TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 160968586b0ae4657d2d5abd35c4a8d073f3f0cd^! / . / tests
commit160968586b0ae4657d2d5abd35c4a8d073f3f0cd[log] [tgz]
authorPrzemek Stekiel <przemyslaw.stekiel@mobica.com>Tue Jan 24 09:24:19 2023 +0100
committerPrzemek Stekiel <przemyslaw.stekiel@mobica.com>Tue Jan 24 10:57:19 2023 +0100
tree181fbe9f5a10cd6c7815646e313fffb8cf617eed
parent3f948c96e21c855927bdea999bd7de57e9806f92 [diff]
Add negative test cases and use DER format for CSRs

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index a87e0cc..fbf447c 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile

@@ -94,13 +94,51 @@
 	$(OPENSSL) x509 -req -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) -extfile $(test_ca_config_file) -extensions dns_alt_names -passin "pass:$(test_ca_pwd_rsa)" -set_serial 17 -days 3653 -sha256 -in $< > $@
 
 test_csr_v3_keyUsage.csr: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -out $@ -reqexts csr_ext_v3_keyUsage
+	$(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -outform DER -out $@ -reqexts csr_ext_v3_keyUsage
 test_csr_v3_subjectAltName.csr: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -out $@ -reqexts csr_ext_v3_subjectAltName
+	$(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -outform DER -out $@ -reqexts csr_ext_v3_subjectAltName
 test_csr_v3_nsCertType.csr: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -out $@ -reqexts csr_ext_v3_nsCertType
+	$(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -outform DER -out $@ -reqexts csr_ext_v3_nsCertType
 test_csr_v3_all.csr: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -out $@ -reqexts csr_ext_v3_all
+	$(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -outform DER -out $@ -reqexts csr_ext_v3_all
+test_csr_v3_all_malformed_extensions_sequence_tag.csr: test_csr_v3_all.csr
+	(hexdump -ve '1/1 "%.2X"' $< | sed "s/300B0603551D0F040403/200B0603551D0F040403/" | xxd -r -p ) > $@
+test_csr_v3_all_malformed_extension_id_tag.csr: test_csr_v3_all.csr
+	(hexdump -ve '1/1 "%.2X"' $< | sed "s/0603551D0F0404030201/0703551D0F0404030201/" | xxd -r -p ) > $@
+test_csr_v3_all_malformed_extension_data_tag.csr: test_csr_v3_all.csr
+	(hexdump -ve '1/1 "%.2X"' $< | sed "s/040403020102302F0603/050403020102302F0603/" | xxd -r -p ) > $@
+test_csr_v3_all_malformed_extension_data_len1.csr: test_csr_v3_all.csr
+	(hexdump -ve '1/1 "%.2X"' $< | sed "s/040403020102302F0603/040503020102302F0603/" | xxd -r -p ) > $@
+test_csr_v3_all_malformed_extension_data_len2.csr: test_csr_v3_all.csr
