]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
Added test certificate with multiple XMPP othername SAN fields.
authorNikos Mavrogiannopoulos <nmav@gnutls.org>
Fri, 18 Apr 2014 23:15:57 +0000 (01:15 +0200)
committerNikos Mavrogiannopoulos <nmav@gnutls.org>
Fri, 18 Apr 2014 23:15:57 +0000 (01:15 +0200)
tests/cert-tests/Makefile.am
tests/cert-tests/pem-decoding
tests/cert-tests/xmpp-othername.pem [new file with mode: 0644]

index 0ba44fedf932f98c6a3087ac5eecc2d9d87908db..febd7431f6a41c49beaa74f02e9f528c5dc06383 100644 (file)
@@ -26,7 +26,7 @@ EXTRA_DIST = ca-no-pathlen.pem no-ca-or-pathlen.pem aki-cert.pem \
        template-dn.tmpl template-dn.pem complex-cert.pem template-overflow.pem \
        template-overflow.tmpl template-overflow2.pem template-overflow2.tmpl \
        template-date.tmpl template-date.pem template-dn-err.tmpl \
-       template-nc.tmpl template-nc.pem
+       template-nc.tmpl template-nc.pem xmpp-othername.pem
 
 dist_check_SCRIPTS = pathlen aki template-test pem-decoding dane
 
index ce13145634c7dc2ad48fae884164d11b7f9bcb73..19e83ad59ae15555be2ca74ede62ea9dc855447f 100755 (executable)
@@ -74,6 +74,25 @@ if test "$rc" != "0"; then
   exit $rc
 fi
 
+#check whether the cert with many othernames is decoded as expected
+$CERTTOOL --certificate-info --infile $srcdir/xmpp-othername.pem >tmp-pem.pem
+rc=$?
+
+if test "$rc" != "0"; then
+  echo "XMPP cert decoding failed 1"
+  exit $rc
+fi
+
+cat $srcdir/xmpp-othername.pem |grep -v "Not After:" >tmp1
+cat tmp-pem.pem |grep -v "Not After:" >tmp2
+$DIFF tmp1 tmp2 || $DIFF --strip-trailing-cr tmp1 tmp2
+rc=$?
+
+if test "$rc" != "0"; then
+  echo "XMPP cert decoding failed 2"
+  exit $rc
+fi
+
 rm -f tmp-pem.pem tmp1 tmp2
 
 exit 0
diff --git a/tests/cert-tests/xmpp-othername.pem b/tests/cert-tests/xmpp-othername.pem
new file mode 100644 (file)
index 0000000..2b093f6
--- /dev/null
@@ -0,0 +1,185 @@
+X.509 Certificate Information:
+       Version: 3
+       Serial Number (hex): 012275
+       Issuer: O=CAcert Inc.,OU=http://www.CAcert.org,CN=CAcert Class 3 Root
+       Validity:
+               Not Before: Wed May 08 17:18:12 UTC 2013
+               Not After: Fri May 08 17:18:12 UTC 2015
+       Subject: CN=corrin.geekwu.org
+       Subject Public Key Algorithm: RSA
+       Algorithm Security Level: High (4096 bits)
+               Modulus (bits 4096):
+                       00:ee:f9:81:39:85:5f:66:bb:9e:4a:27:2a:8c:f2:26
+                       f2:a1:7f:ad:8f:6f:3a:ea:11:e9:9a:54:c0:e1:f4:cd
+                       b0:01:88:90:23:f8:0d:ec:27:b8:10:8e:16:04:3a:3a
