diff --git a/tests/data_files/.gitattributes b/tests/data_files/.gitattributes new file mode 100644 index 000000000000..e72d32c601a7 --- /dev/null +++ b/tests/data_files/.gitattributes @@ -0,0 +1 @@ +*.bin -text diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 2cd9d2be0158..8f97b8cd01e5 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -1128,7 +1128,7 @@ tls13_certs: ecdsa_secp521r1.crt ecdsa_secp521r1.key # PKCS7 test data pkcs7_test_cert_1 = pkcs7-rsa-sha256-1.crt pkcs7_test_cert_2 = pkcs7-rsa-sha256-2.crt -pkcs7_test_file = pkcs7_data.txt +pkcs7_test_file = pkcs7_data.bin # Generate signing cert pkcs7-rsa-sha256-1.crt: @@ -1141,46 +1141,34 @@ pkcs7-rsa-sha256-2.crt: cat pkcs7-rsa-sha256-2.crt pkcs7-rsa-sha256-2.key > pkcs7-rsa-sha256-2.pem all_final += pkcs7-rsa-sha256-2.crt -# Generate data file to be signed -pkcs7_data.txt: - echo "Hello" > $@ - echo 2 >> pkcs7_data_1.txt -all_final += pkcs7_data.txt - -# Generate another data file to check hash mismatch during certificate verification -pkcs7_data_1.txt: $(pkcs7_test_file) - cat $(pkcs7_test_file) > $@ - echo 2 >> $@ -all_final += pkcs7_data_1.txt - # pkcs7 signature file with CERT pkcs7_data_cert_signed_sha256.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) - $(OPENSSL) smime -sign -binary -in pkcs7_data.txt -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -noattr -outform DER -out $@ + $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -noattr -outform DER -out $@ all_final += pkcs7_data_cert_signed_sha256.der # pkcs7 signature file with CERT and sha1 pkcs7_data_cert_signed_sha1.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) - $(OPENSSL) smime -sign -binary -in pkcs7_data.txt -out $@ -md sha1 -signer pkcs7-rsa-sha256-1.pem -noattr -outform DER -out $@ + $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha1 -signer pkcs7-rsa-sha256-1.pem -noattr -outform DER -out $@ all_final += pkcs7_data_cert_signed_sha1.der # pkcs7 signature file with CERT and sha512 pkcs7_data_cert_signed_sha512.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) - $(OPENSSL) smime -sign -binary -in pkcs7_data.txt -out $@ -md sha512 -signer pkcs7-rsa-sha256-1.pem -noattr -outform DER -out $@ + $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha512 -signer pkcs7-rsa-sha256-1.pem -noattr -outform DER -out $@ all_final += pkcs7_data_cert_signed_sha512.der # pkcs7 signature file without CERT pkcs7_data_without_cert_signed.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) - $(OPENSSL) smime -sign -binary -in pkcs7_data.txt -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -nocerts -noattr -outform DER -out $@ + $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -nocerts -noattr -outform DER -out $@ all_final += pkcs7_data_without_cert_signed.der # pkcs7 signature file with multiple signers pkcs7_data_multiple_signed.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) $(pkcs7_test_cert_2) - $(OPENSSL) smime -sign -binary -in pkcs7_data.txt -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -signer pkcs7-rsa-sha256-2.pem -nocerts -noattr -outform DER -out $@ + $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -signer pkcs7-rsa-sha256-2.pem -nocerts -noattr -outform DER -out $@ all_final += pkcs7_data_multiple_signed.der # pkcs7 signature file with multiple certificates pkcs7_data_multiple_certs_signed.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) $(pkcs7_test_cert_2) - $(OPENSSL) smime -sign -binary -in pkcs7_data.txt -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -signer pkcs7-rsa-sha256-2.pem -noattr -outform DER -out $@ + $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -signer pkcs7-rsa-sha256-2.pem -noattr -outform DER -out $@ all_final += pkcs7_data_multiple_certs_signed.der # pkcs7 signature file with corrupted CERT @@ -1202,7 +1190,7 @@ pkcs7_data_cert_signed_v2.der: pkcs7_data_cert_signed_sha256.der all_final += pkcs7_data_cert_signed_v2.der pkcs7_data_cert_encrypted.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) - $(OPENSSL) smime -encrypt -aes256 -in pkcs7_data.txt -binary -outform DER -out $@ pkcs7-rsa-sha256-1.crt + $(OPENSSL) smime -encrypt -aes256 -in pkcs7_data.bin -binary -outform DER -out $@ pkcs7-rsa-sha256-1.crt all_final += pkcs7_data_cert_encrypted.der ## Negative tests diff --git a/tests/data_files/pkcs7_data.txt b/tests/data_files/pkcs7_data.bin similarity index 100% rename from tests/data_files/pkcs7_data.txt rename to tests/data_files/pkcs7_data.bin diff --git a/tests/data_files/pkcs7_data_1.txt b/tests/data_files/pkcs7_data_1.bin similarity index 100% rename from tests/data_files/pkcs7_data_1.txt rename to tests/data_files/pkcs7_data_1.bin diff --git a/tests/suites/test_suite_pkcs7.data b/tests/suites/test_suite_pkcs7.data index 75ee9f6b0396..4af0edad3768 100644 --- a/tests/suites/test_suite_pkcs7.data +++ b/tests/suites/test_suite_pkcs7.data @@ -27,24 +27,24 @@ PKCS7 Signed Data Parse Fail Encrypted Content #8 pkcs7_parse_content_oid:"data_files/pkcs7_data_cert_encrypted.der" PKCS7 Signed Data Verification Pass SHA256 #9 -pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.txt" +pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.bin" PKCS7 Signed Data Verification Pass SHA256 #9.1 -pkcs7_verify_hash:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.txt" +pkcs7_verify_hash:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.bin" PKCS7 Signed Data Verification Pass SHA1 #10 depends_on:MBEDTLS_SHA1_C -pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha1.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.txt" +pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha1.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.bin" PKCS7 Signed Data Verification Pass SHA512 #11 depends_on:MBEDTLS_SHA512_C -pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha512.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.txt" +pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha512.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.bin" PKCS7 Signed Data Verification Fail because of different certificate #12 -pkcs7_verify_badcert:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-2.crt":"data_files/pkcs7_data.txt" +pkcs7_verify_badcert:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-2.crt":"data_files/pkcs7_data.bin" PKCS7 Signed Data Verification Fail because of different data hash #13 -pkcs7_verify_tampered_data:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data_1.txt" +pkcs7_verify_tampered_data:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data_1.bin" PKCS7 Signed Data Parse Failure Corrupt signerInfo.issuer #15.1 pkcs7_parse_failure:"data_files/pkcs7_signerInfo_issuer_invalid_size.der"