From c9093085edd6ef9407082d32f748269b5bdb59b6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 12 Feb 2014 09:39:59 +0100 Subject: [PATCH] Revert "Merged RSA-PSS support in Certificate, CSR and CRL" This reverts commit ab50d8d30c22f38e3e2d2373219cfbeb1940082e, reversing changes made to e31b1d992ad0a3874646c73a44f3eb750d13e900. --- ChangeLog | 5 - include/polarssl/asn1.h | 10 +- include/polarssl/config.h | 21 -- include/polarssl/oid.h | 4 - include/polarssl/pk.h | 1 - include/polarssl/x509.h | 13 +- include/polarssl/x509_crl.h | 3 - include/polarssl/x509_crt.h | 3 - include/polarssl/x509_csr.h | 3 - library/oid.c | 4 - library/x509.c | 288 +-------------------- library/x509_crl.c | 36 +-- library/x509_crt.c | 36 +-- library/x509_csr.c | 23 +- tests/data_files/crl-rsa-pss-sha1.pem | 14 - tests/data_files/crl-rsa-pss-sha224.pem | 16 -- tests/data_files/crl-rsa-pss-sha256.pem | 16 -- tests/data_files/crl-rsa-pss-sha384.pem | 16 -- tests/data_files/crl-rsa-pss-sha512.pem | 16 -- tests/data_files/server5.req.sha1 | 8 - tests/data_files/server5.req.sha224 | 8 - tests/data_files/server5.req.sha256 | 8 - tests/data_files/server5.req.sha384 | 8 - tests/data_files/server5.req.sha512 | 8 - tests/data_files/server9-sha224.crt | 20 -- tests/data_files/server9-sha256.crt | 20 -- tests/data_files/server9-sha384.crt | 20 -- tests/data_files/server9-sha512.crt | 20 -- tests/data_files/server9.crt | 19 -- tests/data_files/server9.key | 15 -- tests/data_files/server9.req.sha1 | 11 - tests/data_files/server9.req.sha224 | 12 - tests/data_files/server9.req.sha256 | 12 - tests/data_files/server9.req.sha384 | 12 - tests/data_files/server9.req.sha512 | 12 - tests/suites/test_suite_x509parse.data | 108 -------- tests/suites/test_suite_x509parse.function | 23 -- 37 files changed, 40 insertions(+), 832 deletions(-) delete mode 100644 tests/data_files/crl-rsa-pss-sha1.pem delete mode 100644 tests/data_files/crl-rsa-pss-sha224.pem delete mode 100644 tests/data_files/crl-rsa-pss-sha256.pem delete mode 100644 tests/data_files/crl-rsa-pss-sha384.pem delete mode 100644 tests/data_files/crl-rsa-pss-sha512.pem delete mode 100644 tests/data_files/server5.req.sha1 delete mode 100644 tests/data_files/server5.req.sha224 delete mode 100644 tests/data_files/server5.req.sha256 delete mode 100644 tests/data_files/server5.req.sha384 delete mode 100644 tests/data_files/server5.req.sha512 delete mode 100644 tests/data_files/server9-sha224.crt delete mode 100644 tests/data_files/server9-sha256.crt delete mode 100644 tests/data_files/server9-sha384.crt delete mode 100644 tests/data_files/server9-sha512.crt delete mode 100644 tests/data_files/server9.crt delete mode 100644 tests/data_files/server9.key delete mode 100644 tests/data_files/server9.req.sha1 delete mode 100644 tests/data_files/server9.req.sha224 delete mode 100644 tests/data_files/server9.req.sha256 delete mode 100644 tests/data_files/server9.req.sha384 delete mode 100644 tests/data_files/server9.req.sha512 diff --git a/ChangeLog b/ChangeLog index fab21543e..e44674294 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,14 +1,9 @@ PolarSSL ChangeLog (Sorted per branch, date) -TODO: bump SOVERSION -(internal-but-not-static function x509_get_sig_alg() changed prototype) - = PolarSSL 1.3 branch Features * HMAC-DRBG as a separate module * Option to set the Curve preference order - * Support for RSASSA-PSS keys and signatures in certificates, CSRs - and CRLs * Single Platform compatilibity layer (for memory / printf / fprintf) * Ability to provide alternate timing implementation * Ability to force the entropy module to use SHA-256 as its basis diff --git a/include/polarssl/asn1.h b/include/polarssl/asn1.h index 7dc591e9c..45fd6cd87 100644 --- a/include/polarssl/asn1.h +++ b/include/polarssl/asn1.h @@ -93,13 +93,9 @@ /** Returns the size of the binary string, without the trailing \\0 */ #define OID_SIZE(x) (sizeof(x) - 1) -/** - * Compares an asn1_buf structure to a reference OID. - * - * Only works for 'defined' oid_str values (OID_HMAC_SHA1), you cannot use a - * 'unsigned char *oid' here! - * - * Warning: returns true when the OIDs are equal (unlike memcmp)! +/** Compares two asn1_buf structures for the same OID. Only works for + * 'defined' oid_str values (OID_HMAC_SHA1), you cannot use a 'unsigned + * char *oid' here! */ #define OID_CMP(oid_str, oid_buf) \ ( ( OID_SIZE(oid_str) == (oid_buf)->len ) && \ diff --git a/include/polarssl/config.h b/include/polarssl/config.h index db34e6a29..251b28b0d 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -202,22 +202,6 @@ //#define POLARSSL_SHA256_ALT //#define POLARSSL_SHA512_ALT -/** - * \def POLARSSL_RSASSA_PSS_CERTIFICATES - * - * Enable parsing and verification of X.509 certificates and CRLs signed with - * RSASSA-PSS. - * - * This is disabled by default since it breaks binary compatibility with the - * 1.3.x line. If you choose to enable it, you will need to rebuild your - * application against the new header files, relinking will not be enough. - * - * TODO: actually disable it when done working on this branch ,) - * - * Uncomment this macro to allow using RSASSA-PSS in certificates. - */ -#define POLARSSL_RSASSA_PSS_CERTIFICATES - /** * \def POLARSSL_AES_ROM_TABLES * @@ -2224,11 +2208,6 @@ #error "POLARSSL_RSA_C defined, but not all prerequisites" #endif -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) && \ - ( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_PKCS1_V21) ) -#error "POLARSSL_RSASSA_PSS_CERTIFICATES defined, but not all prerequisites" -#endif - #if defined(POLARSSL_SSL_PROTO_SSL3) && ( !defined(POLARSSL_MD5_C) || \ !defined(POLARSSL_SHA1_C) ) #error "POLARSSL_SSL_PROTO_SSL3 defined, but not all prerequisites" diff --git a/include/polarssl/oid.h b/include/polarssl/oid.h index 5f20b5604..f000b8e7e 100644 --- a/include/polarssl/oid.h +++ b/include/polarssl/oid.h @@ -193,10 +193,6 @@ #define OID_PKCS9_EMAIL OID_PKCS9 "\x01" /**< emailAddress AttributeType ::= { pkcs-9 1 } */ -/* RFC 4055 */ -#define OID_RSASSA_PSS OID_PKCS1 "\x0a" /**< id-RSASSA-PSS ::= { pkcs-1 10 } */ -#define OID_MGF1 OID_PKCS1 "\x08" /**< id-mgf1 ::= { pkcs-1 8 } */ - /* * Digest algorithms */ diff --git a/include/polarssl/pk.h b/include/polarssl/pk.h index e32f9c921..013d9736a 100644 --- a/include/polarssl/pk.h +++ b/include/polarssl/pk.h @@ -94,7 +94,6 @@ typedef enum { POLARSSL_PK_ECKEY_DH, POLARSSL_PK_ECDSA, POLARSSL_PK_RSA_ALT, - POLARSSL_PK_RSASSA_PSS, } pk_type_t; /** diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h index 6e8641fdb..a45653770 100644 --- a/include/polarssl/x509.h +++ b/include/polarssl/x509.h @@ -254,16 +254,9 @@ int x509_get_name( unsigned char **p, const unsigned char *end, x509_name *cur ); int x509_get_alg_null( unsigned char **p, const unsigned char *end, x509_buf *alg ); -int x509_get_alg( unsigned char **p, const unsigned char *end, - x509_buf *alg, x509_buf *params ); -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) -int x509_get_rsassa_pss_params( const x509_buf *params, - md_type_t *md_alg, md_type_t *mgf_md, - int *salt_len, int *trailer_field ); -#endif int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig ); -int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params, - md_type_t *md_alg, pk_type_t *pk_alg ); +int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg, + pk_type_t *pk_alg ); int x509_get_time( unsigned char **p, const unsigned char *end, x509_time *time ); int x509_get_serial( unsigned char **p, const unsigned char *end, @@ -271,8 +264,6 @@ int x509_get_serial( unsigned char **p, const unsigned char *end, int x509_get_ext( unsigned char **p, const unsigned char *end, x509_buf *ext, int tag ); int x509_load_file( const char *path, unsigned char **buf, size_t *n ); -int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid, - pk_type_t pk_alg, const x509_buf *sig_params ); int x509_key_size_helper( char *buf, size_t size, const char *name ); int x509_string_to_names( asn1_named_data **head, const char *name ); int x509_set_extension( asn1_named_data **head, const char *oid, size_t oid_len, int critical, const unsigned char *val, size_t val_len ); diff --git a/include/polarssl/x509_crl.h b/include/polarssl/x509_crl.h index 14f648fd4..0c79916af 100644 --- a/include/polarssl/x509_crl.h +++ b/include/polarssl/x509_crl.h @@ -89,9 +89,6 @@ typedef struct _x509_crl x509_buf sig; md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ pk_type_t sig_pk /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */; -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - x509_buf sig_params; /**< Parameters for the signature algorithm */ -#endif struct _x509_crl *next; } diff --git a/include/polarssl/x509_crt.h b/include/polarssl/x509_crt.h index 916dc3b33..ee8f9e6cd 100644 --- a/include/polarssl/x509_crt.h +++ b/include/polarssl/x509_crt.h @@ -89,9 +89,6 @@ typedef struct _x509_crt x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */ md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ pk_type_t sig_pk /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */; -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - x509_buf sig_params; /**< Parameters for the signature algorithm */ -#endif struct _x509_crt *next; /**< Next certificate in the CA-chain. */ } diff --git a/include/polarssl/x509_csr.h b/include/polarssl/x509_csr.h index a5c109606..7e3830087 100644 --- a/include/polarssl/x509_csr.h +++ b/include/polarssl/x509_csr.h @@ -63,9 +63,6 @@ typedef struct _x509_csr x509_buf sig; md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ pk_type_t sig_pk /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */; -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - x509_buf sig_params; /**< Parameters for the signature algorithm */ -#endif } x509_csr; diff --git a/library/oid.c b/library/oid.c index 107860836..f943c6d34 100644 --- a/library/oid.c +++ b/library/oid.c @@ -327,10 +327,6 @@ static const oid_sig_alg_t oid_sig_alg[] = { ADD_LEN( OID_ECDSA_SHA512 ), "ecdsa-with-SHA512", "ECDSA with SHA512" }, POLARSSL_MD_SHA512, POLARSSL_PK_ECDSA, }, - { - { ADD_LEN( OID_RSASSA_PSS ), "RSASSA-PSS", "RSASSA-PSS" }, - POLARSSL_MD_NONE, POLARSSL_PK_RSASSA_PSS, - }, { { NULL, 0, NULL, NULL }, 0, 0, diff --git a/library/x509.c b/library/x509.c index 17e8b4d5e..e042347ba 100644 --- a/library/x509.c +++ b/library/x509.c @@ -119,215 +119,6 @@ int x509_get_alg_null( unsigned char **p, const unsigned char *end, return( 0 ); } -/* - * Parse an algorithm identifier with (optional) paramaters - */ -int x509_get_alg( unsigned char **p, const unsigned char *end, - x509_buf *alg, x509_buf *params ) -{ - int ret; - - if( ( ret = asn1_get_alg( p, end, alg, params ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); - - return( 0 ); -} - -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) -/* - * HashAlgorithm ::= AlgorithmIdentifier - * - * AlgorithmIdentifier ::= SEQUENCE { - * algorithm OBJECT IDENTIFIER, - * parameters ANY DEFINED BY algorithm OPTIONAL } - * - * For HashAlgorithm, parameters MUST be NULL or absent. - */ -static int x509_get_hash_alg( const x509_buf *alg, md_type_t *md_alg ) -{ - int ret; - unsigned char *p; - const unsigned char *end; - x509_buf md_oid; - size_t len; - - /* Make sure we got a SEQUENCE and setup bounds */ - if( alg->tag != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) - return( POLARSSL_ERR_X509_INVALID_ALG + - POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); - - p = (unsigned char *) alg->p; - end = p + alg->len; - - if( p >= end ) - return( POLARSSL_ERR_X509_INVALID_ALG + - POLARSSL_ERR_ASN1_OUT_OF_DATA ); - - /* Parse md_oid */ - md_oid.tag = *p; - - if( ( ret = asn1_get_tag( &p, end, &md_oid.len, ASN1_OID ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); - - md_oid.p = p; - p += md_oid.len; - - /* Get md_alg from md_oid */ - if( ( ret = oid_get_md_alg( &md_oid, md_alg ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); - - /* Make sure params is absent of NULL */ - if( p == end ) - return( 0 ); - - if( ( ret = asn1_get_tag( &p, end, &len, ASN1_NULL ) ) != 0 || len != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); - - if( p != end ) - return( POLARSSL_ERR_X509_INVALID_ALG + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); - - return( 0 ); -} - -/* - * RSASSA-PSS-params ::= SEQUENCE { - * hashAlgorithm [0] HashAlgorithm DEFAULT sha1Identifier, - * maskGenAlgorithm [1] MaskGenAlgorithm DEFAULT mgf1SHA1Identifier, - * saltLength [2] INTEGER DEFAULT 20, - * trailerField [3] INTEGER DEFAULT 1 } - * -- Note that the tags in this Sequence are explicit. - */ -int x509_get_rsassa_pss_params( const x509_buf *params, - md_type_t *md_alg, md_type_t *mgf_md, - int *salt_len, int *trailer_field ) -{ - int ret; - unsigned char *p; - const unsigned char *end, *end2; - size_t len; - x509_buf alg_id, alg_params; - - /* First set everything to defaults */ - *md_alg = POLARSSL_MD_SHA1; - *mgf_md = POLARSSL_MD_SHA1; - *salt_len = 20; - *trailer_field = 1; - - /* Make sure params is a SEQUENCE and setup bounds */ - if( params->tag != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) - return( POLARSSL_ERR_X509_INVALID_ALG + - POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); - - p = (unsigned char *) params->p; - end = p + params->len; - - if( p == end ) - return( 0 ); - - /* - * HashAlgorithm - */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) == 0 ) - { - end2 = p + len; - - /* HashAlgorithm ::= AlgorithmIdentifier (without parameters) */ - if( ( ret = x509_get_alg_null( &p, end2, &alg_id ) ) != 0 ) - return( ret ); - - if( ( ret = oid_get_md_alg( &alg_id, md_alg ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); - - if( p != end2 ) - return( POLARSSL_ERR_X509_INVALID_ALG + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); - } - else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); - - if( p == end ) - return( 0 ); - - /* - * MaskGenAlgorithm - */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) ) == 0 ) - { - end2 = p + len; - - /* MaskGenAlgorithm ::= AlgorithmIdentifier (params = HashAlgorithm) */ - if( ( ret = x509_get_alg( &p, end2, &alg_id, &alg_params ) ) != 0 ) - return( ret ); - - /* Only MFG1 is recognised for now */ - if( ! OID_CMP( OID_MGF1, &alg_id ) ) - return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE + - POLARSSL_ERR_OID_NOT_FOUND ); - - /* Parse HashAlgorithm */ - if( ( ret = x509_get_hash_alg( &alg_params, mgf_md ) ) != 0 ) - return( ret ); - - if( p != end2 ) - return( POLARSSL_ERR_X509_INVALID_ALG + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); - } - else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); - - if( p == end ) - return( 0 ); - - /* - * salt_len - */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 2 ) ) == 0 ) - { - end2 = p + len; - - if( ( ret = asn1_get_int( &p, end2, salt_len ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); - - if( p != end2 ) - return( POLARSSL_ERR_X509_INVALID_ALG + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); - } - else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); - - if( p == end ) - return( 0 ); - - /* - * trailer_field - */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 3 ) ) == 0 ) - { - end2 = p + len; - - if( ( ret = asn1_get_int( &p, end2, trailer_field ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); - - if( p != end2 ) - return( POLARSSL_ERR_X509_INVALID_ALG + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); - } - else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); - - if( p != end ) - return( POLARSSL_ERR_X509_INVALID_ALG + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); - - return( 0 ); -} -#endif /* POLARSSL_RSASSA_PSS_CERTIFICATES */ - /* * AttributeTypeAndValue ::= SEQUENCE { * type AttributeType, @@ -543,39 +334,14 @@ int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig ) return( 0 ); } -/* - * Get signature algorithm from alg OID and optional parameters - */ -int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params, - md_type_t *md_alg, pk_type_t *pk_alg ) +int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg, + pk_type_t *pk_alg ) { - int ret; + int ret = oid_get_sig_alg( sig_oid, md_alg, pk_alg ); - if( ( ret = oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 ) + if( ret != 0 ) return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG + ret ); -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - if( *pk_alg == POLARSSL_PK_RSASSA_PSS ) - { - int salt_len, trailer_field; - md_type_t mgf_md; - - /* Make sure params are valid */ - ret = x509_get_rsassa_pss_params( sig_params, - md_alg, &mgf_md, &salt_len, &trailer_field ); - if( ret != 0 ) - return( ret ); - - } - else -#endif - { - /* Make sure parameters are absent or NULL */ - if( ( sig_params->tag != ASN1_NULL && sig_params->tag != 0 ) || - sig_params->len != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG ); - } - return( 0 ); } @@ -811,52 +577,6 @@ int x509_serial_gets( char *buf, size_t size, const x509_buf *serial ) return( (int) ( size - n ) ); } -/* - * Helper for writing signature alrogithms - */ -int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid, - pk_type_t pk_alg, const x509_buf *sig_params ) -{ - int ret; - char *p = buf; - size_t n = size; - const char *desc = NULL; - - ret = oid_get_sig_alg_desc( sig_oid, &desc ); - if( ret != 0 ) - ret = snprintf( p, n, "???" ); - else - ret = snprintf( p, n, "%s", desc ); - SAFE_SNPRINTF(); - -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - if( pk_alg == POLARSSL_PK_RSASSA_PSS ) - { - md_type_t md_alg, mgf_md; - const md_info_t *md_info, *mgf_md_info; - int salt_len, trailer_field; - - if( ( ret = x509_get_rsassa_pss_params( sig_params, - &md_alg, &mgf_md, &salt_len, &trailer_field ) ) != 0 ) - return( ret ); - - md_info = md_info_from_type( md_alg ); - mgf_md_info = md_info_from_type( mgf_md ); - - ret = snprintf( p, n, " (%s, MGF1-%s, 0x%02X, %d)", - md_info ? md_info->name : "???", - mgf_md_info ? mgf_md_info->name : "???", - salt_len, trailer_field ); - SAFE_SNPRINTF(); - } -#else - ((void) pk_alg); - ((void) sig_params); -#endif /* POLARSSL_RSASSA_PSS_CERTIFICATES */ - - return( (int) size - n ); -} - /* * Helper for writing "RSA key size", "EC key size", etc */ diff --git a/library/x509_crl.c b/library/x509_crl.c index 92ede6d49..e3ebbff1a 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -250,15 +250,11 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ) size_t len; unsigned char *p, *end; x509_crl *crl; - x509_buf sig_params; - #if defined(POLARSSL_PEM_PARSE_C) size_t use_len; pem_context pem; #endif - memset( &sig_params, 0, sizeof( x509_buf ) ); - crl = chain; /* @@ -377,7 +373,7 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ) * signature AlgorithmIdentifier */ if( ( ret = x509_crl_get_version( &p, end, &crl->version ) ) != 0 || - ( ret = x509_get_alg( &p, end, &crl->sig_oid1, &sig_params ) ) != 0 ) + ( ret = x509_get_alg_null( &p, end, &crl->sig_oid1 ) ) != 0 ) { x509_crl_free( crl ); return( ret ); @@ -391,17 +387,13 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ) return( POLARSSL_ERR_X509_UNKNOWN_VERSION ); } - if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &sig_params, - &crl->sig_md, &crl->sig_pk ) ) != 0 ) + if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &crl->sig_md, + &crl->sig_pk ) ) != 0 ) { x509_crl_free( crl ); return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG ); } -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - memcpy( &crl->sig_params, &sig_params, sizeof( x509_buf ) ); -#endif - /* * issuer Name */ @@ -486,20 +478,14 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ) * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING */ - if( ( ret = x509_get_alg( &p, end, &crl->sig_oid2, &sig_params ) ) != 0 ) + if( ( ret = x509_get_alg_null( &p, end, &crl->sig_oid2 ) ) != 0 ) { x509_crl_free( crl ); return( ret ); } if( crl->sig_oid1.len != crl->sig_oid2.len || - memcmp( crl->sig_oid1.p, crl->sig_oid2.p, crl->sig_oid1.len ) != 0 -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - || - crl->sig_params.len != sig_params.len || - memcmp( crl->sig_params.p, sig_params.p, sig_params.len ) != 0 -#endif - ) + memcmp( crl->sig_oid1.p, crl->sig_oid2.p, crl->sig_oid1.len ) != 0 ) { x509_crl_free( crl ); return( POLARSSL_ERR_X509_SIG_MISMATCH ); @@ -625,12 +611,8 @@ int x509_crl_info( char *buf, size_t size, const char *prefix, int ret; size_t n; char *p; + const char *desc; const x509_crl_entry *entry; -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - const x509_buf *sig_params = &crl->sig_params; -#else - const x509_buf *sig_params = NULL; -#endif p = buf; n = size; @@ -686,7 +668,11 @@ int x509_crl_info( char *buf, size_t size, const char *prefix, ret = snprintf( p, n, "\n%ssigned using : ", prefix ); SAFE_SNPRINTF(); - ret = x509_sig_alg_gets( p, n, &crl->sig_oid1, crl->sig_pk, sig_params ); + ret = oid_get_sig_alg_desc( &crl->sig_oid1, &desc ); + if( ret != 0 ) + ret = snprintf( p, n, "???" ); + else + ret = snprintf( p, n, "%s", desc ); SAFE_SNPRINTF(); ret = snprintf( p, n, "\n" ); diff --git a/library/x509_crt.c b/library/x509_crt.c index 4c79a7a6c..d18e117fb 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -529,9 +529,6 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, int ret; size_t len; unsigned char *p, *end, *crt_end; - x509_buf sig_params; - - memset( &sig_params, 0, sizeof( x509_buf ) ); /* * Check for valid input @@ -595,8 +592,7 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, */ if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 || ( ret = x509_get_serial( &p, end, &crt->serial ) ) != 0 || - ( ret = x509_get_alg( &p, end, &crt->sig_oid1, - &sig_params ) ) != 0 ) + ( ret = x509_get_alg_null( &p, end, &crt->sig_oid1 ) ) != 0 ) { x509_crt_free( crt ); return( ret ); @@ -610,17 +606,13 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, return( POLARSSL_ERR_X509_UNKNOWN_VERSION ); } - if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &sig_params, - &crt->sig_md, &crt->sig_pk ) ) != 0 ) + if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &crt->sig_md, + &crt->sig_pk ) ) != 0 ) { x509_crt_free( crt ); return( ret ); } -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - memcpy( &crt->sig_params, &sig_params, sizeof( x509_buf ) ); -#endif - /* * issuer Name */ @@ -741,20 +733,14 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING */ - if( ( ret = x509_get_alg( &p, end, &crt->sig_oid2, &sig_params ) ) != 0 ) + if( ( ret = x509_get_alg_null( &p, end, &crt->sig_oid2 ) ) != 0 ) { x509_crt_free( crt ); return( ret ); } if( crt->sig_oid1.len != crt->sig_oid2.len || - memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - || - crt->sig_params.len != sig_params.len || - memcmp( crt->sig_params.p, sig_params.p, sig_params.len ) != 0 -#endif - ) + memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 ) { x509_crt_free( crt ); return( POLARSSL_ERR_X509_SIG_MISMATCH ); @@ -1124,12 +1110,8 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, int ret; size_t n; char *p; + const char *desc = NULL; char key_size_str[BEFORE_COLON]; -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - const x509_buf *sig_params = &crt->sig_params; -#else - const x509_buf *sig_params = NULL; -#endif p = buf; n = size; @@ -1171,7 +1153,11 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, ret = snprintf( p, n, "\n%ssigned using : ", prefix ); SAFE_SNPRINTF(); - ret = x509_sig_alg_gets( p, n, &crt->sig_oid1, crt->sig_pk, sig_params ); + ret = oid_get_sig_alg_desc( &crt->sig_oid1, &desc ); + if( ret != 0 ) + ret = snprintf( p, n, "???" ); + else + ret = snprintf( p, n, "%s", desc ); SAFE_SNPRINTF(); if( ( ret = x509_key_size_helper( key_size_str, BEFORE_COLON, diff --git a/library/x509_csr.c b/library/x509_csr.c index bdadec3e3..4fb9ac228 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -89,7 +89,6 @@ int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen ) int ret; size_t len; unsigned char *p, *end; - x509_buf sig_params; #if defined(POLARSSL_PEM_PARSE_C) size_t use_len; pem_context pem; @@ -244,23 +243,19 @@ int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen ) * signatureAlgorithm AlgorithmIdentifier, * signature BIT STRING */ - if( ( ret = x509_get_alg( &p, end, &csr->sig_oid, &sig_params ) ) != 0 ) + if( ( ret = x509_get_alg_null( &p, end, &csr->sig_oid ) ) != 0 ) { x509_csr_free( csr ); return( ret ); } - if( ( ret = x509_get_sig_alg( &csr->sig_oid, &sig_params, - &csr->sig_md, &csr->sig_pk ) ) != 0 ) + if( ( ret = x509_get_sig_alg( &csr->sig_oid, &csr->sig_md, + &csr->sig_pk ) ) != 0 ) { x509_csr_free( csr ); return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG ); } -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - memcpy( &csr->sig_params, &sig_params, sizeof( x509_buf ) ); -#endif - if( ( ret = x509_get_sig( &p, end, &csr->sig ) ) != 0 ) { x509_csr_free( csr ); @@ -362,12 +357,8 @@ int x509_csr_info( char *buf, size_t size, const char *prefix, int ret; size_t n; char *p; + const char *desc; char key_size_str[BEFORE_COLON]; -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - const x509_buf *sig_params = &csr->sig_params; -#else - const x509_buf *sig_params = NULL; -#endif p = buf; n = size; @@ -384,7 +375,11 @@ int x509_csr_info( char *buf, size_t size, const char *prefix, ret = snprintf( p, n, "\n%ssigned using : ", prefix ); SAFE_SNPRINTF(); - ret = x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, sig_params ); + ret = oid_get_sig_alg_desc( &csr->sig_oid, &desc ); + if( ret != 0 ) + ret = snprintf( p, n, "???" ); + else + ret = snprintf( p, n, "%s", desc ); SAFE_SNPRINTF(); if( ( ret = x509_key_size_helper( key_size_str, BEFORE_COLON, diff --git a/tests/data_files/crl-rsa-pss-sha1.pem b/tests/data_files/crl-rsa-pss-sha1.pem deleted file mode 100644 index 59ca4f703..000000000 --- a/tests/data_files/crl-rsa-pss-sha1.pem +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN X509 CRL----- -MIICJDCCAQYCAQEwEwYJKoZIhvcNAQEKMAaiBAICAOowOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBFw0x -NDAxMjAxMzQ2MzVaFw0yNDAxMTgxMzQ2MzVaMCgwEgIBChcNMTMwOTI0MTYyODM4 -WjASAgEWFw0xNDAxMjAxMzQzMDVaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5 -1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NM -MRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQC -AgDqA4IBAQB8ZBX0BEgRcx0lfk1ctELRu1AYoJ5BnsmQpq23Ca4YIP2yb2kTN1ZS -4fR4SgYcNctgo2JJiNiUkCu1ZnRUOJUy8UlEio0+aeumTNz6CbeJEDhr5NC3oiV0 -MzvLn9rJVLPetOT9UrvvIy8iz5Pn1d8mu5rkt9BKQRq9NQx8riKnSIoTc91NLCMo -mkCCB55DVbazODSWK19e6yQ0JS454RglOsqRtLJ/EDbi6lCsLXotFt3GEGMrob1O -7Qck1Z59boaHxGYFEVnx90+4M3/qikVtwZdcBjLEmfuwYvszFw8J2y6Xwmg/HtUa -y6li0JzWNHtkKUlCv2+SESZbD3NU8GQZ ------END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha224.pem b/tests/data_files/crl-rsa-pss-sha224.pem deleted file mode 100644 index a51d5d911..000000000 --- a/tests/data_files/crl-rsa-pss-sha224.