+                       80:9e:2d:bc:c7:3b:57:24:a8:89:7b:f7:f8:36:9c:03
+                       b5:c7:2e:40:dc:92:cc:cd:c5:fd:ea:d4:8a:73:d7:ef
+                       ef:af:dc:8e:0d:17:02:fd:2f:60:23:97:bd:11:68:9c
+                       15:54:e6:d5:48:4a:8c:4a:01:31:0f:8a:91:d7:6d:d7
+                       a7:d3:01:94:63:91:4d:08:c9:d2:91:1d:0a:9c:77:63
+                       1d:81:e7:d4:93:1a:f1:30:58:90:56:a6:7c:43:49:e1
+                       57:71:6a:1f:05:41:bc:8b:e8:4c:1a:e8:e0:a1:6e:1e
+                       61:9f:f8:b2:c6:f6:30:83:8c:13:41:53:c2:e6:fa:27
+                       5c:04:6e:76:58:29:36:03:02:72:1f:a1:c4:24:78:3a
+                       73:bf:47:40:b3:d6:b2:68:e6:85:4a:ca:54:c3:e7:04
+                       2d:6d:76:39:06:4a:0d:60:4b:5d:88:76:07:79:ee:f5
+                       de:b0:dd:0b:6f:a5:eb:3b:1f:ec:81:0b:30:2d:45:52
+                       32:ad:2e:31:e9:05:60:b8:27:96:cf:2a:d2:69:2f:17
+                       12:39:54:c0:ab:69:3d:34:fb:a0:2b:e6:c1:1e:ab:a1
+                       56:8d:01:a9:30:cc:19:a0:77:4b:c7:25:d4:8e:b3:d8
+                       0c:7d:e5:97:e1:7e:8d:b7:23:a4:29:54:0b:a0:a4:45
+                       31:47:45:d5:84:4b:ee:b6:fc:50:a1:2f:86:8d:92:32
+                       00:24:64:9b:9a:93:f2:b1:c5:11:bf:44:79:69:85:e5
+                       9a:98:67:24:e9:c1:59:97:dd:18:12:d6:e8:5f:89:62
+                       be:b3:68:74:dc:5e:39:6c:5d:c7:07:39:85:14:ce:80
+                       71:8b:53:c9:55:81:0e:f0:5b:cf:56:b3:cc:74:e6:1e
+                       fe:37:33:dd:6d:b9:c2:dc:3a:24:70:e3:92:12:5c:95
+                       87:1e:9f:07:cf:ef:c1:eb:f6:70:9c:25:0c:40:73:4b
+                       ac:4e:1a:6a:90:29:f9:68:10:2e:dd:19:06:82:0d:d7
+                       7d:c5:5b:76:c4:27:aa:87:2a:8b:db:96:a7:f1:2e:2e
+                       08:d1:08:8c:12:ef:70:a9:8b:53:65:b5:c3:2e:ef:97
+                       c8:92:3a:bd:23:bf:cf:e8:73:5f:a0:f4:3d:5f:a6:61
+                       94:68:c8:f6:18:01:77:09:9c:c4:93:47:db:da:65:68
+                       16:0b:72:c8:5b:b8:08:48:7a:6f:07:5f:43:e8:33:ca
+                       e5
+               Exponent (bits 24):
+                       01:00:01
+       Extensions:
+               Basic Constraints (critical):
+                       Certificate Authority (CA): FALSE
+               Key Usage (critical):
+                       Digital signature.
+                       Key encipherment.
+                       Key agreement.
+               Key Purpose (not critical):
+                       TLS WWW Client.
+                       TLS WWW Server.
