ag/cpython-source-deps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Imported OpenSSL 1.1.1a

Browse Source
This commit is contained in:
Steve Dower
2019-02-08 14:45:21 -08:00
parent 66bc075dac
commit d6b2cd4920
3033 changed files with 1039677 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
test/CAss.cnf Normal file
View File

@@ -0,0 +1,76 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
RANDFILE = ./.rnd
####################################################################
[ req ]
default_bits = 2048
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
default_md = sha1
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = AU
countryName_value = AU
organizationName = Organization Name (eg, company)
organizationName_value = Dodgy Brothers
commonName = Common Name (eg, YOUR name)
commonName_value = Dodgy CA
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
####################################################################
[ CA_default ]
dir = ./demoCA # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
#unique_subject = no # Set to 'no' to allow creation of
# several certificates with same subject.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
crl = $dir/crl.pem # The current CRL
private_key = $dir/private/cakey.pem# The private key
RANDFILE = $dir/private/.rand # private random number file
x509_extensions = v3_ca # The extensions to add to the cert
name_opt = ca_default # Subject Name options
cert_opt = ca_default # Certificate field options
default_days = 365 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = md5 # which md to use.
preserve = no # keep passed DN ordering
policy = policy_anything
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[ v3_ca ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints = critical,CA:true,pathlen:1
keyUsage = cRLSign, keyCertSign
issuerAltName=issuer:copy

24
test/CAssdh.cnf Normal file
View File

@@ -0,0 +1,24 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
# hacked by iang to do DH certs - CA
RANDFILE = ./.rnd
####################################################################
[ req ]
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = CU
countryName_value = CU
organizationName = Organization Name (eg, company)
organizationName_value = La Junta de la Revolucion
commonName = Common Name (eg, YOUR name)
commonName_value = Junta

23
test/CAssdsa.cnf Normal file
View File

@@ -0,0 +1,23 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
# hacked by iang to do DSA certs - CA
RANDFILE = ./.rnd
####################################################################
[ req ]
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = ES
countryName_value = ES
organizationName = Organization Name (eg, company)
organizationName_value = Hermanos Locos
commonName = Common Name (eg, YOUR name)
commonName_value = Hermanos Locos CA

24
test/CAssrsa.cnf Normal file
View File

@@ -0,0 +1,24 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
# create RSA certs - CA
RANDFILE = ./.rnd
####################################################################
[ req ]
distinguished_name = req_distinguished_name
encrypt_key = no
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = ES
countryName_value = ES
organizationName = Organization Name (eg, company)
organizationName_value = Hermanos Locos
commonName = Common Name (eg, YOUR name)
commonName_value = Hermanos Locos CA

165
test/CAtsa.cnf Normal file
View File

@@ -0,0 +1,165 @@
#
# This config is used by the Time Stamp Authority tests.
#
RANDFILE = ./.rnd
# Extra OBJECT IDENTIFIER info:
oid_section = new_oids
TSDNSECT = ts_cert_dn
INDEX = 1
[ new_oids ]
# Policies used by the TSA tests.
tsa_policy1 = 1.2.3.4.1
tsa_policy2 = 1.2.3.4.5.6
tsa_policy3 = 1.2.3.4.5.7
#----------------------------------------------------------------------
[ ca ]
default_ca = CA_default # The default ca section
[ CA_default ]
dir = ./demoCA
certs = $dir/certs # Where the issued certs are kept
database = $dir/index.txt # database index file.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
private_key = $dir/private/cakey.pem# The private key
RANDFILE = $dir/private/.rand # private random number file
default_days = 365 # how long to certify for
default_md = sha256 # which md to use.
preserve = no # keep passed DN ordering
policy = policy_match
# For the CA policy
[ policy_match ]
countryName = supplied
stateOrProvinceName = supplied
organizationName = supplied
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
#----------------------------------------------------------------------
[ req ]
default_bits = 2048
default_md = sha1
distinguished_name = $ENV::TSDNSECT
encrypt_rsa_key = no
prompt = no
# attributes = req_attributes
x509_extensions = v3_ca # The extensions to add to the self signed cert
string_mask = nombstr
[ ts_ca_dn ]
countryName = HU
stateOrProvinceName = Budapest
localityName = Budapest
organizationName = Gov-CA Ltd.
commonName = ca1
[ ts_cert_dn ]
countryName = HU
stateOrProvinceName = Budapest
localityName = Buda
organizationName = Hun-TSA Ltd.
commonName = tsa$ENV::INDEX
[ tsa_cert ]
# TSA server cert is not a CA cert.
basicConstraints=CA:FALSE
# The following key usage flags are needed for TSA server certificates.
keyUsage = nonRepudiation, digitalSignature
extendedKeyUsage = critical,timeStamping
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
[ non_tsa_cert ]
# This is not a CA cert and not a TSA cert, either (timeStamping usage missing)
basicConstraints=CA:FALSE
# The following key usage flags are needed for TSA server certificates.
keyUsage = nonRepudiation, digitalSignature
# timeStamping is not supported by this certificate
# extendedKeyUsage = critical,timeStamping
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature
[ v3_ca ]
# Extensions for a typical CA
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints = critical,CA:true
keyUsage = cRLSign, keyCertSign
#----------------------------------------------------------------------
[ tsa ]
default_tsa = tsa_config1 # the default TSA section
[ tsa_config1 ]
# These are used by the TSA reply generation only.
dir = . # TSA root directory
serial = $dir/tsa_serial # The current serial number (mandatory)
signer_cert = $dir/tsa_cert1.pem # The TSA signing certificate
# (optional)
certs = $dir/tsaca.pem # Certificate chain to include in reply
# (optional)
signer_key = $dir/tsa_key1.pem # The TSA private key (optional)
signer_digest = sha256 # Signing digest to use. (Optional)
default_policy = tsa_policy1 # Policy if request did not specify it
# (optional)
other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
digests = sha1, sha256, sha384, sha512 # Acceptable message digests (mandatory)
accuracy = secs:1, millisecs:500, microsecs:100 # (optional)
ordering = yes # Is ordering defined for timestamps?
# (optional, default: no)
tsa_name = yes # Must the TSA name be included in the reply?
# (optional, default: no)
ess_cert_id_chain = yes # Must the ESS cert id chain be included?
# (optional, default: no)
ess_cert_id_alg = sha256 # algorithm to compute certificate
# identifier (optional, default: sha1)
[ tsa_config2 ]
# This configuration uses a certificate which doesn't have timeStamping usage.
# These are used by the TSA reply generation only.
dir = . # TSA root directory
serial = $dir/tsa_serial # The current serial number (mandatory)
signer_cert = $dir/tsa_cert2.pem # The TSA signing certificate
# (optional)
certs = $dir/demoCA/cacert.pem# Certificate chain to include in reply
# (optional)
signer_key = $dir/tsa_key2.pem # The TSA private key (optional)
signer_digest = sha256 # Signing digest to use. (Optional)
default_policy = tsa_policy1 # Policy if request did not specify it
# (optional)
other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
digests = sha1, sha256, sha384, sha512 # Acceptable message digests (mandatory)

37
test/P1ss.cnf Normal file
View File

@@ -0,0 +1,37 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
RANDFILE = ./.rnd
####################################################################
[ req ]
default_bits = 2048
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
default_md = sha256
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = AU
countryName_value = AU
organizationName = Organization Name (eg, company)
organizationName_value = Dodgy Brothers
0.commonName = Common Name (eg, YOUR name)
0.commonName_value = Brother 1
1.commonName = Common Name (eg, YOUR name)
1.commonName_value = Brother 2
2.commonName = Common Name (eg, YOUR name)
2.commonName_value = Proxy 1
[ v3_proxy ]
basicConstraints=CA:FALSE
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:1,policy:text:AB

45
test/P2ss.cnf Normal file
View File

@@ -0,0 +1,45 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
RANDFILE = ./.rnd
####################################################################
[ req ]
default_bits = 2048
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
default_md = sha256
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = AU
countryName_value = AU
organizationName = Organization Name (eg, company)
organizationName_value = Dodgy Brothers
0.commonName = Common Name (eg, YOUR name)
0.commonName_value = Brother 1
1.commonName = Common Name (eg, YOUR name)
1.commonName_value = Brother 2
2.commonName = Common Name (eg, YOUR name)
2.commonName_value = Proxy 1
3.commonName = Common Name (eg, YOUR name)
3.commonName_value = Proxy 2
[ v3_proxy ]
basicConstraints=CA:FALSE
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
proxyCertInfo=critical,@proxy_ext
[ proxy_ext ]
language=id-ppl-anyLanguage
pathlen=0
policy=text:BC

149
test/README Normal file
View File

@@ -0,0 +1,149 @@
How to add recipes
==================
For any test that you want to perform, you write a script located in
test/recipes/, named {nn}-test_{name}.t, where {nn} is a two digit number and
{name} is a unique name of your choice.
Please note that if a test involves a new testing executable, you will need to
do some additions in test/Makefile. More on this later.
Naming conventions
=================
A test executable is named test/{name}test.c
A test recipe is named test/recipes/{nn}-test_{name}.t, where {nn} is a two
digit number and {name} is a unique name of your choice.
The number {nn} is (somewhat loosely) grouped as follows:
00-04 sanity, internal and essential API tests
05-09 individual symmetric cipher algorithms
10-14 math (bignum)
15-19 individual asymmetric cipher algorithms
20-24 openssl commands (some otherwise not tested)
25-29 certificate forms, generation and verification
30-35 engine and evp
60-79 APIs
70 PACKET layer
80-89 "larger" protocols (CA, CMS, OCSP, SSL, TSA)
90-98 misc
99 most time consuming tests [such as test_fuzz]
A recipe that just runs a test executable
=========================================
A script that just runs a program looks like this:
#! /usr/bin/perl
use OpenSSL::Test::Simple;
simple_test("test_{name}", "{name}test", "{name}");
{name} is the unique name you have chosen for your test.
The second argument to `simple_test' is the test executable, and `simple_test'
expects it to be located in test/
For documentation on OpenSSL::Test::Simple, do
`perldoc util/perl/OpenSSL/Test/Simple.pm'.
A recipe that runs a more complex test
======================================
For more complex tests, you will need to read up on Test::More and
OpenSSL::Test. Test::More is normally preinstalled, do `man Test::More' for
documentation. For OpenSSL::Test, do `perldoc util/perl/OpenSSL/Test.pm'.
A script to start from could be this:
#! /usr/bin/perl
use strict;
use warnings;
use OpenSSL::Test;
setup("test_{name}");
plan tests => 2; # The number of tests being performed
ok(test1, "test1");
ok(test2, "test1");
sub test1
{
# test feature 1
}
sub test2
{
# test feature 2
}
Changes to test/build.info
==========================
Whenever a new test involves a new test executable you need to do the
following (at all times, replace {NAME} and {name} with the name of your
test):
* add {name} to the list of programs under PROGRAMS_NO_INST
* create a three line description of how to build the test, you will have
to modify the include paths and source files if you don't want to use the
basic test framework:
SOURCE[{name}]={name}.c
INCLUDE[{name}]=.. ../include
DEPEND[{name}]=../libcrypto libtestutil.a
Generic form of C test executables
==================================
#include "testutil.h"
static int my_test(void)
{
int testresult = 0; /* Assume the test will fail */
int observed;
observed = function(); /* Call the code under test */
if (!TEST_int_equal(observed, 2)) /* Check the result is correct */
goto end; /* Exit on failure - optional */
testresult = 1; /* Mark the test case a success */
end:
cleanup(); /* Any cleanup you require */
return testresult;
}
int setup_tests(void)
{
ADD_TEST(my_test); /* Add each test separately */
return 1; /* Indicate success */
}
You should use the TEST_xxx macros provided by testutil.h to test all failure
conditions. These macros produce an error message in a standard format if the
condition is not met (and nothing if the condition is met). Additional
information can be presented with the TEST_info macro that takes a printf
format string and arguments. TEST_error is useful for complicated conditions,
it also takes a printf format string and argument. In all cases the TEST_xxx
macros are guaranteed to evaluate their arguments exactly once. This means
that expressions with side effects are allowed as parameters. Thus,
if (!TEST_ptr(ptr = OPENSSL_malloc(..)))
works fine and can be used in place of:
ptr = OPENSSL_malloc(..);
if (!TEST_ptr(ptr))
The former produces a more meaningful message on failure than the latter.

164
test/README.external Normal file
View File

@@ -0,0 +1,164 @@
Running external test suites with OpenSSL
=========================================
It is possible to integrate external test suites into OpenSSL's "make test".
This capability is considered a developer option and does not work on all
platforms.
The BoringSSL test suite
========================
In order to run the BoringSSL tests with OpenSSL, first checkout the BoringSSL
source code into an appropriate directory. This can be done in two ways:
1) Separately from the OpenSSL checkout using:
$ git clone https://boringssl.googlesource.com/boringssl boringssl
The BoringSSL tests are only confirmed to work at a specific commit in the
BoringSSL repository. Later commits may or may not pass the test suite:
$ cd boringssl
$ git checkout 490469f850e
2) Using the already configured submodule settings in OpenSSL:
$ git submodule update --init
Configure the OpenSSL source code to enable the external tests:
$ cd ../openssl
$ ./config enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers \
enable-external-tests
Note that using other config options than those given above may cause the tests
to fail.
Run the OpenSSL tests by providing the path to the BoringSSL test runner in the
BORING_RUNNER_DIR environment variable:
$ BORING_RUNNER_DIR=/path/to/boringssl/ssl/test/runner make test
Note that the test suite may change directory while running so the path provided
should be absolute and not relative to the current working directory.
To see more detailed output you can run just the BoringSSL tests with the
verbose option:
$ VERBOSE=1 BORING_RUNNER_DIR=/path/to/boringssl/ssl/test/runner make \
TESTS="test_external_boringssl" test
Test failures and suppressions
------------------------------
A large number of the BoringSSL tests are known to fail. A test could fail
because of many possible reasons. For example:
- A bug in OpenSSL
- Different interpretations of standards
- Assumptions about the way BoringSSL works that do not apply to OpenSSL
- The test uses APIs added to BoringSSL that are not present in OpenSSL
- etc
In order to provide a "clean" baseline run with all the tests passing a config
file has been provided that suppresses the running of tests that are known to
fail. These suppressions are held in the file "test/ossl_shim/ossl_config.json"
within the OpenSSL source code.
The community is encouraged to contribute patches which reduce the number of
suppressions that are currently present.
Python PYCA/Cryptography test suite
===================================
This python test suite runs cryptographic tests with a local OpenSSL build as
the implementation.
First checkout the PYCA/Cryptography module into ./pyca-cryptography using:
$ git submodule update --init
Then configure/build OpenSSL compatible with the python module:
$ ./config shared enable-external-tests
$ make
The tests will run in a python virtual environment which requires virtualenv
to be installed.
$ make test VERBOSE=1 TESTS=test_external_pyca
Test failures and suppressions
------------------------------
Some tests target older (<=1.0.2) versions so will not run. Other tests target
other crypto implementations so are not relevant. Currently no tests fail.
krb5 test suite
===============
Much like the PYCA/Cryptography test suite, this builds and runs the krb5
tests against the local OpenSSL build.
You will need a git checkout of krb5 at the top level:
$ git clone https://github.com/krb5/krb5
krb5's master has to pass this same CI, but a known-good version is
krb5-1.15.1-final if you want to be sure.
$ cd krb5
$ git checkout krb5-1.15.1-final
$ cd ..
OpenSSL must be built with external tests enabled:
$ ./config enable-external-tests
$ make
krb5's tests will then be run as part of the rest of the suite, or can be
explicitly run (with more debugging):
$ VERBOSE=1 make TESTS=test_external_krb5 test
Test-failures suppressions
--------------------------
krb5 will automatically adapt its test suite to account for the configuration
of your system. Certain tests may require more installed packages to run. No
tests are expected to fail.
Updating test suites
====================
To update the commit for any of the above test suites:
- Make sure the submodules are cloned locally:
$ git submodule update --init --recursive
- Enter subdirectory and pull from the repository (use a specific branch/tag if required):
$ cd <submodule-dir>
$ git pull origin master
- Go to root directory, there should be a new git status:
$ cd ../
$ git status
...
# modified: <submodule-dir> (new commits)
...
- Add/commit/push the update
git add <submodule-dir>
git commit -m "Updated <submodule> to latest commit"
git push

299
test/README.ssltest.md Normal file
View File

@@ -0,0 +1,299 @@
# SSL tests
SSL testcases are configured in the `ssl-tests` directory.
Each `ssl_*.conf.in` file contains a number of test configurations. These files
are used to generate testcases in the OpenSSL CONF format.
The precise test output can be dependent on the library configuration. The test
harness generates the output files on the fly.
However, for verification, we also include checked-in configuration outputs
corresponding to the default configuration. These testcases live in
`test/ssl-tests/*.conf` files.
For more details, see `ssl-tests/01-simple.conf.in` for an example.
## Configuring the test
First, give your test a name. The names do not have to be unique.
An example test input looks like this:
```
{
name => "test-default",
server => { "CipherString" => "DEFAULT" },
client => { "CipherString" => "DEFAULT" },
test => { "ExpectedResult" => "Success" },
}
```
The test section supports the following options
### Test mode
* Method - the method to test. One of DTLS or TLS.
* HandshakeMode - which handshake flavour to test:
- Simple - plain handshake (default)
- Resume - test resumption
- RenegotiateServer - test server initiated renegotiation
- RenegotiateClient - test client initiated renegotiation
When HandshakeMode is Resume or Renegotiate, the original handshake is expected
to succeed. All configured test expectations are verified against the second
handshake.
* ApplicationData - amount of application data bytes to send (integer, defaults
to 256 bytes). Applies to both client and server. Application data is sent in
64kB chunks (but limited by MaxFragmentSize and available parallelization, see
below).
* MaxFragmentSize - maximum send fragment size (integer, defaults to 512 in
tests - see `SSL_CTX_set_max_send_fragment` for documentation). Applies to
both client and server. Lowering the fragment size will split handshake and
application data up between more `SSL_write` calls, thus allowing to exercise
different code paths. In particular, if the buffer size (64kB) is at least
four times as large as the maximum fragment, interleaved multi-buffer crypto
implementations may be used on some platforms.
### Test expectations
* ExpectedResult - expected handshake outcome. One of
- Success - handshake success
- ServerFail - serverside handshake failure
- ClientFail - clientside handshake failure
- InternalError - some other error
* ExpectedClientAlert, ExpectedServerAlert - expected alert. See
`ssl_test_ctx.c` for known values. Note: the expected alert is currently
matched against the _last_ received alert (i.e., a fatal alert or a
`close_notify`). Warning alert expectations are not yet supported. (A warning
alert will not be correctly matched, if followed by a `close_notify` or
another alert.)
* ExpectedProtocol - expected negotiated protocol. One of
SSLv3, TLSv1, TLSv1.1, TLSv1.2.
* SessionTicketExpected - whether or not a session ticket is expected
- Ignore - do not check for a session ticket (default)
- Yes - a session ticket is expected
- No - a session ticket is not expected
* SessionIdExpected - whether or not a session id is expected
- Ignore - do not check for a session id (default)
- Yes - a session id is expected
- No - a session id is not expected
* ResumptionExpected - whether or not resumption is expected (Resume mode only)
- Yes - resumed handshake
- No - full handshake (default)
* ExpectedNPNProtocol, ExpectedALPNProtocol - NPN and ALPN expectations.
* ExpectedTmpKeyType - the expected algorithm or curve of server temp key
* ExpectedServerCertType, ExpectedClientCertType - the expected algorithm or
curve of server or client certificate
* ExpectedServerSignHash, ExpectedClientSignHash - the expected
signing hash used by server or client certificate
* ExpectedServerSignType, ExpectedClientSignType - the expected
signature type used by server or client when signing messages
* ExpectedClientCANames - for client auth list of CA names the server must
send. If this is "empty" the list is expected to be empty otherwise it
is a file of certificates whose subject names form the list.
* ExpectedServerCANames - list of CA names the client must send, TLS 1.3 only.
If this is "empty" the list is expected to be empty otherwise it is a file
of certificates whose subject names form the list.
## Configuring the client and server
The client and server configurations can be any valid `SSL_CTX`
configurations. For details, see the manpages for `SSL_CONF_cmd`.
Give your configurations as a dictionary of CONF commands, e.g.
```
server => {
"CipherString" => "DEFAULT",
"MinProtocol" => "TLSv1",
}
```
The following sections may optionally be defined:
* server2 - this section configures a secondary context that is selected via the
ServerName test option. This context is used whenever a ServerNameCallback is
specified. If the server2 section is not present, then the configuration
matches server.
* resume_server - this section configures the client to resume its session
against a different server. This context is used whenever HandshakeMode is
Resume. If the resume_server section is not present, then the configuration
matches server.
* resume_client - this section configures the client to resume its session with
a different configuration. In practice this may occur when, for example,
upgraded clients reuse sessions persisted on disk. This context is used
whenever HandshakeMode is Resume. If the resume_client section is not present,
then the configuration matches client.
### Configuring callbacks and additional options
Additional handshake settings can be configured in the `extra` section of each
client and server:
```
client => {
"CipherString" => "DEFAULT",
extra => {
"ServerName" => "server2",
}
}
```
#### Supported client-side options
* ClientVerifyCallback - the client's custom certificate verify callback.
Used to test callback behaviour. One of
- None - no custom callback (default)
- AcceptAll - accepts all certificates.
- RejectAll - rejects all certificates.
* ServerName - the server the client should attempt to connect to. One of
- None - do not use SNI (default)
- server1 - the initial context
- server2 - the secondary context
- invalid - an unknown context
* CTValidation - Certificate Transparency validation strategy. One of
- None - no validation (default)
- Permissive - SSL_CT_VALIDATION_PERMISSIVE
- Strict - SSL_CT_VALIDATION_STRICT
#### Supported server-side options
* ServerNameCallback - the SNI switching callback to use
- None - no callback (default)
- IgnoreMismatch - continue the handshake on SNI mismatch
- RejectMismatch - abort the handshake on SNI mismatch
* BrokenSessionTicket - a special test case where the session ticket callback
does not initialize crypto.
- No (default)
- Yes
#### Mutually supported options
* NPNProtocols, ALPNProtocols - NPN and ALPN settings. Server and client
protocols can be specified as a comma-separated list, and a callback with the
recommended behaviour will be installed automatically.
* SRPUser, SRPPassword - SRP settings. For client, this is the SRP user to
connect as; for server, this is a known SRP user.
### Default server and client configurations
The default server certificate and CA files are added to the configurations
automatically. Server certificate verification is requested by default.
You can override these options by redefining them:
```
client => {
"VerifyCAFile" => "/path/to/custom/file"
}
```
or by deleting them
```
client => {
"VerifyCAFile" => undef
}
```
## Adding a test to the test harness
1. Add a new test configuration to `test/ssl-tests`, following the examples of
existing `*.conf.in` files (for example, `01-simple.conf.in`).
2. Generate the generated `*.conf` test input file. You can do so by running
`generate_ssl_tests.pl`:
```
$ ./config
$ cd test
$ TOP=.. perl -I ../util/perl/ generate_ssl_tests.pl ssl-tests/my.conf.in \
> ssl-tests/my.conf
```
where `my.conf.in` is your test input file.
For example, to generate the test cases in `ssl-tests/01-simple.conf.in`, do
```
$ TOP=.. perl -I ../util/perl/ generate_ssl_tests.pl ssl-tests/01-simple.conf.in > ssl-tests/01-simple.conf
```
Alternatively (hackish but simple), you can comment out
```
unlink glob $tmp_file;
```
in `test/recipes/80-test_ssl_new.t` and run
```
$ make TESTS=test_ssl_new test
```
This will save the generated output in a `*.tmp` file in the build directory.
3. Update the number of tests planned in `test/recipes/80-test_ssl_new.t`. If
the test suite has any skip conditions, update those too (see
`test/recipes/80-test_ssl_new.t` for details).
## Running the tests with the test harness
```
HARNESS_VERBOSE=yes make TESTS=test_ssl_new test
```
## Running a test manually
These steps are only needed during development. End users should run `make test`
or follow the instructions above to run the SSL test suite.
To run an SSL test manually from the command line, the `TEST_CERTS_DIR`
environment variable to point to the location of the certs. E.g., from the root
OpenSSL directory, do
```
$ CTLOG_FILE=test/ct/log_list.conf TEST_CERTS_DIR=test/certs test/ssl_test \
test/ssl-tests/01-simple.conf
```
or for shared builds
```
$ CTLOG_FILE=test/ct/log_list.conf TEST_CERTS_DIR=test/certs \
util/shlib_wrap.sh test/ssl_test test/ssl-tests/01-simple.conf
```
Note that the test expectations sometimes depend on the Configure settings. For
example, the negotiated protocol depends on the set of available (enabled)
protocols: a build with `enable-ssl3` has different test expectations than a
build with `no-ssl3`.
The Perl test harness automatically generates expected outputs, so users who
just run `make test` do not need any extra steps.
However, when running a test manually, keep in mind that the repository version
of the generated `test/ssl-tests/*.conf` correspond to expected outputs in with
the default Configure options. To run `ssl_test` manually from the command line
in a build with a different configuration, you may need to generate the right
`*.conf` file from the `*.conf.in` input first.

27
test/Sssdsa.cnf Normal file
View File

@@ -0,0 +1,27 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
# hacked by iang to do DSA certs - Server
RANDFILE = ./.rnd
####################################################################
[ req ]
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = ES
countryName_value = ES
organizationName = Organization Name (eg, company)
organizationName_value = Tortilleras S.A.
0.commonName = Common Name (eg, YOUR name)
0.commonName_value = Torti
1.commonName = Common Name (eg, YOUR name)
1.commonName_value = Gordita

26
test/Sssrsa.cnf Normal file
View File

@@ -0,0 +1,26 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
# create RSA certs - Server
RANDFILE = ./.rnd
####################################################################
[ req ]
distinguished_name = req_distinguished_name
encrypt_key = no
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = ES
countryName_value = ES
organizationName = Organization Name (eg, company)
organizationName_value = Tortilleras S.A.
0.commonName = Common Name (eg, YOUR name)
0.commonName_value = Torti
1.commonName = Common Name (eg, YOUR name)
1.commonName_value = Gordita

41
test/Uss.cnf Normal file
View File

@@ -0,0 +1,41 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
RANDFILE = ./.rnd
CN2 = Brother 2
####################################################################
[ req ]
default_bits = 2048
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
default_md = sha256
prompt = no
[ req_distinguished_name ]
countryName = AU
organizationName = Dodgy Brothers
0.commonName = Brother 1
1.commonName = $ENV::CN2
[ v3_ee ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
basicConstraints = CA:false
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[ v3_ee_dsa ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always
basicConstraints = CA:false
keyUsage = nonRepudiation, digitalSignature
[ v3_ee_ec ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always
basicConstraints = CA:false
keyUsage = nonRepudiation, digitalSignature, keyAgreement

16
test/aborttest.c Normal file
View File

@@ -0,0 +1,16 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/crypto.h>
int main(int argc, char **argv)
{
OPENSSL_die("Voluntary abort", __FILE__, __LINE__);
return 0;
}

149
test/afalgtest.c Normal file
View File

@@ -0,0 +1,149 @@
/*
* Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <openssl/opensslconf.h>
#include <string.h>
#include <openssl/engine.h>
#include <openssl/evp.h>
#include <openssl/rand.h>
#include "testutil.h"
/* Use a buffer size which is not aligned to block size */
#define BUFFER_SIZE 17
#ifndef OPENSSL_NO_ENGINE
static ENGINE *e;
#endif
#ifndef OPENSSL_NO_AFALGENG
# include <linux/version.h>
# define K_MAJ 4
# define K_MIN1 1
# define K_MIN2 0
# if LINUX_VERSION_CODE < KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2)
/*
* If we get here then it looks like there is a mismatch between the linux
* headers and the actual kernel version, so we have tried to compile with
* afalg support, but then skipped it in e_afalg.c. As far as this test is
* concerned we behave as if we had been configured without support
*/
# define OPENSSL_NO_AFALGENG
# endif
#endif
#ifndef OPENSSL_NO_AFALGENG
static int test_afalg_aes_cbc(int keysize_idx)
{
EVP_CIPHER_CTX *ctx;
const EVP_CIPHER *cipher;
unsigned char key[] = "\x06\xa9\x21\x40\x36\xb8\xa1\x5b"
"\x51\x2e\x03\xd5\x34\x12\x00\x06"
"\x06\xa9\x21\x40\x36\xb8\xa1\x5b"
"\x51\x2e\x03\xd5\x34\x12\x00\x06";
unsigned char iv[] = "\x3d\xaf\xba\x42\x9d\x9e\xb4\x30"
"\xb4\x22\xda\x80\x2c\x9f\xac\x41";
/* input = "Single block msg\n" 17Bytes*/
unsigned char in[BUFFER_SIZE] = "\x53\x69\x6e\x67\x6c\x65\x20\x62"
"\x6c\x6f\x63\x6b\x20\x6d\x73\x67\x0a";
unsigned char ebuf[BUFFER_SIZE + 32];
unsigned char dbuf[BUFFER_SIZE + 32];
unsigned char encresult_128[] = "\xe3\x53\x77\x9c\x10\x79\xae\xb8"
"\x27\x08\x94\x2d\xbe\x77\x18\x1a\x2d";
unsigned char encresult_192[] = "\xf7\xe4\x26\xd1\xd5\x4f\x8f\x39"
"\xb1\x9e\xe0\xdf\x61\xb9\xc2\x55\xeb";
unsigned char encresult_256[] = "\xa0\x76\x85\xfd\xc1\x65\x71\x9d"
"\xc7\xe9\x13\x6e\xae\x55\x49\xb4\x13";
unsigned char *enc_result = NULL;
int encl, encf, decl, decf;
int ret = 0;
switch (keysize_idx) {
case 0:
cipher = EVP_aes_128_cbc();
enc_result = &encresult_128[0];
break;
case 1:
cipher = EVP_aes_192_cbc();
enc_result = &encresult_192[0];
break;
case 2:
cipher = EVP_aes_256_cbc();
enc_result = &encresult_256[0];
break;
default:
cipher = NULL;
}
if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()))
return 0;
if (!TEST_true(EVP_CipherInit_ex(ctx, cipher, e, key, iv, 1))
|| !TEST_true(EVP_CipherUpdate(ctx, ebuf, &encl, in, BUFFER_SIZE))
|| !TEST_true(EVP_CipherFinal_ex(ctx, ebuf+encl, &encf)))
goto end;
encl += encf;
if (!TEST_mem_eq(enc_result, BUFFER_SIZE, ebuf, BUFFER_SIZE))
goto end;
if (!TEST_true(EVP_CIPHER_CTX_reset(ctx))
|| !TEST_true(EVP_CipherInit_ex(ctx, cipher, e, key, iv, 0))
|| !TEST_true(EVP_CipherUpdate(ctx, dbuf, &decl, ebuf, encl))
|| !TEST_true(EVP_CipherFinal_ex(ctx, dbuf+decl, &decf)))
goto end;
decl += decf;
if (!TEST_int_eq(decl, BUFFER_SIZE)
|| !TEST_mem_eq(dbuf, BUFFER_SIZE, in, BUFFER_SIZE))
goto end;
ret = 1;
end:
EVP_CIPHER_CTX_free(ctx);
return ret;
}
#endif
#ifndef OPENSSL_NO_ENGINE
int global_init(void)
{
ENGINE_load_builtin_engines();
# ifndef OPENSSL_NO_STATIC_ENGINE
OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_AFALG, NULL);
# endif
return 1;
}
#endif
int setup_tests(void)
{
#ifndef OPENSSL_NO_ENGINE
if ((e = ENGINE_by_id("afalg")) == NULL) {
/* Probably a platform env issue, not a test failure. */
TEST_info("Can't load AFALG engine");
} else {
# ifndef OPENSSL_NO_AFALGENG
ADD_ALL_TESTS(test_afalg_aes_cbc, 3);
# endif
}
#endif
return 1;
}
#ifndef OPENSSL_NO_ENGINE
void cleanup_tests(void)
{
ENGINE_free(e);
}
#endif

173
test/asn1_decode_test.c Normal file
View File

@@ -0,0 +1,173 @@
/*
* Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <string.h>
#include <openssl/rand.h>
#include <openssl/asn1t.h>
#include "internal/numbers.h"
#include "testutil.h"
#ifdef __GNUC__
# pragma GCC diagnostic ignored "-Wunused-function"
#endif
#ifdef __clang__
# pragma clang diagnostic ignored "-Wunused-function"
#endif
/* Badly coded ASN.1 INTEGER zero wrapped in a sequence */
static unsigned char t_invalid_zero[] = {
0x30, 0x02, /* SEQUENCE tag + length */
0x02, 0x00 /* INTEGER tag + length */
};
#if OPENSSL_API_COMPAT < 0x10200000L
/* LONG case ************************************************************* */
typedef struct {
long test_long;
} ASN1_LONG_DATA;
ASN1_SEQUENCE(ASN1_LONG_DATA) = {
ASN1_EMBED(ASN1_LONG_DATA, test_long, LONG),
} static_ASN1_SEQUENCE_END(ASN1_LONG_DATA)
IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_LONG_DATA)
IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_LONG_DATA)
static int test_long(void)
{
const unsigned char *p = t_invalid_zero;
ASN1_LONG_DATA *dectst =
d2i_ASN1_LONG_DATA(NULL, &p, sizeof(t_invalid_zero));
if (dectst == NULL)
return 0; /* Fail */
ASN1_LONG_DATA_free(dectst);
return 1;
}
#endif
/* INT32 case ************************************************************* */
typedef struct {
int32_t test_int32;
} ASN1_INT32_DATA;
ASN1_SEQUENCE(ASN1_INT32_DATA) = {
ASN1_EMBED(ASN1_INT32_DATA, test_int32, INT32),
} static_ASN1_SEQUENCE_END(ASN1_INT32_DATA)
IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_INT32_DATA)
IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_INT32_DATA)
static int test_int32(void)
{
const unsigned char *p = t_invalid_zero;
ASN1_INT32_DATA *dectst =
d2i_ASN1_INT32_DATA(NULL, &p, sizeof(t_invalid_zero));
if (dectst == NULL)
return 0; /* Fail */
ASN1_INT32_DATA_free(dectst);
return 1;
}
/* UINT32 case ************************************************************* */
typedef struct {
uint32_t test_uint32;
} ASN1_UINT32_DATA;
ASN1_SEQUENCE(ASN1_UINT32_DATA) = {
ASN1_EMBED(ASN1_UINT32_DATA, test_uint32, UINT32),
} static_ASN1_SEQUENCE_END(ASN1_UINT32_DATA)
IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_UINT32_DATA)
IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_UINT32_DATA)
static int test_uint32(void)
{
const unsigned char *p = t_invalid_zero;
ASN1_UINT32_DATA *dectst =
d2i_ASN1_UINT32_DATA(NULL, &p, sizeof(t_invalid_zero));
if (dectst == NULL)
return 0; /* Fail */
ASN1_UINT32_DATA_free(dectst);
return 1;
}
/* INT64 case ************************************************************* */
typedef struct {
int64_t test_int64;
} ASN1_INT64_DATA;
ASN1_SEQUENCE(ASN1_INT64_DATA) = {
ASN1_EMBED(ASN1_INT64_DATA, test_int64, INT64),
} static_ASN1_SEQUENCE_END(ASN1_INT64_DATA)
IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_INT64_DATA)
IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_INT64_DATA)
static int test_int64(void)
{
const unsigned char *p = t_invalid_zero;
ASN1_INT64_DATA *dectst =
d2i_ASN1_INT64_DATA(NULL, &p, sizeof(t_invalid_zero));
if (dectst == NULL)
return 0; /* Fail */
ASN1_INT64_DATA_free(dectst);
return 1;
}
/* UINT64 case ************************************************************* */
typedef struct {
uint64_t test_uint64;
} ASN1_UINT64_DATA;
ASN1_SEQUENCE(ASN1_UINT64_DATA) = {
ASN1_EMBED(ASN1_UINT64_DATA, test_uint64, UINT64),
} static_ASN1_SEQUENCE_END(ASN1_UINT64_DATA)
IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_UINT64_DATA)
IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_UINT64_DATA)
static int test_uint64(void)
{
const unsigned char *p = t_invalid_zero;
ASN1_UINT64_DATA *dectst =
d2i_ASN1_UINT64_DATA(NULL, &p, sizeof(t_invalid_zero));
if (dectst == NULL)
return 0; /* Fail */
ASN1_UINT64_DATA_free(dectst);
return 1;
}
int setup_tests(void)
{
#if OPENSSL_API_COMPAT < 0x10200000L
ADD_TEST(test_long);
#endif
ADD_TEST(test_int32);
ADD_TEST(test_uint32);
ADD_TEST(test_int64);
ADD_TEST(test_uint64);
return 1;
}

