[glib-networking] tests: updated server certificate and added UT for X509v3 SAN IP
- From: Dan Winship <danw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib-networking] tests: updated server certificate and added UT for X509v3 SAN IP
- Date: Mon, 21 Jul 2014 16:29:32 +0000 (UTC)
commit 94c0f9b8e4d4d87a2e72ee34005a277b8e547a63
Author: Aleix Conchillo FlaquƩ <aconchillo gmail com>
Date: Fri Jul 18 17:52:02 2014 +0200
tests: updated server certificate and added UT for X509v3 SAN IP
Updated server certificate by adding a X509v3 Subject Alternative Name
using an IP address.
A test case to verify that the IP is a valid identity for that
certificate has been added.
https://bugzilla.gnome.org/show_bug.cgi?id=726596
tls/tests/certificate.c | 6 ++++++
tls/tests/files/non-ca.pem | 18 +++++++++---------
tls/tests/files/server-and-key.pem | 32 ++++++++++++++++----------------
tls/tests/files/server-key.der | Bin 320 -> 318 bytes
tls/tests/files/server-key.pem | 14 +++++++-------
tls/tests/files/server.der | Bin 554 -> 571 bytes
tls/tests/files/server.pem | 18 +++++++++---------
tls/tests/files/ssl/server.conf | 4 ++++
8 files changed, 51 insertions(+), 41 deletions(-)
---
diff --git a/tls/tests/certificate.c b/tls/tests/certificate.c
index bc18a08..56be9e1 100644
--- a/tls/tests/certificate.c
+++ b/tls/tests/certificate.c
@@ -307,6 +307,7 @@ static void
test_verify_certificate_good (TestVerify *test,
gconstpointer data)
{
+ GSocketConnectable *identity;
GTlsCertificateFlags errors;
errors = g_tls_certificate_verify (test->cert, test->identity, test->anchor);
@@ -314,6 +315,11 @@ test_verify_certificate_good (TestVerify *test,
errors = g_tls_certificate_verify (test->cert, NULL, test->anchor);
g_assert_cmpuint (errors, ==, 0);
+
+ identity = g_network_address_new ("192.168.1.10", 80);
+ errors = g_tls_certificate_verify (test->cert, identity, test->anchor);
+ g_assert_cmpuint (errors, ==, 0);
+ g_object_unref (identity);
}
static void
diff --git a/tls/tests/files/non-ca.pem b/tls/tests/files/non-ca.pem
index 975ffba..2e990c2 100644
--- a/tls/tests/files/non-ca.pem
+++ b/tls/tests/files/non-ca.pem
@@ -60,18 +60,18 @@ H39pXiBnpiVmSaRUHMsszw==
server.pem:
-----BEGIN CERTIFICATE-----
-MIICJjCCAY+gAwIBAgIBATANBgkqhkiG9w0BAQsFADCBhjETMBEGCgmSJomT8ixk
+MIICNzCCAaCgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBhjETMBEGCgmSJomT8ixk
ARkWA0NPTTEXMBUGCgmSJomT8ixkARkWB0VYQU1QTEUxHjAcBgNVBAsMFUNlcnRp
ZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOY2EuZXhhbXBsZS5jb20xHTAbBgkq
-hkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tMB4XDTE0MDcxODE1MTU1MFoXDTM5MDcx
-MjE1MTU1MFowSzETMBEGCgmSJomT8ixkARkWA0NPTTEXMBUGCgmSJomT8ixkARkW
+hkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tMB4XDTE0MDcxODE1NDg0M1oXDTM5MDcx
+MjE1NDg0M1owSzETMBEGCgmSJomT8ixkARkWA0NPTTEXMBUGCgmSJomT8ixkARkW
B0VYQU1QTEUxGzAZBgNVBAMMEnNlcnZlci5leGFtcGxlLmNvbTBcMA0GCSqGSIb3
-DQEBAQUAA0sAMEgCQQDAUI4hEDPatu3gIu+7GWekO2Rn5Dez761UKqO+BEzBPq+k
-0c4vM3zSxHSN+qs4GXo4c5NjE4B2bd4vBQbjdMxBAgMBAAGjIjAgMAkGA1UdEwQC
-MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADgYEAaoEumI8o
-7LvXVznbhf5kBfFRVzxfSNdT6x6FXsPuODFNmoZpCkAROvzE2wDJwaDnFs2M+Nv8
-EKSxfjGdhuDYkgxIAneKXBSokE4RSW6jiS7tY3q+ksi2RlhpObqLbH8D0TstnTIB
-8sY/g7RSIZajYAYNzlJjWWntiXZp/ASRpBc=
+DQEBAQUAA0sAMEgCQQDYr/S4UqathXoTeBKb94cGUHph+2Qtlap+eONpInhAsfka
+NovCeCUmjHS/pOBOsKAdyckLhb/BAabX4qgFwIcfAgMBAAGjMzAxMAkGA1UdEwQC
+MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0RBAgwBocEwKgBCjANBgkqhkiG
+9w0BAQsFAAOBgQA2DvQ4t6ScSANCWNpCwLlG/Mzmv/Nu/95pivh/MSJha1Cr2zLy
+6yyzi1atmSXhRcEn63dUoYuPdrd5P679fQVyepQ1EEksa9TaEaf8GcfUQFnBxrqq
+h/Uky1rKIhFkboLF+3yASZ/V70MYl+Rr8RNa2VKilKNh5rFw6tqg/sBiNw==
-----END CERTIFICATE-----
server-self.pem:
diff --git a/tls/tests/files/server-and-key.pem b/tls/tests/files/server-and-key.pem
index 6a5984c..b6ea2af 100644
--- a/tls/tests/files/server-and-key.pem
+++ b/tls/tests/files/server-and-key.pem
@@ -1,23 +1,23 @@
-----BEGIN CERTIFICATE-----
-MIICJjCCAY+gAwIBAgIBATANBgkqhkiG9w0BAQsFADCBhjETMBEGCgmSJomT8ixk
+MIICNzCCAaCgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBhjETMBEGCgmSJomT8ixk
ARkWA0NPTTEXMBUGCgmSJomT8ixkARkWB0VYQU1QTEUxHjAcBgNVBAsMFUNlcnRp
ZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOY2EuZXhhbXBsZS5jb20xHTAbBgkq
-hkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tMB4XDTE0MDcxODE1MTU1MFoXDTM5MDcx
-MjE1MTU1MFowSzETMBEGCgmSJomT8ixkARkWA0NPTTEXMBUGCgmSJomT8ixkARkW
+hkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tMB4XDTE0MDcxODE1NDg0M1oXDTM5MDcx
+MjE1NDg0M1owSzETMBEGCgmSJomT8ixkARkWA0NPTTEXMBUGCgmSJomT8ixkARkW
B0VYQU1QTEUxGzAZBgNVBAMMEnNlcnZlci5leGFtcGxlLmNvbTBcMA0GCSqGSIb3
-DQEBAQUAA0sAMEgCQQDAUI4hEDPatu3gIu+7GWekO2Rn5Dez761UKqO+BEzBPq+k
-0c4vM3zSxHSN+qs4GXo4c5NjE4B2bd4vBQbjdMxBAgMBAAGjIjAgMAkGA1UdEwQC
-MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADgYEAaoEumI8o
-7LvXVznbhf5kBfFRVzxfSNdT6x6FXsPuODFNmoZpCkAROvzE2wDJwaDnFs2M+Nv8
-EKSxfjGdhuDYkgxIAneKXBSokE4RSW6jiS7tY3q+ksi2RlhpObqLbH8D0TstnTIB
-8sY/g7RSIZajYAYNzlJjWWntiXZp/ASRpBc=
