test tls UPDATE add ec key tls test

roman · michalvasko · commit acfb5cb8f7d4 · 2024-11-13T11:16:17.000+01:00
diff --git a/tests/data/0b527f1f.0 b/tests/data/0b527f1f.0
@@ -0,0 +1 @@
+ec_serverca.pem
diff --git a/tests/data/ec_server.crt b/tests/data/ec_server.crt
@@ -0,0 +1,53 @@
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number: 3 (0x3)
+        Signature Algorithm: sha256WithRSAEncryption
+        Issuer: C=CZ, ST=Some-State, O=CESNET, OU=TMC, CN=clientca
+        Validity
+            Not Before: Nov 13 09:26:01 2024 GMT
+            Not After : Nov 11 09:26:01 2034 GMT
+        Subject: C=CZ, ST=Some-State, O=CESNET, OU=TMC, CN=127.0.0.1
+        Subject Public Key Info:
+            Public Key Algorithm: id-ecPublicKey
+                Public-Key: (256 bit)
+                pub:
+                    04:21:8f:4c:09:ed:6c:ef:8e:17:09:f6:71:15:df:
+                    6b:bc:55:ee:62:b8:06:66:b0:83:d0:31:6a:58:eb:
+                    ca:1d:ed:3a:d7:a5:35:f9:c1:83:e7:2a:e7:3a:0b:
+                    a8:0d:8e:d8:48:91:44:f0:33:70:a2:a4:fa:14:b7:
+                    6e:74:cf:e3:13
+                ASN1 OID: prime256v1
+                NIST CURVE: P-256
+    Signature Algorithm: sha256WithRSAEncryption
+    Signature Value:
+        c1:b3:2c:22:63:44:7e:ed:bc:59:0b:88:36:a6:a3:b5:9c:13:
+        25:e9:35:17:a8:ed:51:a6:54:98:46:fa:68:cf:82:af:85:1e:
+        66:ff:86:64:f6:b7:cb:2f:2a:7d:f1:f0:f0:5c:85:40:86:99:
+        0f:12:2f:7c:14:9b:27:25:ed:6b:5a:a7:80:8b:8e:e0:17:7b:
+        d0:a0:45:aa:d3:6d:b8:8b:cc:46:c7:b7:01:8b:fa:bc:2e:5d:
+        18:77:c0:87:9b:37:16:a1:b0:3c:cc:72:44:4a:3e:c3:0f:6f:
+        60:5e:ae:a1:0d:08:54:49:96:f0:aa:84:9a:00:da:63:bd:0a:
+        fb:d7:93:3e:8a:e5:c0:64:31:01:c7:14:47:0f:94:d4:4e:c9:
+        c2:3d:28:7b:18:60:64:c7:d1:1f:f8:47:86:f5:68:ea:bf:e6:
+        b5:f1:43:19:e1:55:c1:20:73:7e:71:9f:9e:08:9b:7c:4c:5c:
+        61:62:6f:3f:64:1d:d6:f2:52:42:fe:a6:c9:5d:ce:24:8a:f8:
+        d7:2b:a6:0f:ca:ec:4a:92:da:31:f3:d3:fd:01:5f:ea:2a:c5:
+        d6:0e:b0:04:43:f9:60:71:e4:42:6d:43:34:d2:9b:31:59:9e:
+        c8:b9:6b:b2:67:0a:ff:fb:f4:a7:27:ec:c0:2d:83:b0:1e:03:
+        9d:a0:05:f8
+-----BEGIN CERTIFICATE-----
+MIICUjCCAToCAQMwDQYJKoZIhvcNAQELBQAwVDELMAkGA1UEBhMCQ1oxEzARBgNV
+BAgMClNvbWUtU3RhdGUxDzANBgNVBAoMBkNFU05FVDEMMAoGA1UECwwDVE1DMREw
+DwYDVQQDDAhjbGllbnRjYTAeFw0yNDExMTMwOTI2MDFaFw0zNDExMTEwOTI2MDFa
+MFUxCzAJBgNVBAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMQ8wDQYDVQQKDAZD
+RVNORVQxDDAKBgNVBAsMA1RNQzESMBAGA1UEAwwJMTI3LjAuMC4xMFkwEwYHKoZI
+zj0CAQYIKoZIzj0DAQcDQgAEIY9MCe1s744XCfZxFd9rvFXuYrgGZrCD0DFqWOvK
+He0616U1+cGD5yrnOguoDY7YSJFE8DNwoqT6FLdudM/jEzANBgkqhkiG9w0BAQsF
+AAOCAQEAwbMsImNEfu28WQuINqajtZwTJek1F6jtUaZUmEb6aM+Cr4UeZv+GZPa3
+yy8qffHw8FyFQIaZDxIvfBSbJyXta1qngIuO4Bd70KBFqtNtuIvMRse3AYv6vC5d
+GHfAh5s3FqGwPMxyREo+ww9vYF6uoQ0IVEmW8KqEmgDaY70K+9eTPorlwGQxAccU
+Rw+U1E7Jwj0oexhgZMfRH/hHhvVo6r/mtfFDGeFVwSBzfnGfngibfExcYWJvP2Qd
+1vJSQv6myV3OJIr41yumD8rsSpLaMfPT/QFf6irF1g6wBEP5YHHkQm1DNNKbMVme
+yLlrsmcK//v0pyfswC2DsB4DnaAF+A==
+-----END CERTIFICATE-----
diff --git a/tests/data/ec_server.key b/tests/data/ec_server.key
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIFIFZl3hkDpo1uqLRK8UeFo9Tm6tfgBjlvM1TcRZixy+oAoGCCqGSM49
+AwEHoUQDQgAEIY9MCe1s744XCfZxFd9rvFXuYrgGZrCD0DFqWOvKHe0616U1+cGD
+5yrnOguoDY7YSJFE8DNwoqT6FLdudM/jEw==
+-----END EC PRIVATE KEY-----
diff --git a/tests/data/ec_serverca.pem b/tests/data/ec_serverca.pem
@@ -0,0 +1,78 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 0 (0x0)
+        Signature Algorithm: sha256WithRSAEncryption
+        Issuer: C=CZ, ST=Some-State, O=CESNET, OU=TMC, CN=clientca
+        Validity
+            Not Before: Oct 25 11:00:37 2024 GMT
+            Not After : Oct 23 11:00:37 2034 GMT
+        Subject: C=CZ, ST=Some-State, O=CESNET, OU=TMC, CN=clientca
