OpenVPN 3 Core Library
Loading...
Searching...
No Matches
test_openssl_authcert.cpp
Go to the documentation of this file.
1// OpenVPN -- An application to securely tunnel IP networks
2// over a single port, with support for SSL/TLS-based
3// session authentication and key exchange,
4// packet encryption, packet authentication, and
5// packet compression.
6//
7// Copyright (C) 2012- OpenVPN Inc.
8//
9// SPDX-License-Identifier: MPL-2.0 OR AGPL-3.0-only WITH openvpn3-openssl-exception
10//
11
12
13#include "test_common.hpp"
14
15using namespace openvpn;
16
17#ifdef USE_OPENSSL
18
19#include <openvpn/auth/authcert.hpp>
20#include <openvpn/openssl/ssl/sslctx.hpp>
21
22static const std::string ca_str = "\n\
23-----BEGIN CERTIFICATE-----\n\
24MIIDSjCCAjKgAwIBAgIUfLhJAQO17QauTyTEDO518zSf4y0wDQYJKoZIhvcNAQEL\n\
25BQAwFTETMBEGA1UEAwwKUEctTVQtVGVzdDAgFw0yMjA5MjEyMTI1NThaGA8yMTIy\n\
26MDgyODIxMjU1OFowFTETMBEGA1UEAwwKUEctTVQtVGVzdDCCASIwDQYJKoZIhvcN\n\
27AQEBBQADggEPADCCAQoCggEBAL1nDTIADdH18KgZwwgFHH4uj7No3Qj1n983qna9\n\
28l+Ha4fQbnr3eoB8QrAzU+L5VlsPVeck2hReRx3He4T/ogm/uOTAvgTT72z4qpXS7\n\
29ys5ya28/G54Q6R3G8Flo7i02SaooQE0u/1k7fCUhO8p8URMUNI1eklVUgqZUdUWF\n\
30pDv8JZzpNX0KW5Q/yJF2wtTWbv0vObvwBHRHL0xhTNhgh7XCZtKoPGZIEvey0tBp\n\
3172mm3wDvgpuutdyL85NfkvLM6rr8s3nFaKphFSdy5edpzjCWPN47lEJj/G/B2nRQ\n\
32o5zXEJJJ6AzZO/5rSMy2IO4cex1jYZM9Lu/IvscS7BW9IyUCAwEAAaOBjzCBjDAd\n\
33BgNVHQ4EFgQURShYDUrq+7fvSbEsQ/FwzLVI70kwUAYDVR0jBEkwR4AURShYDUrq\n\
34+7fvSbEsQ/FwzLVI70mhGaQXMBUxEzARBgNVBAMMClBHLU1ULVRlc3SCFHy4SQED\n\
35te0Grk8kxAzudfM0n+MtMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqG\n\
36SIb3DQEBCwUAA4IBAQCEnCQvOfC8FoNgpGHPuBXKDgMDRmubU+hvibGCtOQGXU+o\n\
37f3jjxoLsn+qgop8FsyjS86yOH3mx6Y4nSTI/8nmHFHwSflJbnaMv2qBhsGr0Wrwd\n\
38wDhQ7W3H6KZFjZX9w8dFSTy1kuJn/U5xoZQj9ovztirmE7S5jP8oXsitY82L+a80\n\
392J7/+yCi0TJrXa2DLLK+UjqCU3NilnwV3GsNuj2Wgnfa+4/mIccIVyD55Jn7Vxpn\n\
40Iglk8X4JMDg5O5MMXtiUIkmUuAjrE9kP1LlX3q7tRYH0cyLpDUjl/+ENFafjcaOq\n\
41Cq6cUgLYAFN4Ihhmz2WasKJIIhJ7ZZVDN/HRDJnI\n\
42-----END CERTIFICATE-----\n\
43";
44
45static const std::string cert_str = "\n\
46-----BEGIN CERTIFICATE-----\n\
47MIIDYjCCAkqgAwIBAgIBATANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApQRy1N\n\
48VC1UZXN0MCAXDTIyMDkyMTIxMjU1OFoYDzIxMjIwODI4MjEyNTU4WjAWMRQwEgYD\n\
49VQQDDAt0ZXN0LXNlcnZlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n\
50ALvFb9swVPS8H2yTNfao5Cf7EhEkrlKIlLgQFDmsWZAxw8SKML7WCjdBLyw7K8CF\n\
51f3st1vmLG0LUULHAJo0MdeMMgdDDU15Q4gf1F9/vl1Qnko4/zDxI1o9sKJRmTdYS\n\
52ntkC4DWL+Y4EAO5e3x+Ae7N1knjQKfKomkvsfVvpjBFhELqYHoqSfHvxri5088aB\n\
5336+NIue1D+c6l/OaG5HS87MJLqNd4qC4EWQX4vZYnILxGRI/1wENUxtpk+jCCNVd\n\
54iXJG1qsAxrlQzEz0rn0cponoVVbTfXVN5KVTU3VDpm0TYRF7qKnOEmBMBqNWPtGo\n\
