Merge pull request #5395 from gilles-peskine-arm/ssl-opt-self-signed-positive

Add positive test case with self-signed certificates
2025-03-29 22:20:30 +00:00 · 2022-01-25 12:53:56 +01:00 · 2022-01-25 12:53:56 +01:00 · 24479b3185
commit 24479b3185
parent a5c1bf0b8d e1cc60eca9
1 changed files with 15 additions and 0 deletions
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@ -4300,6 +4300,21 @@ run_test    "Authentication: client badcert, server required" \
 # detect that its write end of the connection is closed and abort
 # before reading the alert message.

+run_test    "Authentication: client cert self-signed and trusted, server required" \
+            "$P_SRV debug_level=3 auth_mode=required ca_file=data_files/server5-selfsigned.crt" \
+            "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
+             key_file=data_files/server5.key" \
+            0 \
+            -S "skip write certificate request" \
+            -C "skip parse certificate request" \
+            -c "got a certificate request" \
+            -C "skip write certificate" \
+            -C "skip write certificate verify" \
+            -S "skip parse certificate verify" \
+            -S "x509_verify_cert() returned" \
+            -S "! The certificate is not correctly signed" \
+            -S "X509 - Certificate verification failed"
+
 run_test    "Authentication: client cert not trusted, server required" \
            "$P_SRV debug_level=3 auth_mode=required" \
            "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \