[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0_23-32-g2c1c
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0_23-32-g2c1cbfd |
|
Date: |
Sat, 22 Sep 2012 08:06:31 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=2c1cbfd513bea4374d6f118135fe21862d33c7a7
The branch, gnutls_3_0_x-2 has been updated
via 2c1cbfd513bea4374d6f118135fe21862d33c7a7 (commit)
via 8261d8da11208016ee3489dea8424de190c137a7 (commit)
via 94fcf71169b97b051bb4a4714ac2824a77cc557c (commit)
via 749033599f5b9cc6895af782fcaf47ad8c13d5d9 (commit)
via e2e617a634c70c7247f2dbfaa9105fa254bc767f (commit)
from 5f40c3aa2662f104b7ea4cd501e2473af2e65b30 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 2c1cbfd513bea4374d6f118135fe21862d33c7a7
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Sep 22 09:57:02 2012 +0200
small fix
commit 8261d8da11208016ee3489dea8424de190c137a7
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Sep 22 09:55:08 2012 +0200
removed test depending on 3.1 functions.
commit 94fcf71169b97b051bb4a4714ac2824a77cc557c
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Sep 22 00:59:40 2012 +0200
corrected bug in gnutls_x509_privkey_sign_data
commit 749033599f5b9cc6895af782fcaf47ad8c13d5d9
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Sep 22 02:04:04 2012 +0200
several cleanups
commit e2e617a634c70c7247f2dbfaa9105fa254bc767f
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Sep 21 19:47:42 2012 +0200
updated makefiles
-----------------------------------------------------------------------
Summary of changes:
doc/Makefile.am | 20 +-
doc/manpages/Makefile.am | 2 +
lib/auth/cert.c | 51 +---
lib/auth/dh_common.c | 12 +-
lib/auth/rsa.c | 2 +-
lib/auth/rsa_export.c | 1 -
lib/auth/srp_passwd.c | 19 +-
lib/crypto-backend.c | 3 +
lib/ext/safe_renegotiation.c | 2 -
lib/gnutls_constate.c | 2 -
lib/gnutls_handshake.c | 9 +-
lib/gnutls_session_pack.c | 55 ++--
lib/gnutls_str.c | 8 +-
lib/gnutls_x509.c | 3 +-
lib/nettle/pk.c | 2 +-
lib/opencdk/armor.c | 5 +-
lib/opencdk/keydb.c | 4 +-
lib/opencdk/literal.c | 1 -
lib/opencdk/stream.c | 2 +-
lib/opencdk/write-packet.c | 42 ++--
lib/pkcs11.c | 2 -
lib/x509/ocsp_output.c | 9 +-
lib/x509/privkey.c | 2 +-
tests/Makefile.am | 2 +-
tests/chainverify-unsorted.c | 747 ------------------------------------------
25 files changed, 109 insertions(+), 898 deletions(-)
delete mode 100644 tests/chainverify-unsorted.c
diff --git a/doc/Makefile.am b/doc/Makefile.am
index c43056b..a54f518 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -1035,6 +1035,14 @@ FUNCS += functions/gnutls_pk_algorithm_get_name
FUNCS += functions/gnutls_pk_algorithm_get_name.short
FUNCS += functions/gnutls_pk_bits_to_sec_param
FUNCS += functions/gnutls_pk_bits_to_sec_param.short
+FUNCS += functions/gnutls_pk_get_id
+FUNCS += functions/gnutls_pk_get_id.short
+FUNCS += functions/gnutls_pk_get_name
+FUNCS += functions/gnutls_pk_get_name.short
+FUNCS += functions/gnutls_pk_list
+FUNCS += functions/gnutls_pk_list.short
+FUNCS += functions/gnutls_pk_to_sign
+FUNCS += functions/gnutls_pk_to_sign.short
FUNCS += functions/gnutls_pkcs11_add_provider
FUNCS += functions/gnutls_pkcs11_add_provider.short
FUNCS += functions/gnutls_pkcs11_copy_secret_key
@@ -1171,14 +1179,6 @@ FUNCS += functions/gnutls_pkcs7_set_crt
FUNCS += functions/gnutls_pkcs7_set_crt.short
FUNCS += functions/gnutls_pkcs7_set_crt_raw
FUNCS += functions/gnutls_pkcs7_set_crt_raw.short
-FUNCS += functions/gnutls_pk_get_id
-FUNCS += functions/gnutls_pk_get_id.short
-FUNCS += functions/gnutls_pk_get_name
-FUNCS += functions/gnutls_pk_get_name.short
-FUNCS += functions/gnutls_pk_list
-FUNCS += functions/gnutls_pk_list.short
-FUNCS += functions/gnutls_pk_to_sign
-FUNCS += functions/gnutls_pk_to_sign.short
FUNCS += functions/gnutls_prf
FUNCS += functions/gnutls_prf.short
FUNCS += functions/gnutls_prf_raw
@@ -1813,10 +1813,10 @@ FUNCS += functions/gnutls_x509_crt_set_pubkey
FUNCS += functions/gnutls_x509_crt_set_pubkey.short
FUNCS += functions/gnutls_x509_crt_set_serial
FUNCS += functions/gnutls_x509_crt_set_serial.short
-FUNCS += functions/gnutls_x509_crt_set_subject_alternative_name
-FUNCS += functions/gnutls_x509_crt_set_subject_alternative_name.short
FUNCS += functions/gnutls_x509_crt_set_subject_alt_name
FUNCS += functions/gnutls_x509_crt_set_subject_alt_name.short
+FUNCS += functions/gnutls_x509_crt_set_subject_alternative_name
+FUNCS += functions/gnutls_x509_crt_set_subject_alternative_name.short
FUNCS += functions/gnutls_x509_crt_set_subject_key_id
FUNCS += functions/gnutls_x509_crt_set_subject_key_id.short
FUNCS += functions/gnutls_x509_crt_set_version
diff --git a/doc/manpages/Makefile.am b/doc/manpages/Makefile.am
index f871d72..1cf74cb 100644
--- a/doc/manpages/Makefile.am
+++ b/doc/manpages/Makefile.am
@@ -182,6 +182,7 @@ APIMANS += gnutls_dtls_set_timeouts.3
APIMANS += gnutls_dtls_get_mtu.3
APIMANS += gnutls_dtls_get_data_mtu.3
APIMANS += gnutls_dtls_set_mtu.3
+APIMANS += gnutls_dtls_set_data_mtu.3
APIMANS += gnutls_dtls_get_timeout.3
APIMANS += gnutls_dtls_cookie_send.3
APIMANS += gnutls_dtls_cookie_verify.3
@@ -283,6 +284,7 @@ APIMANS += gnutls_session_set_data.3
APIMANS += gnutls_session_get_data.3
APIMANS += gnutls_session_get_data2.3
APIMANS += gnutls_session_get_random.3
+APIMANS += gnutls_session_set_premaster.3
APIMANS += gnutls_session_get_id.3
APIMANS += gnutls_session_channel_binding.3
APIMANS += gnutls_session_is_resumed.3
diff --git a/lib/auth/cert.c b/lib/auth/cert.c
index f8f55be..0e9e0d9 100644
--- a/lib/auth/cert.c
+++ b/lib/auth/cert.c
@@ -1209,16 +1209,15 @@ cleanup:
#ifdef ENABLE_OPENPGP
static int
_gnutls_proc_openpgp_server_crt (gnutls_session_t session,
- uint8_t * data, size_t data_size)
+ uint8_t * data, size_t data_size)
{
int size, ret, len;
uint8_t *p = data;
cert_auth_info_t info;
gnutls_certificate_credentials_t cred;
ssize_t dsize = data_size;
- int x, key_type;
+ int key_type;
gnutls_pcert_st *peer_certificate_list = NULL;
- int peer_certificate_list_size = 0;
gnutls_datum_t tmp, akey = { NULL, 0 };
uint8_t subkey_id[GNUTLS_OPENPGP_KEYID_SIZE];
unsigned int subkey_id_set = 0;
@@ -1285,8 +1284,8 @@ _gnutls_proc_openpgp_server_crt (gnutls_session_t session,
}
/* read the actual key or fingerprint */
- if (key_type == PGP_KEY_FINGERPRINT
- || key_type == PGP_KEY_FINGERPRINT_SUBKEY)
+ if (key_type == PGP_KEY_FINGERPRINT ||
+ key_type == PGP_KEY_FINGERPRINT_SUBKEY)
{ /* the fingerprint */
DECR_LEN (dsize, 1);
@@ -1311,8 +1310,6 @@ _gnutls_proc_openpgp_server_crt (gnutls_session_t session,
return ret;
}
tmp = akey;
- peer_certificate_list_size++;
-
}
else if (key_type == PGP_KEY || key_type == PGP_KEY_SUBKEY)
{ /* the whole key */
@@ -1330,7 +1327,6 @@ _gnutls_proc_openpgp_server_crt (gnutls_session_t session,
}
DECR_LEN (dsize, len);
- peer_certificate_list_size++;
tmp.size = len;
tmp.data = p;
@@ -1344,16 +1340,9 @@ _gnutls_proc_openpgp_server_crt (gnutls_session_t
session,
/* ok we now have the peer's key in tmp datum
*/
-
- if (peer_certificate_list_size == 0)
- {
- gnutls_assert ();
- return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
- }
-
peer_certificate_list =
gnutls_calloc (1,
- sizeof (gnutls_pcert_st) * (peer_certificate_list_size));
+ sizeof (gnutls_pcert_st));
if (peer_certificate_list == NULL)
{
gnutls_assert ();
@@ -1376,7 +1365,7 @@ _gnutls_proc_openpgp_server_crt (gnutls_session_t session,
ret =
_gnutls_copy_certificate_auth_info (info,
peer_certificate_list,
- peer_certificate_list_size,
+ 1,
subkey_id_set,
(subkey_id_set !=
0) ? subkey_id : NULL);
@@ -1399,7 +1388,7 @@ _gnutls_proc_openpgp_server_crt (gnutls_session_t session,
cleanup:
_gnutls_free_datum (&akey);
- CLEAR_CERTS;
+ gnutls_pcert_deinit(&peer_certificate_list[0]);
gnutls_free (peer_certificate_list);
return ret;
