x65\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x34\x3d\x73\x65\x67\x75\x72\x61\x64\x65\x74\x6f\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x35\x3d\x73\x65\x72\x72\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x36\x3d\x73\x65\x72\x72\x65\x6a\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x37\x3d\x73\x69\x65\x72\x72\x61\x64\x65\x66\x75\x65\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x38\x3d\x74\x61\x6c\x61\x76\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x37\x39\x3d\x74\x61\x6c\x61\x76\x65\x72\x75\x65\x6c\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x30\x3d\x74\x61\x6c\x61\x79\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x31\x3d\x74\x65\x6a\x65\x64\x61\x64\x65\x74\x69\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x32\x3d\x74\x6f\x72\x69\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x33\x3d\x74\x6f\x72\x6e\x61\x76\x61\x63\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x34\x3d\x61\x79\x74\x6f\x65\x6c\x74\x6f\x72\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x35\x3d\x74\x6f\x72\x72\x65\x63\x69\x6c\x6c\x61\x64\x65\x6c\x6f\x73\x61\x6e\x67\x65\x6c\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x36\x3d\x74\x6f\x72\x72\x65\x63\x69\x6c\x6c\x61\x73\x64\x65\x6c\x61\x74\x69\x65\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x37\x3d\x74\x6f\x72\x72\x65\x64\x65\x64\x6f\x6e\x6d\x69\x67\x75\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x38\x3d\x74\x6f\x72\x72\x65\x64\x65\x73\x61\x6e\x74\x61\x6d\x61\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x38\x39\x3d\x74\x6f\x72\x72\x65\x6a\x6f\x6e\x65\x6c\x72\x75\x62\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x30\x3d\x74\x6f\x72\x72\x65\x6a\x6f\x6e\x63\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x31\x3d\x74\x6f\x72\x72\x65\x6d\x65\x6e\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x32\x3d\x74\x6f\x72\x72\x65\x6d\x6f\x63\x68\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x33\x3d\x74\x6f\x72\x72\x65\x6f\x72\x67\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x34\x3d\x74\x6f\x72\x72\x65\x71\x75\x65\x6d\x61\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x35\x3d\x76\x61\x6c\x64\x61\x73\x74\x69\x6c\x6c\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x36\x3d\x76\x61\x6c\x64\x65\x63\x61\x6e\x61\x73\x64\x65\x74\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x37\x3d\x76\x61\x6c\x64\x65\x66\x75\x65\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x38\x3d\x76\x61\x6c\x64\x65\x68\x75\x6e\x63\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x31\x39\x39\x3d\x76\x61\x6c\x64\x65\x69\x6e\x69\x67\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x30\x3d\x76\x61\x6c\x64\x65\x6c\x61\x63\x61\x73\x61\x64\x65\x74\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x31\x3d\x76\x61\x6c\x64\x65\x6d\x6f\x72\x61\x6c\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x32\x3d\x76\x61\x6c\x64\x65\x6f\x62\x69\x73\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x33\x3d\x76\x61\x6c\x64\x65\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x34\x3d\x76\x61\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x35\x3d\x76\x61\x6c\x65\x6e\x63\x69\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x36\x3d\x76\x61\x6c\x76\x65\x72\x64\x65\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x37\x3d\x76\x61\x6c\x76\x65\x72\x64\x65\x64\x65\x6c\x66\x72\x65\x73\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x38\x3d\x76\x65\x67\x61\x76\x69\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x30\x39\x3d\x76\x69\x61\x6e\x64\x61\x72\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x30\x3d\x76\x69\x6c\x6c\x61\x64\x65\x6c\x63\x61\x6d\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x31\x3d\x76\x69\x6c\x6c\x61\x64\x65\x6c\x72\x65\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x32\x3d\x76\x69\x6c\x6c\x61\x6d\x65\x73\x69\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x33\x3d\x76\x69\x6c\x6c\x61\x6d\x69\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x34\x3d\x76\x69\x6c\x6c\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x35\x3d\x76\x69\x6c\x6c\x61\x72\x64\x65\x6c\x70\x65\x64\x72\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x36\x3d\x76\x69\x6c\x6c\x61\x72\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x37\x3d\x76\x69\x6c\x6c\x61\x73\x62\x75\x65\x6e\x61\x73\x64\x65\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x38\x3d\x7a\x61\x72\x7a\x61\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x31\x39\x3d\x7a\x61\x72\x7a\x61\x64\x65\x6d\x6f\x6e\x74\x61\x6e\x63\x68\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x30\x3d\x7a\x61\x72\x7a\x61\x6c\x61\x6d\x61\x79\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x31\x3d\x7a\x6f\x72\x69\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x32\x3d\x72\x6f\x73\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x33\x3d\x76\x65\x67\x61\x76\x69\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x34\x3d\x61\x6c\x61\x67\x6f\x6e\x64\x65\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x35\x3d\x74\x69\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x36\x3d\x76\x61\x6c\x64\x65\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x37\x3d\x6e\x61\x76\x61\x74\x72\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x38\x3d\x72\x69\x76\x65\x72\x61\x64\x65\x66\x72\x65\x73\x6e\x65\x64\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x32\x39\x3d\x65\x6c\x6d\x73\x61\x6e\x67\x69\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x30\x3d\x74\x61\x6a\x6f\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x31\x3d\x76\x61\x6c\x6c\x65\x61\x6d\x62\x72\x6f\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x32\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x61\x6c\x6c\x65\x64\x65\x6c\x61\x6c\x61\x67\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x33\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x61\x6c\x6c\x65\x64\x65\x6c\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x34\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x65\x67\x61\x73\x61\x6c\x74\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x35\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x36\x3d\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x7a\x6f\x6e\x61\x63\x65\x6e\x74\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x37\x3d\x76\x69\x6c\x6c\x75\x65\x72\x63\x61\x73\x2d\x69\x62\x6f\x72\x65\x73\x2d\x6a\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x38\x3d\x77\x77\x77\x2e\x61\x62\x61\x64\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x33\x39\x3d\x77\x77\x77\x2e\x61\x62\x65\x72\x74\x75\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x30\x3d\x77\x77\x77\x2e\x61\x63\x65\x62\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x31\x3d\x77\x77\x77\x2e\x61\x63\x65\x68\x75\x63\x68\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x32\x3d\x77\x77\x77\x2e\x61\x63\x65\x69\x74\x75\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x33\x3d\x77\x77\x77\x2e\x61\x68\x69\x67\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x34\x3d\x77\x77\x77\x2e\x61\x6c\x61\x67\x6f\x6e\x64\x65\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x35\x3d\x77\x77\x77\x2e\x61\x6c\x63\x6f\x6c\x6c\x61\x72\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x36\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x61\x6c\x62\x61\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x37\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x38\x3d\x77\x77\x77\x2e\x61\x6c\x63\x75\x65\x73\x63\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x34\x39\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x61\x63\x65\x6e\x74\x65\x6e\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x30\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x61\x64\x65\x6c\x63\x61\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x31\x3d\x77\x77\x77\x2e\x6c\x61\x61\x6c\x64\x65\x61\x64\x65\x6c\x6f\x62\x69\x73\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x32\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x33\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x63\x61\x6d\x69\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x34\x3d\x77\x77\x77\x2e\x61\x6c\x64\x65\x68\x75\x65\x6c\x61\x64\x65\x6c\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x35\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x61\x6c\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x36\x3d\x77\x77\x77\x2e\x61\x6c\x69\x73\x65\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x37\x3d\x77\x77\x77\x2e\x61\x6c\x6d\x61\x72\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x38\x3d\x77\x77\x77\x2e\x61\x6c\x6d\x6f\x68\x61\x72\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x35\x39\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x61\x72\x72\x6f\x79\x6f\x64\x65\x6c\x61\x6c\x75\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x30\x3d\x77\x77\x77\x2e\x61\x72\x72\x6f\x79\x6f\x6d\x6f\x6c\x69\x6e\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x31\x3d\x77\x77\x77\x2e\x61\x72\x72\x6f\x79\x6f\x6d\x6f\x6c\x69\x6e\x6f\x73\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x32\x3d\x77\x77\x77\x2e\x62\x61\x6e\x6f\x73\x64\x65\x6d\x6f\x6e\x74\x65\x6d\x61\x79\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x33\x3d\x77\x77\x77\x2e\x62\x61\x72\x72\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x34\x3d\x77\x77\x77\x2e\x62\x65\x6c\x76\x69\x73\x64\x65\x6d\x6f\x6e\x72\x6f\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x35\x3d\x77\x77\x77\x2e\x62\x65\x6e\x71\x75\x65\x72\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x36\x3d\x77\x77\x77\x2e\x62\x65\x72\x72\x6f\x63\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x37\x3d\x77\x77\x77\x2e\x62\x65\x72\x7a\x6f\x63\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x38\x3d\x77\x77\x77\x2e\x62\x6f\x68\x6f\x6e\x61\x6c\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x36\x39\x3d\x77\x77\x77\x2e\x62\x6f\x74\x69\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x30\x3d\x77\x77\x77\x2e\x62\x72\x6f\x7a\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x31\x3d\x77\x77\x77\x2e\x63\x61\x62\x61\x6e\x61\x73\x64\x65\x6c\x63\x61\x73\x74\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x32\x3d\x77\x77\x77\x2e\x63\x61\x62\x65\x7a\x61\x62\x65\x6c\x6c\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x33\x3d\x77\x77\x77\x2e\x63\x61\x62\x65\x7a\x75\x65\x6c\x61\x64\x65\x6c\x76\x61\x6c\x6c\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x34\x3d\x77\x77\x77\x2e\x63\x61\x62\x72\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x35\x3d\x77\x77\x77\x2e\x63\x61\x63\x68\x6f\x72\x72\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x36\x3d\x77\x77\x77\x2e\x63\x61\x64\x61\x6c\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x37\x3d\x77\x77\x77\x2e\x63\x61\x6c\x7a\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x38\x3d\x77\x77\x77\x2e\x63\x61\x6d\x69\x6e\x6f\x6d\x6f\x72\x69\x73\x63\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x37\x39\x3d\x77\x77\x77\x2e\x63\x61\x6d\x70\x69\x6c\x6c\x6f\x64\x65\x64\x65\x6c\x65\x69\x74\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x30\x3d\x77\x77\x77\x2e\x63\x61\x6d\x70\x6f\x6c\x75\x67\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x31\x3d\x77\x77\x77\x2e\x63\x61\x6e\x61\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x32\x3d\x77\x77\x77\x2e\x63\x61\x6e\x61\x76\x65\x72\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x33\x3d\x77\x77\x77\x2e\x63\x61\x72\x62\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x34\x3d\x77\x77\x77\x2e\x63\x61\x72\x63\x61\x62\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x35\x3d\x77\x77\x77\x2e\x63\x61\x72\x72\x61\x73\x63\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x36\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x72\x64\x65\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x37\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x72\x64\x65\x70\x61\x6c\x6f\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x38\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x72\x65\x73\x64\x65\x6c\x61\x73\x68\x75\x72\x64\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x38\x39\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x64\x6f\x6e\x61\x6e\x74\x6f\x6e\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x30\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x64\x6f\x6e\x67\x6f\x6d\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x31\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x6c\x63\x61\x73\x74\x61\x6e\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x32\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x6c\x6d\x6f\x6e\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x33\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x6d\x69\x6c\x6c\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x34\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x73\x64\x65\x6d\x69\x72\x61\x76\x65\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x35\x3d\x77\x77\x77\x2e\x63\x61\x73\x61\x74\x65\x6a\x61\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x36\x3d\x77\x77\x77\x2e\x63\x61\x73\x69\x6c\x6c\x61\x73\x64\x65\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x37\x3d\x77\x77\x77\x2e\x63\x61\x73\x74\x61\x6e\x61\x72\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x38\x3d\x77\x77\x77\x2e\x63\x65\x63\x6c\x61\x76\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x32\x39\x39\x3d\x77\x77\x77\x2e\x63\x65\x64\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x30\x3d\x77\x77\x77\x2e\x63\x65\x72\x65\x7a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x31\x3d\x77\x77\x77\x2e\x63\x69\x6c\x6c\x65\x72\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x32\x3d\x77\x77\x77\x2e\x63\x6f\x6c\x6c\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x33\x3d\x77\x77\x77\x2e\x63\x6f\x6e\x71\x75\x69\x73\x74\x61\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x34\x3d\x77\x77\x77\x2e\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x35\x3d\x77\x77\x77\x2e\x63\x75\x61\x63\x6f\x73\x64\x65\x79\x75\x73\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x36\x3d\x77\x77\x77\x2e\x6c\x61\x63\x75\x6d\x62\x72\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x37\x3d\x77\x77\x77\x2e\x64\x65\x6c\x65\x69\x74\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x38\x3d\x77\x77\x77\x2e\x64\x65\x73\x63\x61\x72\x67\x61\x6d\x61\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x30\x39\x3d\x77\x77\x77\x2e\x65\x6c\x6a\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x30\x3d\x77\x77\x77\x2e\x65\x73\x63\x75\x72\x69\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x31\x3d\x77\x77\x77\x2e\x66\x72\x65\x73\x6e\x65\x64\x6f\x73\x6f\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x32\x3d\x77\x77\x77\x2e\x67\x61\x6c\x69\x73\x74\x65\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x33\x3d\x77\x77\x77\x2e\x67\x61\x72\x63\x69\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x34\x3d\x77\x77\x77\x2e\x6c\x61\x67\x61\x72\x67\x61\x6e\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x35\x3d\x77\x77\x77\x2e\x67\x61\x72\x67\x61\x6e\x74\x61\x6c\x61\x6f\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x36\x3d\x77\x77\x77\x2e\x67\x61\x72\x67\x61\x6e\x74\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x37\x3d\x77\x77\x77\x2e\x67\x61\x72\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x38\x3d\x77\x77\x77\x2e\x67\x61\x72\x72\x6f\x76\x69\x6c\x6c\x61\x73\x64\x65\x61\x6c\x63\x6f\x6e\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x31\x39\x3d\x77\x77\x77\x2e\x67\x61\x72\x76\x69\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x30\x3d\x77\x77\x77\x2e\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x31\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x65\x6c\x67\x6f\x72\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x32\x3d\x77\x77\x77\x2e\x6c\x61\x67\x72\x61\x6e\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x33\x3d\x77\x77\x77\x2e\x6c\x61\x67\x72\x61\x6e\x6a\x61\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x34\x3d\x77\x77\x77\x2e\x61\x79\x75\x6e\x74\x61\x6d\x69\x65\x6e\x74\x6f\x64\x65\x67\x75\x61\x64\x61\x6c\x75\x70\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x35\x3d\x77\x77\x77\x2e\x67\x75\x69\x6a\x6f\x64\x65\x63\x6f\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x36\x3d\x77\x77\x77\x2e\x67\x75\x69\x6a\x6f\x64\x65\x67\x61\x6c\x69\x73\x74\x65\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x37\x3d\x77\x77\x77\x2e\x67\x75\x69\x6a\x6f\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x38\x3d\x77\x77\x77\x2e\x67\x75\x69\x6a\x6f\x64\x65\x73\x61\x6e\x74\x61\x62\x61\x72\x62\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x32\x39\x3d\x77\x77\x77\x2e\x68\x65\x72\x67\x75\x69\x6a\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x30\x3d\x77\x77\x77\x2e\x68\x65\x72\x6e\x61\x6e\x70\x65\x72\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x31\x3d\x77\x77\x77\x2e\x68\x65\x72\x72\x65\x72\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x32\x3d\x77\x77\x77\x2e\x68\x65\x72\x72\x65\x72\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x33\x3d\x77\x77\x77\x2e\x68\x65\x72\x76\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x34\x3d\x77\x77\x77\x2e\x68\x69\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x35\x3d\x77\x77\x77\x2e\x68\x69\x6e\x6f\x6a\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x36\x3d\x77\x77\x77\x2e\x68\x6f\x6c\x67\x75\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x37\x3d\x77\x77\x77\x2e\x68\x6f\x79\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x38\x3d\x77\x77\x77\x2e\x68\x75\x65\x6c\x61\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x33\x39\x3d\x77\x77\x77\x2e\x69\x62\x61\x68\x65\x72\x6e\x61\x6e\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x30\x3d\x77\x77\x77\x2e\x6a\x61\x72\x61\x69\x63\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x31\x3d\x77\x77\x77\x2e\x6a\x61\x72\x61\x69\x7a\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x32\x3d\x77\x77\x77\x2e\x6a\x61\x72\x61\x6e\x64\x69\x6c\x6c\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x33\x3d\x77\x77\x77\x2e\x6a\x61\x72\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x34\x3d\x77\x77\x77\x2e\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x35\x3d\x77\x77\x77\x2e\x6c\x61\x64\x72\x69\x6c\x6c\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x36\x3d\x77\x77\x77\x2e\x6c\x6f\x67\x72\x6f\x73\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x37\x3d\x77\x77\x77\x2e\x6c\x6f\x73\x61\x72\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x38\x3d\x77\x77\x77\x2e\x6d\x61\x64\x72\x69\x67\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x34\x39\x3d\x77\x77\x77\x2e\x6d\x61\x64\x72\x69\x67\x61\x6c\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x30\x3d\x77\x77\x77\x2e\x6d\x61\x64\x72\x6f\x6e\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x31\x3d\x77\x77\x77\x2e\x6d\x61\x6a\x61\x64\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x32\x3d\x77\x77\x77\x2e\x6d\x61\x6c\x70\x61\x72\x74\x69\x64\x61\x64\x65\x63\x61\x63\x65\x72\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x33\x3d\x77\x77\x77\x2e\x6d\x61\x6c\x70\x61\x72\x74\x69\x64\x61\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x34\x3d\x77\x77\x77\x2e\x6d\x61\x72\x63\x68\x61\x67\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x35\x3d\x77\x77\x77\x2e\x6d\x61\x74\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x36\x3d\x77\x77\x77\x2e\x6d\x65\x6d\x62\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x37\x3d\x77\x77\x77\x2e\x6d\x65\x73\x61\x73\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x38\x3d\x77\x77\x77\x2e\x6d\x69\x61\x6a\x61\x64\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x35\x39\x3d\x77\x77\x77\x2e\x6d\x69\x6c\x6c\x61\x6e\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x30\x3d\x77\x77\x77\x2e\x6d\x69\x72\x61\x62\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x31\x3d\x77\x77\x77\x2e\x6d\x6f\x68\x65\x64\x61\x73\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x32\x3d\x77\x77\x77\x2e\x6d\x6f\x6e\x72\x6f\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x33\x3d\x77\x77\x77\x2e\x6d\x6f\x6e\x74\x61\x6e\x63\x68\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x34\x3d\x77\x77\x77\x2e\x6d\x6f\x6e\x74\x65\x68\x65\x72\x6d\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x35\x3d\x77\x77\x77\x2e\x6d\x6f\x72\x61\x6c\x65\x6a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x36\x3d\x77\x77\x77\x2e\x6d\x6f\x72\x63\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x37\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x63\x6f\x6e\x63\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x38\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x6c\x76\x69\x6c\x6c\x61\x72\x64\x65\x69\x62\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x36\x39\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x6c\x6d\x6f\x72\x61\x6c\x64\x65\x6c\x61\x6d\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x30\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x73\x64\x65\x6c\x6d\x61\x64\x72\x6f\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x31\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x74\x72\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x32\x3d\x77\x77\x77\x2e\x6e\x61\x76\x65\x7a\x75\x65\x6c\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x33\x3d\x77\x77\x77\x2e\x6e\x75\x6e\x6f\x6d\x6f\x72\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x34\x3d\x77\x77\x77\x2e\x6f\x6c\x69\x76\x61\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x35\x3d\x77\x77\x77\x2e\x70\x61\x6c\x6f\x6d\x65\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x36\x3d\x77\x77\x77\x2e\x70\x61\x73\x61\x72\x6f\x6e\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x37\x3d\x77\x77\x77\x2e\x70\x65\x64\x72\x6f\x73\x6f\x64\x65\x61\x63\x69\x6d\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x38\x3d\x77\x77\x77\x2e\x70\x65\x72\x61\x6c\x65\x64\x61\x64\x65\x6c\x61\x6d\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x37\x39\x3d\x77\x77\x77\x2e\x70\x65\x72\x61\x6c\x65\x64\x61\x64\x65\x73\x61\x6e\x72\x6f\x6d\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x30\x3d\x77\x77\x77\x2e\x70\x65\x72\x61\x6c\x65\x73\x64\x65\x6c\x70\x75\x65\x72\x74\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x31\x3d\x77\x77\x77\x2e\x70\x65\x73\x63\x75\x65\x7a\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x32\x3d\x77\x77\x77\x2e\x6c\x61\x70\x65\x73\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x33\x3d\x77\x77\x77\x2e\x70\x69\x65\x64\x72\x61\x73\x61\x6c\x62\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x34\x3d\x77\x77\x77\x2e\x70\x69\x6e\x6f\x66\x72\x61\x6e\x71\x75\x65\x61\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x35\x3d\x77\x77\x77\x2e\x70\x69\x6f\x72\x6e\x61\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x36\x3d\x77\x77\x77\x2e\x70\x6c\x61\x73\x65\x6e\x7a\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x37\x3d\x77\x77\x77\x2e\x70\x6f\x72\x74\x61\x6a\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x38\x3d\x77\x77\x77\x2e\x70\x6f\x72\x74\x65\x7a\x75\x65\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x38\x39\x3d\x77\x77\x77\x2e\x70\x6f\x7a\x75\x65\x6c\x6f\x64\x65\x7a\x61\x72\x7a\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x30\x3d\x77\x77\x77\x2e\x70\x75\x65\x62\x6c\x6f\x6e\x75\x65\x76\x6f\x64\x65\x6d\x69\x72\x61\x6d\x6f\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x31\x3d\x77\x77\x77\x2e\x70\x75\x65\x72\x74\x6f\x64\x65\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x32\x3d\x77\x77\x77\x2e\x72\x65\x62\x6f\x6c\x6c\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x33\x3d\x77\x77\x77\x2e\x72\x69\x6f\x6c\x6f\x62\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x34\x3d\x77\x77\x77\x2e\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x35\x3d\x77\x77\x77\x2e\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x36\x3d\x77\x77\x77\x2e\x72\x6f\x62\x6c\x65\x64\x69\x6c\x6c\x6f\x64\x65\x74\x72\x75\x6a\x69\x6c\x6c\x6f\x2c\x44\x4e\x53\x2e\x33\x39\x37\x3d\x77\x77\x77\x2e\x72\x6f\x62\x6c\x65\x64\x6f\x6c\x6c\x61\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x38\x3d\x77\x77\x77\x2e\x72\x6f\x6d\x61\x6e\x67\x6f\x72\x64\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x33\x39\x39\x3d\x77\x77\x77\x2e\x72\x75\x61\x6e\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x30\x3d\x77\x77\x77\x2e\x73\x61\x6c\x6f\x72\x69\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x31\x3d\x77\x77\x77\x2e\x73\x61\x6c\x76\x61\x74\x69\x65\x72\x72\x61\x64\x65\x73\x61\x6e\x74\x69\x61\x67\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x32\x3d\x77\x77\x77\x2e\x73\x61\x6e\x6d\x61\x72\x74\x69\x6e\x64\x65\x74\x72\x65\x76\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x33\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x73\x61\x6e\x74\x61\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x34\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x35\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x61\x63\x72\x75\x7a\x64\x65\x70\x61\x6e\x69\x61\x67\x75\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x36\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x61\x6d\x61\x72\x74\x61\x64\x65\x6d\x61\x67\x61\x73\x63\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x37\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x69\x61\x67\x6f\x64\x65\x6c\x63\x61\x6d\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x38\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x69\x62\x61\x6e\x65\x7a\x65\x6c\x61\x6c\x74\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x30\x39\x3d\x77\x77\x77\x2e\x73\x61\x6e\x74\x69\x62\x61\x6e\x65\x7a\x65\x6c\x62\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x30\x3d\x77\x77\x77\x2e\x73\x61\x75\x63\x65\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x31\x3d\x77\x77\x77\x2e\x73\x65\x67\x75\x72\x61\x64\x65\x74\x6f\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x32\x3d\x77\x77\x77\x2e\x73\x65\x72\x72\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x33\x3d\x77\x77\x77\x2e\x73\x65\x72\x72\x65\x6a\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x34\x3d\x77\x77\x77\x2e\x73\x69\x65\x72\x72\x61\x64\x65\x66\x75\x65\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x35\x3d\x77\x77\x77\x2e\x74\x61\x6c\x61\x76\x61\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x36\x3d\x77\x77\x77\x2e\x74\x61\x6c\x61\x76\x65\x72\x75\x65\x6c\x61\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x37\x3d\x77\x77\x77\x2e\x74\x61\x6c\x61\x79\x75\x65\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x38\x3d\x77\x77\x77\x2e\x74\x65\x6a\x65\x64\x61\x64\x65\x74\x69\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x31\x39\x3d\x77\x77\x77\x2e\x74\x6f\x72\x69\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x30\x3d\x77\x77\x77\x2e\x74\x6f\x72\x6e\x61\x76\x61\x63\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x31\x3d\x77\x77\x77\x2e\x61\x79\x74\x6f\x65\x6c\x74\x6f\x72\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x32\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x63\x69\x6c\x6c\x61\x64\x65\x6c\x6f\x73\x61\x6e\x67\x65\x6c\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x33\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x63\x69\x6c\x6c\x61\x73\x64\x65\x6c\x61\x74\x69\x65\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x34\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x64\x65\x64\x6f\x6e\x6d\x69\x67\x75\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x35\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x64\x65\x73\x61\x6e\x74\x61\x6d\x61\x72\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x36\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6a\x6f\x6e\x65\x6c\x72\x75\x62\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x37\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6a\x6f\x6e\x63\x69\x6c\x6c\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x38\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6d\x65\x6e\x67\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x32\x39\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6d\x6f\x63\x68\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x30\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x6f\x72\x67\x61\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x31\x3d\x77\x77\x77\x2e\x74\x6f\x72\x72\x65\x71\x75\x65\x6d\x61\x64\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x32\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x61\x73\x74\x69\x6c\x6c\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x33\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x63\x61\x6e\x61\x73\x64\x65\x74\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x34\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x66\x75\x65\x6e\x74\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x35\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x68\x75\x6e\x63\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x36\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x69\x6e\x69\x67\x6f\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x37\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x6c\x61\x63\x61\x73\x61\x64\x65\x74\x61\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x38\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x6d\x6f\x72\x61\x6c\x65\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x33\x39\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x6f\x62\x69\x73\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x30\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x31\x3d\x77\x77\x77\x2e\x76\x61\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x32\x3d\x77\x77\x77\x2e\x76\x61\x6c\x65\x6e\x63\x69\x61\x64\x65\x61\x6c\x63\x61\x6e\x74\x61\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x33\x3d\x77\x77\x77\x2e\x76\x61\x6c\x76\x65\x72\x64\x65\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x34\x3d\x77\x77\x77\x2e\x76\x61\x6c\x76\x65\x72\x64\x65\x64\x65\x6c\x66\x72\x65\x73\x6e\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x35\x3d\x77\x77\x77\x2e\x76\x65\x67\x61\x76\x69\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x36\x3d\x77\x77\x77\x2e\x76\x69\x61\x6e\x64\x61\x72\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x37\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x64\x65\x6c\x63\x61\x6d\x70\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x38\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x64\x65\x6c\x72\x65\x79\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x34\x39\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x6d\x65\x73\x69\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x30\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x6d\x69\x65\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x31\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x6e\x75\x65\x76\x61\x64\x65\x6c\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x32\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x72\x64\x65\x6c\x70\x65\x64\x72\x6f\x73\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x33\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x72\x64\x65\x70\x6c\x61\x73\x65\x6e\x63\x69\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x34\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x61\x73\x62\x75\x65\x6e\x61\x73\x64\x65\x67\x61\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x35\x3d\x77\x77\x77\x2e\x7a\x61\x72\x7a\x61\x64\x65\x67\x72\x61\x6e\x61\x64\x69\x6c\x6c\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x36\x3d\x77\x77\x77\x2e\x7a\x61\x72\x7a\x61\x64\x65\x6d\x6f\x6e\x74\x61\x6e\x63\x68\x65\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x37\x3d\x77\x77\x77\x2e\x7a\x61\x72\x7a\x61\x6c\x61\x6d\x61\x79\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x38\x3d\x77\x77\x77\x2e\x7a\x6f\x72\x69\x74\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x35\x39\x3d\x77\x77\x77\x2e\x72\x6f\x73\x61\x6c\x65\x6a\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x30\x3d\x77\x77\x77\x2e\x76\x65\x67\x61\x76\x69\x61\x6e\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x31\x3d\x77\x77\x77\x2e\x61\x6c\x61\x67\x6f\x6e\x64\x65\x6c\x72\x69\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x32\x3d\x77\x77\x77\x2e\x74\x69\x65\x74\x61\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x33\x3d\x77\x77\x77\x2e\x76\x61\x6c\x64\x65\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x34\x3d\x77\x77\x77\x2e\x6e\x61\x76\x61\x74\x72\x61\x73\x69\x65\x72\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x35\x3d\x77\x77\x77\x2e\x72\x69\x76\x65\x72\x61\x64\x65\x66\x72\x65\x73\x6e\x65\x64\x6f\x73\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x36\x3d\x77\x77\x77\x2e\x65\x6c\x6d\x73\x61\x6e\x67\x69\x6c\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x37\x3d\x77\x77\x77\x2e\x74\x61\x6a\x6f\x73\x61\x6c\x6f\x72\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x38\x3d\x77\x77\x77\x2e\x76\x61\x6c\x6c\x65\x61\x6d\x62\x72\x6f\x7a\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x36\x39\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x61\x6c\x6c\x65\x64\x65\x6c\x61\x6c\x61\x67\x6f\x6e\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x30\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x61\x6c\x6c\x65\x64\x65\x6c\x6a\x65\x72\x74\x65\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x31\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x76\x65\x67\x61\x73\x61\x6c\x74\x61\x73\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x32\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x64\x65\x6c\x61\x76\x65\x72\x61\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x33\x3d\x77\x77\x77\x2e\x6d\x61\x6e\x63\x6f\x6d\x75\x6e\x69\x64\x61\x64\x7a\x6f\x6e\x61\x63\x65\x6e\x74\x72\x6f\x2e\x65\x73\x2c\x44\x4e\x53\x2e\x34\x37\x34\x3d\x77\x77\x77\x2e\x76\x69\x6c\x6c\x75\x65\x72\x63\x61\x73\x2d\x69\x62\x6f\x72\x65\x73\x2d\x6a\x61\x72\x61\x2e\x65\x73", + 12589 }, + .can_encode = 1 } }; struct encode_tests_st { @@ -226,95 +215,75 @@ struct encode_tests_st { struct encode_tests_st encode_tests[] = { { - .name = "invalid DN", - .str = - "CDD=Cindy Lauper,UID=clauper,OU=sleeping dept.,O=Koko inc.,ST=Attiki,C=GR", - .failure = GNUTLS_E_PARSING_ERROR, - }, - { - .name = "invalid DN2", - .str = "CD,O=Koko", - .failure = GNUTLS_E_PARSING_ERROR, - }, - { - .name = "invalid DN3", - .str = "CN,O=Koko", - .failure = GNUTLS_E_PARSING_ERROR, - }, - { - .name = "DN containing '+'", - .str = - "CN=Cindy Lauper,UID=clauper+OU=sleeping dept.,O=Koko inc.,ST=Attiki,C=GR", - .failure = GNUTLS_E_PARSING_ERROR, - }, - { - .name = "DN containing unsupported escaped chars", - .str = "CN=\\CD\\AB\\19", - .failure = GNUTLS_E_PARSING_ERROR, - }, - { - .name = "encode C", - .str = "C=ES", - .raw = {(void *) - "\x30\x0d\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x45\x53", - 15}, - .failure = GNUTLS_E_SUCCESS}, - { - .name = "encode raw C", - .str = "C=#13024553", - .raw = {(void *) - "\x30\x0d\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x45\x53", - 15}, - .failure = 0}, - { - .name = "encode with slash #", - .str = "C=\\#S", - .raw = {(void *) - "\x30\x0d\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x23\x53", - 15}, - .failure = 0}, - { - .name = "encode with spaces", - .str = "C=\\ \\ ", - .raw = {(void *) - "\x30\x0d\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x20\x20", - 15}, - .failure = 0}, - { - .name = "encode with comma", - .str = "C=\\,\\ ", - .raw = {(void *) - "\x30\x0d\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x2c\x20", - 15}, - .failure = 0}, + .name = "invalid DN", + .str = "CDD=Cindy Lauper,UID=clauper,OU=sleeping dept.,O=Koko inc.,ST=Attiki,C=GR", + .failure = GNUTLS_E_PARSING_ERROR, + }, { - .name = "encode with escaped plus", - .str = "C=\\+\\ ", - .raw = {(void *) - "\x30\x0d\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x2b\x20", - 15}, - .failure = 0}, + .name = "invalid DN2", + .str = "CD,O=Koko", + .failure = GNUTLS_E_PARSING_ERROR, + }, { - .name = "encode with escaped string", - .str = "C=\\,\\+\\;\\<\\>\\\\", - .raw = {(void *) - "\x30\x11\x31\x0f\x30\x0d\x06\x03\x55\x04\x06\x13\x06\x2c\x2b\x3b\x3c\x3e\x5c", - 19}, - .failure = 0}, + .name = "invalid DN3", + .str = "CN,O=Koko", + .failure = GNUTLS_E_PARSING_ERROR, + }, { - .name = "encode with combo", - .str = "CN=\\#XXX,OU=\\ X\\ ,C=\\,\\ ", - .raw = {(void *) - "\x30\x2b\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x2c\x20\x31\x0d\x30\x0b\x06\x03\x55\x04\x0b\x13\x04\x20\x20\x58\x20\x31\x0d\x30\x0b\x06\x03\x55\x04\x03\x0c\x04\x23\x58\x58\x58", - 45}, - .failure = 0}, + .name = "DN containing '+'", + .str = "CN=Cindy Lauper,UID=clauper+OU=sleeping dept.,O=Koko inc.,ST=Attiki,C=GR", + .failure = GNUTLS_E_PARSING_ERROR, + }, { - .name = "encode invalid hex raw C", - .str = "C=#1302455", - .raw = {(void *) - "\x30\x0d\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x45\x53", - 15}, - .failure = GNUTLS_E_PARSING_ERROR} + .name = "DN containing unsupported escaped chars", + .str = "CN=\\CD\\AB\\19", + .failure = GNUTLS_E_PARSING_ERROR, + }, + { .name = "encode C", + .str = "C=ES", + .raw = { (void *)"\x30\x0d\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x45\x53", + 15 }, + .failure = GNUTLS_E_SUCCESS }, + { .name = "encode raw C", + .str = "C=#13024553", + .raw = { (void *)"\x30\x0d\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x45\x53", + 15 }, + .failure = 0 }, + { .name = "encode with slash #", + .str = "C=\\#S", + .raw = { (void *)"\x30\x0d\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x23\x53", + 15 }, + .failure = 0 }, + { .name = "encode with spaces", + .str = "C=\\ \\ ", + .raw = { (void *)"\x30\x0d\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x20\x20", + 15 }, + .failure = 0 }, + { .name = "encode with comma", + .str = "C=\\,\\ ", + .raw = { (void *)"\x30\x0d\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x2c\x20", + 15 }, + .failure = 0 }, + { .name = "encode with escaped plus", + .str = "C=\\+\\ ", + .raw = { (void *)"\x30\x0d\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x2b\x20", + 15 }, + .failure = 0 }, + { .name = "encode with escaped string", + .str = "C=\\,\\+\\;\\<\\>\\\\", + .raw = { (void *)"\x30\x11\x31\x0f\x30\x0d\x06\x03\x55\x04\x06\x13\x06\x2c\x2b\x3b\x3c\x3e\x5c", + 19 }, + .failure = 0 }, + { .name = "encode with combo", + .str = "CN=\\#XXX,OU=\\ X\\ ,C=\\,\\ ", + .raw = { (void *)"\x30\x2b\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x2c\x20\x31\x0d\x30\x0b\x06\x03\x55\x04\x0b\x13\x04\x20\x20\x58\x20\x31\x0d\x30\x0b\x06\x03\x55\x04\x03\x0c\x04\x23\x58\x58\x58", + 45 }, + .failure = 0 }, + { .name = "encode invalid hex raw C", + .str = "C=#1302455", + .raw = { (void *)"\x30\x0d\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x45\x53", + 15 }, + .failure = GNUTLS_E_PARSING_ERROR } }; void doit(void) diff --git a/tests/x509-dn.c b/tests/x509-dn.c index 5f0ede618c..bf38dcf957 100644 --- a/tests/x509-dn.c +++ b/tests/x509-dn.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -37,22 +37,22 @@ #include "utils.h" static const char cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" - "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" - "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" - "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" - "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" - "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" - "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" - "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" - "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" - "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" - "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" + "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" + "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" + "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" + "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" + "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" + "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" + "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" + "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" + "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" + "dc8Siq5JojruiMizAf0pA7in\n" + "-----END CERTIFICATE-----\n"; static const gnutls_datum_t cert_datum = { (unsigned char *)cert_pem, - sizeof(cert_pem) -}; + sizeof(cert_pem) }; void doit(void) { @@ -68,8 +68,7 @@ void doit(void) if (gnutls_x509_crt_init(&cert) != 0) fail("cert init failure\n"); - if (gnutls_x509_crt_import(cert, &cert_datum, GNUTLS_X509_FMT_PEM) - != 0) + if (gnutls_x509_crt_import(cert, &cert_datum, GNUTLS_X509_FMT_PEM) != 0) fail("FAIL: could not import PEM cert\n"); if (gnutls_x509_crt_get_subject(cert, &sdn) != 0) diff --git a/tests/x509-extensions.c b/tests/x509-extensions.c index 5494324d8e..0be6716e3e 100644 --- a/tests/x509-extensions.c +++ b/tests/x509-extensions.c @@ -19,7 +19,7 @@ */ #ifdef HAVE_CONFIG_H -# include "config.h" +#include "config.h" #endif #include @@ -29,63 +29,64 @@ #include #include "utils.h" -static char invalid_cert[] = /* v1 certificate with extensions */ - "-----BEGIN CERTIFICATE-----\n" - "MIIDHjCCAgYCDFQ7zlUDsihSxVF4mDANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQD\n" - "EwRDQS0wMCIYDzIwMTQxMDEzMTMwNjI5WhgPOTk5OTEyMzEyMzU5NTlaMBMxETAP\n" - "BgNVBAMTCHNlcnZlci0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA\n" - "zoG3/1YtwGHh/5u3ex6xAmwO0/H4gdIy/yiYLxqWcy+HzyMBBZHNXuV7W0z7x+Qo\n" - "qCGtenWkzIQSgeYKyzdcpPDscZIYOgwHWUFczxgVGdLsBKPSczgqMHpSCLgMgnDM\n" - "RaN6SNQeTQdftkLt5wdBSzNaxhhPYsCEbopSeZ8250FCLS3gRpoMtYCBiy7cjSJB\n" - "zv6zmZStXNgTYr8pLwI0nyxPyRdB+TZyqAC6r9W154y51vsqUCGmC0I9hn1A5kkD\n" - "5057x+Ho1kDwPxOfObdOR+AJSAw/FeGuStzViJY0I68B90sEo/HD+h7mB+CwJ2Yf\n" - "64/xVdh+D8L65eYkM9z88wIDAQABo3cwdTAMBgNVHRMBAf8EAjAAMBQGA1UdEQQN\n" - "MAuCCWxvY2FsaG9zdDAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBT7Gk/u95zI\n" - "JTM89CXJ70IxxqhegDAfBgNVHSMEGDAWgBQ9X77/zddjG9ob2zrR/WuGmxwFGDAN\n" - "BgkqhkiG9w0BAQsFAAOCAQEAaTrAcTkQ7yqf6afoTkFXZuZ+jJXYNGkubxs8Jo/z\n" - "srJk/WWVGAKuxiBDumk88Gjm+WXGyIDA7Hq9fhGaklJV2PGRfNVx9No51HXeAToT\n" - "sHs2XKhk9SdKKR4UJkuX3U2malMlCpmFMtm3EieDVZLxeukhODJQtRa3vGg8QWoz\n" - "ODlewHSmQiXhnqq52fLCbdVUaBnaRGOIwNZ0FcBWv9n0ZCuhjg9908rUVH9/OjI3\n" - "AGVZcbN9Jac2ZO8NTxP5vS1hrG2wT9+sVRh1sD5ISZSM4gWdq9sK8d7j+SwOPBWY\n" - "3dcxQlfvWw2Dt876XYoyUZuKirmASVlMw+hkm1WXM7Svsw==\n" - "-----END CERTIFICATE-----\n"; +static char invalid_cert[] = /* v1 certificate with extensions */ + "-----BEGIN CERTIFICATE-----\n" + "MIIDHjCCAgYCDFQ7zlUDsihSxVF4mDANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQD\n" + "EwRDQS0wMCIYDzIwMTQxMDEzMTMwNjI5WhgPOTk5OTEyMzEyMzU5NTlaMBMxETAP\n" + "BgNVBAMTCHNlcnZlci0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA\n" + "zoG3/1YtwGHh/5u3ex6xAmwO0/H4gdIy/yiYLxqWcy+HzyMBBZHNXuV7W0z7x+Qo\n" + "qCGtenWkzIQSgeYKyzdcpPDscZIYOgwHWUFczxgVGdLsBKPSczgqMHpSCLgMgnDM\n" + "RaN6SNQeTQdftkLt5wdBSzNaxhhPYsCEbopSeZ8250FCLS3gRpoMtYCBiy7cjSJB\n" + "zv6zmZStXNgTYr8pLwI0nyxPyRdB+TZyqAC6r9W154y51vsqUCGmC0I9hn1A5kkD\n" + "5057x+Ho1kDwPxOfObdOR+AJSAw/FeGuStzViJY0I68B90sEo/HD+h7mB+CwJ2Yf\n" + "64/xVdh+D8L65eYkM9z88wIDAQABo3cwdTAMBgNVHRMBAf8EAjAAMBQGA1UdEQQN\n" + "MAuCCWxvY2FsaG9zdDAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBT7Gk/u95zI\n" + "JTM89CXJ70IxxqhegDAfBgNVHSMEGDAWgBQ9X77/zddjG9ob2zrR/WuGmxwFGDAN\n" + "BgkqhkiG9w0BAQsFAAOCAQEAaTrAcTkQ7yqf6afoTkFXZuZ+jJXYNGkubxs8Jo/z\n" + "srJk/WWVGAKuxiBDumk88Gjm+WXGyIDA7Hq9fhGaklJV2PGRfNVx9No51HXeAToT\n" + "sHs2XKhk9SdKKR4UJkuX3U2malMlCpmFMtm3EieDVZLxeukhODJQtRa3vGg8QWoz\n" + "ODlewHSmQiXhnqq52fLCbdVUaBnaRGOIwNZ0FcBWv9n0ZCuhjg9908rUVH9/OjI3\n" + "AGVZcbN9Jac2ZO8NTxP5vS1hrG2wT9+sVRh1sD5ISZSM4gWdq9sK8d7j+SwOPBWY\n" + "3dcxQlfvWw2Dt876XYoyUZuKirmASVlMw+hkm1WXM7Svsw==\n" + "-----END CERTIFICATE-----\n"; static char pem[] = - "-----BEGIN CERTIFICATE-----" - "MIIFdDCCBN2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBkzEVMBMGA1UEAxMMQ2lu" - "ZHkgTGF1cGVyMRcwFQYKCZImiZPyLGQBARMHY2xhdXBlcjERMA8GA1UECxMIQ0Eg" - "ZGVwdC4xEjAQBgNVBAoTCUtva28gaW5jLjEPMA0GA1UECBMGQXR0aWtpMQswCQYD" - "VQQGEwJHUjEcMBoGCSqGSIb3DQEJARYNbm9uZUBub25lLm9yZzAiGA8yMDA3MDQy" - "MTIyMDAwMFoYDzk5OTkxMjMxMjM1OTU5WjCBkzEVMBMGA1UEAxMMQ2luZHkgTGF1" - "cGVyMRcwFQYKCZImiZPyLGQBARMHY2xhdXBlcjERMA8GA1UECxMIQ0EgZGVwdC4x" - "EjAQBgNVBAoTCUtva28gaW5jLjEPMA0GA1UECBMGQXR0aWtpMQswCQYDVQQGEwJH" - "UjEcMBoGCSqGSIb3DQEJARYNbm9uZUBub25lLm9yZzCBnzANBgkqhkiG9w0BAQEF" - "AAOBjQAwgYkCgYEApcbOdUOEv2SeAicT8QNZ93ktku18L1CkA/EtebmGiwV+OrtE" - "qq+EzxOYHhxKOPczLXqfctRrbSawMTdwEPtC6didGGV+GUn8BZYEaIMed4a/7fXl" - "EjsT/jMYnBp6HWmvRwJgeh+56M/byDQwUZY9jJZcALxh3ggPsTYhf6kA4wUCAwEA" - "AaOCAtAwggLMMBIGA1UdEwEB/wQIMAYBAf8CAQQwagYDVR0RBGMwYYIMd3d3Lm5v" - "bmUub3JnghN3d3cubW9yZXRoYW5vbmUub3Jnghd3d3cuZXZlbm1vcmV0aGFub25l" - "Lm9yZ4cEwKgBAYENbm9uZUBub25lLm9yZ4EOd2hlcmVAbm9uZS5vcmcwgfcGA1Ud" - "IASB7zCB7DB3BgwrBgEEAapsAQpjAQAwZzAwBggrBgEFBQcCAjAkDCJUaGlzIGlz" - "IGEgbG9uZyBwb2xpY3kgdG8gc3VtbWFyaXplMDMGCCsGAQUFBwIBFidodHRwOi8v" - "d3d3LmV4YW1wbGUuY29tL2EtcG9saWN5LXRvLXJlYWQwcQYMKwYBBAGqbAEKYwEB" - "MGEwJAYIKwYBBQUHAgIwGAwWVGhpcyBpcyBhIHNob3J0IHBvbGljeTA5BggrBgEF" - "BQcCARYtaHR0cDovL3d3dy5leGFtcGxlLmNvbS9hbm90aGVyLXBvbGljeS10by1y" - "ZWFkMB0GA1UdJQQWMBQGCCsGAQUFBwMDBggrBgEFBQcDCTBYBgNVHR4BAf8ETjBM" - "oCQwDYILZXhhbXBsZS5jb20wE4ERbm1hdkBAZXhhbXBsZS5uZXShJDASghB0ZXN0" - "LmV4YW1wbGUuY29tMA6BDC5leGFtcGxlLmNvbTA2BggrBgEFBQcBAQQqMCgwJgYI" - "KwYBBQUHMAGGGmh0dHA6Ly9teS5vY3NwLnNlcnZlci9vY3NwMA8GA1UdDwEB/wQF" - "AwMHBgAwHQYDVR0OBBYEFF1ArfDOlECVi36ZlB2SVCLKcjZfMG8GA1UdHwRoMGYw" - "ZKBioGCGHmh0dHA6Ly93d3cuZ2V0Y3JsLmNybC9nZXRjcmwxL4YeaHR0cDovL3d3" - "dy5nZXRjcmwuY3JsL2dldGNybDIvhh5odHRwOi8vd3d3LmdldGNybC5jcmwvZ2V0" - "Y3JsMy8wDQYJKoZIhvcNAQELBQADgYEAdacOt4/Vgc9Y3pSkik3HBifDeK2OtiW0" - "BZ7xOXqXtL8Uwx6wx/DybZsUbzuR55GLUROYAc3cio5M/0pTwjqmmQ8vuHIt2p8A" - "2fegFcBbNLX38XxACQh4TDAT/4ftPwOtEol4UR4ItZ1d7faDzDXNpmGE+sp5s6ii" - "3cIIpInMKE8=" "-----END