Add regress coverage for X509_NAME_oneline and X509_NAME_printHEAD master

author: tb <> 2025-03-15 06:37:49 +0000
committer: tb <> 2025-03-15 06:37:49 +0000
commit: fc76871045006eabab7ca20e523e96e5ce921aec (patch)
tree: bf20fb69efd17f07caa0629f1472c18fe3ecbf2c /src/regress/lib
parent: 3abe161044547f34eeeb6039315c30493bb60fb8 (diff)
download: openbsd-master.tar.gz
openbsd-master.tar.bz2
openbsd-master.zip
2 files changed, 314 insertions, 1 deletions
diff --git a/src/regress/lib/libcrypto/x509/Makefile b/src/regress/lib/libcrypto/x509/Makefile
index 80879f6e3c..19e65efddd 100644
--- a/src/regress/lib/libcrypto/x509/Makefile
+++ b/src/regress/lib/libcrypto/x509/Makefile
@@ -1,7 +1,8 @@
-#       $OpenBSD: Makefile,v 1.23 2024/06/16 17:57:08 tb Exp $
+#       $OpenBSD: Makefile,v 1.24 2025/03/15 06:37:49 tb Exp $
 PROGS = constraints verify x509attribute x509name x509req_ext callback
 PROGS += expirecallback callbackfailures x509_asn1 x509_extensions_test
+PROGS += x509_name_test
 LDADD = -lcrypto
 DPADD = ${LIBCRYPTO}
diff --git a/src/regress/lib/libcrypto/x509/x509_name_test.c b/src/regress/lib/libcrypto/x509/x509_name_test.c
new file mode 100644
index 0000000000..75a82fecd6
--- /dev/null
+++ b/src/regress/lib/libcrypto/x509/x509_name_test.c
@@ -0,0 +1,312 @@
+/*      $OpenBSD: x509_name_test.c,v 1.1 2025/03/15 06:37:49 tb Exp $ */
+/*
+ * Copyright (c) 2025 Theo Buehler <tb@openbsd.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+#include <err.h>
+#include <stdio.h>
+#include <string.h>
+#include <openssl/x509.h>
+#define fixed 0
+static const struct x509_name_legacy {
+        const char      *compat;
+        const char      *oneline;
+        const uint8_t    der[255];
+        size_t           der_len;
+} x509_name_legacy_test[] = {
+        {
+                .compat =
+                    "C=HU, "
+                    "L=Budapest, "
+                    "O=Microsec Ltd., "
+                    "CN=Microsec e-Szigno Root CA 2009"
+#if fixed
+                    ", "
+                    "emailAddress=info@e-szigno.hu",
+#else
+                    "",
+#endif
+                .oneline =
+                    "/C=HU"
+                    "/L=Budapest"
+                    "/O=Microsec Ltd."
