[PATCH 4/4] unit: Minimal l_certchain_verify validity dates test

From: Andrew Zaborowski <andrew.zaborowski@intel.com>
To: ell@lists.linux.dev
Subject: [PATCH 4/4] unit: Minimal l_certchain_verify validity dates test
Date: Mon, 31 Oct 2022 11:53:42 +0100	[thread overview]
Message-ID: <20221031105342.2660357-4-andrew.zaborowski@intel.com> (raw)
In-Reply-To: <20221031105342.2660357-1-andrew.zaborowski@intel.com>

---
 unit/test-tls.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/unit/test-tls.c b/unit/test-tls.c
index 53d4f38..e089859 100644
--- a/unit/test-tls.c
+++ b/unit/test-tls.c
@@ -231,7 +231,10 @@ static void test_certificates(const void *data)
 	struct l_queue *wrongca;
 	struct l_queue *wrongca2;
 	struct l_queue *twocas;
+	struct l_cert *expired;
+	struct l_queue *mixedcas;
 	struct l_certchain *chain;
+	struct l_certchain *expiredchain;
 
 	cacert = l_pem_load_certificate_list(CERTDIR "cert-ca.pem");
 	assert(cacert && !l_queue_isempty(cacert));
@@ -245,9 +248,18 @@ static void test_certificates(const void *data)
 	twocas = l_pem_load_certificate_list(CERTDIR "cert-chain.pem");
 	assert(twocas);
 
+	mixedcas = l_pem_load_certificate_list(CERTDIR "cert-chain.pem");
+	assert(mixedcas);
+	expired = load_cert_file(CERTDIR "cert-expired.pem");
+	assert(expired);
+	l_queue_push_tail(mixedcas, expired);
+
 	chain = l_pem_load_certificate_chain(CERTDIR "cert-server.pem");
 	assert(chain);
 
+	expiredchain = l_pem_load_certificate_chain(CERTDIR "cert-expired.pem");
+	assert(expiredchain);
+
 	assert(!l_certchain_verify(chain, wrongca, NULL));
 	assert(l_certchain_verify(chain, cacert, NULL));
 	assert(l_certchain_verify(chain, NULL, NULL));
@@ -294,6 +306,7 @@ static void test_certificates(const void *data)
 	assert(l_certchain_verify(chain, cacert, NULL));
 	assert(l_certchain_verify(chain, NULL, NULL));
 	assert(l_certchain_verify(chain, twocas, NULL));
+	assert(l_certchain_verify(chain, mixedcas, NULL));
 
 	l_certchain_free(chain);
 	l_queue_destroy(cacert, (l_queue_destroy_func_t) l_cert_free);
@@ -317,12 +330,17 @@ static void test_certificates(const void *data)
 	assert(l_certchain_verify(chain, cacert, NULL));
 	assert(l_certchain_verify(chain, NULL, NULL));
 	assert(!l_certchain_verify(chain, twocas, NULL));
+	assert(!l_certchain_verify(chain, mixedcas, NULL));
+
+	assert(!l_certchain_verify(expiredchain, NULL, NULL));
 
 	l_certchain_free(chain);
+	l_certchain_free(expiredchain);
 	l_queue_destroy(cacert, (l_queue_destroy_func_t) l_cert_free);
 	l_queue_destroy(wrongca, (l_queue_destroy_func_t) l_cert_free);
 	l_queue_destroy(wrongca2, (l_queue_destroy_func_t) l_cert_free);
 	l_queue_destroy(twocas, (l_queue_destroy_func_t) l_cert_free);
+	l_queue_destroy(mixedcas, (l_queue_destroy_func_t) l_cert_free);
 }
 
 static void test_ec_certificates(const void *data)
-- 
2.34.1

