Add "profile" arg to X.509 test function
Unused yet, tests using it will be added in the next commit
This commit is contained in:
parent
26b9f7d33b
commit
e54931f489
2 changed files with 24 additions and 15 deletions
|
@ -1220,43 +1220,43 @@ mbedtls_x509_crt_verify_max:"data_files/dir-maxpath/00.crt":"data_files/dir-maxp
|
|||
|
||||
X509 CRT verify chain #1 (zero pathlen intermediate)
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert14.crt data_files/dir4/cert13.crt data_files/dir4/cert12.crt":"data_files/dir4/cert11.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert14.crt data_files/dir4/cert13.crt data_files/dir4/cert12.crt":"data_files/dir4/cert11.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:""
|
||||
|
||||
X509 CRT verify chain #2 (zero pathlen root)
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert23.crt data_files/dir4/cert22.crt":"data_files/dir4/cert21.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert23.crt data_files/dir4/cert22.crt":"data_files/dir4/cert21.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:""
|
||||
|
||||
X509 CRT verify chain #3 (nonzero pathlen root)
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert34.crt data_files/dir4/cert33.crt data_files/dir4/cert32.crt":"data_files/dir4/cert31.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert34.crt data_files/dir4/cert33.crt data_files/dir4/cert32.crt":"data_files/dir4/cert31.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:""
|
||||
|
||||
X509 CRT verify chain #4 (nonzero pathlen intermediate)
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert45.crt data_files/dir4/cert44.crt data_files/dir4/cert43.crt data_files/dir4/cert42.crt":"data_files/dir4/cert41.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert45.crt data_files/dir4/cert44.crt data_files/dir4/cert43.crt data_files/dir4/cert42.crt":"data_files/dir4/cert41.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:""
|
||||
|
||||
X509 CRT verify chain #5 (nonzero maxpathlen intermediate)
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert54.crt data_files/dir4/cert53.crt data_files/dir4/cert52.crt":"data_files/dir4/cert51.crt":0
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert54.crt data_files/dir4/cert53.crt data_files/dir4/cert52.crt":"data_files/dir4/cert51.crt":0:0:""
|
||||
|
||||
X509 CRT verify chain #6 (nonzero maxpathlen root)
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert63.crt data_files/dir4/cert62.crt":"data_files/dir4/cert61.crt":0
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert63.crt data_files/dir4/cert62.crt":"data_files/dir4/cert61.crt":0:0:""
|
||||
|
||||
X509 CRT verify chain #7 (maxpathlen root, self signed in path)
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert74.crt data_files/dir4/cert73.crt data_files/dir4/cert72.crt":"data_files/dir4/cert71.crt":0
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert74.crt data_files/dir4/cert73.crt data_files/dir4/cert72.crt":"data_files/dir4/cert71.crt":0:0:""
|
||||
|
||||
X509 CRT verify chain #8 (self signed maxpathlen root)
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert61.crt data_files/dir4/cert63.crt data_files/dir4/cert62.crt":"data_files/dir4/cert61.crt":0
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert61.crt data_files/dir4/cert63.crt data_files/dir4/cert62.crt":"data_files/dir4/cert61.crt":0:0:""
|
||||
|
||||
X509 CRT verify chain #9 (zero pathlen first intermediate, valid)
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert83.crt data_files/dir4/cert82.crt":"data_files/dir4/cert81.crt":0
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert83.crt data_files/dir4/cert82.crt":"data_files/dir4/cert81.crt":0:0:""
|
||||
|
||||
X509 CRT verify chain #10 (zero pathlen root, valid)
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert92.crt":"data_files/dir4/cert91.crt":0
|
||||
mbedtls_x509_crt_verify_chain:"data_files/dir4/cert92.crt":"data_files/dir4/cert91.crt":0:0:""
|
||||
|
||||
X509 OID description #1
|
||||
x509_oid_desc:"2B06010505070301":"TLS Web Server Authentication"
|
||||
|
|
|
@ -546,14 +546,15 @@ exit:
|
|||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
|
||||
void mbedtls_x509_crt_verify_chain( char *chain_paths, char *trusted_ca, int flags_result )
|
||||
void mbedtls_x509_crt_verify_chain( char *chain_paths, char *trusted_ca,
|
||||
int flags_result, int result,
|
||||
char *profile_name )
|
||||
{
|
||||
char* act;
|
||||
uint32_t flags;
|
||||
int result, res;
|
||||
int res;
|
||||
mbedtls_x509_crt trusted, chain;
|
||||
|
||||
result= flags_result?MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:0;
|
||||
const mbedtls_x509_crt_profile *profile = NULL;
|
||||
|
||||
mbedtls_x509_crt_init( &chain );
|
||||
mbedtls_x509_crt_init( &trusted );
|
||||
|
@ -562,7 +563,15 @@ void mbedtls_x509_crt_verify_chain( char *chain_paths, char *trusted_ca, int fl
|
|||
TEST_ASSERT( mbedtls_x509_crt_parse_file( &chain, act ) == 0 );
|
||||
TEST_ASSERT( mbedtls_x509_crt_parse_file( &trusted, trusted_ca ) == 0 );
|
||||
|
||||
res = mbedtls_x509_crt_verify( &chain, &trusted, NULL, NULL, &flags, NULL, NULL );
|
||||
if( strcmp(profile_name, "") == 0 )
|
||||
profile = &mbedtls_x509_crt_profile_default;
|
||||
else if( strcmp(profile_name, "next") == 0 )
|
||||
profile = &mbedtls_x509_crt_profile_next;
|
||||
else if( strcmp(profile_name, "suiteb") == 0 )
|
||||
profile = &mbedtls_x509_crt_profile_suiteb;
|
||||
|
||||
res = mbedtls_x509_crt_verify_with_profile( &chain, &trusted, NULL, profile,
|
||||
NULL, &flags, NULL, NULL );
|
||||
|
||||
TEST_ASSERT( res == ( result ) );
|
||||
TEST_ASSERT( flags == (uint32_t)( flags_result ) );
|
||||
|
|
Loading…
Reference in a new issue