+                    "/CN=Microsec e-Szigno Root CA 2009"
+                    "/emailAddress=info@e-szigno.hu",
+                .der = {
+                        0x30, 0x81, 0x82, 0x31, 0x0b, 0x30, 0x09, 0x06,
+                        0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x48, 0x55,
+                        0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04,
+                        0x07, 0x0c, 0x08, 0x42, 0x75, 0x64, 0x61, 0x70,
+                        0x65, 0x73, 0x74, 0x31, 0x16, 0x30, 0x14, 0x06,
+                        0x03, 0x55, 0x04, 0x0a, 0x0c, 0x0d, 0x4d, 0x69,
+                        0x63, 0x72, 0x6f, 0x73, 0x65, 0x63, 0x20, 0x4c,
+                        0x74, 0x64, 0x2e, 0x31, 0x27, 0x30, 0x25, 0x06,
+                        0x03, 0x55, 0x04, 0x03, 0x0c, 0x1e, 0x4d, 0x69,
+                        0x63, 0x72, 0x6f, 0x73, 0x65, 0x63, 0x20, 0x65,
+                        0x2d, 0x53, 0x7a, 0x69, 0x67, 0x6e, 0x6f, 0x20,
+                        0x52, 0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41, 0x20,
+                        0x32, 0x30, 0x30, 0x39, 0x31, 0x1f, 0x30, 0x1d,
+                        0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
+                        0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66,
+                        0x6f, 0x40, 0x65, 0x2d, 0x73, 0x7a, 0x69, 0x67,
+                        0x6e, 0x6f, 0x2e, 0x68, 0x75,
+                },
+                .der_len = 133,
+        },
+        {
+                .compat =
+#if fixed
+                    "serialNumber=G63287510, "
+#endif
+                    "C=ES, "
+                    "O=ANF Autoridad de Certificacion, "
+                    "OU=ANF CA Raiz, "
+                    "CN=ANF Secure Server Root CA",
+                .oneline =
+                    "/serialNumber=G63287510"
+                    "/C=ES"
+                    "/O=ANF Autoridad de Certificacion"
+                    "/OU=ANF CA Raiz"
+                    "/CN=ANF Secure Server Root CA",
+                .der = {
+                        0x30, 0x81, 0x84, 0x31, 0x12, 0x30, 0x10, 0x06,
+                        0x03, 0x55, 0x04, 0x05, 0x13, 0x09, 0x47, 0x36,
+                        0x33, 0x32, 0x38, 0x37, 0x35, 0x31, 0x30, 0x31,
+                        0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
+                        0x13, 0x02, 0x45, 0x53, 0x31, 0x27, 0x30, 0x25,
+                        0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x1e, 0x41,
+                        0x4e, 0x46, 0x20, 0x41, 0x75, 0x74, 0x6f, 0x72,
+                        0x69, 0x64, 0x61, 0x64, 0x20, 0x64, 0x65, 0x20,
+                        0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63,
+                        0x61, 0x63, 0x69, 0x6f, 0x6e, 0x31, 0x14, 0x30,
+                        0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x0b,
+                        0x41, 0x4e, 0x46, 0x20, 0x43, 0x41, 0x20, 0x52,
+                        0x61, 0x69, 0x7a, 0x31, 0x22, 0x30, 0x20, 0x06,
+                        0x03, 0x55, 0x04, 0x03, 0x13, 0x19, 0x41, 0x4e,
+                        0x46, 0x20, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65,
+                        0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20,
+                        0x52, 0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41,
+                },
+                .der_len = 135,
+        },
+        {
+                .compat =
+                    "C=GB, "
+                    "ST=Greater Manchester, "
+                    "L=Salford, "
+                    "O=COMODO CA Limited, "
+                    "CN=COMODO Certification Authority",
+                .oneline =
+                    "/C=GB"
+                    "/ST=Greater Manchester"
+                    "/L=Salford"
+                    "/O=COMODO CA Limited"
+                    "/CN=COMODO Certification Authority",
+                .der = {
+                        0x30, 0x81, 0x81, 0x31, 0x0b, 0x30, 0x09, 0x06,
+                        0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x47, 0x42,
+                        0x31, 0x1b, 0x30, 0x19, 0x06, 0x03, 0x55, 0x04,
+                        0x08, 0x13, 0x12, 0x47, 0x72, 0x65, 0x61, 0x74,
+                        0x65, 0x72, 0x20, 0x4d, 0x61, 0x6e, 0x63, 0x68,
+                        0x65, 0x73, 0x74, 0x65, 0x72, 0x31, 0x10, 0x30,
+                        0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07,
+                        0x53, 0x61, 0x6c, 0x66, 0x6f, 0x72, 0x64, 0x31,
+                        0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x0a,
+                        0x13, 0x11, 0x43, 0x4f, 0x4d, 0x4f, 0x44, 0x4f,
+                        0x20, 0x43, 0x41, 0x20, 0x4c, 0x69, 0x6d, 0x69,
+                        0x74, 0x65, 0x64, 0x31, 0x27, 0x30, 0x25, 0x06,
+                        0x03, 0x55, 0x04, 0x03, 0x13, 0x1e, 0x43, 0x4f,
+                        0x4d, 0x4f, 0x44, 0x4f, 0x20, 0x43, 0x65, 0x72,
+                        0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69,
+                        0x6f, 0x6e, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f,
+                        0x72, 0x69, 0x74, 0x79,
+                },
+                .der_len = 132,
+        },
+        {
+                .compat =
+                    "C=HU, "
+                    "L=Budapest, "
+                    "O=Microsec Ltd., "
+#if fixed
+                    "2.5.4.97=VATHU-23584497, "
+#endif
+                    "CN=e-Szigno Root CA 2017",
+                .oneline =
+                    "/C=HU"
+                    "/L=Budapest"
+                    "/O=Microsec Ltd."