@@ -1586,7 +1575,6 @@ _gnutls_gen_cert_client_crt_vrfy (gnutls_session_t
session,
gnutls_privkey_t apr_pkey;
int apr_cert_list_length;
gnutls_datum_t signature = { NULL, 0 };
- int total_data;
gnutls_sign_algorithm_t sign_algo;
gnutls_protocol_t ver = gnutls_protocol_get_version (session);
@@ -1616,14 +1604,6 @@ _gnutls_gen_cert_client_crt_vrfy (gnutls_session_t
session,
return 0;
}
- total_data = signature.size + 2;
-
- /* add hash and signature algorithms */
- if (_gnutls_version_has_selectable_sighash (ver))
- {
- total_data += 2;
- }
-
if (_gnutls_version_has_selectable_sighash (ver))
{
const sign_algorithm_st *aid;
@@ -1740,7 +1720,7 @@ _gnutls_gen_cert_server_cert_req (gnutls_session_t
session,
gnutls_buffer_st * data)
{
gnutls_certificate_credentials_t cred;
- int size, ret;
+ int ret;
uint8_t tmp_data[CERTTYPE_SIZE];
gnutls_protocol_t ver = gnutls_protocol_get_version (session);
@@ -1757,18 +1737,6 @@ _gnutls_gen_cert_server_cert_req (gnutls_session_t
session,
return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
}
- size = CERTTYPE_SIZE + 2; /* 2 for gnutls_certificate_type_t + 2 for
size of rdn_seq
- */
-
- if (session->security_parameters.cert_type == GNUTLS_CRT_X509 &&
- session->internals.ignore_rdn_sequence == 0)
- size += cred->x509_rdn_sequence.size;
-
- if (_gnutls_version_has_selectable_sighash (ver))
- /* Need two bytes to announce the number of supported hash
- functions (see below). */
- size += MAX_SIGN_ALGO_SIZE;
-
tmp_data[0] = CERTTYPE_SIZE - 1;
tmp_data[1] = RSA_SIGN;
tmp_data[2] = DSA_SIGN;
@@ -1790,9 +1758,6 @@ _gnutls_gen_cert_server_cert_req (gnutls_session_t
session,
return ret;
}
- /* recalculate size */
- size -= MAX_SIGN_ALGO_SIZE + ret;
-
ret = _gnutls_buffer_append_data (data, p, ret);
if (ret < 0)
return gnutls_assert_val (ret);
diff --git a/lib/auth/dh_common.c b/lib/auth/dh_common.c
index f4bba1a..ee1d5c7 100644
--- a/lib/auth/dh_common.c
+++ b/lib/auth/dh_common.c
@@ -228,7 +228,6 @@ _gnutls_proc_dh_common_server_kx (gnutls_session_t session,
DECR_LEN (data_size, n_Y);
data_Y = &data[i];
- i += n_Y;
_n_Y = n_Y;
_n_g = n_g;
@@ -297,26 +296,27 @@ _gnutls_dh_common_print_server_kx (gnutls_session_t
session,
ret = _gnutls_buffer_append_mpi(data, 16, p, 0);
if (ret < 0)
{
- ret = gnutls_assert_val(ret);
+ gnutls_assert();
goto cleanup;
}
ret = _gnutls_buffer_append_mpi(data, 16, g, 0);
if (ret < 0)
{
- ret = gnutls_assert_val(ret);
+ gnutls_assert();
goto cleanup;
}
ret = _gnutls_buffer_append_mpi(data, 16, Y, 0);
if (ret < 0)
{
- ret = gnutls_assert_val(ret);
+ gnutls_assert();
goto cleanup;
}
-
+
+ ret = data->length;
cleanup:
_gnutls_mpi_release (&Y);
- return data->length;
+ return ret;
}
diff --git a/lib/auth/rsa.c b/lib/auth/rsa.c
index 77a61f9..e985776 100644
--- a/lib/auth/rsa.c
+++ b/lib/auth/rsa.c
@@ -130,7 +130,7 @@ _gnutls_get_public_rsa_params (gnutls_session_t session,
cleanup:
gnutls_pcert_deinit (&peer_cert);
- return 0;
+ return ret;
}
static int
diff --git a/lib/auth/rsa_export.c b/lib/auth/rsa_export.c
index f93211d..d94023c 100644
--- a/lib/auth/rsa_export.c
+++ b/lib/auth/rsa_export.c
@@ -409,7 +409,6 @@ proc_rsa_export_server_kx (gnutls_session_t session,
DECR_LEN (data_size, n_e);
data_e = &data[i];
- i += n_e;
_n_e = n_e;
_n_m = n_m;
diff --git a/lib/auth/srp_passwd.c b/lib/auth/srp_passwd.c
index c00a6bb..18a96ab 100644
--- a/lib/auth/srp_passwd.c
+++ b/lib/auth/srp_passwd.c
@@ -45,7 +45,7 @@ static int _randomize_pwd_entry (SRP_PWD_ENTRY * entry);
* string(username):base64(v):base64(salt):int(index)
*/
static int
-pwd_put_values (SRP_PWD_ENTRY * entry, char *str)
+parse_tpasswd_values (SRP_PWD_ENTRY * entry, char *str)
{
char *p;
int len, ret;
@@ -135,7 +135,7 @@ pwd_put_values (SRP_PWD_ENTRY * entry, char *str)
* int(index):base64(n):int(g)
*/
static int
-pwd_put_values2 (SRP_PWD_ENTRY * entry, char *str)
+parse_tpasswd_conf_values (SRP_PWD_ENTRY * entry, char *str)
{
char *p;
int len;
@@ -228,7 +228,7 @@ pwd_read_conf (const char *pconf_file, SRP_PWD_ENTRY *
entry, int idx)
}
if (strncmp (indexstr, line, MAX (i, len)) == 0)
{
- if ((idx = pwd_put_values2 (entry, line)) >= 0)
+ if ((idx = parse_tpasswd_conf_values (entry, line)) >= 0)
{
ret = 0;
goto cleanup;
@@ -257,7 +257,7 @@ _gnutls_srp_pwd_read_entry (gnutls_session_t state, char
*username,
char line[2 * 1024];
unsigned i, len;
int ret;
- int idx, last_idx;
+ int idx;
SRP_PWD_ENTRY *entry = NULL;
*_entry = gnutls_calloc (1, sizeof (SRP_PWD_ENTRY));
@@ -334,8 +334,6 @@ _gnutls_srp_pwd_read_entry (gnutls_session_t state, char
*username,
goto cleanup;
}
- last_idx = 1; /* a default value */
-
len = strlen (username);
while (fgets (line, sizeof (line), fd) != NULL)
{
@@ -348,13 +346,11 @@ _gnutls_srp_pwd_read_entry (gnutls_session_t state, char
*username,
if (strncmp (username, line, MAX (i, len)) == 0)
{
- if ((idx = pwd_put_values (entry, line)) >= 0)
+ if ((idx = parse_tpasswd_values (entry, line)) >= 0)
{
/* Keep the last index in memory, so we can retrieve fake
parameters (g,n)
* when the user does not exist.
*/
- /* XXX: last_idx will not be read as both if block branches
return. */
- last_idx = idx;
if (pwd_read_conf (cred->password_conf_file, entry, idx) == 0)
{
goto found;
@@ -378,7 +374,7 @@ _gnutls_srp_pwd_read_entry (gnutls_session_t state, char
*username,
/* user was not found. Fake him. Actually read the g,n values from
* the last index found and randomize the entry.
*/
- if (pwd_read_conf (cred->password_conf_file, entry, last_idx) == 0)
+ if (pwd_read_conf (cred->password_conf_file, entry, 1) == 0)
{
ret = _randomize_pwd_entry (entry);
if (ret < 0)
@@ -390,11 +386,12 @@ _gnutls_srp_pwd_read_entry (gnutls_session_t state, char
*username,
goto found;
}
+ ret = GNUTLS_E_SRP_PWD_ERROR;
cleanup:
gnutls_assert ();
if (fd) fclose(fd);
_gnutls_srp_entry_free (entry);
- return GNUTLS_E_SRP_PWD_ERROR;
+ return ret;
found:
if (fd) fclose(fd);
diff --git a/lib/crypto-backend.c b/lib/crypto-backend.c
index 6d08155..93fb799 100644
--- a/lib/crypto-backend.c
+++ b/lib/crypto-backend.c
@@ -52,6 +52,9 @@ _algo_register (algo_list * al, int algorithm, int priority,
const void *s)
{
algo_list *cl;
algo_list *last_cl = al;
+
+ if (al == NULL)
+ return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
/* look if there is any cipher with lowest priority. In that case do not add.
*/
diff --git a/lib/ext/safe_renegotiation.c b/lib/ext/safe_renegotiation.c
index 1d6b67c..98629ef 100644
--- a/lib/ext/safe_renegotiation.c
+++ b/lib/ext/safe_renegotiation.c
@@ -271,8 +271,6 @@ _gnutls_ext_sr_send_cs (gnutls_session_t session)
}
epriv.ptr = priv;
}
- else
- priv = epriv.ptr;
if (set != 0)
_gnutls_ext_set_session_data (session,
diff --git a/lib/gnutls_constate.c b/lib/gnutls_constate.c
index c4aa4bc..9426752 100644
--- a/lib/gnutls_constate.c
+++ b/lib/gnutls_constate.c
@@ -248,8 +248,6 @@ _gnutls_set_keys (gnutls_session_t session,
record_parameters_st * params,
(&server_write->IV, &key_block[pos], IV_size) < 0)
return gnutls_assert_val (GNUTLS_E_MEMORY_ERROR);
- pos += IV_size;
-
}
else if (IV_size > 0 && export_flag != 0)
{
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index 8256e14..cc664b8 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -1119,7 +1119,7 @@ _gnutls_send_handshake (gnutls_session_t session,
mbuffer_st * bufel,
/* Fragment length */
_gnutls_write_uint24 (i_datasize, &data[pos]);
- pos += 3;
+ /* pos += 3; */
}
_gnutls_handshake_log ("HSK[%p]: %s was queued [%ld bytes]\n",
@@ -1882,7 +1882,7 @@ _gnutls_send_client_hello (gnutls_session_t session, int
again)
{
data[pos++] = session->internals.dtls.cookie_len;
memcpy(&data[pos], &session->internals.dtls.cookie,
session->internals.dtls.cookie_len);
- pos += session->internals.dtls.cookie_len;
+ /* pos += session->internals.dtls.cookie_len; */
}
/* Copy the ciphersuites.
