pkcs7: Fix dependencies for pkcs7 tests

Fixes include removing PEM dependency for greater coverage when PEM config is not set and defining test dependencies at the appropriate level. Signed-off-by: Nick Child <nick.child@ibm.com>
2022-02-25 11:54:34 -06:00 · 2022-02-25 11:54:34 -06:00 · 45525d3768
commit 45525d3768
parent 6427b34dec
5 changed files with 46 additions and 22 deletions
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@ -1147,6 +1147,15 @@ pkcs7-rsa-sha256-2.crt:
 	cat pkcs7-rsa-sha256-2.crt pkcs7-rsa-sha256-2.key > pkcs7-rsa-sha256-2.pem
 all_final += pkcs7-rsa-sha256-2.crt

+# Convert signing certs to DER for testing PEM-free builds
+pkcs7-rsa-sha256-1.der: $(pkcs7_test_cert_1)
+	$(OPENSSL) x509 -in pkcs7-rsa-sha256-1.crt -out $@ -outform DER
+all_final += pkcs7-rsa-sha256-1.der
+
+pkcs7-rsa-sha256-2.der: $(pkcs7_test_cert_2)
+	$(OPENSSL) x509 -in pkcs7-rsa-sha256-2.crt -out $@ -outform DER
+all_final += pkcs7-rsa-sha256-2.der
+
 # pkcs7 signature file with CERT
 pkcs7_data_cert_signed_sha256.der: $(pkcs7_test_file) $(pkcs7_test_cert_1)
 	$(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -noattr -outform DER -out $@
--- a/tests/data_files/pkcs7-rsa-sha256-1.der
+++ b/tests/data_files/pkcs7-rsa-sha256-1.der
--- a/tests/data_files/pkcs7-rsa-sha256-2.der
+++ b/tests/data_files/pkcs7-rsa-sha256-2.der
--- a/tests/suites/test_suite_pkcs7.data
+++ b/tests/suites/test_suite_pkcs7.data
@ -1,56 +1,71 @@
 PKCS7 Signed Data Parse Pass SHA256 #1
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse:"data_files/pkcs7_data_cert_signed_sha256.der"

 PKCS7 Signed Data Parse Pass SHA1 #2
-depends_on:MBEDTLS_SHA1_C
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C
 pkcs7_parse:"data_files/pkcs7_data_cert_signed_sha1.der"

 PKCS7 Signed Data Parse Pass Without CERT #3
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse_without_cert:"data_files/pkcs7_data_without_cert_signed.der"

 PKCS7 Signed Data Parse Fail with multiple signers #4
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse_multiple_signers:"data_files/pkcs7_data_multiple_signed.der"

 PKCS7 Signed Data Parse Fail with multiple certs #4
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse_multiple_signers:"data_files/pkcs7_data_multiple_certs_signed.der"

 PKCS7 Signed Data Parse Fail with corrupted cert #5
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse_corrupted_cert:"data_files/pkcs7_data_signed_badcert.der"

 PKCS7 Signed Data Parse Fail with corrupted signer info #6
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse_corrupted_signer_info:"data_files/pkcs7_data_signed_badsigner.der"

 PKCS7 Signed Data Parse Fail Version other than 1 #7
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse_version:"data_files/pkcs7_data_cert_signed_v2.der"

 PKCS7 Signed Data Parse Fail Encrypted Content #8
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse_content_oid:"data_files/pkcs7_data_cert_encrypted.der"

 PKCS7 Signed Data Verification Pass SHA256 #9
-pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.bin"
+depends_on:MBEDTLS_SHA256_C
+pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data.bin"

 PKCS7 Signed Data Verification Pass SHA256 #9.1
-pkcs7_verify_hash:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.bin"
+depends_on:MBEDTLS_SHA256_C
+pkcs7_verify_hash:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data.bin"

 PKCS7 Signed Data Verification Pass SHA1 #10
-depends_on:MBEDTLS_SHA1_C
-pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha1.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.bin"
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C
+pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha1.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data.bin"

 PKCS7 Signed Data Verification Pass SHA512 #11
-depends_on:MBEDTLS_SHA512_C
-pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha512.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.bin"
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA256_C
+pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha512.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data.bin"