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN X509 CRL----- -MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgShGjAYBgkq -hkiG9w0BAQgwCwYJYIZIAWUDBAIEogQCAgDiMDsxCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw -MTM1NjA2WhcNMjQwMTE4MTM1NjA2WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB -FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r -PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG -A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG -SAFlAwQCBKEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIDggEBAEJI -i9sQOzMvvOTksN48+X+kk/wkLMKRGI222lqU6y6tP1LX3OE/+KN8gPXR+lCC+e0v -TsRTJkpKEcmHZoP/8kOtZnLb9PdITKGMQnZ+dmn5MFEzZI/zyrYWuJTuK1Q83w0e -Mc88cAhu8i4PTk/WnsWDphK1Q2YRupmmwWSUpp1Z2rpR+YSCedC01TVrtSUJUBw9 -NSqKDhyWYJIbS6/bFaERswC8xlMRhyLHUvikjmAK36TbIdhTnEffHOPW75sEOEEB -f0A3VtlZ7y5yt2/a6vOauJCivxKt/PutdHfBqH43QQmoVLWC2FmT9ADTJwcsZB3D -a6JSqCIMRCQY2JOUn0A= ------END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha256.pem b/tests/data_files/crl-rsa-pss-sha256.pem deleted file mode 100644 index f16a49118..000000000 --- a/tests/data_files/crl-rsa-pss-sha256.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN X509 CRL----- -MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgGhGjAYBgkq -hkiG9w0BAQgwCwYJYIZIAWUDBAIBogQCAgDeMDsxCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw -MTM1NjE2WhcNMjQwMTE4MTM1NjE2WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB -FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r -PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG -A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG -SAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAEZ4 -oqp9i5eXrN6aCSTaU1j07MVTFW/U1jQAq6GseB6bEvoEXFMUHJsgAObqCK9flfEC -FEqXqWSo33hhPU7AKKttbDLjUYRNnQAPRUnRIl1/a1+UjqgKchWWD9ityeW8ICxo -IdATX9reYmPDLIMqTC7zuflYkvrvdEOuBORQP5mn4j8t84MSQF/p4qzaU0XxLo4X -ckzZCcHpa45AApCDjJMd9onhFVCYsykiYrF9NQFO8TI4lQ5jv79GoufEzvhY1SPB -r1xz4sMpfyaoPaa3SM2/nD65E5jzXell2u2VWNGKv4zAQP0E5yGel+1rklBltadb -XLdJyyak33CLBKu+nJc= ------END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha384.pem b/tests/data_files/crl-rsa-pss-sha384.pem deleted file mode 100644 index 50f7e4cd2..000000000 --- a/tests/data_files/crl-rsa-pss-sha384.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN X509 CRL----- -MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgKhGjAYBgkq -hkiG9w0BAQgwCwYJYIZIAWUDBAICogQCAgDOMDsxCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw -MTM1NjI4WhcNMjQwMTE4MTM1NjI4WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB -FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r -PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG -A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG -SAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4DggEBAAco -SntUGDLBOAu0IIZaVea5Nt1NMsMcppC0hWPuH1LKAwyUODBqpT+0+AuALK0eIdYR -a7mAB+cv2fFwmwxnQWJ1Fvx4ft/N2AAfB83VRKpSo3xR8bxloHfTWKmyxJHmH9j1 -EYmLS86rj3Nhjf4m/YlQQ3Im5HwOgSgBOE8glq5D+0Wmsi9LsNEZXEzMw7TMUgbs -y9o/ghYF/shKU4mewK3DeM9gQiTcH5A4ISXR87hBQ08AKJRAG1CLvTyzqWiUUY+k -q8iZDYF17sHrPi2yn8q9c4zdxiaWDGDdL0Lh90wXGTAageoGEq25TMuL5FpX+u1u -KUH/xf1jEnNzbYNGiZw= ------END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha512.pem b/tests/data_files/crl-rsa-pss-sha512.pem deleted file mode 100644 index 0f1d6510b..000000000 --- a/tests/data_files/crl-rsa-pss-sha512.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN X509 CRL----- -MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgOhGjAYBgkq -hkiG9w0BAQgwCwYJYIZIAWUDBAIDogQCAgC+MDsxCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw -MTM1NjM4WhcNMjQwMTE4MTM1NjM4WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB -FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r -PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG -A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG -SAFlAwQCA6EaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4DggEBAB9F -ywBfxOjetxNbCFhOYoPY2jvFCFVdlowMGuxEhX/LktqiBXqRc2r5naQSzuHqO8Iq -1zACtiDLri0CvgSHlravBNeY4c2wj//ueFE89tY5pK9E6vZp7cV+RfMx2YfGPAA2 -t7tWZ2rJWzELg8cZ8hpjSwFH7JmgJzjE5gi2gADhBYO6Vv5S3SOgqNjiN1OM31AU -p6GHK5Y1jurF5Zwzs+w3wXoXgpOxxwEC4eiS86c9kNSudwTLvDTU0bYEQE1cF+K0 -sB8QWABFJfuO5kjD2w3rWgmAiOKsZoxd1xrda+WD3JhDXnoVq3oVBIVlWVz6YID8 -enMfMvwScA5AImzu9xA= ------END X509 CRL----- diff --git a/tests/data_files/server5.req.sha1 b/tests/data_files/server5.req.sha1 deleted file mode 100644 index 1a14a1501..000000000 --- a/tests/data_files/server5.req.sha1 +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBGDCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ -BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 -CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN -Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P -BAQDAgXgMAkGByqGSM49BAEDSQAwRgIhALSf2Mj3er+ocZCN++aEoIp5PQ9JCkPY -b88ghuTyS7DCAiEA+CnVzNN0I2kpnmKUOUcXxLcjoPaLROgxtubDvKv5ckM= ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server5.req.sha224 b/tests/data_files/server5.req.sha224 deleted file mode 100644 index 276683410..000000000 --- a/tests/data_files/server5.req.sha224 +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBGDCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ -BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 -CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN -Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P -BAQDAgXgMAoGCCqGSM49BAMBA0gAMEUCIDYaN1m9MRk5mhX1U8aZKd0alyGKWqcR -oglF2MsIii/2AiEAjFHs8XQ0Q4yDF8oLztCxlq3nAvqmPdQz9T+TkEfh+PA= ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server5.req.sha256 b/tests/data_files/server5.req.sha256 deleted file mode 100644 index c59e15f99..000000000 --- a/tests/data_files/server5.req.sha256 +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBFzCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ -BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 -CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN -Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P -BAQDAgXgMAoGCCqGSM49BAMCA0cAMEQCIGmRFdjjd53oM2Zpt3E5vfqujnA+DHWk -s9OudcSWBdjmAiA7BAYjGnXyL6ATPqM7qnLVGTf3JMT+1rXl7esBm/0APA== ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server5.req.sha384 b/tests/data_files/server5.req.sha384 deleted file mode 100644 index 87556c6c3..000000000 --- a/tests/data_files/server5.req.sha384 +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBFzCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ -BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 -CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN -Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P -BAQDAgXgMAoGCCqGSM49BAMDA0cAMEQCIDnO+PIPZJGqiky9unvq13uXxahw1bpk -Zb5NRV0c06Q5AiAo5B49tp3kDN/n0BDNt1BBGLUfhcU+Qn2SQenCyfuGLg== ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server5.req.sha512 b/tests/data_files/server5.req.sha512 deleted file mode 100644 index 607741e3e..000000000 --- a/tests/data_files/server5.req.sha512 +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBGDCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ -BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 -CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN -Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P -BAQDAgXgMAoGCCqGSM49BAMEA0gAMEUCIQD8xdtluTiBJM50d/WvDeUvPbXOUMlL -8xEJXU2WOK+RLAIgS8U6Z8tlJpXLEisz/j4gdABG3Y3h4PBJjlpszFisTNo= ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server9-sha224.crt b/tests/data_files/server9-sha224.crt deleted file mode 100644 index 1b05f313a..000000000 --- a/tests/data_files/server9-sha224.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBFzA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCBKEa -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIwOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTczNloXDTI0MDExODEzNTczNlowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCBKEaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIDggEBADJExjfWWvL28lgj+GGgviqo -PHZLxI0pLQUnFJQ9Kpu6jxfICseBF00Z6BJE/RcYDpIie5GDt/8u/i6xB6Li29Pm -g5nANgd/Y3fFnW7d0ydVjiSnetlPuf/jTlWQl6mQTH2xqYu8J8d3JRxQdRiDYbVm -uywW2d6rksiqm6dPD5l4A5DcemcYo8f/1Ifj5WNDCV8/OHex+AnW2ccDvWAnVgSR -B2VpOXJzVFuBsuf4tGVm/2TUMSB6NcvFc6TeJk1kzbZxii4QjKXtH1SfrVP59iEe -l17NYAEWARjBpQWBiutRG+QM2et0sNiUBuWxTkvd0eSgencNysVAOsZqrqaX3CY= ------END CERTIFICATE----- diff --git a/tests/data_files/server9-sha256.crt b/tests/data_files/server9-sha256.crt deleted file mode 100644 index 7d0aa3956..000000000 --- a/tests/data_files/server9-sha256.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4wOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAH0+knqkcLaxeDkenBQgd4Qg -3ZyAhtpiLU689mw+3cXB/uzFrCIxEL5aGh1eSj+DszB+FtsZ06ux7JVQqVOA2Wm9 -yLxC6wF8OOYj0nBa91BWLhRAHLhmIdWsVk7Hl9KojZd4TwV2N+ZEV/BLxyoRvK4H -V4xCpzgDSiTPe8Etk4r+0akbr6bsOUBayPb7MGLHubZKq8NsFAmmynp+fPmHd3SE -0ooJdiZ1MmKPKLE5Og/hXCI8qeiXQUR6oQ7b2XONsrI2HIj2SA9dA5qmHwE5PbMu -zqxQ3R83boqLXbkFORn+UiYLmffqdoWuNy00BHMCrxRA9DUv+WyN4npLMF8rOJw= ------END CERTIFICATE----- diff --git a/tests/data_files/server9-sha384.crt b/tests/data_files/server9-sha384.crt deleted file mode 100644 index aaa63e6ed..000000000 --- a/tests/data_files/server9-sha384.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBGTA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEa -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4wOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTc1OFoXDTI0MDExODEzNTc1OFowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4DggEBABf8Gyq2VYuN1EBW1nOapDQp -B/KuafNW2GEJ7FmQKNyA7MIj1Yqo2MtJ6/OQojRQ3F5rnO4yjmvIPsXeQaMxJBiI -aaoAlLpH++F+oXMq/0aS0WSZrSLrsh2Fpay9cBDGwek2rDOX9kM+ZcPzGitVwWKX -TnOW22hpcl7u95CpZH+JZTcto5nL3tTyV9pIy+tSKQQfjPB+G0TAZCsOkbCGPLug -qdjvqFQwOf15VxQMj7NRiXjlqJvsx+I7B2AIhrs4DzQMEyiWq9S/PzpQuFU5v/Kg -s2iMLJ5ygv5aN3PYqGlE1ZmvgyRp5h/LaTGI2L6lzRTnecOhtPv30N2tyaDAEfo= ------END CERTIFICATE----- diff --git a/tests/data_files/server9-sha512.crt b/tests/data_files/server9-sha512.crt deleted file mode 100644 index a211b921d..000000000 --- a/tests/data_files/server9-sha512.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBGjA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCA6Ea -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4wOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTgxMloXDTI0MDExODEzNTgxMlowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCA6EaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4DggEBACdVozFq6rUiXo+ib5Y2oPsR -6xxl4Ydn3LpUoYrPpTOrhcXJWW/tOLHGuCF/mSRfUzKaMIfL418cZHYnvumvuttu -6z3tp5E1VsiZCU2MWJnzjKSxFBOss43AmpJHHoapGFZu2pxObBPqegAKHYkKWOLk -tJDj47PurWgEek9j1nL7Pc1tVf59fm/ySp4fWkXLLvQiKid1516VioLyacUvK3zU -6Egz8jMt7D5c9KpaExLRTANVsThqO5/dmR36bOwm3Hpbde7DNdgxru41tiLMqJs/ -5pX3ceaJ1XQ/l0idj5/9ipvqHHUguyk7H22HwQHQdSD9oIha8kEM3P6CjpfE7yY= ------END CERTIFICATE----- diff --git a/tests/data_files/server9.crt b/tests/data_files/server9.crt deleted file mode 100644 index a6f9fbc76..000000000 --- a/tests/data_files/server9.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG -EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg -Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO -TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq -hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g -HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo -r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0 -qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ -wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w -OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh -clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR -vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6 -te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW -Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj -88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw -JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1 -o4Hl/lqjwCEG ------END CERTIFICATE----- diff --git a/tests/data_files/server9.key b/tests/data_files/server9.key deleted file mode 100644 index e005864f9..000000000 --- a/tests/data_files/server9.