@@ -1973,8 +1973,6 @@ _gnutls_send_server_hello (gnutls_session_t session, int
again)
uint8_t session_id_len = session->security_parameters.session_id_size;
char buf[2 * TLS_MAX_SESSION_ID_SIZE + 1];
- datalen = 0;
-
_gnutls_buffer_init(&extdata);
if (again == 0)
@@ -2028,7 +2026,6 @@ _gnutls_send_server_hello (gnutls_session_t session, int
again)
if (extdata.length > 0)
{
- datalen += extdata.length;
memcpy (&data[pos], extdata.data, extdata.length);
}
}
@@ -2142,8 +2139,6 @@ _gnutls_recv_hello_verify_request (gnutls_session_t
session,
session->internals.dtls.cookie_len = cookie_len;
memcpy (session->internals.dtls.cookie, &data[pos], cookie_len);
- pos += cookie_len;
-
if (len != 0)
{
gnutls_assert ();
diff --git a/lib/gnutls_session_pack.c b/lib/gnutls_session_pack.c
index 2588873..43b1024 100644
--- a/lib/gnutls_session_pack.c
+++ b/lib/gnutls_session_pack.c
@@ -103,7 +103,7 @@ _gnutls_session_pack (gnutls_session_t session,
if (ret < 0)
{
gnutls_assert ();
- return ret;
+ goto fail;
}
break;
#endif
@@ -113,7 +113,7 @@ _gnutls_session_pack (gnutls_session_t session,
if (ret < 0)
{
gnutls_assert ();
- return ret;
+ goto fail;
}
break;
#endif
@@ -123,7 +123,7 @@ _gnutls_session_pack (gnutls_session_t session,
if (ret < 0)
{
gnutls_assert ();
- return ret;
+ goto fail;
}
break;
#endif
@@ -132,7 +132,7 @@ _gnutls_session_pack (gnutls_session_t session,
if (ret < 0)
{
gnutls_assert ();
- return ret;
+ goto fail;
}
break;
default:
@@ -147,20 +147,20 @@ _gnutls_session_pack (gnutls_session_t session,
if (ret < 0)
{
gnutls_assert ();
- _gnutls_buffer_clear (&sb);
- return ret;
+ goto fail;
}
ret = _gnutls_ext_pack (session, &sb);
if (ret < 0)
{
gnutls_assert ();
- _gnutls_buffer_clear (&sb);
- return ret;
+ goto fail;
}
- ret = _gnutls_buffer_to_datum (&sb, packed_session);
+ return _gnutls_buffer_to_datum (&sb, packed_session);
+fail:
+ _gnutls_buffer_clear (&sb);
return ret;
}
@@ -363,10 +363,7 @@ unpack_certificate_auth_info (gnutls_session_t session,
gnutls_buffer_st * ps)
info = _gnutls_get_auth_info (session);
if (info == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_INTERNAL_ERROR;
- }
+ return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
BUFFER_POP_NUM (ps, info->dh.secret_bits);
@@ -433,9 +430,13 @@ pack_srp_auth_info (gnutls_session_t session,
gnutls_buffer_st * ps)
int len, ret;
int size_offset;
size_t cur_size;
+ const char* username = NULL;
if (info && info->username)
- len = strlen (info->username) + 1; /* include the terminating null */
+ {
+ username = info->username;
+ len = strlen (info->username) + 1; /* include the terminating null */
+ }
else
len = 0;
@@ -443,7 +444,7 @@ pack_srp_auth_info (gnutls_session_t session,
gnutls_buffer_st * ps)
BUFFER_APPEND_NUM (ps, 0);
cur_size = ps->length;
- BUFFER_APPEND_PFX (ps, info->username, len);
+ BUFFER_APPEND_PFX (ps, username, len);
/* write the real size */
_gnutls_write_uint32 (ps->length - cur_size, ps->data + size_offset);
@@ -466,7 +467,6 @@ unpack_srp_auth_info (gnutls_session_t session,
gnutls_buffer_st * ps)
return GNUTLS_E_INTERNAL_ERROR;
}
-
ret =
_gnutls_auth_info_set (session, GNUTLS_CRD_SRP,
sizeof (srp_server_auth_info_st), 1);
@@ -478,12 +478,11 @@ unpack_srp_auth_info (gnutls_session_t session,
gnutls_buffer_st * ps)
info = _gnutls_get_auth_info (session);
if (info == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_INTERNAL_ERROR;
- }
+ return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
BUFFER_POP (ps, info->username, username_size);
+ if (username_size == 0)
+ info->username[0] = 0;
ret = 0;
@@ -561,10 +560,7 @@ unpack_anon_auth_info (gnutls_session_t session,
gnutls_buffer_st * ps)
info = _gnutls_get_auth_info (session);
if (info == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_INTERNAL_ERROR;
- }
+ return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
BUFFER_POP_NUM (ps, info->dh.secret_bits);
@@ -614,13 +610,15 @@ pack_psk_auth_info (gnutls_session_t session,
gnutls_buffer_st * ps)
size_t cur_size;
info = _gnutls_get_auth_info (session);
+ if (info == NULL)
+ return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
- if (info && info->username)
+ if (info->username)
username_len = strlen (info->username) + 1; /* include the terminating
null */
else
username_len = 0;
- if (info && info->hint)
+ if (info->hint)
hint_len = strlen (info->hint) + 1; /* include the terminating null */
else
hint_len = 0;
@@ -661,10 +659,7 @@ unpack_psk_auth_info (gnutls_session_t session,
gnutls_buffer_st * ps)
info = _gnutls_get_auth_info (session);
if (info == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_INTERNAL_ERROR;
- }
+ return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
BUFFER_POP_NUM (ps, username_size);
if (username_size > sizeof (info->username))
diff --git a/lib/gnutls_str.c b/lib/gnutls_str.c
index 0d6d087..706047a 100644
--- a/lib/gnutls_str.c
+++ b/lib/gnutls_str.c
@@ -247,8 +247,9 @@ _gnutls_buffer_pop_datum (gnutls_buffer_st * str,
gnutls_datum_t * data,
return;
}
-/* converts the buffer to a datum if possible. After this call the buffer
- * is at an usable state and might not be used or deinitialized */
+/* converts the buffer to a datum if possible. After this call
+ * (failed or not) the buffer should be considered deinitialized.
+ */
int
_gnutls_buffer_to_datum (gnutls_buffer_st * str, gnutls_datum_t * data)
{
@@ -257,6 +258,7 @@ _gnutls_buffer_to_datum (gnutls_buffer_st * str,
gnutls_datum_t * data)
{
data->data = NULL;
data->size = 0;
+ _gnutls_buffer_clear (str);
return 0;
}
@@ -266,6 +268,7 @@ _gnutls_buffer_to_datum (gnutls_buffer_st * str,
gnutls_datum_t * data)
if (data->data == NULL)
{
gnutls_assert ();
+ _gnutls_buffer_clear (str);
return GNUTLS_E_MEMORY_ERROR;
}
memcpy (data->data, str->data, str->length);
@@ -276,6 +279,7 @@ _gnutls_buffer_to_datum (gnutls_buffer_st * str,
gnutls_datum_t * data)
{
data->data = str->data;
data->size = str->length;
+ _gnutls_buffer_init(str);
}
return 0;
diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c
index 130d75c..03ff988 100644
--- a/lib/gnutls_x509.c
+++ b/lib/gnutls_x509.c
@@ -681,10 +681,9 @@ read_cas_url (gnutls_certificate_credentials_t res, const
char *url)
ret =
gnutls_x509_crt_list_import_pkcs11 (xcrt_list, pcrt_list_size, pcrt_list,
0);
- if (xcrt_list == NULL)
+ if (ret < 0)
{
gnutls_assert ();
- ret = GNUTLS_E_MEMORY_ERROR;
goto cleanup;
}
diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
index d7e9a05..fc3275c 100644
--- a/lib/nettle/pk.c
+++ b/lib/nettle/pk.c
@@ -140,6 +140,7 @@ static int _wrap_nettle_pk_derive(gnutls_pk_algorithm_t
algo, gnutls_datum_t * o
_ecc_params_to_pubkey(pub, &ecc_pub);
_ecc_params_to_privkey(priv, &ecc_priv);
+ sz = ECC_BUF_SIZE;
if (ecc_projective_check_point(&ecc_pub.pubkey, pub->params[ECC_B],
pub->params[ECC_PRIME]) != 0)
{
@@ -147,7 +148,6 @@ static int _wrap_nettle_pk_derive(gnutls_pk_algorithm_t
algo, gnutls_datum_t * o
goto ecc_cleanup;
}
- sz = ECC_BUF_SIZE;
out->data = gnutls_malloc(sz);
if (out->data == NULL)
{
diff --git a/lib/opencdk/armor.c b/lib/opencdk/armor.c
index fbfab15..1d2a645 100644
--- a/lib/opencdk/armor.c
+++ b/lib/opencdk/armor.c
@@ -526,10 +526,9 @@ cdk_armor_encode_buffer (const byte * inbuf, size_t inlen,
return 0;
}
- pos = 0;
memset (outbuf, 0, outlen);
- memcpy (outbuf + pos, "-----", 5);
- pos += 5;
+ memcpy (outbuf, "-----", 5);
+ pos = 5;
memcpy (outbuf + pos, head, strlen (head));
pos += strlen (head);
memcpy (outbuf + pos, "-----", 5);
diff --git a/lib/opencdk/keydb.c b/lib/opencdk/keydb.c
index b74feda..646904d 100644
--- a/lib/opencdk/keydb.c
+++ b/lib/opencdk/keydb.c
@@ -1198,7 +1198,7 @@ _cdk_keydb_get_sk_byusage (cdk_keydb_hd_t hd, const char
*name,
return CDK_Unusable_Key;
}
node = find_selfsig_node (knode, pk_node->pkt->pkt.secret_key->pk);
- if (sk->pk->uid && node)
+ if (sk && sk->pk && sk->pk->uid && node)
_cdk_copy_signature (&sk->pk->uid->selfsig, node->pkt->pkt.signature);
/* We only release the outer packet. */
@@ -1275,7 +1275,7 @@ _cdk_keydb_get_pk_byusage (cdk_keydb_hd_t hd, const char
*name,
return CDK_Unusable_Key;
}
node = find_selfsig_node (knode, pk_node->pkt->pkt.public_key);
- if (pk->uid && node)
+ if (pk && pk->uid && node)
_cdk_copy_signature (&pk->uid->selfsig, node->pkt->pkt.signature);
cdk_kbnode_release (knode);
diff --git a/lib/opencdk/literal.c b/lib/opencdk/literal.c
index eb16188..7b0ec0d 100644
--- a/lib/opencdk/literal.c
+++ b/lib/opencdk/literal.c
@@ -215,7 +215,6 @@ literal_encode (void *data, FILE * in, FILE * out)
pt->buf = si;
pkt->old_ctb = 1;
pkt->pkttype = CDK_PKT_LITERAL;
- pkt->pkt.literal = pt;
rc = _cdk_pkt_write_fp (out, pkt);
cdk_pkt_release (pkt);
diff --git a/lib/opencdk/stream.c b/lib/opencdk/stream.c
index 7c62095..bfc96ab 100644
--- a/lib/opencdk/stream.c
+++ b/lib/opencdk/stream.c
@@ -1042,7 +1042,7 @@ cdk_stream_write (cdk_stream_t s, const void *buf, size_t
count)
return EOF;
}
- if (!buf && !count)
+ if (!buf || !count)
return stream_flush (s);
if (s->cache.on)
diff --git a/lib/opencdk/write-packet.c b/lib/opencdk/write-packet.c
index 0937c77..77b9db1 100644
--- a/lib/opencdk/write-packet.c
+++ b/lib/opencdk/write-packet.c
@@ -146,9 +146,9 @@ pkt_encode_len (cdk_stream_t out, size_t pktlen)
{
cdk_error_t rc;
- assert (out);
+ if (!out)
+ return CDK_Inv_Value;
- rc = 0;
if (!pktlen)
{
/* Block mode, partial bodies, with 'DEF_BLOCKSIZE' from main.h */
@@ -179,7 +179,8 @@ write_head_new (cdk_stream_t out, size_t size, int type)
{
cdk_error_t rc;
- assert (out);
+ if (!out)
+ return CDK_Inv_Value;
if (type < 0 || type > 63)
return CDK_Inv_Packet;
@@ -196,7 +197,8 @@ write_head_old (cdk_stream_t out, size_t size, int type)
cdk_error_t rc;
int ctb;
- assert (out);
+ if (!out)
+ return CDK_Inv_Value;
if (type < 0 || type > 16)
return CDK_Inv_Packet;
@@ -257,8 +259,8 @@ write_pubkey_enc (cdk_stream_t out, cdk_pkt_pubkey_enc_t
pke, int old_ctb)
size_t size;
int rc, nenc;
- assert (out);
- assert (pke);
+ if (!out || !pke)
+ return CDK_Inv_Value;
if (pke->version < 2 || pke->version > 3)
return CDK_Inv_Packet;
@@ -292,8 +294,8 @@ write_mdc (cdk_stream_t out, cdk_pkt_mdc_t mdc)
{
cdk_error_t rc;
- assert (mdc);
- assert (out);
+ if (!out || !mdc)
+ return CDK_Inv_Value;
if (DEBUG_PKT)
_gnutls_write_log ("write_mdc:\n");
@@ -363,8 +365,8 @@ write_signature (cdk_stream_t out, cdk_pkt_signature_t sig,
int old_ctb)
size_t nbytes, size, nsig;
cdk_error_t rc;
- assert (out);
- assert (sig);
+ if (!out || !sig)
+ return CDK_Inv_Value;
if (!KEY_CAN_SIGN (sig->pubkey_algo))
return CDK_Inv_Algo;
@@ -429,8 +431,8 @@ write_public_key (cdk_stream_t out, cdk_pkt_pubkey_t pk,
size_t npkey = 0, size = 6;
cdk_error_t rc;
- assert (out);
- assert (pk);
+ if (!out || !pk)
+ return CDK_Inv_Value;
if (pk->version < 2 || pk->version > 4)
return CDK_Inv_Packet;
@@ -506,8 +508,8 @@ write_secret_key (cdk_stream_t out, cdk_pkt_seckey_t sk,
int pkttype, s2k_mode;
cdk_error_t rc;
- assert (out);
- assert (sk);
+ if (!out || !sk)
+ return CDK_Inv_Value;
if (!sk->pk)
return CDK_Inv_Value;
@@ -626,8 +628,8 @@ write_compressed (cdk_stream_t out, cdk_pkt_compressed_t cd)
{
cdk_error_t rc;
- assert (out);
- assert (cd);
+ if (!out || !cd)
+ return CDK_Inv_Value;
if (DEBUG_PKT)
_gnutls_write_log ("packet: write_compressed\n");
@@ -647,8 +649,8 @@ write_literal (cdk_stream_t out, cdk_pkt_literal_t pt, int
old_ctb)
size_t size;
cdk_error_t rc;
- assert (out);
- assert (pt);
+ if (!out || !pt)
+ return CDK_Inv_Value;
/* We consider a packet without a body as an invalid packet.
