From 6c1a73e0613921ea0129acb64c5c81a7c72040a4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Fri, 28 Mar 2014 14:03:22 +0100
Subject: [PATCH] Improve x509xrite_csr testing: extensions, version
---
tests/data_files/server1.v1.crt | 18 ++++++++++++++++++
tests/suites/test_suite_x509write.data | 14 +++++++++++++-
tests/suites/test_suite_x509write.function | 20 +++++++++++++++-----
3 files changed, 46 insertions(+), 6 deletions(-)
create mode 100644 tests/data_files/server1.v1.crt
diff --git a/tests/data_files/server1.v1.crt b/tests/data_files/server1.v1.crt
new file mode 100644
index 0000000000..0a4b2a5cc7
--- /dev/null
+++ b/tests/data_files/server1.v1.crt
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC9DCCAdygAwIBAAIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G
+A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/
+uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD
+d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf
+CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr
+lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
+bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
+owIwADANBgkqhkiG9w0BAQUFAAOCAQEAoZVuVi7bIslKgMJhejSFXiO+ICMz1fmK
+b0tPN68mRYhI/gsjRT0cmX6GUNrg+U5mcBWhMwHgyvx1CARU4YToKZxcXGNL0DPd
+Z1hF8nCrJCZBQvNuWE7s0ufw92xz5ZfuKkVxi94RYR529F6gzgl4rpX8UQVu2ym/
+9pTlHKr4MKi9LNppyJMS89uRcb2FJFMdhAKbhNtbIjI9qGZ7x//0belAaWhq389u
+6XWFnZt35PU6Zz6YbAQ5pjZYsTaohuufgrpOlFPUuc4uR+RfGHIQ6id12lZaQC2m
+OFIBDcU0x1cFfPfMgVdBLf6klPt/v/tD77mwx0eztSp28NIf+ACw8A==
+-----END CERTIFICATE-----
diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data
index fdc72322d6..04a24deb59 100644
--- a/tests/suites/test_suite_x509write.data
+++ b/tests/suites/test_suite_x509write.data
@@ -44,4 +44,16 @@ x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":POLARSS
Certificate write check Server1 SHA1
depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15:POLARSSL_DES_C:POLARSSL_CIPHER_MODE_CBC:POLARSSL_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":POLARSSL_MD_SHA1:"data_files/server1.crt"
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":POLARSSL_MD_SHA1:0:0:-1:"data_files/server1.crt"
+
+Certificate write check Server1 SHA1, key_usage
+depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15:POLARSSL_DES_C:POLARSSL_CIPHER_MODE_CBC:POLARSSL_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":POLARSSL_MD_SHA1:KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION | KU_KEY_ENCIPHERMENT:0:-1:"data_files/server1.key_usage.crt"
+
+Certificate write check Server1 SHA1, ns_cert_type
+depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15:POLARSSL_DES_C:POLARSSL_CIPHER_MODE_CBC:POLARSSL_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":POLARSSL_MD_SHA1:0:NS_CERT_TYPE_SSL_SERVER:-1:"data_files/server1.cert_type.crt"
+
+Certificate write check Server1 SHA1, version 1
+depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15:POLARSSL_DES_C:POLARSSL_CIPHER_MODE_CBC:POLARSSL_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":POLARSSL_MD_SHA1:0:0:X509_CRT_VERSION_1:"data_files/server1.v1.crt"
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index e2055192a1..0cea5f949e 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -62,7 +62,8 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
char *subject_name, char *issuer_key_file,
char *issuer_pwd, char *issuer_name,
char *serial_str, char *not_before, char *not_after,
- int md_type, char *cert_check_file )
+ int md_type, int key_usage, int cert_type, int ver,
+ char *cert_check_file )
{
pk_context subject_key, issuer_key;
x509write_cert crt;
@@ -86,7 +87,9 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
TEST_ASSERT( mpi_read_string( &serial, 10, serial_str ) == 0 );
x509write_crt_init( &crt );
- x509write_crt_set_serial( &crt, &serial );
+ if( ver != -1 )
+ x509write_crt_set_version( &crt, ver );
+ TEST_ASSERT( x509write_crt_set_serial( &crt, &serial ) == 0 );
TEST_ASSERT( x509write_crt_set_validity( &crt, not_before,
not_after ) == 0 );
x509write_crt_set_md_alg( &crt, md_type );
@@ -95,9 +98,16 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
x509write_crt_set_subject_key( &crt, &subject_key );
x509write_crt_set_issuer_key( &crt, &issuer_key );
- TEST_ASSERT( x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 );
- TEST_ASSERT( x509write_crt_set_subject_key_identifier( &crt ) == 0 );
- TEST_ASSERT( x509write_crt_set_authority_key_identifier( &crt ) == 0 );
+ if( crt.version >= X509_CRT_VERSION_3 )
+ {
+ TEST_ASSERT( x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 );
+ TEST_ASSERT( x509write_crt_set_subject_key_identifier( &crt ) == 0 );
+ TEST_ASSERT( x509write_crt_set_authority_key_identifier( &crt ) == 0 );
+ if( key_usage != 0 )
+ TEST_ASSERT( x509write_crt_set_key_usage( &crt, key_usage ) == 0 );
+ if( cert_type != 0 )
+ TEST_ASSERT( x509write_crt_set_ns_cert_type( &crt, cert_type ) == 0 );
+ }
ret = x509write_crt_pem( &crt, buf, sizeof(buf),
rnd_pseudo_rand, &rnd_info );