+                    "/2.5.4.97=VATHU-23584497"
+                    "/CN=e-Szigno Root CA 2017",
+                .der = {
+                        0x30, 0x71, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,
+                        0x55, 0x04, 0x06, 0x13, 0x02, 0x48, 0x55, 0x31,
+                        0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x07,
+                        0x0c, 0x08, 0x42, 0x75, 0x64, 0x61, 0x70, 0x65,
+                        0x73, 0x74, 0x31, 0x16, 0x30, 0x14, 0x06, 0x03,
+                        0x55, 0x04, 0x0a, 0x0c, 0x0d, 0x4d, 0x69, 0x63,
+                        0x72, 0x6f, 0x73, 0x65, 0x63, 0x20, 0x4c, 0x74,
+                        0x64, 0x2e, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03,
+                        0x55, 0x04, 0x61, 0x0c, 0x0e, 0x56, 0x41, 0x54,
+                        0x48, 0x55, 0x2d, 0x32, 0x33, 0x35, 0x38, 0x34,
+                        0x34, 0x39, 0x37, 0x31, 0x1e, 0x30, 0x1c, 0x06,
+                        0x03, 0x55, 0x04, 0x03, 0x0c, 0x15, 0x65, 0x2d,
+                        0x53, 0x7a, 0x69, 0x67, 0x6e, 0x6f, 0x20, 0x52,
+                        0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41, 0x20, 0x32,
+                        0x30, 0x31, 0x37,
+                },
+                .der_len = 115,
+        },
+        {
+                .compat =
+                    "C=ES, "
+                    "O=FNMT-RCM, "
+                    "OU=Ceres, "
+#if fixed
+                    "2.5.4.97=VATES-Q2826004J, "
+#endif
+                    "CN=AC RAIZ FNMT-RCM SERVIDORES SEGUROS",
+                .oneline =
+                    "/C=ES"
+                    "/O=FNMT-RCM"
+                    "/OU=Ceres"
+                    "/2.5.4.97=VATES-Q2826004J"
+                    "/CN=AC RAIZ FNMT-RCM SERVIDORES SEGUROS",
+                .der = {
+                        0x30, 0x78, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,
+                        0x55, 0x04, 0x06, 0x13, 0x02, 0x45, 0x53, 0x31,
+                        0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a,
+                        0x0c, 0x08, 0x46, 0x4e, 0x4d, 0x54, 0x2d, 0x52,
+                        0x43, 0x4d, 0x31, 0x0e, 0x30, 0x0c, 0x06, 0x03,
+                        0x55, 0x04, 0x0b, 0x0c, 0x05, 0x43, 0x65, 0x72,
+                        0x65, 0x73, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03,
+                        0x55, 0x04, 0x61, 0x0c, 0x0f, 0x56, 0x41, 0x54,
+                        0x45, 0x53, 0x2d, 0x51, 0x32, 0x38, 0x32, 0x36,
+                        0x30, 0x30, 0x34, 0x4a, 0x31, 0x2c, 0x30, 0x2a,
+                        0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x23, 0x41,
+                        0x43, 0x20, 0x52, 0x41, 0x49, 0x5a, 0x20, 0x46,
+                        0x4e, 0x4d, 0x54, 0x2d, 0x52, 0x43, 0x4d, 0x20,
+                        0x53, 0x45, 0x52, 0x56, 0x49, 0x44, 0x4f, 0x52,
+                        0x45, 0x53, 0x20, 0x53, 0x45, 0x47, 0x55, 0x52,
+                        0x4f, 0x53
+                },
+                .der_len = 122,
+        },
+};
+#define N_X509_NAME_COMPAT \
+        (sizeof(x509_name_legacy_test) / sizeof(x509_name_legacy_test[0]))
+static int
+x509_name_compat_testcase(const struct x509_name_legacy *test)
+{
+        const uint8_t *p;
+        X509_NAME *name = NULL;
+        unsigned char *der = NULL;
+        int der_len = 0;
+        BIO *bio = NULL;
+        char *got;
+        int got_len;
+        char *buf = NULL;
+        int failed = 1;
+        p = test->der;
+        if ((name = d2i_X509_NAME(NULL, &p, test->der_len)) == NULL)
+                errx(1, "d2i_X509_NAME");
+        if ((der_len = i2d_X509_NAME(name, &der)) <= 0) {
+                fprintf(stderr, "FAIL: %s: i2d_X509_NAME", __func__);
+                der_len = 0;
+                goto err;
+        }
+        if (test->der_len != (size_t)der_len) {
+                fprintf(stderr, "FAIL: %s: der len: want %zu, got %d\n",
+                    __func__, test->der_len, der_len);
+                goto err;
+        }
+        if (memcmp(test->der, der, test->der_len) != 0) {
+                fprintf(stderr, "FAIL: %s: DER mismatch\n", __func__);
+                goto err;
+        }
+        if ((bio = BIO_new(BIO_s_mem())) == NULL)
+                errx(1, "BIO_new");
+        if (!X509_NAME_print_ex(bio, name, 0, XN_FLAG_COMPAT)) {
+                fprintf(stderr, "FAIL: %s: X509_NAME_print_ex", __func__);
+                goto err;
+        }
+        if ((got_len = BIO_get_mem_data(bio, &got)) < 0)
+                errx(1, "BIO_get_mem_data");
+        if (strcmp(test->compat, got) != 0) {
+                fprintf(stderr, "FAIL: %s compat:\nwant: \"%s\",\ngot:  \"%s\"\n",
+                    __func__, test->compat, got);
+                goto err;
+        }
+        if ((buf = X509_NAME_oneline(name, NULL, 0)) == NULL)
+                errx(1, "X509_NAME_oneline");
+        if (strcmp(test->oneline, buf) != 0) {
+                fprintf(stderr, "FAIL: %s oneline:\nwant: \"%s\",\ngot:  \"%s\"\n",
+                    __func__, test->compat, got);
+                goto err;
+        }
+        failed = 0;
+ err:
+        BIO_free(bio);
+        free(buf);
+        X509_NAME_free(name);
+        freezero(der, der_len);
+        return failed;
+}
+static int
+x509_name_compat_test(void)
+{
+        size_t i;
+        int failed = 0;
+        for (i = 0; i < N_X509_NAME_COMPAT; i++)
+                failed |= x509_name_compat_testcase(&x509_name_legacy_test[i]);
+        return failed;
+}
+int
+main(void)
+{
+        int failed = 0;
+        failed |= x509_name_compat_test();
+        return failed;
+}
author	tb <>	2025-03-15 06:37:49 +0000
committer	tb <>	2025-03-15 06:37:49 +0000
commit	fc76871045006eabab7ca20e523e96e5ce921aec (patch)
tree	bf20fb69efd17f07caa0629f1472c18fe3ecbf2c /src/regress/lib
parent	3abe161044547f34eeeb6039315c30493bb60fb8 (diff)
download	openbsd-master.tar.gz openbsd-master.tar.bz2 openbsd-master.zip

diff --git a/src/regress/lib/libcrypto/x509/Makefile b/src/regress/lib/libcrypto/x509/Makefile index 80879f6e3c..19e65efddd 100644 --- a/src/regress/lib/libcrypto/x509/Makefile +++ b/src/regress/lib/libcrypto/x509/Makefile
@@ -1,7 +1,8 @@
1	# $OpenBSD: Makefile,v 1.23 2024/06/16 17:57:08 tb Exp $	1	# $OpenBSD: Makefile,v 1.24 2025/03/15 06:37:49 tb Exp $
2		2
3	PROGS = constraints verify x509attribute x509name x509req_ext callback	3	PROGS = constraints verify x509attribute x509name x509req_ext callback
4	PROGS += expirecallback callbackfailures x509_asn1 x509_extensions_test	4	PROGS += expirecallback callbackfailures x509_asn1 x509_extensions_test
		5	PROGS += x509_name_test
5	LDADD = -lcrypto	6	LDADD = -lcrypto
6	DPADD = ${LIBCRYPTO}	7	DPADD = ${LIBCRYPTO}
7		8


diff --git a/src/regress/lib/libcrypto/x509/x509_name_test.c b/src/regress/lib/libcrypto/x509/x509_name_test.c new file mode 100644 index 0000000000..75a82fecd6 --- /dev/null +++ b/src/regress/lib/libcrypto/x509/x509_name_test.c
@@ -0,0 +1,312 @@
		1	/* $OpenBSD: x509_name_test.c,v 1.1 2025/03/15 06:37:49 tb Exp $ */
		2
		3	/*
		4	* Copyright (c) 2025 Theo Buehler <tb@openbsd.org>
		5	*
		6	* Permission to use, copy, modify, and distribute this software for any
		7	* purpose with or without fee is hereby granted, provided that the above
		8	* copyright notice and this permission notice appear in all copies.
		9	*
		10	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		11	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		12	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		13	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		14	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		15	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		16	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		17	*/
		18
		19	#include <err.h>
		20	#include <stdio.h>
		21	#include <string.h>
		22
		23	#include <openssl/x509.h>
		24
		25	#define fixed 0
		26
		27	static const struct x509_name_legacy {
		28	const char *compat;
		29	const char *oneline;
		30	const uint8_t der[255];
		31	size_t der_len;
		32	} x509_name_legacy_test[] = {
		33	{
		34	.compat =
		35	"C=HU, "
		36	"L=Budapest, "
		37	"O=Microsec Ltd., "
		38	"CN=Microsec e-Szigno Root CA 2009"
		39	#if fixed
		40	", "
		41	"emailAddress=info@e-szigno.hu",
		42	#else
		43	"",
		44	#endif
		45	.oneline =
		46	"/C=HU"
		47	"/L=Budapest"
		48	"/O=Microsec Ltd."
