- Parsing of PEM files moved to separate module (Fixes ticket #13). Also possible to remove PEM support for systems only using DER encoding
- Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5)
- Added tests for encrypted keyfiles
diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index a156992..4441d24 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -1,176 +1,237 @@
X509 Certificate information #1
+depends_on:POLARSSL_PEM_C
x509_cert_info:"data_files/server1.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2009-02-09 21\:12\:35\nexpires on \: 2011-02-09 21\:12\:35\nsigned using \: RSA+SHA1\nRSA key size \: 2048 bits\n"
X509 Certificate information #2
+depends_on:POLARSSL_PEM_C
x509_cert_info:"data_files/server2.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2009-02-10 22\:15\:12\nexpires on \: 2011-02-10 22\:15\:12\nsigned using \: RSA+SHA1\nRSA key size \: 2048 bits\n"
X509 Certificate information #3
+depends_on:POLARSSL_PEM_C
x509_cert_info:"data_files/test-ca.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2009-02-09 21\:12\:25\nexpires on \: 2019-02-10 21\:12\:25\nsigned using \: RSA+SHA1\nRSA key size \: 2048 bits\n"
X509 Certificate information MD2 Digest
+depends_on:POLARSSL_PEM_C
x509_cert_info:"data_files/cert_md2.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD2\nissued on \: 2009-07-12 10\:56\:59\nexpires on \: 2011-07-12 10\:56\:59\nsigned using \: RSA+MD2\nRSA key size \: 2048 bits\n"
X509 Certificate information MD4 Digest
+depends_on:POLARSSL_PEM_C
x509_cert_info:"data_files/cert_md4.crt":"cert. version \: 3\nserial number \: 0A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD4\nissued on \: 2009-07-12 10\:56\:59\nexpires on \: 2011-07-12 10\:56\:59\nsigned using \: RSA+MD4\nRSA key size \: 2048 bits\n"
X509 Certificate information MD5 Digest
+depends_on:POLARSSL_PEM_C
x509_cert_info:"data_files/cert_md5.crt":"cert. version \: 3\nserial number \: 0B\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD5\nissued on \: 2009-07-12 10\:56\:59\nexpires on \: 2011-07-12 10\:56\:59\nsigned using \: RSA+MD5\nRSA key size \: 2048 bits\n"
X509 Certificate information SHA1 Digest
+depends_on:POLARSSL_PEM_C
x509_cert_info:"data_files/cert_sha1.crt":"cert. version \: 3\nserial number \: 0C\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1\nissued on \: 2009-07-12 10\:56\:59\nexpires on \: 2011-07-12 10\:56\:59\nsigned using \: RSA+SHA1\nRSA key size \: 2048 bits\n"
X509 Certificate information SHA224 Digest
+depends_on:POLARSSL_PEM_C
x509_cert_info:"data_files/cert_sha224.crt":"cert. version \: 3\nserial number \: 0D\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224\nissued on \: 2009-07-12 10\:56\:59\nexpires on \: 2011-07-12 10\:56\:59\nsigned using \: RSA+SHA224\nRSA key size \: 2048 bits\n"
X509 Certificate information SHA256 Digest
+depends_on:POLARSSL_PEM_C
x509_cert_info:"data_files/cert_sha256.crt":"cert. version \: 3\nserial number \: 0E\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256\nissued on \: 2009-07-12 10\:56\:59\nexpires on \: 2011-07-12 10\:56\:59\nsigned using \: RSA+SHA256\nRSA key size \: 2048 bits\n"
X509 Certificate information SHA384 Digest
+depends_on:POLARSSL_PEM_C