55feQ3LtHnB77Lw0HwwZwwI9kCAwEAAaOBuTCBtjAJBgNVHRMEAjAAMB0GA1UdDgQW\n\
56BBTY2utk9nPH3a2fAofge/OG5eRrujBQBgNVHSMESTBHgBRFKFgNSur7t+9JsSxD\n\
578XDMtUjvSaEZpBcwFTETMBEGA1UEAwwKUEctTVQtVGVzdIIUfLhJAQO17QauTyTE\n\
58DO518zSf4y0wEwYDVR0lBAwwCgYIKwYBBQUHAwEwCwYDVR0PBAQDAgWgMBYGA1Ud\n\
59EQQPMA2CC3Rlc3Qtc2VydmVyMA0GCSqGSIb3DQEBCwUAA4IBAQCrW1dkuTNSD9ly\n\
608htodCiDJbqIA87ui7Ecc/WNbsj7iBbfUYYffgeme3aaNSvJl0BQd/czcCOUpdLB\n\
61UEF8BltqvQxFGKDYCTf0UYSp8vOoeSahI65HjJ/J5vgdrO3YnwBKsPkO/XlDViDa\n\
627Ai9v64jxf2MXJ4YleIQujvhpJ/slu1sRuIyjVNp+un9n+9cB1UxjGv7g3EtUAYR\n\
63WJ3ZwKTXg6CKh2FwkWAKH85s1JRxrsAXUFqMV5t2+OBjGxiUi8e+ioEqxDmdVSj6\n\
64maEDfbDAJAchP61YODqHEGiEXKCdiGF47a+aV/WGjiuS+htFg5qWnk2RPC64PNax\n\
65UTrzK+hr\n\
66-----END CERTIFICATE-----\n\
67";
68
69static const std::string cert64_str = "\n\
70-----BEGIN CERTIFICATE-----\n\
71MIIDhTCCAm2gAwIBAgIIASNFZ4mrze8wDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE\n\
72AwwKUEctTVQtVGVzdDAgFw0yMjA5MjEyMTI1NThaGA8yMTIyMDgyODIxMjU1OFow\n\
73JDEiMCAGA1UEAwwZdGVzdC1zZXJ2ZXItNjQtYml0LXNlcmlhbDCCASIwDQYJKoZI\n\
74hvcNAQEBBQADggEPADCCAQoCggEBANQv7dyvXDwDCZRseoMPytCtTysh9U74yELD\n\
75Crh1vbC0NgDL/rlEfXGTWJd7R0hdTXdHhKkL2QfpXwxr6qNnVyp/WuZkxd6f+Rk8\n\
76lIdEZAOSgXH03wySSDbwfMBmDYW1V4mH9ac3mL+SWPfGSBR3PEZDe1XiwOhakutT\n\
77j0487TeCuupLUfVCco7imhhYKIl+Vqz4iihucXTF+FS4JLGMuFcwXglWwNZj+Tjn\n\
78in/KXVcyvyMn5mQc/I1S6hQ55RAyms3AP7XSB3uZmyS1cWFQvCSMV5w22WrvZ3R0\n\
79rJtL+CI5DNRmM1UASmG9L+WSestJTYwgvH4sRtSqBALsLrs+giMCAwEAAaOBxzCB\n\
80xDAJBgNVHRMEAjAAMB0GA1UdDgQWBBR1oQ5PQVTk2KTcaZOLkr7UQe4ejDBQBgNV\n\
81HSMESTBHgBRFKFgNSur7t+9JsSxD8XDMtUjvSaEZpBcwFTETMBEGA1UEAwwKUEct\n\
82TVQtVGVzdIIUfLhJAQO17QauTyTEDO518zSf4y0wEwYDVR0lBAwwCgYIKwYBBQUH\n\
83AwEwCwYDVR0PBAQDAgWgMCQGA1UdEQQdMBuCGXRlc3Qtc2VydmVyLTY0LWJpdC1z\n\
84ZXJpYWwwDQYJKoZIhvcNAQELBQADggEBAAQlQDEd2hxjXcwaGMQCplrIz3JVeZVE\n\
85IiXHd5rqfXSTmJVCjvTOaTN7d9pc98OyPQQc1l6XGqQ4MR/tn8JZ34ooTfS/KaBp\n\
8622yTI8OqDRTWvemg92D5saP69hML/SJv02nKvcbIWgbVXk4Q132TTJjKgyQgA7I6\n\
87fVleMn4Uk34MetJGOzm4w1AulHI3C4j5FhIB306C6gtFroH7PYFj/WwDHKzwXKNb\n\
88vCM9eK5hz+PSFYduNlEvWDTwdO0BuDBT0iyL1y220jlZf0KCFQmRXD2rJazIvsaM\n\
89/hJslb5Fn8CR924uLsy9Q2/sTwvuzjl6M3IxRvIgLWABls4GjiNHIO8=\n\
90-----END CERTIFICATE-----\n\
91";
92
93static const std::string cert_neg_str = "\n\
94-----BEGIN CERTIFICATE-----\n\
95MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB\n\
968zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy\n\
97dGlmaWNhY2lvIChOSUYgUS0wODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1\n\
98YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYDVQQLEyxWZWdldSBodHRwczovL3d3\n\
99dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UECxMsSmVyYXJxdWlh\n\
100IEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMTBkVD\n\
101LUFDQzAeFw0wMzAxMDcyMzAwMDBaFw0zMTAxMDcyMjU5NTlaMIHzMQswCQYDVQQG\n\
102EwJFUzE7MDkGA1UEChMyQWdlbmNpYSBDYXRhbGFuYSBkZSBDZXJ0aWZpY2FjaW8g\n\
103KE5JRiBRLTA4MDExNzYtSSkxKDAmBgNVBAsTH1NlcnZlaXMgUHVibGljcyBkZSBD\n\
104ZXJ0aWZpY2FjaW8xNTAzBgNVBAsTLFZlZ2V1IGh0dHBzOi8vd3d3LmNhdGNlcnQu\n\
105bmV0L3ZlcmFycmVsIChjKTAzMTUwMwYDVQQLEyxKZXJhcnF1aWEgRW50aXRhdHMg\n\
106ZGUgQ2VydGlmaWNhY2lvIENhdGFsYW5lczEPMA0GA1UEAxMGRUMtQUNDMIIBIjAN\n\
107BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyLHT+KXQpWIR4NA9h0X84NzJB5R\n\
10885iKw5K4/0CQBXCHYMkAqbWUZRkiFRfCQ2xmRJoNBD45b6VLeqpjt4pEndljkYRm\n\
1094CgPukLjbo73FCeTae6RDqNfDrHrZqJyTxIThmV6PttPB/SnCWDaOkKZx7J/sxaV\n\
110HMf5NLWUhdWZXqBIoH7nF2W4onW4HvPlQn2v7fOKSGRdghST2MDk/7NQcvJ29rNd\n\
111QlB50JQ+awwAvthrDk4q7D7SzIKiGGUzE3eeml0aE9jD2z3Il3rucO2n5nzbcc8t\n\
112lGLfbdb1OL4/pYUKGbio2Al1QnDE6u/LDsg0qBIimAy4E5S2S+zw0JDnJwIDAQAB\n\
113o4HjMIHgMB0GA1UdEQQWMBSBEmVjX2FjY0BjYXRjZXJ0Lm5ldDAPBgNVHRMBAf8E\n\
114BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUoMOLRKo3pUW/l4Ba0fF4\n\
115opvpXY0wfwYDVR0gBHgwdjB0BgsrBgEEAfV4AQMBCjBlMCwGCCsGAQUFBwIBFiBo\n\
116dHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbDA1BggrBgEFBQcCAjApGidW\n\
117ZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAwDQYJKoZIhvcN\n\
118AQEFBQADggEBAKBIW4IB9k1IuDlVNZyAelOZ1Vr/sXE7zDkJlF7W2u++AVtd0x7Y\n\
119/X1PzaBB4DSTv8vihpw3kpBWHNzrKQXlxJ7HNd+KDM3FIUPpqojlNcAZQmNaAl6k\n\
120SBg6hW/cnbw/nZzBh7h6YQjpdwt/cKt63dmXLGQehb+8dJahw3oS7AwaboMMPOhy\n\
121Rp/7SNVel+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOS\n\
122Agu+TGbrIP65y7WZf+a2E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xl\n\
123nJ2lYJU6Un/10asIbvPuW/mIPX64b24D5EI=\n\
124-----END CERTIFICATE-----\n\
125";
126
127TEST(authcert_openssl, ca)
128{
129 AuthCert ac;
130 OpenSSLContext::load_cert_info_into_authcert(ac, ca_str);
131 ASSERT_TRUE(ac.defined());
132 ASSERT_TRUE(ac.sn_defined());
133 ASSERT_EQ(ac.serial_number_as_int64(), -1);
134 ASSERT_EQ(ac.to_string(), "CN=PG-MT-Test SN=7c:b8:49:01:03:b5:ed:06:ae:4f:24:c4:0c:ee:75:f3:34:9f:e3:2d ISSUER_FP=1d7dad803066f6d18771fb42b45a21618bb261cc");
135}
136
137TEST(authcert_openssl, cert)
138{
139 AuthCert ac;
140 OpenSSLContext::load_cert_info_into_authcert(ac, cert_str);
141 ASSERT_TRUE(ac.defined());
142 ASSERT_TRUE(ac.sn_defined());
143 ASSERT_EQ(ac.serial_number_as_int64(), 1);
144 ASSERT_EQ(ac.to_string(), "CN=test-server SN=01 ISSUER_FP=d79cbf8db337fdb401d63a3a905a7bf712f693c1");
145}
146
147TEST(authcert_openssl, cert64)
148{
149 AuthCert ac;
150 OpenSSLContext::load_cert_info_into_authcert(ac, cert64_str);
151 ASSERT_TRUE(ac.defined());
152 ASSERT_TRUE(ac.sn_defined());
