| Message ID | 20230315013516.1256700-1-selva.nair@gmail.com |
|---|---|
| Headers | show
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7300:2310:b0:9f:bfa4:120f with SMTP id r16csp2700347dye;
Tue, 14 Mar 2023 18:36:21 -0700 (PDT)
X-Google-Smtp-Source:
AK7set9N6hV+Mat+aXgkCd/dLDbmod8zhCVpA4vUdc2hKh9Z8FtrOYjnkuBYUA9y0M6duoy2lDYp
X-Received: by 2002:a05:6a20:258c:b0:cd:5334:e25e with SMTP id
k12-20020a056a20258c00b000cd5334e25emr39209852pzd.17.1678844181089;
Tue, 14 Mar 2023 18:36:21 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1678844181; cv=none;
d=google.com; s=arc-20160816;
b=GUH8Ow+EG5nYl6a4IeI0dzkmOBj3HekJTNR6V2EBHH+ju3pH0ztI/hhnilC6R8yMqd
MW9gq2+EI5n9gCctuJyxSIG9p4oHoSOBRJJ0seolehqNSLsl7V13LAOarYUEMvMcL8mx
7ltCTFz2izO4eGmJIddn+cdVP+13IsESr69rIYZGHxuoYtiDif08aiLmAi8E6AsoehyN
M42y1c8eKSpmaLcZDgHlITrbf+48wZ3mz6in3THrZpprM6m4iMzjxZkdsoUkkxPe8Xkg
SN7KUyQxc5M0uxXPtcTRrbfJ65iHWJt2+Hkq+bZ4vdUoUan5GrAlW40tjCw6dwI9T4Fh
ZefA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=errors-to:content-transfer-encoding:list-subscribe:list-help
:list-post:list-archive:list-unsubscribe:list-id:precedence:subject
:mime-version:message-id:date:to:from:dkim-signature:dkim-signature
:dkim-signature;
bh=dYdLQFXnMcwmvfvj+qlZ4zujcYmKNF/qvZCJh3qE3GE=;
b=PdR4NvusNsGu7whjjryCyfYZ32P7IoMPR/g1NG2LtmbGGGcTQM1YOnZdOSbD4YJ8lS
AavjYO6thgKxxoNOmhpv9FiNqgVr/WIZ7UOpYlzae1TC55zdiOxaZ8sVSDOGhgh/JUX6
4xyIqQYaKKyerUkj8/sctTgNdyFhk8lvWb3siNFq6WA6hIYz4Oeaj8DUJ73E142NpB5i
8Lv4AEd4FX8/L7przRljrerDwXk0wx6aaLy0cFnxjcgm94qUQJbwjKY/z7aLTJHHCamM
fbPbL6lx9C8Ks2rKwrvwXfIqgqhyFQG24cu4NAU/Aw2ThuPRnRy+8hi6M3elOuBGA2bl
BBXw==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b=FHS3lCRl;
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b=BJwBO4dA;
dkim=neutral (body hash did not verify) header.i=@gmail.com
header.s=20210112 header.b=AkLpq5lB;
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
by mx.google.com with ESMTPS id
b7-20020a656687000000b005033551a700si3554605pgw.438.2023.03.14.18.36.20
(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
Tue, 14 Mar 2023 18:36:21 -0700 (PDT)
Received-SPF: pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b=FHS3lCRl;
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b=BJwBO4dA;
dkim=neutral (body hash did not verify) header.i=@gmail.com
header.s=20210112 header.b=AkLpq5lB;
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com)
by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95)
(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
id 1pcG38-0008O4-VP;
Wed, 15 Mar 2023 01:35:31 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
(envelope-from <selva.nair@gmail.com>) id 1pcG38-0008Ny-0i
for openvpn-devel@lists.sourceforge.net;
Wed, 15 Mar 2023 01:35:30 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id:
Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID:
Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
List-Subscribe:List-Post:List-Owner:List-Archive;
bh=0aszoWjn4ODqhBLKFFxnNo7R7T+HSwAMwn9OmhdJjM4=; b=FHS3lCRlh3q6mqv7JbiFAPiu/x
6nvvJDhdx+3OGgKUA/DcHN4WKfnlgcUBleMWFWLf6vryWR0ubi61MyQokQb8KA9YXl5bOe2bndAAH
8MzHqbYtVV9D0xjHtmlSbXs5FxDx1u0srMhz6VmKfp4YVxyVZQFap+iO1UG0EdgWh0KE=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
