Cleaned up negative test predicate for test case

The test infrastructure does support negative predicates for test
cases, thanks to Andreas for letting me know.
This commit is contained in:
Gilles Peskine 2017-05-22 16:47:22 +02:00 committed by Manuel Pégourié-Gonnard
parent 2a458daa11
commit f11d33b2df
2 changed files with 1 additions and 6 deletions

View file

@ -651,9 +651,4 @@ int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *ctx, unsigned char *buf,
}
#endif
#ifndef MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
/* The test infrastructure requires a positive define */
#define MBEDTLS_X509__DEFAULT_FORBID_SHA1
#endif
#endif /* mbedtls_x509_crt.h */

View file

@ -436,7 +436,7 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDT
x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"default":"NULL"
X509 Certificate verification #14 (Valid Cert SHA1 Digest forbidden in default profile)
depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_X509__DEFAULT_FORBID_SHA1
depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:!MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_BAD_MD | MBEDTLS_X509_BADCERT_BAD_MD:"default":"NULL"
X509 Certificate verification #15 (Valid Cert SHA224 Digest)