diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 233a2c781c..563d86ea10 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -338,14 +338,14 @@ server5-fan.crt: server5.key server5-tricky-ip-san.crt: server5.key $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS Tricky IP SAN" -set_serial 77 -config $(test_ca_config_file) -extensions tricky_ip_san -days 3650 -sha256 -key server5.key -out $@ -server5-directoryname.crt: server5.key - $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS directoryName SAN" -set_serial 77 -config $(test_ca_config_file) -extensions directory_name_san -days 3650 -sha256 -key server5.key -out $@ +server5-directoryname.crt.der: server5.key + $(OPENSSL) req -x509 -outform der -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS directoryName SAN" -set_serial 77 -config $(test_ca_config_file) -extensions directory_name_san -days 3650 -sha256 -key server5.key -out $@ -server5-two-directorynames.crt: server5.key - $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS directoryName SAN" -set_serial 77 -config $(test_ca_config_file) -extensions two_directorynames -days 3650 -sha256 -key server5.key -out $@ +server5-two-directorynames.crt.der: server5.key + $(OPENSSL) req -x509 -outform der -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS directoryName SAN" -set_serial 77 -config $(test_ca_config_file) -extensions two_directorynames -days 3650 -sha256 -key server5.key -out $@ -server5-second-directoryname-malformed.crt: server5-two-directorynames.crt - (head -n1 $<; sed -n '2,12p' $< | base64 --decode | hexdump -ve '1/1 "%.2X"' | sed "s/0355040A0C0A4D414C464F524D5F4D45/1555040A0C0A4D414C464F524D5F4D45/" | xxd -r -p | base64 -w64; tail -n1 $<) > $@ +server5-second-directoryname-malformed.crt.der: server5-two-directorynames.crt.der + hexdump -ve '1/1 "%.2X"' $< | sed "s/0355040A0C0A4D414C464F524D5F4D45/1555040A0C0A4D414C464F524D5F4D45/" | xxd -r -p > $@ all_final += server5-tricky-ip-san.crt diff --git a/tests/data_files/server5-directoryname.crt b/tests/data_files/server5-directoryname.crt deleted file mode 100644 index afa88b3840..0000000000 --- a/tests/data_files/server5-directoryname.crt +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB7jCCAZSgAwIBAgIBTTAKBggqhkjOPQQDAjBFMQswCQYDVQQGEwJVSzERMA8G -A1UECgwITWJlZCBUTFMxIzAhBgNVBAMMGk1iZWQgVExTIGRpcmVjdG9yeU5hbWUg -U0FOMB4XDTIzMDExMDE2NTkyOVoXDTMzMDEwNzE2NTkyOVowRTELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCE1iZWQgVExTMSMwIQYDVQQDDBpNYmVkIFRMUyBkaXJlY3Rv -cnlOYW1lIFNBTjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2CR5acj7H -WS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76 -Aci07f+jdTBzMFIGA1UdEQRLMEmkRzBFMQswCQYDVQQGEwJVSzERMA8GA1UECgwI -TWJlZCBUTFMxIzAhBgNVBAMMGk1iZWQgVExTIGRpcmVjdG9yeU5hbWUgU0FOMB0G -A1UdDgQWBBRQYaWP1AfZ14IBDOVlf4xjRqcTvjAKBggqhkjOPQQDAgNIADBFAiBr -PtyaL8tF+jghNK32ZnWriCp2k7Aq+QVuef+6+sSH6AIhAIKw+o0J2Pu27ulHFIzI -MdFECpZ3nqAGbTOTOMX6LoDh ------END CERTIFICATE----- diff --git a/tests/data_files/server5-directoryname.crt.der b/tests/data_files/server5-directoryname.crt.der new file mode 100644 index 0000000000..4badea1a27 Binary files /dev/null and b/tests/data_files/server5-directoryname.crt.der differ diff --git a/tests/data_files/server5-second-directoryname-malformed.crt b/tests/data_files/server5-second-directoryname-malformed.crt deleted file mode 100644 index 11d439b3e8..0000000000 --- a/tests/data_files/server5-second-directoryname-malformed.crt +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICCTCCAa+gAwIBAgIBTTAKBggqhkjOPQQDAjBFMQswCQYDVQQGEwJVSzERMA8G -A1UECgwITWJlZCBUTFMxIzAhBgNVBAMMGk1iZWQgVExTIGRpcmVjdG9yeU5hbWUg -U0FOMB4XDTIzMDExMjEwMzQxMVoXDTMzMDEwOTEwMzQxMVowRTELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCE1iZWQgVExTMSMwIQYDVQQDDBpNYmVkIFRMUyBkaXJlY3Rv -cnlOYW1lIFNBTjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2CR5acj7H -WS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76 -Aci07f+jgY8wgYwwawYDVR0RBGQwYqRHMEUxCzAJBgNVBAYTAlVLMREwDwYDVQQK -DAhNYmVkIFRMUzEjMCEGA1UEAwwaTWJlZCBUTFMgZGlyZWN0b3J5TmFtZSBTQU6k -FzAVMRMwEQYVVQQKDApNQUxGT1JNX01FMB0GA1UdDgQWBBRQYaWP1AfZ14IBDOVl -f4xjRqcTvjAKBggqhkjOPQQDAgNIADBFAiAHI/ousygMhcDhAb+bK402vAh4+bGK -UuwPMpd1XQ2FHAIhAL0uuCTzI72PJLyxB4cFtbmodUejDc+Oa02AUW4Ed8Uu ------END CERTIFICATE----- diff --git a/tests/data_files/server5-second-directoryname-malformed.crt.der b/tests/data_files/server5-second-directoryname-malformed.crt.der new file mode 100644 index 0000000000..7074fd84a2 Binary files /dev/null and b/tests/data_files/server5-second-directoryname-malformed.crt.der differ diff --git a/tests/data_files/server5-two-directorynames.crt b/tests/data_files/server5-two-directorynames.crt deleted file mode 100644 index aa76c16fc3..0000000000 --- a/tests/data_files/server5-two-directorynames.crt +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICCTCCAa+gAwIBAgIBTTAKBggqhkjOPQQDAjBFMQswCQYDVQQGEwJVSzERMA8G -A1UECgwITWJlZCBUTFMxIzAhBgNVBAMMGk1iZWQgVExTIGRpcmVjdG9yeU5hbWUg -U0FOMB4XDTIzMDExMjEwMzQxMVoXDTMzMDEwOTEwMzQxMVowRTELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCE1iZWQgVExTMSMwIQYDVQQDDBpNYmVkIFRMUyBkaXJlY3Rv -cnlOYW1lIFNBTjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2CR5acj7H -WS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76 -Aci07f+jgY8wgYwwawYDVR0RBGQwYqRHMEUxCzAJBgNVBAYTAlVLMREwDwYDVQQK -DAhNYmVkIFRMUzEjMCEGA1UEAwwaTWJlZCBUTFMgZGlyZWN0b3J5TmFtZSBTQU6k -FzAVMRMwEQYDVQQKDApNQUxGT1JNX01FMB0GA1UdDgQWBBRQYaWP1AfZ14IBDOVl -f4xjRqcTvjAKBggqhkjOPQQDAgNIADBFAiAHI/ousygMhcDhAb+bK402vAh4+bGK -UuwPMpd1XQ2FHAIhAL0uuCTzI72PJLyxB4cFtbmodUejDc+Oa02AUW4Ed8Uu ------END CERTIFICATE----- diff --git a/tests/data_files/server5-two-directorynames.crt.der b/tests/data_files/server5-two-directorynames.crt.der new file mode 100644 index 0000000000..c98a018f0d Binary files /dev/null and b/tests/data_files/server5-two-directorynames.crt.der differ diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index b811314d59..8df53df130 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -95,16 +95,16 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R x509_cert_info:"data_files/server5-nonprintable_othername.crt":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS non-printable othername SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS non-printable othername SAN\nissued on \: 2022-09-06 15\:56\:47\nexpires on \: 2032-09-03 15\:56\:47\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n otherName \:\n hardware module name \:\n hardware type \: 1.3.6.1.4.1.17.3\n hardware serial number \: 3132338081008180333231\n" X509 CRT information EC, SHA256 Digest, directoryName SAN -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server5-directoryname.crt":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nissued on \: 2023-01-10 16\:59\:29\nexpires on \: 2033-01-07 16\:59\:29\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n directoryName \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\n" +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +x509_cert_info:"data_files/server5-directoryname.crt.der":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nissued on \: 2023-01-10 16\:59\:29\nexpires on \: 2033-01-07 16\:59\:29\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n directoryName \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\n" X509 CRT information EC, SHA256 Digest, two directoryName SANs -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server5-two-directorynames.crt":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nissued on \: 2023-01-12 10\:34\:11\nexpires on \: 2033-01-09 10\:34\:11\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n directoryName \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\n directoryName \: O=MALFORM_ME\n" +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +x509_cert_info:"data_files/server5-two-directorynames.crt.der":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nissued on \: 2023-01-12 10\:34\:11\nexpires on \: 2033-01-09 10\:34\:11\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n directoryName \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\n directoryName \: O=MALFORM_ME\n" X509 CRT information EC, SHA256 Digest, second directoryname malformed -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server5-second-directoryname-malformed.crt":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nissued on \: 2023-01-12 10\:34\:11\nexpires on \: 2033-01-09 10\:34\:11\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n directoryName \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\n \n" +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +x509_cert_info:"data_files/server5-second-directoryname-malformed.crt.der":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nissued on \: 2023-01-12 10\:34\:11\nexpires on \: 2033-01-09 10\:34\:11\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n directoryName \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\n \n" X509 CRT information EC, SHA256 Digest, Wisun Fan device depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256 @@ -203,8 +203,8 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R x509_parse_san:"data_files/server5-nonprintable_othername.crt":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 3132338081008180333231\n" X509 SAN parsing directoryName -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_parse_san:"data_files/server5-directoryname.crt":"type \: 4\ndirectoryName \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\n" +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +x509_parse_san:"data_files/server5-directoryname.crt.der":"type \: 4\ndirectoryName \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\n" X509 SAN parsing dNSName depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256