;
h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From
:Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:
Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:
References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:
List-Owner:List-Archive; bh=0aszoWjn4ODqhBLKFFxnNo7R7T+HSwAMwn9OmhdJjM4=; b=B
JwBO4dA+ooW5+JOgFYjytMPUpNF7TgtlflRM+rVzI13ocYb0JmP/UwLvCvB2B0IDWn6VSV4ALAatC
0JHSS87/q0LaJYUojiuk1iJe03T8WY1o/U23erCVjZPMtnqZWjtb/OPJajvu31EfZIFzbrR5/277q
a9wNuocnzjIOi9Zo=;
Received: from mail-io1-f50.google.com ([209.85.166.50])
by sfi-mx-2.v28.lw.sourceforge.com with esmtps
(TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95)
id 1pcG35-0004Yg-BG for openvpn-devel@lists.sourceforge.net;
Wed, 15 Mar 2023 01:35:30 +0000
Received: by mail-io1-f50.google.com with SMTP id o12so1218974iow.6
for <openvpn-devel@lists.sourceforge.net>;
Tue, 14 Mar 2023 18:35:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112; t=1678844121; x=1681436121;
h=content-transfer-encoding:mime-version:message-id:date:subject:cc
:to:from:from:to:cc:subject:date:message-id:reply-to;
bh=0aszoWjn4ODqhBLKFFxnNo7R7T+HSwAMwn9OmhdJjM4=;
b=AkLpq5lBIgIAADhjLwygt/UnmByPTS8FqN57WvuJFX6jlVGuWe/eLGHECdhbGICO9u
7k0IIkiJVcEWjm5QzJyWihMvkhndRdgTp96u3HZBDokmGT9BFI4cCiGsjcD3XcglrzZR
5iGrm0TXQu4LmDeRQZSliy4WP9huNFDaino9zI7lNRgBRJ+aGjOj5owSVSdZUBN22eoc
tcAvSnZ8Bb6hHTMf7vTbvCACzh28pyUsJnFgIO1NHJWVEmpf6MDI2G+qvpsX72F2jpOf
IXzSZRxcqhIxyjOFKnxRWaB5V1YxN3dStsawJeAEuHnmqsV/BMYPi+kr5R9XOGoFa5e8
7B1w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112; t=1678844121; x=1681436121;
h=content-transfer-encoding:mime-version:message-id:date:subject:cc
:to:from:x-gm-message-state:from:to:cc:subject:date:message-id
:reply-to;
bh=0aszoWjn4ODqhBLKFFxnNo7R7T+HSwAMwn9OmhdJjM4=;
b=CXqu8hzwv7gQxUWOMYBpwFZTnG8Rc7CtmdrypFK7QuEeNXVICg5yGivRlXoDhsxeqq
oIzBdJJEPjuGNqT6XF8HVcGeGlHI64yXTJNemeROwk4GKvlTCwYDu7UuqECXvLoVn7t9
zONzb/wonLYoS1LRfdWJX6o0SuFfOVMtT3jyMVFzqaaEnk1/Eip/2i9L/4zSXhOvFalE
czunvWetPtDE9Swz9yci2Ui5no+wOhh9iw5ifKETRIq/75v8PHkpR4APvgh+QMdd7i7x
bLruqp36ScZVNnh0GOt850tEkMUqDKw627MwaeBi7WskCTNtMwfb4e4pyta+UQ714Z0P
MR0Q==
X-Gm-Message-State: AO0yUKWoPyeOURYee4oN+hs/8YzDRpmL7ZLlx4WrOpWrr2B5LA2R93rU
tD92C3CyopM+4720jDAO4g3Fn43m0fk=
X-Received: by 2002:a6b:f908:0:b0:74c:9cc4:647 with SMTP id
j8-20020a6bf908000000b0074c9cc40647mr9211797iog.1.1678844121526;
Tue, 14 Mar 2023 18:35:21 -0700 (PDT)
Received: from uranus.sansel.ca
(bras-vprn-tnhlon4053w-lp130-01-70-51-222-66.dsl.bell.ca. [70.51.222.66])
by smtp.gmail.com with ESMTPSA id
g2-20020a02c542000000b004054d7eede5sm816709jaj.22.2023.03.14.18.35.20
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 14 Mar 2023 18:35:21 -0700 (PDT)
From: selva.nair@gmail.com
To: openvpn-devel@lists.sourceforge.net
Date: Tue, 14 Mar 2023 21:35:12 -0400
Message-Id: <20230315013516.1256700-1-selva.nair@gmail.com>
X-Mailer: git-send-email 2.34.1
MIME-Version: 1.0
X-Spam-Score: -0.2 (/)
X-Spam-Report: Spam detection software,
running on the system "util-spamd-1.v13.lw.sourceforge.com",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: From: Selva Nair Import some sample certificates into
Windows