CERTIFICATE-----"; + "-----BEGIN CERTIFICATE-----" + "MIIFdDCCBN2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBkzEVMBMGA1UEAxMMQ2lu" + "ZHkgTGF1cGVyMRcwFQYKCZImiZPyLGQBARMHY2xhdXBlcjERMA8GA1UECxMIQ0Eg" + "ZGVwdC4xEjAQBgNVBAoTCUtva28gaW5jLjEPMA0GA1UECBMGQXR0aWtpMQswCQYD" + "VQQGEwJHUjEcMBoGCSqGSIb3DQEJARYNbm9uZUBub25lLm9yZzAiGA8yMDA3MDQy" + "MTIyMDAwMFoYDzk5OTkxMjMxMjM1OTU5WjCBkzEVMBMGA1UEAxMMQ2luZHkgTGF1" + "cGVyMRcwFQYKCZImiZPyLGQBARMHY2xhdXBlcjERMA8GA1UECxMIQ0EgZGVwdC4x" + "EjAQBgNVBAoTCUtva28gaW5jLjEPMA0GA1UECBMGQXR0aWtpMQswCQYDVQQGEwJH" + "UjEcMBoGCSqGSIb3DQEJARYNbm9uZUBub25lLm9yZzCBnzANBgkqhkiG9w0BAQEF" + "AAOBjQAwgYkCgYEApcbOdUOEv2SeAicT8QNZ93ktku18L1CkA/EtebmGiwV+OrtE" + "qq+EzxOYHhxKOPczLXqfctRrbSawMTdwEPtC6didGGV+GUn8BZYEaIMed4a/7fXl" + "EjsT/jMYnBp6HWmvRwJgeh+56M/byDQwUZY9jJZcALxh3ggPsTYhf6kA4wUCAwEA" + "AaOCAtAwggLMMBIGA1UdEwEB/wQIMAYBAf8CAQQwagYDVR0RBGMwYYIMd3d3Lm5v" + "bmUub3JnghN3d3cubW9yZXRoYW5vbmUub3Jnghd3d3cuZXZlbm1vcmV0aGFub25l" + "Lm9yZ4cEwKgBAYENbm9uZUBub25lLm9yZ4EOd2hlcmVAbm9uZS5vcmcwgfcGA1Ud" + "IASB7zCB7DB3BgwrBgEEAapsAQpjAQAwZzAwBggrBgEFBQcCAjAkDCJUaGlzIGlz" + "IGEgbG9uZyBwb2xpY3kgdG8gc3VtbWFyaXplMDMGCCsGAQUFBwIBFidodHRwOi8v" + "d3d3LmV4YW1wbGUuY29tL2EtcG9saWN5LXRvLXJlYWQwcQYMKwYBBAGqbAEKYwEB" + "MGEwJAYIKwYBBQUHAgIwGAwWVGhpcyBpcyBhIHNob3J0IHBvbGljeTA5BggrBgEF" + "BQcCARYtaHR0cDovL3d3dy5leGFtcGxlLmNvbS9hbm90aGVyLXBvbGljeS10by1y" + "ZWFkMB0GA1UdJQQWMBQGCCsGAQUFBwMDBggrBgEFBQcDCTBYBgNVHR4BAf8ETjBM" + "oCQwDYILZXhhbXBsZS5jb20wE4ERbm1hdkBAZXhhbXBsZS5uZXShJDASghB0ZXN0" + "LmV4YW1wbGUuY29tMA6BDC5leGFtcGxlLmNvbTA2BggrBgEFBQcBAQQqMCgwJgYI" + "KwYBBQUHMAGGGmh0dHA6Ly9teS5vY3NwLnNlcnZlci9vY3NwMA8GA1UdDwEB/wQF" + "AwMHBgAwHQYDVR0OBBYEFF1ArfDOlECVi36ZlB2SVCLKcjZfMG8GA1UdHwRoMGYw" + "ZKBioGCGHmh0dHA6Ly93d3cuZ2V0Y3JsLmNybC9nZXRjcmwxL4YeaHR0cDovL3d3" + "dy5nZXRjcmwuY3JsL2dldGNybDIvhh5odHRwOi8vd3d3LmdldGNybC5jcmwvZ2V0" + "Y3JsMy8wDQYJKoZIhvcNAQELBQADgYEAdacOt4/Vgc9Y3pSkik3HBifDeK2OtiW0" + "BZ7xOXqXtL8Uwx6wx/DybZsUbzuR55GLUROYAc3cio5M/0pTwjqmmQ8vuHIt2p8A" + "2fegFcBbNLX38XxACQh4TDAT/4ftPwOtEol4UR4ItZ1d7faDzDXNpmGE+sp5s6ii" + "3cIIpInMKE8=" + "-----END CERTIFICATE-----"; #define MAX_DATA_SIZE 1024 -typedef int (*ext_parse_func)(const gnutls_datum_t * der); +typedef int (*ext_parse_func)(const gnutls_datum_t *der); struct ext_handler_st { const char *oid; @@ -93,12 +94,12 @@ struct ext_handler_st { unsigned critical; }; -static int basic_constraints(const gnutls_datum_t * der) +static int basic_constraints(const gnutls_datum_t *der) { int ret, pathlen; unsigned ca; -/* + /* Basic Constraints (critical): Certificate Authority (CA): TRUE Path Length Constraint: 4 @@ -122,8 +123,8 @@ static int basic_constraints(const gnutls_datum_t * der) return 0; } -static int cmp_name(unsigned type, gnutls_datum_t * name, - unsigned expected_type, const char *expected_name) +static int cmp_name(unsigned type, gnutls_datum_t *name, unsigned expected_type, + const char *expected_name) { if (type != expected_type) { fprintf(stderr, "error in %d\n", __LINE__); @@ -142,7 +143,7 @@ static int cmp_name(unsigned type, gnutls_datum_t * name, return 0; } -static int subject_alt_name(const gnutls_datum_t * der) +static int subject_alt_name(const gnutls_datum_t *der) { int ret; gnutls_subject_alt_names_t san; @@ -168,7 +169,7 @@ static int subject_alt_name(const gnutls_datum_t * der) return ret; } -/* + /* Subject Alternative Name (not critical): DNSname: www.none.org DNSname: www.morethanone.org @@ -199,9 +200,8 @@ static int subject_alt_name(const gnutls_datum_t * der) fprintf(stderr, "error in %d\n", __LINE__); return ret; } - ret = - cmp_name(type, &name, GNUTLS_SAN_DNSNAME, - "www.evenmorethanone.org"); + ret = cmp_name(type, &name, GNUTLS_SAN_DNSNAME, + "www.evenmorethanone.org"); if (ret < 0) { fprintf(stderr, "error in %d\n", __LINE__); return ret; @@ -250,9 +250,9 @@ static int subject_alt_name(const gnutls_datum_t * der) return 0; } -static int ext_key_usage(const gnutls_datum_t * der) +static int ext_key_usage(const gnutls_datum_t *der) { -/* + /* Key Purpose (not critical): OCSP signing. */ @@ -308,7 +308,7 @@ static int ext_key_usage(const gnutls_datum_t * der) return 0; } -static int crt_policies(const gnutls_datum_t * der) +static int crt_policies(const gnutls_datum_t *der) { int ret; gnutls_x509_policies_t policies; @@ -332,7 +332,7 @@ static int crt_policies(const gnutls_datum_t * der) fprintf(stderr, "error in %d\n", __LINE__); return ret; } -/* + /* Certificate Policies (not critical): 1.3.6.1.4.1.5484.1.10.99.1.0 Note: This is a long policy to summarize @@ -341,8 +341,8 @@ static int crt_policies(const gnutls_datum_t * der) Note: This is a short policy URI: http://www.example.com/another-policy-to-read */ - if (strcmp(policy.oid, "1.3.6.1.4.1.5484.1.10.99.1.0") != 0 - || policy.qualifiers != 2) { + if (strcmp(policy.oid, "1.3.6.1.4.1.5484.1.10.99.1.0") != 0 || + policy.qualifiers != 2) { fprintf(stderr, "error in %d\n", __LINE__); return -1; } @@ -355,9 +355,9 @@ static int crt_policies(const gnutls_datum_t * der) if (policy.qualifier[1].type != GNUTLS_X509_QUALIFIER_URI || policy.qualifier[1].size != - strlen("http://www.example.com/a-policy-to-read") - || strcmp("http://www.example.com/a-policy-to-read", - policy.qualifier[1].data) != 0) { + strlen("http://www.example.com/a-policy-to-read") || + strcmp("http://www.example.com/a-policy-to-read", + policy.qualifier[1].data) != 0) { fprintf(stderr, "error in %d\n", __LINE__); return -1; } @@ -368,8 +368,8 @@ static int crt_policies(const gnutls_datum_t * der) fprintf(stderr, "error in %d\n", __LINE__); return ret; } - if (strcmp(policy.oid, "1.3.6.1.4.1.5484.1.10.99.1.1") != 0 - || policy.qualifiers != 2) { + if (strcmp(policy.oid, "1.3.6.1.4.1.5484.1.10.99.1.1") != 0 || + policy.qualifiers != 2) { fprintf(stderr, "error in %d\n", __LINE__); return -1; } @@ -382,9 +382,9 @@ static int crt_policies(const gnutls_datum_t * der) if (policy.qualifier[1].type != GNUTLS_X509_QUALIFIER_URI || policy.qualifier[1].size != - strlen("http://www.example.com/another-policy-to-read") - || strcmp("http://www.example.com/another-policy-to-read", - policy.qualifier[1].data) != 0) { + strlen("http://www.example.com/another-policy-to-read") || + strcmp("http://www.example.com/another-policy-to-read", + policy.qualifier[1].data) != 0) { fprintf(stderr, "error in %d\n", __LINE__); return -1; } @@ -400,9 +400,9 @@ static int crt_policies(const gnutls_datum_t * der) return 0; } -static int key_usage(const gnutls_datum_t * der) +static int key_usage(const gnutls_datum_t *der) { -/* + /* Key Usage (critical): Certificate signing. */ @@ -423,9 +423,9 @@ static int key_usage(const gnutls_datum_t * der) return 0; } -static int subject_key_id(const gnutls_datum_t * der) +static int subject_key_id(const gnutls_datum_t *der) { -/* + /* Subject Key Identifier (not critical): 5d40adf0ce9440958b7e99941d925422ca72365f */ @@ -450,7 +450,7 @@ static int subject_key_id(const gnutls_datum_t * der) return 0; } -static int crl_dist_points(const gnutls_datum_t * der) +static int crl_dist_points(const gnutls_datum_t *der) { int ret; gnutls_x509_crl_dist_points_t dp = NULL; @@ -459,7 +459,7 @@ static int crl_dist_points(const gnutls_datum_t * der) gnutls_datum_t url; unsigned type; -/* + /* CRL Distribution points (not critical): URI: http://www.getcrl.crl/getcrl1/ URI: http://www.getcrl.crl/getcrl2/ @@ -525,7 +525,7 @@ static int crl_dist_points(const gnutls_datum_t * der) return 0; } -static int name_constraints(const gnutls_datum_t * der) +static int name_constraints(const gnutls_datum_t *der) { int ret; gnutls_x509_name_constraints_t nc = NULL; @@ -533,7 +533,7 @@ static int name_constraints(const gnutls_datum_t * der) gnutls_datum_t name; unsigned type; -/* + /* Name Constraints (critical): Permitted: DNSname: example.com @@ -621,7 +621,7 @@ static int name_constraints(const gnutls_datum_t * der) return 0; } -static int ext_aia(const gnutls_datum_t * der) +static int ext_aia(const gnutls_datum_t *der) { int ret; gnutls_x509_aia_t aia = NULL; @@ -630,7 +630,7 @@ static int ext_aia(const gnutls_datum_t * der) gnutls_datum_t name; unsigned type; -/* Authority Information Access (not critical): + /* Authority Information Access (not critical): Access Method: 1.3.6.1.5.5.7.48.1 (id-ad-ocsp) Access Location URI: http://my.ocsp.server/ocsp */ @@ -675,24 +675,24 @@ static int ext_aia(const gnutls_datum_t * der) } struct ext_handler_st handlers[] = { - {GNUTLS_X509EXT_OID_BASIC_CONSTRAINTS, basic_constraints, 1}, - {GNUTLS_X509EXT_OID_SAN, subject_alt_name, 0}, - {GNUTLS_X509EXT_OID_CRT_POLICY, crt_policies, 0}, - {GNUTLS_X509EXT_OID_EXTENDED_KEY_USAGE, ext_key_usage, 0}, - {GNUTLS_X509EXT_OID_KEY_USAGE, key_usage, 1}, - {GNUTLS_X509EXT_OID_SUBJECT_KEY_ID, subject_key_id, 0}, - {GNUTLS_X509EXT_OID_CRL_DIST_POINTS, crl_dist_points, 0}, - {GNUTLS_X509EXT_OID_NAME_CONSTRAINTS, name_constraints, 1}, - {GNUTLS_X509EXT_OID_AUTHORITY_INFO_ACCESS, ext_aia, 0}, - {NULL, NULL} + { GNUTLS_X509EXT_OID_BASIC_CONSTRAINTS, basic_constraints, 1 }, + { GNUTLS_X509EXT_OID_SAN, subject_alt_name, 0 }, + { GNUTLS_X509EXT_OID_CRT_POLICY, crt_policies, 0 }, + { GNUTLS_X509EXT_OID_EXTENDED_KEY_USAGE, ext_key_usage, 0 }, + { GNUTLS_X509EXT_OID_KEY_USAGE, key_usage, 1 }, + { GNUTLS_X509EXT_OID_SUBJECT_KEY_ID, subject_key_id, 0 }, + { GNUTLS_X509EXT_OID_CRL_DIST_POINTS, crl_dist_points, 0 }, + { GNUTLS_X509EXT_OID_NAME_CONSTRAINTS, name_constraints, 1 }, + { GNUTLS_X509EXT_OID_AUTHORITY_INFO_ACCESS, ext_aia, 0 }, + { NULL, NULL } }; void doit(void) { int ret; gnutls_datum_t derCert = { (void *)pem, sizeof(pem) - 1 }; - gnutls_datum_t v1Cert = - { (void *)invalid_cert, sizeof(invalid_cert) - 1 }; + gnutls_datum_t v1Cert = { (void *)invalid_cert, + sizeof(invalid_cert) - 1 }; gnutls_x509_crt_t cert; size_t oid_len = MAX_DATA_SIZE; gnutls_datum_t ext; @@ -710,7 +710,8 @@ void doit(void) ret = gnutls_x509_crt_import(cert, &v1Cert, GNUTLS_X509_FMT_PEM); if (ret >= 0) - fail("crt_import of v1 cert with extensions should have failed: %d\n", ret); + fail("crt_import of v1 cert with extensions should have failed: %d\n", + ret); gnutls_x509_crt_deinit(cert); ret = gnutls_x509_crt_init(&cert); @@ -723,9 +724,8 @@ void doit(void) for (i = 0;; i++) { oid_len = sizeof(oid); - ret = - gnutls_x509_crt_get_extension_info(cert, i, oid, &oid_len, - &critical); + ret = gnutls_x509_crt_get_extension_info(cert, i, oid, &oid_len, + &critical); if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { if (i != 9) { fail("unexpected number of extensions: %d\n", @@ -748,7 +748,8 @@ void doit(void) /* find the handler for this extension and run it */ for (j = 0;; j++) { if (handlers[j].oid == NULL) { - fail("could not find handler for extension %s\n", oid); + fail("could not find handler for extension %s\n", + oid); break; } diff --git a/tests/x509-server-verify.c b/tests/x509-server-verify.c index b2685e114d..61f2bb2b06 100644 --- a/tests/x509-server-verify.c +++ b/tests/x509-server-verify.c @@ -21,7 +21,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -69,19 +69,15 @@ static void start(const char *prio) gnutls_global_set_log_level(2); assert(gnutls_certificate_allocate_credentials(&serverx509cred) >= 0); - ret = - gnutls_certificate_set_x509_key_mem2(serverx509cred, - &server_ca3_localhost6_cert, - &server_ca3_key, - GNUTLS_X509_FMT_PEM, NULL, 0); + ret = gnutls_certificate_set_x509_key_mem2( + serverx509cred, &server_ca3_localhost6_cert, &server_ca3_key, + GNUTLS_X509_FMT_PEM, NULL, 0); assert(ret >= 0); index1 = ret; - ret = - gnutls_certificate_set_ocsp_status_request_mem(serverx509cred, - &ocsp_ca3_localhost6_unknown_pem, - index1, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_ocsp_status_request_mem( + serverx509cred, &ocsp_ca3_localhost6_unknown_pem, index1, + GNUTLS_X509_FMT_PEM); assert(ret >= 0); assert(gnutls_init(&server, GNUTLS_SERVER) >= 0); @@ -96,19 +92,15 @@ static void start(const char *prio) assert(gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca3_cert, GNUTLS_X509_FMT_PEM) >= 0); - ret = - gnutls_certificate_set_x509_key_mem2(clientx509cred, - &cli_ca3_cert_chain, - &cli_ca3_key, - GNUTLS_X509_FMT_PEM, NULL, 0); + ret = gnutls_certificate_set_x509_key_mem2( + clientx509cred, &cli_ca3_cert_chain, &cli_ca3_key, + GNUTLS_X509_FMT_PEM, NULL, 0); assert(ret >= 0); index1 = ret; - ret = - gnutls_certificate_set_ocsp_status_request_mem(clientx509cred, - &ocsp_cli_ca3_good_pem, - index1, - GNUTLS_X509_FMT_PEM); + ret = gnutls_certificate_set_ocsp_status_request_mem( + clientx509cred, &ocsp_cli_ca3_good_pem, index1, + GNUTLS_X509_FMT_PEM); assert(ret >= 0); assert(gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca3_cert, @@ -139,8 +131,9 @@ static void start(const char *prio) if (status == 0) fail("No CAs present but succeeded!\n"); - assert(gnutls_certificate_set_x509_trust_mem - (serverx509cred, &ca3_cert, GNUTLS_X509_FMT_PEM) >= 0); + assert(gnutls_certificate_set_x509_trust_mem( + serverx509cred, &ca3_cert, + GNUTLS_X509_FMT_PEM) >= 0); ret = gnutls_certificate_verify_peers2(server, &status); if (ret < 0) { @@ -153,17 +146,15 @@ static void start(const char *prio) /* under TLS1.3 the client can send OCSP responses too */ if (gnutls_protocol_get_version(server) == GNUTLS_TLS1_3) { - ret = - gnutls_ocsp_status_request_is_checked(server, - GNUTLS_OCSP_SR_IS_AVAIL); + ret = gnutls_ocsp_status_request_is_checked( + server, GNUTLS_OCSP_SR_IS_AVAIL); assert(ret >= 0); ret = gnutls_ocsp_status_request_is_checked(server, 0); assert(ret >= 0); } else { - ret = - gnutls_ocsp_status_request_is_checked(server, - GNUTLS_OCSP_SR_IS_AVAIL); + ret = gnutls_ocsp_status_request_is_checked( + server, GNUTLS_OCSP_SR_IS_AVAIL); assert(ret == 0); ret = gnutls_ocsp_status_request_is_checked(server, 0); diff --git a/tests/x509-upnconstraint.c b/tests/x509-upnconstraint.c index 24f0078667..61ec078105 100644 --- a/tests/x509-upnconstraint.c +++ b/tests/x509-upnconstraint.c @@ -39,64 +39,64 @@ void verify_non_upn_leaf(gnutls_x509_name_constraints_t); static const char _domaincontroller[] = { "-----BEGIN CERTIFICATE-----\n" - "MIIEqTCCA5GgAwIBAgITQAAAAAPX0eQxgcZpHAAAAAAAAzANBgkqhkiG9w0BAQsF\n" - "ADA0MRUwEwYDVQQKEwxFeGFtcGxlIEluYy4xGzAZBgNVBAMTEkV4YW1wbGUgQ29y\n" - "cCBBRCBDQTAeFw0yMjA0MTIxNjUzMTFaFw0yNzA0MTExNjUzMTFaMCIxIDAeBgNV\n" - "BAMTF2V4YW1wbGVkYzAxLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC\n" - "AQ8AMIIBCgKCAQEAtnYFOqZas9U9GX87w2bvyQh6l3fWJ83JHEHAwP11j9dQu/sa\n" - "qgMYr/OqH+5tCvsDLt9sI35RCuF+6San3P1m56G+iYaawE46UrbHSYC4PyhinOXx\n" - "X3xXzaxjTDYhz46Fvfmoqa732zPYG3QQplPsjQbRx96iXOSkdWt8g4mbTJ/eyYdG\n" - "uXt1mlvL+USz5b39trOgSgTC60cdneBrQsBh7o80rHvaprvjTY5mHS7JNHcsr9Hs\n" - "xjOOq9t3LdWehXYshINZ6ChxaHipbBUF+0CTvwJW8wvQtSV6MYDl+cbS/47OwJG0\n" - "OXJxFVQofJWNi4/IrTC42d3fyEWA2ZnP898GeQIDAQABo4IBxDCCAcAwPQYJKwYB\n" - "BAGCNxUHBDAwLgYmKwYBBAGCNxUIg/iOToSq0GWEhZMhhZ3KIoKY1VocgufIbYTY\n" - "+3sCAWQCAQIwMgYDVR0lBCswKQYHKwYBBQIDBQYKKwYBBAGCNxQCAgYIKwYBBQUH\n" - "AwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDBABgkrBgEEAYI3FQoEMzAxMAkG\n" - "BysGAQUCAwUwDAYKKwYBBAGCNxQCAjAKBggrBgEFBQcDATAKBggrBgEFBQcDAjAd\n" - "BgNVHQ4EFgQUjaBu4CsVk5gng+ACWTSqsj1gmVQwNAYDVR0RBC0wK4IXZXhhbXBs\n" - "ZWRjMDEuZXhhbXBsZS5jb22CEGxkYXAuZXhhbXBsZS5jb20wHwYDVR0jBBgwFoAU\n" - "aRL34OyTRJUSVVfxMiMjBFHk/WowOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL3Br\n" - "aS5leGFtcGxlLmNvbS9jZHAvRXhhbXBsZUFEQ0EuY3JsMEYGCCsGAQUFBwEBBDow\n" - "ODA2BggrBgEFBQcwAoYqaHR0cDovL3BraS5leGFtcGxlLmNvbS9haWEvRXhhbXBs\n" - "ZUFEQ0EuY2VyMA0GCSqGSIb3DQEBCwUAA4IBAQCKr0WQYujcyUOUZp63i27dMihf\n" - "z+WKd2G+dyGzmNTabFlZSfquFo+MWmSM04UOEYS45tyFZhWEXXaz4OfilelKy5XI\n" - "tiZRGDvzNzxfb7GQSWDO1mxLHW2yEH+1Cyu/Km0PRhDl1Vy0DFyrdGh/w7qTM7eG\n" - "BjD0bBtk9/M58IYlnzx7CM53CRGhPHUygontN1vbWf42gDdu+5d+tnls86gTzuRs\n" - "su4BReayHU9aFqorWhvxCQhgnLx98Ei2BsJe5nbSzjVA5ZhPcL9WDC76aDPEDaZg\n" - "GnNu9kZJV/UrCaulu0COhJfNocd/LWXZbUStUCenRX01GHCP+4mNmPLJkVh2\n" - "-----END CERTIFICATE-----" + "MIIEqTCCA5GgAwIBAgITQAAAAAPX0eQxgcZpHAAAAAAAAzANBgkqhkiG9w0BAQsF\n" + "ADA0MRUwEwYDVQQKEwxFeGFtcGxlIEluYy4xGzAZBgNVBAMTEkV4YW1wbGUgQ29y\n" + "cCBBRCBDQTAeFw0yMjA0MTIxNjUzMTFaFw0yNzA0MTExNjUzMTFaMCIxIDAeBgNV\n" + "BAMTF2V4YW1wbGVkYzAxLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC\n" + "AQ8AMIIBCgKCAQEAtnYFOqZas9U9GX87w2bvyQh6l3fWJ83JHEHAwP11j9dQu/sa\n" + "qgMYr/OqH+5tCvsDLt9sI35RCuF+6San3P1m56G+iYaawE46UrbHSYC4PyhinOXx\n" + "X3xXzaxjTDYhz46Fvfmoqa732zPYG3QQplPsjQbRx96iXOSkdWt8g4mbTJ/eyYdG\n" + "uXt1mlvL+USz5b39trOgSgTC60cdneBrQsBh7o80rHvaprvjTY5mHS7JNHcsr9Hs\n" + "xjOOq9t3LdWehXYshINZ6ChxaHipbBUF+0CTvwJW8wvQtSV6MYDl+cbS/47OwJG0\n" + "OXJxFVQofJWNi4/IrTC42d3fyEWA2ZnP898GeQIDAQABo4IBxDCCAcAwPQYJKwYB\n" + "BAGCNxUHBDAwLgYmKwYBBAGCNxUIg/iOToSq0GWEhZMhhZ3KIoKY1VocgufIbYTY\n" + "+3sCAWQCAQIwMgYDVR0lBCswKQYHKwYBBQIDBQYKKwYBBAGCNxQCAgYIKwYBBQUH\n" + "AwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDBABgkrBgEEAYI3FQoEMzAxMAkG\n" + "BysGAQUCAwUwDAYKKwYBBAGCNxQCAjAKBggrBgEFBQcDATAKBggrBgEFBQcDAjAd\n" + "BgNVHQ4EFgQUjaBu4CsVk5gng+ACWTSqsj1gmVQwNAYDVR0RBC0wK4IXZXhhbXBs\n" + "ZWRjMDEuZXhhbXBsZS5jb22CEGxkYXAuZXhhbXBsZS5jb20wHwYDVR0jBBgwFoAU\n" + "aRL34OyTRJUSVVfxMiMjBFHk/WowOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL3Br\n" + "aS5leGFtcGxlLmNvbS9jZHAvRXhhbXBsZUFEQ0EuY3JsMEYGCCsGAQUFBwEBBDow\n" + "ODA2BggrBgEFBQcwAoYqaHR0cDovL3BraS5leGFtcGxlLmNvbS9haWEvRXhhbXBs\n" + "ZUFEQ0EuY2VyMA0GCSqGSIb3DQEBCwUAA4IBAQCKr0WQYujcyUOUZp63i27dMihf\n" + "z+WKd2G+dyGzmNTabFlZSfquFo+MWmSM04UOEYS45tyFZhWEXXaz4OfilelKy5XI\n" + "tiZRGDvzNzxfb7GQSWDO1mxLHW2yEH+1Cyu/Km0PRhDl1Vy0DFyrdGh/w7qTM7eG\n" + "BjD0bBtk9/M58IYlnzx7CM53CRGhPHUygontN1vbWf42gDdu+5d+tnls86gTzuRs\n" + "su4BReayHU9aFqorWhvxCQhgnLx98Ei2BsJe5nbSzjVA5ZhPcL9WDC76aDPEDaZg\n" + "GnNu9kZJV/UrCaulu0COhJfNocd/LWXZbUStUCenRX01GHCP+4mNmPLJkVh2\n" + "-----END CERTIFICATE-----" }; static const char _issuingca[] = { -/* The intermediate CA with name constraints */ + /* The intermediate CA with name constraints */ "-----BEGIN CERTIFICATE-----\n" - "MIIE0jCCA7qgAwIBAgITLgAAAAK9f34egj9VJAAAAAAAAjANBgkqhkiG9w0BAQsF\n" - "ADA2MRUwEwYDVQQKEwxFeGFtcGxlIEluYy4xHTAbBgNVBAMTFEV4YW1wbGUgQ29y\n" - "cCBSb290IENBMCAXDTIyMDQxMjE2Mzk0M1oYDzIwNjcwNDEyMTY0OTQzWjA0MRUw\n" - "EwYDVQQKEwxFeGFtcGxlIEluYy4xGzAZBgNVBAMTEkV4YW1wbGUgQ29ycCBBRCBD\n" - "QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALs2TqehwJfMyrU77MRv\n" - "4jgwgnsruZMexMGwT6A5oxdjKNhyXnsdiYiH3nFEgrHSCOAxgoCDJYlDLn0jZYdS\n" - "3j7hMrhzAwHzwUgTrruHaTZ2tShxbfvUAGuuOroSVB4+XzS22RKdgh7g1cv3scWI\n" - "62M2vfV8iBpehD5xhmqfu2Z9ChNTR32HLHdFdsMFuS+t0Zktszk1qE9AClFa7ttr\n" - "VKgOyEmjgXlhX/Qld4zgCvxvI/jMPbEKrU2ZFeRV160vGaraAVjF0Oxe9TFH9fLZ\n" - "E+ERghmfdzzbNOXikgExrsveALNRsbTyIhKmEDRGMN/y12htghHvBamwGDt/gj9q\n" - "3fECAwEAAaOCAdcwggHTMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRpEvfg\n" - "7JNElRJVV/EyIyMEUeT9ajAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNV\n" - "HQ8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBQlQb5lkuye\n" - "IfoJIi/ctatOBUANSDA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vcGtpLmV4YW1w\n" - "bGUuY29tL2NkcC9FeGFtcGxlUm9vdC5jcmwwggEEBgNVHR4BAf8EgfkwgfagajAN\n" - "ggtleGFtcGxlLmNvbTAOggwuZXhhbXBsZS5jb20wCYIHRVhBTVBMRTAeoBwGCisG\n" - "AQQBgjcUAgOgDgwMQGV4YW1wbGUuY29tMB6gHAYKKwYBBAGCNxQCA6AODAwuZXhh\n" - "bXBsZS5jb22hgYcwF4IVc3ViZG9tYWluLmV4YW1wbGUuY29tMBiCFi5zdWJkb21h\n" - "aW4uZXhhbXBsZS5jb20wKKAmBgorBgEEAYI3FAIDoBgMFkBzdWJkb21haW4uZXhh\n" - "bXBsZS5jb20wKKAmBgorBgEEAYI3FAIDoBgMFi5zdWJkb21haW4uZXhhbXBsZS5j\n" - "b20wDQYJKoZIhvcNAQELBQADggEBAG+gD/ZNEaoukBt/U+7tGOwx5bTAdNChYZEU\n" - "Wzt5XoJ0ZgClfgtKk/hmDxPsUEVOzaYEtUrj8V0qJun5YwEzZsZbHAkbkTOcQ2tC\n" - "5Jv7czs0IYrSCJIgz7PdNSxTaXyCpipzUvSdZxQj3Bjj+MiYiReEwxhAb6bI/D8h\n" - "HXk9T5iHiw9f7P6ZTBvx5keUjAePO8sc0CtefOIH+tyRY1oEHAzMSDzqhpeZDAtM\n" - "N93KZkhnx/kmQhqLXhrck9Ubozw++e2iP83bTojTFSodRiKWPtUKOHAlPvIWQURc\n" - "YP0dQUsv1tMnNjJgA7COp1+mmqfEUVQqmBwRbJ26ve2iwS/SAgI=\n" - "-----END CERTIFICATE-----" + "MIIE0jCCA7qgAwIBAgITLgAAAAK9f34egj9VJAAAAAAAAjANBgkqhkiG9w0BAQsF\n" + "ADA2MRUwEwYDVQQKEwxFeGFtcGxlIEluYy4xHTAbBgNVBAMTFEV4YW1wbGUgQ29y\n" + "cCBSb290IENBMCAXDTIyMDQxMjE2Mzk0M1oYDzIwNjcwNDEyMTY0OTQzWjA0MRUw\n" + "EwYDVQQKEwxFeGFtcGxlIEluYy4xGzAZBgNVBAMTEkV4YW1wbGUgQ29ycCBBRCBD\n" + "QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALs2TqehwJfMyrU77MRv\n" + "4jgwgnsruZMexMGwT6A5oxdjKNhyXnsdiYiH3nFEgrHSCOAxgoCDJYlDLn0jZYdS\n" + "3j7hMrhzAwHzwUgTrruHaTZ2tShxbfvUAGuuOroSVB4+XzS22RKdgh7g1cv3scWI\n" + "62M2vfV8iBpehD5xhmqfu2Z9ChNTR32HLHdFdsMFuS+t0Zktszk1qE9AClFa7ttr\n" + "VKgOyEmjgXlhX/Qld4zgCvxvI/jMPbEKrU2ZFeRV160vGaraAVjF0Oxe9TFH9fLZ\n" + "E+ERghmfdzzbNOXikgExrsveALNRsbTyIhKmEDRGMN/y12htghHvBamwGDt/gj9q\n" + "3fECAwEAAaOCAdcwggHTMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRpEvfg\n" + "7JNElRJVV/EyIyMEUeT9ajAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNV\n" + "HQ8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBQlQb5lkuye\n" + "IfoJIi/ctatOBUANSDA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vcGtpLmV4YW1w\n" + "bGUuY29tL2NkcC9FeGFtcGxlUm9vdC5jcmwwggEEBgNVHR4BAf8EgfkwgfagajAN\n" + "ggtleGFtcGxlLmNvbTAOggwuZXhhbXBsZS5jb20wCYIHRVhBTVBMRTAeoBwGCisG\n" + "AQQBgjcUAgOgDgwMQGV4YW1wbGUuY29tMB6gHAYKKwYBBAGCNxQCA6AODAwuZXhh\n" + "bXBsZS5jb22hgYcwF4IVc3ViZG9tYWluLmV4YW1wbGUuY29tMBiCFi5zdWJkb21h\n" + "aW4uZXhhbXBsZS5jb20wKKAmBgorBgEEAYI3FAIDoBgMFkBzdWJkb21haW4uZXhh\n" + "bXBsZS5jb20wKKAmBgorBgEEAYI3FAIDoBgMFi5zdWJkb21haW4uZXhhbXBsZS5j\n" + "b20wDQYJKoZIhvcNAQELBQADggEBAG+gD/ZNEaoukBt/U+7tGOwx5bTAdNChYZEU\n" + "Wzt5XoJ0ZgClfgtKk/hmDxPsUEVOzaYEtUrj8V0qJun5YwEzZsZbHAkbkTOcQ2tC\n" + "5Jv7czs0IYrSCJIgz7PdNSxTaXyCpipzUvSdZxQj3Bjj+MiYiReEwxhAb6bI/D8h\n" + "HXk9T5iHiw9f7P6ZTBvx5keUjAePO8sc0CtefOIH+tyRY1oEHAzMSDzqhpeZDAtM\n" + "N93KZkhnx/kmQhqLXhrck9Ubozw++e2iP83bTojTFSodRiKWPtUKOHAlPvIWQURc\n" + "YP0dQUsv1tMnNjJgA7COp1+mmqfEUVQqmBwRbJ26ve2iwS/SAgI=\n" + "-----END CERTIFICATE-----" }; const unsigned char