check hosts in ssl certificates
This commit is contained in:
Mikaël Cluseau
.gitignorego.modgo.sumsecrets.gomodules.txt
vendor
github.com
cavaliercoder
go-cpio
cloudflare
cfssl
LICENSE
auth
config
config_test.go
testdata
csr
errors
helpers
helpers_test.go
testdata
bundle.pembundle_pkcs7.pembundle_with_whitespace.pemca.pemca_key.pemcert.dercert.pemcert_pkcs7.pemcert_with_whitespace.pemecdsa256.csrempty.pemempty_pkcs7.derempty_pkcs7.pememptycert.pememptypasswordpkcs12.p12enc_priv_key.pemmessed_up_bundle.pemmessed_up_priv_key.pemmessedupcert.pemmultiplecerts.p12noheadercert.pempasswordpkcs12.p12priv_rsa_key.pemprivate_ecdsa_key.pemrsa-old.csrsecp256k1-key.pemtest.bad.csr.pemtest.csr.pem
initca
initca_test.go
testdata
log
ocsp
testdata
signer
local
local_test.go
signer_test.gotestdata
build_inter_pathlen_csrs.shca.pemca_key.pemecdsa256-inter.csrecdsa256-inter.keyecdsa256.csrecdsa256_ca.pemecdsa256_ca_key.pemecdsa384.csrecdsa521.csrex.csrinter_pathlen_0.csrinter_pathlen_1.csrinter_pathlen_unspecified.csrip.csrkey.pemrsa-old.csrrsa2048-inter.csrrsa2048-inter.keyrsa2048.csrrsa3072.csrrsa4096.csrsan_domain.csrtest.csr
testdata
golang
protobuf
AUTHORSCONTRIBUTORSLICENSEmain_test.go
proto
all_test.goany_test.goclone_test.godecode_test.godiscard_test.goencode_test.goequal_test.goextensions_test.gomap_test.gomessage_set_test.go
proto3_proto
proto3_test.gosize2_test.gosize_test.gotest_proto
text_parser_test.gotext_test.goprotoc-gen-go
descriptor
testdata
deprecated
extension_base
extension_extra
extension_test.goextension_user
grpc
import_public
import_public_test.goimports
fmt
test_a_1
test_a_2
test_b_1
test_import_a1m1.pb.gotest_import_a1m1.prototest_import_a1m2.pb.gotest_import_a1m2.prototest_import_all.pb.gotest_import_all.protomulti
my_test
proto3
ptypes
google
certificate-transparency-go
asn1
client
gossip
minimal
testdata
Makefiledup-source-name.cfggoshawk.cfggossiper.privkey.pemhawk-dup-source-name.cfghawk-no-dest-name.cfghawk-no-source-log.cfghawk-no-source-name.cfginvalid-private-key.cfginvalid-root-cert.cfginvalid-source-duration.cfginvalid-source-pubkey.cfgno-dest-log.cfgno-dest-name.cfgno-private-key.cfgno-root-cert.cfgno-source-log.cfgno-source-name.cfgroot-ca.certroot-ca.cfgtest.cfgwrong-password-private-key.cfg
x509ext
jsonclient
serialization_test.gosignatures_test.gotestdata
tls
types_test.gox509
error_test.goerrors_test.goexample_test.goname_constraints_test.gonames_test.gopem_decrypt_test.gopkcs8_test.gorevoked_test.goroot_darwin_test.goroot_unix_test.gosec1_test.gosha2_windows_test.go
testdata
verify_test.gox509_test.gox509util
kr
golang.org
x
crypto
net
sync
gopkg.in
check.v1
.gitignore.travis.ymlLICENSEREADME.mdTODObenchmark.gobenchmark_test.gobootstrap_test.gocheck.gocheck_test.gocheckers.gocheckers_test.goexport_test.gofixture_test.gofoundation_test.gohelpers.gohelpers_test.gointegration_test.goprinter.goprinter_test.goreporter.goreporter_test.gorun.gorun_test.go
yaml.v2
k8s.io
apimachinery
novit.nc
direktil
pkg
1173
vendor/github.com/google/certificate-transparency-go/asn1/asn1_test.go
generated
vendored
1173
vendor/github.com/google/certificate-transparency-go/asn1/asn1_test.go
generated
vendored
File diff suppressed because it is too large
Load Diff
263
vendor/github.com/google/certificate-transparency-go/asn1/marshal_test.go
generated
vendored
263
vendor/github.com/google/certificate-transparency-go/asn1/marshal_test.go
generated
vendored
@ -1,263 +0,0 @@
|
||||
// Copyright 2009 The Go Authors. All rights reserved.
