From 95b30beb0c0eefaecccc9c9dc073cc23703eb002 Mon Sep 17 00:00:00 2001
From: mtu <maxence.tury@ssi.gouv.fr>
Date: Mon, 25 Jan 2016 12:59:46 +0100
Subject: [PATCH] Add regression tests for x509.py

---
 scapy/layers/x509.uts            | 185 +++++++++++++++++++++++++++++++
 scapy/layers/x509_uts_cert.der   | Bin 0 -> 1302 bytes
 scapy/layers/x509_uts_crl.der    | Bin 0 -> 546 bytes
 scapy/layers/x509_uts_rsakey.der | Bin 0 -> 1191 bytes
 4 files changed, 185 insertions(+)
 create mode 100644 scapy/layers/x509.uts
 create mode 100755 scapy/layers/x509_uts_cert.der
 create mode 100644 scapy/layers/x509_uts_crl.der
 create mode 100755 scapy/layers/x509_uts_rsakey.der

diff --git a/scapy/layers/x509.uts b/scapy/layers/x509.uts
new file mode 100644
index 00000000..1eb28d69
--- /dev/null
+++ b/scapy/layers/x509.uts
@@ -0,0 +1,185 @@
+# load me with
+# python scapy/tools/UTscapy.py -m scapy/layers/x509 -t scapy/layers/x509.uts -F
+#
+## This file is part of Scapy
+## See http://www.secdev.org/projects/scapy for more informations
+## Author: Maxence Tury <maxence.tury@ssi.gouv.fr>
+## This program is published under a GPLv2 license
+
+# X509 module - Regression Test Campaign
+
+########### Key class ###############################################
+
++ Private RSA & ECDSA keys class tests
+= Key class : Importing DER encoded RSA private key
+x=RSAPrivateKey(open("scapy/layers/x509_uts_rsakey.der").read())
+
+= Key class : key version
+x.version == ASN1_INTEGER(0L)
+
+= Key class : key modulus
+x.modulus == ASN1_INTEGER(19231328316532061413420367242571475005688288081144416166988378525696075445024135424022026378563116068168327239354659928492979285632474448448624869172454076124150405352043642781483254546569202103296262513098482624188672299255268092629150366527784294463900039290024710152521604731213565912934889752122898104556895316819303096201441834849255370122572613047779766933573375974464479123135292080801384304131606933504677232323037116557327478512106367095125103346134248056463878553619525193565824925835325216545121044922690971718737998420984924512388011040969150550056783451476150234324593710633552558175109683813482739004163L)
+
+= Key class : key public exponent
+x.publicExponent == ASN1_INTEGER(65537L)
+
+= Key class : key private exponent
+x.privateExponent == ASN1_INTEGER(15879630313397508329451198152673380989865598204237760057319927734227125481903063742175442230739018051313441697936698689753842471306305671266572085925009572141819112648211571007521954312641597446020984266846581125287547514750428503480880603089110687015181510081018160579576523796170439894692640171752302225125980423560965987469457505107324833137678663960560798216976668670722016960863268272661588745006387723814962668678285659376534048525020951633874488845649968990679414325096323920666486328886913648207836459784281744709948801682209478580185160477801656666089536527545026197569990716720623647770979759861119273292833L)