example3[] = "@example.com"; @@ -118,13 +118,15 @@ void verify_upn_constraints(gnutls_x509_name_constraints_t name_constraints) } if (type != GNUTLS_SAN_OTHERNAME_MSUSERPRINCIPAL) { - fail("Error permitted constraint 3 is not UPN line: %d Found: %u\n", __LINE__, type); + fail("Error permitted constraint 3 is not UPN line: %d Found: %u\n", + __LINE__, type); exit(1); } if ((constraint.size != sizeof(example3) - 1) || memcmp(constraint.data, example3, sizeof(example3) - 1) != 0) { - fail("Error permitted constraint 3 was %s expected %s line: %d\n", constraint.data, example3, __LINE__); + fail("Error permitted constraint 3 was %s expected %s line: %d\n", + constraint.data, example3, __LINE__); exit(1); } @@ -137,13 +139,15 @@ void verify_upn_constraints(gnutls_x509_name_constraints_t name_constraints) } if (type != GNUTLS_SAN_OTHERNAME_MSUSERPRINCIPAL) { - fail("Error permitted constraint 4 is not UPN line: %d Found: %u\n", __LINE__, type); + fail("Error permitted constraint 4 is not UPN line: %d Found: %u\n", + __LINE__, type); exit(1); } if ((constraint.size != sizeof(example4) - 1) || memcmp(constraint.data, example4, sizeof(example4) - 1) != 0) { - fail("Error permitted constraint 4 was %s expected %s line: %d\n", constraint.data, example4, __LINE__); + fail("Error permitted constraint 4 was %s expected %s line: %d\n", + constraint.data, example4, __LINE__); exit(1); } @@ -156,13 +160,15 @@ void verify_upn_constraints(gnutls_x509_name_constraints_t name_constraints) } if (type != GNUTLS_SAN_OTHERNAME_MSUSERPRINCIPAL) { - fail("Error excluded constraint 2 is not UPN line: %d Found %u\n", __LINE__, type); + fail("Error excluded constraint 2 is not UPN line: %d Found %u\n", + __LINE__, type); exit(1); } if ((constraint.size != sizeof(subdomain2) - 1) || memcmp(constraint.data, subdomain2, sizeof(subdomain2) - 1) != 0) { - fail("Error excluded constraint 2 was %s expected %s line: %d\n", constraint.data, subdomain2, __LINE__); + fail("Error excluded constraint 2 was %s expected %s line: %d\n", + constraint.data, subdomain2, __LINE__); exit(1); } @@ -175,13 +181,15 @@ void verify_upn_constraints(gnutls_x509_name_constraints_t name_constraints) } if (type != GNUTLS_SAN_OTHERNAME_MSUSERPRINCIPAL) { - fail("Error excluded constraint 3 is not UPN line: %d Found %u\n", __LINE__, type); + fail("Error excluded constraint 3 is not UPN line: %d Found %u\n", + __LINE__, type); exit(1); } if ((constraint.size != sizeof(subdomain3) - 1) || memcmp(constraint.data, subdomain3, sizeof(subdomain3) - 1) != 0) { - fail("Error excluded constraint 3 was %s expected %s line: %d\n", constraint.data, subdomain3, __LINE__); + fail("Error excluded constraint 3 was %s expected %s line: %d\n", + constraint.data, subdomain3, __LINE__); exit(1); } } @@ -191,8 +199,8 @@ void verify_non_upn_leaf(gnutls_x509_name_constraints_t name_constraints) // This test specifically checks for resolution of issue 1132 int ret = 0; gnutls_x509_crt_t domaincontroller; - gnutls_datum_t domaincontroller_datum = { (void *)_domaincontroller, - sizeof(_domaincontroller) - 1 + gnutls_datum_t domaincontroller_datum = { + (void *)_domaincontroller, sizeof(_domaincontroller) - 1 }; gnutls_x509_crt_init(&domaincontroller); @@ -205,11 +213,11 @@ void verify_non_upn_leaf(gnutls_x509_name_constraints_t name_constraints) exit(1); } - ret = gnutls_x509_name_constraints_check_crt(name_constraints, - GNUTLS_SAN_DNSNAME, - domaincontroller); + ret = gnutls_x509_name_constraints_check_crt( + name_constraints, GNUTLS_SAN_DNSNAME, domaincontroller); if (ret < 0) { - fail("Error failed to verify leaf cert against constraints line: %d\n", __LINE__); + fail("Error failed to verify leaf cert against constraints line: %d\n", + __LINE__); exit(1); } @@ -221,8 +229,8 @@ void doit(void) int ret; unsigned int critical = 0; gnutls_x509_crt_t issuingca; - gnutls_datum_t issuingca_datum = - { (void *)_issuingca, sizeof(_issuingca) - 1 }; + gnutls_datum_t issuingca_datum = { (void *)_issuingca, + sizeof(_issuingca) - 1 }; gnutls_x509_crt_init(&issuingca); @@ -243,9 +251,8 @@ void doit(void) exit(1); } - ret = - gnutls_x509_crt_get_name_constraints(issuingca, name_constraints, 0, - &critical); + ret = gnutls_x509_crt_get_name_constraints(issuingca, name_constraints, + 0, &critical); if (ret < 0) { // Failure here is potentially a regression to issue 1132 behavior fail("Error loading constraints line: %d\n", __LINE__); diff --git a/tests/x509-verify-duplicate.c b/tests/x509-verify-duplicate.c index 1a2906c817..0cf6abd1f0 100644 --- a/tests/x509-verify-duplicate.c +++ b/tests/x509-verify-duplicate.c @@ -20,160 +20,161 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include #include "utils.h" -#define CHECK(X)\ -{\ - r = X;\ - if (r < 0)\ - fail("error in %d: %s\n", __LINE__, gnutls_strerror(r));\ -}\ +#define CHECK(X) \ + { \ + r = X; \ + if (r < 0) \ + fail("error in %d: %s\n", __LINE__, \ + gnutls_strerror(r)); \ + } static char cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIFLzCCBBegAwIBAgISAycvItcPAZ5yClzMOYYcod4cMA0GCSqGSIb3DQEBCwUA\n" - "MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\n" - "EwJSMzAeFw0yMjA4MjMwNjMzMjlaFw0yMjExMjEwNjMzMjhaMBcxFTATBgNVBAMT\n" - "DHZvaWRwb2ludC5pbzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANSt\n" - "AazUWttuU/swyEdt70bpod6knYDJavnFUwicpT4ZfPh84Y2ci9Ay9oTVR8LzVq+o\n" - "3FIGxXlBFhCtoGA5k5Soao/JB40+gsY+O8LgcNAdejU78m5W4e2qXq4eu/4tFUCw\n" - "GkcRmqitnc5Jy0bEM+wCZKa42Lx0+WAhNRd/70yWIbzXOrXDnLgGc221JeYJ4it0\n" - "ajYcf3AZuSHhL3qsTLLzuYorPqWmDy27psUiDDJOIjxVbBCRL+AY40TsQm7CZZhZ\n" - "8sCkZU7rIvuDv7nf3QpUsF9Zqk9B3F4tTg0vsVuYeL1XCHGwpVeUS83MsZiLP8Zj\n" - "XGQTM6GiWuOAZ9JJjrsCAwEAAaOCAlgwggJUMA4GA1UdDwEB/wQEAwIFoDAdBgNV\n" - "HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E\n" - "FgQUlw1h3ZwSMKRwkrQ+F4XT3QV/tn8wHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA\n" - "5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu\n" - "by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w\n" - "JwYDVR0RBCAwHoIOKi52b2lkcG9pbnQuaW+CDHZvaWRwb2ludC5pbzBMBgNVHSAE\n" - "RTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw\n" - "Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2\n" - "AN+lXqtogk8fbK3uuF9OPlrqzaISpGpejjsSwCBEXCpzAAABgsme4hAAAAQDAEcw\n" - "RQIhAP6sPHv1PJez/VRMw5xmAAkNU/q9ydq1mTgp7j5uBB9AAiAxm+teG9utZCLP\n" - "TTTv89FHwFV9omfZzDNAiNgg8METHwB3ACl5vvCeOTkh8FZzn2Old+W+V32cYAr4\n" - "+U1dJlwlXceEAAABgsme4gUAAAQDAEgwRgIhAPKWJ7WeuBUSnDqabTAVLKU+PpzA\n" - "bJJ9sehaCKW9AicZAiEAqphpC0lF4/iz2Gkxgd/DEkl9SyyAmR/lEJ7cWDMFhz8w\n" - "DQYJKoZIhvcNAQELBQADggEBAC0aCscObAdTerzGUrDsuQR5FuCTAmvdk3Isqjw1\n" - "dG3WuiwW1Z4ecpqCdvDSIv3toQDWVk6g/oa3fHDnY0/tu//vCwdneDdjK3gCM6cj\n" - "/q0cwj+rGFx/bEVz8PR5kc3DOHGKkmHPN1BNxeLBVpk4jxziXryAVbIvxq9JrGTE\n" - "SfWbWcMkHHw/QzpUfyD3B/GI8qw6XhdaNNkLDEDNV0sCPCuZYc5FBZzU4ExB2vMG\n" - "QVnPfxzKWmxHs10uxXyRZJlOrrbTGU8gi0vnOQZK290dtLzEyU2sdkic1ZSn+fCo\n" - "k++37mNDkiTnIQa3olRqHkypWqGfj8OyqU4XBV2Mmu4UATc=\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIFLzCCBBegAwIBAgISAycvItcPAZ5yClzMOYYcod4cMA0GCSqGSIb3DQEBCwUA\n" - "MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\n" - "EwJSMzAeFw0yMjA4MjMwNjMzMjlaFw0yMjExMjEwNjMzMjhaMBcxFTATBgNVBAMT\n" - "DHZvaWRwb2ludC5pbzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANSt\n" - "AazUWttuU/swyEdt70bpod6knYDJavnFUwicpT4ZfPh84Y2ci9Ay9oTVR8LzVq+o\n" - "3FIGxXlBFhCtoGA5k5Soao/JB40+gsY+O8LgcNAdejU78m5W4e2qXq4eu/4tFUCw\n" - "GkcRmqitnc5Jy0bEM+wCZKa42Lx0+WAhNRd/70yWIbzXOrXDnLgGc221JeYJ4it0\n" - "ajYcf3AZuSHhL3qsTLLzuYorPqWmDy27psUiDDJOIjxVbBCRL+AY40TsQm7CZZhZ\n" - "8sCkZU7rIvuDv7nf3QpUsF9Zqk9B3F4tTg0vsVuYeL1XCHGwpVeUS83MsZiLP8Zj\n" - "XGQTM6GiWuOAZ9JJjrsCAwEAAaOCAlgwggJUMA4GA1UdDwEB/wQEAwIFoDAdBgNV\n" - "HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E\n" - "FgQUlw1h3ZwSMKRwkrQ+F4XT3QV/tn8wHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA\n" - "5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu\n" - "by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w\n" - "JwYDVR0RBCAwHoIOKi52b2lkcG9pbnQuaW+CDHZvaWRwb2ludC5pbzBMBgNVHSAE\n" - "RTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw\n" - "Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2\n" - "AN+lXqtogk8fbK3uuF9OPlrqzaISpGpejjsSwCBEXCpzAAABgsme4hAAAAQDAEcw\n" - "RQIhAP6sPHv1PJez/VRMw5xmAAkNU/q9ydq1mTgp7j5uBB9AAiAxm+teG9utZCLP\n" - "TTTv89FHwFV9omfZzDNAiNgg8METHwB3ACl5vvCeOTkh8FZzn2Old+W+V32cYAr4\n" - "+U1dJlwlXceEAAABgsme4gUAAAQDAEgwRgIhAPKWJ7WeuBUSnDqabTAVLKU+PpzA\n" - "bJJ9sehaCKW9AicZAiEAqphpC0lF4/iz2Gkxgd/DEkl9SyyAmR/lEJ7cWDMFhz8w\n" - "DQYJKoZIhvcNAQELBQADggEBAC0aCscObAdTerzGUrDsuQR5FuCTAmvdk3Isqjw1\n" - "dG3WuiwW1Z4ecpqCdvDSIv3toQDWVk6g/oa3fHDnY0/tu//vCwdneDdjK3gCM6cj\n" - "/q0cwj+rGFx/bEVz8PR5kc3DOHGKkmHPN1BNxeLBVpk4jxziXryAVbIvxq9JrGTE\n" - "SfWbWcMkHHw/QzpUfyD3B/GI8qw6XhdaNNkLDEDNV0sCPCuZYc5FBZzU4ExB2vMG\n" - "QVnPfxzKWmxHs10uxXyRZJlOrrbTGU8gi0vnOQZK290dtLzEyU2sdkic1ZSn+fCo\n" - "k++37mNDkiTnIQa3olRqHkypWqGfj8OyqU4XBV2Mmu4UATc=\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\n" - "TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\n" - "cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw\n" - "WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\n" - "RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" - "AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP\n" - "R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx\n" - "sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm\n" - "NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg\n" - "Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG\n" - "/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC\n" - "AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB\n" - "Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA\n" - "FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw\n" - "AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw\n" - "Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB\n" - "gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W\n" - "PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl\n" - "ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz\n" - "CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm\n" - "lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4\n" - "avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2\n" - "yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O\n" - "yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids\n" - "hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+\n" - "HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv\n" - "MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX\n" - "nLRbwHOoq7hHwg==\n" - "-----END CERTIFICATE-----\n" - "-----BEGIN CERTIFICATE-----\n" - "MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/\n" - "MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\n" - "DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow\n" - "TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\n" - "cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB\n" - "AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC\n" - "ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL\n" - "wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D\n" - "LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK\n" - "4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5\n" - "bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y\n" - "sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ\n" - "Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4\n" - "FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc\n" - "SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql\n" - "PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND\n" - "TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw\n" - "SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1\n" - "c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx\n" - "+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB\n" - "ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu\n" - "b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E\n" - "U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu\n" - "MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC\n" - "5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW\n" - "9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG\n" - "WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O\n" - "he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC\n" - "Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5\n" - "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIFLzCCBBegAwIBAgISAycvItcPAZ5yClzMOYYcod4cMA0GCSqGSIb3DQEBCwUA\n" + "MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\n" + "EwJSMzAeFw0yMjA4MjMwNjMzMjlaFw0yMjExMjEwNjMzMjhaMBcxFTATBgNVBAMT\n" + "DHZvaWRwb2ludC5pbzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANSt\n" + "AazUWttuU/swyEdt70bpod6knYDJavnFUwicpT4ZfPh84Y2ci9Ay9oTVR8LzVq+o\n" + "3FIGxXlBFhCtoGA5k5Soao/JB40+gsY+O8LgcNAdejU78m5W4e2qXq4eu/4tFUCw\n" + "GkcRmqitnc5Jy0bEM+wCZKa42Lx0+WAhNRd/70yWIbzXOrXDnLgGc221JeYJ4it0\n" + "ajYcf3AZuSHhL3qsTLLzuYorPqWmDy27psUiDDJOIjxVbBCRL+AY40TsQm7CZZhZ\n" + "8sCkZU7rIvuDv7nf3QpUsF9Zqk9B3F4tTg0vsVuYeL1XCHGwpVeUS83MsZiLP8Zj\n" + "XGQTM6GiWuOAZ9JJjrsCAwEAAaOCAlgwggJUMA4GA1UdDwEB/wQEAwIFoDAdBgNV\n" + "HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E\n" + "FgQUlw1h3ZwSMKRwkrQ+F4XT3QV/tn8wHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA\n" + "5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu\n" + "by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w\n" + "JwYDVR0RBCAwHoIOKi52b2lkcG9pbnQuaW+CDHZvaWRwb2ludC5pbzBMBgNVHSAE\n" + "RTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw\n" + "Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2\n" + "AN+lXqtogk8fbK3uuF9OPlrqzaISpGpejjsSwCBEXCpzAAABgsme4hAAAAQDAEcw\n" + "RQIhAP6sPHv1PJez/VRMw5xmAAkNU/q9ydq1mTgp7j5uBB9AAiAxm+teG9utZCLP\n" + "TTTv89FHwFV9omfZzDNAiNgg8METHwB3ACl5vvCeOTkh8FZzn2Old+W+V32cYAr4\n" + "+U1dJlwlXceEAAABgsme4gUAAAQDAEgwRgIhAPKWJ7WeuBUSnDqabTAVLKU+PpzA\n" + "bJJ9sehaCKW9AicZAiEAqphpC0lF4/iz2Gkxgd/DEkl9SyyAmR/lEJ7cWDMFhz8w\n" + "DQYJKoZIhvcNAQELBQADggEBAC0aCscObAdTerzGUrDsuQR5FuCTAmvdk3Isqjw1\n" + "dG3WuiwW1Z4ecpqCdvDSIv3toQDWVk6g/oa3fHDnY0/tu//vCwdneDdjK3gCM6cj\n" + "/q0cwj+rGFx/bEVz8PR5kc3DOHGKkmHPN1BNxeLBVpk4jxziXryAVbIvxq9JrGTE\n" + "SfWbWcMkHHw/QzpUfyD3B/GI8qw6XhdaNNkLDEDNV0sCPCuZYc5FBZzU4ExB2vMG\n" + "QVnPfxzKWmxHs10uxXyRZJlOrrbTGU8gi0vnOQZK290dtLzEyU2sdkic1ZSn+fCo\n" + "k++37mNDkiTnIQa3olRqHkypWqGfj8OyqU4XBV2Mmu4UATc=\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIFLzCCBBegAwIBAgISAycvItcPAZ5yClzMOYYcod4cMA0GCSqGSIb3DQEBCwUA\n" + "MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\n" + "EwJSMzAeFw0yMjA4MjMwNjMzMjlaFw0yMjExMjEwNjMzMjhaMBcxFTATBgNVBAMT\n" + "DHZvaWRwb2ludC5pbzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANSt\n" + "AazUWttuU/swyEdt70bpod6knYDJavnFUwicpT4ZfPh84Y2ci9Ay9oTVR8LzVq+o\n" + "3FIGxXlBFhCtoGA5k5Soao/JB40+gsY+O8LgcNAdejU78m5W4e2qXq4eu/4tFUCw\n" + "GkcRmqitnc5Jy0bEM+wCZKa42Lx0+WAhNRd/70yWIbzXOrXDnLgGc221JeYJ4it0\n" + "ajYcf3AZuSHhL3qsTLLzuYorPqWmDy27psUiDDJOIjxVbBCRL+AY40TsQm7CZZhZ\n" + "8sCkZU7rIvuDv7nf3QpUsF9Zqk9B3F4tTg0vsVuYeL1XCHGwpVeUS83MsZiLP8Zj\n" + "XGQTM6GiWuOAZ9JJjrsCAwEAAaOCAlgwggJUMA4GA1UdDwEB/wQEAwIFoDAdBgNV\n" + "HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E\n" + "FgQUlw1h3ZwSMKRwkrQ+F4XT3QV/tn8wHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA\n" + "5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu\n" + "by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w\n" + "JwYDVR0RBCAwHoIOKi52b2lkcG9pbnQuaW+CDHZvaWRwb2ludC5pbzBMBgNVHSAE\n" + "RTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw\n" + "Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2\n" + "AN+lXqtogk8fbK3uuF9OPlrqzaISpGpejjsSwCBEXCpzAAABgsme4hAAAAQDAEcw\n" + "RQIhAP6sPHv1PJez/VRMw5xmAAkNU/q9ydq1mTgp7j5uBB9AAiAxm+teG9utZCLP\n" + "TTTv89FHwFV9omfZzDNAiNgg8METHwB3ACl5vvCeOTkh8FZzn2Old+W+V32cYAr4\n" + "+U1dJlwlXceEAAABgsme4gUAAAQDAEgwRgIhAPKWJ7WeuBUSnDqabTAVLKU+PpzA\n" + "bJJ9sehaCKW9AicZAiEAqphpC0lF4/iz2Gkxgd/DEkl9SyyAmR/lEJ7cWDMFhz8w\n" + "DQYJKoZIhvcNAQELBQADggEBAC0aCscObAdTerzGUrDsuQR5FuCTAmvdk3Isqjw1\n" + "dG3WuiwW1Z4ecpqCdvDSIv3toQDWVk6g/oa3fHDnY0/tu//vCwdneDdjK3gCM6cj\n" + "/q0cwj+rGFx/bEVz8PR5kc3DOHGKkmHPN1BNxeLBVpk4jxziXryAVbIvxq9JrGTE\n" + "SfWbWcMkHHw/QzpUfyD3B/GI8qw6XhdaNNkLDEDNV0sCPCuZYc5FBZzU4ExB2vMG\n" + "QVnPfxzKWmxHs10uxXyRZJlOrrbTGU8gi0vnOQZK290dtLzEyU2sdkic1ZSn+fCo\n" + "k++37mNDkiTnIQa3olRqHkypWqGfj8OyqU4XBV2Mmu4UATc=\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\n" + "TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\n" + "cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw\n" + "WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\n" + "RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + "AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP\n" + "R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx\n" + "sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm\n" + "NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg\n" + "Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG\n" + "/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC\n" + "AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB\n" + "Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA\n" + "FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw\n" + "AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw\n" + "Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB\n" + "gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W\n" + "PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl\n" + "ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz\n" + "CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm\n" + "lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4\n" + "avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2\n" + "yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O\n" + "yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids\n" + "hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+\n" + "HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv\n" + "MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX\n" + "nLRbwHOoq7hHwg==\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/\n" + "MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\n" + "DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow\n" + "TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\n" + "cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB\n" + "AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC\n" + "ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL\n" + "wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D\n" + "LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK\n" + "4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5\n" + "bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y\n" + "sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ\n" + "Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4\n" + "FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc\n" + "SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql\n" + "PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND\n" + "TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw\n" + "SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1\n" + "c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx\n" + "+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB\n" + "ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu\n" + "b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E\n" + "U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu\n" + "MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC\n" + "5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW\n" + "9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG\n" + "WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O\n" + "he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC\n" + "Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5\n" + "-----END CERTIFICATE-----\n"; void doit(void) { int r; unsigned i, certs_size, out; - unsigned flags = - GNUTLS_VERIFY_DO_NOT_ALLOW_SAME | GNUTLS_VERIFY_DISABLE_TIME_CHECKS; + unsigned flags = GNUTLS_VERIFY_DO_NOT_ALLOW_SAME | + GNUTLS_VERIFY_DISABLE_TIME_CHECKS; gnutls_x509_trust_list_t tl; gnutls_x509_crt_t *certs = NULL; - gnutls_datum_t cert = - { (unsigned char *)cert_pem, sizeof(cert_pem) - 1 }; + gnutls_datum_t cert = { (unsigned char *)cert_pem, + sizeof(cert_pem) - 1 }; - CHECK(gnutls_x509_crt_list_import2 - (&certs, &certs_size, &cert, GNUTLS_X509_FMT_PEM, 0)); + CHECK(gnutls_x509_crt_list_import2(&certs, &certs_size, &cert, + GNUTLS_X509_FMT_PEM, 0)); CHECK(gnutls_x509_trust_list_init(&tl, 0)); CHECK(gnutls_x509_trust_list_add_cas(tl, certs + certs_size - 1, 1, 0)); - CHECK(gnutls_x509_trust_list_verify_crt - (tl, certs, certs_size, flags, &out, NULL)); + CHECK(gnutls_x509_trust_list_verify_crt(tl, certs, certs_size, flags, + &out, NULL)); if (out) fail("Not verified\n"); diff --git a/tests/x509-verify-with-crl.c b/tests/x509-verify-with-crl.c index 3d9884b768..9b16cf91be 100644 --- a/tests/x509-verify-with-crl.c +++ b/tests/x509-verify-with-crl.