+	(hexdump -ve '1/1 "%.2X"' $< | sed "s/040403020102302F0603/040303020102302F0603/" | xxd -r -p ) > $@
+test_csr_v3_all_malformed_extension_key_usage_bitstream_tag.csr: test_csr_v3_all.csr
+	(hexdump -ve '1/1 "%.2X"' $< | sed "s/03020102302F0603551D/04020102302F0603551D/" | xxd -r -p ) > $@
+test_csr_v3_all_malformed_extension_subject_alt_name_sequence_tag.csr: test_csr_v3_all.csr
+	(hexdump -ve '1/1 "%.2X"' $< | sed "s/3026A02406082B060105/4026A02406082B060105/" | xxd -r -p ) > $@
+test_csr_v3_all_malformed_extension_ns_cert_bitstream_tag.csr: test_csr_v3_all.csr
+	(hexdump -ve '1/1 "%.2X"' $< | sed "s/04020780300D06092A86/03020780300D06092A86/" | xxd -r -p ) > $@
+test_csr_v3_all_malformed_duplicated_extension.csr: test_csr_v3_all.csr
+	(hexdump -ve '1/1 "%.2X"' $< | sed "s/551D11/551D0F/" | xxd -r -p ) > $@
+test_csr_v3_all_malformed_extension_type_oid.csr: test_csr_v3_all.csr
+	(hexdump -ve '1/1 "%.2X"' $< | sed "s/551D11/551DFF/" | xxd -r -p ) > $@
+test_csr_v3_all_malformed_attributes_sequence_tag.csr: test_csr_v3_all.csr
+	(hexdump -ve '1/1 "%.2X"' $< | sed "s/306006092A864886F70D/406006092A864886F70D/" | xxd -r -p ) > $@
+test_csr_v3_all_malformed_attributes_id_tag.csr: test_csr_v3_all.csr
+	(hexdump -ve '1/1 "%.2X"' $< | sed "s/06092A864886F70D0109/07092A864886F70D0109/" | xxd -r -p ) > $@
+test_csr_v3_all_malformed_attributes_extension_request.csr: test_csr_v3_all.csr
+	(hexdump -ve '1/1 "%.2X"' $< | sed "s/2A864886F70D01090E/2A864886F70D01090F/" | xxd -r -p ) > $@
+test_csr_v3_all_malformed_attributes_extension_request_set_tag.csr: test_csr_v3_all.csr
+	(hexdump -ve '1/1 "%.2X"' $< | sed "s/31533051300B0603551D/32533051300B0603551D/" | xxd -r -p ) > $@
+test_csr_v3_all_malformed_attributes_extension_request_sequence_tag.csr: test_csr_v3_all.csr
+	(hexdump -ve '1/1 "%.2X"' $< | sed "s/3051300B0603551D0F04/3151300B0603551D0F04/" | xxd -r -p ) > $@
+test_csr_v3_all_malformed_attributes_len1.csr: test_csr_v3_all.csr
+	(hexdump -ve '1/1 "%.2X"' $< | sed "s/306006092A864886F70D/306106092A864886F70D/" | xxd -r -p ) > $@
+test_csr_v3_all_malformed_attributes_len2.csr: test_csr_v3_all.csr
+	(hexdump -ve '1/1 "%.2X"' $< | sed "s/306006092A864886F70D/305906092A864886F70D/" | xxd -r -p ) > $@
+test_csr_v3_all_malformed_attributes_extension_request_sequence_len1.csr: test_csr_v3_all.csr
+	(hexdump -ve '1/1 "%.2X"' $< | sed "s/3051300B0603551D0F04/3052300B0603551D0F04/" | xxd -r -p ) > $@
+test_csr_v3_all_malformed_attributes_extension_request_sequence_len2.csr: test_csr_v3_all.csr
+	(hexdump -ve '1/1 "%.2X"' $< | sed "s/3051300B0603551D0F04/3050300B0603551D0F04/" | xxd -r -p ) > $@
 