store for testing - 4 test certificates&keys imported to user store and
removed
at the end. Add tests for finding certificates in Windows certficate store
- test using SUBJ:, THUMB: and ISSUER: select-strings
Content analysis details: (-0.2 points, 6.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider [selva.nair[at]gmail.com]
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily
valid
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
-0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.166.50 listed in wl.mailspike.net]
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/,
no trust [209.85.166.50 listed in list.dnswl.org]
X-Headers-End: 1pcG35-0004Yg-BG
Subject: [Openvpn-devel] [PATCH 0/4] Add some tests for cryptoapi.c functions
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive:
<http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1760395715968303013?=
X-GMAIL-MSGID: =?utf-8?q?1760395715968303013?=
|
| Series |
Add some tests for cryptoapi.c functions
|
expand
|
Hi, On Tue, Mar 14, 2023 at 09:35:12PM -0400, selva.nair@gmail.com wrote: > From: Selva Nair <selva.nair@gmail.com> > > Import some sample certificates into Windows store for testing > - 4 test certificates&keys imported to user store > and removed at the end. [..] This is extremely valuable. Thanks. If I apply these 4 patches on top of "master", will the test then succeed, or will it show failure due to the not-yet-merged padding patch? gert
On Wed, Mar 15, 2023 at 4:30 AM Gert Doering <gert@greenie.muc.de> wrote: > Hi, > > On Tue, Mar 14, 2023 at 09:35:12PM -0400, selva.nair@gmail.com wrote: > > From: Selva Nair <selva.nair@gmail.com> > > > > Import some sample certificates into Windows store for testing > > - 4 test certificates&keys imported to user store > > and removed at the end. > [..] > > This is extremely valuable. Thanks. > > If I apply these 4 patches on top of "master", will the test then succeed, > or will it show failure due to the not-yet-merged padding patch? > As cryptoapi works correctly without the padding patch (only PKCS11 was affected), and this tests only exercises those bits should work without the padding patch. Though I tested it only with both included. Selva
From: Selva Nair <selva.nair@gmail.com> Import some sample certificates into Windows store for testing - 4 test certificates&keys imported to user store and removed at the end. Add tests for finding certificates in Windows certficate store - test using SUBJ:, THUMB: and ISSUER: select-strings Refactor SSL_CTX_use_CryptoAPI_certificate() - A minor reorganization avoids wrapping for the next test Add a test for signing with certificates in Windows store - Test loading keys into xkey-provider and sign a test message. The signature is then verified using OpenSSL. Sample output the test runs: https://github.com/selvanair/openvpn/actions/runs/4418774866/jobs/7746404938#step:8:1 src/openvpn/cryptoapi.c | 63 ++-- tests/unit_tests/openvpn/Makefile.am | 1 + tests/unit_tests/openvpn/cert_data.h | 166 +++++++++ tests/unit_tests/openvpn/test_cryptoapi.c | 429 +++++++++++++++++++++- 4 files changed, 635 insertions(+), 24 deletions(-) create mode 100644 tests/unit_tests/openvpn/cert_data.h