From: Armin Burgmeier Date: Mon, 6 Oct 2014 21:28:46 +0000 (-0400) Subject: Add a test for PKCS11 CA iteration X-Git-Tag: gnutls_3_4_0~828 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ba2f939409f97075c02c84cba50b32c5670936ff;p=thirdparty%2Fgnutls.git Add a test for PKCS11 CA iteration Signed-off-by: Armin Burgmeier --- diff --git a/tests/suite/pkcs11-chainverify.c b/tests/suite/pkcs11-chainverify.c index b88df08a9b..50c7de6cfe 100644 --- a/tests/suite/pkcs11-chainverify.c +++ b/tests/suite/pkcs11-chainverify.c @@ -143,6 +143,11 @@ void doit(void) gnutls_datum_t tmp; size_t j; + gnutls_x509_trust_list_iter_t get_ca_iter; + gnutls_datum_t get_ca_datum_test; + gnutls_datum_t get_ca_datum; + gnutls_x509_crt_t get_ca_crt; + if (debug) printf("Chain '%s' (%d)...\n", chains[i].name, (int) i); @@ -248,6 +253,32 @@ void doit(void) exit(1); } + /* test trust list iteration */ + get_ca_iter = NULL; + while (gnutls_x509_trust_list_iter_get_ca(tl, &get_ca_iter, &get_ca_crt) == 0) { + ret = gnutls_x509_crt_export2(get_ca_crt, GNUTLS_X509_FMT_PEM, &get_ca_datum_test); + if (ret < 0) { + fail("gnutls_x509_crt_export2: %s\n", gnutls_strerror(ret)); + exit(1); + } + + ret = gnutls_x509_crt_export2(ca, GNUTLS_X509_FMT_PEM, &get_ca_datum); + if (ret < 0) { + fail("gnutls_x509_crt_export2: %s\n", gnutls_strerror(ret)); + exit(1); + } + + if (get_ca_datum_test.size != get_ca_datum.size || + memcmp(get_ca_datum_test.data, get_ca_datum.data, get_ca_datum.size) != 0) { + fail("gnutls_x509_trist_list_iter_get_ca: Unexpected certificate (%u != %u):\n\n%s\n\nvs.\n\n%s", get_ca_datum.size, get_ca_datum_test.size, get_ca_datum.data, get_ca_datum_test.data); + exit(1); + } + + gnutls_free(get_ca_datum.data); + gnutls_free(get_ca_datum_test.data); + gnutls_x509_crt_deinit(get_ca_crt); + } + vdata[0].type = GNUTLS_DT_KEY_PURPOSE_OID; vdata[0].data = (void *)chains[i].purpose;