+                       2.16.840.1.113730.4.1
+                       1.3.6.1.4.1.311.10.3.3
+               Authority Information Access (not critical):
+                       Access Method: 1.3.6.1.5.5.7.48.1 (id-ad-ocsp)
+                       Access Location URI: http://ocsp.cacert.org/
+               CRL Distribution points (not critical):
+                       URI: http://crl.cacert.org/class3-revoke.crl
+               Subject Alternative Name (not critical):
+                       DNSname: corrin.geekwu.org
+                       XMPP Address: corrin.geekwu.org
+                       DNSname: corrin.geekwu.org
+                       XMPP Address: corrin.geekwu.org
+                       DNSname: www.geekwu.org
+                       XMPP Address: www.geekwu.org
+                       DNSname: kaitain.geekwu.org
+                       XMPP Address: kaitain.geekwu.org
+                       DNSname: kaitain.new.geekwu.org
+                       XMPP Address: kaitain.new.geekwu.org
+                       DNSname: apt.geekwu.org
+                       XMPP Address: apt.geekwu.org
+                       DNSname: horde.geekwu.org
+                       XMPP Address: horde.geekwu.org
+                       DNSname: horde.corrin.geekwu.org
+                       XMPP Address: horde.corrin.geekwu.org
+                       DNSname: horde.durel.org
+                       XMPP Address: horde.durel.org
+                       DNSname: mail.durel.org
+                       XMPP Address: mail.durel.org
+                       DNSname: jabber.geekwu.org
+                       XMPP Address: jabber.geekwu.org
+       Signature Algorithm: RSA-SHA1
+       Signature:
+               61:e8:de:70:b4:1f:4c:60:8c:c5:18:c1:7d:d9:6c:4e
+               97:e4:d0:f6:c8:79:f9:2b:fe:fb:81:d0:b4:aa:d4:7d
+               79:4d:6e:95:ed:cc:11:8d:fa:8b:66:5c:c2:6b:44:07
+               18:9a:ce:de:42:c0:18:3a:55:91:e9:30:88:83:c7:6b
+               cd:e0:65:b8:fe:19:a4:13:c7:6c:67:22:b3:05:65:6a
+               29:c7:44:45:13:c9:43:ec:2c:3d:a4:f7:9d:4d:5d:32
+               73:de:63:0e:17:9d:b8:21:aa:d7:d5:16:70:f4:1f:79
+               55:07:6d:3f:f3:0e:e4:e3:a2:06:1b:7a:2a:12:57:59
+               4c:65:8d:19:7d:54:9d:15:f8:42:b4:81:1a:ab:99:54
+               fc:6b:10:45:51:04:2e:d2:dd:31:b6:9b:0b:7a:28:22
+               63:b6:9a:7e:62:b6:cf:b9:8f:3b:92:85:6f:03:33:f5
+               4b:96:0e:e6:5b:35:23:d4:e8:2f:4c:61:98:68:c7:61