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
package asn1
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/hex"
|
||||
"math/big"
|
||||
"strings"
|
||||
"testing"
|
||||
"time"
|
||||
)
|
||||
|
||||
type intStruct struct {
|
||||
A int
|
||||
}
|
||||
|
||||
type twoIntStruct struct {
|
||||
A int
|
||||
B int
|
||||
}
|
||||
|
||||
type bigIntStruct struct {
|
||||
A *big.Int
|
||||
}
|
||||
|
||||
type nestedStruct struct {
|
||||
A intStruct
|
||||
}
|
||||
|
||||
type rawContentsStruct struct {
|
||||
Raw RawContent
|
||||
A int
|
||||
}
|
||||
|
||||
type implicitTagTest struct {
|
||||
A int `asn1:"implicit,tag:5"`
|
||||
}
|
||||
|
||||
type explicitTagTest struct {
|
||||
A int `asn1:"explicit,tag:5"`
|
||||
}
|
||||
|
||||
type flagTest struct {
|
||||
A Flag `asn1:"tag:0,optional"`
|
||||
}
|
||||
|
||||
type generalizedTimeTest struct {
|
||||
A time.Time `asn1:"generalized"`
|
||||
}
|
||||
|
||||
type ia5StringTest struct {
|
||||
A string `asn1:"ia5"`
|
||||
}
|
||||
|
||||
type printableStringTest struct {
|
||||
A string `asn1:"printable"`
|
||||
}
|
||||
|
||||
type genericStringTest struct {
|
||||
A string
|
||||
}
|
||||
|
||||
type optionalRawValueTest struct {
|
||||
A RawValue `asn1:"optional"`
|
||||
}
|
||||
|
||||
type omitEmptyTest struct {
|
||||
A []string `asn1:"omitempty"`
|
||||
}
|
||||
|
||||
type defaultTest struct {
|
||||
A int `asn1:"optional,default:1"`
|
||||
}
|
||||
|
||||
type applicationTest struct {
|
||||
A int `asn1:"application,tag:0"`
|
||||
B int `asn1:"application,tag:1,explicit"`
|
||||
}
|
||||
|
||||
type numericStringTest struct {
|
||||
A string `asn1:"numeric"`
|
||||
}
|
||||
|
||||
type testAuthKeyID struct {
|
||||
ID []byte `asn1:"optional,tag:0"`
|
||||
Issuer RawValue `asn1:"optional,tag:1"`
|
||||
SerialNumber *big.Int `asn1:"optional,tag:2"`
|
||||
}
|
||||
|
||||
type testSET []int
|
||||
|
||||
var PST = time.FixedZone("PST", -8*60*60)
|
||||
|
||||
type marshalTest struct {
|
||||
in interface{}
|
||||
out string // hex encoded
|
||||
}
|
||||
|
||||
func farFuture() time.Time {
|
||||
t, err := time.Parse(time.RFC3339, "2100-04-05T12:01:01Z")
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
return t
|
||||
}
|
||||
|
||||
var marshalTests = []marshalTest{
|
||||
{10, "02010a"},
|
||||
{127, "02017f"},
|
||||
{128, "02020080"},
|
||||
{-128, "020180"},
|
||||
{-129, "0202ff7f"},
|
||||
{intStruct{64}, "3003020140"},
|
||||
{bigIntStruct{big.NewInt(0x123456)}, "30050203123456"},
|
||||
{twoIntStruct{64, 65}, "3006020140020141"},
|
||||
{nestedStruct{intStruct{127}}, "3005300302017f"},
|
||||
{[]byte{1, 2, 3}, "0403010203"},
|
||||
{implicitTagTest{64}, "3003850140"},
|
||||
{explicitTagTest{64}, "3005a503020140"},
|
||||
{flagTest{true}, "30028000"},
|
||||
{flagTest{false}, "3000"},
|
||||
{time.Unix(0, 0).UTC(), "170d3730303130313030303030305a"},
|
||||
{time.Unix(1258325776, 0).UTC(), "170d3039313131353232353631365a"},
|
||||
{time.Unix(1258325776, 0).In(PST), "17113039313131353134353631362d30383030"},
|
||||
{farFuture(), "180f32313030303430353132303130315a"},
|
||||
{generalizedTimeTest{time.Unix(1258325776, 0).UTC()}, "3011180f32303039313131353232353631365a"},
|
||||
{BitString{[]byte{0x80}, 1}, "03020780"},
|
||||
{BitString{[]byte{0x81, 0xf0}, 12}, "03030481f0"},
|
||||
{ObjectIdentifier([]int{1, 2, 3, 4}), "06032a0304"},
|
||||
{ObjectIdentifier([]int{1, 2, 840, 133549, 1, 1, 5}), "06092a864888932d010105"},
|
||||
{ObjectIdentifier([]int{2, 100, 3}), "0603813403"},
|
||||
{"test", "130474657374"},
|
||||
{
|
||||
"" +
|
||||
"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" +
|
||||
"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" +
|
||||
"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" +
|
||||
"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", // This is 127 times 'x'
|
||||
"137f" +
|
||||
"7878787878787878787878787878787878787878787878787878787878787878" +
|
||||
"7878787878787878787878787878787878787878787878787878787878787878" +
|
||||
"7878787878787878787878787878787878787878787878787878787878787878" +
|
||||
"78787878787878787878787878787878787878787878787878787878787878",
|
||||
},
|
||||
{
|
||||
"" +
|
||||
"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" +
|
||||
"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" +
|
||||
"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" +
|
||||
"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", // This is 128 times 'x'
|
||||
"138180" +
|
||||
"7878787878787878787878787878787878787878787878787878787878787878" +
|
||||
"7878787878787878787878787878787878787878787878787878787878787878" +
|
||||
"7878787878787878787878787878787878787878787878787878787878787878" +
|
||||
"7878787878787878787878787878787878787878787878787878787878787878",
|
||||
},
|
||||
{ia5StringTest{"test"}, "3006160474657374"},
|
||||
{optionalRawValueTest{}, "3000"},
|
||||
{printableStringTest{"test"}, "3006130474657374"},
|
||||
{printableStringTest{"test*"}, "30071305746573742a"},
|
||||
{genericStringTest{"test"}, "3006130474657374"},
|
||||
{genericStringTest{"test*"}, "30070c05746573742a"},
|
||||
{genericStringTest{"test&"}, "30070c057465737426"},
|
||||
{rawContentsStruct{nil, 64}, "3003020140"},
|
||||
{rawContentsStruct{[]byte{0x30, 3, 1, 2, 3}, 64}, "3003010203"},
|
||||
{RawValue{Tag: 1, Class: 2, IsCompound: false, Bytes: []byte{1, 2, 3}}, "8103010203"},
|
||||
{testSET([]int{10}), "310302010a"},
|
||||
{omitEmptyTest{[]string{}}, "3000"},
|
||||
{omitEmptyTest{[]string{"1"}}, "30053003130131"},
|
||||
{"Σ", "0c02cea3"},
|
||||
{defaultTest{0}, "3003020100"},
|
||||
{defaultTest{1}, "3000"},
|
||||
{defaultTest{2}, "3003020102"},
|
||||
{applicationTest{1, 2}, "30084001016103020102"},
|
||||
{numericStringTest{"1 9"}, "30051203312039"},
|
||||
{testAuthKeyID{ID: []byte{0x01, 0x02, 0x03, 0x04}, SerialNumber: big.NewInt(0x12233445566)}, "300e8004010203048206012233445566"},
|
||||
{testAuthKeyID{ID: []byte{0x01, 0x02, 0x03, 0x04}}, "3006800401020304"},
|
||||
}
|
||||
|
||||
func TestMarshal(t *testing.T) {
|
||||
for i, test := range marshalTests {
|
||||
data, err := Marshal(test.in)
|
||||
if err != nil {
|
||||
t.Errorf("#%d failed: %s", i, err)
|
||||
}
|
||||
out, _ := hex.DecodeString(test.out)
|
||||
if !bytes.Equal(out, data) {
|
||||
t.Errorf("#%d got: %x want %x\n\t%q\n\t%q", i, data, out, data, out)
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
type marshalWithParamsTest struct {
|
||||
in interface{}
|
||||
params string
|
||||
out string // hex encoded
|
||||
}
|
||||
|
||||
var marshalWithParamsTests = []marshalWithParamsTest{
|
||||
{intStruct{10}, "set", "310302010a"},
|
||||
{intStruct{10}, "application", "600302010a"},
|
||||
}
|
||||
|
||||
func TestMarshalWithParams(t *testing.T) {
|
||||
for i, test := range marshalWithParamsTests {
|
||||
data, err := MarshalWithParams(test.in, test.params)
|
||||
if err != nil {
|
||||
t.Errorf("#%d failed: %s", i, err)
|
||||
}
|
||||
out, _ := hex.DecodeString(test.out)
|
||||
if !bytes.Equal(out, data) {
|
||||
t.Errorf("#%d got: %x want %x\n\t%q\n\t%q", i, data, out, data, out)
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
type marshalErrTest struct {
|
||||
in interface{}
|
||||
err string
|
||||
}
|
||||
|
||||
var marshalErrTests = []marshalErrTest{
|
||||
{bigIntStruct{nil}, "empty integer"},
|
||||
{numericStringTest{"a"}, "invalid character"},
|
||||
{ia5StringTest{"\xb0"}, "invalid character"},
|
||||
{printableStringTest{"!"}, "invalid character"},
|
||||
}
|
||||
|
||||
func TestMarshalError(t *testing.T) {
|
||||
for i, test := range marshalErrTests {
|
||||
_, err := Marshal(test.in)
|
||||
if err == nil {
|
||||
t.Errorf("#%d should fail, but success", i)
|
||||
continue
|
||||
}
|
||||
|
||||
if !strings.Contains(err.Error(), test.err) {
|
||||
t.Errorf("#%d got: %v want %v", i, err, test.err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func TestInvalidUTF8(t *testing.T) {
|
||||
_, err := Marshal(string([]byte{0xff, 0xff}))
|
||||
if err == nil {
|
||||
t.Errorf("invalid UTF8 string was accepted")
|
||||
}
|
||||
}
|
||||
|
||||
func BenchmarkMarshal(b *testing.B) {
|
||||
b.ReportAllocs()
|
||||
|
||||
for i := 0; i < b.N; i++ {
|
||||
for _, test := range marshalTests {
|
||||
Marshal(test.in)
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user