mirror of
https://github.com/cuberite/polarssl.git
synced 2025-10-02 18:14:07 -04:00
Add test for parsing SAN: rfc822Name
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
parent
ecee12f04f
commit
608e3efc47
@ -140,6 +140,9 @@ test_csr_v3_all_malformed_attributes_extension_request_sequence_len1.csr.der: te
|
|||||||
test_csr_v3_all_malformed_attributes_extension_request_sequence_len2.csr.der: test_csr_v3_all.csr.der
|
test_csr_v3_all_malformed_attributes_extension_request_sequence_len2.csr.der: test_csr_v3_all.csr.der
|
||||||
(hexdump -ve '1/1 "%.2X"' $< | sed "s/3051300B0603551D0F04/3050300B0603551D0F04/" | xxd -r -p ) > $@
|
(hexdump -ve '1/1 "%.2X"' $< | sed "s/3051300B0603551D0F04/3050300B0603551D0F04/" | xxd -r -p ) > $@
|
||||||
|
|
||||||
|
test_cert_rfc822name.crt.der: cert_example_multi.csr
|
||||||
|
$(OPENSSL) x509 -req -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) -extfile $(test_ca_config_file) -outform DER -extensions rfc822name_names -passin "pass:$(test_ca_pwd_rsa)" -set_serial 17 -days 3653 -sha256 -in $< > $@
|
||||||
|
|
||||||
$(test_ca_key_file_rsa_alt):test-ca.opensslconf
|
$(test_ca_key_file_rsa_alt):test-ca.opensslconf
|
||||||
$(OPENSSL) genrsa -out $@ 2048
|
$(OPENSSL) genrsa -out $@ 2048
|
||||||
test-ca-alt.csr: $(test_ca_key_file_rsa_alt) $(test_ca_config_file)
|
test-ca-alt.csr: $(test_ca_key_file_rsa_alt) $(test_ca_config_file)
|
||||||
|
@ -24,6 +24,9 @@ subjectAltName=otherName:1.2.3.4;UTF8:some other identifier
|
|||||||
[dns_alt_names]
|
[dns_alt_names]
|
||||||
subjectAltName=DNS:example.com, DNS:example.net, DNS:*.example.org
|
subjectAltName=DNS:example.com, DNS:example.net, DNS:*.example.org
|
||||||
|
|
||||||
|
[rfc822name_names]
|
||||||
|
subjectAltName=email:my@other.address,email:second@other.address
|
||||||
|
|
||||||
[alt_names]
|
[alt_names]
|
||||||
DNS.1=example.com
|
DNS.1=example.com
|
||||||
otherName.1=1.3.6.1.5.5.7.8.4;SEQ:hw_module_name
|
otherName.1=1.3.6.1.5.5.7.8.4;SEQ:hw_module_name
|
||||||
|
BIN
tests/data_files/test_cert_rfc822name.crt.der
Normal file
BIN
tests/data_files/test_cert_rfc822name.crt.der
Normal file
Binary file not shown.
@ -206,6 +206,10 @@ X509 SAN parsing, unsupported otherName name
|
|||||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||||
x509_parse_san:"data_files/server5-unsupported_othername.crt":""
|
x509_parse_san:"data_files/server5-unsupported_othername.crt":""
|
||||||
|
|
||||||
|
X509 SAN parsing rfc822Name
|
||||||
|
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||||
|
x509_parse_san:"data_files/test_cert_rfc822name.crt.der":"type \: 1\nrfc822Name \: my@other.address\ntype \: 1\nrfc822Name \: second@other.address\n"
|
||||||
|
|
||||||
X509 CRL information #1
|
X509 CRL information #1
|
||||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
|
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
|
||||||
mbedtls_x509_crl_info:"data_files/crl_expired.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-20 10\:24\:19\nnext update \: 2011-02-20 11\:24\:19\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n"
|
mbedtls_x509_crl_info:"data_files/crl_expired.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-20 10\:24\:19\nnext update \: 2011-02-20 11\:24\:19\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n"
|
||||||
|
@ -279,7 +279,18 @@ int verify_parse_san(mbedtls_x509_subject_alternative_name *san,
|
|||||||
*p++ = san->san.unstructured_name.p[i];
|
*p++ = san->san.unstructured_name.p[i];
|
||||||
}
|
}
|
||||||
break;/* MBEDTLS_X509_SAN_DNS_NAME */
|
break;/* MBEDTLS_X509_SAN_DNS_NAME */
|
||||||
|
case (MBEDTLS_X509_SAN_RFC822_NAME):
|
||||||
|
ret = mbedtls_snprintf(p, n, "\nrfc822Name : ");
|
||||||
|
MBEDTLS_X509_SAFE_SNPRINTF;
|
||||||
|
if (san->san.unstructured_name.len >= n) {
|
||||||
|
*p = '\0';
|
||||||
|
return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
|
||||||
|
}
|
||||||
|
n -= san->san.unstructured_name.len;
|
||||||
|
for (i = 0; i < san->san.unstructured_name.len; i++) {
|
||||||
|
*p++ = san->san.unstructured_name.p[i];
|
||||||
|
}
|
||||||
|
break;/* MBEDTLS_X509_SAN_RFC822_NAME */
|
||||||
default:
|
default:
|
||||||
/*
|
/*
|
||||||
* Should not happen.
|
* Should not happen.
|
||||||
|
Loading…
x
Reference in New Issue
Block a user