x509_cert_info:"data_files/cert_sha384.crt":"cert. version \: 3\nserial number \: 0F\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384\nissued on \: 2009-07-12 10\:56\:59\nexpires on \: 2011-07-12 10\:56\:59\nsigned using \: RSA+SHA384\nRSA key size \: 2048 bits\n"
X509 Certificate information SHA512 Digest
+depends_on:POLARSSL_PEM_C
x509_cert_info:"data_files/cert_sha512.crt":"cert. version \: 3\nserial number \: 10\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512\nissued on \: 2009-07-12 10\:57\:00\nexpires on \: 2011-07-12 10\:57\:00\nsigned using \: RSA+SHA512\nRSA key size \: 2048 bits\n"
X509 CRL information #1
+depends_on:POLARSSL_PEM_C
x509_crl_info:"data_files/crl_expired.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-02-09 21\:12\:36\nnext update \: 2009-04-10 21\:12\:36\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA+SHA1\n"
X509 CRL Information MD2 Digest
+depends_on:POLARSSL_PEM_C
x509_crl_info:"data_files/crl_md2.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA+MD2\n"
X509 CRL Information MD4 Digest
+depends_on:POLARSSL_PEM_C
x509_crl_info:"data_files/crl_md4.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA+MD4\n"
X509 CRL Information MD5 Digest
+depends_on:POLARSSL_PEM_C
x509_crl_info:"data_files/crl_md5.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA+MD5\n"
X509 CRL Information SHA1 Digest
+depends_on:POLARSSL_PEM_C
x509_crl_info:"data_files/crl_sha1.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA+SHA1\n"
X509 CRL Information SHA224 Digest
+depends_on:POLARSSL_PEM_C
x509_crl_info:"data_files/crl_sha224.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA+SHA224\n"
X509 CRL Information SHA256 Digest
+depends_on:POLARSSL_PEM_C
x509_crl_info:"data_files/crl_sha256.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA+SHA256\n"
X509 CRL Information SHA384 Digest
+depends_on:POLARSSL_PEM_C
x509_crl_info:"data_files/crl_sha384.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA+SHA384\n"
X509 CRL Information SHA512 Digest
+depends_on:POLARSSL_PEM_C
x509_crl_info:"data_files/crl_sha512.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA+SHA512\n"
X509 Parse Key #1 (No password when required)
-depends_on:POLARSSL_MD5_C
-x509parse_keyfile:"data_files/test-ca.key":NULL:POLARSSL_ERR_X509_KEY_PASSWORD_REQUIRED
+depends_on:POLARSSL_MD5_C:POLARSSL_PEM_C
+x509parse_keyfile:"data_files/test-ca.key":NULL:POLARSSL_ERR_PEM_PASSWORD_REQUIRED
X509 Parse Key #2 (Correct password)
-depends_on:POLARSSL_MD5_C
+depends_on:POLARSSL_MD5_C:POLARSSL_PEM_C
x509parse_keyfile:"data_files/test-ca.key":"PolarSSLTest":0
X509 Parse Key #3 (Wrong password)
-depends_on:POLARSSL_MD5_C
-x509parse_keyfile:"data_files/test-ca.key":"PolarSSLWRONG":POLARSSL_ERR_X509_KEY_PASSWORD_MISMATCH
+depends_on:POLARSSL_MD5_C:POLARSSL_PEM_C
+x509parse_keyfile:"data_files/test-ca.key":"PolarSSLWRONG":POLARSSL_ERR_PEM_PASSWORD_MISMATCH
+
+X509 Parse Key #4 (DES Encrypted)
+depends_on:POLARSSL_MD5_C:POLARSSL_DES_C:POLARSSL_PEM_C
+x509parse_keyfile:"data_files/keyfile.des":"testkey":0
+
+X509 Parse Key #5 (3DES Encrypted)
+depends_on:POLARSSL_MD5_C:POLARSSL_DES_C:POLARSSL_PEM_C
+x509parse_keyfile:"data_files/keyfile.3des":"testkey":0
+
+X509 Parse Key #6 (AES-128 Encrypted)
+depends_on:POLARSSL_MD5_C:POLARSSL_AES_C:POLARSSL_PEM_C
+x509parse_keyfile:"data_files/keyfile.aes128":"testkey":0
+
+X509 Parse Key #7 (AES-192 Encrypted)
+depends_on:POLARSSL_MD5_C:POLARSSL_AES_C:POLARSSL_PEM_C
+x509parse_keyfile:"data_files/keyfile.aes192":"testkey":0
+
+X509 Parse Key #8 (AES-256 Encrypted)
+depends_on:POLARSSL_MD5_C:POLARSSL_AES_C:POLARSSL_PEM_C
+x509parse_keyfile:"data_files/keyfile.aes256":"testkey":0
X509 Get Distinguished Name #1
+depends_on:POLARSSL_PEM_C
x509_dn_gets:"data_files/server1.crt":subject:"C=NL, O=PolarSSL, CN=PolarSSL Server 1"
X509 Get Distinguished Name #2
+depends_on:POLARSSL_PEM_C
x509_dn_gets:"data_files/server1.crt":issuer:"C=NL, O=PolarSSL, CN=PolarSSL Test CA"
X509 Get Distinguished Name #3
+depends_on:POLARSSL_PEM_C
x509_dn_gets:"data_files/server2.crt":subject:"C=NL, O=PolarSSL, CN=localhost"
X509 Get Distinguished Name #4
+depends_on:POLARSSL_PEM_C
x509_dn_gets:"data_files/server2.crt":issuer:"C=NL, O=PolarSSL, CN=PolarSSL Test CA"
X509 Time Expired #1
+depends_on:POLARSSL_PEM_C
x509_time_expired:"data_files/server1.crt":valid_from:1
X509 Time Expired #2
+depends_on:POLARSSL_PEM_C
x509_time_expired:"data_files/server1.crt":valid_to:0
X509 Time Expired #3
+depends_on:POLARSSL_PEM_C
x509_time_expired:"data_files/server2.crt":valid_from:1
X509 Time Expired #4
+depends_on:POLARSSL_PEM_C
x509_time_expired:"data_files/server2.crt":valid_to:0
X509 Time Expired #5
+depends_on:POLARSSL_PEM_C
x509_time_expired:"data_files/test-ca.crt":valid_from:1
X509 Time Expired #6
+depends_on:POLARSSL_PEM_C
x509_time_expired:"data_files/test-ca.crt":valid_to:0
X509 Certificate verification #1 (Revoked Cert, Expired CRL)
+depends_on:POLARSSL_PEM_C
x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":NULL:POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_REVOKED | BADCRL_EXPIRED:NULL
X509 Certificate verification #2 (Revoked Cert, Expired CRL)
+depends_on:POLARSSL_PEM_C
x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":"PolarSSL Server 1":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_REVOKED | BADCRL_EXPIRED:NULL
X509 Certificate verification #3 (Revoked Cert, Expired CRL, CN Mismatch)
+depends_on:POLARSSL_PEM_C
x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":"PolarSSL Wrong CN":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_REVOKED | BADCRL_EXPIRED | BADCERT_CN_MISMATCH:NULL
X509 Certificate verification #4 (Valid Cert, Expired CRL)
+depends_on:POLARSSL_PEM_C
x509_verify:"data_files/server2.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":NULL:POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCRL_EXPIRED:NULL
X509 Certificate verification #5 (Revoked Cert)
+depends_on:POLARSSL_PEM_C
x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl.pem":NULL:POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_REVOKED:NULL
X509 Certificate verification #6 (Revoked Cert)
+depends_on:POLARSSL_PEM_C
x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"PolarSSL Server 1":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_REVOKED:NULL
X509 Certificate verification #7 (Revoked Cert, CN Mismatch)
+depends_on:POLARSSL_PEM_C