+DQEBAQUAA0sAMEgCQQDYr/S4UqathXoTeBKb94cGUHph+2Qtlap+eONpInhAsfka
+NovCeCUmjHS/pOBOsKAdyckLhb/BAabX4qgFwIcfAgMBAAGjMzAxMAkGA1UdEwQC
+MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0RBAgwBocEwKgBCjANBgkqhkiG
+9w0BAQsFAAOBgQA2DvQ4t6ScSANCWNpCwLlG/Mzmv/Nu/95pivh/MSJha1Cr2zLy
+6yyzi1atmSXhRcEn63dUoYuPdrd5P679fQVyepQ1EEksa9TaEaf8GcfUQFnBxrqq
+h/Uky1rKIhFkboLF+3yASZ/V70MYl+Rr8RNa2VKilKNh5rFw6tqg/sBiNw==
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAMBQjiEQM9q27eAi77sZZ6Q7ZGfkN7PvrVQqo74ETME+r6TRzi8z
-fNLEdI36qzgZejhzk2MTgHZt3i8FBuN0zEECAwEAAQJAb0GrF+GhvhQ6BYLwoZMO
-7GoXqirTNtufsKOCWvlt1hUEjZ4zkW5AV8H4p8Hn+Ts32juUAlqR9qC5BZWYIfYN
-aQIhAP9ow++v/XiHwY10Z41q4Qc0pNQDo0HsarsZLjXxaYN/AiEAwMJuCdIurAd5
-d5xVHsefJ770C23e3nLETd1cNop6kD8CIQCr/nv729LgKONxg5L8S54QASaCU5TM
-Hw3cwt84mkKItwIhAL8ynE9liiHdMCDykoP7YeTcxdloW/6uPAU4IrV+2l+lAiEA
-r1t5eaEdJHwNyefGFeMbPEy+UkUZY7qfp9eXmgarT7g=
+MIIBOgIBAAJBANiv9LhSpq2FehN4Epv3hwZQemH7ZC2Vqn5442kieECx+Ro2i8J4
+JSaMdL+k4E6woB3JyQuFv8EBptfiqAXAhx8CAwEAAQJAEMr6JTrKjhIVFuMsVggF
+39hm06ce6WV69Bg8T46LUUAVM39HdsNDIRkhYXExpQUmiYRFzcrLF1ot8S/4u889
+yQIhAOwDbAqT2QrEcGIWi8aZP1N5gDv8h67UcHBcftveklC7AiEA6wmPopj8qFoh
+/xM4GCKtdAYUdbfqUFMTFo7ZmD+Tvu0CIBafdVnGNkXL8qHUW22b/u/3c41MdY0S
+m/yJQTe+K/RFAiAoStxP0JBHwCPh2YadRJydrkkloSDPIl68WELfQc7vRQIhAM9E
+FvuChciFJzfnNNzKpH93hH9f2YMDsVWvgz0fIRz0
-----END RSA PRIVATE KEY-----
diff --git a/tls/tests/files/server-key.der b/tls/tests/files/server-key.der
index cdca53c..31c1ea0 100644
Binary files a/tls/tests/files/server-key.der and b/tls/tests/files/server-key.der differ
diff --git a/tls/tests/files/server-key.pem b/tls/tests/files/server-key.pem
index 7f720a6..0f167a7 100644
--- a/tls/tests/files/server-key.pem
+++ b/tls/tests/files/server-key.pem
@@ -1,9 +1,9 @@
-----BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAMBQjiEQM9q27eAi77sZZ6Q7ZGfkN7PvrVQqo74ETME+r6TRzi8z
-fNLEdI36qzgZejhzk2MTgHZt3i8FBuN0zEECAwEAAQJAb0GrF+GhvhQ6BYLwoZMO
-7GoXqirTNtufsKOCWvlt1hUEjZ4zkW5AV8H4p8Hn+Ts32juUAlqR9qC5BZWYIfYN
-aQIhAP9ow++v/XiHwY10Z41q4Qc0pNQDo0HsarsZLjXxaYN/AiEAwMJuCdIurAd5
-d5xVHsefJ770C23e3nLETd1cNop6kD8CIQCr/nv729LgKONxg5L8S54QASaCU5TM
-Hw3cwt84mkKItwIhAL8ynE9liiHdMCDykoP7YeTcxdloW/6uPAU4IrV+2l+lAiEA
-r1t5eaEdJHwNyefGFeMbPEy+UkUZY7qfp9eXmgarT7g=
+MIIBOgIBAAJBANiv9LhSpq2FehN4Epv3hwZQemH7ZC2Vqn5442kieECx+Ro2i8J4
+JSaMdL+k4E6woB3JyQuFv8EBptfiqAXAhx8CAwEAAQJAEMr6JTrKjhIVFuMsVggF
+39hm06ce6WV69Bg8T46LUUAVM39HdsNDIRkhYXExpQUmiYRFzcrLF1ot8S/4u889
+yQIhAOwDbAqT2QrEcGIWi8aZP1N5gDv8h67UcHBcftveklC7AiEA6wmPopj8qFoh
