From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Fri, 4 Aug 2017 07:48:42 +0000 (+0200)
Subject: tests: check whether the gnutls_x509_*_set_spki will reject invalid values
X-Git-Tag: gnutls_3_6_0~151
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f09c107685889fe1bfdfc83eba7d69877f356c5a;p=thirdparty%2Fgnutls.git

tests: check whether the gnutls_x509_*_set_spki will reject invalid values

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---

diff --git a/tests/spki.c b/tests/spki.c
index 587e9a5c93..f66dd748e1 100644
--- a/tests/spki.c
+++ b/tests/spki.c
@@ -96,6 +96,10 @@ static void crq_check(void)
 	assert(salt_size == 32);
 	assert(dig == GNUTLS_DIG_SHA256);
 
+	/* set invalid */
+	gnutls_x509_spki_set_rsa_pss_params(spki, GNUTLS_DIG_SHA256, 1024);
+	assert(gnutls_x509_crq_set_spki(crq, spki, 0) == GNUTLS_E_PK_INVALID_PUBKEY_PARAMS);
+
 	gnutls_x509_crq_deinit(crq);
 	gnutls_x509_spki_deinit(spki);
 	gnutls_x509_privkey_deinit(privkey);
@@ -151,6 +155,10 @@ static void cert_check(void)
 	assert(salt_size == 32);
 	assert(dig == GNUTLS_DIG_SHA256);
 
+	/* set invalid */
+	gnutls_x509_spki_set_rsa_pss_params(spki, GNUTLS_DIG_SHA256, 1024);
+	assert(gnutls_x509_crt_set_spki(crt, spki, 0) == GNUTLS_E_PK_INVALID_PUBKEY_PARAMS);
+
 	gnutls_x509_crt_deinit(crt);
 	gnutls_x509_spki_deinit(spki);
 	gnutls_global_deinit();
@@ -203,6 +211,10 @@ static void key_check(void)
 	assert(salt_size == 64);
 	assert(dig == GNUTLS_DIG_SHA1);
 
+	/* set invalid */
+	gnutls_x509_spki_set_rsa_pss_params(spki, GNUTLS_DIG_SHA1, 1024);
+	assert(gnutls_x509_privkey_set_spki(key, spki, 0) == GNUTLS_E_PK_INVALID_PUBKEY_PARAMS);
+
 	gnutls_x509_privkey_deinit(key);
 	gnutls_x509_spki_deinit(spki);
 }