summaryrefslogtreecommitdiffstats
path: root/security/manager/ssl/tests/unit/test_onecrl
diff options
context:
space:
mode:
Diffstat (limited to 'security/manager/ssl/tests/unit/test_onecrl')
-rw-r--r--security/manager/ssl/tests/unit/test_onecrl/moz.build14
-rw-r--r--security/manager/ssl/tests/unit/test_onecrl/same-issuer-ee.pem19
-rw-r--r--security/manager/ssl/tests/unit/test_onecrl/same-issuer-ee.pem.certspec4
-rw-r--r--security/manager/ssl/tests/unit/test_onecrl/sample_revocations.txt39
-rw-r--r--security/manager/ssl/tests/unit/test_onecrl/test-int-ee.pem18
-rw-r--r--security/manager/ssl/tests/unit/test_onecrl/test-int-ee.pem.certspec3
6 files changed, 97 insertions, 0 deletions
diff --git a/security/manager/ssl/tests/unit/test_onecrl/moz.build b/security/manager/ssl/tests/unit/test_onecrl/moz.build
new file mode 100644
index 000000000..560826d89
--- /dev/null
+++ b/security/manager/ssl/tests/unit/test_onecrl/moz.build
@@ -0,0 +1,14 @@
+# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
+# vim: set filetype=python:
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# Temporarily disabled. See bug 1256495.
+#test_certificates = (
+# 'same-issuer-ee.pem',
+# 'test-int-ee.pem',
+#)
+#
+#for test_certificate in test_certificates:
+# GeneratedTestCertificate(test_certificate)
diff --git a/security/manager/ssl/tests/unit/test_onecrl/same-issuer-ee.pem b/security/manager/ssl/tests/unit/test_onecrl/same-issuer-ee.pem
new file mode 100644
index 000000000..c48cd895b
--- /dev/null
+++ b/security/manager/ssl/tests/unit/test_onecrl/same-issuer-ee.pem
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDHTCCAgegAwIBAgIUI9484x9tR8knqKhzbTfed86/unswCwYJKoZIhvcNAQEL
+MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxNTExMjgwMDAwMDBaGA8yMDE4MDIw
+NTAwMDAwMFowIjEgMB4GA1UEAwwXQW5vdGhlciBUZXN0IEVuZC1lbnRpdHkwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6iFGoRI4W1kH9braIBjYQPTwT
+2erkNUq07PVoV2wke8HHJajg2B+9sZwGm24ahvJr4q9adWtqZHEIeqVap0WH9xzV
+JJwCfs1D/B5p0DggKZOrIMNJ5Nu5TMJrbA7tFYIP8X6taRqx0wI6iypB7qdw4A8N
+jf1mCyuwJJKkfbmIYXmQsVeQPdI7xeC4SB+oN9OIQ+8nFthVt2Zaqn4CkC86exCA
+BiTMHGyXrZZhW7filhLAdTGjDJHdtMr3/K0dJdMJ77kXDqdo4bN7LyJvaeO0ipVh
+He4m1iWdq5EITjbLHCQELL8Wiy/l8Y+ZFzG4s/5JI/pyUcQx1QOs2hgKNe2NAgMB
+AAGjWzBZMCMGA1UdEQQcMBqCCWxvY2FsaG9zdIINKi5leGFtcGxlLmNvbTAyBggr
+BgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6ODg4OC8w
+CwYJKoZIhvcNAQELA4IBAQB5uSG64u2JLPE1TsnPQfJT8bmzhov2VGvdyHHS1ANM
+zj900qpH4qNDGAaJwHSPhGdvPuJkd7Gzz/1i3kEKX/4FFkl0Md7O2xnqMn6shzKn
+kt4QAWFE+3Y5qloHLZxLAJ7xoCqxTsh+BXBgsnxR0YIJsjTXomB7kiyw5YWgRVlG
+iBlDCLuv/BEmOWXADF1Ly3qXPKWsr+tXfNl5IKjUUDdDcGHKFNYq6QyScgDokCE+
+PXEZwSiHdPpHhK1/eMIegl2rMycvw0vptPznr8MqF5COXGI9/W4ObHtXJnt6/I/C
+re6JOK6abYxpOJsLRXSovFc+RQQPrb6J7QA8Imt7FDkX
+-----END CERTIFICATE----- \ No newline at end of file
diff --git a/security/manager/ssl/tests/unit/test_onecrl/same-issuer-ee.pem.certspec b/security/manager/ssl/tests/unit/test_onecrl/same-issuer-ee.pem.certspec
new file mode 100644
index 000000000..8b20f03f5
--- /dev/null
+++ b/security/manager/ssl/tests/unit/test_onecrl/same-issuer-ee.pem.certspec
@@ -0,0 +1,4 @@
+issuer:Test CA
+subject:Another Test End-entity
+extension:subjectAlternativeName:localhost,*.example.com
+extension:authorityInformationAccess:http://localhost:8888/
diff --git a/security/manager/ssl/tests/unit/test_onecrl/sample_revocations.txt b/security/manager/ssl/tests/unit/test_onecrl/sample_revocations.txt
new file mode 100644
index 000000000..e8d9db746
--- /dev/null
+++ b/security/manager/ssl/tests/unit/test_onecrl/sample_revocations.txt
@@ -0,0 +1,39 @@
+# a sample revocations.txt for tests
+# Lines starting with '#' are ignored - as are empty lines like this:
+
+# otherwise:
+# non-empty lines are treated as base-64 encoded DER DN data (e.g. issuer or
+# subject)
+# ...unless the line starts with a ' ' (space) character, in which case it's
+# assumed to be base-64 encoded DER serial data, or
+# the line starts with a '\t' (tab) character, in which case it's assumed to
+# be a base-64 encoded SHA256 hash of a public key
+
+# First a serial with no issuer to ensure this doesn't cause parsing to fail
+# (there should be an issuer first, but we need to test this won't fail)
+ dGVzdA==
+# next, let's ensure data that isn't valid base64 doesn't cause breakage.
+ this serial isn't valid base64 (but then there's no issuer anyway)
+Neither is this issuer, though the serial is fine
+ dGVzdA==
+dGVzdA==
+ in this case, issuer is fine but not the serial
+# Next two entries; we can add valid base-64 encoded data for some basic tests:
+# issuer is "some imaginary issuer" base-64 encoded
+# and serial "serial." base-64 encoded
+c29tZSBpbWFnaW5hcnkgaXNzdWVy
+ c2VyaWFsLg==
+# issuer is "another imaginary issuer" base-64 encoded
+# serials are "serial." and "serial2." base-64 encoded
+YW5vdGhlciBpbWFnaW5hcnkgaXNzdWVy
+ c2VyaWFsLg==
+ c2VyaWFsMi4=
+# subject is "some imaginary subject", base-64 encoded
+# pubKeyHash is the sha256 hash of "some imaginary pubkey" base-64 encoded
+c29tZSBpbWFnaW5hcnkgc3ViamVjdA==
+ blBNgTxORaii2Sqe9bQcYsmfJ3kiXOLiKLzQNJ2wZYE=
+# and some more data to ensure that mixed items don't cause parsing failure
+a DN
+ a serial
+ a hash
+ another serial
diff --git a/security/manager/ssl/tests/unit/test_onecrl/test-int-ee.pem b/security/manager/ssl/tests/unit/test_onecrl/test-int-ee.pem
new file mode 100644
index 000000000..34d2cf669
--- /dev/null
+++ b/security/manager/ssl/tests/unit/test_onecrl/test-int-ee.pem
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC5jCCAdCgAwIBAgIUQyYXainIoMjK+7Pogg88tLd6ERgwCwYJKoZIhvcNAQEL
+MBwxGjAYBgNVBAMMEVRlc3QgSW50ZXJtZWRpYXRlMCIYDzIwMTUxMTI4MDAwMDAw
+WhgPMjAxODAyMDUwMDAwMDBaMCQxIjAgBgNVBAMMGUVFIGlzc3VlZCBieSBpbnRl
+cm1lZGlhdGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6iFGoRI4W
+1kH9braIBjYQPTwT2erkNUq07PVoV2wke8HHJajg2B+9sZwGm24ahvJr4q9adWtq
+ZHEIeqVap0WH9xzVJJwCfs1D/B5p0DggKZOrIMNJ5Nu5TMJrbA7tFYIP8X6taRqx
+0wI6iypB7qdw4A8Njf1mCyuwJJKkfbmIYXmQsVeQPdI7xeC4SB+oN9OIQ+8nFthV
+t2Zaqn4CkC86exCABiTMHGyXrZZhW7filhLAdTGjDJHdtMr3/K0dJdMJ77kXDqdo
+4bN7LyJvaeO0ipVhHe4m1iWdq5EITjbLHCQELL8Wiy/l8Y+ZFzG4s/5JI/pyUcQx
+1QOs2hgKNe2NAgMBAAGjGDAWMBQGA1UdEQQNMAuCCWxvY2FsaG9zdDALBgkqhkiG
+9w0BAQsDggEBAG5fRtX3qlA/A0hm3SwbARbljUehHxdHTeiz8qAbX5aEo7LRCxjr
+BccpjzVqwiZxfwqcAyHT/+CrFrgKvpN6rnuNnmNvScH3BeTmXEkImiHc0nZTYyOH
+Xep3I0ZEDa+2H5WDXfCbwF6JIQKJ2j3TR+c5/PzS3RLIkXG8wKcmv6Ldi5vwrIM7
+DDZ+k3a65JYSQwg9Q8gZoEBKmcalVD86+OQcs1HijU7ylS9PO8HB/sYakDPuKqRM
+xZgIBTDctRET07KtAIpBEnbfiWkI6xh4tTYj4IrRA5Yz8ajRImdn0IhJSld5Wgoy
+cQ1L2ia/hgcTIdQ+pIIV2lcepTaNMeIpCoI=
+-----END CERTIFICATE----- \ No newline at end of file
diff --git a/security/manager/ssl/tests/unit/test_onecrl/test-int-ee.pem.certspec b/security/manager/ssl/tests/unit/test_onecrl/test-int-ee.pem.certspec
new file mode 100644
index 000000000..24792d540
--- /dev/null
+++ b/security/manager/ssl/tests/unit/test_onecrl/test-int-ee.pem.certspec
@@ -0,0 +1,3 @@
+issuer:Test Intermediate
+subject:EE issued by intermediate
+extension:subjectAlternativeName:localhost
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-10 09:05:58 +0000