 $(test_ca_key_file_rsa_alt):test-ca.opensslconf
 	$(OPENSSL) genrsa -out $@ 2048

diff --git a/tests/data_files/test_csr_v3_all.csr b/tests/data_files/test_csr_v3_all.csr
index fecca32..7e717f3 100644
--- a/tests/data_files/test_csr_v3_all.csr
+++ b/tests/data_files/test_csr_v3_all.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_all_malformed_attributes_extension_request.csr b/tests/data_files/test_csr_v3_all_malformed_attributes_extension_request.csr
new file mode 100644
index 0000000..96a11e8
--- /dev/null
+++ b/tests/data_files/test_csr_v3_all_malformed_attributes_extension_request.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_sequence_len1.csr b/tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_sequence_len1.csr
new file mode 100644
index 0000000..f61c7c8
--- /dev/null
+++ b/tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_sequence_len1.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_sequence_len2.csr b/tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_sequence_len2.csr
new file mode 100644
index 0000000..e6db2cc
--- /dev/null
+++ b/tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_sequence_len2.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_sequence_tag.csr b/tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_sequence_tag.csr
new file mode 100644
index 0000000..620fa7d
--- /dev/null
+++ b/tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_sequence_tag.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_set_tag.csr b/tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_set_tag.csr
new file mode 100644
index 0000000..1d358e5
--- /dev/null
+++ b/tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_set_tag.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_all_malformed_attributes_id_tag.csr b/tests/data_files/test_csr_v3_all_malformed_attributes_id_tag.csr
new file mode 100644
index 0000000..f8d0689
--- /dev/null
+++ b/tests/data_files/test_csr_v3_all_malformed_attributes_id_tag.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_all_malformed_attributes_len1.csr b/tests/data_files/test_csr_v3_all_malformed_attributes_len1.csr
new file mode 100644
index 0000000..01eabff
--- /dev/null
+++ b/tests/data_files/test_csr_v3_all_malformed_attributes_len1.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_all_malformed_attributes_len2.csr b/tests/data_files/test_csr_v3_all_malformed_attributes_len2.csr
new file mode 100644
index 0000000..875db76
--- /dev/null
+++ b/tests/data_files/test_csr_v3_all_malformed_attributes_len2.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_all_malformed_attributes_sequence_tag.csr b/tests/data_files/test_csr_v3_all_malformed_attributes_sequence_tag.csr
new file mode 100644
index 0000000..38273ca
--- /dev/null
+++ b/tests/data_files/test_csr_v3_all_malformed_attributes_sequence_tag.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_all_malformed_duplicated_extension.csr b/tests/data_files/test_csr_v3_all_malformed_duplicated_extension.csr
new file mode 100644
index 0000000..4e2a221
--- /dev/null
+++ b/tests/data_files/test_csr_v3_all_malformed_duplicated_extension.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_all_malformed_extension_data_len1.csr b/tests/data_files/test_csr_v3_all_malformed_extension_data_len1.csr
new file mode 100644
index 0000000..6116118
--- /dev/null
+++ b/tests/data_files/test_csr_v3_all_malformed_extension_data_len1.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_all_malformed_extension_data_len2.csr b/tests/data_files/test_csr_v3_all_malformed_extension_data_len2.csr
new file mode 100644
index 0000000..a49209a
--- /dev/null
+++ b/tests/data_files/test_csr_v3_all_malformed_extension_data_len2.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_all_malformed_extension_data_tag.csr b/tests/data_files/test_csr_v3_all_malformed_extension_data_tag.csr
new file mode 100644
index 0000000..ccae723
--- /dev/null
+++ b/tests/data_files/test_csr_v3_all_malformed_extension_data_tag.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_all_malformed_extension_id_tag.csr b/tests/data_files/test_csr_v3_all_malformed_extension_id_tag.csr
new file mode 100644
index 0000000..989e404
--- /dev/null
+++ b/tests/data_files/test_csr_v3_all_malformed_extension_id_tag.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_all_malformed_extension_key_usage_bitstream_tag.csr b/tests/data_files/test_csr_v3_all_malformed_extension_key_usage_bitstream_tag.csr
new file mode 100644
index 0000000..a6fd2d7
--- /dev/null
+++ b/tests/data_files/test_csr_v3_all_malformed_extension_key_usage_bitstream_tag.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_all_malformed_extension_ns_cert_bitstream_tag.csr b/tests/data_files/test_csr_v3_all_malformed_extension_ns_cert_bitstream_tag.csr
new file mode 100644
index 0000000..7e717f3
--- /dev/null
+++ b/tests/data_files/test_csr_v3_all_malformed_extension_ns_cert_bitstream_tag.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_all_malformed_extension_subject_alt_name_sequence_tag.csr b/tests/data_files/test_csr_v3_all_malformed_extension_subject_alt_name_sequence_tag.csr
new file mode 100644
index 0000000..f1090f9
--- /dev/null
+++ b/tests/data_files/test_csr_v3_all_malformed_extension_subject_alt_name_sequence_tag.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_all_malformed_extension_type_oid.csr b/tests/data_files/test_csr_v3_all_malformed_extension_type_oid.csr
new file mode 100644
index 0000000..36bc61e
--- /dev/null
+++ b/tests/data_files/test_csr_v3_all_malformed_extension_type_oid.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_all_malformed_extensions_sequence_tag.csr b/tests/data_files/test_csr_v3_all_malformed_extensions_sequence_tag.csr
new file mode 100644
index 0000000..fecb15e
--- /dev/null
+++ b/tests/data_files/test_csr_v3_all_malformed_extensions_sequence_tag.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_keyUsage.csr b/tests/data_files/test_csr_v3_keyUsage.csr
index c22b392..f8be020 100644
--- a/tests/data_files/test_csr_v3_keyUsage.csr
+++ b/tests/data_files/test_csr_v3_keyUsage.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_nsCertType.csr b/tests/data_files/test_csr_v3_nsCertType.csr
index 0398743..cf9588d 100644
--- a/tests/data_files/test_csr_v3_nsCertType.csr
+++ b/tests/data_files/test_csr_v3_nsCertType.csr
Binary files differ

diff --git a/tests/data_files/test_csr_v3_subjectAltName.csr b/tests/data_files/test_csr_v3_subjectAltName.csr
index 65808c5..2ccb3bb 100644
--- a/tests/data_files/test_csr_v3_subjectAltName.csr
+++ b/tests/data_files/test_csr_v3_subjectAltName.csr
Binary files differ

diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index 87eaa3a..31c6e67 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data

