pkcs7: Fix dependencies for pkcs7 tests
Fixes include removing PEM dependency for greater
coverage when PEM config is not set and defining
test dependencies at the appropriate level.
Signed-off-by: Nick Child <nick.child@ibm.com>
diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 8c7520f..b92944a 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -1147,6 +1147,15 @@
cat pkcs7-rsa-sha256-2.crt pkcs7-rsa-sha256-2.key > pkcs7-rsa-sha256-2.pem
all_final += pkcs7-rsa-sha256-2.crt
+# Convert signing certs to DER for testing PEM-free builds
+pkcs7-rsa-sha256-1.der: $(pkcs7_test_cert_1)
+ $(OPENSSL) x509 -in pkcs7-rsa-sha256-1.crt -out $@ -outform DER
+all_final += pkcs7-rsa-sha256-1.der
+
+pkcs7-rsa-sha256-2.der: $(pkcs7_test_cert_2)
+ $(OPENSSL) x509 -in pkcs7-rsa-sha256-2.crt -out $@ -outform DER
+all_final += pkcs7-rsa-sha256-2.der
+
# pkcs7 signature file with CERT
pkcs7_data_cert_signed_sha256.der: $(pkcs7_test_file) $(pkcs7_test_cert_1)
$(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -noattr -outform DER -out $@
diff --git a/tests/data_files/pkcs7-rsa-sha256-1.der b/tests/data_files/pkcs7-rsa-sha256-1.der
new file mode 100644
index 0000000..622df1e
--- /dev/null
+++ b/tests/data_files/pkcs7-rsa-sha256-1.der
Binary files differ
diff --git a/tests/data_files/pkcs7-rsa-sha256-2.der b/tests/data_files/pkcs7-rsa-sha256-2.der
new file mode 100644
index 0000000..a88ecb4
--- /dev/null
+++ b/tests/data_files/pkcs7-rsa-sha256-2.der
Binary files differ
diff --git a/tests/suites/test_suite_pkcs7.data b/tests/suites/test_suite_pkcs7.data
index 4af0eda..d5ecd21 100644
--- a/tests/suites/test_suite_pkcs7.data
+++ b/tests/suites/test_suite_pkcs7.data
@@ -1,56 +1,71 @@
PKCS7 Signed Data Parse Pass SHA256 #1
+depends_on:MBEDTLS_SHA256_C
pkcs7_parse:"data_files/pkcs7_data_cert_signed_sha256.der"
PKCS7 Signed Data Parse Pass SHA1 #2
-depends_on:MBEDTLS_SHA1_C
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C
pkcs7_parse:"data_files/pkcs7_data_cert_signed_sha1.der"
PKCS7 Signed Data Parse Pass Without CERT #3
+depends_on:MBEDTLS_SHA256_C
pkcs7_parse_without_cert:"data_files/pkcs7_data_without_cert_signed.der"
PKCS7 Signed Data Parse Fail with multiple signers #4
+depends_on:MBEDTLS_SHA256_C
pkcs7_parse_multiple_signers:"data_files/pkcs7_data_multiple_signed.der"
PKCS7 Signed Data Parse Fail with multiple certs #4
+depends_on:MBEDTLS_SHA256_C
pkcs7_parse_multiple_signers:"data_files/pkcs7_data_multiple_certs_signed.der"
PKCS7 Signed Data Parse Fail with corrupted cert #5
+depends_on:MBEDTLS_SHA256_C
pkcs7_parse_corrupted_cert:"data_files/pkcs7_data_signed_badcert.der"
PKCS7 Signed Data Parse Fail with corrupted signer info #6
+depends_on:MBEDTLS_SHA256_C
pkcs7_parse_corrupted_signer_info:"data_files/pkcs7_data_signed_badsigner.der"
PKCS7 Signed Data Parse Fail Version other than 1 #7
+depends_on:MBEDTLS_SHA256_C
pkcs7_parse_version:"data_files/pkcs7_data_cert_signed_v2.der"
PKCS7 Signed Data Parse Fail Encrypted Content #8
+depends_on:MBEDTLS_SHA256_C
pkcs7_parse_content_oid:"data_files/pkcs7_data_cert_encrypted.der"
PKCS7 Signed Data Verification Pass SHA256 #9
-pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.bin"
+depends_on:MBEDTLS_SHA256_C
+pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data.bin"
PKCS7 Signed Data Verification Pass SHA256 #9.1
-pkcs7_verify_hash:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.bin"
+depends_on:MBEDTLS_SHA256_C
+pkcs7_verify_hash:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data.bin"
PKCS7 Signed Data Verification Pass SHA1 #10
-depends_on:MBEDTLS_SHA1_C
-pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha1.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.bin"
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C
+pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha1.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data.bin"
