summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorjsing <>2026-03-31 13:39:48 +0000
committerjsing <>2026-03-31 13:39:48 +0000
commit848a8ff0f8b9bd889cd059b6040b85d5cd2cc980 (patch)
tree8b00a86cd36549f52a2f5df52871fcba9e2bb3a2 /src
parente2ae938d435d7b2dd9dbd93f4ee01af27ccd864d (diff)
downloadopenbsd-848a8ff0f8b9bd889cd059b6040b85d5cd2cc980.tar.gz
openbsd-848a8ff0f8b9bd889cd059b6040b85d5cd2cc980.tar.bz2
openbsd-848a8ff0f8b9bd889cd059b6040b85d5cd2cc980.zip
Add additional X.509 verifier test cases.
The second case (14b) currently triggers a bug in the new verifier.
Diffstat (limited to 'src')
-rw-r--r--src/regress/lib/libcrypto/x509/callback.c11
-rw-r--r--src/regress/lib/libcrypto/x509/verify.c19
2 files changed, 28 insertions, 2 deletions
diff --git a/src/regress/lib/libcrypto/x509/callback.c b/src/regress/lib/libcrypto/x509/callback.c
index c4d1575ae8..a3717bca24 100644
--- a/src/regress/lib/libcrypto/x509/callback.c
+++ b/src/regress/lib/libcrypto/x509/callback.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: callback.c,v 1.5 2024/08/23 12:56:26 anton Exp $ */ 1/* $OpenBSD: callback.c,v 1.6 2026/03/31 13:39:48 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2020 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2020-2021 Bob Beck <beck@openbsd.org> 4 * Copyright (c) 2020-2021 Bob Beck <beck@openbsd.org>
@@ -340,6 +340,15 @@ struct verify_cert_test verify_cert_tests[] = {
340 .want_chains = 1, 340 .want_chains = 1,
341 .failing = 1, 341 .failing = 1,
342 }, 342 },
343 {
344 .id = "14a",
345 .want_chains = 1,
346 },
347 {
348 .id = "14b",
349 .want_chains = 0,
350 .failing = 1,
351 },
343}; 352};
344 353
345#define N_VERIFY_CERT_TESTS \ 354#define N_VERIFY_CERT_TESTS \
diff --git a/src/regress/lib/libcrypto/x509/verify.c b/src/regress/lib/libcrypto/x509/verify.c
index b4b4e06cf7..2b5298a63e 100644
--- a/src/regress/lib/libcrypto/x509/verify.c
+++ b/src/regress/lib/libcrypto/x509/verify.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: verify.c,v 1.12 2024/08/23 12:56:26 anton Exp $ */ 1/* $OpenBSD: verify.c,v 1.13 2026/03/31 13:39:48 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2020 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2020-2021 Bob Beck <beck@openbsd.org> 4 * Copyright (c) 2020-2021 Bob Beck <beck@openbsd.org>
@@ -460,6 +460,20 @@ struct verify_cert_test verify_cert_tests[] = {
460 .want_legacy_error_depth = 2, 460 .want_legacy_error_depth = 2,
461 .failing = 1, 461 .failing = 1,
462 }, 462 },
463 {
464 .id = "14a",
465 .want_chains = 1,
466 .want_error_depth = 0,
467 },
468 {
469 .id = "14b",
470 .want_chains = 0,
471 .want_error = X509_V_ERR_CERT_CHAIN_TOO_LONG,
472 .want_error_depth = 32,
473 .want_legacy_error = 0,
474 .want_legacy_error_depth = 0,
475 .failing = 1,
476 },
463}; 477};
464 478
465#define N_VERIFY_CERT_TESTS \ 479#define N_VERIFY_CERT_TESTS \
@@ -557,10 +571,13 @@ main(int argc, char **argv)
557 571
558 fprintf(stderr, "\n\nTesting legacy x509_vfy\n"); 572 fprintf(stderr, "\n\nTesting legacy x509_vfy\n");
559 failed |= verify_cert_test(argv[1], MODE_LEGACY_VFY); 573 failed |= verify_cert_test(argv[1], MODE_LEGACY_VFY);
574
560 fprintf(stderr, "\n\nTesting modern x509_vfy\n"); 575 fprintf(stderr, "\n\nTesting modern x509_vfy\n");
561 failed |= verify_cert_test(argv[1], MODE_MODERN_VFY); 576 failed |= verify_cert_test(argv[1], MODE_MODERN_VFY);
577
562 fprintf(stderr, "\n\nTesting modern x509_vfy by_dir\n"); 578 fprintf(stderr, "\n\nTesting modern x509_vfy by_dir\n");
563 failed |= verify_cert_test(argv[1], MODE_MODERN_VFY_DIR); 579 failed |= verify_cert_test(argv[1], MODE_MODERN_VFY_DIR);
580
564 fprintf(stderr, "\n\nTesting x509_verify\n"); 581 fprintf(stderr, "\n\nTesting x509_verify\n");
565 failed |= verify_cert_test(argv[1], MODE_VERIFY); 582 failed |= verify_cert_test(argv[1], MODE_VERIFY);
566 583
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2026-06-02 08:12:00 +0000