commit 591035d0b482806a837425e09c4b35d9bd6d0998
author Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon Jun 26 10:45:33 2017 +0200
committer Simon Butcher <simon.butcher@arm.com> Fri Jul 28 12:20:48 2017 +0100
tree c0a250d3f2b11aa4eced862d15b02670cf3ad533
parent c386317298520b84260ec6b6615aa86ba1625195

Add SSL tests for long cert chains

tests/ssl-opt.sh

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 3b68cb7..9c9cf46 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -1948,6 +1948,64 @@
             -C "! mbedtls_ssl_handshake returned" \
             -S "X509 - Certificate verification failed"
 
+run_test    "Authentication: server max_int chain, client default" \
+            "$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
+                    key_file=data_files/dir-maxpath/09.key" \
+            "$P_CLI server_name=CA09 ca_file=data_files/dir-maxpath/00.crt" \
+            0 \
+            -C "X509 - A fatal error occured"
+
+run_test    "Authentication: server max_int+1 chain, client default" \
+            "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
+                    key_file=data_files/dir-maxpath/10.key" \
+            "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt" \
+            1 \
+            -c "X509 - A fatal error occured"
+
+run_test    "Authentication: server max_int+1 chain, client optional" \
+            "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
+                    key_file=data_files/dir-maxpath/10.key" \
+            "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
+                    auth_mode=optional" \
+            1 \
+            -c "X509 - A fatal error occured"
+
+run_test    "Authentication: server max_int+1 chain, client none" \
+            "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
+                    key_file=data_files/dir-maxpath/10.key" \
+            "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
+                    auth_mode=none" \
+            0 \
+            -C "X509 - A fatal error occured"
+
+run_test    "Authentication: client max_int+1 chain, server default" \
+            "$P_SRV ca_file=data_files/dir-maxpath/00.crt" \
+            "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
+                    key_file=data_files/dir-maxpath/10.key" \
+            0 \
+            -S "X509 - A fatal error occured"
+
+run_test    "Authentication: client max_int+1 chain, server optional" \
+            "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \
+            "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
+                    key_file=data_files/dir-maxpath/10.key" \
+            1 \
+            -s "X509 - A fatal error occured"
+
+run_test    "Authentication: client max_int+1 chain, server required" \
+            "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
+            "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
+                    key_file=data_files/dir-maxpath/10.key" \
+            1 \
+            -s "X509 - A fatal error occured"
+
+run_test    "Authentication: client max_int chain, server required" \
+            "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
+            "$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
+                    key_file=data_files/dir-maxpath/09.key" \
+            0 \
+            -S "X509 - A fatal error occured"
+
 # Tests for certificate selection based on SHA verson
 
 run_test    "Certificate hash: client TLS 1.2 -> SHA-2" \