From 1f47fbffe1befb30a1bd3dfcec079a8a9f2fd957 Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Mon, 17 Dec 2012 21:41:44 +0100 Subject: Test a TRUSTED CERTIFICATE without any trust OIDs --- build/certs/Makefile.am | 2 ++ build/certs/redhat-newca.der | Bin 0 -> 948 bytes trust/tests/files/distrusted.pem | 23 +++++++++++++++++++++++ trust/tests/test-parser.c | 15 +++++++++++++++ 4 files changed, 40 insertions(+) create mode 100644 build/certs/redhat-newca.der create mode 100644 trust/tests/files/distrusted.pem diff --git a/build/certs/Makefile.am b/build/certs/Makefile.am index f8ec1c2..a1a7017 100644 --- a/build/certs/Makefile.am +++ b/build/certs/Makefile.am @@ -14,6 +14,8 @@ prepare-certs: -setalias "Custom Label" cp -v cacert-ca.der $(TRUST)/certificates cp -v cacert-ca.der $(TRUST)/files + openssl x509 -in redhat-newca.der -inform DER -out $(TRUST)/files/distrusted.pem \ + -addreject clientAuth -setalias "Red Hat Is the CA" cp -v self-server.der $(TRUST)/files cp -v self-signed-with-eku.der $(TRUST)/certificates cp -v self-signed-with-ku.der $(TRUST)/certificates diff --git a/build/certs/redhat-newca.der b/build/certs/redhat-newca.der new file mode 100644 index 0000000..affae24 Binary files /dev/null and b/build/certs/redhat-newca.der differ diff --git a/trust/tests/files/distrusted.pem b/trust/tests/files/distrusted.pem new file mode 100644 index 0000000..8de6ff0 --- /dev/null +++ b/trust/tests/files/distrusted.pem @@ -0,0 +1,23 @@ +-----BEGIN TRUSTED CERTIFICATE----- +MIIDsDCCAxmgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBnTELMAkGA1UEBhMCVVMx +FzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRAwDgYDVQQHEwdSYWxlaWdoMRYwFAYD +VQQKEw1SZWQgSGF0LCBJbmMuMQswCQYDVQQLEwJJUzEWMBQGA1UEAxMNUmVkIEhh +dCBJUyBDQTEmMCQGCSqGSIb3DQEJARYXc3lzYWRtaW4tcmR1QHJlZGhhdC5jb20w +HhcNMDkwOTE2MTg0NTI1WhcNMTkwOTE0MTg0NTI1WjCBnTELMAkGA1UEBhMCVVMx +FzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRAwDgYDVQQHEwdSYWxlaWdoMRYwFAYD +VQQKEw1SZWQgSGF0LCBJbmMuMQswCQYDVQQLEwJJUzEWMBQGA1UEAxMNUmVkIEhh +dCBJUyBDQTEmMCQGCSqGSIb3DQEJARYXc3lzYWRtaW4tcmR1QHJlZGhhdC5jb20w +gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN/HDWGiL8BarUWDIjNC6uxCXqYN +QkwcmhILX+cl+YuDDArFL1pYVrith228gF3dSUU5X7kIOmPkkjNheRkbnas61X+n +i3+KWvbX3q+h5VMxKX2cA1U+R3jLuXqYjF+N2gkPyPvxeoDuEncKAItw+mK/r+4L +WBb5nFzek7hP3017AgMBAAGjgf0wgfowHQYDVR0OBBYEFA2sGXDtBKdeeKv+i6g0 +6yEmwVY1MIHKBgNVHSMEgcIwgb+AFA2sGXDtBKdeeKv+i6g06yEmwVY1oYGjpIGg +MIGdMQswCQYDVQQGEwJVUzEXMBUGA1UECBMOTm9ydGggQ2Fyb2xpbmExEDAOBgNV +BAcTB1JhbGVpZ2gxFjAUBgNVBAoTDVJlZCBIYXQsIEluYy4xCzAJBgNVBAsTAklT +MRYwFAYDVQQDEw1SZWQgSGF0IElTIENBMSYwJAYJKoZIhvcNAQkBFhdzeXNhZG1p +bi1yZHVAcmVkaGF0LmNvbYIBATAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA +A4GBAFBgO5y3JcPXH/goumNBW7rr8m9EFZmQyK5gT1Ljv5qaCSZwxkAomhriv04p +mb1y8yjrK5OY3WwgaRaAWRHp4/hn2HWaRvx3S+gwLM7p8V1pWnbSFJOXF3kbuC41 +voMIMqAFfHKidKN/yrjJg/1ahIjSt11lMUvRJ4TNT+pk5VnBMB+gCgYIKwYBBQUH +AwIMEVJlZCBIYXQgSXMgdGhlIENB +-----END TRUSTED CERTIFICATE----- diff --git a/trust/tests/test-parser.c b/trust/tests/test-parser.c index d402fe8..132d551 100644 --- a/trust/tests/test-parser.c +++ b/trust/tests/test-parser.c @@ -183,6 +183,20 @@ test_parse_openssl_trusted (CuTest *cu) } static void +test_parse_distrusted (CuTest *cu) +{ + int ret; + + setup (cu); + + ret = p11_parse_file (test.parser, SRCDIR "/files/distrusted.pem", + 0, on_parse_object, cu); + CuAssertIntEquals (cu, P11_PARSE_SUCCESS, ret); + + teardown (cu); +} + +static void test_parse_anchor (CuTest *cu) { CK_ATTRIBUTE *attrs; @@ -372,6 +386,7 @@ main (void) SUITE_ADD_TEST (suite, test_parse_der_certificate); SUITE_ADD_TEST (suite, test_parse_pem_certificate); SUITE_ADD_TEST (suite, test_parse_openssl_trusted); + SUITE_ADD_TEST (suite, test_parse_distrusted); SUITE_ADD_TEST (suite, test_parse_anchor); SUITE_ADD_TEST (suite, test_parse_no_sink); SUITE_ADD_TEST (suite, test_parse_invalid_file); -- cgit v1.1