+               28:78:48:df:df:e0:14:64:86:70:0a:24:b3:6a:19:50
+               77:3d:df:77:51:fe:b9:af:7e:2e:5e:43:54:24:25:5b
+               84:58:a7:b5:53:82:29:0c:1c:29:f7:ae:0b:8a:57:06
+               77:9e:d6:2b:b4:fa:d0:84:f7:78:c0:bc:27:8c:ce:49
+               b3:65:21:9a:f7:7a:20:91:26:74:3c:28:8f:bc:52:07
+               03:1d:d2:d2:75:a4:11:23:d7:5d:af:0c:5b:55:67:0a
+               5a:2d:d3:5c:94:ff:16:cc:7a:f8:11:18:32:cc:08:88
+               2f:6e:5d:f7:17:f2:70:c0:b1:d9:a1:f5:50:a0:75:1e
+               b2:88:bb:3c:1e:7b:ec:ce:d5:d0:f1:d6:dd:8c:c8:f5
+               f5:f1:c4:28:24:1b:fc:a9:63:ea:2c:eb:5b:0f:17:ae
+               7c:73:89:8e:e5:1f:b2:f1:44:15:c2:02:cf:a3:0c:ef
+               10:71:fe:c6:bc:83:03:f6:72:96:a9:e3:7a:d0:d7:15
+               be:e3:e5:d7:27:bc:09:81:11:8c:20:30:b2:d5:d4:14
+               35:77:0f:bf:3a:ed:1d:ae:73:f0:9e:17:e8:7b:05:56
+               fd:3f:ea:d5:33:27:50:12:cd:41:45:7d:ec:38:3c:1f
+               4b:87:ea:6a:38:f7:ba:3d:03:e0:e1:12:5c:d5:80:01
+               3d:e6:c0:f4:af:aa:13:d9:c8:c4:d9:1b:07:07:12:28
+               29:79:6a:ee:93:f9:e5:51:68:47:0c:4e:71:1a:65:0b
+               8e:96:55:5a:b8:aa:9e:f2:d4:2f:75:c8:c3:ed:71:29
+               0d:50:53:12:27:1d:33:9e:88:ad:e8:d7:5c:5c:e6:25
+Other Information:
+       SHA1 fingerprint:
+               76dd3120fa7875c0be1c02e20c011e44376b4a3c
+       SHA256 fingerprint:
+               814f39ca12a03cc103ad4ed1ff27e7d5f78f67fd83d5be526c5e5a5b790840b8
+       Public Key ID:
+               8fade0593f112844029a404634863883e7e0030f
+       Public key's random art:
+               +--[ RSA 4096]----+
+               |OB.....          |
+               |Eoo  ..          |
+               |=O   .   .       |
+               | oo   . . .      |
+               |  .    .S  .     |
+               |         +.      |
+               |      . o o.     |
+               |     . + o.      |
+               |      o . ..     |
+               +-----------------+
+
+-----BEGIN CERTIFICATE-----
+MIIIAzCCBeugAwIBAgIDASJ1MA0GCSqGSIb3DQEBBQUAMFQxFDASBgNVBAoTC0NB
+Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV
+BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMTMwNTA4MTcxODEyWhcNMTUwNTA4
+MTcxODEyWjAcMRowGAYDVQQDExFjb3JyaW4uZ2Vla3d1Lm9yZzCCAiIwDQYJKoZI
+hvcNAQEBBQADggIPADCCAgoCggIBAO75gTmFX2a7nkonKozyJvKhf62PbzrqEema
+VMDh9M2wAYiQI/gN7Ce4EI4WBDo6gJ4tvMc7VySoiXv3+DacA7XHLkDckszNxf3q