At least one octet must be present. */
@@ -694,8 +696,8 @@ write_onepass_sig (cdk_stream_t out, cdk_pkt_onepass_sig_t
sig)
{
cdk_error_t rc;
- assert (out);
- assert (sig);
+ if (!out || !sig)
+ return CDK_Inv_Value;
if (sig->version != 3)
return CDK_Inv_Packet;
diff --git a/lib/pkcs11.c b/lib/pkcs11.c
index 056c68c..f489492 100644
--- a/lib/pkcs11.c
+++ b/lib/pkcs11.c
@@ -991,8 +991,6 @@ _pkcs11_traverse_tokens (find_func_t find_func, void *input,
{
struct token_info tinfo;
- ret = GNUTLS_E_PKCS11_ERROR;
-
if (pkcs11_get_token_info (module, providers[x].slots[z],
&tinfo.tinfo) != CKR_OK)
{
diff --git a/lib/x509/ocsp_output.c b/lib/x509/ocsp_output.c
index 737b227..e451085 100644
--- a/lib/x509/ocsp_output.c
+++ b/lib/x509/ocsp_output.c
@@ -571,8 +571,13 @@ print_resp (gnutls_buffer_st * str, gnutls_ocsp_resp_t
resp,
{
ret = gnutls_x509_crt_export (certs[i], GNUTLS_X509_FMT_PEM,
out.data, &s);
- out.size = s;
- addf (str, "%.*s", out.size, out.data);
+ if (ret < 0)
+ addf (str, "error: crt_export: %s\n", gnutls_strerror
(ret));
+ else
+ {
+ out.size = s;
+ addf (str, "%.*s", out.size, out.data);
+ }
gnutls_free (out.data);
}
}
diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c
index c2f2563..b6c7b9a 100644
--- a/lib/x509/privkey.c
+++ b/lib/x509/privkey.c
@@ -1591,7 +1591,7 @@ gnutls_x509_privkey_sign_data (gnutls_x509_privkey_t key,
}
result =
- _gnutls_x509_privkey_sign_hash2 (key, digest, flags, &hash, signature);
+ _gnutls_x509_privkey_sign_hash2 (key, digest, flags, &hash, &sig);
_gnutls_free_datum(&hash);
diff --git a/tests/Makefile.am b/tests/Makefile.am
index f5291a3..788a5e0 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -68,7 +68,7 @@ ctests = mini-deflate simple gc set_pkcs12_cred certder
certuniqueid \
mini-rehandshake rng-fork mini-eagain-dtls resume-dtls \
x509cert x509cert-tl infoaccess rsa-encrypt-decrypt \
mini-loss-time mini-tdb mini-dtls-rehandshake mini-record \
- mini-termination mini-x509-cas chainverify-unsorted
+ mini-termination mini-x509-cas
if ENABLE_OCSP
ctests += ocsp
diff --git a/tests/chainverify-unsorted.c b/tests/chainverify-unsorted.c
deleted file mode 100644
index 716fbd2..0000000
--- a/tests/chainverify-unsorted.c
+++ /dev/null
@@ -1,747 +0,0 @@
-/*
- * Copyright (C) 2011-2012 Free Software Foundation, Inc.
- *
- * Author: Nikos Mavrogiannopoulos
- *
- * This file is part of GnuTLS.
- *
- * GnuTLS is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * GnuTLS is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with GnuTLS; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
- */
-
-/* Parts copied from GnuTLS example programs. */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <unistd.h>
-#include <gnutls/gnutls.h>
-#include <gnutls/x509.h>
-
-#include "utils.h"
-
-/* gnutls_trust_list_*().
- */
-
-static void
-tls_log_func (int level, const char *str)
-{
- fprintf (stderr, "<%d>| %s", level, str);
-}
-
-
-const char ca_str[] =
- "-----BEGIN CERTIFICATE-----\n"
- "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n"
- "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n"
- "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n"
- "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n"
- "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n"
- "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n"
- "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n"
- "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n"
- "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n"
- "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n"
- "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n"
- "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n"
- "-----END CERTIFICATE-----\n";
-const gnutls_datum_t ca = { (void*)ca_str, sizeof(ca_str) };
-
-
-/* Chain1 is sorted */
-static const char chain1[] = {
- /* chain[0] */
- "-----BEGIN CERTIFICATE-----\n"
- "MIIGCDCCBPCgAwIBAgIQakrDGzEQ5utI8PxRo5oXHzANBgkqhkiG9w0BAQUFADCB\n"
- "vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
- "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMv\n"
- "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0Ew\n"
- "HhcNMDcwNTA5MDAwMDAwWhcNMDkwNTA4MjM1OTU5WjCCAUAxEDAOBgNVBAUTBzI0\n"
- "OTc4ODYxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVs\n"
- "YXdhcmUxCzAJBgNVBAYTAlVTMQ4wDAYDVQQRFAU5NDA0MzETMBEGA1UECBMKQ2Fs\n"
- "aWZvcm5pYTEWMBQGA1UEBxQNTW91bnRhaW4gVmlldzEiMCAGA1UECRQZNDg3IEVh\n"
- "c3QgTWlkZGxlZmllbGQgUm9hZDEXMBUGA1UEChQOVmVyaVNpZ24sIEluYy4xJTAj\n"
- "BgNVBAsUHFByb2R1Y3Rpb24gU2VjdXJpdHkgU2VydmljZXMxMzAxBgNVBAsUKlRl\n"
- "cm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjEZMBcGA1UE\n"
- "AxQQd3d3LnZlcmlzaWduLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n"
- "xxA35ev879drgQCpENGRQ3ARaCPz/WneT9dtMe3qGNvzXQJs6cjm1Bx8XegyW1gB\n"
- "jJX5Zl4WWbr9wpAWZ1YyJ0bEyShIGmkU8fPfbcXYwSyWoWwvE5NRaUB2ztmfAVdv\n"
- "OaGMUKxny2Dnj3tAdaQ+FOeRDJJYg6K1hzczq/otOfsCAwEAAaOCAf8wggH7MAkG\n"
- "A1UdEwQCMAAwHQYDVR0OBBYEFPFaiZNVR0u6UfVO4MsWVfTXzDhnMAsGA1UdDwQE\n"
- "AwIFoDA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vRVZJbnRsLWNybC52ZXJpc2ln\n"
- "bi5jb20vRVZJbnRsMjAwNi5jcmwwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXBjAq\n"
- "MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDQGA1Ud\n"
- "JQQtMCsGCCsGAQUFBwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBBgorBgEEAYI3CgMD\n"
- "MB8GA1UdIwQYMBaAFE5DyB127zdTek/yWG+U8zji1b3fMHYGCCsGAQUFBwEBBGow\n"
- "aDArBggrBgEFBQcwAYYfaHR0cDovL0VWSW50bC1vY3NwLnZlcmlzaWduLmNvbTA5\n"
- "BggrBgEFBQcwAoYtaHR0cDovL0VWSW50bC1haWEudmVyaXNpZ24uY29tL0VWSW50\n"
- "bDIwMDYuY2VyMG0GCCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAh\n"
- "MB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dv\n"
- "LnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMA0GCSqGSIb3DQEBBQUAA4IBAQBEueAg\n"
- "xZJrjGPKAZk1NT8VtTn0yi87i9XUnSOnkFkAuI3THDd+cWbNSUzc5uFJg42GhMK7\n"
- "S1Rojm8FHxESovLvimH/w111BKF9wNU2XSOb9KohfYq3GRiQG8O7v9JwIjjLepkc\n"
- "iyITx7sYiJ+kwZlrNBwN6TwVHrONg6NzyzSnxCg+XgKRbJu2PqEQb6uQVkYhb+Oq\n"
- "Vi9d4by9YqpnuXImSffQ0OZ/6s3Rl6vY08zIPqa6OVfjGs/H45ETblzezcUKpX0L\n"
- "cqnOwUB9dVuPhtlX3X/hgz/ROxz96NBwwzha58HUgfEfkVtm+piI6TTI7XxS/7Av\n"
- "nKMfhbyFQYPQ6J9g\n"
- "-----END CERTIFICATE-----\n"
- /* chain[1] */
- "-----BEGIN CERTIFICATE-----\n"
- "MIIGCjCCBPKgAwIBAgIQESoAbTflEG/WynzD77rMGDANBgkqhkiG9w0BAQUFADCB\n"
- "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
- "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
- "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
- "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBvjEL\n"
- "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
- "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
- "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMvVmVy\n"
- "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0EwggEi\n"
- "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Voi6iDRkZM/NyrDu5xlzxXLZ\n"
- "u0W8taj/g74cA9vtibcuEBolvFXKQaGfC88ZXnC5XjlLnjEcX4euKqqoK6IbOxAj\n"
- "XxOx3QiMThTag4HjtYzjaO0kZ85Wtqybc5ZE24qMs9bwcZOO23FUSutzWWqPcFEs\n"
- "A5+X0cwRerxiDZUqyRx1V+n1x+q6hDXLx4VafuRN4RGXfQ4gNEXb8aIJ6+s9nriW\n"
- "Q140SwglHkMaotm3igE0PcP45a9PjP/NZfAjTsWXs1zakByChQ0GDcEitnsopAPD\n"
- "TFPRWLxyvAg5/KB2qKjpS26IPeOzMSWMcylIDjJ5Bu09Q/T25On8fb6OCNUfAgMB\n"
- "AAGjggH0MIIB8DAdBgNVHQ4EFgQUTkPIHXbvN1N6T/JYb5TzOOLVvd8wEgYDVR0T\n"
- "AQH/BAgwBgEB/wIBADA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n"
- "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczA9BgNVHR8ENjA0MDKgMKAuhixo\n"
- "dHRwOi8vRVZTZWN1cmUtY3JsLnZlcmlzaWduLmNvbS9wY2EzLWc1LmNybDAgBgNV\n"
- "HSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDgYDVR0PAQH/BAQDAgEGMBEG\n"
- "CWCGSAGG+EIBAQQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFn\n"
- "ZS9naWYwITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRw\n"
- "Oi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjApBgNVHREEIjAgpB4wHDEa\n"
- "MBgGA1UEAxMRQ2xhc3MzQ0EyMDQ4LTEtNDgwPQYIKwYBBQUHAQEEMTAvMC0GCCsG\n"
- "AQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5jb20wHwYDVR0j\n"
- "BBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJKoZIhvcNAQEFBQADggEBAFqi\n"
- "sb/rjdQ4qIBywtw4Lqyncfkro7tHu21pbxA2mIzHVi67vKtKm3rW8oKT4BT+is6D\n"
- "t4Pbk4errGV5Sf1XqbHOCR+6EBXECQ5i4/kKJdVkmPDyqA92Mn6R5hjuvOfa0E6N\n"
- "eLvincBZK8DOlQ0kDHLKNF5wIokrSrDxaIfz7kSNKEB3OW5IckUxXWs5DoYC6maZ\n"
- "kzEP32fepp+MnUzOcW86Ifa5ND/5btia9z7a84Ffelxtj3z2mXS3/+QXXe1hXqtI\n"
- "u5aNZkU5tBIK9nDpnHYiS2DpKhs0Sfei1GfAsSatE7rZhAHBq+GObXAWO3eskZq7\n"
- "Gh/aWKfkT8Fhrryi/ks=\n"
- "-----END CERTIFICATE-----\n"
- /* chain[2] */
- "-----BEGIN CERTIFICATE-----\n"
- "MIIE/zCCBGigAwIBAgIQY5Jrio9Agv2swDvTeCmmwDANBgkqhkiG9w0BAQUFADBf\n"
- "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n"
- "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n"
- "HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx\n"
- "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n"
- "dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv\n"
- "ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz\n"
- "IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi\n"
- "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8\n"
- "RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb\n"
- "ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR\n"
- "TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/\n"
- "Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH\n"
- "iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB\n"
- "AAGjggHKMIIBxjAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0\n"
- "dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjBt\n"
- "BggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFnZS9naWYwITAfMAcGBSsOAwIa\n"
- "BBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRwOi8vbG9nby52ZXJpc2lnbi5j\n"
- "b20vdnNsb2dvLmdpZjA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n"
- "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7Lvw\n"
- "MAnzQzn6Aq8zMTMwgYAGA1UdIwR5MHehY6RhMF8xCzAJBgNVBAYTAlVTMRcwFQYD\n"
- "VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp\n"
- "bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIQcLrkHRDZKTS2OMp7A8y6vzAg\n"
- "BgNVHSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDQYJKoZIhvcNAQEFBQAD\n"
- "gYEAUNfnArcMK6xK11/59ADJdeNqKOck4skH3qw6WCAYQxfrcn4eobTInOn5G3Gu\n"
- "39g6DapSHmBex2UtZSxvKnJVlWYQgE4P4wGoXdzV69YdCNssXNVVc59DYhDH05dZ\n"
- "P4sJH99fucYDkJjUgRUYw35ww0OFwKgUp3CxiizbXxCqEQc=\n"
- "-----END CERTIFICATE-----\n"
- /* chain[3] (CA) */
- "-----BEGIN CERTIFICATE-----\n"
- "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n"
- "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n"
- "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n"
- "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n"
- "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n"
- "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n"
- "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n"
- "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n"
- "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n"
- "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n"
- "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n"
- "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n"
- "-----END CERTIFICATE-----\n"
-};
-
-/* Chain2 is unsorted - reverse order */
-static const char chain2[] = {
- /* chain[0] */
- "-----BEGIN CERTIFICATE-----\n"
- "MIIGCDCCBPCgAwIBAgIQakrDGzEQ5utI8PxRo5oXHzANBgkqhkiG9w0BAQUFADCB\n"
- "vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
- "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMv\n"
- "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0Ew\n"
- "HhcNMDcwNTA5MDAwMDAwWhcNMDkwNTA4MjM1OTU5WjCCAUAxEDAOBgNVBAUTBzI0\n"
- "OTc4ODYxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVs\n"
- "YXdhcmUxCzAJBgNVBAYTAlVTMQ4wDAYDVQQRFAU5NDA0MzETMBEGA1UECBMKQ2Fs\n"
- "aWZvcm5pYTEWMBQGA1UEBxQNTW91bnRhaW4gVmlldzEiMCAGA1UECRQZNDg3IEVh\n"
- "c3QgTWlkZGxlZmllbGQgUm9hZDEXMBUGA1UEChQOVmVyaVNpZ24sIEluYy4xJTAj\n"
- "BgNVBAsUHFByb2R1Y3Rpb24gU2VjdXJpdHkgU2VydmljZXMxMzAxBgNVBAsUKlRl\n"
- "cm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjEZMBcGA1UE\n"
- "AxQQd3d3LnZlcmlzaWduLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n"
- "xxA35ev879drgQCpENGRQ3ARaCPz/WneT9dtMe3qGNvzXQJs6cjm1Bx8XegyW1gB\n"
- "jJX5Zl4WWbr9wpAWZ1YyJ0bEyShIGmkU8fPfbcXYwSyWoWwvE5NRaUB2ztmfAVdv\n"
- "OaGMUKxny2Dnj3tAdaQ+FOeRDJJYg6K1hzczq/otOfsCAwEAAaOCAf8wggH7MAkG\n"
- "A1UdEwQCMAAwHQYDVR0OBBYEFPFaiZNVR0u6UfVO4MsWVfTXzDhnMAsGA1UdDwQE\n"
- "AwIFoDA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vRVZJbnRsLWNybC52ZXJpc2ln\n"
- "bi5jb20vRVZJbnRsMjAwNi5jcmwwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXBjAq\n"
- "MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDQGA1Ud\n"
- "JQQtMCsGCCsGAQUFBwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBBgorBgEEAYI3CgMD\n"
- "MB8GA1UdIwQYMBaAFE5DyB127zdTek/yWG+U8zji1b3fMHYGCCsGAQUFBwEBBGow\n"
- "aDArBggrBgEFBQcwAYYfaHR0cDovL0VWSW50bC1vY3NwLnZlcmlzaWduLmNvbTA5\n"
- "BggrBgEFBQcwAoYtaHR0cDovL0VWSW50bC1haWEudmVyaXNpZ24uY29tL0VWSW50\n"
- "bDIwMDYuY2VyMG0GCCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAh\n"
- "MB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dv\n"
- "LnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMA0GCSqGSIb3DQEBBQUAA4IBAQBEueAg\n"
- "xZJrjGPKAZk1NT8VtTn0yi87i9XUnSOnkFkAuI3THDd+cWbNSUzc5uFJg42GhMK7\n"
- "S1Rojm8FHxESovLvimH/w111BKF9wNU2XSOb9KohfYq3GRiQG8O7v9JwIjjLepkc\n"
- "iyITx7sYiJ+kwZlrNBwN6TwVHrONg6NzyzSnxCg+XgKRbJu2PqEQb6uQVkYhb+Oq\n"
- "Vi9d4by9YqpnuXImSffQ0OZ/6s3Rl6vY08zIPqa6OVfjGs/H45ETblzezcUKpX0L\n"
- "cqnOwUB9dVuPhtlX3X/hgz/ROxz96NBwwzha58HUgfEfkVtm+piI6TTI7XxS/7Av\n"
- "nKMfhbyFQYPQ6J9g\n"
- "-----END CERTIFICATE-----\n"
- /* chain[3] (CA) */
- "-----BEGIN CERTIFICATE-----\n"
- "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n"
- "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n"
- "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n"
- "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n"
- "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n"
- "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n"
- "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n"
- "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n"
- "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n"
- "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n"
- "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n"
- "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n"
- "-----END CERTIFICATE-----\n"
- /* chain[2] */
- "-----BEGIN CERTIFICATE-----\n"
- "MIIE/zCCBGigAwIBAgIQY5Jrio9Agv2swDvTeCmmwDANBgkqhkiG9w0BAQUFADBf\n"
- "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n"
- "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n"
- "HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx\n"
- "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n"
- "dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv\n"
- "ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz\n"
- "IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi\n"
- "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8\n"
- "RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb\n"
- "ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR\n"
- "TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/\n"
- "Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH\n"
- "iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB\n"
- "AAGjggHKMIIBxjAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0\n"
- "dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjBt\n"
- "BggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFnZS9naWYwITAfMAcGBSsOAwIa\n"
- "BBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRwOi8vbG9nby52ZXJpc2lnbi5j\n"
- "b20vdnNsb2dvLmdpZjA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n"
- "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7Lvw\n"
- "MAnzQzn6Aq8zMTMwgYAGA1UdIwR5MHehY6RhMF8xCzAJBgNVBAYTAlVTMRcwFQYD\n"
- "VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp\n"
- "bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIQcLrkHRDZKTS2OMp7A8y6vzAg\n"
- "BgNVHSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDQYJKoZIhvcNAQEFBQAD\n"
- "gYEAUNfnArcMK6xK11/59ADJdeNqKOck4skH3qw6WCAYQxfrcn4eobTInOn5G3Gu\n"
- "39g6DapSHmBex2UtZSxvKnJVlWYQgE4P4wGoXdzV69YdCNssXNVVc59DYhDH05dZ\n"
- "P4sJH99fucYDkJjUgRUYw35ww0OFwKgUp3CxiizbXxCqEQc=\n"