153 ASSERT_EQ(ac.serial_number_as_int64(), 81985529216486895);
154 ASSERT_EQ(ac.to_string(), "CN=test-server-64-bit-serial SN=01:23:45:67:89:ab:cd:ef ISSUER_FP=c62493563a3c04f6fbd839ef499394400a60ac55");
155}
156
157TEST(authcert_openssl, sn_0)
158{
159 AuthCert ac("sn_0", 0);
160 ASSERT_TRUE(ac.defined());
161 ASSERT_TRUE(ac.sn_defined());
162 ASSERT_EQ(ac.serial_number_as_int64(), 0);
163 ASSERT_EQ(ac.to_string(), "CN=sn_0 SN=00 ISSUER_FP=0000000000000000000000000000000000000000");
164}
165
166TEST(authcert_openssl, sn_1)
167{
168 AuthCert ac("sn_1", 1);
169 ASSERT_TRUE(ac.defined());
170 ASSERT_TRUE(ac.sn_defined());
171 ASSERT_EQ(ac.serial_number_as_int64(), 1);
172 ASSERT_EQ(ac.to_string(), "CN=sn_1 SN=01 ISSUER_FP=0000000000000000000000000000000000000000");
173}
174
175TEST(authcert_openssl, sn_255)
176{
177 AuthCert ac("sn_255", 255);
178 ASSERT_TRUE(ac.defined());
179 ASSERT_TRUE(ac.sn_defined());
180 ASSERT_EQ(ac.serial_number_as_int64(), 255);
181 ASSERT_EQ(ac.to_string(), "CN=sn_255 SN=ff ISSUER_FP=0000000000000000000000000000000000000000");
182}
183
184TEST(authcert_openssl, sn_256)
185{
186 AuthCert ac("sn_256", 256);
187 ASSERT_TRUE(ac.defined());
188 ASSERT_TRUE(ac.sn_defined());
189 ASSERT_EQ(ac.serial_number_as_int64(), 256);
190 ASSERT_EQ(ac.to_string(), "CN=sn_256 SN=01:00 ISSUER_FP=0000000000000000000000000000000000000000");
191}
192
193TEST(authcert_openssl, sn_32bit_pre)
194{
195 AuthCert ac("sn_32bit_pre", 4294967295ll);
196 ASSERT_TRUE(ac.defined());
197 ASSERT_TRUE(ac.sn_defined());
198 ASSERT_EQ(ac.serial_number_as_int64(), 4294967295ll);
199 ASSERT_EQ(ac.to_string(), "CN=sn_32bit_pre SN=ff:ff:ff:ff ISSUER_FP=0000000000000000000000000000000000000000");
200}
201
202TEST(authcert_openssl, sn_32bit_post)
203{
204 AuthCert ac("sn_32bit_post", 4294967296ll);
205 ASSERT_TRUE(ac.defined());
206 ASSERT_TRUE(ac.sn_defined());
207 ASSERT_EQ(ac.serial_number_as_int64(), 4294967296ll);
208 ASSERT_EQ(ac.to_string(), "CN=sn_32bit_post SN=01:00:00:00:00 ISSUER_FP=0000000000000000000000000000000000000000");
209}
210
211TEST(authcert_openssl, sn_64bit)
212{
213 AuthCert ac("sn_64bit", 81985529216486895ll);
214 ASSERT_TRUE(ac.defined());
215 ASSERT_TRUE(ac.sn_defined());
216 ASSERT_EQ(ac.serial_number_as_int64(), 81985529216486895ll);
217 ASSERT_EQ(ac.to_string(), "CN=sn_64bit SN=01:23:45:67:89:ab:cd:ef ISSUER_FP=0000000000000000000000000000000000000000");
218}
219
220TEST(authcert_openssl, empty)
221{
222 AuthCert ac;
223 ASSERT_FALSE(ac.defined());
224 ASSERT_FALSE(ac.sn_defined());
225}
226
227TEST(authcert_openssl, neg)
228{
229 AuthCert ac;
230 OpenSSLContext::load_cert_info_into_authcert(ac, cert_neg_str);
231 ASSERT_TRUE(ac.defined());