+/xM4GCKtdAYUdbfqUFMTFo7ZmD+Tvu0CIBafdVnGNkXL8qHUW22b/u/3c41MdY0S
+m/yJQTe+K/RFAiAoStxP0JBHwCPh2YadRJydrkkloSDPIl68WELfQc7vRQIhAM9E
+FvuChciFJzfnNNzKpH93hH9f2YMDsVWvgz0fIRz0
-----END RSA PRIVATE KEY-----
diff --git a/tls/tests/files/server.der b/tls/tests/files/server.der
index c87dba1..cbee9a6 100644
Binary files a/tls/tests/files/server.der and b/tls/tests/files/server.der differ
diff --git a/tls/tests/files/server.pem b/tls/tests/files/server.pem
index 144edb5..e749e63 100644
--- a/tls/tests/files/server.pem
+++ b/tls/tests/files/server.pem
@@ -1,14 +1,14 @@
-----BEGIN CERTIFICATE-----
-MIICJjCCAY+gAwIBAgIBATANBgkqhkiG9w0BAQsFADCBhjETMBEGCgmSJomT8ixk
+MIICNzCCAaCgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBhjETMBEGCgmSJomT8ixk
ARkWA0NPTTEXMBUGCgmSJomT8ixkARkWB0VYQU1QTEUxHjAcBgNVBAsMFUNlcnRp
ZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOY2EuZXhhbXBsZS5jb20xHTAbBgkq
-hkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tMB4XDTE0MDcxODE1MTU1MFoXDTM5MDcx
-MjE1MTU1MFowSzETMBEGCgmSJomT8ixkARkWA0NPTTEXMBUGCgmSJomT8ixkARkW
+hkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tMB4XDTE0MDcxODE1NDg0M1oXDTM5MDcx
+MjE1NDg0M1owSzETMBEGCgmSJomT8ixkARkWA0NPTTEXMBUGCgmSJomT8ixkARkW
B0VYQU1QTEUxGzAZBgNVBAMMEnNlcnZlci5leGFtcGxlLmNvbTBcMA0GCSqGSIb3
-DQEBAQUAA0sAMEgCQQDAUI4hEDPatu3gIu+7GWekO2Rn5Dez761UKqO+BEzBPq+k
-0c4vM3zSxHSN+qs4GXo4c5NjE4B2bd4vBQbjdMxBAgMBAAGjIjAgMAkGA1UdEwQC
-MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADgYEAaoEumI8o
-7LvXVznbhf5kBfFRVzxfSNdT6x6FXsPuODFNmoZpCkAROvzE2wDJwaDnFs2M+Nv8
-EKSxfjGdhuDYkgxIAneKXBSokE4RSW6jiS7tY3q+ksi2RlhpObqLbH8D0TstnTIB
-8sY/g7RSIZajYAYNzlJjWWntiXZp/ASRpBc=
+DQEBAQUAA0sAMEgCQQDYr/S4UqathXoTeBKb94cGUHph+2Qtlap+eONpInhAsfka
+NovCeCUmjHS/pOBOsKAdyckLhb/BAabX4qgFwIcfAgMBAAGjMzAxMAkGA1UdEwQC
+MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0RBAgwBocEwKgBCjANBgkqhkiG
+9w0BAQsFAAOBgQA2DvQ4t6ScSANCWNpCwLlG/Mzmv/Nu/95pivh/MSJha1Cr2zLy
+6yyzi1atmSXhRcEn63dUoYuPdrd5P679fQVyepQ1EEksa9TaEaf8GcfUQFnBxrqq
+h/Uky1rKIhFkboLF+3yASZ/V70MYl+Rr8RNa2VKilKNh5rFw6tqg/sBiNw==
-----END CERTIFICATE-----
diff --git a/tls/tests/files/ssl/server.conf b/tls/tests/files/ssl/server.conf
index 1de63a8..6a98029 100644
--- a/tls/tests/files/ssl/server.conf
+++ b/tls/tests/files/ssl/server.conf
@@ -21,3 +21,7 @@ extendedKeyUsage = serverAuth
[ v3_req_ext ]
basicConstraints = CA:false
extendedKeyUsage = serverAuth
+subjectAltName = @alt_names
+
+[ alt_names ]
+IP.0 = 192.168.1.10
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]