+
+= Key class : key prime1
+x.prime1 == ASN1_INTEGER(140977881300857803928857666115326329496639762170623218602431133528876162476487960230341078724702018316260690172014674492782486113504117653531825010840338251572887403113276393351318549036549656895326851872473595350667293402676143426484331639796163189182788306480699144107905869179435145810212051656274284113969L)
+
+= Key class : key prime2
+x.prime2 == ASN1_INTEGER(136413798668820291889092636919077529673097927884427227010121877374504825870002258140616512268521246045642663981036167305976907058413796938050224182519965099316625879807962173794483933183111515251808827349718943344770056106787713032506379905031673992574818291891535689493330517205396872699985860522390496583027L)
+
+= Key class : key exponent1
+x.exponent1 == ASN1_INTEGER(46171616708754015342920807261537213121074749458020000367465429453038710215532257783908950878847126373502288079285334594398328912526548076894076506899568491565992572446455658740752572386903609191774044411412991906964352741123956581870694330173563737928488765282233340389888026245745090096745219902501964298369L)
+
+= Key class : key exponent2
+x.exponent2 == ASN1_INTEGER(58077388505079936284685944662039782610415160654764308528562806086690474868010482729442634318267235411531220690585030443434512729356878742778542733733189895801341155353491318998637269079682889033003797865508917973141494201620317820971253064836562060222814287812344611566640341960495346782352037479526674026269L)
+
+= Key class : key coefficient
+x.coefficient == ASN1_INTEGER(133642091354977099805228515340626956943759840737228695249787077343495440064451558090846230978708992851702164116059746794777336918772240719297253693109788134358485382183551757562334253896010728509892421673776502933574360356472723011839127418477652997263867089539752161307227878233961465798519818890416647361608L)
+
+
+########### Cert class ##############################################
+
++ X509_Cert class tests
+= Cert class : Importing DER encoded X.509 Certificate with RSA public key
+x=X509_Cert(open("scapy/layers/x509_uts_cert.der").read())
+
+= Cert class : Rebuild certificate
+str(x) == open("scapy/layers/x509_uts_cert.der").read()
+
+= Cert class : Version
+tbs = x.tbsCertificate
+tbs.version == ASN1_INTEGER(2L)
+
+= Cert class : Serial
+tbs.serialNumber == ASN1_INTEGER(0xb45e7043e7090b71)
+
+= Cert class : Signature algorithm (as advertised by TBSCertificate)
