Commit Graph

71 Commits

Author SHA1 Message Date
Hanno Becker
63ee8c1b73 Check threshold for POLARSSL_X509_MAX_INTERMEDIATE_CA in X509 tests
The X509 test suite assumes that POLARSSL_X509_MAX_INTERMEDIATE_CA is below
the hardcoded threshold 20 used in the long certificate chain generating
script tests/data_files/dir-max/long.sh. This commit adds a compile-time
check for that.
2017-07-28 13:15:57 +01:00
Manuel Pégourié-Gonnard
8af7bfa982 Improve behaviour on fatal errors
If we didn't walk the whole chain, then there may be any kind of errors in the
part of the chain we didn't check, so setting all flags looks like the safe
thing to do.
2017-07-28 13:15:57 +01:00
Manuel Pégourié-Gonnard
7ac50196f3 Add test for limit on intermediate certificates
Inspired by test code provided by Nicholas Wilson in PR #351.

The test will fail if someone sets MAX_INTERMEDIATE_CA to a value larger than
18 (default is 8), which is hopefully unlikely and can easily be fixed by
running long.sh again with a larger value if it ever happens.

Current behaviour is suboptimal as flags are not set, but currently the goal
is only to document/test existing behaviour.
2017-07-28 13:15:14 +01:00
Andres AG
67c6df4a8a Add test for infinite loop in CRL parse 2017-01-19 17:16:47 +00:00
Andres AG
0da3e44fea Add check for validity of date in x509_get_time() 2016-10-13 17:00:01 +01:00
Manuel Pégourié-Gonnard
28e1ac5cab Use own implementation of strsep()
Not available on windows, and strtok() is not a good option
2015-11-02 06:50:46 +09:00
Janos Follath
3d98a7eee3 Additional corner cases for testing pathlen constrains. Just in case.
backport of ef4f258
2015-10-28 18:20:43 +01:00
Janos Follath
189c743d3e Added test case for pathlen constrains in intermediate certificates
backport of 822b2c3
2015-10-28 18:15:48 +01:00
Manuel Pégourié-Gonnard
8f63e95dae Fix typos that made tests be skipped 2015-09-01 18:44:47 +02:00
Manuel Pégourié-Gonnard
15f1088ef6 Add tests for verify callback
As we're about to change the chain construction logic, we want to make sure
the callback will still be called exactly when it should, and not on the
(upcoming) ignored certs in the chain.

