Improve x509xrite_csr testing: extensions, version
diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data
index fdc7232..04a24de 100644
--- a/tests/suites/test_suite_x509write.data
+++ b/tests/suites/test_suite_x509write.data
@@ -44,4 +44,16 @@
Certificate write check Server1 SHA1
depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15:POLARSSL_DES_C:POLARSSL_CIPHER_MODE_CBC:POLARSSL_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":POLARSSL_MD_SHA1:"data_files/server1.crt"
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":POLARSSL_MD_SHA1:0:0:-1:"data_files/server1.crt"
+
+Certificate write check Server1 SHA1, key_usage
+depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15:POLARSSL_DES_C:POLARSSL_CIPHER_MODE_CBC:POLARSSL_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":POLARSSL_MD_SHA1:KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION | KU_KEY_ENCIPHERMENT:0:-1:"data_files/server1.key_usage.crt"
+
+Certificate write check Server1 SHA1, ns_cert_type
+depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15:POLARSSL_DES_C:POLARSSL_CIPHER_MODE_CBC:POLARSSL_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":POLARSSL_MD_SHA1:0:NS_CERT_TYPE_SSL_SERVER:-1:"data_files/server1.cert_type.crt"
+
+Certificate write check Server1 SHA1, version 1
+depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15:POLARSSL_DES_C:POLARSSL_CIPHER_MODE_CBC:POLARSSL_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":POLARSSL_MD_SHA1:0:0:X509_CRT_VERSION_1:"data_files/server1.v1.crt"
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index e205519..0cea5f9 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -62,7 +62,8 @@
char *subject_name, char *issuer_key_file,
char *issuer_pwd, char *issuer_name,
char *serial_str, char *not_before, char *not_after,
- int md_type, char *cert_check_file )
+ int md_type, int key_usage, int cert_type, int ver,
+ char *cert_check_file )
{
pk_context subject_key, issuer_key;
x509write_cert crt;
@@ -86,7 +87,9 @@
TEST_ASSERT( mpi_read_string( &serial, 10, serial_str ) == 0 );
x509write_crt_init( &crt );
- x509write_crt_set_serial( &crt, &serial );
+ if( ver != -1 )
+ x509write_crt_set_version( &crt, ver );
+ TEST_ASSERT( x509write_crt_set_serial( &crt, &serial ) == 0 );
TEST_ASSERT( x509write_crt_set_validity( &crt, not_before,
not_after ) == 0 );
x509write_crt_set_md_alg( &crt, md_type );
@@ -95,9 +98,16 @@
x509write_crt_set_subject_key( &crt, &subject_key );
x509write_crt_set_issuer_key( &crt, &issuer_key );
- TEST_ASSERT( x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 );
- TEST_ASSERT( x509write_crt_set_subject_key_identifier( &crt ) == 0 );
- TEST_ASSERT( x509write_crt_set_authority_key_identifier( &crt ) == 0 );
+ if( crt.version >= X509_CRT_VERSION_3 )
+ {
+ TEST_ASSERT( x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 );
+ TEST_ASSERT( x509write_crt_set_subject_key_identifier( &crt ) == 0 );
+ TEST_ASSERT( x509write_crt_set_authority_key_identifier( &crt ) == 0 );
+ if( key_usage != 0 )
+ TEST_ASSERT( x509write_crt_set_key_usage( &crt, key_usage ) == 0 );
+ if( cert_type != 0 )
+ TEST_ASSERT( x509write_crt_set_ns_cert_type( &crt, cert_type ) == 0 );
+ }
ret = x509write_crt_pem( &crt, buf, sizeof(buf),
rnd_pseudo_rand, &rnd_info );