5111374265

Committed 29 May 2023 11:19AM UTC coverage: 92.227% (+0.5%) from 91.723%

Build # 5111374265

Build Type

push

github

Committed by

randombit

Commit Message

Next release will be 3.1.0. Update release notes

Run Details

75588 of 81959 relevant lines covered (92.23%)

11886470.91 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

89.29

/src/tests/test_certstor_utils.cpp

/*
* (C) 1999-2021 Jack Lloyd
* (C) 2019,2021 René Meusel
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include "test_certstor_utils.h"

#if defined(BOTAN_HAS_X509_CERTIFICATES)

   #include <botan/ber_dec.h>
   #include <botan/hex.h>

namespace Botan_Tests {

Botan::X509_DN read_dn(const std::string& hex) {
   Botan::X509_DN dn;
   Botan::BER_Decoder decoder(Botan::hex_decode(hex));
   dn.decode_from(decoder);
   return dn;
}

Botan::X509_DN get_dn() {
   // ASN.1 encoded subject DN of "ISRG Root X1"
   // This certificate is in the standard "System Roots" of any macOS setup,
   // serves as the trust root of botan.randombit.net and expires on
   // Monday, 4. June 2035 at 13:04:38 Central European Summer Time
   return read_dn(
      "304F310B300906035504061302555331293027060355040A1320496E74657"
      "26E65742053656375726974792052657365617263682047726F7570311530"
      "130603550403130C4953524720526F6F74205831");
}

Botan::X509_DN get_utf8_dn() {
   // ASN.1 encoded subject DN of "D-TRUST Root Class 3 CA 2 EV 2009"
   // This DN contains UTF8-encoded strings
   // expires on 05. November 2029 at 8:50:46 UTC
   return read_dn(
      "3050310B300906035504061302444531153013060355040A0C0C442D54727"
      "5737420476D6248312A302806035504030C21442D545255535420526F6F74"
      "20436C617373203320434120322045562032303039");
}

std::vector<uint8_t> get_key_id() {
   // this is the same as the public key SHA1 of "ISRG Root X1"
   return Botan::hex_decode("79B459E67BB6E5E40173800888C81A58F6E99B6E");
}

std::string get_subject_cn() { return "ISRG Root X1"; }

std::vector<uint8_t> get_pubkey_sha1_of_cert_with_different_key_id() {
   // see https://github.com/randombit/botan/issues/2779 for details
   //
   // SHA-1(Public Key) of:   SecureTrust CA
   // Valid Until:            Dec 31 19:40:55 2029 GMT
   // Subject Key Identifier: 4232b616fa04fdfe5d4b7ac3fdf74c401d5a43af
   return Botan::hex_decode("ca4edd5b273529d9f6eec3e553efa4c019961daf");
}

Botan::X509_DN get_dn_of_cert_with_different_key_id() {
   // This is the DN of the 'SecureTrust CA' whose SHA-1(pubkey) differs
   // from its Subject Key Identifier
   return read_dn(
      "3048310b30090603550406130255533120301e060355040a131753656375"
      "7265547275737420436f72706f726174696f6e311730150603550403130e"
      "5365637572655472757374204341");
}

Botan::X509_DN get_unknown_dn() {
   // thats a D-Trust "Test Certificate". It should be fairly likely that
   // _nobody_ will _ever_ have that in their system keychain
   // CN: D-TRUST Limited Basic Test PU CA 1-4 2016
   return read_dn(
      "305b310b300906035504061302444531153013060355040a0c0c442d5472"
      "75737420476d62483135303306035504030c2c442d5452555354204c696d"
      "6974656420426173696320526f6f74205465737420505520434120312032"
      "303135");
}

Botan::X509_DN get_skewed_dn() {
   // This DN contains ASN.1 PrintableString fields that are not 'normalized'
   // according to Apple's idea of a normalized PrintableString field:
   //   (1) It has leading and trailing white space
   //   (2) It contains multiple spaces between 'words'
   //
   // This skewed DN was fabricated using the program below and the DN-info of
   // "ISRG Root X1" which expires on Monday, 4. June 2035 at 13:04:38 CEST
   //
   // ```C++
   // #include <iostream>
   //
   // #include <botan/pkix_types.h>
   // #include <botan/der_enc.h>
   // #include <botan/hex.h>
   //
   // using namespace Botan;
   //
   // int main()
   //    {
   //    X509_DN dn{};
   //
   //    dn.add_attribute(OID{2,5,4,6}, ASN1_String("US", ASN1_Type::PrintableString));
   //    dn.add_attribute(OID{2,5,4,10}, ASN1_String("Internet Security  Research Group  ", ASN1_Type::PrintableString));
   //    dn.add_attribute(OID{2,5,4,3}, ASN1_String("  ISRG Root  X1", ASN1_Type::PrintableString));
   //
   //    DER_Encoder enc;
   //    dn.encode_into(enc);
   //
   //    std::cout << hex_encode(enc.get_contents()) << std::endl;
   //    }
   // ```

   return read_dn(
      "3055310B3009060355040613025553312C302A060355040A1323496E74657"
      "26E6574205365637572697479202052657365617263682047726F75702020"
      "311830160603550403130F20204953524720526F6F7420205831");
}

std::vector<uint8_t> get_unknown_key_id() {
   // this is the same as the public key SHA1
   return Botan::hex_decode("785c0b67b536eeacbb2b27cf9123301abe7ab09a");
}
}  // namespace Botan_Tests

#endif

1	/*
2	* (C) 1999-2021 Jack Lloyd
3	* (C) 2019,2021 René Meusel
4	*
5	* Botan is released under the Simplified BSD License (see license.txt)
6	*/
7
8	#include "test_certstor_utils.h"
9
10	#if defined(BOTAN_HAS_X509_CERTIFICATES)
11
12	#include <botan/ber_dec.h>
13	#include <botan/hex.h>
14
15	namespace Botan_Tests {
16
17	Botan::X509_DN read_dn(const std::string& hex) {	14✔
18	Botan::X509_DN dn;	14✔
19	Botan::BER_Decoder decoder(Botan::hex_decode(hex));	14✔
20	dn.decode_from(decoder);	14✔
21	return dn;	14✔
22	}	14✔
23
24	Botan::X509_DN get_dn() {	9✔
25	// ASN.1 encoded subject DN of "ISRG Root X1"
26	// This certificate is in the standard "System Roots" of any macOS setup,
27	// serves as the trust root of botan.randombit.net and expires on
28	// Monday, 4. June 2035 at 13:04:38 Central European Summer Time
29	return read_dn(	9✔
30	"304F310B300906035504061302555331293027060355040A1320496E74657"
31	"26E65742053656375726974792052657365617263682047726F7570311530"
32	"130603550403130C4953524720526F6F74205831");	18✔
33	}
34
35	Botan::X509_DN get_utf8_dn() {	2✔
36	// ASN.1 encoded subject DN of "D-TRUST Root Class 3 CA 2 EV 2009"
37	// This DN contains UTF8-encoded strings
38	// expires on 05. November 2029 at 8:50:46 UTC
39	return read_dn(	2✔
40	"3050310B300906035504061302444531153013060355040A0C0C442D54727"
41	"5737420476D6248312A302806035504030C21442D545255535420526F6F74"
42	"20436C617373203320434120322045562032303039");	4✔
43	}
44
45	std::vector<uint8_t> get_key_id() {	6✔
46	// this is the same as the public key SHA1 of "ISRG Root X1"
47	return Botan::hex_decode("79B459E67BB6E5E40173800888C81A58F6E99B6E");	6✔
48	}
49
50	std::string get_subject_cn() { return "ISRG Root X1"; }	9✔
51
52	std::vector<uint8_t> get_pubkey_sha1_of_cert_with_different_key_id() {	1✔
53	// see https://github.com/randombit/botan/issues/2779 for details
54	//
55	// SHA-1(Public Key) of: SecureTrust CA
56	// Valid Until: Dec 31 19:40:55 2029 GMT
57	// Subject Key Identifier: 4232b616fa04fdfe5d4b7ac3fdf74c401d5a43af
58	return Botan::hex_decode("ca4edd5b273529d9f6eec3e553efa4c019961daf");	1✔
59	}
60
61	Botan::X509_DN get_dn_of_cert_with_different_key_id() {	1✔
62	// This is the DN of the 'SecureTrust CA' whose SHA-1(pubkey) differs
63	// from its Subject Key Identifier
64	return read_dn(	1✔
65	"3048310b30090603550406130255533120301e060355040a131753656375"
66	"7265547275737420436f72706f726174696f6e311730150603550403130e"
67	"5365637572655472757374204341");	2✔
68	}
69
70	Botan::X509_DN get_unknown_dn() {	2✔
71	// thats a D-Trust "Test Certificate". It should be fairly likely that
72	// _nobody_ will _ever_ have that in their system keychain
73	// CN: D-TRUST Limited Basic Test PU CA 1-4 2016
74	return read_dn(	2✔
75	"305b310b300906035504061302444531153013060355040a0c0c442d5472"
76	"75737420476d62483135303306035504030c2c442d5452555354204c696d"
77	"6974656420426173696320526f6f74205465737420505520434120312032"
78	"303135");	4✔
79	}
80
81	Botan::X509_DN get_skewed_dn() {	×
82	// This DN contains ASN.1 PrintableString fields that are not 'normalized'
83	// according to Apple's idea of a normalized PrintableString field:
84	// (1) It has leading and trailing white space
85	// (2) It contains multiple spaces between 'words'
86	//
87	// This skewed DN was fabricated using the program below and the DN-info of
88	// "ISRG Root X1" which expires on Monday, 4. June 2035 at 13:04:38 CEST
89	//
90	// ```C++
91	// #include <iostream>
92	//
93	// #include <botan/pkix_types.h>
94	// #include <botan/der_enc.h>
95	// #include <botan/hex.h>
96	//
97	// using namespace Botan;
98	//
99	// int main()
100	// {
101	// X509_DN dn{};
102	//
103	// dn.add_attribute(OID{2,5,4,6}, ASN1_String("US", ASN1_Type::PrintableString));
104	// dn.add_attribute(OID{2,5,4,10}, ASN1_String("Internet Security Research Group ", ASN1_Type::PrintableString));
105	// dn.add_attribute(OID{2,5,4,3}, ASN1_String(" ISRG Root X1", ASN1_Type::PrintableString));
106	//
107	// DER_Encoder enc;
108	// dn.encode_into(enc);
109	//
110	// std::cout << hex_encode(enc.get_contents()) << std::endl;
111	// }
112	// ```
113
114	return read_dn(	×
115	"3055310B3009060355040613025553312C302A060355040A1323496E74657"
116	"26E6574205365637572697479202052657365617263682047726F75702020"
117	"311830160603550403130F20204953524720526F6F7420205831");	×
118	}
119
120	std::vector<uint8_t> get_unknown_key_id() {	2✔
121	// this is the same as the public key SHA1
122	return Botan::hex_decode("785c0b67b536eeacbb2b27cf9123301abe7ab09a");	2✔
123	}
124	} // namespace Botan_Tests
125
126	#endif

randombit / botan / 5111374265

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous