summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJob Snijders <job@cvs.openbsd.org>2021-10-11 17:32:28 +0000
committerJob Snijders <job@cvs.openbsd.org>2021-10-11 17:32:28 +0000
commit37ea59e424cca99a480bc267b7a18743e615f87e (patch)
treef14cdb3fddb333c91d3bebfb49c1d886015c9bfb
parent84ad07567c4577f10050e880dc47c02f3c97583c (diff)
Fold bgpsec cert & traditional certs into same test
-rw-r--r--regress/usr.sbin/rpki-client/Makefile.inc8
-rw-r--r--regress/usr.sbin/rpki-client/cer/Vr46VDCUfrRNL9yZAy4mxfEAspQ.cer (renamed from regress/usr.sbin/rpki-client/bgpsec/Vr46VDCUfrRNL9yZAy4mxfEAspQ.cer)bin875 -> 875 bytes
-rw-r--r--regress/usr.sbin/rpki-client/test-bgpsec.c124
-rw-r--r--regress/usr.sbin/rpki-client/test-cert.c21
4 files changed, 14 insertions, 139 deletions
diff --git a/regress/usr.sbin/rpki-client/Makefile.inc b/regress/usr.sbin/rpki-client/Makefile.inc
index cb6d1e07398..cb5ef1b9a4f 100644
--- a/regress/usr.sbin/rpki-client/Makefile.inc
+++ b/regress/usr.sbin/rpki-client/Makefile.inc
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile.inc,v 1.13 2021/10/07 10:34:39 claudio Exp $
+# $OpenBSD: Makefile.inc,v 1.14 2021/10/11 17:32:27 job Exp $
.PATH: ${.CURDIR}/../../../../usr.sbin/rpki-client
@@ -8,7 +8,6 @@ PROGS += test-gbr
PROGS += test-mft
PROGS += test-roa
PROGS += test-tal
-PROGS += test-bgpsec
.for p in ${PROGS}
REGRESS_TARGETS += run-regress-$p
@@ -32,11 +31,6 @@ run-regress-test-cert: test-cert
./test-cert -v ${.CURDIR}/../cer/*.cer
./test-cert -vt ${TALARGS:S,,${.CURDIR}/../&,}
-SRCS_test-bgpsec+= test-bgpsec.c cert.c cms.c x509.c ip.c as.c io.c \
- log.c tal.c validate.c encoding.c
-run-regress-test-bgpsec: test-bgpsec
- ./test-bgpsec -v ${.CURDIR}/../bgpsec/*.cer
-
SRCS_test-mft+= test-mft.c mft.c cms.c x509.c io.c log.c validate.c \
encoding.c dummy.c
run-regress-test-mft: test-mft
diff --git a/regress/usr.sbin/rpki-client/bgpsec/Vr46VDCUfrRNL9yZAy4mxfEAspQ.cer b/regress/usr.sbin/rpki-client/cer/Vr46VDCUfrRNL9yZAy4mxfEAspQ.cer
index 5eb4fc0be20..5eb4fc0be20 100644
--- a/regress/usr.sbin/rpki-client/bgpsec/Vr46VDCUfrRNL9yZAy4mxfEAspQ.cer
+++ b/regress/usr.sbin/rpki-client/cer/Vr46VDCUfrRNL9yZAy4mxfEAspQ.cer
Binary files differ
diff --git a/regress/usr.sbin/rpki-client/test-bgpsec.c b/regress/usr.sbin/rpki-client/test-bgpsec.c
deleted file mode 100644
index 4ac3ada9a5a..00000000000
--- a/regress/usr.sbin/rpki-client/test-bgpsec.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* $Id: test-bgpsec.c,v 1.2 2021/10/11 16:55:18 job Exp $ */
-/*
- * Copyright (c) 2021 Job Snijders <job@sobornost.net>
- * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include <sys/socket.h>
-#include <arpa/inet.h>
-
-#include <assert.h>
-#include <err.h>
-#include <inttypes.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/x509v3.h>
-
-#include "extern.h"
-
-#include "test-common.c"
-
-int verbose;
-
-static void
-cert_print(const struct cert *p)
-{
- size_t i;
- char buf1[64], buf2[64];
- int sockt;
- BIO *bio_out = NULL;
- char tbuf[21];
-
- assert(p != NULL);
-
- if ((bio_out = BIO_new_fp(stdout, BIO_NOCLOSE)) == NULL)
