From: olszomal <Malgorzata.Olszowka@stunnel.org>
Date: Thu, 30 Nov 2023 16:57:45 +0000 (+0100)
Subject: Add a test for X509_load_cert_file()
X-Git-Tag: openssl-3.3.0-alpha1~535
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d6961af1acbdf29b684f3307578bd03890a26a9c;p=thirdparty%2Fopenssl.git

Add a test for X509_load_cert_file()

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22885)
---

diff --git a/test/build.info b/test/build.info
index a71ee13d1f1..e8a4d392fed 100644
--- a/test/build.info
+++ b/test/build.info
@@ -63,7 +63,7 @@ IF[{- !$disabled{tests} -}]
           provfetchtest prov_config_test rand_test ca_internals_test \
           bio_tfo_test membio_test bio_dgram_test list_test fips_version_test \
           x509_test hpke_test pairwise_fail_test nodefltctxtest \
-          evp_xof_test
+          evp_xof_test x509_load_cert_file_test
 
   IF[{- !$disabled{'rpk'} -}]
     PROGRAMS{noinst}=rpktest
@@ -595,6 +595,10 @@ IF[{- !$disabled{tests} -}]
   INCLUDE[x509_dup_cert_test]=../include ../apps/include
   DEPEND[x509_dup_cert_test]=../libcrypto libtestutil.a
 
+  SOURCE[x509_load_cert_file_test]=x509_load_cert_file_test.c
+  INCLUDE[x509_load_cert_file_test]=../include ../apps/include
+  DEPEND[x509_load_cert_file_test]=../libcrypto libtestutil.a
+
   SOURCE[x509_check_cert_pkey_test]=x509_check_cert_pkey_test.c
   INCLUDE[x509_check_cert_pkey_test]=../include ../apps/include
   DEPEND[x509_check_cert_pkey_test]=../libcrypto libtestutil.a
diff --git a/test/recipes/60-test_x509_load_cert_file.t b/test/recipes/60-test_x509_load_cert_file.t
new file mode 100644
index 00000000000..75aeac362c2
--- /dev/null
+++ b/test/recipes/60-test_x509_load_cert_file.t
@@ -0,0 +1,15 @@
+#! /usr/bin/env perl
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+
+use OpenSSL::Test qw/:DEFAULT srctop_file/;
+
+setup("test_load_cert_file");
+
+plan tests => 1;
+
+ok(run(test(["x509_load_cert_file_test", srctop_file("test", "certs", "leaf-chain.pem")])));
diff --git a/test/x509_load_cert_file_test.c b/test/x509_load_cert_file_test.c
new file mode 100644
index 00000000000..4a736071ae6
--- /dev/null
+++ b/test/x509_load_cert_file_test.c
@@ -0,0 +1,50 @@
+/*
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/x509_vfy.h>
+
+#include "testutil.h"
+
+static const char *chain;
+
+static int test_load_cert_file(void)
+{
+    int ret = 0;
+    X509_STORE *store = NULL;
+    X509_LOOKUP *lookup = NULL;
+    STACK_OF(X509) *certs = NULL;
+
+    if (TEST_ptr(store = X509_STORE_new())
+        && TEST_ptr(lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file()))
+        && TEST_true(X509_load_cert_file(lookup, chain, X509_FILETYPE_PEM))
+        && TEST_ptr(certs = X509_STORE_get1_all_certs(store))
+        && TEST_int_eq(sk_X509_num(certs), 4))
+        ret = 1;
+
+    OSSL_STACK_OF_X509_free(certs);
+    X509_STORE_free(store);
+    return ret;
+}
+
+OPT_TEST_DECLARE_USAGE("cert.pem...\n")
+
+int setup_tests(void)
+{
+    if (!test_skip_common_options()) {
+        TEST_error("Error parsing test options\n");
+        return 0;
+    }
+
+    chain = test_get_argument(0);
+    if (chain == NULL)
+        return 0;
+
+    ADD_TEST(test_load_cert_file);
+    return 1;
+}