TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / c15ff98455e57b32661470efedc9768989e1ec9e^! / .
commitc15ff98455e57b32661470efedc9768989e1ec9e[log] [tgz]
authorHanno Becker <hanno.becker@arm.com>Thu Sep 12 14:21:57 2019 +0100
committerHanno Becker <hanno.becker@arm.com>Tue Sep 17 13:10:42 2019 +0100
tree636a0f1df8be580aa027a0cb3cd161d038c8c15d
parent7b8330a9c7e8644499a2d6213f11d1f34b329382 [diff]
X.509: Adapt negative parsing test for no data in CrtPolicy ext

This commit modifies the test

   X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, data missing)

which exercises the behaviour of the X.509 CRT parser when facing a
CertificatePolicy extension with empty data field.

The following adaptations are made:
- The subject ID and issuer ID are modified to have length 0.
  The previous values `aa` and `bb` are OK, but a generic ASN.1
  parser will try to interpret them as ASN.1 tags and fail. For
  maintainability, it's therefore better to use something that
  can be parsed as ASN.1, and an empty ID is the easiest solution
  here.
- The TBS part of the certificate wasn't followed by signature
  algorithm and signature fields, which makes the test incompatible
  with future changes swapping to breadth-first parsing of
  certificates.

diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index c9f9b0f..ed0ed16 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data

@@ -1719,7 +1719,7 @@
 
 X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, data missing)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-x509parse_crt:"308198308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30b300930070603551d20040001010100":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+x509parse_crt:"3081a7308191a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30b300930070603551d200400300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
 
 X509 CRT ASN1 (TBSCertificate v3, ext CertificatePolicies tag, data not oid)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C