870
test/asn1_encode_test.c Normal file
View File

@@ -0,0 +1,870 @@
/*
* Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <string.h>
#include <openssl/rand.h>
#include <openssl/asn1t.h>
#include "internal/numbers.h"
#include "testutil.h"
#ifdef __GNUC__
# pragma GCC diagnostic ignored "-Wunused-function"
# pragma GCC diagnostic ignored "-Wformat"
#endif
#ifdef __clang__
# pragma clang diagnostic ignored "-Wunused-function"
# pragma clang diagnostic ignored "-Wformat"
#endif
/***** Custom test data ******************************************************/
/*
* We conduct tests with these arrays for every type we try out.
* You will find the expected results together with the test structures
* for each type, further down.
*/
static unsigned char t_zero[] = {
0x00
};
static unsigned char t_one[] = {
0x01
};
static unsigned char t_one_neg[] = {
0xff
};
static unsigned char t_minus_256[] = {
0xff, 0x00
};
static unsigned char t_longundef[] = {
0x7f, 0xff, 0xff, 0xff
};
static unsigned char t_9bytes_1[] = {
0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
};
static unsigned char t_8bytes_1[] = {
0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
static unsigned char t_8bytes_2[] = {
0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
};
static unsigned char t_8bytes_3_pad[] = {
0x00, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
};
static unsigned char t_8bytes_4_neg[] = {
0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
static unsigned char t_8bytes_5_negpad[] = {
0xff, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
/* 32-bit long */
static unsigned char t_5bytes_1[] = {
0x01, 0xff, 0xff, 0xff, 0xff
};
static unsigned char t_4bytes_1[] = {
0x00, 0x80, 0x00, 0x00, 0x00
};
/* We make the last byte 0xfe to avoid a clash with ASN1_LONG_UNDEF */
static unsigned char t_4bytes_2[] = {
0x7f, 0xff, 0xff, 0xfe
};
static unsigned char t_4bytes_3_pad[] = {
0x00, 0x7f, 0xff, 0xff, 0xfe
};
static unsigned char t_4bytes_4_neg[] = {
0x80, 0x00, 0x00, 0x00
};
static unsigned char t_4bytes_5_negpad[] = {
0xff, 0x80, 0x00, 0x00, 0x00
};
typedef struct {
unsigned char *bytes1;
size_t nbytes1;
unsigned char *bytes2;
size_t nbytes2;
} TEST_CUSTOM_DATA;
#define CUSTOM_DATA(v) \
{ v, sizeof(v), t_one, sizeof(t_one) }, \
{ t_one, sizeof(t_one), v, sizeof(v) }
static TEST_CUSTOM_DATA test_custom_data[] = {
CUSTOM_DATA(t_zero),
CUSTOM_DATA(t_longundef),
CUSTOM_DATA(t_one),
CUSTOM_DATA(t_one_neg),
CUSTOM_DATA(t_minus_256),
CUSTOM_DATA(t_9bytes_1),
CUSTOM_DATA(t_8bytes_1),
CUSTOM_DATA(t_8bytes_2),
CUSTOM_DATA(t_8bytes_3_pad),
CUSTOM_DATA(t_8bytes_4_neg),
CUSTOM_DATA(t_8bytes_5_negpad),
CUSTOM_DATA(t_5bytes_1),
CUSTOM_DATA(t_4bytes_1),
CUSTOM_DATA(t_4bytes_2),
CUSTOM_DATA(t_4bytes_3_pad),
CUSTOM_DATA(t_4bytes_4_neg),
CUSTOM_DATA(t_4bytes_5_negpad),
};
/***** Type specific test data ***********************************************/
/*
* First, a few utility things that all type specific data can use, or in some
* cases, MUST use.
*/
/*
* For easy creation of arrays of expected data. These macros correspond to
* the uses of CUSTOM_DATA above.
*/
#define CUSTOM_EXPECTED_SUCCESS(num, znum) \
{ 0xff, num, 1 }, \
{ 0xff, 1, znum }
#define CUSTOM_EXPECTED_FAILURE \
{ 0, 0, 0 }, \
{ 0, 0, 0 }
/*
* A structure to collect all test information in. There MUST be one instance
* of this for each test
*/
typedef int i2d_fn(void *a, unsigned char **pp);
typedef void *d2i_fn(void **a, unsigned char **pp, long length);
typedef void ifree_fn(void *a);
typedef struct {
ASN1_ITEM_EXP *asn1_type;
const char *name;
int skip; /* 1 if this package should be skipped */
/* An array of structures to compare decoded custom data with */
void *encode_expectations;
size_t encode_expectations_size;
size_t encode_expectations_elem_size;
/*
* An array of structures that are encoded into a DER blob, which is
* then decoded, and result gets compared with the original.
*/
void *encdec_data;
size_t encdec_data_size;
size_t encdec_data_elem_size;
/* The i2d function to use with this type */
i2d_fn *i2d;
/* The d2i function to use with this type */
d2i_fn *d2i;
/* Function to free a decoded structure */
ifree_fn *ifree;
} TEST_PACKAGE;
/* To facilitate the creation of an encdec_data array */
#define ENCDEC_DATA(num, znum) \
{ 0xff, num, 1 }, { 0xff, 1, znum }
#define ENCDEC_ARRAY(max, zmax, min, zmin) \
ENCDEC_DATA(max,zmax), \
ENCDEC_DATA(min,zmin), \
ENCDEC_DATA(1, 1), \
ENCDEC_DATA(-1, -1), \
ENCDEC_DATA(0, ASN1_LONG_UNDEF)
#if OPENSSL_API_COMPAT < 0x10200000L
/***** LONG ******************************************************************/
typedef struct {
/* If decoding is expected to succeed, set this to 1, otherwise 0 */
ASN1_BOOLEAN success;
long test_long;
long test_zlong;
} ASN1_LONG_DATA;
ASN1_SEQUENCE(ASN1_LONG_DATA) = {
ASN1_SIMPLE(ASN1_LONG_DATA, success, ASN1_FBOOLEAN),
ASN1_SIMPLE(ASN1_LONG_DATA, test_long, LONG),
ASN1_EXP_OPT(ASN1_LONG_DATA, test_zlong, ZLONG, 0)
} static_ASN1_SEQUENCE_END(ASN1_LONG_DATA)
IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_LONG_DATA)
IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_LONG_DATA)
static ASN1_LONG_DATA long_expected_32bit[] = {
/* The following should fail on the second because it's the default */
{ 0xff, 0, 1 }, { 0, 0, 0 }, /* t_zero */
{ 0, 0, 0 }, { 0xff, 1, 0x7fffffff }, /* t_longundef */
CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
CUSTOM_EXPECTED_SUCCESS(-1, -1), /* t_one_neg */
CUSTOM_EXPECTED_SUCCESS(-256, -256), /* t_minus_256 */
CUSTOM_EXPECTED_FAILURE, /* t_9bytes_1 */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_1 */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_2 */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_3_pad */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_4_neg */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_5_negpad */
CUSTOM_EXPECTED_FAILURE, /* t_5bytes_1 */
CUSTOM_EXPECTED_FAILURE, /* t_4bytes_1 (too large positive) */
CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX -1), /* t_4bytes_2 */
CUSTOM_EXPECTED_FAILURE, /* t_4bytes_3_pad (illegal padding) */
CUSTOM_EXPECTED_SUCCESS(INT32_MIN, INT32_MIN), /* t_4bytes_4_neg */
CUSTOM_EXPECTED_FAILURE, /* t_4bytes_5_negpad (illegal padding) */
};
static ASN1_LONG_DATA long_encdec_data_32bit[] = {
ENCDEC_ARRAY(LONG_MAX - 1, LONG_MAX, LONG_MIN, LONG_MIN),
/* Check that default numbers fail */
{ 0, ASN1_LONG_UNDEF, 1 }, { 0, 1, 0 }
};
static TEST_PACKAGE long_test_package_32bit = {
ASN1_ITEM_ref(ASN1_LONG_DATA), "LONG", sizeof(long) != 4,
long_expected_32bit,
sizeof(long_expected_32bit), sizeof(long_expected_32bit[0]),
long_encdec_data_32bit,
sizeof(long_encdec_data_32bit), sizeof(long_encdec_data_32bit[0]),
(i2d_fn *)i2d_ASN1_LONG_DATA, (d2i_fn *)d2i_ASN1_LONG_DATA,
(ifree_fn *)ASN1_LONG_DATA_free
};
static ASN1_LONG_DATA long_expected_64bit[] = {
/* The following should fail on the second because it's the default */
{ 0xff, 0, 1 }, { 0, 0, 0 }, /* t_zero */
{ 0, 0, 0 }, { 0xff, 1, 0x7fffffff }, /* t_longundef */
CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
CUSTOM_EXPECTED_SUCCESS(-1, -1), /* t_one_neg */
CUSTOM_EXPECTED_SUCCESS(-256, -256), /* t_minus_256 */
CUSTOM_EXPECTED_FAILURE, /* t_9bytes_1 */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_1 */
CUSTOM_EXPECTED_SUCCESS(LONG_MAX, LONG_MAX), /* t_8bytes_2 */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_3_pad (illegal padding) */
CUSTOM_EXPECTED_SUCCESS(LONG_MIN, LONG_MIN), /* t_8bytes_4_neg */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_5_negpad (illegal padding) */
CUSTOM_EXPECTED_SUCCESS((long)0x1ffffffff, (long)0x1ffffffff), /* t_5bytes_1 */
CUSTOM_EXPECTED_SUCCESS((long)0x80000000, (long)0x80000000), /* t_4bytes_1 */
CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX -1), /* t_4bytes_2 */
CUSTOM_EXPECTED_FAILURE, /* t_4bytes_3_pad (illegal padding) */
CUSTOM_EXPECTED_SUCCESS(INT32_MIN, INT32_MIN), /* t_4bytes_4_neg */
CUSTOM_EXPECTED_FAILURE, /* t_4bytes_5_negpad (illegal padding) */
};
static ASN1_LONG_DATA long_encdec_data_64bit[] = {
ENCDEC_ARRAY(LONG_MAX, LONG_MAX, LONG_MIN, LONG_MIN),
/* Check that default numbers fail */
{ 0, ASN1_LONG_UNDEF, 1 }, { 0, 1, 0 }
};
static TEST_PACKAGE long_test_package_64bit = {
ASN1_ITEM_ref(ASN1_LONG_DATA), "LONG", sizeof(long) != 8,
long_expected_64bit,
sizeof(long_expected_64bit), sizeof(long_expected_64bit[0]),
long_encdec_data_64bit,
sizeof(long_encdec_data_64bit), sizeof(long_encdec_data_64bit[0]),
(i2d_fn *)i2d_ASN1_LONG_DATA, (d2i_fn *)d2i_ASN1_LONG_DATA,
(ifree_fn *)ASN1_LONG_DATA_free
};
#endif
/***** INT32 *****************************************************************/
typedef struct {
ASN1_BOOLEAN success;
int32_t test_int32;
int32_t test_zint32;
} ASN1_INT32_DATA;
ASN1_SEQUENCE(ASN1_INT32_DATA) = {
ASN1_SIMPLE(ASN1_INT32_DATA, success, ASN1_FBOOLEAN),
ASN1_EMBED(ASN1_INT32_DATA, test_int32, INT32),
ASN1_EXP_OPT_EMBED(ASN1_INT32_DATA, test_zint32, ZINT32, 0)
} static_ASN1_SEQUENCE_END(ASN1_INT32_DATA)
IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_INT32_DATA)
IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_INT32_DATA)
static ASN1_INT32_DATA int32_expected[] = {
CUSTOM_EXPECTED_SUCCESS(0, 0), /* t_zero */
CUSTOM_EXPECTED_SUCCESS(ASN1_LONG_UNDEF, ASN1_LONG_UNDEF), /* t_zero */
CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
CUSTOM_EXPECTED_SUCCESS(-1, -1), /* t_one_neg */
CUSTOM_EXPECTED_SUCCESS(-256, -256), /* t_minus_256 */
CUSTOM_EXPECTED_FAILURE, /* t_9bytes_1 */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_1 */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_2 */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_3_pad */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_4_neg */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_5_negpad */
CUSTOM_EXPECTED_FAILURE, /* t_5bytes_1 */
CUSTOM_EXPECTED_FAILURE, /* t_4bytes_1 (too large positive) */
CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX -1), /* t_4bytes_2 */
CUSTOM_EXPECTED_FAILURE, /* t_4bytes_3_pad (illegal padding) */
CUSTOM_EXPECTED_SUCCESS(INT32_MIN, INT32_MIN), /* t_4bytes_4_neg */
CUSTOM_EXPECTED_FAILURE, /* t_4bytes_5_negpad (illegal padding) */
};
static ASN1_INT32_DATA int32_encdec_data[] = {
ENCDEC_ARRAY(INT32_MAX, INT32_MAX, INT32_MIN, INT32_MIN),
};
static TEST_PACKAGE int32_test_package = {
ASN1_ITEM_ref(ASN1_INT32_DATA), "INT32", 0,
int32_expected, sizeof(int32_expected), sizeof(int32_expected[0]),
int32_encdec_data, sizeof(int32_encdec_data), sizeof(int32_encdec_data[0]),
(i2d_fn *)i2d_ASN1_INT32_DATA, (d2i_fn *)d2i_ASN1_INT32_DATA,
(ifree_fn *)ASN1_INT32_DATA_free
};
/***** UINT32 ****************************************************************/
typedef struct {
ASN1_BOOLEAN success;
uint32_t test_uint32;
uint32_t test_zuint32;
} ASN1_UINT32_DATA;
ASN1_SEQUENCE(ASN1_UINT32_DATA) = {
ASN1_SIMPLE(ASN1_UINT32_DATA, success, ASN1_FBOOLEAN),
ASN1_EMBED(ASN1_UINT32_DATA, test_uint32, UINT32),
ASN1_EXP_OPT_EMBED(ASN1_UINT32_DATA, test_zuint32, ZUINT32, 0)
} static_ASN1_SEQUENCE_END(ASN1_UINT32_DATA)
IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_UINT32_DATA)
IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_UINT32_DATA)
static ASN1_UINT32_DATA uint32_expected[] = {
CUSTOM_EXPECTED_SUCCESS(0, 0), /* t_zero */
CUSTOM_EXPECTED_SUCCESS(ASN1_LONG_UNDEF, ASN1_LONG_UNDEF), /* t_zero */
CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
CUSTOM_EXPECTED_FAILURE, /* t_one_neg (illegal negative value) */
CUSTOM_EXPECTED_FAILURE, /* t_minus_256 (illegal negative value) */
CUSTOM_EXPECTED_FAILURE, /* t_9bytes_1 */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_1 */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_2 */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_3_pad */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_4_neg */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_5_negpad */
CUSTOM_EXPECTED_FAILURE, /* t_5bytes_1 */
CUSTOM_EXPECTED_SUCCESS(0x80000000, 0x80000000), /* t_4bytes_1 */
CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX -1), /* t_4bytes_2 */
CUSTOM_EXPECTED_FAILURE, /* t_4bytes_3_pad (illegal padding) */
CUSTOM_EXPECTED_FAILURE, /* t_4bytes_4_neg (illegal negative value) */
CUSTOM_EXPECTED_FAILURE, /* t_4bytes_5_negpad (illegal padding) */
};
static ASN1_UINT32_DATA uint32_encdec_data[] = {
ENCDEC_ARRAY(UINT32_MAX, UINT32_MAX, 0, 0),
};
static TEST_PACKAGE uint32_test_package = {
ASN1_ITEM_ref(ASN1_UINT32_DATA), "UINT32", 0,
uint32_expected, sizeof(uint32_expected), sizeof(uint32_expected[0]),
uint32_encdec_data, sizeof(uint32_encdec_data), sizeof(uint32_encdec_data[0]),
(i2d_fn *)i2d_ASN1_UINT32_DATA, (d2i_fn *)d2i_ASN1_UINT32_DATA,
(ifree_fn *)ASN1_UINT32_DATA_free
};
/***** INT64 *****************************************************************/
typedef struct {
ASN1_BOOLEAN success;
int64_t test_int64;
int64_t test_zint64;
} ASN1_INT64_DATA;
ASN1_SEQUENCE(ASN1_INT64_DATA) = {
ASN1_SIMPLE(ASN1_INT64_DATA, success, ASN1_FBOOLEAN),
ASN1_EMBED(ASN1_INT64_DATA, test_int64, INT64),
ASN1_EXP_OPT_EMBED(ASN1_INT64_DATA, test_zint64, ZINT64, 0)
} static_ASN1_SEQUENCE_END(ASN1_INT64_DATA)
IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_INT64_DATA)
IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_INT64_DATA)
static ASN1_INT64_DATA int64_expected[] = {
CUSTOM_EXPECTED_SUCCESS(0, 0), /* t_zero */
CUSTOM_EXPECTED_SUCCESS(ASN1_LONG_UNDEF, ASN1_LONG_UNDEF), /* t_zero */
CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
CUSTOM_EXPECTED_SUCCESS(-1, -1), /* t_one_neg */
CUSTOM_EXPECTED_SUCCESS(-256, -256), /* t_minus_256 */
CUSTOM_EXPECTED_FAILURE, /* t_9bytes_1 */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_1 (too large positive) */
CUSTOM_EXPECTED_SUCCESS(INT64_MAX, INT64_MAX), /* t_8bytes_2 */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_3_pad (illegal padding) */
CUSTOM_EXPECTED_SUCCESS(INT64_MIN, INT64_MIN), /* t_8bytes_4_neg */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_5_negpad (illegal padding) */
CUSTOM_EXPECTED_SUCCESS(0x1ffffffff, 0x1ffffffff), /* t_5bytes_1 */
CUSTOM_EXPECTED_SUCCESS(0x80000000, 0x80000000), /* t_4bytes_1 */
CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX -1), /* t_4bytes_2 */
CUSTOM_EXPECTED_FAILURE, /* t_4bytes_3_pad (illegal padding) */
CUSTOM_EXPECTED_SUCCESS(INT32_MIN, INT32_MIN), /* t_4bytes_4_neg */
CUSTOM_EXPECTED_FAILURE, /* t_4bytes_5_negpad (illegal padding) */
};
static ASN1_INT64_DATA int64_encdec_data[] = {
ENCDEC_ARRAY(INT64_MAX, INT64_MAX, INT64_MIN, INT64_MIN),
ENCDEC_ARRAY(INT32_MAX, INT32_MAX, INT32_MIN, INT32_MIN),
};
static TEST_PACKAGE int64_test_package = {
ASN1_ITEM_ref(ASN1_INT64_DATA), "INT64", 0,
int64_expected, sizeof(int64_expected), sizeof(int64_expected[0]),
int64_encdec_data, sizeof(int64_encdec_data), sizeof(int64_encdec_data[0]),
(i2d_fn *)i2d_ASN1_INT64_DATA, (d2i_fn *)d2i_ASN1_INT64_DATA,
(ifree_fn *)ASN1_INT64_DATA_free
};
/***** UINT64 ****************************************************************/
typedef struct {
ASN1_BOOLEAN success;
uint64_t test_uint64;
uint64_t test_zuint64;
} ASN1_UINT64_DATA;
ASN1_SEQUENCE(ASN1_UINT64_DATA) = {
ASN1_SIMPLE(ASN1_UINT64_DATA, success, ASN1_FBOOLEAN),
ASN1_EMBED(ASN1_UINT64_DATA, test_uint64, UINT64),
ASN1_EXP_OPT_EMBED(ASN1_UINT64_DATA, test_zuint64, ZUINT64, 0)
} static_ASN1_SEQUENCE_END(ASN1_UINT64_DATA)
IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_UINT64_DATA)
IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_UINT64_DATA)
static ASN1_UINT64_DATA uint64_expected[] = {
CUSTOM_EXPECTED_SUCCESS(0, 0), /* t_zero */
CUSTOM_EXPECTED_SUCCESS(ASN1_LONG_UNDEF, ASN1_LONG_UNDEF), /* t_zero */
CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
CUSTOM_EXPECTED_FAILURE, /* t_one_neg (illegal negative value) */
CUSTOM_EXPECTED_FAILURE, /* t_minus_256 (illegal negative value) */
CUSTOM_EXPECTED_FAILURE, /* t_9bytes_1 */
CUSTOM_EXPECTED_SUCCESS((uint64_t)INT64_MAX+1, (uint64_t)INT64_MAX+1),
/* t_8bytes_1 */
CUSTOM_EXPECTED_SUCCESS(INT64_MAX, INT64_MAX), /* t_8bytes_2 */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_3_pad */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_4_neg */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_5_negpad */
CUSTOM_EXPECTED_SUCCESS(0x1ffffffff, 0x1ffffffff), /* t_5bytes_1 */
CUSTOM_EXPECTED_SUCCESS(0x80000000, 0x80000000), /* t_4bytes_1 */
CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX -1), /* t_4bytes_2 */
CUSTOM_EXPECTED_FAILURE, /* t_4bytes_3_pad (illegal padding) */
CUSTOM_EXPECTED_FAILURE, /* t_4bytes_4_neg (illegal negative value) */
CUSTOM_EXPECTED_FAILURE, /* t_4bytes_5_negpad (illegal padding) */
};
static ASN1_UINT64_DATA uint64_encdec_data[] = {
ENCDEC_ARRAY(UINT64_MAX, UINT64_MAX, 0, 0),
};
static TEST_PACKAGE uint64_test_package = {
ASN1_ITEM_ref(ASN1_UINT64_DATA), "UINT64", 0,
uint64_expected, sizeof(uint64_expected), sizeof(uint64_expected[0]),
uint64_encdec_data, sizeof(uint64_encdec_data), sizeof(uint64_encdec_data[0]),
(i2d_fn *)i2d_ASN1_UINT64_DATA, (d2i_fn *)d2i_ASN1_UINT64_DATA,
(ifree_fn *)ASN1_UINT64_DATA_free
};
/***** General testing functions *********************************************/
/* Template structure to map onto any test data structure */
typedef struct {
ASN1_BOOLEAN success;
unsigned char bytes[1]; /* In reality, there's more */
} EXPECTED;
/*
* do_decode returns a tristate:
*
* -1 Couldn't decode
* 0 decoded structure wasn't what was expected (failure)
* 1 decoded structure was what was expected (success)
*/
static int do_decode(unsigned char *bytes, long nbytes,
const EXPECTED *expected, size_t expected_size,
const TEST_PACKAGE *package)
{
EXPECTED *enctst = NULL;
const unsigned char *start;
int ret = 0;
start = bytes;
enctst = package->d2i(NULL, &bytes, nbytes);
if (enctst == NULL) {
if (expected->success == 0) {
ret = 1;
ERR_clear_error();
} else {
ret = -1;
}
} else {
if (start + nbytes == bytes
&& memcmp(enctst, expected, expected_size) == 0)
ret = 1;
else
ret = 0;
}
package->ifree(enctst);
return ret;
}
/*
* do_encode returns a tristate:
*
* -1 Couldn't encode
* 0 encoded DER wasn't what was expected (failure)
* 1 encoded DER was what was expected (success)
*/
static int do_encode(EXPECTED *input,
const unsigned char *expected, size_t expected_len,
const TEST_PACKAGE *package)
{
unsigned char *data = NULL;
int len;
int ret = 0;
len = package->i2d(input, &data);
if (len < 0)
return -1;
if ((size_t)len != expected_len
|| memcmp(data, expected, expected_len) != 0) {
if (input->success == 0) {
ret = 1;
ERR_clear_error();
} else {
ret = 0;
}
} else {
ret = 1;
}
OPENSSL_free(data);
return ret;
}
/* Do an encode/decode round trip */
static int do_enc_dec(EXPECTED *bytes, long nbytes,
const TEST_PACKAGE *package)
{
unsigned char *data = NULL;
int len;
int ret = 0;
void *p = bytes;
len = package->i2d(p, &data);
if (len < 0)
return -1;
ret = do_decode(data, len, bytes, nbytes, package);
OPENSSL_free(data);
return ret;
}
static size_t der_encode_length(size_t len, unsigned char **pp)
{
size_t lenbytes;
OPENSSL_assert(len < 0x8000);
if (len > 255)
lenbytes = 3;
else if (len > 127)
lenbytes = 2;
else
lenbytes = 1;
if (pp != NULL) {
if (lenbytes == 1) {
*(*pp)++ = (unsigned char)len;
} else {
*(*pp)++ = (unsigned char)(lenbytes - 1);
if (lenbytes == 2) {
*(*pp)++ = (unsigned char)(0x80 | len);
} else {
*(*pp)++ = (unsigned char)(0x80 | (len >> 8));
*(*pp)++ = (unsigned char)(len);
}
}
}
return lenbytes;
}
static size_t make_custom_der(const TEST_CUSTOM_DATA *custom_data,
unsigned char **encoding, int explicit_default)
{
size_t firstbytes, secondbytes = 0, secondbytesinner = 0, seqbytes;
const unsigned char t_true[] = { V_ASN1_BOOLEAN, 0x01, 0xff };
unsigned char *p = NULL;
size_t i;
/*
* The first item is just an INTEGER tag, INTEGER length and INTEGER content
*/
firstbytes =
1 + der_encode_length(custom_data->nbytes1, NULL)
+ custom_data->nbytes1;
for (i = custom_data->nbytes2; i > 0; i--) {
if (custom_data->bytes2[i - 1] != '\0')
break;
}
if (explicit_default || i > 0) {
/*
* The second item is an explicit tag, content length, INTEGER tag,
* INTEGER length, INTEGER bytes
*/
secondbytesinner =
1 + der_encode_length(custom_data->nbytes2, NULL)
+ custom_data->nbytes2;
secondbytes =
1 + der_encode_length(secondbytesinner, NULL) + secondbytesinner;
}
/*
* The whole sequence is the sequence tag, content length, BOOLEAN true
* (copied from t_true), the first (firstbytes) and second (secondbytes)
* items
*/
seqbytes =
1 + der_encode_length(sizeof(t_true) + firstbytes + secondbytes, NULL)
+ sizeof(t_true) + firstbytes + secondbytes;
*encoding = p = OPENSSL_malloc(seqbytes);
if (*encoding == NULL)
return 0;
/* Sequence tag */
*p++ = 0x30;
der_encode_length(sizeof(t_true) + firstbytes + secondbytes, &p);
/* ASN1_BOOLEAN TRUE */
memcpy(p, t_true, sizeof(t_true)); /* Marks decoding success */
p += sizeof(t_true);
/* First INTEGER item (non-optional) */
*p++ = V_ASN1_INTEGER;
der_encode_length(custom_data->nbytes1, &p);
memcpy(p, custom_data->bytes1, custom_data->nbytes1);
p += custom_data->nbytes1;
if (secondbytes > 0) {
/* Second INTEGER item (optional) */
/* Start with the explicit optional tag */
*p++ = 0xa0;
der_encode_length(secondbytesinner, &p);
*p++ = V_ASN1_INTEGER;
der_encode_length(custom_data->nbytes2, &p);
memcpy(p, custom_data->bytes2, custom_data->nbytes2);
p += custom_data->nbytes2;
}
OPENSSL_assert(seqbytes == (size_t)(p - *encoding));
return seqbytes;
}
/* Attempt to decode a custom encoding of the test structure */
static int do_decode_custom(const TEST_CUSTOM_DATA *custom_data,
const EXPECTED *expected, size_t expected_size,
const TEST_PACKAGE *package)
{
unsigned char *encoding = NULL;
/*
* We force the defaults to be explicitly encoded to make sure we test
* for defaults that shouldn't be present (i.e. we check for failure)
*/
size_t encoding_length = make_custom_der(custom_data, &encoding, 1);
int ret;
if (encoding_length == 0)
return -1;
ret = do_decode(encoding, encoding_length, expected, expected_size,
package);
OPENSSL_free(encoding);
return ret;
}
/* Attempt to encode the test structure and compare it to custom DER */
static int do_encode_custom(EXPECTED *input,
const TEST_CUSTOM_DATA *custom_data,
const TEST_PACKAGE *package)
{
unsigned char *expected = NULL;
size_t expected_length = make_custom_der(custom_data, &expected, 0);
int ret;
if (expected_length == 0)
return -1;
ret = do_encode(input, expected, expected_length, package);
OPENSSL_free(expected);
return ret;
}
static int do_print_item(const TEST_PACKAGE *package)
{
#define DATA_BUF_SIZE 256
const ASN1_ITEM *i = ASN1_ITEM_ptr(package->asn1_type);
ASN1_VALUE *o;
int ret;
OPENSSL_assert(package->encode_expectations_elem_size <= DATA_BUF_SIZE);
if ((o = OPENSSL_malloc(DATA_BUF_SIZE)) == NULL)
return 0;
(void)RAND_bytes((unsigned char*)o,
(int)package->encode_expectations_elem_size);
ret = ASN1_item_print(bio_err, o, 0, i, NULL);
OPENSSL_free(o);
return ret;
}
static int test_intern(const TEST_PACKAGE *package)
{
unsigned int i;
size_t nelems;
int fail = 0;
if (package->skip)
return 1;
/* Do decode_custom checks */
nelems = package->encode_expectations_size
/ package->encode_expectations_elem_size;
OPENSSL_assert(nelems ==
sizeof(test_custom_data) / sizeof(test_custom_data[0]));
for (i = 0; i < nelems; i++) {
size_t pos = i * package->encode_expectations_elem_size;
switch (do_encode_custom((EXPECTED *)&((unsigned char *)package
->encode_expectations)[pos],
&test_custom_data[i], package)) {
case -1:
TEST_error("Failed custom encode round trip %u of %s",
i, package->name);
TEST_openssl_errors();
fail++;
break;
case 0:
TEST_error("Custom encode round trip %u of %s mismatch",
i, package->name);
TEST_openssl_errors();
fail++;
break;
case 1:
break;
default:
OPENSSL_die("do_encode_custom() return unknown value",
__FILE__, __LINE__);
}
switch (do_decode_custom(&test_custom_data[i],
(EXPECTED *)&((unsigned char *)package
->encode_expectations)[pos],
package->encode_expectations_elem_size,
package)) {
case -1:
TEST_error("Failed custom decode round trip %u of %s",
i, package->name);
TEST_openssl_errors();
fail++;
break;
case 0:
TEST_error("Custom decode round trip %u of %s mismatch",
i, package->name);
TEST_openssl_errors();
fail++;
break;
case 1:
break;
default:
OPENSSL_die("do_decode_custom() return unknown value",
__FILE__, __LINE__);
}
}
/* Do enc_dec checks */
nelems = package->encdec_data_size / package->encdec_data_elem_size;
for (i = 0; i < nelems; i++) {
size_t pos = i * package->encdec_data_elem_size;
switch (do_enc_dec((EXPECTED *)&((unsigned char *)package
->encdec_data)[pos],
package->encdec_data_elem_size,
package)) {
case -1:
TEST_error("Failed encode/decode round trip %u of %s",
i, package->name);
TEST_openssl_errors();
fail++;
break;
case 0:
TEST_error("Encode/decode round trip %u of %s mismatch",
i, package->name);
fail++;
break;
case 1:
break;
default:
OPENSSL_die("do_enc_dec() return unknown value",
__FILE__, __LINE__);
}
}
if (!do_print_item(package)) {
TEST_error("Printing of %s failed", package->name);
TEST_openssl_errors();
fail++;
}
return fail == 0;
}
#if OPENSSL_API_COMPAT < 0x10200000L
static int test_long_32bit(void)
{
return test_intern(&long_test_package_32bit);
}
static int test_long_64bit(void)
{
return test_intern(&long_test_package_64bit);
}
#endif
static int test_int32(void)
{
return test_intern(&int32_test_package);
}
static int test_uint32(void)
{
return test_intern(&uint32_test_package);
}
static int test_int64(void)
{
return test_intern(&int64_test_package);
}
static int test_uint64(void)
{
return test_intern(&uint64_test_package);
}
int setup_tests(void)
{
#if OPENSSL_API_COMPAT < 0x10200000L
ADD_TEST(test_long_32bit);
ADD_TEST(test_long_64bit);
#endif
ADD_TEST(test_int32);
ADD_TEST(test_uint32);
ADD_TEST(test_int64);
ADD_TEST(test_uint64);
return 1;
}

115
test/asn1_internal_test.c Normal file
View File

@@ -0,0 +1,115 @@
/*
* Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Internal tests for the asn1 module */
#include <stdio.h>
#include <string.h>
#include <openssl/asn1.h>
#include <openssl/evp.h>
#include <openssl/objects.h>
#include "testutil.h"
#include "internal/nelem.h"
/**********************************************************************
*
* Test of a_strnid's tbl_standard
*
***/
#include "../crypto/asn1/tbl_standard.h"
static int test_tbl_standard(void)
{
const ASN1_STRING_TABLE *tmp;
int last_nid = -1;
size_t i;
for (tmp = tbl_standard, i = 0; i < OSSL_NELEM(tbl_standard); i++, tmp++) {
if (tmp->nid < last_nid) {
last_nid = 0;
break;
}
last_nid = tmp->nid;
}
if (TEST_int_ne(last_nid, 0)) {
TEST_info("asn1 tbl_standard: Table order OK");
return 1;
}
TEST_info("asn1 tbl_standard: out of order");
for (tmp = tbl_standard, i = 0; i < OSSL_NELEM(tbl_standard); i++, tmp++)
TEST_note("asn1 tbl_standard: Index %zu, NID %d, Name=%s",
i, tmp->nid, OBJ_nid2ln(tmp->nid));
return 0;
}
/**********************************************************************
*
* Test of ameth_lib's standard_methods
*
***/
#include "internal/asn1_int.h"
#include "../crypto/asn1/standard_methods.h"
static int test_standard_methods(void)
{
const EVP_PKEY_ASN1_METHOD **tmp;
int last_pkey_id = -1;
size_t i;
int ok = 1;
for (tmp = standard_methods, i = 0; i < OSSL_NELEM(standard_methods);
i++, tmp++) {
if ((*tmp)->pkey_id < last_pkey_id) {
last_pkey_id = 0;
break;
}
last_pkey_id = (*tmp)->pkey_id;
/*
* One of the following must be true:
*
* pem_str == NULL AND ASN1_PKEY_ALIAS is set
* pem_str != NULL AND ASN1_PKEY_ALIAS is clear
*
* Anything else is an error and may lead to a corrupt ASN1 method table
*/
if (!TEST_true(((*tmp)->pem_str == NULL && ((*tmp)->pkey_flags & ASN1_PKEY_ALIAS) != 0)
|| ((*tmp)->pem_str != NULL && ((*tmp)->pkey_flags & ASN1_PKEY_ALIAS) == 0))) {
TEST_note("asn1 standard methods: Index %zu, pkey ID %d, Name=%s",
i, (*tmp)->pkey_id, OBJ_nid2sn((*tmp)->pkey_id));
ok = 0;
}
}
if (TEST_int_ne(last_pkey_id, 0)) {
TEST_info("asn1 standard methods: Table order OK");
return ok;
}
TEST_note("asn1 standard methods: out of order");
for (tmp = standard_methods, i = 0; i < OSSL_NELEM(standard_methods);
i++, tmp++)
TEST_note("asn1 standard methods: Index %zu, pkey ID %d, Name=%s",
i, (*tmp)->pkey_id, OBJ_nid2sn((*tmp)->pkey_id));
return 0;
}
int setup_tests(void)
{
ADD_TEST(test_tbl_standard);
ADD_TEST(test_standard_methods);
return 1;
}

77
test/asn1_string_table_test.c Normal file
View File

@@ -0,0 +1,77 @@
/*
* Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Tests for the ANS1_STRING_TABLE_* functions */
#include <stdio.h>
#include <string.h>
#include <openssl/asn1.h>
#include "testutil.h"
static int test_string_tbl(void)
{
const ASN1_STRING_TABLE *tmp = NULL;
int nid = 12345678, nid2 = 87654321, rv = 0, ret = 0;
tmp = ASN1_STRING_TABLE_get(nid);
if (!TEST_ptr_null(tmp)) {
TEST_info("asn1 string table: ASN1_STRING_TABLE_get non-exist nid");
goto out;
}
ret = ASN1_STRING_TABLE_add(nid, -1, -1, MBSTRING_ASC, 0);
if (!TEST_true(ret)) {
TEST_info("asn1 string table: add NID(%d) failed", nid);
goto out;
}
ret = ASN1_STRING_TABLE_add(nid2, -1, -1, MBSTRING_ASC, 0);
if (!TEST_true(ret)) {
TEST_info("asn1 string table: add NID(%d) failed", nid2);
goto out;
}
tmp = ASN1_STRING_TABLE_get(nid);
if (!TEST_ptr(tmp)) {
TEST_info("asn1 string table: get NID(%d) failed", nid);
goto out;
}
tmp = ASN1_STRING_TABLE_get(nid2);
if (!TEST_ptr(tmp)) {
TEST_info("asn1 string table: get NID(%d) failed", nid2);
goto out;
}
ASN1_STRING_TABLE_cleanup();
/* check if all newly added NIDs are cleaned up */
tmp = ASN1_STRING_TABLE_get(nid);
if (!TEST_ptr_null(tmp)) {
TEST_info("asn1 string table: get NID(%d) failed", nid);
goto out;
}
tmp = ASN1_STRING_TABLE_get(nid2);
if (!TEST_ptr_null(tmp)) {
TEST_info("asn1 string table: get NID(%d) failed", nid2);
goto out;
}
rv = 1;
out:
return rv;
}
int setup_tests(void)
{
ADD_TEST(test_string_tbl);
return 1;
}

358
test/asn1_time_test.c Normal file
View File

@@ -0,0 +1,358 @@
/*
* Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Time tests for the asn1 module */
#include <stdio.h>
#include <string.h>
#include <openssl/asn1.h>
#include <openssl/evp.h>
#include <openssl/objects.h>
#include "testutil.h"
#include "internal/nelem.h"
struct testdata {
char *data; /* TIME string value */
int type; /* GENERALIZED OR UTC */
int expected_type; /* expected type after set/set_string_gmt */
int check_result; /* check result */
time_t t; /* expected time_t*/
int cmp_result; /* compariston to baseline result */
int convert_result; /* convertion result */
};
static struct testdata tbl_testdata_pos[] = {
{ "0", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, }, /* Bad time */
{ "ABCD", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, },
{ "0ABCD", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, },
{ "1-700101000000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, },
{ "`9700101000000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, },
{ "19700101000000Z", V_ASN1_UTCTIME, V_ASN1_UTCTIME, 0, 0, 0, 0, },
{ "A00101000000Z", V_ASN1_UTCTIME, V_ASN1_UTCTIME, 0, 0, 0, 0, },
{ "A9700101000000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, },
{ "1A700101000000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, },
{ "19A00101000000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, },
{ "197A0101000000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, },
{ "1970A101000000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, },
{ "19700A01000000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, },
{ "197001A1000000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, },
{ "1970010A000000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, },
{ "19700101A00000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, },
{ "197001010A0000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, },
{ "1970010100A000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, },
{ "19700101000A00Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, },
{ "197001010000A0Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, },
{ "1970010100000AZ", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, },
{ "700101000000X", V_ASN1_UTCTIME, V_ASN1_UTCTIME, 0, 0, 0, 0, },
{ "19700101000000X", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 0, 0, 0, 0, },
{ "19700101000000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 1, 0, -1, 1, }, /* Epoch begins */
{ "700101000000Z", V_ASN1_UTCTIME, V_ASN1_UTCTIME, 1, 0, -1, 1, }, /* ditto */
{ "20380119031407Z", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 1, 0x7FFFFFFF, 1, 1, }, /* Max 32bit time_t */
{ "380119031407Z", V_ASN1_UTCTIME, V_ASN1_UTCTIME, 1, 0x7FFFFFFF, 1, 1, },
{ "20371231235959Z", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 1, 2145916799, 1, 1, }, /* Just before 2038 */
{ "20371231235959Z", V_ASN1_UTCTIME, V_ASN1_UTCTIME, 0, 0, 0, 1, }, /* Bad UTC time */
{ "371231235959Z", V_ASN1_UTCTIME, V_ASN1_UTCTIME, 1, 2145916799, 1, 1, },
{ "19701006121456Z", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 1, 24063296, -1, 1, },
{ "701006121456Z", V_ASN1_UTCTIME, V_ASN1_UTCTIME, 1, 24063296, -1, 1, },
{ "19991231000000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 1, 946598400, 0, 1, }, /* Match baseline */
{ "199912310000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 1, 946598400, 0, 1, }, /* In various flavors */
{ "991231000000Z", V_ASN1_UTCTIME, V_ASN1_UTCTIME, 1, 946598400, 0, 1, },
{ "9912310000Z", V_ASN1_UTCTIME, V_ASN1_UTCTIME, 1, 946598400, 0, 1, },
{ "9912310000+0000", V_ASN1_UTCTIME, V_ASN1_UTCTIME, 1, 946598400, 0, 1, },
{ "199912310000+0000", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 1, 946598400, 0, 1, },
{ "9912310000-0000", V_ASN1_UTCTIME, V_ASN1_UTCTIME, 1, 946598400, 0, 1, },
{ "199912310000-0000", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 1, 946598400, 0, 1, },
{ "199912310100+0100", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 1, 946598400, 0, 1, },
{ "199912302300-0100", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 1, 946598400, 0, 1, },
{ "199912302300-A000", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 0, 946598400, 0, 1, },
{ "199912302300-0A00", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 0, 946598400, 0, 1, },
{ "9912310100+0100", V_ASN1_UTCTIME, V_ASN1_UTCTIME, 1, 946598400, 0, 1, },
{ "9912302300-0100", V_ASN1_UTCTIME, V_ASN1_UTCTIME, 1, 946598400, 0, 1, },
};
/* ASSUMES SIGNED TIME_T */
static struct testdata tbl_testdata_neg[] = {
{ "19011213204552Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 1, INT_MIN, -1, 0, },
{ "691006121456Z", V_ASN1_UTCTIME, V_ASN1_UTCTIME, 1, -7472704, -1, 1, },
{ "19691006121456Z", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 1, -7472704, -1, 1, },
};
/* explicit casts to time_t short warnings on systems with 32-bit time_t */
static struct testdata tbl_testdata_pos_64bit[] = {
{ "20380119031408Z", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 1, (time_t)0x80000000, 1, 1, },
{ "20380119031409Z", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 1, (time_t)0x80000001, 1, 1, },
{ "380119031408Z", V_ASN1_UTCTIME, V_ASN1_UTCTIME, 1, (time_t)0x80000000, 1, 1, },
{ "20500101120000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 1, (time_t)0x967b1ec0, 1, 0, },
};
/* ASSUMES SIGNED TIME_T */
static struct testdata tbl_testdata_neg_64bit[] = {
{ "19011213204551Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 1, (time_t)-2147483649LL, -1, 0, },
{ "19000101120000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 1, (time_t)-2208945600LL, -1, 0, },
};
/* A baseline time to compare to */
static ASN1_TIME gtime = {
15,
V_ASN1_GENERALIZEDTIME,
(unsigned char*)"19991231000000Z",
0
};
static time_t gtime_t = 946598400;
static int test_table(struct testdata *tbl, int idx)
{
int error = 0;
ASN1_TIME atime;
ASN1_TIME *ptime;
struct testdata *td = &tbl[idx];
int day, sec;
atime.data = (unsigned char*)td->data;
atime.length = strlen((char*)atime.data);
atime.type = td->type;
atime.flags = 0;
if (!TEST_int_eq(ASN1_TIME_check(&atime), td->check_result)) {
TEST_info("ASN1_TIME_check(%s) unexpected result", atime.data);
error = 1;
}
if (td->check_result == 0)
return 1;
if (!TEST_int_eq(ASN1_TIME_cmp_time_t(&atime, td->t), 0)) {
TEST_info("ASN1_TIME_cmp_time_t(%s vs %ld) compare failed", atime.data, (long)td->t);
error = 1;
}
if (!TEST_true(ASN1_TIME_diff(&day, &sec, &atime, &atime))) {
TEST_info("ASN1_TIME_diff(%s) to self failed", atime.data);
error = 1;
}
if (!TEST_int_eq(day, 0) || !TEST_int_eq(sec, 0)) {
TEST_info("ASN1_TIME_diff(%s) to self not equal", atime.data);
error = 1;
}
if (!TEST_true(ASN1_TIME_diff(&day, &sec, &gtime, &atime))) {
TEST_info("ASN1_TIME_diff(%s) to baseline failed", atime.data);
error = 1;
} else if (!((td->cmp_result == 0 && TEST_true((day == 0 && sec == 0))) ||
(td->cmp_result == -1 && TEST_true((day < 0 || sec < 0))) ||
(td->cmp_result == 1 && TEST_true((day > 0 || sec > 0))))) {
TEST_info("ASN1_TIME_diff(%s) to baseline bad comparison", atime.data);
error = 1;
}
if (!TEST_int_eq(ASN1_TIME_cmp_time_t(&atime, gtime_t), td->cmp_result)) {
TEST_info("ASN1_TIME_cmp_time_t(%s) to baseline bad comparison", atime.data);
error = 1;
}
ptime = ASN1_TIME_set(NULL, td->t);
if (!TEST_ptr(ptime)) {
TEST_info("ASN1_TIME_set(%ld) failed", (long)td->t);
error = 1;
} else {
int local_error = 0;
if (!TEST_int_eq(ASN1_TIME_cmp_time_t(ptime, td->t), 0)) {
TEST_info("ASN1_TIME_set(%ld) compare failed (%s->%s)",
(long)td->t, td->data, ptime->data);
local_error = error = 1;
}
if (!TEST_int_eq(ptime->type, td->expected_type)) {
TEST_info("ASN1_TIME_set(%ld) unexpected type", (long)td->t);
local_error = error = 1;
}
if (local_error)
TEST_info("ASN1_TIME_set() = %*s", ptime->length, ptime->data);
ASN1_TIME_free(ptime);
}
ptime = ASN1_TIME_new();
if (!TEST_ptr(ptime)) {
TEST_info("ASN1_TIME_new() failed");
error = 1;
} else {
int local_error = 0;
if (!TEST_int_eq(ASN1_TIME_set_string(ptime, td->data), td->check_result)) {
TEST_info("ASN1_TIME_set_string_gmt(%s) failed", td->data);
local_error = error = 1;
}
if (!TEST_int_eq(ASN1_TIME_normalize(ptime), td->check_result)) {
TEST_info("ASN1_TIME_normalize(%s) failed", td->data);
local_error = error = 1;
}
if (!TEST_int_eq(ptime->type, td->expected_type)) {
TEST_info("ASN1_TIME_set_string_gmt(%s) unexpected type", td->data);
local_error = error = 1;
}
day = sec = 0;
if (!TEST_true(ASN1_TIME_diff(&day, &sec, ptime, &atime)) || !TEST_int_eq(day, 0) || !TEST_int_eq(sec, 0)) {
TEST_info("ASN1_TIME_diff(day=%d, sec=%d, %s) after ASN1_TIME_set_string_gmt() failed", day, sec, td->data);
local_error = error = 1;
}
if (!TEST_int_eq(ASN1_TIME_cmp_time_t(ptime, gtime_t), td->cmp_result)) {
TEST_info("ASN1_TIME_cmp_time_t(%s) after ASN1_TIME_set_string_gnt() to baseline bad comparison", td->data);
local_error = error = 1;
}
if (local_error)
TEST_info("ASN1_TIME_set_string_gmt() = %*s", ptime->length, ptime->data);
ASN1_TIME_free(ptime);
}
ptime = ASN1_TIME_new();
if (!TEST_ptr(ptime)) {
TEST_info("ASN1_TIME_new() failed");
error = 1;
} else {
int local_error = 0;
if (!TEST_int_eq(ASN1_TIME_set_string(ptime, td->data), td->check_result)) {
TEST_info("ASN1_TIME_set_string(%s) failed", td->data);
local_error = error = 1;
}
day = sec = 0;
if (!TEST_true(ASN1_TIME_diff(&day, &sec, ptime, &atime)) || !TEST_int_eq(day, 0) || !TEST_int_eq(sec, 0)) {
TEST_info("ASN1_TIME_diff(day=%d, sec=%d, %s) after ASN1_TIME_set_string() failed", day, sec, td->data);
local_error = error = 1;
}
if (!TEST_int_eq(ASN1_TIME_cmp_time_t(ptime, gtime_t), td->cmp_result)) {
TEST_info("ASN1_TIME_cmp_time_t(%s) after ASN1_TIME_set_string() to baseline bad comparison", td->data);
local_error = error = 1;
}
if (local_error)
TEST_info("ASN1_TIME_set_string() = %*s", ptime->length, ptime->data);
ASN1_TIME_free(ptime);
}
if (td->type == V_ASN1_UTCTIME) {
ptime = ASN1_TIME_to_generalizedtime(&atime, NULL);
if (td->convert_result == 1 && !TEST_ptr(ptime)) {
TEST_info("ASN1_TIME_to_generalizedtime(%s) failed", atime.data);
error = 1;
} else if (td->convert_result == 0 && !TEST_ptr_null(ptime)) {
TEST_info("ASN1_TIME_to_generalizedtime(%s) should have failed", atime.data);
error = 1;
}
if (ptime != NULL && !TEST_int_eq(ASN1_TIME_cmp_time_t(ptime, td->t), 0)) {
TEST_info("ASN1_TIME_to_generalizedtime(%s->%s) bad result", atime.data, ptime->data);
error = 1;
}
ASN1_TIME_free(ptime);
}
/* else cannot simply convert GENERALIZEDTIME to UTCTIME */
if (error)
TEST_error("atime=%s", atime.data);
return !error;
}
static int test_table_pos(int idx)
{
return test_table(tbl_testdata_pos, idx);
}
static int test_table_neg(int idx)
{
return test_table(tbl_testdata_neg, idx);
}
static int test_table_pos_64bit(int idx)
{
return test_table(tbl_testdata_pos_64bit, idx);
}
static int test_table_neg_64bit(int idx)
{
return test_table(tbl_testdata_neg_64bit, idx);
}
struct compare_testdata {
ASN1_TIME t1;
ASN1_TIME t2;
int result;
};
static unsigned char TODAY_GEN_STR[] = "20170825000000Z";
static unsigned char TOMORROW_GEN_STR[] = "20170826000000Z";
static unsigned char TODAY_UTC_STR[] = "170825000000Z";
static unsigned char TOMORROW_UTC_STR[] = "170826000000Z";
#define TODAY_GEN { sizeof(TODAY_GEN_STR)-1, V_ASN1_GENERALIZEDTIME, TODAY_GEN_STR, 0 }
#define TOMORROW_GEN { sizeof(TOMORROW_GEN_STR)-1, V_ASN1_GENERALIZEDTIME, TOMORROW_GEN_STR, 0 }
#define TODAY_UTC { sizeof(TODAY_UTC_STR)-1, V_ASN1_UTCTIME, TODAY_UTC_STR, 0 }
#define TOMORROW_UTC { sizeof(TOMORROW_UTC_STR)-1, V_ASN1_UTCTIME, TOMORROW_UTC_STR, 0 }
static struct compare_testdata tbl_compare_testdata[] = {
{ TODAY_GEN, TODAY_GEN, 0 },
{ TODAY_GEN, TODAY_UTC, 0 },
{ TODAY_GEN, TOMORROW_GEN, -1 },
{ TODAY_GEN, TOMORROW_UTC, -1 },
{ TODAY_UTC, TODAY_GEN, 0 },
{ TODAY_UTC, TODAY_UTC, 0 },
{ TODAY_UTC, TOMORROW_GEN, -1 },
{ TODAY_UTC, TOMORROW_UTC, -1 },
{ TOMORROW_GEN, TODAY_GEN, 1 },
{ TOMORROW_GEN, TODAY_UTC, 1 },
{ TOMORROW_GEN, TOMORROW_GEN, 0 },
{ TOMORROW_GEN, TOMORROW_UTC, 0 },
{ TOMORROW_UTC, TODAY_GEN, 1 },
{ TOMORROW_UTC, TODAY_UTC, 1 },
{ TOMORROW_UTC, TOMORROW_GEN, 0 },
{ TOMORROW_UTC, TOMORROW_UTC, 0 }
};
static int test_table_compare(int idx)
{
struct compare_testdata *td = &tbl_compare_testdata[idx];
return TEST_int_eq(ASN1_TIME_compare(&td->t1, &td->t2), td->result);
}
int setup_tests(void)
{
/*
* On platforms where |time_t| is an unsigned integer, t will be a
* positive number.
*
* We check if we're on a platform with a signed |time_t| with '!(t > 0)'
* because some compilers are picky if you do 't < 0', or even 't <= 0'
* if |t| is unsigned.
*/
time_t t = -1;
/*
* On some platforms, |time_t| is signed, but a negative value is an
* error, and using it with gmtime() or localtime() generates a NULL.
* If that is the case, we can't perform tests on negative values.
*/
struct tm *ptm = localtime(&t);
ADD_ALL_TESTS(test_table_pos, OSSL_NELEM(tbl_testdata_pos));
if (!(t > 0) && ptm != NULL) {
TEST_info("Adding negative-sign time_t tests");
ADD_ALL_TESTS(test_table_neg, OSSL_NELEM(tbl_testdata_neg));
}
if (sizeof(time_t) > sizeof(uint32_t)) {
TEST_info("Adding 64-bit time_t tests");
ADD_ALL_TESTS(test_table_pos_64bit, OSSL_NELEM(tbl_testdata_pos_64bit));
#ifndef __hpux
if (!(t > 0) && ptm != NULL) {
TEST_info("Adding negative-sign 64-bit time_t tests");
ADD_ALL_TESTS(test_table_neg_64bit, OSSL_NELEM(tbl_testdata_neg_64bit));
}
#endif
}
ADD_ALL_TESTS(test_table_compare, OSSL_NELEM(tbl_compare_testdata));
return 1;
}

409
test/asynciotest.c Normal file
View File

@@ -0,0 +1,409 @@
/*
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL licenses, (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* https://www.openssl.org/source/license.html
* or in the file LICENSE in the source distribution.
*/
#include <string.h>
#include <openssl/ssl.h>
#include <openssl/bio.h>
#include <openssl/err.h>
#include "../ssl/packet_locl.h"
#include "ssltestlib.h"
#include "testutil.h"
/* Should we fragment records or not? 0 = no, !0 = yes*/
static int fragment = 0;
static char *cert = NULL;
static char *privkey = NULL;
static int async_new(BIO *bi);
static int async_free(BIO *a);
static int async_read(BIO *b, char *out, int outl);
static int async_write(BIO *b, const char *in, int inl);
static long async_ctrl(BIO *b, int cmd, long num, void *ptr);
static int async_gets(BIO *bp, char *buf, int size);
static int async_puts(BIO *bp, const char *str);
/* Choose a sufficiently large type likely to be unused for this custom BIO */
# define BIO_TYPE_ASYNC_FILTER (0x80 | BIO_TYPE_FILTER)
static BIO_METHOD *methods_async = NULL;
struct async_ctrs {
unsigned int rctr;
unsigned int wctr;
};
static const BIO_METHOD *bio_f_async_filter(void)
{
if (methods_async == NULL) {
methods_async = BIO_meth_new(BIO_TYPE_ASYNC_FILTER, "Async filter");
if ( methods_async == NULL
|| !BIO_meth_set_write(methods_async, async_write)
|| !BIO_meth_set_read(methods_async, async_read)
|| !BIO_meth_set_puts(methods_async, async_puts)
|| !BIO_meth_set_gets(methods_async, async_gets)
|| !BIO_meth_set_ctrl(methods_async, async_ctrl)
|| !BIO_meth_set_create(methods_async, async_new)
|| !BIO_meth_set_destroy(methods_async, async_free))
return NULL;
}
return methods_async;
}
static int async_new(BIO *bio)
{
struct async_ctrs *ctrs;
ctrs = OPENSSL_zalloc(sizeof(struct async_ctrs));
if (ctrs == NULL)
return 0;
BIO_set_data(bio, ctrs);
BIO_set_init(bio, 1);
return 1;
}
static int async_free(BIO *bio)
{
struct async_ctrs *ctrs;
if (bio == NULL)
return 0;
ctrs = BIO_get_data(bio);
OPENSSL_free(ctrs);
BIO_set_data(bio, NULL);
BIO_set_init(bio, 0);
return 1;
}
static int async_read(BIO *bio, char *out, int outl)
{
struct async_ctrs *ctrs;
int ret = 0;
BIO *next = BIO_next(bio);
if (outl <= 0)
return 0;
if (next == NULL)
return 0;
ctrs = BIO_get_data(bio);
BIO_clear_retry_flags(bio);
if (ctrs->rctr > 0) {
ret = BIO_read(next, out, 1);
if (ret <= 0 && BIO_should_read(next))
BIO_set_retry_read(bio);
ctrs->rctr = 0;
} else {
ctrs->rctr++;
BIO_set_retry_read(bio);
}
return ret;
}
#define MIN_RECORD_LEN 6
#define CONTENTTYPEPOS 0
#define VERSIONHIPOS 1
#define VERSIONLOPOS 2
#define DATAPOS 5
static int async_write(BIO *bio, const char *in, int inl)
{
struct async_ctrs *ctrs;
int ret = 0;
size_t written = 0;
BIO *next = BIO_next(bio);
if (inl <= 0)
return 0;
if (next == NULL)
return 0;
ctrs = BIO_get_data(bio);
BIO_clear_retry_flags(bio);
if (ctrs->wctr > 0) {
ctrs->wctr = 0;
if (fragment) {
PACKET pkt;
if (!PACKET_buf_init(&pkt, (const unsigned char *)in, inl))
return -1;
while (PACKET_remaining(&pkt) > 0) {
PACKET payload, wholebody, sessionid, extensions;
unsigned int contenttype, versionhi, versionlo, data;
unsigned int msgtype = 0, negversion = 0;
if (!PACKET_get_1(&pkt, &contenttype)
|| !PACKET_get_1(&pkt, &versionhi)
|| !PACKET_get_1(&pkt, &versionlo)
|| !PACKET_get_length_prefixed_2(&pkt, &payload))
return -1;
/* Pretend we wrote out the record header */
written += SSL3_RT_HEADER_LENGTH;
wholebody = payload;
if (contenttype == SSL3_RT_HANDSHAKE
&& !PACKET_get_1(&wholebody, &msgtype))
return -1;
if (msgtype == SSL3_MT_SERVER_HELLO) {
if (!PACKET_forward(&wholebody,
SSL3_HM_HEADER_LENGTH - 1)
|| !PACKET_get_net_2(&wholebody, &negversion)
/* Skip random (32 bytes) */
|| !PACKET_forward(&wholebody, 32)
/* Skip session id */
|| !PACKET_get_length_prefixed_1(&wholebody,
&sessionid)
/*
* Skip ciphersuite (2 bytes) and compression
* method (1 byte)
*/
|| !PACKET_forward(&wholebody, 2 + 1)
|| !PACKET_get_length_prefixed_2(&wholebody,
&extensions))
return -1;
/*
* Find the negotiated version in supported_versions
* extension, if present.
*/
while (PACKET_remaining(&extensions)) {
unsigned int type;
PACKET extbody;
if (!PACKET_get_net_2(&extensions, &type)
|| !PACKET_get_length_prefixed_2(&extensions,
&extbody))
return -1;
if (type == TLSEXT_TYPE_supported_versions
&& (!PACKET_get_net_2(&extbody, &negversion)
|| PACKET_remaining(&extbody) != 0))
return -1;
}
}
while (PACKET_get_1(&payload, &data)) {
/* Create a new one byte long record for each byte in the
* record in the input buffer
*/
char smallrec[MIN_RECORD_LEN] = {
0, /* Content type */
0, /* Version hi */
0, /* Version lo */
0, /* Length hi */
1, /* Length lo */
0 /* Data */
};
smallrec[CONTENTTYPEPOS] = contenttype;
smallrec[VERSIONHIPOS] = versionhi;
smallrec[VERSIONLOPOS] = versionlo;
smallrec[DATAPOS] = data;
ret = BIO_write(next, smallrec, MIN_RECORD_LEN);
if (ret <= 0)
return -1;
written++;
}
/*
* We can't fragment anything after the ServerHello (or CCS <=
* TLS1.2), otherwise we get a bad record MAC
*/
if (contenttype == SSL3_RT_CHANGE_CIPHER_SPEC
|| (negversion == TLS1_3_VERSION
&& msgtype == SSL3_MT_SERVER_HELLO)) {
fragment = 0;
break;
}
}
}
/* Write any data we have left after fragmenting */
ret = 0;
if ((int)written < inl) {
ret = BIO_write(next, in + written, inl - written);
}
if (ret <= 0 && BIO_should_write(next))
BIO_set_retry_write(bio);
else
ret += written;
} else {
ctrs->wctr++;
BIO_set_retry_write(bio);
}
return ret;
}
static long async_ctrl(BIO *bio, int cmd, long num, void *ptr)
{
long ret;
BIO *next = BIO_next(bio);
if (next == NULL)
return 0;
switch (cmd) {
case BIO_CTRL_DUP:
ret = 0L;
break;
default:
ret = BIO_ctrl(next, cmd, num, ptr);
break;
}
return ret;
}
static int async_gets(BIO *bio, char *buf, int size)
{
/* We don't support this - not needed anyway */
return -1;
}
static int async_puts(BIO *bio, const char *str)
{
return async_write(bio, str, strlen(str));
}
#define MAX_ATTEMPTS 100
static int test_asyncio(int test)
{
SSL_CTX *serverctx = NULL, *clientctx = NULL;
SSL *serverssl = NULL, *clientssl = NULL;
BIO *s_to_c_fbio = NULL, *c_to_s_fbio = NULL;
int testresult = 0, ret;
size_t i, j;
const char testdata[] = "Test data";
char buf[sizeof(testdata)];
if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(),
TLS1_VERSION, TLS_MAX_VERSION,
&serverctx, &clientctx, cert, privkey)))
goto end;
/*
* We do 2 test runs. The first time around we just do a normal handshake
* with lots of async io going on. The second time around we also break up
* all records so that the content is only one byte length (up until the
* CCS)
*/
if (test == 1)
fragment = 1;
s_to_c_fbio = BIO_new(bio_f_async_filter());
c_to_s_fbio = BIO_new(bio_f_async_filter());
if (!TEST_ptr(s_to_c_fbio)
|| !TEST_ptr(c_to_s_fbio)) {
BIO_free(s_to_c_fbio);
BIO_free(c_to_s_fbio);
goto end;
}
/* BIOs get freed on error */
if (!TEST_true(create_ssl_objects(serverctx, clientctx, &serverssl,
&clientssl, s_to_c_fbio, c_to_s_fbio))
|| !TEST_true(create_ssl_connection(serverssl, clientssl,
SSL_ERROR_NONE)))
goto end;
/*
* Send and receive some test data. Do the whole thing twice to ensure
* we hit at least one async event in both reading and writing
*/
for (j = 0; j < 2; j++) {
int len;
/*
* Write some test data. It should never take more than 2 attempts
* (the first one might be a retryable fail).
*/
for (ret = -1, i = 0, len = 0; len != sizeof(testdata) && i < 2;
i++) {
ret = SSL_write(clientssl, testdata + len,
sizeof(testdata) - len);
if (ret > 0) {
len += ret;
} else {
int ssl_error = SSL_get_error(clientssl, ret);
if (!TEST_false(ssl_error == SSL_ERROR_SYSCALL ||
ssl_error == SSL_ERROR_SSL))
goto end;
}
}
if (!TEST_size_t_eq(len, sizeof(testdata)))
goto end;
/*
* Now read the test data. It may take more attempts here because
* it could fail once for each byte read, including all overhead
* bytes from the record header/padding etc.
*/
for (ret = -1, i = 0, len = 0; len != sizeof(testdata) &&
i < MAX_ATTEMPTS; i++) {
ret = SSL_read(serverssl, buf + len, sizeof(buf) - len);
if (ret > 0) {
len += ret;
} else {
int ssl_error = SSL_get_error(serverssl, ret);
if (!TEST_false(ssl_error == SSL_ERROR_SYSCALL ||
ssl_error == SSL_ERROR_SSL))
goto end;
}
}
if (!TEST_mem_eq(testdata, sizeof(testdata), buf, len))
goto end;
}
/* Also frees the BIOs */
SSL_free(clientssl);
SSL_free(serverssl);
clientssl = serverssl = NULL;
testresult = 1;
end:
SSL_free(clientssl);
SSL_free(serverssl);
SSL_CTX_free(clientctx);
SSL_CTX_free(serverctx);
return testresult;
}
int setup_tests(void)
{
if (!TEST_ptr(cert = test_get_argument(0))
|| !TEST_ptr(privkey = test_get_argument(1)))
return 0;
ADD_ALL_TESTS(test_asyncio, 2);
return 1;
}
void cleanup_tests(void)
{
BIO_meth_free(methods_async);
}

291
test/asynctest.c Normal file
View File

@@ -0,0 +1,291 @@
/*
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifdef _WIN32
# include <windows.h>
#endif
#include <stdio.h>
#include <string.h>
#include <openssl/async.h>
#include <openssl/crypto.h>
static int ctr = 0;
static ASYNC_JOB *currjob = NULL;
static int only_pause(void *args)
{
ASYNC_pause_job();
return 1;
}
static int add_two(void *args)
{
ctr++;
ASYNC_pause_job();
ctr++;
return 2;
}
static int save_current(void *args)
{
currjob = ASYNC_get_current_job();
ASYNC_pause_job();
return 1;
}
#define MAGIC_WAIT_FD ((OSSL_ASYNC_FD)99)
static int waitfd(void *args)
{
ASYNC_JOB *job;
ASYNC_WAIT_CTX *waitctx;
job = ASYNC_get_current_job();
if (job == NULL)
return 0;
waitctx = ASYNC_get_wait_ctx(job);
if (waitctx == NULL)
return 0;
/* First case: no fd added or removed */
ASYNC_pause_job();
/* Second case: one fd added */
if (!ASYNC_WAIT_CTX_set_wait_fd(waitctx, waitctx, MAGIC_WAIT_FD, NULL, NULL))
return 0;
ASYNC_pause_job();
/* Third case: all fd removed */
if (!ASYNC_WAIT_CTX_clear_fd(waitctx, waitctx))
return 0;
ASYNC_pause_job();
/* Last case: fd added and immediately removed */
if (!ASYNC_WAIT_CTX_set_wait_fd(waitctx, waitctx, MAGIC_WAIT_FD, NULL, NULL))
return 0;
if (!ASYNC_WAIT_CTX_clear_fd(waitctx, waitctx))
return 0;
return 1;
}
static int blockpause(void *args)
{
ASYNC_block_pause();
ASYNC_pause_job();
ASYNC_unblock_pause();
ASYNC_pause_job();
return 1;
}
static int test_ASYNC_init_thread(void)
{
ASYNC_JOB *job1 = NULL, *job2 = NULL, *job3 = NULL;
int funcret1, funcret2, funcret3;
ASYNC_WAIT_CTX *waitctx = NULL;
if ( !ASYNC_init_thread(2, 0)
|| (waitctx = ASYNC_WAIT_CTX_new()) == NULL
|| ASYNC_start_job(&job1, waitctx, &funcret1, only_pause, NULL, 0)
!= ASYNC_PAUSE
|| ASYNC_start_job(&job2, waitctx, &funcret2, only_pause, NULL, 0)
!= ASYNC_PAUSE
|| ASYNC_start_job(&job3, waitctx, &funcret3, only_pause, NULL, 0)
!= ASYNC_NO_JOBS
|| ASYNC_start_job(&job1, waitctx, &funcret1, only_pause, NULL, 0)
!= ASYNC_FINISH
|| ASYNC_start_job(&job3, waitctx, &funcret3, only_pause, NULL, 0)
!= ASYNC_PAUSE
|| ASYNC_start_job(&job2, waitctx, &funcret2, only_pause, NULL, 0)
!= ASYNC_FINISH
|| ASYNC_start_job(&job3, waitctx, &funcret3, only_pause, NULL, 0)
!= ASYNC_FINISH
|| funcret1 != 1
|| funcret2 != 1
|| funcret3 != 1) {
fprintf(stderr, "test_ASYNC_init_thread() failed\n");
ASYNC_WAIT_CTX_free(waitctx);
ASYNC_cleanup_thread();
return 0;
}
ASYNC_WAIT_CTX_free(waitctx);
ASYNC_cleanup_thread();
return 1;
}
static int test_ASYNC_start_job(void)
{
ASYNC_JOB *job = NULL;
int funcret;
ASYNC_WAIT_CTX *waitctx = NULL;
ctr = 0;
if ( !ASYNC_init_thread(1, 0)
|| (waitctx = ASYNC_WAIT_CTX_new()) == NULL
|| ASYNC_start_job(&job, waitctx, &funcret, add_two, NULL, 0)
!= ASYNC_PAUSE
|| ctr != 1
|| ASYNC_start_job(&job, waitctx, &funcret, add_two, NULL, 0)
!= ASYNC_FINISH
|| ctr != 2
|| funcret != 2) {
fprintf(stderr, "test_ASYNC_start_job() failed\n");
ASYNC_WAIT_CTX_free(waitctx);
ASYNC_cleanup_thread();
return 0;
}
ASYNC_WAIT_CTX_free(waitctx);
ASYNC_cleanup_thread();
return 1;
}
static int test_ASYNC_get_current_job(void)
{
ASYNC_JOB *job = NULL;
int funcret;
ASYNC_WAIT_CTX *waitctx = NULL;
currjob = NULL;
if ( !ASYNC_init_thread(1, 0)
|| (waitctx = ASYNC_WAIT_CTX_new()) == NULL
|| ASYNC_start_job(&job, waitctx, &funcret, save_current, NULL, 0)
!= ASYNC_PAUSE
|| currjob != job
|| ASYNC_start_job(&job, waitctx, &funcret, save_current, NULL, 0)
!= ASYNC_FINISH
|| funcret != 1) {
fprintf(stderr, "test_ASYNC_get_current_job() failed\n");
ASYNC_WAIT_CTX_free(waitctx);
ASYNC_cleanup_thread();
return 0;
}
ASYNC_WAIT_CTX_free(waitctx);
ASYNC_cleanup_thread();
return 1;
}
static int test_ASYNC_WAIT_CTX_get_all_fds(void)
{
ASYNC_JOB *job = NULL;
int funcret;
ASYNC_WAIT_CTX *waitctx = NULL;
OSSL_ASYNC_FD fd = OSSL_BAD_ASYNC_FD, delfd = OSSL_BAD_ASYNC_FD;
size_t numfds, numdelfds;
if ( !ASYNC_init_thread(1, 0)
|| (waitctx = ASYNC_WAIT_CTX_new()) == NULL
/* On first run we're not expecting any wait fds */
|| ASYNC_start_job(&job, waitctx, &funcret, waitfd, NULL, 0)
!= ASYNC_PAUSE
|| !ASYNC_WAIT_CTX_get_all_fds(waitctx, NULL, &numfds)
|| numfds != 0
|| !ASYNC_WAIT_CTX_get_changed_fds(waitctx, NULL, &numfds, NULL,
&numdelfds)
|| numfds != 0
|| numdelfds != 0
/* On second run we're expecting one added fd */
|| ASYNC_start_job(&job, waitctx, &funcret, waitfd, NULL, 0)
!= ASYNC_PAUSE
|| !ASYNC_WAIT_CTX_get_all_fds(waitctx, NULL, &numfds)
|| numfds != 1
|| !ASYNC_WAIT_CTX_get_all_fds(waitctx, &fd, &numfds)
|| fd != MAGIC_WAIT_FD
|| (fd = OSSL_BAD_ASYNC_FD, 0) /* Assign to something else */
|| !ASYNC_WAIT_CTX_get_changed_fds(waitctx, NULL, &numfds, NULL,
&numdelfds)
|| numfds != 1
|| numdelfds != 0
|| !ASYNC_WAIT_CTX_get_changed_fds(waitctx, &fd, &numfds, NULL,
&numdelfds)
|| fd != MAGIC_WAIT_FD
/* On third run we expect one deleted fd */
|| ASYNC_start_job(&job, waitctx, &funcret, waitfd, NULL, 0)
!= ASYNC_PAUSE
|| !ASYNC_WAIT_CTX_get_all_fds(waitctx, NULL, &numfds)
|| numfds != 0
|| !ASYNC_WAIT_CTX_get_changed_fds(waitctx, NULL, &numfds, NULL,
&numdelfds)
|| numfds != 0
|| numdelfds != 1
|| !ASYNC_WAIT_CTX_get_changed_fds(waitctx, NULL, &numfds, &delfd,
&numdelfds)
|| delfd != MAGIC_WAIT_FD
/* On last run we are not expecting any wait fd */
|| ASYNC_start_job(&job, waitctx, &funcret, waitfd, NULL, 0)
!= ASYNC_FINISH
|| !ASYNC_WAIT_CTX_get_all_fds(waitctx, NULL, &numfds)
|| numfds != 0
|| !ASYNC_WAIT_CTX_get_changed_fds(waitctx, NULL, &numfds, NULL,
&numdelfds)
|| numfds != 0
|| numdelfds != 0
|| funcret != 1) {
fprintf(stderr, "test_ASYNC_get_wait_fd() failed\n");
ASYNC_WAIT_CTX_free(waitctx);
ASYNC_cleanup_thread();
return 0;
}
ASYNC_WAIT_CTX_free(waitctx);
ASYNC_cleanup_thread();
return 1;
}
static int test_ASYNC_block_pause(void)
{
ASYNC_JOB *job = NULL;
int funcret;
ASYNC_WAIT_CTX *waitctx = NULL;
if ( !ASYNC_init_thread(1, 0)
|| (waitctx = ASYNC_WAIT_CTX_new()) == NULL
|| ASYNC_start_job(&job, waitctx, &funcret, blockpause, NULL, 0)
!= ASYNC_PAUSE
|| ASYNC_start_job(&job, waitctx, &funcret, blockpause, NULL, 0)
!= ASYNC_FINISH
|| funcret != 1) {
fprintf(stderr, "test_ASYNC_block_pause() failed\n");
ASYNC_WAIT_CTX_free(waitctx);
ASYNC_cleanup_thread();
return 0;
}
ASYNC_WAIT_CTX_free(waitctx);
ASYNC_cleanup_thread();
return 1;
}
int main(int argc, char **argv)
{
if (!ASYNC_is_capable()) {
fprintf(stderr,
"OpenSSL build is not ASYNC capable - skipping async tests\n");
} else {
CRYPTO_set_mem_debug(1);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
if ( !test_ASYNC_init_thread()
|| !test_ASYNC_start_job()
|| !test_ASYNC_get_current_job()
|| !test_ASYNC_WAIT_CTX_get_all_fds()
|| !test_ASYNC_block_pause()) {
return 1;
}
}
printf("PASS\n");
return 0;
}

586
test/bad_dtls_test.c Normal file
View File

@@ -0,0 +1,586 @@
/*
* Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Unit test for Cisco DTLS1_BAD_VER session resume, as used by
* AnyConnect VPN protocol.
*
* This is designed to exercise the code paths in
* http://git.infradead.org/users/dwmw2/openconnect.git/blob/HEAD:/dtls.c
* which have frequently been affected by regressions in DTLS1_BAD_VER
* support.
*
* Note that unlike other SSL tests, we don't test against our own SSL
* server method. Firstly because we don't have one; we *only* support
* DTLS1_BAD_VER as a client. And secondly because even if that were
* fixed up it's the wrong thing to test against - because if changes
* are made in generic DTLS code which don't take DTLS1_BAD_VER into
* account, there's plenty of scope for making those changes such that
* they break *both* the client and the server in the same way.
*
* So we handle the server side manually. In a session resume there isn't
* much to be done anyway.
*/
#include <string.h>
#include <openssl/opensslconf.h>
#include <openssl/bio.h>
#include <openssl/crypto.h>
#include <openssl/evp.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/kdf.h>
#include "../ssl/packet_locl.h"
#include "internal/nelem.h"
#include "testutil.h"
/* For DTLS1_BAD_VER packets the MAC doesn't include the handshake header */
#define MAC_OFFSET (DTLS1_RT_HEADER_LENGTH + DTLS1_HM_HEADER_LENGTH)
static unsigned char client_random[SSL3_RANDOM_SIZE];
static unsigned char server_random[SSL3_RANDOM_SIZE];
/* These are all generated locally, sized purely according to our own whim */
static unsigned char session_id[32];
static unsigned char master_secret[48];
static unsigned char cookie[20];
/* We've hard-coded the cipher suite; we know it's 104 bytes */
static unsigned char key_block[104];
#define mac_key (key_block + 20)
#define dec_key (key_block + 40)
#define enc_key (key_block + 56)
static EVP_MD_CTX *handshake_md;
static int do_PRF(const void *seed1, int seed1_len,
const void *seed2, int seed2_len,
const void *seed3, int seed3_len,
unsigned char *out, int olen)
{
EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL);
size_t outlen = olen;
/* No error handling. If it all screws up, the test will fail anyway */
EVP_PKEY_derive_init(pctx);
EVP_PKEY_CTX_set_tls1_prf_md(pctx, EVP_md5_sha1());
EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, master_secret, sizeof(master_secret));
EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, seed1, seed1_len);
EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, seed2, seed2_len);
EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, seed3, seed3_len);
EVP_PKEY_derive(pctx, out, &outlen);
EVP_PKEY_CTX_free(pctx);
return 1;
}
static SSL_SESSION *client_session(void)
{
static unsigned char session_asn1[] = {
0x30, 0x5F, /* SEQUENCE, length 0x5F */
0x02, 0x01, 0x01, /* INTEGER, SSL_SESSION_ASN1_VERSION */
0x02, 0x02, 0x01, 0x00, /* INTEGER, DTLS1_BAD_VER */
0x04, 0x02, 0x00, 0x2F, /* OCTET_STRING, AES128-SHA */
0x04, 0x20, /* OCTET_STRING, session id */
#define SS_SESSID_OFS 15 /* Session ID goes here */
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x04, 0x30, /* OCTET_STRING, master secret */
#define SS_SECRET_OFS 49 /* Master secret goes here */
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
};
const unsigned char *p = session_asn1;
/* Copy the randomly-generated fields into the above ASN1 */
memcpy(session_asn1 + SS_SESSID_OFS, session_id, sizeof(session_id));
memcpy(session_asn1 + SS_SECRET_OFS, master_secret, sizeof(master_secret));
return d2i_SSL_SESSION(NULL, &p, sizeof(session_asn1));
}
/* Returns 1 for initial ClientHello, 2 for ClientHello with cookie */
static int validate_client_hello(BIO *wbio)
{
PACKET pkt, pkt2;
long len;
unsigned char *data;
int cookie_found = 0;
unsigned int u = 0;
len = BIO_get_mem_data(wbio, (char **)&data);
if (!PACKET_buf_init(&pkt, data, len))
return 0;
/* Check record header type */
if (!PACKET_get_1(&pkt, &u) || u != SSL3_RT_HANDSHAKE)
return 0;
/* Version */
if (!PACKET_get_net_2(&pkt, &u) || u != DTLS1_BAD_VER)
return 0;
/* Skip the rest of the record header */
if (!PACKET_forward(&pkt, DTLS1_RT_HEADER_LENGTH - 3))
return 0;
/* Check it's a ClientHello */
if (!PACKET_get_1(&pkt, &u) || u != SSL3_MT_CLIENT_HELLO)
return 0;
/* Skip the rest of the handshake message header */
if (!PACKET_forward(&pkt, DTLS1_HM_HEADER_LENGTH - 1))
return 0;
/* Check client version */
if (!PACKET_get_net_2(&pkt, &u) || u != DTLS1_BAD_VER)
return 0;
/* Store random */
if (!PACKET_copy_bytes(&pkt, client_random, SSL3_RANDOM_SIZE))
return 0;
/* Check session id length and content */
if (!PACKET_get_length_prefixed_1(&pkt, &pkt2) ||
!PACKET_equal(&pkt2, session_id, sizeof(session_id)))
return 0;
/* Check cookie */
if (!PACKET_get_length_prefixed_1(&pkt, &pkt2))
return 0;
if (PACKET_remaining(&pkt2)) {
if (!PACKET_equal(&pkt2, cookie, sizeof(cookie)))
return 0;
cookie_found = 1;
}
/* Skip ciphers */
if (!PACKET_get_net_2(&pkt, &u) || !PACKET_forward(&pkt, u))
return 0;
/* Skip compression */
if (!PACKET_get_1(&pkt, &u) || !PACKET_forward(&pkt, u))
return 0;
/* Skip extensions */
if (!PACKET_get_net_2(&pkt, &u) || !PACKET_forward(&pkt, u))
return 0;
/* Now we are at the end */
if (PACKET_remaining(&pkt))
return 0;
/* Update handshake MAC for second ClientHello (with cookie) */
if (cookie_found && !EVP_DigestUpdate(handshake_md, data + MAC_OFFSET,
len - MAC_OFFSET))
return 0;
(void)BIO_reset(wbio);
return 1 + cookie_found;
}
static int send_hello_verify(BIO *rbio)
{
static unsigned char hello_verify[] = {
0x16, /* Handshake */
0x01, 0x00, /* DTLS1_BAD_VER */
0x00, 0x00, /* Epoch 0 */
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* Seq# 0 */
0x00, 0x23, /* Length */
0x03, /* Hello Verify */
0x00, 0x00, 0x17, /* Length */
0x00, 0x00, /* Seq# 0 */
0x00, 0x00, 0x00, /* Fragment offset */
0x00, 0x00, 0x17, /* Fragment length */
0x01, 0x00, /* DTLS1_BAD_VER */
0x14, /* Cookie length */
#define HV_COOKIE_OFS 28 /* Cookie goes here */
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00,
};
memcpy(hello_verify + HV_COOKIE_OFS, cookie, sizeof(cookie));
BIO_write(rbio, hello_verify, sizeof(hello_verify));
return 1;
}
static int send_server_hello(BIO *rbio)
{
static unsigned char server_hello[] = {
0x16, /* Handshake */
0x01, 0x00, /* DTLS1_BAD_VER */
0x00, 0x00, /* Epoch 0 */
0x00, 0x00, 0x00, 0x00, 0x00, 0x01, /* Seq# 1 */
0x00, 0x52, /* Length */
0x02, /* Server Hello */
0x00, 0x00, 0x46, /* Length */
0x00, 0x01, /* Seq# */
0x00, 0x00, 0x00, /* Fragment offset */
0x00, 0x00, 0x46, /* Fragment length */
0x01, 0x00, /* DTLS1_BAD_VER */
#define SH_RANDOM_OFS 27 /* Server random goes here */
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x20, /* Session ID length */
#define SH_SESSID_OFS 60 /* Session ID goes here */
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x2f, /* Cipher suite AES128-SHA */
0x00, /* Compression null */
};
static unsigned char change_cipher_spec[] = {
0x14, /* Change Cipher Spec */
0x01, 0x00, /* DTLS1_BAD_VER */
0x00, 0x00, /* Epoch 0 */
0x00, 0x00, 0x00, 0x00, 0x00, 0x02, /* Seq# 2 */
0x00, 0x03, /* Length */
0x01, 0x00, 0x02, /* Message */
};
memcpy(server_hello + SH_RANDOM_OFS, server_random, sizeof(server_random));
memcpy(server_hello + SH_SESSID_OFS, session_id, sizeof(session_id));
if (!EVP_DigestUpdate(handshake_md, server_hello + MAC_OFFSET,
sizeof(server_hello) - MAC_OFFSET))
return 0;
BIO_write(rbio, server_hello, sizeof(server_hello));
BIO_write(rbio, change_cipher_spec, sizeof(change_cipher_spec));
return 1;
}
/* Create header, HMAC, pad, encrypt and send a record */
static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr,
const void *msg, size_t len)
{
/* Note that the order of the record header fields on the wire,
* and in the HMAC, is different. So we just keep them in separate
* variables and handle them individually. */
static unsigned char epoch[2] = { 0x00, 0x01 };
static unsigned char seq[6] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
static unsigned char ver[2] = { 0x01, 0x00 }; /* DTLS1_BAD_VER */
unsigned char lenbytes[2];
HMAC_CTX *ctx;
EVP_CIPHER_CTX *enc_ctx;
unsigned char iv[16];
unsigned char pad;
unsigned char *enc;
seq[0] = (seqnr >> 40) & 0xff;
seq[1] = (seqnr >> 32) & 0xff;
seq[2] = (seqnr >> 24) & 0xff;
seq[3] = (seqnr >> 16) & 0xff;
seq[4] = (seqnr >> 8) & 0xff;
seq[5] = seqnr & 0xff;
pad = 15 - ((len + SHA_DIGEST_LENGTH) % 16);
enc = OPENSSL_malloc(len + SHA_DIGEST_LENGTH + 1 + pad);
if (enc == NULL)
return 0;
/* Copy record to encryption buffer */
memcpy(enc, msg, len);
/* Append HMAC to data */
ctx = HMAC_CTX_new();
HMAC_Init_ex(ctx, mac_key, 20, EVP_sha1(), NULL);
HMAC_Update(ctx, epoch, 2);
HMAC_Update(ctx, seq, 6);
HMAC_Update(ctx, &type, 1);
HMAC_Update(ctx, ver, 2); /* Version */
lenbytes[0] = (unsigned char)(len >> 8);
lenbytes[1] = (unsigned char)(len);
HMAC_Update(ctx, lenbytes, 2); /* Length */
HMAC_Update(ctx, enc, len); /* Finally the data itself */
HMAC_Final(ctx, enc + len, NULL);
HMAC_CTX_free(ctx);
/* Append padding bytes */
len += SHA_DIGEST_LENGTH;
do {
enc[len++] = pad;
} while (len % 16);
/* Generate IV, and encrypt */
RAND_bytes(iv, sizeof(iv));
enc_ctx = EVP_CIPHER_CTX_new();
EVP_CipherInit_ex(enc_ctx, EVP_aes_128_cbc(), NULL, enc_key, iv, 1);
EVP_Cipher(enc_ctx, enc, enc, len);
EVP_CIPHER_CTX_free(enc_ctx);
/* Finally write header (from fragmented variables), IV and encrypted record */
BIO_write(rbio, &type, 1);
BIO_write(rbio, ver, 2);
BIO_write(rbio, epoch, 2);
BIO_write(rbio, seq, 6);
lenbytes[0] = (unsigned char)((len + sizeof(iv)) >> 8);
lenbytes[1] = (unsigned char)(len + sizeof(iv));
BIO_write(rbio, lenbytes, 2);
BIO_write(rbio, iv, sizeof(iv));
BIO_write(rbio, enc, len);
OPENSSL_free(enc);
return 1;
}
static int send_finished(SSL *s, BIO *rbio)
{
static unsigned char finished_msg[DTLS1_HM_HEADER_LENGTH +
TLS1_FINISH_MAC_LENGTH] = {
0x14, /* Finished */
0x00, 0x00, 0x0c, /* Length */
0x00, 0x03, /* Seq# 3 */
0x00, 0x00, 0x00, /* Fragment offset */
0x00, 0x00, 0x0c, /* Fragment length */
/* Finished MAC (12 bytes) */
};
unsigned char handshake_hash[EVP_MAX_MD_SIZE];
/* Derive key material */
do_PRF(TLS_MD_KEY_EXPANSION_CONST, TLS_MD_KEY_EXPANSION_CONST_SIZE,
server_random, SSL3_RANDOM_SIZE,
client_random, SSL3_RANDOM_SIZE,
key_block, sizeof(key_block));
/* Generate Finished MAC */
if (!EVP_DigestFinal_ex(handshake_md, handshake_hash, NULL))
return 0;
do_PRF(TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
handshake_hash, EVP_MD_CTX_size(handshake_md),
NULL, 0,
finished_msg + DTLS1_HM_HEADER_LENGTH, TLS1_FINISH_MAC_LENGTH);
return send_record(rbio, SSL3_RT_HANDSHAKE, 0,
finished_msg, sizeof(finished_msg));
}
static int validate_ccs(BIO *wbio)
{
PACKET pkt;
long len;
unsigned char *data;
unsigned int u;
len = BIO_get_mem_data(wbio, (char **)&data);
if (!PACKET_buf_init(&pkt, data, len))
return 0;
/* Check record header type */
if (!PACKET_get_1(&pkt, &u) || u != SSL3_RT_CHANGE_CIPHER_SPEC)
return 0;
/* Version */
if (!PACKET_get_net_2(&pkt, &u) || u != DTLS1_BAD_VER)
return 0;
/* Skip the rest of the record header */
if (!PACKET_forward(&pkt, DTLS1_RT_HEADER_LENGTH - 3))
return 0;
/* Check ChangeCipherSpec message */
if (!PACKET_get_1(&pkt, &u) || u != SSL3_MT_CCS)
return 0;
/* A DTLS1_BAD_VER ChangeCipherSpec also contains the
* handshake sequence number (which is 2 here) */
if (!PACKET_get_net_2(&pkt, &u) || u != 0x0002)
return 0;
/* Now check the Finished packet */
if (!PACKET_get_1(&pkt, &u) || u != SSL3_RT_HANDSHAKE)
return 0;
if (!PACKET_get_net_2(&pkt, &u) || u != DTLS1_BAD_VER)
return 0;
/* Check epoch is now 1 */
if (!PACKET_get_net_2(&pkt, &u) || u != 0x0001)
return 0;
/* That'll do for now. If OpenSSL accepted *our* Finished packet
* then it's evidently remembered that DTLS1_BAD_VER doesn't
* include the handshake header in the MAC. There's not a lot of
* point in implementing decryption here, just to check that it
* continues to get it right for one more packet. */
return 1;
}
#define NODROP(x) { x##UL, 0 }
#define DROP(x) { x##UL, 1 }
static struct {
uint64_t seq;
int drop;
} tests[] = {
NODROP(1), NODROP(3), NODROP(2),
NODROP(0x1234), NODROP(0x1230), NODROP(0x1235),
NODROP(0xffff), NODROP(0x10001), NODROP(0xfffe), NODROP(0x10000),
DROP(0x10001), DROP(0xff), NODROP(0x100000), NODROP(0x800000), NODROP(0x7fffe1),
NODROP(0xffffff), NODROP(0x1000000), NODROP(0xfffffe), DROP(0xffffff), NODROP(0x1000010),
NODROP(0xfffffd), NODROP(0x1000011), DROP(0x12), NODROP(0x1000012),
NODROP(0x1ffffff), NODROP(0x2000000), DROP(0x1ff00fe), NODROP(0x2000001),
NODROP(0x20fffff), NODROP(0x2105500), DROP(0x20ffffe), NODROP(0x21054ff),
NODROP(0x211ffff), DROP(0x2110000), NODROP(0x2120000)
/* The last test should be NODROP, because a DROP wouldn't get tested. */
};
static int test_bad_dtls(void)
{
SSL_SESSION *sess = NULL;
SSL_CTX *ctx = NULL;
SSL *con = NULL;
BIO *rbio = NULL;
BIO *wbio = NULL;
time_t now = 0;
int testresult = 0;
int ret;
int i;
RAND_bytes(session_id, sizeof(session_id));
RAND_bytes(master_secret, sizeof(master_secret));
RAND_bytes(cookie, sizeof(cookie));
RAND_bytes(server_random + 4, sizeof(server_random) - 4);
now = time(NULL);
memcpy(server_random, &now, sizeof(now));
sess = client_session();
if (!TEST_ptr(sess))
goto end;
handshake_md = EVP_MD_CTX_new();
if (!TEST_ptr(handshake_md)
|| !TEST_true(EVP_DigestInit_ex(handshake_md, EVP_md5_sha1(),
NULL)))
goto end;
ctx = SSL_CTX_new(DTLS_client_method());
if (!TEST_ptr(ctx)
|| !TEST_true(SSL_CTX_set_min_proto_version(ctx, DTLS1_BAD_VER))
|| !TEST_true(SSL_CTX_set_max_proto_version(ctx, DTLS1_BAD_VER))
|| !TEST_true(SSL_CTX_set_cipher_list(ctx, "AES128-SHA")))
goto end;
con = SSL_new(ctx);
if (!TEST_ptr(con)
|| !TEST_true(SSL_set_session(con, sess)))
goto end;
SSL_SESSION_free(sess);
rbio = BIO_new(BIO_s_mem());
wbio = BIO_new(BIO_s_mem());
if (!TEST_ptr(rbio)
|| !TEST_ptr(wbio))
goto end;
SSL_set_bio(con, rbio, wbio);
if (!TEST_true(BIO_up_ref(rbio))) {
/*
* We can't up-ref but we assigned ownership to con, so we shouldn't
* free in the "end" block
*/
rbio = wbio = NULL;
goto end;
}
if (!TEST_true(BIO_up_ref(wbio))) {
wbio = NULL;
goto end;
}
SSL_set_connect_state(con);
/* Send initial ClientHello */
ret = SSL_do_handshake(con);
if (!TEST_int_le(ret, 0)
|| !TEST_int_eq(SSL_get_error(con, ret), SSL_ERROR_WANT_READ)
|| !TEST_int_eq(validate_client_hello(wbio), 1)
|| !TEST_true(send_hello_verify(rbio)))
goto end;
ret = SSL_do_handshake(con);
if (!TEST_int_le(ret, 0)
|| !TEST_int_eq(SSL_get_error(con, ret), SSL_ERROR_WANT_READ)
|| !TEST_int_eq(validate_client_hello(wbio), 2)
|| !TEST_true(send_server_hello(rbio)))
goto end;
ret = SSL_do_handshake(con);
if (!TEST_int_le(ret, 0)
|| !TEST_int_eq(SSL_get_error(con, ret), SSL_ERROR_WANT_READ)
|| !TEST_true(send_finished(con, rbio)))
goto end;
ret = SSL_do_handshake(con);
if (!TEST_int_gt(ret, 0)
|| !TEST_true(validate_ccs(wbio)))
goto end;
/* While we're here and crafting packets by hand, we might as well do a
bit of a stress test on the DTLS record replay handling. Not Cisco-DTLS
specific but useful anyway for the general case. It's been broken
before, and in fact was broken even for a basic 0, 2, 1 test case
when this test was first added.... */
for (i = 0; i < (int)OSSL_NELEM(tests); i++) {
uint64_t recv_buf[2];
if (!TEST_true(send_record(rbio, SSL3_RT_APPLICATION_DATA, tests[i].seq,
&tests[i].seq, sizeof(uint64_t)))) {
TEST_error("Failed to send data seq #0x%x%08x (%d)\n",
(unsigned int)(tests[i].seq >> 32), (unsigned int)tests[i].seq, i);
goto end;
}
if (tests[i].drop)
continue;
ret = SSL_read(con, recv_buf, 2 * sizeof(uint64_t));
if (!TEST_int_eq(ret, (int)sizeof(uint64_t))) {
TEST_error("SSL_read failed or wrong size on seq#0x%x%08x (%d)\n",
(unsigned int)(tests[i].seq >> 32), (unsigned int)tests[i].seq, i);
goto end;
}
if (!TEST_true(recv_buf[0] == tests[i].seq))
goto end;
}
/* The last test cannot be DROP() */
if (!TEST_false(tests[i-1].drop))
goto end;
testresult = 1;
end:
BIO_free(rbio);
BIO_free(wbio);
SSL_free(con);
SSL_CTX_free(ctx);
EVP_MD_CTX_free(handshake_md);
return testresult;
}
int setup_tests(void)
{
ADD_TEST(test_bad_dtls);
return 1;
}

461
test/bftest.c Normal file
View File

@@ -0,0 +1,461 @@
/*
* Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* This has been a quickly hacked 'ideatest.c'. When I add tests for other
* RC2 modes, more of the code will be uncommented.
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_BF is defined */
#include "testutil.h"
#include "internal/nelem.h"
#ifndef OPENSSL_NO_BF
# include <openssl/blowfish.h>
# ifdef CHARSET_EBCDIC
# include <openssl/ebcdic.h>
# endif
static char bf_key[2][30] = {
"abcdefghijklmnopqrstuvwxyz",
"Who is John Galt?"
};
/* big endian */
static BF_LONG bf_plain[2][2] = {
{0x424c4f57L, 0x46495348L},
{0xfedcba98L, 0x76543210L}
};
static BF_LONG bf_cipher[2][2] = {
{0x324ed0feL, 0xf413a203L},
{0xcc91732bL, 0x8022f684L}
};
/************/
/* Lets use the DES test vectors :-) */
# define NUM_TESTS 34
static unsigned char ecb_data[NUM_TESTS][8] = {
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
{0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
{0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
{0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
{0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
{0x7C, 0xA1, 0x10, 0x45, 0x4A, 0x1A, 0x6E, 0x57},
{0x01, 0x31, 0xD9, 0x61, 0x9D, 0xC1, 0x37, 0x6E},
{0x07, 0xA1, 0x13, 0x3E, 0x4A, 0x0B, 0x26, 0x86},
{0x38, 0x49, 0x67, 0x4C, 0x26, 0x02, 0x31, 0x9E},
{0x04, 0xB9, 0x15, 0xBA, 0x43, 0xFE, 0xB5, 0xB6},
{0x01, 0x13, 0xB9, 0x70, 0xFD, 0x34, 0xF2, 0xCE},
{0x01, 0x70, 0xF1, 0x75, 0x46, 0x8F, 0xB5, 0xE6},
{0x43, 0x29, 0x7F, 0xAD, 0x38, 0xE3, 0x73, 0xFE},
{0x07, 0xA7, 0x13, 0x70, 0x45, 0xDA, 0x2A, 0x16},
{0x04, 0x68, 0x91, 0x04, 0xC2, 0xFD, 0x3B, 0x2F},
{0x37, 0xD0, 0x6B, 0xB5, 0x16, 0xCB, 0x75, 0x46},
{0x1F, 0x08, 0x26, 0x0D, 0x1A, 0xC2, 0x46, 0x5E},
{0x58, 0x40, 0x23, 0x64, 0x1A, 0xBA, 0x61, 0x76},
{0x02, 0x58, 0x16, 0x16, 0x46, 0x29, 0xB0, 0x07},
{0x49, 0x79, 0x3E, 0xBC, 0x79, 0xB3, 0x25, 0x8F},
{0x4F, 0xB0, 0x5E, 0x15, 0x15, 0xAB, 0x73, 0xA7},
{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF},
{0x01, 0x83, 0x10, 0xDC, 0x40, 0x9B, 0x26, 0xD6},
{0x1C, 0x58, 0x7F, 0x1C, 0x13, 0x92, 0x4F, 0xEF},
{0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01},
{0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E},
{0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE},
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
{0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10}
};
static unsigned char plain_data[NUM_TESTS][8] = {
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
{0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
{0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
{0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
{0x01, 0xA1, 0xD6, 0xD0, 0x39, 0x77, 0x67, 0x42},
{0x5C, 0xD5, 0x4C, 0xA8, 0x3D, 0xEF, 0x57, 0xDA},
{0x02, 0x48, 0xD4, 0x38, 0x06, 0xF6, 0x71, 0x72},
{0x51, 0x45, 0x4B, 0x58, 0x2D, 0xDF, 0x44, 0x0A},
{0x42, 0xFD, 0x44, 0x30, 0x59, 0x57, 0x7F, 0xA2},
{0x05, 0x9B, 0x5E, 0x08, 0x51, 0xCF, 0x14, 0x3A},
{0x07, 0x56, 0xD8, 0xE0, 0x77, 0x47, 0x61, 0xD2},
{0x76, 0x25, 0x14, 0xB8, 0x29, 0xBF, 0x48, 0x6A},
{0x3B, 0xDD, 0x11, 0x90, 0x49, 0x37, 0x28, 0x02},
{0x26, 0x95, 0x5F, 0x68, 0x35, 0xAF, 0x60, 0x9A},
{0x16, 0x4D, 0x5E, 0x40, 0x4F, 0x27, 0x52, 0x32},
{0x6B, 0x05, 0x6E, 0x18, 0x75, 0x9F, 0x5C, 0xCA},
{0x00, 0x4B, 0xD6, 0xEF, 0x09, 0x17, 0x60, 0x62},
{0x48, 0x0D, 0x39, 0x00, 0x6E, 0xE7, 0x62, 0xF2},
{0x43, 0x75, 0x40, 0xC8, 0x69, 0x8F, 0x3C, 0xFA},
{0x07, 0x2D, 0x43, 0xA0, 0x77, 0x07, 0x52, 0x92},
{0x02, 0xFE, 0x55, 0x77, 0x81, 0x17, 0xF1, 0x2A},
{0x1D, 0x9D, 0x5C, 0x50, 0x18, 0xF7, 0x28, 0xC2},
{0x30, 0x55, 0x32, 0x28, 0x6D, 0x6F, 0x29, 0x5A},
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}
};
static unsigned char cipher_data[NUM_TESTS][8] = {
{0x4E, 0xF9, 0x97, 0x45, 0x61, 0x98, 0xDD, 0x78},
{0x51, 0x86, 0x6F, 0xD5, 0xB8, 0x5E, 0xCB, 0x8A},
{0x7D, 0x85, 0x6F, 0x9A, 0x61, 0x30, 0x63, 0xF2},
{0x24, 0x66, 0xDD, 0x87, 0x8B, 0x96, 0x3C, 0x9D},
{0x61, 0xF9, 0xC3, 0x80, 0x22, 0x81, 0xB0, 0x96},
{0x7D, 0x0C, 0xC6, 0x30, 0xAF, 0xDA, 0x1E, 0xC7},
{0x4E, 0xF9, 0x97, 0x45, 0x61, 0x98, 0xDD, 0x78},
{0x0A, 0xCE, 0xAB, 0x0F, 0xC6, 0xA0, 0xA2, 0x8D},
{0x59, 0xC6, 0x82, 0x45, 0xEB, 0x05, 0x28, 0x2B},
{0xB1, 0xB8, 0xCC, 0x0B, 0x25, 0x0F, 0x09, 0xA0},
{0x17, 0x30, 0xE5, 0x77, 0x8B, 0xEA, 0x1D, 0xA4},
{0xA2, 0x5E, 0x78, 0x56, 0xCF, 0x26, 0x51, 0xEB},
{0x35, 0x38, 0x82, 0xB1, 0x09, 0xCE, 0x8F, 0x1A},
{0x48, 0xF4, 0xD0, 0x88, 0x4C, 0x37, 0x99, 0x18},
{0x43, 0x21, 0x93, 0xB7, 0x89, 0x51, 0xFC, 0x98},
{0x13, 0xF0, 0x41, 0x54, 0xD6, 0x9D, 0x1A, 0xE5},
{0x2E, 0xED, 0xDA, 0x93, 0xFF, 0xD3, 0x9C, 0x79},
{0xD8, 0x87, 0xE0, 0x39, 0x3C, 0x2D, 0xA6, 0xE3},
{0x5F, 0x99, 0xD0, 0x4F, 0x5B, 0x16, 0x39, 0x69},
{0x4A, 0x05, 0x7A, 0x3B, 0x24, 0xD3, 0x97, 0x7B},
{0x45, 0x20, 0x31, 0xC1, 0xE4, 0xFA, 0xDA, 0x8E},
{0x75, 0x55, 0xAE, 0x39, 0xF5, 0x9B, 0x87, 0xBD},
{0x53, 0xC5, 0x5F, 0x9C, 0xB4, 0x9F, 0xC0, 0x19},
{0x7A, 0x8E, 0x7B, 0xFA, 0x93, 0x7E, 0x89, 0xA3},
{0xCF, 0x9C, 0x5D, 0x7A, 0x49, 0x86, 0xAD, 0xB5},
{0xD1, 0xAB, 0xB2, 0x90, 0x65, 0x8B, 0xC7, 0x78},
{0x55, 0xCB, 0x37, 0x74, 0xD1, 0x3E, 0xF2, 0x01},
{0xFA, 0x34, 0xEC, 0x48, 0x47, 0xB2, 0x68, 0xB2},
{0xA7, 0x90, 0x79, 0x51, 0x08, 0xEA, 0x3C, 0xAE},
{0xC3, 0x9E, 0x07, 0x2D, 0x9F, 0xAC, 0x63, 0x1D},
{0x01, 0x49, 0x33, 0xE0, 0xCD, 0xAF, 0xF6, 0xE4},
{0xF2, 0x1E, 0x9A, 0x77, 0xB7, 0x1C, 0x49, 0xBC},
{0x24, 0x59, 0x46, 0x88, 0x57, 0x54, 0x36, 0x9A},
{0x6B, 0x5C, 0x5A, 0x9C, 0x5D, 0x9E, 0x0A, 0x5A},
};
static unsigned char cbc_key[16] = {
0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87
};
static unsigned char cbc_iv[8] =
{ 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 };
static char cbc_data[40] = "7654321 Now is the time for ";
static unsigned char cbc_ok[32] = {
0x6B, 0x77, 0xB4, 0xD6, 0x30, 0x06, 0xDE, 0xE6,
0x05, 0xB1, 0x56, 0xE2, 0x74, 0x03, 0x97, 0x93,
0x58, 0xDE, 0xB9, 0xE7, 0x15, 0x46, 0x16, 0xD9,
0x59, 0xF1, 0x65, 0x2B, 0xD5, 0xFF, 0x92, 0xCC
};
static unsigned char cfb64_ok[] = {
0xE7, 0x32, 0x14, 0xA2, 0x82, 0x21, 0x39, 0xCA,
0xF2, 0x6E, 0xCF, 0x6D, 0x2E, 0xB9, 0xE7, 0x6E,
0x3D, 0xA3, 0xDE, 0x04, 0xD1, 0x51, 0x72, 0x00,
0x51, 0x9D, 0x57, 0xA6, 0xC3
};
static unsigned char ofb64_ok[] = {
0xE7, 0x32, 0x14, 0xA2, 0x82, 0x21, 0x39, 0xCA,
0x62, 0xB3, 0x43, 0xCC, 0x5B, 0x65, 0x58, 0x73,
0x10, 0xDD, 0x90, 0x8D, 0x0C, 0x24, 0x1B, 0x22,
0x63, 0xC2, 0xCF, 0x80, 0xDA
};
# define KEY_TEST_NUM 25
static unsigned char key_test[KEY_TEST_NUM] = {
0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87,
0x78, 0x69, 0x5a, 0x4b, 0x3c, 0x2d, 0x1e, 0x0f,
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
0x88
};
static unsigned char key_data[8] =
{ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10 };
static unsigned char key_out[KEY_TEST_NUM][8] = {
{0xF9, 0xAD, 0x59, 0x7C, 0x49, 0xDB, 0x00, 0x5E},
{0xE9, 0x1D, 0x21, 0xC1, 0xD9, 0x61, 0xA6, 0xD6},
{0xE9, 0xC2, 0xB7, 0x0A, 0x1B, 0xC6, 0x5C, 0xF3},
{0xBE, 0x1E, 0x63, 0x94, 0x08, 0x64, 0x0F, 0x05},
{0xB3, 0x9E, 0x44, 0x48, 0x1B, 0xDB, 0x1E, 0x6E},
{0x94, 0x57, 0xAA, 0x83, 0xB1, 0x92, 0x8C, 0x0D},
{0x8B, 0xB7, 0x70, 0x32, 0xF9, 0x60, 0x62, 0x9D},
{0xE8, 0x7A, 0x24, 0x4E, 0x2C, 0xC8, 0x5E, 0x82},
{0x15, 0x75, 0x0E, 0x7A, 0x4F, 0x4E, 0xC5, 0x77},
{0x12, 0x2B, 0xA7, 0x0B, 0x3A, 0xB6, 0x4A, 0xE0},
{0x3A, 0x83, 0x3C, 0x9A, 0xFF, 0xC5, 0x37, 0xF6},
{0x94, 0x09, 0xDA, 0x87, 0xA9, 0x0F, 0x6B, 0xF2},
{0x88, 0x4F, 0x80, 0x62, 0x50, 0x60, 0xB8, 0xB4},
{0x1F, 0x85, 0x03, 0x1C, 0x19, 0xE1, 0x19, 0x68},
{0x79, 0xD9, 0x37, 0x3A, 0x71, 0x4C, 0xA3, 0x4F},
{0x93, 0x14, 0x28, 0x87, 0xEE, 0x3B, 0xE1, 0x5C},
{0x03, 0x42, 0x9E, 0x83, 0x8C, 0xE2, 0xD1, 0x4B},
{0xA4, 0x29, 0x9E, 0x27, 0x46, 0x9F, 0xF6, 0x7B},
{0xAF, 0xD5, 0xAE, 0xD1, 0xC1, 0xBC, 0x96, 0xA8},
{0x10, 0x85, 0x1C, 0x0E, 0x38, 0x58, 0xDA, 0x9F},
{0xE6, 0xF5, 0x1E, 0xD7, 0x9B, 0x9D, 0xB2, 0x1F},
{0x64, 0xA6, 0xE1, 0x4A, 0xFD, 0x36, 0xB4, 0x6F},
{0x80, 0xC7, 0xD7, 0xD4, 0x5A, 0x54, 0x79, 0xAD},
{0x05, 0x04, 0x4B, 0x62, 0xFA, 0x52, 0xD0, 0x80},
};
static int print_test_data(void)
{
unsigned int i, j;
printf("ecb test data\n");
printf("key bytes\t\tclear bytes\t\tcipher bytes\n");
for (i = 0; i < NUM_TESTS; i++) {
for (j = 0; j < 8; j++)
printf("%02X", ecb_data[i][j]);
printf("\t");
for (j = 0; j < 8; j++)
printf("%02X", plain_data[i][j]);
printf("\t");
for (j = 0; j < 8; j++)
printf("%02X", cipher_data[i][j]);
printf("\n");
}
printf("set_key test data\n");
printf("data[8]= ");
for (j = 0; j < 8; j++)
printf("%02X", key_data[j]);
printf("\n");
for (i = 0; i < KEY_TEST_NUM - 1; i++) {
printf("c=");
for (j = 0; j < 8; j++)
printf("%02X", key_out[i][j]);
printf(" k[%2u]=", i + 1);
for (j = 0; j < i + 1; j++)
printf("%02X", key_test[j]);
printf("\n");
}
printf("\nchaining mode test data\n");
printf("key[16] = ");
for (j = 0; j < 16; j++)
printf("%02X", cbc_key[j]);
printf("\niv[8] = ");
for (j = 0; j < 8; j++)
printf("%02X", cbc_iv[j]);
printf("\ndata[%d] = '%s'", (int)strlen(cbc_data) + 1, cbc_data);
printf("\ndata[%d] = ", (int)strlen(cbc_data) + 1);
for (j = 0; j < strlen(cbc_data) + 1; j++)
printf("%02X", cbc_data[j]);
printf("\n");
printf("cbc cipher text\n");
printf("cipher[%d]= ", 32);
for (j = 0; j < 32; j++)
printf("%02X", cbc_ok[j]);
printf("\n");
printf("cfb64 cipher text\n");
printf("cipher[%d]= ", (int)strlen(cbc_data) + 1);
for (j = 0; j < strlen(cbc_data) + 1; j++)
printf("%02X", cfb64_ok[j]);
printf("\n");
printf("ofb64 cipher text\n");
printf("cipher[%d]= ", (int)strlen(cbc_data) + 1);
for (j = 0; j < strlen(cbc_data) + 1; j++)
printf("%02X", ofb64_ok[j]);
printf("\n");
return 0;
}
static int test_bf_ecb_raw(int n)
{
int ret = 1;
BF_KEY key;
BF_LONG data[2];
BF_set_key(&key, strlen(bf_key[n]), (unsigned char *)bf_key[n]);
data[0] = bf_plain[n][0];
data[1] = bf_plain[n][1];
BF_encrypt(data, &key);
if (!TEST_mem_eq(&(bf_cipher[n][0]), BF_BLOCK, &(data[0]), BF_BLOCK))
ret = 0;
BF_decrypt(&(data[0]), &key);
if (!TEST_mem_eq(&(bf_plain[n][0]), BF_BLOCK, &(data[0]), BF_BLOCK))
ret = 0;
return ret;
}
static int test_bf_ecb(int n)
{
int ret = 1;
BF_KEY key;
unsigned char out[8];
BF_set_key(&key, 8, ecb_data[n]);
BF_ecb_encrypt(&(plain_data[n][0]), out, &key, BF_ENCRYPT);
if (!TEST_mem_eq(&(cipher_data[n][0]), BF_BLOCK, out, BF_BLOCK))
ret = 0;
BF_ecb_encrypt(out, out, &key, BF_DECRYPT);
if (!TEST_mem_eq(&(plain_data[n][0]), BF_BLOCK, out, BF_BLOCK))
ret = 0;
return ret;
}
static int test_bf_set_key(int n)
{
int ret = 1;
BF_KEY key;
unsigned char out[8];
BF_set_key(&key, n+1, key_test);
BF_ecb_encrypt(key_data, out, &key, BF_ENCRYPT);
/* mips-sgi-irix6.5-gcc vv -mabi=64 bug workaround */
if (!TEST_mem_eq(out, 8, &(key_out[n][0]), 8))
ret = 0;
return ret;
}
static int test_bf_cbc(void)
{
unsigned char cbc_in[40], cbc_out[40], iv[8];
int ret = 1;
BF_KEY key;
BF_LONG len;
len = strlen(cbc_data) + 1;
BF_set_key(&key, 16, cbc_key);
memset(cbc_in, 0, sizeof(cbc_in));
memset(cbc_out, 0, sizeof(cbc_out));
memcpy(iv, cbc_iv, sizeof(iv));
BF_cbc_encrypt((unsigned char *)cbc_data, cbc_out, len,
&key, iv, BF_ENCRYPT);
if (!TEST_mem_eq(cbc_out, 32, cbc_ok, 32))
ret = 0;
memcpy(iv, cbc_iv, 8);
BF_cbc_encrypt(cbc_out, cbc_in, len, &key, iv, BF_DECRYPT);
if (!TEST_mem_eq(cbc_in, len, cbc_data, strlen(cbc_data) + 1))
ret = 0;
return ret;
}
static int test_bf_cfb64(void)
{
unsigned char cbc_in[40], cbc_out[40], iv[8];
int n, ret = 1;
BF_KEY key;
BF_LONG len;
len = strlen(cbc_data) + 1;
BF_set_key(&key, 16, cbc_key);
memset(cbc_in, 0, 40);
memset(cbc_out, 0, 40);
memcpy(iv, cbc_iv, 8);
n = 0;
BF_cfb64_encrypt((unsigned char *)cbc_data, cbc_out, (long)13,
&key, iv, &n, BF_ENCRYPT);
BF_cfb64_encrypt((unsigned char *)&(cbc_data[13]), &(cbc_out[13]),
len - 13, &key, iv, &n, BF_ENCRYPT);
if (!TEST_mem_eq(cbc_out, (int)len, cfb64_ok, (int)len))
ret = 0;
n = 0;
memcpy(iv, cbc_iv, 8);
BF_cfb64_encrypt(cbc_out, cbc_in, 17, &key, iv, &n, BF_DECRYPT);
BF_cfb64_encrypt(&(cbc_out[17]), &(cbc_in[17]), len - 17,
&key, iv, &n, BF_DECRYPT);
if (!TEST_mem_eq(cbc_in, (int)len, cbc_data, (int)len))
ret = 0;
return ret;
}
static int test_bf_ofb64(void)
{
unsigned char cbc_in[40], cbc_out[40], iv[8];
int n, ret = 1;
BF_KEY key;
BF_LONG len;
len = strlen(cbc_data) + 1;
BF_set_key(&key, 16, cbc_key);
memset(cbc_in, 0, 40);
memset(cbc_out, 0, 40);
memcpy(iv, cbc_iv, 8);
n = 0;
BF_ofb64_encrypt((unsigned char *)cbc_data, cbc_out, (long)13, &key, iv,
&n);
BF_ofb64_encrypt((unsigned char *)&(cbc_data[13]), &(cbc_out[13]),
len - 13, &key, iv, &n);
if (!TEST_mem_eq(cbc_out, (int)len, ofb64_ok, (int)len))
ret = 0;
n = 0;
memcpy(iv, cbc_iv, 8);
BF_ofb64_encrypt(cbc_out, cbc_in, 17, &key, iv, &n);
BF_ofb64_encrypt(&(cbc_out[17]), &(cbc_in[17]), len - 17, &key, iv, &n);
if (!TEST_mem_eq(cbc_in, (int)len, cbc_data, (int)len))
ret = 0;
return ret;
}
#endif
int setup_tests(void)
{
#ifndef OPENSSL_NO_BF
# ifdef CHARSET_EBCDIC
int n;
ebcdic2ascii(cbc_data, cbc_data, strlen(cbc_data));
for (n = 0; n < 2; n++) {
ebcdic2ascii(bf_key[n], bf_key[n], strlen(bf_key[n]));
}
# endif
if (test_get_argument(0) != NULL) {
print_test_data();
} else {
ADD_ALL_TESTS(test_bf_ecb_raw, 2);
ADD_ALL_TESTS(test_bf_ecb, NUM_TESTS);
ADD_ALL_TESTS(test_bf_set_key, KEY_TEST_NUM-1);
ADD_TEST(test_bf_cbc);
ADD_TEST(test_bf_cfb64);
ADD_TEST(test_bf_ofb64);
}
#endif
return 1;
}

178
test/bio_callback_test.c Normal file
View File

@@ -0,0 +1,178 @@
/*
* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <string.h>
#include <openssl/bio.h>
#include "testutil.h"
#define MAXCOUNT 5
static int my_param_count;
static BIO *my_param_b[MAXCOUNT];
static int my_param_oper[MAXCOUNT];
static const char *my_param_argp[MAXCOUNT];
static int my_param_argi[MAXCOUNT];
static long my_param_argl[MAXCOUNT];
static long my_param_ret[MAXCOUNT];
static long my_bio_callback(BIO *b, int oper, const char *argp, int argi,
long argl, long ret)
{
if (my_param_count >= MAXCOUNT)
return -1;
my_param_b[my_param_count] = b;
my_param_oper[my_param_count] = oper;
my_param_argp[my_param_count] = argp;
my_param_argi[my_param_count] = argi;
my_param_argl[my_param_count] = argl;
my_param_ret[my_param_count] = ret;
my_param_count++;
return ret;
}
static int test_bio_callback(void)
{
int ok = 0;
BIO *bio;
int i;
char test1[] = "test";
const int test1len = sizeof(test1) - 1;
char test2[] = "hello";
const int test2len = sizeof(test2) - 1;
char buf[16];
my_param_count = 0;
bio = BIO_new(BIO_s_mem());
if (bio == NULL)
goto err;
BIO_set_callback(bio, my_bio_callback);
i = BIO_write(bio, test1, test1len);
if (!TEST_int_eq(i, test1len)
|| !TEST_int_eq(my_param_count, 2)
|| !TEST_ptr_eq(my_param_b[0], bio)
|| !TEST_int_eq(my_param_oper[0], BIO_CB_WRITE)
|| !TEST_ptr_eq(my_param_argp[0], test1)
|| !TEST_int_eq(my_param_argi[0], test1len)
|| !TEST_long_eq(my_param_argl[0], 0L)
|| !TEST_long_eq(my_param_ret[0], 1L)
|| !TEST_ptr_eq(my_param_b[1], bio)
|| !TEST_int_eq(my_param_oper[1], BIO_CB_WRITE | BIO_CB_RETURN)
|| !TEST_ptr_eq(my_param_argp[1], test1)
|| !TEST_int_eq(my_param_argi[1], test1len)
|| !TEST_long_eq(my_param_argl[1], 0L)
|| !TEST_long_eq(my_param_ret[1], (long)test1len))
goto err;
my_param_count = 0;
i = BIO_read(bio, buf, sizeof(buf));
if (!TEST_mem_eq(buf, i, test1, test1len)
|| !TEST_int_eq(my_param_count, 2)
|| !TEST_ptr_eq(my_param_b[0], bio)
|| !TEST_int_eq(my_param_oper[0], BIO_CB_READ)
|| !TEST_ptr_eq(my_param_argp[0], buf)
|| !TEST_int_eq(my_param_argi[0], sizeof(buf))
|| !TEST_long_eq(my_param_argl[0], 0L)
|| !TEST_long_eq(my_param_ret[0], 1L)
|| !TEST_ptr_eq(my_param_b[1], bio)
|| !TEST_int_eq(my_param_oper[1], BIO_CB_READ | BIO_CB_RETURN)
|| !TEST_ptr_eq(my_param_argp[1], buf)
|| !TEST_int_eq(my_param_argi[1], sizeof(buf))
|| !TEST_long_eq(my_param_argl[1], 0L)
|| !TEST_long_eq(my_param_ret[1], (long)test1len))
goto err;
/* By default a mem bio returns -1 if it has run out of data */
my_param_count = 0;
i = BIO_read(bio, buf, sizeof(buf));
if (!TEST_int_eq(i, -1)
|| !TEST_int_eq(my_param_count, 2)
|| !TEST_ptr_eq(my_param_b[0], bio)
|| !TEST_int_eq(my_param_oper[0], BIO_CB_READ)
|| !TEST_ptr_eq(my_param_argp[0], buf)
|| !TEST_int_eq(my_param_argi[0], sizeof(buf))
|| !TEST_long_eq(my_param_argl[0], 0L)
|| !TEST_long_eq(my_param_ret[0], 1L)
|| !TEST_ptr_eq(my_param_b[1], bio)
|| !TEST_int_eq(my_param_oper[1], BIO_CB_READ | BIO_CB_RETURN)
|| !TEST_ptr_eq(my_param_argp[1], buf)
|| !TEST_int_eq(my_param_argi[1], sizeof(buf))
|| !TEST_long_eq(my_param_argl[1], 0L)
|| !TEST_long_eq(my_param_ret[1], -1L))
goto err;
/* Force the mem bio to return 0 if it has run out of data */
BIO_set_mem_eof_return(bio, 0);
my_param_count = 0;
i = BIO_read(bio, buf, sizeof(buf));
if (!TEST_int_eq(i, 0)
|| !TEST_int_eq(my_param_count, 2)
|| !TEST_ptr_eq(my_param_b[0], bio)
|| !TEST_int_eq(my_param_oper[0], BIO_CB_READ)
|| !TEST_ptr_eq(my_param_argp[0], buf)
|| !TEST_int_eq(my_param_argi[0], sizeof(buf))
|| !TEST_long_eq(my_param_argl[0], 0L)
|| !TEST_long_eq(my_param_ret[0], 1L)
|| !TEST_ptr_eq(my_param_b[1], bio)
|| !TEST_int_eq(my_param_oper[1], BIO_CB_READ | BIO_CB_RETURN)
|| !TEST_ptr_eq(my_param_argp[1], buf)
|| !TEST_int_eq(my_param_argi[1], sizeof(buf))
|| !TEST_long_eq(my_param_argl[1], 0L)
|| !TEST_long_eq(my_param_ret[1], 0L))
goto err;
my_param_count = 0;
i = BIO_puts(bio, test2);
if (!TEST_int_eq(i, 5)
|| !TEST_int_eq(my_param_count, 2)
|| !TEST_ptr_eq(my_param_b[0], bio)
|| !TEST_int_eq(my_param_oper[0], BIO_CB_PUTS)
|| !TEST_ptr_eq(my_param_argp[0], test2)
|| !TEST_int_eq(my_param_argi[0], 0)
|| !TEST_long_eq(my_param_argl[0], 0L)
|| !TEST_long_eq(my_param_ret[0], 1L)
|| !TEST_ptr_eq(my_param_b[1], bio)
|| !TEST_int_eq(my_param_oper[1], BIO_CB_PUTS | BIO_CB_RETURN)
|| !TEST_ptr_eq(my_param_argp[1], test2)
|| !TEST_int_eq(my_param_argi[1], 0)
|| !TEST_long_eq(my_param_argl[1], 0L)
|| !TEST_long_eq(my_param_ret[1], (long)test2len))
goto err;
my_param_count = 0;
i = BIO_free(bio);
if (!TEST_int_eq(i, 1)
|| !TEST_int_eq(my_param_count, 1)
|| !TEST_ptr_eq(my_param_b[0], bio)
|| !TEST_int_eq(my_param_oper[0], BIO_CB_FREE)
|| !TEST_ptr_eq(my_param_argp[0], NULL)
|| !TEST_int_eq(my_param_argi[0], 0)
|| !TEST_long_eq(my_param_argl[0], 0L)
|| !TEST_long_eq(my_param_ret[0], 1L))
goto finish;
ok = 1;
goto finish;
err:
BIO_free(bio);
finish:
/* This helps finding memory leaks with ASAN */
memset(my_param_b, 0, sizeof(my_param_b));
memset(my_param_argp, 0, sizeof(my_param_argp));
return ok;
}
int setup_tests(void)
{
ADD_TEST(test_bio_callback);
return 1;
}

232
test/bio_enc_test.c Normal file
View File

@@ -0,0 +1,232 @@
/*
* Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <string.h>
#include <openssl/evp.h>
#include <openssl/bio.h>
#include <openssl/rand.h>
#include "testutil.h"
#define ENCRYPT 1
#define DECRYPT 0
#define DATA_SIZE 1024
#define MAX_IV 32
#define BUF_SIZE (DATA_SIZE + MAX_IV)
static const unsigned char KEY[] = {
0x51, 0x50, 0xd1, 0x77, 0x2f, 0x50, 0x83, 0x4a,
0x50, 0x3e, 0x06, 0x9a, 0x97, 0x3f, 0xbd, 0x7c,
0xe6, 0x1c, 0x43, 0x2b, 0x72, 0x0b, 0x19, 0xd1,
0x8e, 0xc8, 0xd8, 0x4b, 0xdc, 0x63, 0x15, 0x1b
};
static const unsigned char IV[] = {
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08
};
static int do_bio_cipher(const EVP_CIPHER* cipher, const unsigned char* key,
const unsigned char* iv)
{
BIO *b;
static unsigned char inp[BUF_SIZE] = { 0 };
unsigned char out[BUF_SIZE], ref[BUF_SIZE];
int i, lref, len;
/* Fill buffer with non-zero data so that over steps can be detected */
if (!TEST_int_gt(RAND_bytes(inp, DATA_SIZE), 0))
return 0;
/* Encrypt tests */
/* reference output for single-chunk operation */
b = BIO_new(BIO_f_cipher());
if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, ENCRYPT)))
return 0;
BIO_push(b, BIO_new_mem_buf(inp, DATA_SIZE));
lref = BIO_read(b, ref, sizeof(ref));
BIO_free_all(b);
/* perform split operations and compare to reference */
for (i = 1; i < lref; i++) {
b = BIO_new(BIO_f_cipher());
if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, ENCRYPT))) {
TEST_info("Split encrypt failed @ operation %d", i);
return 0;
}
BIO_push(b, BIO_new_mem_buf(inp, DATA_SIZE));
memset(out, 0, sizeof(out));
out[i] = ~ref[i];
len = BIO_read(b, out, i);
/* check for overstep */
if (!TEST_uchar_eq(out[i], (unsigned char)~ref[i])) {
TEST_info("Encrypt overstep check failed @ operation %d", i);
return 0;
}
len += BIO_read(b, out + len, sizeof(out) - len);
BIO_free_all(b);
if (!TEST_mem_eq(out, len, ref, lref)) {
TEST_info("Encrypt compare failed @ operation %d", i);
return 0;
}
}
/* perform small-chunk operations and compare to reference */
for (i = 1; i < lref / 2; i++) {
int delta;
b = BIO_new(BIO_f_cipher());
if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, ENCRYPT))) {
TEST_info("Small chunk encrypt failed @ operation %d", i);
return 0;
}
BIO_push(b, BIO_new_mem_buf(inp, DATA_SIZE));
memset(out, 0, sizeof(out));
for (len = 0; (delta = BIO_read(b, out + len, i)); ) {
len += delta;
}
BIO_free_all(b);
if (!TEST_mem_eq(out, len, ref, lref)) {
TEST_info("Small chunk encrypt compare failed @ operation %d", i);
return 0;
}
}
/* Decrypt tests */
/* reference output for single-chunk operation */
b = BIO_new(BIO_f_cipher());
if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, DECRYPT)))
return 0;
/* Use original reference output as input */
BIO_push(b, BIO_new_mem_buf(ref, lref));
(void)BIO_flush(b);
memset(out, 0, sizeof(out));
len = BIO_read(b, out, sizeof(out));
BIO_free_all(b);
if (!TEST_mem_eq(inp, DATA_SIZE, out, len))
return 0;
/* perform split operations and compare to reference */
for (i = 1; i < lref; i++) {
b = BIO_new(BIO_f_cipher());
if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, DECRYPT))) {
TEST_info("Split decrypt failed @ operation %d", i);
return 0;
}
BIO_push(b, BIO_new_mem_buf(ref, lref));
memset(out, 0, sizeof(out));
out[i] = ~ref[i];
len = BIO_read(b, out, i);
/* check for overstep */
if (!TEST_uchar_eq(out[i], (unsigned char)~ref[i])) {
TEST_info("Decrypt overstep check failed @ operation %d", i);
return 0;
}
len += BIO_read(b, out + len, sizeof(out) - len);
BIO_free_all(b);
if (!TEST_mem_eq(inp, DATA_SIZE, out, len)) {
TEST_info("Decrypt compare failed @ operation %d", i);
return 0;
}
}
/* perform small-chunk operations and compare to reference */
for (i = 1; i < lref / 2; i++) {
int delta;
b = BIO_new(BIO_f_cipher());
if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, DECRYPT))) {
TEST_info("Small chunk decrypt failed @ operation %d", i);
return 0;
}
BIO_push(b, BIO_new_mem_buf(ref, lref));
memset(out, 0, sizeof(out));
for (len = 0; (delta = BIO_read(b, out + len, i)); ) {
len += delta;
}
BIO_free_all(b);
if (!TEST_mem_eq(inp, DATA_SIZE, out, len)) {
TEST_info("Small chunk decrypt compare failed @ operation %d", i);
return 0;
}
}
return 1;
}
static int do_test_bio_cipher(const EVP_CIPHER* cipher, int idx)
{
switch(idx)
{
case 0:
return do_bio_cipher(cipher, KEY, NULL);
case 1:
return do_bio_cipher(cipher, KEY, IV);
}
return 0;
}
static int test_bio_enc_aes_128_cbc(int idx)
{
return do_test_bio_cipher(EVP_aes_128_cbc(), idx);
}
static int test_bio_enc_aes_128_ctr(int idx)
{
return do_test_bio_cipher(EVP_aes_128_ctr(), idx);
}
static int test_bio_enc_aes_256_cfb(int idx)
{
return do_test_bio_cipher(EVP_aes_256_cfb(), idx);
}
static int test_bio_enc_aes_256_ofb(int idx)
{
return do_test_bio_cipher(EVP_aes_256_ofb(), idx);
}
# ifndef OPENSSL_NO_CHACHA
static int test_bio_enc_chacha20(int idx)
{
return do_test_bio_cipher(EVP_chacha20(), idx);
}
# ifndef OPENSSL_NO_POLY1305
static int test_bio_enc_chacha20_poly1305(int idx)
{
return do_test_bio_cipher(EVP_chacha20_poly1305(), idx);
}
# endif
# endif
int setup_tests(void)
{
ADD_ALL_TESTS(test_bio_enc_aes_128_cbc, 2);
ADD_ALL_TESTS(test_bio_enc_aes_128_ctr, 2);
ADD_ALL_TESTS(test_bio_enc_aes_256_cfb, 2);
ADD_ALL_TESTS(test_bio_enc_aes_256_ofb, 2);
# ifndef OPENSSL_NO_CHACHA
ADD_ALL_TESTS(test_bio_enc_chacha20, 2);
# ifndef OPENSSL_NO_POLY1305
ADD_ALL_TESTS(test_bio_enc_chacha20_poly1305, 2);
# endif
# endif
return 1;
}

302
test/bioprinttest.c Normal file
View File

@@ -0,0 +1,302 @@
/*
* Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#define TESTUTIL_NO_size_t_COMPARISON
#include <stdio.h>
#include <string.h>
#include <openssl/bio.h>
#include "internal/numbers.h"
#include "testutil.h"
#include "testutil/output.h"
#define nelem(x) (int)(sizeof(x) / sizeof((x)[0]))
static int justprint = 0;
static char *fpexpected[][10][5] = {
{
/* 00 */ { "0.0000e+00", "0.0000", "0", "0.0000E+00", "0" },
/* 01 */ { "6.7000e-01", "0.6700", "0.67", "6.7000E-01", "0.67" },
/* 02 */ { "6.6667e-01", "0.6667", "0.6667", "6.6667E-01", "0.6667" },
/* 03 */ { "6.6667e-04", "0.0007", "0.0006667", "6.6667E-04", "0.0006667" },
/* 04 */ { "6.6667e-05", "0.0001", "6.667e-05", "6.6667E-05", "6.667E-05" },
/* 05 */ { "6.6667e+00", "6.6667", "6.667", "6.6667E+00", "6.667" },
/* 06 */ { "6.6667e+01", "66.6667", "66.67", "6.6667E+01", "66.67" },
/* 07 */ { "6.6667e+02", "666.6667", "666.7", "6.6667E+02", "666.7" },
/* 08 */ { "6.6667e+03", "6666.6667", "6667", "6.6667E+03", "6667" },
/* 09 */ { "6.6667e+04", "66666.6667", "6.667e+04", "6.6667E+04", "6.667E+04" },
},
{
/* 10 */ { "0.00000e+00", "0.00000", "0", "0.00000E+00", "0" },
/* 11 */ { "6.70000e-01", "0.67000", "0.67", "6.70000E-01", "0.67" },
/* 12 */ { "6.66667e-01", "0.66667", "0.66667", "6.66667E-01", "0.66667" },
/* 13 */ { "6.66667e-04", "0.00067", "0.00066667", "6.66667E-04", "0.00066667" },
/* 14 */ { "6.66667e-05", "0.00007", "6.6667e-05", "6.66667E-05", "6.6667E-05" },
/* 15 */ { "6.66667e+00", "6.66667", "6.6667", "6.66667E+00", "6.6667" },
/* 16 */ { "6.66667e+01", "66.66667", "66.667", "6.66667E+01", "66.667" },
/* 17 */ { "6.66667e+02", "666.66667", "666.67", "6.66667E+02", "666.67" },
/* 18 */ { "6.66667e+03", "6666.66667", "6666.7", "6.66667E+03", "6666.7" },
/* 19 */ { "6.66667e+04", "66666.66667", "66667", "6.66667E+04", "66667" },
},
{
/* 20 */ { " 0.0000e+00", " 0.0000", " 0", " 0.0000E+00", " 0" },
/* 21 */ { " 6.7000e-01", " 0.6700", " 0.67", " 6.7000E-01", " 0.67" },
/* 22 */ { " 6.6667e-01", " 0.6667", " 0.6667", " 6.6667E-01", " 0.6667" },
/* 23 */ { " 6.6667e-04", " 0.0007", " 0.0006667", " 6.6667E-04", " 0.0006667" },
/* 24 */ { " 6.6667e-05", " 0.0001", " 6.667e-05", " 6.6667E-05", " 6.667E-05" },
/* 25 */ { " 6.6667e+00", " 6.6667", " 6.667", " 6.6667E+00", " 6.667" },
/* 26 */ { " 6.6667e+01", " 66.6667", " 66.67", " 6.6667E+01", " 66.67" },
/* 27 */ { " 6.6667e+02", " 666.6667", " 666.7", " 6.6667E+02", " 666.7" },
/* 28 */ { " 6.6667e+03", " 6666.6667", " 6667", " 6.6667E+03", " 6667" },
/* 29 */ { " 6.6667e+04", " 66666.6667", " 6.667e+04", " 6.6667E+04", " 6.667E+04" },
},
{
/* 30 */ { " 0.00000e+00", " 0.00000", " 0", " 0.00000E+00", " 0" },
/* 31 */ { " 6.70000e-01", " 0.67000", " 0.67", " 6.70000E-01", " 0.67" },
/* 32 */ { " 6.66667e-01", " 0.66667", " 0.66667", " 6.66667E-01", " 0.66667" },
/* 33 */ { " 6.66667e-04", " 0.00067", " 0.00066667", " 6.66667E-04", " 0.00066667" },
/* 34 */ { " 6.66667e-05", " 0.00007", " 6.6667e-05", " 6.66667E-05", " 6.6667E-05" },
/* 35 */ { " 6.66667e+00", " 6.66667", " 6.6667", " 6.66667E+00", " 6.6667" },
/* 36 */ { " 6.66667e+01", " 66.66667", " 66.667", " 6.66667E+01", " 66.667" },
/* 37 */ { " 6.66667e+02", " 666.66667", " 666.67", " 6.66667E+02", " 666.67" },
/* 38 */ { " 6.66667e+03", " 6666.66667", " 6666.7", " 6.66667E+03", " 6666.7" },
/* 39 */ { " 6.66667e+04", " 66666.66667", " 66667", " 6.66667E+04", " 66667" },
},
{
/* 40 */ { "0e+00", "0", "0", "0E+00", "0" },
/* 41 */ { "7e-01", "1", "0.7", "7E-01", "0.7" },
/* 42 */ { "7e-01", "1", "0.7", "7E-01", "0.7" },
/* 43 */ { "7e-04", "0", "0.0007", "7E-04", "0.0007" },
/* 44 */ { "7e-05", "0", "7e-05", "7E-05", "7E-05" },
/* 45 */ { "7e+00", "7", "7", "7E+00", "7" },
/* 46 */ { "7e+01", "67", "7e+01", "7E+01", "7E+01" },
/* 47 */ { "7e+02", "667", "7e+02", "7E+02", "7E+02" },
/* 48 */ { "7e+03", "6667", "7e+03", "7E+03", "7E+03" },
/* 49 */ { "7e+04", "66667", "7e+04", "7E+04", "7E+04" },
},
{
/* 50 */ { "0.000000e+00", "0.000000", "0", "0.000000E+00", "0" },
/* 51 */ { "6.700000e-01", "0.670000", "0.67", "6.700000E-01", "0.67" },
/* 52 */ { "6.666667e-01", "0.666667", "0.666667", "6.666667E-01", "0.666667" },
/* 53 */ { "6.666667e-04", "0.000667", "0.000666667", "6.666667E-04", "0.000666667" },
/* 54 */ { "6.666667e-05", "0.000067", "6.66667e-05", "6.666667E-05", "6.66667E-05" },
/* 55 */ { "6.666667e+00", "6.666667", "6.66667", "6.666667E+00", "6.66667" },
/* 56 */ { "6.666667e+01", "66.666667", "66.6667", "6.666667E+01", "66.6667" },
/* 57 */ { "6.666667e+02", "666.666667", "666.667", "6.666667E+02", "666.667" },
/* 58 */ { "6.666667e+03", "6666.666667", "6666.67", "6.666667E+03", "6666.67" },
/* 59 */ { "6.666667e+04", "66666.666667", "66666.7", "6.666667E+04", "66666.7" },
},
{
/* 60 */ { "0.0000e+00", "000.0000", "00000000", "0.0000E+00", "00000000" },
/* 61 */ { "6.7000e-01", "000.6700", "00000.67", "6.7000E-01", "00000.67" },
/* 62 */ { "6.6667e-01", "000.6667", "000.6667", "6.6667E-01", "000.6667" },
/* 63 */ { "6.6667e-04", "000.0007", "0.0006667", "6.6667E-04", "0.0006667" },
/* 64 */ { "6.6667e-05", "000.0001", "6.667e-05", "6.6667E-05", "6.667E-05" },
/* 65 */ { "6.6667e+00", "006.6667", "0006.667", "6.6667E+00", "0006.667" },
/* 66 */ { "6.6667e+01", "066.6667", "00066.67", "6.6667E+01", "00066.67" },
/* 67 */ { "6.6667e+02", "666.6667", "000666.7", "6.6667E+02", "000666.7" },
/* 68 */ { "6.6667e+03", "6666.6667", "00006667", "6.6667E+03", "00006667" },
/* 69 */ { "6.6667e+04", "66666.6667", "6.667e+04", "6.6667E+04", "6.667E+04" },
},
};
typedef struct z_data_st {
size_t value;
const char *format;
const char *expected;
} z_data;
static z_data zu_data[] = {
{ SIZE_MAX, "%zu", (sizeof(size_t) == 4 ? "4294967295"
: sizeof(size_t) == 8 ? "18446744073709551615"
: "") },
/*
* in 2-complement, the unsigned number divided by two plus one becomes the
* smallest possible negative signed number of the corresponding type
*/
{ SIZE_MAX / 2 + 1, "%zi", (sizeof(size_t) == 4 ? "-2147483648"
: sizeof(size_t) == 8 ? "-9223372036854775808"
: "") },
{ 0, "%zu", "0" },
{ 0, "%zi", "0" },
};
static int test_zu(int i)
{
char bio_buf[80];
const z_data *data = &zu_data[i];
BIO_snprintf(bio_buf, sizeof(bio_buf) - 1, data->format, data->value);
if (!TEST_str_eq(bio_buf, data->expected))
return 0;
return 1;
}
typedef struct j_data_st {
uint64_t value;
const char *format;
const char *expected;
} j_data;
static j_data jf_data[] = {
{ 0xffffffffffffffffU, "%ju", "18446744073709551615" },
{ 0xffffffffffffffffU, "%jx", "ffffffffffffffff" },
{ 0x8000000000000000U, "%ju", "9223372036854775808" },
/*
* These tests imply two's-complement, but it's the only binary
* representation we support, see test/sanitytest.c...
*/
{ 0x8000000000000000U, "%ji", "-9223372036854775808" },
};
static int test_j(int i)
{
const j_data *data = &jf_data[i];
char bio_buf[80];
BIO_snprintf(bio_buf, sizeof(bio_buf) - 1, data->format, data->value);
if (!TEST_str_eq(bio_buf, data->expected))
return 0;
return 1;
}
/* Precision and width. */
typedef struct pw_st {
int p;
const char *w;
} pw;
static pw pw_params[] = {
{ 4, "" },
{ 5, "" },
{ 4, "12" },
{ 5, "12" },
{ 0, "" },
{ -1, "" },
{ 4, "08" }
};
static int dofptest(int test, int sub, double val, const char *width, int prec)
{
static const char *fspecs[] = {
"e", "f", "g", "E", "G"
};
char format[80], result[80];
int ret = 1, i;
for (i = 0; i < nelem(fspecs); i++) {
const char *fspec = fspecs[i];
if (prec >= 0)
BIO_snprintf(format, sizeof(format), "%%%s.%d%s", width, prec,
fspec);
else
BIO_snprintf(format, sizeof(format), "%%%s%s", width, fspec);
BIO_snprintf(result, sizeof(result), format, val);
if (justprint) {
if (i == 0)
printf(" /* %d%d */ { \"%s\"", test, sub, result);
else
printf(", \"%s\"", result);
} else if (!TEST_str_eq(fpexpected[test][sub][i], result)) {
TEST_info("test %d format=|%s| exp=|%s|, ret=|%s|",
test, format, fpexpected[test][sub][i], result);
ret = 0;
}
}
if (justprint)
printf(" },\n");
return ret;
}
static int test_fp(int i)
{
int t = 0, r;
const double frac = 2.0 / 3.0;
const pw *pwp = &pw_params[i];
if (justprint)
printf(" {\n");
r = TEST_true(dofptest(i, t++, 0.0, pwp->w, pwp->p))
&& TEST_true(dofptest(i, t++, 0.67, pwp->w, pwp->p))
&& TEST_true(dofptest(i, t++, frac, pwp->w, pwp->p))
&& TEST_true(dofptest(i, t++, frac / 1000, pwp->w, pwp->p))
&& TEST_true(dofptest(i, t++, frac / 10000, pwp->w, pwp->p))
&& TEST_true(dofptest(i, t++, 6.0 + frac, pwp->w, pwp->p))
&& TEST_true(dofptest(i, t++, 66.0 + frac, pwp->w, pwp->p))
&& TEST_true(dofptest(i, t++, 666.0 + frac, pwp->w, pwp->p))
&& TEST_true(dofptest(i, t++, 6666.0 + frac, pwp->w, pwp->p))
&& TEST_true(dofptest(i, t++, 66666.0 + frac, pwp->w, pwp->p));
if (justprint)
printf(" },\n");
return r;
}
static int test_big(void)
{
char buf[80];
/* Test excessively big number. Should fail */
if (!TEST_int_eq(BIO_snprintf(buf, sizeof(buf),
"%f\n", 2 * (double)ULONG_MAX), -1))
return 0;
return 1;
}
int setup_tests(void)
{
justprint = test_has_option("-expected");
ADD_TEST(test_big);
ADD_ALL_TESTS(test_fp, nelem(pw_params));
ADD_ALL_TESTS(test_zu, nelem(zu_data));
ADD_ALL_TESTS(test_j, nelem(jf_data));
return 1;
}
/*
* Replace testutil output routines. We do this to eliminate possible sources
* of BIO error
*/
void test_open_streams(void)
{
}
void test_close_streams(void)
{
}
/*
* This works out as long as caller doesn't use any "fancy" formats.
* But we are caller's caller, and test_str_eq is the only one called,
* and it uses only "%s", which is not "fancy"...
*/
int test_vprintf_stdout(const char *fmt, va_list ap)
{
return vfprintf(stdout, fmt, ap);
}
int test_vprintf_stderr(const char *fmt, va_list ap)
{
return vfprintf(stderr, fmt, ap);
}
int test_flush_stdout(void)
{
return fflush(stdout);
}
int test_flush_stderr(void)
{
return fflush(stderr);
}

2287
test/bntest.c Normal file
View File

File diff suppressed because it is too large Load Diff

156
test/bntests.pl Normal file
View File

@@ -0,0 +1,156 @@
#! /usr/bin/env perl
# Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
# Run the tests specified in bntests.txt, as a check against OpenSSL.
use strict;
use warnings;
use Math::BigInt;
my $EXPECTED_FAILURES = 0;
my $failures = 0;
sub bn
{
my $x = shift;
my ($sign, $hex) = ($x =~ /^([+\-]?)(.*)$/);
$hex = '0x' . $hex if $hex !~ /^0x/;
return Math::BigInt->from_hex($sign.$hex);
}
sub evaluate
{
my $lineno = shift;
my %s = @_;
if ( defined $s{'Sum'} ) {
# Sum = A + B
my $sum = bn($s{'Sum'});
my $a = bn($s{'A'});
my $b = bn($s{'B'});
return if $sum == $a + $b;
} elsif ( defined $s{'LShift1'} ) {
# LShift1 = A * 2
my $lshift1 = bn($s{'LShift1'});
my $a = bn($s{'A'});
return if $lshift1 == $a->bmul(2);
} elsif ( defined $s{'LShift'} ) {
# LShift = A * 2**N
my $lshift = bn($s{'LShift'});
my $a = bn($s{'A'});
my $n = bn($s{'N'});
return if $lshift == $a->blsft($n);
} elsif ( defined $s{'RShift'} ) {
# RShift = A / 2**N
my $rshift = bn($s{'RShift'});
my $a = bn($s{'A'});
my $n = bn($s{'N'});
return if $rshift == $a->brsft($n);
} elsif ( defined $s{'Square'} ) {
# Square = A * A
my $square = bn($s{'Square'});
my $a = bn($s{'A'});
return if $square == $a->bmul($a);
} elsif ( defined $s{'Product'} ) {
# Product = A * B
my $product = bn($s{'Product'});
my $a = bn($s{'A'});
my $b = bn($s{'B'});
return if $product == $a->bmul($b);
} elsif ( defined $s{'Quotient'} ) {
# Quotient = A / B
# Remainder = A - B * Quotient
my $quotient = bn($s{'Quotient'});
my $remainder = bn($s{'Remainder'});
my $a = bn($s{'A'});
my $b = bn($s{'B'});
# First the remainder test.
$b->bmul($quotient);
my $rempassed = $remainder == $a->bsub($b) ? 1 : 0;
# Math::BigInt->bdiv() is documented to do floored division,
# i.e. 1 / -4 = -1, while OpenSSL BN_div does truncated
# division, i.e. 1 / -4 = 0. We need to make the operation
# work like OpenSSL's BN_div to be able to verify.
$a = bn($s{'A'});
$b = bn($s{'B'});
my $neg = $a->is_neg() ? !$b->is_neg() : $b->is_neg();
$a->babs();
$b->babs();
$a->bdiv($b);
$a->bneg() if $neg;
return if $rempassed && $quotient == $a;
} elsif ( defined $s{'ModMul'} ) {
# ModMul = (A * B) mod M
my $modmul = bn($s{'ModMul'});
my $a = bn($s{'A'});
my $b = bn($s{'B'});
my $m = bn($s{'M'});
$a->bmul($b);
return if $modmul == $a->bmod($m);
} elsif ( defined $s{'ModExp'} ) {
# ModExp = (A ** E) mod M
my $modexp = bn($s{'ModExp'});
my $a = bn($s{'A'});
my $e = bn($s{'E'});
my $m = bn($s{'M'});
return if $modexp == $a->bmodpow($e, $m);
} elsif ( defined $s{'Exp'} ) {
my $exp = bn($s{'Exp'});
my $a = bn($s{'A'});
my $e = bn($s{'E'});
return if $exp == $a ** $e;
} elsif ( defined $s{'ModSqrt'} ) {
# (ModSqrt * ModSqrt) mod P = A mod P
my $modsqrt = bn($s{'ModSqrt'});
my $a = bn($s{'A'});
my $p = bn($s{'P'});
$modsqrt->bmul($modsqrt);
$modsqrt->bmod($p);
$a->bmod($p);
return if $modsqrt == $a;
} else {
print "# Unknown test: ";
}
$failures++;
print "# #$failures Test (before line $lineno) failed\n";
foreach ( keys %s ) {
print "$_ = $s{$_}\n";
}
print "\n";
}
my $infile = shift || 'bntests.txt';
die "No such file, $infile" unless -f $infile;
open my $IN, $infile || die "Can't read $infile, $!\n";
my %stanza = ();
my $l = 0;
while ( <$IN> ) {
$l++;
s|\R$||;
next if /^#/;
if ( /^$/ ) {
if ( keys %stanza ) {
evaluate($l, %stanza);
%stanza = ();
}
next;
}
# Parse 'key = value'
if ( ! /\s*([^\s]*)\s*=\s*(.*)\s*/ ) {
print "Skipping $_\n";
next;
}
$stanza{$1} = $2;
};
evaluate($l, %stanza) if keys %stanza;
die "Got $failures, expected $EXPECTED_FAILURES"
if $infile eq 'bntests.txt' and $failures != $EXPECTED_FAILURES;
close($IN)

582
test/build.info Normal file
View File

@@ -0,0 +1,582 @@
{-
use File::Spec::Functions;
sub rebase_files
{
my ($base, $files) = @_;
return join(" ", map { "$base/$_" } split(/\s+/, $files));
}
""
-}
IF[{- !$disabled{tests} -}]
LIBS_NO_INST=libtestutil.a
SOURCE[libtestutil.a]=testutil/basic_output.c testutil/output_helpers.c \
testutil/driver.c testutil/tests.c testutil/cb.c testutil/stanza.c \
testutil/format_output.c testutil/tap_bio.c \
testutil/test_cleanup.c testutil/main.c testutil/init.c
INCLUDE[libtestutil.a]=../include
DEPEND[libtestutil.a]=../libcrypto
# Special hack for descrip.mms to include the MAIN object module
# explicitly. This will only be done if there isn't a MAIN in the
# program's object modules already.
BEGINRAW[descrip.mms]
INCLUDE_MAIN___test_libtestutil_OLB = /INCLUDE=MAIN
ENDRAW[descrip.mms]
PROGRAMS_NO_INST=\
versions \
aborttest test_test \
sanitytest rsa_complex exdatatest bntest \
ectest ecstresstest ecdsatest gmdifftest pbelutest ideatest \
md2test \
hmactest \
rc2test rc4test rc5test \
destest mdc2test \
dhtest enginetest casttest \
bftest ssltest_old dsatest dsa_no_digest_size_test exptest rsa_test \
evp_test evp_extra_test igetest v3nametest v3ext \
crltest danetest bad_dtls_test lhash_test \
conf_include_test \
constant_time_test verify_extra_test clienthellotest \
packettest asynctest secmemtest srptest memleaktest stack_test \
dtlsv1listentest ct_test threadstest afalgtest d2i_test \
ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \
bio_callback_test \
bioprinttest sslapitest dtlstest sslcorrupttest bio_enc_test \
pkey_meth_test pkey_meth_kdf_test uitest cipherbytes_test \
asn1_encode_test asn1_decode_test asn1_string_table_test \
x509_time_test x509_dup_cert_test x509_check_cert_pkey_test \
recordlentest drbgtest sslbuffertest \
recordlentest drbgtest drbg_cavs_test sslbuffertest \
time_offset_test pemtest ssl_cert_table_internal_test ciphername_test \
servername_test ocspapitest rsa_mp_test fatalerrtest tls13ccstest \
sysdefaulttest errtest gosttest
SOURCE[versions]=versions.c
INCLUDE[versions]=../include
DEPEND[versions]=../libcrypto
SOURCE[aborttest]=aborttest.c
INCLUDE[aborttest]=../include
DEPEND[aborttest]=../libcrypto
SOURCE[sanitytest]=sanitytest.c
INCLUDE[sanitytest]=../include
DEPEND[sanitytest]=../libcrypto libtestutil.a
SOURCE[rsa_complex]=rsa_complex.c
INCLUDE[rsa_complex]=../include
SOURCE[test_test]=test_test.c
INCLUDE[test_test]=../include
DEPEND[test_test]=../libcrypto libtestutil.a
SOURCE[exdatatest]=exdatatest.c
INCLUDE[exdatatest]=../include
DEPEND[exdatatest]=../libcrypto libtestutil.a
SOURCE[bntest]=bntest.c
INCLUDE[bntest]=../include
DEPEND[bntest]=../libcrypto libtestutil.a
SOURCE[ectest]=ectest.c
INCLUDE[ectest]=../include
DEPEND[ectest]=../libcrypto libtestutil.a
SOURCE[ecstresstest]=ecstresstest.c
INCLUDE[ecstresstest]=../include
DEPEND[ecstresstest]=../libcrypto libtestutil.a
SOURCE[ecdsatest]=ecdsatest.c
INCLUDE[ecdsatest]=../include
DEPEND[ecdsatest]=../libcrypto libtestutil.a
SOURCE[gmdifftest]=gmdifftest.c
INCLUDE[gmdifftest]=../include
DEPEND[gmdifftest]=../libcrypto libtestutil.a
SOURCE[pbelutest]=pbelutest.c
INCLUDE[pbelutest]=../include
DEPEND[pbelutest]=../libcrypto libtestutil.a
SOURCE[ideatest]=ideatest.c
INCLUDE[ideatest]=../include
DEPEND[ideatest]=../libcrypto libtestutil.a
SOURCE[md2test]=md2test.c
INCLUDE[md2test]=../include
DEPEND[md2test]=../libcrypto libtestutil.a
SOURCE[hmactest]=hmactest.c
INCLUDE[hmactest]=../include
DEPEND[hmactest]=../libcrypto libtestutil.a
SOURCE[rc2test]=rc2test.c
INCLUDE[rc2test]=../include
DEPEND[rc2test]=../libcrypto libtestutil.a
SOURCE[rc4test]=rc4test.c
INCLUDE[rc4test]=../include
DEPEND[rc4test]=../libcrypto libtestutil.a
SOURCE[rc5test]=rc5test.c
INCLUDE[rc5test]=../include
DEPEND[rc5test]=../libcrypto libtestutil.a
SOURCE[destest]=destest.c
INCLUDE[destest]=../include
DEPEND[destest]=../libcrypto libtestutil.a
SOURCE[mdc2test]=mdc2test.c
INCLUDE[mdc2test]=../include
DEPEND[mdc2test]=../libcrypto libtestutil.a
SOURCE[dhtest]=dhtest.c
INCLUDE[dhtest]=../include
DEPEND[dhtest]=../libcrypto libtestutil.a
SOURCE[enginetest]=enginetest.c
INCLUDE[enginetest]=../include
DEPEND[enginetest]=../libcrypto libtestutil.a
SOURCE[casttest]=casttest.c
INCLUDE[casttest]=../include
DEPEND[casttest]=../libcrypto libtestutil.a
SOURCE[bftest]=bftest.c
INCLUDE[bftest]=../include
DEPEND[bftest]=../libcrypto libtestutil.a
SOURCE[ssltest_old]=ssltest_old.c
INCLUDE[ssltest_old]=.. ../include
DEPEND[ssltest_old]=../libcrypto ../libssl
SOURCE[dsatest]=dsatest.c
INCLUDE[dsatest]=../include
DEPEND[dsatest]=../libcrypto libtestutil.a
SOURCE[dsa_no_digest_size_test]=dsa_no_digest_size_test.c
INCLUDE[dsa_no_digest_size_test]=../include
DEPEND[dsa_no_digest_size_test]=../libcrypto libtestutil.a
SOURCE[exptest]=exptest.c
INCLUDE[exptest]=../include
DEPEND[exptest]=../libcrypto libtestutil.a
SOURCE[rsa_test]=rsa_test.c
INCLUDE[rsa_test]=../include
DEPEND[rsa_test]=../libcrypto libtestutil.a
SOURCE[rsa_mp_test]=rsa_mp_test.c
INCLUDE[rsa_mp_test]=../include
DEPEND[rsa_mp_test]=../libcrypto libtestutil.a
SOURCE[fatalerrtest]=fatalerrtest.c ssltestlib.c
INCLUDE[fatalerrtest]=../include
DEPEND[fatalerrtest]=../libcrypto ../libssl libtestutil.a
SOURCE[tls13ccstest]=tls13ccstest.c ssltestlib.c
INCLUDE[tls13ccstest]=../include
DEPEND[tls13ccstest]=../libcrypto ../libssl libtestutil.a
SOURCE[evp_test]=evp_test.c
INCLUDE[evp_test]=../include
DEPEND[evp_test]=../libcrypto libtestutil.a
SOURCE[evp_extra_test]=evp_extra_test.c
INCLUDE[evp_extra_test]=../include ../crypto/include
DEPEND[evp_extra_test]=../libcrypto libtestutil.a
SOURCE[igetest]=igetest.c
INCLUDE[igetest]=../include
DEPEND[igetest]=../libcrypto libtestutil.a
SOURCE[v3nametest]=v3nametest.c
INCLUDE[v3nametest]=../include
DEPEND[v3nametest]=../libcrypto libtestutil.a
SOURCE[crltest]=crltest.c
INCLUDE[crltest]=../include
DEPEND[crltest]=../libcrypto libtestutil.a
SOURCE[v3ext]=v3ext.c
INCLUDE[v3ext]=../include
DEPEND[v3ext]=../libcrypto libtestutil.a
SOURCE[danetest]=danetest.c
INCLUDE[danetest]=../include
DEPEND[danetest]=../libcrypto ../libssl libtestutil.a
SOURCE[constant_time_test]=constant_time_test.c
INCLUDE[constant_time_test]=../include
DEPEND[constant_time_test]=../libcrypto libtestutil.a
SOURCE[verify_extra_test]=verify_extra_test.c
INCLUDE[verify_extra_test]=../include
DEPEND[verify_extra_test]=../libcrypto libtestutil.a
SOURCE[clienthellotest]=clienthellotest.c
INCLUDE[clienthellotest]=../include
DEPEND[clienthellotest]=../libcrypto ../libssl libtestutil.a
SOURCE[bad_dtls_test]=bad_dtls_test.c
INCLUDE[bad_dtls_test]=../include
DEPEND[bad_dtls_test]=../libcrypto ../libssl libtestutil.a
SOURCE[packettest]=packettest.c
INCLUDE[packettest]=../include
DEPEND[packettest]=../libcrypto libtestutil.a
SOURCE[asynctest]=asynctest.c
INCLUDE[asynctest]=../include
DEPEND[asynctest]=../libcrypto
SOURCE[secmemtest]=secmemtest.c
INCLUDE[secmemtest]=../include
DEPEND[secmemtest]=../libcrypto libtestutil.a
SOURCE[srptest]=srptest.c
INCLUDE[srptest]=../include
DEPEND[srptest]=../libcrypto libtestutil.a
SOURCE[memleaktest]=memleaktest.c
INCLUDE[memleaktest]=../include
DEPEND[memleaktest]=../libcrypto libtestutil.a
SOURCE[stack_test]=stack_test.c
INCLUDE[stack_test]=../include
DEPEND[stack_test]=../libcrypto libtestutil.a
SOURCE[lhash_test]=lhash_test.c
INCLUDE[lhash_test]=../include
DEPEND[lhash_test]=../libcrypto libtestutil.a
SOURCE[dtlsv1listentest]=dtlsv1listentest.c
INCLUDE[dtlsv1listentest]=../include
DEPEND[dtlsv1listentest]=../libssl libtestutil.a
SOURCE[ct_test]=ct_test.c
INCLUDE[ct_test]=../include
DEPEND[ct_test]=../libcrypto libtestutil.a
SOURCE[threadstest]=threadstest.c
INCLUDE[threadstest]=../include
DEPEND[threadstest]=../libcrypto libtestutil.a
SOURCE[afalgtest]=afalgtest.c
INCLUDE[afalgtest]=../include
DEPEND[afalgtest]=../libcrypto libtestutil.a
SOURCE[d2i_test]=d2i_test.c
INCLUDE[d2i_test]=../include
DEPEND[d2i_test]=../libcrypto libtestutil.a
SOURCE[ssl_test_ctx_test]=ssl_test_ctx_test.c ssl_test_ctx.c
INCLUDE[ssl_test_ctx_test]=../include
DEPEND[ssl_test_ctx_test]=../libcrypto ../libssl libtestutil.a
SOURCE[ssl_test]=ssl_test.c ssl_test_ctx.c handshake_helper.c
INCLUDE[ssl_test]=../include
DEPEND[ssl_test]=../libcrypto ../libssl libtestutil.a
SOURCE[cipherlist_test]=cipherlist_test.c
INCLUDE[cipherlist_test]=../include
DEPEND[cipherlist_test]=../libcrypto ../libssl libtestutil.a
INCLUDE[ssl_test_ctx.o]=../include
INCLUDE[handshake_helper.o]=.. ../include
INCLUDE[ssltestlib.o]=.. ../include
SOURCE[x509aux]=x509aux.c
INCLUDE[x509aux]=../include
DEPEND[x509aux]=../libcrypto libtestutil.a
SOURCE[asynciotest]=asynciotest.c ssltestlib.c
INCLUDE[asynciotest]=../include
DEPEND[asynciotest]=../libcrypto ../libssl libtestutil.a
SOURCE[bio_callback_test]=bio_callback_test.c
INCLUDE[bio_callback_test]=../include
DEPEND[bio_callback_test]=../libcrypto libtestutil.a
SOURCE[bioprinttest]=bioprinttest.c
INCLUDE[bioprinttest]=../include
DEPEND[bioprinttest]=../libcrypto libtestutil.a
SOURCE[sslapitest]=sslapitest.c ssltestlib.c
INCLUDE[sslapitest]=../include ..
DEPEND[sslapitest]=../libcrypto ../libssl libtestutil.a
SOURCE[ocspapitest]=ocspapitest.c
INCLUDE[ocspapitest]=../include
DEPEND[ocspapitest]=../libcrypto libtestutil.a
SOURCE[dtlstest]=dtlstest.c ssltestlib.c
INCLUDE[dtlstest]=../include
DEPEND[dtlstest]=../libcrypto ../libssl libtestutil.a
SOURCE[sslcorrupttest]=sslcorrupttest.c ssltestlib.c
INCLUDE[sslcorrupttest]=../include
DEPEND[sslcorrupttest]=../libcrypto ../libssl libtestutil.a
SOURCE[bio_enc_test]=bio_enc_test.c
INCLUDE[bio_enc_test]=../include
DEPEND[bio_enc_test]=../libcrypto libtestutil.a
SOURCE[pkey_meth_test]=pkey_meth_test.c
INCLUDE[pkey_meth_test]=../include
DEPEND[pkey_meth_test]=../libcrypto libtestutil.a
SOURCE[pkey_meth_kdf_test]=pkey_meth_kdf_test.c
INCLUDE[pkey_meth_kdf_test]=../include
DEPEND[pkey_meth_kdf_test]=../libcrypto libtestutil.a
SOURCE[x509_time_test]=x509_time_test.c
INCLUDE[x509_time_test]=../include
DEPEND[x509_time_test]=../libcrypto libtestutil.a
SOURCE[recordlentest]=recordlentest.c ssltestlib.c
INCLUDE[recordlentest]=../include
DEPEND[recordlentest]=../libcrypto ../libssl libtestutil.a
SOURCE[drbgtest]=drbgtest.c
INCLUDE[drbgtest]=../include
DEPEND[drbgtest]=../libcrypto.a libtestutil.a
SOURCE[drbg_cavs_test]=drbg_cavs_test.c drbg_cavs_data.c
INCLUDE[drbg_cavs_test]=../include . ..
DEPEND[drbg_cavs_test]=../libcrypto libtestutil.a
SOURCE[x509_dup_cert_test]=x509_dup_cert_test.c
INCLUDE[x509_dup_cert_test]=../include
DEPEND[x509_dup_cert_test]=../libcrypto libtestutil.a
SOURCE[x509_check_cert_pkey_test]=x509_check_cert_pkey_test.c
INCLUDE[x509_check_cert_pkey_test]=../include
DEPEND[x509_check_cert_pkey_test]=../libcrypto libtestutil.a
SOURCE[pemtest]=pemtest.c
INCLUDE[pemtest]=../include
DEPEND[pemtest]=../libcrypto libtestutil.a
SOURCE[ssl_cert_table_internal_test]=ssl_cert_table_internal_test.c
INCLUDE[ssl_cert_table_internal_test]=.. ../include
DEPEND[ssl_cert_table_internal_test]=../libcrypto libtestutil.a
SOURCE[ciphername_test]=ciphername_test.c
INCLUDE[ciphername_test]=../include
DEPEND[ciphername_test]=../libcrypto ../libssl libtestutil.a
SOURCE[servername_test]=servername_test.c ssltestlib.c
INCLUDE[servername_test]=../include
DEPEND[servername_test]=../libcrypto ../libssl libtestutil.a
IF[{- !$disabled{cms} -}]
PROGRAMS_NO_INST=cmsapitest
SOURCE[cmsapitest]=cmsapitest.c
INCLUDE[cmsapitest]=../include
DEPEND[cmsapitest]=../libcrypto libtestutil.a
ENDIF
IF[{- !$disabled{psk} -}]
PROGRAMS_NO_INST=dtls_mtu_test
SOURCE[dtls_mtu_test]=dtls_mtu_test.c ssltestlib.c
INCLUDE[dtls_mtu_test]=.. ../include
DEPEND[dtls_mtu_test]=../libcrypto ../libssl libtestutil.a
ENDIF
IF[{- !$disabled{shared} -}]
PROGRAMS_NO_INST=shlibloadtest
SOURCE[shlibloadtest]=shlibloadtest.c
INCLUDE[shlibloadtest]=../include ../crypto/include
DEPEND[shlibloadtest]=libtestutil.a
ENDIF
IF[{- $disabled{shared} -}]
PROGRAMS_NO_INST=cipher_overhead_test
SOURCE[cipher_overhead_test]=cipher_overhead_test.c
INCLUDE[cipher_overhead_test]=.. ../include
DEPEND[cipher_overhead_test]=../libcrypto ../libssl libtestutil.a
ENDIF
SOURCE[uitest]=uitest.c \
{- rebase_files("../apps",
split(/\s+/, $target{apps_init_src})) -}
INCLUDE[uitest]=.. ../include ../apps
DEPEND[uitest]=../apps/libapps.a ../libcrypto ../libssl libtestutil.a
SOURCE[cipherbytes_test]=cipherbytes_test.c
INCLUDE[cipherbytes_test]=../include
DEPEND[cipherbytes_test]=../libcrypto ../libssl libtestutil.a
SOURCE[asn1_encode_test]=asn1_encode_test.c
INCLUDE[asn1_encode_test]=../include
DEPEND[asn1_encode_test]=../libcrypto libtestutil.a
SOURCE[asn1_decode_test]=asn1_decode_test.c
INCLUDE[asn1_decode_test]=../include
DEPEND[asn1_decode_test]=../libcrypto libtestutil.a
SOURCE[asn1_string_table_test]=asn1_string_table_test.c
INCLUDE[asn1_string_table_test]=../include
DEPEND[asn1_string_table_test]=../libcrypto libtestutil.a
SOURCE[time_offset_test]=time_offset_test.c
INCLUDE[time_offset_test]=../include
DEPEND[time_offset_test]=../libcrypto libtestutil.a
SOURCE[conf_include_test]=conf_include_test.c
INCLUDE[conf_include_test]=../include
DEPEND[conf_include_test]=../libcrypto libtestutil.a
# Internal test programs. These are essentially a collection of internal
# test routines. Some of them need to reach internal symbols that aren't
# available through the shared library (at least on Linux, Solaris, Windows
# and VMS, where the exported symbols are those listed in util/*.num), these
# programs are forcibly linked with the static libraries, where all symbols
# are always available.
IF[1]
PROGRAMS_NO_INST=asn1_internal_test modes_internal_test x509_internal_test \
tls13encryptiontest wpackettest ctype_internal_test \
rdrand_sanitytest
IF[{- !$disabled{poly1305} -}]
PROGRAMS_NO_INST=poly1305_internal_test
ENDIF
IF[{- !$disabled{chacha} -}]
PROGRAMS_NO_INST=chacha_internal_test
ENDIF
IF[{- !$disabled{siphash} -}]
PROGRAMS_NO_INST=siphash_internal_test
ENDIF
IF[{- !$disabled{sm2} -}]
PROGRAMS_NO_INST=sm2_internal_test
ENDIF
IF[{- !$disabled{sm4} -}]
PROGRAMS_NO_INST=sm4_internal_test
ENDIF
IF[{- !$disabled{ec} -}]
PROGRAMS_NO_INST=curve448_internal_test
ENDIF
SOURCE[poly1305_internal_test]=poly1305_internal_test.c
INCLUDE[poly1305_internal_test]=.. ../include ../crypto/include
DEPEND[poly1305_internal_test]=../libcrypto.a libtestutil.a
SOURCE[chacha_internal_test]=chacha_internal_test.c
INCLUDE[chacha_internal_test]=.. ../include ../crypto/include
DEPEND[chacha_internal_test]=../libcrypto.a libtestutil.a
SOURCE[asn1_internal_test]=asn1_internal_test.c
INCLUDE[asn1_internal_test]=.. ../include ../crypto/include
DEPEND[asn1_internal_test]=../libcrypto.a libtestutil.a
SOURCE[modes_internal_test]=modes_internal_test.c
INCLUDE[modes_internal_test]=.. ../include
DEPEND[modes_internal_test]=../libcrypto.a libtestutil.a
SOURCE[x509_internal_test]=x509_internal_test.c
INCLUDE[x509_internal_test]=.. ../include
DEPEND[x509_internal_test]=../libcrypto.a libtestutil.a
SOURCE[tls13encryptiontest]=tls13encryptiontest.c
INCLUDE[tls13encryptiontest]=.. ../include
DEPEND[tls13encryptiontest]=../libcrypto ../libssl.a libtestutil.a
SOURCE[wpackettest]=wpackettest.c
INCLUDE[wpackettest]=../include
DEPEND[wpackettest]=../libcrypto ../libssl.a libtestutil.a
SOURCE[ctype_internal_test]=ctype_internal_test.c
INCLUDE[ctype_internal_test]=.. ../crypto/include ../include
DEPEND[ctype_internal_test]=../libcrypto.a libtestutil.a
SOURCE[siphash_internal_test]=siphash_internal_test.c
INCLUDE[siphash_internal_test]=.. ../include ../crypto/include
DEPEND[siphash_internal_test]=../libcrypto.a libtestutil.a
SOURCE[sm2_internal_test]=sm2_internal_test.c
INCLUDE[sm2_internal_test]=../include ../crypto/include
DEPEND[sm2_internal_test]=../libcrypto.a libtestutil.a
SOURCE[sm4_internal_test]=sm4_internal_test.c
INCLUDE[sm4_internal_test]=.. ../include ../crypto/include
DEPEND[sm4_internal_test]=../libcrypto.a libtestutil.a
SOURCE[curve448_internal_test]=curve448_internal_test.c
INCLUDE[curve448_internal_test]=.. ../include ../crypto/ec/curve448
DEPEND[curve448_internal_test]=../libcrypto.a libtestutil.a
SOURCE[rdrand_sanitytest]=rdrand_sanitytest.c
INCLUDE[rdrand_sanitytest]=../include
DEPEND[rdrand_sanitytest]=../libcrypto.a libtestutil.a
ENDIF
IF[{- !$disabled{mdc2} -}]
PROGRAMS_NO_INST=mdc2_internal_test
ENDIF
SOURCE[mdc2_internal_test]=mdc2_internal_test.c
INCLUDE[mdc2_internal_test]=.. ../include
DEPEND[mdc2_internal_test]=../libcrypto libtestutil.a
PROGRAMS_NO_INST=asn1_time_test
SOURCE[asn1_time_test]=asn1_time_test.c
INCLUDE[asn1_time_test]=../include
DEPEND[asn1_time_test]=../libcrypto libtestutil.a
# We disable this test completely in a shared build because it deliberately
# redefines some internal libssl symbols. This doesn't work in a non-shared
# build
IF[{- !$disabled{shared} -}]
PROGRAMS_NO_INST=tls13secretstest
SOURCE[tls13secretstest]=tls13secretstest.c
SOURCE[tls13secretstest]= ../ssl/tls13_enc.c ../ssl/packet.c
INCLUDE[tls13secretstest]=.. ../include
DEPEND[tls13secretstest]=../libcrypto ../libssl libtestutil.a
ENDIF
SOURCE[sslbuffertest]=sslbuffertest.c ssltestlib.c
INCLUDE[sslbuffertest]=../include
DEPEND[sslbuffertest]=../libcrypto ../libssl libtestutil.a
SOURCE[sysdefaulttest]=sysdefaulttest.c
INCLUDE[sysdefaulttest]=../include
DEPEND[sysdefaulttest]=../libcrypto ../libssl libtestutil.a
SOURCE[errtest]=errtest.c
INCLUDE[errtest]=../include
DEPEND[errtest]=../libcrypto libtestutil.a
SOURCE[gosttest]=gosttest.c ssltestlib.c
INCLUDE[gosttest]=../include ..
DEPEND[gosttest]=../libcrypto ../libssl libtestutil.a
ENDIF
{-
use File::Spec::Functions;
use File::Basename;
use OpenSSL::Glob;
my @nogo_headers = ( "asn1_mac.h",
"opensslconf.h",
"__decc_include_prologue.h",
"__decc_include_epilogue.h" );
my @nogo_headers_re = ( qr/.*err\.h/ );
my @headerfiles = glob catfile($sourcedir,
updir(), "include", "openssl", "*.h");
foreach my $headerfile (@headerfiles) {
my $name = basename($headerfile, ".h");
next if $disabled{$name};
next if grep { $_ eq lc("$name.h") } @nogo_headers;
next if grep { lc("$name.h") =~ m/$_/i } @nogo_headers_re;
$OUT .= <<"_____";
PROGRAMS_NO_INST=buildtest_$name
GENERATE[buildtest_$name.c]=generate_buildtest.pl $name
SOURCE[buildtest_$name]=buildtest_$name.c
INCLUDE[buildtest_$name]=../include
DEPEND[buildtest_$name]=../libssl ../libcrypto
_____
}
-}

112
test/casttest.c Normal file
View File

@@ -0,0 +1,112 @@
/*
* Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_CAST is defined */
#include "internal/nelem.h"
#include "testutil.h"
#ifndef OPENSSL_NO_CAST
# include <openssl/cast.h>
static unsigned char k[16] = {
0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78,
0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9A
};
static unsigned char in[8] =
{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF };
static int k_len[3] = { 16, 10, 5 };
static unsigned char c[3][8] = {
{0x23, 0x8B, 0x4F, 0xE5, 0x84, 0x7E, 0x44, 0xB2},
{0xEB, 0x6A, 0x71, 0x1A, 0x2C, 0x02, 0x27, 0x1B},
{0x7A, 0xC8, 0x16, 0xD1, 0x6E, 0x9B, 0x30, 0x2E},
};
static unsigned char in_a[16] = {
0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78,
0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9A
};
static unsigned char in_b[16] = {
0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78,
0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9A
};
static unsigned char c_a[16] = {
0xEE, 0xA9, 0xD0, 0xA2, 0x49, 0xFD, 0x3B, 0xA6,
0xB3, 0x43, 0x6F, 0xB8, 0x9D, 0x6D, 0xCA, 0x92
};
static unsigned char c_b[16] = {
0xB2, 0xC9, 0x5E, 0xB0, 0x0C, 0x31, 0xAD, 0x71,
0x80, 0xAC, 0x05, 0xB8, 0xE8, 0x3D, 0x69, 0x6E
};
static int cast_test_vector(int z)
{
int testresult = 1;
CAST_KEY key;
unsigned char out[80];
CAST_set_key(&key, k_len[z], k);
CAST_ecb_encrypt(in, out, &key, CAST_ENCRYPT);
if (!TEST_mem_eq(out, sizeof(c[z]), c[z], sizeof(c[z]))) {
TEST_info("CAST_ENCRYPT iteration %d failed (len=%d)", z, k_len[z]);
testresult = 0;
}
CAST_ecb_encrypt(out, out, &key, CAST_DECRYPT);
if (!TEST_mem_eq(out, sizeof(in), in, sizeof(in))) {
TEST_info("CAST_DECRYPT iteration %d failed (len=%d)", z, k_len[z]);
testresult = 0;
}
return testresult;
}
static int cast_test_iterations(void)
{
long l;
int testresult = 1;
CAST_KEY key, key_b;
unsigned char out_a[16], out_b[16];
memcpy(out_a, in_a, sizeof(in_a));
memcpy(out_b, in_b, sizeof(in_b));
for (l = 0; l < 1000000L; l++) {
CAST_set_key(&key_b, 16, out_b);
CAST_ecb_encrypt(&(out_a[0]), &(out_a[0]), &key_b, CAST_ENCRYPT);
CAST_ecb_encrypt(&(out_a[8]), &(out_a[8]), &key_b, CAST_ENCRYPT);
CAST_set_key(&key, 16, out_a);
CAST_ecb_encrypt(&(out_b[0]), &(out_b[0]), &key, CAST_ENCRYPT);
CAST_ecb_encrypt(&(out_b[8]), &(out_b[8]), &key, CAST_ENCRYPT);
}
if (!TEST_mem_eq(out_a, sizeof(c_a), c_a, sizeof(c_a))
|| !TEST_mem_eq(out_b, sizeof(c_b), c_b, sizeof(c_b)))
testresult = 0;
return testresult;
}
#endif
int setup_tests(void)
{
#ifndef OPENSSL_NO_CAST
ADD_ALL_TESTS(cast_test_vector, OSSL_NELEM(k_len));
ADD_TEST(cast_test_iterations);
#endif
return 1;
}

21
test/certs/alt1-cert.pem Normal file
View File

@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDgTCCAmmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxUZXN0
IE5DIENBIDEwIBcNMTgwNTE2MDIzODEzWhgPMjExODA1MTcwMjM4MTNaMFQxIzAh
BgNVBAoMGkdvb2QgTkMgVGVzdCBDZXJ0aWZpY2F0ZSAxMRgwFgYDVQQDDA93d3cu
ZXhhbXBsZS5uZXQxEzARBgNVBAMMCkpvZSBCbG9nZ3MwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDTqvf6j+WxCtn4RU8/6uXXgCTcksv6NDXCZ9JAz4Vv
cQbJfhFbDWpGZQZDOCqwtj+7CSVIraxItHzPlrt36cevsoPmpuqGbHrUaOLneme2
x81SXUq0z/DmDvwxVENmRj1u7iCt3sL7awcid4SiotLOY2F1jBazmqprqKZBUiyQ
XqpSp+9uSav77ydwDXCrQozBdns1YRshgU9omQrTcIqHCj1f9Lo+A2y4+TZYZkvS
DuUZiTfPTPouR6sopM8JLyAZc+TvFFncEg24N+zz3O3jwH82BZEjzavw92J9npJB
UXvKb8O9z7UA65WYuL2he7kSQCsPNLoRWZnVpchwr3VHAgMBAAGjgZgwgZUwHQYD
VR0OBBYEFHvLhGWckFjVXdDI3ds9Wti6zgXAMB8GA1UdIwQYMBaAFAjRm/nm1WRw
oPFrGp7tUtrd9VBDMAkGA1UdEwQCMAAwSAYDVR0RBEEwP4IMd3d3Lmdvb2Qub3Jn
ggxhbnkuZ29vZC5jb22BDWdvb2RAZ29vZC5vcmeBDGFueUBnb29kLmNvbYcEwKgA
ATANBgkqhkiG9w0BAQsFAAOCAQEATVcTyrAxsehdQNrkL6kquXxWlyegJcxvVxUe
hfh9+Lw4620b2S1/l2YxFM3peLAsRgJOznmJOeG18+y7/kx/3UNqYGY7e8iJQ3Gl
JwDIJp5JCaUOlodjhMJtRc7jn9RcsL97oizXdcryyWT0vSlM9Pie9NtHG5iq5X4+
oL3X8+OG25MOkF2h3YVCEG3vDu7quyTlHc2ebwpdLZRndcOewO2Cap1ettyWXUPP
Mha6wyJE8LJhrGmrI8Lw+i7gGscP0xYZn3yCLk5BtOabn4dvCiDmb+TPruKQQARw
BG45LEZzGxz+Ad3xRdZyVi1I67v9YShoYTCpMTSxJaR0erH74g==
-----END CERTIFICATE-----

28
test/certs/alt1-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDTqvf6j+WxCtn4
RU8/6uXXgCTcksv6NDXCZ9JAz4VvcQbJfhFbDWpGZQZDOCqwtj+7CSVIraxItHzP
lrt36cevsoPmpuqGbHrUaOLneme2x81SXUq0z/DmDvwxVENmRj1u7iCt3sL7awci
d4SiotLOY2F1jBazmqprqKZBUiyQXqpSp+9uSav77ydwDXCrQozBdns1YRshgU9o
mQrTcIqHCj1f9Lo+A2y4+TZYZkvSDuUZiTfPTPouR6sopM8JLyAZc+TvFFncEg24
N+zz3O3jwH82BZEjzavw92J9npJBUXvKb8O9z7UA65WYuL2he7kSQCsPNLoRWZnV
pchwr3VHAgMBAAECggEACPTB+1sdV+lioaulF8pDoWOtq5uWf+a3o5sq/U0Kk1WP
+PSZnWWq6oGZyzxUKhf8CFjxt+qJUKY6Zbo2AnPk3B1MkXTclYV/iP9LIoo+WzCH
EoYaBB6MTd+ycg/jri8oqEnxHgo/681yhtXRyePj0ZHI7OVZjI3tyhJfvoHQmuci
u6qYYUP0GWuyM+kHS11vn6Q1U8nOZWvXpEDXDDdJ7+2QRuv01AXcjFxpbFzkMn2W
JkhKkCTIQpUU66VMRHwNexi+TR2rRESq0G+fa+6gaVFVIs0vBukq48IeC5W21j1L
zyftHxci67FlYC9iaiUxDVt3KB+lcukx6Cz5mjtzqQKBgQD/GrAtFfjiXKj9O5ld
K7dnnBHE8fzyWQWyOfwpVjNAC1J7tgwFvDpBpTHOwS5JnCwMWWM3rkBPRhCusmrF
AtfE8b643G+cJbTgDuEhGh11QR0p9VWMVFQL9kZxx12PegDtFBfzcfcI3XQwKVKL
ZbQn4ibW3BKSt9+Nh3APa0s5iwKBgQDUaTxZBajTdzoDd6Pg3warL5BhsxWr2tUQ
qf+iVoba2Y9NTBdxBht2whSaYweU9kxmeNZvnCu95B8HeRGE69Dxb7IWwpsaxoaf
ND0NcCF7aPZgx7hvhbHF7duzt3nuv+q5sOuuyHPzm+nF2snAuY3Zg+Bpv3nlYekf
18aXZdwStQKBgEpF8e9ei1UUl1sLZC6dUMvIw9+sePHye1cVzNYYM9m8sio0qbFt
ySRdvW+uDRT/dE+wItQOVsj95FOIvM9ZcYr0u4vFGnXDALOPgXqKyPLfn2cc9+hg
kQvei0oLOrFQWz6rcAHAN6WMHIz9KvxNAzPtg1NhRcMT5/Gj8jt7CK7bAoGAIeKz
7OO5Phr8F0eDzkDmGHMbDmr6XxMnAGSOUoCJPOqOMN+dsbsusHBfxw1bTUlJgONw
GhgI5l85EAEhaVoRWCLgfz8GbWwUV9uGjdlAjiZ9f4z9AFWMua2rae0wN4VIVd1C
i/yQeuF5lsXDf8paNcQTDeus74oCHcFXfhmS1S0CgYB2q8E+H0kFHbUxkIZYwhsM
r0lTecn+kVsyPPje2UlzfTwvcC9dFIC4ppCdJGUJAwi/PJnr6xNyOH6I1pjUA8ER
Aofm4Oj2DwX8W+81oO71/RXSfEFUjdOw0H6iRDyvWa1gqftj2/aWjV7Ifdo49thx
EzX/9GdsRInifN6FfOfo/A==
-----END PRIVATE KEY-----

20
test/certs/alt2-cert.pem Normal file
View File

@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDVjCCAj6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxUZXN0
IE5DIENBIDIwIBcNMTYwNzA5MTQ0ODExWhgPMjExNjA3MTAxNDQ4MTFaMCUxIzAh
BgNVBAoMGkdvb2QgTkMgVGVzdCBDZXJ0aWZpY2F0ZSAyMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAw+bG1zr36IgcElBxX1vFcfq1NhdwjzUWlYt88oVr
Zbn2cKzOZWTA2ft8slJf5b5AgWWuJ1Ph1EdX9evBvUE3qVUPDpJQ7UNBMvScqL8J
pCjWBcRK9WWguV6MTqF8dJnadup7qfN0i6IWquA4yDEcJDQR4j0BjoAEsQgkASYi
maYN5W7PW5swj7AR4K0W5Cwy+KF4+UXKkHPCmYUlbBa6lXZRp3uwU/gXT0fmLz3W
O8eT1PdoPnbRVFIKPhZrHcNAORti4xr4Cn8IEhTaqxIQnCjSCjhksoOuoojhW0qR
s9t1lTDxyBX5Uz6smanEyCQ6TQFOdMj4m8ULNYTSZbGYcwIDAQABo4GcMIGZMB0G
A1UdDgQWBBT4YmD7D7JsE8BJzNs/5cIpbtZxhjAfBgNVHSMEGDAWgBS6A5+dBiSk
V+Zz+vU6Cfm6hcyp+jAJBgNVHRMEAjAAMEwGA1UdEQRFMEOCEHd3dy5hbnl0aGlu
Zy5vcmeCDWFueS5vdGhlci5jb22BDW90aGVyQGJhZC5vcmeBEWFueUBzb21ldGhp
bmcuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBaH8qg41pSXo2ViEsZWVyUmB7QwVVW
bWeR191XTQPfPNEDFmUzzeBllMUedF4HyD36v7Flpo/LdPdXQnZQ/eyKalztFHgm
uePN5DNdS5xn9aqiKNF5pkO9WDhhYuwLRM50JeiyvKk2NvNx9oDFUQ7G6jEJu/r9
rd+8PCUa0SK1dDPJ9dpGrfsAYwk8kST5/JfyDMrocsijOu3v1uGTttMQ0h0A6w6g
EW8p77dVS/a2S3wJo9EiFHhnrAN493cwSXgBZUhKoKOri2u6XKV2D3g8N6bp22Ut
S5wx0pC8o3wW5upPsDAnEUt9kJJgVkS0FfCEHhHZ8iQyuwX15Yft2Qsj
-----END CERTIFICATE-----

28
test/certs/alt2-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDD5sbXOvfoiBwS
UHFfW8Vx+rU2F3CPNRaVi3zyhWtlufZwrM5lZMDZ+3yyUl/lvkCBZa4nU+HUR1f1
68G9QTepVQ8OklDtQ0Ey9JyovwmkKNYFxEr1ZaC5XoxOoXx0mdp26nup83SLohaq
4DjIMRwkNBHiPQGOgASxCCQBJiKZpg3lbs9bmzCPsBHgrRbkLDL4oXj5RcqQc8KZ
hSVsFrqVdlGne7BT+BdPR+YvPdY7x5PU92g+dtFUUgo+Fmsdw0A5G2LjGvgKfwgS
FNqrEhCcKNIKOGSyg66iiOFbSpGz23WVMPHIFflTPqyZqcTIJDpNAU50yPibxQs1
hNJlsZhzAgMBAAECggEAfuMureALDTmD/TTPijV1+TKrRyL9jDSVsT1NLATRIG3I
OwkjErek1kw3Y4VJihSl0Wpb2CtT3dxsE+Slc4EXnX1zqDuLYXKre2bHReGfTA4L
Omb/Kl2uMgMUnCWq6BdzUozklpsTRRIy3nEnNjvg/24em0xqgrNW1pfwQjJCPQQX
5ZLma+msDjT0BW2V7cnVh76A8qjDVRvJzKGRseVZEh+8Uke+SIKKLi1qICcK6MmX
1TpGs/Yy+GaXk7HajmKEYEEDSRdS9sqFnvqkf1TsbHrZQqKdtWuXtIvss1ap7y1c
PL5Y1z0/zf5WXV9nV3Yjd7F1tTN6S4sY7exOgNenmQKBgQDtkElQSwPHI3GCddfp
Eo79w0K0N+PkkQTXkP/3566xTCg78xGU1HW0aw8jabVsSpHC2uD0dBJbkQ0iBa24
VOwwGUUy8ZME14M0ToCDm2vXTR8oOw05DBcM4RwQQdGVxdnwScUJnDzefJEUyx57
3HO4QWu+h4nBqp5CTk+Y5gu4ZQKBgQDTGsgtIcdQevWay4nXKp+kcUYJy2zmCnBO
RFryyvdSSr3Tf7eeEZTicBiBp20fzppHc8/hdWnaF8+jlRx/hYY0M6hO2DEvXg78
BbkqxwGV3dOZXEVusy8CPCQuRfQNY8XhQ195VyFdfsRKZ1dKD7C1Gky7dXgA26Ms
KdWarvuD9wKBgQCi/h0fBujnp6zIqtvhoQcUmvTYO4STnOAqmuTUjVQxdyQfxazp
ZUAA8ndnf66nRx5tB8nSTxUNWB8fma/QSgvnEF+HDXImn0r5B2drZKaACPz4mFOB
MYdbIdQkX1RSI3ZdQ+/5oQWuTN8p2hbnOqD26YPoLIxaoRqGOb6pFCU0dQKBgDUm
+CHM8HdGDlLkTpd7ZuirkJvkuU2OcUpzkYayLeVtZjA7ZwsImDkPSkxS0HoCtfup
oDy/KGC+QAyK/brp7ql0HDuF2ZR4lUNFWaL4qmCGksF5Zw4BVaO1atKv0EwSw/78
zKwrkP4ObfPh4yuFmdNvhMRqRkXJB2OWQO8Kgc9vAoGBALXo6IGSM6TtHoNrnEwi
LozF+eV6ZmYb1miBEBVOyCDl0BVx+6n3iNt17v2EmWLcFYS4ZE+AF9EuRfxuDv+V
ZSK8sQKka0YgQmLPIoBXksZGwTUYBaO1ojFKuVzrE0ATnbVzuu5wHLZeyK2soCQF
slY5WVhO5Oo2YTGB7Wxzs4Ut
-----END PRIVATE KEY-----

21
test/certs/alt3-cert.pem Normal file
View File

@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDeDCCAmCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDDA5UZXN0
IE5DIHN1YiBDQTAgFw0xNjA3MDkxNDQ4MTFaGA8yMTE2MDcxMDE0NDgxMVowVDEj
MCEGA1UECgwaR29vZCBOQyBUZXN0IENlcnRpZmljYXRlIDMxGDAWBgNVBAMMD3d3
dy5vay5nb29kLmNvbTETMBEGA1UEAwwKSm9lIEJsb2dnczCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBANF68Ty4b18vK4fqVqJMIbwj/mLnF+WA6lvrzEE2
79mtKLn6jHAjXWJCJ8U+ib23dRf7K3F3qJcQF3sEZpY3VgbmBMZe6mQ1A4Kfza3k
Wm+D2vNy8BTh8esu3P9TsD89679qUaZ2/85RykFmnV8NdJnAgFEQ+NZuBeQck2Ya
cZiYyjNCfWEnSsvmO66M99VXzzD9kkpEUXpe2GbLfzE1iP+79sFGGFHYAvmTmhKY
DFIEJqKY56bnYBlFtQFTWGqjDe8irV8vFJ+VoXR73DXq/J/k9UvwytwDtsJMeRsj
O61UpbBDV+QipZeGC6cXtRzxPDsxz0BAXQeWQl7F4xavc78CAwEAAaOBjTCBijAd
BgNVHQ4EFgQU0K7Prr9eRi5yL/vKPFPpfIBCRUwwHwYDVR0jBBgwFoAU8FOJh91W
GcAZ5iBVbwv8FBXXo7IwCQYDVR0TBAIwADA9BgNVHREENjA0gg93d3cub2suZ29v
ZC5jb22BDWdvb2RAZ29vZC5vcmeBDGFueUBnb29kLmNvbYcEwKgAATANBgkqhkiG
9w0BAQsFAAOCAQEAfJyYbBQfCHNwPeKi1/OYZA5CLOzktiiR8Uh/1YQLb80jNtcn
f4zZOHURqd4mLDrKNnQ7MVqlj+CC3oN4c/L58yQqLm1fbTKXgH6t6OGgg2IL3Aet
XWbHOg0arknwyOKY5jjVkzbZthZ9EaS0QTlN8eULHV3nwImlfc5IFDetzIvPJkz9
82fYuUO5jeCB4vjKBX5Ha7rvg/6rnNX71vA3++JrFc0PRFoJvnQ6GQTtBSZE4dFK
TOH5jE60bjDUL48jl267HLF5RklGuQRgZ3XfIU8JqDtEQuWJTWHc3NPEl2GOJO86
QDfXLy4+TUfWsoAEuoVeOvR5zitzy3Wqcm3Idw==
-----END CERTIFICATE-----

28
test/certs/alt3-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDRevE8uG9fLyuH
6laiTCG8I/5i5xflgOpb68xBNu/ZrSi5+oxwI11iQifFPom9t3UX+ytxd6iXEBd7
BGaWN1YG5gTGXupkNQOCn82t5Fpvg9rzcvAU4fHrLtz/U7A/Peu/alGmdv/OUcpB
Zp1fDXSZwIBREPjWbgXkHJNmGnGYmMozQn1hJ0rL5juujPfVV88w/ZJKRFF6Xthm
y38xNYj/u/bBRhhR2AL5k5oSmAxSBCaimOem52AZRbUBU1hqow3vIq1fLxSflaF0
e9w16vyf5PVL8MrcA7bCTHkbIzutVKWwQ1fkIqWXhgunF7Uc8Tw7Mc9AQF0HlkJe
xeMWr3O/AgMBAAECggEBAJFEuNZq8JEJnR58G+gg86QNMfRUXfYCGIP2WYdAGcTS
mFOgtJNvcusZBYt7evndp44h2FavrHJV7nKY8qtpZHcUPGt0lwc23GBRgcj9etmq
jsQVCPjyV1nI/ejymF7DCiGMEWNnUq45ehEwoCGyqxGUtWeCZY4Obndqea1s2SoA
SIwrP74kSP+cjcOb+KEg5jF5aT0Mzo9ipQuuoxLzjXJhtQuyDYOulq4g/jalMewk
GLgRgbzrEDK8/DMVu35rNJ+CHWHowo+1G4lLY4DhajPMXMqb0dgR1JlFF5qyBoTN
CJXq4mpuf4ApEd61MTCm0FoqSm/AprSAIISCqapytQECgYEA/ND+C9ZnOOtTxgqI
nuq2r1yGFlNnbovcfiU3vrceUvmN+ne1tBtXSTNB4H95AUuoBeVAeYApBKxc0c9K
5Pnwp5NdPbana2cfuorzJrIHM09RP/obDP8VTnNJeO7wd+00Cx5ZnV5g8UcicebH
hbjfsc/lkd8G8YCIx+DBigzjIO8CgYEA1B4/JjCOuzM7Ag3y+XIIl3Ud4n15uog1
5tDD1y3xWzZbL7fh0APf4mT8cTTU0ms4i9Rnpraw8ds9EfhMDXxJBs+LO6Ivw5RY
RxWoAB1YTPU+T8EuTzZzIp/jrWTgsvLkjNq25W/lbZLO1n8ofFMgAAbWsN0J40ZN
70Sib/JAOjECgYBSiJvXG3h5QYIIzhmJ39Ah8Y+orDPBCBHEcLwBG+Dfb67lDL2Z
/a8CK6Se+J51SNCilBP3VlqNtwNaT1UA6YOiAV7YLc/8JR9bk88LW+Uz3/oDa8/2
7zNyd/qNa1u/mwV5d8ADuvLk8bcR/ig2xILqlpc4htnKb463ye0E924SqwKBgHKL
OtKmmgzg51Z+rdyiBZ20MsUhuOBPubvAtGC4gIMe4TLte1VXIkkg+2kufFZ8a/am
ZqqSMQ8JsvrHOFp36P9yh99V/7D/pIQOX8BgGFTGgjWTPiysXJQv/0SdGvHHVD/z
w5w2RpBbHLKbzAMG6FrbVof/dN10E5XHXGhTSvehAoGAHA6WgpPFp7iJBoC13NrZ
q3DKluiytegvljyDW5hOlRGqdWp7551EGYLnWtc4bSHboIf89Iz4mW/hyYr7frzE
A3Ksob4NIUCGMFJGSyTuK7eyhAxlVZbzqepZ+YftfTvW3iVXkxXx6kEgdzwPrNMx
DXwfc6G23PX5tUayTZqKC+g=
-----END PRIVATE KEY-----

21
test/certs/bad-pc3-cert.pem Normal file
View File

@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDajCCAlKgAwIBAgIBAjANBgkqhkiG9w0BAQsFADArMRcwFQYDVQQDDA5zZXJ2
ZXIuZXhhbXBsZTEQMA4GA1UEAwwHcHJveHkgMTAgFw0xNjA2MTgxOTU0NDZaGA8y
MTE2MDYxOTE5NTQ0NlowKzEXMBUGA1UEAwwOc2VydmVyLmV4YW1wbGUxEDAOBgNV
BAMMB3Byb3h5IDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfkPXh
tGaOG5MRdMZ6mSI+OVj13SjQEMO741bjZmZM7/WwJwNx4/ozwy5w3hbcvEom2qe6
WCKThzpB+hufIgsElrLL6YHu/eExxfMqSkuUnlYye8JLriqs54i47bvtLn+h/vZd
MnsIrS/WGmGCDfVGC3u21h3tTmcVd/jC8vUueXdgoFVCq4elMidmM0ar5+tNAJRc
G9ZSeuuGiVbYCiGaYY+7PkyyYy1UiWyrhBPNvdQ3xcakygpWOXSQ19INYTLcAM6G
MSnEBK6F55zZyvuq3Ob60+okaSYWAo+7D0/BrzVfCWlzmWeFyJVR3Ps3nLxteahs
+Fl7D7a9DbgPbY2HAgMBAAGjgZYwgZMwHQYDVR0OBBYEFH18o4bnybHle31aYNRi
QZSGJ96XMEEGA1UdIwQ6MDiAFNOib4aG0AVcbb7pbh224iVD3Jx8oR2kGzAZMRcw
FQYDVQQDDA5zZXJ2ZXIuZXhhbXBsZYIBAjAJBgNVHRMEAjAAMCQGCCsGAQUFBwEO
AQH/BBUwEwIBADAOBggrBgEFBQcVAAQCQUIwDQYJKoZIhvcNAQELBQADggEBAGKD
jTgyuFlwNRgrw0g4IZMmbEWcgW4r1v2yMRyAXhZuVyc8lkUZoe14eM4kqwJ5ayti
peN+ETpRk6AS4eaCEBnn4tE/S8TD4KRovio1EWy5TvjPE6M9jPonF5IfNKgGuR3o
7gN0KKJpzf9jj5JEJPV/d5AKw9fMdSZseea7bZ6JV8kKCW+9WCSMFnwR7POPWSQa
ZNJy1PN6GlvHykdK4QwZT3jHaQMVY/uIC1BXrN3sC3l79jnL5tTeK8JLvZAqjfy5
+5pNH71k8zqVR2z0fC4oiv8TNsDn2g07wCCcQmzg8JHsP5p/hyUg51RqrQJhAbaf
eUmD8lyBBdfcia2UqJM=
-----END CERTIFICATE-----