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -37,78 +37,83 @@ */ static const char _ca[] = { -/* CRL */ + /* CRL */ "-----BEGIN CERTIFICATE-----\n" - "MIIBfTCCASSgAwIBAgIBATAKBggqhkjOPQQDAjAkMQ8wDQYDVQQDEwZWUE4gQ0Ex\n" - "ETAPBgNVBAoTCEJpZyBDb3JwMCIYDzIwMTQxMTMwMjA1NDQ1WhgPOTk5OTEyMzEy\n" - "MzU5NTlaMCQxDzANBgNVBAMTBlZQTiBDQTERMA8GA1UEChMIQmlnIENvcnAwWTAT\n" - "BgcqhkjOPQIBBggqhkjOPQMBBwNCAASvDJl26Hzb47Xi+Wx6uJY0NUD+Bij+PJ9l\n" - "mmS2wbLaLNyga5aRvf+s7HKq9o+7+CE6E0t8fuCe0j8nLN64iAZlo0MwQTAPBgNV\n" - "HRMBAf8EBTADAQH/MA8GA1UdDwEB/wQFAwMHBgAwHQYDVR0OBBYEFFJATAcyatKW\n" - "ionSww8obkh7JKCYMAoGCCqGSM49BAMCA0cAMEQCIDPmWRvQAUbnSrnh79DM46/l\n" - "My88UjFi2+ZhmIwufLP7AiBB9eeXKUmtWXuXAar0vHNH6edgEcggHgfOOHekukOr\n" - "hw==\n" "-----END CERTIFICATE-----\n" + "MIIBfTCCASSgAwIBAgIBATAKBggqhkjOPQQDAjAkMQ8wDQYDVQQDEwZWUE4gQ0Ex\n" + "ETAPBgNVBAoTCEJpZyBDb3JwMCIYDzIwMTQxMTMwMjA1NDQ1WhgPOTk5OTEyMzEy\n" + "MzU5NTlaMCQxDzANBgNVBAMTBlZQTiBDQTERMA8GA1UEChMIQmlnIENvcnAwWTAT\n" + "BgcqhkjOPQIBBggqhkjOPQMBBwNCAASvDJl26Hzb47Xi+Wx6uJY0NUD+Bij+PJ9l\n" + "mmS2wbLaLNyga5aRvf+s7HKq9o+7+CE6E0t8fuCe0j8nLN64iAZlo0MwQTAPBgNV\n" + "HRMBAf8EBTADAQH/MA8GA1UdDwEB/wQFAwMHBgAwHQYDVR0OBBYEFFJATAcyatKW\n" + "ionSww8obkh7JKCYMAoGCCqGSM49BAMCA0cAMEQCIDPmWRvQAUbnSrnh79DM46/l\n" + "My88UjFi2+ZhmIwufLP7AiBB9eeXKUmtWXuXAar0vHNH6edgEcggHgfOOHekukOr\n" + "hw==\n" + "-----END CERTIFICATE-----\n" }; gnutls_datum_t ca = { (void *)_ca, sizeof(_ca) - 1 }; static const char _server1[] = { "-----BEGIN CERTIFICATE-----\n" - "MIIBvzCCAWWgAwIBAgIMVHuEbjXPSvP+nSDXMAoGCCqGSM49BAMCMCQxDzANBgNV\n" - "BAMTBlZQTiBDQTERMA8GA1UEChMIQmlnIENvcnAwIhgPMjAxNDExMzAyMDU2MTRa\n" - "GA85OTk5MTIzMTIzNTk1OVowJzERMA8GA1UEAwwIc2VydmVyMQ0xEjAQBgNVBAoT\n" - "CU15Q29tcGFueTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLViTN5K7scNWH0u\n" - "wLvlDj6nJdZ76sP+oZoev+gYMyV42JqG/60S2VizrAIcmQA9QFfGlZz2GpE641Gd\n" - "HiH09dajdjB0MAwGA1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYD\n" - "VR0PAQH/BAUDAweAADAdBgNVHQ4EFgQUNWE8WZGVgvhyw/56sMSCuyXhBjMwHwYD\n" - "VR0jBBgwFoAUUkBMBzJq0paKidLDDyhuSHskoJgwCgYIKoZIzj0EAwIDSAAwRQIh\n" - "AKk+TA7XgvPwo6oDcAWUYgQbnKWEh5xO55nvNf6TVgMrAiAEI+w6IVJbXgtmskIJ\n" - "gedi4kA4sDjRKtTzfxlIdaZhuA==\n" "-----END CERTIFICATE-----\n" + "MIIBvzCCAWWgAwIBAgIMVHuEbjXPSvP+nSDXMAoGCCqGSM49BAMCMCQxDzANBgNV\n" + "BAMTBlZQTiBDQTERMA8GA1UEChMIQmlnIENvcnAwIhgPMjAxNDExMzAyMDU2MTRa\n" + "GA85OTk5MTIzMTIzNTk1OVowJzERMA8GA1UEAwwIc2VydmVyMQ0xEjAQBgNVBAoT\n" + "CU15Q29tcGFueTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLViTN5K7scNWH0u\n" + "wLvlDj6nJdZ76sP+oZoev+gYMyV42JqG/60S2VizrAIcmQA9QFfGlZz2GpE641Gd\n" + "HiH09dajdjB0MAwGA1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYD\n" + "VR0PAQH/BAUDAweAADAdBgNVHQ4EFgQUNWE8WZGVgvhyw/56sMSCuyXhBjMwHwYD\n" + "VR0jBBgwFoAUUkBMBzJq0paKidLDDyhuSHskoJgwCgYIKoZIzj0EAwIDSAAwRQIh\n" + "AKk+TA7XgvPwo6oDcAWUYgQbnKWEh5xO55nvNf6TVgMrAiAEI+w6IVJbXgtmskIJ\n" + "gedi4kA4sDjRKtTzfxlIdaZhuA==\n" + "-----END CERTIFICATE-----\n" }; gnutls_datum_t server1 = { (void *)_server1, sizeof(_server1) - 1 }; static const char _server2[] = { "-----BEGIN CERTIFICATE-----\n" - "MIIBvzCCAWWgAwIBAgIMVHuEfQn9F35YK44BMAoGCCqGSM49BAMCMCQxDzANBgNV\n" - "BAMTBlZQTiBDQTERMA8GA1UEChMIQmlnIENvcnAwIhgPMjAxNDExMzAyMDU2Mjla\n" - "GA85OTk5MTIzMTIzNTk1OVowJzERMA8GA1UEAwwIc2VydmVyMg0xEjAQBgNVBAoT\n" - "CU15Q29tcGFueTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBfy/l8rtthQYHRA\n" - "sWoY3E7HHM2eP0RyNrusfh6Okl4TN8D1jlmx3yc+9h4RqIvC6dHhSS/mio8fjZpU\n" - "aXzv7dujdjB0MAwGA1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYD\n" - "VR0PAQH/BAUDAweAADAdBgNVHQ4EFgQUee5izg6T1FxiNtJbWBz90d20GVYwHwYD\n" - "VR0jBBgwFoAUUkBMBzJq0paKidLDDyhuSHskoJgwCgYIKoZIzj0EAwIDSAAwRQIh\n" - "AKMgl86d4ENyrpqkXR7pN8FN/Pd1Hji6Usnm536zuFjIAiA9RRxtPQXjrk3Sx8QR\n" - "c0NrnBYRCM24FXMHSWOL1YUb7w==\n" "-----END CERTIFICATE-----\n" + "MIIBvzCCAWWgAwIBAgIMVHuEfQn9F35YK44BMAoGCCqGSM49BAMCMCQxDzANBgNV\n" + "BAMTBlZQTiBDQTERMA8GA1UEChMIQmlnIENvcnAwIhgPMjAxNDExMzAyMDU2Mjla\n" + "GA85OTk5MTIzMTIzNTk1OVowJzERMA8GA1UEAwwIc2VydmVyMg0xEjAQBgNVBAoT\n" + "CU15Q29tcGFueTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBfy/l8rtthQYHRA\n" + "sWoY3E7HHM2eP0RyNrusfh6Okl4TN8D1jlmx3yc+9h4RqIvC6dHhSS/mio8fjZpU\n" + "aXzv7dujdjB0MAwGA1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYD\n" + "VR0PAQH/BAUDAweAADAdBgNVHQ4EFgQUee5izg6T1FxiNtJbWBz90d20GVYwHwYD\n" + "VR0jBBgwFoAUUkBMBzJq0paKidLDDyhuSHskoJgwCgYIKoZIzj0EAwIDSAAwRQIh\n" + "AKMgl86d4ENyrpqkXR7pN8FN/Pd1Hji6Usnm536zuFjIAiA9RRxtPQXjrk3Sx8QR\n" + "c0NrnBYRCM24FXMHSWOL1YUb7w==\n" + "-----END CERTIFICATE-----\n" }; gnutls_datum_t server2 = { (void *)_server2, sizeof(_server2) - 1 }; static const char _server3[] = { "-----BEGIN CERTIFICATE-----\n" - "MIIBvjCCAWWgAwIBAgIMVHuEhyM4BCuvifY3MAoGCCqGSM49BAMCMCQxDzANBgNV\n" - "BAMTBlZQTiBDQTERMA8GA1UEChMIQmlnIENvcnAwIhgPMjAxNDExMzAyMDU2Mzla\n" - "GA85OTk5MTIzMTIzNTk1OVowJzERMA8GA1UEAwwIc2VydmVyMw0xEjAQBgNVBAoT\n" - "CU15Q29tcGFueTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLKjVDVHPM7sK8Gr\n" - "+eUTmT1sQSVhUr4znBEkiccPlGTN30m5KoaM1cflRxb+p/pYk6xFfAZW/33XmWON\n" - "IjwygACjdjB0MAwGA1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYD\n" - "VR0PAQH/BAUDAweAADAdBgNVHQ4EFgQU3TmVO7uyA1t4+tbbmTbKoXiHP1QwHwYD\n" - "VR0jBBgwFoAUUkBMBzJq0paKidLDDyhuSHskoJgwCgYIKoZIzj0EAwIDRwAwRAIg\n" - "RI1GVQ/ol9Es0niE3Ex/X+2a5tEVBOECLO3+Vr6rPs0CIHSxEksboGo8qJzESmjY\n" - "If7aJsOFgpBmGKWGf+dVDjjg\n" "-----END CERTIFICATE-----\n" + "MIIBvjCCAWWgAwIBAgIMVHuEhyM4BCuvifY3MAoGCCqGSM49BAMCMCQxDzANBgNV\n" + "BAMTBlZQTiBDQTERMA8GA1UEChMIQmlnIENvcnAwIhgPMjAxNDExMzAyMDU2Mzla\n" + "GA85OTk5MTIzMTIzNTk1OVowJzERMA8GA1UEAwwIc2VydmVyMw0xEjAQBgNVBAoT\n" + "CU15Q29tcGFueTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLKjVDVHPM7sK8Gr\n" + "+eUTmT1sQSVhUr4znBEkiccPlGTN30m5KoaM1cflRxb+p/pYk6xFfAZW/33XmWON\n" + "IjwygACjdjB0MAwGA1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYD\n" + "VR0PAQH/BAUDAweAADAdBgNVHQ4EFgQU3TmVO7uyA1t4+tbbmTbKoXiHP1QwHwYD\n" + "VR0jBBgwFoAUUkBMBzJq0paKidLDDyhuSHskoJgwCgYIKoZIzj0EAwIDRwAwRAIg\n" + "RI1GVQ/ol9Es0niE3Ex/X+2a5tEVBOECLO3+Vr6rPs0CIHSxEksboGo8qJzESmjY\n" + "If7aJsOFgpBmGKWGf+dVDjjg\n" + "-----END CERTIFICATE-----\n" }; gnutls_datum_t server3 = { (void *)_server3, sizeof(_server3) - 1 }; static const char _crl[] = { "-----BEGIN X509 CRL-----\n" - "MIIBJTCBzAIBATAKBggqhkjOPQQDAjAkMQ8wDQYDVQQDEwZWUE4gQ0ExETAPBgNV\n" - "BAoTCEJpZyBDb3JwGA8yMDE0MTEzMDIxMTkwNFoYDzk5OTkxMjMxMjM1OTU5WjBC\n" - "MB8CDFR7hnMaGdABn3iWABgPMjAxNDExMzAyMTE5MDRaMB8CDFR7hH0J/Rd+WCuO\n" - "ARgPMjAxNDExMzAyMTE5MDRaoC8wLTAfBgNVHSMEGDAWgBRSQEwHMmrSloqJ0sMP\n" - "KG5IeySgmDAKBgNVHRQEAwIBATAKBggqhkjOPQQDAgNIADBFAiEAt3Ks2JNhxuuT\n" - "nzok7rYbi+p6dWiPj7mWNawba2+xjYwCIGpTiTU1ssn5Fa70j7S+PjmnN4fuyjXh\n" - "AuXYcsNpjsPz\n" "-----END X509 CRL-----\n" + "MIIBJTCBzAIBATAKBggqhkjOPQQDAjAkMQ8wDQYDVQQDEwZWUE4gQ0ExETAPBgNV\n" + "BAoTCEJpZyBDb3JwGA8yMDE0MTEzMDIxMTkwNFoYDzk5OTkxMjMxMjM1OTU5WjBC\n" + "MB8CDFR7hnMaGdABn3iWABgPMjAxNDExMzAyMTE5MDRaMB8CDFR7hH0J/Rd+WCuO\n" + "ARgPMjAxNDExMzAyMTE5MDRaoC8wLTAfBgNVHSMEGDAWgBRSQEwHMmrSloqJ0sMP\n" + "KG5IeySgmDAKBgNVHRQEAwIBATAKBggqhkjOPQQDAgNIADBFAiEAt3Ks2JNhxuuT\n" + "nzok7rYbi+p6dWiPj7mWNawba2+xjYwCIGpTiTU1ssn5Fa70j7S+PjmnN4fuyjXh\n" + "AuXYcsNpjsPz\n" + "-----END X509 CRL-----\n" }; gnutls_datum_t crl = { (void *)_crl, sizeof(_crl) - 1 }; @@ -117,7 +122,7 @@ gnutls_datum_t crl = { (void *)_crl, sizeof(_crl) - 1 }; verifying certificates. To avoid a time bomb, we hard code the current time. This should work fine on systems where the library call to time is resolved at run-time. */ -static time_t mytime(time_t * t) +static time_t mytime(time_t *t) { time_t then = 1417381345; @@ -180,45 +185,40 @@ void doit(void) exit(1); } - ret = - gnutls_x509_trust_list_add_trust_mem(tl, &ca, NULL, - GNUTLS_X509_FMT_PEM, 0, 0); + ret = gnutls_x509_trust_list_add_trust_mem(tl, &ca, NULL, + GNUTLS_X509_FMT_PEM, 0, 0); if (ret != 1) { fail("error in %d: (%d) %s\n", __LINE__, ret, gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_trust_list_add_trust_mem(tl, NULL, &crl, - GNUTLS_X509_FMT_PEM, 0, 0); + ret = gnutls_x509_trust_list_add_trust_mem(tl, NULL, &crl, + GNUTLS_X509_FMT_PEM, 0, 0); if (ret < 0) { fail("error in %d: (%d) %s\n", __LINE__, ret, gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_trust_list_verify_crt2(tl, &s1, 1, NULL, 0, 0, &status, - NULL); + ret = gnutls_x509_trust_list_verify_crt2(tl, &s1, 1, NULL, 0, 0, + &status, NULL); if (ret < 0 || status != 0) { fail("error in %d: (status: 0x%x) %s\n", __LINE__, status, gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_trust_list_verify_crt2(tl, &s2, 1, NULL, 0, 0, &status, - NULL); + ret = gnutls_x509_trust_list_verify_crt2(tl, &s2, 1, NULL, 0, 0, + &status, NULL); if (ret < 0 || status != (GNUTLS_CERT_INVALID | GNUTLS_CERT_REVOKED)) { fail("error in %d: (status: 0x%x) %s\n", __LINE__, status, gnutls_strerror(ret)); exit(1); } - ret = - gnutls_x509_trust_list_verify_crt2(tl, &s3, 1, NULL, 0, 0, &status, - NULL); + ret = gnutls_x509_trust_list_verify_crt2(tl, &s3, 1, NULL, 0, 0, + &status, NULL); if (ret < 0 || status != 0) { fail("error in %d: (status: 0x%x) %s\n", __LINE__, status, gnutls_strerror(ret)); diff --git a/tests/x509_altname.c b/tests/x509_altname.c index b8af3c2df0..a33d080e3b 100644 --- a/tests/x509_altname.c +++ b/tests/x509_altname.c @@ -19,7 +19,7 @@ */ #ifdef HAVE_CONFIG_H -# include "config.h" +#include "config.h" #endif #include @@ -29,34 +29,35 @@ #include "utils.h" static char pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIE6zCCA9OgAwIBAgIBdjANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJTRTEf\n" - "MB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEgMB4GA1UEAxMXU3RvY2to\n" - "b2xtIFVuaXZlcnNpdHkgQ0EwHhcNMDYwMzIyMDkxNTI4WhcNMDcwMzIyMDkxNTI4\n" - "WjBDMQswCQYDVQQGEwJTRTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRl\n" - "dDETMBEGA1UEAxMKc2lwMS5zdS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC\n" - "gYEArUzXTD36ZK7CwZJH/faUNTcdaqM7JyiZsfrO703d7cT/bJ3wKxT8trOOh/Ou\n" - "WwgGFX2+r7ykun3aIUXUuD13Yle/yHqH/4g9vWX7UeFCBlSI0tAxnlqt0QqlPgSd\n" - "GLHcoO4PPyjon9jj0A/zpJGZHiRUCooo63YqE9MYfr5HBfkCAwEAAaOCAl8wggJb\n" - "MAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD\n" - "VR0OBBYEFDpcXNHMLJ7fc/c72BtZseq4MDXFMH8GA1UdIwR4MHaAFJ4uMLo32VFE\n" - "yZ2/GCHxvX7utYZIoVukWTBXMQswCQYDVQQGEwJTRTEYMBYGA1UEChMPVW1lYSBV\n" - "bml2ZXJzaXR5MRMwEQYDVQQLEwpTd1VQS0ktUENBMRkwFwYDVQQDExBTd1VQS0kg\n" - "UG9saWN5IENBggEQMDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9jYS5zdS5zZS8y\n" - "MDA1LTEvY3JsLXYyLmNybDB5BgNVHSAEcjBwMG4GCCqFcCsCAQEBMGIwHwYIKwYB\n" - "BQUHAgEWE2h0dHA6Ly9jYS5zdS5zZS9DUFMwPwYIKwYBBQUHAgIwMxoxTGltaXRl\n" - "ZCBMaWFiaWxpdHksIHNlZSBodHRwOi8vd3d3LnN3dXBraS5zdS5zZS9DUDAkBgNV\n" - "HRIEHTAbgQhjYUBzdS5zZYYPaHR0cDovL2NhLnN1LnNlMIG3BgNVHREEga8wgayC\n" - "F2luY29taW5ncHJveHkuc2lwLnN1LnNlghhpbmNvbWluZ3Byb3h5MS5zaXAuc3Uu\n" - "c2WCF291dGdvaW5ncHJveHkuc2lwLnN1LnNlghhvdXRnb2luZ3Byb3h5MS5zaXAu\n" - "c3Uuc2WCDW91dC5zaXAuc3Uuc2WCE2FwcHNlcnZlci5zaXAuc3Uuc2WCFGFwcHNl\n" - "cnZlcjEuc2lwLnN1LnNlggpzaXAxLnN1LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQAR\n" - "FYg7ytcph0E7WmvM44AN/8qru7tRX6aSFWrjLyVr/1Wk4prCK4y5JpfNw5dh9Z8f\n" - "/gyFsr1iFsb6fS3nJTTd3fVlWRfcNCGIx5g8KuSb3u6f7VznkGOeiRMRESQc1G8B\n" - "eh0zbdZS7BYO2g9EKlbGST5PwQnc4g9K7pqPyKSNVkzb60Nujg/+qYje7MCcN+ZR\n" - "nUBo6U2NZ06/QEUFm+uUIhZ8IGM1gLehC7Q3G4+d4c38CDJxQnSPOgWiXuSvhhQm\n" - "KDsbrKzRaeBRh5eEJbTkA8Dp0Emb0UrkRVhixeg97stxUcATAjdGljJ9MLnuHXnI\n" - "7ihGdUfg5q/105vpsQpO\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIE6zCCA9OgAwIBAgIBdjANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJTRTEf\n" + "MB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEgMB4GA1UEAxMXU3RvY2to\n" + "b2xtIFVuaXZlcnNpdHkgQ0EwHhcNMDYwMzIyMDkxNTI4WhcNMDcwMzIyMDkxNTI4\n" + "WjBDMQswCQYDVQQGEwJTRTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRl\n" + "dDETMBEGA1UEAxMKc2lwMS5zdS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC\n" + "gYEArUzXTD36ZK7CwZJH/faUNTcdaqM7JyiZsfrO703d7cT/bJ3wKxT8trOOh/Ou\n" + "WwgGFX2+r7ykun3aIUXUuD13Yle/yHqH/4g9vWX7UeFCBlSI0tAxnlqt0QqlPgSd\n" + "GLHcoO4PPyjon9jj0A/zpJGZHiRUCooo63YqE9MYfr5HBfkCAwEAAaOCAl8wggJb\n" + "MAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD\n" + "VR0OBBYEFDpcXNHMLJ7fc/c72BtZseq4MDXFMH8GA1UdIwR4MHaAFJ4uMLo32VFE\n" + "yZ2/GCHxvX7utYZIoVukWTBXMQswCQYDVQQGEwJTRTEYMBYGA1UEChMPVW1lYSBV\n" + "bml2ZXJzaXR5MRMwEQYDVQQLEwpTd1VQS0ktUENBMRkwFwYDVQQDExBTd1VQS0kg\n" + "UG9saWN5IENBggEQMDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9jYS5zdS5zZS8y\n" + "MDA1LTEvY3JsLXYyLmNybDB5BgNVHSAEcjBwMG4GCCqFcCsCAQEBMGIwHwYIKwYB\n" + "BQUHAgEWE2h0dHA6Ly9jYS5zdS5zZS9DUFMwPwYIKwYBBQUHAgIwMxoxTGltaXRl\n" + "ZCBMaWFiaWxpdHksIHNlZSBodHRwOi8vd3d3LnN3dXBraS5zdS5zZS9DUDAkBgNV\n" + "HRIEHTAbgQhjYUBzdS5zZYYPaHR0cDovL2NhLnN1LnNlMIG3BgNVHREEga8wgayC\n" + "F2luY29taW5ncHJveHkuc2lwLnN1LnNlghhpbmNvbWluZ3Byb3h5MS5zaXAuc3Uu\n" + "c2WCF291dGdvaW5ncHJveHkuc2lwLnN1LnNlghhvdXRnb2luZ3Byb3h5MS5zaXAu\n" + "c3Uuc2WCDW91dC5zaXAuc3Uuc2WCE2FwcHNlcnZlci5zaXAuc3Uuc2WCFGFwcHNl\n" + "cnZlcjEuc2lwLnN1LnNlggpzaXAxLnN1LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQAR\n" + "FYg7ytcph0E7WmvM44AN/8qru7tRX6aSFWrjLyVr/1Wk4prCK4y5JpfNw5dh9Z8f\n" + "/gyFsr1iFsb6fS3nJTTd3fVlWRfcNCGIx5g8KuSb3u6f7VznkGOeiRMRESQc1G8B\n" + "eh0zbdZS7BYO2g9EKlbGST5PwQnc4g9K7pqPyKSNVkzb60Nujg/+qYje7MCcN+ZR\n" + "nUBo6U2NZ06/QEUFm+uUIhZ8IGM1gLehC7Q3G4+d4c38CDJxQnSPOgWiXuSvhhQm\n" + "KDsbrKzRaeBRh5eEJbTkA8Dp0Emb0UrkRVhixeg97stxUcATAjdGljJ9MLnuHXnI\n" + "7ihGdUfg5q/105vpsQpO\n" + "-----END CERTIFICATE-----\n"; #define MAX_DATA_SIZE 1024 @@ -83,11 +84,8 @@ void doit(void) fail("crt_import %d\n", ret); for (alt_name_count = 0;; ++alt_name_count) { - ret = - gnutls_x509_crt_get_issuer_alt_name(cert, - alt_name_count, - data, &data_len, - &critical); + ret = gnutls_x509_crt_get_issuer_alt_name( + cert, alt_name_count, data, &data_len, &critical); if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) break; @@ -102,7 +100,8 @@ void doit(void) } } else if (GNUTLS_SAN_RFC822NAME == ret) { if (strcmp(data, "ca@su.se") != 0) { - fail("unexpected issuer GNUTLS_SAN_RFC822NAME: %s\n", data); + fail("unexpected issuer GNUTLS_SAN_RFC822NAME: %s\n", + data); } } else { fail("unexpected alt name type: %d\n", ret); diff --git a/tests/x509cert-ct.c b/tests/x509cert-ct.c index 559a58366f..7483b1c6b1 100644 --- a/tests/x509cert-ct.c +++ b/tests/x509cert-ct.c @@ -22,7 +22,7 @@ /* Parts copied from other tests */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -38,45 +38,46 @@ #include "utils.h" static char pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIG+jCCBeKgAwIBAgIQPurql+NcbKQ/8rR9djN5DDANBgkqhkiG9w0BAQsFADCB\n" - "hDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w\n" - "HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMTUwMwYDVQQDEyxTeW1hbnRl\n" - "YyBDbGFzcyAzIFNlY3VyZSBTZXJ2ZXIgU0hBMjU2IFNTTCBDQTAeFw0xNzAzMjAw\n" - "MDAwMDBaFw0yMDAzMjQyMzU5NTlaMHMxCzAJBgNVBAYTAlVTMREwDwYDVQQIDAhO\n" - "ZXcgWW9yazERMA8GA1UEBwwITmV3IFlvcmsxJzAlBgNVBAoMHkFtZXJpY2FuIENp\n" - "dmlsIExpYmVydGllcyBVbmlvbjEVMBMGA1UEAwwMd3d3LmFjbHUub3JnMIIBIjAN\n" - "BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAui9XzdLmI2JH+05y4WAV7jHn2Vyk\n" - "k+92pm/mdQcfJDyNR6gotaLBvBy9n9SeDj03eGlYUKZ1lgBeHhM17FMWuWoazETl\n" - "EU2Iq1ugHn3V+Rr2IkQ8f00RcNXRlYCQOiL0WYrrXPHZUNh1aQ4kwFaFGT0iNsKS\n" - "kGwf56b1goJujqwtLIBzRdHOLzWGCq1Kn/VeDTi2QQyTVQLWsDZzZApUXMyoc1xv\n" - "go7r1lvHWbJ04up0YwXssC67lw4SKK+/2lZF0Fu0baooHQOlQ5jk0DQhQ6Hsgp/t\n" - "UYhrv56cVf9MWrBEbVBg79yiyWb+rrXhk9KeMbFFsxNEWiA5TREejEhVXwIDAQAB\n" - "o4IDdjCCA3IwMgYDVR0RBCswKYIPYWN0aW9uLmFjbHUub3Jnggx3d3cuYWNsdS5v\n" - "cmeCCGFjbHUub3JnMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMGEGA1UdIARa\n" - "MFgwVgYGZ4EMAQICMEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20v\n" - "Y3BzMCUGCCsGAQUFBwICMBkMF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMCsGA1Ud\n" - "HwQkMCIwIKAeoByGGmh0dHA6Ly9zZy5zeW1jYi5jb20vc2cuY3JsMB0GA1UdJQQW\n" - "MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAfBgNVHSMEGDAWgBTbYiD7fQKJfNI7b8fk\n" - "MmwFUh2tsTBXBggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zZy5z\n" - "eW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6Ly9zZy5zeW1jYi5jb20vc2cuY3J0\n" - "MIIB9gYKKwYBBAHWeQIEAgSCAeYEggHiAeAAdQDd6x0reg1PpiCLga2BaHB+Lo6d\n" - "AdVciI09EcTNtuy+zAAAAVrspLZKAAAEAwBGMEQCIEuVHq0xyXfN8XP0Ly8eTEJB\n" - "3XMAKhaercn0EqjtgNUPAiBN+/pUJ9EwF4yh2hRU1U3KkdzTI+KDerLZCl004ADF\n" - "cgB3AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABWuyktugAAAQD\n" - "AEgwRgIhAPoMU/iz0Ne4vgM4cQol7zLVS8xEc18natc9EgLpOqvvAiEAtyt6nMg7\n" - "18/axecg1fk2dcDKCP8EpEJWnabnDRwMb00AdgDuS723dc5guuFCaR+r4Z5mow9+\n" - "X7By2IMAxHuJeqj9ywAAAVrspLadAAAEAwBHMEUCIH8pZN5die2lOt6i2NS57xxd\n" - "uo12mGZ4Xt6cPARVZCipAiEAxOGXK63gCml0jZnlBAN/41YMCNF0cCl9rMIRmEOe\n" - "ffYAdgC8eOHfxfY8aEZJM02hD6FfCXlpIAnAgbTz9pF/Ptm4pQAAAVrspLdAAAAE\n" - "AwBHMEUCIDtHn+q93n/mGGzdFZb9PImevE3t8yi4FpEKQh3fN+HdAiEA618tN/lR\n" - "9m8dh0BVfHAJ9o3CAT53sWjO37sFhHPNOT4wDQYJKoZIhvcNAQELBQADggEBALEV\n" - "pKCM+njCWn74ThjbBEH23rWDYNU3Dl4O5J1U0wJdp4uTvZQbTHlvuAYnQr2WUBX5\n" - "OOvZdVLKDZJqZ/KJ2TLjBUQGWHylu6kE2PWuOTrJ6eC2UnR8zj0RavELHXuGUmQt\n" - "p5UESDjGI6IUDfI6IdxIKydnIStQLuKlaGsz3bsD1yc8XfCNjkmxf3DfC2qnnO6q\n" - "0i2o1SkjCesCqrgPQuVM95vF5I+dRcrk1nHOLCgDLYeoOSFpkPzk5EF7gDrfuLHn\n" - "a7MqZSlOcbf6XcGmsOPH0SCYLyNiJwuBX2W3fw2rP9adpWniGK5kyIEU6Nrkgc31\n" - "ESMyYNL3A9igh1jySzg=\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIG+jCCBeKgAwIBAgIQPurql+NcbKQ/8rR9djN5DDANBgkqhkiG9w0BAQsFADCB\n" + "hDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w\n" + "HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMTUwMwYDVQQDEyxTeW1hbnRl\n" + "YyBDbGFzcyAzIFNlY3VyZSBTZXJ2ZXIgU0hBMjU2IFNTTCBDQTAeFw0xNzAzMjAw\n" + "MDAwMDBaFw0yMDAzMjQyMzU5NTlaMHMxCzAJBgNVBAYTAlVTMREwDwYDVQQIDAhO\n" + "ZXcgWW9yazERMA8GA1UEBwwITmV3IFlvcmsxJzAlBgNVBAoMHkFtZXJpY2FuIENp\n" + "dmlsIExpYmVydGllcyBVbmlvbjEVMBMGA1UEAwwMd3d3LmFjbHUub3JnMIIBIjAN\n" + "BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAui9XzdLmI2JH+05y4WAV7jHn2Vyk\n" + "k+92pm/mdQcfJDyNR6gotaLBvBy9n9SeDj03eGlYUKZ1lgBeHhM17FMWuWoazETl\n" + "EU2Iq1ugHn3V+Rr2IkQ8f00RcNXRlYCQOiL0WYrrXPHZUNh1aQ4kwFaFGT0iNsKS\n" + "kGwf56b1goJujqwtLIBzRdHOLzWGCq1Kn/VeDTi2QQyTVQLWsDZzZApUXMyoc1xv\n" + "go7r1lvHWbJ04up0YwXssC67lw4SKK+/2lZF0Fu0baooHQOlQ5jk0DQhQ6Hsgp/t\n" + "UYhrv56cVf9MWrBEbVBg79yiyWb+rrXhk9KeMbFFsxNEWiA5TREejEhVXwIDAQAB\n" + "o4IDdjCCA3IwMgYDVR0RBCswKYIPYWN0aW9uLmFjbHUub3Jnggx3d3cuYWNsdS5v\n" + "cmeCCGFjbHUub3JnMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMGEGA1UdIARa\n" + "MFgwVgYGZ4EMAQICMEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20v\n" + "Y3BzMCUGCCsGAQUFBwICMBkMF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMCsGA1Ud\n" + "HwQkMCIwIKAeoByGGmh0dHA6Ly9zZy5zeW1jYi5jb20vc2cuY3JsMB0GA1UdJQQW\n" + "MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAfBgNVHSMEGDAWgBTbYiD7fQKJfNI7b8fk\n" + "MmwFUh2tsTBXBggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zZy5z\n" + "eW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6Ly9zZy5zeW1jYi5jb20vc2cuY3J0\n" + "MIIB9gYKKwYBBAHWeQIEAgSCAeYEggHiAeAAdQDd6x0reg1PpiCLga2BaHB+Lo6d\n" + "AdVciI09EcTNtuy+zAAAAVrspLZKAAAEAwBGMEQCIEuVHq0xyXfN8XP0Ly8eTEJB\n" + "3XMAKhaercn0EqjtgNUPAiBN+/pUJ9EwF4yh2hRU1U3KkdzTI+KDerLZCl004ADF\n" + "cgB3AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABWuyktugAAAQD\n" + "AEgwRgIhAPoMU/iz0Ne4vgM4cQol7zLVS8xEc18natc9EgLpOqvvAiEAtyt6nMg7\n" + "18/axecg1fk2dcDKCP8EpEJWnabnDRwMb00AdgDuS723dc5guuFCaR+r4Z5mow9+\n" + "X7By2IMAxHuJeqj9ywAAAVrspLadAAAEAwBHMEUCIH8pZN5die2lOt6i2NS57xxd\n" + "uo12mGZ4Xt6cPARVZCipAiEAxOGXK63gCml0jZnlBAN/41YMCNF0cCl9rMIRmEOe\n" + "ffYAdgC8eOHfxfY8aEZJM02hD6FfCXlpIAnAgbTz9pF/Ptm4pQAAAVrspLdAAAAE\n" + "AwBHMEUCIDtHn+q93n/mGGzdFZb9PImevE3t8yi4FpEKQh3fN+HdAiEA618tN/lR\n" + "9m8dh0BVfHAJ9o3CAT53sWjO37sFhHPNOT4wDQYJKoZIhvcNAQELBQADggEBALEV\n" + "pKCM+njCWn74ThjbBEH23rWDYNU3Dl4O5J1U0wJdp4uTvZQbTHlvuAYnQr2WUBX5\n" + "OOvZdVLKDZJqZ/KJ2TLjBUQGWHylu6kE2PWuOTrJ6eC2UnR8zj0RavELHXuGUmQt\n" + "p5UESDjGI6IUDfI6IdxIKydnIStQLuKlaGsz3bsD1yc8XfCNjkmxf3DfC2qnnO6q\n" + "0i2o1SkjCesCqrgPQuVM95vF5I+dRcrk1nHOLCgDLYeoOSFpkPzk5EF7gDrfuLHn\n" + "a7MqZSlOcbf6XcGmsOPH0SCYLyNiJwuBX2W3fw2rP9adpWniGK5kyIEU6Nrkgc31\n" + "ESMyYNL3A9igh1jySzg=\n" + "-----END CERTIFICATE-----\n"; static unsigned char ct_extension_der[486] = { 0x04, 0x82, 0x01, 0xe2, 0x01, 0xe0, 0x00, 0x75, 0x00, 0xdd, 0xeb, 0x1d, @@ -122,7 +123,7 @@ static unsigned char ct_extension_der[486] = { 0x05, 0x84, 0x73, 0xcd, 0x39, 0x3e }; -static void check_scts(const gnutls_datum_t * ext) +static void check_scts(const gnutls_datum_t *ext) { int ret; unsigned int i, version; @@ -138,46 +139,50 @@ static void check_scts(const gnutls_datum_t * ext) gnutls_sign_algorithm_t sigalg; gnutls_datum_t sig; } expected_data[NUM_EXPECTED_SCTS] = { - { - .logid = - "\xdd\xeb\x1d\x2b\x7a\x0d\x4f\xa6\x20\x8b\x81\xad\x81\x68\x70\x7e" - "\x2e\x8e\x9d\x01\xd5\x5c\x88\x8d\x3d\x11\xc4\xcd\xb6\xec\xbe\xcc", - .sigalg = GNUTLS_SIGN_ECDSA_SHA256, - .sig = { - .size = 70, - .data = (unsigned char *) - "\x30\x44\x02\x20\x4b\x95\x1e\xad\x31\xc9\x77\xcd\xf1\x73\xf4\x2f" "\x2f\x1e\x4c\x42\x41\xdd\x73\x00\x2a\x16\x9e\xad\xc9\xf4\x12\xa8" "\xed\x80\xd5\x0f\x02\x20\x4d\xfb\xfa\x54\x27\xd1\x30\x17\x8c\xa1" "\xda\x14\x54\xd5\x4d\xca\x91\xdc\xd3\x23\xe2\x83\x7a\xb2\xd9\x0a" "\x5d\x34\xe0\x00\xc5\x72"} - }, - { - .logid = - "\xa4\xb9\x09\x90\xb4\x18\x58\x14\x87\xbb\x13\xa2\xcc\x67\x70\x0a" - "\x3c\x35\x98\x04\xf9\x1b\xdf\xb8\xe3\x77\xcd\x0e\xc8\x0d\xdc\x10", - .sigalg = GNUTLS_SIGN_ECDSA_SHA256, - .sig = { - .size = 72, - .data = (unsigned char *) - "\x30\x46\x02\x21\x00\xfa\x0c\x53\xf8\xb3\xd0\xd7\xb8\xbe\x03\x38" "\x71\x0a\x25\xef\x32\xd5\x4b\xcc\x44\x73\x5f\x27\x6a\xd7\x3d\x12" "\x02\xe9\x3a\xab\xef\x02\x21\x00\xb7\x2b\x7a\x9c\xc8\x3b\xd7\xcf" "\xda\xc5\xe7\x20\xd5\xf9\x36\x75\xc0\xca\x08\xff\x04\xa4\x42\x56" "\x9d\xa6\xe7\x0d\x1c\x0c\x6f\x4d"} - }, - { - .logid = - "\xee\x4b\xbd\xb7\x75\xce\x60\xba\xe1\x42\x69\x1f\xab\xe1\x9e\x66" - "\xa3\x0f\x7e\x5f\xb0\x72\xd8\x83\x00\xc4\x7b\x89\x7a\xa8\xfd\xcb", - .sigalg = GNUTLS_SIGN_ECDSA_SHA256, - .sig = { - .size = 71, - .data = (unsigned char *) - "\x30\x45\x02\x20\x7f\x29\x64\xde\x5d\x89\xed\xa5\x3a\xde\xa2\xd8" "\xd4\xb9\xef\x1c\x5d\xba\x8d\x76\x98\x66\x78\x5e\xde\x9c\x3c\x04" "\x55\x64\x28\xa9\x02\x21\x00\xc4\xe1\x97\x2b\xad\xe0\x0a\x69\x74" "\x8d\x99\xe5\x04\x03\x7f\xe3\x56\x0c\x08\xd1\x74\x70\x29\x7d\xac" "\xc2\x11\x98\x43\x9e\x7d\xf6"} - }, - { - .logid = - "\xbc\x78\xe1\xdf\xc5\xf6\x3c\x68\x46\x49\x33\x4d\xa1\x0f\xa1\x5f" - "\x09\x79\x69\x20\x09\xc0\x81\xb4\xf3\xf6\x91\x7f\x3e\xd9\xb8\xa5", - .sigalg = GNUTLS_SIGN_ECDSA_SHA256, - .sig = { - .size = 71, - .data = (unsigned char *) - "\x30\x45\x02\x20\x3b\x47\x9f\xea\xbd\xde\x7f\xe6\x18\x6c\xdd\x15" "\x96\xfd\x3c\x89\x9e\xbc\x4d\xed\xf3\x28\xb8\x16\x91\x0a\x42\x1d" "\xdf\x37\xe1\xdd\x02\x21\x00\xeb\x5f\x2d\x37\xf9\x51\xf6\x6f\x1d" "\x87\x40\x55\x7c\x70\x09\xf6\x8d\xc2\x01\x3e\x77\xb1\x68\xce\xdf" "\xbb\x05\x84\x73\xcd\x39\x3e"} - } + { .logid = + "\xdd\xeb\x1d\x2b\x7a\x0d\x4f\xa6\x20\x8b\x81\xad\x81\x68\x70\x7e" + "\x2e\x8e\x9d\x01\xd5\x5c\x88\x8d\x3d\x11\xc4\xcd\xb6\xec\xbe\xcc", + .sigalg = GNUTLS_SIGN_ECDSA_SHA256, + .sig = { .size = 70, + .data = (unsigned char + *)"\x30\x44\x02\x20\x4b\x95\x1e\xad\x31\xc9\x77\xcd\xf1\x73\xf4\x2f" + "\x2f\x1e\x4c\x42\x41\xdd\x73\x00\x2a\x16\x9e\xad\xc9\xf4\x12\xa8" + "\xed\x80\xd5\x0f\x02\x20\x4d\xfb\xfa\x54\x27\xd1\x30\x17\x8c\xa1" + "\xda\x14\x54\xd5\x4d\xca\x91\xdc\xd3\x23\xe2\x83\x7a\xb2\xd9\x0a" + "\x5d\x34\xe0\x00\xc5\x72" } }, + { .logid = + "\xa4\xb9\x09\x90\xb4\x18\x58\x14\x87\xbb\x13\xa2\xcc\x67\x70\x0a" + "\x3c\x35\x98\x04\xf9\x1b\xdf\xb8\xe3\x77\xcd\x0e\xc8\x0d\xdc\x10", + .sigalg = GNUTLS_SIGN_ECDSA_SHA256, + .sig = { .size = 72, + .data = (unsigned char + *)"\x30\x46\x02\x21\x00\xfa\x0c\x53\xf8\xb3\xd0\xd7\xb8\xbe\x03\x38" + "\x71\x0a\x25\xef\x32\xd5\x4b\xcc\x44\x73\x5f\x27\x6a\xd7\x3d\x12" + "\x02\xe9\x3a\xab\xef\x02\x21\x00\xb7\x2b\x7a\x9c\xc8\x3b\xd7\xcf" + "\xda\xc5\xe7\x20\xd5\xf9\x36\x75\xc0\xca\x08\xff\x04\xa4\x42\x56" + "\x9d\xa6\xe7\x0d\x1c\x0c\x6f\x4d" } }, + { .logid = + "\xee\x4b\xbd\xb7\x75\xce\x60\xba\xe1\x42\x69\x1f\xab\xe1\x9e\x66" + "\xa3\x0f\x7e\x5f\xb0\x72\xd8\x83\x00\xc4\x7b\x89\x7a\xa8\xfd\xcb", + .sigalg = GNUTLS_SIGN_ECDSA_SHA256, + .sig = { .size = 71, + .data = (unsigned char + *)"\x30\x45\x02\x20\x7f\x29\x64\xde\x5d\x89\xed\xa5\x3a\xde\xa2\xd8" + "\xd4\xb9\xef\x1c\x5d\xba\x8d\x76\x98\x66\x78\x5e\xde\x9c\x3c\x04" + "\x55\x64\x28\xa9\x02\x21\x00\xc4\xe1\x97\x2b\xad\xe0\x0a\x69\x74" + "\x8d\x99\xe5\x04\x03\x7f\xe3\x56\x0c\x08\xd1\x74\x70\x29\x7d\xac" + "\xc2\x11\x98\x43\x9e\x7d\xf6" } }, + { .logid = + "\xbc\x78\xe1\xdf\xc5\xf6\x3c\x68\x46\x49\x33\x4d\xa1\x0f\xa1\x5f" + "\x09\x79\x69\x20\x09\xc0\x81\xb4\xf3\xf6\x91\x7f\x3e\xd9\xb8\xa5", + .sigalg = GNUTLS_SIGN_ECDSA_SHA256, + .sig = { .size = 71, + .data = (unsigned char + *)"\x30\x45\x02\x20\x3b\x47\x9f\xea\xbd\xde\x7f\xe6\x18\x6c\xdd\x15" + "\x96\xfd\x3c\x89\x9e\xbc\x4d\xed\xf3\x28\xb8\x16\x91\x0a\x42\x1d" + "\xdf\x37\xe1\xdd\x02\x21\x00\xeb\x5f\x2d\x37\xf9\x51\xf6\x6f\x1d" + "\x87\x40\x55\x7c\x70\x09\xf6\x8d\xc2\x01\x3e\x77\xb1\x68\xce\xdf" + "\xbb\x05\x84\x73\xcd\x39\x3e" } } }; ret = gnutls_x509_ext_ct_scts_init(&scts); @@ -196,15 +201,13 @@ static void check_scts(const gnutls_datum_t * ext) fail("gnutls_x509_ct_sct_get_version"); if (version != 1) fail("invalid version"); - if (gnutls_x509_ct_sct_get(scts, i, - ×tamp, - &logid, &sigalg, &sig) < 0) + if (gnutls_x509_ct_sct_get(scts, i, ×tamp, &logid, &sigalg, + &sig) < 0) fail("gnutls_x509_ct_sct_v1_get"); if (logid.size != EXPECTED_LOGID_SIZE) fail("Log ID sizes do not match for SCT %d", i); - if (memcmp - (logid.data, expected_data[i].logid, - EXPECTED_LOGID_SIZE) != 0) + if (memcmp(logid.data, expected_data[i].logid, + EXPECTED_LOGID_SIZE) != 0) fail("Log IDs do not match for SCT %d", i); if (sigalg != expected_data[i].sigalg) fail("Signature algorithms for SCT %d do not match", i); @@ -269,8 +272,8 @@ void doit(void) fail("gnutls_x509_crt_get_extension_oid"); if (strcmp(oid, GNUTLS_X509EXT_OID_CT_SCT_V1) == 0) { - ret = - gnutls_x509_crt_get_extension_data2(cert, i, &ext); + ret = gnutls_x509_crt_get_extension_data2(cert, i, + &ext); if (ret < 0) fail("gnutls_x509_crt_get_extension_data2"); check_scts(&ext); diff --git a/tests/x509cert-dntypes.c b/tests/x509cert-dntypes.c index 291d760455..a2d1dfeac5 100644 --- a/tests/x509cert-dntypes.c +++ b/tests/x509cert-dntypes.