		49	"/CN=Microsec e-Szigno Root CA 2009"
		50	"/emailAddress=info@e-szigno.hu",
		51	.der = {
		52	0x30, 0x81, 0x82, 0x31, 0x0b, 0x30, 0x09, 0x06,
		53	0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x48, 0x55,
		54	0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04,
		55	0x07, 0x0c, 0x08, 0x42, 0x75, 0x64, 0x61, 0x70,
		56	0x65, 0x73, 0x74, 0x31, 0x16, 0x30, 0x14, 0x06,
		57	0x03, 0x55, 0x04, 0x0a, 0x0c, 0x0d, 0x4d, 0x69,
		58	0x63, 0x72, 0x6f, 0x73, 0x65, 0x63, 0x20, 0x4c,
		59	0x74, 0x64, 0x2e, 0x31, 0x27, 0x30, 0x25, 0x06,
		60	0x03, 0x55, 0x04, 0x03, 0x0c, 0x1e, 0x4d, 0x69,
		61	0x63, 0x72, 0x6f, 0x73, 0x65, 0x63, 0x20, 0x65,
		62	0x2d, 0x53, 0x7a, 0x69, 0x67, 0x6e, 0x6f, 0x20,
		63	0x52, 0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41, 0x20,
		64	0x32, 0x30, 0x30, 0x39, 0x31, 0x1f, 0x30, 0x1d,
		65	0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
		66	0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66,
		67	0x6f, 0x40, 0x65, 0x2d, 0x73, 0x7a, 0x69, 0x67,
		68	0x6e, 0x6f, 0x2e, 0x68, 0x75,
		69	},
		70	.der_len = 133,
		71	},
		72
		73	{
		74	.compat =
		75	#if fixed
		76	"serialNumber=G63287510, "
		77	#endif
		78	"C=ES, "
		79	"O=ANF Autoridad de Certificacion, "
		80	"OU=ANF CA Raiz, "
		81	"CN=ANF Secure Server Root CA",
		82	.oneline =
		83	"/serialNumber=G63287510"
		84	"/C=ES"
		85	"/O=ANF Autoridad de Certificacion"
		86	"/OU=ANF CA Raiz"
		87	"/CN=ANF Secure Server Root CA",
		88	.der = {
		89	0x30, 0x81, 0x84, 0x31, 0x12, 0x30, 0x10, 0x06,
		90	0x03, 0x55, 0x04, 0x05, 0x13, 0x09, 0x47, 0x36,
		91	0x33, 0x32, 0x38, 0x37, 0x35, 0x31, 0x30, 0x31,
		92	0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
		93	0x13, 0x02, 0x45, 0x53, 0x31, 0x27, 0x30, 0x25,
		94	0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x1e, 0x41,
		95	0x4e, 0x46, 0x20, 0x41, 0x75, 0x74, 0x6f, 0x72,
		96	0x69, 0x64, 0x61, 0x64, 0x20, 0x64, 0x65, 0x20,
		97	0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63,
		98	0x61, 0x63, 0x69, 0x6f, 0x6e, 0x31, 0x14, 0x30,