28
test/certs/bad-pc3-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDfkPXhtGaOG5MR
dMZ6mSI+OVj13SjQEMO741bjZmZM7/WwJwNx4/ozwy5w3hbcvEom2qe6WCKThzpB
+hufIgsElrLL6YHu/eExxfMqSkuUnlYye8JLriqs54i47bvtLn+h/vZdMnsIrS/W
GmGCDfVGC3u21h3tTmcVd/jC8vUueXdgoFVCq4elMidmM0ar5+tNAJRcG9ZSeuuG
iVbYCiGaYY+7PkyyYy1UiWyrhBPNvdQ3xcakygpWOXSQ19INYTLcAM6GMSnEBK6F
55zZyvuq3Ob60+okaSYWAo+7D0/BrzVfCWlzmWeFyJVR3Ps3nLxteahs+Fl7D7a9
DbgPbY2HAgMBAAECggEASAMzkG5BkojDSJ4qyJbG9vAV/awtV0fvJHhIJpt3XFT2
+LS4YVkj4MSAEw8WoidsYzOPT3DQQmEOnO3pM8sNbX71PMWMeuUAQr4WY4rm6YpP
DZfbr/D8AhHacmbxX6bYqd+sj7yQ8OyIOhjpS7EfTl6ojO5PWX8lqT6pvHHyE/Ol
1ZH2MG4GaX10IfrF7bw88XozmFfsw6eVX6t3cBK3PNapxj+RNEwcYBAgtXBNVVAJ
mSMkgSZ8/kTggRr3ntKvXCiOrm8Iud6Bwqp+aXB8+etT9p6gWDs0J4MCfkWvva+1
WuZDgryiVnIdqwalrLMg2IfwJhjtlqZjj0R1Oe2isQKBgQD/JSlg+/ZYAmm/BzzV
C3mII94Vw0lvX6qpeKMXvcwVcWRSwJMnMPMxnxebyEZopn0t25CRu0+N+sHNUZKg
JVw5wL9nA7815JGTfVV9znN8leSYdhvWh6amrKT+Ku+1vXTBONFAR85eilzYUtff
jKGVDhBuZ7a5YIT6+DOLoPbMdQKBgQDgULasEUxNTeVSq6qzM/1tvSR4Z9W2JIFr
nDxC/RyPq5LN+3Pg5JiA3FFION6C2Rb+rb2RBlpSxuO4Jv+gPWnqZfuXZiTusiDd
dnyFsAoGPnb2SIm3OAO2N3w/7ttmRCsWnm0mkFLkd4XJG/mtDcHrit1SZTEWima2
wKf2RJEiiwKBgQCH5+aTp4K/vIFRZOyNWvBgiSJ6GyzZq26/mOfe9JVp8p2KytNX
c+aGzwSHUXXXtp9FNwhZ6BlnOmPTFxlwPpZSmQ4bNE68yUSV+JP6UGcJvNooL/mC
G320mI/GZ16KQyGW7snfYKBXkYIFJJOim0lSmUw9Uvds5THQcTcbsCDmJQKBgQDE
F2sJUnncXkspkO5BiCJ0a1NVepgFiTYmJ0c63F+6bKeCL94l7FAw3eikdSp3QmXq
r2E3RVFyaXGqi1UN9IIBqbNdr6p7i/ZVA35ps/Gfcb23IMRbCbmc8jZJAXqElPUB
6e7LNoFwPdgTbcQ+9vbd/N/rZpCZ/tU5z4NFMr2ZbwKBgQCPN9KsqsRRK2v+j0wt
ArKrWHK5w1Cj5rRbedOn8659edTB5tqrFtZh4YJB842oe4s2XYXtk+Kq9HBRh4Em
CkO/JSH7lgVXT1zsf0ZYojaZWLhVTNHa3PO6R0FtyC0h7MtHV9aquPNCeiQDkwbT
RBV8wc0Stpj+QEShPIS9gEQVNA==
-----END PRIVATE KEY-----

21
test/certs/bad-pc4-cert.pem Normal file
View File

@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDfDCCAmSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADArMRcwFQYDVQQDDA5zZXJ2
ZXIuZXhhbXBsZTEQMA4GA1UEAwwHcHJveHkgMTAgFw0xNjA2MTgxOTU0NTBaGA8y
MTE2MDYxOTE5NTQ1MFowPTEXMBUGA1UEAwwOc2VydmVyLmV4YW1wbGUxEDAOBgNV
BAMMB3Byb3h5IDExEDAOBgNVBAMMB3Byb3h5IDQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2xxl2G3u38wzrx5uWgKiZ557ZIbLQECZgwmMbGzdrNqbD
veVgTEdkIxRk0py1QUqqukhTk9OpkUrYiSUpkAMkc3yRtpCp2KZeuN6OwyeAm8Jf
KUHeEvvM+GNZw/AoahgRJ5Cd9OykI4Uv3y0BzwZGXCrKDWr0Bpwcg6aQ/0+dFtd0
ElBKq2v2hHpKn4P7ZM0mpvPSEwJ5nPUDY6iuRZNVrihmuZ4UZtKsz7EFbXfqaiLz
zfns+Kmh4j5OK3Iunm7gQLpv9RrXxsad2s7gKzgRhuEi6sECg/+4qOKwhUUxVWRX
iJYTxJfKfyIb8fjtrQrEWxNb1n/1Ea9nWuOk1N3XAgMBAAGjgZYwgZMwHQYDVR0O
BBYEFLFSiWVtSRQ48ziWfxHBtmC/PwPiMEEGA1UdIwQ6MDiAFNOib4aG0AVcbb7p
bh224iVD3Jx8oR2kGzAZMRcwFQYDVQQDDA5zZXJ2ZXIuZXhhbXBsZYIBAjAJBgNV
HRMEAjAAMCQGCCsGAQUFBwEOAQH/BBUwEwIBATAOBggrBgEFBQcVAAQCQUIwDQYJ
KoZIhvcNAQELBQADggEBAEg+p78n5eTkl7D6OPecC47nqFp7pNQtWTksTxMgBtz4
LeZR0nBX1kZdA0arVd7RAeqjR5wCwGIbdc3hFu/xeoPeTUBFv/7tiTWsCFBmfoSK
Tu/NeYrfIc3Qd6KhW9iwUxN7GFAZZFhJ3xVpaDhjpMDlgp9UZ24vN+eY0KRhuHQv
hGJcyWs5M0dYGVyTSS5VueJSWlXD98KT49LzdyAfaveQoIMFaSH3rmR4BXvUMjEw
ByFwvFeG0lrtvcx3RhvlJQYixUPME6TcNOAWJARJ0qiO1PCufFDlOSjq8GjtxGbc
JjMc3GfdaieMM8afXWQPflfLw/Jb1rPOKpikva05ZMI=
-----END CERTIFICATE-----

28
test/certs/bad-pc4-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC2xxl2G3u38wzr
x5uWgKiZ557ZIbLQECZgwmMbGzdrNqbDveVgTEdkIxRk0py1QUqqukhTk9OpkUrY
iSUpkAMkc3yRtpCp2KZeuN6OwyeAm8JfKUHeEvvM+GNZw/AoahgRJ5Cd9OykI4Uv
3y0BzwZGXCrKDWr0Bpwcg6aQ/0+dFtd0ElBKq2v2hHpKn4P7ZM0mpvPSEwJ5nPUD
Y6iuRZNVrihmuZ4UZtKsz7EFbXfqaiLzzfns+Kmh4j5OK3Iunm7gQLpv9RrXxsad
2s7gKzgRhuEi6sECg/+4qOKwhUUxVWRXiJYTxJfKfyIb8fjtrQrEWxNb1n/1Ea9n
WuOk1N3XAgMBAAECggEAQbq33VFk3HH7Y48U1LrP5wj0hwEnXMtyAbnmCglvlI7C
ygGwS0EjK0+yNc/HqycfwuXavLOcmo41bEllo9y2RJWDZqNQwsO2kLnKz2w++HEL
JU2g8kvBYaSxlcZwxxfgL8saprM9polfjCel99CLYSIkASVyIO9/lIGDlQE7kDHb
B+YdDzucQtyi3LXsdcfW8so2DsZla2Qa9305ZAZPEOFXFjsvKR41WdI5r1uwsrYU
voMcH9k3aefOd62+e1KodO5w9TxSYTw2bLrGhjB1UzEzRGIgOY7L+VSmYzTn+ARY
loXqK4sA9yvr7z+ZXHeA1y0XuMRzkG7qf5Z0pc29AQKBgQDd4piLIt0Rygzud4WQ
5UBwwLd1u1A3jdU5EACvG4GBlJiQQPU0hHcTGoFbnTNy+y7QSBl/3viRH5WPx8Cx
O1nJ2Qc7mlAmoKq3Gs4gso6utPP2x9Rs/bIPkL/LhAdi9BBnp6H/5dyrvtv8O1OQ
S1rXpYTjmYj9X7BSU1PsDUiyWQKBgQDS4TwxXycJYClGufq9mrNuAoMfReXaiwv3
b7wfRfOn1cL0hjLjLAhxn8eau+/7ZKS8ScXqHszrz0yXPfxTtWJ/DvhuobWOOWJd
RmHN+OAxCLvcZD1hy6bzXqYuuX2WrARUKWZRg7RXxlOwnkcR8/7OrmnsnEiCh8wg
9h/GGd4rrwKBgQCXV4BOnrgE8zjAyrtKqmO6xGgeIGZFjjNaWYTt6yf5V358HiJh
8Nw7JoAHGgFGsvcqT5M8+bu3WMCtskTHXkEPAT4CtG1o+3uVqu3ftYrGtVwV/hTx
RlVWcpevW92h6/DokplXrtRGPMdVkq2bpRpQLnCmwUmD8OmWLYn3XtQv+QKBgCA6
jBh/kle8epJ0mf2gRwvpFmERLa/Y0FtgmD+vUS21XbZBTEWr1R6IbNkZH/QrzYF5
ROYjDu57IBl9P7MLZaJFh3JhBH5YBtB6kTgJcToNO6jTKQ5pMXrAXGWHs8nzQDYc
naaXmlhP1zqG9hWoVKkBvu6KdAp+9pOTCggcq/fBAoGBALHpj0QFvEzROBpLiNtW
zrU7jcl4TwAbTh26cjb3Nj/2J+JH3lmLilxT6ltKUvtXFMmAT20at46RMGqY8z7R
Z1OgtiraQtSG7BeSMRLJ2aCM8+JotvYMjRauiC00jXZCsusyJ1mLqgWlHu+YORVE
9fO6/M0yLLz4mk5z2gdrP9MA
-----END PRIVATE KEY-----

21
test/certs/bad-pc6-cert.pem Normal file
View File

@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDejCCAmKgAwIBAgIBAjANBgkqhkiG9w0BAQsFADArMRcwFQYDVQQDDA5zZXJ2
ZXIuZXhhbXBsZTEQMA4GA1UEAwwHcHJveHkgMTAgFw0xNjA2MjAxODAwMjRaGA8y
MTE2MDYyMTE4MDAyNFowOzEXMBUGA1UEAwwOc2VydmVyLmV4YW1wbGUxIDAOBgNV
BAMMB3Byb3h5IDEwDgYDVQQDDAdwcm94eSA2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA5hE+Hzx8w4tAPaYsbdY9ZJSzpzpa8ZBsZxhiJr9ayIU4C71m
uV7EMZtUGyAbl1pXzBcvNQq/lUnXL4hpl612h9Pg7H+oaNM1ZVDnRFyIWvaq/oVu
msi//4z5QetkM2zRa9T3BtSWNJF+9BnDsdDxi2qLW5xY9xN3tFr234ueri9HNK4O
V0vJX67wgmVgGmIX6EQlgX5RF+PdU4SYjqxZZe2v0+ND334svlDAdQfKYf4pYqMB
Vs5hi4PYiuU2QDhLOms0m4Fs54mRjRQ/m/I4L/j2R4051xLO1ya5UrZWepkvd4Uk
rW7lC5JyFvG3Mp/QChrGZF0cb9iHi81iUNULAwIDAQABo4GWMIGTMB0GA1UdDgQW
BBQwWHApUcXg5oqkZdg2JpLWKfsUVjBBBgNVHSMEOjA4gBTTom+GhtAFXG2+6W4d
tuIlQ9ycfKEdpBswGTEXMBUGA1UEAwwOc2VydmVyLmV4YW1wbGWCAQIwCQYDVR0T
BAIwADAkBggrBgEFBQcBDgEB/wQVMBMCAQAwDgYIKwYBBQUHFQAEAkFCMA0GCSqG
SIb3DQEBCwUAA4IBAQBe/pghhwiZk++TtmV/eTLbQ/tMOxlb1Q5MhX+nF42eI52G
Hwsg3dBHgy2RSgTE6fzMUt8cyEplG4nqCpR7qm2ZGcHmn/IEO7exZmWTvurun4tF
56L2W0oe5hLLJV9W4akVTH6LpRZOR/CgMcew6tvzmuAADcP0KidFSxkd/Y7plhSy
hptq50Qey2yyA1UVTCQ8k7OSvL2lyD6F3EasejmK0FuHekgewB54cTMCBBw/7aZc
08rvhIi9X/yQKFD1o5kvbTi5//zcCx0RbMVZRFcrFUD+PNwt7QLpFrMs4u08aok4
/QzS0G+801JZa1zoUMnnNPNGlfybvANVbovUCc2h
-----END CERTIFICATE-----

28
test/certs/bad-pc6-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDmET4fPHzDi0A9
pixt1j1klLOnOlrxkGxnGGImv1rIhTgLvWa5XsQxm1QbIBuXWlfMFy81Cr+VSdcv
iGmXrXaH0+Dsf6ho0zVlUOdEXIha9qr+hW6ayL//jPlB62QzbNFr1PcG1JY0kX70
GcOx0PGLaotbnFj3E3e0Wvbfi56uL0c0rg5XS8lfrvCCZWAaYhfoRCWBflEX491T
hJiOrFll7a/T40Pffiy+UMB1B8ph/iliowFWzmGLg9iK5TZAOEs6azSbgWzniZGN
FD+b8jgv+PZHjTnXEs7XJrlStlZ6mS93hSStbuULknIW8bcyn9AKGsZkXRxv2IeL
zWJQ1QsDAgMBAAECggEAV8MsF25TiaSNFPdW629WbA/tmFVCa/PT5l/+0Rkd4HAx
OQk/LmdgICxIoTBWVh44b7pIX8uB2ckZNSCsZxfcp2PD4XOxIouvSr7Z+dHykgCW
qhDsaE88LpfwXZ0V1CgmmyPaN9jQk60M6MELTcGO4sf58TBrH5VljH9GvW/dUEQv
f85PsN8VMWdZYx5AU97oLxNlZgRgZa72rtRfW3xi+Nnf/TbyqQ7pJAHdGju7kR7C
Mv7Kp+us/FzPXJxHdumh8BSAbqn2Fr1hgUyH7v/7n7oSLpBATLOQ49K0X4OnEN3m
+GYzj9rpnza9QAX3too3EP0tDYZaJUUZiQqdtFIzgQKBgQD6KISBQq7LjRGNOr+R
ayA27HlrZ0O0STyOkxOCx8GqdHQjLS/REGnLAJy6ggm3Col4ACXkD8zNLenFCCsA
CVq6iEQcGiT5bZyJa7cwLEGdoj8Aqd6OM30TgJ1u9ZJSWukys0BhhQ7huBmxdpm3
ykIGQ5DxhnecXJdYylzdunktmwKBgQDrcJ5fyYFSheQjW2TkNTRSDccToGVPIECd
/a/FvhzqhwLWt1d0Hpub9M37AwpN3V8IM7PHcDqgpzrD3q+vLW726h68ETAqZX4H
FDHLPiENkoBZoj6yjS5fmAkVa7jhGQBFSIQ1s6eYkAHCRwSbF2jfNK1no8fERwkp
XjEf6yWiuQKBgFPfQ9Xm2p4qlQjp+pKx/SINFQSaocuPhnsy+qatfNQ+qTWmD9Mj
kqTadrHdqY4yPTb7rbiSR5M/YpKKE4i2mjHSQCu/5EewpXw5njjLjdBhNohta833
m2bvh1lNgpqUGn3CNcK8junFBPBIGG/To2FgQ/eGoxHMxX2ik5JP1BMjAoGBAJ+K
ryeFqua66D+1XQbvrsazo2V/WWdnGaJ2GDhNfdbHKntJvi9n1la2ayZfhwoAqrcq
IfdR68iVydKVAkQY64rSV4VluFficqZlXuC09zz1O5iBwy7HUNdidTVYy+1tPau1
WjHxze4qF6cI7OwTzvMCBUenymUNJf4sX+mbNOOxAoGAHYK/AbJtXFKcYx8uj0MA
YnkWWjTKMJ2TQIu94CaSf1oR4M6fuskgPfuRjW/CyBFQ3zh9+F4l7lG2Ywv16rBb
/1B7W5euucM8JYxSGAicqKX7iYV6Ikz0l21Slw6fy+e1U4gIDfZPgx56iV7yVoGc
IywUjiA/G1N3M5WBVqBl3K8=
-----END PRIVATE KEY-----

27
test/certs/bad.key Normal file
View File

@@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAwTqNko5vQiQ5BQohPJ3sySrjT6JedjsKtt1OZ8ndR2C1asUi
HgpVO8QDHKID88Qklx6UCieeKAwIY0VzqWzTyZWTwdqTU9t8arHHJu7IcFlmWsAL
fwTmARWJmpY+K8fGnQx1Kxfi6nQJ8Whq4bcAqJ2HXzG69Wjs3Ki70ScNbQ9RUwXJ
n/FeNrsphKAv5K22zBqjWAQdYMg6vtKZAXCET8jw6OkPVnUb/QvyoBEijWt0+HBh
7wLkSUvMj/7fc88+xtvGqZPyG2Py4DdWW1stpgiZ3TTohEk84t1u5L3qQaRQmVE6
y5RMImyVY8hegC4zc6aGZDFRv8MR+gk6prcuUwIDAQABAoIBAEkz4YZwJ34rMt7R
452PRrE/ajY1EQxBeeGlHZr8QrRT0ubMIAy5ZWjq7TLfvhePaz1E/FiMgcIyLMtO
+G5rKCDqZbu/DqlqMUxKZWQ+efj2JWyj7LcGKAypGCRUXuE/IeNFYO4ecnzX0Rx/
rl4scjdu1mYd9PIb+f/ufJjT7qYtykmwlb0MbEJ25yjTC4iHzacvFLJgdXrPp8b9
ZGlVBKyuk9ZrZDC8/a4QrKt7Hp2SqqO4WqaTgM1G+cQFYuVBmj74bQhJHMmQ+Opr
5KXwBKEHMtJkq1GPVZ34W90V82d+8MJAxymuPomwRXKl1dKgnvny+0eobXkiBDcF
XCBCmIECgYEA8c/fE7Sa1vLZriw0Meq+TxU5hru4YM6OmQ+idc6diCp2U9lW+KJr
YrIRTZFcmhEGmRjAEZrdK0oFY7h5RhsZ+gTftmNZuL8WJCK9+y2DE9dB++md3oVC
PK0d4SmQKsivOTTeiK/VYFGoLc8t8Ud/anu2Q1kFdC+7cH/TrRseV4MCgYEAzJDw
MTil055rYlrAAH8ePEuONomu2MoZRRCX/tWuVvz+eIzA35mryW3OR45l5qNluQoZ
AdpVE68kBak2wIrF2oyWcF1s8VzSbAJCoqK42lKiSGVDVnr6jb69WUujCkYUZIwR
Q20QYBUUQu0JiFBU22tRgILIAK+rRah37EP4RPECgYBN3hKH1fDGpw1R+QoVyPHf
pYYQzQJiqiFhSJeYOCCiaIoSFjrbdfH+pjjMMbMQKctmIYI4KRZvijaSFiV3XeLP
kCI6KWQLCf2nRUjISa+cBAVLib88mMzrnROyHiA+psFGOrAuc/DSQ3lUxxKUT+HH
+G6I4XHQKE7Du2X+qGzs4QKBgBZyJNjRxWhF7rR5Dq4/RHsLM0yKqPPCoSkx2+ur
WJjU47sofpVKUE4mzUaOumGnNicqk3nfkgw54HL6kTZpQ7JqUKt9pNGLBM+zI8qi
njPec04MRmo7zjg1YKNmqDodXGl38QD7+5r/VRzO04fwgI8e5G98aiOhIuLezGHR
R3GRAoGAAyhwtKoC87fSGrpyZQ16UAYuqNy0fVAQtrDgRgP5Nu4esr9QxS/hWjcR
8s2P82wsR4gZna6l6vSz4awGVG4PGKnVjteAtZxok3nBHxPmRke5o7IpdObPjpQP
RJNZYbJ9G/PbYDhciEoTjVyig6Ol5BRe9stSbO7+JIxEYr7VSpA=
-----END RSA PRIVATE KEY-----

21
test/certs/bad.pem Normal file
View File

@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDdzCCAl+gAwIBAgIJAJgwOOciuxjSMA0GCSqGSIb3DQEBCwUAMFQxCzAJBgNV
BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
aWRnaXRzIFB0eSBMdGQxDTALBgNVBAMTBGxlYWYwHhcNMTUwNzAyMTMyMDQ2WhcN
MzUwNzAyMTMyMDQ2WjBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0
ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDEwNi
YWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBOo2Sjm9CJDkFCiE8
nezJKuNPol52Owq23U5nyd1HYLVqxSIeClU7xAMcogPzxCSXHpQKJ54oDAhjRXOp
bNPJlZPB2pNT23xqsccm7shwWWZawAt/BOYBFYmalj4rx8adDHUrF+LqdAnxaGrh
twConYdfMbr1aOzcqLvRJw1tD1FTBcmf8V42uymEoC/krbbMGqNYBB1gyDq+0pkB
cIRPyPDo6Q9WdRv9C/KgESKNa3T4cGHvAuRJS8yP/t9zzz7G28apk/IbY/LgN1Zb
Wy2mCJndNOiESTzi3W7kvepBpFCZUTrLlEwibJVjyF6ALjNzpoZkMVG/wxH6CTqm
ty5TAgMBAAGjTTBLMAkGA1UdEwQCMAAwHQYDVR0OBBYEFJoH29IULbskIG8BwYp4
9yD+q7wbMB8GA1UdIwQYMBaAFBwdxP7xJUYhGU31hO4z2uXPtRl/MA0GCSqGSIb3
DQEBCwUAA4IBAQBl0tHkWMBHW6r3ywBlWWFdok04xlt2QD8eA4ywwz97t/8JgLht
OpuHO1bQtrZR6bxAgYT1+yHQnYBTfjKxFq+S9EP6nxBe94mEgizLmMv9pf7x5q+H
pfT8ejcY54E/oXlFXSbLDE1BDpfgkWll2/TIsTRJNoM2n8mytEdPqzRburwWnoFR
VchcfO968asdc9/8glSLJSNO+Wh9vQlbtcPzfbd4ZVE5E/P6drQzSwNjWvHQdswJ
ujkY1zkTP2rtVBGN4OyOfkE6enVKpt5lN6AqjEMhJ5i/yFM/jDndTrgd/JkAvyUJ
O2ELtifCd8DeSYNA9Qm8/MEUYq1xXQrGJHCE
-----END CERTIFICATE-----

20
test/certs/badalt1-cert.pem Normal file
View File

@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDTDCCAjSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxUZXN0
IE5DIENBIDEwIBcNMTYwNzA5MTQ0ODExWhgPMjExNjA3MTAxNDQ4MTFaMCQxIjAg
BgNVBAoMGUJhZCBOQyBUZXN0IENlcnRpZmljYXRlIDMwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCiqb6LYFYj1uPeIVuzuDL1bfV8+xlrws67I+9yVDiH
slYdA7ygv41gYKEmKSbL2SvAOnfjgDEb8RYfLhF3LQUvXyON0LkjkZseXVFLNokD
BXoNVeP1QjWfznPxHpgGN/xF7OQpkX3FVByCIVUOpiXBbq5FtsuLhquHK0yAsY1g
JYP8QFHUbCnE5vrpK8lOv4MZEc9rS6ZrSKn69+s3nGx9QheboiDVTWqynxDQn2W5
ZyTyKQX0IRnKg2zLJ6Dg2ec8OUh5nvzzUdnsAJ/pN2Yc3ri53OPodTkmrRha31N4
8TA7st35XepAk4vZnSq7cml+85xs8Az/OZDSHH1EV5sDAgMBAAGjgZMwgZAwHQYD
VR0OBBYEFOI3TVHkhEPOWw3mh25Ri85AMqJmMB8GA1UdIwQYMBaAFAjRm/nm1WRw
oPFrGp7tUtrd9VBDMAkGA1UdEwQCMAAwQwYDVR0RBDwwOoIMd3d3Lmdvb2Qub3Jn
ggxhbnkuZ29vZC5jb22BDm90aGVyQGdvb2Qub3JngQxhbnlAZ29vZC5jb20wDQYJ
KoZIhvcNAQELBQADggEBAGpxmDDbqtgDry35nKv2pTDMHW9Yqv80ZQmy61kQiatN
vJzxdb+admW+CNXHHqsAeRr6ai2aQkn2bJrMkGuosNrkVOg43Qw7k45nIK4jUgUc
dcH7vVp+8isjSYXo2fIxulhE8N8fhhMVAQrhQywkdJW98fDlq+lHqUAEHJ7vNtlb
4LssY78+hq1ftjYiItAybc8peU3iDjUl+TTk0ZLTX6E9XE0xRYV9berAyTIUDSIE
GpzEtsBqZlTdkvZOfsTs4s4tpkOoZQ1aHniCk8fQ+/nI3CS9EHuWqt/s573rCRl4
HfiXnUmwyOm6IKzBLsbgxlByfI7fAS1Nm/hLhgtglfk=
-----END CERTIFICATE-----

28
test/certs/badalt1-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC8n4gY4wOae4Sg
pyqOZf4bg5JDa/NvzZV/g6PawamFQJIAjf41ylZ5Cjdi9+2H9CuFZ4e3im9L6Hu4
2ihsTeLmxtIabr2w0bFxTW5ZQ/NogfyNGgdcSqUrQLF8nSqE2NJ88sNVyrMQPLMk
LllqvVFhXEBntFfZSXKIz2sA6LIeC/t8UReznRfAKF5lJoBjjDXJLOYmgz44rxqq
L7m84ABJYD119LXRc8N5XfEvC7ff61ZrBOrmxtwZY8FJWODsS/CC+RBN8nnt8rh8
ICyfh/2gA4x6Mwt6dVMax2dw4u/esgbokjQ16wvFGjWKzufdSPa3Tk7hrhvRC38h
8jAqpxtZAgMBAAECggEADW9fhkZFL2+01qyRf2sMWnFYray2vjPqfhamSSKaLH+Y
5qk2fiZXWm+72jTGmnRt1Sa2qAAYRVPd3CDN2EkD7GQk+vUAVePZu7REM99/KuZ3
UqWT+KLoeNg2zCV1rdizxWqVNzsk3fc021Lh05SAg2rKu5hA2Z09pzj+6iWo6jLY
0pFml3LgNjYy7VQ1V8978vtaVhVYklOiAT4dfNirt42F1NBGgaRCLhOlROOJYPz1
LCjSlKzF2T6e/4hNvxQXGt2yJ1fq9dIj9h2XaGBbyPhiy7gUvMNC46LB66kOkPwL
4rX7OGAEgr/vHpZvPiCVALK7dm92Z87+yem92UrDwQKBgQDzj+HvgfxDsezpZUHh
rFEobTx98XOtCDDn9uS1dODGB+DaRROzybqfcf1D3ayWoS0ucajoOsv+/brq5FsA
f7aNMbSTZNIIqjOyioWAz/4Jqupcr3RFczaVG+mX+OPHq1WnvCWfD/yNI8MSy+FO
b7LdO7idN12M9HNurZGmO0Jv9QKBgQDGQW0efsO55DN/Ve6QdLeqSjVvXhmDKv9i
6bBu8zQQWD5hFqirDl8144VY1SqTua3N+QfX0DX0QAxqkVeG9O2sNERumElWaBm+
MnOKW/IklXIK7shmjtAzarRD0cX/8di0Wwv0qZfL6iU8tkmh89kNyUE6tHbmpeUj
fVeO0G3TVQKBgCWAkw5Y2mnl/I+XasR/zuNFppnR0rji2PzulBqoi2+SiPmyxyzY
s+aXG6MWf9uVp6pOD+7qFr0FfoFqdeSmxYoKDD7huEFjS6CDGblSzU/ZxEpPLbz/
13iwGpCu3wvAgujX3IcYZA+rYP8E64UzR7wu1OdIPhxVC20QRqvs1fb9AoGAPCgy
IiS44zkZXzQF9ZNU/7kQycA14ZU0dSEPxjrJu4PrOa6Uc4Mi5Mkq9y+Hgde/o1ZD
SPsGxByDJ/r+IhdD3xLlCOHwruVbmljYsk0ABpXKSwL1kBkZl+By3nlSqT0LUn6l
/BFR3DAqKGfvo9LIM+SzhEqqIYaJJuGrpcwc5xkCgYBu0Q1goQd3me/U1KCIRYN1
u0f8H1uav2zGp9818PvLny6tMa83Kfam/zT8zGIOBEty530jPFWDnky+CLAm6qYL
ANLPHiCErO+3n15C80porioSFnUL7QY/5uRfTwDjcgCjGQgDiL1RhwZJurmFgwM3
RBPODQ6vGkTdrJOJr2AWCA==
-----END PRIVATE KEY-----

21
test/certs/badalt10-cert.pem Normal file
View File

@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDiTCCAnGgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDDA5UZXN0
IE5DIHN1YiBDQTAgFw0xNjA3MDkxNDQ4MTJaGA8yMTE2MDcxMDE0NDgxMlowVDEj
MCEGA1UECgwaQmFkIE5DIFRlc3QgQ2VydGlmaWNhdGUgMTAxGDAWBgNVBAMMD3d3
dy5vay5nb29kLmNvbTETMBEGA1UEAwwKSm9lIEJsb2dnczCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAM273Y+gNkheA8Ifd/zsmibA0KmeuEKGZsLvv4Vl
HXABoOtYli7wkfyZPexHgUUdNe6Tu9de7nYDCx/iWoSdrcKl+/5BBiFcLY72Buqk
DF2vmC+un8z4ykHa+dqJ2KaL7j8uLsiSPCOk9+tM+bvCYv4o1wPBsoDmPg50yvXp
RVR7487cN29h4BnZC1BMXuwUzEexpYCy7i2GQTI4DrQ+oN1OsIUbHS9qQxrfx+vG
TYpeZOkR2Mb6OtPEHCGpCsxNCDzhPAmlH6jaxT2kCkhuAWkqkhHLTuga3kmXuH2r
OBOpq9TRhC2kPipcuOcIdnhexovcODVJ0X0prkS3P10K3fcCAwEAAaOBnjCBmzAd
BgNVHQ4EFgQUmGUQRhEili5u8F+d8jSgSLailgUwHwYDVR0jBBgwFoAU8FOJh91W
GcAZ5iBVbwv8FBXXo7IwCQYDVR0TBAIwADBOBgNVHREERzBFgg93d3cub2suZ29v
ZC5jb22CD2JhZC5vay5nb29kLmNvbYENZ29vZEBnb29kLm9yZ4EMYW55QGdvb2Qu
Y29thwTAqAABMA0GCSqGSIb3DQEBCwUAA4IBAQBZ4RTnIR7Tgv4rq1Qx7pbx3Hlw
Y68L0Nt/8GaFZK0pOrKHuY6HUcUOSabtchcm/CYF1ZowKT5KGWmR8X1WzgHe9Aay
4njzcnTu66hc1osZdH2lF1+lkNA+HLvzNNcBu0XwqzCs2f/yp4uznuHZKvX45y4L
x5TUh570LVUnnoosdTmzicZdXcw0nzikbueNAFSrZFLPt+lH/t1P7d+gNj6hAOYi
6Ac+JEjSAPXZOzbNrf56SC77cvkkFrYONjXgrJfNpZHMCNj1M3bqileTYIV5Leyh
PgoXCRyteMyNjwTih90SZPq4dLPx3Mf/WNG2/hXIkC1AvFXpp/u0iuwlw7AO
-----END CERTIFICATE-----

28
test/certs/badalt10-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDNu92PoDZIXgPC
H3f87JomwNCpnrhChmbC77+FZR1wAaDrWJYu8JH8mT3sR4FFHTXuk7vXXu52Awsf
4lqEna3Cpfv+QQYhXC2O9gbqpAxdr5gvrp/M+MpB2vnaidimi+4/Li7IkjwjpPfr
TPm7wmL+KNcDwbKA5j4OdMr16UVUe+PO3DdvYeAZ2QtQTF7sFMxHsaWAsu4thkEy
OA60PqDdTrCFGx0vakMa38frxk2KXmTpEdjG+jrTxBwhqQrMTQg84TwJpR+o2sU9
pApIbgFpKpIRy07oGt5Jl7h9qzgTqavU0YQtpD4qXLjnCHZ4XsaL3Dg1SdF9Ka5E
tz9dCt33AgMBAAECggEBAJzXPb+C2h8tXRwetXCiR5qHoAvPrpU4tRqjf5SIU3rS
IwWIEWZTjFfP039Pu+Mes8Df63HzM0PQaiiyfWNgedlMhOF+XNgN18WHFhrHWY4K
kbC4Jacze63c7GGIeRvuzYBpCs1pfmOGHmLJ2hEjzigIpnJ8tkLCREjtDNWQMoSG
V5LznbgZ9S/2KjyvTW5ff6m4GQH3BShPPkFDICgQTulwdZT/Y8SDKx5+qX2RAtjY
RguaaNSKQnOHroF+FPNPMUsK5gLZLWIdIECTi6YHaba1BThKzeKFKtQ0lWI5ebxg
R4kzEPFJmEHbNplxUHSkY4ZIsWK9m09Sn72IrmVY6fECgYEA9e4+w2x/YLtnfwYT
tVj+kR5MRTn6t+gOR7o6lsWGvkFqwSi0syfN8D6u3KeoYORUUY7ISCFJgIag5Y5V
Hp8T23O4rRcWuoAmolxNyvYiUYsVdflDbAZFKMSvrAv3XlRRf0vJYXym32k8KAhx
1qo1zTl7THWM/skv/SF+VMItnO0CgYEA1ihKz8LbtPcbsOaivJX7cXVf1AuRty6F
lKX8QIGg0ppq/EFkZDWg7+OCVneO53bFVDDqKoiM4Dq9+aA6Dgx4fjFof8rUaCet
H/isEkjcvEmG2a71PU/moamDuZDu8yRodUl4zyjqthQgc2n6ryV/ZIU8vNZmjpIr
EhITW8/mbfMCgYEA7UMjpDA5l55VlDPNscihGGpNlQABxYmItWSSf8EjZMwB7UaT
RsChKyWeV90cUhYWzvRcf1I18lxwP+eYcUlxw+eaBMvgrp9SJpO8rZHWvCrd0opf
pIlMEa/n96k3xva8BX6dU4MKD0IculajVUGzVEIflT1XgLuio6i7k5Qeo2UCgYA3
I8SvXbKIE5/Tmm6IM+27tsbnp9rq2VWXgm1Chp3L2+pz7LpWeuBnI6LpdHsc6Z3B
IZ8JOINdMIK9hR2thFR52WrYjHbIIn8W3kYfpxb+e8f2wG9wS+RL94NtAf4kKFmk
6TfrztMv8lqwnLbo5bS5QvzyehmJ1+SzEGhfmVXxNQKBgQCULij+SMWsFC/gPJHh
BCnx12Dx9t5+qE4vrjtNumCCnj9i0nRPludbWapRfHyfe0WlhpnnHo2OTFcl3qna
wBln8Km2CWNsX/QeosZBPr5KAakfD+l8LieK350t7yE1LEboYCZkBNCG2gJXIyTs
o5DsYNoxX/IWq2EbB6qQ3Cys6w==
-----END PRIVATE KEY-----

20
test/certs/badalt2-cert.pem Normal file
View File

@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDSjCCAjKgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxUZXN0
IE5DIENBIDIwIBcNMTYwNzA5MTQ0ODExWhgPMjExNjA3MTAxNDQ4MTFaMCQxIjAg
BgNVBAoMGUJhZCBOQyBUZXN0IENlcnRpZmljYXRlIDIwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCy5dZH9k2pwH5jw7iWD1TwOIqtmkNBOGDDk9jKvovm
VUYm7nvLOrx4amqi7OUEpYaJTroPS1UxFo1E7/0yqjIesNPVvqzn2wzuii4VsfDn
qN1lqbpg/unr2g2gd095AyY8VQwuqYa3bXOQHSOHNgzm108XfpubuqleEy+ykHhX
bgzqVTQ0Y3UjD53f6P9kSUnjnODG0RK0dgHWQDWKE8TiQiGzb0sXWdkXvPt+zGw2
+C76lID3p7y1+8G4rpfGpi2aPOH6m4beqNAkekUzu/dauhHY4aGRoX/EsDTN8K4F
YtGGaoViFIh9Twc3nWvERXbjXSayeu08f+7CNiSo6WMzAgMBAAGjgZEwgY4wHQYD
VR0OBBYEFPIaUwk0/m0BQNvG30Cm6oNqQFIXMB8GA1UdIwQYMBaAFLoDn50GJKRX
5nP69ToJ+bqFzKn6MAkGA1UdEwQCMAAwQQYDVR0RBDowOIIMd3d3Lmdvb2Qub3Jn
ggthbnkuYmFkLmNvbYENZ29vZEBnb29kLm9yZ4EMYW55QGdvb2QuY29tMA0GCSqG
SIb3DQEBCwUAA4IBAQBjicKVS7UDgLCb15ucoKfnrVGvKUs7XSKfF/xae+c/2xWP
+jCCqbilW0QhVuAYyK6GgVO9cG3PKhCH/Us2Az0oCzwLXibRHcDSRfrjJJ9uiofc
f71p9AzAtRMlSwl3UhSLS8xbHLRbniNXi928+1iMoKb8Ua2ZVHzF3s/T3J26EEkR
D2DtWq+y7ETlTPS/GklldW1x6qzWRgi4IriApX2taccJtFhaZH/Ih0XtnEWkmtOL
dwsadu9bjbLtUsFBeW/bcRBqZoI/7xbSxVwHVXF2MZwHkdFuq/3eJE9RXVGpy86+
JXOcEouXyLAVjj9XCWLW8ilVTkYE6EmUvKSF4aON
-----END CERTIFICATE-----

28
test/certs/badalt2-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCy5dZH9k2pwH5j
w7iWD1TwOIqtmkNBOGDDk9jKvovmVUYm7nvLOrx4amqi7OUEpYaJTroPS1UxFo1E
7/0yqjIesNPVvqzn2wzuii4VsfDnqN1lqbpg/unr2g2gd095AyY8VQwuqYa3bXOQ
HSOHNgzm108XfpubuqleEy+ykHhXbgzqVTQ0Y3UjD53f6P9kSUnjnODG0RK0dgHW
QDWKE8TiQiGzb0sXWdkXvPt+zGw2+C76lID3p7y1+8G4rpfGpi2aPOH6m4beqNAk
ekUzu/dauhHY4aGRoX/EsDTN8K4FYtGGaoViFIh9Twc3nWvERXbjXSayeu08f+7C
NiSo6WMzAgMBAAECggEAe5D7MBt1S0H1Ss1+as/OOFqllwGNYLgjRhOR04BHu2G9
Idjp0tcQJRBD9aMxEMOQKLkjFLtQ7aYJD8vAFMWv9rjmqKWaYk9QIFd7O2r73dcq
jTTt0l9gjZLAhMzELO6680M/Nd/MeFf2UV1/E76GrM+dBrphmvAUWjFgabMWHDR0
vFmZW46MGyDLAmihSYXXtwamYxf4UHYC9QxW2KNu1l+llalrRqzT0tQde93W+lM7
fZBXgjdLayqdPpYhKd6QkEfVYrgtkuZern+DlIhfQcBwVqj+2gVfO87hFVEb5V2+
Rt4v6xpL2Um+MvojE1NO353WPDBFMYOmoMjSBL+CoQKBgQDXzk0ke/+ZZoOIWLfd
z57s9HyoTbiUHNELIhCNjJmpEVMlUn6TSRu8r8s4EciOb9yj4j5dr0p5tdsmP0eL
KJZyTvNlEsq93azCuzG82Z+963iqq/1msncjvcbnIll8kGwpr38sLAN/qjc11/o1
gLbWuiztGyTPuFtM/Hy/UvkV4wKBgQDUN78TSEGzuKDtyuZNMCnvSJdXm2p3XMaz
d52ooRtZ0REH/MGMFW5u1xJxnDflcgnzXRVq8xaw3TMo/3Fx+Op6PGq8zVEwGDBQ
0WQqBVB/b4Rw21Kf9fMVMtXvOxIsQcdz2583s6Lojr63H4P11fF60EEVmEW2cXs7
MviuHdt+cQKBgQCpgS0ufwbgYpjlu2mQG8fkrpRLTeCw1YGMkREXXVxEY4s/QXCS
F1Zl+l5QiAdTeaGAR/BcfZatyp17iTCUqSiiWEjtFrmQMFHGEmqavwStlAqPY9AB
niPeOu3EFkLbiESs6V+mPlvxJq1+6UlqRNNYDZvEERH05gUwjxEc5fsnqQKBgQCo
Q2cqJ8GIeVyIDreZ/hVR15G/8cdxysr1o2MLQGpKRb0mQx9HLfr4wWirUfzz3P7M
ykJgIUwdgdW9rQRLJNztfJf5CSZVZuhwPAYaV0pjMI2nWg7iLAXICh2caI7ZLnKx
hzJv3OvPTtcipUdhFXg5M4RXVfv4U3QtFRYeIChX0QKBgQDDQ7mGmWkuR++svxXG
A5ITe+7RBRO8kVhXEGYQbIiuk4fM2ZXWnw/MwMVX3cZRfL2DPVmRa5Xcgs9OLwQD
hoGqX9LBAkyB1p+ZBqNJaHa86awXR01gWNPW7/GJTp4Q7V4KkGvjIbWVWH/7TpMe
d6YkymUz7h0qMN/M5nsB5Xg4jg==
-----END PRIVATE KEY-----

21
test/certs/badalt3-cert.pem Normal file
View File

@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDaTCCAlGgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxUZXN0
IE5DIENBIDEwIBcNMTYwNzAxMTMzNjIzWhgPMjExNjA3MDIxMzM2MjNaMEIxIjAg
BgNVBAoMGUJhZCBOQyBUZXN0IENlcnRpZmljYXRlIDQxHDAaBgkqhkiG9w0BCQEW
DWFueUBvdGhlci5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD7
yQbYxTDmAxcJzHqauQqtUWWDj96qO481h0oELUC1VEbmV9Qr1v2OPebjVQfa+gSc
YYqC96IrJRwtg+z/mQzGE2QbLdVrCwktLmd0e3udfT4DObkKFJ63G9wH1kkBcsXy
esNTqmUvUS6uXMZYlAGX3uml7UmwXJ+E3zHzFILTeZcQxqjLm1BLGbSFZzT37euc
ymsZucA6pZwGiJQdRieSDTliXCkECZJhRf+tFBvcGuTnbYHsK6RnAlAN1Y8LSLrq
sjJunJA9U+5y++QR+xSzDrwjQ2RjiCDO6HU5k6x67x0g8tdkhS8yjT+lBIxOuU6T
I3GC4vN3U9LvZrWTj26DAgMBAAGjgZIwgY8wHQYDVR0OBBYEFIcSdFjChgdLODYp
IIL3Cx40pmomMB8GA1UdIwQYMBaAFAjRm/nm1WRwoPFrGp7tUtrd9VBDMAkGA1Ud
EwQCMAAwQgYDVR0RBDswOYIMd3d3Lmdvb2Qub3JnggxhbnkuZ29vZC5jb22BDWdv
b2RAZ29vZC5vcmeBDGFueUBnb29kLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAZSDs
XlhVEqGRU5Y/n6EIznEBdDSMSxjrZ62Nf4rWzrQGYT+R9CjUQra9/6wXyjvlTZZO
w+BP3y0n2vH1TrCP22fA3n4Tw8WoJfq4Sb3x/eSgTlUYAiZvHv6vfugC7y36c7xh
3dCgKWCDxaAplRsMkXIQXgfCNp360Z+OMMeNpcpVnxnp3LfMKCpsDWUKuWvN1AJE
mi1VCWQuQIC3vmiZbZc/YKF1kAgUHxCnqHcLtU3GAZUuCVyNrdWXk8IjzjzX+ZpN
qr/RUVVZ4IYDUUiGLHW2AvpVv9mt+SBspsCDXyiAf5O6xdek+tiTYLmU9uUOmtJ3
ndvhdtnodLRvtBeJUg==
-----END CERTIFICATE-----

28
test/certs/badalt3-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCiqb6LYFYj1uPe
IVuzuDL1bfV8+xlrws67I+9yVDiHslYdA7ygv41gYKEmKSbL2SvAOnfjgDEb8RYf
LhF3LQUvXyON0LkjkZseXVFLNokDBXoNVeP1QjWfznPxHpgGN/xF7OQpkX3FVByC
IVUOpiXBbq5FtsuLhquHK0yAsY1gJYP8QFHUbCnE5vrpK8lOv4MZEc9rS6ZrSKn6
9+s3nGx9QheboiDVTWqynxDQn2W5ZyTyKQX0IRnKg2zLJ6Dg2ec8OUh5nvzzUdns
AJ/pN2Yc3ri53OPodTkmrRha31N48TA7st35XepAk4vZnSq7cml+85xs8Az/OZDS
HH1EV5sDAgMBAAECggEAUIndN2NGo04l2vkHT4/XY1/DWdN1/b4h39TmHOSIbN+m
9YzBG5JcbKjLgXqEpA/uMqqAa9sv9ZbEDkIgEbLvy0m+79u1n1/bvwgTVTs2UZGn
oeyyBuB2bp6pF2y/duzHctPdEJvh+w8vYlsgozUuonyruwbL91SBn1aX9Wx0BHMk
rReJHuLxnGGgUVJzmNqKaGKBpuBaLhpytcIuwkNErDHUfzyxDcpu8IPo70jCafrE
hlrbs9o8vKcnWF3XZ2LVPdrF0MQeXfvOPc0txiAOU4DQ91gsoZsVsYJCXY4Qw+4S
ajpxidF6nQDtRtB/aTq+OCMzCVGog6V8Mg7VbA8u4QKBgQDQSHDEBgvPfoA/6Sxp
uzFV7T0Vgl58oV35EqPFl81cBUSwTElx8ueP4kK00964j47Qe/N5TQOzvH+rxlGQ
cBgQzG3W83c9HmfHjdx6lSQIruRW/HwqOsJtPcxP3XyxSO73+hqwf3hsOWRq74Lq
MHcgvWZ1iy/A0smVQu2sDLDk8QKBgQDH7b+FbKSngDZU+9uEYKkPpmhh0qGXVgSX
1W1BKYxIKd2y6aDOCxZJDTJGNBMpVdOTm1VNrL2J+cF73XOJWaG7KnSbxl/tkrS4
9hwJ+Ut2VOumFWHEUqp+nxLxwJdCtA2f/YTNqJPLj3GiGJB+xp+dZr4ARn/+P5/N
DC5G6S3vMwKBgQCreWg1ShEBI9FsTIi/B1kHuAgZJDqr+qIGQ/1G2MI+Jyw0xKmW
wXc48vseKmvroGzgYZvCWtBYcjDd96kA8/gsJFGtrMWXMOgZ10YUOaLv7ySYJMgI
cFXPYBhMDDnzLutmhqbgdiFrYBi3HTa3nW0GLEglL5EB+8fwNai8g7pC0QKBgG6A
su3NGcjW7bDVMASf5HGY+XKwF85spcdCGMv+aeHs+fOMe+vGZv/jglkZKUocfP/F
yEVRZ8WePNn4kYZl+yVXFvKOl7DY+HiO1vqQRqxVzZWTleEMC95GkBL87t3YZPt8
BW4iceX+F8GPMDZSFCDMi9HdJZtikTGlPOLGuTPPAoGAAjVUGfbNqnpQv6aDpyWX
Szd2uA9TzBCkh1hf7x4+E/Wr0leTGgXVez9uNarfpnVfgHTDv+OYK+Qnrq+UEHQr
9xRAgXLEZWXPbkUakB1o7ZW52MxR6C1zZgitTZYVzeX0EMeWc+1Ujjwe7Qu3L6RN
kEI6l4ZQL9buxDhqXH1UFbw=
-----END PRIVATE KEY-----

