Merge remote-tracking branch 'origin/pr/2488' into development

* origin/pr/2488:
  Change X.509 test cases to not rely on asn1parse limitations
This commit is contained in:
Jaeden Amero 2019-10-02 18:01:57 +01:00
commit 74692aeb8c

View file

@ -1058,7 +1058,8 @@ x509parse_crt:"30193004a0020285300d06092a864886f70d01010b0500030200ff":"":MBEDTL
X509 CRT ASN1 (TBS, valid inner version tag, inner length too large for int)
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
x509parse_crt:"30293014a012021000000000000000000000000000000000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_INVALID_LENGTH
# tbsCertificate.version = 0x01000000000000000000000000000000 rejected by mbedtls_asn1_get_int
x509parse_crt:"30293014a012021001000000000000000000000000000000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_INVALID_LENGTH
X509 CRT ASN1 (TBS, valid inner version tag, inner vs. outer length mismatch)
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
@ -1821,13 +1822,36 @@ X509 CRT ASN1 (inv Signature, length out of bounds)
depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
x509parse_crt:"3081bb3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b05000301":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_OUT_OF_DATA
X509 CRT ASN1 (inv Signature, empty)
X509 CRT ASN1 (inv Signature, inv data #1)
depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
# signature = bit string with invalid encoding (missing number of unused bits)
x509parse_crt:"3081bb3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b05000300":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_INVALID_DATA
X509 CRT ASN1 (inv Signature, inv data)
X509 CRT ASN1 (inv Signature, inv data #2)
depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
x509parse_crt:"3081bc3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030100":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_INVALID_DATA
# signature = bit string with invalid encoding (number of unused bits too large)
x509parse_crt:"3081bc3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030108":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_INVALID_DATA
## This edge case currently fails to parse due to an ASN.1 bug.
## It doesn't matter as far as X.509 is concerned since the signature would
## not be valid anyway.
## https://github.com/ARMmbed/mbed-crypto/pull/75 will fix this bug and make
## this test case pass.
# X509 CRT ASN1 (empty Signature)
# depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
# # signature = empty bit string in DER encoding
# x509parse_crt:"3081bc3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030100":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\nsubject alt name \:\n dNSName \: foo.test\n dNSName \: bar.test\n":0
X509 CRT ASN1 (dummy 24-bit Signature)
depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
# signature = bit string "011001100110111101101111"
x509parse_crt:"3081bf3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030400666f6f":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\nsubject alt name \:\n dNSName \: foo.test\n dNSName \: bar.test\n":0
# The ASN.1 module rejects non-octet-aligned bit strings.
X509 CRT ASN1 (inv Signature: not octet-aligned)
depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
# signature = bit string "01100110011011110110111"
x509parse_crt:"3081bf3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030401666f6e":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_INVALID_DATA
X509 CRT ASN1 (inv Signature, length mismatch)
depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C