		99	0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x0b,
		100	0x41, 0x4e, 0x46, 0x20, 0x43, 0x41, 0x20, 0x52,
		101	0x61, 0x69, 0x7a, 0x31, 0x22, 0x30, 0x20, 0x06,
		102	0x03, 0x55, 0x04, 0x03, 0x13, 0x19, 0x41, 0x4e,
		103	0x46, 0x20, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65,
		104	0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20,
		105	0x52, 0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41,
		106	},
		107	.der_len = 135,
		108	},
		109
		110	{
		111	.compat =
		112	"C=GB, "
		113	"ST=Greater Manchester, "
		114	"L=Salford, "
		115	"O=COMODO CA Limited, "
		116	"CN=COMODO Certification Authority",
		117	.oneline =
		118	"/C=GB"
		119	"/ST=Greater Manchester"
		120	"/L=Salford"
		121	"/O=COMODO CA Limited"
		122	"/CN=COMODO Certification Authority",
		123	.der = {
		124	0x30, 0x81, 0x81, 0x31, 0x0b, 0x30, 0x09, 0x06,
		125	0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x47, 0x42,
		126	0x31, 0x1b, 0x30, 0x19, 0x06, 0x03, 0x55, 0x04,
		127	0x08, 0x13, 0x12, 0x47, 0x72, 0x65, 0x61, 0x74,
		128	0x65, 0x72, 0x20, 0x4d, 0x61, 0x6e, 0x63, 0x68,
		129	0x65, 0x73, 0x74, 0x65, 0x72, 0x31, 0x10, 0x30,
		130	0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07,
		131	0x53, 0x61, 0x6c, 0x66, 0x6f, 0x72, 0x64, 0x31,
		132	0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x0a,
		133	0x13, 0x11, 0x43, 0x4f, 0x4d, 0x4f, 0x44, 0x4f,
		134	0x20, 0x43, 0x41, 0x20, 0x4c, 0x69, 0x6d, 0x69,
		135	0x74, 0x65, 0x64, 0x31, 0x27, 0x30, 0x25, 0x06,
		136	0x03, 0x55, 0x04, 0x03, 0x13, 0x1e, 0x43, 0x4f,
		137	0x4d, 0x4f, 0x44, 0x4f, 0x20, 0x43, 0x65, 0x72,
		138	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69,
		139	0x6f, 0x6e, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f,
		140	0x72, 0x69, 0x74, 0x79,
		141	},
		142	.der_len = 132,
		143	},
		144
		145	{
		146	.compat =
		147	"C=HU, "
		148	"L=Budapest, "
		149	"O=Microsec Ltd., "
		150	#if fixed
		151	"2.5.4.97=VATHU-23584497, "
		152	#endif
		153	"CN=e-Szigno Root CA 2017",
		154	.oneline =
		155	"/C=HU"
		156	"/L=Budapest"
		157	"/O=Microsec Ltd."