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -42,51 +42,52 @@ static void tls_log_func(int level, const char *str) * cert uses different ASN.1 types, which is uncommon but allowed */ static unsigned char server_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDZTCCAc2gAwIBAgIUB7aVTQvtbBpOEtKELkBkLViM0eIwDQYJKoZIhvcNAQEL\n" - "BQAwEjEQMA4GA1UEAwwHVGVzdCBDQTAeFw0yMDAzMjYxMDE4NTdaFw0yMTAzMjYx\n" - "MDE4NTdaMBYxFDASBgNVBAMMC1Rlc3QgY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF\n" - "AAOCAQ8AMIIBCgKCAQEAviqj5S/xe39agbMnq/oPAQmdIhalB17Ewc3AZlD8n+zQ\n" - "scPDNvnk4gxSeSXePtXmh0OaGcBKbMAkjiyo2gPBmV3ay34LQuk97nJxE2TUAWMm\n" - "S8yFwP3yoE+GZ5eYjv+HGQxeAP9uHLjho/jHjVGgUOCVv1QjsKyRx8Tuvy9TH3ON\n" - "DuMPw3Jmnq0OhLy2+SjU0ug5jxfWJvnfeGoFzRgalmWGyoAQsH9bqha/D44QSen+\n" - "Zbbt/A4uNIILAENYuHXEfvpmBuZPpocOb6h2huGbp6iHZfdZUHso37UmWT6PXh+2\n" - "dASPaCpAr3bURBhnEsQM43njb8METZewMeoQxwZC0QIDAQABoy8wLTAMBgNVHRMB\n" - "Af8EAjAAMB0GA1UdDgQWBBSb3h7ZbajS/2RWx2a7hTVSkur0FDANBgkqhkiG9w0B\n" - "AQsFAAOCAYEAPfwyvOwNEjIvlifjBVhiWmrtZAS2YaY9jqFnaA2PvYY2FVyC3AMu\n" - "3BGAorau/4DL3P92/9SlygEmBQpqCq+AJnQRH6WKFT4avAOmw3yc0++st+DhGK0I\n" - "6Cr69WccVi0Kmxi1XP4dpPDWSuVCOP6rGc3ulgEH83xF4ZL+3qVA9Fihsie3ZZme\n" - "7mqWOznVO1MZHLDFIUEoRdOSin5bIkl7FPOCZqMsWRM41GuA1h4aX/X5dLeqRW1c\n" - "mJ5CNRWwPIPcwgqeldFnx07svCv9QseUDaIw+C9vZOlgfIgp0qeYoR6fsD38WcUC\n" - "eJPsOUwhdhMcw+/PM16iwzd89dI+PCecFY9FeLh9YeihZm0DnG8L0To1Y2ry+WRf\n" - "w5knR3FReHPcelymvSKZSEG0d/KKHXBeKWgcrCrdnn4ya71eblsNzO3vnxB5k0Zj\n" - "WcQ3wfeftQKDEIuaRHUP6B4zx2teJWMWvJLcXuavoqo0z3L5EN74RztCpnP9ykSH\n" - "ZsYWoJ3aelFv\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIDZTCCAc2gAwIBAgIUB7aVTQvtbBpOEtKELkBkLViM0eIwDQYJKoZIhvcNAQEL\n" + "BQAwEjEQMA4GA1UEAwwHVGVzdCBDQTAeFw0yMDAzMjYxMDE4NTdaFw0yMTAzMjYx\n" + "MDE4NTdaMBYxFDASBgNVBAMMC1Rlc3QgY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF\n" + "AAOCAQ8AMIIBCgKCAQEAviqj5S/xe39agbMnq/oPAQmdIhalB17Ewc3AZlD8n+zQ\n" + "scPDNvnk4gxSeSXePtXmh0OaGcBKbMAkjiyo2gPBmV3ay34LQuk97nJxE2TUAWMm\n" + "S8yFwP3yoE+GZ5eYjv+HGQxeAP9uHLjho/jHjVGgUOCVv1QjsKyRx8Tuvy9TH3ON\n" + "DuMPw3Jmnq0OhLy2+SjU0ug5jxfWJvnfeGoFzRgalmWGyoAQsH9bqha/D44QSen+\n" + "Zbbt/A4uNIILAENYuHXEfvpmBuZPpocOb6h2huGbp6iHZfdZUHso37UmWT6PXh+2\n" + "dASPaCpAr3bURBhnEsQM43njb8METZewMeoQxwZC0QIDAQABoy8wLTAMBgNVHRMB\n" + "Af8EAjAAMB0GA1UdDgQWBBSb3h7ZbajS/2RWx2a7hTVSkur0FDANBgkqhkiG9w0B\n" + "AQsFAAOCAYEAPfwyvOwNEjIvlifjBVhiWmrtZAS2YaY9jqFnaA2PvYY2FVyC3AMu\n" + "3BGAorau/4DL3P92/9SlygEmBQpqCq+AJnQRH6WKFT4avAOmw3yc0++st+DhGK0I\n" + "6Cr69WccVi0Kmxi1XP4dpPDWSuVCOP6rGc3ulgEH83xF4ZL+3qVA9Fihsie3ZZme\n" + "7mqWOznVO1MZHLDFIUEoRdOSin5bIkl7FPOCZqMsWRM41GuA1h4aX/X5dLeqRW1c\n" + "mJ5CNRWwPIPcwgqeldFnx07svCv9QseUDaIw+C9vZOlgfIgp0qeYoR6fsD38WcUC\n" + "eJPsOUwhdhMcw+/PM16iwzd89dI+PCecFY9FeLh9YeihZm0DnG8L0To1Y2ry+WRf\n" + "w5knR3FReHPcelymvSKZSEG0d/KKHXBeKWgcrCrdnn4ya71eblsNzO3vnxB5k0Zj\n" + "WcQ3wfeftQKDEIuaRHUP6B4zx2teJWMWvJLcXuavoqo0z3L5EN74RztCpnP9ykSH\n" + "ZsYWoJ3aelFv\n" + "-----END CERTIFICATE-----\n"; static unsigned char ca_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIID5DCCAkygAwIBAgIUB4lnLAeQ20wlYbqt5ykgvWOPNzgwDQYJKoZIhvcNAQEL\n" - "BQAwEjEQMA4GA1UEAxMHVGVzdCBDQTAeFw0yMDAzMjYxMDI0MjhaFw0yMDAzMjcx\n" - "MDI0MjhaMBIxEDAOBgNVBAMTB1Rlc3QgQ0EwggGiMA0GCSqGSIb3DQEBAQUAA4IB\n" - "jwAwggGKAoIBgQCt9z/noU7qCPquzzgwNvu/rwXyIvxmqdWhpfpBOmVq8wpgUDUU\n" - "cQ94F65UfTo3EcYXCoDs43E4Wo8KmF5YQM2xK+LrH28XmpL3z+NoQGaZoUVrMWp6\n" - "rbIeoGZvITaaGn2uEbGT7iRkBUdS4wOjUT13IxpG8cM4d0i0DIsqSlUPnQCfyMqf\n" - "jsVhO9IQsn7qMo0+2nNCI5JqblEXRvL39hHzJMOsq1NRqZO1Zjt9HCIB7m7Q42Jx\n" - "e8zm7RzTiBFVKecxb5h4mmt3tUZQ0Kjd94yE6ARSE0rULmO+6H7hgI6sU8vqfSFe\n" - "DimQ5mPReumBRDcErX+c7bRGPRul41kAB8XvPmAHG8xCepjH8xrgY/FeVBQT74xm\n" - "MEYQaxdGpa8Azx6MZCrZOI0rzu+zI0CBQGE1h1Xk8HBozrn/G2OOAZcXyzHzq56R\n" - "Z52zEQYFZmKH9tHTDI6fMfo8clr7esb/wmgEOt/lJYE9IMJrzUh+IwWuowdYaDVj\n" - "nMrboUBVepmBKSUCAwEAAaMyMDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU\n" - "rhkYiczAkbCcVfNr67VGGaqilbgwDQYJKoZIhvcNAQELBQADggGBAGYiUTKdYBXk\n" - "lZFIhZkCc33/lCgJw2mSrdAd+xJmJonRPy3qmYy3HniOmQdRVqResLALubz89VjJ\n" - "dSeokujFrlNtb4CygojseqTsxWgeZlKjLU3tJ/Xn+DFIiP7k9+WPW7KFIIW0fq61\n" - "MAI0lKjqpC8sJTlXoJemDw9MW/380nKr+K1YY3arRzsSHEIeA54xOggKEwvgz11A\n" - "47xT83WoLwFQ4e9LZfCsL/M51lsLHAlJzDKyTTeSxCi/C6kUIzx8QyxHKYgBuNxz\n" - "8vVLY/YzUv/l5ELYQ9gkAX0vZWdw7pqASUY8yvbzImrWqjFAHeN3zK687Ke9uppS\n" - "dmjvPwvTK+SKm++NR8YCwb3xqHQHMYHV3lxjlOhaN6rxBW0l4gtvb2FMlhcljiZ+\n" - "tF2ObVwEs6nqJSGrzubp0os+WmnbVSCaHz9jnRWb68C87mXCZkbA7FTSKJOVuqRM\n" - "vVTcHQ7jwGQ2/SvikndFQ53zi2j9o/jTOiFv29rEOeHu67UAiFSi2A==\n" - "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIID5DCCAkygAwIBAgIUB4lnLAeQ20wlYbqt5ykgvWOPNzgwDQYJKoZIhvcNAQEL\n" + "BQAwEjEQMA4GA1UEAxMHVGVzdCBDQTAeFw0yMDAzMjYxMDI0MjhaFw0yMDAzMjcx\n" + "MDI0MjhaMBIxEDAOBgNVBAMTB1Rlc3QgQ0EwggGiMA0GCSqGSIb3DQEBAQUAA4IB\n" + "jwAwggGKAoIBgQCt9z/noU7qCPquzzgwNvu/rwXyIvxmqdWhpfpBOmVq8wpgUDUU\n" + "cQ94F65UfTo3EcYXCoDs43E4Wo8KmF5YQM2xK+LrH28XmpL3z+NoQGaZoUVrMWp6\n" + "rbIeoGZvITaaGn2uEbGT7iRkBUdS4wOjUT13IxpG8cM4d0i0DIsqSlUPnQCfyMqf\n" + "jsVhO9IQsn7qMo0+2nNCI5JqblEXRvL39hHzJMOsq1NRqZO1Zjt9HCIB7m7Q42Jx\n" + "e8zm7RzTiBFVKecxb5h4mmt3tUZQ0Kjd94yE6ARSE0rULmO+6H7hgI6sU8vqfSFe\n" + "DimQ5mPReumBRDcErX+c7bRGPRul41kAB8XvPmAHG8xCepjH8xrgY/FeVBQT74xm\n" + "MEYQaxdGpa8Azx6MZCrZOI0rzu+zI0CBQGE1h1Xk8HBozrn/G2OOAZcXyzHzq56R\n" + "Z52zEQYFZmKH9tHTDI6fMfo8clr7esb/wmgEOt/lJYE9IMJrzUh+IwWuowdYaDVj\n" + "nMrboUBVepmBKSUCAwEAAaMyMDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU\n" + "rhkYiczAkbCcVfNr67VGGaqilbgwDQYJKoZIhvcNAQELBQADggGBAGYiUTKdYBXk\n" + "lZFIhZkCc33/lCgJw2mSrdAd+xJmJonRPy3qmYy3HniOmQdRVqResLALubz89VjJ\n" + "dSeokujFrlNtb4CygojseqTsxWgeZlKjLU3tJ/Xn+DFIiP7k9+WPW7KFIIW0fq61\n" + "MAI0lKjqpC8sJTlXoJemDw9MW/380nKr+K1YY3arRzsSHEIeA54xOggKEwvgz11A\n" + "47xT83WoLwFQ4e9LZfCsL/M51lsLHAlJzDKyTTeSxCi/C6kUIzx8QyxHKYgBuNxz\n" + "8vVLY/YzUv/l5ELYQ9gkAX0vZWdw7pqASUY8yvbzImrWqjFAHeN3zK687Ke9uppS\n" + "dmjvPwvTK+SKm++NR8YCwb3xqHQHMYHV3lxjlOhaN6rxBW0l4gtvb2FMlhcljiZ+\n" + "tF2ObVwEs6nqJSGrzubp0os+WmnbVSCaHz9jnRWb68C87mXCZkbA7FTSKJOVuqRM\n" + "vVTcHQ7jwGQ2/SvikndFQ53zi2j9o/jTOiFv29rEOeHu67UAiFSi2A==\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t server = { server_pem, sizeof(server_pem) - 1 }; const gnutls_datum_t ca = { ca_pem, sizeof(ca_pem) - 1 }; diff --git a/tests/x509cert-invalid.c b/tests/x509cert-invalid.c index fb2bd845af..0c666e420c 100644 --- a/tests/x509cert-invalid.c +++ b/tests/x509cert-invalid.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -44,51 +44,52 @@ static void tls_log_func(int level, const char *str) /* this has a different signature algorithm in tbsCertificate and signatureAlgorithm. * the algorithm in signatureAlgorithm is wrong */ static unsigned char inconsistent_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICwzCCAXugAwIBAgIIVOei+gI+zMYwDQYJKoZIhvcNAQELBQAwGTEXMBUGA1UE\n" - "AxMOR251VExTIFRlc3QgQ0EwIhgPMjAxNTAyMjAyMTExMjJaGA85OTk5MTIzMTIz\n" - "NTk1OVowFzEVMBMGA1UEAxMMV3Jvbmcgc2lnYWxnMIGfMA0GCSqGSIb3DQEBAQUA\n" - "A4GNADCBiQKBgQDKivjLpeml2GINsAimC6xwTxj44mLcxS+u69yFXFg2Z/AepUU+\n" - "IvfqVOeRVgg1WHrh+DZLuoC6kwn7a2afUTzytrITKni+J14ENa/ZcF2MrhSM8WZ1\n" - "NWrmvUltjkbJQIwyVPuIweRH1ECqSFxVqBT8RwYZ27FzTL8WF1JnlSlKuQIDAQAB\n" - "o2EwXzAMBgNVHRMBAf8EAjAAMA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFK9V\n" - "bbSoqbHWgZwkzN57nbmAyyTwMB8GA1UdIwQYMBaAFE1Wt2oAWPFnkvSmdVUbjlMB\n" - "A+/PMA0GCSqGSIb3DQEBBAUAA4IBMQCT2A88WEahnJgfXTjLbThqc/ICOg4dnk61\n" - "zhaTkgK3is7T8gQrTqEbaVF4qu5gOLN6Z+xluii+ApZKKpKSyYLXS6MS3nJ6xGTi\n" - "SOqixmPv7qfQnkUvUTagZymnWQ3GxRxjAv65YpmGyti+/TdkYWDQ9R/D/sWPJO8o\n" - "YrFNw1ZXAaNMg4EhhGZ4likMlww+e5NPfJsJ32AovveTFKqSrvabb4UtrUJTwsC4\n" - "Bd018g2MEhTkxeTQTqzIL98CoSBJjbbZD/YW13J/3xU590QpHTgni5hAni27IFLr\n" - "1V+UJAglBs8qYiUzv/GjwbRt8TDzYVjvc+5MvPaGpoTcmdQyi9/L+3s8J6dX3i93\n" - "TneIXeExwjTmXKL7NG+KQz9/F4FJChRXR6X1zsSB45DzoCoGMmzD\n" - "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIICwzCCAXugAwIBAgIIVOei+gI+zMYwDQYJKoZIhvcNAQELBQAwGTEXMBUGA1UE\n" + "AxMOR251VExTIFRlc3QgQ0EwIhgPMjAxNTAyMjAyMTExMjJaGA85OTk5MTIzMTIz\n" + "NTk1OVowFzEVMBMGA1UEAxMMV3Jvbmcgc2lnYWxnMIGfMA0GCSqGSIb3DQEBAQUA\n" + "A4GNADCBiQKBgQDKivjLpeml2GINsAimC6xwTxj44mLcxS+u69yFXFg2Z/AepUU+\n" + "IvfqVOeRVgg1WHrh+DZLuoC6kwn7a2afUTzytrITKni+J14ENa/ZcF2MrhSM8WZ1\n" + "NWrmvUltjkbJQIwyVPuIweRH1ECqSFxVqBT8RwYZ27FzTL8WF1JnlSlKuQIDAQAB\n" + "o2EwXzAMBgNVHRMBAf8EAjAAMA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFK9V\n" + "bbSoqbHWgZwkzN57nbmAyyTwMB8GA1UdIwQYMBaAFE1Wt2oAWPFnkvSmdVUbjlMB\n" + "A+/PMA0GCSqGSIb3DQEBBAUAA4IBMQCT2A88WEahnJgfXTjLbThqc/ICOg4dnk61\n" + "zhaTkgK3is7T8gQrTqEbaVF4qu5gOLN6Z+xluii+ApZKKpKSyYLXS6MS3nJ6xGTi\n" + "SOqixmPv7qfQnkUvUTagZymnWQ3GxRxjAv65YpmGyti+/TdkYWDQ9R/D/sWPJO8o\n" + "YrFNw1ZXAaNMg4EhhGZ4likMlww+e5NPfJsJ32AovveTFKqSrvabb4UtrUJTwsC4\n" + "Bd018g2MEhTkxeTQTqzIL98CoSBJjbbZD/YW13J/3xU590QpHTgni5hAni27IFLr\n" + "1V+UJAglBs8qYiUzv/GjwbRt8TDzYVjvc+5MvPaGpoTcmdQyi9/L+3s8J6dX3i93\n" + "TneIXeExwjTmXKL7NG+KQz9/F4FJChRXR6X1zsSB45DzoCoGMmzD\n" + "-----END CERTIFICATE-----\n"; /* this has a different signature algorithm in tbsCertificate and signatureAlgorithm. * the algorithm in tbsCertificate is wrong */ static unsigned char inconsistent2_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIC1DCCAYygAwIBAgIIVOem0AaBE/EwDQYJKoZIhvcNAQEEBQAwGTEXMBUGA1UE\n" - "AxMOR251VExTIFRlc3QgQ0EwIhgPMjAxNTAyMjAyMTI3NDRaGA85OTk5MTIzMTIz\n" - "NTk1OVowKDEmMCQGA1UEAxMdSW52YWxpZCB0YnNDZXJ0aWZpY2F0ZSBzaWdhbGcw\n" - "gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMqK+Mul6aXYYg2wCKYLrHBPGPji\n" - "YtzFL67r3IVcWDZn8B6lRT4i9+pU55FWCDVYeuH4Nku6gLqTCftrZp9RPPK2shMq\n" - "eL4nXgQ1r9lwXYyuFIzxZnU1aua9SW2ORslAjDJU+4jB5EfUQKpIXFWoFPxHBhnb\n" - "sXNMvxYXUmeVKUq5AgMBAAGjYTBfMAwGA1UdEwEB/wQCMAAwDwYDVR0PAQH/BAUD\n" - "AwegADAdBgNVHQ4EFgQUr1VttKipsdaBnCTM3nuduYDLJPAwHwYDVR0jBBgwFoAU\n" - "TVa3agBY8WeS9KZ1VRuOUwED788wDQYJKoZIhvcNAQELBQADggExAEsjzyOB8ntk\n" - "1BW4UhHdDSOZNrR4Ep0y2B3tjoOlXmcQD50WQb7NF/vYGeZN/y+WHEF9OAnneEIi\n" - "5wRHLnm1jP/bXd5Po3EsaTLmpE7rW99DYlHaNRcF5z+a+qTdj7mRsnUtv6o2ItNT\n" - "m81yQr0Lw0D31agU9IAzeXZy+Dm6dQnO1GAaHlOJQR1PZIOzOtYxqodla0qxuvga\n" - "nL+quIR29t8nb7j+n8l1+2WxCUoxEO0wv37t3MQxjXUxzGfo5NDcXqH1364UBzdM\n" - "rOBPX50B4LUyV5gNdWMIGVSMX3fTE+j3b+60w6NALXDzGoSGLQH48hpi/Mxzqctt\n" - "gl58/RqS+nTNQ7c6QMhTj+dgaCE/DUGJJf0354dYp7p43nabr+ZtaMPUaGUQ/1UC\n" - "C5/QFweC23w=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t inconsistent = - { inconsistent_pem, sizeof(inconsistent_pem) - 1 }; -const gnutls_datum_t inconsistent2 = - { inconsistent2_pem, sizeof(inconsistent2_pem) - 1 }; - -static time_t mytime(time_t * t) + "-----BEGIN CERTIFICATE-----\n" + "MIIC1DCCAYygAwIBAgIIVOem0AaBE/EwDQYJKoZIhvcNAQEEBQAwGTEXMBUGA1UE\n" + "AxMOR251VExTIFRlc3QgQ0EwIhgPMjAxNTAyMjAyMTI3NDRaGA85OTk5MTIzMTIz\n" + "NTk1OVowKDEmMCQGA1UEAxMdSW52YWxpZCB0YnNDZXJ0aWZpY2F0ZSBzaWdhbGcw\n" + "gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMqK+Mul6aXYYg2wCKYLrHBPGPji\n" + "YtzFL67r3IVcWDZn8B6lRT4i9+pU55FWCDVYeuH4Nku6gLqTCftrZp9RPPK2shMq\n" + "eL4nXgQ1r9lwXYyuFIzxZnU1aua9SW2ORslAjDJU+4jB5EfUQKpIXFWoFPxHBhnb\n" + "sXNMvxYXUmeVKUq5AgMBAAGjYTBfMAwGA1UdEwEB/wQCMAAwDwYDVR0PAQH/BAUD\n" + "AwegADAdBgNVHQ4EFgQUr1VttKipsdaBnCTM3nuduYDLJPAwHwYDVR0jBBgwFoAU\n" + "TVa3agBY8WeS9KZ1VRuOUwED788wDQYJKoZIhvcNAQELBQADggExAEsjzyOB8ntk\n" + "1BW4UhHdDSOZNrR4Ep0y2B3tjoOlXmcQD50WQb7NF/vYGeZN/y+WHEF9OAnneEIi\n" + "5wRHLnm1jP/bXd5Po3EsaTLmpE7rW99DYlHaNRcF5z+a+qTdj7mRsnUtv6o2ItNT\n" + "m81yQr0Lw0D31agU9IAzeXZy+Dm6dQnO1GAaHlOJQR1PZIOzOtYxqodla0qxuvga\n" + "nL+quIR29t8nb7j+n8l1+2WxCUoxEO0wv37t3MQxjXUxzGfo5NDcXqH1364UBzdM\n" + "rOBPX50B4LUyV5gNdWMIGVSMX3fTE+j3b+60w6NALXDzGoSGLQH48hpi/Mxzqctt\n" + "gl58/RqS+nTNQ7c6QMhTj+dgaCE/DUGJJf0354dYp7p43nabr+ZtaMPUaGUQ/1UC\n" + "C5/QFweC23w=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t inconsistent = { inconsistent_pem, + sizeof(inconsistent_pem) - 1 }; +const gnutls_datum_t inconsistent2 = { inconsistent2_pem, + sizeof(inconsistent2_pem) - 1 }; + +static time_t mytime(time_t *t) { time_t then = 1424466893; diff --git a/tests/x509cert-tl.c b/tests/x509cert-tl.c index f4b15bad56..2b542461a7 100644 --- a/tests/x509cert-tl.c +++ b/tests/x509cert-tl.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -44,136 +44,135 @@ static void tls_log_func(int level, const char *str) } static unsigned char ca_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIB5zCCAVKgAwIBAgIERiYdJzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTExWhcNMDgwNDE3MTMyOTExWjAZMRcw\n" - "FQYDVQQDEw5HbnVUTFMgdGVzdCBDQTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA\n" - "vuyYeh1vfmslnuggeEKgZAVmQ5ltSdUY7H25WGSygKMUYZ0KT74v8C780qtcNt9T\n" - "7EPH/N6RvB4BprdssgcQLsthR3XKA84jbjjxNCcaGs33lvOz8A1nf8p3hD+cKfRi\n" - "kfYSW2JazLrtCC4yRCas/SPOUxu78of+3HiTfFm/oXUCAwEAAaNDMEEwDwYDVR0T\n" - "AQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBTpPBz7rZJu5gak\n" - "Viyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAiaIRqGfp1jPpNeVhABK60SU0KIAy\n" - "njuu7kHq5peUgYn8Jd9zNzExBOEp1VOipGsf6G66oQAhDFp2o8zkz7ZH71zR4HEW\n" - "KoX6n5Emn6DvcEH/9pAhnGxNHJAoS7czTKv/JDZJhkqHxyrE1fuLsg5Qv25DTw7+\n" - "PfqUpIhz5Bbm7J4=\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIB5zCCAVKgAwIBAgIERiYdJzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTExWhcNMDgwNDE3MTMyOTExWjAZMRcw\n" + "FQYDVQQDEw5HbnVUTFMgdGVzdCBDQTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA\n" + "vuyYeh1vfmslnuggeEKgZAVmQ5ltSdUY7H25WGSygKMUYZ0KT74v8C780qtcNt9T\n" + "7EPH/N6RvB4BprdssgcQLsthR3XKA84jbjjxNCcaGs33lvOz8A1nf8p3hD+cKfRi\n" + "kfYSW2JazLrtCC4yRCas/SPOUxu78of+3HiTfFm/oXUCAwEAAaNDMEEwDwYDVR0T\n" + "AQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBTpPBz7rZJu5gak\n" + "Viyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAiaIRqGfp1jPpNeVhABK60SU0KIAy\n" + "njuu7kHq5peUgYn8Jd9zNzExBOEp1VOipGsf6G66oQAhDFp2o8zkz7ZH71zR4HEW\n" + "KoX6n5Emn6DvcEH/9pAhnGxNHJAoS7czTKv/JDZJhkqHxyrE1fuLsg5Qv25DTw7+\n" + "PfqUpIhz5Bbm7J4=\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t ca = { ca_pem, sizeof(ca_pem) }; static unsigned char cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" - "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" - "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" - "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" - "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" - "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" - "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" - "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" - "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" - "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" - "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" + "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" + "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" + "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" + "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" + "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" + "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" + "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" + "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" + "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" + "dc8Siq5JojruiMizAf0pA7in\n" + "-----END CERTIFICATE-----\n"; const gnutls_datum_t cert = { cert_pem, sizeof(cert_pem) }; static unsigned char key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" - "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" - "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" - "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" - "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" - "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" - "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" - "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" - "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" - "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" - "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" - "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" - "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" + "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" + "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" + "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" + "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" + "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" + "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" + "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" + "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" + "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" + "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" + "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" + "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" + "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t key = { key_pem, sizeof(key_pem) }; static unsigned char server_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" - "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" - "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" - "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" - "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" - "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" - "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" - "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" - "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; - -const gnutls_datum_t server_cert = { server_cert_pem, - sizeof(server_cert_pem) -}; + "-----BEGIN CERTIFICATE-----\n" + "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" + "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" + "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" + "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" + "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" + "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" + "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" + "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" + "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; static unsigned char server_key_pem[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" - "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" - "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" - "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" - "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" - "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" - "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" - "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" - "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" - "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" - "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" - "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" - "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" + "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" + "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" + "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" + "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" + "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" + "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" + "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" + "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" + "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" + "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" + "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" + "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" + "-----END RSA PRIVATE KEY-----\n"; static unsigned char