From 0350d562862e0ffe3a3869140693ca6111d4e1e6 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 28 Mar 2019 14:23:36 +0000
Subject: [PATCH] Only run X.509 CRT verification tests with CA callback tests
 if !CRL

---
 tests/suites/test_suite_x509parse.function | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index e90ddc41d5..1d9218adfa 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@@ -440,12 +440,17 @@ void x509_verify( char *crt_file, char *ca_file, char *crl_file,
     TEST_ASSERT( flags == (uint32_t)( flags_result ) );
 
 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-    flags = 0;
+    /* CRLs aren't supported with CA callbacks, so skip the CA callback
+     * version of the test of CRLs are in use. */
+    if( crl_file == NULL || strcmp( crl_file, "" ) == 0 )
+    {
+        flags = 0;
 
-    res = mbedtls_x509_crt_verify_with_cb( &crt, ca_callback, &ca, profile, cn_name, &flags, f_vrfy, NULL );
+        res = mbedtls_x509_crt_verify_with_cb( &crt, ca_callback, &ca, profile, cn_name, &flags, f_vrfy, NULL );
 
-    TEST_ASSERT( res == ( result ) );
-    TEST_ASSERT( flags == (uint32_t)( flags_result ) );
+        TEST_ASSERT( res == ( result ) );
+        TEST_ASSERT( flags == (uint32_t)( flags_result ) );
+    }
 #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
 exit:
     mbedtls_x509_crt_free( &crt );