+assert(type(tbs.signature) is X509_AlgorithmIdentifier)
+tbs.signature.algorithm == ASN1_OID("sha1-with-rsa-signature")
+
+= Cert class : Issuer structure
+assert(type(tbs.issuer) is list)
+assert(len(tbs.issuer) == 7)
+assert(type(tbs.issuer[0]) is X509_RDN)
+assert(type(tbs.issuer[0].rdn) is list)
+assert(type(tbs.issuer[0].rdn[0]) is X509_AttributeTypeAndValue)
+
+= Cert class : Issuer first attribute
+tbs.issuer[0].rdn[0].type == ASN1_OID("countryName") and tbs.issuer[0].rdn[0].value == ASN1_PRINTABLE_STRING("FR")
+
+= Cert class : Issuer string
+tbs.get_issuer_str() == '/C=FR/ST=Paris/L=Paris/O=Mushroom Corp./OU=Mushroom VPN Services/CN=IKEv2 X.509 Test certificate/emailAddress=ikev2-test@mushroom.corp'
+
+= Cert class : Validity
+assert(type(tbs.validity) is X509_Validity)
+tbs.validity.not_before == ASN1_UTC_TIME("060713073859Z") and tbs.validity.not_after == ASN1_UTC_TIME("260330073859Z")
+
+= Cert class : Subject structure
+assert(type(tbs.subject) is list)
+assert(len(tbs.subject) == 7)
+assert(type(tbs.subject[0]) is X509_RDN)
+assert(type(tbs.subject[0].rdn) is list)
+assert(type(tbs.subject[0].rdn[0]) is X509_AttributeTypeAndValue)
+
+= Cert class : Subject last attribute
+tbs.issuer[6].rdn[0].type == ASN1_OID("emailAddress") and tbs.issuer[6].rdn[0].value == ASN1_IA5_STRING("ikev2-test@mushroom.corp")
+
+= Cert class : Subject string
+tbs.get_subject_str() == '/C=FR/ST=Paris/L=Paris/O=Mushroom Corp./OU=Mushroom VPN Services/CN=IKEv2 X.509 Test certificate/emailAddress=ikev2-test@mushroom.corp'
+
+= Cert class : SubjectPublicKey algorithm
+assert(type(tbs.subjectPublicKeyInfo) is X509_SubjectPublicKeyInfo)
+spki = tbs.subjectPublicKeyInfo
+spki.signatureAlgorithm.algorithm == ASN1_OID("rsaEncryption")
+
+= Cert class : SubjectPublicKey value
+assert(type(spki.subjectPublicKey) is RSAPublicKey)
+spki.subjectPublicKey.modulus == ASN1_INTEGER(19231328316532061413420367242571475005688288081144416166988378525696075445024135424022026378563116068168327239354659928492979285632474448448624869172454076124150405352043642781483254546569202103296262513098482624188672299255268092629150366527784294463900039290024710152521604731213565912934889752122898104556895316819303096201441834849255370122572613047779766933573375974464479123135292080801384304131606933504677232323037116557327478512106367095125103346134248056463878553619525193565824925835325216545121044922690971718737998420984924512388011040969150550056783451476150234324593710633552558175109683813482739004163L) and spki.subjectPublicKey.publicExponent == ASN1_INTEGER(65537L)
+
+= Cert class : Extensions structure
+ext = tbs.extensions
+assert(type(ext) is list)
+assert(len(ext) == 3)
+