- "-----END CERTIFICATE-----\n"
- /* chain[1] */
- "-----BEGIN CERTIFICATE-----\n"
- "MIIGCjCCBPKgAwIBAgIQESoAbTflEG/WynzD77rMGDANBgkqhkiG9w0BAQUFADCB\n"
- "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
- "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
- "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
- "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBvjEL\n"
- "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
- "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
- "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMvVmVy\n"
- "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0EwggEi\n"
- "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Voi6iDRkZM/NyrDu5xlzxXLZ\n"
- "u0W8taj/g74cA9vtibcuEBolvFXKQaGfC88ZXnC5XjlLnjEcX4euKqqoK6IbOxAj\n"
- "XxOx3QiMThTag4HjtYzjaO0kZ85Wtqybc5ZE24qMs9bwcZOO23FUSutzWWqPcFEs\n"
- "A5+X0cwRerxiDZUqyRx1V+n1x+q6hDXLx4VafuRN4RGXfQ4gNEXb8aIJ6+s9nriW\n"
- "Q140SwglHkMaotm3igE0PcP45a9PjP/NZfAjTsWXs1zakByChQ0GDcEitnsopAPD\n"
- "TFPRWLxyvAg5/KB2qKjpS26IPeOzMSWMcylIDjJ5Bu09Q/T25On8fb6OCNUfAgMB\n"
- "AAGjggH0MIIB8DAdBgNVHQ4EFgQUTkPIHXbvN1N6T/JYb5TzOOLVvd8wEgYDVR0T\n"
- "AQH/BAgwBgEB/wIBADA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n"
- "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczA9BgNVHR8ENjA0MDKgMKAuhixo\n"
- "dHRwOi8vRVZTZWN1cmUtY3JsLnZlcmlzaWduLmNvbS9wY2EzLWc1LmNybDAgBgNV\n"
- "HSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDgYDVR0PAQH/BAQDAgEGMBEG\n"
- "CWCGSAGG+EIBAQQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFn\n"
- "ZS9naWYwITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRw\n"
- "Oi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjApBgNVHREEIjAgpB4wHDEa\n"
- "MBgGA1UEAxMRQ2xhc3MzQ0EyMDQ4LTEtNDgwPQYIKwYBBQUHAQEEMTAvMC0GCCsG\n"
- "AQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5jb20wHwYDVR0j\n"
- "BBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJKoZIhvcNAQEFBQADggEBAFqi\n"
- "sb/rjdQ4qIBywtw4Lqyncfkro7tHu21pbxA2mIzHVi67vKtKm3rW8oKT4BT+is6D\n"
- "t4Pbk4errGV5Sf1XqbHOCR+6EBXECQ5i4/kKJdVkmPDyqA92Mn6R5hjuvOfa0E6N\n"
- "eLvincBZK8DOlQ0kDHLKNF5wIokrSrDxaIfz7kSNKEB3OW5IckUxXWs5DoYC6maZ\n"
- "kzEP32fepp+MnUzOcW86Ifa5ND/5btia9z7a84Ffelxtj3z2mXS3/+QXXe1hXqtI\n"
- "u5aNZkU5tBIK9nDpnHYiS2DpKhs0Sfei1GfAsSatE7rZhAHBq+GObXAWO3eskZq7\n"
- "Gh/aWKfkT8Fhrryi/ks=\n"
- "-----END CERTIFICATE-----\n"
-};
-
-/* Chain3 is unsorted - random order */
-static const char chain3[] = {
- /* chain[0] */
- "-----BEGIN CERTIFICATE-----\n"
- "MIIGCDCCBPCgAwIBAgIQakrDGzEQ5utI8PxRo5oXHzANBgkqhkiG9w0BAQUFADCB\n"
- "vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
- "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMv\n"
- "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0Ew\n"
- "HhcNMDcwNTA5MDAwMDAwWhcNMDkwNTA4MjM1OTU5WjCCAUAxEDAOBgNVBAUTBzI0\n"
- "OTc4ODYxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVs\n"
- "YXdhcmUxCzAJBgNVBAYTAlVTMQ4wDAYDVQQRFAU5NDA0MzETMBEGA1UECBMKQ2Fs\n"
- "aWZvcm5pYTEWMBQGA1UEBxQNTW91bnRhaW4gVmlldzEiMCAGA1UECRQZNDg3IEVh\n"
- "c3QgTWlkZGxlZmllbGQgUm9hZDEXMBUGA1UEChQOVmVyaVNpZ24sIEluYy4xJTAj\n"
- "BgNVBAsUHFByb2R1Y3Rpb24gU2VjdXJpdHkgU2VydmljZXMxMzAxBgNVBAsUKlRl\n"
- "cm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjEZMBcGA1UE\n"
- "AxQQd3d3LnZlcmlzaWduLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n"
- "xxA35ev879drgQCpENGRQ3ARaCPz/WneT9dtMe3qGNvzXQJs6cjm1Bx8XegyW1gB\n"
- "jJX5Zl4WWbr9wpAWZ1YyJ0bEyShIGmkU8fPfbcXYwSyWoWwvE5NRaUB2ztmfAVdv\n"
- "OaGMUKxny2Dnj3tAdaQ+FOeRDJJYg6K1hzczq/otOfsCAwEAAaOCAf8wggH7MAkG\n"
- "A1UdEwQCMAAwHQYDVR0OBBYEFPFaiZNVR0u6UfVO4MsWVfTXzDhnMAsGA1UdDwQE\n"
- "AwIFoDA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vRVZJbnRsLWNybC52ZXJpc2ln\n"
- "bi5jb20vRVZJbnRsMjAwNi5jcmwwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXBjAq\n"
- "MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDQGA1Ud\n"
- "JQQtMCsGCCsGAQUFBwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBBgorBgEEAYI3CgMD\n"
- "MB8GA1UdIwQYMBaAFE5DyB127zdTek/yWG+U8zji1b3fMHYGCCsGAQUFBwEBBGow\n"
- "aDArBggrBgEFBQcwAYYfaHR0cDovL0VWSW50bC1vY3NwLnZlcmlzaWduLmNvbTA5\n"
- "BggrBgEFBQcwAoYtaHR0cDovL0VWSW50bC1haWEudmVyaXNpZ24uY29tL0VWSW50\n"
- "bDIwMDYuY2VyMG0GCCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAh\n"
- "MB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dv\n"
- "LnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMA0GCSqGSIb3DQEBBQUAA4IBAQBEueAg\n"
- "xZJrjGPKAZk1NT8VtTn0yi87i9XUnSOnkFkAuI3THDd+cWbNSUzc5uFJg42GhMK7\n"
- "S1Rojm8FHxESovLvimH/w111BKF9wNU2XSOb9KohfYq3GRiQG8O7v9JwIjjLepkc\n"
- "iyITx7sYiJ+kwZlrNBwN6TwVHrONg6NzyzSnxCg+XgKRbJu2PqEQb6uQVkYhb+Oq\n"
- "Vi9d4by9YqpnuXImSffQ0OZ/6s3Rl6vY08zIPqa6OVfjGs/H45ETblzezcUKpX0L\n"
- "cqnOwUB9dVuPhtlX3X/hgz/ROxz96NBwwzha58HUgfEfkVtm+piI6TTI7XxS/7Av\n"
- "nKMfhbyFQYPQ6J9g\n"
- "-----END CERTIFICATE-----\n"
- /* chain[2] */
- "-----BEGIN CERTIFICATE-----\n"
- "MIIE/zCCBGigAwIBAgIQY5Jrio9Agv2swDvTeCmmwDANBgkqhkiG9w0BAQUFADBf\n"
- "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n"
- "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n"
- "HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx\n"
- "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n"
- "dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv\n"
- "ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz\n"
- "IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi\n"
- "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8\n"
- "RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb\n"
- "ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR\n"
- "TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/\n"
- "Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH\n"
- "iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB\n"
- "AAGjggHKMIIBxjAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0\n"
- "dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjBt\n"
- "BggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFnZS9naWYwITAfMAcGBSsOAwIa\n"
- "BBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRwOi8vbG9nby52ZXJpc2lnbi5j\n"
- "b20vdnNsb2dvLmdpZjA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n"
- "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7Lvw\n"
- "MAnzQzn6Aq8zMTMwgYAGA1UdIwR5MHehY6RhMF8xCzAJBgNVBAYTAlVTMRcwFQYD\n"
- "VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp\n"
- "bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIQcLrkHRDZKTS2OMp7A8y6vzAg\n"
- "BgNVHSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDQYJKoZIhvcNAQEFBQAD\n"
- "gYEAUNfnArcMK6xK11/59ADJdeNqKOck4skH3qw6WCAYQxfrcn4eobTInOn5G3Gu\n"
- "39g6DapSHmBex2UtZSxvKnJVlWYQgE4P4wGoXdzV69YdCNssXNVVc59DYhDH05dZ\n"
- "P4sJH99fucYDkJjUgRUYw35ww0OFwKgUp3CxiizbXxCqEQc=\n"
- "-----END CERTIFICATE-----\n"
- /* chain[3] (CA) */
- "-----BEGIN CERTIFICATE-----\n"
- "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n"
- "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n"
- "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n"
- "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n"
- "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n"
- "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n"
- "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n"
- "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n"
- "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n"
- "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n"
- "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n"
- "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n"
- "-----END CERTIFICATE-----\n"
- /* chain[1] */
- "-----BEGIN CERTIFICATE-----\n"
- "MIIGCjCCBPKgAwIBAgIQESoAbTflEG/WynzD77rMGDANBgkqhkiG9w0BAQUFADCB\n"
- "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
- "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
- "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
- "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBvjEL\n"
- "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
- "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
- "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMvVmVy\n"
- "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0EwggEi\n"
- "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Voi6iDRkZM/NyrDu5xlzxXLZ\n"