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:d3:59:56:1b:a0:75:ce:50:66:ce:60:77:69:87:
+                    8f:bc:6a:42:83:6c:64:49:89:10:54:59:2a:cd:c7:
+                    85:83:a2:dd:66:33:72:e9:2f:46:54:9c:a0:8b:f7:
+                    c7:76:01:d4:be:2a:54:6a:63:24:2a:65:a0:90:fe:
+                    63:71:33:ce:76:76:37:fa:6f:1c:66:86:d9:19:1f:
+                    2a:72:a4:ac:f9:56:95:58:d0:f5:c3:1d:c0:a9:c2:
+                    fe:89:cb:ac:04:18:a0:fa:14:eb:18:42:46:7b:fc:
+                    fe:a6:b6:26:70:c0:45:c4:79:9c:53:b9:0b:71:d4:
+                    c8:74:93:86:80:a5:76:38:16:0e:7f:a5:2e:bc:c4:
+                    4f:e5:7a:cd:ef:41:0b:02:9e:3d:f0:d8:62:aa:2c:
+                    89:68:51:22:44:6a:c2:2f:bc:77:10:20:38:dd:f0:
+                    5b:cb:31:a2:3c:9e:27:a2:3f:d1:61:25:14:35:05:
+                    ab:10:0f:f1:f9:49:40:e5:16:8f:e3:69:32:51:f9:
+                    01:20:ce:b1:18:e7:1f:11:76:ec:3c:74:f7:99:bd:
+                    a1:4e:53:6f:89:a4:95:6a:73:ae:6d:9a:7e:f3:78:
+                    11:df:bd:89:5b:e6:a1:c1:0b:92:57:ba:ba:6d:b0:
+                    8e:d7:5c:60:c0:ae:ca:e0:6d:31:6b:07:f1:98:8a:
+                    66:2f
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+            X509v3 Key Usage: critical
+                Certificate Sign
+            X509v3 Subject Key Identifier: 
+                CD:59:B8:BB:EB:BA:27:B2:66:3C:1C:05:76:9B:71:8A:68:EA:30:FD
+    Signature Algorithm: sha256WithRSAEncryption
+    Signature Value:
+        a6:2d:e1:9e:04:a5:0c:9d:6b:82:b9:f2:59:85:9f:ef:e4:ea:
+        eb:b9:ab:70:73:50:fa:1d:5d:0b:d7:7f:3e:32:f6:e5:27:01:
+        47:69:3a:a2:a2:d2:e0:4d:16:ad:9d:98:3c:ed:81:05:c6:12:
+        a1:92:85:95:7f:22:e7:d2:77:fe:53:be:fe:2c:74:2c:24:7b:
+        66:97:8c:0b:00:88:3e:96:87:1c:6a:0e:70:98:81:10:c1:84:
+        f4:98:4b:60:77:9c:24:a7:b2:a5:44:e8:05:da:a5:6c:62:77:
+        68:f9:2e:73:3c:c6:2c:ad:3a:ff:4a:67:a0:da:23:84:ea:bc:
+        d9:cb:f9:45:13:e3:38:26:c7:f1:60:95:f3:3f:2f:81:98:0b:
+        58:60:72:5f:c9:ef:1f:76:b2:05:03:8d:4f:3a:a8:eb:0a:c5:
+        a8:fd:a3:5f:a8:29:83:cb:9e:cb:13:24:a6:4a:33:95:22:fc:
+        26:90:dc:97:2c:53:ac:24:1a:60:d6:aa:e4:cd:14:12:84:61:
+        ea:15:28:5a:79:f3:18:1e:bb:77:03:61:2c:b4:b6:d5:c5:99:
+        7c:a7:7c:8a:1b:c8:a0:2c:50:53:5d:fb:b4:81:23:bf:0a:b1:
+        9f:f0:b0:d3:ed:08:e2:4d:a7:50:44:be:3a:a0:c0:2c:70:0c:
+        e4:c8:71:15
+-----BEGIN CERTIFICATE-----
+MIIDZTCCAk2gAwIBAgIBADANBgkqhkiG9w0BAQsFADBUMQswCQYDVQQGEwJDWjET
+MBEGA1UECAwKU29tZS1TdGF0ZTEPMA0GA1UECgwGQ0VTTkVUMQwwCgYDVQQLDANU
+TUMxETAPBgNVBAMMCGNsaWVudGNhMB4XDTI0MTAyNTExMDAzN1oXDTM0MTAyMzEx
+MDAzN1owVDELMAkGA1UEBhMCQ1oxEzARBgNVBAgMClNvbWUtU3RhdGUxDzANBgNV
+BAoMBkNFU05FVDEMMAoGA1UECwwDVE1DMREwDwYDVQQDDAhjbGllbnRjYTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANNZVhugdc5QZs5gd2mHj7xqQoNs
+ZEmJEFRZKs3HhYOi3WYzcukvRlScoIv3x3YB1L4qVGpjJCploJD+Y3EzznZ2N/pv
+HGaG2RkfKnKkrPlWlVjQ9cMdwKnC/onLrAQYoPoU6xhCRnv8/qa2JnDARcR5nFO5
+C3HUyHSThoCldjgWDn+lLrzET+V6ze9BCwKePfDYYqosiWhRIkRqwi+8dxAgON3w
+W8sxojyeJ6I/0WElFDUFqxAP8flJQOUWj+NpMlH5ASDOsRjnHxF27Dx095m9oU5T
+b4mklWpzrm2afvN4Ed+9iVvmocELkle6um2wjtdcYMCuyuBtMWsH8ZiKZi8CAwEA
+AaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAgQwHQYDVR0OBBYE
+FM1ZuLvruieyZjwcBXabcYpo6jD9MA0GCSqGSIb3DQEBCwUAA4IBAQCmLeGeBKUM
+nWuCufJZhZ/v5Orruatwc1D6HV0L138+MvblJwFHaTqiotLgTRatnZg87YEFxhKh
+koWVfyLn0nf+U77+LHQsJHtml4wLAIg+loccag5wmIEQwYT0mEtgd5wkp7KlROgF
+2qVsYndo+S5zPMYsrTr/Smeg2iOE6rzZy/lFE+M4JsfxYJXzPy+BmAtYYHJfye8f
+drIFA41POqjrCsWo/aNfqCmDy57LEySmSjOVIvwmkNyXLFOsJBpg1qrkzRQShGHq
+FShaefMYHrt3A2EstLbVxZl8p3yKG8igLFBTXfu0gSO/CrGf8LDT7QjiTadQRL46
+oMAscAzkyHEV
+-----END CERTIFICATE-----
diff --git a/tests/test_tls.c b/tests/test_tls.c
@@ -72,6 +72,39 @@ test_nc_tls(void **state)
     }
 }
 