+= Cert class : Subject key identifier extension info
+assert(type(ext[0]) is X509_Extension)
+ext[0].extnID == ASN1_OID("subjectKeyIdentifier") and ext[0].critical == None
+
+= Cert class : Subject key identifier extension value
+assert(type(ext[0].extnValue) is X509_ExtSubjectKeyIdentifier)
+ext[0].extnValue.keyIdentifier == ASN1_STRING('\xf3\xd8N\xde\x90\xf7\xe6]\xd2\xce3\xcd\\V\x8co\x97\x141K')
+
+= Cert class : Signature algorithm
+assert(type(x.signatureAlgorithm) is X509_AlgorithmIdentifier)
+x.signatureAlgorithm.algorithm == ASN1_OID("sha1-with-rsa-signature")
+
+= Cert class : Signature value
+x.signatureValue == ASN1_BIT_STRING("6\xce\xdd\x01\xbdz\x1f\x89[\xc71i_\xb5\x90\xac\xb5\x06\x9a\xc1\xe8\xf5Jlk\x01\xf0\xc1\xe0\xd5\x0c\xdb\x83l\x1b\xe5\x19#\xcf\x17\x03\x95\xcc\xe9\n%\x99\xfc\x8a\x9c\xda\xe8\x98\xc2\xc2\xd7\xee\x82h\\c\xabx\xc2\xfe\xa7R\xee'\xda\x94R\xd0V\x8e\xe2\x93\xfb^\xd3>\x8e\x96\x8d\x11\x90\x13`\xc9\xa8\x16=}\x8bG\x99\x07{\xd4oH;\xa8<\x8b\x1bHs&$\x0f|\x01\x9c\x1a\xb5\xbb\xc4\x86l\xcc \xd2MR\x81\xd5\xce\x13\xde\x1d\x99\xc8h\x18\x14\x06\r6]B\xe4\xfcIbt\xeeuE\xfd\xe0\x87\xc7Q\xfeH\x05A$\x13\xeb\xce\xef\xb3\\}M`\xf4\xd3=\x10\xd9\xbb6P]\xceo\x7f\x8dbA\x06\x12\x8eE\xf5\x17\x8fBm&c\xde\x02Oll\xe9jG\xa3N\xb4\x16\x8e\xdfV\x90\x05\x92\xd3\x16\xc7[\xe9\xbb\xec,\x11\xb4\x00\x86\x01\xaaWG\xc2Gd0(2\x1bN\xb3\xd6\xfe\x9fG&\xd2CaX\xd8t\x01q\xaf{;W\xbe\xf2", readable=True)
+
+= Cert class : Default X509_Cert from scratch
+str(X509_Cert(str(X509_Cert()))) == str(X509_Cert())
+
+
+############ CRL class ###############################################
+
++ X509_CRL class tests
+= CRL class : Importing DER encoded X.509 CRL
+x=X509_CRL(open("scapy/layers/x509_uts_crl.der").read())
+
+= CRL class : Rebuild crl
+str(x) == open("scapy/layers/x509_uts_crl.der").read()
+
+= CRL class : Version
+tbs = x.tbsCertList
+tbs.version == None
+
+= CRL class : Signature algorithm (as advertised by TBSCRLificate)
+assert(type(tbs.signature) is X509_AlgorithmIdentifier)
+tbs.signature.algorithm == ASN1_OID("sha1-with-rsa-signature")
+
+= CRL class : Issuer structure
+assert(type(tbs.issuer) is list)
+assert(len(tbs.issuer) == 3)
+assert(type(tbs.issuer[0]) is X509_RDN)
+assert(type(tbs.issuer[0].rdn) is list)
+assert(type(tbs.issuer[0].rdn[0]) is X509_AttributeTypeAndValue)
+
+= CRL class : Issuer first attribute
+tbs.issuer[0].rdn[0].type == ASN1_OID("countryName") and tbs.issuer[0].rdn[0].value == ASN1_PRINTABLE_STRING("US")
+
+= CRL class : Issuer string
+tbs.get_issuer_str() == '/C=US/O=VeriSign, Inc./OU=Class 1 Public Primary Certification Authority'
+
+= CRL class : This update
+tbs.this_update == ASN1_UTC_TIME("061102000000Z")
+
+= CRL class : Optional next update