backport of 560fea3
2015-09-01 18:29:59 +02:00
Manuel Pégourié-Gonnard
39a183a629 Add x509_crt_verify_info() 2015-04-17 17:24:25 +02:00
Manuel Pégourié-Gonnard
079333bf77 Fix use of deprecated function in test 2015-03-20 18:23:56 +00:00
Rich Evans
ce2f237697 change test function includes to use one convention 2015-02-10 11:28:46 +00:00
Manuel Pégourié-Gonnard
9ad7b6ebde Rm spurious printf from test function 2015-01-28 15:28:28 +01:00
Rich Evans
920aa9c8ee change more references to (f)printf to polarssl_(f)printf to allow overriding 2015-01-28 15:28:28 +01:00
Paul Bakker
5a5fa92bfe x509_crt_parse() did not increase total_failed on PEM error
Result was that PEM errors in files with multiple certificates were not
detectable by the user.
2014-10-03 15:47:13 +02:00
Paul Bakker
bd51b262d1 Add 'exit' label and variable initialization to relevant test suite functions 2014-07-10 16:37:50 +02:00
Paul Bakker
5b11d026cd Fix dependencies and includes without FS_IO and PLATFORM_C 2014-07-10 15:27:10 +02:00
Manuel Pégourié-Gonnard
0f7b619875 Fix tests dependencies in X509_USE_C 2014-06-24 12:54:46 +02:00
Manuel Pégourié-Gonnard
fea3102dcb Fix dependencies on X509_CRT_C in tests 2014-06-24 12:54:46 +02:00
Manuel Pégourié-Gonnard
f3b47243df Split x509_csr_parse_der() out of x509_csr_parse() 2014-06-23 11:54:57 +02:00
Manuel Pégourié-Gonnard
d77cd5d0c3 Add tests for x509_csr_parse 2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard
d1539b1e88 Rename RSASSA_PSS_CERTIFICATES to X509_RSASSA_PSS_SUPPORT 2014-06-06 16:42:37 +02:00
Manuel Pégourié-Gonnard
854036956d Add tests for x509 rsassa_pss params parsing 2014-06-06 16:32:22 +02:00
Manuel Pégourié-Gonnard
2a8d7fd76e Add tests for parsing CSRs 2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard
7afb8a0dca Add x509_crt_check_extended_key_usage() 2014-04-11 11:09:00 +02:00
Paul Bakker
5c986f5244 Make test suite checks dependent on POLARSSL_X509_CHECK_KEY_USAGE 2014-04-09 16:58:51 +02:00
Manuel Pégourié-Gonnard
603116c570 Add x509_crt_check_key_usage() 2014-04-09 15:50:57 +02:00
Manuel Pégourié-Gonnard
7afdb88216 Test and fix x509_oid functions 2014-04-04 16:34:30 +02:00
Manuel Pégourié-Gonnard
6304f786e0 Add x509_time_future() 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
c9093085ed Revert "Merged RSA-PSS support in Certificate, CSR and CRL"
This reverts commit ab50d8d30c, reversing
changes made to e31b1d992a.
2014-02-12 09:39:59 +01:00
Manuel Pégourié-Gonnard
d4fd57dda4 Add tests for parsing CSRs 2014-01-25 12:48:58 +01:00
Paul Bakker
a2ffccd09f Fixed memory leak in new x509parse test 2013-12-02 21:56:37 +01:00
Manuel Pégourié-Gonnard
fbae2a1f53 Add tests for x509_crt_parse_path() 2013-11-28 18:07:39 +01:00
Manuel Pégourié-Gonnard
201401646e Fix a few selftest typos 2013-10-10 13:21:48 +02:00
Manuel Pégourié-Gonnard
cbf3ef3861 RSA and ECDSA key exchanges don't depend on CRL 2013-09-24 21:25:53 +02:00
Manuel Pégourié-Gonnard
387a211fad Fix some dependencies in tests 2013-09-20 10:58:59 +02:00
Paul Bakker
c559c7a680 Renamed x509_cert structure to x509_crt for consistency 2013-09-18 14:32:52 +02:00
Paul Bakker
ddf26b4e38 Renamed x509parse_* functions to new form
e.g. x509parse_crtfile -> x509_crt_parse_file
2013-09-18 13:46:23 +02:00
Paul Bakker
369d2eb2a2 Introduced x509_crt_init(), x509_crl_init() and x509_csr_init() 2013-09-18 12:01:43 +02:00
Paul Bakker
86d0c1949e Generalized function names of x509 functions not parse-specific
x509parse_serial_gets -> x509_serial_gets
x509parse_dn_gets -> x509_dn_gets
x509parse_time_expired -> x509_time_expired
2013-09-18 12:01:42 +02:00
Paul Bakker
7c6b2c320e Split up X509 files into smaller modules 2013-09-16 21:41:54 +02:00
Paul Bakker
428b9ba3b7 Moved POLARSSL_FS_IO check to .function from .data 2013-09-15 15:20:37 +02:00
Paul Bakker
1a7550ac67 Moved PK key parsing from X509 module to PK module 2013-09-15 13:47:30 +02:00
Manuel Pégourié-Gonnard
df0142bd17 Fix some dependencies in tests 2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard
3fb5c5ee1c PK: rename members for consistency CIPHER, MD
Also add pk_get_name() to remove a direct access to pk_type
2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard
c6ac8870d5 Nicer interface between PK and debug.
Finally get rid of pk_context.type member, too.
2013-08-20 20:46:04 +02:00
Paul Bakker
33b43f1ec3 Converted .function file to c-like format and adapted generator code 2013-08-20 11:48:36 +02:00
Paul Bakker
dbd443dca6 Adapted .function files and .data files to new test framework
Changes include:
 - Integers marked with '#' in the .function files.
 - Strings should have "" in .data files.
 - String comparison instead of preprocessor-like replace for e.g. '=='
 - Params and variables cannot have the same name in .function files
2013-08-16 13:51:37 +02:00
Manuel Pégourié-Gonnard
de44a4aecf Rename ecp_check_prvkey with a 'i' for consistency 2013-07-09 16:42:34 +02:00