x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"PolarSSL Wrong CN":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_REVOKED | BADCERT_CN_MISMATCH:NULL
X509 Certificate verification #8 (Valid Cert)
+depends_on:POLARSSL_PEM_C
x509_verify:"data_files/server2.crt":"data_files/test-ca.crt":"data_files/crl.pem":NULL:0:0:NULL
X509 Certificate verification #9 (Not trusted Cert)
+depends_on:POLARSSL_PEM_C
x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl.pem":NULL:POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_NOT_TRUSTED:NULL
X509 Certificate verification #10 (Not trusted Cert, Expired CRL)
+depends_on:POLARSSL_PEM_C
x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl_expired.pem":NULL:POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_NOT_TRUSTED:NULL
X509 Certificate verification #11 (Valid Cert MD2 Digest)
-depends_on:POLARSSL_MD2_C
+depends_on:POLARSSL_MD2_C:POLARSSL_PEM_C
x509_verify:"data_files/cert_md2.crt":"data_files/test-ca.crt":"data_files/crl.pem":NULL:0:0:NULL
X509 Certificate verification #12 (Valid Cert MD4 Digest)
-depends_on:POLARSSL_MD4_C
+depends_on:POLARSSL_MD4_C:POLARSSL_PEM_C
x509_verify:"data_files/cert_md4.crt":"data_files/test-ca.crt":"data_files/crl.pem":NULL:0:0:NULL
X509 Certificate verification #13 (Valid Cert MD5 Digest)
-depends_on:POLARSSL_MD5_C
+depends_on:POLARSSL_MD5_C:POLARSSL_PEM_C
x509_verify:"data_files/cert_md5.crt":"data_files/test-ca.crt":"data_files/crl.pem":NULL:0:0:NULL
X509 Certificate verification #14 (Valid Cert SHA1 Digest)
-depends_on:POLARSSL_SHA1_C
+depends_on:POLARSSL_SHA1_C:POLARSSL_PEM_C
x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":NULL:0:0:NULL
X509 Certificate verification #15 (Valid Cert SHA224 Digest)
-depends_on:POLARSSL_SHA2_C
+depends_on:POLARSSL_SHA2_C:POLARSSL_PEM_C
x509_verify:"data_files/cert_sha224.crt":"data_files/test-ca.crt":"data_files/crl.pem":NULL:0:0:NULL
X509 Certificate verification #16 (Valid Cert SHA256 Digest)
-depends_on:POLARSSL_SHA2_C
+depends_on:POLARSSL_SHA2_C:POLARSSL_PEM_C
x509_verify:"data_files/cert_sha256.crt":"data_files/test-ca.crt":"data_files/crl.pem":NULL:0:0:NULL
X509 Certificate verification #17 (Valid Cert SHA384 Digest)
-depends_on:POLARSSL_SHA4_C
+depends_on:POLARSSL_SHA4_C:POLARSSL_PEM_C
x509_verify:"data_files/cert_sha384.crt":"data_files/test-ca.crt":"data_files/crl.pem":NULL:0:0:NULL
X509 Certificate verification #18 (Valid Cert SHA512 Digest)
-depends_on:POLARSSL_SHA4_C
+depends_on:POLARSSL_SHA4_C:POLARSSL_PEM_C
x509_verify:"data_files/cert_sha512.crt":"data_files/test-ca.crt":"data_files/crl.pem":NULL:0:0:NULL
X509 Certificate verification #19 (Valid Cert, denying callback)
-depends_on:POLARSSL_SHA4_C
+depends_on:POLARSSL_SHA4_C:POLARSSL_PEM_C
x509_verify:"data_files/cert_sha512.crt":"data_files/test-ca.crt":"data_files/crl.pem":NULL:POLARSSL_ERR_X509_CERT_VERIFY_FAILED:0:&verify_none
X509 Certificate verification #20 (Not trusted Cert, allowing callback)
+depends_on:POLARSSL_PEM_C
x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl_expired.pem":NULL:0:0:&verify_all
X509 Parse Selftest
-depends_on:POLARSSL_MD5_C
+depends_on:POLARSSL_MD5_C:POLARSSL_PEM_C
x509_selftest:
X509 Certificate ASN1 (Incorrect first tag)