@@ -2680,6 +2680,65 @@
 X509 CSR ASN.1 (invalid version overflow)
 mbedtls_x509_csr_parse:"3008300602047fffffff":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION
 
+# Used test_csr_v3_all.csr as a base for malforming CSR extenstions/attributes
+# Please see makefile for data_files to check malformation details (test_csr_v3_all_malformed_xxx.csr files)
+X509 CSR ASN.1 (attributes: invalid sequence tag)
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062406006092A864886F70D01090E31533051300B0603551D0F040403020102302F0603551D1104283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
+X509 CSR ASN.1 (attributes: invalid attribute id)
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062306007092A864886F70D01090E31533051300B0603551D0F040403020102302F0603551D1104283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
+X509 CSR ASN.1 (attributes: not extension request)
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062306006092A864886F70D01090F31533051300B0603551D0F040403020102302F0603551D1104283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"CSR version   \: 1\nsubject name  \: CN=etcd\nsigned using  \: RSA with SHA-256\nRSA key size  \: 1024 bits\n":0
+
+X509 CSR ASN.1 (attributes: invalid extenstion request set tag)
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062306006092A864886F70D01090E32533051300B0603551D0F040403020102302F0603551D1104283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
+X509 CSR ASN.1 (attributes: invalid extenstion request sequence tag)
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062306006092A864886F70D01090E31533151300B0603551D0F040403020102302F0603551D1104283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
+X509 CSR ASN.1 (attributes: invalid len (len > data))
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062306106092A864886F70D01090E31533051300B0603551D0F040403020102302F0603551D1104283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CSR ASN.1 (attributes: invalid len (len < data))
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062305906092A864886F70D01090E31533051300B0603551D0F040403020102302F0603551D1104283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
+
+X509 CSR ASN.1 (attributes: extension request invalid len (len > data))
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062306006092A864886F70D01090E31533052300B0603551D0F040403020102302F0603551D1104283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CSR ASN.1 (attributes: extension request invalid len (len < data))
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062306006092A864886F70D01090E31533050300B0603551D0F040403020102302F0603551D1104283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CSR ASN.1 (extensions: invalid sequence tag)
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062306006092A864886F70D01090E31533051200B0603551D0F040403020102302F0603551D1104283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
+X509 CSR ASN.1 (extensions: invalid extension id tag)
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062306006092A864886F70D01090E31533051300B0703551D0F040403020102302F0603551D1104283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
+X509 CSR ASN.1 (extensions: invalid extension data tag)
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062306006092A864886F70D01090E31533051300B0603551D0F050403020102302F0603551D1104283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
+X509 CSR ASN.1 (extensions: invalid extension data len (len > data))
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062306006092A864886F70D01090E31533051300B0603551D0F040503020102302F0603551D1104283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CSR ASN.1 (extensions: invalid extension data len (len < data))
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062306006092A864886F70D01090E31533051300B0603551D0F040303020102302F0603551D1104283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
+
+X509 CSR ASN.1 (extensions: invalid extension key usage bitstream tag)
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062306006092A864886F70D01090E31533051300B0603551D0F040404020102302F0603551D1104283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
+X509 CSR ASN.1 (extensions: invalid extension subject alt name sequence tag)
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062306006092A864886F70D01090E31533051300B0603551D0F040403020102302F0603551D1104284026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
+X509 CSR ASN.1 (extensions: invalid extension ns cert bitstream tag)
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062306006092A864886F70D01090E31533051300B0603551D0F040403020102302F0603551D1104283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040404020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
+X509 CSR ASN.1 (extensions: duplicated extension)
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062306006092A864886F70D01090E31533051300B0603551D0F040403020102302F0603551D0F04283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_INVALID_DATA
+
+X509 CSR ASN.1 (extensions: invalid extension type data)
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062306006092A864886F70D01090E31533051300B0603551D0F040403020102302F0603551DFF04283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_OID_NOT_FOUND
+
 X509 File parse (no issues)
 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C
 x509parse_crt_file:"data_files/server7_int-ca.crt":0