]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
projects / thirdparty / gnutls.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 54dc00c)
tests: added checks with certificates that contain invalid time field
authorNikos Mavrogiannopoulos <nmav@redhat.com>
Fri, 7 Apr 2017 12:42:10 +0000 (14:42 +0200)
committerNikos Mavrogiannopoulos <nmav@redhat.com>
Fri, 7 Apr 2017 12:42:10 +0000 (14:42 +0200)
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
tests/cert-tests/Makefile.am patch | blob | blame | history
tests/cert-tests/cert-time [new file with mode: 0755] patch | blob
tests/cert-tests/data/invalid-date-day.der [new file with mode: 0644] patch | blob
tests/cert-tests/data/invalid-date-hour.der [new file with mode: 0644] patch | blob
tests/cert-tests/data/invalid-date-mins.der [new file with mode: 0644] patch | blob
tests/cert-tests/data/invalid-date-month.der [new file with mode: 0644] patch | blob
tests/cert-tests/data/invalid-date-secs.der [new file with mode: 0644] patch | blob

diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am
index 2f936e3402162982f649ed1f4113c80b08c6d09d..80677900cc5fb5d9d3a4a5a2e9d0c255f56ec7a8 100644 (file)
--- a/tests/cert-tests/Makefile.am
+++ b/tests/cert-tests/Makefile.am
@@ -72,7 +72,8 @@ EXTRA_DIST = data/ca-no-pathlen.pem data/no-ca-or-pathlen.pem data/aki-cert.pem
        data/key-corpus-rc2-1.p12 data/key-corpus-rc2-2.p12 data/key-corpus-rc2-3.p12 \
        data/key-corpus-rc2-1.p12.out data/no-salt.p12 data/mac-sha512.p12 data/pbes1-no-salt.p12 \
        templates/inhibit-anypolicy.tmpl data/inhibit-anypolicy.pem data/aes-128.p12 \
-       data/pkcs7.smime
+       data/pkcs7.smime data/invalid-date-hour.der data/invalid-date-mins.der \
+       data/invalid-date-secs.der data/invalid-date-month.der data/invalid-date-day.der
 
 dist_check_SCRIPTS = pathlen aki certtool invalid-sig email \
        pkcs7 pkcs7-broken-sigs privkey-import name-constraints certtool-long-cn crl provable-privkey \
@@ -80,7 +81,7 @@ dist_check_SCRIPTS = pathlen aki certtool invalid-sig email \
        provable-privkey-rsa2048 provable-privkey-gen-default pkcs7-constraints \
        pkcs7-constraints2 certtool-long-oids pkcs7-cat cert-sanity cert-critical \
        pkcs12 certtool-crl-decoding pkcs12-encode pkcs12-corner-cases inhibit-anypolicy \
-       smime
+       smime cert-time
 
 if WANT_TEST_SUITE
 dist_check_SCRIPTS += provable-dh-default
diff --git a/tests/cert-tests/cert-time b/tests/cert-tests/cert-time
new file mode 100755 (executable)
index 0000000..6ee2a22
--- /dev/null
+++ b/tests/cert-tests/cert-time
@@ -0,0 +1,46 @@
+#!/bin/sh
+
+# Copyright (C) 2017 Red Hat, Inc.
+#
+# This file is part of GnuTLS.
+#
+# GnuTLS is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GnuTLS; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+#set -e
+
+srcdir="${srcdir:-.}"
+CERTTOOL="${CERTTOOL:-../../src/certtool${EXEEXT}}"
+DIFF="${DIFF:-diff -b -B}"
+
+if ! test -x "${CERTTOOL}"; then
+       exit 77
+fi
+
+if ! test -z "${VALGRIND}"; then
+       VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND}"
+fi
+
+# Check whether certificates with invalid time fields are accepted
+for file in invalid-date-hour.der invalid-date-mins.der invalid-date-secs.der invalid-date-month.der invalid-date-day.der;do
+       ${VALGRIND} "${CERTTOOL}" --inder -i --infile "${srcdir}/data/$file"
+       rc=$?
+
+       if test "${rc}" = "0";then
+               echo "file $file was accepted"
+               exit 1
+       fi
+done
+
+exit 0
diff --git a/tests/cert-tests/data/invalid-date-day.der b/tests/cert-tests/data/invalid-date-day.der
new file mode 100644 (file)
index 0000000..76e7ec1
Binary files /dev/null and b/tests/cert-tests/data/invalid-date-day.der differ
diff --git a/tests/cert-tests/data/invalid-date-hour.der b/tests/cert-tests/data/invalid-date-hour.der
new file mode 100644 (file)
index 0000000..5bdf8eb
Binary files /dev/null and b/tests/cert-tests/data/invalid-date-hour.der differ
diff --git a/tests/cert-tests/data/invalid-date-mins.der b/tests/cert-tests/data/invalid-date-mins.der
new file mode 100644 (file)
index 0000000..47054dd
Binary files /dev/null and b/tests/cert-tests/data/invalid-date-mins.der differ
diff --git a/tests/cert-tests/data/invalid-date-month.der b/tests/cert-tests/data/invalid-date-month.der
new file mode 100644 (file)
index 0000000..e3cbf73
Binary files /dev/null and b/tests/cert-tests/data/invalid-date-month.der differ
diff --git a/tests/cert-tests/data/invalid-date-secs.der b/tests/cert-tests/data/invalid-date-secs.der
new file mode 100644 (file)
index 0000000..f796a30
Binary files /dev/null and b/tests/cert-tests/data/invalid-date-secs.der differ
Mirror of https://gitlab.com/gnutls/gnutls.git