+1Ipz1+/vr9yODRcC/S9gI5e9EWicFVTm1UhKjEoBMQ+Kkddt16fTAZRjkU0IydKR
+HQqcd2MdgefUkxrxMFiQVqZ8Q0nhV3FqHwVBvIvoTBro4KFuHmGf+LLG9jCDjBNB
+U8Lm+idcBG52WCk2AwJyH6HEJHg6c79HQLPWsmjmhUrKVMPnBC1tdjkGSg1gS12I
+dgd57vXesN0Lb6XrOx/sgQswLUVSMq0uMekFYLgnls8q0mkvFxI5VMCraT00+6Ar
+5sEeq6FWjQGpMMwZoHdLxyXUjrPYDH3ll+F+jbcjpClUC6CkRTFHRdWES+62/FCh
+L4aNkjIAJGSbmpPyscURv0R5aYXlmphnJOnBWZfdGBLW6F+JYr6zaHTcXjlsXccH
+OYUUzoBxi1PJVYEO8FvPVrPMdOYe/jcz3W25wtw6JHDjkhJclYcenwfP78Hr9nCc
+JQxAc0usThpqkCn5aBAu3RkGgg3XfcVbdsQnqocqi9uWp/EuLgjRCIwS73Cpi1Nl
+tcMu75fIkjq9I7/P6HNfoPQ9X6ZhlGjI9hgBdwmcxJNH29plaBYLcshbuAhIem8H
+X0PoM8rlAgMBAAGjggMUMIIDEDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwID
+qDA0BgNVHSUELTArBggrBgEFBQcDAgYIKwYBBQUHAwEGCWCGSAGG+EIEAQYKKwYB
+BAGCNwoDAzAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3Nw
+LmNhY2VydC5vcmcvMDgGA1UdHwQxMC8wLaAroCmGJ2h0dHA6Ly9jcmwuY2FjZXJ0
+Lm9yZy9jbGFzczMtcmV2b2tlLmNybDCCAkkGA1UdEQSCAkAwggI8ghFjb3JyaW4u
+Z2Vla3d1Lm9yZ6AfBggrBgEFBQcIBaATDBFjb3JyaW4uZ2Vla3d1Lm9yZ4IRY29y
+cmluLmdlZWt3dS5vcmegHwYIKwYBBQUHCAWgEwwRY29ycmluLmdlZWt3dS5vcmeC
+Dnd3dy5nZWVrd3Uub3JnoBwGCCsGAQUFBwgFoBAMDnd3dy5nZWVrd3Uub3JnghJr
+YWl0YWluLmdlZWt3dS5vcmegIAYIKwYBBQUHCAWgFAwSa2FpdGFpbi5nZWVrd3Uu
+b3JnghZrYWl0YWluLm5ldy5nZWVrd3Uub3JnoCQGCCsGAQUFBwgFoBgMFmthaXRh
+aW4ubmV3LmdlZWt3dS5vcmeCDmFwdC5nZWVrd3Uub3JnoBwGCCsGAQUFBwgFoBAM
+DmFwdC5nZWVrd3Uub3JnghBob3JkZS5nZWVrd3Uub3JnoB4GCCsGAQUFBwgFoBIM
+EGhvcmRlLmdlZWt3dS5vcmeCF2hvcmRlLmNvcnJpbi5nZWVrd3Uub3JnoCUGCCsG
+AQUFBwgFoBkMF2hvcmRlLmNvcnJpbi5nZWVrd3Uub3Jngg9ob3JkZS5kdXJlbC5v
+cmegHQYIKwYBBQUHCAWgEQwPaG9yZGUuZHVyZWwub3Jngg5tYWlsLmR1cmVsLm9y
+Z6AcBggrBgEFBQcIBaAQDA5tYWlsLmR1cmVsLm9yZ4IRamFiYmVyLmdlZWt3dS5v
+cmegHwYIKwYBBQUHCAWgEwwRamFiYmVyLmdlZWt3dS5vcmcwDQYJKoZIhvcNAQEF
+BQADggIBAGHo3nC0H0xgjMUYwX3ZbE6X5ND2yHn5K/77gdC0qtR9eU1ule3MEY36
+i2ZcwmtEBxiazt5CwBg6VZHpMIiDx2vN4GW4/hmkE8dsZyKzBWVqKcdERRPJQ+ws
+PaT3nU1dMnPeYw4XnbghqtfVFnD0H3lVB20/8w7k46IGG3oqEldZTGWNGX1UnRX4
+QrSBGquZVPxrEEVRBC7S3TG2mwt6KCJjtpp+YrbPuY87koVvAzP1S5YO5ls1I9To
+L0xhmGjHYSh4SN/f4BRkhnAKJLNqGVB3Pd93Uf65r34uXkNUJCVbhFintVOCKQwc
+KfeuC4pXBnee1iu0+tCE93jAvCeMzkmzZSGa93ogkSZ0PCiPvFIHAx3S0nWkESPX
+Xa8MW1VnClot01yU/xbMevgRGDLMCIgvbl33F/JwwLHZofVQoHUesoi7PB577M7V
+0PHW3YzI9fXxxCgkG/ypY+os61sPF658c4mO5R+y8UQVwgLPowzvEHH+xryDA/Zy
+lqnjetDXFb7j5dcnvAmBEYwgMLLV1BQ1dw+/Ou0drnPwnhfoewVW/T/q1TMnUBLN
+QUV97Dg8H0uH6mo497o9A+DhElzVgAE95sD0r6oT2cjE2RsHBxIoKXlq7pP55VFo
+RwxOcRplC46WVVq4qp7y1C91yMPtcSkNUFMSJx0znoit6NdcXOYl
+-----END CERTIFICATE-----