diff options
| -rw-r--r-- | src/regress/lib/libcrypto/x509/x509_extensions_test.c | 54 |
1 files changed, 53 insertions, 1 deletions
diff --git a/src/regress/lib/libcrypto/x509/x509_extensions_test.c b/src/regress/lib/libcrypto/x509/x509_extensions_test.c index a90a173e1d..9005333fe7 100644 --- a/src/regress/lib/libcrypto/x509/x509_extensions_test.c +++ b/src/regress/lib/libcrypto/x509/x509_extensions_test.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509_extensions_test.c,v 1.1 2024/05/28 15:33:35 tb Exp $ */ | 1 | /* $OpenBSD: x509_extensions_test.c,v 1.2 2024/05/28 15:42:09 tb Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 2024 Theo Buehler <tb@openbsd.org> | 4 | * Copyright (c) 2024 Theo Buehler <tb@openbsd.org> |
| @@ -575,6 +575,57 @@ test_x509v3_add1_i2d_add_append(STACK_OF(X509_EXTENSION) **extensions) | |||
| 575 | } | 575 | } |
| 576 | 576 | ||
| 577 | static int | 577 | static int |
| 578 | test_x509v3_add1_i2d_invalid_operations(STACK_OF(X509_EXTENSION) **extensions) | ||
| 579 | { | ||
| 580 | BASIC_CONSTRAINTS *bc = NULL; | ||
| 581 | long error; | ||
| 582 | int crit, got, nid, op; | ||
| 583 | int failed = 1; | ||
| 584 | |||
| 585 | if (X509v3_get_ext_count(*extensions) != 0) { | ||
| 586 | fprintf(stderr, "%s: FAIL: need empty stack.\n", __func__); | ||
| 587 | goto err; | ||
| 588 | } | ||
| 589 | |||
| 590 | /* | ||
| 591 | * Attempt to add a basic constraint extension with invalid operations | ||
| 592 | */ | ||
| 593 | |||
| 594 | nid = NID_basic_constraints; | ||
| 595 | bc = create_basic_constraints(1); | ||
| 596 | crit = 1; | ||
| 597 | for (op = X509V3_ADD_DELETE + 1; op <= X509V3_ADD_OP_MASK; op++) { | ||
| 598 | if ((got = X509V3_add1_i2d(extensions, nid, bc, crit, op)) != -1) { | ||
| 599 | fprintf(stderr, "%s: FAIL: operation %d " | ||
| 600 | "want %d, got %d.\n", __func__, op, -1, got); | ||
| 601 | goto err; | ||
| 602 | } | ||
| 603 | error = ERR_get_error(); | ||
| 604 | if (ERR_GET_REASON(error) != X509V3_R_UNSUPPORTED_OPTION) { | ||
| 605 | fprintf(stderr, "%s: FAIL: invalid operation %d " | ||
| 606 | " pushed %d, want %d.\n", __func__, op, | ||
| 607 | ERR_GET_REASON(error), X509V3_R_EXTENSION_EXISTS); | ||
| 608 | goto err; | ||
| 609 | } | ||
| 610 | } | ||
| 611 | BASIC_CONSTRAINTS_free(bc); | ||
| 612 | bc = NULL; | ||
| 613 | |||
| 614 | if ((got = X509v3_get_ext_count(*extensions)) != 0) { | ||
| 615 | fprintf(stderr, "%s: FAIL: expected 0 extensions, have %d.\n", | ||
| 616 | __func__, got); | ||
| 617 | goto err; | ||
| 618 | } | ||
| 619 | |||
| 620 | failed = 0; | ||
| 621 | |||
| 622 | err: | ||
| 623 | BASIC_CONSTRAINTS_free(bc); | ||
| 624 | |||
| 625 | return failed; | ||
| 626 | } | ||
| 627 | |||
| 628 | static int | ||
| 578 | test_x509v3_add1_i2d(void) | 629 | test_x509v3_add1_i2d(void) |
| 579 | { | 630 | { |
| 580 | STACK_OF(X509_EXTENSION) *extensions; | 631 | STACK_OF(X509_EXTENSION) *extensions; |
| @@ -586,6 +637,7 @@ test_x509v3_add1_i2d(void) | |||
| 586 | failed |= test_x509v3_add1_i2d_empty_stack(&extensions); | 637 | failed |= test_x509v3_add1_i2d_empty_stack(&extensions); |
| 587 | failed |= test_x509v3_add1_i2d_single_nid(&extensions); | 638 | failed |= test_x509v3_add1_i2d_single_nid(&extensions); |
| 588 | failed |= test_x509v3_add1_i2d_add_append(&extensions); | 639 | failed |= test_x509v3_add1_i2d_add_append(&extensions); |
| 640 | failed |= test_x509v3_add1_i2d_invalid_operations(&extensions); | ||
| 589 | 641 | ||
| 590 | sk_X509_EXTENSION_pop_free(extensions, X509_EXTENSION_free); | 642 | sk_X509_EXTENSION_pop_free(extensions, X509_EXTENSION_free); |
| 591 | 643 | ||