+tbs.next_update == ASN1_UTC_TIME("070217235959Z")
+
+= CRL class : Optional revoked_certificates structure
+assert(type(tbs.revokedCertificates) is list)
+assert(len(tbs.revokedCertificates) == 7)
+assert(type(tbs.revokedCertificates[0]) is X509_RevokedCertificate)
+
+= CRL class : Revoked_certificates first attribute
+tbs.revokedCertificates[0].serialNumber == ASN1_INTEGER(59577943160751197113872490992424857032L) and tbs.revokedCertificates[0].revocationDate == ASN1_UTC_TIME("040401175615Z")
+
+= CRL class : Extensions structure
+tbs.crlExtensions == None
+
+= CRL class : Signature algorithm
+assert(type(x.signatureAlgorithm) is X509_AlgorithmIdentifier)
+x.signatureAlgorithm.algorithm == ASN1_OID("sha1-with-rsa-signature")
+
+= CRL class : Signature value
+x.signatureValue == ASN1_BIT_STRING('"\xc9\xf6\xbb\x1d\xa1\xa5=$\xc7\xff\xb0"\x11\xb3p\x06[\xc5U\xdd3v\xa0\x98"\x08cDi\xcfOG%w\x99\x12\x84\xd2\x19\xae \x94\xca,T\x9ak\x81\xd2\x038\xa6Z\x95\x8d*\xe2a\xce\xdb\x19\xcdu\'Y&|V\xe1\xe4\x80q\x1aI\xb2\xaa\xcdI[\xda\x0f\xa8\xff\xce<\n\xfc\xc9\xad\xc6\xde\xc8@d\x0c&\t#\x90\xb7\x9c\xb9P\x03\x8fK\x18\x9f\xb0\xe0e\x0f`\x1c\x1ag\xe5\x85\xc4%\xf5\x0b\xc93\x82R\xe6', readable=True)
+
+= CRL class : Default X509_CRL from scratch
+str(X509_CRL(str(X509_CRL()))) == str(X509_CRL())
+
+
diff --git a/scapy/layers/x509_uts_cert.der b/scapy/layers/x509_uts_cert.der
new file mode 100755
index 0000000000000000000000000000000000000000..52b2df9c07605ac287103ddef84d2da6f7795aed
GIT binary patch
literal 1302
zcmXqLVihuIV*a&&nTe5!iIZVVT!Hg*PVPbjUN%mxHjlRNyo`*jtPBQ?+YGr4IN6v(
zS=fY`+=2}G40u2s4q?`S#G=e%7@r-+7dH?E$#V(w`IZ)E6y@jVDmdpC73dkt8OVSn
zxP?XG5@7*;3c;yGWtqvT#fGW|${=}WVHr<v*D@o82t88+ONEfs;u3}A)S{Biw9Mqh
zl2k)=168;KIT^(yGP6_5jC4zY${cc`7V0GfEi{l5=QS`hFgG+dFgLa^wTu$yH8L|W
zHa38Ahpxw(7?qGCiIJ6oxrvdV!Jvtei>Zl`kzq!7mi^1ig0q)+dwScyS$vJzW7a{A
z`pw@?s=S+fe8zE3wTFS0j^fR^d%K^1Jk5N|e@6QRU9J6W%v)zZo|E&W^Jc5Nb3Tvr
zynP?EZojJC)2%N4NUB7>z|e)`;l=0Szt(>0ioT)Vy7$k`6ZwA_(pk1Fm@)s~l_w!_
zzva~q)J%_i;x&8uvqKu)XQIlM<;gp{`Yc`}5V?4|!?oUT=VrIEZHiSso)$F6w(0s8
zafhf+fiq_x)hc$}6#Mj?s-xNN4U3H4o_W8)=jEi+zNZYHKf9omsphjcNJ{2Io#q+g
z@LkIbpZ)*k-1jJ7beY*LUrRlvcc+$He*2ijUh-n<oj*U=&X`$$W@ch$WMEv}#3&C8
z5orTiV4{-cV-aH!`Fz9g-h}VZVlSODJ{uF(lRsU=(A%K#HAr5WrSY*r<AVmQY8E!`
zS<<+3$flPjq`VEvy0XG7tOm@CjQ^1n5iq9%6A>eW*}1!nd#mI-qmLVA#&4alW-HsQ
zgD<{%<zzE{IQZZy&+X<M>8Fy)=f#<)o_WcoI`dE0oLetu96EIUT~kI(^6H91|CR^6
zQ@=GO=t5ZEqshPHF5C4@>lK_JoN#i5m~Cyh`%L!gEBPMQD{Q)@J&M&-_-h#FNNwGH
zq%G%+!X@9J#;fOq@5#<Qks%?%#%mVq^yH6cQpvkg*S`<ij|cwqV0Baxetqu!=9pUF
zgfEwE1#a#(3y3|JU*DVL$R^b1`c=H&DOWA|9+Q7g&dV(K#eQ4F`tFBKV4ZYX?0EFc
t-EVXRw=lFZt_pWQ<ep-nVI=Lh`P#qv?rN8u6C-YvFcz+_whrI-2>_&=(T)HB

literal 0
HcmV?d00001