PKCS7 Signed Data Verification Pass SHA512 #11
-depends_on:MBEDTLS_SHA512_C
-pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha512.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.bin"
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA256_C
+pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha512.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data.bin"
PKCS7 Signed Data Verification Fail because of different certificate #12
-pkcs7_verify_badcert:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-2.crt":"data_files/pkcs7_data.bin"
+depends_on:MBEDTLS_SHA256_C
+pkcs7_verify_badcert:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-2.der":"data_files/pkcs7_data.bin"
PKCS7 Signed Data Verification Fail because of different data hash #13
-pkcs7_verify_tampered_data:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data_1.bin"
+depends_on:MBEDTLS_SHA256_C
+pkcs7_verify_tampered_data:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data_1.bin"
PKCS7 Signed Data Parse Failure Corrupt signerInfo.issuer #15.1
+depends_on:MBEDTLS_SHA256_C
pkcs7_parse_failure:"data_files/pkcs7_signerInfo_issuer_invalid_size.der"
PKCS7 Signed Data Parse Failure Corrupt signerInfo.serial #15.2
+depends_on:MBEDTLS_SHA256_C
pkcs7_parse_failure:"data_files/pkcs7_signerInfo_serial_invalid_size.der"
PKCS7 Only Signed Data Parse Pass #15
+depends_on:MBEDTLS_SHA256_C
pkcs7_parse:"data_files/pkcs7_data_cert_signeddata_sha256.der"
diff --git a/tests/suites/test_suite_pkcs7.function b/tests/suites/test_suite_pkcs7.function
index e2d76f3..8b35c57 100644
--- a/tests/suites/test_suite_pkcs7.function
+++ b/tests/suites/test_suite_pkcs7.function
@@ -10,11 +10,11 @@
/* END_HEADER */
/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PKCS7_C:MBEDTLS_FS_IO
+ * depends_on:MBEDTLS_PKCS7_C
* END_DEPENDENCIES
*/
-/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_RSA_C */
void pkcs7_parse( char *pkcs7_file )
{
unsigned char *pkcs7_buf = NULL;
@@ -37,7 +37,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C*/
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
void pkcs7_parse_without_cert( char *pkcs7_file )
{
unsigned char *pkcs7_buf = NULL;
@@ -60,7 +60,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_RSA_C */
void pkcs7_parse_multiple_signers( char *pkcs7_file )
{
unsigned char *pkcs7_buf = NULL;
@@ -95,7 +95,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_RSA_C */
void pkcs7_parse_corrupted_cert( char *pkcs7_file )
{
unsigned char *pkcs7_buf = NULL;
@@ -118,7 +118,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_RSA_C */
void pkcs7_parse_corrupted_signer_info( char *pkcs7_file )
{
unsigned char *pkcs7_buf = NULL;
@@ -141,7 +141,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
void pkcs7_parse_version( char *pkcs7_file )
{
unsigned char *pkcs7_buf = NULL;
@@ -164,7 +164,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
void pkcs7_parse_content_oid( char *pkcs7_file )
{
unsigned char *pkcs7_buf = NULL;
@@ -186,7 +186,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */
void pkcs7_verify( char *pkcs7_file, char *crt, char *filetobesigned )
{
unsigned char *pkcs7_buf = NULL;
@@ -236,7 +236,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
void pkcs7_verify_hash( char *pkcs7_file, char *crt, char *filetobesigned )
{
unsigned char *pkcs7_buf = NULL;
@@ -299,7 +299,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */
void pkcs7_verify_badcert( char *pkcs7_file, char *crt, char *filetobesigned )
{
unsigned char *pkcs7_buf = NULL;
@@ -349,7 +349,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */
void pkcs7_verify_tampered_data( char *pkcs7_file, char *crt, char *filetobesigned )
{
unsigned char *pkcs7_buf = NULL;
@@ -399,7 +399,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
void pkcs7_parse_failure( char *pkcs7_file )
{
unsigned char *pkcs7_buf = NULL;