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAequgOwrsTQNuK -Eo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv5zibCItjmToK -Je5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSpC9pAlQIDAQAB -AoGAHFCE2tBL0xB45Go/1e/Pi9//OVZAJ3Cw0mmEuqjVNB7I6zxhYhviWbgz92+V -g92KBlU9CIx0/ZhGMyHRNO0uYNEZUJyM8zItoo/nmU31+VaHOGgpei04HZrn1Nmw -QS01FVrn9wzKR/5qeEBmxE7rVMDQo8QLnllC3jXzIVUtX4ECQQD2g9dleWYbqIQe -Q9paXxzvODhCzNtQwD0PnOKc54Nu4zm3JI45REtunmG8et+Ncms9RycTjNlWPGJT -62jgaJexAkEA5ZMNv4u9NNRfZprmlNyvjSOf+w7fdKzhcnkHbGkfLnFdc7vq0XFC -nwORsdjpOvWQUwrV2Cw8Pl4rKa4B4iqUJQJBAMVti6maU3udN8qhXxP3js3LwctG -E/OVMpH5fMha5jl9w/B4V2tn1d3O/MmdwsKeu2JFRPd0W2+kRr+dDs6DFdECQQC1 -3g9QJRWY2n1RPXlZiJKSDxzXuOqQ9bwMAZE98vE+y5Qq8T2O+li6vAsZhysNCChz -gOvzuudmyRcMh8r6Lpz5AkAUKK3gYtJFiVH2arRig3JjZJqixgSTolMT1n+HG4uM -tnBqBiEBVwBxEqaohla/rHR5joZCdcDN8xq0yeTQyLH9 ------END RSA PRIVATE KEY----- diff --git a/tests/data_files/server9.req.sha1 b/tests/data_files/server9.req.sha1 deleted file mode 100644 index b9d005382..000000000 --- a/tests/data_files/server9.req.sha1 +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBojCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw -EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R -ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX -yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY -mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B -CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMBIGCSqGSIb3DQEBCjAFogMC -AWoDgYEA2n8SOoiJCs+YyH2VXoUVxhutdXGP4+7cECakl2mmVEKhxXDMEG7hEFkB -mkk4b1kRNOQHKqUq3crfi0OkMcPGkPiLlYLKgT51CgsBhuJaMsdCYo/5POgTZD4u -FI5gfyO70Xpq9QmrWEqqTdalRG7+UmGa3VEUVyXTDnQZfU1N2QE= ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server9.req.sha224 b/tests/data_files/server9.req.sha224 deleted file mode 100644 index fe1c797ed..000000000 --- a/tests/data_files/server9.req.sha224 +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBzTCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw -EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R -ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX -yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY -mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B -CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMD0GCSqGSIb3DQEBCjAwoA0w -CwYJYIZIAWUDBAIEoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCBKIDAgFiA4GB -AMlYYZKqpDqg5UZZq3NB3QUR9qftY/52/0gPfruw5s2gNtFmG1uyEBJX/oc7C/fU -lxo74HDraWJyvP7c3MMhOuwr/RfPNQhA2Hgwz9RuJIBhQrJfiZuHsCfiKVofMuMf -ar/4EKfyoELDdilhg6i+abahGOkqyXsjavFtyDSeCpXH ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server9.req.sha256 b/tests/data_files/server9.req.sha256 deleted file mode 100644 index 0ef9ef028..000000000 --- a/tests/data_files/server9.req.sha256 +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBzTCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw -EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R -ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX -yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY -mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B -CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMD0GCSqGSIb3DQEBCjAwoA0w -CwYJYIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIDAgFeA4GB -ACUaCTidvzWVJNKmRrriufThGUfw5Xgdsc3Ga8Cx+vRf+bPZmR3NVkc0Zq9uc0+8 -d1WXaLzbmge6IbcvTPWCLNDAWI9UzoQ6WS9myM3eDEGdruClYwb5BVLx3MvhvooK -L/H6snE1dHNPXyCNVFTJIll3bRlVMRsfZpDhmz8/ImJ4 ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server9.req.sha384 b/tests/data_files/server9.req.sha384 deleted file mode 100644 index 010345027..000000000 --- a/tests/data_files/server9.req.sha384 +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBzTCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw -EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R -ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX -yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY -mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B -CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMD0GCSqGSIb3DQEBCjAwoA0w -CwYJYIZIAWUDBAICoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAqIDAgFOA4GB -ANfZGK6nE/CP9PuALFzbA/mvOnYlI60pMowscRfCYpvR25iQJVhAJfYVXADRN3qd -NAiFWNVcjFMIkRlq7qifBN97VHGeYoWIuw9gYEb3OqDGzOsYP0KIgMNt8/A4qCkj -5MzolOYyT+N+QFGV0pdCNpX7QppfNdFyFAmWXa171RzG ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server9.req.sha512 b/tests/data_files/server9.req.sha512 deleted file mode 100644 index 676b5c996..000000000 --- a/tests/data_files/server9.req.sha512 +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBzTCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw -EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R -ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX -yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY -mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B -CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMD0GCSqGSIb3DQEBCjAwoA0w -CwYJYIZIAWUDBAIDoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCA6IDAgE+A4GB -ACxWBhPkhyVlBY/mwkrW7OjYsaN2/ZlFSv76w63b61BpigReJsggMut5EPOgfGYJ -rzygKDlF/NtmMN22jWrFup9LsZJAX0gYbLmliiaG9Hch+i/8b42oaQTDWGFZ9LiY -W7F7X0f9lpzNKOtQ8ix0s+nYS2ONyzfu55+Rlzf8/63M ------END CERTIFICATE REQUEST----- diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 58af01aa6..f9a536681 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -42,26 +42,6 @@ X509 Certificate information SHA512 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C x509_cert_info:"data_files/cert_sha512.crt":"cert. version \: 3\nserial number \: 0B\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512\nissued on \: 2011-02-12 14\:44\:07\nexpires on \: 2021-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\n" -X509 Certificate information RSA-PSS, SHA1 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C -x509_cert_info:"data_files/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA, 1)\nRSA key size \: 1024 bits\n" - -X509 Certificate information RSA-PSS, SHA224 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C -x509_cert_info:"data_files/server9-sha224.crt":"cert. version \: 3\nserial number \: 17\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:36\nexpires on \: 2024-01-18 13\:57\:36\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2, 1)\nRSA key size \: 1024 bits\n" - -X509 Certificate information RSA-PSS, SHA256 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C -x509_cert_info:"data_files/server9-sha256.crt":"cert. version \: 3\nserial number \: 18\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:45\nexpires on \: 2024-01-18 13\:57\:45\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE, 1)\nRSA key size \: 1024 bits\n" - -X509 Certificate information RSA-PSS, SHA384 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C -x509_cert_info:"data_files/server9-sha384.crt":"cert. version \: 3\nserial number \: 19\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:58\nexpires on \: 2024-01-18 13\:57\:58\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE, 1)\nRSA key size \: 1024 bits\n" - -X509 Certificate information RSA-PSS, SHA512 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C -x509_cert_info:"data_files/server9-sha512.crt":"cert. version \: 3\nserial number \: 1A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:58\:12\nexpires on \: 2024-01-18 13\:58\:12\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE, 1)\nRSA key size \: 1024 bits\n" - X509 Certificate information EC, SHA1 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C x509_cert_info:"data_files/server5-sha1.crt":"cert. version \: 3\nserial number \: 12\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n" @@ -130,26 +110,6 @@ X509 CRL Information SHA512 Digest depends_on:POLARSSL_PEM_PARSE_C x509_crl_info:"data_files/crl_sha512.