- "u0W8taj/g74cA9vtibcuEBolvFXKQaGfC88ZXnC5XjlLnjEcX4euKqqoK6IbOxAj\n"
- "XxOx3QiMThTag4HjtYzjaO0kZ85Wtqybc5ZE24qMs9bwcZOO23FUSutzWWqPcFEs\n"
- "A5+X0cwRerxiDZUqyRx1V+n1x+q6hDXLx4VafuRN4RGXfQ4gNEXb8aIJ6+s9nriW\n"
- "Q140SwglHkMaotm3igE0PcP45a9PjP/NZfAjTsWXs1zakByChQ0GDcEitnsopAPD\n"
- "TFPRWLxyvAg5/KB2qKjpS26IPeOzMSWMcylIDjJ5Bu09Q/T25On8fb6OCNUfAgMB\n"
- "AAGjggH0MIIB8DAdBgNVHQ4EFgQUTkPIHXbvN1N6T/JYb5TzOOLVvd8wEgYDVR0T\n"
- "AQH/BAgwBgEB/wIBADA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n"
- "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczA9BgNVHR8ENjA0MDKgMKAuhixo\n"
- "dHRwOi8vRVZTZWN1cmUtY3JsLnZlcmlzaWduLmNvbS9wY2EzLWc1LmNybDAgBgNV\n"
- "HSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDgYDVR0PAQH/BAQDAgEGMBEG\n"
- "CWCGSAGG+EIBAQQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFn\n"
- "ZS9naWYwITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRw\n"
- "Oi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjApBgNVHREEIjAgpB4wHDEa\n"
- "MBgGA1UEAxMRQ2xhc3MzQ0EyMDQ4LTEtNDgwPQYIKwYBBQUHAQEEMTAvMC0GCCsG\n"
- "AQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5jb20wHwYDVR0j\n"
- "BBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJKoZIhvcNAQEFBQADggEBAFqi\n"
- "sb/rjdQ4qIBywtw4Lqyncfkro7tHu21pbxA2mIzHVi67vKtKm3rW8oKT4BT+is6D\n"
- "t4Pbk4errGV5Sf1XqbHOCR+6EBXECQ5i4/kKJdVkmPDyqA92Mn6R5hjuvOfa0E6N\n"
- "eLvincBZK8DOlQ0kDHLKNF5wIokrSrDxaIfz7kSNKEB3OW5IckUxXWs5DoYC6maZ\n"
- "kzEP32fepp+MnUzOcW86Ifa5ND/5btia9z7a84Ffelxtj3z2mXS3/+QXXe1hXqtI\n"
- "u5aNZkU5tBIK9nDpnHYiS2DpKhs0Sfei1GfAsSatE7rZhAHBq+GObXAWO3eskZq7\n"
- "Gh/aWKfkT8Fhrryi/ks=\n"
- "-----END CERTIFICATE-----\n"
-};
-
-/* Chain4 is unsorted - random order and includes random certs */
-static const char chain4[] = {
- /* chain[0] */
- "-----BEGIN CERTIFICATE-----\n"
- "MIIGCDCCBPCgAwIBAgIQakrDGzEQ5utI8PxRo5oXHzANBgkqhkiG9w0BAQUFADCB\n"
- "vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
- "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMv\n"
- "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0Ew\n"
- "HhcNMDcwNTA5MDAwMDAwWhcNMDkwNTA4MjM1OTU5WjCCAUAxEDAOBgNVBAUTBzI0\n"
- "OTc4ODYxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVs\n"
- "YXdhcmUxCzAJBgNVBAYTAlVTMQ4wDAYDVQQRFAU5NDA0MzETMBEGA1UECBMKQ2Fs\n"
- "aWZvcm5pYTEWMBQGA1UEBxQNTW91bnRhaW4gVmlldzEiMCAGA1UECRQZNDg3IEVh\n"
- "c3QgTWlkZGxlZmllbGQgUm9hZDEXMBUGA1UEChQOVmVyaVNpZ24sIEluYy4xJTAj\n"
- "BgNVBAsUHFByb2R1Y3Rpb24gU2VjdXJpdHkgU2VydmljZXMxMzAxBgNVBAsUKlRl\n"
- "cm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjEZMBcGA1UE\n"
- "AxQQd3d3LnZlcmlzaWduLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n"
- "xxA35ev879drgQCpENGRQ3ARaCPz/WneT9dtMe3qGNvzXQJs6cjm1Bx8XegyW1gB\n"
- "jJX5Zl4WWbr9wpAWZ1YyJ0bEyShIGmkU8fPfbcXYwSyWoWwvE5NRaUB2ztmfAVdv\n"
- "OaGMUKxny2Dnj3tAdaQ+FOeRDJJYg6K1hzczq/otOfsCAwEAAaOCAf8wggH7MAkG\n"
- "A1UdEwQCMAAwHQYDVR0OBBYEFPFaiZNVR0u6UfVO4MsWVfTXzDhnMAsGA1UdDwQE\n"
- "AwIFoDA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vRVZJbnRsLWNybC52ZXJpc2ln\n"
- "bi5jb20vRVZJbnRsMjAwNi5jcmwwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXBjAq\n"
- "MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDQGA1Ud\n"
- "JQQtMCsGCCsGAQUFBwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBBgorBgEEAYI3CgMD\n"
- "MB8GA1UdIwQYMBaAFE5DyB127zdTek/yWG+U8zji1b3fMHYGCCsGAQUFBwEBBGow\n"
- "aDArBggrBgEFBQcwAYYfaHR0cDovL0VWSW50bC1vY3NwLnZlcmlzaWduLmNvbTA5\n"
- "BggrBgEFBQcwAoYtaHR0cDovL0VWSW50bC1haWEudmVyaXNpZ24uY29tL0VWSW50\n"
- "bDIwMDYuY2VyMG0GCCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAh\n"
- "MB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dv\n"
- "LnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMA0GCSqGSIb3DQEBBQUAA4IBAQBEueAg\n"
- "xZJrjGPKAZk1NT8VtTn0yi87i9XUnSOnkFkAuI3THDd+cWbNSUzc5uFJg42GhMK7\n"
- "S1Rojm8FHxESovLvimH/w111BKF9wNU2XSOb9KohfYq3GRiQG8O7v9JwIjjLepkc\n"
- "iyITx7sYiJ+kwZlrNBwN6TwVHrONg6NzyzSnxCg+XgKRbJu2PqEQb6uQVkYhb+Oq\n"
- "Vi9d4by9YqpnuXImSffQ0OZ/6s3Rl6vY08zIPqa6OVfjGs/H45ETblzezcUKpX0L\n"
- "cqnOwUB9dVuPhtlX3X/hgz/ROxz96NBwwzha58HUgfEfkVtm+piI6TTI7XxS/7Av\n"
- "nKMfhbyFQYPQ6J9g\n"
- "-----END CERTIFICATE-----\n"
- /* chain[2] */
- "-----BEGIN CERTIFICATE-----\n"
- "MIIE/zCCBGigAwIBAgIQY5Jrio9Agv2swDvTeCmmwDANBgkqhkiG9w0BAQUFADBf\n"
- "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n"
- "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n"
- "HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx\n"
- "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz\n"
- "dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv\n"
- "ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz\n"
- "IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi\n"
- "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8\n"
- "RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb\n"
- "ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR\n"
- "TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/\n"
- "Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH\n"
- "iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB\n"
- "AAGjggHKMIIBxjAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0\n"
- "dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjBt\n"
- "BggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFnZS9naWYwITAfMAcGBSsOAwIa\n"
- "BBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRwOi8vbG9nby52ZXJpc2lnbi5j\n"
- "b20vdnNsb2dvLmdpZjA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n"
- "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7Lvw\n"
- "MAnzQzn6Aq8zMTMwgYAGA1UdIwR5MHehY6RhMF8xCzAJBgNVBAYTAlVTMRcwFQYD\n"
- "VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp\n"
- "bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIQcLrkHRDZKTS2OMp7A8y6vzAg\n"
- "BgNVHSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDQYJKoZIhvcNAQEFBQAD\n"
- "gYEAUNfnArcMK6xK11/59ADJdeNqKOck4skH3qw6WCAYQxfrcn4eobTInOn5G3Gu\n"
- "39g6DapSHmBex2UtZSxvKnJVlWYQgE4P4wGoXdzV69YdCNssXNVVc59DYhDH05dZ\n"
- "P4sJH99fucYDkJjUgRUYw35ww0OFwKgUp3CxiizbXxCqEQc=\n"
- "-----END CERTIFICATE-----\n"
- "-----BEGIN CERTIFICATE-----\n"
- "MIIEczCCA9ygAwIBAgIQeODCPg2RbK2r7/1KoWjWZzANBgkqhkiG9w0BAQUFADCB\n"
- "ujEfMB0GA1UEChMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVy\n"
- "aVNpZ24sIEluYy4xMzAxBgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2Vy\n"
- "dmVyIENBIC0gQ2xhc3MgMzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMg\n"
- "SW5jb3JwLmJ5IFJlZi4gTElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjAeFw0w\n"
- "ODA2MTAwMDAwMDBaFw0wOTA3MzAyMzU5NTlaMIG2MQswCQYDVQQGEwJERTEPMA0G\n"
- "A1UECBMGSGVzc2VuMRowGAYDVQQHFBFGcmFua2Z1cnQgYW0gTWFpbjEsMCoGA1UE\n"
- "ChQjU3Bhcmthc3NlbiBJbmZvcm1hdGlrIEdtYkggJiBDby4gS0cxKTAnBgNVBAsU\n"
- "IFRlcm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tMSEwHwYDVQQDFBhoYmNp\n"
- "LXBpbnRhbi1ycC5zLWhiY2kuZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB\n"
- "AK1CdQ9lqmChZWaRAInimuK7I36VImTuAVU0N6BIS4a2BbblkiekbVf15GVHGb6e\n"
- "QV06ANN6Nd8XIdfoxi3LoAs8sa+Ku7eoEsRFi/XIU96GgtFlxf3EsVA9RbGdtfer\n"
- "9iJGIBae2mJTlk+5LVg2EQr50PJlBuTgiYFc41xs9O2RAgMBAAGjggF6MIIBdjAJ\n"
- "BgNVHRMEAjAAMAsGA1UdDwQEAwIFoDBGBgNVHR8EPzA9MDugOaA3hjVodHRwOi8v\n"
- "Y3JsLnZlcmlzaWduLmNvbS9DbGFzczNJbnRlcm5hdGlvbmFsU2VydmVyLmNybDBE\n"
- "BgNVHSAEPTA7MDkGC2CGSAGG+EUBBxcDMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\n"
- "d3d3LnZlcmlzaWduLmNvbS9ycGEwKAYDVR0lBCEwHwYJYIZIAYb4QgQBBggrBgEF\n"
- "BQcDAQYIKwYBBQUHAwIwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRw\n"
- "Oi8vb2NzcC52ZXJpc2lnbi5jb20wbgYIKwYBBQUHAQwEYjBgoV6gXDBaMFgwVhYJ\n"
- "aW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUS2u5KJYGDLvQUjibKaxLB4shBRgwJhYk\n"
- "aHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nbzEuZ2lmMA0GCSqGSIb3DQEB\n"
- "BQUAA4GBAJ03R0YAjYzlWm54gMSn6MqJi0mHdLCO2lk3CARwjbg7TEYAZvDsKqTd\n"
- "cRuhNk079BqrQ3QapffeN55SAVrc3mzHO54Nla4n5y6x3XIQXVvRjbJGwmWXsdvr\n"
- "W899F/pBEN30Tgdbmn7JR/iZlGhIJpY9Us1i7rwQhKYir9ZQBdj3\n"
- "-----END CERTIFICATE-----\n"
- /* chain[1] */
- "-----BEGIN CERTIFICATE-----\n"
- "MIIGCjCCBPKgAwIBAgIQESoAbTflEG/WynzD77rMGDANBgkqhkiG9w0BAQUFADCB\n"
- "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
- "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