21
test/certs/badalt4-cert.pem Normal file
View File

@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDaTCCAlGgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxUZXN0
IE5DIENBIDEwIBcNMTYwNzA5MTQ0ODExWhgPMjExNjA3MTAxNDQ4MTFaMEIxIjAg
BgNVBAoMGUJhZCBOQyBUZXN0IENlcnRpZmljYXRlIDQxHDAaBgkqhkiG9w0BCQEW
DWFueUBvdGhlci5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD7
yQbYxTDmAxcJzHqauQqtUWWDj96qO481h0oELUC1VEbmV9Qr1v2OPebjVQfa+gSc
YYqC96IrJRwtg+z/mQzGE2QbLdVrCwktLmd0e3udfT4DObkKFJ63G9wH1kkBcsXy
esNTqmUvUS6uXMZYlAGX3uml7UmwXJ+E3zHzFILTeZcQxqjLm1BLGbSFZzT37euc
ymsZucA6pZwGiJQdRieSDTliXCkECZJhRf+tFBvcGuTnbYHsK6RnAlAN1Y8LSLrq
sjJunJA9U+5y++QR+xSzDrwjQ2RjiCDO6HU5k6x67x0g8tdkhS8yjT+lBIxOuU6T
I3GC4vN3U9LvZrWTj26DAgMBAAGjgZIwgY8wHQYDVR0OBBYEFIcSdFjChgdLODYp
IIL3Cx40pmomMB8GA1UdIwQYMBaAFAjRm/nm1WRwoPFrGp7tUtrd9VBDMAkGA1Ud
EwQCMAAwQgYDVR0RBDswOYIMd3d3Lmdvb2Qub3JnggxhbnkuZ29vZC5jb22BDWdv
b2RAZ29vZC5vcmeBDGFueUBnb29kLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAiF/+
jEoLAFll7JZN9PioyP0i7EEYCCVc7omFaKnIV0A9ZfV/TlHBZH/IQKdUXbSPF6eF
4UwOQbkc2gwYEliNsU+rw5PANBEwPhCGKBIClWhReIzQqY8oTRxKOpq3cHd6hsab
P3NYRUtinFdoOGlUHQQcql3zYwD/guOvA/zG8sR58ed9Fd0gt3OnSEvUSiR4e9bg
gbqgSYgagIDcZn4kEJWVHQGj7lA4ot60X3VYk6vWSB/RmWqbmsGxzoNayGWaCw7l
CuipVdk9yi4eROoQAxWvVBDz+7Q9CF7j1PkDMYB+QwiXwNfGplOMAWv6nQUNJPs5
dIn/eeha7QWrqG/45A==
-----END CERTIFICATE-----

28
test/certs/badalt4-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQD7yQbYxTDmAxcJ
zHqauQqtUWWDj96qO481h0oELUC1VEbmV9Qr1v2OPebjVQfa+gScYYqC96IrJRwt
g+z/mQzGE2QbLdVrCwktLmd0e3udfT4DObkKFJ63G9wH1kkBcsXyesNTqmUvUS6u
XMZYlAGX3uml7UmwXJ+E3zHzFILTeZcQxqjLm1BLGbSFZzT37eucymsZucA6pZwG
iJQdRieSDTliXCkECZJhRf+tFBvcGuTnbYHsK6RnAlAN1Y8LSLrqsjJunJA9U+5y
++QR+xSzDrwjQ2RjiCDO6HU5k6x67x0g8tdkhS8yjT+lBIxOuU6TI3GC4vN3U9Lv
ZrWTj26DAgMBAAECggEAB5KFLTHJBbHkGHxY15xnEM1Y4zsJdE80QGTgOf3ua0Ws
mDLeA6+EkqmT7xRYlyJbzyQz2Tp/WxLTpR7JmupMcwyUPykCuSRs0zoJDHzGO/dP
TSOISCBUoacp1+Z+7Zc5EtDUXQjL4D9tyvqpUHKrFZkzp7TaOX6foYxg4TGluZxo
RDp6qlAOzZJiAcmavgqPpvfgbkNs4cfdh9yu7FDX2Orqa0pQNsPDWp2VyOkDEPiR
7LTK0OxQiHLdBbLvjiW34eElyJl2tJhCb08JcRrfbYpeS43j0rOcyDJQZX6tkpxK
BJwgWVwqwuKBlZyGT2inASNeqON1tAGWhz59cWXcyQKBgQD++LSllDv7fOZTRKgC
e+MGbkCKrPgjUr9NJgcrQhQ+kxE69E3p4iUtj/YTwIc23qxjuZ+jyG1wOFIULRYz
KjBbuyEugfmcgWtFWeJokl71IHBk1QUT4xlSSMvccs8pTseBCdVWIkPRIc4qeGRB
3RCPrJmmcvsJ7gnYPFfmKL1tRQKBgQD8zQflPYNLPgGPNaCbFiy0aCNYzvd+4ETz
3TsKbmITXnq3W2Mf80RctzasFkTxM4Kma2fXbDNt4Z26s2x12FuEg7oaKtGKZBy9
anmg4u4Cr1lk9BSSqlQeKsqQOp0mI3hyBW6v9CDhgCbMbKT6DgskwZpQjHLPf8UK
DCfJ2Mq1JwKBgFuy8rVCNLhj2SpFXO9XwvSDHm9BehSqI+cJMDbckw9WMTI0vvjI
vno+dk/wRDD1sKZFEicDZGihuNNMy9km6TF0gaCKWk1xNjVA+G6HheM/AW0iN6tJ
V8gCKl9kYyEGFjZQZQuPUziZod4gYl5VtSkW+EOmwqZ1l9DPEwXRzR7JAoGAAu2A
9Oe0eI+cRwNQ+9rS47f9CM9E0IRaaBSc1W8X1a+Xbj4xtLIFjalVicKsQ7rb/X9q
8XTAV7pwMDRZwjeiP7Oi2SC70oV8S7lK9VELfp53Q5MMFfLBDKRkOi1jmoh4oaFs
eb8zDkmEqYNsmbTF7kQLvHkT71FEf+xKHa1UE6sCgYEA+9bRKxPgngVA1qAhwrDM
jjODdUhrlJZDZ7oAVs/CelAO6sSXZ7Yqyujs2YonuQ9aUiLLA/b3b26XEqW/iMzG
onhxrQXGlsvqK+V5u+x8yBpBUj9KBw8RXBtdhPEl5iRIeQ17xKRi+9WilOuhwdKJ
dlpiKXP638lF4t5jvaCy28o=
-----END PRIVATE KEY-----

20
test/certs/badalt5-cert.pem Normal file
View File

@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDUTCCAjmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxUZXN0
IE5DIENBIDEwIBcNMTYwNzA5MTQ0ODExWhgPMjExNjA3MTAxNDQ4MTFaMCQxIjAg
BgNVBAoMGUJhZCBOQyBUZXN0IENlcnRpZmljYXRlIDUwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCzgx886aURB161wWGRp4rr45Di4KhS/wUUSaHTQo5n
9jD+7glAOBTrbQYb+Gz/tusDsuHvZOGOvQ45D05MJVvWsz7M42lA8GLJfKIX90aN
PMkX0pjNbx4admrAf4PYGabkihF9iPJ/ONiAYuoGoT0gjOEqtoxyEu/buXgNMTdt
lZ+wL30WKL518MCm1KIsqFpSrNRYZq5E206Umsna7uje5tBI3CwYy0OD/XVwnSEx
OgWkQ71RAqciVV3bCptBpheWSL8RH2Zom//INa6g5ArJy6TCy3IsmE0hCwteaHKB
jcFUPfLQKqJZiIg5DgJjjdwZ3KAWMljo3GjdSVbdZ6hNAgMBAAGjgZgwgZUwHQYD
VR0OBBYEFHecitO/eIltLUNkgT19Gn4TVkc2MB8GA1UdIwQYMBaAFAjRm/nm1WRw
oPFrGp7tUtrd9VBDMAkGA1UdEwQCMAAwSAYDVR0RBEEwP4IMd3d3Lmdvb2Qub3Jn
ggxhbnkuZ29vZC5jb22BDWdvb2RAZ29vZC5vcmeBDGFueUBnb29kLmNvbYcEfwAA
AjANBgkqhkiG9w0BAQsFAAOCAQEAOBZXBSNNAAAaII+l4mMoeXCpvofbaHuNlJur
G+1uu5ra6VF5Juc5/uBa9zVQa2npe0kKOtx8xcI6QMQW+usphaUEh8t7AgR3efyK
bsSKPnGxXtCSaYZIEiwFyAFTx1idzZixEfHUHTO+LQUwNTskDGCWK46V1P1wL478
jXikGqc76DSmOXTc93asCMxCBIbHN7LLJIRhbUpiL2JrBPydzERPVoqiEZ9SWG4p
DB4T0hHq5FUUnR1Wg7yQoClhyButeB4A2eGwLjhpSeLeXo+w6ENlcm9Lp5rOhbOo
xqwgz6kUtU6smxWv0HruLT8Pq9hIKuPz6DWG/vIpiSLwz4B25A==
-----END CERTIFICATE-----

28
test/certs/badalt5-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCzgx886aURB161
wWGRp4rr45Di4KhS/wUUSaHTQo5n9jD+7glAOBTrbQYb+Gz/tusDsuHvZOGOvQ45
D05MJVvWsz7M42lA8GLJfKIX90aNPMkX0pjNbx4admrAf4PYGabkihF9iPJ/ONiA
YuoGoT0gjOEqtoxyEu/buXgNMTdtlZ+wL30WKL518MCm1KIsqFpSrNRYZq5E206U
msna7uje5tBI3CwYy0OD/XVwnSExOgWkQ71RAqciVV3bCptBpheWSL8RH2Zom//I
Na6g5ArJy6TCy3IsmE0hCwteaHKBjcFUPfLQKqJZiIg5DgJjjdwZ3KAWMljo3Gjd
SVbdZ6hNAgMBAAECggEAcNWYiwcptFx3kbNuCsnPLpqp9ZHU++ZEYQ4vY8VQEdTT
00n4Ep+ttpWe43HxwYJOktKb5Yf5p2j6Sa9vPbm10mx0qwC+pgzza0al9H5/oEN2
+zxqw6Z2u5d3XmxIiUsGdly6xbeRBZrLq1eBVo1/CLjEx75a5VE151zbMx+egYge
xETVRushMINQwkMbVUQp6MLX+M5eqEP8c2xyzPVEtxtxpu4yxZWbDuFezModhdvj
ncV0QTBvlvB5Eg+4CeZiOvgu8ulnNUJsYGvMGCK8b9FwJhpM1CVtmw070CnRL0hx
6Xrhgw26oAUmxWkvzzXsgwxAZFJMpM5Rg3rwrNDzWQKBgQDnR9FIh24gOK6g9dOx
i/LVKFZ1V1/HVXTXiBjPHwecNkBXLLlgE46fxSHd1mt1yoHnyp3qOXbCIsqnk0S9
KyMN0y7YG0P6QHxdrnhhr2zsZaVBEoLXmBn7vp6M50xt/Je4qvOGwkPTrU2Uftil
qMIexti5oO/tOksmWw0Bm0R0WwKBgQDGsthSr9y1zpACJnu9rdMkwqZoxn8n7CPN
y2L66WSpCopBKighfvn9ymOkV07TdcY9PEo/Yb5G3jT23trY2GOd6EYTSa0S8yDt
lslXTzZJGAK+RiMf5zHBwIS800XSBqXCjL+yJ3w0sQd9uRcQr8XjIJLZfbT10sRg
1jQBMK1WdwKBgQDJdsXXaCGF79ouW/ULs9zT0U9+552HBenB1cvGoEEA0kE5rrvL
9T1H73CQzTbOZJjEULs+TNAmTCg70Q0Pu4PNhyhHF3kfhQzQjipO7YD0a5aIGJfh
NZ1srZ9vHgx1wpJnSoLX4GE1AsGRmO0fYOG37X7cNFTLUPwlbSrnO1lmAQKBgHdR
kJve5X/7wfi4mVgnGQMbLIkAof0cTcfYGeEo5HyqSqmlIiIzOPYRYlKe50QOlnPR
T5jOHlA6Qb35x5uuHewGPoZ4mMknXR+vi8q1U5kDJSqTvaX71KJP9KXbjTL5MPMq
SDc4hNqzcBcsXdB0bTXeKrEWTuPLpIeuOd55F64zAoGBAMooy318nDZ0c2Qek3/N
+SN+cG5tLH7HjbI9C4XBYVbxXHIvg/nSzFRxBbC2ZFetJ27xvweM1J/Clk7d1Lvq
PM7fcVgcc+ccHNM7KX77k0/J+FJF1uNsj9Rgg2TFveLKbtHfmaZd31k1HIYhSS5E
a0BZeU4ZpKQJxpf8YbXbPi2Z
-----END PRIVATE KEY-----

21
test/certs/badalt6-cert.pem Normal file
View File

@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDeDCCAmCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxUZXN0
IE5DIENBIDEwIBcNMTgwNTE2MDMyNjMyWhgPMjExODA1MTcwMzI2MzJaMGkxIjAg
BgNVBAoMGUJhZCBOQyBUZXN0IENlcnRpZmljYXRlIDYxFzAVBgNVBAMMDm90aGVy
Lmdvb2Qub3JnMRMwEQYDVQQDDApKb2UgQmxvZ2dzMRUwEwYDVQQDDAxhbnkuZ29v
ZC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDl46xhstHmmYhp
XY/FcnQStR4XHtHcNRyvq1perl0fezeCY85KkddGppic5qIWQDL4ViP3HfvhMlDZ
E0tAjEfr8Auac9gpa2IFVJAzMnnzOkhO6cr5kmid4392tNCG5sUWS99t2Z4f9sOP
DQKdoN7lnmxnpZqNf9NUERsN5i4fcvErfQZ4LqV5ld810ZAQZUfarn1rg6/U/ADc
qA0uQgk9RxVgSDt3M5mi8AaC73Be9nAefXQUybzs6J8EfsDijhD85msxs4Fha4pg
gM+bXHv9C7whxM5F2WTeET0cIcAfE3+jzQlkjcjlS1rTEq4d0Pd+1rXkhMwZeze2
KRL2Le8jAgMBAAGjezB5MB0GA1UdDgQWBBRJJljvheyfKr9neNplhIMIFx25QjAf
BgNVHSMEGDAWgBQI0Zv55tVkcKDxaxqe7VLa3fVQQzAJBgNVHRMEAjAAMCwGA1Ud
EQQlMCOBDWdvb2RAZ29vZC5vcmeBDGFueUBnb29kLmNvbYcEwKgAATANBgkqhkiG
9w0BAQsFAAOCAQEAPfRFkpkTsPlH54n/i3kxR8Hw17kUOV0/v39fnNzV+PXS/IIU
9OFfP7qNeuoWVQKXCwNWGWYXb7O0LNJMJQWWtyXtzWH3rOSxdSRIrTsCVHA41Lbo
te2nrfnGMtg6em51Do6Kk0JM304sVAWl5OY/eckBmuDgN/5WfZudOLd8Ohv8vZ6U
ZNoSBNpu1x5gfEPywMUGAgbkNZVpzNAfulx3/D2kWk0qwEKqnphUyaXiTVqO49gr
n1LwSVdqBcmapBmEO3puV4TBWFwM49iMMNGn0fp/JBVsLjt+q7TK96qGBo/BSEL+
e2TXTNpdkn3l+ZK2FYdf7s8fytoe+6o92dN+fA==
-----END CERTIFICATE-----

28
test/certs/badalt6-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDl46xhstHmmYhp
XY/FcnQStR4XHtHcNRyvq1perl0fezeCY85KkddGppic5qIWQDL4ViP3HfvhMlDZ
E0tAjEfr8Auac9gpa2IFVJAzMnnzOkhO6cr5kmid4392tNCG5sUWS99t2Z4f9sOP
DQKdoN7lnmxnpZqNf9NUERsN5i4fcvErfQZ4LqV5ld810ZAQZUfarn1rg6/U/ADc
qA0uQgk9RxVgSDt3M5mi8AaC73Be9nAefXQUybzs6J8EfsDijhD85msxs4Fha4pg
gM+bXHv9C7whxM5F2WTeET0cIcAfE3+jzQlkjcjlS1rTEq4d0Pd+1rXkhMwZeze2
KRL2Le8jAgMBAAECggEBAMcDjTTa2GmYWoZUr+UPizqyvsTnMmg/NoFBhy9WJVne
kpR3kJvvm30XNiEGbCV1GGryL5p7w5UVuPXjhQ7xIkY3feQNC4H361iP93HK7dXJ
i9V9AfGCdLzSuILsT2Wpm88MifUQIpqrRmqtqakKHkyMFG655409rpYlZNVogl9H
vzrTE8rjysNMjP+bpbgkxUJfeATw8OYhEwd9ahj/E0r0r2enYhGEP3j+1zYsGdmM
L2Uy4M+modaAWpZg5pUWpFjxl+V2cSJHdaQc8KYg8Z8RUyzYipFk3YzjP5jtprq5
dHf9FqlcXk+MtzcYe+x8mIb3uwZhOtdpnUqe5l+GTyECgYEA9j++rS9sajQzMqp0
p+EptacD/p7A3wldIDGEpPJsSQL+vhcigyn4iPCM1pGWR4iuR7Od9RpQSf3Tfnqc
ZwUJQOpiYpxo1+QlqlBJkDjDRztp+kETZAgzc084ZhwQv9PfYyxa+8layQFhnClt
Z9G0o4AV1povVeQLO5+9CQZQ4VMCgYEA7v4WuydzlLGKppsJEG8vvieR64mjOfO4
gHBMEYnzEeTZPDvIfEfguM1upJCvt5GXp3huVHCAsFgs6kDjVbpIL1A2HzrMPtOa
MNDSOrpuLcakAgEgx2VFv4TMnA1QKPg3//YCqEqqTJyX0C4OwaADRZJS7YfHp9lg
mpv90baE8PECgYAv3oxulj15F9SsEL7Es9yr11/La4kK0oMr8vRaLFYoi1CCG3U2
Ej6iQEDgpUSVe1iFz8DxGMBq4dDvUV5+GFiIKggeK1GmRk+cICdsxdwQSNh9MZFX
bNCzpb7M+r+2yrUuTj0RnT7svDwBY3xFJlr7PbcBFNAG3mHgoVjaHEQ0yQKBgHbS
zepvSv/65bzACFmrbklU0zAQVp9RlcIGE0wFEl0rMvbHon5oHkrDmOcpKLRUJtqU
/gXtiY4jyPEPIfhVjd44OzB7w2DZRChRKrUYS/9ma9SzSuDYcT0vgat00w4Lm4wf
fGK//Lvqf3B59cw/CmFkxuZiQ9ooMees9x11adOBAoGBAMdb0r8sAtgh+KTbA8Kq
guIWiknOk6/LYUTuT3fidPIPbErrUQQR9WWHuXjrj2RyHI/RLjYLFamikvhU7PmE
jPjPAo4p1a0WBwrYgjGDIRjTVjbUK282vuYkunGWYfgnZurAyjJCndL/eNZuX2F5
m1rTfab8O+tOOGKGyzfouD2A
-----END PRIVATE KEY-----

22
test/certs/badalt7-cert.pem Normal file
View File

@@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDtjCCAp6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxUZXN0
IE5DIENBIDEwIBcNMTgwNTE2MDMyNzA5WhgPMjExODA1MTcwMzI3MDlaMIGmMTsw
OQYDVQQKHjIAQgBhAGQAIABOAEMAIABUAGUAcwB0ACAAQwBlAHIAdABpAGYAaQBj
AGEAdABlACAANzElMCMGA1UEAx4cAG8AdABoAGUAcgAuAGcAbwBvAGQALgBvAHIA
ZzEdMBsGA1UEAx4UAEoAbwBlACAAQgBsAG8AZwBnAHMxITAfBgNVBAMeGABhAG4A
eQAuAGcAbwBvAGQALgBjAG8AbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOG4PegItzkmJDwlSA/FyVHWLWUIQrnxgS0KSds3On2CMsjDJ+X77B4s1IPI
yKHuqNbXqV/hJGAxKnZRZe0D6VsmKlYOYpz9QtFxvpo5DwA3q6BTx6sIElFn/lip
Pbu5ZeIMNeN4bot7x5sBobr6OgidAVaAuqQHHJnD7mQ1s22qY0UqkBqNBhhJWOmx
YC0Q56WDi9+C7Cy2+kiiSlT4jCZ8m1K0F7tTK5mF0p4HppXmXLzcecZ/Sw8jOqQK
JM/4UCj/nxWCGYKWkv8zLJtG+ryfZMf15/0Cd1dzHAS9mYU4mFssPdFyT+WFpw7b
K3TOTXkS/tAPbj0xin2wqBJz8m8CAwEAAaN7MHkwHQYDVR0OBBYEFOWYNq+H1LH6
lZUpgijb/S/sAiDsMB8GA1UdIwQYMBaAFAjRm/nm1WRwoPFrGp7tUtrd9VBDMAkG
A1UdEwQCMAAwLAYDVR0RBCUwI4ENZ29vZEBnb29kLm9yZ4EMYW55QGdvb2QuY29t
hwTAqAABMA0GCSqGSIb3DQEBCwUAA4IBAQAwUxnqq0gBgKmEHIRgZVu10KtOknjt
p/wEcqQ9METvXb+4/a4U6ftjTgaOrPVjamNFlaoUcTgx2nk2zRsjM+e+tpnxDgRR
/yoVB3HsISpdeN70s/WYAgvev/FdV3O+JWhUYHdKrDB4DMfPhlRIfSgOymJljo6+
wL8qa7lVonF91Im4SCbq4dqtAnbg4ttblQ3yjFfQtuwzyJD/3ism6FQPLbg1K4eu
1Si0EDL4Fct581Gb5D+NU8PYiwg7Nk8ubNlRHXydoVGDLmT0hLE+/IsPd1M8tMqm
sifRl2Is+lGVeg4pPHFjB0npTNkaYafu89dz/3PNRRr5If06B+apk4AX
-----END CERTIFICATE-----

28
test/certs/badalt7-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDhuD3oCLc5JiQ8
JUgPxclR1i1lCEK58YEtCknbNzp9gjLIwyfl++weLNSDyMih7qjW16lf4SRgMSp2
UWXtA+lbJipWDmKc/ULRcb6aOQ8AN6ugU8erCBJRZ/5YqT27uWXiDDXjeG6Le8eb
AaG6+joInQFWgLqkBxyZw+5kNbNtqmNFKpAajQYYSVjpsWAtEOelg4vfguwstvpI
okpU+IwmfJtStBe7UyuZhdKeB6aV5ly83HnGf0sPIzqkCiTP+FAo/58VghmClpL/
MyybRvq8n2TH9ef9AndXcxwEvZmFOJhbLD3Rck/lhacO2yt0zk15Ev7QD249MYp9
sKgSc/JvAgMBAAECggEAZG2cJawTEXtV7ejMii//Jck8g1JMlfzM86Q7Pizxejw+
qjKiguI2qSpbF5NzKRFNz+E+e+lpTN8zPFd1GSJ/Zk2x0n4uBBlu7E9GdcnjUb5z
Py9njEJYHB4//WS3kdmoag3ywBWqYaceJWpxcga5YXGx0bIO2MJNSGDzpWR7Q9QQ
tG/lWmno5goY2BxI08BTKSlqNIBkg/rr9jJo3axRcEmbx7hj4vUkAlypFKtmR4dW
bNo0f6VAd5Y6c9YbnKybR/44lScBksuSkZjm076cbbbp5PpsiLGe/12bqUcwCH+T
8hRVndmOLdOxC11OZOvMbX6x2uXNh3/Qr/GMyfzZcQKBgQD4we7E9vOygk1J5Vbl
1zETR9x3dujpBBx3xaHXUSJNUTNwmnZ+0JoFTqPkRmmPMNK7XfZuPymBehtk8WYt
NnezM2UNTdbfVOnJWnU6igRNGBaDW6F9AezlADBNwIbFVw6RqP4fTUFsmm9TQ/8M
4kZmmlW4uLZyX0WQO+AJa7NShwKBgQDoSpnQgmWqXMcaHwY2l8fEDuDc41nDoJIm
/CMppPbr7GkUX4OU785p6E0N0o1ONt+xCBT1lxHwWEeMAKZXrNC1XGpfvhpVZ72v
VruATDFs1rcL3S2Sty7A+jhFKKXlGeDWNcpaKY8nDvv2uJG0+J3bLprdMqnY/gQ1
C+FzyQ6S2QKBgDnHIaRSD6xoo3cEc7iS0O0/ha+hyNtGfy46kyqlx6fZsm73EYrG
/N86ssp0qFP/7RJj8rcMqKFQMUiy4R6jRg4zY8dBSyU4XczM2+mq4PDfJWuBPvMA
HXvbHV0R2LvBSrr+W3f9w7Jr9GuMoZLmg5+VPU/YZ1gNVOT5Y0IM5+vFAoGBANx9
CzlGvLeTrw1VS3GAaobn1Hr2dlrhTDki9UFvK03PLgK/ksdJRLV0YcdwBt6p6XRB
hpuC1O087lSuvTXVfJnZacMNUDOm7/7BpeJm8DcuK7tgKwTrSb61A7ppleY7xRWv
Iy6n6hCaAYIzuWJ85mGJAEhb8apdmqK7bzmXK3UpAoGBALdOvJfqbF0YlHbdQCVi
ftjtxs/dZKdF1rNARR0VMqUtZX+WP2b6OPXlwux94Cr//iNv5ih3B4Z4LIgTpgBJ
AKGXEBGMMthAlptC4BcOAEs9cYeWGLAoYk8jpNmXvXjhGqvzhPO2YrX5xy46dVOG
iiCseyA7Kr8Axt9QhUzoi5f7
-----END PRIVATE KEY-----

21
test/certs/badalt8-cert.pem Normal file
View File

@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDgjCCAmqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDDA5UZXN0
IE5DIHN1YiBDQTAgFw0xNjA3MDkxNDQ4MTFaGA8yMTE2MDcxMDE0NDgxMVowUDEi
MCAGA1UECgwZQmFkIE5DIFRlc3QgQ2VydGlmaWNhdGUgODEVMBMGA1UEAwwMd3d3
Lmdvb2QuY29tMRMwEQYDVQQDDApKb2UgQmxvZ2dzMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAp5T7voqwIiauadaESOe4RMhRVU9tHp5JZlz1yJ7ZYF81
PJJ9XfERTCJQow3BNRbVeXEyI4mvMMcuFwd5cKqy/gP5yfEV01QbpqACKhIK90Nj
9fM2QOiYE81FmvQzP6j7QFYt0E6J4kupvj0D8Z2Nri0kXDGe5+hbgLPkZvnh0vvJ
Ck7AEQ2iqO4Npe4uHoDx3GXNo2Jb6BKNf+nMsJPLo7sqUuZA0/mFDVPNRvKfiq6b
ObFUdbY/qPVPHk9VBWZuO9etk35G2yTSQ9KiGRNgcoWQAozAyLRx0yECHZEbrZ5J
JFuPXO/r7saqNuV7L8UpR0Z0SpyXKs7suLGBpYnO/wIDAQABo4GbMIGYMB0GA1Ud
DgQWBBRkrc1ZEOlR+93o/6EPrgFeM37AsjAfBgNVHSMEGDAWgBTwU4mH3VYZwBnm
IFVvC/wUFdejsjAJBgNVHRMEAjAAMEsGA1UdEQREMEKCD3d3dy5vay5nb29kLmNv
bYIMd3d3Lmdvb2QubmV0gQ1nb29kQGdvb2Qub3JngQxhbnlAZ29vZC5jb22HBMCo
AAEwDQYJKoZIhvcNAQELBQADggEBAJ/gHSUGV0LahCqlFzhi4iP5JTleZlhsqOQd
S2I6KV24gC+Hz4NHv4XhYv9mqZbivNSpf6+TV+77wcncfmkeAGqYMVXVt8DlJ7co
NiKJZu3e2InmhLm5b6cYRidPhPEM7qYpxIhjpia1v7U83nNWvwEITmC0H0Qp3Cuf
dv1EjAyGZsER05jBsy0qqH/64+djqd92zKNKCEaWXkTlC1XE+/PbEb94X8YbQaUn
/wpvioqQ5rv+Bk2Jss23DDh0zOdWrCbKPc9BfsWCfLZYfOAyn5iH1vNdCVd85ggJ
YyHBQ4JiF/uqkHZ7iQJ1QinJIJruAsC0BV0S3mdGgGQAmTT3m84=
-----END CERTIFICATE-----

28
test/certs/badalt8-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCnlPu+irAiJq5p
1oRI57hEyFFVT20enklmXPXIntlgXzU8kn1d8RFMIlCjDcE1FtV5cTIjia8wxy4X
B3lwqrL+A/nJ8RXTVBumoAIqEgr3Q2P18zZA6JgTzUWa9DM/qPtAVi3QToniS6m+
PQPxnY2uLSRcMZ7n6FuAs+Rm+eHS+8kKTsARDaKo7g2l7i4egPHcZc2jYlvoEo1/
6cywk8ujuypS5kDT+YUNU81G8p+Krps5sVR1tj+o9U8eT1UFZm47162TfkbbJNJD
0qIZE2ByhZACjMDItHHTIQIdkRutnkkkW49c7+vuxqo25XsvxSlHRnRKnJcqzuy4
sYGlic7/AgMBAAECggEAEnrYZAOxNqLjWuKABfYfmN4qMeknVFgKKhKYO/5gZEM7
gKl6z7A0wxuJnuF2a99PvSuhZs/ZFNzyFTIKz0TTpjVUB1Phn0NIJVDBzFffA7NX
w5iFZBUCKDTbtyG0wRFmW4rlVHJEvEKxvjvGQo+oPwvVVaFXL6Ws6X1s83oc0AIs
U3NKt8Q69o5pMHUo4Cv8Lgv41J2dfmxqf81FPLPl8NO+E5zV8OKT1AEisYh98P8R
l7E6qWdPVv8hbqmtpXx2rDvUdooaNZPBczjbb/b6zdqxkR3Weu6xBFKTIJAsb7hi
QI/DNxRTKnlDt8QFZi37KwkXAtSIQb7rjZ2OVOGfgQKBgQDQs5+u1ufRxi65Vw/8
lkVjuB0L5+2Z58HlNrB8+iXqh9eovph17Y23ADaCUGEgEUyK3SfA2SFaj0C9nGtf
SgqI2btQQm53sYq/MDNxKf9f0hJ0K0EK0LVyyl4fmGTSexrz+sEYPmp27/RhFSAR
f+uccT0lI/V1V8NKkSKAK30zvwKBgQDNj7FK/+ER7e1+gE5CWKEimOPys3hd91Il
2hNWOzllPtOj5C9qayG18XNYZm0+YqQtYZLhV5REMxY2sNtpfMxtqkjUrZnuaqy0
thhQQP8BRS7eoyOgZ4lAvizsroAqvM9Hqxu7EMspBVLvKDoyGf+L4QsvWB6A7K9q
4EjDrx00wQKBgCxh1paG6zuoKq2Nfz/W8SC4uaybgOLW71wAWl3pkICkrM8c4S1K
/HUrXWwvDciVBTMOvvJ6+mXYywrHpenYxA7ARt5Vkkpv/jKUXIw3QzCsavI7dJSJ
N90Wfhe3/9DnDx9NdxzhwSBT/SNcK7qs+n0Fc9xfHkb7B/Pmk3CwTurfAoGAKlf7
MXPcLRFR5skPVeNj7fiInCoUFWco6NsvOIginpR+jDgo/EbtPslp9T/EKSGwqBh9
ZSXhSNstLD7qM6Sdh8mYDxdjqhUXVnJcN8vru5tAuGPqptQtFcUXA/o+NI+IMz8w
Cyy+bMjH+LPUqRVp6qqE30/LmMsop19kHcsovQECgYEArGQs1WwBCkKCyjAbUOXF
m7pTgqrVEA/+ACrB2/4lCNgBwRvo2/b23pceEIekfcfzlJnsy0i73Jbh6OV5yk1N
Glq+druyWBpK6Ao9emVeLWBJVinSB7WMZ2XPPKEUHVQkYSN0rMuBisEa07lai01E
RxbCxTFtyUMpmWzDwgiwPbM=
-----END PRIVATE KEY-----

21
test/certs/badalt9-cert.pem Normal file
View File

@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDgTCCAmmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDDA5UZXN0
IE5DIHN1YiBDQTAgFw0xNjA3MDkxNDQ4MTJaGA8yMTE2MDcxMDE0NDgxMlowUDEi
MCAGA1UECgwZQmFkIE5DIFRlc3QgQ2VydGlmaWNhdGUgOTEVMBMGA1UEAwwMd3d3
Lmdvb2QuY29tMRMwEQYDVQQDDApKb2UgQmxvZ2dzMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA9Y+SgizcSJ9TIHvJf0k3cnBDWx8xJKurrmpiuvQMl1YY
lzmI4Qxojr5CRDSvCZh50xtF4CDMXW1MnTtYelFhfSmQ09M6lyfjMF+hrYTFkDMX
Rz8WhtN6/YP80xuy7NuhsA00/hUJKqsAKT8ggwlf++0e+L0ELiu9dmB46zaxWzr4
z+DigvrA+O7xrpiD/NscLNK02uIURKPKqlPL5LxUenC9ROFGNAIYJoWzsjxoVD0D
X4bf0COBRzGlLFUHN4FY8LBwGhTcQ+hvsYn0JbT913daX46BuEkrT2V2plCsFDXz
TOtKAHEBm/U4slrp1F3CPsXeqdqnB+3Ktaj+UQ5ZRwIDAQABo4GaMIGXMB0GA1Ud
DgQWBBSauJ1kxBbvxrSyMER4Eh+hEnOo/TAfBgNVHSMEGDAWgBTwU4mH3VYZwBnm
IFVvC/wUFdejsjAJBgNVHRMEAjAAMEoGA1UdEQRDMEGCDHd3dy5nb29kLmNvbYIO
b3RoZXIuZ29vZC5jb22BDWdvb2RAZ29vZC5vcmeBDGFueUBnb29kLmNvbYcEwKgA
ATANBgkqhkiG9w0BAQsFAAOCAQEAGrRJCrSxYLrkJ2MUyaMmJTrhfijIw9ZdYRLx
lkCeW+i6qIV58JQKZeRQVVRJSUEV9OGWn6/46xZZdZWpJIab0EtoNHlMQoB1xni/
1D8+gyOdiWy4jgg83arMMulre37T256vOGtNOu7PpDQCoPWCJkb9xuMt3RJrK8N/
tFYB8TvWATtY/LGzk9Tmm+C7hNxsWx0l+ewxlqdHvpc7xwXuf8u7Ise0JkCDi8NY
z6BxnUyWJ83G20npGnAWXJoaXNDcY0H75dGni3WcRPTAayboEr4xjR9Xqiu3bzlZ
eVdPGwLwbgkvj7NDCQDphHl0HseTUToHGJrVj8dbR4lV10gogA==
-----END CERTIFICATE-----

28
test/certs/badalt9-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQD1j5KCLNxIn1Mg
e8l/STdycENbHzEkq6uuamK69AyXVhiXOYjhDGiOvkJENK8JmHnTG0XgIMxdbUyd
O1h6UWF9KZDT0zqXJ+MwX6GthMWQMxdHPxaG03r9g/zTG7Ls26GwDTT+FQkqqwAp
PyCDCV/77R74vQQuK712YHjrNrFbOvjP4OKC+sD47vGumIP82xws0rTa4hREo8qq
U8vkvFR6cL1E4UY0AhgmhbOyPGhUPQNfht/QI4FHMaUsVQc3gVjwsHAaFNxD6G+x
ifQltP3Xd1pfjoG4SStPZXamUKwUNfNM60oAcQGb9TiyWunUXcI+xd6p2qcH7cq1
qP5RDllHAgMBAAECggEBAJYazkcOnxUxd0HrCU/qdJ9aqoG//m1ZFxgF5hY76ppz
wZJnVBmlWSCwgpdo0Pp/nzCBgmQwCFyv3F5ckYgryPkWeHZTr4QImOLQAmesOowb
/wXJNb7y9UKU9O4jB2usEhko6ZTLTRAs+Ws9MGWJTIgV+ZG5ER4cFLOQ4zl89Es7
/Z9dQFs4c9SqLfyEY3kbXqSQ2uwbUPvZxk22gEmT1OPJGCLAV/fVIaHlGMwacvDV
W2xqNd+uhkqm2ym5u/ROKOCg0jNDkbyHvfTaqCuM1um92nV5kE+JdPiZvAF9XYsf
BDWCaYZW7b97drptp3LOCCptjNAqXc0PH8inVvqbjnkCgYEA/jK6BnXM4lzlLUPt
Bzec+poqyS6uUjP81Ug5CRP5kr+H9GkpBT3iUIU73S+F6Tg6YpobiSP4vpp5kB1p
iZxApte404EtVtOd1M08fx1rQVnyc8RjDENvYQk5hefOg3DrJ28iQzN/c+m8tHfb
OjBp90PFDGSsVvvQjJlwtB5oj+0CgYEA900sE2hBGpm5jXgER7CaahcDnHp9qSlB
lsQYDTDu751V11iRyUVUqZ8IzmgOu53vXbuCpfuQO0H2aFhbe16fCk223eLPJHWh
cGl3FUeLi+uwShMiRWAikMSQ/fUxoOfeal+N+VgiGYZtT7u2s1mpm83/mw3J/gaT
CQI19A67H4MCgYBX7xZZC8EvgTEqYngJahycuF4asFJPT3qkEVLhqA5KzITscMBm
9sxmTGC0GC97yR6xY1wpKc9vqCJrTzFmEC5xSOjACcy0X4oWxlSqKHQk7Eep8oLN
CDrsV3OVteXDpHlEb/ZrRtJNN8s2psuoqnzNs5zjt6PCh2PSb3YEaQyE1QKBgQCp
6VfzLZotkJkwXdly+B/f7FgK1w4nf7UUxT5RMeG4uD0WbEAeLYhx0lbWmiAlP+oK
WJ73M9RxIm0OXEbeiLB0/9g4s3Dm9/snpQ6wjCuQwyqoemT9jYOyO5vzINgsWaMz
Ktv9CVTEfNv2AF8S8vPZnLuV6O9znUjA08gGG2jtyQKBgBisaBV0L3zTllp/KxiN
rFf3u42XibhfTuiyaJtUDQftkvfW727nE4nTZ9Q7uVXuK4xdmihfA0htsMbHX7Jc
1R6SzJ8x8T/2HXsiHLubqbANWfOYxYxlvmfZ7/Bv1GhBIq4d7A8a/Eyz34j9w/xs
C34TbBAlm79KVANPHT+CJoR1
-----END PRIVATE KEY-----

20
test/certs/badcn1-cert.pem Normal file
View File

@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDQDCCAiigAwIBAgIBAjANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxUZXN0
IE5DIENBIDEwIBcNMTgwNTE2MDI0MTMyWhgPMjExODA1MTcwMjQxMzJaME4xIzAh
BgNVBAoMGkdvb2QgTkMgVGVzdCBDZXJ0aWZpY2F0ZSAxMRUwEwYDVQQDDAx3d3cu
Z29vZC5vcmcxEDAOBgNVBAMMB2JhZC5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDN9WI6OyxnW+R98FqrWwMo3JE165bRB8iQOdDP3xE1+bvUMDYh
8wFR9gfNrKhqXubJ3lCHKgaApTXNKM/jwrT/pqhF6iNfPIbKAMTT4VZPy4/eI45R
03Yn+dJnZLDz7BDpnuhORp8XzQqfxSGBX0Rdr17xYOwGHcruwoitRyS/w8p8EKos
/LIDvjzye5GaPXqXkAkcBcLBpWlgMm+j8xE+LzGw1NVw8vWMSpP2WX9kp7aPbh+A
jSbT522yHy1r6WeElbSY7WOFvnmgbZ19pUdyz8CN6KKb87dBA0joyWSly5ZsNbjh
/YuRhCgRExvdQ6kImwdKAfO7RLkxho6jny1HAgMBAAGjXjBcMB0GA1UdDgQWBBT5
fenRjyFKUb1XvUnm4GV9kZmONDAfBgNVHSMEGDAWgBQI0Zv55tVkcKDxaxqe7VLa
3fVQQzAJBgNVHRMEAjAAMA8GA1UdEQQIMAaHBMCoAAEwDQYJKoZIhvcNAQELBQAD
ggEBACKtfZCcP/pY8Bu+lb/pGZj5txsmNbJ1l2RVACQA7CGjwfUr7VaQGMuT+FuA
Erlh+UnEC3R/e1xQwgJeuAXBOWFkxA61isVSrmM7YM6vDB0+t8N9lMUFjPbRyEkM
A5kaSLPrgSOg7ONsO6YGbaWm1XCoUC6Ilrdzy+ckzklgjYRth99b2d5WrjIxEWIq
BX2DI2ruetjXYGRzsqSK+O9d4fsqrb5M0ZCNWQZ4WnrMNaAeHWpW6NqSvof/N21x
WC5zcU7GXLrDigwWPMDLQhVtu4OihWjsqugh6Jl7DxDBhi8JKO6tJQAISHjKaL98
yXZFsQ//q7ATwlcHyB81B+X16AI=
-----END CERTIFICATE-----

28
test/certs/badcn1-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDN9WI6OyxnW+R9
8FqrWwMo3JE165bRB8iQOdDP3xE1+bvUMDYh8wFR9gfNrKhqXubJ3lCHKgaApTXN
KM/jwrT/pqhF6iNfPIbKAMTT4VZPy4/eI45R03Yn+dJnZLDz7BDpnuhORp8XzQqf
xSGBX0Rdr17xYOwGHcruwoitRyS/w8p8EKos/LIDvjzye5GaPXqXkAkcBcLBpWlg
Mm+j8xE+LzGw1NVw8vWMSpP2WX9kp7aPbh+AjSbT522yHy1r6WeElbSY7WOFvnmg
bZ19pUdyz8CN6KKb87dBA0joyWSly5ZsNbjh/YuRhCgRExvdQ6kImwdKAfO7RLkx
ho6jny1HAgMBAAECggEBAKDxiUHx7cATShm0ElZnd6+dtQfKwv8zsuIpm+hk62Ef
d0zYI+UhrT1sIiryKmV9JaJITOtixtQOxl088D+Obrx8cnC4B84rUTVXpnfgVf9j
FljDtjpxIZsZmPbc836ZUZoOaICKpVYHD69Mb+NWG+mN2oaLc8VP0L4FXKLzvl7u
69NQlTPG2CS61BktVqMtWWc/9CvdOwqwVbckyISj9QLUgSXIyB4IP3bjp0RYSpOu
m3nhuhil1G3c05R4UfiE2d9Er7SBBoQ304ld892YRinSgtZqC1G25uZmWJ3ekAAM
bg6P0hBd86F/G2TxNdelYrxTazjqZShYi1N48SK6kUECgYEA+51O19Q5XkskD/Dn
VfaCjSOTFwDlb5ATmVCrJu+13/5IJfmJgWA6xdqfWoqxSOsJzXBEETKWgkahoo4K
OU1UaBTHEJ588xOpoMzbJkKlb5hPseEQsvu055Ky0euMgmlrALPQQ9e1DUSlowui
Cq9wCak4dqq9NNs6FMIeGhqczGECgYEA0YxcajJFxPHJsdFCVa4tdy9jgfC64t4Y
CWDzRfUnuX24ILbW9+olvvoZkMSzoVpiQ9YU8kPJUaOyFrw6jUV5GRHUCMgfkx2Y
nqe+7aSFmv0Nlo0RMV2PqaOZzlxnG9FzyNE+4PygZqtFhN21b5Idc69k2Ltu7K4J
J4MG1kMUGqcCgYEA0ttUPEisPtoHgZhntUFczHx4gnmMzH5X/k5876dIqkrFGZXR
5urGthHtIwpBYZMeZtxjHmpfeRNJ1xjjdnvYdVScMdAvc+ERcSDbsmd9jlR8zNuI
jAWl576nPoX//TXspu0JZiE5p8HUcRuJkxzMbjwyhje1Ubs6JDU81rFgn2ECgYAG
3WVNqVX1zMIBzEwzCGC+7dOBt0Q4GHSLIhz2JsDlZ8P3dmX2ezo/Vmwt/POxjod3
l3TaNvRKc2VrL0FvzV3ZP2dF3mCCbk7Iq9AqcuBZon6mdvqgNmN1eEGarBZIqAT2
CDzaHAyZMHU3lBfUjuHeH1nba9CHenAcVkOME2h+MwKBgQDiHAnTK4ovCNmT5E9i
03x/wPSH8FZ3Wrb1GMtNlTc7lOtB5eYIvwkaloJkNKHbUDv57V66hnYT6CyH4u45
dPtuohtafL9mdScYqmicGLtbLLglSQpJYt4J59hffNZ30E84dKXtyDN7E5P5Z00Z
8PbOMUy3oK6j+GMP/xRNI76RtA==
-----END PRIVATE KEY-----

18
test/certs/ca+anyEKU.pem Normal file
View File

@@ -0,0 +1,18 @@
-----BEGIN TRUSTED CERTIFICATE-----
MIIC7DCCAdSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNQME4wHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ
KoZIhvcNAQELBQADggEBADnZ9uXGAdwfNC3xuERIlBwgLROeBRGgcfHWdXZB/tWk
IM9ox88wYKWynanPbra4n0zhepooKt+naeY2HLR8UgwT6sTi0Yfld9mjytA8/DP6
AcqtIDDf60vNI00sgxjgZqofVayA9KShzIPzjBec4zI1sg5YzoSNyH28VXFstEpi
8CVtmRYQHhc2gDI9MGge4sHRYwaIFkegzpwcEUnp6tTVe9ZvHawgsXF/rCGfH4M6
uNO0D+9Md1bdW7382yOtWbkyibsugqnfBYCUH6hAhDlfYzpba2Smb0roc6Crq7HR
5HpEYY6qEir9wFMkD5MZsWrNRGRuzd5am82J+aaHz/4wCDAGBgRVHSUA
-----END TRUSTED CERTIFICATE-----

18
test/certs/ca+clientAuth.pem Normal file
View File

@@ -0,0 +1,18 @@
-----BEGIN TRUSTED CERTIFICATE-----
MIIC7DCCAdSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNQME4wHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ
KoZIhvcNAQELBQADggEBADnZ9uXGAdwfNC3xuERIlBwgLROeBRGgcfHWdXZB/tWk
IM9ox88wYKWynanPbra4n0zhepooKt+naeY2HLR8UgwT6sTi0Yfld9mjytA8/DP6
AcqtIDDf60vNI00sgxjgZqofVayA9KShzIPzjBec4zI1sg5YzoSNyH28VXFstEpi
8CVtmRYQHhc2gDI9MGge4sHRYwaIFkegzpwcEUnp6tTVe9ZvHawgsXF/rCGfH4M6
uNO0D+9Md1bdW7382yOtWbkyibsugqnfBYCUH6hAhDlfYzpba2Smb0roc6Crq7HR
5HpEYY6qEir9wFMkD5MZsWrNRGRuzd5am82J+aaHz/4wDDAKBggrBgEFBQcDAg==
-----END TRUSTED CERTIFICATE-----

