Added test case for pathlen constrains in intermediate certificates
diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index e25258f..fe5126e 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -1128,6 +1128,10 @@
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
mbedtls_x509_crt_parse_path:"data_files/dir3":1:2
+X509 CRT verify path (4 certs)
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
+mbedtls_x509_crt_verify_chain:"data_files/dir4/cert14.crt data_files/dir4/cert13.crt data_files/dir4/cert12.crt":"data_files/dir4/cert11.crt":8
+
X509 OID description #1
x509_oid_desc:"2B06010505070301":"TLS Web Server Authentication"
diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index 95fc287..99d716b 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@@ -427,6 +427,31 @@
}
/* END_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
+void mbedtls_x509_crt_verify_chain( char *chain_paths, char *trusted_ca, int ret )
+{
+ char* act;
+ uint32_t flags;
+ int res;
+ mbedtls_x509_crt trusted, chain;
+
+ mbedtls_x509_crt_init( &chain );
+ mbedtls_x509_crt_init( &trusted );
+
+ while( (act = strsep( &chain_paths, " " )) )
+ TEST_ASSERT( mbedtls_x509_crt_parse_file( &chain, act ) == 0 );
+ TEST_ASSERT( mbedtls_x509_crt_parse_file( &trusted, trusted_ca ) == 0 );
+
+ res = mbedtls_x509_crt_verify( &chain, &trusted, NULL, NULL, &flags, NULL, NULL );
+
+ TEST_ASSERT( ret == res );
+
+exit:
+ mbedtls_x509_crt_free( &trusted );
+ mbedtls_x509_crt_free( &chain );
+}
+/* END_CASE */
+
/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */
void x509_oid_desc( char *oid_str, char *ref_desc )
{