 PKCS7 Signed Data Verification Fail because of different certificate #12
-pkcs7_verify_badcert:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-2.crt":"data_files/pkcs7_data.bin"
+depends_on:MBEDTLS_SHA256_C
+pkcs7_verify_badcert:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-2.der":"data_files/pkcs7_data.bin"

 PKCS7 Signed Data Verification Fail because of different data hash #13
-pkcs7_verify_tampered_data:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data_1.bin"
+depends_on:MBEDTLS_SHA256_C
+pkcs7_verify_tampered_data:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data_1.bin"

 PKCS7 Signed Data Parse Failure Corrupt signerInfo.issuer #15.1
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse_failure:"data_files/pkcs7_signerInfo_issuer_invalid_size.der"

 PKCS7 Signed Data Parse Failure Corrupt signerInfo.serial #15.2
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse_failure:"data_files/pkcs7_signerInfo_serial_invalid_size.der"

 PKCS7 Only Signed Data Parse Pass #15
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse:"data_files/pkcs7_data_cert_signeddata_sha256.der"
--- a/tests/suites/test_suite_pkcs7.function
+++ b/tests/suites/test_suite_pkcs7.function
@ -10,11 +10,11 @@
 /* END_HEADER */

 /* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PKCS7_C:MBEDTLS_FS_IO
+ * depends_on:MBEDTLS_PKCS7_C
 * END_DEPENDENCIES
 */

-/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_RSA_C */
 void pkcs7_parse( char *pkcs7_file )
 {
    unsigned char *pkcs7_buf = NULL;
@ -37,7 +37,7 @@ exit:
 }
 /* END_CASE */

-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C*/
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
 void pkcs7_parse_without_cert( char *pkcs7_file )
 {
    unsigned char *pkcs7_buf = NULL;
@ -60,7 +60,7 @@ exit:
 }
 /* END_CASE */

-/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_RSA_C */
 void pkcs7_parse_multiple_signers( char *pkcs7_file )
 {
    unsigned char *pkcs7_buf = NULL;
@ -95,7 +95,7 @@ exit:
 }
 /* END_CASE */

-/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_RSA_C */
 void pkcs7_parse_corrupted_cert( char *pkcs7_file )
 {
    unsigned char *pkcs7_buf = NULL;
@ -118,7 +118,7 @@ exit:
 }
 /* END_CASE */

-/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_RSA_C */
 void pkcs7_parse_corrupted_signer_info( char *pkcs7_file )
 {
    unsigned char *pkcs7_buf = NULL;
@ -141,7 +141,7 @@ exit:
 }
 /* END_CASE */

-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
 void pkcs7_parse_version( char *pkcs7_file )
 {
    unsigned char *pkcs7_buf = NULL;
@ -164,7 +164,7 @@ exit:
 }
 /* END_CASE */

-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
 void pkcs7_parse_content_oid( char *pkcs7_file )
 {
    unsigned char *pkcs7_buf = NULL;
@ -186,7 +186,7 @@ exit:
 }
 /* END_CASE */

-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */
 void pkcs7_verify( char *pkcs7_file, char *crt, char *filetobesigned )
 {
    unsigned char *pkcs7_buf = NULL;
@ -236,7 +236,7 @@ exit:
 }
 /* END_CASE */

-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
 void pkcs7_verify_hash( char *pkcs7_file, char *crt, char *filetobesigned )
 {
    unsigned char *pkcs7_buf = NULL;
@ -299,7 +299,7 @@ exit:
 }
 /* END_CASE */

-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */
 void pkcs7_verify_badcert( char *pkcs7_file, char *crt, char *filetobesigned )
 {
    unsigned char *pkcs7_buf = NULL;
@ -349,7 +349,7 @@ exit:
 }
 /* END_CASE */

-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */
 void pkcs7_verify_tampered_data( char *pkcs7_file, char *crt, char *filetobesigned )
 {
    unsigned char *pkcs7_buf = NULL;
@ -399,7 +399,7 @@ exit:
 }
 /* END_CASE */

-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
 void pkcs7_parse_failure( char *pkcs7_file )
 {
    unsigned char *pkcs7_buf = NULL;