- "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
- "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBvjEL\n"
- "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
- "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
- "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMvVmVy\n"
- "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0EwggEi\n"
- "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Voi6iDRkZM/NyrDu5xlzxXLZ\n"
- "u0W8taj/g74cA9vtibcuEBolvFXKQaGfC88ZXnC5XjlLnjEcX4euKqqoK6IbOxAj\n"
- "XxOx3QiMThTag4HjtYzjaO0kZ85Wtqybc5ZE24qMs9bwcZOO23FUSutzWWqPcFEs\n"
- "A5+X0cwRerxiDZUqyRx1V+n1x+q6hDXLx4VafuRN4RGXfQ4gNEXb8aIJ6+s9nriW\n"
- "Q140SwglHkMaotm3igE0PcP45a9PjP/NZfAjTsWXs1zakByChQ0GDcEitnsopAPD\n"
- "TFPRWLxyvAg5/KB2qKjpS26IPeOzMSWMcylIDjJ5Bu09Q/T25On8fb6OCNUfAgMB\n"
- "AAGjggH0MIIB8DAdBgNVHQ4EFgQUTkPIHXbvN1N6T/JYb5TzOOLVvd8wEgYDVR0T\n"
- "AQH/BAgwBgEB/wIBADA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc\n"
- "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2NwczA9BgNVHR8ENjA0MDKgMKAuhixo\n"
- "dHRwOi8vRVZTZWN1cmUtY3JsLnZlcmlzaWduLmNvbS9wY2EzLWc1LmNybDAgBgNV\n"
- "HSUEGTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwDgYDVR0PAQH/BAQDAgEGMBEG\n"
- "CWCGSAGG+EIBAQQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFn\n"
- "ZS9naWYwITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRw\n"
- "Oi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjApBgNVHREEIjAgpB4wHDEa\n"
- "MBgGA1UEAxMRQ2xhc3MzQ0EyMDQ4LTEtNDgwPQYIKwYBBQUHAQEEMTAvMC0GCCsG\n"
- "AQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5jb20wHwYDVR0j\n"
- "BBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJKoZIhvcNAQEFBQADggEBAFqi\n"
- "sb/rjdQ4qIBywtw4Lqyncfkro7tHu21pbxA2mIzHVi67vKtKm3rW8oKT4BT+is6D\n"
- "t4Pbk4errGV5Sf1XqbHOCR+6EBXECQ5i4/kKJdVkmPDyqA92Mn6R5hjuvOfa0E6N\n"
- "eLvincBZK8DOlQ0kDHLKNF5wIokrSrDxaIfz7kSNKEB3OW5IckUxXWs5DoYC6maZ\n"
- "kzEP32fepp+MnUzOcW86Ifa5ND/5btia9z7a84Ffelxtj3z2mXS3/+QXXe1hXqtI\n"
- "u5aNZkU5tBIK9nDpnHYiS2DpKhs0Sfei1GfAsSatE7rZhAHBq+GObXAWO3eskZq7\n"
- "Gh/aWKfkT8Fhrryi/ks=\n"
- "-----END CERTIFICATE-----\n"
- /* chain[3] (CA) */
- "-----BEGIN CERTIFICATE-----\n"
- "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\n"
- "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n"
- "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n"
- "MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n"
- "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\n"
- "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n"
- "ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\n"
- "BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\n"
- "I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\n"
- "CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\n"
- "lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\n"
- "AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n"
- "-----END CERTIFICATE-----\n"
- "-----BEGIN CERTIFICATE-----\n"
- "MIIDgzCCAuygAwIBAgIQJUuKhThCzONY+MXdriJupDANBgkqhkiG9w0BAQUFADBf\n"
- "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT\n"
- "LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw\n"
- "HhcNOTcwNDE3MDAwMDAwWhcNMTExMDI0MjM1OTU5WjCBujEfMB0GA1UEChMWVmVy\n"
- "aVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVyaVNpZ24sIEluYy4xMzAx\n"
- "BgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gQ2xhc3Mg\n"
- "MzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMgSW5jb3JwLmJ5IFJlZi4g\n"
- "TElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjCBnzANBgkqhkiG9w0BAQEFAAOB\n"
- "jQAwgYkCgYEA2IKA6NYZAn0fhRg5JaJlK+G/1AXTvOY2O6rwTGxbtueqPHNFVbLx\n"
- "veqXQu2aNAoV1Klc9UAl3dkHwTKydWzEyruj/lYncUOqY/UwPpMo5frxCTvzt01O\n"
- "OfdcSVq4wR3Tsor+cDCVQsv+K1GLWjw6+SJPkLICp1OcTzTnqwSye28CAwEAAaOB\n"
- "4zCB4DAPBgNVHRMECDAGAQH/AgEAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHAQEw\n"
- "KjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQUzA0BgNV\n"
- "HSUELTArBggrBgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEAQYKYIZIAYb4RQEI\n"
- "ATALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgEGMDEGA1UdHwQqMCgwJqAk\n"
- "oCKGIGh0dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA0GCSqGSIb3DQEB\n"
- "BQUAA4GBAAgB7ORolANC8XPxI6I63unx2sZUxCM+hurPajozq+qcBBQHNgYL+Yhv\n"
- "1RPuKSvD5HKNRO3RrCAJLeH24RkFOLA9D59/+J4C3IYChmFOJl9en5IeDCSk9dBw\n"
- "E88mw0M9SR2egi5SX7w+xmYpAY5Okiy8RnUDgqxz6dl+C2fvVFIa\n"
- "-----END CERTIFICATE-----\n"
-};
-
-static time_t mytime (time_t * t)
-{
- time_t then = 1207000800;
-
- if (t)
- *t = then;
-
- return then;
-}
-
-void
-doit (void)
-{
- int ret;
- gnutls_datum_t data;
- gnutls_x509_crt_t *crts;
- unsigned int crts_size, i;
- gnutls_x509_trust_list_t tl;
- unsigned int status, flags = GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN;
-
- /* this must be called once in the program
- */
- gnutls_global_init ();
-
- gnutls_global_set_time_function (mytime);
- gnutls_global_set_log_function (tls_log_func);
- if (debug)
- gnutls_global_set_log_level (6);
-
- /* test for gnutls_certificate_get_issuer() */
- gnutls_x509_trust_list_init(&tl, 0);
-
- ret = gnutls_x509_trust_list_add_trust_mem(tl, &ca, NULL,
GNUTLS_X509_FMT_PEM, 0, 0);
- if (ret < 0)
- {
- fail("gnutls_x509_trust_list_add_trust_mem\n");
- exit(1);
- }
-
- /* Chain 1 */
- data.data = (void*) chain1;
- data.size = sizeof(chain1);
- ret = gnutls_x509_crt_list_import2(&crts, &crts_size, &data,
GNUTLS_X509_FMT_PEM, 0);
- if (ret < 0)
- {
- fail("gnutls_x509_crt_list_import2: %s\n", gnutls_strerror(ret));
- exit(1);
- }
-
- ret = gnutls_x509_trust_list_verify_crt(tl, crts, crts_size, flags, &status,
NULL);
- if (ret < 0 || status != 0)
- {
- fail("gnutls_x509_trust_list_verify_crt - 1\n");
- exit(1);
- }
-
- for (i=0;i<crts_size;i++)
- gnutls_x509_crt_deinit(crts[i]);
- gnutls_free(crts);
-
- /* Chain 2 */
- data.data = (void*) chain2;
- data.size = sizeof(chain2);
- ret = gnutls_x509_crt_list_import2(&crts, &crts_size, &data,
GNUTLS_X509_FMT_PEM, 0);
- if (ret < 0)
- {
- fail("gnutls_x509_crt_list_import2: %s\n", gnutls_strerror(ret));
- exit(1);
- }
-
- ret = gnutls_x509_trust_list_verify_crt(tl, crts, crts_size, flags, &status,
NULL);
- if (ret < 0 || status != 0)
- {
- fail("gnutls_x509_trust_list_verify_crt - 2\n");
- exit(1);
- }
-
- for (i=0;i<crts_size;i++)
- gnutls_x509_crt_deinit(crts[i]);
- gnutls_free(crts);
-
- /* Chain 3 */
- data.data = (void*) chain3;
- data.size = sizeof(chain3);
- ret = gnutls_x509_crt_list_import2(&crts, &crts_size, &data,
GNUTLS_X509_FMT_PEM, 0);
- if (ret < 0)
- {
- fail("gnutls_x509_crt_list_import2: %s\n", gnutls_strerror(ret));
- exit(1);
- }
-
- ret = gnutls_x509_trust_list_verify_crt(tl, crts, crts_size, flags, &status,
NULL);
- if (ret < 0 || status != 0)
- {
- fail("gnutls_x509_trust_list_verify_crt - 3\n");
- exit(1);
- }
-
- for (i=0;i<crts_size;i++)
- gnutls_x509_crt_deinit(crts[i]);
- gnutls_free(crts);
-
- /* Chain 4 */
- data.data = (void*) chain4;
- data.size = sizeof(chain4);
- ret = gnutls_x509_crt_list_import2(&crts, &crts_size, &data,
GNUTLS_X509_FMT_PEM, 0);
- if (ret < 0)
- {
- fail("gnutls_x509_crt_list_import2: %s\n", gnutls_strerror(ret));
- exit(1);
- }
-
- ret = gnutls_x509_trust_list_verify_crt(tl, crts, crts_size, flags, &status,
NULL);
- if (ret < 0 || status != 0)
- {
- fail("gnutls_x509_trust_list_verify_crt - 4\n");
- exit(1);
- }
-
- for (i=0;i<crts_size;i++)
- gnutls_x509_crt_deinit(crts[i]);
- gnutls_free(crts);
-
- /* Check if an unsorted list would fail if the unsorted flag is not given */
- data.data = (void*) chain2;
- data.size = sizeof(chain2);
- ret = gnutls_x509_crt_list_import2(&crts, &crts_size, &data,
GNUTLS_X509_FMT_PEM, 0);
- if (ret < 0)
- {
- fail("gnutls_x509_crt_list_import2: %s\n", gnutls_strerror(ret));
- exit(1);
- }
-
- ret = gnutls_x509_trust_list_verify_crt(tl, crts, crts_size, 0, &status,
NULL);
- if (ret < 0 || status == 0)
- {
- fail("gnutls_x509_trust_list_verify_crt - 5\n");
- exit(1);
- }
-
- for (i=0;i<crts_size;i++)
- gnutls_x509_crt_deinit(crts[i]);
- gnutls_free(crts);
-
- gnutls_x509_trust_list_deinit(tl, 1);
-
- gnutls_global_deinit();
-
- if (debug) success("success");
-}
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0_23-32-g2c1cbfd,
Nikos Mavrogiannopoulos <=