		158	"/2.5.4.97=VATHU-23584497"
		159	"/CN=e-Szigno Root CA 2017",
		160	.der = {
		161	0x30, 0x71, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,
		162	0x55, 0x04, 0x06, 0x13, 0x02, 0x48, 0x55, 0x31,
		163	0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x07,
		164	0x0c, 0x08, 0x42, 0x75, 0x64, 0x61, 0x70, 0x65,
		165	0x73, 0x74, 0x31, 0x16, 0x30, 0x14, 0x06, 0x03,
		166	0x55, 0x04, 0x0a, 0x0c, 0x0d, 0x4d, 0x69, 0x63,
		167	0x72, 0x6f, 0x73, 0x65, 0x63, 0x20, 0x4c, 0x74,
		168	0x64, 0x2e, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03,
		169	0x55, 0x04, 0x61, 0x0c, 0x0e, 0x56, 0x41, 0x54,
		170	0x48, 0x55, 0x2d, 0x32, 0x33, 0x35, 0x38, 0x34,
		171	0x34, 0x39, 0x37, 0x31, 0x1e, 0x30, 0x1c, 0x06,
		172	0x03, 0x55, 0x04, 0x03, 0x0c, 0x15, 0x65, 0x2d,
		173	0x53, 0x7a, 0x69, 0x67, 0x6e, 0x6f, 0x20, 0x52,
		174	0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41, 0x20, 0x32,
		175	0x30, 0x31, 0x37,
		176	},
		177	.der_len = 115,
		178	},
		179
		180	{
		181
		182	.compat =
		183	"C=ES, "
		184	"O=FNMT-RCM, "
		185	"OU=Ceres, "
		186	#if fixed
		187	"2.5.4.97=VATES-Q2826004J, "
		188	#endif
		189	"CN=AC RAIZ FNMT-RCM SERVIDORES SEGUROS",
		190	.oneline =
		191	"/C=ES"
		192	"/O=FNMT-RCM"
		193	"/OU=Ceres"
		194	"/2.5.4.97=VATES-Q2826004J"
		195	"/CN=AC RAIZ FNMT-RCM SERVIDORES SEGUROS",
		196	.der = {
		197	0x30, 0x78, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,
		198	0x55, 0x04, 0x06, 0x13, 0x02, 0x45, 0x53, 0x31,
		199	0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a,
		200	0x0c, 0x08, 0x46, 0x4e, 0x4d, 0x54, 0x2d, 0x52,
		201	0x43, 0x4d, 0x31, 0x0e, 0x30, 0x0c, 0x06, 0x03,
		202	0x55, 0x04, 0x0b, 0x0c, 0x05, 0x43, 0x65, 0x72,
		203	0x65, 0x73, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03,
		204	0x55, 0x04, 0x61, 0x0c, 0x0f, 0x56, 0x41, 0x54,
		205	0x45, 0x53, 0x2d, 0x51, 0x32, 0x38, 0x32, 0x36,
		206	0x30, 0x30, 0x34, 0x4a, 0x31, 0x2c, 0x30, 0x2a,
		207	0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x23, 0x41,
		208	0x43, 0x20, 0x52, 0x41, 0x49, 0x5a, 0x20, 0x46,
		209	0x4e, 0x4d, 0x54, 0x2d, 0x52, 0x43, 0x4d, 0x20,
		210	0x53, 0x45, 0x52, 0x56, 0x49, 0x44, 0x4f, 0x52,
		211	0x45, 0x53, 0x20, 0x53, 0x45, 0x47, 0x55, 0x52,
		212	0x4f, 0x53
		213	},
		214	.der_len = 122,
		215	},
		216	};
		217
		218	#define N_X509_NAME_COMPAT \