diff --git a/scapy/layers/x509_uts_crl.der b/scapy/layers/x509_uts_crl.der
new file mode 100644
index 0000000000000000000000000000000000000000..edcc11ba04500b2858497043a31719f7cfd4faac
GIT binary patch
literal 546
zcmXqLVv;jxVr)0yW#iOp^Jx3d%gD&e%3u(0$Zf#M#vIDRCd?EXY$$FZ3gU1H^M$1r
zWd>)a=jkYT<|XSHnj4scB)En3oO2S3ixmtN0!ou|GLsboiZXK(iz*eIQ;SM6(=wA2
zOEUBG6dX%SGV+TuODe^A4a^J;4U7!HAPUGeH!w0ZH!?Q0G_{N}X#8fN$Rwb1$vf%D
z^d;hF^A?|&Q>A+XsLBKg4Gqmr%?wSWKuWA!?}eRaI(z4iUwN{U^p&eXC58s31{Q{v
zMn=XaU?q;R9cGQ93RfGN-Bv_Ss?Y%|F$Y?2W(u?qti;{2@&DhJ#*b5fzLq#t!}}4a
z#29FfrJ)5-nGsk?K}cQJqg^-3>fKk)6mX172P!c#urx9ThJb;A1z1TPckDfhPnKy-
z%lcE5ER;dcg}TMS!pJbnK#56^;X;T<f<*e|wWg=^dA-!9#(~rr8W|cIS{Rvu)SyNK
zb7Lce(#dbTWfv~BRXP5DgOcFp0=DR*p?8hT7R*rMNOs9Q@9(Z!K2xaWlH@vtDW`No
zW@R^CVzyWoHMLjkQR2DVl4ncRBh_lc9zJO(l=9rP>a1t<E&dh%&)IPOIl1=Oy%P>8
nJZhZE6SmLU8Nl4{Eir$?gH-+m8L9NAtw&V9a-TGA3VH?r!mzUy

literal 0
HcmV?d00001

diff --git a/scapy/layers/x509_uts_rsakey.der b/scapy/layers/x509_uts_rsakey.der
new file mode 100755
index 0000000000000000000000000000000000000000..362897c346d254970c29bf98a7f2ec638abde3d7
GIT binary patch
literal 1191
zcmV;Y1X%kpf&`-i0RRGm0RaG*S86}$(-E7bOG!&V?4#BLNSeV2f3x<<B<`KZn8yhw
z;ZZq37lUoRi|6sn1KLlRhmb8QzXk)fnd6*n<cZmZM?-H6L!Q3yD%<LPyo)Cn;u>@x
za4|#(;nC+;`mOScTi7Rsz5Ln8Z~Opf1hk--pZ?V3R9^cZCcu1`UgS!fr{=;ai_BVf
zrfwfYMNFft5Lu&_K-P`+&YOh>vRxy`W>TCzg4gsHKw9!qnVZEbb3w9Q<<2ERHoLH*
zGVRRouuSQa%T3BK=jPBNX(mj)QW_laeksfoSGuQh=KuObj^b|>rZ(D5IW7Y3%BMN@
z@nQ#b=#||3_y){2JM#kq0|5X50)hbmead*2OWGJn|52AT#+3Z`!+=>JnTGK&4+$#k
zC!6$zj}R~fX~rX^BL#Xvf|M-S+NRx`9v9oZhG2@kXo3-ahI+uL+GL-ZBry-9L9E2?
zL*G<hoO1+=92RpwX1hF;@IXXt<`-$m-lOqe*RkLLSLTfZcY|MMR%50=da^|*JI|YU
zayU5k1z=G{y8ksUgplZWu+gtEw3Y2DK<V}!V@zR`In8|aU;;LPOCLi9d0G-t_ci<E
zTnl$HrAB;w)Acy+h6Vfd>HcV3M7U+VMq-w}oF~n}zLnYqo09gJo3@3YLY5fTS4&g(
zImNH&g`GNRHVBT)FcQhoyp~iU0)c@5$ii5|UwNAG<?&pxCvoJ(<Qi&>)-Q^oH4O@D
z52nmNqhZ+_9lhEGh#|5817<n$IacKhvOeO;uK|)vSeBpa#(5kJH_mAFiLj(!9^HC`
zT>S-HIw>XH(Lc&#v?yXth-}GbY+FSw;ZBJrRQs_>Ww@uB5{S#G6mpu^#V_zN0)c@5
z!a{qAGn6l;_<MO!xO68ayCOoDen0l?AoKf?riVGVuzY%7IO|Au(|BskRTclwfo^VE
zU}ct|2W5nH;4v5>(*A|g>vs7$orE`G_)eamp=fmv3DF{6v{|@i<CwrWS4d0TbH(M8
zJRi*;E^~Z73HGdjy9tyy>n;zTg>{{C0)c=*z$F3~%H#}1n*SK4DvuhV(q;oHLifx>
zYq<5ta)E+&C>_e%y2>Q=sMC9~c~OxYW^yf>doCM~&71T=S5ug{*a2^z_hUH6m#V$o
zh5Zst!ZCL{H7?1oHjO%pPLHF70^AcvdA#<4%nt7s_BY}x28bQi<R_1Sy67vi(Kvwu
zfq+u9cVGO2w4MXtozKn~HL8ralU`^u*KWkX+jKEd6*R4Y@t~yL7bfrZu9AEYH?Shi
z-%`H=!BaGn_6RY6^<zOVcg{-9hGGvq0Z>MzLPvNqzSF)uIm6UQ_J;bEND(xr<rH9j
z`nBr4Cs~CrNzf<p%af}O^7|mQrIfk>PaOh*fdIZx3N0N?VvXKM_i=WD0(K%<?hu1y
zzDfeb_+3=td@S0!fVnHkisbo=pNy(cSqNunMde!pi^&#*YJ0I`_a%(^y;{I%%h9uw
zwtBJBDPy6&t`{h2mt0_5cDEoRe`SL2k_Px75iNM^7N(v1eSUktI9BjUlviaJ?)SC0
F)JXZuN!9=W

literal 0
HcmV?d00001

-- 
GitLab