232 ASSERT_FALSE(ac.sn_defined());
233 ASSERT_EQ(ac.serial_number_as_int64(), -1);
234 ASSERT_EQ(ac.to_string(), "CN=EC-ACC ISSUER_FP=28903a635b5280fae6774c0b6da7d6baa64af2e8");
235}
236
237static void verify_serial_parse(const std::string &parse, const std::string &expected)
238{
239 const AuthCert::Serial ser(parse);
240 if (ser.to_string() != expected)
241 THROW_FMT("verify_serial_parse: parse=%s expected=%s actual=%s", parse, expected, ser.to_string());
242 const AuthCert::Serial ser1(ser.to_string());
243 if (ser != ser1)
244 THROW_FMT("verify_serial_parse: roundtrip failed (object) parse=%s expected=%s actual=[%s,%s]", parse, expected, ser.to_string(), ser1.to_string());
245 if (ser.to_string() != ser1.to_string())
246 THROW_FMT("verify_serial_parse: roundtrip failed (to_string) parse=%s expected=%s actual=[%s,%s]", parse, expected, ser.to_string(), ser1.to_string());
247}
248
249TEST(authcert_openssl, serial_parse)
250{
251 // successful cases
252 verify_serial_parse("0", "00");
253 verify_serial_parse("00", "00");
254 verify_serial_parse("1", "01");
255 verify_serial_parse("11", "11");
256 verify_serial_parse("11:ff", "11:ff");
257 verify_serial_parse("11ff", "11:ff");
258 verify_serial_parse("1ff", "01:ff");
259 verify_serial_parse("01ff", "01:ff");
260 verify_serial_parse("001ff", "01:ff");
261 verify_serial_parse("1:ff", "01:ff");
262 verify_serial_parse("1:f", "01:0f");
263 verify_serial_parse("01:0f", "01:0f");
264 verify_serial_parse("0:1:2:3:4:5:6:7:8:9:a:b:c:d:e:f", "01:02:03:04:05:06:07:08:09:0a:0b:0c:0d:0e:0f");
265 verify_serial_parse("11:22:33:44:55:66:77:88:99:aa:BB:cc:dd:ee:ff:00:0f:1f:2f:3f", "11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:0f:1f:2f:3f");
266 verify_serial_parse("112233445566778899aaBBccddeeff000f1f2f3f", "11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:0f:1f:2f:3f");
267 verify_serial_parse("112233445566778899aaBBccddeeff:000f1f2f3f", "11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:0f:1f:2f:3f");
268 verify_serial_parse("00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00", "00");
269 verify_serial_parse("00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:01", "01");
270 verify_serial_parse("01:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00", "01:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00");
271 verify_serial_parse("ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff", "ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff");
272
273 // failure cases
274
275 JY_EXPECT_THROW(
276 { const AuthCert::Serial ser(""); },
277 AuthCert::Serial::serial_number_error,
278 "expected leading serial number hex digit");
279
280 JY_EXPECT_THROW(