18
test/certs/ca+serverAuth.pem Normal file
View File

@@ -0,0 +1,18 @@
-----BEGIN TRUSTED CERTIFICATE-----
MIIC7DCCAdSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNQME4wHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ
KoZIhvcNAQELBQADggEBADnZ9uXGAdwfNC3xuERIlBwgLROeBRGgcfHWdXZB/tWk
IM9ox88wYKWynanPbra4n0zhepooKt+naeY2HLR8UgwT6sTi0Yfld9mjytA8/DP6
AcqtIDDf60vNI00sgxjgZqofVayA9KShzIPzjBec4zI1sg5YzoSNyH28VXFstEpi
8CVtmRYQHhc2gDI9MGge4sHRYwaIFkegzpwcEUnp6tTVe9ZvHawgsXF/rCGfH4M6
uNO0D+9Md1bdW7382yOtWbkyibsugqnfBYCUH6hAhDlfYzpba2Smb0roc6Crq7HR
5HpEYY6qEir9wFMkD5MZsWrNRGRuzd5am82J+aaHz/4wDDAKBggrBgEFBQcDAQ==
-----END TRUSTED CERTIFICATE-----

18
test/certs/ca-anyEKU.pem Normal file
View File

@@ -0,0 +1,18 @@
-----BEGIN TRUSTED CERTIFICATE-----
MIIC7DCCAdSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNQME4wHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ
KoZIhvcNAQELBQADggEBADnZ9uXGAdwfNC3xuERIlBwgLROeBRGgcfHWdXZB/tWk
IM9ox88wYKWynanPbra4n0zhepooKt+naeY2HLR8UgwT6sTi0Yfld9mjytA8/DP6
AcqtIDDf60vNI00sgxjgZqofVayA9KShzIPzjBec4zI1sg5YzoSNyH28VXFstEpi
8CVtmRYQHhc2gDI9MGge4sHRYwaIFkegzpwcEUnp6tTVe9ZvHawgsXF/rCGfH4M6
uNO0D+9Md1bdW7382yOtWbkyibsugqnfBYCUH6hAhDlfYzpba2Smb0roc6Crq7HR
5HpEYY6qEir9wFMkD5MZsWrNRGRuzd5am82J+aaHz/4wCKAGBgRVHSUA
-----END TRUSTED CERTIFICATE-----

15
test/certs/ca-cert-768.pem Normal file
View File

@@ -0,0 +1,15 @@
-----BEGIN CERTIFICATE-----
MIICRDCCASygAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDMyMDA2MjcyN1oYDzIxMTYwMzIxMDYyNzI3WjANMQswCQYDVQQD
DAJDQTB8MA0GCSqGSIb3DQEBAQUAA2sAMGgCYQC3wNLc1A9gAjz1H94ozPrLOhE2
R8c6RQjkUIALCOuw8xbZV+AEDSqP11Bw8MVzvmpksR9s1idJhLOugwMNTHfTXJjV
DWoQh9ofR51J5sOph4yDhQBXRmiuvqMDj+a81UkCAwEAAaNQME4wHQYDVR0OBBYE
FKrzei/LKJop6yShiJupKskW0ZQcMB8GA1UdIwQYMBaAFI71Ja8em2uEPXyAmslT
nE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFr4hjVtLuZz
gxLILAOREEtanckfnapUrhTLukog9Q8uzqMUE+YDEhkcP4YAVjcab6HaXrbcxXsn
zn+v+GPszD9G3doGbUjuwEEAHz+k/9sjsn8QAGw/XslYhd5dktaRRCqaTNiWT+Ks
xKntAsgXcgWNIpvGikzTB/W7IrjIV8/S1JjLABtoY88tFUX81Ohr3bFFsRc9EHVS
MtGnEwfoBOSlCUjaTWBNHHi1HstK9sG2SNT/nhN1HATk/aiCiQRKr/bm6ezPC2If
6mRidaNiQN8+vzvtn86BqtRJOEi8jj5CBax6IqwfE+lDZIwT7H9C9Cu8Yp4mTM0x
wwzRDnFVisM=
-----END CERTIFICATE-----

15
test/certs/ca-cert-768i.pem Normal file
View File

@@ -0,0 +1,15 @@
-----BEGIN CERTIFICATE-----
MIICSjCCAdSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDMyMDA2MjcyN1oYDzIxMTYwMzIxMDYyNzI3WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNQME4wHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFFjzE/eu8wvKwzb2aODw52C+0gLVMAwGA1UdEwQFMAMBAf8wDQYJ
KoZIhvcNAQELBQADYQCZM1sSpIyjyuGirBYvezFryUq5EyZiME3HIHJ7AbmquPtE
LcoE8lwxEYXl7OTbLZHxIKkt6+WX2TL/0yshJLq/42nh5DZwyug7fIITmkzmzidF
rbnl7fIop7OJX/kELbY=
-----END CERTIFICATE-----

18
test/certs/ca-cert-md5-any.pem Normal file
View File

@@ -0,0 +1,18 @@
-----BEGIN TRUSTED CERTIFICATE-----
MIIC7DCCAdSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDMyMDA2MjcyN1oYDzIxMTYwMzIxMDYyNzI3WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNQME4wHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ
KoZIhvcNAQEEBQADggEBACTmLO0KOkXFNjj6hXozC9GzQYMXdCfNmgMuetk8xdVm
TqkF/qIGK2FBWn91IH0/9ydZbL83EKjPjqjwqzXqExJ0Un+fy7XbYMKtjGJ21egJ
x97jzKey5phEwRD/4fJ+PCml9eE/SNzBV0xKSDq4qQYvSJ3GF6KCATVlr0bDzQJZ
yTY3FeNoy+K7Mb0rHtsGru60C/Ft1dl9uiJ+yKXMiCxPcDjYb+95mA9QJ1kXfR8J
JVfeKhEEK+QIVpz/37aQ4jx/zbGblFsruALK22aLnpgrfUzrsYQ8W8T/DV2dV1ra
4wHz/QtlE4isInOaK2+pvXwyGar+1/s3+VxXEiPlZ7IwCDAGBgRVHSUA
-----END TRUSTED CERTIFICATE-----

18
test/certs/ca-cert-md5.pem Normal file
View File

@@ -0,0 +1,18 @@
-----BEGIN CERTIFICATE-----
MIIC7DCCAdSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDMyMDA2MjcyN1oYDzIxMTYwMzIxMDYyNzI3WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNQME4wHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ
KoZIhvcNAQEEBQADggEBACTmLO0KOkXFNjj6hXozC9GzQYMXdCfNmgMuetk8xdVm
TqkF/qIGK2FBWn91IH0/9ydZbL83EKjPjqjwqzXqExJ0Un+fy7XbYMKtjGJ21egJ
x97jzKey5phEwRD/4fJ+PCml9eE/SNzBV0xKSDq4qQYvSJ3GF6KCATVlr0bDzQJZ
yTY3FeNoy+K7Mb0rHtsGru60C/Ft1dl9uiJ+yKXMiCxPcDjYb+95mA9QJ1kXfR8J
JVfeKhEEK+QIVpz/37aQ4jx/zbGblFsruALK22aLnpgrfUzrsYQ8W8T/DV2dV1ra
4wHz/QtlE4isInOaK2+pvXwyGar+1/s3+VxXEiPlZ7I=
-----END CERTIFICATE-----

18
test/certs/ca-cert.pem Normal file
View File

@@ -0,0 +1,18 @@
-----BEGIN CERTIFICATE-----
MIIC7DCCAdSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNQME4wHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ
KoZIhvcNAQELBQADggEBADnZ9uXGAdwfNC3xuERIlBwgLROeBRGgcfHWdXZB/tWk
IM9ox88wYKWynanPbra4n0zhepooKt+naeY2HLR8UgwT6sTi0Yfld9mjytA8/DP6
AcqtIDDf60vNI00sgxjgZqofVayA9KShzIPzjBec4zI1sg5YzoSNyH28VXFstEpi
8CVtmRYQHhc2gDI9MGge4sHRYwaIFkegzpwcEUnp6tTVe9ZvHawgsXF/rCGfH4M6
uNO0D+9Md1bdW7382yOtWbkyibsugqnfBYCUH6hAhDlfYzpba2Smb0roc6Crq7HR
5HpEYY6qEir9wFMkD5MZsWrNRGRuzd5am82J+aaHz/4=
-----END CERTIFICATE-----

18
test/certs/ca-cert2.pem Normal file
View File

@@ -0,0 +1,18 @@
-----BEGIN CERTIFICATE-----
MIIC7DCCAdSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOsBxQ3RD9TDABcU
Uddp+r5s2pLcA/IUN8MnH2PoemxgfJUKfWm+t0VR2mFqyiSeym1V1TkDnuhzui1Y
ftOuiN1qVs0s6xBcU0+S9vWzYIu5SFTkOgB5APYamCLfbDw3xFTQvRs55UfR+yof
T/sN6Enq6AhptqnJ/eYVX9EuLTDwV55Kptb4gv9JQs6v01aEHzJ9KGlK2zKpS9Am
E67xNkwPeXwbzDdqXgr2a+aSrZjtHUfOsV5gZwH8XPAY0kFmrwhHIJsYZInsZhFo
nil/9pMB8gHFU2EHq3LXbs4GUouQoIf+m3OmgeHCI+t7nAfQgU94FJzq+r6p4WxQ
KI7cotkCAwEAAaNQME4wHQYDVR0OBBYEFAFonW/5R1NkYk6W28NxJdMyTlCtMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ
KoZIhvcNAQELBQADggEBAJIyn7fl5QppxeRmCLhj18Ic+Nft5LMCvaOkv9HNctL+
f1Qe2RgtdrMbHpYykXYrOI4KDt4LhLLInGjXNgV+lp8tSi/ok26wNIpwjf68bfP+
nWNHi2Lt0Eeo9Wpq2VqdsHct98VvBXyuLysbThEJVbrLRsgvBWxdEzbf5RnwdWd5
ZTDQyHgP1/gabl+AyvDFne101IyEA3i90NBhQ8NmSNn4ShTTrerbZSiWhy4eQEzo
PeWfUVERV28/0D4XIt/fFuF3M/0RbEgKq2wlDMCT8+W/hWmcZsdyt4xSyiGyjh9Y
ldYmdyOrlfOGVzkZ63GTOAC68SNVCXJg3cOmfEczkRw=
-----END CERTIFICATE-----

18
test/certs/ca-clientAuth.pem Normal file
View File

@@ -0,0 +1,18 @@
-----BEGIN TRUSTED CERTIFICATE-----
MIIC7DCCAdSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNQME4wHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ
KoZIhvcNAQELBQADggEBADnZ9uXGAdwfNC3xuERIlBwgLROeBRGgcfHWdXZB/tWk
IM9ox88wYKWynanPbra4n0zhepooKt+naeY2HLR8UgwT6sTi0Yfld9mjytA8/DP6
AcqtIDDf60vNI00sgxjgZqofVayA9KShzIPzjBec4zI1sg5YzoSNyH28VXFstEpi
8CVtmRYQHhc2gDI9MGge4sHRYwaIFkegzpwcEUnp6tTVe9ZvHawgsXF/rCGfH4M6
uNO0D+9Md1bdW7382yOtWbkyibsugqnfBYCUH6hAhDlfYzpba2Smb0roc6Crq7HR
5HpEYY6qEir9wFMkD5MZsWrNRGRuzd5am82J+aaHz/4wDKAKBggrBgEFBQcDAg==
-----END TRUSTED CERTIFICATE-----

18
test/certs/ca-expired.pem Normal file
View File

@@ -0,0 +1,18 @@
-----BEGIN CERTIFICATE-----
MIIC6jCCAdKgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMB4XDTE2MDExNTA4MTk0OVoXDTE2MDExNDA4MTk0OVowDTELMAkGA1UEAwwC
Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWnaQ9AEscX8bL3Y/S
MbKIFczEhixc4mmLhPSno1PfkeO/UYn78HwQDTutrDVidfV///RuVI8FppIjs59Z
OdA5GLAQQN5ic4pOsI7f3OfJQSJUhIAIKbw1PIbfMN7dtCT/fmKlwHroKhY/1pfa
xULbL2lkkcsI11ZaeX8bhEHpTZ13CRCobCkzRMbAVGXm6OPydQVqZJVswPT9JWFu
SDbwwAMHBdZ85RH9GOhKLdNyDDcoNjExOIXocY3YAknIvBmJxYqxP6I16qqQHGRo
e69naloGVA9Q4fm09r461M4/Hkx9xncyPqJY7dvddNiSFGqo98s0WJGofBSxfQiz
TbFHAgMBAAGjUDBOMB0GA1UdDgQWBBS0ETPx1+Je91OeICIQT4YGvx/JXjAfBgNV
HSMEGDAWgBSO9SWvHptrhD18gJrJU5xNcvejUjAMBgNVHRMEBTADAQH/MA0GCSqG
SIb3DQEBCwUAA4IBAQAW1MwF8Rfcgj6zHutqzzt7RQB5GT1b/vJNzgUyGTRK9kch
HOw7rM9WpfP1cMEjhLwGJEZkHPb0DA8rZ4uFERuoZky04/vTum0GgLXmlnSTaAk5
ImJyJn9aFR+sbD6QyfkSmQk9yS48AHom62IfA9yVwQStq3HvI038oVEb2IO5TE+L
CTX8dVFl4ZgYMVWTLYGzvECCvM42enR9QT0yp+9k8dZ9DcGzknZouoDd1BC2u05V
TJIviKNZMA/UEsON5QL02h25r1YRNlegeC4zl1DbJXXhJfDiacMZD7AA6NWMdwlk
7jDeEHIItT7V/x0NWllSqSPPZIsuyuuwFNmLZHfw
-----END CERTIFICATE-----

13
test/certs/ca-key-768.pem Normal file
View File

@@ -0,0 +1,13 @@
-----BEGIN PRIVATE KEY-----
MIIB5QIBADANBgkqhkiG9w0BAQEFAASCAc8wggHLAgEAAmEAt8DS3NQPYAI89R/e
KMz6yzoRNkfHOkUI5FCACwjrsPMW2VfgBA0qj9dQcPDFc75qZLEfbNYnSYSzroMD
DUx301yY1Q1qEIfaH0edSebDqYeMg4UAV0Zorr6jA4/mvNVJAgMBAAECYQCJAsu3
QJ9eNQ0CsQpTXdO6aMegs5CHkCX7J1Lx52rl+7uTv4QXQUH1EtS2AbEYhmdGzMFN
ZlBrg1vDsW/yn02NZzvT6xT/kvzFhQVw1i8B0YyB8wPao3f2ZxPkAfeoAAECMQDa
6VkNYlHgPOlTtwU1WYUirFczpipQsuk/lIf7B3+rVRUHoAE4nbeIRJgkKZaJEAEC
MQDW4pYsyN79HEqFpOFlfsrERw3y4hLRXGeHxbfJFdAe7SUfNj28ZI2EPFE0DJhX
RUkCMA39M2+jhM/rlI2A+Jg8LEHW+YuXZsTZagZiG35zMDlmqn1eQDW5/mx61a4Z
6kDAAQIwIlbZWtTK1bX0rsC3iEmny4/zSbIZAb37iXXuNcM3nAmXmhJH8Vg8STp+
W4v7uE6JAjEAwiB9wCVwG4UhvKNQ4Wd2mfJiKZQNF4rL4ID0g+Wk6kX67c7u2hfH
sSaluw9nM91s
-----END PRIVATE KEY-----

28
test/certs/ca-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCWnaQ9AEscX8bL
3Y/SMbKIFczEhixc4mmLhPSno1PfkeO/UYn78HwQDTutrDVidfV///RuVI8FppIj
s59ZOdA5GLAQQN5ic4pOsI7f3OfJQSJUhIAIKbw1PIbfMN7dtCT/fmKlwHroKhY/
1pfaxULbL2lkkcsI11ZaeX8bhEHpTZ13CRCobCkzRMbAVGXm6OPydQVqZJVswPT9
JWFuSDbwwAMHBdZ85RH9GOhKLdNyDDcoNjExOIXocY3YAknIvBmJxYqxP6I16qqQ
HGRoe69naloGVA9Q4fm09r461M4/Hkx9xncyPqJY7dvddNiSFGqo98s0WJGofBSx
fQizTbFHAgMBAAECggEABdXHpiFbx5aiUgWca81HGGSX0UlNcK/I3QHipJf8SN4T
D7dt/Be+BrUsibbxPoZJY5Mb+iZGgDaK1N1BoChQO9YMBCUvOGs3gYLvlhat2Csw
1Etp1mcfhoR4yS7Qg5BWGpvf4IILgPEYeZKrwWsBAxLcJ2xKjGYjT1ADr6I5F3u+
FYN+bvlXxr07GccfS+UHt04oT0dHwxQzFaJj+yqKWGo2IFtPqtr6Sgoh9a+yFYIi
8a9MigTTt+IyJ55OuC/FHRf1PofprftADFts78k43qxWtrxSrQVdlNXp1lpZOtuR
7gvB/r3a2byDYxCxYVu98tQuOfW909TdDgPmEJjcAQKBgQDHcTYi+zcGKooN3tfK
Oc6hnFXAYTNpYp074NfIYB8i10CwbvWta1FDoi3iRqlQFwg+pu12UefZsj21F+aF
v2eGP33kQ6yiXJQ3j7jam7dY+tZ6xb0dthm+X/INuHp/HbSb1qKFmSO2rmMDQg+e
Crqts9+t5Xk04ewTgpySLZjvRwKBgQDBU85Ls3s8osre5EmVBRd5qBt6ILnjtdoa
UxrrrWopRx2q3HsI41VhKFx0PGs6ia0c6+9GFR6wX/Qevj85DADbzHDA5XEZq98q
8yH4lme2Uj2gOlWqyhDeC/g4S+MsbNoIaUOZbMGg/phyAe20HvtvD7MUhZ/2rkta
U5UjFpouAQKBgQC/+vU+tQ0hTV94vJKBoiWKIX/V4HrprbhmxCdSRVyTYBpv+09X
8J7X+MwsLRKb+p/AF1UreOox/sYxhOEsy7MuYf2f9Zi+7VjrJtis7gmOiF5e7er+
J6UeQSMyG+smY4TQIcptyZy8I59Bqpx36CIMRMJClUqYIgTqPubSOzwkzwKBgENB
9LNBbc5alFmW8kJ10wTwBx8l44Xk7kvaPbNgUV6q7xdSPTuKW1nBwOhvXJ6w5xj4
u/WVw2d4+mT3qucd1e6h4Vg6em6D7M/0Zg0lxk8XrXjg0ozoX5XgdCqhvBboh7IF
bQ8jVvm7mS2QnjHb1X196L9q/YvEd1KlYW0jn+ABAoGBAKwArjjmr3zRhJurujA5
x/+V28hUf8m8P2NxP5ALaDZagdaMfzjGZo3O3wDv33Cds0P5GMGQYnRXDxcZN/2L
/453f0uUObRwFepuv9HzuvPgkTRGpcLFiIHCThiKdyBgPKoq39qjbAyWQcfmW8+S
2k24wuH7oUtLlvf05p4cqfEx
-----END PRIVATE KEY-----

28
test/certs/ca-key2.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDrAcUN0Q/UwwAX
FFHXafq+bNqS3APyFDfDJx9j6HpsYHyVCn1pvrdFUdphasoknsptVdU5A57oc7ot
WH7TrojdalbNLOsQXFNPkvb1s2CLuUhU5DoAeQD2Gpgi32w8N8RU0L0bOeVH0fsq
H0/7DehJ6ugIabapyf3mFV/RLi0w8FeeSqbW+IL/SULOr9NWhB8yfShpStsyqUvQ
JhOu8TZMD3l8G8w3al4K9mvmkq2Y7R1HzrFeYGcB/FzwGNJBZq8IRyCbGGSJ7GYR
aJ4pf/aTAfIBxVNhB6ty127OBlKLkKCH/ptzpoHhwiPre5wH0IFPeBSc6vq+qeFs
UCiO3KLZAgMBAAECggEAWrrGLz1llUjrwf1QU5BRBC/WexiCVXXEyY1TKylYCnt9
3bS9EpRVAWhGnZGzFUxQ7sFSnr5tHWWAnX0rCeK6aHFjrbcH0bszVudwfQ+R2J/h
8xRh6EjPPDSsQ9pqWR1WqUAloltJz96bz3ljUZPe+Jq+lnDp2sdnROs/oOzo+Zkz
ZkesMwX+aR9prRhnT60A0UeQXZyDJFrWMCVnaeO3JUI5RvjZ3xdEgi5jj4AiNUvH
x1k/CApynTvJN4LTFncc6qfnyNH/BU0521WKOcTVCI7tWioRIhiX369xR9qqgRfL
woifc3UjW1f66eMRTsIeh+smcoG4WkHvmpknVDG74QKBgQD7lOtCRMZr9gKIEWNy
pwm1sMS91zuJnaVLEHjIc6Glc9TqDlZOGp5KcAgXA8Tm7TblQXJ+QlGjX6RBdRD6
XTHbQcyCJ/5rUU+2a6BBga++moBp2ugLSjc/YSTpzVTRC9+Lw1dZ5czrn3exozQj
1/jxdOUVToOomwhpGHoXxVqv3QKBgQDvIlUbvHxrwE8EmBWYjhYZeOTREmzhWNCo
6p7zibZPvKyfZxzXSonJ+T1k/pxNlkMg3SuhZozOCdhQtQupauRlrQ4Hzw3Vc6gr
Dv5Qew/UwxB02zWjG2PhAfDV1KQgZAwC1g1TCWwqQcV52g5p0kdUgKaPte1P336l
YvwmTduNLQKBgQDutNsQEr+OWmsGfjE07Sb6XRIf6qOULJ9UfPmNgKGkoiYoOphL
HViJ2ojihXIDhppqplGjWPurHylz7kbAt0KB/om0CYyOeSVAOhhhb1K4cFJdnhZD
+BQ5r8vdhzTt8O0X6K3uH2vzOWjRhMAJLngHalmegNPNW+R8C3x1J42nhQKBgF9s
q9mtlVjKHL4Qkk2WJWt0uppTZ+9kqZ8+QL+eLIoVGC1j0DZ5IBLgyocKswSi+Zab
q1V0vqtZcmCCXmz0or+QFxE2pqaOyISmLwWeleqpDGAVOYok2+5l/9zURcpHIiPf
luGT2P3j0RGW2jmQF7a4v76JMnG1FayZm1UNrJbhAoGAGM8s9YbDW2+DaTbbSQbg
IBmT+8MLjVczRUmv5Yi8y4z/aEGjsM7032LjFRiR1PUTeAnkKLnII5rdbEo96UDb
OMv8SAH3G4lhfS+lq2TSy+XjlAAIOkiI9xW6Xo/KakIOepDzORzY74ayrxqjiyQv
uchNPF6GhCMnLZC9AxZs4Fg=
-----END PRIVATE KEY-----

18
test/certs/ca-name2.pem Normal file
View File

@@ -0,0 +1,18 @@
-----BEGIN CERTIFICATE-----
MIIC7TCCAdWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjAOMQwwCgYDVQQD
DANDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWnaQ9AEscX8bL
3Y/SMbKIFczEhixc4mmLhPSno1PfkeO/UYn78HwQDTutrDVidfV///RuVI8FppIj
s59ZOdA5GLAQQN5ic4pOsI7f3OfJQSJUhIAIKbw1PIbfMN7dtCT/fmKlwHroKhY/
1pfaxULbL2lkkcsI11ZaeX8bhEHpTZ13CRCobCkzRMbAVGXm6OPydQVqZJVswPT9
JWFuSDbwwAMHBdZ85RH9GOhKLdNyDDcoNjExOIXocY3YAknIvBmJxYqxP6I16qqQ
HGRoe69naloGVA9Q4fm09r461M4/Hkx9xncyPqJY7dvddNiSFGqo98s0WJGofBSx
fQizTbFHAgMBAAGjUDBOMB0GA1UdDgQWBBS0ETPx1+Je91OeICIQT4YGvx/JXjAf
BgNVHSMEGDAWgBSO9SWvHptrhD18gJrJU5xNcvejUjAMBgNVHRMEBTADAQH/MA0G
CSqGSIb3DQEBCwUAA4IBAQCnVQGsqB3UipgBdwnxQMQJxaeo6MUdBs0gc3rFg2e9
EFoDE92/hX+Ze7YRji6GRDzmRDd/i5gLgn6tMtJZzPPV6pzFsDZ0mB1pHJrObB+q
nZVjRFpGFcIm1epXjYRssCQepu92DR7ReSsLqFDSmBROAKfYvt3hdN34W8rp5Gnb
2kxm5F+dJrtDIs0C/3hItBkBmZ69KHqSWq5lmBY7K1cpKU6enZFgJEZ+w3pqAPBI
jrbxER2qdr4g80hzT9g+YPIlI+PfkGf5jmClugpsJ7ptXEdW1LsdEyZgd2VUZymw
rcIp4tupJNvgLC18ZcYcyQ6jMPZOfhfGpNlqZ37jI7Yu
-----END CERTIFICATE-----

18
test/certs/ca-nonbc.pem Normal file
View File

@@ -0,0 +1,18 @@
-----BEGIN CERTIFICATE-----
MIIC6zCCAdOgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDMzMDAwMDE1N1oYDzIxMTYwMzMxMDAwMTU3WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNPME0wHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAsGA1UdDwQEAwIBBjANBgkq
hkiG9w0BAQsFAAOCAQEAPo7bKKFLbwT3x7dw+OPZMDxwyG1pk5x+5SD7iv45mOzS
5lZ2ByaOH+jnjTfG6beNmTCbfq6RcHqTvD6LXYex5z9KliIL9Fpwh507uGDXmKDN
lM0zmbYhXiWGRwP5NkbB/EppbiSk42l5/ky4gmCH/a9kQfiBW+Gwe3aBwRX6v+5p
BLwH12YrM46DdEL4RHd2H/9rjSaX4X3aaZd9kZsf/yaOU65iQX15cNDfxkKncYQK
K+xjT2S/NLcwslkPzQLCWeWZVBV4Vd+TEjjZA1tFpu5e1oNlJYvGbqjIuUurpoxv
IhsVUfWJEf7KjpFy+kgPyijNYRUBFrMspdb6x771RQ==
-----END CERTIFICATE-----

19
test/certs/ca-nonca.pem Normal file
View File

@@ -0,0 +1,19 @@
-----BEGIN CERTIFICATE-----
MIIDDTCCAfWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNxMG8wHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAkGA1UdEwQCMAAwEwYDVR0l
BAwwCgYIKwYBBQUHAwEwDQYDVR0RBAYwBIICQ0EwDQYJKoZIhvcNAQELBQADggEB
AL/aEy4Nk2W2UQNi/0h9MLkiq4J5IkjUocJp4grPUsdUJKu68GFYgWnJSBZjKMhs
X390IUWrRJ8C7SJtyGOhbh2E6Zn7TveI77Mnw2CZpGhy+xieqTFmaIIWJgZVzaTT
3hMhnXImn06k8eJiJiQQAHKr9XKDK9HIiESyBpujIW5hI7wrklkn0asl6DwiXcUw
AuXqNffWpomWI4ZZceOJkr5dSFM9HyksQi4uzj0qYTDyDHJ6BLuGYWbUoB64pnKF
wCn0cPOmbo866l0XqzJlxQYPvwOicAptX8jTjSpYsx5SLripS4KwyfxbGy5If8mT
X4st+BN48+n9wHuDQJ97sBs=
-----END CERTIFICATE-----

18
test/certs/ca-root2.pem Normal file
View File

@@ -0,0 +1,18 @@
-----BEGIN CERTIFICATE-----
MIIC7DCCAdSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNQME4wHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFJzOZkIwqxwIJl9zGW3fD6euWFIeMAwGA1UdEwQFMAMBAf8wDQYJ
KoZIhvcNAQELBQADggEBAEqhb/i7hTJ9l/UdLm9fgm4QYmNb1OMWyCU84y5QI/Rj
uHueaHLy6zEWHTavz9m4VcQpu8hblxFG+4CWWr92QjSYwTsyi578k7Ju5jNzvZQ5
RnVAL+eeaTVa/7mazmqYzOHgyE4IpljX1MOd0QDpUjRGuNLoWfKXeXn7ul44r3ry
1hDMwmc3SS3XMzJ9Wl6k5SjKObbkMc8e0WjhhAwGjw3lODa5nj2xGf6W/Ikr/XTp
pnVjYsm+jxHoj+qmMgmXa1h11wdFCPUl15V1qq4R4rcS5zR8YxKUGZRo1R839geW
w4G8ytKRsapdFi165mOXZUumyHpJ8i43SEvYlcJux0I=
-----END CERTIFICATE-----

18
test/certs/ca-serverAuth.pem Normal file
View File

@@ -0,0 +1,18 @@
-----BEGIN TRUSTED CERTIFICATE-----
MIIC7DCCAdSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNQME4wHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ
KoZIhvcNAQELBQADggEBADnZ9uXGAdwfNC3xuERIlBwgLROeBRGgcfHWdXZB/tWk
IM9ox88wYKWynanPbra4n0zhepooKt+naeY2HLR8UgwT6sTi0Yfld9mjytA8/DP6
AcqtIDDf60vNI00sgxjgZqofVayA9KShzIPzjBec4zI1sg5YzoSNyH28VXFstEpi
8CVtmRYQHhc2gDI9MGge4sHRYwaIFkegzpwcEUnp6tTVe9ZvHawgsXF/rCGfH4M6
uNO0D+9Md1bdW7382yOtWbkyibsugqnfBYCUH6hAhDlfYzpba2Smb0roc6Crq7HR
5HpEYY6qEir9wFMkD5MZsWrNRGRuzd5am82J+aaHz/4wDKAKBggrBgEFBQcDAQ==
-----END TRUSTED CERTIFICATE-----

19
test/certs/cca+anyEKU.pem Normal file
View File

@@ -0,0 +1,19 @@
-----BEGIN TRUSTED CERTIFICATE-----
MIIDATCCAemgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDEyOTA0NDc0NloYDzIxMTYwMTMwMDQ0NzQ2WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNlMGMwHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wEwYD
VR0lBAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAB6mihrap7ByLl3w
P/0XsqMvOkxCxoWTeI0cEwbxSpUXfMTE24oIQJiqIyHO6qeSRgSywk/DTU0uJWOB
Idr6dPI6wPrS4jvFqcgoFH1OPjAJCpl5CuCJEH8gB3LJ4dNfj+O7shT0XeI+R1vw
gp+fJ8v6jX4y8Nk/Bcy748dC1HZhMWHxQblzjRu8Xmd6lDiMskoWE2JAwgRK7b3M
dCpuTCHMTsdCspwBUvQ4gNYNP5IURE+09DBtEBQicN/1RHyRZOw7YGs5ZOdc5mRe
O5E+WHE1xiJ0QwUu2co55PFlukidWXx7LE02foNaNm+rw4OUTrzsqmmgkp1qqAab
ap/RSXgwCDAGBgRVHSUA
-----END TRUSTED CERTIFICATE-----

19
test/certs/cca+clientAuth.pem Normal file
View File

@@ -0,0 +1,19 @@
-----BEGIN TRUSTED CERTIFICATE-----
MIIDATCCAemgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDEyOTA0NDc0NloYDzIxMTYwMTMwMDQ0NzQ2WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNlMGMwHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wEwYD
VR0lBAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAB6mihrap7ByLl3w
P/0XsqMvOkxCxoWTeI0cEwbxSpUXfMTE24oIQJiqIyHO6qeSRgSywk/DTU0uJWOB
Idr6dPI6wPrS4jvFqcgoFH1OPjAJCpl5CuCJEH8gB3LJ4dNfj+O7shT0XeI+R1vw
gp+fJ8v6jX4y8Nk/Bcy748dC1HZhMWHxQblzjRu8Xmd6lDiMskoWE2JAwgRK7b3M
dCpuTCHMTsdCspwBUvQ4gNYNP5IURE+09DBtEBQicN/1RHyRZOw7YGs5ZOdc5mRe
O5E+WHE1xiJ0QwUu2co55PFlukidWXx7LE02foNaNm+rw4OUTrzsqmmgkp1qqAab
ap/RSXgwDDAKBggrBgEFBQcDAg==
-----END TRUSTED CERTIFICATE-----

19
test/certs/cca+serverAuth.pem Normal file
View File

@@ -0,0 +1,19 @@
-----BEGIN TRUSTED CERTIFICATE-----
MIIDATCCAemgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDEyOTA0NDc0NloYDzIxMTYwMTMwMDQ0NzQ2WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNlMGMwHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wEwYD
VR0lBAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAB6mihrap7ByLl3w
P/0XsqMvOkxCxoWTeI0cEwbxSpUXfMTE24oIQJiqIyHO6qeSRgSywk/DTU0uJWOB
Idr6dPI6wPrS4jvFqcgoFH1OPjAJCpl5CuCJEH8gB3LJ4dNfj+O7shT0XeI+R1vw
gp+fJ8v6jX4y8Nk/Bcy748dC1HZhMWHxQblzjRu8Xmd6lDiMskoWE2JAwgRK7b3M
dCpuTCHMTsdCspwBUvQ4gNYNP5IURE+09DBtEBQicN/1RHyRZOw7YGs5ZOdc5mRe
O5E+WHE1xiJ0QwUu2co55PFlukidWXx7LE02foNaNm+rw4OUTrzsqmmgkp1qqAab
ap/RSXgwDDAKBggrBgEFBQcDAQ==
-----END TRUSTED CERTIFICATE-----

19
test/certs/cca-anyEKU.pem Normal file
View File

@@ -0,0 +1,19 @@
-----BEGIN TRUSTED CERTIFICATE-----
MIIDATCCAemgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDEyOTA0NDc0NloYDzIxMTYwMTMwMDQ0NzQ2WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNlMGMwHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wEwYD
VR0lBAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAB6mihrap7ByLl3w
P/0XsqMvOkxCxoWTeI0cEwbxSpUXfMTE24oIQJiqIyHO6qeSRgSywk/DTU0uJWOB
Idr6dPI6wPrS4jvFqcgoFH1OPjAJCpl5CuCJEH8gB3LJ4dNfj+O7shT0XeI+R1vw
gp+fJ8v6jX4y8Nk/Bcy748dC1HZhMWHxQblzjRu8Xmd6lDiMskoWE2JAwgRK7b3M
dCpuTCHMTsdCspwBUvQ4gNYNP5IURE+09DBtEBQicN/1RHyRZOw7YGs5ZOdc5mRe
O5E+WHE1xiJ0QwUu2co55PFlukidWXx7LE02foNaNm+rw4OUTrzsqmmgkp1qqAab
ap/RSXgwCKAGBgRVHSUA
-----END TRUSTED CERTIFICATE-----

19
test/certs/cca-cert.pem Normal file
View File

@@ -0,0 +1,19 @@
-----BEGIN CERTIFICATE-----
MIIDATCCAemgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDEyOTA0NDc0NloYDzIxMTYwMTMwMDQ0NzQ2WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNlMGMwHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wEwYD
VR0lBAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAB6mihrap7ByLl3w
P/0XsqMvOkxCxoWTeI0cEwbxSpUXfMTE24oIQJiqIyHO6qeSRgSywk/DTU0uJWOB
Idr6dPI6wPrS4jvFqcgoFH1OPjAJCpl5CuCJEH8gB3LJ4dNfj+O7shT0XeI+R1vw
gp+fJ8v6jX4y8Nk/Bcy748dC1HZhMWHxQblzjRu8Xmd6lDiMskoWE2JAwgRK7b3M
dCpuTCHMTsdCspwBUvQ4gNYNP5IURE+09DBtEBQicN/1RHyRZOw7YGs5ZOdc5mRe
O5E+WHE1xiJ0QwUu2co55PFlukidWXx7LE02foNaNm+rw4OUTrzsqmmgkp1qqAab
ap/RSXg=
-----END CERTIFICATE-----

19
test/certs/cca-clientAuth.pem Normal file
View File

@@ -0,0 +1,19 @@
-----BEGIN TRUSTED CERTIFICATE-----
MIIDATCCAemgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDEyOTA0NDc0NloYDzIxMTYwMTMwMDQ0NzQ2WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNlMGMwHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wEwYD
VR0lBAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAB6mihrap7ByLl3w
P/0XsqMvOkxCxoWTeI0cEwbxSpUXfMTE24oIQJiqIyHO6qeSRgSywk/DTU0uJWOB
Idr6dPI6wPrS4jvFqcgoFH1OPjAJCpl5CuCJEH8gB3LJ4dNfj+O7shT0XeI+R1vw
gp+fJ8v6jX4y8Nk/Bcy748dC1HZhMWHxQblzjRu8Xmd6lDiMskoWE2JAwgRK7b3M
dCpuTCHMTsdCspwBUvQ4gNYNP5IURE+09DBtEBQicN/1RHyRZOw7YGs5ZOdc5mRe
O5E+WHE1xiJ0QwUu2co55PFlukidWXx7LE02foNaNm+rw4OUTrzsqmmgkp1qqAab
ap/RSXgwDDAKBggrBgEFBQcDAg==
-----END TRUSTED CERTIFICATE-----

19
test/certs/cca-serverAuth.pem Normal file
View File

@@ -0,0 +1,19 @@
-----BEGIN TRUSTED CERTIFICATE-----
MIIDATCCAemgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDEyOTA0NDc0NloYDzIxMTYwMTMwMDQ0NzQ2WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNlMGMwHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wEwYD
VR0lBAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAB6mihrap7ByLl3w
P/0XsqMvOkxCxoWTeI0cEwbxSpUXfMTE24oIQJiqIyHO6qeSRgSywk/DTU0uJWOB
Idr6dPI6wPrS4jvFqcgoFH1OPjAJCpl5CuCJEH8gB3LJ4dNfj+O7shT0XeI+R1vw
gp+fJ8v6jX4y8Nk/Bcy748dC1HZhMWHxQblzjRu8Xmd6lDiMskoWE2JAwgRK7b3M
dCpuTCHMTsdCspwBUvQ4gNYNP5IURE+09DBtEBQicN/1RHyRZOw7YGs5ZOdc5mRe
O5E+WHE1xiJ0QwUu2co55PFlukidWXx7LE02foNaNm+rw4OUTrzsqmmgkp1qqAab
ap/RSXgwDKAKBggrBgEFBQcDAQ==
-----END TRUSTED CERTIFICATE-----

32
test/certs/client-ed25519-cert.pem Normal file
View File

@@ -0,0 +1,32 @@
-----BEGIN CERTIFICATE-----
MIICJjCCAQ6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDDAJDQTAg
Fw0xNzA2MTgxNjMzMjBaGA8yMTE3MDYxOTE2MzMyMFowGTEXMBUGA1UEAwwOQ2xp
ZW50LUVkMjU1MTkwKjAFBgMrZXADIQDWm1IkIasMcyVYSiKuFl6zZMRM4x7h/Qbf
fmpdgcM8/6N9MHswHQYDVR0OBBYEFDAIOfJie9HYZehOjFLE+amS8RH7MB8GA1Ud
IwQYMBaAFLQRM/HX4l73U54gIhBPhga/H8leMAkGA1UdEwQCMAAwEwYDVR0lBAww
CgYIKwYBBQUHAwIwGQYDVR0RBBIwEIIOQ2xpZW50LUVkMjU1MTkwDQYJKoZIhvcN
AQELBQADggEBAFvF2AWOELLBafWwmemtFALQcJbXndS8QyBAkBSPwIp6Q8Oledeh
gynamdc+66c5Ozdl4lNknXPGVGcNaW0RmlkqcqSMksuL11OGba0iIZkiUU2QPA07
BRunnV4/pgFsy0ewYKEdaSplyfoBoIJwuxPHL1ExlzAmhSYWYYOFMgD302Be4dXr
pm0c4hj1XcJmtsD5wBcBCRrvOj+uCdqIwtWgdwo6poqzsO1AofuAgsjE9WWyi/NQ
ule8nVKIVbwVFP8/dI240v0RF1VLyE+8lPf2nYuFAXbzL/8MRwJeeFVIYNiy+51B
10ZVx5WtbbMjbr7e+xSU5jIAPZQS0r/4M8U=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIC7DCCAdSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjANMQswCQYDVQQD
DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
CLNNsUcCAwEAAaNQME4wHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G
A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ
KoZIhvcNAQELBQADggEBADnZ9uXGAdwfNC3xuERIlBwgLROeBRGgcfHWdXZB/tWk
IM9ox88wYKWynanPbra4n0zhepooKt+naeY2HLR8UgwT6sTi0Yfld9mjytA8/DP6
AcqtIDDf60vNI00sgxjgZqofVayA9KShzIPzjBec4zI1sg5YzoSNyH28VXFstEpi
8CVtmRYQHhc2gDI9MGge4sHRYwaIFkegzpwcEUnp6tTVe9ZvHawgsXF/rCGfH4M6
uNO0D+9Md1bdW7382yOtWbkyibsugqnfBYCUH6hAhDlfYzpba2Smb0roc6Crq7HR
5HpEYY6qEir9wFMkD5MZsWrNRGRuzd5am82J+aaHz/4=
-----END CERTIFICATE-----

3
test/certs/client-ed25519-key.pem Normal file
View File

@@ -0,0 +1,3 @@
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VwBCIEINZzpIpIiXXsKx4M7mUr2cb+DMfgHyu2msRAgNa5CxJJ
-----END PRIVATE KEY-----

15
test/certs/client-ed448-cert.pem Normal file
View File

@@ -0,0 +1,15 @@
-----BEGIN CERTIFICATE-----
MIICQDCCASigAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE4MDIyNzE3MTAxN1oYDzIxMTgwMjI4MTcxMDE3WjAXMRUwEwYDVQQD
DAxDbGllbnQtRWQ0NDgwQzAFBgMrZXEDOgB4bFbdmw9IviAHXKt/2/hRDaiEr6JH
bsLr3IPNQq3XIYxYh4AIPx3YffYW3xukHDGWTQ50dptQiwCjezB5MB0GA1UdDgQW
BBTEno3ezhmTYZzGdD65nVRMp3f2hzAfBgNVHSMEGDAWgBSO9SWvHptrhD18gJrJ
U5xNcvejUjAJBgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMCMBcGA1UdEQQQ
MA6CDENsaWVudC1FZDQ0ODANBgkqhkiG9w0BAQsFAAOCAQEAP2/y30iko57i8lUY
ju9Vb4V0TCATKa+HNnzHG1jyWAgiWpPtHe269Cnb8AvdwWKVeppKkG6LeWHo3btP
LOd8xEFhnklM4rPkxMYMCQ0lcw2xagbw3CW12mLs15N3QCjxSnA/kuuftzor9fRl
gzazVh4Kf/jXtlRyBI6R4+bXSGgKhIipdBF5xWmTPvZBViWKxgysQuP1bNzw9AC4
QMGm4ApOVuY9iE8dPYKgJUVGWc3d9l23fkd422kEgz5euK66HovjYaBj0S0kZhEZ
tWUCRTcv4k40ke2jr8/Zm3Ugab09XWU2T98k/OvXu+Y0AlLMZp2ehC6wXObprEXv
dY5URg==
-----END CERTIFICATE-----

4
test/certs/client-ed448-key.pem Normal file
View File

@@ -0,0 +1,4 @@
-----BEGIN PRIVATE KEY-----
MEcCAQAwBQYDK2VxBDsEOWmRn7GCRupyB1q/qQZ+h1lEt+TGtZSNJ5U+Saa+X+hk
gWpeKJP9MTpw7kdMAeAhb6XlhCANH2zV9A==
-----END PRIVATE KEY-----

19
test/certs/croot+anyEKU.pem Normal file
View File

@@ -0,0 +1,19 @@
-----BEGIN TRUSTED CERTIFICATE-----
MIIDBjCCAe6gAwIBAgIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDEyOTA0NDc0NloYDzIxMTYwMTMwMDQ0NzQ2WjASMRAwDgYDVQQD
DAdSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eYA9Qa8
oEY4eQ8/HnEZE20C3yubdmv8rLAh7daRCEI7pWM17FJboKJKxdYAlAOXWj25ZyjS
feMhXKTtxjyNjoTRnVTDPdl0opZ2Z3H5xhpQd7P9eO5b4OOMiSPCmiLsPtQ3ngfN
wCtVERc6NEIcaQ06GLDtFZRexv2eh8Yc55QaksBfBcFzQ+UD3gmRySTO2I6Lfi7g
MUjRhipqVSZ66As2Tpex4KTJ2lxpSwOACFaDox+yKrjBTP7FsU3UwAGq7b7OJb3u
aa32B81uK6GJVPVo65gJ7clgZsszYkoDsGjWDqtfwTVVfv1G7rrr3Laio+2Ff3ff
tWgiQ35mJCOvxQIDAQABo2UwYzAdBgNVHQ4EFgQUjvUlrx6ba4Q9fICayVOcTXL3
o1IwHwYDVR0jBBgwFoAUjvUlrx6ba4Q9fICayVOcTXL3o1IwDAYDVR0TBAUwAwEB
/zATBgNVHSUEDDAKBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAi/mR+SIa
bs1egGRRSAzqu4KkrOG1vGVQNj0XfHn1WeAdmwEAjNi+llErpkMyY08Cjb/3fiQc
6H9CA36utf/Ym84OQOY64m4C1Kikxw8EHudoPNvSWQAFEpCk5gs6rCJEnj9QolL3
32IvZQ1m+GcrjGg976PccEaM7S362kTj+kcAswmS8iJmDAJ2b+ghHTFrFQS4GAw7
XOcqQbinx9ntGn135VsJLOXKveYvQSD7sHKCd4RFrFTSEwWmtBL96vRXmTV5wTAr
tpkKKKw5N9CiHnbhNyVrSRiLCzVDTpYQDaBJhb7XOsHi+/HOzmbK6LHe0Lt1nP+k
4PR8O0S5WC0PlzAIMAYGBFUdJQA=
-----END TRUSTED CERTIFICATE-----

19
test/certs/croot+clientAuth.pem Normal file
View File

@@ -0,0 +1,19 @@
-----BEGIN TRUSTED CERTIFICATE-----
MIIDBjCCAe6gAwIBAgIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDEyOTA0NDc0NloYDzIxMTYwMTMwMDQ0NzQ2WjASMRAwDgYDVQQD
DAdSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eYA9Qa8
oEY4eQ8/HnEZE20C3yubdmv8rLAh7daRCEI7pWM17FJboKJKxdYAlAOXWj25ZyjS
feMhXKTtxjyNjoTRnVTDPdl0opZ2Z3H5xhpQd7P9eO5b4OOMiSPCmiLsPtQ3ngfN
wCtVERc6NEIcaQ06GLDtFZRexv2eh8Yc55QaksBfBcFzQ+UD3gmRySTO2I6Lfi7g
MUjRhipqVSZ66As2Tpex4KTJ2lxpSwOACFaDox+yKrjBTP7FsU3UwAGq7b7OJb3u
aa32B81uK6GJVPVo65gJ7clgZsszYkoDsGjWDqtfwTVVfv1G7rrr3Laio+2Ff3ff
tWgiQ35mJCOvxQIDAQABo2UwYzAdBgNVHQ4EFgQUjvUlrx6ba4Q9fICayVOcTXL3
o1IwHwYDVR0jBBgwFoAUjvUlrx6ba4Q9fICayVOcTXL3o1IwDAYDVR0TBAUwAwEB
/zATBgNVHSUEDDAKBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAi/mR+SIa
bs1egGRRSAzqu4KkrOG1vGVQNj0XfHn1WeAdmwEAjNi+llErpkMyY08Cjb/3fiQc
6H9CA36utf/Ym84OQOY64m4C1Kikxw8EHudoPNvSWQAFEpCk5gs6rCJEnj9QolL3
32IvZQ1m+GcrjGg976PccEaM7S362kTj+kcAswmS8iJmDAJ2b+ghHTFrFQS4GAw7
XOcqQbinx9ntGn135VsJLOXKveYvQSD7sHKCd4RFrFTSEwWmtBL96vRXmTV5wTAr
tpkKKKw5N9CiHnbhNyVrSRiLCzVDTpYQDaBJhb7XOsHi+/HOzmbK6LHe0Lt1nP+k
4PR8O0S5WC0PlzAMMAoGCCsGAQUFBwMC
-----END TRUSTED CERTIFICATE-----

Some files were not shown because too many files have changed in this diff Show More