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\n" -X509 CRL information RSA-PSS, SHA1 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C -x509_crl_info:"data_files/crl-rsa-pss-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:46\:35\nnext update \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA, 1)\n" - -X509 CRL information RSA-PSS, SHA224 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C -x509_crl_info:"data_files/crl-rsa-pss-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:06\nnext update \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2, 1)\n" - -X509 CRL information RSA-PSS, SHA256 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C -x509_crl_info:"data_files/crl-rsa-pss-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:16\nnext update \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE, 1)\n" - -X509 CRL information RSA-PSS, SHA384 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C -x509_crl_info:"data_files/crl-rsa-pss-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:28\nnext update \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE, 1)\n" - -X509 CRL information RSA-PSS, SHA512 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C -x509_crl_info:"data_files/crl-rsa-pss-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:38\nnext update \: 2024-01-18 13\:56\:38\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE, 1)\n" - X509 CRL Information EC, SHA1 Digest depends_on:POLARSSL_PEM_PARSE_C x509_crl_info:"data_files/crl-ec-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA1\n" @@ -170,74 +130,6 @@ X509 CRL Information EC, SHA512 Digest depends_on:POLARSSL_PEM_PARSE_C x509_crl_info:"data_files/crl-ec-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA512\n" -X509 CSR Information RSA with MD4 -depends_on:POLARSSL_PEM_PARSE_C -x509_csr_info:"data_files/server1.req.md4":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\n" - -X509 CSR Information RSA with MD5 -depends_on:POLARSSL_PEM_PARSE_C -x509_csr_info:"data_files/server1.req.md5":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\n" - -X509 CSR Information RSA with SHA1 -depends_on:POLARSSL_PEM_PARSE_C -x509_csr_info:"data_files/server1.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\n" - -X509 CSR Information RSA with SHA224 -depends_on:POLARSSL_PEM_PARSE_C -x509_csr_info:"data_files/server1.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\n" - -X509 CSR Information RSA with SHA256 -depends_on:POLARSSL_PEM_PARSE_C -x509_csr_info:"data_files/server1.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" - -X509 CSR Information RSA with SHA384 -depends_on:POLARSSL_PEM_PARSE_C -x509_csr_info:"data_files/server1.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\n" - -X509 CSR Information RSA with SHA512 -depends_on:POLARSSL_PEM_PARSE_C -x509_csr_info:"data_files/server1.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\n" - -X509 CSR Information EC with SHA1 -depends_on:POLARSSL_PEM_PARSE_C -x509_csr_info:"data_files/server5.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n" - -X509 CSR Information EC with SHA224 -depends_on:POLARSSL_PEM_PARSE_C -x509_csr_info:"data_files/server5.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\n" - -X509 CSR Information EC with SHA256 -depends_on:POLARSSL_PEM_PARSE_C -x509_csr_info:"data_files/server5.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n" - -X509 CSR Information EC with SHA384 -depends_on:POLARSSL_PEM_PARSE_C -x509_csr_info:"data_files/server5.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\n" - -X509 CSR Information EC with SHA512 -depends_on:POLARSSL_PEM_PARSE_C -x509_csr_info:"data_files/server5.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\n" - -X509 CSR Information RSA-PSS with SHA1 -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C -x509_csr_info:"data_files/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A, 1)\nRSA key size \: 1024 bits\n" - -X509 CSR Information RSA-PSS with SHA224 -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C -x509_csr_info:"data_files/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62, 1)\nRSA key size \: 1024 bits\n" - -X509 CSR Information RSA-PSS with SHA256 -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C -x509_csr_info:"data_files/server9.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x5E, 1)\nRSA key size \: 1024 bits\n" - -X509 CSR Information RSA-PSS with SHA384 -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C -x509_csr_info:"data_files/server9.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0x4E, 1)\nRSA key size \: 1024 bits\n" - -X509 CSR Information RSA-PSS with SHA512 -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C -x509_csr_info:"data_files/server9.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0x3E, 1)\nRSA key size \: 1024 bits\n" - X509 Get Distinguished Name #1 depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C x509_dn_gets:"data_files/server1.crt":"subject":"C=NL, O=PolarSSL, CN=PolarSSL Server 1" diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 77e0336ae..d992c1d18 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -1,7 +1,6 @@ /* BEGIN_HEADER */ #include #include -#include #include #include @@ -76,28 +75,6 @@ void x509_crl_info( char *crl_file, char *result_str ) } /* END_CASE */ -/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_CSR_PARSE_C */ -void x509_csr_info( char *csr_file, char *result_str ) -{ - x509_csr csr; - char buf[2000]; - int res; - - x509_csr_init( &csr ); - memset( buf, 0, 2000 ); - - TEST_ASSERT( x509_csr_parse_file( &csr, csr_file ) == 0 ); - res = x509_csr_info( buf, 2000, "", &csr ); - - x509_csr_free( &csr ); - - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); - - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); -} -/* END_CASE */ - /* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_CRT_PARSE_C:POLARSSL_X509_CRL_PARSE_C */ void x509_verify( char *crt_file, char *ca_file, char *crl_file, char *cn_name_str, int result, int flags_result,