		219	(sizeof(x509_name_legacy_test) / sizeof(x509_name_legacy_test[0]))
		220
		221	static int
		222	x509_name_compat_testcase(const struct x509_name_legacy *test)
		223	{
		224	const uint8_t *p;
		225	X509_NAME *name = NULL;
		226	unsigned char *der = NULL;
		227	int der_len = 0;
		228	BIO *bio = NULL;
		229	char *got;
		230	int got_len;
		231	char *buf = NULL;
		232	int failed = 1;
		233
		234	p = test->der;
		235	if ((name = d2i_X509_NAME(NULL, &p, test->der_len)) == NULL)
		236	errx(1, "d2i_X509_NAME");
		237
		238	if ((der_len = i2d_X509_NAME(name, &der)) <= 0) {
		239	fprintf(stderr, "FAIL: %s: i2d_X509_NAME", __func__);
		240	der_len = 0;
		241	goto err;
		242	}
		243
		244	if (test->der_len != (size_t)der_len) {
		245	fprintf(stderr, "FAIL: %s: der len: want %zu, got %d\n",
		246	__func__, test->der_len, der_len);
		247	goto err;
		248	}
		249
		250	if (memcmp(test->der, der, test->der_len) != 0) {
		251	fprintf(stderr, "FAIL: %s: DER mismatch\n", __func__);
		252	goto err;
		253	}
		254
		255	if ((bio = BIO_new(BIO_s_mem())) == NULL)
		256	errx(1, "BIO_new");
		257
		258	if (!X509_NAME_print_ex(bio, name, 0, XN_FLAG_COMPAT)) {
		259	fprintf(stderr, "FAIL: %s: X509_NAME_print_ex", __func__);
		260	goto err;
		261	}
		262
		263	if ((got_len = BIO_get_mem_data(bio, &got)) < 0)
		264	errx(1, "BIO_get_mem_data");
		265
		266	if (strcmp(test->compat, got) != 0) {
		267	fprintf(stderr, "FAIL: %s compat:\nwant: \"%s\",\ngot: \"%s\"\n",
		268	__func__, test->compat, got);
		269	goto err;
		270	}
		271
		272	if ((buf = X509_NAME_oneline(name, NULL, 0)) == NULL)
		273	errx(1, "X509_NAME_oneline");
		274
		275	if (strcmp(test->oneline, buf) != 0) {
		276	fprintf(stderr, "FAIL: %s oneline:\nwant: \"%s\",\ngot: \"%s\"\n",
		277	__func__, test->compat, got);
		278	goto err;
		279	}
		280
		281	failed = 0;
		282
		283	err:
		284	BIO_free(bio);
		285	free(buf);
		286	X509_NAME_free(name);
		287	freezero(der, der_len);
		288
		289	return failed;
		290	}
		291
		292	static int
		293	x509_name_compat_test(void)
		294	{
		295	size_t i;
		296	int failed = 0;
		297
		298	for (i = 0; i < N_X509_NAME_COMPAT; i++)
		299	failed \|= x509_name_compat_testcase(&x509_name_legacy_test[i]);
		300
		301	return failed;
		302	}
		303
		304	int
		305	main(void)
		306	{
		307	int failed = 0;
		308
		309	failed \|= x509_name_compat_test();
		310
		311	return failed;
		312	}