281 { const AuthCert::Serial ser(" "); },
282 AuthCert::Serial::serial_number_error,
283 "' ' is not a hex char");
284
285 JY_EXPECT_THROW(
286 { const AuthCert::Serial ser(":"); },
287 AuthCert::Serial::serial_number_error,
288 "spurious colon");
289
290 JY_EXPECT_THROW(
291 { const AuthCert::Serial ser(":aa"); },
292 AuthCert::Serial::serial_number_error,
293 "expected leading serial number hex digit");
294
295 JY_EXPECT_THROW(
296 { const AuthCert::Serial ser("aa:"); },
297 AuthCert::Serial::serial_number_error,
298 "spurious colon");
299
300 JY_EXPECT_THROW(
301 { const AuthCert::Serial ser("x"); },
302 AuthCert::Serial::serial_number_error,
303 "'x' is not a hex char");
304
305 JY_EXPECT_THROW(
306 { const AuthCert::Serial ser("1:2:3x:4"); },
307 AuthCert::Serial::serial_number_error,
308 "'x' is not a hex char");
309
310 JY_EXPECT_THROW(
311 { const AuthCert::Serial ser("aa::bb"); },
312 AuthCert::Serial::serial_number_error,
313 "spurious colon");
314
315 JY_EXPECT_THROW(
316 { const AuthCert::Serial ser("11:22:33:44:55:66:77:88:99:aa:BB:cc:dd:ee:ff:00:0f:1f:2f:3f:4f"); },
317 AuthCert::Serial::serial_number_error,
318 "serial number too large (C2)");
319
320 JY_EXPECT_THROW(
321 { const AuthCert::Serial ser("112233445566778899aaBBccddeeff000f1f2f3ff"); },
322 AuthCert::Serial::serial_number_error,
323 "serial number too large (C2)");
324}
325
326#ifdef OPENVPN_JSON_INTERNAL
327
328TEST(authcert_openssl, sn_json_1)
329{
330 const Json::Value jv(81985529216486895ll);
331 const AuthCert::Serial ser(jv);
332 ASSERT_EQ(ser.to_string(), "01:23:45:67:89:ab:cd:ef");
333}
334
335TEST(authcert_openssl, sn_json_2)
336{
337 const Json::Value jv("01:23:45:67:89:ab:cd:ef");
338 const AuthCert::Serial ser(jv);
339 ASSERT_EQ(ser.to_string(), "01:23:45:67:89:ab:cd:ef");
340}
341
342TEST(authcert_openssl, sn_json_type_err)
343{
344 JY_EXPECT_THROW(
345 {
346 const Json::Value jv;
347 const AuthCert::Serial ser(jv);
348 },
349 AuthCert::Serial::serial_number_error,
350 "JSON serial is missing");
351}
352
353#endif
354
355#endif
openvpn::AuthCert::defined
bool defined() const
Definition authcert.hpp:366
openvpn::AuthCert::to_string
std::string to_string() const
Definition authcert.hpp:415
openvpn::AuthCert::sn_defined
bool sn_defined() const
Definition authcert.hpp:387
openvpn::AuthCert::serial_number_as_int64
std::int64_t serial_number_as_int64() const
Definition authcert.hpp:392
TEST
TEST(customcontrolchannel, msgroundtrip)
Definition test_acc.cpp:38
test_common.hpp
expected
const std::string expected
Definition test_format.cpp:32
JY_EXPECT_THROW
#define JY_EXPECT_THROW
Definition test_helper.hpp:427
THROW_FMT
#define THROW_FMT(...)
Definition test_helper.hpp:476