+static void
+test_nc_tls_ec_key(void **state)
+{
+    int ret, i;
+    pthread_t tids[2];
+    struct ln2_test_ctx *test_ctx;
+
+    assert_non_null(state);
+    test_ctx = *state;
+
+    ret = nc_server_config_add_tls_server_cert(test_ctx->ctx, "endpt", TESTS_DIR "/data/ec_server.key",
+            NULL, TESTS_DIR "/data/ec_server.crt", (struct lyd_node **)&test_ctx->test_data);
+    assert_int_equal(ret, 0);
+
+    ret = nc_server_config_setup_data(test_ctx->test_data);
+    assert_int_equal(ret, 0);
+
+    ret = pthread_create(&tids[0], NULL, client_thread, *state);
+    assert_int_equal(ret, 0);
+    ret = pthread_create(&tids[1], NULL, ln2_glob_test_server_thread, *state);
+    assert_int_equal(ret, 0);
+
+    for (i = 0; i < 2; i++) {
+        pthread_join(tids[i], NULL);
+    }
+}
+
+static void
+test_nc_tls_free_test_data(void *test_data)
+{
+    lyd_free_all(test_data);
+}
+
 static int
 setup_f(void **state)
 {
@@ -110,7 +143,8 @@ setup_f(void **state)
     ret = nc_server_config_setup_data(tree);
     assert_int_equal(ret, 0);
 
-    lyd_free_all(tree);
+    test_ctx->test_data = tree;
+    test_ctx->free_test_data = test_nc_tls_free_test_data;
 
     return 0;
 }
@@ -120,6 +154,7 @@ main(void)
 {
     const struct CMUnitTest tests[] = {
         cmocka_unit_test_setup_teardown(test_nc_tls, setup_f, ln2_glob_test_teardown),
+        cmocka_unit_test_setup_teardown(test_nc_tls_ec_key, setup_f, ln2_glob_test_teardown)
     };
 
     /* try to get ports from the environment, otherwise use the default */