- errx(1, "BIO_new_fp");
-
- printf("Subject key identifier: %s\n", pretty_key_id(p->ski));
- printf("Authority key identifier: %s\n", pretty_key_id(p->aki));
- printf("Authority info access: %s\n", p->aia);
- printf("Revocation list: %s\n", p->crl);
- strftime(tbuf, sizeof(tbuf), "%FT%TZ", gmtime(&p->expires));
- printf("Key valid until: %s\n", tbuf);
-
- for (i = 0; i < p->asz; i++)
- switch (p->as[i].type) {
- case CERT_AS_ID:
- printf("%5zu: AS: %"
- PRIu32 "\n", i + 1, p->as[i].id);
- break;
- case CERT_AS_RANGE:
- printf("%5zu: AS: %"
- PRIu32 "--%" PRIu32 "\n", i + 1,
- p->as[i].range.min, p->as[i].range.max);
- break;
- default:
- printf("%5zu: AS: invalid element", i + 1);
- }
-
- printf("P-256 ECDSA key: %s", p->bgpsec_pubkey);
-}
-
-int
-main(int argc, char *argv[])
-{
- int c, i, verb = 0;
- X509 *xp = NULL;
- struct cert *p;
-
- ERR_load_crypto_strings();
- OpenSSL_add_all_ciphers();
- OpenSSL_add_all_digests();
-
- while ((c = getopt(argc, argv, "v")) != -1)
- switch (c) {
- case 'v':
- verb++;
- break;
- default:
- errx(1, "bad argument %c", c);
- }
-
- argv += optind;
- argc -= optind;
-
- if (argc == 0)
- errx(1, "argument missing");
-
- for (i = 0; i < argc; i++) {
- p = cert_parse(&xp, argv[i]);
- if (p == NULL)
- break;
- if (verb)
- cert_print(p);
- cert_free(p);
- X509_free(xp);
- }
-
- EVP_cleanup();
- CRYPTO_cleanup_all_ex_data();
- ERR_free_strings();
-
- if (i < argc)
- errx(1, "test failed for %s", argv[i]);
-
- printf("\nOK\n");
- return 0;
-}
diff --git a/regress/usr.sbin/rpki-client/test-cert.c b/regress/usr.sbin/rpki-client/test-cert.c
index 3fa2e69386e..f7385d4f84e 100644
--- a/regress/usr.sbin/rpki-client/test-cert.c
+++ b/regress/usr.sbin/rpki-client/test-cert.c
@@ -1,4 +1,4 @@
-/* $Id: test-cert.c,v 1.11 2021/10/07 10:34:39 claudio Exp $ */
+/* $Id: test-cert.c,v 1.12 2021/10/11 17:32:27 job Exp $ */
/*
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
*
@@ -46,19 +46,23 @@ cert_print(const struct cert *p)
assert(p != NULL);
- printf("Manifest: %s\n", p->mft);
- printf("caRepository: %s\n", p->repo);
- if (p->notify != NULL)
- printf("Notify URL: %s\n", p->notify);
- if (p->crl != NULL)
- printf("Revocation list: %s\n", p->crl);
printf("Subject key identifier: %s\n", pretty_key_id(p->ski));
if (p->aki != NULL)
printf("Authority key identifier: %s\n", pretty_key_id(p->aki));
if (p->aia != NULL)
printf("Authority info access: %s\n", p->aia);
+ if (p->mft != NULL)
+ printf("Manifest: %s\n", p->mft);
+ if (p->repo != NULL)
+ printf("caRepository: %s\n", p->repo);
+ if (p->notify != NULL)
+ printf("Notify URL: %s\n", p->notify);
+ if (p->bgpsec_pubkey != NULL)
+ printf("BGPsec P-256 ECDSA public key: %s\n", p->bgpsec_pubkey);
strftime(tbuf, sizeof(tbuf), "%FT%TZ", gmtime(&p->expires));
- printf("CA valid until: %s\n", tbuf);
+ printf("Valid until: %s\n", tbuf);
+
+ printf("Subordinate Resources:\n");
for (i = 0; i < p->asz; i++)
switch (p->as[i].type) {
@@ -94,6 +98,7 @@ cert_print(const struct cert *p)
printf("%5zu: IP: %s--%s\n", i + 1, buf1, buf2);
break;
}
+
}
int