cert_der[602] = - "\x30\x82\x02\x56\x30\x82\x01\xc1\xa0\x03\x02\x01\x02\x02\x04\x46" - "\x26\x1d\x31\x30\x0b\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05" - "\x30\x19\x31\x17\x30\x15\x06\x03\x55\x04\x03\x13\x0e\x47\x6e\x75" - "\x54\x4c\x53\x20\x74\x65\x73\x74\x20\x43\x41\x30\x1e\x17\x0d\x30" - "\x37\x30\x34\x31\x38\x31\x33\x32\x39\x32\x31\x5a\x17\x0d\x30\x38" - "\x30\x34\x31\x37\x31\x33\x32\x39\x32\x31\x5a\x30\x37\x31\x1b\x30" - "\x19\x06\x03\x55\x04\x0a\x13\x12\x47\x6e\x75\x54\x4c\x53\x20\x74" - "\x65\x73\x74\x20\x73\x65\x72\x76\x65\x72\x31\x18\x30\x16\x06\x03" - "\x55\x04\x03\x13\x0f\x74\x65\x73\x74\x2e\x67\x6e\x75\x74\x6c\x73" - "\x2e\x6f\x72\x67\x30\x81\x9c\x30\x0b\x06\x09\x2a\x86\x48\x86\xf7" - "\x0d\x01\x01\x01\x03\x81\x8c\x00\x30\x81\x88\x02\x81\x80\xd7\xba" - "\x5c\xaf\xa3\x0c\xf0\x2e\xa9\x27\x56\xaa\x53\x8e\xa8\xeb\x7f\x81" - "\x75\x4c\x6b\x98\xbe\x4a\xea\xb7\x1e\xf8\x4b\xc3\x6a\xc4\xda\x0d" - "\x00\xb8\xea\x4c\x13\x1f\x36\x16\x93\xde\x72\xef\xc6\xa4\x5e\xb2" - "\x6e\xb6\xca\x0a\x88\x55\x75\x90\x96\xed\xa6\x57\xbc\x0c\x3b\x76" - "\x0d\x97\x1e\xbd\xe9\xec\x7f\xd3\xa9\xec\xfb\x85\x64\xa0\x6b\xa0" - "\x48\xce\x77\x7e\x73\x9c\x31\x13\xff\x3d\xc8\xae\xa5\x60\x6e\xd9" - "\xb6\x8c\x5a\x9a\x6f\xb6\xbe\x9f\x6a\xbd\xa7\xf0\xa0\x33\x27\xf5" - "\xb7\x1d\x92\xe5\x96\x9c\x73\x52\xd6\x9f\xd6\xc8\x8e\xb1\x02\x03" - "\x01\x00\x01\xa3\x81\x93\x30\x81\x90\x30\x0c\x06\x03\x55\x1d\x13" - "\x01\x01\xff\x04\x02\x30\x00\x30\x1a\x06\x03\x55\x1d\x11\x04\x13" - "\x30\x11\x82\x0f\x74\x65\x73\x74\x2e\x67\x6e\x75\x74\x6c\x73\x2e" - "\x6f\x72\x67\x30\x13\x06\x03\x55\x1d\x25\x04\x0c\x30\x0a\x06\x08" - "\x2b\x06\x01\x05\x05\x07\x03\x01\x30\x0f\x06\x03\x55\x1d\x0f\x01" - "\x01\xff\x04\x05\x03\x03\x07\xa0\x00\x30\x1d\x06\x03\x55\x1d\x0e" - "\x04\x16\x04\x14\xeb\xc7\x45\x6e\xe5\xf8\x25\xca\x8c\x8d\x83\x0d" - "\x74\xe9\x86\xd4\xdd\x55\xb4\x75\x30\x1f\x06\x03\x55\x1d\x23\x04" - "\x18\x30\x16\x80\x14\xe9\x3c\x1c\xfb\xad\x92\x6e\xe6\x06\xa4\x56" - "\x2c\xa2\xe1\xc0\x53\x27\xc8\xf2\x95\x30\x0b\x06\x09\x2a\x86\x48" - "\x86\xf7\x0d\x01\x01\x05\x03\x81\x81\x00\x68\x51\x0f\x4e\xdf\xbb" - "\x6f\x3b\xc1\xb8\xe7\xfb\xf9\x09\x9e\x41\xc9\xf6\xf6\x44\xfa\x06" - "\xcc\xa1\xd5\x11\xc9\x5d\xff\x0a\x4e\x4e\x50\x45\xfc\x29\xea\x88" - "\x1b\xa7\xde\x09\x41\x67\x0d\x43\xf4\xbb\x60\x31\x47\x82\x50\xf5" - "\x03\x05\x0d\x05\x15\xf0\x77\x7a\xe2\x52\xc3\x27\xb3\x18\x1e\x48" - "\x3c\x58\x05\xf2\x58\x6c\x32\xde\xa2\x13\x41\xb2\xa6\x8f\x0c\x96" - "\xfb\x5d\xa8\xa5\x59\xb3\x10\x29\xf0\x1b\x15\x0f\x1c\x9c\xec\x60" - "\xac\xe2\x8b\x51\x04\x56\x27\x42\xb7\x1f\x25\xd1\x32\x16\xea\x8d" - "\xd2\xc8\x69\x08\x82\xbd\x02\xee\x8b\x3a"; - -const gnutls_datum_t server_key = { server_key_pem, - sizeof(server_key_pem) -}; - -static time_t mytime(time_t * t) + "\x30\x82\x02\x56\x30\x82\x01\xc1\xa0\x03\x02\x01\x02\x02\x04\x46" + "\x26\x1d\x31\x30\x0b\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05" + "\x30\x19\x31\x17\x30\x15\x06\x03\x55\x04\x03\x13\x0e\x47\x6e\x75" + "\x54\x4c\x53\x20\x74\x65\x73\x74\x20\x43\x41\x30\x1e\x17\x0d\x30" + "\x37\x30\x34\x31\x38\x31\x33\x32\x39\x32\x31\x5a\x17\x0d\x30\x38" + "\x30\x34\x31\x37\x31\x33\x32\x39\x32\x31\x5a\x30\x37\x31\x1b\x30" + "\x19\x06\x03\x55\x04\x0a\x13\x12\x47\x6e\x75\x54\x4c\x53\x20\x74" + "\x65\x73\x74\x20\x73\x65\x72\x76\x65\x72\x31\x18\x30\x16\x06\x03" + "\x55\x04\x03\x13\x0f\x74\x65\x73\x74\x2e\x67\x6e\x75\x74\x6c\x73" + "\x2e\x6f\x72\x67\x30\x81\x9c\x30\x0b\x06\x09\x2a\x86\x48\x86\xf7" + "\x0d\x01\x01\x01\x03\x81\x8c\x00\x30\x81\x88\x02\x81\x80\xd7\xba" + "\x5c\xaf\xa3\x0c\xf0\x2e\xa9\x27\x56\xaa\x53\x8e\xa8\xeb\x7f\x81" + "\x75\x4c\x6b\x98\xbe\x4a\xea\xb7\x1e\xf8\x4b\xc3\x6a\xc4\xda\x0d" + "\x00\xb8\xea\x4c\x13\x1f\x36\x16\x93\xde\x72\xef\xc6\xa4\x5e\xb2" + "\x6e\xb6\xca\x0a\x88\x55\x75\x90\x96\xed\xa6\x57\xbc\x0c\x3b\x76" + "\x0d\x97\x1e\xbd\xe9\xec\x7f\xd3\xa9\xec\xfb\x85\x64\xa0\x6b\xa0" + "\x48\xce\x77\x7e\x73\x9c\x31\x13\xff\x3d\xc8\xae\xa5\x60\x6e\xd9" + "\xb6\x8c\x5a\x9a\x6f\xb6\xbe\x9f\x6a\xbd\xa7\xf0\xa0\x33\x27\xf5" + "\xb7\x1d\x92\xe5\x96\x9c\x73\x52\xd6\x9f\xd6\xc8\x8e\xb1\x02\x03" + "\x01\x00\x01\xa3\x81\x93\x30\x81\x90\x30\x0c\x06\x03\x55\x1d\x13" + "\x01\x01\xff\x04\x02\x30\x00\x30\x1a\x06\x03\x55\x1d\x11\x04\x13" + "\x30\x11\x82\x0f\x74\x65\x73\x74\x2e\x67\x6e\x75\x74\x6c\x73\x2e" + "\x6f\x72\x67\x30\x13\x06\x03\x55\x1d\x25\x04\x0c\x30\x0a\x06\x08" + "\x2b\x06\x01\x05\x05\x07\x03\x01\x30\x0f\x06\x03\x55\x1d\x0f\x01" + "\x01\xff\x04\x05\x03\x03\x07\xa0\x00\x30\x1d\x06\x03\x55\x1d\x0e" + "\x04\x16\x04\x14\xeb\xc7\x45\x6e\xe5\xf8\x25\xca\x8c\x8d\x83\x0d" + "\x74\xe9\x86\xd4\xdd\x55\xb4\x75\x30\x1f\x06\x03\x55\x1d\x23\x04" + "\x18\x30\x16\x80\x14\xe9\x3c\x1c\xfb\xad\x92\x6e\xe6\x06\xa4\x56" + "\x2c\xa2\xe1\xc0\x53\x27\xc8\xf2\x95\x30\x0b\x06\x09\x2a\x86\x48" + "\x86\xf7\x0d\x01\x01\x05\x03\x81\x81\x00\x68\x51\x0f\x4e\xdf\xbb" + "\x6f\x3b\xc1\xb8\xe7\xfb\xf9\x09\x9e\x41\xc9\xf6\xf6\x44\xfa\x06" + "\xcc\xa1\xd5\x11\xc9\x5d\xff\x0a\x4e\x4e\x50\x45\xfc\x29\xea\x88" + "\x1b\xa7\xde\x09\x41\x67\x0d\x43\xf4\xbb\x60\x31\x47\x82\x50\xf5" + "\x03\x05\x0d\x05\x15\xf0\x77\x7a\xe2\x52\xc3\x27\xb3\x18\x1e\x48" + "\x3c\x58\x05\xf2\x58\x6c\x32\xde\xa2\x13\x41\xb2\xa6\x8f\x0c\x96" + "\xfb\x5d\xa8\xa5\x59\xb3\x10\x29\xf0\x1b\x15\x0f\x1c\x9c\xec\x60" + "\xac\xe2\x8b\x51\x04\x56\x27\x42\xb7\x1f\x25\xd1\x32\x16\xea\x8d" + "\xd2\xc8\x69\x08\x82\xbd\x02\xee\x8b\x3a"; + +const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; + +static time_t mytime(time_t *t) { time_t then = 1207000800; @@ -228,11 +227,10 @@ static void check_stored_algos(gnutls_x509_crt_t server_crt) gnutls_pk_get_name(ret)); exit(1); } - } #define NAME "localhost" -#define NAME_SIZE (sizeof(NAME)-1) +#define NAME_SIZE (sizeof(NAME) - 1) void doit(void) { int ret; @@ -270,16 +268,17 @@ void doit(void) check_stored_algos(server_crt); - ret = - gnutls_x509_crt_get_preferred_hash_algorithm(server_crt, &hash, - &mand); + ret = gnutls_x509_crt_get_preferred_hash_algorithm(server_crt, &hash, + &mand); if (ret < 0) { - fail("error in gnutls_x509_crt_get_preferred_hash_algorithm: %s\n", gnutls_strerror(ret)); + fail("error in gnutls_x509_crt_get_preferred_hash_algorithm: %s\n", + gnutls_strerror(ret)); exit(1); } if (mand != 0 || hash != GNUTLS_DIG_SHA256) { - fail("gnutls_x509_crt_get_preferred_hash_algorithm returned: %s/%d\n", gnutls_digest_get_name(hash), mand); + fail("gnutls_x509_crt_get_preferred_hash_algorithm returned: %s/%d\n", + gnutls_digest_get_name(hash), mand); exit(1); } @@ -287,30 +286,23 @@ void doit(void) if (ret < 0) fail("gnutls_x509_crt_import"); - ret = - gnutls_x509_trust_list_add_named_crt(tl, server_crt, NAME, - NAME_SIZE, 0); + ret = gnutls_x509_trust_list_add_named_crt(tl, server_crt, NAME, + NAME_SIZE, 0); if (ret < 0) fail("gnutls_x509_trust_list_add_named_crt"); - ret = - gnutls_x509_trust_list_verify_named_crt(tl, server_crt, NAME, - NAME_SIZE, 0, &status, - NULL); + ret = gnutls_x509_trust_list_verify_named_crt( + tl, server_crt, NAME, NAME_SIZE, 0, &status, NULL); if (ret < 0 || status != 0) fail("gnutls_x509_trust_list_verify_named_crt: %d\n", __LINE__); - ret = - gnutls_x509_trust_list_verify_named_crt(tl, server_crt, NAME, - NAME_SIZE - 1, 0, - &status, NULL); + ret = gnutls_x509_trust_list_verify_named_crt( + tl, server_crt, NAME, NAME_SIZE - 1, 0, &status, NULL); if (ret < 0 || status == 0) fail("gnutls_x509_trust_list_verify_named_crt: %d\n", __LINE__); - ret = - gnutls_x509_trust_list_verify_named_crt(tl, server_crt, - "other", 5, 0, &status, - NULL); + ret = gnutls_x509_trust_list_verify_named_crt(tl, server_crt, "other", + 5, 0, &status, NULL); if (ret < 0 || status == 0) fail("gnutls_x509_trust_list_verify_named_crt: %d\n", __LINE__); @@ -318,10 +310,9 @@ void doit(void) vdata.type = GNUTLS_DT_DNS_HOSTNAME; vdata.data = (void *)NAME; vdata.size = NAME_SIZE; - ret = - gnutls_x509_trust_list_verify_crt2(tl, &server_crt, 1, &vdata, 1, - GNUTLS_VERIFY_ALLOW_BROKEN, - &status, NULL); + ret = gnutls_x509_trust_list_verify_crt2(tl, &server_crt, 1, &vdata, 1, + GNUTLS_VERIFY_ALLOW_BROKEN, + &status, NULL); if (ret < 0 || status != 0) fail("gnutls_x509_trust_list_verify_crt2 - 1: status: %x\n", status); @@ -329,56 +320,48 @@ void doit(void) vdata.type = GNUTLS_DT_DNS_HOSTNAME; vdata.data = (void *)NAME; vdata.size = NAME_SIZE - 2; - ret = - gnutls_x509_trust_list_verify_crt2(tl, &server_crt, 1, &vdata, 1, - 0, &status, NULL); + ret = gnutls_x509_trust_list_verify_crt2(tl, &server_crt, 1, &vdata, 1, + 0, &status, NULL); if (ret < 0 || status == 0) fail("gnutls_x509_trust_list_verify_crt2 - 2: status: %x\n", status); /* check whether the key verification works */ - ret = - gnutls_x509_trust_list_add_trust_dir(tl, path, NULL, - GNUTLS_X509_FMT_PEM, 0, 0); + ret = gnutls_x509_trust_list_add_trust_dir(tl, path, NULL, + GNUTLS_X509_FMT_PEM, 0, 0); if (ret != 1) fail("gnutls_x509_trust_list_add_trust_dir: %d\n", ret); - ret = - gnutls_x509_trust_list_verify_crt(tl, &server_crt, 1, - GNUTLS_VERIFY_ALLOW_BROKEN, - &status, NULL); + ret = gnutls_x509_trust_list_verify_crt( + tl, &server_crt, 1, GNUTLS_VERIFY_ALLOW_BROKEN, &status, NULL); if (ret < 0 || status != 0) fail("gnutls_x509_trust_list_verify_crt\n"); /* test convenience functions in verify-high2.c */ data.data = cert_pem; data.size = strlen((char *)cert_pem); - ret = - gnutls_x509_trust_list_add_trust_mem(tl, &data, NULL, - GNUTLS_X509_FMT_PEM, 0, 0); + ret = gnutls_x509_trust_list_add_trust_mem(tl, &data, NULL, + GNUTLS_X509_FMT_PEM, 0, 0); if (ret < 1) fail("gnutls_x509_trust_list_add_trust_mem: %d (%s)\n", __LINE__, gnutls_strerror(ret)); - ret = - gnutls_x509_trust_list_remove_trust_mem(tl, &data, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_trust_list_remove_trust_mem(tl, &data, + GNUTLS_X509_FMT_PEM); if (ret < 1) fail("gnutls_x509_trust_list_add_trust_mem: %d (%s)\n", __LINE__, gnutls_strerror(ret)); data.data = cert_der; data.size = sizeof(cert_der); - ret = - gnutls_x509_trust_list_add_trust_mem(tl, &data, NULL, - GNUTLS_X509_FMT_DER, 0, 0); + ret = gnutls_x509_trust_list_add_trust_mem(tl, &data, NULL, + GNUTLS_X509_FMT_DER, 0, 0); if (ret < 1) fail("gnutls_x509_trust_list_add_trust_mem: %d (%s)\n", __LINE__, gnutls_strerror(ret)); - ret = - gnutls_x509_trust_list_remove_trust_mem(tl, &data, - GNUTLS_X509_FMT_DER); + ret = gnutls_x509_trust_list_remove_trust_mem(tl, &data, + GNUTLS_X509_FMT_DER); if (ret < 1) fail("gnutls_x509_trust_list_add_trust_mem: %d (%s)\n", __LINE__, gnutls_strerror(ret)); @@ -387,9 +370,8 @@ void doit(void) if (ret < 1) fail("gnutls_x509_trust_list_add_cas"); - ret = - gnutls_x509_trust_list_verify_crt(tl, &server_crt, 1, 0, - &status, NULL); + ret = gnutls_x509_trust_list_verify_crt(tl, &server_crt, 1, 0, &status, + NULL); if (ret == 0 && status == 0) fail("gnutls_x509_trust_list_verify_crt\n"); diff --git a/tests/x509cert.c b/tests/x509cert.c index 70fc2f34fa..bb13caa17e 100644 --- a/tests/x509cert.c +++ b/tests/x509cert.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -30,10 +30,10 @@ #include #include #if !defined(_WIN32) -# include -# include -# include -# include +#include +#include +#include +#include #endif #include #include @@ -69,8 +69,8 @@ void doit(void) gnutls_x509_privkey_t get_key; gnutls_x509_crt_t *get_crts; unsigned n_get_crts; - gnutls_datum_t get_datum, chain_datum[2] = - { server_ca3_cert, subca3_cert }; + gnutls_datum_t get_datum, + chain_datum[2] = { server_ca3_cert, subca3_cert }; gnutls_x509_trust_list_t trust_list; gnutls_x509_trust_list_iter_t trust_iter; gnutls_x509_crt_t get_ca_crt; @@ -97,31 +97,27 @@ void doit(void) /* check whether gnutls_x509_crt_list_import will fail if given a single * certificate */ list_size = LIST_SIZE; - ret = - gnutls_x509_crt_list_import(list, &list_size, &ca3_cert, - GNUTLS_X509_FMT_PEM, - GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); + ret = gnutls_x509_crt_list_import( + list, &list_size, &ca3_cert, GNUTLS_X509_FMT_PEM, + GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); if (ret < 0) fail("gnutls_x509_crt_list_import (failed with a single cert)"); gnutls_x509_crt_deinit(list[0]); list_size = LIST_SIZE; - ret = - gnutls_x509_crt_list_import(list, &list_size, &cli_ca3_cert_chain, - GNUTLS_X509_FMT_PEM, - GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); + ret = gnutls_x509_crt_list_import( + list, &list_size, &cli_ca3_cert_chain, GNUTLS_X509_FMT_PEM, + GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); if (ret < 0) fail("gnutls_x509_crt_list_import"); - ret = - gnutls_certificate_get_issuer(x509_cred, list[list_size - 1], - &issuer, 0); + ret = gnutls_certificate_get_issuer(x509_cred, list[list_size - 1], + &issuer, 0); if (ret < 0) fail("gnutls_certificate_get_isser"); - ret = - gnutls_certificate_get_issuer(x509_cred, list[list_size - 1], - &issuer, GNUTLS_TL_GET_COPY); + ret = gnutls_certificate_get_issuer(x509_cred, list[list_size - 1], + &issuer, GNUTLS_TL_GET_COPY); if (ret < 0) fail("gnutls_certificate_get_isser"); @@ -145,61 +141,56 @@ void doit(void) if (ret < 0) fail("gnutls_certificate_get_x509_key"); - ret = - gnutls_x509_privkey_export2(get_key, - GNUTLS_X509_FMT_PEM, &get_datum); + ret = gnutls_x509_privkey_export2(get_key, GNUTLS_X509_FMT_PEM, + &get_datum); if (ret < 0) fail("gnutls_x509_privkey_export2"); if (get_datum.size != server_ca3_key.size || memcmp(get_datum.data, server_ca3_key.data, get_datum.size) != 0) { fail("exported key %u vs. %u\n\n%s\n\nvs.\n\n%s", - get_datum.size, server_ca3_key.size, - get_datum.data, server_ca3_key.data); + get_datum.size, server_ca3_key.size, get_datum.data, + server_ca3_key.data); } if (strlen((char *)get_datum.data) != get_datum.size) { - fail("exported key %u vs. %u\n\n%s\n", - get_datum.size, (unsigned)strlen((char *)get_datum.data), - get_datum.data); + fail("exported key %u vs. %u\n\n%s\n", get_datum.size, + (unsigned)strlen((char *)get_datum.data), get_datum.data); } gnutls_free(get_datum.data); buf_size = sizeof(buf); - ret = - gnutls_x509_privkey_export(get_key, - GNUTLS_X509_FMT_PEM, buf, &buf_size); + ret = gnutls_x509_privkey_export(get_key, GNUTLS_X509_FMT_PEM, buf, + &buf_size); if (ret < 0) fail("gnutls_x509_privkey_export"); - if (buf_size != get_datum.size || - buf_size != strlen(buf) || + if (buf_size != get_datum.size || buf_size != strlen(buf) || memcmp(buf, server_ca3_key.data, buf_size) != 0) { - fail("exported key %u vs. %u\n\n%s\n\nvs.\n\n%s", - (int)buf_size, server_ca3_key.size, - buf, server_ca3_key.data); + fail("exported key %u vs. %u\n\n%s\n\nvs.\n\n%s", (int)buf_size, + server_ca3_key.size, buf, server_ca3_key.data); } - ret = - gnutls_certificate_get_x509_crt(x509_cred, 0, &get_crts, - &n_get_crts); + ret = gnutls_certificate_get_x509_crt(x509_cred, 0, &get_crts, + &n_get_crts); if (ret < 0) fail("gnutls_certificate_get_x509_crt"); if (n_get_crts != 2) fail("gnutls_certificate_get_x509_crt: n_crts != 2"); for (i = 0; i < n_get_crts; i++) { - ret = - gnutls_x509_crt_export2(get_crts[i], - GNUTLS_X509_FMT_PEM, &get_datum); + ret = gnutls_x509_crt_export2(get_crts[i], GNUTLS_X509_FMT_PEM, + &get_datum); if (ret < 0) fail("gnutls_x509_crt_export2"); if (get_datum.size != chain_datum[i].size || memcmp(get_datum.data, chain_datum[i].data, get_datum.size) != 0) { - fail("exported certificate %u vs. %u\n\n%s\n\nvs.\n\n%s", get_datum.size, chain_datum[i].size, get_datum.data, chain_datum[i].data); + fail("exported certificate %u vs. %u\n\n%s\n\nvs.\n\n%s", + get_datum.size, chain_datum[i].size, + get_datum.data, chain_datum[i].data); } gnutls_free(get_datum.data); @@ -209,20 +200,20 @@ void doit(void) n_get_ca_crts = 0; trust_iter = NULL; - while (gnutls_x509_trust_list_iter_get_ca(trust_list, - &trust_iter, + while (gnutls_x509_trust_list_iter_get_ca(trust_list, &trust_iter, &get_ca_crt) != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { - ret = - gnutls_x509_crt_export2(get_ca_crt, - GNUTLS_X509_FMT_PEM, &get_datum); + ret = gnutls_x509_crt_export2(get_ca_crt, GNUTLS_X509_FMT_PEM, + &get_datum); if (ret < 0) fail("gnutls_x509_crt_export2"); if (get_datum.size != ca3_cert.size || - memcmp(get_datum.data, ca3_cert.data, - get_datum.size) != 0) { - fail("exported CA certificate %u vs. %u\n\n%s\n\nvs.\n\n%s", get_datum.size, ca3_cert.size, get_datum.data, ca3_cert.data); + memcmp(get_datum.data, ca3_cert.data, get_datum.size) != + 0) { + fail("exported CA certificate %u vs. %u\n\n%s\n\nvs.\n\n%s", + get_datum.size, ca3_cert.size, get_datum.data, + ca3_cert.data); } gnutls_x509_crt_deinit(get_ca_crt); @@ -248,10 +239,9 @@ void doit(void) /* test for gnutls_certificate_set_x509_trust */ gnutls_certificate_allocate_credentials(&x509_cred); list_size = LIST_SIZE; - ret = - gnutls_x509_crt_list_import(list, &list_size, &ca3_cert, - GNUTLS_X509_FMT_PEM, - GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); + ret = gnutls_x509_crt_list_import( + list, &list_size, &ca3_cert, GNUTLS_X509_FMT_PEM, + GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); if (ret < 0 || (unsigned int)ret != list_size) { fail("gnutls_x509_crt_list_import\n"); } @@ -262,16 +252,15 @@ void doit(void) } gnutls_certificate_get_trust_list(x509_cred, &trust_list); - ret = gnutls_x509_trust_list_iter_get_ca(trust_list, - &trust_iter, &get_ca_crt); + ret = gnutls_x509_trust_list_iter_get_ca(trust_list, &trust_iter, + &get_ca_crt); if (ret < 0) { fail("gnutls_x509_trust_list_iter_get_ca\n"); } gnutls_x509_trust_list_iter_deinit(trust_iter); - ret = - gnutls_x509_crt_export2(get_ca_crt, GNUTLS_X509_FMT_PEM, - &get_datum); + ret = gnutls_x509_crt_export2(get_ca_crt, GNUTLS_X509_FMT_PEM, + &get_datum); if (ret < 0) { fail("gnutls_x509_crt_export2\n"); } diff --git a/tests/x509dn.c b/tests/x509dn.c index cd2b9234a8..84191a978a 100644 --- a/tests/x509dn.c +++ b/tests/x509dn.c @@ -23,7 +23,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -40,22 +40,22 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# endif -# include -# include -# include -# include -# include +#include +#include +#include +#if !defined(_WIN32) +#include +#endif +#include +#include +#include +#include +#include -# include "utils.h" +#include "utils.h" -# include "ex-session-info.c" -# include "ex-x509-info.c" +#include "ex-session-info.c" +#include "ex-x509-info.c" pid_t child; @@ -65,23 +65,23 @@ static void tls_log_func(int level, const char *str) str); } -# define MAX_BUF 1024 -# define MSG "Hello TLS" +#define MAX_BUF 1024 +#define MSG "Hello TLS" -# define EXPECT_RDN0 "CA-3" +#define EXPECT_RDN0 "CA-3" -static int -cert_callback(gnutls_session_t session, - const gnutls_datum_t * req_ca_rdn, int nreqs, - const gnutls_pk_algorithm_t * sign_algos, - int sign_algos_length, gnutls_pcert_st ** pcert, - unsigned int *pcert_length, gnutls_privkey_t * pkey) +static int cert_callback(gnutls_session_t session, + const gnutls_datum_t *req_ca_rdn, int nreqs, + const gnutls_pk_algorithm_t *sign_algos, + int sign_algos_length, gnutls_pcert_st **pcert, + unsigned int *pcert_length, gnutls_privkey_t *pkey) { int result; gnutls_x509_dn_t dn; if (nreqs != 1) { - fail("client: invoked to provide client cert, but %d CAs are requested by server.\n", nreqs); + fail("client: invoked to provide client cert, but %d CAs are requested by server.\n", + nreqs); return -1; } @@ -105,9 +105,9 @@ cert_callback(gnutls_session_t session, if (debug) success("client: got RDN 0.\n"); - if (val.value.size == strlen(EXPECT_RDN0) - && strncmp((char *)val.value.data, - EXPECT_RDN0, val.value.size) == 0) { + if (val.value.size == strlen(EXPECT_RDN0) && + strncmp((char *)val.value.data, EXPECT_RDN0, + val.value.size) == 0) { if (debug) success("client: RND 0 correct.\n"); } else { @@ -182,8 +182,8 @@ static void client(int sd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* see the Getting peer's information example */ if (debug) @@ -211,7 +211,7 @@ static void client(int sd, const char *prio) gnutls_bye(session, GNUTLS_SHUT_RDWR); - end: +end: close(sd); @@ -225,7 +225,7 @@ static void client(int sd, const char *prio) /* This is a sample TLS 1.0 echo server, using X.509 authentication. */ -# define MAX_BUF 1024 +#define MAX_BUF 1024 static void server(int sd, const char *prio) { @@ -279,8 +279,8 @@ static void server(int sd, const char *prio) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* see the Getting peer's information example */ if (debug) @@ -292,11 +292,11 @@ static void server(int sd, const char *prio) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { - fail("server: Received corrupted data(%d). Closing...\n", ret); + fail("server: Received corrupted data(%d). Closing...\n", + ret); break; } else if (ret > 0) { /* echo data back to the client @@ -319,8 +319,7 @@ static void server(int sd, const char *prio) success("server: finished\n"); } -static -void start(const char *prio) +static void start(const char *prio) { int sockets[2]; int err; @@ -364,4 +363,4 @@ void doit(void) start("NORMAL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/x509self.c b/tests/x509self.c index 86219cd8d6..afc1975280 100644 --- a/tests/x509self.c +++ b/tests/x509self.c @@ -23,7 +23,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -41,19 +41,19 @@ int main(int argc, char **argv) #else -# include -# include -# include -# if !defined(_WIN32) -# include -# endif -# include -# include +#include +#include +#include +#if !defined(_WIN32) +#include +#endif +#include +#include -# include "utils.h" +#include "utils.h" -# include "ex-session-info.c" -# include "ex-x509-info.c" +#include "ex-session-info.c" +#include "ex-x509-info.c" pid_t child; @@ -63,8 +63,8 @@ static void tls_log_func(int level, const char *str) str); } -# define MAX_BUF 1024 -# define MSG "Hello TLS" +#define MAX_BUF 1024 +#define MSG "Hello TLS" static void client(int sd, const char *prio) { @@ -115,16 +115,15 @@ static void client(int sd, const char *prio) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); /* see the Getting peer's information example */ if (debug) print_info(session); - ret = - gnutls_credentials_get(session, GNUTLS_CRD_CERTIFICATE, - (void **)&tst_cred); + ret = gnutls_credentials_get(session, GNUTLS_CRD_CERTIFICATE, + (void **)&tst_cred); if (ret < 0) { fail("client: gnutls_credentials_get failed: %s\n", gnutls_strerror(ret)); @@ -157,8 +156,7 @@ static void client(int sd, const char *prio) ret = gnutls_handshake(session); if (ret == 0) { if (debug) - success - ("client: handshake complete, reading again.\n"); + success("client: handshake complete, reading again.\n"); ret = gnutls_record_recv(session, buffer, MAX_BUF); } else { fail("client: handshake failed.\n"); @@ -184,7 +182,7 @@ static void client(int sd, const char *prio) gnutls_bye(session, GNUTLS_SHUT_RDWR); - end: +end: close(sd); @@ -198,8 +196,8 @@ static void client(int sd, const char *prio) /* This is a sample TLS 1.0 echo server, using X.509 authentication. */ -# define MAX_BUF 1024 -# define DH_BITS 1024 +#define MAX_BUF 1024 +#define DH_BITS 1024 static void server(int sd, const char *prio) { @@ -251,8 +249,8 @@ static void server(int sd, const char *prio) if (debug) { success("server: Handshake was completed\n"); success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); } /* see the Getting peer's information example */ @@ -267,19 +265,18 @@ static void server(int sd, const char *prio) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { - fail("server: Received corrupted data(%s). Closing...\n", gnutls_strerror(ret)); + fail("server: Received corrupted data(%s). Closing...\n", + gnutls_strerror(ret)); break; } else if (ret > 0) { - gnutls_certificate_server_set_request(session, - GNUTLS_CERT_REQUEST); + gnutls_certificate_server_set_request( + session, GNUTLS_CERT_REQUEST); if (debug) - success - ("server: got data, forcing rehandshake.\n"); + success("server: got data, forcing rehandshake.\n"); ret = gnutls_rehandshake(session); if (ret < 0) { @@ -318,8 +315,7 @@ static void server(int sd, const char *prio) success("server: finished\n"); } -static -void start(const char *prio) +static void start(const char *prio) { int sockets[2]; int err; @@ -363,4 +359,4 @@ void doit(void) start("NORMAL"); } -#endif /* _WIN32 */ +#endif /* _WIN32 */ diff --git a/tests/x509sign-verify-common.h b/tests/x509sign-verify-common.h index fd1ee4de0c..e66ea7f891 100644 --- a/tests/x509sign-verify-common.h +++ b/tests/x509sign-verify-common.h @@ -1,5 +1,5 @@ #ifndef GNUTLS_TESTS_X509SIGN_VERIFY_COMMON_H -# define GNUTLS_TESTS_X509SIGN_VERIFY_COMMON_H +#define GNUTLS_TESTS_X509SIGN_VERIFY_COMMON_H static void tls_log_func(int level, const char *str) { @@ -8,62 +8,57 @@ static void tls_log_func(int level, const char *str) /* sha1 hash of "hello" string */ const gnutls_datum_t sha1_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", 20 }; /* sha1 hash of "hello" string */ const gnutls_datum_t sha256_data = { - (void *) - "\x2c\xf2\x4d\xba\x5f\xb0\xa3\x0e\x26\xe8" - "\x3b\x2a\xc5\xb9\xe2\x9e\x1b\x16\x1e\x5c" - "\x1f\xa7\x42\x5e\x73\x04\x33\x62\x93\x8b" "\x98\x24", + (void *)"\x2c\xf2\x4d\xba\x5f\xb0\xa3\x0e\x26\xe8" + "\x3b\x2a\xc5\xb9\xe2\x9e\x1b\x16\x1e\x5c" + "\x1f\xa7\x42\x5e\x73\x04\x33\x62\x93\x8b" + "\x98\x24", 32 }; /* gost r 34.11-94 hash of "hello" string */ const gnutls_datum_t gostr94_data = { - (void *) - "\x92\xea\x6d\xdb\xaf\x40\x02\x0d\xf3\x65" - "\x1f\x27\x8f\xd7\x15\x12\x17\xa2\x4a\xa8" - "\xd2\x2e\xbd\x25\x19\xcf\xd4\xd8\x9e\x64" "\x50\xea", + (void *)"\x92\xea\x6d\xdb\xaf\x40\x02\x0d\xf3\x65" + "\x1f\x27\x8f\xd7\x15\x12\x17\xa2\x4a\xa8" + "\xd2\x2e\xbd\x25\x19\xcf\xd4\xd8\x9e\x64" + "\x50\xea", 32 }; /* Streebog-256 hash of "hello" string */ const gnutls_datum_t streebog256_data = { - (void *) - "\x3f\xb0\x70\x0a\x41\xce\x6e\x41\x41\x3b" - "\xa7\x64\xf9\x8b\xf2\x13\x5b\xa6\xde\xd5" - "\x16\xbe\xa2\xfa\xe8\x42\x9c\xc5\xbd\xd4" "\x6d\x6d", + (void *)"\x3f\xb0\x70\x0a\x41\xce\x6e\x41\x41\x3b" + "\xa7\x64\xf9\x8b\xf2\x13\x5b\xa6\xde\xd5" + "\x16\xbe\xa2\xfa\xe8\x42\x9c\xc5\xbd\xd4" + "\x6d\x6d", 32 }; /* Streebog-512 hash of "hello" string */ const gnutls_datum_t streebog512_data = { - (void *) - "\x8d\xf4\x14\x26\x09\x66\xbe\xb7\xb3\x4d" - "\x92\x07\x63\x07\x9e\x15\xdf\x1f\x63\x29" - "\x7e\xb3\xdd\x43\x11\xe8\xb5\x85\xd4\xbf" - "\x2f\x59\x23\x21\x4f\x1d\xfe\xd3\xfd\xee" - "\x4a\xaf\x01\x83\x30\xa1\x2a\xcd\xe0\xef" - "\xcc\x33\x8e\xb5\x29\x22\xf3\xe5\x71\x21" "\x2d\x42\xc8\xde", + (void *)"\x8d\xf4\x14\x26\x09\x66\xbe\xb7\xb3\x4d" + "\x92\x07\x63\x07\x9e\x15\xdf\x1f\x63\x29" + "\x7e\xb3\xdd\x43\x11\xe8\xb5\x85\xd4\xbf" + "\x2f\x59\x23\x21\x4f\x1d\xfe\xd3\xfd\xee" + "\x4a\xaf\x01\x83\x30\xa1\x2a\xcd\xe0\xef" + "\xcc\x33\x8e\xb5\x29\x22\xf3\xe5\x71\x21" + "\x2d\x42\xc8\xde", 64 }; const gnutls_datum_t invalid_hash_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xca\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x2c\xb9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xca\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x2c\xb9\xae\xa9\x43\x4d", 20 }; -const gnutls_datum_t raw_data = { - (void *)"hello", - 5 -}; +const gnutls_datum_t raw_data = { (void *)"hello", 5 }; static void print_keys(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey) { @@ -91,9 +86,11 @@ static void print_keys(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey) gnutls_x509_privkey_deinit(xkey); } -# define ERR fail("Failure at: %s (%s-%s) (iter: %d)\n", gnutls_sign_get_name(sign_algo), gnutls_pk_get_name(pk), gnutls_digest_get_name(hash), j); -static -void test_sig(gnutls_pk_algorithm_t pk, unsigned hash, unsigned bits) +#define ERR \ + fail("Failure at: %s (%s-%s) (iter: %d)\n", \ + gnutls_sign_get_name(sign_algo), gnutls_pk_get_name(pk), \ + gnutls_digest_get_name(hash), j); +static void test_sig(gnutls_pk_algorithm_t pk, unsigned hash, unsigned bits) { gnutls_pubkey_t pubkey; gnutls_privkey_t privkey; @@ -134,52 +131,44 @@ void test_sig(gnutls_pk_algorithm_t pk, unsigned hash, unsigned bits) if (ret < 0) ERR; - ret = - gnutls_privkey_sign_hash(privkey, hash, - 0, hash_data, &signature); + ret = gnutls_privkey_sign_hash(privkey, hash, 0, hash_data, + &signature); if (ret < 0) ERR; - ret = - gnutls_pubkey_import_privkey(pubkey, privkey, - GNUTLS_KEY_DIGITAL_SIGNATURE, - 0); + ret = gnutls_pubkey_import_privkey( + pubkey, privkey, GNUTLS_KEY_DIGITAL_SIGNATURE, 0); if (ret < 0) ERR; - ret = - gnutls_pubkey_verify_hash2(pubkey, - sign_algo, vflags, - hash_data, &signature); + ret = gnutls_pubkey_verify_hash2(pubkey, sign_algo, vflags, + hash_data, &signature); if (ret < 0) { print_keys(privkey, pubkey); ERR; } /* should fail */ - ret = - gnutls_pubkey_verify_hash2(pubkey, - sign_algo, vflags, - &invalid_hash_data, &signature); + ret = gnutls_pubkey_verify_hash2(pubkey, sign_algo, vflags, + &invalid_hash_data, + &signature); if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) { print_keys(privkey, pubkey); ERR; } - sign_algo = - gnutls_pk_to_sign(gnutls_pubkey_get_pk_algorithm - (pubkey, NULL), hash); + sign_algo = gnutls_pk_to_sign( + gnutls_pubkey_get_pk_algorithm(pubkey, NULL), hash); - ret = - gnutls_pubkey_verify_hash2(pubkey, sign_algo, vflags, - hash_data, &signature); + ret = gnutls_pubkey_verify_hash2(pubkey, sign_algo, vflags, + hash_data, &signature); if (ret < 0) ERR; /* should fail */ - ret = - gnutls_pubkey_verify_hash2(pubkey, sign_algo, vflags, - &invalid_hash_data, &signature); + ret = gnutls_pubkey_verify_hash2(pubkey, sign_algo, vflags, + &invalid_hash_data, + &signature); if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) { print_keys(privkey, pubkey); ERR; @@ -190,30 +179,25 @@ void test_sig(gnutls_pk_algorithm_t pk, unsigned hash, unsigned bits) signature.data = NULL; if (pk == GNUTLS_PK_RSA) { - ret = - gnutls_privkey_sign_hash(privkey, - hash, - GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, - hash_data, &signature); + ret = gnutls_privkey_sign_hash( + privkey, hash, + GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, hash_data, + &signature); if (ret < 0) ERR; - sign_algo = - gnutls_pk_to_sign - (gnutls_pubkey_get_pk_algorithm - (pubkey, NULL), hash); - - ret = - gnutls_pubkey_verify_hash2(pubkey, - sign_algo, - vflags | - GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, - hash_data, &signature); + sign_algo = gnutls_pk_to_sign( + gnutls_pubkey_get_pk_algorithm(pubkey, NULL), + hash); + + ret = gnutls_pubkey_verify_hash2( + pubkey, sign_algo, + vflags | GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA, + hash_data, &signature); if (ret < 0) { print_keys(privkey, pubkey); ERR; } - } gnutls_free(signature.data); gnutls_privkey_deinit(privkey); @@ -221,4 +205,4 @@ void test_sig(gnutls_pk_algorithm_t pk, unsigned hash, unsigned bits) } } -#endif /* GNUTLS_TESTS_X509SIGN_VERIFY_COMMON_H */ +#endif /* GNUTLS_TESTS_X509SIGN_VERIFY_COMMON_H */ diff --git a/tests/x509sign-verify-ecdsa.c b/tests/x509sign-verify-ecdsa.c index ad63d6513c..f943b64829 100644 --- a/tests/x509sign-verify-ecdsa.c +++ b/tests/x509sign-verify-ecdsa.c @@ -22,18 +22,18 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include #include #include #ifndef _WIN32 -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include #endif #include #include diff --git a/tests/x509sign-verify-error.c b/tests/x509sign-verify-error.c index 6046e44711..db8c931ed5 100644 --- a/tests/x509sign-verify-error.c +++ b/tests/x509sign-verify-error.c @@ -22,7 +22,7 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -47,102 +47,94 @@ static void tls_log_func(int level, const char *str) /* sha1 hash of "hello" string */ const gnutls_datum_t hash_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", 20 }; const gnutls_datum_t invalid_hash_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xca\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x2c\xb9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xca\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x2c\xb9\xae\xa9\x43\x4d", 20 }; -const gnutls_datum_t raw_data = { - (void *)"hello", - 5 -}; +const gnutls_datum_t raw_data = { (void *)"hello", 5 }; static char pem1_cert[] = - "-----BEGIN CERTIFICATE-----\n" - "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" - "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" - "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" - "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" - "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" - "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" - "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" - "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" - "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" - "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" - "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n" + "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n" + "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n" + "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n" + "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n" + "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n" + "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n" + "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" + "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" + "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" + "dc8Siq5JojruiMizAf0pA7in\n" + "-----END CERTIFICATE-----\n"; static char pem1_key[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" - "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" - "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" - "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" - "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" - "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" - "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" - "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" - "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" - "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" - "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" - "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" - "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" - "-----END RSA PRIVATE KEY-----\n"; + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n" + "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n" + "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n" + "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n" + "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n" + "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n" + "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n" + "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n" + "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n" + "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n" + "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n" + "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n" + "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" + "-----END RSA PRIVATE KEY-----\n"; static char pem2_cert[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDbzCCAtqgAwIBAgIERiYdRTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" - "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTQxWhcNMDgwNDE3MTMyOTQxWjA3MRsw\n" - "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" - "Lm9yZzCCAbQwggEpBgcqhkjOOAQBMIIBHAKBgLmE9VqBvhoNxYpzjwybL5u2DkvD\n" - "dBp/ZK2d8yjFoEe8m1dW8ZfVfjcD6fJM9OOLfzCjXS+7oaI3wuo1jx+xX6aiXwHx\n" - "IzYr5E8vLd2d1TqmOa96UXzSJY6XdM8exXtLdkOBBx8GFLhuWBLhkOI3b9Ib7GjF\n" - "WOLmMOBqXixjeOwHAhSfVoxIZC/+jap6bZbbBF0W7wilcQKBgGIGfuRcdgi3Rhpd\n" - "15fUKiH7HzHJ0vT6Odgn0Zv8J12nCqca/FPBL0PCN8iFfz1Mq12BMvsdXh5UERYg\n" - "xoBa2YybQ/Dda6D0w/KKnDnSHHsP7/ook4/SoSLr3OCKi60oDs/vCYXpNr2LelDV\n" - "e/clDWxgEcTvcJDP1hvru47GPjqXA4GEAAKBgA+Kh1fy0cLcrN9Liw+Luin34QPk\n" - "VfqymAfW/RKxgLz1urRQ1H+gDkPnn8l4EV/l5Awsa2qkNdy9VOVgNpox0YpZbmsc\n" - "ur0uuut8h+/ayN2h66SD5out+vqOW9c3yDI+lsI+9EPafZECD7e8+O+P90EAXpbf\n" - "DwiW3Oqy6QaCr9Ivo4GTMIGQMAwGA1UdEwEB/wQCMAAwGgYDVR0RBBMwEYIPdGVz\n" - "dC5nbnV0bHMub3JnMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMH\n" - "gAAwHQYDVR0OBBYEFL/su87Y6HtwVuzz0SuS1tSZClvzMB8GA1UdIwQYMBaAFOk8\n" - "HPutkm7mBqRWLKLhwFMnyPKVMAsGCSqGSIb3DQEBBQOBgQBCsrnfD1xzh8/Eih1f\n" - "x+M0lPoX1Re5L2ElHI6DJpHYOBPwf9glwxnet2+avzgUQDUFwUSxOhodpyeaACXD\n" - "o0gGVpcH8sOBTQ+aTdM37hGkPxoXjtIkR/LgG5nP2H2JRd5TkW8l13JdM4MJFB4W\n" - "QcDzQ8REwidsfh9uKAluk1c/KQ==\n" "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIDbzCCAtqgAwIBAgIERiYdRTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" + "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTQxWhcNMDgwNDE3MTMyOTQxWjA3MRsw\n" + "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" + "Lm9yZzCCAbQwggEpBgcqhkjOOAQBMIIBHAKBgLmE9VqBvhoNxYpzjwybL5u2DkvD\n" + "dBp/ZK2d8yjFoEe8m1dW8ZfVfjcD6fJM9OOLfzCjXS+7oaI3wuo1jx+xX6aiXwHx\n" + "IzYr5E8vLd2d1TqmOa96UXzSJY6XdM8exXtLdkOBBx8GFLhuWBLhkOI3b9Ib7GjF\n" + "WOLmMOBqXixjeOwHAhSfVoxIZC/+jap6bZbbBF0W7wilcQKBgGIGfuRcdgi3Rhpd\n" + "15fUKiH7HzHJ0vT6Odgn0Zv8J12nCqca/FPBL0PCN8iFfz1Mq12BMvsdXh5UERYg\n" + "xoBa2YybQ/Dda6D0w/KKnDnSHHsP7/ook4/SoSLr3OCKi60oDs/vCYXpNr2LelDV\n" + "e/clDWxgEcTvcJDP1hvru47GPjqXA4GEAAKBgA+Kh1fy0cLcrN9Liw+Luin34QPk\n" + "VfqymAfW/RKxgLz1urRQ1H+gDkPnn8l4EV/l5Awsa2qkNdy9VOVgNpox0YpZbmsc\n" + "ur0uuut8h+/ayN2h66SD5out+vqOW9c3yDI+lsI+9EPafZECD7e8+O+P90EAXpbf\n" + "DwiW3Oqy6QaCr9Ivo4GTMIGQMAwGA1UdEwEB/wQCMAAwGgYDVR0RBBMwEYIPdGVz\n" + "dC5nbnV0bHMub3JnMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMH\n" + "gAAwHQYDVR0OBBYEFL/su87Y6HtwVuzz0SuS1tSZClvzMB8GA1UdIwQYMBaAFOk8\n" + "HPutkm7mBqRWLKLhwFMnyPKVMAsGCSqGSIb3DQEBBQOBgQBCsrnfD1xzh8/Eih1f\n" + "x+M0lPoX1Re5L2ElHI6DJpHYOBPwf9glwxnet2+avzgUQDUFwUSxOhodpyeaACXD\n" + "o0gGVpcH8sOBTQ+aTdM37hGkPxoXjtIkR/LgG5nP2H2JRd5TkW8l13JdM4MJFB4W\n" + "QcDzQ8REwidsfh9uKAluk1c/KQ==\n" + "-----END CERTIFICATE-----\n"; static char pem2_key[] = - "-----BEGIN DSA PRIVATE KEY-----\n" - "MIIBugIBAAKBgQC5hPVagb4aDcWKc48Mmy+btg5Lw3Qaf2StnfMoxaBHvJtXVvGX\n" - "1X43A+nyTPTji38wo10vu6GiN8LqNY8fsV+mol8B8SM2K+RPLy3dndU6pjmvelF8\n" - "0iWOl3TPHsV7S3ZDgQcfBhS4blgS4ZDiN2/SG+xoxVji5jDgal4sY3jsBwIVAJ9W\n" - "jEhkL/6NqnptltsEXRbvCKVxAoGAYgZ+5Fx2CLdGGl3Xl9QqIfsfMcnS9Po52CfR\n" - "m/wnXacKpxr8U8EvQ8I3yIV/PUyrXYEy+x1eHlQRFiDGgFrZjJtD8N1roPTD8oqc\n" - "OdIcew/v+iiTj9KhIuvc4IqLrSgOz+8Jhek2vYt6UNV79yUNbGARxO9wkM/WG+u7\n" - "jsY+OpcCgYAPiodX8tHC3KzfS4sPi7op9+ED5FX6spgH1v0SsYC89bq0UNR/oA5D\n" - "55/JeBFf5eQMLGtqpDXcvVTlYDaaMdGKWW5rHLq9LrrrfIfv2sjdoeukg+aLrfr6\n" - "jlvXN8gyPpbCPvRD2n2RAg+3vPjvj/dBAF6W3w8IltzqsukGgq/SLwIUS5/r/2ya\n" - "AoNBXjeBjgCGMei2m8E=\n" "-----END DSA PRIVATE KEY-----\n"; - -const gnutls_datum_t cert_dat[] = { - {(void *)pem1_cert, sizeof(pem1_cert)} - , - {(void *)pem2_cert, sizeof(pem2_cert)} -}; - -const gnutls_datum_t key_dat[] = { - {(void *)pem1_key, sizeof(pem1_key)} - , - {(void *)pem2_key, sizeof(pem2_key)} -}; + "-----BEGIN DSA PRIVATE KEY-----\n" + "MIIBugIBAAKBgQC5hPVagb4aDcWKc48Mmy+btg5Lw3Qaf2StnfMoxaBHvJtXVvGX\n" + "1X43A+nyTPTji38wo10vu6GiN8LqNY8fsV+mol8B8SM2K+RPLy3dndU6pjmvelF8\n" + "0iWOl3TPHsV7S3ZDgQcfBhS4blgS4ZDiN2/SG+xoxVji5jDgal4sY3jsBwIVAJ9W\n" + "jEhkL/6NqnptltsEXRbvCKVxAoGAYgZ+5Fx2CLdGGl3Xl9QqIfsfMcnS9Po52CfR\n" + "m/wnXacKpxr8U8EvQ8I3yIV/PUyrXYEy+x1eHlQRFiDGgFrZjJtD8N1roPTD8oqc\n" + "OdIcew/v+iiTj9KhIuvc4IqLrSgOz+8Jhek2vYt6UNV79yUNbGARxO9wkM/WG+u7\n" + "jsY+OpcCgYAPiodX8tHC3KzfS4sPi7op9+ED5FX6spgH1v0SsYC89bq0UNR/oA5D\n" + "55/JeBFf5eQMLGtqpDXcvVTlYDaaMdGKWW5rHLq9LrrrfIfv2sjdoeukg+aLrfr6\n" + "jlvXN8gyPpbCPvRD2n2RAg+3vPjvj/dBAF6W3w8IltzqsukGgq/SLwIUS5/r/2ya\n" + "AoNBXjeBjgCGMei2m8E=\n" + "-----END DSA PRIVATE KEY-----\n"; + +const gnutls_datum_t cert_dat[] = { { (void *)pem1_cert, sizeof(pem1_cert) }, + { (void *)pem2_cert, sizeof(pem2_cert) } }; + +const gnutls_datum_t key_dat[] = { { (void *)pem1_key, sizeof(pem1_key) }, + { (void *)pem2_key, sizeof(pem2_key) } }; void _gnutls_lib_simulate_error(void); void _gnutls_lib_force_operational(void); @@ -168,10 +160,8 @@ void doit(void) if (ret < 0) fail("gnutls_privkey_init\n"); - ret = - gnutls_privkey_import_x509_raw(privkey, &key_dat[i], - GNUTLS_X509_FMT_PEM, NULL, - 0); + ret = gnutls_privkey_import_x509_raw( + privkey, &key_dat[i], GNUTLS_X509_FMT_PEM, NULL, 0); if (ret < 0) fail("gnutls_privkey_import\n"); diff --git a/tests/x509sign-verify-gost.c b/tests/x509sign-verify-gost.c index 2cb5ebd03e..d01dec27d3 100644 --- a/tests/x509sign-verify-gost.c +++ b/tests/x509sign-verify-gost.c @@ -23,18 +23,18 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include #include #include #ifndef _WIN32 -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include #endif #include #include diff --git a/tests/x509sign-verify-rsa.c b/tests/x509sign-verify-rsa.c index 4d3d4ce433..200c827eef 100644 --- a/tests/x509sign-verify-rsa.c +++ b/tests/x509sign-verify-rsa.c @@ -22,18 +22,18 @@ /* Parts copied from GnuTLS example programs. */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include #include #include #ifndef _WIN32 -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include #endif #include #include @@ -52,8 +52,8 @@ void doit(void) gnutls_global_set_log_level(6); if (gnutls_fips140_mode_enabled()) { - rsa_size1 = 2048; /* minimum allowed */ - rsa_size2 = 2048; /* minimum allowed */ + rsa_size1 = 2048; /* minimum allowed */ + rsa_size2 = 2048; /* minimum allowed */ } else { rsa_size1 = 512; rsa_size2 = 1024; diff --git a/tests/x509sign-verify.c b/tests/x509sign-verify.c index 8e84fb004d..5da019b262 100644 --- a/tests/x509sign-verify.c +++ b/tests/x509sign-verify.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -28,9 +28,9 @@ #include #include #ifndef _WIN32 -# include -# include -# include +#include +#include +#include #endif #include #include @@ -49,22 +49,19 @@ static void tls_log_func(int level, const char *str) /* sha1 hash of "hello" string */ const gnutls_datum_t raw_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", 20 }; const gnutls_datum_t invalid_raw_data = { - (void *) - "\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" - "\xde\x0f\x3b\x48\x3c\xd9\xae\xa9\x43\x4d", + (void *)"\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe" + "\xde\x0f\x3b\x48\x3c\xd9\xae\xa9\x43\x4d", 20 }; #define tests common_key_tests -#define testfail(fmt, ...) \ - fail("%s: "fmt, tests[i].name, ##__VA_ARGS__) +#define testfail(fmt, ...) fail("%s: " fmt, tests[i].name, ##__VA_ARGS__) void doit(void) { @@ -84,8 +81,8 @@ void doit(void) gnutls_global_set_log_level(6); for (i = 0; i < sizeof(tests) / sizeof(tests[0]); i++) { - if (tests[i].pk == GNUTLS_PK_DSA - || tests[i].pk == GNUTLS_PK_EDDSA_ED25519) + if (tests[i].pk == GNUTLS_PK_DSA || + tests[i].pk == GNUTLS_PK_EDDSA_ED25519) continue; success("testing: %s - %s\n", tests[i].name, @@ -95,18 +92,16 @@ void doit(void) if (ret < 0) testfail("gnutls_pubkey_init\n"); - ret = - gnutls_x509_privkey_import(privkey, &tests[i].key, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import(privkey, &tests[i].key, + GNUTLS_X509_FMT_PEM); if (ret < 0) testfail("gnutls_privkey_import_x509\n"); signature_size = sizeof(signature_data); - ret = - gnutls_x509_privkey_sign_data(privkey, tests[i].digest, - tests[i].sign_flags, - &raw_data, signature_data, - &signature_size); + ret = gnutls_x509_privkey_sign_data(privkey, tests[i].digest, + tests[i].sign_flags, + &raw_data, signature_data, + &signature_size); if (ret < 0) testfail("gnutls_x509_privkey_sign_data\n"); @@ -114,46 +109,42 @@ void doit(void) if (ret < 0) testfail("gnutls_x509_crt_init\n"); - ret = - gnutls_x509_crt_import(crt, &tests[i].cert, - GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt, &tests[i].cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) testfail("gnutls_x509_crt_import\n"); signature.data = (unsigned char *)signature_data; signature.size = signature_size; - ret = - gnutls_x509_crt_verify_data2(crt, tests[i].sigalgo, 0, - &raw_data, &signature); + ret = gnutls_x509_crt_verify_data2(crt, tests[i].sigalgo, 0, + &raw_data, &signature); if (ret < 0) testfail("gnutls_x509_crt_verify_data2\n"); /* should fail */ - ret = - gnutls_x509_crt_verify_data2(crt, tests[i].sigalgo, 0, - &invalid_raw_data, &signature); + ret = gnutls_x509_crt_verify_data2(crt, tests[i].sigalgo, 0, + &invalid_raw_data, + &signature); if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) - testfail - ("gnutls_x509_crt_verify_data2-2 (hashed data)\n"); - - sign_algo = - gnutls_pk_to_sign(gnutls_x509_crt_get_pk_algorithm - (crt, NULL), tests[i].digest); - ret = - gnutls_x509_crt_verify_data2(crt, sign_algo, 0, - &raw_data, &signature); + testfail( + "gnutls_x509_crt_verify_data2-2 (hashed data)\n"); + + sign_algo = gnutls_pk_to_sign( + gnutls_x509_crt_get_pk_algorithm(crt, NULL), + tests[i].digest); + ret = gnutls_x509_crt_verify_data2(crt, sign_algo, 0, &raw_data, + &signature); if (ret < 0) - testfail - ("gnutls_x509_crt_verify_data2-1 (hashed data)\n"); + testfail( + "gnutls_x509_crt_verify_data2-1 (hashed data)\n"); /* should fail */ - ret = - gnutls_x509_crt_verify_data2(crt, sign_algo, 0, - &invalid_raw_data, &signature); + ret = gnutls_x509_crt_verify_data2( + crt, sign_algo, 0, &invalid_raw_data, &signature); if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) - testfail - ("gnutls_x509_crt_verify_data2-2 (hashed data)\n"); + testfail( + "gnutls_x509_crt_verify_data2-2 (hashed data)\n"); gnutls_x509_crt_deinit(crt); gnutls_x509_privkey_deinit(privkey); diff --git a/tests/xts-key-check.c b/tests/xts-key-check.c index 5d510d2937..5ea8076137 100644 --- a/tests/xts-key-check.c +++ b/tests/xts-key-check.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -# include +#include #endif #include @@ -65,7 +65,8 @@ static void test_xts_check(gnutls_cipher_algorithm_t alg) gnutls_cipher_deinit(ctx); else fail("cipher initialization should succeed with key1 != key2" - "\n%s\n", gnutls_strerror(ret)); + "\n%s\n", + gnutls_strerror(ret)); } void doit(void) -- cgit v1.2.1